uvm_fault(0xfffffd807934a2b8, 0x8, 0, 1) -> e kernel: page fault trap, code=0 Stopped at fifo_write+0x6e: movq 0x8(%rax),%r15 TID PID UID PRFLAGS PFLAGS CPU COMMAND *163314 21599 0 0 0x4000000 0 syz-executor fifo_write(ffff80003740b510) at fifo_write+0x6e sys/miscfs/fifofs/fifo_vnops.c:281 VOP_WRITE(fffffd806c6022d8,ffff80003740b5a8,8,fffffd807f7d72d8) at VOP_WRITE+0x102 sys/kern/vfs_vops.c:245 vn_rdwr(1,fffffd806c6022d8,ffff80002a4d0400,fc,0,1,17a456fd742e52cd,ffff80003740b6d0,fffffd806c6022d8,78) at vn_rdwr+0x12d sys/kern/vfs_vnops.c:324 ufs_symlink(ffff80003740b6d0) at ufs_symlink+0x1e2 sys/ufs/ufs/ufs_vnops.c:1309 VOP_SYMLINK(fffffd80726eb7f8,ffff80003740b850,ffff80003740b880,ffff80003740b780,ffff80002a4d0400) at VOP_SYMLINK+0x11a sys/kern/vfs_vops.c:432 dosymlinkat(ffff80002a48dbf0,20000700,5,200004c0) at dosymlinkat+0x1dd sys/kern/vfs_syscalls.c:1806 syscall(ffff80003740ba00) at syscall+0x97e sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xe66c1d2efc0, count: 7 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic *cpu0: uvm_fault(0xfffffd807934a2b8, 0x8, 0, 1) -> e ddb> trace fifo_write(ffff80003740b510) at fifo_write+0x6e sys/miscfs/fifofs/fifo_vnops.c:281 VOP_WRITE(fffffd806c6022d8,ffff80003740b5a8,8,fffffd807f7d72d8) at VOP_WRITE+0x102 sys/kern/vfs_vops.c:245 vn_rdwr(1,fffffd806c6022d8,ffff80002a4d0400,fc,0,1,17a456fd742e52cd,ffff80003740b6d0,fffffd806c6022d8,78) at vn_rdwr+0x12d sys/kern/vfs_vnops.c:324 ufs_symlink(ffff80003740b6d0) at ufs_symlink+0x1e2 sys/ufs/ufs/ufs_vnops.c:1309 VOP_SYMLINK(fffffd80726eb7f8,ffff80003740b850,ffff80003740b880,ffff80003740b780,ffff80002a4d0400) at VOP_SYMLINK+0x11a sys/kern/vfs_vops.c:432 dosymlinkat(ffff80002a48dbf0,20000700,5,200004c0) at dosymlinkat+0x1dd sys/kern/vfs_syscalls.c:1806 syscall(ffff80003740ba00) at syscall+0x97e sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xe66c1d2efc0, count: -8 ddb> show registers rdi 0xfffffd806c6022d8 rsi 0x12c0 __ALIGN_SIZE+0x2c0 rbp 0xffff80003740b500 rbx 0xfffffd806c6022d8 rdx 0xffff80002add4000 rcx 0x12bf __ALIGN_SIZE+0x2bf rax 0 r8 0 r9 0x1 r10 0xd22a06516182ea7e r11 0x1fd6e780156b7686 r12 0x4000 __ALIGN_SIZE+0x3000 r13 0xffff80003740b5a8 r14 0xffff80003740b510 r15 0x1 rip 0xffffffff81ef275e fifo_write+0x6e cs 0x8 rflags 0x10246 __ALIGN_SIZE+0xf246 rsp 0xffff80003740b4d0 ss 0x10 fifo_write+0x6e: movq 0x8(%rax),%r15 ddb> show proc PROC (syz-executor) tid=163314 pid=21599 tcnt=3 stat=onproc flags process=0 proc=4000000 runpri=17, usrpri=86, slppri=17, nice=20 wchan=0x0, wmesg=, ps_single=0x0 scnt=0 ecnt=0 forw=0xffffffffffffffff, list=0xffff80002a48d968,0xffffffff835ce9d8 process=0xffff800037604468 user=0xffff800037406000, vmspace=0xfffffd807934a2b8 estcpu=36, cpticks=1, pctcpu=0.0, user=0, sys=1, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 21599 474340 83944 0 2 0 syz-executor 21599 318726 83944 0 3 0x4000080 fsleep syz-executor *21599 163314 83944 0 7 0x4000000 syz-executor 53774 387481 67986 