uvm_fault(0xffffffff839d8080, 0xffff800013a02004, 0, 1) -> d
kernel: page fault trap, code=0
Stopped at ffs_freefile+0x11e: movl 0x4(%rbx),%r13d
TID PID UID PRFLAGS PFLAGS CPU COMMAND
*508836 71315 0 0x2 0 0 syz-executor
ffs_freefile(fffffd806ea56d00,cc02,2000) at ffs_freefile+0x11e ffs_cgread sys/ufs/ffs/ffs_alloc.c:856 [inline]
ffs_freefile(fffffd806ea56d00,cc02,2000) at ffs_freefile+0x11e sys/ufs/ffs/ffs_alloc.c:1377
ffs_inode_free(fffffd806ea56d00,cc02,2000) at ffs_inode_free+0x44 sys/ufs/ffs/ffs_alloc.c:1355
ufs_inactive(ffff80002a7d1c30) at ufs_inactive+0x299 sys/ufs/ufs/ufs_inode.c:94
VOP_INACTIVE(fffffd806cc11bd0,ffff80002a776d08) at VOP_INACTIVE+0xfb sys/kern/vfs_vops.c:498
vput(fffffd806cc11bd0) at vput+0xdc sys/kern/vfs_subr.c:789
VOP_REMOVE(fffffd806ae16cd0,fffffd806cc11bd0,ffff80002a7d1d98) at VOP_REMOVE+0x199 sys/kern/vfs_vops.c:336
dounlinkat(ffff80002a776d08,ffffff9c,74c47b570bd0,0) at dounlinkat+0x1c4 sys/kern/vfs_syscalls.c:1929
syscall(ffff80002a7d1f00) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline]
syscall(ffff80002a7d1f00) at syscall+0x962 sys/arch/amd64/amd64/trap.c:783
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x74c47b571080, count: 6
https://www.openbsd.org/ddb.html describes the minimum info required in bug
reports. Insufficient info makes it difficult to find and fix bugs.
ddb>
ddb> set $lines = 0
ddb> set $maxwidth = 0
ddb> show panic
*cpu0: uvm_fault(0xffffffff839d8080, 0xffff800013a02004, 0, 1) -> d
ddb> trace
ffs_freefile(fffffd806ea56d00,cc02,2000) at ffs_freefile+0x11e ffs_cgread sys/ufs/ffs/ffs_alloc.c:856 [inline]
ffs_freefile(fffffd806ea56d00,cc02,2000) at ffs_freefile+0x11e sys/ufs/ffs/ffs_alloc.c:1377
ffs_inode_free(fffffd806ea56d00,cc02,2000) at ffs_inode_free+0x44 sys/ufs/ffs/ffs_alloc.c:1355
ufs_inactive(ffff80002a7d1c30) at ufs_inactive+0x299 sys/ufs/ufs/ufs_inode.c:94
VOP_INACTIVE(fffffd806cc11bd0,ffff80002a776d08) at VOP_INACTIVE+0xfb sys/kern/vfs_vops.c:498
vput(fffffd806cc11bd0) at vput+0xdc sys/kern/vfs_subr.c:789
VOP_REMOVE(fffffd806ae16cd0,fffffd806cc11bd0,ffff80002a7d1d98) at VOP_REMOVE+0x199 sys/kern/vfs_vops.c:336
dounlinkat(ffff80002a776d08,ffffff9c,74c47b570bd0,0) at dounlinkat+0x1c4 sys/kern/vfs_syscalls.c:1929
syscall(ffff80002a7d1f00) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline]
syscall(ffff80002a7d1f00) at syscall+0x962 sys/arch/amd64/amd64/trap.c:783
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x74c47b571080, count: -9
