uvm_fault(0xffffffff83504770, 0xffff800012742004, 0, 1) -> d kernel: page fault trap, code=0 Stopped at ffs_blkfree+0x263: movl 0x4(%r13),%r15d TID PID UID PRFLAGS PFLAGS CPU COMMAND *305608 52998 0 0 0x4000000 0K syz-executor ffs_blkfree(fffffd805f98d340,78a0e,800) at ffs_blkfree+0x263 ffs_cgread sys/ufs/ffs/ffs_alloc.c:856 [inline] ffs_blkfree(fffffd805f98d340,78a0e,800) at ffs_blkfree+0x263 sys/ufs/ffs/ffs_alloc.c:1272 ffs_truncate(fffffd805f98d340,0,4,fffffd807f7d3548) at ffs_truncate+0x139f sys/ufs/ffs/ffs_inode.c:325 ufs_rmdir(ffff80002a0d29c8) at ufs_rmdir+0x374 sys/ufs/ufs/ufs_vnops.c:1265 VOP_RMDIR(fffffd80612c7560,fffffd80612c7128,ffff80002a0d2aa8) at VOP_RMDIR+0x19a sys/kern/vfs_vops.c:413 dounlinkat(ffff8000ffff5c00,ffffff9c,200000c0,8) at dounlinkat+0x2e0 sys/kern/vfs_syscalls.c:1885 syscall(ffff80002a0d2c20) at syscall+0xaf8 mi_syscall sys/sys/syscall_mi.h:179 [inline] syscall(ffff80002a0d2c20) at syscall+0xaf8 sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x19cd2804220, count: 8 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb{0}> ddb{0}> set $lines = 0 ddb{0}> set $maxwidth = 0 ddb{0}> show panic *cpu0: uvm_fault(0xffffffff83504770, 0xffff800012742004, 0, 1) -> d ddb{0}> trace ffs_blkfree(fffffd805f98d340,78a0e,800) at ffs_blkfree+0x263 ffs_cgread sys/ufs/ffs/ffs_alloc.c:856 [inline] ffs_blkfree(fffffd805f98d340,78a0e,800) at ffs_blkfree+0x263 sys/ufs/ffs/ffs_alloc.c:1272 ffs_truncate(fffffd805f98d340,0,4,fffffd807f7d3548) at ffs_truncate+0x139f sys/ufs/ffs/ffs_inode.c:325 ufs_rmdir(ffff80002a0d29c8) at ufs_rmdir+0x374 sys/ufs/ufs/ufs_vnops.c:1265 VOP_RMDIR(fffffd80612c7560,fffffd80612c7128,ffff80002a0d2aa8) at VOP_RMDIR+0x19a sys/kern/vfs_vops.c:413 dounlinkat(ffff8000ffff5c00,ffffff9c,200000c0,8) at dounlinkat+0x2e0 sys/kern/vfs_syscalls.c:1885 syscall(ffff80002a0d2c20) at syscall+0xaf8 mi_syscall sys/sys/syscall_mi.h:179 [inline] syscall(ffff80002a0d2c20) at syscall+0xaf8 sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x19cd2804220, count: -7 ddb{0}> show registers rdi 0 rsi 0 rbp 0xffff80002a0d2730 rbx 0x78a0e acpi_pdirpa+0x6487f rdx 0xffff80000119cc40 rcx 0xffff8000ffff5c00 rax 0xffffffff83466ff0 cpu_info_full_primary+0x1ff0 r8 0xffffffffffffffff r9 0xffffffffffffffff r10 0x1323d90f6e471bf6 r11 0xeef55557d05f6c0b r12 0xfffffd8066b89b00 r13 0xffff800012742000 r14 0xffff800000a5f000 r15 0 rip 0xffffffff81789063 ffs_blkfree+0x263 cs 0x8 rflags 0x10246 __ALIGN_SIZE+0xf246 rsp 0xffff80002a0d2670 ss 0x10 ffs_blkfree+0x263: movl 0x4(%r13),%r15d ddb{0}> show proc PROC (syz-executor) tid=305608 pid=52998 tcnt=2 stat=onproc flags process=0 proc=4000000 runpri=17, usrpri=50, slppri=17, nice=20 wchan=0x0, wmesg=, ps_single=0x0 scnt=0 ecnt=0 forw=0xffffffffffffffff, list=0xffff8000ffff42b0,0xffff8000ffff4a58 