0 2 0 syz-executor 53774 266972 67986 0 3 0x4000080 fsleep syz-executor 24808 331154 31651 0 2 0 syz-executor 24808 50201 31651 0 3 0x4000080 fsleep syz-executor 24808 54278 31651 0 3 0x4000080 sbwait syz-executor 33705 489313 74840 0 3 0x80 nanoslp syz-executor 33705 101679 74840 0 3 0x4000080 netcon syz-executor 33705 457429 74840 0 3 0x4000080 fsleep syz-executor 33705 424357 74840 0 3 0x4000080 fsleep syz-executor 31651 357875 70617 0 3 0x82 nanoslp syz-executor 62559 192776 70617 0 2 0x2 syz-executor 67986 462028 70617 0 3 0x82 nanoslp syz-executor 68283 157106 70617 0 3 0x82 nanoslp syz-executor 87754 191393 70617 0 2 0x2 syz-executor 74840 105949 70617 0 3 0x82 nanoslp syz-executor 83944 455640 70617 0 3 0x82 nanoslp syz-executor 81511 439185 70617 0 2 0x2 syz-executor 93510 338042 0 0 3 0x14200 bored sosplice 70617 60416 49166 0 3 0x82 kqread syz-executor 49166 73203 61831 0 3 0x10008a sigsusp ksh 61831 259947 53523 0 3 0x98 kqread sshd-session 53523 42344 4985 0 3 0x92 kqread sshd-session 622 468733 1 0 3 0x100083 ttyin getty 4985 261815 1 0 3 0x88 kqread sshd 95424 454483 31971 73 2 0x1100010 syslogd 31971 290342 1 0 3 0x100082 sbwait syslogd 21411 156451 1 0 3 0x100080 kqread resolvd 75334 477704 59107 77 3 0x100092 kqread dhcpleased 88548 335506 59107 77 3 0x100092 kqread dhcpleased 59107 454559 1 0 3 0x80 kqread dhcpleased 102 183132 0 0 3 0x14200 bored smr 85311 392043 0 0 2 0x14200 zerothread 38163 229341 0 0 3 0x14200 aiodoned aiodoned 62413 423944 0 0 3 0x14200 syncer update 33826 50535 0 0 3 0x14200 cleaner cleaner 38979 221596 0 0 3 0x14200 reaper reaper 95325 156704 0 0 3 0x14200 pgdaemon pagedaemon 8973 28110 0 0 3 0x14200 bored viomb 34469 293580 0 0 3 0x40014200 acpi0 acpi0 57239 453644 0 0 3 0x14200 bored softnet3 71813 41681 0 0 3 0x14200 bored softnet2 79325 308230 0 0 3 0x14200 bored softnet1 6833 199391 0 0 3 0x14200 bored softnet0 58133 238162 0 0 3 0x14200 bored systqmp 47948 371631 0 0 3 0x14200 bored systq 57556 142202 0 0 2 0x40014200 softclock 45143 288196 0 0 3 0x40014200 idle0 1 412141 0 0 3 0x80082 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10226 10180K 10551K 166960K 12825 0 pcb 17 18K 23K 166960K 635 0 rtable 212 9K 10K 166960K 2020 0 pf 41 14K 15K 166960K 189 0 ifaddr 42 7K 8K 166960K 275 0 ifgroup 66 2K 2K 166960K 325 0 sysctl 3 0K 2K 166960K 7 0 counters 34 18K 18K 166960K 98 0 ioctlops 0 0K 4K 166960K 355 0 iov 1 2K 20K 166960K 157 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1466 92K 92K 166960K 3091 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 1K 9K 166960K 33 0 VM map 2 1K 1K 166960K 2 0 sem 12 0K 0K 166960K 67 0 dirhash 12 2K 2K 166960K 24 0 ACPI 1697 195K 286K 166960K 12548 0 file desc 15 53K 97K 166960K 1984 0 sigio 0 0K 0K 166960K 30 0 proc 59 59K 124K 166960K 1988 0 subproc 104 6K 7K 166960K 755 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 0 0K 0K 166960K 181 0 in_multi 87 6K 7K 166960K 692 0 ether_multi 1 0K 0K 166960K 9 