ddb> show registers
rdi 0
rsi 0
rbp 0xffff80002a7d1b70
rbx 0xffff800013a02000
rdx 0
rcx 0xfffffd806fd247d8
rax 0xfffffd80791384a0
r8 0xffffffffffffffff
r9 0xfffffd8007ffd618
r10 0xa13227ba8994a67d
r11 0x9c81947de430e399
r12 0x2
r13 0
r14 0xffff800000c47800
r15 0xcc02 __ALIGN_SIZE+0xbc02
rip 0xffffffff82ce75fe ffs_freefile+0x11e
cs 0x8
rflags 0x10246 __ALIGN_SIZE+0xf246
rsp 0xffff80002a7d1ae0
ss 0x10
ffs_freefile+0x11e: movl 0x4(%rbx),%r13d
ddb> show proc
PROC (syz-executor) tid=508836 pid=71315 tcnt=1 stat=onproc
flags process=2<EXEC> proc=0
runpri=32, usrpri=68, slppri=32, nice=20
wchan=0x0, wmesg=, ps_single=0x0 scnt=0 ecnt=0
forw=0xffffffffffffffff, list=0xffff80002a7774d0,0xffffffff8399cbe0
process=0xffff80002a790d90 user=0xffff80002a7cc000, vmspace=0xfffffd807ec628a0
estcpu=36, cpticks=3, pctcpu=0.0, user=0, sys=3, intr=0
ddb> ps
PID TID PPID UID S FLAGS WAIT COMMAND
*71315 508836 92515 0 7 0x2 syz-executor
92515 263491 9793 0 3 0x82 nanoslp syz-executor
9793 430814 18349 0 3 0x10008a sigsusp ksh
18349 50614 28553 0 3 0x98 kqread sshd-session
28553 190960 36639 0 3 0x92 kqread sshd-session
648 514308 1 0 3 0x100083 ttyin getty
36639 230926 1 0 3 0x88 kqread sshd
34297 156069 92182 73 3 0x1100090 kqread syslogd
92182 212638 1 0 3 0x100082 sbwait syslogd
8631 161700 1 0 3 0x100080 kqread resolvd
6455 124464 56187 77 3 0x100092 kqread dhcpleased
33890 262057 56187 77 3 0x100092 kqread dhcpleased
56187 503999 1 0 3 0x80 kqread dhcpleased
71292 305949 0 0 3 0x14200 bored smr
59025 6764 0 0 2 0x14200 zerothread
2000 293640 0 0 3 0x14200 aiodoned aiodoned
67454 223099 0 0 3 0x14200 syncer update
50029 96692 0 0 3 0x14200 cleaner cleaner
42360 277002 0 0 3 0x14200 reaper reaper
3769 33497 0 0 3 0x14200 pgdaemon pagedaemon
5589 7423 0 0 3 0x14200 bored viomb
95600 193598 0 0 3 0x40014200 acpi0 acpi0
77773 390774 0 0 3 0x14200 bored softnet0
36104 421405 0 0 3 0x14200 bored systqmp
96055 327260 0 0 3 0x14200 bored systq
22445 61645 0 0 3 0x40014200 tmoslp softclock
59571 427142 0 0 3 0x40014200 idle0
1 379875 0 0 3 0x82 wait init
0 0 -1 0 3 0x10010200 scheduler swapper
ddb> show all locks
No such command
ddb> show malloc
Type InUse MemUse HighUse Limit Requests Type Lim
devbuf 11026 12100K 12576K 166960K 13038 0
pcb 17 14K 18K 166960K 155 0
rtable 103 12K 17K 166960K 503 0
pf 20 11K 92K 166960K 123 0
ifaddr 14 2K 7K 166960K 66 0
ifgroup 26 1K 2K 166960K 100 0
sysctl 4 1K 9K 166960K 10 0
counters 27 17K 18K 166960K 53 0