process=0xffff8000ffff3b00 user=0xffff80002a0cd000, vmspace=0xfffffd806c087388 estcpu=36, cpticks=3, pctcpu=0.0, user=0, sys=3, intr=0 ddb{0}> ps PID TID PPID UID S FLAGS WAIT COMMAND 96819 128897 17208 0 2 0 syz-executor 96819 216532 17208 0 2 0x4000000 syz-executor 52998 194707 73389 0 2 0 syz-executor *52998 305608 73389 0 7 0x4000000 syz-executor 56793 286972 70433 0 2 0x2 ifconfig 55694 462315 88194 0 2 0 syz-executor 55694 282937 88194 0 3 0x4000080 fsleep syz-executor 27542 79831 33066 0 2 0 syz-executor 27542 206569 33066 0 3 0x4000080 fsleep syz-executor 27542 359529 33066 0 2 0x4000000 syz-executor 27542 436909 33066 0 2 0x4000000 syz-executor 95604 177413 9282 0 2 0x2 arp 38705 307801 35993 0 4 0x82004 syz-executor 38705 80899 35993 0 4 0x4082004 syz-executor 38705 100006 35993 0 2 0x4002004 syz-executor 38705 326630 35993 0 4 0x4082004 syz-executor 70433 368690 433 0 3 0x10008a sigsusp sh 9282 22281 24068 0 3 0x10008a sigsusp sh 433 218338 17190 0 3 0x82 wait syz-executor 24068 212334 17190 0 3 0x82 wait syz-executor 17208 280785 17190 0 2 0x482 syz-executor 33066 278005 17190 0 2 0x482 syz-executor 39537 515074 17190 0 2 0x2 syz-executor 35993 129970 17190 0 2 0x482 syz-executor 88194 49807 17190 0 2 0x482 syz-executor 73389 42866 17190 0 2 0x482 syz-executor 45726 353221 1 0 3 0x100083 ttyopn getty 42819 140973 0 0 3 0x14280 nfsidl nfsio 40930 47834 0 0 3 0x14280 nfsidl nfsio 28795 88111 0 0 3 0x14280 nfsidl nfsio 19859 56920 0 0 3 0x14280 nfsidl nfsio 16805 240350 0 0 3 0x14280 nfsidl nfsio 76101 314221 0 0 3 0x14280 nfsidl nfsio 10882 316385 0 0 3 0x14280 nfsidl nfsio 54780 22491 0 0 3 0x14280 nfsidl nfsio 8834 480919 0 0 3 0x14280 nfsidl nfsio 31101 435742 0 0 3 0x14280 nfsidl nfsio 91346 502105 0 0 3 0x14280 nfsidl nfsio 35206 401612 0 0 3 0x14280 nfsidl nfsio 18391 91355 0 0 3 0x14280 nfsidl nfsio 77207 372944 0 0 3 0x14280 nfsidl nfsio 84080 345727 0 0 3 0x14280 nfsidl nfsio 47788 246045 0 0 3 0x14280 nfsidl nfsio 73116 373775 0 0 3 0x14280 nfsidl nfsio 23755 437892 0 0 3 0x14280 nfsidl nfsio 91291 232671 0 0 3 0x14280 nfsidl nfsio 98252 485915 0 0 3 0x14280 nfsidl nfsio 58682 22253 0 0 3 0x14200 bored sosplice 17190 471720 62365 0 3 0x82 kqread syz-executor 62365 164151 28447 0 3 0x10008a sigsusp ksh 28447 414540 5164 0 3 0x98 kqread sshd-session 5164 407327 31436 0 3 0x92 kqread sshd-session 31436 313024 1 0 3 0x88 kqread sshd 89424 506834 80937 74 3 0x1100092 bpf pflogd 80937 317967 1 0 3 0x80 sbwait pflogd 49870 69065 53858 73 3 0x1100090 kqread syslogd 53858 513999 1 0 3 0x100082 sbwait syslogd 64116 11594 1 0 3 0x100080 kqread resolvd 89086 43129 49357 77 3 0x100092 kqread dhcpleased 31421 400094 49357 77 3 0x100092 kqread dhcpleased 49357 283297 1 0 3 0x80 kqread