panic: thread 0 p_stat is 0
Stopped at db_enter+0x25: addq $0x8,%rsp
TID PID UID PRFLAGS PFLAGS CPU COMMAND
*218277 23852 0 0 0x4000000 0 syz-executor
db_enter() at db_enter+0x25 sys/arch/amd64/amd64/db_interface.c:437
panic(ffffffff8303bd6c) at panic+0x1cf sys/kern/subr_prf.c:198
wakeup_n(fffffd806add0010,ffffffff) at wakeup_n+0x395 sys/kern/kern_synch.c:569
sd_buf_done(fffffd807f7ce510) at sd_buf_done+0x2da sys/scsi/sd.c:772
vioscsi_vq_done(ffff8000000a2218) at vioscsi_vq_done+0xe1
intr_handler(ffff8000317f7180,ffff800000077c80) at intr_handler+0xcf
Xintr_ioapic_edge23_untramp() at Xintr_ioapic_edge23_untramp+0x18f
Xspllower() at Xspllower+0x1d
softintr_dispatch(0) at softintr_dispatch+0xd4 sys/arch/amd64/amd64/softintr.c:103
Xsoftclock() at Xsoftclock+0x27
buf_get(0,0,10000000) at buf_get+0x5d5 sys/kern/vfs_bio.c:1174
geteblk(10000000) at geteblk+0x3c
readdisklabel(2902,ffffffff8122c8e0,ffff80000125f400,0) at readdisklabel+0x1c4 sys/arch/amd64/amd64/disksubr.c:96
vndopen(2902,10001,2000,ffff8000342027c0) at vndopen+0x207 sys/dev/vnd.c:204
end trace frame: 0xffff8000317f7680, count: 0
https://www.openbsd.org/ddb.html describes the minimum info required in bug
reports. Insufficient info makes it difficult to find and fix bugs.
ddb>
ddb> set $lines = 0
ddb> set $maxwidth = 0
ddb> show panic
*cpu0: thread 0 p_stat is 0
ddb> trace
db_enter() at db_enter+0x25 sys/arch/amd64/amd64/db_interface.c:437
panic(ffffffff8303bd6c) at panic+0x1cf sys/kern/subr_prf.c:198
wakeup_n(fffffd806add0010,ffffffff) at wakeup_n+0x395 sys/kern/kern_synch.c:569
sd_buf_done(fffffd807f7ce510) at sd_buf_done+0x2da sys/scsi/sd.c:772
vioscsi_vq_done(ffff8000000a2218) at vioscsi_vq_done+0xe1
intr_handler(ffff8000317f7180,ffff800000077c80) at intr_handler+0xcf
Xintr_ioapic_edge23_untramp() at Xintr_ioapic_edge23_untramp+0x18f
Xspllower() at Xspllower+0x1d
softintr_dispatch(0) at softintr_dispatch+0xd4 sys/arch/amd64/amd64/softintr.c:103
Xsoftclock() at Xsoftclock+0x27
buf_get(0,0,10000000) at buf_get+0x5d5 sys/kern/vfs_bio.c:1174
geteblk(10000000) at geteblk+0x3c
readdisklabel(2902,ffffffff8122c8e0,ffff80000125f400,0) at readdisklabel+0x1c4 sys/arch/amd64/amd64/disksubr.c:96
vndopen(2902,10001,2000,ffff8000342027c0) at vndopen+0x207 sys/dev/vnd.c:204
spec_open(ffff8000317f7698) at spec_open+0x2e9 sys/kern/spec_vnops.c:150
VOP_OPEN(fffffd806eb19d08,10001,fffffd807f7d7618,ffff8000342027c0) at VOP_OPEN+0x82 sys/kern/vfs_vops.c:138
vn_open(ffff8000317f78e8,10001,0) at vn_open+0x708 sys/kern/vfs_vnops.c:177
doopenat(ffff8000342027c0,ffffff9c,20000580,10000,0,ffff8000317f7a90) at doopenat+0x31d sys/kern/vfs_syscalls.c:1123
syscall(ffff8000317f7b40) at syscall+0x97e sys/arch/amd64/amd64/trap.c:577
