uvm_fault(0xffffffff83aa4e68, 0xffff800028c72004, 0, 1) -> d kernel: page fault trap, code=0 Stopped at ufs_readdir+0x26e: movzwl 0x4(%r14),%ebx TID PID UID PRFLAGS PFLAGS CPU COMMAND *198304 82325 0 0x2 0 0 syz-executor ufs_readdir(ffff80002a7d1940) at ufs_readdir+0x26e sys/ufs/ufs/ufs_vnops.c:1397 VOP_READDIR(fffff4006b39b520,ffff80002a7d19c8,fffff40007ffd7b8,ffff80002a7d1a0c) at VOP_READDIR+0x125 sys/kern/vfs_vops.c:453 sys_getdents(ffff80002a7667d8,ffff80002a7d1b50,ffff80002a7d1aa0) at sys_getdents+0x2dd sys/kern/vfs_syscalls.c:3132 syscall(ffff80002a7d1b50) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80002a7d1b50) at syscall+0x962 sys/arch/amd64/amd64/trap.c:783 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x71e0181f39a0, count: 10 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic *cpu0: uvm_fault(0xffffffff83aa4e68, 0xffff800028c72004, 0, 1) -> d ddb> trace ufs_readdir(ffff80002a7d1940) at ufs_readdir+0x26e sys/ufs/ufs/ufs_vnops.c:1397 VOP_READDIR(fffff4006b39b520,ffff80002a7d19c8,fffff40007ffd7b8,ffff80002a7d1a0c) at VOP_READDIR+0x125 sys/kern/vfs_vops.c:453 sys_getdents(ffff80002a7667d8,ffff80002a7d1b50,ffff80002a7d1aa0) at sys_getdents+0x2dd sys/kern/vfs_syscalls.c:3132 syscall(ffff80002a7d1b50) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80002a7d1b50) at syscall+0x962 sys/arch/amd64/amd64/trap.c:783 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x71e0181f39a0, count: -5 ddb> show registers rdi 0x200 rsi 0x800 rbp 0xffff80002a7d1930 rbx 0x200 rdx 0 rcx 0xfffff4006b157bf8 rax 0xffff800028c72200 r8 0xffffffffffffffff r9 0x3 r10 0x97ef9e7cb23ff251 r11 0xe59900c96e2cb226 r12 0 r13 0xffff80002a7d19c8 r14 0xffff800028c72000 r15 0xffff800028c72008 rip 0xffffffff820acabe ufs_readdir+0x26e cs 0x8 rflags 0x10283 __ALIGN_SIZE+0xf283 rsp 0xffff80002a7d1780 ss 0x10 ufs_readdir+0x26e: movzwl 0x4(%r14),%ebx ddb> show proc PROC (syz-executor) tid=198304 pid=82325 tcnt=1 stat=onproc flags process=2 proc=0 runpri=32, usrpri=50, slppri=32, nice=20 wchan=0x0, wmesg=, ps_single=0x0 scnt=0 ecnt=0 forw=0xffffffffffffffff, list=0xffff80002a766a70,0xffff80002a766d18 process=0xffff80002a79c010 user=0xffff80002a7cc000, vmspace=0xfffff4007ec60a10 estcpu=36, cpticks=14, pctcpu=0.2, user=0, sys=12, intr=1 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 38924 253888 48759 0 3 0x80 nanoslp syz-executor 38924 519703 48759 0 3 0x4000000 smrbar syz-executor 38924 373653 48759 0 3 0x4000080 fsleep syz-executor 27751 307900 7529 0 3 0x80 nanoslp syz-executor 27751 281280 7529 0 3 0x4000080 klog syz-executor 48759 156720 