uvm_fault(0xffffffff83a77d60, 0xffff8000295e2004, 0, 1) -> d
kernel: page fault trap, code=0
Stopped at ffs_freefile+0x11e: movl 0x4(%rbx),%r13d
TID PID UID PRFLAGS PFLAGS CPU COMMAND
*119565 87290 0 0 0x4000000 0 syz-executor
ffs_freefile(fffffd80697b3200,4f3,2000) at ffs_freefile+0x11e ffs_cgread sys/ufs/ffs/ffs_alloc.c:856 [inline]
ffs_freefile(fffffd80697b3200,4f3,2000) at ffs_freefile+0x11e sys/ufs/ffs/ffs_alloc.c:1377
ffs_inode_free(fffffd80697b3200,4f3,2000) at ffs_inode_free+0x44 sys/ufs/ffs/ffs_alloc.c:1355
ufs_inactive(ffff80003c91b0f0) at ufs_inactive+0x299 sys/ufs/ufs/ufs_inode.c:94
VOP_INACTIVE(fffffd805d33edc8,ffff80003c90afb0) at VOP_INACTIVE+0xfb sys/kern/vfs_vops.c:498
vput(fffffd805d33edc8) at vput+0xdc sys/kern/vfs_subr.c:789
ufs_makeinode(2000,fffffd805d33e630,ffff80003c91b4b8,ffff80003c91b4e8) at ufs_makeinode+0x2e0 sys/ufs/ufs/ufs_vnops.c:1789
ufs_mknod(ffff80003c91b360) at ufs_mknod+0x5b sys/ufs/ufs/ufs_vnops.c:167
VOP_MKNOD(fffffd805d33e630,ffff80003c91b4b8,ffff80003c91b4e8,ffff80003c91b3e8) at VOP_MKNOD+0x101 sys/kern/vfs_vops.c:121
domknodat(ffff80003c90afb0,ffffff9c,2000000001c0,2000,205b9a) at domknodat+0x469 sys/kern/vfs_syscalls.c:1659
syscall(ffff80003c91b670) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline]
syscall(ffff80003c91b670) at syscall+0x962 sys/arch/amd64/amd64/trap.c:783
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0xd5bbaba130, count: 4
https://www.openbsd.org/ddb.html describes the minimum info required in bug
reports. Insufficient info makes it difficult to find and fix bugs.
ddb>
ddb> set $lines = 0
ddb> set $maxwidth = 0
ddb> show panic
*cpu0: uvm_fault(0xffffffff83a77d60, 0xffff8000295e2004, 0, 1) -> d
ddb> trace
ffs_freefile(fffffd80697b3200,4f3,2000) at ffs_freefile+0x11e ffs_cgread sys/ufs/ffs/ffs_alloc.c:856 [inline]
ffs_freefile(fffffd80697b3200,4f3,2000) at ffs_freefile+0x11e sys/ufs/ffs/ffs_alloc.c:1377
ffs_inode_free(fffffd80697b3200,4f3,2000) at ffs_inode_free+0x44 sys/ufs/ffs/ffs_alloc.c:1355
ufs_inactive(ffff80003c91b0f0) at ufs_inactive+0x299 sys/ufs/ufs/ufs_inode.c:94
VOP_INACTIVE(fffffd805d33edc8,ffff80003c90afb0) at VOP_INACTIVE+0xfb sys/kern/vfs_vops.c:498
vput(fffffd805d33edc8) at vput+0xdc sys/kern/vfs_subr.c:789
ufs_makeinode(2000,fffffd805d33e630,ffff80003c91b4b8,ffff80003c91b4e8) at ufs_makeinode+0x2e0 sys/ufs/ufs/ufs_vnops.c:1789
ufs_mknod(ffff80003c91b360) at ufs_mknod+0x5b sys/ufs/ufs/ufs_vnops.c:167
VOP_MKNOD(fffffd805d33e630,ffff80003c91b4b8,ffff80003c91b4e8,ffff80003c91b3e8) at VOP_MKNOD+0x101 sys/kern/vfs_vops.c:121
domknodat(ffff80003c90afb0,ffffff9c,2000000001c0,2000,205b9a) at domknodat+0x469 sys/kern/vfs_syscalls.c:1659
syscall(ffff80003c91b670) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline]