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x1cf52ef2420, count: -20
ddb> show registers
rdi 0
rsi 0x1
rbp 0xffff8000317f6f80
rbx 0xffff80002a4576d0
rdx 0xffff80000125ef00
rcx 0
rax 0xffff8000342027c0
r8 0x101010101010101
r9 0x8080808080808080
r10 0xd0ea727eb5bff90d
r11 0xa690cd32faafcda1
r12 0
r13 0xfd
r14 0
r15 0x1
rip 0xffffffff822483c5 db_enter+0x25
cs 0x8
rflags 0x246
rsp 0xffff8000317f6f70
ss 0x10
db_enter+0x25: addq $0x8,%rsp
ddb> show proc
PROC (syz-executor) tid=218277 pid=23852 tcnt=2 stat=onproc
flags process=0 proc=4000000<THREAD>
runpri=50, usrpri=86, slppri=17, nice=20
wchan=0x0, wmesg=, ps_single=0x0 scnt=0 ecnt=0
forw=0xffffffffffffffff, list=0xffff800034202cd0,0xffffffff835ba950
process=0xffff8000ffff6ae8 user=0xffff8000317f2000, vmspace=0xfffffd8075cbbb18
estcpu=36, cpticks=14, pctcpu=0.0, user=0, sys=14, intr=0
ddb> ps
PID TID PPID UID S FLAGS WAIT COMMAND
23852 373666 44548 0 3 0x80 fsleep syz-executor
*23852 218277 44548 0 7 0x4000000 syz-executor
69495 191371 47766 0 3 0x80 fsleep syz-executor
69495 435019 47766 0 3 0x4000080 fsleep syz-executor
69495 150745 47766 0 3 0x4000080 fifow syz-executor
69495 419872 47766 0 3 0x4000080 fifow syz-executor
50267 168126 0 0 3 0x80 nanoslp syz-executor
10992 37812 46186 0 3 0x80 fsleep syz-executor
39461 48241 2357 0 3 0x80 nanoslp syz-executor
39461 387736 2357 0 3 0x4000080 fifor syz-executor
46573 49943 0 0 3 0x14200 acct acct
76267 293714 0 0 3 0x14200 bored sosplice
ddb> show all locks
No such command
ddb> show malloc
Type InUse MemUse HighUse Limit Requests Type Lim
devbuf 10221 11259K 12354K 166960K 12467 0
pcb 17 15K 16K 166960K 272 0
rtable 186 7K 8K 166960K 414 0
pf 33 13K 269K 166960K 65 0
ifaddr 36 6K 7K 166960K 57 0
ifgroup 46 2K 2K 166960K 69 0
sysctl 3 1K 1K 166960K 3 0
counters 29 17K 17K 166960K 35 0
ioctlops 0 0K 4K 166960K 160 0
iov 0 0K 16K 166960K 32 0
mount 1 1K 1K 166960K 1 0
log 0 0K 0K 166960K 4 0
vnodes 1494 94K 95K 166960K 1892 0
UFS quota 1 32K 32K 166960K 1 0
UFS mount 5 36K 36K 166960K 5 0
shm 2 1K 5K 166960K 14 0
VM map 2 1K 1K 166960K 2 0
sem 12 0K 0K 166960K 25 0
dirhash 12 2K 2K 166960K 21 0
ACPI 1690 195K 286K 166960K 12468 0
file desc 16 57K 85K 166960K 683 0
sigio 0 0K 0K 166960K 10 0
proc 60 59K 83K 166960K 522 0
subproc 104 6K 6K 166960K 104 0
NFS srvsock 1 0K 0K 166960K 1 0
NFS daemon 1 16K 16K 166960K 1 0
ip_moptions 0 0K 0K 166960K 81 0
in_multi 83 6K 7K 166960K 143 0
ether_multi 1 0K 0K 166960K 15 0
mrt 2 0K 0K 166960K 3 0
ISOFS mount 1 32K 32K 166960K 1 0
MSDOSFS mount 1 16K 16K 166960K 1 0
ttys 229 1023K 1023K 166960K 229 0
exec 0 0K 1K 166960K 419 0
fusefs mount 1 32K 32K 166960K 1 0
tdb 3 0K 0K 166960K 3 0
VM swap 8 62K 64K 166960K 10 0
UVM amap 217 72K 87K 166960K 7630 0
UVM aobj 22 2K 2K 166960K 28 0