ioctlops 0 0K 4K 166960K 145 0
iov 0 0K 12K 166960K 19 0
mount 1 1K 1K 166960K 1 0
log 0 0K 0K 166960K 4 0
vnodes 1396 88K 88K 166960K 1985 0
UFS quota 1 32K 32K 166960K 1 0
UFS mount 5 36K 36K 166960K 5 0
shm 2 1K 5K 166960K 8 0
VM map 2 1K 1K 166960K 2 0
sem 12 0K 0K 166960K 135 0
dirhash 12 2K 2K 166960K 18 0
ACPI 1692 195K 286K 166960K 12470 0
file desc 3 5K 97K 166960K 711 0
sigio 0 0K 0K 166960K 8 0
proc 60 59K 100K 166960K 580 0
subproc 9 0K 4K 166960K 84 0
NFS srvsock 1 0K 0K 166960K 1 0
NFS daemon 1 16K 16K 166960K 1 0
ip_moptions 0 0K 0K 166960K 129 0
in_multi 19 1K 7K 166960K 131 0
ether_multi 1 0K 0K 166960K 4 0
mrt 0 0K 0K 166960K 19 0
ISOFS mount 1 32K 32K 166960K 1 0
MSDOSFS mount 1 16K 16K 166960K 1 0
ttys 97 440K 440K 166960K 97 0
exec 0 0K 1K 166960K 521 0
fusefs mount 1 32K 32K 166960K 1 0
pfkey data 0 0K 0K 166960K 1 0
tdb 3 0K 0K 166960K 3 0
VM swap 8 62K 64K 166960K 10 0
UVM amap 111 91K 176K 166960K 8003 0
UVM aobj 14 2K 2K 166960K 14 0
pinsyscall 24 48K 94K 166960K 2038 0
memdesc 1 4K 4K 166960K 1 0
crypto data 1 1K 1K 166960K 1 0
ip6_options 0 0K 0K 166960K 22 0
NDP 5 0K 2K 166960K 45 0
temp 20 9107K 13207K 166960K 27008 0
kqueue 13 20K 33K 166960K 108 0
SYN cache 2 16K 16K 166960K 2 0
ddb> show all pools
Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle
rtpcb 120 137 0 134 3 0 3 3 0 8 2
rtentry 136 132 0 108 4 0 4 4 0 8 0
unpcb 144 522 0 507 2 0 2 2 0 8 1
syncache 336 5 0 5 1 0 1 1 0 8 1
tcpcb 736 157 0 153 4 0 4 4 0 8 3
arp 96 22 0 17 1 0 1 1 0 8 0
ipq 40 4 0 2 1 0 1 1 0 8 0
ipqe 40 9 0 7 1 0 1 1 0 8 0
inpcb 328 643 0 636 7 0 7 7 0 8 6
ip6q 72 1 0 1 1 0 1 1 0 8 1
ip6af 40 2 0 2 1 0 1 1 0 8 1
nd6 112 28 0 25 1 0 1 1 0 8 0
pkpcb 40 2 0 2 1 0 1 1 0 8 1
kcovpl 48 9 0 8 1 0 1 1 0 8 0
mppekey 1024 1 0 1 1 0 1 1 0 8 1
ppxss 1072 13 0 13 1 0 1 1 0 8 1
pfstscr 40 6 0 2 1 0 1 1 0 8 0
pfrktable 1344 11 0 10 1 0 1 1 0 8 0
pfsrclim 320 1 0 0 1 0 1 1 0 8 0
pfanchor 1288 4 0 1 1 0 1 1 0 8 0
pftag 88 4 0 2 1 0 1 1 0 8 0
pfqueue 320 3 0 3 1 0 1 1 0 8 1
pfstitem 24 6 0 2 1 0 1 1 0 8 0
pfstkey 128 8 0 3 1 0 1 1 0 8 0
pfstate 384 4 0 1 1 0 1 1 0 8 0
pfrule 1360 14 0 13 1 0 1 1 0 8 0
rttmr 136 1 0 1 1 0 1 1 0 8 1
art_heap8 4096 3 0 0 3 0 3 3 0 8 0
art_heap4 256 603 0 460 29 4 25 29 0 8 10
art_table 40 606 0 460 5 0 5 5 0 8 1
art_node 32 132 0 111 1 0 1 1 0 8 0
sysvmsgpl 40 9 0 4 1 0 1 1 0 8 0
semupl 112 1 0 1 1 0 1 1 0 8 1
semapl 72 132 0 122 1 0 1 1 0 8 0
shmpl 112 11 0 0 1 0 1 1 0 8 0
