panic: ffs2_balloc: unwind failed Stopped at db_enter+0x25: addq $0x8,%rsp TID PID UID PRFLAGS PFLAGS CPU COMMAND * 96055 26730 0 0x1000 0x4080000 0 syz-executor db_enter() at db_enter+0x25 sys/arch/amd64/amd64/db_interface.c:438 panic(ffffffff83409b68) at panic+0x1cf sys/kern/subr_prf.c:198 ffs2_balloc(fffffd806cfe3700,2040002fffe,1,fffffd8007ffd888,1,ffff80003c8f8f70) at ffs2_balloc+0x1965 ffs_truncate(fffffd806cfe3700,2040002ffff,0,fffffd8007ffd888) at ffs_truncate+0x410 sys/ufs/ffs/ffs_inode.c:185 ufs_setattr(ffff80003c8f9090) at ufs_setattr+0x8e0 sys/ufs/ufs/ufs_vnops.c:403 VOP_SETATTR(fffffd806bfe52a8,ffff80003c8f9118,fffffd8007ffd888,ffff80003a4e74f0) at VOP_SETATTR+0x112 sys/kern/vfs_vops.c:210 dotruncate(ffff80003a4e74f0,fffffd806bfe52a8,2040002ffff) at dotruncate+0x1da sys/kern/vfs_syscalls.c:2898 sys_truncate(ffff80003a4e74f0,ffff80003c8f93e0,ffff80003c8f9330) at sys_truncate+0x13e sys/kern/vfs_syscalls.c:2922 syscall(ffff80003c8f93e0) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80003c8f93e0) at syscall+0x962 sys/arch/amd64/amd64/trap.c:783 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x44e71ad39b0, count: 5 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic *cpu0: ffs2_balloc: unwind failed ddb> trace db_enter() at db_enter+0x25 sys/arch/amd64/amd64/db_interface.c:438 panic(ffffffff83409b68) at panic+0x1cf sys/kern/subr_prf.c:198 ffs2_balloc(fffffd806cfe3700,2040002fffe,1,fffffd8007ffd888,1,ffff80003c8f8f70) at ffs2_balloc+0x1965 ffs_truncate(fffffd806cfe3700,2040002ffff,0,fffffd8007ffd888) at ffs_truncate+0x410 sys/ufs/ffs/ffs_inode.c:185 ufs_setattr(ffff80003c8f9090) at ufs_setattr+0x8e0 sys/ufs/ufs/ufs_vnops.c:403 VOP_SETATTR(fffffd806bfe52a8,ffff80003c8f9118,fffffd8007ffd888,ffff80003a4e74f0) at VOP_SETATTR+0x112 sys/kern/vfs_vops.c:210 dotruncate(ffff80003a4e74f0,fffffd806bfe52a8,2040002ffff) at dotruncate+0x1da sys/kern/vfs_syscalls.c:2898 sys_truncate(ffff80003a4e74f0,ffff80003c8f93e0,ffff80003c8f9330) at sys_truncate+0x13e sys/kern/vfs_syscalls.c:2922 syscall(ffff80003c8f93e0) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80003c8f93e0) at syscall+0x962 sys/arch/amd64/amd64/trap.c:783 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x44e71ad39b0, count: -10 ddb> show registers rdi 0 rsi 0x1 rbp 0xffff80003c8f8bf0 rbx 0xfffffd806cfe3700 rdx 0 rcx 0 rax 0xffff80003a4e74f0 r8 0x101010101010101 r9 0x8080808080808080 r10 0x2a90d37042990766 r11 0x8cc81c4c27499016 r12 0 r13 0xffff800000c47800 r14 0 r15 0x1 rip 0xffffffff822fd3c5 db_enter+0x25 cs 0x8 rflags 0x246 rsp 0xffff80003c8f8be0 ss 0x10 db_enter+0x25: addq $0x8,%rsp ddb> show proc PROC (syz-executor) tid=96055 pid=26730 tcnt=5 stat=onproc flags process=1000 proc=4080000 