uvm_fault(0xffffffff839b9d70, 0xffff800026332004, 0, 1) -> d kernel: page fault trap, code=0 Stopped at ufs_readdir+0x26e: movzwl 0x4(%r14),%ebx TID PID UID PRFLAGS PFLAGS CPU COMMAND *366723 47082 0 0x2 0 0 syz-executor ufs_readdir(ffff80002a7eed40) at ufs_readdir+0x26e sys/ufs/ufs/ufs_vnops.c:1397 VOP_READDIR(fffffa006c03cdd0,ffff80002a7eedc8,fffffa0007ffd750,ffff80002a7eee0c) at VOP_READDIR+0x125 sys/kern/vfs_vops.c:453 sys_getdents(ffff80002a777768,ffff80002a7eef50,ffff80002a7eeea0) at sys_getdents+0x2dd sys/kern/vfs_syscalls.c:3132 syscall(ffff80002a7eef50) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80002a7eef50) at syscall+0x962 sys/arch/amd64/amd64/trap.c:783 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x780f7e0db840, count: 10 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic *cpu0: uvm_fault(0xffffffff839b9d70, 0xffff800026332004, 0, 1) -> d ddb> trace ufs_readdir(ffff80002a7eed40) at ufs_readdir+0x26e sys/ufs/ufs/ufs_vnops.c:1397 VOP_READDIR(fffffa006c03cdd0,ffff80002a7eedc8,fffffa0007ffd750,ffff80002a7eee0c) at VOP_READDIR+0x125 sys/kern/vfs_vops.c:453 sys_getdents(ffff80002a777768,ffff80002a7eef50,ffff80002a7eeea0) at sys_getdents+0x2dd sys/kern/vfs_syscalls.c:3132 syscall(ffff80002a7eef50) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80002a7eef50) at syscall+0x962 sys/arch/amd64/amd64/trap.c:783 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x780f7e0db840, count: -5 ddb> show registers rdi 0x200 rsi 0x800 rbp 0xffff80002a7eed30 rbx 0x200 rdx 0 rcx 0xfffffa006ca159e0 rax 0xffff800026332200 r8 0xffffffffffffffff r9 0x2 r10 0xa58fd8c8bce07d74 r11 0x5e1fafbd74d00f94 r12 0 r13 0xffff80002a7eedc8 r14 0xffff800026332000 r15 0xffff800026332008 rip 0xffffffff825d3c8e ufs_readdir+0x26e cs 0x8 rflags 0x10283 __ALIGN_SIZE+0xf283 rsp 0xffff80002a7eeb80 ss 0x10 ufs_readdir+0x26e: movzwl 0x4(%r14),%ebx ddb> show proc PROC (syz-executor) tid=366723 pid=47082 tcnt=1 stat=onproc flags process=2 proc=0 runpri=32, usrpri=86, slppri=32, nice=20 wchan=0x0, wmesg=, ps_single=0x0 scnt=0 ecnt=0 forw=0xffffffffffffffff, list=0xffff80002a7762a8,0xffff80002a777ca8 process=0xffff80002a791b10 user=0xffff80002a7ea000, vmspace=0xfffffa007ec5e2e0 estcpu=36, cpticks=8, pctcpu=0.0, user=3, sys=5, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 96945 185300 63373 0 2 0xc90 syz-executor 96945 84530 63373 0 3 0x4000090 msgwait syz-executor 96945 137053 63373 0 3 0x4000090 msgwait syz-executor 96945 398528 63373 0 3 0x4000090 fsleep syz-executor 64293 342638 1503 0 3 0x80 nanoslp syz-executor 64293 232441 1503 0 3 0x4000080 lockf syz-executor 64293 483442 1503 0 3 0x4000080 lockf syz-executor 64293 228525 1503 0 3 0x4000080 fsleep syz-executor 97764 151219 78825 0 2 0xc80 syz-executor 97764 301512 78825 0 3 0x4000080 bell syz-executor 97764 319095 78825 0 3 0x4000080 fsleep syz-executor 97764 351676 78825 0 3 0x4000080 fsleep syz-executor 38438 