uvm_fault(0xffffffff829e7068, 0xffff80001b78f004, 0, 1) -> d kernel: page fault trap, code=0 Stopped at ufs_lookup+0x4ce: movzwl 0x4(%r15,%r13,1),%ebx TID PID UID PRFLAGS PFLAGS CPU COMMAND *100149 3013 0 0 0x4000000 0K syz-executor.0 ufs_lookup() at ufs_lookup+0x4ce sys/ufs/ufs/ufs_lookup.c:281 VOP_LOOKUP(fffffd805d503028,ffff80002e407058,ffff80002e407088) at VOP_LOOKUP+0x58 sys/kern/vfs_vops.c:85 vfs_lookup(ffff80002e407028) at vfs_lookup+0x6e5 sys/kern/vfs_lookup.c:560 namei(ffff80002e407028) at namei+0x36a sys/kern/vfs_lookup.c:244 vn_open(ffff80002e407028,60f,0) at vn_open+0x188 sys/kern/vfs_vnops.c:107 doopenat(ffff8000212b0d28,ffffff9c,20000000,60e,0,ffff80002e407200) at doopenat+0x26a sys/kern/vfs_syscalls.c:1127 syscall(ffff80002e407280) at syscall+0x435 mi_syscall sys/sys/syscall_mi.h:101 [inline] syscall(ffff80002e407280) at syscall+0x435 sys/arch/amd64/amd64/trap.c:585 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x23064c813c0, count: 7 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb{0}> ddb{0}> set $lines = 0 ddb{0}> set $maxwidth = 0 ddb{0}> show panic *cpu0: uvm_fault(0xffffffff829e7068, 0xffff80001b78f004, 0, 1) -> d ddb{0}> trace ufs_lookup() at ufs_lookup+0x4ce sys/ufs/ufs/ufs_lookup.c:281 VOP_LOOKUP(fffffd805d503028,ffff80002e407058,ffff80002e407088) at VOP_LOOKUP+0x58 sys/kern/vfs_vops.c:85 vfs_lookup(ffff80002e407028) at vfs_lookup+0x6e5 sys/kern/vfs_lookup.c:560 namei(ffff80002e407028) at namei+0x36a sys/kern/vfs_lookup.c:244 vn_open(ffff80002e407028,60f,0) at vn_open+0x188 sys/kern/vfs_vnops.c:107 doopenat(ffff8000212b0d28,ffffff9c,20000000,60e,0,ffff80002e407200) at doopenat+0x26a sys/kern/vfs_syscalls.c:1127 syscall(ffff80002e407280) at syscall+0x435 mi_syscall sys/sys/syscall_mi.h:101 [inline] syscall(ffff80002e407280) at syscall+0x435 sys/arch/amd64/amd64/trap.c:585 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x23064c813c0, count: -8 ddb{0}> show registers rdi 0 rsi 0 rbp 0xffff80002e406c90 rbx 0 rdx 0 rcx 0xffffffff rax 0xfffffd807b34a6c0 r8 0xffffffffffffffff r9 0xfffffd807f7d7680 r10 0x30a7befa3cf4e60e r11 0xfdc5df8bb7588480 r12 0 r13 0 r14 0 r15 0xffff80001b78f000 rip 0xffffffff81f9e55e ufs_lookup+0x4ce cs 0x8 rflags 0x10246 __ALIGN_SIZE+0xf246 rsp 0xffff80002e406b90 ss 0x10 ufs_lookup+0x4ce: movzwl 0x4(%r15,%r13,1),%ebx ddb{0}> show proc PROC (syz-executor.0) pid=100149 stat=onproc flags process=0 proc=4000000 pri=32, usrpri=83, nice=20 forw=0xffffffffffffffff, list=0xffff8000289d8010,0xffff8000289d9520 process=0xffff8000ffff1d30 user=0xffff80002e402000, vmspace=0xfffffd805dfc65e0 estcpu=33, cpticks=0, pctcpu=0.0 user=0, sys=0, intr=0 ddb{0}> ps PID TID PPID UID S FLAGS WAIT COMMAND 29913 387081 85560 0 2 0 syz-executor.7 29913 36658 85560 0 3 0x4000080 fsleep syz-executor.7 34271 414131 79467 0 2 0 syz-executor.3 34271 291229 79467 