panpanic: kernel diagnostic assertion "((flags & PGO_LOCKED) != 0 && rw_lock_held(uobj->vmobjlock)) || (flags & PGO_LOCKED) == 0" failed: file "/syzkaller/managers/setuid/kernel/sys/uvm/uvm_vnode.c", line 953 Stopped at db_enter+0x1c: addq $0x8,%rsp TID PID UID PRFLAGS PFLAGS CPU COMMAND *175374 71237 32767 0x8000010 0 1 syz-executor.7 272146 39983 32767 0x8000010 0 0 syz-executor.1 db_enter() at db_enter+0x1c sys/arch/amd64/amd64/db_interface.c:437 panic(ffffffff8295f3e1) at panic+0x17b sys/kern/subr_prf.c:198 __assert(ffffffff8291102d,ffffffff828b0ba1,3b9,ffffffff829342c7) at __assert+0x29 sys/kern/subr_prf.c:157 uvn_get(fffffd806de588d8,58000,ffff80002bccde50,ffff80002bccdccc,3,4,ba09c670d9c3c3f7,58000) at uvn_get+0x4ca sys/uvm/uvm_vnode.c:952 uvm_fault_lower_lookup(ffff80002bccded0,ffff80002bccdf08,ffff80002bccde50) at uvm_fault_lower_lookup+0xf3 sys/uvm/uvm_fault.c:1128 uvm_fault_lower(ffff80002bccded0,ffff80002bccdf08,ffff80002bccde50,0) at uvm_fault_lower+0x62 sys/uvm/uvm_fault.c:1227 uvm_fault(fffffd80684d78b0,e87f88dc000,0,4) at uvm_fault+0x255 sys/uvm/uvm_fault.c:637 upageflttrap(ffff80002bcce050,e87f88dc530) at upageflttrap+0x8e sys/arch/amd64/amd64/trap.c:188 usertrap(ffff80002bcce050) at usertrap+0x22a sys/arch/amd64/amd64/trap.c:436 recall_trap() at recall_trap+0x8 end of kernel end trace frame: 0x75fdeba6cad0, count: 5 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb{1}> ddb{1}> set $lines = 0 ddb{1}> set $maxwidth = 0 ddb{1}> show panic *cpu0: vop_generic_badop cpu1: kernel diagnostic assertion "((flags & PGO_LOCKED) != 0 && rw_lock_held(uobj->vmobjlock)) || (flags & PGO_LOCKED) == 0" failed: file "/syzkaller/managers/setuid/kernel/sys/uvm/uvm_vnode.c", line 953 ddb{1}> trace db_enter() at db_enter+0x1c sys/arch/amd64/amd64/db_interface.c:437 panic(ffffffff8295f3e1) at panic+0x17b sys/kern/subr_prf.c:198 __assert(ffffffff8291102d,ffffffff828b0ba1,3b9,ffffffff829342c7) at __assert+0x29 sys/kern/subr_prf.c:157 uvn_get(fffffd806de588d8,58000,ffff80002bccde50,ffff80002bccdccc,3,4,ba09c670d9c3c3f7,58000) at uvn_get+0x4ca sys/uvm/uvm_vnode.c:952 uvm_fault_lower_lookup(ffff80002bccded0,ffff80002bccdf08,ffff80002bccde50) at uvm_fault_lower_lookup+0xf3 sys/uvm/uvm_fault.c:1128 uvm_fault_lower(ffff80002bccded0,ffff80002bccdf08,ffff80002bccde50,0) at uvm_fault_lower+0x62 sys/uvm/uvm_fault.c:1227 uvm_fault(fffffd80684d78b0,e87f88dc000,0,4) at uvm_fault+0x255 sys/uvm/uvm_fault.c:637 upageflttrap(ffff80002bcce050,e87f88dc530) at upageflttrap+0x8e sys/arch/amd64/amd64/trap.c:188 usertrap(ffff80002bcce050) at usertrap+0x22a sys/arch/amd64/amd64/trap.c:436 recall_trap() at recall_trap+0x8 end of kernel end trace frame: 0x75fdeba6cad0, count: -10 ddb{1}> show registers rdi 0 rsi 0x1 rbp 0xffff80002bccdaf0 rbx 0xffff800029cecd77 rdx 0 rcx 0xffff8000ffff5740 rax 0xffff800029cebff0 r8 0x101010101010101 r9 0x8080808080808080 r10 0xf711d5ecb1473dee r11 0x966cbc16bab83a67 r12 0xffff800029cecb78 r13 0 r14 0xffffffff82d5eb78 cpu_info_full_primary+0x2b78 r15 0x1 rip 0xffffffff822251fc db_enter+0x1c cs 0x8 rflags 0x246 rsp 0xffff80002bccdae0 ss 0 db_enter+0x1c: addq $0x8,%rsp ddb{1}> show proc PROC (syz-executor.7) tid=175374 pid=71237 tcnt=1 stat=onproc flags process=8000010 proc=0 runpri=82, usrpri=82, slppri=16, nice=20 wchan=0x0, wmesg=, ps_single=0x0 forw=0xffffffffffffffff, list=0xffff8000ffff4f90,0xffff8000ffff4a80 process=0xffff80002d7479e0 user=0xffff80002bcc9000, vmspace=0xfffffd80684d78b0 estcpu=36, cpticks=2, pctcpu=0.0, user=0, sys=2, intr=0 ddb{1}> ps PID TID PPID UID S FLAGS WAIT COMMAND 65546 397485 2605 32767 2 0x8000010 syz-executor.6 64086 283232 7343 32767 2 0x8000010 syz-executor.2 64086 119371 7343 32767 2 0xc000010 syz-executor.2 *71237 175374 13288 32767 7 0x8000010 syz-executor.7 73313 444775 35530 32767 2 0x8000010 syz-executor.4 76146 476991 11872 32767 2 0x8000010 syz-executor.3 76146 410710 11872 32767 2 0xc000010 syz-executor.3 39983 272146 47687 32767 7 0x8000010 syz-executor.1 47687 306737 31317 0 3 0x8000082 wait syz-executor.1 2605 200485 23378 32767 3 0x8000090 nanoslp syz-executor.6 23378 497787 31317 0 3 0x8000082 wait syz-executor.6 35530 308545 97318 32767 3 0x8000090 nanoslp syz-executor.4 97318 147034 31317 0 3 0x8000082 wait syz-executor.4 7343 347175 24742 32767 3 0x8000090 nanoslp syz-executor.2 24742 502911 31317 0 3 0x8000082 wait syz-executor.2 11872 179657 747 32767 3 0x8000090 nanoslp syz-executor.3 747 57894 31317 0 3 0x8000082 wait syz-executor.3 71982 516900 84874 32767 2 0x8000010 syz-executor.5 84874 423021 31317 0 3 0x8000082 wait syz-executor.5 16745 255320 70866 32767 2 0x8000010 syz-executor.0 13288 14475 86393 32767 3 0x8000090 nanoslp syz-executor.7 70866 515025 31317 0 3 0x8000082 wait syz-executor.0 86393 346142 31317 0 3 0x8000082 wait syz-executor.7 73395 216632 0 0 3 0x14200 bored sosplice 31317 68074 18268 0 3 0x1a000082 thrsleep syz-fuzzer 31317 104094 18268 0 3 0x1e000082 nanoslp syz-fuzzer 31317 60638 18268 0 3 0x1e000082 wait syz-fuzzer 31317 165953 18268 0 3 0x1e000082 wait syz-fuzzer 31317 34926 18268 0 3 0x1e000082 wait syz-fuzzer 31317 401499 18268 0 3 0x1e000082 wait syz-fuzzer 31317 242355 18268 0 3 0x1e000082 wait syz-fuzzer 31317 207257 18268 0 3 0x1e000082 thrsleep syz-fuzzer 31317 351637 18268 0 3 0x1e000082 thrsleep syz-fuzzer 31317 272792 18268 0 3 0x1e000082 thrsleep syz-fuzzer 31317 435045 18268 0 3 0x1e000082 