login: panic: ufs_rename: lost dir entry Stopped at db_enter+0x18: addq $0x8,%rsp TID PID UID PRFLAGS PFLAGS CPU COMMAND 81330 53902 32767 0x10 0x4000000 0 syz-executor.4 * 94523 53902 32767 0x10 0x4000000 1K syz-executor.4 db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:440 panic(ffffffff825858e8) at panic+0x177 sys/kern/subr_prf.c:202 ufs_rename(ffff800021351238) at ufs_rename+0x1649 sys/ufs/ufs/ufs_vnops.c:921 VOP_RENAME(fffffd807a9d2d38,fffffd80789af708,ffff800021351408,fffffd807a9d22b8,fffffd80789afe08,ffff800021351358) at VOP_RENAME+0xf0 sys/kern/vfs_vops.c:386 dorenameat(ffff8000212677a8,4,200001c0,ffffff9c,20000200) at dorenameat+0x29c sys/kern/vfs_syscalls.c:3021 syscall(ffff8000213515a0) at syscall+0x489 mi_syscall sys/sys/syscall_mi.h:102 [inline] syscall(ffff8000213515a0) at syscall+0x489 sys/arch/amd64/amd64/trap.c:585 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x4502c0b9620, count: 8 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb{1}> ddb{1}> set $lines = 0 ddb{1}> set $maxwidth = 0 ddb{1}> show panic *cpu1: ufs_rename: lost dir entry ddb{1}> trace db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:440 panic(ffffffff825858e8) at panic+0x177 sys/kern/subr_prf.c:202 ufs_rename(ffff800021351238) at ufs_rename+0x1649 sys/ufs/ufs/ufs_vnops.c:921 VOP_RENAME(fffffd807a9d2d38,fffffd80789af708,ffff800021351408,fffffd807a9d22b8,fffffd80789afe08,ffff800021351358) at VOP_RENAME+0xf0 sys/kern/vfs_vops.c:386 dorenameat(ffff8000212677a8,4,200001c0,ffffff9c,20000200) at dorenameat+0x29c sys/kern/vfs_syscalls.c:3021 syscall(ffff8000213515a0) at syscall+0x489 mi_syscall sys/sys/syscall_mi.h:102 [inline] syscall(ffff8000213515a0) at syscall+0x489 sys/arch/amd64/amd64/trap.c:585 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x4502c0b9620, count: -7 ddb{1}> show registers rdi 0 rsi 0x1 rbp 0xffff800021350fc0 rbx 0xffff800020ce9bff rdx 0x3fd rcx 0 rax 0x22 r8 0x101010101010101 r9 0x8080808080808080 r10 0x18e6f4de7ff0ffc8 r11 0x5e0e0a3cfa88c30d r12 0xffff800020ce9a00 r13 0 r14 0 r15 0x1 rip 0xffffffff8126cb68 db_enter+0x18 cs 0x8 rflags 0x246 rsp 0xffff800021350fb0 ss 0x10 db_enter+0x18: addq $0x8,%rsp ddb{1}> show proc PROC (syz-executor.4) pid=94523 stat=onproc flags process=10 proc=4000000 pri=17, usrpri=86, nice=20 forw=0xffffffffffffffff, list=0xffff8000ffff6010,0xffff8000212662b8 process=0xffff800021328448 user=0xffff80002134c000, vmspace=0xfffffd807bfa28b8 estcpu=36, cpticks=0, pctcpu=0.0 user=0, sys=0, intr=0 ddb{1}> ps PID TID PPID UID S FLAGS WAIT COMMAND 53541 