dhcpleased 19026 143585 0 0 3 0x14200 bored smr 94568 286762 0 0 2 0x14200 zerothread 1260 190440 0 0 3 0x14200 aiodoned aiodoned 8029 462138 0 0 3 0x14200 syncer update 93413 32451 0 0 3 0x14200 cleaner cleaner 16835 464270 0 0 3 0x14200 reaper reaper 29946 96433 0 0 3 0x14200 pgdaemon pagedaemon 33446 305500 0 0 3 0x14200 bored viomb 74808 384451 0 0 3 0x40014200 acpi0 acpi0 19864 521553 0 0 7 0x40014200 idle1 2252 427394 0 0 3 0x14200 bored softnet3 7113 409644 0 0 3 0x14200 bored softnet2 5062 262871 0 0 3 0x14200 bored softnet1 62146 450038 0 0 3 0x14200 bored softnet0 34330 360625 0 0 3 0x14200 bored systqmp 40085 238822 0 0 3 0x14200 bored systq 42002 250878 0 0 3 0x14200 tmoslp softclockmp 35372 242741 0 0 2 0x40014200 softclock 16484 59510 0 0 3 0x40014200 idle0 1 439546 0 0 3 0x80082 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb{0}> show all locks Process 52998 (syz-executor) thread 0xffff8000ffff5c00 (305608) Process 56793 (ifconfig) thread 0xffff800029fe71f0 (286972) Process 95604 (arp) thread 0xffff800029fe7700 (177413) Process 39537 (syz-executor) thread 0xffff8000fffef6f8 (515074) ddb{0}> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10208 10174K 14465K 166960K 13664 0 pcb 17 16K 17K 166960K 388 0 rtable 218 8K 9K 166960K 2100 0 pf 37 18K 22K 166960K 280 0 ifaddr 39 7K 9K 166960K 291 0 ifgroup 55 2K 2K 166960K 329 0 sysctl 4 1K 1K 166960K 4 0 counters 64 36K 36K 166960K 210 0 ioctlops 0 0K 5K 166960K 1712 0 iov 0 0K 24K 166960K 168 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1439 90K 91K 166960K 3357 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 5K 9K 166960K 25 0 VM map 2 1K 1K 166960K 2 0 sem 12 0K 0K 166960K 42 0 dirhash 12 2K 2K 166960K 24 0 ACPI 1690 195K 286K 166960K 12418 0 file desc 20 73K 89K 166960K 2136 0 sigio 0 0K 0K 166960K 85 0 proc 73 91K 128K 166960K 2170 0 subproc 104 6K 7K 166960K 806 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 0 0K 0K 166960K 186 0 in_multi 79 5K 8K 166960K 740 0 ether_multi 1 0K 0K 166960K 5 0 mrt 1 0K 0K 166960K 4 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 103 466K 466K 166960K 103 0 exec 0 0K 1K 166960K 1219 0 pfkey data 0 0K 0K 166960K 2 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 230 72K 91K 166960K 18505 0 UVM aobj 32 4K 6K 166960K 37 0 pinsyscall 45 90K 105K 166960K 4628 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 0K 166960K 158 0 NDP 12 0K 2K 166960K 209 0 temp 76 6824K 6952K 166960K 60734 0 kqueue 13 20K 30K 166960K 228 0 SYN cache 2 8K 16K 166960K 3 0 ddb{0}> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle plcache 128 24 0 0 1 0 1 1 0 8 0 rtpcb 120 288 0 283 3 2 1 3 0 8 0 rtentry 112 743 0 648 6 2 4 4 0 8 0 unpcb 144 1972 0 1954 29 28 1 7 0 8 0 syncache 336 10 0 10 6 6 