ÉRåuvm_fault(0xffffffff83aa1e68, 0xffff800029ba2168, 0, 1) -> d kernel: page fault trap, code=0 Stopped at ffs2_balloc+0xa0a: movq 0(%rcx,%rax,8),%r14 TID PID UID PRFLAGS PFLAGS CPU COMMAND *510008 49222 0 0x2 0x1 0 syz-executor ffs2_balloc(fffffa006aff8500,e46f0,50,fffffa0007ffd2d8,1,ffff80002a8853c8) at ffs2_balloc+0xa0a sys/ufs/ffs/ffs_balloc.c:614 ffs_write(ffff80002a885450) at ffs_write+0x4f9 sys/ufs/ffs/ffs_vnops.c:345 VOP_WRITE(fffffa0072014378,ffff80002a885500,3,fffffa0007ffd2d8) at VOP_WRITE+0x101 sys/kern/vfs_vops.c:245 ktrwriteraw(ffff80002a736f98,fffffa0072014378,fffffa0007ffd2d8,ffff80002a8855d0,ffff80002a8855b0) at ktrwriteraw+0x19b sys/kern/kern_ktrace.c:692 ktrsysret(ffff80002a736f98,89,0,ffff80002a885690) at ktrsysret+0x17f ktrwrite2 sys/kern/kern_ktrace.c:-1 [inline] ktrsysret(ffff80002a736f98,89,0,ffff80002a885690) at ktrsysret+0x17f sys/kern/kern_ktrace.c:209 syscall(ffff80002a885740) at syscall+0xad9 mi_syscall_return sys/sys/syscall_mi.h:204 [inline] syscall(ffff80002a885740) at syscall+0xad9 sys/arch/amd64/amd64/trap.c:804 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x78f5380e5920, count: 8 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic *cpu0: uvm_fault(0xffffffff83aa1e68, 0xffff800029ba2168, 0, 1) -> d ddb> trace ffs2_balloc(fffffa006aff8500,e46f0,50,fffffa0007ffd2d8,1,ffff80002a8853c8) at ffs2_balloc+0xa0a sys/ufs/ffs/ffs_balloc.c:614 ffs_write(ffff80002a885450) at ffs_write+0x4f9 sys/ufs/ffs/ffs_vnops.c:345 VOP_WRITE(fffffa0072014378,ffff80002a885500,3,fffffa0007ffd2d8) at VOP_WRITE+0x101 sys/kern/vfs_vops.c:245 ktrwriteraw(ffff80002a736f98,fffffa0072014378,fffffa0007ffd2d8,ffff80002a8855d0,ffff80002a8855b0) at ktrwriteraw+0x19b sys/kern/kern_ktrace.c:692 ktrsysret(ffff80002a736f98,89,0,ffff80002a885690) at ktrsysret+0x17f ktrwrite2 sys/kern/kern_ktrace.c:-1 [inline] ktrsysret(ffff80002a736f98,89,0,ffff80002a885690) at ktrsysret+0x17f sys/kern/kern_ktrace.c:209 syscall(ffff80002a885740) at syscall+0xad9 mi_syscall_return sys/sys/syscall_mi.h:204 [inline] syscall(ffff80002a885740) at syscall+0xad9 sys/arch/amd64/amd64/trap.c:804 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x78f5380e5920, count: -7 ddb> show registers rdi 0 rsi 0 rbp 0xffff80002a885370 rbx 0xfffffa006aff8500 rdx 0 rcx 0xffff800029ba2000 rax 0x2d r8 0xffffffffffffffff r9 0xffff80002a8853c8 r10 0x9c992369d0af7e4d r11 0xb23d6f68881bd684 r12 0x1 r13 0xffff800000c47800 r14 0xffff80002a885210 r15 0xfffffa005ce0b118 rip 0xffffffff8186014a ffs2_balloc+0xa0a cs 0x8 rflags 0x10246 __ALIGN_SIZE+0xf246 rsp 0xffff80002a885200 ss 0x10 ffs2_balloc+0xa0a: movq 0(%rcx,%rax,8),%r14 ddb> show proc PROC (syz-executor) tid=510008 pid=49222 tcnt=1 stat=onproc flags process=2 proc=1 runpri=17, usrpri=86, slppri=17, nice=20 