login: uvm_fault(0xffffffff83a7fa78, 0xffff800027395ff8, 0, 1) -> d kernel: page fault trap, code=0 Stopped at ffs_indirtrunc+0x699: movq 0(%rax,%rbx,8),%rbx TID PID UID PRFLAGS PFLAGS CPU COMMAND *460017 60315 0 0x2 0 1K syz-executor 132395 79404 0 0x2 0 0 syz-executor ffs_indirtrunc(fffffd806c463840,fffffffff03ff7f3,eff00,ffffffffffffffff,1,ffff80002a346058) at ffs_indirtrunc+0x699 sys/ufs/ffs/ffs_inode.c:495 ffs_indirtrunc(fffffd806c463840,ffffffffffbff7f2,efee0,ffffffffffffffff,2,ffff80002a346258) at ffs_indirtrunc+0x730 sys/ufs/ffs/ffs_inode.c:499 ffs_truncate(fffffd806c463840,0,0,ffffffffffffffff) at ffs_truncate+0x103f sys/ufs/ffs/ffs_inode.c:297 ufs_inactive(ffff80002a3463b0) at ufs_inactive+0x202 sys/ufs/ufs/ufs_inode.c:84 VOP_INACTIVE(fffffd8066ed2c30,ffff80002a241ca0) at VOP_INACTIVE+0x104 sys/kern/vfs_vops.c:498 vput(fffffd8066ed2c30) at vput+0xe5 sys/kern/vfs_subr.c:789 VOP_REMOVE(fffffd806f220d00,fffffd8066ed2c30,ffff80002a346518) at VOP_REMOVE+0x199 sys/kern/vfs_vops.c:336 dounlinkat(ffff80002a241ca0,ffffff9c,791218dc1580,0) at dounlinkat+0x1c4 sys/kern/vfs_syscalls.c:1923 syscall(ffff80002a346690) at syscall+0xb17 mi_syscall sys/sys/syscall_mi.h:176 [inline] syscall(ffff80002a346690) at syscall+0xb17 sys/arch/amd64/amd64/trap.c:783 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x791218dc1a30, count: 5 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb{1}> ddb{1}> set $lines = 0 ddb{1}> set $maxwidth = 0 ddb{1}> show panic *cpu1: uvm_fault(0xffffffff83a7fa78, 0xffff800027395ff8, 0, 1) -> d ddb{1}> trace ffs_indirtrunc(fffffd806c463840,fffffffff03ff7f3,eff00,ffffffffffffffff,1,ffff80002a346058) at ffs_indirtrunc+0x699 sys/ufs/ffs/ffs_inode.c:495 ffs_indirtrunc(fffffd806c463840,ffffffffffbff7f2,efee0,ffffffffffffffff,2,ffff80002a346258) at ffs_indirtrunc+0x730 sys/ufs/ffs/ffs_inode.c:499 ffs_truncate(fffffd806c463840,0,0,ffffffffffffffff) at ffs_truncate+0x103f sys/ufs/ffs/ffs_inode.c:297 ufs_inactive(ffff80002a3463b0) at ufs_inactive+0x202 sys/ufs/ufs/ufs_inode.c:84 VOP_INACTIVE(fffffd8066ed2c30,ffff80002a241ca0) at VOP_INACTIVE+0x104 sys/kern/vfs_vops.c:498 vput(fffffd8066ed2c30) at vput+0xe5 sys/kern/vfs_subr.c:789 VOP_REMOVE(fffffd806f220d00,fffffd8066ed2c30,ffff80002a346518) at VOP_REMOVE+0x199 sys/kern/vfs_vops.c:336 dounlinkat(ffff80002a241ca0,ffffff9c,791218dc1580,0) at dounlinkat+0x1c4 sys/kern/vfs_syscalls.c:1923 syscall(ffff80002a346690) at syscall+0xb17 mi_syscall sys/sys/syscall_mi.h:176 [inline] syscall(ffff80002a346690) at syscall+0xb17 sys/arch/amd64/amd64/trap.c:783 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x791218dc1a30, count: -10 ddb{1}> show registers rdi 0x2 rsi 0x2 rbp 0xffff80002a346030 rbx 0x7ff rdx 0 rcx 0xffff80002a241ca0 rax 0xffff800027392000 r8 0xffffffffffffffff r9 