syzbot

uvm_fault(0xffffffff83ab2910, 0xffff800027332158, 0, 1) -> d
kernel: page fault trap, code=0
Stopped at      ffs2_balloc+0xa0a:      movq    0(%rcx,%rax,8),%r14
    TID    PID    UID     PRFLAGS     PFLAGS  CPU  COMMAND
*392358  24154      0         0x2        0x1    0  syz-executor
ffs2_balloc(fffff1006a0c1000,dd8b1,50,fffff10007ffd820,1,ffff80002a848da8) at ffs2_balloc+0xa0a sys/ufs/ffs/ffs_balloc.c:614
ffs_write(ffff80002a848e30) at ffs_write+0x4f9 sys/ufs/ffs/ffs_vnops.c:345
VOP_WRITE(fffff10068a47020,ffff80002a848ee0,3,fffff10007ffd820) at VOP_WRITE+0x101 sys/kern/vfs_vops.c:245
ktrwriteraw(ffff80002a736008,fffff10068a47020,fffff10007ffd820,ffff80002a848fb0,ffff80002a848f90) at ktrwriteraw+0x19b sys/kern/kern_ktrace.c:692
ktrsysret(ffff80002a736008,5b,0,ffff80002a849070) at ktrsysret+0x17f ktrwrite2 sys/kern/kern_ktrace.c:-1 [inline]
ktrsysret(ffff80002a736008,5b,0,ffff80002a849070) at ktrsysret+0x17f sys/kern/kern_ktrace.c:209
syscall(ffff80002a849120) at syscall+0xad9 mi_syscall_return sys/sys/syscall_mi.h:204 [inline]
syscall(ffff80002a849120) at syscall+0xad9 sys/arch/amd64/amd64/trap.c:804
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x6fe9bd6a6300, count: 8
https://www.openbsd.org/ddb.html describes the minimum info required in bug
reports.  Insufficient info makes it difficult to find and fix bugs.
ddb> 
ddb> set $lines = 0
ddb> set $maxwidth = 0
ddb> show panic
*cpu0: uvm_fault(0xffffffff83ab2910, 0xffff800027332158, 0, 1) -> d
ddb> trace
ffs2_balloc(fffff1006a0c1000,dd8b1,50,fffff10007ffd820,1,ffff80002a848da8) at ffs2_balloc+0xa0a sys/ufs/ffs/ffs_balloc.c:614
ffs_write(ffff80002a848e30) at ffs_write+0x4f9 sys/ufs/ffs/ffs_vnops.c:345
VOP_WRITE(fffff10068a47020,ffff80002a848ee0,3,fffff10007ffd820) at VOP_WRITE+0x101 sys/kern/vfs_vops.c:245
ktrwriteraw(ffff80002a736008,fffff10068a47020,fffff10007ffd820,ffff80002a848fb0,ffff80002a848f90) at ktrwriteraw+0x19b sys/kern/kern_ktrace.c:692
ktrsysret(ffff80002a736008,5b,0,ffff80002a849070) at ktrsysret+0x17f ktrwrite2 sys/kern/kern_ktrace.c:-1 [inline]
ktrsysret(ffff80002a736008,5b,0,ffff80002a849070) at ktrsysret+0x17f sys/kern/kern_ktrace.c:209
syscall(ffff80002a849120) at syscall+0xad9 mi_syscall_return sys/sys/syscall_mi.h:204 [inline]
syscall(ffff80002a849120) at syscall+0xad9 sys/arch/amd64/amd64/trap.c:804
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x6fe9bd6a6300, count: -7
ddb> show registers
rdi                                0
rsi                                0
rbp               0xffff80002a848d50
rbx               0xfffff1006a0c1000
rdx                                0
rcx               0xffff800027332000
rax                             0x2b
r8                0xffffffffffffffff
r9                0xffff80002a848da8
r10               0xd0ad94226a08b591
r11               0x9d3d072bbe58e6a1
r12                              0x1
r13               0xffff800000c48800
r14               0xffff80002a848bf0
r15               0xfffff1005e1bdcc8
rip               0xffffffff81b9ecba    ffs2_balloc+0xa0a
cs                               0x8
rflags                       0x10246    __ALIGN_SIZE+0xf246
rsp               0xffff80002a848be0
ss                              0x10
ffs2_balloc+0xa0a:      movq    0(%rcx,%rax,8),%r14
ddb> show proc
