uvm_fault(0xffffffff82d82740, 0xffff800027ff2004, 0, 1) -> d kernel: page fault trap, code=0 Stopped at ufs_lookup+0x49b: movzwl 0x4(%r15,%rbx,1),%r14d TID PID UID PRFLAGS PFLAGS CPU COMMAND * 60572 76910 0 0x2 0 0 syz-executor.7 ufs_lookup() at ufs_lookup+0x49b sys/ufs/ufs/ufs_lookup.c:279 VOP_LOOKUP(fffffd807763b288,ffff8000378016f8,ffff800037801728) at VOP_LOOKUP+0x5c sys/kern/vfs_vops.c:85 vfs_lookup(ffff8000378016c8) at vfs_lookup+0x6df sys/kern/vfs_lookup.c:566 namei(ffff8000378016c8) at namei+0x56a sys/kern/vfs_lookup.c:250 dounlinkat(ffff80002a6d6010,ffffff9c,70673194a130,8) at dounlinkat+0x9d sys/kern/vfs_syscalls.c:1847 syscall(ffff800037801890) at syscall+0x538 sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x70673194a120, count: 8 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic *cpu0: uvm_fault(0xffffffff82d82740, 0xffff800027ff2004, 0, 1) -> d ddb> trace ufs_lookup() at ufs_lookup+0x49b sys/ufs/ufs/ufs_lookup.c:279 VOP_LOOKUP(fffffd807763b288,ffff8000378016f8,ffff800037801728) at VOP_LOOKUP+0x5c sys/kern/vfs_vops.c:85 vfs_lookup(ffff8000378016c8) at vfs_lookup+0x6df sys/kern/vfs_lookup.c:566 namei(ffff8000378016c8) at namei+0x56a sys/kern/vfs_lookup.c:250 dounlinkat(ffff80002a6d6010,ffffff9c,70673194a130,8) at dounlinkat+0x9d sys/kern/vfs_syscalls.c:1847 syscall(ffff800037801890) at syscall+0x538 sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x70673194a120, count: -7 ddb> show registers rdi 0 rsi 0 rbp 0xffff800037801510 rbx 0 rdx 0 rcx 0xffffffff rax 0xfffffd8067788e68 r8 0xffffffffffffffff r9 0xfffffd807f7d7548 r10 0x5a6cba09c3960bcc r11 0xc4991f535132faa7 r12 0 r13 0xfffffd80685de1e0 r14 0 r15 0xffff800027ff2000 rip 0xffffffff81fdc0ab ufs_lookup+0x49b cs 0x8 rflags 0x10202 __ALIGN_SIZE+0xf202 rsp 0xffff800037801400 ss 0x10 ufs_lookup+0x49b: movzwl 0x4(%r15,%rbx,1),%r14d ddb> show proc PROC (syz-executor.7) tid=60572 pid=76910 tcnt=1 stat=onproc flags process=2 proc=0 runpri=17, usrpri=80, slppri=17, nice=20 wchan=0x0, wmesg=, ps_single=0x0 forw=0xffffffffffffffff, list=0xffff80002a692020,0xffff80002a6922d8 process=0xffff800035dafab8 user=0xffff8000377fc000, vmspace=0xfffffd8062916448 estcpu=36, cpticks=0, pctcpu=0.2, user=0, sys=0, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 92464 255768 39979 0 2 0 syz-executor.3 92464 321382 39979 0 2 0x4000000 syz-executor.3 712 175868 21323 0 2 0 syz-executor.0 712 26830 21323 0 3 0x4000080 fsleep syz-executor.0 712 389727 21323 0 3 0x4000080 fsleep syz-executor.0 2144 345348 41396 0 2 0 syz-executor.1 2144 465404 41396 0 3 0x4000080 fsleep syz-executor.1 5953 305723 45705 0 2 0 syz-executor.6 5953 507551 45705 0 3 0x4000080 fsleep syz-executor.6 5953 273450 45705 0 3 0x4000080 fsleep syz-executor.6 1889 361730 2560 0 2 0 syz-executor.2 1889 86708 2560 0 3 0x4000080 kqpoll syz-executor.2 68566 383000 49349 0 2 0x480 syz-executor.5 68566 