0xffff80002a346058 r10 0 r11 0x7fec3c2986fb8d4 r12 0xffffffffeffffff4 r13 0x800 r14 0x2 r15 0xfffffd806c463840 rip 0xffffffff815c8fb9 ffs_indirtrunc+0x699 cs 0x8 rflags 0x10246 __ALIGN_SIZE+0xf246 rsp 0xffff80002a345f40 ss 0 ffs_indirtrunc+0x699: movq 0(%rax,%rbx,8),%rbx ddb{1}> show proc PROC (syz-executor) tid=460017 pid=60315 tcnt=1 stat=onproc flags process=2 proc=0 runpri=17, usrpri=50, slppri=17, nice=20 wchan=0x0, wmesg=, ps_single=0x0 scnt=0 ecnt=0 forw=0xffffffffffffffff, list=0xffff80002a242fa0,0xffff80002a241780 process=0xffff8000ffff5818 user=0xffff80002a341000, vmspace=0xfffffd806f59c990 estcpu=36, cpticks=26, pctcpu=0.12, user=0, sys=25, intr=0 ddb{1}> ps PID TID PPID UID S FLAGS WAIT COMMAND 82001 253173 4755 0 2 0 syz-executor 82001 169392 4755 0 3 0x4000080 fsleep syz-executor 82001 387674 4755 0 2 0x4000000 syz-executor 72554 329630 5506 0 2 0 syz-executor 72554 98670 5506 0 2 0x4000000 syz-executor 53422 285643 73450 0 3 0x80 nanoslp syz-executor 53422 161857 73450 0 3 0x4000080 sbwait syz-executor 53422 355680 73450 0 3 0x4000080 fsleep syz-executor 32560 237284 5364 0 3 0x80 nanoslp syz-executor 32560 506394 5364 0 3 0x4000080 fsleep syz-executor 32560 518100 5364 0 3 0x4000080 lockf syz-executor 74209 402273 86578 0 2 0 syz-executor 74209 34694 86578 0 3 0x4000080 lockf syz-executor 74209 325784 86578 0 3 0x4000080 fsleep syz-executor 36063 174868 1 0 3 0x100083 ttyin getty 1740 144861 0 0 3 0x14200 acct acct 12555 261106 0 0 3 0x14280 nfsidl nfsio 47599 496799 0 0 3 0x14280 nfsidl nfsio 92030 56823 0 0 3 0x14280 nfsidl nfsio 76547 152234 0 0 3 0x14280 nfsidl nfsio 88965 67627 0 0 3 0x14280 nfsidl nfsio 69840 325548 0 0 3 0x14280 nfsidl nfsio 90291 408057 0 0 3 0x14280 nfsidl nfsio 5676 244529 0 0 3 0x14280 nfsidl nfsio 31455 58883 0 0 3 0x14280 nfsidl nfsio 9549 204914 0 0 3 0x14280 nfsidl nfsio 74196 377276 0 0 3 0x14280 nfsidl nfsio 7544 507856 0 0 3 0x14280 nfsidl nfsio 73214 359894 0 0 3 0x14280 nfsidl nfsio 14150 267777 0 0 3 0x14280 nfsidl nfsio 78002 96938 0 0 3 0x14280 nfsidl nfsio 81681 296107 0 0 3 0x14280 nfsidl nfsio 28690 399114 0 0 3 0x14280 nfsidl nfsio 72083 240074 0 0 3 0x14280 nfsidl nfsio 68574 72714 0 0 3 0x14280 nfsidl nfsio 35336 264847 0 0 3 0x14280 nfsidl nfsio 86578 6494 20477 0 3 0x82 nanoslp syz-executor 10743 125578 20477 0 3 0x82 piperd syz-executor 73450 92269 20477 0 2 0xc82 syz-executor *60315 460017 20477 0 7 0x2 syz-executor 79404 132395 20477 0 7 0x2 syz-executor 5364 63215 20477 0 2 0xc82 syz-executor 5506 299386 20477 0 2 0xc82 syz-executor 4755 143397 20477 0 2 0xc82 syz-executor 20477 378529 1 0 2 0x2 syz-executor 49187 392983 1 74 3 0x1100092 bpf pflogd 9576 471783 1 73 3 0x1100090 kqread syslogd 35486 485199 0 0 3 0x14200 bored smr 61543 479618 0 0 2 0x14200 zerothread 