syscall(ffff80003c91b670) at syscall+0x962 sys/arch/amd64/amd64/trap.c:783
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0xd5bbaba130, count: -11
ddb> show registers
rdi 0
rsi 0
rbp 0xffff80003c91b030
rbx 0xffff8000295e2000
rdx 0
rcx 0xfffffd8068727c38
rax 0xfffffd805d5567d8
r8 0xffffffffffffffff
r9 0
r10 0xd81b9d12a87ef948
r11 0xf140a02409c4853a
r12 0
r13 0
r14 0xffff800000c47800
r15 0x4f3
rip 0xffffffff815fac5e ffs_freefile+0x11e
cs 0x8
rflags 0x10246 __ALIGN_SIZE+0xf246
rsp 0xffff80003c91afa0
ss 0x10
ffs_freefile+0x11e: movl 0x4(%rbx),%r13d
ddb> show proc
PROC (syz-executor) tid=119565 pid=87290 tcnt=3 stat=onproc
flags process=0 proc=4000000<THREAD>
runpri=17, usrpri=50, slppri=17, nice=20
wchan=0x0, wmesg=, ps_single=0x0 scnt=0 ecnt=0
forw=0xffffffffffffffff, list=0xffff80003c90a2b8,0xffff80002a76ba18
process=0xffff8000ffffb198 user=0xffff80003c916000, vmspace=0xfffffd806cd08b90
estcpu=12, cpticks=1, pctcpu=0.0, user=0, sys=1, intr=0
ddb> ps
PID TID PPID UID S FLAGS WAIT COMMAND
87290 282949 28578 0 2 0 syz-executor
*87290 119565 28578 0 7 0x4000000 syz-executor
87290 12322 28578 0 3 0x4000000 inode syz-executor
22633 44991 46137 0 2 0 syz-executor
22633 207204 46137 0 2 0x4000000 syz-executor
22633 35140 46137 0 3 0x4000080 fsleep syz-executor
22633 50214 46137 0 3 0x4000080 fsleep syz-executor
77918 390818 56463 0 3 0x80 fsleep syz-executor
77918 285399 56463 0 3 0x4000080 sbwait syz-executor
78682 91549 58561 0 3 0x80 fsleep syz-executor
78682 211489 58561 0 2 0x4000000 syz-executor
46137 172196 19780 0 2 0xc82 syz-executor
18720 229314 19780 0 3 0x2 biowait syz-executor
56463 16811 19780 0 3 0x82 nanoslp syz-executor
28578 432049 19780 0 2 0xc82 syz-executor
58561 9678 19780 0 3 0x82 wait syz-executor
30324 454319 19780 0 3 0x82 wait syz-executor
7405 457255 19780 0 2 0x2 syz-executor
72011 444594 19780 0 2 0x2 syz-executor
19780 425631 43176 0 3 0x82 kqread syz-executor
43176 448172 15582 0 3 0x10008a sigsusp ksh
15582 49875 37977 0 3 0x98 kqread sshd-session
37977 367274 87558 0 3 0x92 kqread sshd-session
31048 365198 1 0 3 0x100083 ttyin getty
87558 270736 1 0 3 0x88 kqread sshd
11401 248745 6389 73 3 0x1100090 kqread syslogd
6389 112142 1 0 3 0x100082 sbwait syslogd
46422 514114 1 0 3 0x100080 kqread resolvd
83150 172158 92792 77 3 0x100092 kqread dhcpleased
72395 421440 92792 77 3 0x100092 kqread dhcpleased
92792 182719 1 0 3 0x80 kqread dhcpleased
19291 96622 0 0 3 0x14200 bored smr
78803 137915 0 0 2 0x14200 zerothread
71027 385922 0 0 3 0x14200 aiodoned aiodoned
88273 509483 0 0 3 0x14200 syncer update
62897 271197 0 0 3 0x14200 cleaner cleaner
56589 100302 0 0 3 0x14200 reaper reaper
57156 86177 0 0 3 0x14200 pgdaemon pagedaemon
97509 522546 0 0 3 0x14200 bored viomb