0 1 0 8 0 tcpqe 32 4 0 4 3 3 0 1 0 8 0 tcpcb 808 763 0 757 22 21 1 8 0 8 0 arp 120 135 0 118 1 0 1 1 0 8 0 inpcb 336 2604 0 2593 36 34 2 13 0 8 0 nd6 136 195 0 176 1 0 1 1 0 8 0 pkpcb 40 8 0 7 4 3 1 1 0 8 0 kcovpl 48 62 0 54 1 0 1 1 0 8 0 ppxss 1168 11 0 11 5 5 0 1 0 8 0 pfstscr 40 2 0 2 1 1 0 1 0 8 0 pffrag 232 7 0 6 1 0 1 1 0 482 0 pffrnode 88 7 0 6 1 0 1 1 0 8 0 pffrent 40 13 0 12 1 0 1 1 0 8 0 pfosfp 40 1428 0 1428 5 5 0 5 0 8 0 pfosfpen 112 1428 0 1428 21 21 0 21 0 8 0 pfrktable 1344 3 0 3 1 1 0 1 0 8 0 pfanchor 1288 2 0 1 1 0 1 1 0 8 0 pfstitem 24 164 0 143 1 0 1 1 0 8 0 pfstkey 128 169 0 148 2 0 2 2 0 8 0 pfstate 376 165 0 145 6 1 5 6 0 8 1 pfrule 1344 45 0 35 2 1 1 2 0 8 0 art_heap8 4096 2 0 0 2 0 2 2 0 8 0 art_heap4 256 2894 0 2509 36 8 28 31 0 8 3 art_table 32 2896 0 2509 4 0 4 4 0 8 0 art_node 16 740 0 653 1 0 1 1 0 8 0 sysvmsgpl 40 3 0 2 1 0 1 1 0 8 0 semapl 112 39 0 29 1 0 1 1 0 8 0 shmpl 112 34 0 5 1 0 1 1 0 8 0 dirhash 1024 26 0 9 3 0 3 3 0 8 0 dino2pl 256 3915 0 2310 101 0 101 101 0 8 0 ffsino 272 3915 0 2310 108 0 108 108 0 8 0 nchpl 144 5897 0 4160 65 0 65 65 0 8 0 uvmvnodes 80 5572 0 0 114 0 114 114 0 8 0 vnodes 216 5572 0 0 310 0 310 310 0 8 0 namei 1024 25474 0 25474 14 13 1 6 0 8 1 percpumem 16 119 0 73 1 0 1 1 0 8 0 pfiaddrpl 120 1 0 1 1 1 0 1 0 8 0 kstatmem 264 170 0 146 2 0 2 2 0 8 0 scsiplug 72 5 0 5 3 3 0 1 0 8 0 scxspl 216 38700 0 38700 11 10 1 8 1 8 1 plimitpl 152 322 0 305 1 0 1 1 0 8 0 sigapl 424 2356 0 2283 11 2 9 9 0 8 0 futexpl 64 19818 0 19816 7 6 1 1 0 8 0 knotepl 120 826 0 0 25 0 25 25 0 8 0 kqueuepl 216 633 0 624 12 11 1 5 0 8 0 pipepl 320 576 0 549 15 12 3 10 0 8 0 fdescpl 496 2315 0 2281 8 3 5 5 0 8 0 filepl 152 15062 0 14807 48 36 12 20 0 8 1 lockfpl 104 840 0 835 3 2 1 2 0 8 0 lockfspl 48 275 0 270 1 0 1 1 0 8 0 sessionpl 144 83 0 74 1 0 1 1 0 8 0 pgrppl 48 162 0 144 1 0 1 1 0 8 0 ucredpl 104 2082 0 2069 1 0 1 1 0 8 0 zombiepl 144 2460 0 2460 1 0 1 1 0 8 1 processpl 1160 2356 0 2283 7 1 6 6 0 8 0 procpl 648 4393 0 4311 9 1 8 8 0 8 1 srpgc 96 4 0 4 2 2 0 1 0 8 0 sosppl 168 10 0 10 4 4 0 1 0 8 0 sockpl 664 4901 0 4866 68 64 4 20 0 8 0 mcl64k 65536 4 0 0 1 0 1 1 0 8 0 mcl16k 16384 1 0 0 1 0 1 1 0 8 0 mcl12k 12288 1 0 0 1 0 1 1 0 8 0 mcl9k 9216 1 0 0 1 0 1 1 0 8 0 mcl8k 8192 5 0 0 1 0 1 1 0 8 0 mcl4k 4096 3 0 0 1 0 1 1 0 8 0 mcl2k 2048 247 0 0 29 0 29 29 0 8 0 mtagpl 96 54 0 0 2 0 2 2 0 8 0 mbufpl 256 882 0 0 50 0 50 50 0 8 0 bufpl 280 9521 0 2579 497 0 497 497 0 8 0 anonpl 24 387099 0 383578 94 66 28 65 0 185 0 amapchunkpl 152 60709 0 60242 54 29 25 33 0 158 4 amappl16 200 8225 0 8204 51 48 3 20 0 8 1 amappl15 192 17 0 17 1 1 0 1 0 8 0 amappl14 184 241 0 229 1 0 1 1 0 8 0 amappl13 176 36 0 36 1 1 0 1 0 8 0 amappl12 168 3816 0 3783 3 1 2 2 0 8 0 amappl11 160 88 0 74 1 0 1 