uvm_fault(0xffffffff83aba540, 0xffff80001a612004, 0, 1) -> d
kernel: page fault trap, code=0
Stopped at ffs_nodealloccg+0x13c: movl 0x4(%rbx),%r15d
TID PID UID PRFLAGS PFLAGS CPU COMMAND
*483506 44752 0 0x2 0 0K syz-executor
ffs_nodealloccg(fffffd806f674aa0,0,0,41c0) at ffs_nodealloccg+0x13c ffs_cgread sys/ufs/ffs/ffs_alloc.c:856 [inline]
ffs_nodealloccg(fffffd806f674aa0,0,0,41c0) at ffs_nodealloccg+0x13c sys/ufs/ffs/ffs_alloc.c:1106
ffs_inode_alloc(fffffd806f674aa0,41c0,fffffd80097fd6e8,ffff80002a362718) at ffs_inode_alloc+0x20a ffs_hashalloc sys/ufs/ffs/ffs_alloc.c:814 [inline]
ffs_inode_alloc(fffffd806f674aa0,41c0,fffffd80097fd6e8,ffff80002a362718) at ffs_inode_alloc+0x20a sys/ufs/ffs/ffs_alloc.c:390
ufs_mkdir(ffff80002a362780) at ufs_mkdir+0xfc sys/ufs/ufs/ufs_vnops.c:1112
VOP_MKDIR(fffffd806f6976f0,ffff80002a3628e0,ffff80002a362910,ffff80002a362810) at VOP_MKDIR+0x101 sys/kern/vfs_vops.c:394
domkdirat(ffff80002a2234d0,ffffff9c,75ea85013c00,1c0) at domkdirat+0x179 sys/kern/vfs_syscalls.c:3149
syscall(ffff80002a362a90) at syscall+0xb17 mi_syscall sys/sys/syscall_mi.h:176 [inline]
syscall(ffff80002a362a90) at syscall+0xb17 sys/arch/amd64/amd64/trap.c:783
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x75ea85013bc0, count: 8
https://www.openbsd.org/ddb.html describes the minimum info required in bug
reports. Insufficient info makes it difficult to find and fix bugs.
ddb{0}>
ddb{0}> set $lines = 0
ddb{0}> set $maxwidth = 0
ddb{0}> show panic
*cpu0: uvm_fault(0xffffffff83aba540, 0xffff80001a612004, 0, 1) -> d
ddb{0}> trace
ffs_nodealloccg(fffffd806f674aa0,0,0,41c0) at ffs_nodealloccg+0x13c ffs_cgread sys/ufs/ffs/ffs_alloc.c:856 [inline]
ffs_nodealloccg(fffffd806f674aa0,0,0,41c0) at ffs_nodealloccg+0x13c sys/ufs/ffs/ffs_alloc.c:1106
ffs_inode_alloc(fffffd806f674aa0,41c0,fffffd80097fd6e8,ffff80002a362718) at ffs_inode_alloc+0x20a ffs_hashalloc sys/ufs/ffs/ffs_alloc.c:814 [inline]
ffs_inode_alloc(fffffd806f674aa0,41c0,fffffd80097fd6e8,ffff80002a362718) at ffs_inode_alloc+0x20a sys/ufs/ffs/ffs_alloc.c:390
ufs_mkdir(ffff80002a362780) at ufs_mkdir+0xfc sys/ufs/ufs/ufs_vnops.c:1112
VOP_MKDIR(fffffd806f6976f0,ffff80002a3628e0,ffff80002a362910,ffff80002a362810) at VOP_MKDIR+0x101 sys/kern/vfs_vops.c:394
domkdirat(ffff80002a2234d0,ffffff9c,75ea85013c00,1c0) at domkdirat+0x179 sys/kern/vfs_syscalls.c:3149
syscall(ffff80002a362a90) at syscall+0xb17 mi_syscall sys/sys/syscall_mi.h:176 [inline]