pinsyscall 37 74K 92K 166960K 1696 0
memdesc 1 4K 4K 166960K 1 0
crypto data 1 1K 1K 166960K 1 0
ip6_options 0 0K 1K 166960K 36 0
NDP 10 0K 2K 166960K 33 0
temp 58 6815K 6879K 166960K 20517 0
kqueue 13 20K 28K 166960K 117 0
SYN cache 2 16K 16K 166960K 2 0
ddb> show all pools
Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle
rtpcb 120 70 0 67 1 0 1 1 0 8 0
rtentry 112 131 0 50 4 0 4 4 0 8 0
unpcb 144 707 0 688 6 0 6 6 0 8 5
syncache 336 4 0 4 1 0 1 1 0 8 1
tcpcb 808 168 0 164 4 0 4 4 0 8 3
arp 88 22 0 6 1 0 1 1 0 8 0
inpcb 336 803 0 792 7 0 7 7 0 8 5
nd6 104 29 0 8 1 0 1 1 0 8 0
pkpcb 40 11 0 11 1 0 1 1 0 8 1
kcovpl 48 8 0 0 1 0 1 1 0 8 0
ppxss 1072 2 0 2 1 0 1 1 0 8 1
pfstscr 40 3 0 3 1 0 1 1 0 8 1
pfrktable 1344 7 0 3 1 0 1 1 0 8 0
pfanchor 1288 1 0 0 1 0 1 1 0 8 0
pftag 88 2 0 0 1 0 1 1 0 8 0
pfstitem 24 2 0 0 1 0 1 1 0 8 0
pfstkey 128 6 0 4 1 0 1 1 0 8 0
pfstate 344 3 0 2 1 0 1 1 0 8 0
pfrule 1344 14 0 7 1 0 1 1 0 8 0
art_heap8 4096 1 0 0 1 0 1 1 0 8 0
art_heap4 256 574 0 225 29 0 29 29 0 8 4
art_table 32 575 0 225 4 0 4 4 0 8 0
art_node 16 130 0 58 1 0 1 1 0 8 0
sysvmsgpl 40 13 0 7 1 0 1 1 0 8 0
semapl 112 21 0 11 1 0 1 1 0 8 0
shmpl 112 25 0 6 1 0 1 1 0 8 0
dirhash 1024 23 0 6 3 0 3 3 0 8 0
dirhash: pool(0xffffffff835b0248:dirhash): free list modified: page 0xffff80002a4be000; item ordinal 0; addr 0xffff80002a4bf400 (p 0xfffffd806e9ea000); offset 0x0=0x0
pool(dirhash): free list modified: page 0xffff80002a4be000; item ordinal 0; addr 0xffff80002a4bf400 (p 0xfffffd806e9ea000); offset 0x0=0x0
dirhash: pool(0xffffffff835b0248:dirhash): page inconsistency: page 0xffff80002a4be000; item ordinal 1; addr 0xa4d1337ab2ee28b4
dino2pl 256 2528 0 1032 95 0 95 95 0 8 0
ffsino 240 2528 0 1032 89 0 89 89 0 8 0
nchpl 144 3493 0 1818 63 0 63 63 0 8 0
uvmvnodes 80 3006 0 0 62 0 62 62 0 8 0
vnodes 216 3006 0 0 167 0 167 167 0 8 0
namei 1024 11901 0 11899 2 0 2 2 0 8 1
namei: pool(0xffffffff83594410:namei): free list modified: page 0xffff80002a47a000; item ordinal 0; addr 0xffff80002a47bc00 (p 0xfffffd807f7e4000); offset 0x0=0x0
pool(namei): free list modified: page 0xffff80002a47a000; item ordinal 0; addr 0xffff80002a47bc00 (p 0xfffffd807f7e4000); offset 0x0=0x0
namei: pool(0xffffffff83594410:namei): page inconsistency: page 0xffff80002a47a000; item ordinal 1; addr 0xe961c7eff57685f2
pfiaddrpl 120 6 0 0 1 0 1 1 0 8 0
kstatmem 264 32 0 12 2 0 2 2 0 8 0
acpiwqpl 32 1 0 1 1 0 1 1 1 8 1
scsiplug 72 1 0 1 1 0 1 1 0 8 1
scxspl 216 10278 0 10276 2 0 2 2 1 8 1
plimitpl 152 190 0 174 1 0 1 1 0 8 0
sigapl 424 965 0 919 6 0 6 6 0 8 0
futexpl 64 8914 0 8907 1 0 1 1 0 8 0
knotepl 120 23992 0 23944 16 6 10 16 0 8 8
kqueuepl 184 159 0 149 1 0 1 1 0 8 0
pipepl 288 151 0 121 3 0 3 3 0 8 0
fdescpl 432 944 0 916 4 0 4 4 0 8 0