0 3 0x4000080 fsleep syz-executor.3 34271 222866 79467 0 3 0x4000080 fsleep syz-executor.3 34271 61492 79467 0 3 0x4000080 fsleep syz-executor.3 3013 143584 45123 0 2 0 syz-executor.0 * 3013 100149 45123 0 7 0x4000000 syz-executor.0 52344 30102 67352 0 3 0x82 piperd syz-executor.6 45123 123927 67352 0 3 0x82 nanoslp syz-executor.0 34601 139710 0 0 3 0x14200 acct acct 98070 115815 67352 0 3 0x82 piperd syz-executor.4 79467 485237 67352 0 3 0x82 nanoslp syz-executor.3 85560 205444 67352 0 3 0x82 nanoslp syz-executor.7 2844 478888 67352 0 2 0x2 syz-executor.5 34325 366905 1 0 3 0x100083 ttyin getty 65800 359539 0 0 3 0x14280 nfsidl nfsio 37886 123018 0 0 3 0x14280 nfsidl nfsio 35048 51339 0 0 3 0x14280 nfsidl nfsio 72456 202604 0 0 3 0x14280 nfsidl nfsio 85525 34239 0 0 3 0x14280 nfsidl nfsio 47772 269270 0 0 3 0x14280 nfsidl nfsio 65914 435887 0 0 3 0x14280 nfsidl nfsio 12375 408762 0 0 3 0x14280 nfsidl nfsio 5318 340598 0 0 3 0x14280 nfsidl nfsio 86753 11616 0 0 3 0x14280 nfsidl nfsio 33095 28149 0 0 3 0x14280 nfsidl nfsio 50909 347055 0 0 3 0x14280 nfsidl nfsio 80255 207664 0 0 3 0x14280 nfsidl nfsio 56057 118619 0 0 3 0x14280 nfsidl nfsio 44603 404518 0 0 3 0x14280 nfsidl nfsio 76188 427392 0 0 3 0x14280 nfsidl nfsio 51891 84164 0 0 3 0x14280 nfsidl nfsio 36260 421766 0 0 3 0x14280 nfsidl nfsio 39237 174370 0 0 3 0x14280 nfsidl nfsio 76044 324718 0 0 3 0x14280 nfsidl nfsio 92238 381327 0 0 3 0x14200 bored sosplice 67352 273830 14244 0 3 0x82 wait syz-fuzzer 67352 206147 14244 0 3 0x4000082 nanoslp syz-fuzzer 67352 17474 14244 0 3 0x4000082 kqread syz-fuzzer 67352 344678 14244 0 3 0x4000082 thrsleep syz-fuzzer 67352 464805 14244 0 3 0x4000082 thrsleep syz-fuzzer 67352 384173 14244 0 3 0x4000082 thrsleep syz-fuzzer 67352 327451 14244 0 3 0x4000082 wait syz-fuzzer 67352 457484 14244 0 3 0x4000082 thrsleep syz-fuzzer 67352 386371 14244 0 3 0x4000082 thrsleep syz-fuzzer 67352 162522 14244 0 3 0x4000082 thrsleep syz-fuzzer 67352 377503 14244 0 3 0x4000082 thrsleep syz-fuzzer 67352 471985 14244 0 3 0x4000082 wait syz-fuzzer 67352 10198 14244 0 3 0x4000082 nanoslp syz-fuzzer 67352 45702 14244 0 3 0x4000082 wait syz-fuzzer 67352 299700 14244 0 3 0x4000082 wait syz-fuzzer 67352 403326 14244 0 3 0x4000082 wait syz-fuzzer 67352 378742 14244 0 3 0x4000082 thrsleep syz-fuzzer 14244 308013 71513 0 3 0x10008a sigsusp ksh 71513 78429 85583 0 3 0x9a kqread sshd 85583 38268 1 0 3 0x88 kqread sshd 76389 96122 21244 74 3 0x1100092 bpf pflogd 21244 504720 1 0 3 0x80 netio pflogd 13907 211998 46798 73 3 0x1100090 kqread syslogd 46798 305833 1 0 3 0x100082 netio syslogd 33872 6777 1 0 3 0x100080 kqread resolvd 82178 248953 71501 77 3 0x100092 kqread dhcpleased 29213 215488 71501 77 3 0x100092 kqread dhcpleased 71501 121318 1 0 3 0x80 kqread dhcpleased 43252 405177 0 0 3 0x14200 bored smr 59201 339368 0 0 