292950 79842 0 3 0x80 nanoslp syz-executor 38438 434130 79842 0 3 0x4000080 kqpoll syz-executor 38438 36903 79842 0 3 0x4000080 fsleep syz-executor 79842 178913 85870 0 2 0xc82 syz-executor 68267 318773 0 0 3 0x14280 nfsidl nfsio 84412 136488 0 0 3 0x14280 nfsidl nfsio 87918 41767 0 0 3 0x14280 nfsidl nfsio 37941 298290 0 0 3 0x14280 nfsidl nfsio 845 445786 0 0 3 0x14280 nfsidl nfsio 85453 298913 0 0 3 0x14280 nfsidl nfsio 52247 172520 0 0 3 0x14280 nfsidl nfsio 986 518822 0 0 3 0x14280 nfsidl nfsio 19055 367868 0 0 3 0x14280 nfsidl nfsio 43238 363875 0 0 3 0x14280 nfsidl nfsio 57471 505658 0 0 3 0x14280 nfsidl nfsio 4771 43958 0 0 3 0x14280 nfsidl nfsio 65986 133242 0 0 3 0x14280 nfsidl nfsio 15541 466370 0 0 3 0x14280 nfsidl nfsio 46293 389852 0 0 3 0x14280 nfsidl nfsio 73728 394603 0 0 3 0x14280 nfsidl nfsio 68683 115481 0 0 3 0x14280 nfsidl nfsio 84036 216423 0 0 3 0x14280 nfsidl nfsio 47690 397505 0 0 3 0x14280 nfsidl nfsio 34905 223116 0 0 3 0x14280 nfsidl nfsio 78825 107923 85870 0 2 0xc82 syz-executor 1503 299320 85870 0 3 0x82 nanoslp syz-executor 63373 169819 85870 0 2 0xc82 syz-executor 56397 130255 85870 0 3 0x82 nanoslp syz-executor *47082 366723 85870 0 7 0x2 syz-executor 19621 305582 85870 0 3 0x82 nanoslp syz-executor 85870 143889 28647 0 3 0x82 wait syz-executor 28647 474636 35239 0 3 0x10008a sigsusp ksh 35239 470170 83296 0 3 0x98 kqread sshd-session 83296 362228 45671 0 3 0x92 kqread sshd-session 40547 172748 1 0 3 0x100083 ttyin getty 45671 265363 1 0 3 0x88 kqread sshd 16698 239991 18853 73 3 0x1100090 kqread syslogd 18853 140838 1 0 3 0x100082 sbwait syslogd 10999 285744 1 0 3 0x100080 kqread resolvd 53274 229668 64048 77 2 0x100012 dhcpleased 38299 463137 64048 77 3 0x100092 kqread dhcpleased 64048 1100 1 0 3 0x80 kqread dhcpleased 58545 202681 0 0 3 0x14200 bored smr 39627 284879 0 0 2 0x14200 zerothread 98960 238031 0 0 3 0x14200 aiodoned aiodoned 53275 336760 0 0 3 0x14200 syncer update 27157 113231 0 0 3 0x14200 cleaner cleaner 65345 418026 0 0 3 0x14200 reaper reaper 43266 433418 0 0 3 0x14200 pgdaemon pagedaemon 23453 163673 0 0 3 0x14200 bored viomb 85900 384036 0 0 3 0x40014200 acpi0 acpi0 55806 24194 0 0 3 0x14200 bored softnet0 11381 178935 0 0 3 0x14200 bored systqmp 4261 152415 0 0 3 0x14200 bored systq 81951 374787 0 0 3 0x40014200 tmoslp softclock 38279 69612 0 0 3 0x40014200 idle0 1 1379 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 11070 12256K 12790K 166960K 13461 0 pcb 19 15K 16K 166960K 183 0 rtable 257 9K 10K 166960K 484 0 pf 35 14K 73K 166960K 115 0 ifaddr 41 7K 8K 166960K 79 0 ifgroup 50 2K 2K 166960K 113 0 sysctl 4 1K 9K 166960K 9 0 counters 33 17K 18K 166960K 70 0 ioctlops 0 0K 4K 166960K 230 0 iov 0 0K 16K 166960K 92 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1485 93K 93K 166960K 2141 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 1K 9K 166960K 16 0 VM map 2 1K 1K 166960K 2 0 sem 12 