wchan=0x0, wmesg=, ps_single=0x0 scnt=0 ecnt=0 forw=0xffffffffffffffff, list=0xffff80002a736008,0xffff80002a7367e0 process=0xffff80002a79f610 user=0xffff80002a880000, vmspace=0xfffffa006f59d178 estcpu=36, cpticks=9, pctcpu=0.2, user=1, sys=8, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 3511 42122 97683 0 2 0 syz-executor 3511 66123 97683 0 3 0x4000080 fsleep syz-executor 32605 72066 78324 0 2 0 syz-executor 32605 20856 78324 0 2 0x4000000 syz-executor 53150 500361 5213 0 2 0xc80 syz-executor 53150 39059 5213 0 3 0x4000080 kqpoll syz-executor 53150 318141 5213 0 3 0x4000080 fsleep syz-executor 88374 362216 23229 0 2 0xc80 syz-executor 88374 48917 23229 0 3 0x4000080 fifow syz-executor 88374 123116 23229 0 3 0x4000080 fsleep syz-executor 28126 513422 0 0 3 0x14200 acct acct 80154 248578 26274 0 2 0xc80 syz-executor 80154 300315 26274 0 3 0x4000080 kqread syz-executor 80154 340853 26274 0 3 0x4000080 fsleep syz-executor 7189 219618 1 0 3 0x80 nanoslp init 46772 371450 86812 0 2 0x2 syz-executor *49222 510008 86812 0 7 0x3 syz-executor 97683 85166 86812 0 2 0xc82 syz-executor 23229 266905 86812 0 2 0xc82 syz-executor 5213 181637 86812 0 2 0xc82 syz-executor 78324 314526 86812 0 2 0xc82 syz-executor 21981 472704 86812 0 2 0xc82 syz-executor 26274 160753 86812 0 2 0xc82 syz-executor 86812 385005 1 0 3 0x82 kqread syz-executor 88844 170624 1 73 3 0x1100090 kqread syslogd 6840 313330 0 0 3 0x14200 bored smr 81466 470546 0 0 2 0x14200 zerothread 60617 26243 0 0 3 0x14200 aiodoned aiodoned 47425 241899 0 0 3 0x14200 syncer update 92194 137212 0 0 3 0x14200 cleaner cleaner 47363 126537 0 0 3 0x14200 reaper reaper 91354 300341 0 0 3 0x14200 pgdaemon pagedaemon 44063 191885 0 0 3 0x14200 bored viomb 95406 162404 0 0 3 0x40014200 acpi0 acpi0 53613 375957 0 0 3 0x14200 bored softnet0 22149 499241 0 0 3 0x14200 smrbar systqmp 91425 131951 0 0 3 0x14200 bored systq 88592 326309 0 0 3 0x40014200 tmoslp softclock 75662 94047 0 0 3 0x40014200 idle0 1 232383 0 0 3 0x82 wait init 0 0 -1 0 3 0x10010200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 11046 12259K 12646K 166960K 12706 0 pcb 18 16K 17K 166960K 166 0 rtable 224 7K 9K 166960K 443 0 pf 35 14K 74K 166960K 82 0 ifaddr 40 6K 7K 166960K 59 0 ifgroup 54 2K 2K 166960K 86 0 sysctl 3 1K 9K 166960K 44 0 counters 34 17K 18K 166960K 47 0 ioctlops 0 0K 4K 166960K 315 0 iov 0 0K 16K 166960K 18 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1332 84K 84K 166960K 1850 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 1K 5K 166960K 10 0 VM map 2 1K 1K 166960K 2 0 sem 12 0K 0K 166960K 37 0 dirhash 12 2K 2K 166960K 18 0 ACPI 1692 195K 286K 166960K 12470 0 file desc 16 57K 236K 166960K 560 0 sigio 0 0K 0K 166960K 5 0 proc 11 17K 124K 166960K 