95998 271932 0 0 3 0x40014200 acpi0 acpi0
96460 59156 0 0 3 0x14200 bored softnet0
70246 319116 0 0 3 0x14200 smrbar systqmp
25578 331609 0 0 3 0x14200 bored systq
15307 186498 0 0 3 0x40014200 tmoslp softclock
70949 87971 0 0 3 0x40014200 idle0
1 23503 0 0 3 0x82 wait init
0 0 -1 0 3 0x10200 scheduler swapper
ddb> show all locks
No such command
ddb> show malloc
Type InUse MemUse HighUse Limit Requests Type Lim
devbuf 11048 12177K 12385K 166960K 12740 0
pcb 17 14K 15K 166960K 124 0
rtable 214 15K 16K 166960K 468 0
pf 33 13K 18K 166960K 97 0
ifaddr 36 6K 7K 166960K 67 0
ifgroup 50 2K 2K 166960K 100 0
sysctl 3 1K 9K 166960K 8 0
counters 33 17K 18K 166960K 60 0
ioctlops 0 0K 4K 166960K 156 0
iov 0 0K 13K 166960K 12 0
mount 1 1K 1K 166960K 1 0
log 0 0K 0K 166960K 4 0
vnodes 1321 83K 84K 166960K 1840 0
UFS quota 1 32K 32K 166960K 1 0
UFS mount 5 36K 36K 166960K 5 0
shm 2 1K 5K 166960K 7 0
VM map 2 1K 1K 166960K 2 0
sem 12 0K 0K 166960K 95 0
dirhash 12 2K 2K 166960K 21 0
ACPI 1692 195K 286K 166960K 12470 0
file desc 16 57K 93K 166960K 690 0
sigio 0 0K 0K 166960K 6 0
proc 61 59K 116K 166960K 547 0
subproc 72 4K 4K 166960K 72 0
NFS srvsock 1 0K 0K 166960K 1 0
NFS daemon 1 16K 16K 166960K 1 0
ip_moptions 0 0K 0K 166960K 85 0
in_multi 77 5K 7K 166960K 129 0
ether_multi 1 0K 0K 166960K 11 0
mrt 0 0K 0K 166960K 23 0
ISOFS mount 1 32K 32K 166960K 1 0
MSDOSFS mount 1 16K 16K 166960K 1 0
ttys 73 334K 334K 166960K 73 0
exec 0 0K 1K 166960K 410 0
fusefs mount 1 32K 32K 166960K 1 0
tdb 3 0K 0K 166960K 3 0
VM swap 8 62K 64K 166960K 10 0
UVM amap 207 151K 170K 166960K 7944 0
UVM aobj 24 5K 5K 166960K 27 0
pinsyscall 37 74K 98K 166960K 1834 0
memdesc 1 4K 4K 166960K 1 0
crypto data 1 1K 1K 166960K 1 0
ip6_options 0 0K 0K 166960K 26 0
NDP 11 0K 2K 166960K 46 0
temp 76 9072K 9137K 166960K 27150 0
kqueue 14 22K 28K 166960K 120 0
SYN cache 2 16K 16K 166960K 2 0
ddb> show all pools
Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle
rtpcb 120 93 0 90 1 0 1 1 0 8 0
rtentry 136 127 0 44 4 0 4 4 0 8 0
unpcb 144 524 0 504 4 0 4 4 0 8 3
syncache 336 8 0 8 1 0 1 1 0 8 1
tcpqe 32 2 0 2 1 0 1 1 0 8 1
tcpcb 736 229 0 221 4 0 4 4 0 8 2
arp 96 20 0 5 1 0 1 1 0 8 0
ipq 40 4 0 3 1 0 1 1 0 8 0
ipqe 40 7 0 6 1 0 1 1 0 8 0
inpcb 328 640 0 627 7 0 7 7 0 8 5
ip6q 72 1 0 0 1 0 1 1 0 8 0
ip6af 40 2 0 1 1 0 1 1 0 8 0
nd6 112 30 0 10 1 0 1 1 0 8 0
kcovpl 48 8 0 0 1 0 1 1 0 8 0
ppxss 1072 22 0 22 1 0 1 1 0 8 1
pppxif 1416 1 0 1 1 0 1 1 0 8 1
pfrktable 1344 1 0 1 1 0 1 1 0 8 1
pfsrclim 320 2 0 2 1 0 1 1 0 8 1
pftag 88 2 0 1 1 0 1 1 0 8 0
pfqueue 320 1 0 0 1 0 1 1 0 8 0
pfstitem 24 5 0 1 1 0 1 1 0 8 0
pfstkey 128 8 0 3 1 0 1 1 0 8 0
pfstate 384 4 0 2 1 0 1 1 0 8 0
pfrule 1360 7 0 6 1 0 1 1 0 8 0
art_heap8 4096 3 0 0 3 0 3 3 0 8 0