263976 49349 0 3 0x4000080 netcon syz-executor.5 68566 257989 49349 0 3 0x4000080 fsleep syz-executor.5 68566 348860 49349 0 3 0x4000080 fsleep syz-executor.5 2560 192847 80074 0 3 0x82 nanoslp syz-executor.2 49349 446182 80074 0 2 0x482 syz-executor.5 21323 230448 80074 0 2 0x482 syz-executor.0 4055 291178 1 0 3 0x18100083 ttyin getty *76910 60572 80074 0 7 0x2 syz-executor.7 2172 328656 80074 0 2 0x2 syz-executor.4 39979 440170 80074 0 3 0x82 nanoslp syz-executor.3 41396 325571 80074 0 2 0x482 syz-executor.1 63386 283721 0 0 3 0x14200 bored sosplice 45705 484373 80074 0 2 0x482 syz-executor.6 80074 138629 17859 0 3 0x1a000082 wait syz-fuzzer 80074 289829 17859 0 3 0x1e000082 thrsleep syz-fuzzer 80074 60046 17859 0 3 0x1e000082 thrsleep syz-fuzzer 80074 150467 17859 0 3 0x1e000082 kqread syz-fuzzer 80074 375662 17859 0 3 0x1e000082 wait syz-fuzzer 80074 384896 17859 0 3 0x1e000082 thrsleep syz-fuzzer 80074 400829 17859 0 3 0x1e000082 wait syz-fuzzer 80074 379979 17859 0 3 0x1e000082 wait syz-fuzzer 80074 228645 17859 0 3 0x1e000082 wait syz-fuzzer 80074 308637 17859 0 3 0x1e000082 thrsleep syz-fuzzer 80074 199553 17859 0 3 0x1e000082 wait syz-fuzzer 80074 328533 17859 0 3 0x1e000082 wait syz-fuzzer 80074 142304 17859 0 3 0x1e000082 thrsleep syz-fuzzer 80074 328084 17859 0 3 0x1e000082 wait syz-fuzzer 17859 110189 53841 0 3 0x810008a sigsusp ksh 53841 358463 88311 0 3 0x1800009a kqread sshd 88311 137886 1 0 3 0x18000088 kqread sshd 58588 432468 44301 73 3 0x19100090 kqread syslogd 44301 213862 1 0 3 0x18100082 netio syslogd 34833 465996 1 0 3 0x18100080 kqread resolvd 152 169725 4031 77 3 0x18100092 kqread dhcpleased 22669 104112 4031 77 3 0x18100092 kqread dhcpleased 4031 207872 1 0 3 0x18000080 kqread dhcpleased 64834 197209 0 0 3 0x14200 bored smr 47375 5416 0 0 2 0x14200 zerothread 30417 341585 0 0 3 0x14200 aiodoned aiodoned 62903 454785 0 0 3 0x14200 syncer update 78173 321401 0 0 3 0x14200 cleaner cleaner 81774 445669 0 0 3 0x14200 reaper reaper 5355 352844 0 0 3 0x14200 pgdaemon pagedaemon 34745 210911 0 0 3 0x14200 bored viomb 36389 260148 0 0 3 0x40014200 acpi0 acpi0 52753 291635 0 0 3 0x14200 bored softnet3 13885 43269 0 0 3 0x14200 bored softnet2 7421 510813 0 0 3 0x14200 bored softnet1 81911 267560 0 0 3 0x14200 bored softnet0 20798 288625 0 0 3 0x14200 bored systqmp 33554 217837 0 0 3 0x14200 bored systq 55113 233918 0 0 2 0x40014200 softclock 91497 316270 0 0 3 0x40014200 idle0 1 139259 0 0 3 0x8000082 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10205 6488K 7058K 166960K 21356 0 pcb 15 18K 20K 166960K 399 0 rtable 220 8K 9K 166960K 2124 0 pf 30 9K 9K 166960K 216 0 ifaddr 40 11K 11K 166960K 223 0 ifgroup 51 2K 2K 166960K 335 0 sysctl 3 0K 0K 166960K 7 0 counters 30 17K 17K 166960K 121 0 ioctlops 0 0K 2K 166960K 338 0 iov 0 0K 32K 166960K 707 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1568 