uvm_fault(0xffffffff82e84828, 0xffff800026a52004, 0, 1) -> d kernel: page fault trap, code=0 Stopped at ufs_lookup+0x4d0: movzwl 0x4(%r15,%r12,1),%ebx TID PID UID PRFLAGS PFLAGS CPU COMMAND *386050 4086 0 0x2 0 0 syz-executor.1 ufs_lookup() at ufs_lookup+0x4d0 sys/ufs/ufs/ufs_lookup.c:279 VOP_LOOKUP(fffffd806cc53888,ffff80002bf1bd08,ffff80002bf1bd38) at VOP_LOOKUP+0x5c sys/kern/vfs_vops.c:85 vfs_lookup(ffff80002bf1bcd8) at vfs_lookup+0x6dc sys/kern/vfs_lookup.c:566 namei(ffff80002bf1bcd8) at namei+0x55a sys/kern/vfs_lookup.c:250 dounlinkat(ffff80002f5612a8,ffffff9c,77fc34def7d0,8) at dounlinkat+0x9d sys/kern/vfs_syscalls.c:1847 syscall(ffff80002bf1beb0) at syscall+0x751 sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x77fc34def7c0, count: 8 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic *cpu0: uvm_fault(0xffffffff82e84828, 0xffff800026a52004, 0, 1) -> d ddb> trace ufs_lookup() at ufs_lookup+0x4d0 sys/ufs/ufs/ufs_lookup.c:279 VOP_LOOKUP(fffffd806cc53888,ffff80002bf1bd08,ffff80002bf1bd38) at VOP_LOOKUP+0x5c sys/kern/vfs_vops.c:85 vfs_lookup(ffff80002bf1bcd8) at vfs_lookup+0x6dc sys/kern/vfs_lookup.c:566 namei(ffff80002bf1bcd8) at namei+0x55a sys/kern/vfs_lookup.c:250 dounlinkat(ffff80002f5612a8,ffffff9c,77fc34def7d0,8) at dounlinkat+0x9d sys/kern/vfs_syscalls.c:1847 syscall(ffff80002bf1beb0) at syscall+0x751 sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x77fc34def7c0, count: -7 ddb> show registers rdi 0 rsi 0 rbp 0xffff80002bf1bb10 rbx 0 rdx 0 rcx 0 rax 0xfffffd807dbdb5b8 r8 0xffffffffffffffff r9 0xfffffd807f7d7750 r10 0x4b8d3a78f80557c5 r11 0x82f73685a382b54d r12 0 r13 0xffffffff r14 0 r15 0xffff800026a52000 rip 0xffffffff815d6bd0 ufs_lookup+0x4d0 cs 0x8 rflags 0x10202 __ALIGN_SIZE+0xf202 rsp 0xffff80002bf1ba10 ss 0x10 ufs_lookup+0x4d0: movzwl 0x4(%r15,%r12,1),%ebx ddb> show proc PROC (syz-executor.1) tid=386050 pid=4086 tcnt=1 stat=onproc flags process=2 proc=0 runpri=17, usrpri=76, slppri=17, nice=20 wchan=0x0, wmesg=, ps_single=0x0 forw=0xffffffffffffffff, list=0xffff80002f560560,0xffff80002a666ad0 process=0xffff8000ffff9928 user=0xffff80002bf16000, vmspace=0xfffffd80698c1dd0 estcpu=36, cpticks=0, pctcpu=0.0, user=0, sys=0, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 72481 448663 77902 0 2 0 syz-executor.4 72481 315845 77902 0 2 0x4000000 syz-executor.4 98294 221468 3577 0 2 0x480 syz-executor.5 98294 353715 3577 0 3 0x4000080 fsleep syz-executor.5 41273 246634 672 0 2 0 syz-executor.3 41273 226455 672 0 2 0x4000000 syz-executor.3 31538 72361 5284 0 2 0 syz-executor.6 31538 294575 5284 0 3 0x4000080 fifor syz-executor.6 61940 278101 69340 0 2 0 syz-executor.2 61940 418267 69340 0 3 0x4000080 bell syz-executor.2 61940 137060 69340 0 2 0x4000000 syz-executor.2 44359 126458 2655 0 2 0 syz-executor.0 44359 465663 2655 0 2 0x4000000 syz-executor.0 