564 0 subproc 72 4K 4K 166960K 72 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 0 0K 0K 166960K 197 0 in_multi 84 6K 7K 166960K 119 0 ether_multi 1 0K 0K 166960K 5 0 mrt 1 0K 0K 166960K 13 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 79 360K 360K 166960K 79 0 exec 0 0K 1K 166960K 455 0 fusefs mount 1 32K 32K 166960K 1 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 144 79K 159K 166960K 6709 0 UVM aobj 12 4K 4K 166960K 15 0 pinsyscall 19 38K 96K 166960K 1666 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 0K 166960K 17 0 NDP 12 0K 1K 166960K 38 0 temp 45 9108K 9142K 166960K 20807 0 kqueue 5 8K 24K 166960K 106 0 SYN cache 2 16K 16K 166960K 2 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle rtpcb 120 74 0 74 2 1 1 1 0 8 1 rtentry 136 125 0 33 4 0 4 4 0 8 0 unpcb 144 341 0 335 3 0 3 3 0 8 2 syncache 336 4 0 4 1 1 0 1 0 8 0 tcpcb 736 246 0 245 7 0 7 7 0 8 6 arp 96 20 0 2 1 0 1 1 0 8 0 ipq 40 6 0 2 1 0 1 1 0 8 0 ipqe 40 9 0 5 1 0 1 1 0 8 0 inpcb 328 649 0 581 18 6 12 12 0 8 6 ip6q 72 3 0 2 1 0 1 1 0 8 0 ip6af 40 6 0 4 1 0 1 1 0 8 0 nd6 112 29 0 8 1 0 1 1 0 8 0 pkpcb 40 3 0 3 2 1 1 1 0 8 1 kcovpl 48 8 0 0 1 0 1 1 0 8 0 ppxss 1072 10 0 10 2 1 1 1 0 8 1 pfstscr 40 5 0 2 1 0 1 1 0 8 0 pfosfp 40 1 0 0 1 0 1 1 0 8 0 pfosfpen 112 1 0 0 1 0 1 1 0 8 0 pfrktable 1344 3 0 3 1 1 0 1 0 8 0 pfstlim 224 1 0 0 1 0 1 1 0 8 0 pfanchor 1288 3 0 1 1 0 1 1 0 8 0 pftag 88 3 0 3 2 1 1 1 0 8 1 pfstitem 24 4 0 0 1 0 1 1 0 8 0 pfstkey 128 6 0 2 1 0 1 1 0 8 0 pfstate 384 3 0 1 1 0 1 1 0 8 0 pfrule 1360 5 0 5 2 1 1 1 0 8 1 art_heap8 4096 3 0 0 3 0 3 3 0 8 0 art_heap4 256 479 0 109 29 2 27 29 0 8 1 art_table 40 482 0 109 5 0 5 5 0 8 0 art_node 32 123 0 39 1 0 1 1 0 8 0 sysvmsgpl 40 7 0 6 2 1 1 1 0 8 0 semapl 72 34 0 24 1 0 1 1 0 8 0 shmpl 112 12 0 3 1 0 1 1 0 8 0 dirhash 1024 21 0 4 3 0 3 3 0 8 0 dino2pl 256 2410 0 945 93 0 93 93 0 8 0 ffsino 256 2410 0 945 93 0 93 93 0 8 0 nchpl 144 3185 0 1486 64 0 64 64 0 8 0 rtmask 32 3 0 3 2 1 1 1 0 8 1 vnodes 216 2769 0 0 154 0 154 154 0 8 0 namei 1024 10758 0 10758 2 1 1 2 0 8 1 pfiaddrpl 120 1 0 1 1 1 0 1 0 8 0 kstatmem 264 45 0 20 4 1 3 3 0 8 1 scsiplug 72 2 0 2 2 1 1 1 0 8 1 scxspl 216 15319 0 15319 9 7 2 8 1 8 2 plimitpl 152 93 0 82 1 0 1 1 0 8 0 sigapl 424 850 0 817 6 1 5 6 0 8 0 knotepl 120 19438 0 19415 22 13 9 15 0 8 7 kqueuepl 184 152 0 147 2 1 1 2 0 8 0 pipepl 304 175 0 148 5 2 3 5 0 8 0 fdescpl 448 835 0 816 5 2 3 5 0 8 0 filepl 120 4839 0 4595 15 3 12 12 0 8 4 lockfpl 104 189 0 189 1 0 1 1 0 8 1 lockfspl 48 66 0 66 1 0 1 1 0 8 1 sessionpl 144 36 0 33 1 0 1 1 0 8 0 pgrppl 48 47 0 36 1 0 1 1 0 8 0 ucredpl 104 788 0 782 1 0 1 1 0 8 0 zombiepl 144 818 0 817 1 0 1 1 0 8 0 processpl 1152 850 0 817 4 1 3 4 0 8 0 procpl 664 1505 0 1464 5 0 5 5 0 8 0 sockpl 