uvm_fault(0xffffffff83ae5060, 0xffff80001f742004, 0, 1) -> d kernel: page fault trap, code=0 Stopped at ufs_readdir+0x26e: movzwl 0x4(%r14),%ebx TID PID UID PRFLAGS PFLAGS CPU COMMAND *446129 56438 0 0x2 0 0 syz-executor ufs_readdir(ffff80002a80f3b0) at ufs_readdir+0x26e sys/ufs/ufs/ufs_vnops.c:1397 VOP_READDIR(fffff5007c012a20,ffff80002a80f438,fffff50007ffd680,ffff80002a80f47c) at VOP_READDIR+0x125 sys/kern/vfs_vops.c:453 sys_getdents(ffff80002a779a00,ffff80002a80f5c0,ffff80002a80f510) at sys_getdents+0x2dd sys/kern/vfs_syscalls.c:3132 syscall(ffff80002a80f5c0) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80002a80f5c0) at syscall+0x962 sys/arch/amd64/amd64/trap.c:783 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x765c96b0e7f0, count: 10 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic *cpu0: uvm_fault(0xffffffff83ae5060, 0xffff80001f742004, 0, 1) -> d ddb> trace ufs_readdir(ffff80002a80f3b0) at ufs_readdir+0x26e sys/ufs/ufs/ufs_vnops.c:1397 VOP_READDIR(fffff5007c012a20,ffff80002a80f438,fffff50007ffd680,ffff80002a80f47c) at VOP_READDIR+0x125 sys/kern/vfs_vops.c:453 sys_getdents(ffff80002a779a00,ffff80002a80f5c0,ffff80002a80f510) at sys_getdents+0x2dd sys/kern/vfs_syscalls.c:3132 syscall(ffff80002a80f5c0) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80002a80f5c0) at syscall+0x962 sys/arch/amd64/amd64/trap.c:783 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x765c96b0e7f0, count: -5 ddb> show registers rdi 0x200 rsi 0x800 rbp 0xffff80002a80f3a0 rbx 0x200 rdx 0 rcx 0xfffff50067fc3ae0 rax 0xffff80001f742200 r8 0xffffffffffffffff r9 0x2 r10 0x69bb4d115b7e3309 r11 0x4a3a949c3491ac23 r12 0 r13 0xffff80002a80f438 r14 0xffff80001f742000 r15 0xffff80001f742008 rip 0xffffffff8101720e ufs_readdir+0x26e cs 0x8 rflags 0x10283 __ALIGN_SIZE+0xf283 rsp 0xffff80002a80f1f0 ss 0x10 ufs_readdir+0x26e: movzwl 0x4(%r14),%ebx ddb> show proc PROC (syz-executor) tid=446129 pid=56438 tcnt=1 stat=onproc flags process=2 proc=0 runpri=32, usrpri=50, slppri=32, nice=20 wchan=0x0, wmesg=, ps_single=0x0 scnt=0 ecnt=0 forw=0xffffffffffffffff, list=0xffff80002a7794d0,0xffff80002a737240 process=0xffff80002a79d690 user=0xffff80002a80a000, vmspace=0xfffff5007bef7a18 estcpu=36, cpticks=2, pctcpu=0.0, user=0, sys=2, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 75320 26283 90765 0 2 0 syz-executor 75320 290459 90765 0 3 0x4000080 ttyretype syz-executor 75320 21917 90765 0 3 0x4000080 fsleep syz-executor 42906 308220 95861 0 2 0 syz-executor 42906 48073 95861 0 3 0x4000080 fsleep syz-executor 89992 70308 83713 0 2 0 syz-executor 89992 127731 83713 0 3 0x4000080 kqread syz-executor 89992 147558 83713 0 3 0x4000080 fsleep syz-executor 98403 185187 80137 0 2 0 syz-executor 98403 391689 80137 0 3 0x4000080 kqsel syz-executor 98403 504722 80137 0 3 0x4000080 fsleep syz-executor 46919 424802 7250 0 3 0x82 piperd syz-executor 57044 373753 96718 0 3 0x80 