syscall(ffff80002a362a90) at syscall+0xb17 sys/arch/amd64/amd64/trap.c:783
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x75ea85013bc0, count: -7
ddb{0}> show registers
rdi 0
rsi 0
rbp 0xffff80002a362530
rbx 0xffff80001a612000
rdx 0
rcx 0xffff80002a2234d0
rax 0xffffffff83913ff0 cpu_info_full_primary+0x1ff0
r8 0xffffffffffffffff
r9 0xfffffd80097fd6e8
r10 0x8b77dc808712a0cc
r11 0xbee39bebb88f143b
r12 0xffff800000c31800
r13 0xfffffd8071c78030
r14 0
r15 0
rip 0xffffffff833be21c ffs_nodealloccg+0x13c
cs 0x8
rflags 0x10246 __ALIGN_SIZE+0xf246
rsp 0xffff80002a362480
ss 0x10
ffs_nodealloccg+0x13c: movl 0x4(%rbx),%r15d
ddb{0}> show proc
PROC (syz-executor) tid=483506 pid=44752 tcnt=1 stat=onproc
flags process=2<EXEC> proc=0
runpri=36, usrpri=50, slppri=36, nice=20
wchan=0x0, wmesg=, ps_single=0x0 scnt=0 ecnt=0
forw=0xffffffffffffffff, list=0xffff80002a2227d8,0xffffffff839e2ce0
process=0xffff80002a383038 user=0xffff80002a35d000, vmspace=0xfffffd800b0633d0
estcpu=36, cpticks=1, pctcpu=0.0, user=0, sys=1, intr=0
ddb{0}> ps
PID TID PPID UID S FLAGS WAIT COMMAND
*44752 483506 34911 0 7 0x2 syz-executor
65768 208542 1 0 3 0x100083 ttyin getty
34911 224051 1 0 3 0x82 nanoslp syz-executor
44656 60642 0 0 3 0x14200 bored smr
8838 465663 0 0 3 0x14200 pgzero zerothread
76626 249820 0 0 3 0x14200 aiodoned aiodoned
84289 21306 0 0 3 0x14200 syncer update
47400 116101 0 0 3 0x14200 cleaner cleaner
41759 398093 0 0 3 0x14200 reaper reaper
71546 139777 0 0 3 0x14200 pgdaemon pagedaemon
44690 460412 0 0 3 0x14200 bored viomb
77306 392836 0 0 3 0x40014200 acpi0 acpi0
21678 440628 0 0 7 0x40014200 idle1
2907 454398 0 0 3 0x14200 bored softnet1
76662 243710 0 0 3 0x14200 bored softnet0
6192 417042 0 0 3 0x14200 smrbar systqmp
57706 296575 0 0 3 0x14200 bored systq
6620 222059 0 0 3 0x14200 tmoslp softclockmp
7367 324331 0 0 3 0x40014200 tmoslp softclock
74056 148581 0 0 3 0x40014200 idle0
1 234102 0 0 3 0x82 wait init
0 0 -1 0 3 0x10200 scheduler swapper
ddb{0}> show all locks
Process 44752 (syz-executor) thread 0xffff80002a2234d0 (483506)
Process 6192 (systqmp) thread 0xffff8000ffffea60 (417042)
ddb{0}> show malloc
Type InUse MemUse HighUse Limit Requests Type Lim
devbuf 11027 12001K 14108K 166960K 13406 0
pcb 17 16K 18K 166960K 180 0
rtable 63 4K 9K 166960K 998 0
pf 22 16K 25K 166960K 161 0
ifaddr 13 2K 8K 166960K 141 0
ifgroup 22 1K 2K 166960K 159 0