art_heap4 256 515 0 145 29 0 29 29 0 8 5
art_table 40 518 0 145 5 0 5 5 0 8 0
art_node 32 125 0 49 1 0 1 1 0 8 0
sysvmsgpl 40 1 0 0 1 0 1 1 0 8 0
semapl 112 93 0 83 1 0 1 1 0 8 0
shmpl 112 24 0 3 1 0 1 1 0 8 0
dirhash 1024 23 0 6 3 0 3 3 0 8 0
dino2pl 256 2663 0 1209 92 0 92 92 0 8 0
ffsino 256 2663 0 1209 92 0 92 92 0 8 0
nchpl 144 3642 0 1953 64 0 64 64 0 8 0
rtmask 32 4 0 4 1 0 1 1 0 8 1
vnodes 216 2987 0 0 166 0 166 166 0 8 0
namei 1024 11810 0 11808 2 0 2 2 0 8 1
kstatmem 264 60 0 38 2 0 2 2 0 8 0
scsiplug 72 2 0 2 1 0 1 1 0 8 1
scxspl 216 21471 0 21470 8 0 8 8 1 8 7
plimitpl 152 109 0 92 1 0 1 1 0 8 0
sigapl 424 994 0 953 6 0 6 6 0 8 1
knotepl 120 25255 0 25205 17 6 11 17 0 8 8
kqueuepl 184 300 0 290 4 0 4 4 0 8 3
pipepl 304 187 0 160 5 0 5 5 0 8 2
fdescpl 448 981 0 953 5 0 5 5 0 8 1
filepl 120 5508 0 5290 10 0 10 10 0 8 2
lockfpl 104 227 0 224 1 0 1 1 0 8 0
lockfspl 48 112 0 109 1 0 1 1 0 8 0
sessionpl 144 34 0 26 1 0 1 1 0 8 0
pgrppl 48 49 0 33 1 0 1 1 0 8 0
ucredpl 104 866 0 853 1 0 1 1 0 8 0
zombiepl 144 955 0 953 1 0 1 1 0 8 0
processpl 1152 994 0 953 4 0 4 4 0 8 0
procpl 664 1852 0 1804 5 0 5 5 0 8 0
sosppl 176 6 0 6 1 0 1 1 0 8 1
sockpl 552 1275 0 1239 8 0 8 8 0 8 3
mcl64k 65536 64 0 64 1 0 1 1 0 8 1
mcl12k 12288 1 0 1 1 0 1 1 0 8 1
mcl8k 8192 6 0 6 1 0 1 1 0 8 1
mcl4k 4096 3241 0 3187 14 0 14 14 0 8 7
mcl2k2 2112 1 0 1 1 0 1 1 0 8 1
mcl2k 2048 704 0 704 1 0 1 1 0 8 1
mtagpl 96 21 0 8 1 0 1 1 0 8 0
mbufpl 256 11087 0 10917 25 4 21 25 0 8 8
bufpl 280 8373 0 2159 444 0 444 444 0 8 0
anonpl 24 162850 0 156516 45 0 45 45 0 187 6
amapchunkpl 152 25550 0 25133 27 0 27 27 0 158 8
amappl16 200 2801 0 2567 23 8 15 15 0 8 2
amappl15 192 7 0 7 1 0 1 1 0 8 1
amappl14 184 412 0 409 1 0 1 1 0 8 0
amappl13 176 134 0 124 1 0 1 1 0 8 0
amappl12 168 1224 0 1197 2 0 2 2 0 8 0
amappl11 160 2 0 2 1 0 1 1 0 8 1
amappl10 152 58 0 47 1 0 1 1 0 8 0
amappl9 144 263 0 263 1 0 1 1 0 8 1
amappl8 136 114 0 113 1 0 1 1 0 8 0
amappl7 128 149 0 137 1 0 1 1 0 8 0
amappl6 120 150 0 148 1 0 1 1 0 8 0
amappl5 112 126 0 118 1 0 1 1 0 8 0
amappl4 104 297 0 280 1 0 1 1 0 8 0
amappl3 96 5012 0 4915 3 0 3 3 0 8 0
amappl2 88 584 0 529 2 0 2 2 0 8 0
amappl1 80 13779 0 13243 15 0 15 15 0 8 1
amappl 88 7127 0 6984 4 0 4 4 0 92 0
uvmvnodes 80 111 0 0 3 0 3 3 0 8 0
dma4096 4096 1 0 1 1 0 1 1 0 8 1
dma1024 1024 1 0 0 1 0 1 1 0 8 0
dma256 256 6 0 6 1 0 1 1 0 8 1
dma128 128 253 0 253 1 0 1 1 0 8 1
dma64 64 6 0 6 1 0 1 1 0 8 1
dma32 32 7 0 7 1 0 1 1 0 8 1
dma16 16 18 0 17 1 0 1 1 0 8 0
aobjpl 72 26 0 3 1 0 1 1 0 8 0
uaddrrnd 24 981 0 953 1 0 1 1 0 8 0
uaddrbest 32 2 0 0 1 0 1 1 0 8 0
uaddr 24 981 0 953 1 0 1 1 0 8 0
vmmpekpl 168 9926 0 9893 2 0 2 2 0 8 0
vmmpepl 168 71123 0 69198 92 0 92 92 0 357 5
vmsppl 368 980 0 953 4 0 4 4 0 8 1