202192 48409 32767 2 0x10 syz-executor.7 93272 41209 73465 32767 2 0x10 syz-executor.1 57820 292711 14306 32767 2 0x10 syz-executor.6 32023 107318 64526 32767 2 0x10 syz-executor.5 32023 219837 64526 32767 3 0x4000010 biowait syz-executor.5 32023 226412 64526 32767 3 0x4000090 fsleep syz-executor.5 36229 437292 6063 32767 2 0x10 syz-executor.2 36229 179064 6063 32767 2 0x4000010 syz-executor.2 36229 387179 6063 32767 3 0x4000010 inode syz-executor.2 83110 500489 64383 32767 2 0x10 syz-executor.3 83110 902 64383 32767 3 0x4000010 biowait syz-executor.3 83110 244841 64383 32767 3 0x4000090 fsleep syz-executor.3 90002 233985 32640 32767 2 0x10 syz-executor.0 90002 123931 32640 32767 2 0x4000010 syz-executor.0 90002 490389 32640 32767 3 0x4000090 fsleep syz-executor.0 53902 139222 32645 32767 2 0x10 syz-executor.4 53902 95922 32645 32767 2 0x4000010 syz-executor.4 53902 81330 32645 32767 7 0x4000010 syz-executor.4 *53902 94523 32645 32767 7 0x4000010 syz-executor.4 48409 3274 64539 32767 3 0x90 nanoslp syz-executor.7 64539 523392 5073 0 3 0x82 wait syz-executor.7 6063 479565 32700 32767 3 0x90 nanoslp syz-executor.2 32645 241418 3282 32767 3 0x90 nanoslp syz-executor.4 32700 112385 5073 0 3 0x82 wait syz-executor.2 64383 381078 24338 32767 3 0x90 nanoslp syz-executor.3 3282 151577 5073 0 3 0x82 wait syz-executor.4 64526 142585 52585 32767 3 0x90 nanoslp syz-executor.5 24338 429797 5073 0 3 0x82 wait syz-executor.3 52585 157025 5073 0 3 0x82 wait syz-executor.5 73465 222904 75165 32767 3 0x90 nanoslp syz-executor.1 14306 279536 75759 32767 3 0x90 nanoslp syz-executor.6 75165 449162 5073 0 3 0x82 wait syz-executor.1 75759 293476 5073 0 3 0x82 wait syz-executor.6 32640 53390 11581 32767 3 0x90 nanoslp syz-executor.0 11581 454959 5073 0 3 0x82 wait syz-executor.0 5073 522053 23125 0 3 0x82 thrsleep syz-execprog 5073 502603 23125 0 3 0x4000082 thrsleep syz-execprog 5073 452713 23125 0 3 0x4000082 thrsleep syz-execprog 5073 278245 23125 0 3 0x4000082 kqread syz-execprog 5073 496685 23125 0 3 0x4000082 thrsleep syz-execprog 5073 50384 23125 0 3 0x4000082 thrsleep syz-execprog 5073 86572 23125 0 3 0x4000082 thrsleep syz-execprog 5073 40245 23125 0 3 0x4000082 thrsleep syz-execprog 5073 332214 23125 0 3 0x4000082 thrsleep syz-execprog 23125 372477 66526 0 3 0x10008a sigsusp ksh 66526 417452 16062 0 3 0x9a kqread sshd 16527 268704 1 0 3 0x100083 ttyin getty 16062 479732 1 0 3 0x88 kqread sshd 87489 241907 13214 73 3 0x100090 kqread syslogd 13214 320110 1 0 3 0x100082 netio syslogd 30142 39603 1 0 3 0x100080 kqread