sysctl 4 1K 9K 166960K 10 0
counters 54 35K 37K 166960K 148 0
ioctlops 0 0K 4K 166960K 1736 0
iov 0 0K 16K 166960K 53 0
mount 1 1K 1K 166960K 1 0
log 0 0K 0K 166960K 4 0
vnodes 1481 93K 94K 166960K 2121 0
UFS quota 1 32K 32K 166960K 1 0
UFS mount 5 36K 36K 166960K 5 0
shm 2 1K 5K 166960K 7 0
VM map 2 1K 1K 166960K 2 0
sem 12 0K 0K 166960K 61 0
dirhash 12 2K 2K 166960K 12 0
ACPI 1692 195K 286K 166960K 12470 0
file desc 2 2K 93K 166960K 864 0
sigio 0 0K 0K 166960K 3 0
proc 21 33K 196K 166960K 1128 0
subproc 0 0K 4K 166960K 243 0
NFS srvsock 1 0K 0K 166960K 1 0
NFS daemon 1 16K 16K 166960K 1 0
ip_moptions 0 0K 0K 166960K 73 0
in_multi 17 1K 7K 166960K 344 0
ether_multi 1 0K 0K 166960K 3 0
mrt 0 0K 0K 166960K 22 0
ISOFS mount 1 32K 32K 166960K 1 0
MSDOSFS mount 1 16K 16K 166960K 1 0
ttys 67 307K 307K 166960K 67 0
exec 0 0K 1K 166960K 716 0
fusefs mount 1 32K 32K 166960K 1 0
pfkey data 0 0K 0K 166960K 1 0
tdb 3 0K 0K 166960K 3 0
VM swap 8 62K 64K 166960K 10 0
UVM amap 22 6K 168K 166960K 8444 0
UVM aobj 74 3K 3K 166960K 76 0
pinsyscall 5 10K 105K 166960K 2618 0
memdesc 1 4K 4K 166960K 1 0
crypto data 1 1K 1K 166960K 1 0
ip6_options 0 0K 0K 166960K 82 0
NDP 4 0K 2K 166960K 95 0
temp 42 9122K 9191K 166960K 17685 0
kqueue 1 2K 32K 166960K 121 0
SYN cache 2 16K 16K 166960K 2 0
ddb{0}> show all pools
Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle
plcache 128 26 0 0 1 0 1 1 0 8 0
rtpcb 120 91 0 91 1 0 1 1 0 8 1
rtentry 176 334 0 320 6 0 6 6 0 8 3
unpcb 144 273 0 273 3 2 1 3 0 8 1
syncache 336 6 0 6 1 1 0 1 0 8 0
tcpcb 736 98 0 97 1 0 1 1 0 8 0
arp 136 59 0 56 1 0 1 1 0 8 0
inpcb 328 673 0 672 7 5 2 7 0 8 1
nd6 152 82 0 82 1 0 1 1 0 8 1
pkpcb 40 3 0 3 2 2 0 1 0 8 0
kcovpl 48 27 0 27 1 0 1 1 0 8 1
ppxss 1192 18 0 18 2 1 1 1 0 8 1
pppxif 1576 1 0 1 1 1 0 1 0 8 0
pfstscr 40 7 0 5 1 0 1 1 0 8 0
pffrag 232 4 0 1 1 0 1 1 0 482 0
pffrnode 88 4 0 1 1 0 1 1 0 8 0
pffrent 40 5 0 2 1 0 1 1 0 8 0
pfosfp 40 1428 0 1005 5 0 5 5 0 8 0
pfosfpen 112 1428 0 714 21 0 21 21 0 8 0
pfsrclim 320 3 0 3 1 1 0 1 0 8 0
pfanchor 1288 8 0 0 1 0 1 1 0 8 0
pftag 88 1 0 0 1 0 1 1 0 8 0
pfqueue 320 1 0 1 1 1 0 1 0 8 0
pfstitem 24 44 0 15 1 0 1 1 0 8 0
pfstkey 128 49 0 20 2 0 2 2 0 8 0
pfstate 448 47 0 19 5 0 5 5 0 8 0
pfrule 1360 26 0 20 2 1 1 2 0 8 0
art_heap8 4096 3 0 0 3 0 3 3 0 8 0
art_heap4 256 1434 0 1300 31 7 24 31 0 8 7
art_table 40 1437 0 1300 6 0 6 6 0 8 1
art_node 32 334 0 313 1 0 1 1 0 8 0