1 0 8 0 amappl10 152 17 0 17 1 1 0 1 0 8 0 amappl9 144 133 0 133 1 1 0 1 0 8 0 amappl8 136 24 0 22 1 0 1 1 0 8 0 amappl7 128 226 0 213 1 0 1 1 0 8 0 amappl6 120 724 0 720 1 0 1 1 0 8 0 amappl5 112 362 0 348 1 0 1 1 0 8 0 amappl4 104 522 0 504 1 0 1 1 0 8 0 amappl3 96 11740 0 11634 5 1 4 4 0 8 0 amappl2 88 1497 0 1424 2 0 2 2 0 8 0 amappl1 80 18194 0 17624 15 1 14 14 0 8 0 amappl 88 17587 0 17421 5 0 5 5 0 92 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 8 0 8 3 3 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 8 0 8 2 2 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 36 0 5 1 0 1 1 0 8 0 uaddrrnd 24 2315 0 2281 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 2315 0 2281 1 0 1 1 0 8 0 vmmpekpl 168 20611 0 20553 5 1 4 4 0 8 0 vmmpepl 168 149588 0 147726 123 33 90 97 0 357 8 vmsppl 440 2314 0 2281 6 2 4 5 0 8 0 rwobjpl 56 49725 0 43178 98 5 93 93 0 8 0 pdppl 4096 4637 0 4562 170 95 75 83 0 8 0 pvpl 32 28608 0 0 231 0 231 231 0 265 0 pmappl 248 2314 0 2281 3 0 3 3 0 8 0 extentpl 40 56 0 38 1 0 1 1 0 8 0 phpool 112 591 0 186 12 0 12 12 0 8 0 ddb{0}> machine ddbcpu 0 Invalid cpu 0 ddb{0}> trace ffs_blkfree(fffffd805f98d340,78a0e,800) at ffs_blkfree+0x263 ffs_cgread sys/ufs/ffs/ffs_alloc.c:856 [inline] ffs_blkfree(fffffd805f98d340,78a0e,800) at ffs_blkfree+0x263 sys/ufs/ffs/ffs_alloc.c:1272 ffs_truncate(fffffd805f98d340,0,4,fffffd807f7d3548) at ffs_truncate+0x139f sys/ufs/ffs/ffs_inode.c:325 ufs_rmdir(ffff80002a0d29c8) at ufs_rmdir+0x374 sys/ufs/ufs/ufs_vnops.c:1265 VOP_RMDIR(fffffd80612c7560,fffffd80612c7128,ffff80002a0d2aa8) at VOP_RMDIR+0x19a sys/kern/vfs_vops.c:413 dounlinkat(ffff8000ffff5c00,ffffff9c,200000c0,8) at dounlinkat+0x2e0 sys/kern/vfs_syscalls.c:1885 syscall(ffff80002a0d2c20) at syscall+0xaf8 mi_syscall sys/sys/syscall_mi.h:179 [inline] syscall(ffff80002a0d2c20) at syscall+0xaf8 sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x19cd2804220, count: -7 ddb{0}> machine ddbcpu 1 Stopped at x86_ipi_db+0x27: addq $0x8,%rsp x86_ipi_db(ffff800029b7bff0) at x86_ipi_db+0x27 sys/arch/amd64/amd64/db_interface.c:393 x86_ipi_handler() at x86_ipi_handler+0xd9 sys/arch/amd64/amd64/ipi.c:106 Xresume_lapic_ipi() at Xresume_lapic_ipi+0x27 acpicpu_idle() at acpicpu_idle+0x41e sys/dev/acpi/acpicpu.c:1219 sched_idle(ffff800029b7bff0) at sched_idle+0x558 sys/kern/kern_sched.c:182 end trace frame: 0x0, count: 10 ddb{1}> trace x86_ipi_db(ffff800029b7bff0) at x86_ipi_db+0x27 sys/arch/amd64/amd64/db_interface.c:393 x86_ipi_handler() at x86_ipi_handler+0xd9 sys/arch/amd64/amd64/ipi.c:106 Xresume_lapic_ipi() at Xresume_lapic_ipi+0x27 acpicpu_idle() at acpicpu_idle+0x41e sys/dev/acpi/acpicpu.c:1219 sched_idle(ffff800029b7bff0) at sched_idle+0x558 sys/kern/kern_sched.c:182 end trace frame: 0x0, count: -5