2 0x14200 zerothread 95361 159174 0 0 3 0x14200 aiodoned aiodoned 99470 436336 0 0 3 0x14200 syncer update 84359 304770 0 0 3 0x14200 cleaner cleaner 24668 214907 0 0 3 0x14200 reaper reaper 87342 437394 0 0 3 0x14200 pgdaemon pagedaemon 3413 518409 0 0 3 0x14200 bored viomb 2396 14956 0 0 3 0x40014200 acpi0 acpi0 35157 2240 0 0 7 0x40014200 idle1 16005 205762 0 0 3 0x14200 bored softnet 68624 173969 0 0 3 0x14200 bored softnet 10804 4205 0 0 3 0x14200 bored softnet 7742 64605 0 0 3 0x14200 bored softnet 22308 423501 0 0 3 0x14200 bored systqmp 78630 240990 0 0 3 0x14200 bored systq 79441 231260 0 0 3 0x40014200 bored softclock 18561 111047 0 0 3 0x40014200 idle0 1 278726 0 0 3 0x80082 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb{0}> show all locks ddb{0}> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10261 6596K 8561K 78643K 91129 0 pcb 13 22K 26K 78643K 8653 0 rtable 283 32K 34K 78643K 12629 0 ifaddr 123 35K 43K 78643K 6015 0 sysctl 3 1K 2K 78643K 22 0 counters 56 35K 36K 78643K 2410 0 ioctlops 0 0K 8K 78643K 14860 0 iov 0 0K 28K 78643K 6075 0 mount 1 1K 1K 78643K 1 0 log 0 0K 0K 78643K 4 0 vnodes 1785 112K 112K 78643K 29491 0 UFS quota 1 32K 32K 78643K 1 0 UFS mount 5 36K 36K 78643K 5 0 shm 2 1K 9K 78643K 624 0 VM map 2 1K 1K 78643K 2 0 sem 19 28K 56K 78643K 1661 0 dirhash 12 2K 2K 78643K 12 0 ACPI 1697 195K 286K 78643K 12548 0 file desc 11 37K 89K 78643K 58870 0 sigio 0 0K 0K 78643K 4078 0 proc 74 91K 140K 78643K 9399 0 subproc 78 4K 8K 78643K 2943 0 NFS srvsock 1 0K 0K 78643K 1 0 NFS daemon 1 16K 16K 78643K 1 0 ip_moptions 1 0K 0K 78643K 2734 0 in_multi 74 5K 7K 78643K 4050 0 ether_multi 1 0K 0K 78643K 274 0 mrt 2 0K 0K 78643K 195 0 ISOFS mount 1 32K 32K 78643K 1 0 MSDOSFS mount 1 16K 16K 78643K 1 0 ttys 349 1553K 1553K 78643K 349 0 exec 0 0K 2K 78643K 12797 0 pfkey data 0 0K 0K 78643K 28 0 tdb 3 0K 0K 78643K 3 0 pagedep 1 8K 8K 78643K 1 0 inodedep 1 32K 32K 78643K 1 0 newblk 1 0K 0K 78643K 1 0 VM swap 8 62K 62K 78643K 8 0 UVM amap 888 2431K 2467K 78643K 347672 0 UVM aobj 133 4K 4K 78643K 146 0 memdesc 1 4K 4K 78643K 1 0 crypto data 1 1K 1K 78643K 1 0 ip6_options 0 0K 0K 78643K 2497 0 NDP 16 0K 1K 78643K 1582 0 temp 138 4726K 70263K 78643K 609500 0 kqueue 12 18K 28K 78643K 4281 0 SYN cache 2 16K 16K 78643K 2 0 ddb{0}> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle plcache 128 22 0 0 1 0 1 1 0 8 0 rtpcb 120 3603 0 3600 48 47 1 4 0 8 0 rtentry 112 3635 0 3547 7 3 4 4 0 8 0 unpcb 144 39075 0 39060 408 402 6 10 0 8 5 syncache 296 34 0 34 7 7 0 1 0 8 0 tcpqe 32 752 0 752 4 4 0 1 0 8 0 tcpcb 768 15353 0 15341 596 591 5 27 0 8 3 arp 120 566 0 551 1 0 1 1 0 8 0 inpcb 320 46909 0 46897 680 673 7 20 0 8 5 nd6 48 811 0 792 1 0 1 1 0 8 0 pkpcb 40 553 0 553 42 41 1 1 0 8 1 kcovpl 48 223 0 217 1 0 1 1 0 8 0 ppxss 1256 734 0 734 75 74 1 1 0 8 1 pfstscr 40 222 0 221 10 9 