runpri=17, usrpri=50, slppri=17, nice=20 wchan=0x0, wmesg=, ps_single=0xffff80003a4e6d28 scnt=4 ecnt=0 forw=0xffffffffffffffff, list=0xffff80003a4e6d28,0xffff80003a4e7268 process=0xffff80003c96e8a0 user=0xffff80003c8f4000, vmspace=0xfffffd806cc2fa28 estcpu=36, cpticks=2, pctcpu=0.0, user=0, sys=2, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 38079 190698 19276 0 2 0 syz-executor 38079 80613 19276 0 2 0x4000000 syz-executor 38079 521068 19276 0 3 0x4000080 fsleep syz-executor 26730 521249 93195 0 3 0x3000 suspend syz-executor *26730 96055 93195 0 7 0x4081000 syz-executor 26730 199140 93195 0 2 0x4081000 syz-executor 26730 265255 93195 0 2 0x4081000 syz-executor 26730 478807 93195 0 2 0x4081000 syz-executor 95968 447854 8171 0 2 0 syz-executor 95968 462005 8171 0 3 0x4000080 bell syz-executor 78217 190119 17923 0 2 0xc80 syz-executor 78217 380680 17923 0 3 0x4000080 lockf syz-executor 78217 423224 17923 0 3 0x4000080 fsleep syz-executor 93270 497135 37776 0 3 0x90 nanoslp syz-executor 93270 258224 37776 0 3 0x4000090 ttyretype syz-executor 93270 22059 37776 0 3 0x4000090 fsleep syz-executor 19434 336057 75071 0 2 0xc80 syz-executor 19434 500637 75071 0 3 0x4000080 fsleep syz-executor 19434 237918 75071 0 3 0x4000080 lockf syz-executor 19434 280634 75071 0 3 0x4000080 fsleep syz-executor 42629 67780 0 0 3 0x14280 nfsidl nfsio 34916 264824 0 0 3 0x14280 nfsidl nfsio 84966 335188 0 0 3 0x14280 nfsidl nfsio 63721 341337 0 0 3 0x14280 nfsidl nfsio 30015 81850 0 0 3 0x14280 nfsidl nfsio 16447 475645 0 0 3 0x14280 nfsidl nfsio 5689 212995 0 0 3 0x14280 nfsidl nfsio 11709 346709 0 0 3 0x14280 nfsidl nfsio 89449 277530 0 0 3 0x14280 nfsidl nfsio 32728 107187 0 0 3 0x14280 nfsidl nfsio 80945 13537 0 0 3 0x14280 nfsidl nfsio 8708 346432 0 0 3 0x14280 nfsidl nfsio 74348 66608 0 0 3 0x14280 nfsidl nfsio 76803 15045 0 0 3 0x14280 nfsidl nfsio 48542 466886 0 0 3 0x14280 nfsidl nfsio 50440 88650 0 0 3 0x14280 nfsidl nfsio 82182 475485 0 0 3 0x14280 nfsidl nfsio 16615 102199 0 0 3 0x14280 nfsidl nfsio 3083 364193 0 0 3 0x14280 nfsidl nfsio 7618 235542 0 0 3 0x14280 nfsidl nfsio 73844 342417 37109 0 3 0x80 nanoslp syz-executor 73844 495242 37109 0 3 0x4000080 pppxread syz-executor 73844 221045 37109 0 3 0x4000000 inode syz-executor 73844 420177 37109 0 3 0x4000080 fsleep syz-executor 15443 457855 39316 0 3 0x80 nanoslp syz-executor 15443 397580 39316 0 3 0x4000080 piperd syz-executor 15443 266787 39316 0 3 0x4000080 fsleep syz-executor 93195 253289 71932 0 2 0xc82 syz-executor 8171 422740 71932 0 3 0x82 nanoslp syz-executor 39316 389356 71932 0 3 0x82 nanoslp syz-executor 75071 249744 71932 0 3 0x82 nanoslp syz-executor 17923 69232 71932 0 3 0x82 nanoslp syz-executor 37776 463239 