sysvmsgpl 40 4 0 2 1 0 1 1 0 8 0
semapl 72 59 0 49 1 0 1 1 0 8 0
shmpl 112 73 0 2 3 0 3 3 0 8 0
dirhash 1024 17 0 0 3 0 3 3 0 8 0
dino2pl 256 2328 0 820 95 0 95 95 0 8 0
ffsino 296 2378 0 870 117 0 117 117 0 8 0
nchpl 144 3040 0 1268 66 0 66 66 0 8 0
rtmask 32 6 0 6 1 1 0 1 0 8 0
vnodes 216 3051 0 0 170 0 170 170 0 8 0
namei 1024 11623 0 11622 2 0 2 2 0 8 1
percpumem 16 89 0 47 1 0 1 1 0 8 0
kstatmem 264 85 0 74 2 0 2 2 0 8 1
scsiplug 72 5 0 5 2 1 1 1 0 8 1
scxspl 216 28462 0 28462 10 9 1 8 1 8 1
plimitpl 152 131 0 122 1 0 1 1 0 8 0
sigapl 424 1139 0 1112 7 1 6 7 0 8 2
knotepl 120 530 0 0 17 0 17 17 0 8 0
kqueuepl 224 208 0 207 5 2 3 3 0 8 2
pipepl 344 388 0 361 7 3 4 6 0 8 1
fdescpl 528 1123 0 1118 3 0 3 3 0 8 0
filepl 160 5454 0 5404 15 4 11 15 0 8 5
lockfpl 104 157 0 157 1 0 1 1 0 8 1
lockfspl 48 70 0 70 1 0 1 1 0 8 1
sessionpl 144 122 0 119 1 0 1 1 0 8 0
pgrppl 48 202 0 192 1 0 1 1 0 8 0
ucredpl 104 573 0 569 1 0 1 1 0 8 0
zombiepl 144 1118 0 1112 1 0 1 1 0 8 0
processpl 1232 1139 0 1112 5 1 4 5 0 8 0
procpl 664 1753 0 1726 6 1 5 6 0 8 2
sosppl 176 1 0 1 1 1 0 1 0 8 0
sockpl 752 1050 0 1049 11 7 4 11 0 8 3
mcl64k 65536 8 0 0 1 0 1 1 0 8 0
mcl12k 12288 1 0 0 1 0 1 1 0 8 0
mcl8k 8192 2 0 0 1 0 1 1 0 8 0
mcl4k 4096 129 0 0 17 1 16 17 0 8 0
mcl2k 2048 27 0 0 4 0 4 4 0 8 0
mtagpl 96 6 0 0 1 0 1 1 0 8 0
mbufpl 256 315 0 0 20 0 20 20 0 8 0
bufpl 280 13471 0 7207 448 0 448 448 0 8 0
anonpl 32 8574 0 0 70 0 70 70 0 246 0
amapchunkpl 152 25268 0 25215 27 9 18 27 0 158 11
amappl16 200 2548 0 2548 17 12 5 15 0 8 5
amappl15 192 9 0 9 1 1 0 1 0 8 0
amappl14 184 661 0 661 1 0 1 1 0 8 1
amappl13 176 176 0 175 1 0 1 1 0 8 0
amappl12 168 1502 0 1499 2 0 2 2 0 8 0
amappl11 160 6 0 5 2 1 1 1 0 8 0
amappl10 152 69 0 69 1 0 1 1 0 8 1
amappl9 144 276 0 276 1 1 0 1 0 8 0
amappl8 136 176 0 175 1 0 1 1 0 8 0
amappl7 128 185 0 183 1 0 1 1 0 8 0
amappl6 120 349 0 349 1 0 1 1 0 8 1
amappl5 112 95 0 94 1 0 1 1 0 8 0
amappl4 104 386 0 383 1 0 1 1 0 8 0
amappl3 96 5082 0 5071 4 0 4 4 0 8 1
amappl2 88 703 0 694 2 0 2 2 0 8 0
amappl1 80 14844 0 14799 15 3 12 15 0 8 8
amappl 88 7222 0 7205 5 1 4 5 0 92 0
uvmvnodes 80 116 0 0 3 0 3 3 0 8 0
dma4096 4096 1 0 1 1 1 0 1 0 8 0
dma1024 1024 1 0 0 1 0 1 1 0 8 0
dma256 256 6 0 6 1 1 0 1 0 8 0
dma128 128 254 0 254 2 1 1 1 0 8 1
dma64 64 6 0 6 1 1 0 1 0 8 0
dma32 32 7 0 7 1 1 0 1 0 8 0
dma16 16 19 0 18 1 0 1 1 0 8 0
aobjpl 72 75 0 2 2 0 2 2 0 8 0