thrsleep syz-fuzzer 31317 407255 18268 0 2 0x1e000002 syz-fuzzer 31317 248013 18268 0 3 0x1e000082 wait syz-fuzzer 31317 57752 18268 0 2 0x1e000002 syz-fuzzer 31317 398687 18268 0 3 0x1e000082 wait syz-fuzzer 31317 224380 18268 0 3 0x1e000082 wait syz-fuzzer 18268 433001 23043 0 3 0x810008a sigsusp ksh 23043 190683 15915 0 3 0x1800009a kqread sshd 81212 144894 1 0 3 0x18100083 ttyin getty 15915 246922 1 0 3 0x18000088 kqread sshd 99995 410333 57103 73 3 0x19100090 kqread syslogd 57103 121423 1 0 3 0x18100082 sbwait syslogd 23453 421773 1 0 3 0x18100080 kqread resolvd 52638 141409 73085 77 3 0x18100092 kqread dhcpleased 50733 428249 73085 77 3 0x18100092 kqread dhcpleased 73085 147918 1 0 3 0x18000080 kqread dhcpleased 335 187133 0 0 3 0x14200 bored smr 99494 514132 0 0 2 0x14200 zerothread 35802 51132 0 0 3 0x14200 aiodoned aiodoned 69817 360414 0 0 3 0x14200 syncer update 66439 17574 0 0 3 0x14200 cleaner cleaner 41236 327205 0 0 3 0x14200 reaper reaper 32739 189482 0 0 3 0x14200 pgdaemon pagedaemon 92963 37524 0 0 3 0x14200 bored viomb 70479 240956 0 0 3 0x40014200 acpi0 acpi0 69293 289303 0 0 3 0x40014200 idle1 23255 365441 0 0 3 0x14200 bored softnet3 39134 29563 0 0 3 0x14200 bored softnet2 38491 269836 0 0 3 0x14200 bored softnet1 74265 428190 0 0 3 0x14200 bored softnet0 22835 107486 0 0 3 0x14200 bored systqmp 98479 414696 0 0 3 0x14200 bored systq 77999 287687 0 0 3 0x14200 tmoslp softclockmp 12920 183718 0 0 3 0x40014200 tmoslp softclock 16240 476633 0 0 3 0x40014200 idle0 1 524239 0 0 3 0x8000082 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb{1}> show all locks Process 73313 (syz-executor.4) thread 0xffff8000ffff4f90 (444775) exclusive rwlock vmmaplk r = 0 (0xfffffd80684d7108) #0 witness_lock+0x446 stacktrace_save sys/sys/stacktrace.h:37 [inline] #0 witness_lock+0x446 sys/kern/subr_witness.c:1157 #1 rw_enter+0x32d sys/kern/kern_rwlock.c:309 #2 vm_map_lock_ln+0xfa sys/uvm/uvm_map.c:5291 #3 uvmfault_lookup+0xb6 sys/uvm/uvm_fault.c:1779 #4 uvm_fault_check+0x63d uvmfault_amapcopy sys/uvm/uvm_fault.c:236 [inline] #4 uvm_fault_check+0x63d sys/uvm/uvm_fault.c:710 #5 uvm_fault+0xf2 sys/uvm/uvm_fault.c:600 #6 upageflttrap+0x8e sys/arch/amd64/amd64/trap.c:188 #7 usertrap+0x22a sys/arch/amd64/amd64/trap.c:436 #8 recall_trap+0x8 Process 39983 (syz-executor.1) thread 0xffff80003738f228 (272146) exclusive kernel_lock &kernel_lock r = 0 (0xffffffff82d6a3a8) #0 witness_lock+0x446 stacktrace_save sys/sys/stacktrace.h:37 [inline] #0 witness_lock+0x446 sys/kern/subr_witness.c:1157 #1 __mp_acquire_count+0x48 sys/kern/kern_lock.c:227 #2 mi_switch+0x491 sys/kern/sched_bsd.c:470 #3 sleep_finish+0x19a sys/kern/kern_synch.c:417 #4 biowait+0x91 