552 1090 0 1016 16 5 11 11 0 8 5 mcl64k 65536 31 0 29 1 0 1 1 0 8 0 mcl16k 16384 3 0 3 1 1 0 1 0 8 0 mcl12k 12288 6 0 6 1 0 1 1 0 8 1 mcl9k128 9344 1 0 1 1 0 1 1 0 8 1 mcl8k 8192 81 0 80 2 1 1 1 0 8 0 mcl4k 4096 3148 0 3096 17 8 9 15 0 8 1 mcl2k 2048 410 0 406 4 2 2 3 0 8 1 mtagpl 96 7 0 6 2 1 1 1 0 8 0 mbufpl 256 8783 0 8623 16 1 15 15 0 8 2 bufpl 272 6655 0 439 415 0 415 415 0 8 0 anonpl 24 144330 0 142573 48 0 48 48 0 186 18 amapchunkpl 152 21767 0 21403 43 12 31 31 0 158 14 amappl16 200 2630 0 2610 21 8 13 21 0 8 8 amappl15 192 13 0 13 1 1 0 1 0 8 0 amappl14 184 414 0 414 1 1 0 1 0 8 0 amappl13 176 117 0 116 1 0 1 1 0 8 0 amappl12 168 1092 0 1075 2 1 1 2 0 8 0 amappl11 160 3 0 3 1 1 0 1 0 8 0 amappl10 152 68 0 65 1 0 1 1 0 8 0 amappl9 144 284 0 284 1 1 0 1 0 8 0 amappl8 136 93 0 93 1 1 0 1 0 8 0 amappl7 128 153 0 148 1 0 1 1 0 8 0 amappl6 120 151 0 150 1 0 1 1 0 8 0 amappl5 112 101 0 99 1 0 1 1 0 8 0 amappl4 104 273 0 265 1 0 1 1 0 8 0 amappl3 96 4169 0 4092 4 0 4 4 0 8 0 amappl2 88 537 0 523 2 0 2 2 0 8 0 amappl1 80 11860 0 11736 13 5 8 13 0 8 1 amappl 88 5873 0 5747 5 1 4 5 0 92 0 uvmvnodes 80 110 0 0 3 0 3 3 0 8 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 255 0 255 2 1 1 1 0 8 1 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 14 0 3 1 0 1 1 0 8 0 uaddrrnd 24 835 0 816 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 835 0 816 1 0 1 1 0 8 0 vmmpekpl 168 8382 0 8346 3 0 3 3 0 8 0 vmmpepl 168 60857 0 60002 80 20 60 80 0 357 12 vmsppl 368 834 0 816 4 1 3 4 0 8 0 rwobjpl 40 19293 0 18841 11 1 10 11 0 8 0 pdppl 4096 1676 0 1632 98 50 48 82 0 8 4 pvpl 32 381139 0 377040 99 3 96 97 0 265 34 pmappl 216 834 0 816 3 1 2 3 0 8 0 extentpl 40 45 0 27 1 0 1 1 0 8 0 phpool 112 799 0 73 21 0 21 21 0 8 0 ddb> machine ddbcpu 0 No such command ddb> trace ffs2_balloc(fffffa006aff8500,e46f0,50,fffffa0007ffd2d8,1,ffff80002a8853c8) at ffs2_balloc+0xa0a sys/ufs/ffs/ffs_balloc.c:614 ffs_write(ffff80002a885450) at ffs_write+0x4f9 sys/ufs/ffs/ffs_vnops.c:345 VOP_WRITE(fffffa0072014378,ffff80002a885500,3,fffffa0007ffd2d8) at VOP_WRITE+0x101 sys/kern/vfs_vops.c:245 ktrwriteraw(ffff80002a736f98,fffffa0072014378,fffffa0007ffd2d8,ffff80002a8855d0,ffff80002a8855b0) at ktrwriteraw+0x19b sys/kern/kern_ktrace.c:692 ktrsysret(ffff80002a736f98,89,0,ffff80002a885690) at ktrsysret+0x17f ktrwrite2 sys/kern/kern_ktrace.c:-1 [inline] ktrsysret(ffff80002a736f98,89,0,ffff80002a885690) at ktrsysret+0x17f sys/kern/kern_ktrace.c:209 syscall(ffff80002a885740) at syscall+0xad9 mi_syscall_return sys/sys/syscall_mi.h:204 [inline] syscall(ffff80002a885740) at syscall+0xad9 sys/arch/amd64/amd64/trap.c:804 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x78f5380e5920, count: -7 ddb> machine ddbcpu 1 No such command ddb>