uaddrrnd 24 1124 0 1119 1 0 1 1 0 8 0
uaddrbest 32 2 0 0 1 0 1 1 0 8 0
uaddr 24 1124 0 1119 1 0 1 1 0 8 0
vmmpekpl 168 11028 0 11005 3 0 3 3 0 8 0
vmmpepl 168 79959 0 79794 98 10 88 98 0 357 52
vmsppl 488 1123 0 1119 5 1 4 5 0 8 2
rwobjpl 80 24083 0 23802 29 1 28 29 0 8 2
pdppl 4096 2255 0 2238 115 82 33 83 0 8 16
pvpl 32 14537 0 0 119 1 118 119 0 265 0
pmappl 256 1123 0 1119 3 0 3 3 0 8 0
extentpl 40 45 0 27 1 0 1 1 0 8 0
phpool 112 307 0 94 8 0 8 8 0 8 0
ddb{0}> machine ddbcpu 0
Invalid cpu 0
ddb{0}> trace
ffs_nodealloccg(fffffd806f674aa0,0,0,41c0) at ffs_nodealloccg+0x13c ffs_cgread sys/ufs/ffs/ffs_alloc.c:856 [inline]
ffs_nodealloccg(fffffd806f674aa0,0,0,41c0) at ffs_nodealloccg+0x13c sys/ufs/ffs/ffs_alloc.c:1106
ffs_inode_alloc(fffffd806f674aa0,41c0,fffffd80097fd6e8,ffff80002a362718) at ffs_inode_alloc+0x20a ffs_hashalloc sys/ufs/ffs/ffs_alloc.c:814 [inline]
ffs_inode_alloc(fffffd806f674aa0,41c0,fffffd80097fd6e8,ffff80002a362718) at ffs_inode_alloc+0x20a sys/ufs/ffs/ffs_alloc.c:390
ufs_mkdir(ffff80002a362780) at ufs_mkdir+0xfc sys/ufs/ufs/ufs_vnops.c:1112
VOP_MKDIR(fffffd806f6976f0,ffff80002a3628e0,ffff80002a362910,ffff80002a362810) at VOP_MKDIR+0x101 sys/kern/vfs_vops.c:394
domkdirat(ffff80002a2234d0,ffffff9c,75ea85013c00,1c0) at domkdirat+0x179 sys/kern/vfs_syscalls.c:3149
syscall(ffff80002a362a90) at syscall+0xb17 mi_syscall sys/sys/syscall_mi.h:176 [inline]
syscall(ffff80002a362a90) at syscall+0xb17 sys/arch/amd64/amd64/trap.c:783
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x75ea85013bc0, count: -7
ddb{0}> machine ddbcpu 1
Stopped at x86_ipi_db+0x27: addq $0x8,%rsp
x86_ipi_db(ffff80002999dff0) at x86_ipi_db+0x27 sys/arch/amd64/amd64/db_interface.c:394
x86_ipi_handler() at x86_ipi_handler+0xd9 sys/arch/amd64/amd64/ipi.c:106
Xresume_lapic_ipi() at Xresume_lapic_ipi+0x27
acpicpu_idle() at acpicpu_idle+0x457 sys/dev/acpi/acpicpu_x86.c:1224
sched_idle(ffff80002999dff0) at sched_idle+0x371 sys/kern/kern_sched.c:192
end trace frame: 0x0, count: 10
ddb{1}> trace
x86_ipi_db(ffff80002999dff0) at x86_ipi_db+0x27 sys/arch/amd64/amd64/db_interface.c:394
x86_ipi_handler() at x86_ipi_handler+0xd9 sys/arch/amd64/amd64/ipi.c:106
Xresume_lapic_ipi() at Xresume_lapic_ipi+0x27
acpicpu_idle() at acpicpu_idle+0x457 sys/dev/acpi/acpicpu_x86.c:1224
sched_idle(ffff80002999dff0) at sched_idle+0x371 sys/kern/kern_sched.c:192
end trace frame: 0x0, count: -5
ddb{1}>