sys/kern/vfs_bio.c:1254 #5 bwrite+0x1fe sys/kern/vfs_bio.c:766 #6 ffs_update+0x27f sys/ufs/ffs/ffs_inode.c:111 #7 ufs_mkdir+0x430 sys/ufs/ufs/ufs_vnops.c:1160 #8 VOP_MKDIR+0xc3 sys/kern/vfs_vops.c:394 #9 domkdirat+0x125 sys/kern/vfs_syscalls.c:3104 #10 syscall+0x854 mi_syscall sys/sys/syscall_mi.h:180 [inline] #10 syscall+0x854 sys/arch/amd64/amd64/trap.c:577 #11 Xsyscall+0x128 exclusive rrwlock inode r = 0 (0xfffffd8068c60d58) #0 witness_lock+0x446 stacktrace_save sys/sys/stacktrace.h:37 [inline] #0 witness_lock+0x446 sys/kern/subr_witness.c:1157 #1 rw_enter+0x32d sys/kern/kern_rwlock.c:309 #2 rrw_enter+0x91 sys/kern/kern_rwlock.c:464 #3 VOP_LOCK+0x8b sys/kern/vfs_vops.c:524 #4 vn_lock+0x85 sys/kern/vfs_vnops.c:564 #5 vget+0x1fd sys/kern/vfs_subr.c:676 #6 ufs_ihashget+0x121 sys/ufs/ufs/ufs_ihash.c:119 #7 ffs_vget+0x7c sys/ufs/ffs/ffs_vfsops.c:1201 #8 ffs_inode_alloc+0x1e4 sys/ufs/ffs/ffs_alloc.c:393 #9 ufs_mkdir+0xe6 sys/ufs/ufs/ufs_vnops.c:1112 #10 VOP_MKDIR+0xc3 sys/kern/vfs_vops.c:394 #11 domkdirat+0x125 sys/kern/vfs_syscalls.c:3104 #12 syscall+0x854 mi_syscall sys/sys/syscall_mi.h:180 [inline] #12 syscall+0x854 sys/arch/amd64/amd64/trap.c:577 #13 Xsyscall+0x128 exclusive rrwlock inode r = 0 (0xfffffd806862bf88) #0 witness_lock+0x446 stacktrace_save sys/sys/stacktrace.h:37 [inline] #0 witness_lock+0x446 sys/kern/subr_witness.c:1157 #1 rw_enter+0x32d sys/kern/kern_rwlock.c:309 #2 rrw_enter+0x91 sys/kern/kern_rwlock.c:464 #3 VOP_LOCK+0x8b sys/kern/vfs_vops.c:524 #4 vn_lock+0x85 sys/kern/vfs_vnops.c:564 #5 vfs_lookup+0xd3 sys/kern/vfs_lookup.c:418 #6 namei+0x56a sys/kern/vfs_lookup.c:250 #7 domkdirat+0x79 sys/kern/vfs_syscalls.c:3089 #8 syscall+0x854 mi_syscall sys/sys/syscall_mi.h:180 [inline] #8 syscall+0x854 sys/arch/amd64/amd64/trap.c:577 #9 Xsyscall+0x128 Process 16745 (syz-executor.0) thread 0xffff80002a1fd218 (255320) exclusive rrwlock inode r = 0 (0xfffffd8068c601a8) #0 witness_lock+0x446 stacktrace_save sys/sys/stacktrace.h:37 [inline] #0 witness_lock+0x446 sys/kern/subr_witness.c:1157 #1 rw_enter+0x32d sys/kern/kern_rwlock.c:309 #2 rrw_enter+0x91 sys/kern/kern_rwlock.c:464 #3 VOP_LOCK+0x8b sys/kern/vfs_vops.c:524 #4 ufs_ihashins+0x46 #5 ffs_vget+0x141 sys/ufs/ffs/ffs_vfsops.c:1230 #6 ffs_inode_alloc+0x1e4 sys/ufs/ffs/ffs_alloc.c:393 #7 ufs_mkdir+0xe6 sys/ufs/ufs/ufs_vnops.c:1112 #8 VOP_MKDIR+0xc3 sys/kern/vfs_vops.c:394 #9 domkdirat+0x125 sys/kern/vfs_syscalls.c:3104 #10 syscall+0x854 mi_syscall sys/sys/syscall_mi.h:180 [inline] #10 syscall+0x854 sys/arch/amd64/amd64/trap.c:577 #11 Xsyscall+0x128 exclusive rrwlock inode r = 0 (0xfffffd805906f6f8) #0 witness_lock+0x446 stacktrace_save sys/sys/stacktrace.h:37 [inline] #0 witness_lock+0x446 