uvm_fault(0xffffffff839ec6e0, 0xffff800026ec21a0, 0, 1) -> d kernel: page fault trap, code=0 Stopped at ffs2_balloc+0xa0d: movq 0(%rcx,%rax,8),%r14 TID PID UID PRFLAGS PFLAGS CPU COMMAND 319511 40762 0 0 0 0 syz-executor ffs2_balloc(fffffd8077cda280,101780,40,fffffd80097fd548,1,ffff800037fb6d48) at ffs2_balloc+0xa0d sys/ufs/ffs/ffs_balloc.c:614 ffs_write(ffff800037fb6dd0) at ffs_write+0x4f9 sys/ufs/ffs/ffs_vnops.c:345 VOP_WRITE(fffffd800d488dd8,ffff800037fb6e68,23,fffffd80097fd548) at VOP_WRITE+0x101 sys/kern/vfs_vops.c:245 vn_rdwr(1,fffffd800d488dd8,ffff800037fb6fa0,40,0,1,28565f10ecb58813,0,1008,40) at vn_rdwr+0x12d sys/kern/vfs_vnops.c:324 acct_process(ffff80003c40ed30) at acct_process+0x7a2 sys/kern/kern_acct.c:245 exit1(ffff80003c40ed30,0,0,1) at exit1+0x5c4 sys/kern/kern_exit.c:228 sys_exit(ffff80003c40ed30,ffff800037fb71e0,ffff800037fb7130) at sys_exit+0x1a sys/kern/kern_exit.c:-1 syscall(ffff800037fb71e0) at syscall+0xb17 mi_syscall sys/sys/syscall_mi.h:176 [inline] syscall(ffff800037fb71e0) at syscall+0xb17 sys/arch/amd64/amd64/trap.c:783 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x7b38f0c67930, count: 6 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb{1}> ddb{1}> set $lines = 0 ddb{1}> set $maxwidth = 0 ddb{1}> show panic *cpu1: uvm_fault(0xffffffff839ec6e0, 0xffff800026ec21a0, 0, 1) -> d ddb{1}> trace ffs2_balloc(fffffd8077cda280,101780,40,fffffd80097fd548,1,ffff800037fb6d48) at ffs2_balloc+0xa0d sys/ufs/ffs/ffs_balloc.c:614 ffs_write(ffff800037fb6dd0) at ffs_write+0x4f9 sys/ufs/ffs/ffs_vnops.c:345 VOP_WRITE(fffffd800d488dd8,ffff800037fb6e68,23,fffffd80097fd548) at VOP_WRITE+0x101 sys/kern/vfs_vops.c:245 vn_rdwr(1,fffffd800d488dd8,ffff800037fb6fa0,40,0,1,28565f10ecb58813,0,1008,40) at vn_rdwr+0x12d sys/kern/vfs_vnops.c:324 acct_process(ffff80003c40ed30) at acct_process+0x7a2 sys/kern/kern_acct.c:245 exit1(ffff80003c40ed30,0,0,1) at exit1+0x5c4 sys/kern/kern_exit.c:228 sys_exit(ffff80003c40ed30,ffff800037fb71e0,ffff800037fb7130) at sys_exit+0x1a sys/kern/kern_exit.c:-1 syscall(ffff800037fb71e0) at syscall+0xb17 mi_syscall sys/sys/syscall_mi.h:176 [inline] syscall(ffff800037fb71e0) at syscall+0xb17 sys/arch/amd64/amd64/trap.c:783 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x7b38f0c67930, count: -9 ddb{1}> show registers rdi 0 rsi 0 rbp 0xffff800037fb6cf0 rbx 0 rdx 0 rcx 0xffff800026ec2000 rax 0x34 r8 0xffffffffffffffff r9 0xffff800037fb6d48 r10 0xdb8610587dff8ae8 r11 0x9672483ff5adf8b8 r12 0x1 r13 0xffff800000c31800 r14 0xffff800037fb6b80 r15 0xfffffd8066d6a7b0 rip 0xffffffff81a8374d ffs2_balloc+0xa0d cs 0x8 rflags 0x10246 __ALIGN_SIZE+0xf246 rsp 0xffff800037fb6b70 ss 0 ffs2_balloc+0xa0d: movq 0(%rcx,%rax,8),%r14 ddb{1}> show proc PROC (syz-executor) tid=20306 pid=87628 tcnt=0 stat=onproc flags process=1008 proc=2000 runpri=16, usrpri=82, slppri=16, nice=20 wchan=0x0, wmesg=, ps_single=0xffff80003c40ed30 scnt=-1 ecnt=1 forw=0xffffffffffffffff, list=0xffff80003c40efc8,0xffff80003c40fcd0 process=0xffff80003c3c9d08 user=0xffff800037fb2000, vmspace=0xfffffd806c8cc018 