resolvd 87074 507895 45307 77 3 0x100092 kqread dhcpleased 60967 487809 45307 77 3 0x100092 kqread dhcpleased 45307 263836 1 0 3 0x80 kqread dhcpleased 71573 96797 0 0 3 0x14200 bored smr 12957 405946 0 0 2 0x14200 zerothread 16784 420704 0 0 3 0x14200 aiodoned aiodoned 7231 245529 0 0 3 0x14200 syncer update 22512 252281 0 0 3 0x14200 cleaner cleaner 17216 35592 0 0 3 0x14200 reaper reaper 66367 419159 0 0 3 0x14200 pgdaemon pagedaemon 61589 4621 0 0 3 0x14200 bored viomb 30293 234122 0 0 3 0x40014200 acpi0 acpi0 28161 472484 0 0 3 0x40014200 idle1 95701 38075 0 0 3 0x14200 bored softnet 7188 432468 0 0 3 0x14200 bored systqmp 26826 83453 0 0 3 0x14200 bored systq 29799 324437 0 0 3 0x40014200 bored softclock 96194 30816 0 0 3 0x40014200 idle0 1 44187 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb{1}> show all locks Process 32023 (syz-executor.5) thread 0xffff80002130c7e0 (219837) exclusive rrwlock inode r = 0 (0xfffffd8074e074d8) #0 witness_lock+0x44d #1 rw_enter+0x3e1 sys/kern/kern_rwlock.c:310 #2 rrw_enter+0x8b sys/kern/kern_rwlock.c:461 #3 VOP_LOCK+0x87 sys/kern/vfs_vops.c:534 #4 vn_lock+0x84 sys/kern/vfs_vnops.c:579 #5 ufs_rename+0x18b sys/ufs/ufs/ufs_vnops.c:804 #6 VOP_RENAME+0xf0 sys/kern/vfs_vops.c:386 #7 dorenameat+0x29c sys/kern/vfs_syscalls.c:3021 #8 syscall+0x489 mi_syscall sys/sys/syscall_mi.h:102 [inline] #8 syscall+0x489 sys/arch/amd64/amd64/trap.c:585 #9 Xsyscall+0x128 exclusive rrwlock inode r = 0 (0xfffffd806a052f88) #0 witness_lock+0x44d #1 rw_enter+0x3e1 sys/kern/kern_rwlock.c:310 #2 rrw_enter+0x8b sys/kern/kern_rwlock.c:461 #3 VOP_LOCK+0x87 sys/kern/vfs_vops.c:534 #4 vn_lock+0x84 sys/kern/vfs_vnops.c:579 #5 vget+0x1d3 sys/kern/vfs_subr.c:677 #6 ufs_ihashget+0x121 sys/ufs/ufs/ufs_ihash.c:119 #7 ffs_vget+0x7c sys/ufs/ffs/ffs_vfsops.c:1318 #8 ufs_lookup+0x122c sys/ufs/ufs/ufs_lookup.c:582 #9 VOP_LOOKUP+0x58 sys/kern/vfs_vops.c:85 #10 vfs_lookup+0x6e5 sys/kern/vfs_lookup.c:561 #11 namei+0x36a sys/kern/vfs_lookup.c:245 #12 dorenameat+0x100 sys/kern/vfs_syscalls.c:2991 #13 syscall+0x489 mi_syscall sys/sys/syscall_mi.h:102 [inline] #13 syscall+0x489 sys/arch/amd64/amd64/trap.c:585 #14 Xsyscall+0x128 Process 36229 (syz-executor.2) thread 0xffff80002130da40 (179064) exclusive rrwlock inode r = 0 (0xfffffd806a052b48) #0 witness_lock+0x44d #1 rw_enter+0x3e1 sys/kern/kern_rwlock.c:310 #2 rrw_enter+0x8b sys/kern/kern_rwlock.c:461 #3 VOP_LOCK+0x87 sys/kern/vfs_vops.c:534 #4 ufs_ihashins+0x42 sys/ufs/ufs/ufs_ihash.c:140 #5 ffs_vget+0x141 sys/ufs/ffs/ffs_vfsops.c:1347 #6 ffs_inode_alloc+0x1be