nanoslp syz-executor 57044 137291 96718 0 3 0x4000080 kqsel syz-executor 57044 516517 96718 0 3 0x4000080 fsleep syz-executor 89219 43782 1 0 3 0x82 nanoslp getty 57934 503185 0 0 3 0x14280 nfsidl nfsio 42409 361797 0 0 3 0x14280 nfsidl nfsio 57986 187901 0 0 3 0x14280 nfsidl nfsio 1933 426594 0 0 3 0x14280 nfsidl nfsio 85971 445682 0 0 3 0x14280 nfsidl nfsio 32961 63745 0 0 3 0x14280 nfsidl nfsio 90688 4240 0 0 3 0x14280 nfsidl nfsio 85555 206617 0 0 3 0x14280 nfsidl nfsio 87086 397227 0 0 3 0x14280 nfsidl nfsio 28657 407864 0 0 3 0x14280 nfsidl nfsio 55034 250031 0 0 3 0x14280 nfsidl nfsio 1388 416511 0 0 3 0x14280 nfsidl nfsio 735 438624 0 0 3 0x14280 nfsidl nfsio 79732 519985 0 0 3 0x14280 nfsidl nfsio 82368 483590 0 0 3 0x14280 nfsidl nfsio 47949 359334 0 0 3 0x14280 nfsidl nfsio 86446 304570 0 0 3 0x14280 nfsidl nfsio 29499 54794 0 0 3 0x14280 nfsidl nfsio 31153 267492 0 0 3 0x14280 nfsidl nfsio 73289 231102 0 0 3 0x14280 nfsidl nfsio 83713 240237 7250 0 3 0x82 nanoslp syz-executor 96718 444496 7250 0 3 0x82 nanoslp syz-executor 95861 394565 7250 0 3 0x82 nanoslp syz-executor *56438 446129 7250 0 7 0x2 syz-executor 80137 131721 7250 0 3 0x82 nanoslp syz-executor 90765 188032 7250 0 3 0x82 nanoslp syz-executor 7250 488877 1 0 3 0x82 wait syz-executor 11808 331735 45782 0 3 0x98 kqread sshd-session 45782 158193 1 0 3 0x92 kqread sshd-session 74105 422992 1 73 3 0x1100090 kqread syslogd 76673 144947 0 0 3 0x14200 bored smr 46320 190548 0 0 2 0x14200 zerothread 20845 246291 0 0 3 0x14200 aiodoned aiodoned 6391 282814 0 0 3 0x14200 syncer update 77584 504731 0 0 3 0x14200 cleaner cleaner 22942 140836 0 0 3 0x14200 reaper reaper 11624 306731 0 0 3 0x14200 pgdaemon pagedaemon 10876 456395 0 0 3 0x14200 bored viomb 29763 378927 0 0 3 0x40014200 acpi0 acpi0 19690 338710 0 0 3 0x14200 bored softnet0 60717 53172 0 0 3 0x14200 smrbar systqmp 87148 69540 0 0 3 0x14200 bored systq 91791 158367 0 0 3 0x40014200 tmoslp softclock 28199 200457 0 0 3 0x40014200 idle0 1 355973 0 0 3 0x82 wait init 0 0 -1 0 3 0x10010200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 11041 12180K 12625K 166960K 12971 0 pcb 20 14K 16K 166960K 201 0 rtable 239 7K 7K 166960K 731 0 pf 36 14K 20K 166960K 105 0 ifaddr 41 7K 7K 166960K 100 0 ifgroup 50 2K 2K 166960K 124 0 sysctl 4 1K 9K 166960K 14 0 counters 33 17K 18K 166960K 54 0 ioctlops 0 0K 4K 166960K 213 0 iov 0 0K 16K 166960K 53 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1351 85K 85K 166960K 2227 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 1K 9K 166960K 14 0 VM map 2 1K 1K 166960K 2 0 sem 12 0K 1K 166960K 46 0 dirhash 12 2K 2K 166960K 27 0 ACPI 1692 195K 286K 166960K 12470 0 file desc 15 53K 97K 166960K 989 0 sigio 0 0K 0K 166960K 18 0 proc 20 25K 124K 166960K 925 0 subproc 72 4K 4K 166960K 171 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 0 0K 0K 166960K 83 0 in_multi 98 7K 7K 166960K 237 0 ether_multi 