uvm_fault(0xffffffff839f2648, 0xffff800022102058, 0, 1) -> d kernel: page fault trap, code=0 Stopped at ffs2_balloc+0xa0d: movq 0(%rcx,%rax,8),%r14 TID PID UID PRFLAGS PFLAGS CPU COMMAND 193279 55413 0 0 0 0 syz-executor *119259 68448 0 0x2 0x1 1K syz-executor ffs2_balloc(fffffd806e4b6c00,5f273,50,fffffd80097fd6e8,1,ffff80002a35fdc8) at ffs2_balloc+0xa0d sys/ufs/ffs/ffs_balloc.c:614 ffs_write(ffff80002a35fe50) at ffs_write+0x4f9 sys/ufs/ffs/ffs_vnops.c:345 VOP_WRITE(fffffd805fee37e0,ffff80002a35ff00,3,fffffd80097fd6e8) at VOP_WRITE+0x101 sys/kern/vfs_vops.c:245 ktrwriteraw(ffff80002a2414d8,fffffd805fee37e0,fffffd80097fd6e8,ffff80002a35ffd0,ffff80002a35ffb0) at ktrwriteraw+0x1be sys/kern/kern_ktrace.c:691 ktrsysret(ffff80002a2414d8,88,0,ffff80002a3600a0) at ktrsysret+0x192 ktrwrite2 sys/kern/kern_ktrace.c:-1 [inline] ktrsysret(ffff80002a2414d8,88,0,ffff80002a3600a0) at ktrsysret+0x192 sys/kern/kern_ktrace.c:209 syscall(ffff80002a360150) at syscall+0xa51 mi_syscall_return sys/sys/syscall_mi.h:204 [inline] syscall(ffff80002a360150) at syscall+0xa51 sys/arch/amd64/amd64/trap.c:804 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x77dedafaad30, count: 8 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb{1}> ddb{1}> set $lines = 0 ddb{1}> set $maxwidth = 0 ddb{1}> show panic *cpu1: uvm_fault(0xffffffff839f2648, 0xffff800022102058, 0, 1) -> d ddb{1}> trace ffs2_balloc(fffffd806e4b6c00,5f273,50,fffffd80097fd6e8,1,ffff80002a35fdc8) at ffs2_balloc+0xa0d sys/ufs/ffs/ffs_balloc.c:614 ffs_write(ffff80002a35fe50) at ffs_write+0x4f9 sys/ufs/ffs/ffs_vnops.c:345 VOP_WRITE(fffffd805fee37e0,ffff80002a35ff00,3,fffffd80097fd6e8) at VOP_WRITE+0x101 sys/kern/vfs_vops.c:245 ktrwriteraw(ffff80002a2414d8,fffffd805fee37e0,fffffd80097fd6e8,ffff80002a35ffd0,ffff80002a35ffb0) at ktrwriteraw+0x1be sys/kern/kern_ktrace.c:691 ktrsysret(ffff80002a2414d8,88,0,ffff80002a3600a0) at ktrsysret+0x192 ktrwrite2 sys/kern/kern_ktrace.c:-1 [inline] ktrsysret(ffff80002a2414d8,88,0,ffff80002a3600a0) at ktrsysret+0x192 sys/kern/kern_ktrace.c:209 syscall(ffff80002a360150) at syscall+0xa51 mi_syscall_return sys/sys/syscall_mi.h:204 [inline] syscall(ffff80002a360150) at syscall+0xa51 sys/arch/amd64/amd64/trap.c:804 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x77dedafaad30, count: -7 ddb{1}> show registers rdi 0 rsi 0 rbp 0xffff80002a35fd70 rbx 0 rdx 0 rcx 0xffff800022102000 rax 0xb r8 0xffffffffffffffff r9 0xffff80002a35fdc8 r10 0xfab28e356cdc8c78 r11 0x4209718447fd1fa3 r12 0x1 r13 0xffff800000c31800 r14 0xffff80002a35fc00 r15 