dirhash 1024 21 0 4 3 0 3 3 0 8 0
dino2pl 256 2458 0 1009 92 0 92 92 0 8 0
ffsino 256 2496 0 1047 92 0 92 92 0 8 0
nchpl 144 3303 0 1611 64 0 64 64 0 8 0
rtmask 32 2 0 2 1 0 1 1 0 8 1
vnodes 216 3058 0 0 170 0 170 170 0 8 0
namei 1024 10931 0 10931 2 0 2 2 0 8 2
pfiaddrpl 120 3 0 3 1 0 1 1 0 8 1
kstatmem 264 55 0 44 2 0 2 2 0 8 0
scsiplug 72 5 0 5 1 0 1 1 0 8 1
scxspl 216 15156 0 15156 8 0 8 8 1 8 8
plimitpl 152 262 0 247 1 0 1 1 0 8 0
sigapl 424 1009 0 975 6 0 6 6 0 8 1
knotepl 120 23585 0 23540 22 11 11 17 0 8 8
kqueuepl 184 284 0 275 4 0 4 4 0 8 3
pipepl 304 446 0 419 4 0 4 4 0 8 1
fdescpl 448 994 0 979 5 0 5 5 0 8 3
filepl 120 5753 0 5641 13 0 13 13 0 8 6
lockfpl 104 376 0 374 2 0 2 2 0 8 1
lockfspl 48 138 0 136 1 0 1 1 0 8 0
sessionpl 144 80 0 72 1 0 1 1 0 8 0
pgrppl 48 187 0 172 1 0 1 1 0 8 0
ucredpl 104 642 0 631 1 0 1 1 0 8 0
zombiepl 144 981 0 975 1 0 1 1 0 8 0
processpl 1152 1009 0 975 4 0 4 4 0 8 0
procpl 664 1702 0 1668 6 0 6 6 0 8 2
sosppl 176 5 0 5 1 0 1 1 0 8 1
sockpl 552 1347 0 1322 10 0 10 10 0 8 8
mcl64k 65536 64 0 64 1 0 1 1 0 8 1
mcl16k 16384 1 0 1 1 0 1 1 0 8 1
mcl9k128 9344 2 0 2 1 0 1 1 0 8 1
mcl8k 8192 10 0 10 1 0 1 1 0 8 1
mcl4k 4096 3173 0 3121 15 0 15 15 0 8 7
mcl2k 2048 645 0 644 3 0 3 3 0 8 2
mtagpl 96 14 0 14 1 0 1 1 0 8 1
mbufpl 256 11147 0 11067 92 70 22 92 0 8 8
bufpl 280 6793 0 577 445 0 445 445 0 8 0
anonpl 24 157066 0 154908 68 0 68 68 0 186 37
amapchunkpl 152 26655 0 26491 34 0 34 34 0 158 24
amappl16 200 2680 0 2671 30 20 10 27 0 8 8
amappl15 192 34 0 33 1 0 1 1 0 8 0
amappl14 184 428 0 427 1 0 1 1 0 8 0
amappl13 176 119 0 109 1 0 1 1 0 8 0
amappl12 168 1327 0 1313 2 0 2 2 0 8 0
amappl11 160 2 0 2 1 0 1 1 0 8 1
amappl10 152 62 0 52 1 0 1 1 0 8 0
amappl9 144 270 0 270 1 0 1 1 0 8 1
amappl8 136 113 0 112 1 0 1 1 0 8 0
amappl7 128 181 0 169 1 0 1 1 0 8 0
amappl6 120 160 0 158 1 0 1 1 0 8 0
amappl5 112 98 0 91 1 0 1 1 0 8 0
amappl4 104 293 0 277 1 0 1 1 0 8 0
amappl3 96 5019 0 4977 4 0 4 4 0 8 1
amappl2 88 558 0 502 2 0 2 2 0 8 0
amappl1 80 13305 0 12833 15 0 15 15 0 8 2
amappl 88 7119 0 7063 5 0 5 5 0 92 1
uvmvnodes 80 116 0 0 3 0 3 3 0 8 0
dma32768 32768 1 0 1 1 0 1 1 0 8 1
dma4096 4096 2 0 2 1 0 1 1 0 8 1
dma1024 1024 1 0 0 1 0 1 1 0 8 0
dma256 256 6 0 6 1 0 1 1 0 8 1
dma128 128 255 0 255 1 0 1 1 0 8 1
dma64 64 6 0 6 1 0 1 1 0 8 1
dma32 32 7 0 7 1 0 1 1 0 8 1
dma16 16 19 0 18 1 0 1 1 0 8 0
aobjpl 72 13 0 0 1 0 1 1 0 8 0
uaddrrnd 24 994 0 979 1 0 1 1 0 8 0
uaddrbest 32 2 0 0 1 0 1 1 0 8 0