77902 87645 18752 0 2 0x482 syz-executor.4 5284 121008 18752 0 2 0x482 syz-executor.6 * 4086 386050 18752 0 7 0x2 syz-executor.1 2655 245074 18752 0 2 0x482 syz-executor.0 69340 82183 18752 0 2 0x482 syz-executor.2 672 48038 18752 0 2 0x482 syz-executor.3 3577 228909 18752 0 2 0x482 syz-executor.5 26744 78537 18752 0 2 0x2 syz-executor.7 30318 355976 1 0 3 0x100083 ttyopn getty 36264 116418 0 0 3 0x14200 acct acct 77834 347539 0 0 3 0x14200 bored sosplice 18752 322015 88901 0 3 0x2000082 thrsleep syz-fuzzer 18752 456541 88901 0 2 0x6000482 syz-fuzzer 18752 269464 88901 0 3 0x6000082 wait syz-fuzzer 18752 456349 88901 0 3 0x6000082 thrsleep syz-fuzzer 18752 296204 88901 0 3 0x6000082 kqread syz-fuzzer 18752 67829 88901 0 3 0x6000082 thrsleep syz-fuzzer 18752 412562 88901 0 3 0x6000082 wait syz-fuzzer 18752 358380 88901 0 3 0x6000082 wait syz-fuzzer 18752 4187 88901 0 3 0x6000082 wait syz-fuzzer 18752 336281 88901 0 3 0x6000082 wait syz-fuzzer 18752 147922 88901 0 3 0x6000082 thrsleep syz-fuzzer 18752 241410 88901 0 3 0x6000082 wait syz-fuzzer 18752 472022 88901 0 3 0x6000082 wait syz-fuzzer 18752 131197 88901 0 3 0x6000082 wait syz-fuzzer 88901 432390 17974 0 3 0x10008a sigsusp ksh 17974 344188 45245 0 3 0x9a kqread sshd 45245 252721 1 0 3 0x88 kqread sshd 28348 412500 4386 73 2 0x1100090 syslogd 4386 200984 1 0 3 0x100082 netio syslogd 55297 32016 1 0 3 0x100080 kqread resolvd 62532 224045 80404 77 3 0x100092 kqread dhcpleased 88851 128599 80404 77 3 0x100092 kqread dhcpleased 80404 490508 1 0 3 0x80 kqread dhcpleased 70724 219033 0 0 3 0x14200 bored smr 54790 414599 0 0 2 0x14200 zerothread 69974 84973 0 0 3 0x14200 aiodoned aiodoned 97030 124442 0 0 3 0x14200 syncer update 7221 73624 0 0 3 0x14200 cleaner cleaner 30421 182871 0 0 3 0x14200 reaper reaper 50090 516645 0 0 3 0x14200 pgdaemon pagedaemon 54943 124204 0 0 3 0x14200 bored viomb 35955 437108 0 0 3 0x40014200 acpi0 acpi0 81702 399049 0 0 3 0x14200 bored softnet3 85248 211838 0 0 3 0x14200 bored softnet2 28248 334194 0 0 3 0x14200 bored softnet1 71499 292826 0 0 3 0x14200 bored softnet0 40526 513458 0 0 3 0x14200 bored systqmp 37195 366254 0 0 3 0x14200 bored systq 42042 59986 0 0 2 0x40014200 softclock 49930 316698 0 0 3 0x40014200 idle0 1 101466 0 0 3 0x80082 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10217 6558K 7078K 166960K 25166 0 pcb 15 20K 21K 166960K 677 0 rtable 225 15K 16K 166960K 1684 0 pf 33 9K 10K 166960K 207 0 ifaddr 42 11K 12K 166960K 214 0 ifgroup 58 2K 2K 166960K 334 0 sysctl 3 0K 0K 166960K 5 0 counters 32 17K 18K 166960K 109 0 ioctlops 0 0K 2K 166960K 425 0 iov 0 0K 32K 166960K 928 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1514 95K 95K 166960K 5534 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 1K 5K 166960K 117 0 VM map 2 1K 1K 166960K 2 0 sem 12 0K 0K 166960K 1654 0 dirhash 