0K 0K 166960K 88 0 dirhash 12 2K 2K 166960K 21 0 ACPI 1692 195K 286K 166960K 12470 0 file desc 16 57K 89K 166960K 697 0 sigio 0 0K 0K 166960K 7 0 proc 60 59K 91K 166960K 584 0 subproc 72 4K 4K 166960K 81 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 0 0K 0K 166960K 62 0 in_multi 91 6K 7K 166960K 140 0 ether_multi 1 0K 0K 166960K 3 0 mrt 1 0K 0K 166960K 16 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 235 1049K 1049K 166960K 235 0 exec 0 0K 1K 166960K 471 0 fusefs mount 1 32K 32K 166960K 1 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 231 151K 160K 166960K 7683 0 UVM aobj 30 2K 3K 166960K 34 0 pinsyscall 37 74K 92K 166960K 1836 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 0K 166960K 45 0 NDP 11 0K 2K 166960K 56 0 temp 48 9113K 9170K 166960K 33908 0 kqueue 14 22K 28K 166960K 125 0 SYN cache 2 16K 16K 166960K 2 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle rtpcb 120 79 0 76 1 0 1 1 0 8 0 rtentry 136 146 0 36 4 0 4 4 0 8 0 unpcb 144 319 0 304 2 0 2 2 0 8 1 syncache 336 5 0 5 1 0 1 1 0 8 1 tcpcb 736 180 0 176 7 0 7 7 0 8 6 arp 96 24 0 4 1 0 1 1 0 8 0 ipq 40 4 0 1 1 0 1 1 0 8 0 ipqe 40 5 0 2 1 0 1 1 0 8 0 inpcb 328 618 0 609 7 0 7 7 0 8 5 ip6q 72 8 0 4 1 0 1 1 0 8 0 ip6af 40 12 0 8 1 0 1 1 0 8 0 nd6 112 36 0 13 1 0 1 1 0 8 0 pkpcb 40 4 0 4 1 0 1 1 0 8 1 kcovpl 48 9 0 1 1 0 1 1 0 8 0 mppekey 1024 1 0 1 1 0 1 1 0 8 1 ppxss 1072 32 0 32 1 0 1 1 0 8 1 pfstscr 40 15 0 8 1 0 1 1 0 8 0 pfanchor 1288 2 0 2 1 0 1 1 0 8 1 pftag 88 2 0 2 1 0 1 1 0 8 1 pfstitem 24 8 0 0 1 0 1 1 0 8 0 pfstkey 128 16 0 8 1 0 1 1 0 8 0 pfstate 384 9 0 5 1 0 1 1 0 8 0 pfrule 1360 5 0 5 1 0 1 1 0 8 1 art_heap8 4096 2 0 0 2 0 2 2 0 8 0 art_heap4 256 611 0 168 31 0 31 31 0 8 2 art_table 40 613 0 168 6 0 6 6 0 8 0 art_node 32 146 0 46 1 0 1 1 0 8 0 sysvmsgpl 40 6 0 4 1 0 1 1 0 8 0 semapl 72 82 0 72 1 0 1 1 0 8 0 shmpl 112 31 0 4 1 0 1 1 0 8 0 dirhash 1024 23 0 6 3 0 3 3 0 8 0 dino2pl 256 2567 0 1107 93 0 93 93 0 8 1 ffsino 256 2567 0 1107 93 0 93 93 0 8 1 nchpl 144 3530 0 1831 64 0 64 64 0 8 0 rtmask 32 6 0 6 1 0 1 1 0 8 1 vnodes 216 3233 0 0 180 0 180 180 0 8 0 namei 1024 11707 0 11707 1 0 1 1 0 8 1 kstatmem 264 73 0 50 2 0 2 2 0 8 0 scsiplug 72 6 0 6 1 0 1 1 0 8 1 scxspl 216 17679 0 17679 4 0 4 4 1 8 4 plimitpl 152 118 0 102 1 0 1 1 0 8 0 sigapl 424 1014 0 953 8 0 8 8 0 8 0 knotepl 120 24901 0 24854 16 6 10 16 0 8 7 kqueuepl 184 245 0 235 4 0 4 4 0 8 3 pipepl 304 163 0 136 3 0 3 3 0 8 0 fdescpl 448 981 0 953 5 0 5 5 0 8 1 filepl 120 5280 0 5060 11 0 11 11 0 8 3 lockfpl 104 494 0 486 2 0 2 2 0 8 1 lockfspl 48 237 0 232 1 0 1 1 0 8 0 sessionpl 144 40 0 32 1 0 1 1 0 8 0 pgrppl 48 60 0 44 1 0 1 1 0 8 0 ucredpl 104 829 0 816 1 0 1 1 0 8 0 zombiepl 144 956 0 953 1 0 1 1 0 8 0 processpl 1152 1014 0 953 5 0 5 5 0 8 0 procpl 664 1898 0 1826 8 0 8 8 0 8 1 sosppl 176 1 0 1 1 0 1 1 0 8 1 sockpl 552 1044 0 1017 8 0 8 8 0 8 5 mcl64k 65536 53 0 51 1 0 1 1 0 8 0 mcl8k 8192 