0xfffffd80691c6d30 rip 0xffffffff8122a5fd ffs2_balloc+0xa0d cs 0x8 rflags 0x10246 __ALIGN_SIZE+0xf246 rsp 0xffff80002a35fbf0 ss 0 ffs2_balloc+0xa0d: movq 0(%rcx,%rax,8),%r14 ddb{1}> show proc PROC (syz-executor) tid=119259 pid=68448 tcnt=1 stat=onproc flags process=2 proc=1 runpri=17, usrpri=50, slppri=17, nice=20 wchan=0x0, wmesg=, ps_single=0x0 scnt=0 ecnt=0 forw=0xffffffffffffffff, list=0xffff80002a241770,0xffff80002a241250 process=0xffff8000ffff5818 user=0xffff80002a35b000, vmspace=0xfffffd800b063000 estcpu=36, cpticks=23, pctcpu=0.12, user=2, sys=21, intr=0 ddb{1}> ps PID TID PPID UID S FLAGS WAIT COMMAND 66519 231474 81263 0 2 0 syz-executor 66519 389897 81263 0 3 0x4000080 fsleep syz-executor 66519 248596 81263 0 2 0x4000000 syz-executor 51802 247619 93178 0 2 0 syz-executor 51802 111262 93178 0 3 0x4000080 fsleep syz-executor 80277 149209 1 0 3 0x82 nanoslp getty 59099 34895 87591 0 3 0x80 nanoslp syz-executor 59099 69827 87591 0 3 0x4000080 ttyout syz-executor 59099 40925 87591 0 3 0x4000080 fsleep syz-executor 59873 110758 46682 0 2 0 syz-executor 59873 160085 46682 0 3 0x4000080 fsleep syz-executor 55413 193279 79880 0 7 0 syz-executor 55413 384494 79880 0 2 0x4000000 syz-executor 54174 377451 44059 0 3 0x80 nanoslp syz-executor 54174 52629 44059 0 3 0x4000080 kqsel syz-executor 54174 106233 44059 0 3 0x4000080 fsleep syz-executor 54174 488351 44059 0 3 0x4000080 fsleep syz-executor 93178 96207 61181 0 3 0x82 nanoslp syz-executor 81263 132372 61181 0 3 0x82 nanoslp syz-executor 87591 82204 61181 0 3 0x82 nanoslp syz-executor *68448 119259 61181 0 7 0x3 syz-executor 44059 310486 61181 0 3 0x82 nanoslp syz-executor 46682 510317 61181 0 3 0x82 nanoslp syz-executor 73917 343103 61181 0 2 0x2 syz-executor 79880 70736 61181 0 3 0x82 nanoslp syz-executor 61181 267139 1 0 3 0x82 kqread syz-executor 67127 255554 0 0 3 0x14200 bored smr 15656 464433 0 0 2 0x14200 zerothread 9421 428736 0 0 3 0x14200 aiodoned aiodoned 43383 250731 0 0 3 0x14200 syncer update 53776 118698 0 0 3 0x14200 cleaner cleaner 94659 2655 0 0 3 0x14200 reaper reaper 25324 136711 0 0 3 0x14200 pgdaemon pagedaemon 90194 143865 0 0 3 0x14200 bored viomb 18905 497735 0 0 3 0x40014200 acpi0 acpi0 24467 364689 0 0 3 0x40014200 idle1 279 253557 0 0 3 0x14200 bored softnet1 56818 242288 0 0 2 0x14200 softnet0 72826 482744 0 0 3 0x14200 bored systqmp 67911 84393 0 0 3 0x14200 bored systq 62355 164453 0 0 3 0x14200 tmoslp softclockmp 8707 183092 0 0 3 0x40014200 tmoslp softclock 38100 178488 0 0 3 0x40014200 idle0 1 515274 0 0 3 0x82 