12 2K 2K 166960K 45 0 ACPI 1697 195K 286K 166960K 12548 0 file desc 19 69K 81K 166960K 7821 0 sigio 0 0K 0K 166960K 439 0 proc 58 59K 83K 166960K 1469 0 subproc 143 8K 8K 166960K 520 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 0 0K 0K 166960K 414 0 in_multi 88 6K 7K 166960K 461 0 ether_multi 1 0K 0K 166960K 1 0 mrt 1 0K 0K 166960K 1 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 223 996K 996K 166960K 223 0 exec 0 0K 1K 166960K 1656 0 pfkey data 0 0K 0K 166960K 9 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 452 529K 538K 166960K 73035 0 UVM aobj 131 4K 4K 166960K 142 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 2 0K 0K 166960K 406 0 NDP 13 0K 1K 166960K 163 0 temp 86 6764K 6892K 166960K 71184 0 kqueue 12 18K 30K 166960K 621 0 SYN cache 2 104K 112K 166960K 3 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle rtpcb 120 573 0 570 5 2 3 3 0 8 2 rtentry 112 500 0 401 4 0 4 4 0 8 0 unpcb 144 5869 0 5854 9 1 8 8 0 8 7 syncache 336 99 0 99 2 1 1 1 0 8 1 sackhl 24 1 0 1 1 0 1 1 0 8 1 tcpqe 32 1396 0 1396 3 2 1 2 0 8 1 tcpcb 808 3257 0 3179 29 12 17 17 0 8 8 arp 88 92 0 76 1 0 1 1 0 8 0 ipq 40 12 0 12 1 0 1 1 0 8 1 ipqe 40 67 0 67 1 0 1 1 0 8 1 inpcb 360 7217 0 7129 43 27 16 20 0 8 7 nd6 104 120 0 98 1 0 1 1 0 8 0 pkpcb 40 119 0 119 2 1 1 1 0 8 1 kcovpl 48 40 0 29 1 0 1 1 0 8 0 ppxss 1072 26 0 26 1 0 1 1 0 8 1 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 1943 0 1522 33 1 32 32 0 8 4 art_table 32 1944 0 1522 5 0 5 5 0 8 1 art_node 16 484 0 395 1 0 1 1 0 8 0 sysvmsgpl 40 29 0 14 1 0 1 1 0 8 0 semupl 112 3 0 3 1 1 0 1 0 8 0 semapl 112 1652 0 1642 1 0 1 1 0 8 0 shmpl 112 139 0 11 4 0 4 4 0 8 0 dirhash 1024 39 0 22 3 0 3 3 0 8 0 dino2pl 256 11526 0 10042 94 0 94 94 0 8 0 ffsino 240 11526 0 10042 88 0 88 88 0 8 0 nchpl 144 22147 0 20504 63 0 63 63 0 8 1 uvmvnodes 80 5926 0 0 121 0 121 121 0 8 0 vnodes 216 5926 0 0 330 0 330 330 0 8 0 namei 1024 76217 0 76216 5 3 2 3 0 8 1 vcpupl 2048 59 0 0 8 0 8 8 0 8 0 vmpool 664 74 0 15 6 0 6 6 0 8 1 kstatmem 264 180 0 154 3 0 3 3 0 8 0 scxspl 216 66464 0 66464 11 7 4 8 1 8 4 plimitpl 152 1013 0 995 1 0 1 1 0 8 0 sigapl 424 8220 0 8172 8 0 8 8 0 8 1 futexpl 64 73924 0 73923 1 0 1 1 0 8 0 knotepl 120 100711 0 100629 20 8 12 16 0 8 8 kqueuepl 184 1521 0 1513 4 0 4 4 0 8 3 pipepl 288 1756 0 1725 16 9 7 12 0 8 4 fdescpl 432 8042 0 8012 4 0 4 4 0 8 0 filepl 120 50530 0 50167 30 10 20 20 0 8 6 lockfpl 104 3153 0 3151 2 0 2 2 0 8 1 lockfspl 48 927 0 925 1 0 1 1 0 8 0 sessionpl 144 51 0 32 1 0 1 1 0 8 0 pgrppl 48 233 0 214 1 0 1 1 0 8 0 ucredpl 104 6883 0 6861 1 0 1 1 0 8 0 zombiepl 144 8175 0 8172 1 0 1 1 0 8 0 processpl 1072 8220 0 8172 5 0 5 5 0 8 0 procpl 680 19525 0 19457 10 1 9 9 0 8 0 sosppl 168 109 0 106 1 0 1 1 0 8 0 sockpl 488 13781 0 13675 246 225 21 37 0 8 7 mcl64k 65536 360 0 357 2 1 1 1 0 8 0 mcl16k 16384 