99K 99K 166960K 4709 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 1K 5K 166960K 58 0 VM map 2 1K 1K 166960K 2 0 sem 12 0K 1K 166960K 675 0 dirhash 12 2K 3K 166960K 48 0 ACPI 1697 195K 286K 166960K 12548 0 file desc 16 57K 73K 166960K 5238 0 sigio 0 0K 0K 166960K 39 0 proc 58 59K 75K 166960K 1369 0 subproc 104 6K 7K 166960K 442 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 0 0K 0K 166960K 661 0 in_multi 88 6K 7K 166960K 461 0 ether_multi 1 0K 0K 166960K 7 0 mrt 1 0K 0K 166960K 3 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 229 1023K 1023K 166960K 229 0 exec 0 0K 1K 166960K 1516 0 pfkey data 0 0K 0K 166960K 12 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 398 197K 209K 166960K 49724 0 UVM aobj 131 4K 4K 166960K 137 0 pinsyscall 22 44K 100K 166960K 2085 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 0K 166960K 112 0 NDP 11 0K 1K 166960K 170 0 temp 74 6804K 6884K 166960K 68005 0 kqueue 13 20K 26K 166960K 521 0 SYN cache 2 104K 112K 166960K 3 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle rtpcb 120 493 0 490 3 2 1 3 0 8 0 rtentry 112 651 0 551 4 0 4 4 0 8 0 unpcb 144 4483 0 4470 14 7 7 8 0 8 6 syncache 336 33 0 33 1 1 0 1 0 8 0 tcpqe 32 171 0 171 1 1 0 1 0 8 0 tcpcb 808 1998 0 1982 21 18 3 16 0 8 0 arp 88 88 0 73 1 0 1 1 0 8 0 ipq 40 2 0 2 1 1 0 1 0 8 0 ipqe 40 10 0 10 1 1 0 1 0 8 0 inpcb 360 4440 0 4420 20 15 5 15 0 8 2 nd6 104 107 0 84 1 0 1 1 0 8 0 pkpcb 40 30 0 30 2 1 1 1 0 8 1 kcovpl 48 34 0 26 1 0 1 1 0 8 0 ppxss 1072 42 0 42 1 0 1 1 0 8 1 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 2120 0 1688 32 5 27 29 0 8 0 art_table 32 2121 0 1688 4 0 4 4 0 8 0 art_node 16 574 0 483 1 0 1 1 0 8 0 sysvmsgpl 40 2 0 0 1 0 1 1 0 8 0 semapl 112 673 0 663 1 0 1 1 0 8 0 shmpl 112 134 0 6 4 0 4 4 0 8 0 dirhash 1024 41 0 24 3 0 3 3 0 8 0 dino2pl 256 8419 0 6873 97 0 97 97 0 8 0 ffsino 240 8419 0 6873 92 0 92 92 0 8 0 nchpl 144 15404 0 13684 66 0 66 66 0 8 0 uvmvnodes 80 5926 0 0 121 0 121 121 0 8 0 vnodes 216 5926 0 0 330 0 330 330 0 8 0 namei 1024 56847 0 56846 3 2 1 2 0 8 0 vcpupl 2048 33 0 0 5 0 5 5 0 8 0 vmpool 664 47 0 14 3 0 3 3 0 8 0 kstatmem 264 204 0 182 2 0 2 2 0 8 0 scxspl 216 46638 0 46638 8 7 1 8 1 8 1 plimitpl 152 816 0 801 1 0 1 1 0 8 0 sigapl 424 5789 0 5745 8 2 6 8 0 8 0 futexpl 64 48315 0 48308 1 0 1 1 0 8 0 knotepl 120 49994 0 49912 25 22 3 18 0 8 0 kqueuepl 184 1133 0 1124 4 3 1 4 0 8 0 pipepl 288 858 0 830 7 4 3 7 0 8 0 fdescpl 432 5471 0 5444 4 0 4 4 0 8 0 filepl 120 34170 0 33924 21 8 13 16 0 8 2 lockfpl 104 1299 0 1297 2 1 1 2 0 8 0 lockfspl 48 473 0 471 1 0 1 1 0 8 0 sessionpl 144 52 0 36 1 0 1 1 0 8 0 pgrppl 48 247 0 231 1 0 1 1 0 8 0 ucredpl 104 4634 0 4623 1 0 1 1 0 8 0 zombiepl 144 5745 0 5745 2 1 1 1 0 8 1 processpl 1072 5789 0 5745 5 1 4 5 0 8 0 procpl 680 13334 0 13267 9 2 7 9 0 8 0 sosppl 168 60 0 57 1 0 1 1 0 8 0 sockpl 488 9453 0 9417 158 132 