filepl 120 5587 0 5330 14 0 14 14 0 8 6
lockfpl 104 197 0 192 1 0 1 1 0 8 0
lockfspl 48 72 0 68 1 0 1 1 0 8 0
sessionpl 144 21 0 13 1 0 1 1 0 8 0
pgrppl 48 35 0 19 1 0 1 1 0 8 0
ucredpl 104 795 0 783 1 0 1 1 0 8 0
zombiepl 144 919 0 919 1 0 1 1 0 8 1
processpl 1096 965 0 919 4 0 4 4 0 8 0
processpl: pool(0xffffffff835bab50:processpl): page inconsistency: page 0x0; at page head addr 0xffff80002a467f90 (p 0xffff80002a464000)
procpl 648 1768 0 1712 6 0 6 6 0 8 0
procpl: pool(0xffffffff835ba9a8:procpl): page inconsistency: page 0x0; at page head addr 0xffff80002a40df90 (p 0xffff80002a40c000)
procpl: pool(0xffffffff835ba9a8:procpl): page inconsistency: page 0x0; at page head addr 0xffff80002a5b5f90 (p 0xffff80002a5b4000)
sosppl 168 8 0 8 1 0 1 1 0 8 1
sockpl 504 1594 0 1563 39 27 12 30 0 8 8
mcl64k 65536 8 0 8 1 0 1 1 0 8 1
mcl9k 9216 1 0 1 1 0 1 1 0 8 1
mcl8k 8192 18 0 18 1 0 1 1 0 8 1
mcl4k 4096 3366 0 3310 16 1 15 16 0 8 7
mcl2k2 2112 1 0 1 1 0 1 1 0 8 1
mcl2k 2048 686 0 676 4 0 4 4 0 8 2
mtagpl 96 35 0 5 1 0 1 1 0 8 0
mbufpl 256 9935 0 9732 18 0 18 18 0 8 3
bufpl 280 3163 0 101 219 0 219 219 0 8 0
anonpl 24 202643 0 199427 57 0 57 57 0 187 29
amapchunkpl 152 26159 0 25690 29 0 29 29 0 158 8
amappl16 200 5095 0 5072 14 2 12 14 0 8 8
amappl15 192 8 0 8 1 0 1 1 0 8 1
amappl14 184 104 0 94 1 0 1 1 0 8 0
amappl13 176 16 0 16 1 0 1 1 0 8 1
amappl12 168 1553 0 1525 2 0 2 2 0 8 0
amappl11 160 63 0 53 1 0 1 1 0 8 0
amappl10 152 16 0 16 1 0 1 1 0 8 1
amappl9 144 155 0 154 1 0 1 1 0 8 0
amappl8 136 24 0 22 1 0 1 1 0 8 0
amappl7 128 90 0 80 1 0 1 1 0 8 0
amappl6 120 165 0 163 1 0 1 1 0 8 0
amappl5 112 124 0 115 1 0 1 1 0 8 0
amappl4 104 297 0 283 1 0 1 1 0 8 0
amappl3 96 4669 0 4577 3 0 3 3 0 8 0
amappl2 88 1202 0 1125 2 0 2 2 0 8 0
amappl1 80 8825 0 8319 12 0 12 12 0 8 1
amappl 88 7249 0 7086 5 0 5 5 0 92 0
dma4096 4096 1 0 1 1 0 1 1 0 8 1
dma1024 1024 1 0 0 1 0 1 1 0 8 0
dma256 256 6 0 6 1 0 1 1 0 8 1
dma128 128 253 0 253 1 0 1 1 0 8 1
dma64 64 6 0 6 1 0 1 1 0 8 1
dma32 32 7 0 7 1 0 1 1 0 8 1
dma16 16 18 0 17 1 0 1 1 0 8 0
aobjpl 72 27 0 6 1 0 1 1 0 8 0
uaddrrnd 24 944 0 916 1 0 1 1 0 8 0
uaddrbest 32 2 0 0 1 0 1 1 0 8 0
uaddr 24 944 0 916 1 0 1 1 0 8 0
vmmpekpl 168 8241 0 8206 2 0 2 2 0 8 0
vmmpepl 168 64820 0 63147 88 0 88 88 0 357 11
vmsppl 352 943 0 916 4 0 4 4 0 8 1
rwobjpl 24 23595 0 19732 24 0 24 24 0 8 0
pdppl 4096 1894 0 1832 90 24 66 76 0 8 4
pvpl 32 458393 0 449447 122 0 122 122 0 265 39
pmappl 216 943 0 916 2 0 2 2 0 8 0
extentpl 40 55 0 38 1 0 1 1 0 8 0
phpool 112 406 0 52 11 0 11 11 0 8 0
ddb> machine ddbcpu 0
No such command
ddb> trace
db_enter() at db_enter+0x25 sys/arch/amd64/amd64/db_interface.c:437
panic(ffffffff8303bd6c) at panic+0x1cf sys/kern/subr_prf.c:198
