uvm_fault(0xffffffff82db8db0, 0xffff800014562004, 0, 1) -> d kernel: page fault trap, code=0 Stopped at ufs_lookup+0x49b: movzwl 0x4(%r15,%rbx,1),%r14d TID PID UID PRFLAGS PFLAGS CPU COMMAND * 14925 10550 0 0x2 0 0 syz-executor.4 ufs_lookup() at ufs_lookup+0x49b sys/ufs/ufs/ufs_lookup.c:279 VOP_LOOKUP(fffffd807cf80370,ffff800035dc7368,ffff800035dc7398) at VOP_LOOKUP+0x5c sys/kern/vfs_vops.c:85 vfs_lookup(ffff800035dc7338) at vfs_lookup+0x6df sys/kern/vfs_lookup.c:566 namei(ffff800035dc7338) at namei+0x56a sys/kern/vfs_lookup.c:250 dounlinkat(ffff80002a603d50,ffffff9c,76c965ee3410,8) at dounlinkat+0x9d sys/kern/vfs_syscalls.c:1855 syscall(ffff800035dc7500) at syscall+0x538 sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x76c965ee3400, count: 8 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic *cpu0: uvm_fault(0xffffffff82db8db0, 0xffff800014562004, 0, 1) -> d ddb> trace ufs_lookup() at ufs_lookup+0x49b sys/ufs/ufs/ufs_lookup.c:279 VOP_LOOKUP(fffffd807cf80370,ffff800035dc7368,ffff800035dc7398) at VOP_LOOKUP+0x5c sys/kern/vfs_vops.c:85 vfs_lookup(ffff800035dc7338) at vfs_lookup+0x6df sys/kern/vfs_lookup.c:566 namei(ffff800035dc7338) at namei+0x56a sys/kern/vfs_lookup.c:250 dounlinkat(ffff80002a603d50,ffffff9c,76c965ee3410,8) at dounlinkat+0x9d sys/kern/vfs_syscalls.c:1855 syscall(ffff800035dc7500) at syscall+0x538 sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x76c965ee3400, count: -7 ddb> show registers rdi 0 rsi 0 rbp 0xffff800035dc7180 rbx 0 rdx 0 rcx 0xffffffff rax 0xfffffd807efd5460 r8 0xffffffffffffffff r9 0xfffffd807f7d76e8 r10 0x7ad83f23bbf290e0 r11 0x46d0d3de02c7c956 r12 0 r13 0xfffffd8065d894b8 r14 0 r15 0xffff800014562000 rip 0xffffffff81e494ab ufs_lookup+0x49b cs 0x8 rflags 0x10202 __ALIGN_SIZE+0xf202 rsp 0xffff800035dc7070 ss 0x10 ufs_lookup+0x49b: movzwl 0x4(%r15,%rbx,1),%r14d ddb> show proc PROC (syz-executor.4) tid=14925 pid=10550 tcnt=1 stat=onproc flags process=2 proc=0 runpri=84, usrpri=86, slppri=32, nice=20 wchan=0x0, wmesg=, ps_single=0x0 forw=0xffffffffffffffff, list=0xffff80002a6d1800,0xffff80002a602d70 process=0xffff8000ffff5500 user=0xffff800035dc2000, vmspace=0xfffffd805c0a3438 estcpu=36, cpticks=1, pctcpu=0.0, user=0, sys=1, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 11373 150143 7192 0 2 0 syz-executor.6 84884 16344 99642 0 2 0 syz-executor.2 84884 252958 99642 0 3 0x4000080 fsleep syz-executor.2 84884 392586 99642 0 3 0x4000080 fsleep syz-executor.2 84884 509301 99642 0 3 0x4000080 fsleep syz-executor.2 41806 310559 