1 1 0 8 0 pffrag 232 471 0 467 14 13 1 1 0 482 0 pffrnode 88 470 0 466 14 13 1 1 0 8 0 pffrent 40 1285 0 1281 16 15 1 1 0 8 0 pfosfp 40 1441 0 1440 6 5 1 5 0 8 0 pfosfpen 112 1441 0 1440 22 21 1 21 0 8 0 pfrke_plain 168 49 0 49 11 10 1 1 0 8 1 pfrktable 1344 792 0 762 11 8 3 3 0 8 0 pfanchor 1280 502 0 176 30 2 28 28 0 8 0 pftag 88 126 0 110 1 0 1 1 0 8 0 pfqueue 264 21 0 21 5 5 0 1 0 8 0 pfstitem 24 273 0 269 1 0 1 1 0 8 0 pfstkey 120 659 0 655 3 2 1 2 0 8 0 pfstate 336 461 0 458 7 6 1 4 0 8 0 pfrule 1360 1221 0 1031 25 9 16 16 0 8 0 rttmr 136 32 0 32 11 11 0 1 0 8 0 art_heap8 4096 4 0 3 4 3 1 3 0 8 0 art_heap4 256 17750 0 17392 136 108 28 31 0 8 0 art_table 32 17754 0 17395 7 3 4 4 0 8 0 art_node 16 3518 0 3443 1 0 1 1 0 8 0 sysvmsgpl 40 21 0 4 1 0 1 1 0 8 0 semupl 112 3 0 3 1 1 0 1 0 8 0 semapl 112 1644 0 1627 1 0 1 1 0 8 0 shmpl 112 143 0 15 4 0 4 4 0 8 0 dirhash 1024 17 0 0 3 0 3 3 0 8 0 dino2pl 256 88631 0 86945 106 0 106 106 0 8 0 ffsino 272 88631 0 86945 113 0 113 113 0 8 0 nchpl 144 173232 0 171577 63 0 63 63 0 8 0 rtmask 32 107 0 107 16 15 1 1 0 8 1 uvmvnodes 80 8641 0 0 177 0 177 177 0 8 0 vnodes 216 8641 0 0 481 0 481 481 0 8 0 namei 1024 612732 0 612731 26 25 1 2 0 8 0 percpumem 16 1217 0 1177 1 0 1 1 0 8 0 vcpupl 2048 512 0 0 64 0 64 64 0 8 0 vmpool 568 1138 0 626 37 0 37 37 0 8 0 pfiaddrpl 120 526 0 457 8 5 3 3 0 8 0 kstatmem 264 1900 0 1868 4 1 3 3 0 8 0 scsiplug 72 52 0 52 15 15 0 1 0 8 0 scxspl 216 602362 0 602362 121 120 1 8 0 8 1 plimitpl 152 6778 0 6765 1 0 1 1 0 8 0 sigapl 424 58926 0 58863 15 7 8 9 0 8 0 futexpl 64 579802 0 579798 8 7 1 1 0 8 0 knotepl 120 2468 0 0 15 0 15 15 0 8 0 kqueuepl 216 10582 0 10573 161 160 1 8 0 8 0 pipepl 320 11286 0 11262 265 262 3 14 0 8 0 fdescpl 496 58731 0 58707 8 4 4 5 0 8 0 filepl 152 409455 0 409247 598 582 16 21 0 8 6 lockfpl 104 15671 0 15668 34 33 1 2 0 8 0 lockfspl 48 4436 0 4433 1 0 1 1 0 8 0 sessionpl 144 247 0 232 1 0 1 1 0 8 0 pgrppl 48 998 0 983 1 0 1 1 0 8 0 ucredpl 104 48428 0 48408 1 0 1 1 0 8 0 zombiepl 144 58863 0 58863 7 6 1 1 0 8 1 processpl 1064 58926 0 58863 5 0 5 5 0 8 0 procpl 672 168261 0 168177 70 61 9 10 0 8 0 srpgc 96 316 0 316 82 81 1 1 0 8 1 sosppl 168 422 0 422 67 66 1 1 0 8 1 sockpl 488 90195 0 90168 1791 1770 21 37 0 8 17 mcl64k 65536 33 0 0 5 2 3 3 0 8 0 mcl16k 16384 17 0 0 3 0 3 3 0 8 0 mcl12k 12288 57 0 0 2 0 2 2 0 8 0 mcl9k 9216 24 0 0 2 0 2 2 0 8 0 mcl8k 8192 65 0 0 4 1 3 3 0 8 0 mcl4k 4096 90 0 0 9 6 3 5 0 8 0 mcl2k2 2112 15 0 0 1 0 1 1 0 8 0 mcl2k 2048 928 0 0 52 26 26 52 0 8 0 mtagpl 96 1997 0 0 16 0 16 16 0 8 0 mbufpl 256 4260 0 0 245 0 245 245 0 8 0 bufpl 288 122992 0 114423 618 0 618 618 0 8 0 anonpl 24 11893991 0 11863196 1081 861 220 303 0 186 4 amapchunkpl 152 1010521 0 1009636 262 219 43 69 0 158 3 amappl16 200 177935 0 176493 627 546 81 94 0 8 0 amappl15 192 8706 0 8700 1 0 1 1 0 8 