uvm_fault(0xffffffff838fa3f8, 0xffff800029f22004, 0, 1) -> d kernel: page fault trap, code=0 Stopped at ufs_lookup+0x613: movzwl 0x4(%r15,%r14,1),%ebx TID PID UID PRFLAGS PFLAGS CPU COMMAND * 97206 52623 0 0 0x4000000 0 syz-executor ufs_lookup() at ufs_lookup+0x613 sys/ufs/ufs/ufs_lookup.c:279 VOP_LOOKUP(fffffd806de8d538,ffff80003c97b3c8,ffff80003c97b3f8) at VOP_LOOKUP+0x6e sys/kern/vfs_vops.c:85 vfs_lookup(ffff80003c97b398) at vfs_lookup+0x921 sys/kern/vfs_lookup.c:566 namei(ffff80003c97b398) at namei+0x7ca sys/kern/vfs_lookup.c:250 dounlinkat(ffff80003c9e0a90,ffffff9c,200000000040,0) at dounlinkat+0xc1 sys/kern/vfs_syscalls.c:1868 syscall(ffff80003c97b560) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80003c97b560) at syscall+0x962 sys/arch/amd64/amd64/trap.c:748 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x49bbd197ea0, count: 8 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic *cpu0: uvm_fault(0xffffffff838fa3f8, 0xffff800029f22004, 0, 1) -> d ddb> trace ufs_lookup() at ufs_lookup+0x613 sys/ufs/ufs/ufs_lookup.c:279 VOP_LOOKUP(fffffd806de8d538,ffff80003c97b3c8,ffff80003c97b3f8) at VOP_LOOKUP+0x6e sys/kern/vfs_vops.c:85 vfs_lookup(ffff80003c97b398) at vfs_lookup+0x921 sys/kern/vfs_lookup.c:566 namei(ffff80003c97b398) at namei+0x7ca sys/kern/vfs_lookup.c:250 dounlinkat(ffff80003c9e0a90,ffffff9c,200000000040,0) at dounlinkat+0xc1 sys/kern/vfs_syscalls.c:1868 syscall(ffff80003c97b560) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80003c97b560) at syscall+0x962 sys/arch/amd64/amd64/trap.c:748 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x49bbd197ea0, count: -7 ddb> show registers rdi 0 rsi 0x2 rbp 0xffff80003c97b1d0 rbx 0 rdx 0xffff80000145f900 rcx 0xffffffff rax 0xffff80003c9e0a90 r8 0xffffffffffffffff r9 0xfffffd8007bfb820 r10 0x9eaa48c8f099d3cf r11 0x97d7c6ff9070ff42 r12 0xfffffd8068824b08 r13 0 r14 0 r15 0xffff800029f22000 rip 0xffffffff81ad8853 ufs_lookup+0x613 cs 0x8 rflags 0x10246 __ALIGN_SIZE+0xf246 rsp 0xffff80003c97b0e0 ss 0x10 ufs_lookup+0x613: movzwl 0x4(%r15,%r14,1),%ebx ddb> show proc PROC (syz-executor) tid=97206 pid=52623 tcnt=2 stat=onproc flags process=0 proc=4000000 runpri=32, usrpri=86, slppri=32, nice=20 wchan=0x0, wmesg=, ps_single=0x0 scnt=0 ecnt=0 forw=0xffffffffffffffff, list=0xffff80003c9e1a20,0xffff80002a7aad20 process=0xffff80003c9ac920 user=0xffff80003c976000, vmspace=0xfffffd806becb748 estcpu=36, cpticks=3, pctcpu=0.0, user=0, sys=3, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 52623 158914 12639 0 2 0 syz-executor *52623 97206 12639 0 7 0x4000000 syz-executor 64897 263069 5532 0 2 0 syz-executor 64897 402952 5532 0 3 0x4000080 kqsel syz-executor 64897 251685 5532 0 3 0x4000000 clonelk syz-executor 42707 122062 0 0 3 0x14200 acct acct 20147 288757 84641 0 3 0x80 nanoslp syz-executor 20147 242748 84641 0 3 0x4000080 ttyretype syz-executor 20147 392086 84641 0 3 0x4000080 fsleep