77918 0 2 0 syz-executor.5 41806 365557 77918 0 3 0x4000080 fsleep syz-executor.5 41806 252757 77918 0 3 0x4000080 fsleep syz-executor.5 18664 429093 86040 0 2 0 syz-executor.7 18664 42586 86040 0 3 0x4000080 netio syz-executor.7 83352 140315 43180 0 2 0 syz-executor.0 83352 233699 43180 0 3 0x4000080 fsleep syz-executor.0 41156 41573 34710 0 2 0 syz-executor.3 41156 155688 34710 0 3 0x4000080 fsleep syz-executor.3 41156 489792 34710 0 2 0x4000000 syz-executor.3 *10550 14925 23271 0 7 0x2 syz-executor.4 99642 522073 23271 0 3 0x82 nanoslp syz-executor.2 86040 198855 23271 0 3 0x82 nanoslp syz-executor.7 59086 54623 23271 0 2 0x2 syz-executor.1 12109 410766 0 0 3 0x14280 nfsidl nfsio 44642 228576 0 0 3 0x14280 nfsidl nfsio 83711 397701 0 0 3 0x14280 nfsidl nfsio 8008 191035 0 0 3 0x14280 nfsidl nfsio 63146 434299 0 0 3 0x14280 nfsidl nfsio 58928 137199 0 0 3 0x14280 nfsidl nfsio 45433 458766 0 0 3 0x14280 nfsidl nfsio 16505 404737 0 0 3 0x14280 nfsidl nfsio 26007 184944 0 0 3 0x14280 nfsidl nfsio 3356 506753 0 0 3 0x14280 nfsidl nfsio 32478 176047 0 0 3 0x14280 nfsidl nfsio 38343 73231 0 0 3 0x14280 nfsidl nfsio 53914 361073 0 0 3 0x14280 nfsidl nfsio 69654 164554 0 0 3 0x14280 nfsidl nfsio 35573 352690 0 0 3 0x14280 nfsidl nfsio 59466 12718 0 0 3 0x14280 nfsidl nfsio 42771 98025 0 0 3 0x14280 nfsidl nfsio 75366 414281 0 0 3 0x14280 nfsidl nfsio 20684 279707 0 0 3 0x14280 nfsidl nfsio 55270 306857 0 0 3 0x14280 nfsidl nfsio 77918 245057 23271 0 3 0x82 nanoslp syz-executor.5 7192 264628 23271 0 2 0x2 syz-executor.6 34710 429309 23271 0 3 0x82 nanoslp syz-executor.3 97099 300512 1 0 3 0x18100083 ttyin getty 43180 68106 23271 0 3 0x82 nanoslp syz-executor.0 83966 230179 0 0 3 0x14200 bored sosplice 23271 223073 82795 0 3 0x1a000082 thrsleep syz-fuzzer 23271 255932 82795 0 3 0x1e000082 nanoslp syz-fuzzer 23271 278295 82795 0 3 0x1e000082 wait syz-fuzzer 23271 198062 82795 0 3 0x1e000082 thrsleep syz-fuzzer 23271 238345 82795 0 3 0x1e000082 wait syz-fuzzer 23271 315947 82795 0 3 0x1e000082 thrsleep syz-fuzzer 23271 160084 82795 0 3 0x1e000082 wait syz-fuzzer 23271 254746 82795 0 3 0x1e000082 thrsleep syz-fuzzer 23271 264863 82795 0 3 0x1e000082 wait syz-fuzzer 23271 240052 82795 0 3 0x1e000082 thrsleep syz-fuzzer 23271 259614 82795 0 3 0x1e000082 wait syz-fuzzer 23271 436698 82795 0 3 0x1e000082 wait syz-fuzzer 23271 264784 82795 0 3 0x1e000082 kqread syz-fuzzer 23271 347110 82795 0 3 0x1e000082 wait syz-fuzzer 23271 269604 82795 0 3 0x1e000082 wait syz-fuzzer 82795 193263 90714 