0 mrt 1 0K 0K 166960K 3 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 235 1049K 1049K 166960K 235 0 exec 0 0K 1K 166960K 1232 0 pfkey data 0 0K 0K 166960K 6 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 211 72K 91K 166960K 16657 0 UVM aobj 57 4K 4K 166960K 61 0 pinsyscall 36 72K 104K 166960K 4307 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 0K 166960K 70 0 NDP 15 0K 2K 166960K 197 0 temp 75 6816K 6888K 166960K 60672 0 kqueue 14 22K 30K 166960K 201 0 SYN cache 2 16K 16K 166960K 2 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle rtpcb 120 299 0 295 2 0 2 2 0 8 1 rtentry 112 704 0 614 4 0 4 4 0 8 0 unpcb 144 1389 0 1372 6 0 6 6 0 8 5 syncache 336 4 0 4 1 0 1 1 0 8 1 tcpcb 808 618 0 610 8 0 8 8 0 8 7 arp 88 129 0 113 1 0 1 1 0 8 0 ipq 40 8 0 8 1 0 1 1 0 8 1 ipqe 40 17 0 17 1 0 1 1 0 8 1 inpcb 336 2877 0 2864 18 9 9 15 0 8 7 nd6 104 181 0 159 1 0 1 1 0 8 0 pkpcb 40 9 0 9 1 0 1 1 0 8 1 kcovpl 48 58 0 50 1 0 1 1 0 8 0 ppxss 1072 6 0 6 1 0 1 1 0 8 1 pfstitem 24 4 0 0 1 0 1 1 0 8 0 pfstkey 128 4 0 1 1 0 1 1 0 8 0 pfstate 344 2 0 0 1 0 1 1 0 8 0 pfrule 1344 3 0 2 1 0 1 1 0 8 0 art_heap8 4096 2 0 0 2 0 2 2 0 8 0 art_heap4 256 2850 0 2451 30 0 30 30 0 8 4 art_table 32 2852 0 2451 4 0 4 4 0 8 0 art_node 16 701 0 621 1 0 1 1 0 8 0 semapl 112 65 0 55 1 0 1 1 0 8 0 shmpl 112 58 0 4 2 0 2 2 0 8 0 dirhash 1024 25 0 8 3 0 3 3 0 8 0 dino2pl 256 3732 0 2136 100 0 100 100 0 8 0 ffsino 240 3732 0 2136 94 0 94 94 0 8 0 nchpl 144 5601 0 3859 65 0 65 65 0 8 0 uvmvnodes 80 5143 0 0 105 0 105 105 0 8 0 vnodes 216 5143 0 0 286 0 286 286 0 8 0 namei 1024 24902 0 24901 2 0 2 2 0 8 1 kstatmem 264 158 0 128 3 0 3 3 0 8 0 scsiplug 72 2 0 2 1 0 1 1 0 8 1 scxspl 216 38492 0 38492 8 0 8 8 1 8 8 plimitpl 152 516 0 500 1 0 1 1 0 8 0 sigapl 424 2186 0 2142 8 0 8 8 0 8 1 futexpl 64 18809 0 18804 1 0 1 1 0 8 0 knotepl 120 40273 0 40226 10 0 10 10 0 8 8 kqueuepl 184 514 0 503 6 0 6 6 0 8 4 pipepl 288 364 0 334 5 0 5 5 0 8 2 fdescpl 432 2148 0 2121 5 0 5 5 0 8 1 filepl 120 14262 0 14005 17 1 16 16 0 8 6 lockfpl 104 871 0 869 2 0 2 2 0 8 1 lockfspl 48 263 0 261 1 0 1 1 0 8 0 sessionpl 144 71 0 63 1 0 1 1 0 8 0 pgrppl 48 146 0 130 1 0 1 1 0 8 0 ucredpl 104 2066 0 2054 1 0 1 1 0 8 0 zombiepl 144 2143 0 2142 1 0 1 1 0 8 0 processpl 1096 2186 0 2142 5 0 5 5 0 8 0 procpl 648 3884 0 3832 7 0 7 7 0 8 1 sosppl 168 12 0 12 1 0 1 1 0 8 1 sockpl 504 4604 0 4571 71 57 14 25 0 8 8 mcl64k 65536 79 0 79 1 0 1 1 0 8 1 mcl16k 16384 1 0 1 1 0 1 1 0 8 1 mcl12k 12288 1 0 1 1 0 1 1 0 8 1 mcl9k 9216 2 0 2 1 0 1 1 0 8 1 mcl8k 8192 28 0 27 1 0 1 1 0 8 0 mcl4k 4096 8 0 8 1 0 1 1 0 8 1 mcl2k 2048 9188 0 9089 24 3 21 24 0 8 6 mtagpl 96 56 0 53 1 0 1 1 0 8 0 mbufpl 256 29328 0 29075 324 301 23 278 0 8 4 bufpl 280 11355 0 4322 503 0 503 503 0 8 0 anonpl 24 321729 0 318557 73 0 73 73 0 187 40 amapchunkpl 152 54265 0 53817 33 0 33 33 0 158 13 amappl16 200 6405 0 6385 47 33 14 15 0 8 11 amappl15 192 23 0 22 1 0 1 1 0 8 0 amappl14 184 205 0 195 1 0 1 