3087 0 3 0x82 nanoslp syz-executor 43535 146619 45644 0 3 0x80 nanoslp syz-executor 43535 174201 45644 0 3 0x4000080 msgwait syz-executor 43535 102619 45644 0 3 0x4000080 fsleep syz-executor 37349 10473 66840 -1 3 0x3010 suspend syz-executor 37349 121234 66840 -1 3 0x4081010 mcl2k syz-executor 66840 100666 3087 0 2 0xc82 syz-executor 65000 88216 42397 0 3 0x3000 suspend syz-executor 65000 270023 42397 0 3 0x4081000 mcl2k syz-executor 36636 78817 1 0 3 0x82 nanoslp getty 65798 475403 81407 0 3 0x3000 suspend syz-executor 65798 55228 81407 0 3 0x4081000 mcl2k syz-executor 42397 301793 3087 0 3 0x82 wait syz-executor 7529 496263 3087 0 3 0x82 nanoslp syz-executor 81407 363444 3087 0 3 0x82 wait syz-executor 81606 454570 3087 0 3 0x82 nanoslp syz-executor 45644 15968 3087 0 2 0xc82 syz-executor *82325 198304 3087 0 7 0x2 syz-executor 3087 453251 1 0 2 0x2 syz-executor 84053 415553 0 0 3 0x14200 bored smr 85504 443444 0 0 2 0x14200 zerothread 73545 7808 0 0 3 0x14200 aiodoned aiodoned 68587 120641 0 0 3 0x14200 syncer update 98423 504836 0 0 3 0x14200 cleaner cleaner 68759 338410 0 0 3 0x14200 reaper reaper 80103 23508 0 0 3 0x14200 pgdaemon pagedaemon 78397 102645 0 0 3 0x14200 bored viomb 59377 357144 0 0 3 0x40014200 acpi0 acpi0 11336 96078 0 0 2 0x14200 softnet0 31959 318257 0 0 3 0x14200 bored systqmp 20421 9356 0 0 3 0x14200 bored systq 62407 3152 0 0 3 0x40014200 tmoslp softclock 96369 215028 0 0 3 0x40014200 idle0 1 218782 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 11036 12174K 12446K 166960K 13246 0 pcb 18 14K 15K 166960K 198 0 rtable 240 9K 9K 166960K 534 0 pf 39 14K 93K 166960K 111 0 ifaddr 43 7K 8K 166960K 86 0 ifgroup 56 2K 2K 166960K 118 0 sysctl 4 1K 9K 166960K 12 0 counters 35 18K 18K 166960K 102 0 ioctlops 0 0K 4K 166960K 375 0 iov 0 0K 12K 166960K 235 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1422 89K 89K 166960K 2329 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 1K 5K 166960K 16 0 VM map 2 1K 1K 166960K 2 0 sem 11 0K 0K 166960K 62 0 dirhash 12 2K 2K 166960K 21 0 ACPI 1692 195K 286K 166960K 12470 0 file desc 16 61K 240K 166960K 957 0 sigio 0 0K 0K 166960K 11 0 proc 23 33K 108K 166960K 645 0 subproc 72 4K 4K 166960K 90 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 2 0K 0K 166960K 77 0 in_multi 99 7K 7K 166960K 147 0 ether_multi 1 0K 0K 166960K 2 0 mrt 0 0K 0K 166960K 21 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 85 387K 387K 166960K 85 0 exec 0 0K 1K 166960K 455 0 fusefs mount 1 32K 32K 166960K 1 0 pfkey data 0 0K 0K 166960K 1 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 