59876 376410 0 0 3 0x14200 aiodoned aiodoned 43815 176836 0 0 3 0x14200 syncer update 37810 26872 0 0 3 0x14200 cleaner cleaner 70966 173356 0 0 3 0x14200 reaper reaper 71475 492951 0 0 3 0x14200 pgdaemon pagedaemon 38764 471975 0 0 3 0x14200 bored viomb 62319 69039 0 0 3 0x40014200 acpi0 acpi0 5037 409441 0 0 3 0x40014200 idle1 67935 295189 0 0 3 0x14200 bored softnet1 83951 230616 0 0 3 0x14200 bored softnet0 44845 270744 0 0 3 0x14200 bored systqmp 71407 59124 0 0 3 0x14200 bored systq 87040 479289 0 0 3 0x14200 tmoslp softclockmp 43119 412537 0 0 3 0x40014200 tmoslp softclock 42092 398713 0 0 3 0x40014200 idle0 1 248518 0 0 3 0x82 wait init 0 0 -1 0 3 0x10010200 scheduler swapper ddb{1}> show all locks Process 60315 (syz-executor) thread 0xffff80002a241ca0 (460017) exclusive kernel_lock &kernel_lock r = 0 (0xffffffff83a18d80) #0 witness_lock+0x5f1 stacktrace_save sys/sys/stacktrace.h:37 [inline] #0 witness_lock+0x5f1 sys/kern/subr_witness.c:1160 #1 __mp_acquire_count+0x58 sys/kern/kern_lock.c:-1 #2 sleep_finish+0x2d8 sys/kern/kern_synch.c:369 #3 biowait+0xc6 sys/kern/vfs_bio.c:1242 #4 bwrite+0x2e7 sys/kern/vfs_bio.c:754 #5 ffs_update+0x2fe sys/ufs/ffs/ffs_inode.c:111 #6 ffs_truncate+0xc9b sys/ufs/ffs/ffs_inode.c:-1 #7 ufs_inactive+0x202 sys/ufs/ufs/ufs_inode.c:84 #8 VOP_INACTIVE+0x104 sys/kern/vfs_vops.c:498 #9 vput+0xe5 sys/kern/vfs_subr.c:789 #10 VOP_REMOVE+0x199 sys/kern/vfs_vops.c:336 #11 dounlinkat+0x1c4 sys/kern/vfs_syscalls.c:1923 #12 syscall+0xb17 mi_syscall sys/sys/syscall_mi.h:176 [inline] #12 syscall+0xb17 sys/arch/amd64/amd64/trap.c:783 #13 Xsyscall+0x128 exclusive rrwlock inode r = 0 (0xfffffd806c4638e0) #0 witness_lock+0x5f1 stacktrace_save sys/sys/stacktrace.h:37 [inline] #0 witness_lock+0x5f1 sys/kern/subr_witness.c:1160 #1 rw_do_enter_write+0x419 sys/kern/kern_rwlock.c:320 #2 rrw_enter+0xc6 sys/kern/kern_rwlock.c:621 #3 VOP_LOCK+0xbd sys/kern/vfs_vops.c:527 #4 vn_lock+0xa4 sys/kern/vfs_vnops.c:570 #5 vget+0x2a2 sys/kern/vfs_subr.c:686 #6 ufs_ihashget+0x185 sys/ufs/ufs/ufs_ihash.c:98 #7 ffs_vget+0x8c sys/ufs/ffs/ffs_vfsops.c:1203 #8 ufs_lookup+0x1a36 sys/ufs/ufs/ufs_lookup.c:478 #9 VOP_LOOKUP+0x6e sys/kern/vfs_vops.c:85 #10 vfs_lookup+0x98a sys/kern/vfs_lookup.c:567 #11 namei+0x7ca sys/kern/vfs_lookup.c:250 #12 dounlinkat+0xc1 sys/kern/vfs_syscalls.c:1887 #13 syscall+0xb17 mi_syscall sys/sys/syscall_mi.h:176 [inline] #13 syscall+0xb17 sys/arch/amd64/amd64/trap.c:783 #14 Xsyscall+0x128 exclusive rrwlock inode r = 0 (0xfffffd806c463440) #0 witness_lock+0x5f1 stacktrace_save sys/sys/stacktrace.h:37 [inline] #0 witness_lock+0x5f1 sys/kern/subr_witness.c:1160 #1 rw_do_enter_write+0x419 sys/kern/kern_rwlock.c:320 #2 rrw_enter+0xc6 sys/kern/kern_rwlock.c:621 #3 VOP_LOCK+0xbd sys/kern/vfs_vops.c:527 #4 vn_lock+0xa4 