sys/ufs/ffs/ffs_alloc.c:394 #7 ufs_mkdir+0xf4 sys/ufs/ufs/ufs_vnops.c:1162 #8 VOP_MKDIR+0xbf sys/kern/vfs_vops.c:404 #9 domkdirat+0x121 sys/kern/vfs_syscalls.c:3100 #10 syscall+0x489 mi_syscall sys/sys/syscall_mi.h:102 [inline] #10 syscall+0x489 sys/arch/amd64/amd64/trap.c:585 #11 Xsyscall+0x128 exclusive rrwlock inode r = 0 (0xfffffd8074e07c48) #0 witness_lock+0x44d #1 rw_enter+0x3e1 sys/kern/kern_rwlock.c:310 #2 rrw_enter+0x8b sys/kern/kern_rwlock.c:461 #3 VOP_LOCK+0x87 sys/kern/vfs_vops.c:534 #4 vn_lock+0x84 sys/kern/vfs_vnops.c:579 #5 vfs_lookup+0xd1 sys/kern/vfs_lookup.c:413 #6 namei+0x36a sys/kern/vfs_lookup.c:245 #7 domkdirat+0x75 sys/kern/vfs_syscalls.c:3085 #8 syscall+0x489 mi_syscall sys/sys/syscall_mi.h:102 [inline] #8 syscall+0x489 sys/arch/amd64/amd64/trap.c:585 #9 Xsyscall+0x128 Process 83110 (syz-executor.3) thread 0xffff80002130cfc0 (902) exclusive rrwlock inode r = 0 (0xfffffd8074e071a8) #0 witness_lock+0x44d #1 rw_enter+0x3e1 sys/kern/kern_rwlock.c:310 #2 rrw_enter+0x8b sys/kern/kern_rwlock.c:461 #3 VOP_LOCK+0x87 sys/kern/vfs_vops.c:534 #4 vn_lock+0x84 sys/kern/vfs_vnops.c:579 #5 vget+0x1d3 sys/kern/vfs_subr.c:677 #6 ufs_ihashget+0x121 sys/ufs/ufs/ufs_ihash.c:119 #7 ffs_vget+0x7c sys/ufs/ffs/ffs_vfsops.c:1318 #8 ufs_lookup+0x13ba sys/ufs/ufs/ufs_lookup.c:487 #9 VOP_LOOKUP+0x58 sys/kern/vfs_vops.c:85 #10 vfs_relookup+0xb0 sys/kern/vfs_lookup.c:782 #11 ufs_rename+0x1446 sys/ufs/ufs/ufs_vnops.c:1055 #12 VOP_RENAME+0xf0 sys/kern/vfs_vops.c:386 #13 dorenameat+0x29c sys/kern/vfs_syscalls.c:3021 #14 syscall+0x489 mi_syscall sys/sys/syscall_mi.h:102 [inline] #14 syscall+0x489 sys/arch/amd64/amd64/trap.c:585 #15 Xsyscall+0x128 exclusive rrwlock inode r = 0 (0xfffffd806a052d68) #0 witness_lock+0x44d #1 rw_enter+0x3e1 sys/kern/kern_rwlock.c:310 #2 rrw_enter+0x8b sys/kern/kern_rwlock.c:461 #3 VOP_LOCK+0x87 sys/kern/vfs_vops.c:534 #4 vn_lock+0x84 sys/kern/vfs_vnops.c:579 #5 vfs_relookup+0x53 sys/kern/vfs_lookup.c:773 #6 ufs_rename+0x1446 sys/ufs/ufs/ufs_vnops.c:1055 #7 VOP_RENAME+0xf0 sys/kern/vfs_vops.c:386 #8 dorenameat+0x29c sys/kern/vfs_syscalls.c:3021 #9 syscall+0x489 mi_syscall sys/sys/syscall_mi.h:102 [inline] #9 syscall+0x489 sys/arch/amd64/amd64/trap.c:585 #10 Xsyscall+0x128 Process 90002 (syz-executor.0) thread 0xffff80002130d260 (123931) exclusive rrwlock inode r = 0 (0xfffffd806a052708) #0 witness_lock+0x44d #1 rw_enter+0x3e1 sys/kern/kern_rwlock.c:310 #2 rrw_enter+0x8b sys/kern/kern_rwlock.c:461 #3 VOP_LOCK+0x87 sys/kern/vfs_vops.c:534 #4 vn_lock+0x84 sys/kern/vfs_vnops.c:579 #5 