estcpu=32, cpticks=3, pctcpu=0.2, user=0, sys=1, intr=0 ddb{1}> ps PID TID PPID UID S FLAGS WAIT COMMAND 71699 461719 28918 0 2 0 syz-executor 71699 514433 28918 0 3 0x4000080 fsleep syz-executor 71699 30492 28918 0 2 0x4000000 syz-executor 94863 299148 29293 0 2 0 syz-executor 94863 436779 29293 0 3 0x4000080 fsleep syz-executor 40762 319511 62444 0 7 0 syz-executor 40762 134508 62444 0 3 0x4000080 msgwait syz-executor 43458 205995 78280 0 2 0 syz-executor 43458 98952 78280 0 3 0x4000080 fsleep syz-executor 3016 273449 3534 0 2 0 syz-executor 3016 184388 3534 0 3 0x4000080 fsleep syz-executor 57797 176698 0 0 3 0x14200 acct acct 56622 112799 1 0 3 0x100083 ttyopn getty 3517 444647 0 0 3 0x14280 nfsidl nfsio 5118 325128 0 0 3 0x14280 nfsidl nfsio 78746 5013 0 0 3 0x14280 nfsidl nfsio 45084 437302 0 0 3 0x14280 nfsidl nfsio 73629 461699 0 0 3 0x14280 nfsidl nfsio 35970 164199 0 0 3 0x14280 nfsidl nfsio 9187 120886 0 0 3 0x14280 nfsidl nfsio 13225 125997 0 0 3 0x14280 nfsidl nfsio 30965 257496 0 0 3 0x14280 nfsidl nfsio 73221 476548 0 0 3 0x14280 nfsidl nfsio 12239 86340 0 0 3 0x14280 nfsidl nfsio 25789 138192 0 0 3 0x14280 nfsidl nfsio 67258 292062 0 0 3 0x14280 nfsidl nfsio 91439 384661 0 0 3 0x14280 nfsidl nfsio 48091 364192 0 0 3 0x14280 nfsidl nfsio 12229 9597 0 0 3 0x14280 nfsidl nfsio 39933 262302 0 0 3 0x14280 nfsidl nfsio 17683 198985 0 0 3 0x14280 nfsidl nfsio 74681 428899 0 0 3 0x14280 nfsidl nfsio 80962 88551 0 0 3 0x14280 nfsidl nfsio 29293 24967 6312 0 3 0x82 nanoslp syz-executor 92176 492031 6312 0 2 0xc82 syz-executor 78280 205284 6312 0 3 0x82 nanoslp syz-executor 40444 167705 6312 0 3 0x82 nanoslp syz-executor 28918 503170 6312 0 3 0x82 nanoslp syz-executor 3534 489010 6312 0 3 0x82 nanoslp syz-executor 62444 333888 6312 0 3 0x82 nanoslp syz-executor 6312 438475 1 0 3 0x82 wait syz-executor 72164 198766 1 0 3 0x8a kqread sshd 77629 222388 85563 74 3 0x1100092 bpf pflogd 85563 190341 1 0 3 0x80 sbwait pflogd 71429 255500 7115 73 2 0x1100090 syslogd 7115 315689 1 0 3 0x100082 sbwait syslogd 83443 220410 1 0 3 0x100080 kqread resolvd 59786 274196 13056 77 3 0x100092 kqread dhcpleased 33101 176938 13056 77 3 0x100092 kqread dhcpleased 13056 521721 1 0 3 0x80 kqread dhcpleased 65919 322298 0 0 3 0x14200 bored smr 25336 501826 0 0 2 0x14200 zerothread 18278 429359 0 0 3 0x14200 aiodoned aiodoned 59392 238534 0 0 3 0x14200 syncer update 19329 119299 0 0 3 0x14200 cleaner cleaner 96010 295486 0 0 3 0x14200 reaper reaper 64899 364979 0 0 3 0x14200 pgdaemon pagedaemon 88956 320200 0 0 3 0x14200 bored viomb 62611 394582 0 0 3 0x40014200 acpi0 acpi0 49863 207985 0 0 3 0x40014200 idle1 26619 450917 0 0 3 0x14200 bored softnet1 28632 16535 0 0 3 0x14200 bored softnet0 95890 181280 0 0 3 0x14200 bored systqmp 16563 268308 0 0 3 0x14200 bored systq 56939 271245 0 0 3 0x14200 tmoslp softclockmp 7435 383964 0 0 3 0x40014200 tmoslp softclock 29610 425863 0 0 3 0x40014200 idle0 1 58936 0 0 3 0x82 wait init 0 0 -1 0 3 0x10010200 scheduler swapper ddb{1}> show all locks ddb{1}>