0 3 0x810008a sigsusp ksh 90714 267811 57425 0 3 0x1800009a kqread sshd 57425 377832 1 0 3 0x18000088 kqread sshd 42602 332775 83807 73 3 0x19100090 kqread syslogd 83807 179741 1 0 3 0x18100082 netio syslogd 96901 256525 1 0 3 0x18100080 kqread resolvd 53254 142707 84171 77 3 0x18100092 kqread dhcpleased 58537 69893 84171 77 3 0x18100092 kqread dhcpleased 84171 297563 1 0 3 0x18000080 kqread dhcpleased 88168 483215 0 0 3 0x14200 bored smr 54825 182655 0 0 2 0x14200 zerothread 40455 276316 0 0 3 0x14200 aiodoned aiodoned 91565 471763 0 0 3 0x14200 syncer update 57943 280109 0 0 3 0x14200 cleaner cleaner 49150 84550 0 0 3 0x14200 reaper reaper 47702 278459 0 0 3 0x14200 pgdaemon pagedaemon 95240 357743 0 0 3 0x14200 bored viomb 74647 445040 0 0 3 0x40014200 acpi0 acpi0 97106 365362 0 0 3 0x14200 bored softnet3 29503 493841 0 0 3 0x14200 bored softnet2 41263 333681 0 0 3 0x14200 bored softnet1 41103 330305 0 0 3 0x14200 bored softnet0 27725 463524 0 0 3 0x14200 bored systqmp 58758 168864 0 0 3 0x14200 bored systq 26733 184709 0 0 3 0x40014200 tmoslp softclock 26626 29739 0 0 3 0x40014200 idle0 1 233920 0 0 3 0x8080082 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10209 6435K 7749K 166960K 40630 0 pcb 15 20K 23K 166960K 2396 0 rtable 217 11K 12K 166960K 6431 0 pf 31 9K 10K 166960K 825 0 ifaddr 43 15K 16K 166960K 871 0 ifgroup 54 2K 2K 166960K 1306 0 sysctl 3 0K 0K 166960K 7 0 counters 31 17K 17K 166960K 384 0 ioctlops 0 0K 2K 166960K 1806 0 iov 0 0K 34K 166960K 3516 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1687 106K 106K 166960K 14089 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 1K 9K 166960K 324 0 VM map 2 1K 1K 166960K 2 0 sem 12 0K 1K 166960K 3581 0 dirhash 12 2K 3K 166960K 240 0 ACPI 1697 195K 286K 166960K 12548 0 file desc 16 57K 85K 166960K 26255 0 sigio 0 0K 0K 166960K 1292 0 proc 58 59K 92K 166960K 4932 0 subproc 104 6K 7K 166960K 1739 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 0 0K 0K 166960K 3363 0 in_multi 87 6K 7K 166960K 2386 0 ether_multi 1 0K 0K 166960K 35 0 mrt 9 0K 0K 166960K 32 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 241 1076K 1076K 166960K 241 0 exec 0 0K 1K 166960K 5158 0 pfkey data 0 0K 0K 166960K 35 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 626 1116K 1856K 166960K 239505 0 UVM aobj 131 4K 4K 166960K 134 0 pinsyscall 22 44K 100K 166960K 5357 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 0K 166960K 667 0 NDP 12 0K 2K 166960K 693 0 temp 74 6804K 7440K 166960K 174434 0 kqueue 12 18K 35K 