PROC (syz-executor) tid=392358 pid=24154 tcnt=1 stat=onproc
    flags process=2<EXEC> proc=1<INKTR>
    runpri=32, usrpri=72, slppri=32, nice=20
    wchan=0x0, wmesg=, ps_single=0x0 scnt=0 ecnt=0
    forw=0xffffffffffffffff, list=0xffff80002a736a68,0xffff80002a736548
    process=0xffff80002a79df90 user=0xffff80002a844000, vmspace=0xfffff1007be5c008
    estcpu=22, cpticks=7, pctcpu=0.0, user=1, sys=6, intr=0
ddb> ps
   PID     TID   PPID    UID  S       FLAGS  WAIT          COMMAND
 29723  239282  65174      0  2           0                syz-executor
 29723   93339  65174      0  3   0x4000080  fsleep        syz-executor
 52821   92923  65642      0  2           0                syz-executor
 52821  189376  65642      0  2   0x4000000                syz-executor
 72577   24069  93576      0  3        0x80  fsleep        syz-executor
 72577  361689  93576      0  3   0x4000080  bell          syz-executor
 86807  415350  49083      0  3        0x80  fsleep        syz-executor
 86807  461622  49083      0  3   0x4000080  kqread        syz-executor
 15587  214879  84770      0  2        0x80                syz-executor
 15587  427744  84770      0  2   0x4000000                syz-executor
 66786  276113  76465      0  3        0x80  fsleep        syz-executor
 66786  249594  76465      0  3   0x4000080  lockf         syz-executor
 20004   98928  24154      0  3        0x80  fsleep        syz-executor
 20004  267892  24154      0  3   0x4000080  pipewr        syz-executor
 25304   40314      1      0  3        0x80  nanoslp       init
 49083   93275  21614      0  2       0xc82                syz-executor
 65642   99380  21614      0  2       0xc82                syz-executor
 32791  114631  21614      0  2       0xc82                syz-executor
*24154  392358  21614      0  7         0x3                syz-executor
 84770  491151  21614      0  2       0xc82                syz-executor
 93576  396006  21614      0  2       0xc82                syz-executor
 65174  240272  21614      0  2       0xc82                syz-executor
 76465  374114  21614      0  2       0xc82                syz-executor
 21614  249558      1      0  3        0x82  kqread        syz-executor
 88257  384523      0      0  3     0x14200  bored         smr
 13351    4209      0      0  2     0x14200                zerothread
 84180  131863      0      0  3     0x14200  aiodoned      aiodoned
 81009  438730      0      0  3     0x14200  syncer        update
 24473  346521      0      0  3     0x14200  cleaner       cleaner
 29157   81296      0      0  3     0x14200  reaper        reaper
 76616  522291      0      0  3     0x14200  pgdaemon      pagedaemon
  4892  414859      0      0  3     0x14200  bored         viomb
 43338  379560      0      0  3  0x40014200  acpi0         acpi0
 90696  273211      0      0  3     0x14200  bored         softnet0
 82773  325727      0      0  3     0x14200  bored         systqmp
 36665  504410      0      0  3     0x14200  bored         systq
 95905  439529      0      0  3  0x40014200  tmoslp        softclock
 79208  368898      0      0  3  0x40014200                idle0
     1    9493      0      0  3        0x82  wait          init
     0       0     -1      0  3  0x10010200  scheduler     swapper
ddb> show all locks
No such command
ddb>