1 0 8 0 amappl13 176 7 0 7 1 0 1 1 0 8 1 amappl12 168 3573 0 3546 3 0 3 3 0 8 1 amappl11 160 85 0 74 1 0 1 1 0 8 0 amappl10 152 13 0 13 1 0 1 1 0 8 1 amappl9 144 138 0 138 1 0 1 1 0 8 1 amappl8 136 29 0 28 1 0 1 1 0 8 0 amappl7 128 195 0 185 1 0 1 1 0 8 0 amappl6 120 664 0 662 1 0 1 1 0 8 0 amappl5 112 324 0 315 1 0 1 1 0 8 0 amappl4 104 441 0 426 1 0 1 1 0 8 0 amappl3 96 9495 0 9405 3 0 3 3 0 8 0 amappl2 88 2458 0 2386 2 0 2 2 0 8 0 amappl1 80 16150 0 15621 14 0 14 14 0 8 2 amappl 88 15888 0 15731 5 0 5 5 0 92 0 dma4096 4096 1 0 1 1 0 1 1 0 8 1 dma2048 2048 2 0 2 1 0 1 1 0 8 1 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 6 0 6 1 0 1 1 0 8 1 dma128 128 255 0 255 1 0 1 1 0 8 1 dma64 64 7 0 7 1 0 1 1 0 8 1 dma32 32 7 0 7 1 0 1 1 0 8 1 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 60 0 4 2 0 2 2 0 8 0 uaddrrnd 24 2148 0 2121 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 2148 0 2121 1 0 1 1 0 8 0 vmmpekpl 168 17480 0 17431 3 0 3 3 0 8 0 vmmpepl 168 135242 0 133581 91 0 91 91 0 357 9 vmsppl 344 2147 0 2121 4 0 4 4 0 8 1 rwobjpl 24 43543 0 37494 38 0 38 38 0 8 0 pdppl 4096 4303 0 4242 179 112 67 83 0 8 6 pvpl 32 1173676 0 1164551 243 0 243 243 0 265 148 pmappl 216 2147 0 2121 3 0 3 3 0 8 1 extentpl 40 56 0 38 1 0 1 1 0 8 0 phpool 112 869 0 482 18 0 18 18 0 8 4 ddb> machine ddbcpu 0 No such command ddb> trace fifo_write(ffff80003740b510) at fifo_write+0x6e sys/miscfs/fifofs/fifo_vnops.c:281 VOP_WRITE(fffffd806c6022d8,ffff80003740b5a8,8,fffffd807f7d72d8) at VOP_WRITE+0x102 sys/kern/vfs_vops.c:245 vn_rdwr(1,fffffd806c6022d8,ffff80002a4d0400,fc,0,1,17a456fd742e52cd,ffff80003740b6d0,fffffd806c6022d8,78) at vn_rdwr+0x12d sys/kern/vfs_vnops.c:324 ufs_symlink(ffff80003740b6d0) at ufs_symlink+0x1e2 sys/ufs/ufs/ufs_vnops.c:1309 VOP_SYMLINK(fffffd80726eb7f8,ffff80003740b850,ffff80003740b880,ffff80003740b780,ffff80002a4d0400) at VOP_SYMLINK+0x11a sys/kern/vfs_vops.c:432 dosymlinkat(ffff80002a48dbf0,20000700,5,200004c0) at dosymlinkat+0x1dd sys/kern/vfs_syscalls.c:1806 syscall(ffff80003740ba00) at syscall+0x97e sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xe66c1d2efc0, count: -8 ddb> machine ddbcpu 1 No such command ddb> trace fifo_write(ffff80003740b510) at fifo_write+0x6e sys/miscfs/fifofs/fifo_vnops.c:281 VOP_WRITE(fffffd806c6022d8,ffff80003740b5a8,8,fffffd807f7d72d8) at VOP_WRITE+0x102 sys/kern/vfs_vops.c:245 vn_rdwr(1,fffffd806c6022d8,ffff80002a4d0400,fc,0,1,17a456fd742e52cd,ffff80003740b6d0,fffffd806c6022d8,78) at vn_rdwr+0x12d sys/kern/vfs_vnops.c:324 ufs_symlink(ffff80003740b6d0) at ufs_symlink+0x1e2 sys/ufs/ufs/ufs_vnops.c:1309 VOP_SYMLINK(fffffd80726eb7f8,ffff80003740b850,ffff80003740b880,ffff80003740b780,ffff80002a4d0400) at VOP_SYMLINK+0x11a sys/kern/vfs_vops.c:432 dosymlinkat(ffff80002a48dbf0,20000700,5,200004c0) at dosymlinkat+0x1dd sys/kern/vfs_syscalls.c:1806 syscall(ffff80003740ba00) at syscall+0x97e sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xe66c1d2efc0, count: -8