144 82K 169K 166960K 9679 0 UVM aobj 125 4K 4K 166960K 129 0 pinsyscall 19 38K 94K 166960K 2101 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 0K 166960K 32 0 NDP 15 0K 1K 166960K 61 0 temp 53 9115K 9184K 166960K 31729 0 kqueue 2 4K 30K 166960K 182 0 SYN cache 2 16K 16K 166960K 2 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle rtpcb 120 163 0 163 1 0 1 1 0 8 1 rtentry 136 159 0 59 4 0 4 4 0 8 0 unpcb 144 616 0 608 4 0 4 4 0 8 3 syncache 336 6 0 6 1 0 1 1 0 8 1 tcpcb 736 356 0 354 7 0 7 7 0 8 5 arp 96 23 0 7 1 0 1 1 0 8 0 ipq 40 2 0 2 1 0 1 1 0 8 1 ipqe 40 4 0 4 1 0 1 1 0 8 1 inpcb 328 1099 0 1094 7 0 7 7 0 8 5 ip6q 72 2 0 1 1 0 1 1 0 8 0 ip6af 40 3 0 2 1 0 1 1 0 8 0 nd6 112 39 0 13 1 0 1 1 0 8 0 pkpcb 40 10 0 10 1 0 1 1 0 8 1 kcovpl 48 10 0 2 1 0 1 1 0 8 0 mppekey 1024 3 0 3 1 0 1 1 0 8 1 ppxss 1072 64 0 63 1 0 1 1 0 8 0 pppxif 1416 1 0 1 1 0 1 1 0 8 1 pfstscr 40 8 0 4 1 0 1 1 0 8 0 pffrag 232 7 0 2 1 0 1 1 0 482 0 pffrnode 88 7 0 2 1 0 1 1 0 8 0 pffrent 40 11 0 6 1 0 1 1 0 8 0 pfrktable 1344 5 0 5 1 0 1 1 0 8 1 pfsrclim 320 1 0 1 1 0 1 1 0 8 1 pfstlim 224 1 0 1 1 0 1 1 0 8 1 pfanchor 1288 2 0 2 1 0 1 1 0 8 1 pftag 88 7 0 6 1 0 1 1 0 8 0 pfqueue 320 2 0 0 1 0 1 1 0 8 0 pfstitem 24 5 0 0 1 0 1 1 0 8 0 pfstkey 128 10 0 5 1 0 1 1 0 8 0 pfstate 384 6 0 3 1 0 1 1 0 8 0 pfrule 1360 6 0 6 1 0 1 1 0 8 1 rttmr 136 2 0 2 1 0 1 1 0 8 1 art_heap8 4096 2 0 0 2 0 2 2 0 8 0 art_heap4 256 635 0 191 30 0 30 30 0 8 2 art_table 40 637 0 191 5 0 5 5 0 8 0 art_node 32 157 0 68 1 0 1 1 0 8 0 sysvmsgpl 40 9 0 8 1 0 1 1 0 8 0 semupl 112 1 0 1 1 0 1 1 0 8 1 semapl 72 58 0 49 1 0 1 1 0 8 0 shmpl 112 126 0 4 4 0 4 4 0 8 0 dirhash 1024 23 0 6 3 0 3 3 0 8 0 dino2pl 256 3071 0 1612 92 0 92 92 0 8 0 ffsino 256 3071 0 1612 92 0 92 92 0 8 0 nchpl 144 4352 0 2644 64 0 64 64 0 8 0 rtmask 32 3 0 3 1 0 1 1 0 8 1 vnodes 216 3797 0 0 211 0 211 211 0 8 0 namei 1024 15178 0 15178 2 0 2 2 0 8 2 pfiaddrpl 120 1 0 1 1 0 1 1 0 8 1 kstatmem 264 79 0 52 2 0 2 2 0 8 0 scsiplug 72 3 0 3 1 0 1 1 0 8 1 scxspl 216 21768 0 21768 8 0 8 8 1 8 8 plimitpl 152 133 0 121 1 0 1 1 0 8 0 sigapl 424 1227 0 1195 6 0 6 6 0 8 1 knotepl 120 38162 0 38141 16 6 10 16 0 8 8 kqueuepl 184 424 0 422 4 0 4 4 0 8 3 pipepl 304 178 0 150 3 0 3 3 0 8 0 fdescpl 448 1214 0 1195 5 0 5 5 0 8 1 filepl 120 7339 0 7164 13 0 13 13 0 8 5 lockfpl 104 487 0 487 2 0 2 2 0 8 2 lockfspl 48 156 0 156 1 0 1 1 0 8 1 sessionpl 144 95 0 93 1 0 1 1 0 8 0 pgrppl 48 112 0 102 1 0 1 1 0 8 0 ucredpl 104 1135 0 1130 1 0 1 1 0 8 0 zombiepl 144 1199 0 1195 1 0 1 1 0 8 0 processpl 1152 1227 0 1195 4 0 4 4 0 8 