26 39 0 8 19 mcl64k 65536 189 0 189 2 1 1 1 0 8 1 mcl16k 16384 128 0 128 2 1 1 1 0 8 1 mcl12k 12288 218 0 218 2 1 1 1 0 8 1 mcl9k 9216 93 0 93 2 1 1 1 0 8 1 mcl8k 8192 437 0 437 4 3 1 3 0 8 1 mcl4k 4096 555 0 555 2 1 1 1 0 8 1 mcl2k2 2112 33 0 33 2 1 1 1 0 8 1 mcl2k 2048 80495 0 80438 30 21 9 29 0 8 1 mtagpl 96 796 0 617 7 1 6 7 0 8 0 mbufpl 256 174041 0 173741 149 125 24 145 0 8 0 bufpl 280 14123 0 7779 454 0 454 454 0 8 0 anonpl 24 621171 0 608327 110 21 89 107 0 188 0 amapchunkpl 152 157516 0 156685 42 6 36 41 0 158 0 amappl16 200 12393 0 11897 37 10 27 34 0 8 0 amappl15 192 58 0 56 1 0 1 1 0 8 0 amappl14 184 274 0 264 2 1 1 2 0 8 0 amappl13 176 29 0 27 1 0 1 1 0 8 0 amappl12 168 6511 0 6480 2 0 2 2 0 8 0 amappl11 160 48 0 38 1 0 1 1 0 8 0 amappl10 152 92 0 83 1 0 1 1 0 8 0 amappl9 144 177 0 176 1 0 1 1 0 8 0 amappl8 136 348 0 275 3 0 3 3 0 8 0 amappl7 128 102 0 89 1 0 1 1 0 8 0 amappl6 120 666 0 648 2 1 1 2 0 8 0 amappl5 112 367 0 355 1 0 1 1 0 8 0 amappl4 104 808 0 772 2 0 2 2 0 8 0 amappl3 96 31421 0 31344 3 0 3 3 0 8 0 amappl2 88 6222 0 6152 4 2 2 4 0 8 0 amappl1 80 29384 0 28887 22 11 11 22 0 8 0 amappl 88 48819 0 48580 7 0 7 7 0 92 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 136 0 6 3 0 3 3 0 8 0 uaddrrnd 24 5518 0 5458 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 5518 0 5458 1 0 1 1 0 8 0 vmmpekpl 168 42604 0 42538 4 0 4 4 0 8 0 vmmpepl 168 348161 0 345854 139 12 127 127 0 357 13 vmsppl 352 5517 0 5458 6 0 6 6 0 8 0 rwobjpl 24 89958 0 82389 46 0 46 46 0 8 0 pdppl 4096 11042 0 10949 391 297 94 96 0 8 1 pvpl 32 1642223 0 1623884 366 198 168 358 0 265 8 pmappl 216 5517 0 5458 4 0 4 4 0 8 0 extentpl 40 56 0 38 1 0 1 1 0 8 0 phpool 112 854 0 483 14 0 14 14 0 8 0 ddb> machine ddbcpu 0 No such command ddb> trace ufs_lookup() at ufs_lookup+0x49b sys/ufs/ufs/ufs_lookup.c:279 VOP_LOOKUP(fffffd807763b288,ffff8000378016f8,ffff800037801728) at VOP_LOOKUP+0x5c sys/kern/vfs_vops.c:85 vfs_lookup(ffff8000378016c8) at vfs_lookup+0x6df sys/kern/vfs_lookup.c:566 namei(ffff8000378016c8) at namei+0x56a sys/kern/vfs_lookup.c:250 dounlinkat(ffff80002a6d6010,ffffff9c,70673194a130,8) at dounlinkat+0x9d sys/kern/vfs_syscalls.c:1847 syscall(ffff800037801890) at syscall+0x538 sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x70673194a120, count: -7 ddb> machine ddbcpu 1 No such command ddb> trace ufs_lookup() at ufs_lookup+0x49b sys/ufs/ufs/ufs_lookup.c:279 VOP_LOOKUP(fffffd807763b288,ffff8000378016f8,ffff800037801728) at VOP_LOOKUP+0x5c sys/kern/vfs_vops.c:85 vfs_lookup(ffff8000378016c8) at vfs_lookup+0x6df sys/kern/vfs_lookup.c:566 namei(ffff8000378016c8) at namei+0x56a sys/kern/vfs_lookup.c:250 dounlinkat(ffff80002a6d6010,ffffff9c,70673194a130,8) at dounlinkat+0x9d sys/kern/vfs_syscalls.c:1847 syscall(ffff800037801890) at syscall+0x538 sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x70673194a120, count: -7