164 0 161 2 1 1 1 0 8 0 mcl12k 12288 317 0 317 2 1 1 1 0 8 1 mcl9k 9216 132 0 132 2 1 1 1 0 8 1 mcl8k 8192 649 0 646 2 1 1 1 0 8 0 mcl4k 4096 899 0 899 2 1 1 1 0 8 1 mcl2k2 2112 64 0 64 2 1 1 1 0 8 1 mcl2k 2048 84226 0 84143 64 47 17 29 0 8 5 mtagpl 96 1621 0 1377 10 0 10 10 0 8 3 mbufpl 256 213533 0 213087 296 250 46 127 0 8 6 bufpl 280 18937 0 12542 458 0 458 458 0 8 0 anonpl 24 895562 0 881426 120 1 119 119 0 188 20 amapchunkpl 152 231872 0 230944 49 3 46 46 0 158 3 amappl16 200 18948 0 18482 58 20 38 42 0 8 6 amappl15 192 20 0 19 1 0 1 1 0 8 0 amappl14 184 244 0 229 2 1 1 2 0 8 0 amappl13 176 35 0 35 2 1 1 1 0 8 1 amappl12 168 9075 0 9042 2 0 2 2 0 8 0 amappl11 160 56 0 45 1 0 1 1 0 8 0 amappl10 152 88 0 74 1 0 1 1 0 8 0 amappl9 144 237 0 237 2 1 1 1 0 8 1 amappl8 136 415 0 345 3 0 3 3 0 8 0 amappl7 128 251 0 226 2 0 2 2 0 8 0 amappl6 120 741 0 725 1 0 1 1 0 8 0 amappl5 112 271 0 263 1 0 1 1 0 8 0 amappl4 104 598 0 574 2 1 1 2 0 8 0 amappl3 96 45836 0 45729 4 0 4 4 0 8 0 amappl2 88 8919 0 8841 3 1 2 3 0 8 0 amappl1 80 38760 0 38239 23 11 12 22 0 8 0 amappl 88 72099 0 71815 8 0 8 8 0 92 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 141 0 11 3 0 3 3 0 8 0 uaddrrnd 24 8116 0 8027 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 8116 0 8027 1 0 1 1 0 8 0 vmmpekpl 168 61013 0 60934 4 0 4 4 0 8 0 vmmpepl 168 493582 0 491082 179 37 142 142 0 357 22 vmsppl 352 8115 0 8027 9 0 9 9 0 8 0 rwobjpl 24 122609 0 114945 49 0 49 49 0 8 0 pdppl 4096 16238 0 16113 476 347 129 129 0 8 4 pvpl 32 2322432 0 2302542 409 201 208 363 0 265 35 pmappl 216 8115 0 8027 6 0 6 6 0 8 0 extentpl 40 56 0 38 1 0 1 1 0 8 0 phpool 112 1136 0 677 15 0 15 15 0 8 0 ddb> machine ddbcpu 0 No such command ddb> trace ufs_lookup() at ufs_lookup+0x4d0 sys/ufs/ufs/ufs_lookup.c:279 VOP_LOOKUP(fffffd806cc53888,ffff80002bf1bd08,ffff80002bf1bd38) at VOP_LOOKUP+0x5c sys/kern/vfs_vops.c:85 vfs_lookup(ffff80002bf1bcd8) at vfs_lookup+0x6dc sys/kern/vfs_lookup.c:566 namei(ffff80002bf1bcd8) at namei+0x55a sys/kern/vfs_lookup.c:250 dounlinkat(ffff80002f5612a8,ffffff9c,77fc34def7d0,8) at dounlinkat+0x9d sys/kern/vfs_syscalls.c:1847 syscall(ffff80002bf1beb0) at syscall+0x751 sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x77fc34def7c0, count: -7 ddb> machine ddbcpu 1 No such command ddb> trace ufs_lookup() at ufs_lookup+0x4d0 sys/ufs/ufs/ufs_lookup.c:279 VOP_LOOKUP(fffffd806cc53888,ffff80002bf1bd08,ffff80002bf1bd38) at VOP_LOOKUP+0x5c sys/kern/vfs_vops.c:85 vfs_lookup(ffff80002bf1bcd8) at vfs_lookup+0x6dc sys/kern/vfs_lookup.c:566 namei(ffff80002bf1bcd8) at namei+0x55a sys/kern/vfs_lookup.c:250 dounlinkat(ffff80002f5612a8,ffffff9c,77fc34def7d0,8) at dounlinkat+0x9d sys/kern/vfs_syscalls.c:1847 syscall(ffff80002bf1beb0) at syscall+0x751 sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x77fc34def7c0, count: -7