1 0K 0K 166960K 6 0 mrt 1 0K 0K 166960K 24 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 91 413K 413K 166960K 91 0 exec 0 0K 1K 166960K 591 0 fusefs mount 1 32K 32K 166960K 1 0 pfkey data 0 0K 0K 166960K 2 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 152 91K 160K 166960K 9773 0 UVM aobj 85 3K 3K 166960K 87 0 pinsyscall 23 46K 96K 166960K 2383 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 0K 166960K 26 0 NDP 15 0K 2K 166960K 69 0 temp 75 9116K 13202K 166960K 27799 0 kqueue 5 8K 30K 166960K 172 0 SYN cache 2 16K 24K 166960K 3 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle rtpcb 120 92 0 92 1 0 1 1 0 8 1 rtentry 136 240 0 133 4 0 4 4 0 8 0 unpcb 144 604 0 597 6 0 6 6 0 8 5 syncache 336 6 0 6 1 0 1 1 0 8 1 tcpcb 736 286 0 284 7 0 7 7 0 8 6 arp 96 40 0 24 1 0 1 1 0 8 0 ipq 40 2 0 1 1 0 1 1 0 8 0 ipqe 40 5 0 3 1 0 1 1 0 8 0 inpcb 328 907 0 901 9 0 9 9 0 8 7 ip6q 72 2 0 1 1 0 1 1 0 8 0 ip6af 40 3 0 2 1 0 1 1 0 8 0 nd6 112 61 0 36 1 0 1 1 0 8 0 pkpcb 40 11 0 11 1 0 1 1 0 8 1 kcovpl 48 19 0 11 1 0 1 1 0 8 0 ppxss 1072 7 0 7 1 0 1 1 0 8 1 pppxif 1416 1 0 1 1 0 1 1 0 8 1 pfstscr 40 15 0 5 1 0 1 1 0 8 0 pffrag 232 1 0 1 1 0 1 1 0 482 1 pffrnode 88 1 0 1 1 0 1 1 0 8 1 pffrent 40 4 0 4 1 0 1 1 0 8 1 pfanchor 1288 2 0 0 1 0 1 1 0 8 0 pfqueue 320 1 0 1 1 0 1 1 0 8 1 pfstitem 24 10 0 0 1 0 1 1 0 8 0 pfstkey 128 15 0 6 1 0 1 1 0 8 0 pfstate 384 8 0 3 1 0 1 1 0 8 0 pfrule 1360 1 0 1 1 0 1 1 0 8 1 rttmr 136 2 0 2 1 0 1 1 0 8 1 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 1042 0 589 31 0 31 31 0 8 2 art_table 40 1043 0 589 5 0 5 5 0 8 0 art_node 32 239 0 141 1 0 1 1 0 8 0 sysvmsgpl 40 7 0 5 1 0 1 1 0 8 0 semupl 112 3 0 3 1 0 1 1 0 8 1 semapl 72 40 0 30 1 0 1 1 0 8 0 shmpl 112 84 0 2 3 0 3 3 0 8 0 dirhash 1024 27 0 10 3 0 3 3 0 8 0 dino2pl 256 2929 0 1451 93 0 93 93 0 8 0 ffsino 256 2929 0 1451 93 0 93 93 0 8 0 nchpl 144 4071 0 2332 65 0 65 65 0 8 0 vnodes 216 3537 0 0 197 0 197 197 0 8 0 namei 1024 14416 0 14416 2 0 2 2 0 8 2 acpiwqpl 32 1 0 1 1 0 1 1 1 8 1 kstatmem 264 63 0 40 2 0 2 2 0 8 0 scsiplug 72 2 0 2 1 0 1 1 0 8 1 scxspl 216 18473 0 18473 8 0 8 8 1 8 8 plimitpl 152 179 0 164 1 0 1 1 0 8 0 sigapl 424 1285 0 1232 8 0 8 8 0 8 0 knotepl 120 37608 0 37581 16 6 10 16 0 8 8 kqueuepl 184 411 0 403 7 0 7 7 0 8 5 pipepl 304 262 0 235 8 0 8 8 0 8 5 fdescpl 448 1251 0 1231 5 0 5 5 0 8 2 filepl 120 6763 0 6573 12 0 12 12 0 8 3 lockfpl 104 238 0 236 1 0 1 1 0 8 0 lockfspl 48 105 0 103 1 0 1 1 0 8 0 sessionpl 144 124 0 120 1 0 1 1 0 8 0 pgrppl 48 149 0 137 1 0 1 1 0 8 0 ucredpl 104 1210 0 1202 1 0 1 1 0 8 0 zombiepl 144 1233 0 1232 1 0 1 1 0 8 0 processpl 1152 1285 0 1232 5 0 5 5 0 8 0 procpl 664 2325 0 2263 7 0 7 7 0 8 1 sockpl 552 1672 0 1659 18 9 9 15 0 8 7 mcl64k 65536 143 0 143 1 0 1 1 0 8 1 mcl16k 16384 3 0 3 1 0 1 1 0 8 1 mcl9k128 9344 2 0 2 1 0 1 1 0 8 1 mcl8k 8192 17 0 17 1 0 1 1 0 8 1 mcl4k 4096 3469 0 3416 14 0 14 14 