sys/kern/subr_witness.c:1157 #1 rw_enter+0x32d sys/kern/kern_rwlock.c:309 #2 rrw_enter+0x91 sys/kern/kern_rwlock.c:464 #3 VOP_LOCK+0x8b sys/kern/vfs_vops.c:524 #4 vn_lock+0x85 sys/kern/vfs_vnops.c:564 #5 vfs_lookup+0xd3 sys/kern/vfs_lookup.c:418 #6 namei+0x56a sys/kern/vfs_lookup.c:250 #7 domkdirat+0x79 sys/kern/vfs_syscalls.c:3089 #8 syscall+0x854 mi_syscall sys/sys/syscall_mi.h:180 [inline] #8 syscall+0x854 sys/arch/amd64/amd64/trap.c:577 #9 Xsyscall+0x128 ddb{1}> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10205 6411K 6419K 166960K 11498 0 pcb 17 12K 12K 166960K 17 0 rtable 238 6K 7K 166960K 3107 0 pf 29 8K 8K 166960K 171 0 ifaddr 44 16K 16K 166960K 336 0 ifgroup 50 2K 2K 166960K 334 0 sysctl 4 1K 3K 166960K 8 0 counters 64 36K 36K 166960K 206 0 ioctlops 0 0K 2K 166960K 197 0 iov 0 0K 24K 166960K 596 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1377 87K 87K 166960K 3260 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 1K 9K 166960K 152 0 VM map 2 1K 1K 166960K 2 0 sem 12 0K 0K 166960K 968 0 dirhash 12 2K 3K 166960K 375 0 ACPI 1697 195K 286K 166960K 12548 0 file desc 23 85K 117K 166960K 7715 0 sigio 0 0K 0K 166960K 128 0 proc 56 78K 139K 166960K 3129 0 subproc 104 6K 7K 166960K 1157 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 0 0K 0K 166960K 1832 0 in_multi 99 7K 7K 166960K 1232 0 ether_multi 1 0K 0K 166960K 51 0 mrt 2 0K 0K 166960K 7 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 229 1023K 1023K 166960K 229 0 exec 0 0K 1K 166960K 2163 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 281 76K 134K 166960K 67489 0 UVM aobj 131 8K 8K 166960K 164 0 pinsyscall 43 86K 104K 166960K 10736 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 0K 166960K 649 0 NDP 15 0K 2K 166960K 240 0 temp 74 6820K 6948K 166960K 28733 0 kqueue 12 18K 30K 166960K 1397 0 SYN cache 2 16K 16K 166960K 2 0 ddb{1}> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle plcache 128 24 0 0 1 0 1 1 0 8 0 rtpcb 120 1266 0 1263 1 0 1 1 0 8 0 rtentry 112 1035 0 923 4 0 4 4 0 8 0 unpcb 144 6498 0 6485 29 27 2 6 0 8 1 syncache 336 119 0 119 33 32 1 1 0 8 1 sackhl 24 2 0 2 2 2 0 1 0 8 0 tcpqe 32 30 0 30 8 8 0 1 0 8 0 tcpcb 808 5138 0 5133 88 80 8 8 0 8 7 arp 120 165 0 146 1 0 1 1 0 8 0 ipq 40 35 0 34 4 3 1 1 0 8 0 ipqe 40 186 0 185 4 3 1 1 0 8 0 inpcb 384 10290 0 10278 125 114 11 12 0 8 8 ip6q 72 2 0 2 2 2 0 1 0 8 0 ip6af 40 4 0 4 2 2 0 1 0 8 0 nd6 136 374 0 349 3 1 2 2 0 8 1 kcovpl 48 89 0 81 1 0 1 1 0 8 0 rttmr 136 1 0 1 1 1 0 1 0 8 0 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 4759 0 4298 51 18 33 34 0 8 2 art_table 32 4760 0 4298 6 1 5 5 0 8 0 art_node 16 1034 0 932 1 0 1 1 0 8 0 sysvmsgpl 40 21 0 14 1 0 1 1 0 8 0 semupl 112 