ufs_rename+0x18b sys/ufs/ufs/ufs_vnops.c:804 #6 VOP_RENAME+0xf0 sys/kern/vfs_vops.c:386 #7 dorenameat+0x29c sys/kern/vfs_syscalls.c:3021 #8 syscall+0x489 mi_syscall sys/sys/syscall_mi.h:102 [inline] #8 syscall+0x489 sys/arch/amd64/amd64/trap.c:585 #9 Xsyscall+0x128 exclusive rrwlock inode r = 0 (0xfffffd8074e07918) #0 witness_lock+0x44d #1 rw_enter+0x3e1 sys/kern/kern_rwlock.c:310 #2 rrw_enter+0x8b sys/kern/kern_rwlock.c:461 #3 VOP_LOCK+0x87 sys/kern/vfs_vops.c:534 #4 vn_lock+0x84 sys/kern/vfs_vnops.c:579 #5 vget+0x1d3 sys/kern/vfs_subr.c:677 #6 ufs_ihashget+0x121 sys/ufs/ufs/ufs_ihash.c:119 #7 ffs_vget+0x7c sys/ufs/ffs/ffs_vfsops.c:1318 #8 ufs_lookup+0x1351 sys/ufs/ufs/ufs_lookup.c:529 #9 VOP_LOOKUP+0x58 sys/kern/vfs_vops.c:85 #10 vfs_lookup+0x6e5 sys/kern/vfs_lookup.c:561 #11 namei+0x36a sys/kern/vfs_lookup.c:245 #12 dorenameat+0x100 sys/kern/vfs_syscalls.c:2991 #13 syscall+0x489 mi_syscall sys/sys/syscall_mi.h:102 [inline] #13 syscall+0x489 sys/arch/amd64/amd64/trap.c:585 #14 Xsyscall+0x128 exclusive rrwlock inode r = 0 (0xfffffd8074e07a28) #0 witness_lock+0x44d #1 rw_enter+0x3e1 sys/kern/kern_rwlock.c:310 #2 rrw_enter+0x8b sys/kern/kern_rwlock.c:461 #3 VOP_LOCK+0x87 sys/kern/vfs_vops.c:534 #4 vn_lock+0x84 sys/kern/vfs_vnops.c:579 #5 vget+0x1d3 sys/kern/vfs_subr.c:677 #6 ufs_ihashget+0x121 sys/ufs/ufs/ufs_ihash.c:119 #7 ffs_vget+0x7c sys/ufs/ffs/ffs_vfsops.c:1318 #8 ufs_lookup+0x122c sys/ufs/ufs/ufs_lookup.c:582 #9 VOP_LOOKUP+0x58 sys/kern/vfs_vops.c:85 #10 vfs_lookup+0x6e5 sys/kern/vfs_lookup.c:561 #11 namei+0x36a sys/kern/vfs_lookup.c:245 #12 dorenameat+0x100 sys/kern/vfs_syscalls.c:2991 #13 syscall+0x489 mi_syscall sys/sys/syscall_mi.h:102 [inline] #13 syscall+0x489 sys/arch/amd64/amd64/trap.c:585 #14 Xsyscall+0x128 Process 53902 (syz-executor.4) thread 0xffff8000212677a8 (94523) exclusive rrwlock inode r = 0 (0xfffffd8074e07098) #0 witness_lock+0x44d #1 rw_enter+0x3e1 sys/kern/kern_rwlock.c:310 #2 rrw_enter+0x8b sys/kern/kern_rwlock.c:461 #3 VOP_LOCK+0x87 sys/kern/vfs_vops.c:534 #4 vn_lock+0x84 sys/kern/vfs_vnops.c:579 #5 vget+0x1d3 sys/kern/vfs_subr.c:677 #6 ufs_ihashget+0x121 sys/ufs/ufs/ufs_ihash.c:119 #7 ffs_vget+0x7c sys/ufs/ffs/ffs_vfsops.c:1318 #8 ufs_lookup+0x13ba sys/ufs/ufs/ufs_lookup.c:487 #9 VOP_LOOKUP+0x58 sys/kern/vfs_vops.c:85 #10 vfs_relookup+0xb0 sys/kern/vfs_lookup.c:782 #11 ufs_rename+0x1446 sys/ufs/ufs/ufs_vnops.c:1055 #12 VOP_RENAME+0xf0 sys/kern/vfs_vops.c:386 #13 dorenameat+0x29c sys/kern/vfs_syscalls.c:3021 #14 syscall+0x489 mi_syscall sys/sys/syscall_mi.h:102 [inline] #14 