syz-executor 1930 265647 0 0 3 0x14280 nfsidl nfsio 38524 292032 0 0 3 0x14280 nfsidl nfsio 71399 255308 0 0 3 0x14280 nfsidl nfsio 72663 198506 0 0 3 0x14280 nfsidl nfsio 54249 45282 0 0 3 0x14280 nfsidl nfsio 2253 150799 0 0 3 0x14280 nfsidl nfsio 93106 18693 0 0 3 0x14280 nfsidl nfsio 93598 165402 0 0 3 0x14280 nfsidl nfsio 45189 341426 0 0 3 0x14280 nfsidl nfsio 30977 438909 0 0 3 0x14280 nfsidl nfsio 68458 180155 0 0 3 0x14280 nfsidl nfsio 71157 196327 0 0 3 0x14280 nfsidl nfsio 91932 414632 0 0 3 0x14280 nfsidl nfsio 98555 396793 0 0 3 0x14280 nfsidl nfsio 762 464720 0 0 3 0x14280 nfsidl nfsio 34083 319875 0 0 3 0x14280 nfsidl nfsio 32818 155658 0 0 3 0x14280 nfsidl nfsio 4781 513691 0 0 3 0x14280 nfsidl nfsio 81169 262357 0 0 3 0x14280 nfsidl nfsio 18590 23951 0 0 3 0x14280 nfsidl nfsio 31962 185044 35415 0 3 0x80 nanoslp syz-executor 31962 426822 35415 0 3 0x4000080 kqsel syz-executor 31962 454138 35415 0 3 0x4000080 fsleep syz-executor 31962 475357 35415 0 3 0x4000080 fsleep syz-executor 34428 394557 0 0 3 0x14200 bored sosplice 35415 481619 48092 0 3 0x82 nanoslp syz-executor 84641 1827 48092 0 3 0x82 nanoslp syz-executor 44947 132051 48092 0 3 0x82 wait syz-executor 12639 339322 48092 0 3 0x82 nanoslp syz-executor 5532 296128 48092 0 3 0x82 nanoslp syz-executor 48092 100634 83065 0 3 0x82 wait syz-executor 83065 137219 47400 0 3 0x10008a sigsusp ksh 47400 93498 6345 0 3 0x98 kqread sshd-session 6345 488940 30754 0 3 0x92 kqread sshd-session 23240 148850 1 0 3 0x100083 ttyopn getty 30754 298498 1 0 3 0x88 kqread sshd 94538 321901 74500 73 3 0x1100090 kqread syslogd 74500 83000 1 0 3 0x100082 sbwait syslogd 75076 230588 1 0 3 0x100080 kqread resolvd 95244 334309 9422 77 3 0x100092 kqread dhcpleased 966 416271 9422 77 3 0x100092 kqread dhcpleased 9422 8087 1 0 3 0x80 kqread dhcpleased 83112 484661 0 0 3 0x14200 bored smr 61532 96472 0 0 2 0x14200 zerothread 51441 260061 0 0 3 0x14200 aiodoned aiodoned 21089 395828 0 0 3 0x14200 syncer update 25039 60107 0 0 3 0x14200 cleaner cleaner 88805 417476 0 0 3 0x14200 reaper reaper 3118 145451 0 0 3 0x14200 pgdaemon pagedaemon 15086 60413 0 0 3 0x14200 bored viomb 88378 17189 0 0 3 0x40014200 acpi0 acpi0 4256 185330 0 0 3 0x14200 bored softnet0 2940 476196 0 0 3 0x14200 bored systqmp 90880 351319 0 0 3 0x14200 bored systq 16968 471664 0 0 3 0x40014200 tmoslp softclock 59777 473541 0 0 3 0x40014200 idle0 1 383929 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10192 11297K 11364K 166960K 11650 0 pcb 18 12K 12K 166960K 64 0 rtable 203 6K 7K 166960K 300 0 pf 31 13K 15K 166960K 41 0 ifaddr 44 8K 8K 166960K 52 0 ifgroup 50 2K 2K 166960K 61 0 sysctl 1 1K 9K 166960K 7 0 counters 32 17K 18K 166960K 39 0 ioctlops 0 0K 4K 166960K 80 0 iov 0 0K 16K 166960K 14 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1351 85K 85K 166960K 1568 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 1K 5K 166960K 8 