0 amappl14 184 5421 0 5408 1 0 1 1 0 8 0 amappl13 176 8308 0 8306 1 0 1 1 0 8 0 amappl12 168 6576 0 6567 1 0 1 1 0 8 0 amappl11 160 10415 0 10396 6 4 2 2 0 8 0 amappl10 152 9074 0 9066 1 0 1 1 0 8 0 amappl9 144 8074 0 8070 1 0 1 1 0 8 0 amappl8 136 11968 0 11677 12 1 11 11 0 8 0 amappl7 128 7647 0 7621 1 0 1 1 0 8 0 amappl6 120 9328 0 9302 2 1 1 2 0 8 0 amappl5 112 49054 0 49039 1 0 1 1 0 8 0 amappl4 104 25508 0 25463 7 5 2 2 0 8 0 amappl3 96 186340 0 186292 3 1 2 2 0 8 0 amappl2 88 15235 0 15184 8 6 2 2 0 8 0 amappl1 80 1452557 0 1451948 25 9 16 20 0 8 0 amappl 88 341948 0 341621 11 2 9 9 0 92 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 145 0 13 3 0 3 3 0 8 0 uaddrrnd 24 59870 0 59334 4 0 4 4 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 59870 0 59334 4 0 4 4 0 8 0 vmmpekpl 168 398893 0 398770 8 1 7 7 0 8 0 vmmpepl 168 5870560 0 5865970 807 566 241 269 0 357 1 vmsppl 368 59869 0 59334 54 4 50 50 0 8 0 rwobjpl 56 1420559 0 1408968 240 71 169 170 0 8 0 pdppl 4096 119747 0 119180 2584 2003 581 585 0 8 14 pvpl 32 22660262 0 22639823 1232 1015 217 346 0 265 1 pmappl 248 59869 0 59334 38 4 34 35 0 8 0 extentpl 40 56 0 38 1 0 1 1 0 8 0 phpool 112 4136 0 2269 55 1 54 54 0 8 0 ddb{0}> machine ddbcpu 0 Invalid cpu 0 ddb{0}> trace ufs_lookup() at ufs_lookup+0x4ce sys/ufs/ufs/ufs_lookup.c:281 VOP_LOOKUP(fffffd805d503028,ffff80002e407058,ffff80002e407088) at VOP_LOOKUP+0x58 sys/kern/vfs_vops.c:85 vfs_lookup(ffff80002e407028) at vfs_lookup+0x6e5 sys/kern/vfs_lookup.c:560 namei(ffff80002e407028) at namei+0x36a sys/kern/vfs_lookup.c:244 vn_open(ffff80002e407028,60f,0) at vn_open+0x188 sys/kern/vfs_vnops.c:107 doopenat(ffff8000212b0d28,ffffff9c,20000000,60e,0,ffff80002e407200) at doopenat+0x26a sys/kern/vfs_syscalls.c:1127 syscall(ffff80002e407280) at syscall+0x435 mi_syscall sys/sys/syscall_mi.h:101 [inline] syscall(ffff80002e407280) at syscall+0x435 sys/arch/amd64/amd64/trap.c:585 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x23064c813c0, count: -8 ddb{0}> machine ddbcpu 1 Stopped at x86_ipi_db+0x1a: addq $0x8,%rsp x86_ipi_db(ffff800020dd8ff0) at x86_ipi_db+0x1a sys/arch/amd64/amd64/db_interface.c:393 x86_ipi_handler() at x86_ipi_handler+0xb7 sys/arch/amd64/amd64/ipi.c:106 Xresume_lapic_ipi() at Xresume_lapic_ipi+0x23 acpicpu_idle() at acpicpu_idle+0x312 sys/dev/acpi/acpicpu.c:1206 sched_idle(ffff800020dd8ff0) at sched_idle+0x417 sys/kern/kern_sched.c:175 end trace frame: 0x0, count: 10 ddb{1}> trace x86_ipi_db(ffff800020dd8ff0) at x86_ipi_db+0x1a sys/arch/amd64/amd64/db_interface.c:393 x86_ipi_handler() at x86_ipi_handler+0xb7 sys/arch/amd64/amd64/ipi.c:106 Xresume_lapic_ipi() at Xresume_lapic_ipi+0x23 acpicpu_idle() at acpicpu_idle+0x312 sys/dev/acpi/acpicpu.c:1206 sched_idle(ffff800020dd8ff0) at sched_idle+0x417 sys/kern/kern_sched.c:175 end trace frame: 0x0, count: -5