sys/kern/vfs_vnops.c:570 #5 vget+0x2a2 sys/kern/vfs_subr.c:686 #6 cache_lookup+0x351 sys/kern/vfs_cache.c:222 #7 ufs_lookup+0x1e3 sys/ufs/ufs/ufs_lookup.c:160 #8 VOP_LOOKUP+0x6e sys/kern/vfs_vops.c:85 #9 vfs_lookup+0x98a sys/kern/vfs_lookup.c:567 #10 namei+0x7ca sys/kern/vfs_lookup.c:250 #11 dounlinkat+0xc1 sys/kern/vfs_syscalls.c:1887 #12 syscall+0xb17 mi_syscall sys/sys/syscall_mi.h:176 [inline] #12 syscall+0xb17 sys/arch/amd64/amd64/trap.c:783 #13 Xsyscall+0x128 Process 79404 (syz-executor) thread 0xffff80002a242fa0 (132395) exclusive rrwlock inode r = 0 (0xfffffd806c4631f0) #0 witness_lock+0x5f1 stacktrace_save sys/sys/stacktrace.h:37 [inline] #0 witness_lock+0x5f1 sys/kern/subr_witness.c:1160 #1 rw_do_enter_write+0x419 sys/kern/kern_rwlock.c:320 #2 rrw_enter+0xc6 sys/kern/kern_rwlock.c:621 #3 VOP_LOCK+0xbd sys/kern/vfs_vops.c:527 #4 vn_lock+0xa4 sys/kern/vfs_vnops.c:570 #5 vget+0x2a2 sys/kern/vfs_subr.c:686 #6 cache_lookup+0x351 sys/kern/vfs_cache.c:222 #7 ufs_lookup+0x1e3 sys/ufs/ufs/ufs_lookup.c:160 #8 VOP_LOOKUP+0x6e sys/kern/vfs_vops.c:85 #9 vfs_lookup+0x98a sys/kern/vfs_lookup.c:567 #10 namei+0x7ca sys/kern/vfs_lookup.c:250 #11 dounlinkat+0xc1 sys/kern/vfs_syscalls.c:1887 #12 syscall+0xb17 mi_syscall sys/sys/syscall_mi.h:176 [inline] #12 syscall+0xb17 sys/arch/amd64/amd64/trap.c:783 #13 Xsyscall+0x128 ddb{1}> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 11067 12149K 12541K 166960K 12888 0 pcb 18 12K 12K 166960K 69 0 rtable 201 7K 8K 166960K 432 0 pf 35 17K 22K 166960K 135 0 ifaddr 38 6K 7K 166960K 75 0 ifgroup 55 2K 3K 166960K 118 0 sysctl 2 1K 9K 166960K 6 0 counters 70 37K 38K 166960K 124 0 ioctlops 0 0K 4K 166960K 1564 0 iov 0 0K 12K 166960K 13 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1355 85K 86K 166960K 1901 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 3 5K 5K 166960K 9 0 VM map 2 1K 1K 166960K 2 0 sem 12 0K 0K 166960K 14 0 dirhash 12 2K 2K 166960K 18 0 ACPI 1692 195K 286K 166960K 12470 0 file desc 15 53K 93K 166960K 511 0 sigio 0 0K 0K 166960K 4 0 proc 21 33K 164K 166960K 604 0 subproc 72 4K 4K 166960K 72 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 0 0K 0K 166960K 34 0 in_multi 80 5K 7K 166960K 126 0 ether_multi 1 0K 0K 166960K 3 0 mrt 1 0K 0K 166960K 15 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 91 413K 413K 166960K 91 0 exec 0 0K 1K 166960K 433 0 fusefs mount 1 32K 32K 166960K 1 0 pfkey data 0 0K 0K 166960K 2 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 144 99K 189K 166960K 6438 0 UVM aobj 11 4K 4K 166960K 13 0 pinsyscall 21 42K 104K 166960K 1652 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 0K 166960K 23 0 NDP 12 0K 2K 166960K 47 0 temp 47 9076K 9144K 166960K 19066 0 kqueue 3 4K 27K 166960K 82 0 SYN cache 2 16K 16K 166960K 2 0 