rwobjpl 40 21859 0 20699 13 0 13 13 0 8 0
pdppl 4096 1968 0 1906 106 40 66 80 0 8 4
pvpl 32 446134 0 434459 117 0 117 117 0 265 13
pmappl 216 980 0 953 3 0 3 3 0 8 1
extentpl 40 45 0 27 1 0 1 1 0 8 0
phpool 112 387 0 44 11 0 11 11 0 8 0
ddb> machine ddbcpu 0
No such command
ddb> trace
ffs_freefile(fffffd80697b3200,4f3,2000) at ffs_freefile+0x11e ffs_cgread sys/ufs/ffs/ffs_alloc.c:856 [inline]
ffs_freefile(fffffd80697b3200,4f3,2000) at ffs_freefile+0x11e sys/ufs/ffs/ffs_alloc.c:1377
ffs_inode_free(fffffd80697b3200,4f3,2000) at ffs_inode_free+0x44 sys/ufs/ffs/ffs_alloc.c:1355
ufs_inactive(ffff80003c91b0f0) at ufs_inactive+0x299 sys/ufs/ufs/ufs_inode.c:94
VOP_INACTIVE(fffffd805d33edc8,ffff80003c90afb0) at VOP_INACTIVE+0xfb sys/kern/vfs_vops.c:498
vput(fffffd805d33edc8) at vput+0xdc sys/kern/vfs_subr.c:789
ufs_makeinode(2000,fffffd805d33e630,ffff80003c91b4b8,ffff80003c91b4e8) at ufs_makeinode+0x2e0 sys/ufs/ufs/ufs_vnops.c:1789
ufs_mknod(ffff80003c91b360) at ufs_mknod+0x5b sys/ufs/ufs/ufs_vnops.c:167
VOP_MKNOD(fffffd805d33e630,ffff80003c91b4b8,ffff80003c91b4e8,ffff80003c91b3e8) at VOP_MKNOD+0x101 sys/kern/vfs_vops.c:121
domknodat(ffff80003c90afb0,ffffff9c,2000000001c0,2000,205b9a) at domknodat+0x469 sys/kern/vfs_syscalls.c:1659
syscall(ffff80003c91b670) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline]
syscall(ffff80003c91b670) at syscall+0x962 sys/arch/amd64/amd64/trap.c:783
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0xd5bbaba130, count: -11
ddb> machine ddbcpu 1
No such command
ddb> trace
ffs_freefile(fffffd80697b3200,4f3,2000) at ffs_freefile+0x11e ffs_cgread sys/ufs/ffs/ffs_alloc.c:856 [inline]
ffs_freefile(fffffd80697b3200,4f3,2000) at ffs_freefile+0x11e sys/ufs/ffs/ffs_alloc.c:1377
ffs_inode_free(fffffd80697b3200,4f3,2000) at ffs_inode_free+0x44 sys/ufs/ffs/ffs_alloc.c:1355
ufs_inactive(ffff80003c91b0f0) at ufs_inactive+0x299 sys/ufs/ufs/ufs_inode.c:94
VOP_INACTIVE(fffffd805d33edc8,ffff80003c90afb0) at VOP_INACTIVE+0xfb sys/kern/vfs_vops.c:498
vput(fffffd805d33edc8) at vput+0xdc sys/kern/vfs_subr.c:789
ufs_makeinode(2000,fffffd805d33e630,ffff80003c91b4b8,ffff80003c91b4e8) at ufs_makeinode+0x2e0 sys/ufs/ufs/ufs_vnops.c:1789
ufs_mknod(ffff80003c91b360) at ufs_mknod+0x5b sys/ufs/ufs/ufs_vnops.c:167
VOP_MKNOD(fffffd805d33e630,ffff80003c91b4b8,ffff80003c91b4e8,ffff80003c91b3e8) at VOP_MKNOD+0x101 sys/kern/vfs_vops.c:121
domknodat(ffff80003c90afb0,ffffff9c,2000000001c0,2000,205b9a) at domknodat+0x469 sys/kern/vfs_syscalls.c:1659
syscall(ffff80003c91b670) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline]
syscall(ffff80003c91b670) at syscall+0x962 sys/arch/amd64/amd64/trap.c:783
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0xd5bbaba130, count: -11