166960K 1931 0 SYN cache 2 192K 200K 166960K 4 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle rtpcb 120 1651 0 1648 8 3 5 5 0 8 4 rtentry 112 1972 0 1877 4 0 4 4 0 8 0 unpcb 144 20590 0 20575 29 23 6 10 0 8 5 syncache 336 273 0 273 4 3 1 1 0 8 1 sackhl 24 2 4 2 1 1 0 1 0 8 0 tcpqe 32 366 0 366 4 3 1 1 0 8 1 tcpcb 808 9082 0 9072 51 43 8 16 0 8 7 arp 88 309 0 295 1 0 1 1 0 8 0 ipq 40 59 0 58 4 3 1 1 0 8 0 ipqe 40 277 0 276 4 3 1 1 0 8 0 inpcb 360 21214 0 21201 67 59 8 19 0 8 6 nd6 104 475 0 454 1 0 1 1 0 8 0 pkpcb 40 195 0 195 3 2 1 1 0 8 1 kcovpl 48 130 0 122 1 0 1 1 0 8 0 ppxss 1072 124 0 124 3 2 1 1 0 8 1 art_heap8 4096 4 0 3 3 2 1 3 0 8 0 art_heap4 256 7948 0 7529 52 24 28 31 0 8 1 art_table 32 7952 0 7532 4 0 4 4 0 8 0 art_node 16 1914 0 1828 1 0 1 1 0 8 0 sysvmsgpl 40 44 0 4 1 0 1 1 0 8 0 semupl 112 5 0 5 1 1 0 1 0 8 0 semapl 112 3577 0 3567 1 0 1 1 0 8 0 shmpl 112 131 0 3 4 0 4 4 0 8 0 dirhash 1024 169 0 152 3 0 3 3 0 8 0 dino2pl 256 35979 0 34358 102 0 102 102 0 8 0 ffsino 240 35979 0 34358 96 0 96 96 0 8 0 nchpl 144 70836 0 69105 66 0 66 66 0 8 0 uvmvnodes 80 6372 0 0 131 0 131 131 0 8 0 vnodes 216 6372 0 0 354 0 354 354 0 8 0 namei 1024 250766 0 250764 7 5 2 2 0 8 1 vcpupl 2048 494 0 0 62 0 62 62 0 8 0 vmpool 664 616 0 122 42 0 42 42 0 8 0 kstatmem 264 730 0 706 2 0 2 2 0 8 0 scxspl 216 214738 0 214738 20 17 3 8 1 8 3 plimitpl 152 3565 0 3550 1 0 1 1 0 8 0 sigapl 424 26832 0 26768 9 1 8 9 0 8 0 futexpl 64 239069 0 239062 1 0 1 1 0 8 0 knotepl 120 218357 0 218275 30 19 11 19 0 8 8 kqueuepl 184 4622 0 4614 16 12 4 7 0 8 3 pipepl 288 5049 0 5021 21 14 7 11 0 8 4 fdescpl 432 26292 0 26265 4 0 4 4 0 8 0 filepl 120 160336 0 160094 44 29 15 18 0 8 5 lockfpl 104 7063 0 7061 4 3 1 2 0 8 0 lockfspl 48 2517 0 2515 1 0 1 1 0 8 0 sessionpl 144 150 0 134 1 0 1 1 0 8 0 pgrppl 48 796 0 780 1 0 1 1 0 8 0 ucredpl 104 22048 0 22035 1 0 1 1 0 8 0 zombiepl 144 26768 0 26768 1 0 1 1 0 8 1 processpl 1072 26832 0 26768 5 0 5 5 0 8 0 procpl 680 64899 0 64812 13 4 9 10 0 8 1 sosppl 168 312 0 312 2 1 1 1 0 8 1 sockpl 488 43840 0 43809 703 691 12 38 0 8 8 mcl64k 65536 1136 0 1136 3 2 1 1 0 8 1 mcl16k 16384 616 0 616 3 2 1 1 0 8 1 mcl12k 12288 1082 0 1082 4 3 1 1 0 8 1 mcl9k 9216 542 0 542 4 3 1 1 0 8 1 mcl8k 8192 2032 0 2032 3 2 1 1 0 8 1 mcl4k 4096 2926 0 2926 7 4 3 3 0 8 3 mcl2k2 2112 145 0 145 4 3 1 1 0 8 1 mcl2k 2048 130534 0 130485 49 40 9 31 0 8 1 mtagpl 96 2631 0 2631 18 18 0 17 0 8 0 mbufpl 256 450188 0 450024 666 642 24 227 0 8 8 bufpl 280 49576 0 43200 456 0 456 456 0 8 0 