1 0 1 1 1 0 1 0 8 0 semapl 112 966 0 956 1 0 1 1 0 8 0 shmpl 112 161 0 33 4 0 4 4 0 8 0 dirhash 1024 259 0 242 3 0 3 3 0 8 0 dino2pl 256 12215 0 10688 97 0 97 97 0 8 0 ffsino 272 12215 0 10688 103 0 103 103 0 8 0 nchpl 144 22771 0 21040 66 1 65 66 0 8 0 uvmvnodes 80 9076 0 0 186 0 186 186 0 8 0 vnodes 216 9076 0 0 505 0 505 505 0 8 0 namei 1024 86006 0 86005 16 15 1 2 0 8 0 percpumem 16 117 0 71 1 0 1 1 0 8 0 kstatmem 264 164 0 142 2 0 2 2 0 8 0 scxspl 216 172444 0 172444 53 51 2 8 1 8 2 plimitpl 152 2208 0 2185 2 0 2 2 0 8 0 sigapl 424 7848 0 7795 8 1 7 7 0 8 0 futexpl 64 116976 0 116976 24 23 1 1 0 8 1 knotepl 120 1415 0 0 26 1 25 26 0 8 0 kqueuepl 216 2579 0 2571 10 9 1 5 0 8 0 pipepl 320 1535 0 1507 16 13 3 8 0 8 0 fdescpl 496 7829 0 7795 8 2 6 6 0 8 0 filepl 152 54188 0 53953 58 44 14 17 0 8 3 lockfpl 104 1831 0 1829 1 0 1 1 0 8 0 lockfspl 48 697 0 695 1 0 1 1 0 8 0 sessionpl 144 94 0 78 1 0 1 1 0 8 0 pgrppl 48 228 0 212 1 0 1 1 0 8 0 ucredpl 104 11544 0 11526 1 0 1 1 0 8 0 zombiepl 144 7795 0 7795 1 0 1 1 0 8 1 processpl 1136 7848 0 7795 7 2 5 5 0 8 0 procpl 656 16341 0 16271 9 1 8 8 0 8 0 sosppl 168 94 0 94 21 21 0 1 0 8 0 sockpl 664 18277 0 18251 106 94 12 15 0 8 8 mcl64k 65536 12 0 0 2 0 2 2 0 8 0 mcl16k 16384 5 0 0 1 0 1 1 0 8 0 mcl12k 12288 2 0 0 1 0 1 1 0 8 0 mcl9k 9216 2 0 0 1 0 1 1 0 8 0 mcl8k 8192 5 0 0 1 0 1 1 0 8 0 mcl4k 4096 4 0 0 1 0 1 1 0 8 0 mcl2k2 2112 2 0 0 1 0 1 1 0 8 0 mcl2k 2048 964 0 0 48 21 27 47 0 8 0 mtagpl 96 4 0 0 1 0 1 1 0 8 0 mbufpl 256 1595 0 0 70 0 70 70 0 8 0 bufpl 280 20107 0 11031 649 0 649 649 0 8 0 anonpl 24 1224177 0 1217729 322 250 72 155 0 186 0 amapchunkpl 152 229806 0 229131 234 189 45 73 0 158 9 amappl16 200 26184 0 26049 230 209 21 34 0 8 6 amappl15 192 112 0 111 1 0 1 1 0 8 0 amappl14 184 401 0 387 2 1 1 2 0 8 0 amappl13 176 20 0 20 5 4 1 1 0 8 1 amappl12 168 9566 0 9531 2 0 2 2 0 8 0 amappl11 160 48 0 38 1 0 1 1 0 8 0 amappl10 152 148 0 136 1 0 1 1 0 8 0 amappl9 144 213 0 213 3 3 0 1 0 8 0 amappl8 136 526 0 484 2 0 2 2 0 8 0 amappl7 128 65 0 48 1 0 1 1 0 8 0 amappl6 120 1280 0 1264 2 1 1 2 0 8 0 amappl5 112 448 0 436 1 0 1 1 0 8 0 amappl4 104 1253 0 1211 2 0 2 2 0 8 0 amappl3 96 40905 0 40826 5 2 3 4 0 8 0 amappl2 88 8419 0 8343 3 1 2 3 0 8 0 amappl1 80 36985 0 36476 22 10 12 22 0 8 0 amappl 88 65689 0 65492 6 0 6 6 0 92 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 163 0 33 4 1 3 3 0 8 0 uaddrrnd 24 7830 0 7796 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 7830 0 7796 1 0 1 1 0 8 0 vmmpekpl 168 56682 0 56617 4 0 4 4 0 8 0 vmmpepl 168 488280 0 486237 256 145 111 130 0 357 6 vmsppl 440 7829 0 7796 5 0 5 5 0 8 0 rwobjpl 56 124499 0 114224 182 32 150 153 0 8 0 pdppl 4096 15667 0 15592 