0 VM map 2 1K 1K 166960K 2 0 sem 11 0K 0K 166960K 16 0 dirhash 12 2K 2K 166960K 21 0 ACPI 1692 195K 286K 166960K 12470 0 file desc 15 53K 240K 166960K 405 0 sigio 0 0K 0K 166960K 6 0 proc 60 59K 100K 166960K 522 0 subproc 72 4K 4K 166960K 72 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 0 0K 0K 166960K 68 0 in_multi 106 7K 7K 166960K 130 0 ether_multi 1 0K 0K 166960K 5 0 mrt 1 0K 0K 166960K 1 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 73 334K 334K 166960K 73 0 exec 0 0K 1K 166960K 385 0 fusefs mount 1 32K 32K 166960K 1 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 205 150K 172K 166960K 4987 0 UVM aobj 11 2K 4K 166960K 13 0 pinsyscall 36 72K 92K 166960K 1444 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 0K 166960K 13 0 NDP 11 0K 2K 166960K 31 0 temp 45 8639K 8762K 166960K 18192 0 kqueue 15 24K 32K 166960K 96 0 SYN cache 2 16K 16K 166960K 2 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle rtpcb 120 64 0 61 1 0 1 1 0 8 0 rtentry 136 101 0 13 4 0 4 4 0 8 0 unpcb 144 184 0 167 1 0 1 1 0 8 0 syncache 336 8 0 8 1 0 1 1 0 8 1 tcpqe 32 2 0 2 1 0 1 1 0 8 1 tcpcb 736 113 0 105 4 0 4 4 0 8 3 arp 96 12 0 0 1 0 1 1 0 8 0 ipq 40 2 0 0 1 0 1 1 0 8 0 ipqe 40 2 0 0 1 0 1 1 0 8 0 inpcb 328 313 0 299 4 0 4 4 0 8 2 nd6 112 17 0 0 1 0 1 1 0 8 0 pkpcb 40 1 0 1 1 0 1 1 0 8 1 kcovpl 48 8 0 0 1 0 1 1 0 8 0 ppxss 1072 6 0 6 1 0 1 1 0 8 1 pppxif 1384 1 0 1 1 0 1 1 0 8 1 pfrktable 1344 1 0 1 1 0 1 1 0 8 1 pfstitem 24 2 0 0 1 0 1 1 0 8 0 pfstkey 128 3 0 1 1 0 1 1 0 8 0 pfstate 384 2 0 1 1 0 1 1 0 8 0 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 497 0 47 30 0 30 30 0 8 1 art_table 40 498 0 47 5 0 5 5 0 8 0 art_node 32 101 0 23 1 0 1 1 0 8 0 sysvmsgpl 40 7 0 4 1 0 1 1 0 8 0 semapl 112 14 0 5 1 0 1 1 0 8 0 shmpl 112 10 0 2 1 0 1 1 0 8 0 dirhash 1024 23 0 6 3 0 3 3 0 8 0 dino2pl 256 2025 0 523 95 0 95 95 0 8 0 ffsino 256 2025 0 523 95 0 95 95 0 8 0 nchpl 144 2572 0 893 63 0 63 63 0 8 0 vnodes 216 2226 0 0 124 0 124 124 0 8 0 namei 1024 7932 0 7931 2 0 2 2 0 8 1 kstatmem 264 30 0 8 2 0 2 2 0 8 0 scsiplug 72 1 0 1 1 0 1 1 0 8 1 scxspl 216 11625 0 11625 8 0 8 8 1 8 8 plimitpl 152 102 0 85 1 0 1 1 0 8 0 sigapl 424 694 0 632 8 0 8 8 0 8 0 knotepl 120 31574 0 31267 31 20 11 24 0 8 1 kqueuepl 184 112 0 98 1 0 1 1 0 8 0 pipepl 304 121 0 94 3 0 3 3 0 8 0 fdescpl 448 659 0 632 5 0 5 5 0 8 1 filepl 120 3007 0 2787 9 0 9 9 0 8 1 lockfpl 104 80 0 78 1 0 1 1 0 8 0 lockfspl 48 37 0 35 1 0 1 1 0 8 0 sessionpl 144 26 0 18 1 0 1 1 0 8 0 pgrppl 48 39 0 23 1 0 1 1 0 8 0 ucredpl 104 395 0 384 1 0 1 1 0 8 0 zombiepl 144 636 0 632 1 0 1 1 0 8 0 processpl 1152 694 0 632 5 0 5 5 0 8 0 procpl 664 1087 0 1017 7 0 7 7 0 8 0 sosppl 168 4 0 3 1 0 1 1 0 8 0 sockpl 552 571 0 537 6 0 6 6 0 8 3 mcl64k 65536 23 0 23 1 0 1 1 0 8 1 mcl8k 8192 7 0 7 1 0 1 1 0 8 1 mcl4k 4096 2799 0 2749 15 0 15 15 0 8 8 mcl2k 2048 597 0 589 5 0 5 5 0 8 4 mtagpl 96 4 0 4 1 0 1 1 0 8 1 