wait init 0 0 -1 0 3 0x10010200 scheduler swapper ddb{1}> show all locks Process 68448 (syz-executor) thread 0xffff80002a2414d8 (119259) Process 73917 (syz-executor) thread 0xffff8000ffffc538 (343103) ddb{1}> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 11054 12020K 13048K 166960K 12848 0 pcb 17 12K 12K 166960K 87 0 rtable 221 7K 7K 166960K 429 0 pf 39 18K 25K 166960K 206 0 ifaddr 41 7K 7K 166960K 62 0 ifgroup 55 2K 2K 166960K 82 0 sysctl 3 1K 9K 166960K 7 0 counters 70 37K 37K 166960K 94 0 ioctlops 0 0K 4K 166960K 1602 0 iov 0 0K 22K 166960K 82 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1387 87K 88K 166960K 1897 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 1K 5K 166960K 5 0 VM map 2 1K 1K 166960K 2 0 sem 12 0K 0K 166960K 17 0 dirhash 12 2K 2K 166960K 18 0 ACPI 1692 195K 286K 166960K 12470 0 file desc 15 57K 93K 166960K 542 0 sigio 0 0K 0K 166960K 137 0 proc 21 33K 196K 166960K 616 0 subproc 72 4K 4K 166960K 81 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 0 0K 0K 166960K 114 0 in_multi 95 7K 7K 166960K 119 0 ether_multi 1 0K 0K 166960K 2 0 mrt 0 0K 0K 166960K 15 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 67 307K 307K 166960K 67 0 exec 0 0K 1K 166960K 474 0 fusefs mount 1 32K 32K 166960K 1 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 142 83K 182K 166960K 6643 0 UVM aobj 9 2K 4K 166960K 10 0 pinsyscall 18 36K 104K 166960K 1709 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 0K 166960K 28 0 NDP 12 0K 2K 166960K 38 0 temp 50 9081K 9205K 166960K 32111 0 kqueue 3 4K 28K 166960K 87 0 SYN cache 2 16K 16K 166960K 2 0 ddb{1}> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle plcache 128 26 0 0 1 0 1 1 0 8 0 rtpcb 120 56 0 56 1 0 1 1 0 8 1 rtentry 176 132 0 35 5 0 5 5 0 8 0 unpcb 144 313 0 310 4 0 4 4 0 8 3 syncache 336 3 0 3 1 1 0 1 0 8 0 tcpcb 736 103 0 100 1 0 1 1 0 8 0 arp 136 20 0 4 1 0 1 1 0 8 0 ipq 40 2 0 1 1 0 1 1 0 8 0 ipqe 40 34 0 33 1 0 1 1 0 8 0 inpcb 328 350 0 347 2 0 2 2 0 8 1 nd6 152 30 0 3 2 0 2 2 0 8 0 pkpcb 40 2 0 2 1 0 1 1 0 8 1 kcovpl 48 9 0 1 1 0 1 1 0 8 0 mppekey 1024 3 0 3 1 0 1 1 0 8 1 ppxss 1192 7 0 7 1 0 1 1 0 8 1 pppxif 1576 5 0 5 1 0 1 1 0 8 1 pfstscr 40 68 0 64 1 0 1 1 0 8 0 pffrag 232 5 0 1 1 0 1 1 0 482 0 pffrnode 88 3 0 0 1 0 1 1 0 8 0 pffrent 40 7 0 3 1 0 1 1 0 8 0 pfosfp 40 1428 0 1005 5 0 5 5 0 8 0 pfosfpen 112 1428 0 714 21 0 21 21 0 8 0 pfrktable 1344 2 0 1 1 0 1 1 0 8 0 pfsrclim 320 1 0 1 1 0 1 1 0 8 1 pfanchor 1288 4 0 0 1 0 1 1 0 8 0 pftag 88 2 0 2 1 1 0 1 0 8 0 pfstitem 24 101 0 64 1 0 1 1 0 8 0 