71932 0 3 0x82 nanoslp syz-executor 19276 329676 71932 0 2 0xc82 syz-executor 37109 3921 71932 0 3 0x82 nanoslp syz-executor 71932 101708 15076 0 3 0x82 kqread syz-executor 15076 215960 37602 0 3 0x10008a sigsusp ksh 37602 161613 81222 0 3 0x98 kqread sshd-session 81222 228917 47499 0 3 0x92 kqread sshd-session 1521 495466 1 0 3 0x100083 ttyin getty 47499 93558 1 0 3 0x88 kqread sshd 67054 226055 48939 73 2 0x1100090 syslogd 48939 280285 1 0 3 0x100082 sbwait syslogd 87113 481421 1 0 3 0x100080 kqread resolvd 94698 507264 875 77 3 0x100092 kqread dhcpleased 26781 472578 875 77 3 0x100092 kqread dhcpleased 875 290384 1 0 3 0x80 kqread dhcpleased 76167 284167 0 0 3 0x14200 bored smr 53223 280585 0 0 2 0x14200 zerothread 70002 69875 0 0 3 0x14200 aiodoned aiodoned 59586 378568 0 0 3 0x14200 syncer update 9004 293470 0 0 3 0x14200 cleaner cleaner 54112 307982 0 0 3 0x14200 reaper reaper 54237 74899 0 0 3 0x14200 pgdaemon pagedaemon 11959 54730 0 0 3 0x14200 bored viomb 22677 358823 0 0 3 0x40014200 acpi0 acpi0 57786 384765 0 0 3 0x14200 bored softnet0 87316 182563 0 0 3 0x14200 bored systqmp 50922 139736 0 0 3 0x14200 bored systq 66733 331006 0 0 3 0x40014200 tmoslp softclock 23605 409221 0 0 3 0x40014200 idle0 1 306597 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 11053 12185K 12426K 166960K 12173 0 pcb 17 12K 12K 166960K 20 0 rtable 222 7K 10K 166960K 421 0 pf 28 12K 16K 166960K 47 0 ifaddr 38 6K 6K 166960K 44 0 ifgroup 46 2K 2K 166960K 50 0 sysctl 3 1K 9K 166960K 7 0 counters 32 17K 17K 166960K 33 0 ioctlops 0 0K 4K 166960K 39 0 iov 0 0K 0K 166960K 1 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1299 82K 82K 166960K 1385 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 1K 1K 166960K 2 0 VM map 2 1K 1K 166960K 2 0 sem 9 0K 0K 166960K 9 0 dirhash 12 2K 2K 166960K 12 0 ACPI 1692 195K 286K 166960K 12470 0 file desc 18 65K 89K 166960K 170 0 proc 59 59K 83K 166960K 502 0 subproc 72 4K 4K 166960K 72 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 0 0K 0K 166960K 1 0 in_multi 88 6K 6K 166960K 99 0 ether_multi 1 0K 0K 166960K 1 0 mrt 0 0K 0K 166960K 1 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 61 281K 281K 166960K 61 0 exec 0 0K 1K 166960K 368 0 fusefs mount 1 32K 32K 166960K 1 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 228 142K 152K 166960K 3198 0 UVM aobj 4 2K 2K 166960K 4 0 pinsyscall 39 78K 92K 166960K 1273 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 NDP 24 1K 1K 166960K 27 0 temp 37 9103K 9167K 166960K 4938 0 kqueue 15 24K 24K 166960K 29 0 SYN cache 2 16K 16K 166960K 2 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle rtpcb 120 38 0 35 1 0 1 1 0 8 0 rtentry 136 111 0 12 4 0 4 4 0 8 0 unpcb 144 52 0 34 1 0 1 1 0 8 