wakeup_n(fffffd806add0010,ffffffff) at wakeup_n+0x395 sys/kern/kern_synch.c:569
sd_buf_done(fffffd807f7ce510) at sd_buf_done+0x2da sys/scsi/sd.c:772
vioscsi_vq_done(ffff8000000a2218) at vioscsi_vq_done+0xe1
intr_handler(ffff8000317f7180,ffff800000077c80) at intr_handler+0xcf
Xintr_ioapic_edge23_untramp() at Xintr_ioapic_edge23_untramp+0x18f
Xspllower() at Xspllower+0x1d
softintr_dispatch(0) at softintr_dispatch+0xd4 sys/arch/amd64/amd64/softintr.c:103
Xsoftclock() at Xsoftclock+0x27
buf_get(0,0,10000000) at buf_get+0x5d5 sys/kern/vfs_bio.c:1174
geteblk(10000000) at geteblk+0x3c
readdisklabel(2902,ffffffff8122c8e0,ffff80000125f400,0) at readdisklabel+0x1c4 sys/arch/amd64/amd64/disksubr.c:96
vndopen(2902,10001,2000,ffff8000342027c0) at vndopen+0x207 sys/dev/vnd.c:204
spec_open(ffff8000317f7698) at spec_open+0x2e9 sys/kern/spec_vnops.c:150
VOP_OPEN(fffffd806eb19d08,10001,fffffd807f7d7618,ffff8000342027c0) at VOP_OPEN+0x82 sys/kern/vfs_vops.c:138
vn_open(ffff8000317f78e8,10001,0) at vn_open+0x708 sys/kern/vfs_vnops.c:177
doopenat(ffff8000342027c0,ffffff9c,20000580,10000,0,ffff8000317f7a90) at doopenat+0x31d sys/kern/vfs_syscalls.c:1123
syscall(ffff8000317f7b40) at syscall+0x97e sys/arch/amd64/amd64/trap.c:577
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x1cf52ef2420, count: -20
ddb> machine ddbcpu 1
No such command
ddb> trace
db_enter() at db_enter+0x25 sys/arch/amd64/amd64/db_interface.c:437
panic(ffffffff8303bd6c) at panic+0x1cf sys/kern/subr_prf.c:198
wakeup_n(fffffd806add0010,ffffffff) at wakeup_n+0x395 sys/kern/kern_synch.c:569
sd_buf_done(fffffd807f7ce510) at sd_buf_done+0x2da sys/scsi/sd.c:772
vioscsi_vq_done(ffff8000000a2218) at vioscsi_vq_done+0xe1
intr_handler(ffff8000317f7180,ffff800000077c80) at intr_handler+0xcf
Xintr_ioapic_edge23_untramp() at Xintr_ioapic_edge23_untramp+0x18f
Xspllower() at Xspllower+0x1d
softintr_dispatch(0) at softintr_dispatch+0xd4 sys/arch/amd64/amd64/softintr.c:103
Xsoftclock() at Xsoftclock+0x27
buf_get(0,0,10000000) at buf_get+0x5d5 sys/kern/vfs_bio.c:1174
geteblk(10000000) at geteblk+0x3c
readdisklabel(2902,ffffffff8122c8e0,ffff80000125f400,0) at readdisklabel+0x1c4 sys/arch/amd64/amd64/disksubr.c:96
vndopen(2902,10001,2000,ffff8000342027c0) at vndopen+0x207 sys/dev/vnd.c:204
spec_open(ffff8000317f7698) at spec_open+0x2e9 sys/kern/spec_vnops.c:150
VOP_OPEN(fffffd806eb19d08,10001,fffffd807f7d7618,ffff8000342027c0) at VOP_OPEN+0x82 sys/kern/vfs_vops.c:138
vn_open(ffff8000317f78e8,10001,0) at vn_open+0x708 sys/kern/vfs_vnops.c:177
doopenat(ffff8000342027c0,ffffff9c,20000580,10000,0,ffff8000317f7a90) at doopenat+0x31d sys/kern/vfs_syscalls.c:1123
syscall(ffff8000317f7b40) at syscall+0x97e sys/arch/amd64/amd64/trap.c:577
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x1cf52ef2420, count: -20