uaddr 24 994 0 979 1 0 1 1 0 8 0
vmmpekpl 168 10370 0 10335 3 0 3 3 0 8 0
vmmpepl 168 72451 0 71337 102 0 102 102 0 357 29
vmsppl 368 993 0 979 4 0 4 4 0 8 2
rwobjpl 40 21656 0 20904 15 0 15 15 0 8 2
pdppl 4096 1994 0 1958 104 52 52 82 0 8 16
pvpl 32 434523 0 428992 136 0 136 136 0 265 50
pmappl 216 993 0 979 3 0 3 3 0 8 2
extentpl 40 45 0 27 1 0 1 1 0 8 0
phpool 112 458 0 126 13 0 13 13 0 8 0
ddb> machine ddbcpu 0
No such command
ddb> trace
ffs_freefile(fffffd806ea56d00,cc02,2000) at ffs_freefile+0x11e ffs_cgread sys/ufs/ffs/ffs_alloc.c:856 [inline]
ffs_freefile(fffffd806ea56d00,cc02,2000) at ffs_freefile+0x11e sys/ufs/ffs/ffs_alloc.c:1377
ffs_inode_free(fffffd806ea56d00,cc02,2000) at ffs_inode_free+0x44 sys/ufs/ffs/ffs_alloc.c:1355
ufs_inactive(ffff80002a7d1c30) at ufs_inactive+0x299 sys/ufs/ufs/ufs_inode.c:94
VOP_INACTIVE(fffffd806cc11bd0,ffff80002a776d08) at VOP_INACTIVE+0xfb sys/kern/vfs_vops.c:498
vput(fffffd806cc11bd0) at vput+0xdc sys/kern/vfs_subr.c:789
VOP_REMOVE(fffffd806ae16cd0,fffffd806cc11bd0,ffff80002a7d1d98) at VOP_REMOVE+0x199 sys/kern/vfs_vops.c:336
dounlinkat(ffff80002a776d08,ffffff9c,74c47b570bd0,0) at dounlinkat+0x1c4 sys/kern/vfs_syscalls.c:1929
syscall(ffff80002a7d1f00) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline]
syscall(ffff80002a7d1f00) at syscall+0x962 sys/arch/amd64/amd64/trap.c:783
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x74c47b571080, count: -9
ddb> machine ddbcpu 1
No such command
ddb> trace
ffs_freefile(fffffd806ea56d00,cc02,2000) at ffs_freefile+0x11e ffs_cgread sys/ufs/ffs/ffs_alloc.c:856 [inline]
ffs_freefile(fffffd806ea56d00,cc02,2000) at ffs_freefile+0x11e sys/ufs/ffs/ffs_alloc.c:1377
ffs_inode_free(fffffd806ea56d00,cc02,2000) at ffs_inode_free+0x44 sys/ufs/ffs/ffs_alloc.c:1355
ufs_inactive(ffff80002a7d1c30) at ufs_inactive+0x299 sys/ufs/ufs/ufs_inode.c:94
VOP_INACTIVE(fffffd806cc11bd0,ffff80002a776d08) at VOP_INACTIVE+0xfb sys/kern/vfs_vops.c:498
vput(fffffd806cc11bd0) at vput+0xdc sys/kern/vfs_subr.c:789
VOP_REMOVE(fffffd806ae16cd0,fffffd806cc11bd0,ffff80002a7d1d98) at VOP_REMOVE+0x199 sys/kern/vfs_vops.c:336
dounlinkat(ffff80002a776d08,ffffff9c,74c47b570bd0,0) at dounlinkat+0x1c4 sys/kern/vfs_syscalls.c:1929
syscall(ffff80002a7d1f00) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline]
syscall(ffff80002a7d1f00) at syscall+0x962 sys/arch/amd64/amd64/trap.c:783
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x74c47b571080, count: -9