ddb{1}> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle plcache 128 26 0 0 1 0 1 1 0 8 0 rtpcb 120 62 0 61 1 0 1 1 0 8 0 rtentry 176 124 0 42 6 0 6 6 0 8 0 unpcb 144 308 0 301 4 2 2 4 0 8 1 syncache 336 3 0 3 1 1 0 1 0 8 0 tcpcb 736 154 0 153 4 0 4 4 0 8 3 arp 136 18 0 4 1 0 1 1 0 8 0 inpcb 328 504 0 502 7 2 5 7 0 8 4 nd6 152 25 0 6 1 0 1 1 0 8 0 pkpcb 40 2 0 2 1 0 1 1 0 8 1 kcovpl 48 8 0 0 1 0 1 1 0 8 0 ppxss 1192 17 0 17 1 0 1 1 0 8 1 pppxif 1576 8 0 8 1 0 1 1 0 8 1 pffrag 232 5 0 2 1 0 1 1 0 482 0 pffrnode 88 4 0 1 1 0 1 1 0 8 0 pffrent 40 7 0 4 1 0 1 1 0 8 0 pfosfp 40 1428 0 1005 5 0 5 5 0 8 0 pfosfpen 112 1428 0 714 21 0 21 21 0 8 0 pfrktable 1344 1 0 1 1 0 1 1 0 8 1 pftag 88 1 0 1 1 0 1 1 0 8 1 pfstitem 24 42 0 1 1 0 1 1 0 8 0 pfstkey 128 44 0 3 2 0 2 2 0 8 0 pfstate 448 43 0 2 5 0 5 5 0 8 0 pfrule 1360 30 0 25 2 1 1 2 0 8 0 art_heap8 4096 3 0 0 3 0 3 3 0 8 0 art_heap4 256 517 0 147 29 0 29 29 0 8 4 art_table 40 520 0 147 5 0 5 5 0 8 0 art_node 32 123 0 49 1 0 1 1 0 8 0 sysvmsgpl 40 8 0 2 1 0 1 1 0 8 0 semapl 112 12 0 2 1 0 1 1 0 8 0 shmpl 112 10 0 2 1 0 1 1 0 8 0 dirhash 1024 21 0 4 3 0 3 3 0 8 0 dino2pl 256 2400 0 933 93 0 93 93 0 8 0 ffsino 296 2400 0 933 114 0 114 114 0 8 0 nchpl 144 3111 0 1409 64 0 64 64 0 8 0 vnodes 216 2800 0 0 156 0 156 156 0 8 0 namei 1024 10755 0 10755 2 1 1 2 0 8 1 percpumem 16 77 0 27 1 0 1 1 0 8 0 kstatmem 264 66 0 38 3 0 3 3 0 8 1 scxspl 216 19412 0 19412 10 2 8 8 1 8 8 plimitpl 152 159 0 146 1 0 1 1 0 8 0 sigapl 424 846 0 790 8 0 8 8 0 8 0 knotepl 120 285 0 0 9 0 9 9 0 8 0 kqueuepl 224 108 0 106 1 0 1 1 0 8 0 pipepl 344 150 0 123 3 0 3 3 0 8 0 fdescpl 528 808 0 789 3 0 3 3 0 8 0 filepl 160 4510 0 4323 16 2 14 16 0 8 5 lockfpl 104 424 0 421 2 0 2 2 0 8 1 lockfspl 48 179 0 178 1 0 1 1 0 8 0 sessionpl 144 36 0 31 1 0 1 1 0 8 0 pgrppl 48 45 0 32 1 0 1 1 0 8 0 ucredpl 104 760 0 753 1 0 1 1 0 8 0 zombiepl 144 790 0 790 1 0 1 1 0 8 1 processpl 1232 846 0 790 6 0 6 6 0 8 0 procpl 664 1477 0 1412 8 0 8 8 0 8 1 sosppl 176 4 0 4 1 0 1 1 0 8 1 sockpl 752 904 0 893 10 2 8 10 0 8 5 mcl64k 65536 4 0 0 1 0 1 1 0 8 0 mcl16k 16384 6 0 0 1 0 1 1 0 8 0 mcl12k 12288 2 0 0 1 0 1 1 0 8 0 mcl8k 8192 6 0 0 1 0 1 1 0 8 0 mcl4k 4096 128 0 0 16 0 16 16 0 8 0 mcl2k 2048 35 0 0 5 0 5 5 0 8 0 mtagpl 96 10 0 0 1 0 1 1 0 8 0 mbufpl 256 189 0 0 12 0 12 12 0 8 0 bufpl 280 7645 0 1515 439 0 439 439 0 8 0 anonpl 32 12674 0 0 103 0 103 103 0 246 0 amapchunkpl 152 20715 0 20382 29 0 29 29 0 158 8 amappl16 200 3138 0 3113 30 15 15 27 0 8 8 amappl15 192 11 0 10 1 0 1 1 0 8 0 amappl14 184 428 0 428 1 0 1 1 0 8 1 amappl13 176 132 0 129 1 0 1 1 0 8 0 amappl12 168 1055 0 1037 2 0 2 2 0 8 0 amappl11 160 19 0 19 1 1 0 1 0 8 0 amappl10 152 70 0 65 1 0 1 1 0 8 0 amappl9 144 282 0 282 1 1 0 1 0 8 0 amappl8 136 97 0 96 1 0 1 1 0 8 0 amappl7 128 149 0 144 1 0 1 1 0