syscall+0x489 sys/arch/amd64/amd64/trap.c:585 #15 Xsyscall+0x128 exclusive rrwlock inode r = 0 (0xfffffd8074e073c8) #0 witness_lock+0x44d #1 rw_enter+0x3e1 sys/kern/kern_rwlock.c:310 #2 rrw_enter+0x8b sys/kern/kern_rwlock.c:461 #3 VOP_LOCK+0x87 sys/kern/vfs_vops.c:534 #4 vn_lock+0x84 sys/kern/vfs_vnops.c:579 #5 vfs_relookup+0x53 sys/kern/vfs_lookup.c:773 #6 ufs_rename+0x1446 sys/ufs/ufs/ufs_vnops.c:1055 #7 VOP_RENAME+0xf0 sys/kern/vfs_vops.c:386 #8 dorenameat+0x29c sys/kern/vfs_syscalls.c:3021 #9 syscall+0x489 mi_syscall sys/sys/syscall_mi.h:102 [inline] #9 syscall+0x489 sys/arch/amd64/amd64/trap.c:585 #10 Xsyscall+0x128 exclusive kernel_lock &kernel_lock r = 0 (0xffffffff829aeaf8) #0 witness_lock+0x44d #1 __mp_acquire_count+0x48 sys/kern/kern_lock.c:227 #2 mi_switch+0x3d3 sys/kern/sched_bsd.c:416 #3 sleep_finish+0x1b2 sys/kern/kern_synch.c:433 #4 tsleep+0x12c sys/kern/kern_synch.c:158 #5 biowait+0x91 sys/kern/vfs_bio.c:1271 #6 bwrite+0x21b sys/kern/vfs_bio.c:772 #7 ffs_update+0x27d sys/ufs/ffs/ffs_inode.c:113 #8 ffs_truncate+0xcec #9 ufs_rename+0x1360 sys/ufs/ufs/ufs_vnops.c:1037 #10 VOP_RENAME+0xf0 sys/kern/vfs_vops.c:386 #11 dorenameat+0x29c sys/kern/vfs_syscalls.c:3021 #12 syscall+0x489 mi_syscall sys/sys/syscall_mi.h:102 [inline] #12 syscall+0x489 sys/arch/amd64/amd64/trap.c:585 #13 Xsyscall+0x128 ddb{1}> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10168 6406K 6419K 78643K 11258 0 pcb 13 8K 8K 78643K 13 0 rtable 238 6K 7K 78643K 348 0 ifaddr 81 16K 16K 78643K 82 0 counters 56 35K 35K 78643K 56 0 ioctlops 0 0K 2K 78643K 33 0 mount 1 1K 1K 78643K 1 0 log 0 0K 0K 78643K 5 0 vnodes 1166 73K 73K 78643K 1179 0 UFS quota 1 32K 32K 78643K 1 0 UFS mount 5 36K 36K 78643K 5 0 shm 2 1K 1K 78643K 2 0 VM map 2 1K 1K 78643K 2 0 sem 2 0K 0K 78643K 2 0 dirhash 12 2K 2K 78643K 12 0 ACPI 1697 195K 286K 78643K 12548 0 file desc 26 97K 125K 78643K 5916 0 proc 56 74K 123K 78643K 451 0 NFS srvsock 1 0K 0K 78643K 1 0 NFS daemon 1 16K 16K 78643K 1 0 in_multi 99 6K 6K 78643K 99 0 ether_multi 1 0K 0K 78643K 1 0 ISOFS mount 1 32K 32K 78643K 1 0 MSDOSFS mount 1 16K 16K 78643K 1 0 ttys 25 122K 122K 78643K 25 0 exec 0 0K 2K 78643K 608 0 tdb 3 0K 0K 78643K 3 0 pagedep 1 8K 8K 78643K 1 0 inodedep 1 32K 32K 78643K 1 0 newblk 1 0K 0K 78643K 1 0 VM swap 7 26K 26K 78643K 7 0 UVM amap 288 76K 76K 78643K 79752 0 UVM aobj 3 2K 2K 78643K 3 0 memdesc 1 4K 4K 78643K 1 0 crypto data 1 1K 1K 78643K 1 0 NDP 11 0K 2K 78643K 27 0 temp 52 4687K 4751K 78643K 39855 0 kqueue 12 18K 18K 78643K 25 0 SYN cache 2 16K 16K 78643K 2 0 ddb{1}>