430 347 83 91 0 8 8 pvpl 32 45439 0 0 367 0 367 367 0 265 0 pmappl 248 7829 0 7796 4 1 3 3 0 8 0 extentpl 40 56 0 38 1 0 1 1 0 8 0 phpool 112 948 0 515 13 0 13 13 0 8 0 ddb{1}> machine ddbcpu 0 Stopped at x86_ipi_db+0x1e: addq $0x8,%rsp x86_ipi_db(ffffffff82d5dff0) at x86_ipi_db+0x1e sys/arch/amd64/amd64/db_interface.c:393 x86_ipi_handler() at x86_ipi_handler+0xb7 sys/arch/amd64/amd64/ipi.c:106 Xresume_lapic_ipi() at Xresume_lapic_ipi+0x27 __sanitizer_cov_trace_pc() at __sanitizer_cov_trace_pc scsi_xs_put(fffffd805dca3640) at scsi_xs_put+0x3f scsi_iopool_put sys/scsi/scsi_base.c:270 [inline] scsi_xs_put(fffffd805dca3640) at scsi_xs_put+0x3f scsi_io_put sys/scsi/scsi_base.c:499 [inline] scsi_xs_put(fffffd805dca3640) at scsi_xs_put+0x3f sys/scsi/scsi_base.c:787 scsi_done(fffffd805dca3640) at scsi_done+0x2e sys/scsi/scsi_base.c:1496 vioscsi_vq_done(ffff8000000a3268) at vioscsi_vq_done+0xb1 sys/dev/pv/vioscsi.c:350 intr_handler(ffff80002e956630,ffff80000006bc00) at intr_handler+0x93 sys/arch/amd64/amd64/intr.c:543 Xintr_ioapic_edge23_untramp() at Xintr_ioapic_edge23_untramp+0x18f Xspllower() at Xspllower+0x1d cnputc(6e) at cnputc+0x4f sys/dev/cons.c:218 db_putchar(6e) at db_putchar+0x3eb sys/ddb/db_output.c:155 kprintf() at kprintf+0x69a db_printf(ffffffff828feb70) at db_printf+0x89 sys/kern/subr_prf.c:498 end trace frame: 0xffff80002e956a20, count: 0 ddb{0}> trace x86_ipi_db(ffffffff82d5dff0) at x86_ipi_db+0x1e sys/arch/amd64/amd64/db_interface.c:393 x86_ipi_handler() at x86_ipi_handler+0xb7 sys/arch/amd64/amd64/ipi.c:106 Xresume_lapic_ipi() at Xresume_lapic_ipi+0x27 __sanitizer_cov_trace_pc() at __sanitizer_cov_trace_pc scsi_xs_put(fffffd805dca3640) at scsi_xs_put+0x3f scsi_iopool_put sys/scsi/scsi_base.c:270 [inline] scsi_xs_put(fffffd805dca3640) at scsi_xs_put+0x3f scsi_io_put sys/scsi/scsi_base.c:499 [inline] scsi_xs_put(fffffd805dca3640) at scsi_xs_put+0x3f sys/scsi/scsi_base.c:787 scsi_done(fffffd805dca3640) at scsi_done+0x2e sys/scsi/scsi_base.c:1496 vioscsi_vq_done(ffff8000000a3268) at vioscsi_vq_done+0xb1 sys/dev/pv/vioscsi.c:350 intr_handler(ffff80002e956630,ffff80000006bc00) at intr_handler+0x93 sys/arch/amd64/amd64/intr.c:543 Xintr_ioapic_edge23_untramp() at Xintr_ioapic_edge23_untramp+0x18f Xspllower() at Xspllower+0x1d cnputc(6e) at cnputc+0x4f sys/dev/cons.c:218 db_putchar(6e) at db_putchar+0x3eb sys/ddb/db_output.c:155 kprintf() at kprintf+0x69a db_printf(ffffffff828feb70) at db_printf+0x89 sys/kern/subr_prf.c:498 panic(ffffffff82896cd2) at panic+0xdb sys/kern/subr_prf.c:216 vop_generic_badop(ffff80002e956a58) at vop_generic_badop+0x1f sys/kern/vfs_default.c:133 VOP_STRATEGY(fffffd80547e3058,fffffd80554e49d8) at VOP_STRATEGY+0x9f