anonpl 24 2420828 0 2407264 198 68 130 156 0 188 25 amapchunkpl 152 1342550 0 1341677 8683 8488 195 4422 0 158 158 amappl16 200 47947 0 47409 103 62 41 53 0 8 9 amappl15 192 163 0 160 1 0 1 1 0 8 0 amappl14 184 529 0 516 2 1 1 2 0 8 0 amappl13 176 35 0 34 2 1 1 1 0 8 0 amappl12 168 28839 0 28805 2 0 2 2 0 8 0 amappl11 160 104 0 92 1 0 1 1 0 8 0 amappl10 152 190 0 176 1 0 1 1 0 8 0 amappl9 144 300 0 300 3 2 1 1 0 8 1 amappl8 136 1085 0 965 5 0 5 5 0 8 0 amappl7 128 193 0 178 1 0 1 1 0 8 0 amappl6 120 2020 0 1996 2 1 1 2 0 8 0 amappl5 112 1185 0 1172 1 0 1 1 0 8 0 amappl4 104 1742 0 1706 3 1 2 2 0 8 0 amappl3 96 148513 0 148420 3 0 3 3 0 8 0 amappl2 88 28105 0 28029 4 2 2 4 0 8 0 amappl1 80 110014 0 109520 22 10 12 22 0 8 0 amappl 88 237290 0 236971 8 0 8 8 0 92 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 133 0 3 3 0 3 3 0 8 0 uaddrrnd 24 26908 0 26387 4 0 4 4 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 26908 0 26387 4 0 4 4 0 8 0 vmmpekpl 168 176884 0 176762 6 0 6 6 0 8 0 vmmpepl 168 1591109 0 1588016 236 65 171 171 0 357 16 vmsppl 352 26907 0 26387 49 1 48 48 0 8 0 rwobjpl 24 356225 0 348007 53 1 52 52 0 8 1 pdppl 4096 53822 0 53268 2008 1452 556 560 0 8 2 pvpl 32 7101763 0 7082378 537 314 223 389 0 265 32 pmappl 216 26907 0 26387 30 0 30 30 0 8 0 extentpl 40 56 0 38 1 0 1 1 0 8 0 phpool 112 3156 0 2241 29 0 29 29 0 8 2 ddb> machine ddbcpu 0 No such command ddb> trace ufs_lookup() at ufs_lookup+0x49b sys/ufs/ufs/ufs_lookup.c:279 VOP_LOOKUP(fffffd807cf80370,ffff800035dc7368,ffff800035dc7398) at VOP_LOOKUP+0x5c sys/kern/vfs_vops.c:85 vfs_lookup(ffff800035dc7338) at vfs_lookup+0x6df sys/kern/vfs_lookup.c:566 namei(ffff800035dc7338) at namei+0x56a sys/kern/vfs_lookup.c:250 dounlinkat(ffff80002a603d50,ffffff9c,76c965ee3410,8) at dounlinkat+0x9d sys/kern/vfs_syscalls.c:1855 syscall(ffff800035dc7500) at syscall+0x538 sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x76c965ee3400, count: -7 ddb> machine ddbcpu 1 No such command ddb> trace ufs_lookup() at ufs_lookup+0x49b sys/ufs/ufs/ufs_lookup.c:279 VOP_LOOKUP(fffffd807cf80370,ffff800035dc7368,ffff800035dc7398) at VOP_LOOKUP+0x5c sys/kern/vfs_vops.c:85 vfs_lookup(ffff800035dc7338) at vfs_lookup+0x6df sys/kern/vfs_lookup.c:566 namei(ffff800035dc7338) at namei+0x56a sys/kern/vfs_lookup.c:250 dounlinkat(ffff80002a603d50,ffffff9c,76c965ee3410,8) at dounlinkat+0x9d sys/kern/vfs_syscalls.c:1855 syscall(ffff800035dc7500) at syscall+0x538 sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x76c965ee3400, count: -7