mbufpl 256 7019 0 6868 18 0 18 18 0 8 3 bufpl 280 6473 0 245 445 0 445 445 0 8 0 anonpl 24 106063 0 103037 69 0 69 69 0 187 41 amapchunkpl 152 15261 0 14850 25 0 25 25 0 158 5 amappl16 200 1711 0 1685 27 13 14 27 0 8 11 amappl15 192 3 0 3 1 0 1 1 0 8 1 amappl14 184 114 0 103 1 0 1 1 0 8 0 amappl13 176 4 0 4 1 0 1 1 0 8 1 amappl12 168 1270 0 1242 3 0 3 3 0 8 0 amappl11 160 44 0 34 1 0 1 1 0 8 0 amappl10 152 2 0 2 1 0 1 1 0 8 1 amappl9 144 255 0 255 1 0 1 1 0 8 1 amappl8 136 20 0 19 1 0 1 1 0 8 0 amappl7 128 98 0 88 1 0 1 1 0 8 0 amappl6 120 169 0 166 1 0 1 1 0 8 0 amappl5 112 109 0 102 1 0 1 1 0 8 0 amappl4 104 277 0 261 1 0 1 1 0 8 0 amappl3 96 2858 0 2766 4 0 4 4 0 8 1 amappl2 88 653 0 599 2 0 2 2 0 8 0 amappl1 80 10271 0 9730 15 0 15 15 0 8 2 amappl 88 4271 0 4130 4 0 4 4 0 92 0 uvmvnodes 80 2226 0 0 46 0 46 46 0 8 0 dma4096 4096 1 0 1 1 0 1 1 0 8 1 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 6 0 6 1 0 1 1 0 8 1 dma128 128 253 0 253 1 0 1 1 0 8 1 dma64 64 6 0 6 1 0 1 1 0 8 1 dma32 32 7 0 7 1 0 1 1 0 8 1 dma16 16 19 0 18 1 0 1 1 0 8 0 aobjpl 72 12 0 2 1 0 1 1 0 8 0 uaddrrnd 24 659 0 632 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 659 0 632 1 0 1 1 0 8 0 vmmpekpl 168 7122 0 7083 3 0 3 3 0 8 0 vmmpepl 168 48490 0 46769 103 0 103 103 0 357 14 vmsppl 368 658 0 632 4 0 4 4 0 8 1 rwobjpl 40 17588 0 14535 33 0 33 33 0 8 0 pdppl 4096 1324 0 1264 96 28 68 78 0 8 8 pvpl 32 294044 0 285912 150 0 150 150 0 265 62 pmappl 216 658 0 632 2 0 2 2 0 8 0 extentpl 40 45 0 27 1 0 1 1 0 8 0 phpool 112 379 0 28 11 0 11 11 0 8 0 ddb> machine ddbcpu 0 No such command ddb> trace ufs_lookup() at ufs_lookup+0x613 sys/ufs/ufs/ufs_lookup.c:279 VOP_LOOKUP(fffffd806de8d538,ffff80003c97b3c8,ffff80003c97b3f8) at VOP_LOOKUP+0x6e sys/kern/vfs_vops.c:85 vfs_lookup(ffff80003c97b398) at vfs_lookup+0x921 sys/kern/vfs_lookup.c:566 namei(ffff80003c97b398) at namei+0x7ca sys/kern/vfs_lookup.c:250 dounlinkat(ffff80003c9e0a90,ffffff9c,200000000040,0) at dounlinkat+0xc1 sys/kern/vfs_syscalls.c:1868 syscall(ffff80003c97b560) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80003c97b560) at syscall+0x962 sys/arch/amd64/amd64/trap.c:748 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x49bbd197ea0, count: -7 ddb> machine ddbcpu 1 No such command ddb> trace ufs_lookup() at ufs_lookup+0x613 sys/ufs/ufs/ufs_lookup.c:279 VOP_LOOKUP(fffffd806de8d538,ffff80003c97b3c8,ffff80003c97b3f8) at VOP_LOOKUP+0x6e sys/kern/vfs_vops.c:85 vfs_lookup(ffff80003c97b398) at vfs_lookup+0x921 sys/kern/vfs_lookup.c:566 namei(ffff80003c97b398) at namei+0x7ca sys/kern/vfs_lookup.c:250 dounlinkat(ffff80003c9e0a90,ffffff9c,200000000040,0) at dounlinkat+0xc1 sys/kern/vfs_syscalls.c:1868 syscall(ffff80003c97b560) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80003c97b560) at syscall+0x962 sys/arch/amd64/amd64/trap.c:748 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x49bbd197ea0, count: -7