11 0 11 1 0 1 1 0 8 1 mcl4k 4096 3298 0 3240 14 0 14 14 0 8 6 mcl2k2 2112 1 0 1 1 0 1 1 0 8 1 mcl2k 2048 587 0 584 3 0 3 3 0 8 2 mtagpl 96 9 0 6 1 0 1 1 0 8 0 mbufpl 256 10330 0 10178 16 0 16 16 0 8 0 bufpl 272 6891 0 675 415 0 415 415 0 8 0 anonpl 24 170009 0 166784 62 0 62 62 0 186 25 amapchunkpl 152 25048 0 24544 33 0 33 33 0 158 11 amappl16 200 3312 0 3282 22 4 18 21 0 8 8 amappl15 192 29 0 29 1 0 1 1 0 8 1 amappl14 184 433 0 432 1 0 1 1 0 8 0 amappl13 176 115 0 105 1 0 1 1 0 8 0 amappl12 168 1226 0 1199 2 0 2 2 0 8 0 amappl11 160 34 0 34 1 0 1 1 0 8 1 amappl10 152 59 0 49 1 0 1 1 0 8 0 amappl9 144 307 0 307 1 0 1 1 0 8 1 amappl8 136 112 0 110 1 0 1 1 0 8 0 amappl7 128 142 0 130 1 0 1 1 0 8 0 amappl6 120 159 0 157 1 0 1 1 0 8 0 amappl5 112 94 0 86 1 0 1 1 0 8 0 amappl4 104 267 0 250 1 0 1 1 0 8 0 amappl3 96 5092 0 4975 4 0 4 4 0 8 0 amappl2 88 546 0 491 2 0 2 2 0 8 0 amappl1 80 12511 0 11957 13 0 13 13 0 8 1 amappl 88 6865 0 6699 5 0 5 5 0 92 0 uvmvnodes 80 112 0 0 3 0 3 3 0 8 0 dma4096 4096 1 0 1 1 0 1 1 0 8 1 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 9 0 9 1 0 1 1 0 8 1 dma128 128 254 0 254 1 0 1 1 0 8 1 dma64 64 6 0 6 1 0 1 1 0 8 1 dma32 32 7 0 7 1 0 1 1 0 8 1 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 33 0 4 1 0 1 1 0 8 0 uaddrrnd 24 981 0 953 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 981 0 953 1 0 1 1 0 8 0 vmmpekpl 168 9397 0 9356 2 0 2 2 0 8 0 vmmpepl 168 69817 0 68038 97 0 97 97 0 357 10 vmsppl 368 980 0 953 4 0 4 4 0 8 1 rwobjpl 40 21398 0 20377 14 0 14 14 0 8 0 pdppl 4096 1968 0 1906 98 30 68 78 0 8 6 pvpl 32 446193 0 437741 142 0 142 142 0 265 36 pmappl 216 980 0 953 2 0 2 2 0 8 0 extentpl 40 45 0 27 1 0 1 1 0 8 0 phpool 112 793 0 30 22 0 22 22 0 8 0 ddb> machine ddbcpu 0 No such command ddb> trace ufs_readdir(ffff80002a7eed40) at ufs_readdir+0x26e sys/ufs/ufs/ufs_vnops.c:1397 VOP_READDIR(fffffa006c03cdd0,ffff80002a7eedc8,fffffa0007ffd750,ffff80002a7eee0c) at VOP_READDIR+0x125 sys/kern/vfs_vops.c:453 sys_getdents(ffff80002a777768,ffff80002a7eef50,ffff80002a7eeea0) at sys_getdents+0x2dd sys/kern/vfs_syscalls.c:3132 syscall(ffff80002a7eef50) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80002a7eef50) at syscall+0x962 sys/arch/amd64/amd64/trap.c:783 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x780f7e0db840, count: -5 ddb> machine ddbcpu 1 No such command ddb> trace ufs_readdir(ffff80002a7eed40) at ufs_readdir+0x26e sys/ufs/ufs/ufs_vnops.c:1397 VOP_READDIR(fffffa006c03cdd0,ffff80002a7eedc8,fffffa0007ffd750,ffff80002a7eee0c) at VOP_READDIR+0x125 sys/kern/vfs_vops.c:453 sys_getdents(ffff80002a777768,ffff80002a7eef50,ffff80002a7eeea0) at sys_getdents+0x2dd sys/kern/vfs_syscalls.c:3132 syscall(ffff80002a7eef50) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80002a7eef50) at syscall+0x962 sys/arch/amd64/amd64/trap.c:783 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x780f7e0db840, count: -5