0 8 6 mcl2k 2048 662 0 660 2 0 2 2 0 8 1 mtagpl 96 6 0 5 1 0 1 1 0 8 0 mbufpl 256 11754 0 11550 27 4 23 23 0 8 5 bufpl 272 7491 0 1275 415 0 415 415 0 8 0 anonpl 24 185587 0 183407 57 0 57 57 0 186 22 amapchunkpl 152 31119 0 30754 35 0 35 35 0 158 17 amappl16 200 3410 0 3393 14 0 14 14 0 8 7 amappl15 192 7 0 7 1 0 1 1 0 8 1 amappl14 184 539 0 539 1 0 1 1 0 8 1 amappl13 176 143 0 139 1 0 1 1 0 8 0 amappl12 168 1535 0 1516 2 0 2 2 0 8 0 amappl11 160 5 0 5 1 0 1 1 0 8 1 amappl10 152 63 0 61 1 0 1 1 0 8 0 amappl9 144 290 0 290 1 0 1 1 0 8 1 amappl8 136 175 0 174 1 0 1 1 0 8 0 amappl7 128 192 0 187 1 0 1 1 0 8 0 amappl6 120 262 0 262 1 0 1 1 0 8 1 amappl5 112 105 0 101 1 0 1 1 0 8 0 amappl4 104 304 0 295 1 0 1 1 0 8 0 amappl3 96 6415 0 6338 4 0 4 4 0 8 1 amappl2 88 635 0 608 2 0 2 2 0 8 0 amappl1 80 14284 0 13975 14 0 14 14 0 8 4 amappl 88 8732 0 8605 5 0 5 5 0 92 0 uvmvnodes 80 115 0 0 3 0 3 3 0 8 0 dma65536 65536 1 0 1 1 0 1 1 0 8 1 dma32768 32768 2 0 2 1 0 1 1 0 8 1 dma4096 4096 1 0 1 1 0 1 1 0 8 1 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 6 0 6 1 0 1 1 0 8 1 dma128 128 253 0 253 1 0 1 1 0 8 1 dma64 64 6 0 6 1 0 1 1 0 8 1 dma32 32 7 0 7 1 0 1 1 0 8 1 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 86 0 2 2 0 2 2 0 8 0 uaddrrnd 24 1251 0 1231 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 1251 0 1231 1 0 1 1 0 8 0 vmmpekpl 168 11399 0 11360 3 0 3 3 0 8 0 vmmpepl 168 85493 0 84357 91 0 91 91 0 357 31 vmsppl 368 1250 0 1231 4 0 4 4 0 8 1 rwobjpl 40 24904 0 24219 13 0 13 13 0 8 0 pdppl 4096 2508 0 2462 112 56 56 82 0 8 10 pvpl 32 526403 0 520227 133 0 133 133 0 265 61 pmappl 216 1250 0 1231 3 0 3 3 0 8 1 extentpl 40 45 0 27 1 0 1 1 0 8 0 phpool 112 819 0 60 22 0 22 22 0 8 0 ddb> machine ddbcpu 0 No such command ddb> trace ufs_readdir(ffff80002a80f3b0) at ufs_readdir+0x26e sys/ufs/ufs/ufs_vnops.c:1397 VOP_READDIR(fffff5007c012a20,ffff80002a80f438,fffff50007ffd680,ffff80002a80f47c) at VOP_READDIR+0x125 sys/kern/vfs_vops.c:453 sys_getdents(ffff80002a779a00,ffff80002a80f5c0,ffff80002a80f510) at sys_getdents+0x2dd sys/kern/vfs_syscalls.c:3132 syscall(ffff80002a80f5c0) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80002a80f5c0) at syscall+0x962 sys/arch/amd64/amd64/trap.c:783 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x765c96b0e7f0, count: -5 ddb> machine ddbcpu 1 No such command ddb> trace ufs_readdir(ffff80002a80f3b0) at ufs_readdir+0x26e sys/ufs/ufs/ufs_vnops.c:1397 VOP_READDIR(fffff5007c012a20,ffff80002a80f438,fffff50007ffd680,ffff80002a80f47c) at VOP_READDIR+0x125 sys/kern/vfs_vops.c:453 sys_getdents(ffff80002a779a00,ffff80002a80f5c0,ffff80002a80f510) at sys_getdents+0x2dd sys/kern/vfs_syscalls.c:3132 syscall(ffff80002a80f5c0) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80002a80f5c0) at syscall+0x962 sys/arch/amd64/amd64/trap.c:783 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x765c96b0e7f0, count: -5