0 syncache 336 4 0 4 1 0 1 1 0 8 1 tcpcb 736 15 0 11 1 0 1 1 0 8 0 arp 96 18 0 2 1 0 1 1 0 8 0 ipq 40 1 0 1 1 0 1 1 0 8 1 ipqe 40 2 0 2 1 0 1 1 0 8 1 inpcb 328 76 0 68 1 0 1 1 0 8 0 ip6q 72 1 0 1 1 0 1 1 0 8 1 ip6af 40 2 0 2 1 0 1 1 0 8 1 nd6 112 24 0 3 1 0 1 1 0 8 0 kcovpl 48 8 0 0 1 0 1 1 0 8 0 pfrktable 1344 10 0 10 1 0 1 1 0 8 1 pfanchor 1288 1 0 1 1 0 1 1 0 8 1 pftag 88 2 0 2 1 0 1 1 0 8 1 pfrule 1360 2 0 2 1 0 1 1 0 8 1 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 452 0 44 26 0 26 26 0 8 0 art_table 40 453 0 44 5 0 5 5 0 8 0 art_node 32 111 0 21 1 0 1 1 0 8 0 sysvmsgpl 40 1 0 0 1 0 1 1 0 8 0 semapl 72 7 0 0 1 0 1 1 0 8 0 shmpl 112 1 0 0 1 0 1 1 0 8 0 dirhash 1024 17 0 0 3 0 3 3 0 8 0 dino2pl 256 1622 0 157 92 0 92 92 0 8 0 ffsino 256 1622 0 157 92 0 92 92 0 8 0 nchpl 144 1866 0 168 64 0 64 64 0 8 0 vnodes 216 1724 0 0 96 0 96 96 0 8 0 namei 1024 5887 0 5886 1 0 1 1 0 8 0 pfiaddrpl 120 4 0 4 1 0 1 1 0 8 1 kstatmem 264 23 0 2 2 0 2 2 0 8 0 scsiplug 72 1 0 1 1 0 1 1 0 8 1 scxspl 216 6264 0 6264 3 0 3 3 1 8 3 plimitpl 152 63 0 45 1 0 1 1 0 8 0 sigapl 424 486 0 423 8 0 8 8 0 8 0 knotepl 120 4001 0 3512 15 0 15 15 0 8 0 kqueuepl 184 29 0 18 1 0 1 1 0 8 0 pipepl 304 124 0 96 3 0 3 3 0 8 0 fdescpl 448 453 0 423 5 0 5 5 0 8 1 filepl 120 1756 0 1495 8 0 8 8 0 8 0 lockfpl 104 21 0 12 1 0 1 1 0 8 0 lockfspl 48 12 0 6 1 0 1 1 0 8 0 sessionpl 144 23 0 15 1 0 1 1 0 8 0 pgrppl 48 32 0 15 1 0 1 1 0 8 0 ucredpl 104 108 0 95 1 0 1 1 0 8 0 zombiepl 144 423 0 423 1 0 1 1 0 8 1 processpl 1152 486 0 423 5 0 5 5 0 8 0 procpl 664 555 0 473 7 0 7 7 0 8 0 sockpl 552 166 0 137 3 0 3 3 0 8 0 mcl64k 65536 7 0 7 1 0 1 1 0 8 1 mcl16k 16384 3 0 3 1 0 1 1 0 8 1 mcl8k 8192 4 0 4 1 0 1 1 0 8 1 mcl4k 4096 2528 0 2475 13 0 13 13 0 8 6 mcl2k 2048 144 0 142 1 0 1 1 0 8 0 mtagpl 96 4 0 4 1 0 1 1 0 8 1 mbufpl 256 4513 0 4386 9 0 9 9 0 8 0 bufpl 280 2308 0 102 158 0 158 158 0 8 0 anonpl 24 86891 0 83640 32 0 32 32 0 186 11 amapchunkpl 152 9122 0 8618 27 0 27 27 0 158 7 amappl16 200 1265 0 1239 4 0 4 4 0 8 2 amappl15 192 26 0 25 1 0 1 1 0 8 0 amappl14 184 427 0 426 1 0 1 1 0 8 0 amappl13 176 114 0 104 1 0 1 1 0 8 0 amappl12 168 689 0 660 2 0 2 2 0 8 0 amappl11 160 7 0 6 1 0 1 1 0 8 0 amappl10 152 57 0 47 1 0 1 1 0 8 0 amappl9 144 269 0 269 1 0 1 1 0 8 1 amappl8 136 112 0 111 1 0 1 1 0 8 0 amappl7 128 151 0 139 1 0 1 1 0 8 0 amappl6 120 147 0 146 1 0 1 1 0 8 0 amappl5 112 93 0 86 1 0 1 1 0 8 0 amappl4 104 263 0 247 1 0 1 1 0 8 0 amappl3 96 1622 0 1507 3 0 3 3 0 8 0 amappl2 88 530 0 477 2 0 2 2 0 8 0 amappl1 80 10344 0 9796 12 0 12 12 0 8 0 amappl 88 2500 0 2332 4 0 4 4 0 92 0 uvmvnodes 80 100 0 0 3 0 3 3 0 8 0 dma4096 4096 1 0 1 1 0 1 1 0 8 1 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 6 0 