0 procpl 664 2355 0 2315 6 0 6 6 0 8 1 sosppl 176 3 0 3 1 0 1 1 0 8 1 sockpl 552 1920 0 1907 8 0 8 8 0 8 5 mcl64k 65536 50 0 49 1 0 1 1 0 8 0 mcl16k 16384 1 0 1 1 0 1 1 0 8 1 mcl12k 12288 3 0 3 1 0 1 1 0 8 1 mcl8k 8192 10 0 10 1 0 1 1 0 8 1 mcl4k 4096 3626 0 3572 14 0 14 14 0 8 6 mcl2k 2048 497 572 496 1 0 1 1 0 8 0 mtagpl 96 8 0 6 1 0 1 1 0 8 0 mbufpl 256 12687 0 12504 16 0 16 16 0 8 2 bufpl 272 8088 0 1872 415 0 415 415 0 8 0 anonpl 24 177022 0 175319 54 0 54 54 0 186 18 amapchunkpl 152 32797 0 32403 34 0 34 34 0 158 14 amappl16 200 3159 0 3132 15 0 15 15 0 8 7 amappl15 192 28 0 28 1 0 1 1 0 8 1 amappl14 184 441 0 441 1 0 1 1 0 8 1 amappl13 176 125 0 124 1 0 1 1 0 8 0 amappl12 168 1460 0 1442 2 0 2 2 0 8 0 amappl11 160 5 0 5 1 0 1 1 0 8 1 amappl10 152 64 0 64 1 0 1 1 0 8 1 amappl9 144 271 0 271 1 0 1 1 0 8 1 amappl8 136 102 0 102 1 0 1 1 0 8 1 amappl7 128 153 0 151 1 0 1 1 0 8 0 amappl6 120 173 0 172 1 0 1 1 0 8 0 amappl5 112 92 0 91 1 0 1 1 0 8 0 amappl4 104 283 0 279 1 0 1 1 0 8 0 amappl3 96 6598 0 6511 4 0 4 4 0 8 0 amappl2 88 557 0 547 2 0 2 2 0 8 0 amappl1 80 13549 0 13432 13 0 13 13 0 8 6 amappl 88 8784 0 8654 5 0 5 5 0 92 0 uvmvnodes 80 125 0 0 3 0 3 3 0 8 0 dma65536 65536 1 0 1 1 0 1 1 0 8 1 dma4096 4096 1 0 1 1 0 1 1 0 8 1 dma2048 2048 1 0 1 1 0 1 1 0 8 1 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 7 0 7 1 0 1 1 0 8 1 dma128 128 254 0 254 1 0 1 1 0 8 1 dma64 64 6 0 6 1 0 1 1 0 8 1 dma32 32 7 0 7 1 0 1 1 0 8 1 dma16 16 20 0 19 1 0 1 1 0 8 0 aobjpl 72 128 0 4 3 0 3 3 0 8 0 uaddrrnd 24 1214 0 1195 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 1214 0 1195 1 0 1 1 0 8 0 vmmpekpl 168 10962 0 10918 2 0 2 2 0 8 0 vmmpepl 168 82956 0 82081 91 0 91 91 0 357 41 vmsppl 368 1213 0 1195 4 0 4 4 0 8 1 rwobjpl 40 23704 0 23112 13 0 13 13 0 8 0 pdppl 4096 2434 0 2390 96 46 50 80 0 8 6 pvpl 32 510505 0 505459 122 0 122 122 0 265 43 pmappl 216 1213 0 1195 3 0 3 3 0 8 0 extentpl 40 45 0 27 1 0 1 1 0 8 0 phpool 112 790 0 46 22 0 22 22 0 8 0 ddb> machine ddbcpu 0 No such command ddb> trace ufs_readdir(ffff80002a7d1940) at ufs_readdir+0x26e sys/ufs/ufs/ufs_vnops.c:1397 VOP_READDIR(fffff4006b39b520,ffff80002a7d19c8,fffff40007ffd7b8,ffff80002a7d1a0c) at VOP_READDIR+0x125 sys/kern/vfs_vops.c:453 sys_getdents(ffff80002a7667d8,ffff80002a7d1b50,ffff80002a7d1aa0) at sys_getdents+0x2dd sys/kern/vfs_syscalls.c:3132 syscall(ffff80002a7d1b50) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80002a7d1b50) at syscall+0x962 sys/arch/amd64/amd64/trap.c:783 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x71e0181f39a0, count: -5 ddb>