sys/kern/vfs_vops.c:634 bwrite(fffffd80554e49d8) at bwrite+0x1d3 sys/kern/vfs_bio.c:757 VOP_BWRITE(fffffd80554e49d8) at VOP_BWRITE+0x4e sys/kern/vfs_vops.c:646 ufs_mkdir(ffff80002e956cd0) at ufs_mkdir+0x445 sys/ufs/ufs/ufs_vnops.c:1160 VOP_MKDIR(fffffd806a74ae88,ffff80002e956e30,ffff80002e956e60,ffff80002e956d60) at VOP_MKDIR+0xc3 sys/kern/vfs_vops.c:394 domkdirat(ffff80003738f228,ffffff9c,72f9c98e3380,1ff) at domkdirat+0x125 sys/kern/vfs_syscalls.c:3104 syscall(ffff80002e956fe0) at syscall+0x854 mi_syscall sys/sys/syscall_mi.h:180 [inline] syscall(ffff80002e956fe0) at syscall+0x854 sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x72f9c98e33f0, count: -24 ddb{0}> machine ddbcpu 1 Stopped at db_enter+0x1c: addq $0x8,%rsp db_enter() at db_enter+0x1c sys/arch/amd64/amd64/db_interface.c:437 panic(ffffffff8295f3e1) at panic+0x17b sys/kern/subr_prf.c:198 __assert(ffffffff8291102d,ffffffff828b0ba1,3b9,ffffffff829342c7) at __assert+0x29 sys/kern/subr_prf.c:157 uvn_get(fffffd806de588d8,58000,ffff80002bccde50,ffff80002bccdccc,3,4,ba09c670d9c3c3f7,58000) at uvn_get+0x4ca sys/uvm/uvm_vnode.c:952 uvm_fault_lower_lookup(ffff80002bccded0,ffff80002bccdf08,ffff80002bccde50) at uvm_fault_lower_lookup+0xf3 sys/uvm/uvm_fault.c:1128 uvm_fault_lower(ffff80002bccded0,ffff80002bccdf08,ffff80002bccde50,0) at uvm_fault_lower+0x62 sys/uvm/uvm_fault.c:1227 uvm_fault(fffffd80684d78b0,e87f88dc000,0,4) at uvm_fault+0x255 sys/uvm/uvm_fault.c:637 upageflttrap(ffff80002bcce050,e87f88dc530) at upageflttrap+0x8e sys/arch/amd64/amd64/trap.c:188 usertrap(ffff80002bcce050) at usertrap+0x22a sys/arch/amd64/amd64/trap.c:436 recall_trap() at recall_trap+0x8 end of kernel end trace frame: 0x75fdeba6cad0, count: 5 ddb{1}> trace db_enter() at db_enter+0x1c sys/arch/amd64/amd64/db_interface.c:437 panic(ffffffff8295f3e1) at panic+0x17b sys/kern/subr_prf.c:198 __assert(ffffffff8291102d,ffffffff828b0ba1,3b9,ffffffff829342c7) at __assert+0x29 sys/kern/subr_prf.c:157 uvn_get(fffffd806de588d8,58000,ffff80002bccde50,ffff80002bccdccc,3,4,ba09c670d9c3c3f7,58000) at uvn_get+0x4ca sys/uvm/uvm_vnode.c:952 uvm_fault_lower_lookup(ffff80002bccded0,ffff80002bccdf08,ffff80002bccde50) at uvm_fault_lower_lookup+0xf3 sys/uvm/uvm_fault.c:1128 uvm_fault_lower(ffff80002bccded0,ffff80002bccdf08,ffff80002bccde50,0) at uvm_fault_lower+0x62 sys/uvm/uvm_fault.c:1227 uvm_fault(fffffd80684d78b0,e87f88dc000,0,4) at uvm_fault+0x255 sys/uvm/uvm_fault.c:637 upageflttrap(ffff80002bcce050,e87f88dc530) at upageflttrap+0x8e sys/arch/amd64/amd64/trap.c:188 usertrap(ffff80002bcce050) at usertrap+0x22a sys/arch/amd64/amd64/trap.c:436 recall_trap() at recall_trap+0x8 end of kernel end trace frame: 0x75fdeba6cad0, count: -10