6 1 0 1 1 0 8 1 dma128 128 253 0 253 1 0 1 1 0 8 1 dma64 64 6 0 6 1 0 1 1 0 8 1 dma32 32 7 0 7 1 0 1 1 0 8 1 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 3 0 0 1 0 1 1 0 8 0 uaddrrnd 24 453 0 423 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 453 0 423 1 0 1 1 0 8 0 vmmpekpl 168 5659 0 5628 2 0 2 2 0 8 0 vmmpepl 168 38167 0 36336 82 0 82 82 0 357 2 vmsppl 368 452 0 423 4 0 4 4 0 8 1 rwobjpl 40 13957 0 13003 11 0 11 11 0 8 1 pdppl 4096 912 0 846 96 18 78 78 0 8 12 pvpl 32 216517 0 207434 102 0 102 102 0 265 26 pmappl 216 452 0 423 2 0 2 2 0 8 0 extentpl 40 45 0 27 1 0 1 1 0 8 0 phpool 112 352 0 18 10 0 10 10 0 8 0 ddb> machine ddbcpu 0 No such command ddb> trace db_enter() at db_enter+0x25 sys/arch/amd64/amd64/db_interface.c:438 panic(ffffffff83409b68) at panic+0x1cf sys/kern/subr_prf.c:198 ffs2_balloc(fffffd806cfe3700,2040002fffe,1,fffffd8007ffd888,1,ffff80003c8f8f70) at ffs2_balloc+0x1965 ffs_truncate(fffffd806cfe3700,2040002ffff,0,fffffd8007ffd888) at ffs_truncate+0x410 sys/ufs/ffs/ffs_inode.c:185 ufs_setattr(ffff80003c8f9090) at ufs_setattr+0x8e0 sys/ufs/ufs/ufs_vnops.c:403 VOP_SETATTR(fffffd806bfe52a8,ffff80003c8f9118,fffffd8007ffd888,ffff80003a4e74f0) at VOP_SETATTR+0x112 sys/kern/vfs_vops.c:210 dotruncate(ffff80003a4e74f0,fffffd806bfe52a8,2040002ffff) at dotruncate+0x1da sys/kern/vfs_syscalls.c:2898 sys_truncate(ffff80003a4e74f0,ffff80003c8f93e0,ffff80003c8f9330) at sys_truncate+0x13e sys/kern/vfs_syscalls.c:2922 syscall(ffff80003c8f93e0) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80003c8f93e0) at syscall+0x962 sys/arch/amd64/amd64/trap.c:783 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x44e71ad39b0, count: -10 ddb> machine ddbcpu 1 No such command ddb> trace db_enter() at db_enter+0x25 sys/arch/amd64/amd64/db_interface.c:438 panic(ffffffff83409b68) at panic+0x1cf sys/kern/subr_prf.c:198 ffs2_balloc(fffffd806cfe3700,2040002fffe,1,fffffd8007ffd888,1,ffff80003c8f8f70) at ffs2_balloc+0x1965 ffs_truncate(fffffd806cfe3700,2040002ffff,0,fffffd8007ffd888) at ffs_truncate+0x410 sys/ufs/ffs/ffs_inode.c:185 ufs_setattr(ffff80003c8f9090) at ufs_setattr+0x8e0 sys/ufs/ufs/ufs_vnops.c:403 VOP_SETATTR(fffffd806bfe52a8,ffff80003c8f9118,fffffd8007ffd888,ffff80003a4e74f0) at VOP_SETATTR+0x112 sys/kern/vfs_vops.c:210 dotruncate(ffff80003a4e74f0,fffffd806bfe52a8,2040002ffff) at dotruncate+0x1da sys/kern/vfs_syscalls.c:2898 sys_truncate(ffff80003a4e74f0,ffff80003c8f93e0,ffff80003c8f9330) at sys_truncate+0x13e sys/kern/vfs_syscalls.c:2922 syscall(ffff80003c8f93e0) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80003c8f93e0) at syscall+0x962 sys/arch/amd64/amd64/trap.c:783 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x44e71ad39b0, count: -10