pfstkey 128 105 0 69 3 0 3 3 0 8 0 pfstate 448 68 0 34 8 0 8 8 0 8 3 pfrule 1360 28 0 21 2 1 1 2 0 8 0 rttmr 136 1 0 1 1 1 0 1 0 8 0 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 597 0 162 29 1 28 29 0 8 0 art_table 40 598 0 162 5 0 5 5 0 8 0 art_node 32 132 0 45 1 0 1 1 0 8 0 sysvmsgpl 40 10 0 5 1 0 1 1 0 8 0 semapl 112 15 0 5 1 0 1 1 0 8 0 shmpl 112 7 0 1 1 0 1 1 0 8 0 dirhash 1024 21 0 4 3 0 3 3 0 8 0 dino2pl 256 2306 0 835 93 0 93 93 0 8 0 ffsino 296 2306 0 835 114 0 114 114 0 8 0 nchpl 144 3033 0 1325 64 0 64 64 0 8 0 vnodes 216 2796 0 0 156 0 156 156 0 8 0 namei 1024 9827 0 9827 3 1 2 2 0 8 2 percpumem 16 62 0 12 1 0 1 1 0 8 0 kstatmem 264 40 0 14 3 0 3 3 0 8 1 scsiplug 72 1 0 1 1 1 0 1 0 8 0 scxspl 216 12818 0 12818 9 2 7 8 1 8 7 plimitpl 152 102 0 90 1 0 1 1 0 8 0 sigapl 424 854 0 820 7 1 6 7 0 8 0 knotepl 120 522 0 0 16 0 16 16 0 8 0 kqueuepl 224 161 0 158 3 0 3 3 0 8 2 pipepl 344 148 0 121 3 0 3 3 0 8 0 fdescpl 528 837 0 819 3 0 3 3 0 8 0 filepl 160 4124 0 3958 13 1 12 13 0 8 2 lockfpl 104 297 0 296 1 0 1 1 0 8 0 lockfspl 48 83 0 82 1 0 1 1 0 8 0 sessionpl 144 34 0 31 1 0 1 1 0 8 0 pgrppl 48 112 0 101 1 0 1 1 0 8 0 ucredpl 104 524 0 521 1 0 1 1 0 8 0 zombiepl 144 820 0 820 1 0 1 1 0 8 1 processpl 1232 854 0 820 5 0 5 5 0 8 0 procpl 664 1506 0 1462 6 0 6 6 0 8 0 sosppl 176 1 0 1 1 0 1 1 0 8 1 sockpl 752 730 0 724 10 0 10 10 0 8 8 mcl64k 65536 4 0 0 1 0 1 1 0 8 0 mcl8k 8192 2 0 0 1 0 1 1 0 8 0 mcl4k 4096 124 0 0 16 0 16 16 0 8 0 mcl2k 2048 20 0 0 3 0 3 3 0 8 0 mtagpl 96 6 0 0 1 0 1 1 0 8 0 mbufpl 256 200 0 0 13 0 13 13 0 8 0 bufpl 280 6368 0 238 438 0 438 438 0 8 0 anonpl 32 14015 0 0 113 0 113 113 0 246 0 amapchunkpl 152 21734 0 21229 34 0 34 34 0 158 5 amappl16 200 2780 0 2591 22 4 18 18 0 8 3 amappl15 192 11 0 10 2 1 1 1 0 8 0 amappl14 184 440 0 439 1 0 1 1 0 8 0 amappl13 176 153 0 152 1 0 1 1 0 8 0 amappl12 168 1089 0 1072 2 0 2 2 0 8 0 amappl11 160 8 0 8 1 1 0 1 0 8 0 amappl10 152 67 0 67 1 0 1 1 0 8 1 amappl9 144 257 0 257 1 1 0 1 0 8 0 amappl8 136 125 0 124 1 0 1 1 0 8 0 amappl7 128 169 0 166 1 0 1 1 0 8 0 amappl6 120 168 0 168 1 0 1 1 0 8 1 amappl5 112 96 0 95 1 0 1 1 0 8 0 amappl4 104 303 0 298 1 0 1 1 0 8 0 amappl3 96 4139 0 4064 4 0 4 4 0 8 0 amappl2 88 535 0 526 2 0 2 2 0 8 0 amappl1 80 11144 0 11032 15 2 13 15 0 8 5 amappl 88 5796 0 5670 5 0 5 5 0 92 0 uvmvnodes 80 112 0 0 3 0 3 3 0 8 0 dma8192 8192 1 0 1 1 0 1 1 0 8 1 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma2048 2048 1 0 1 1 0 1 1 0 8 1 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 9 0 1 1 0 1 1 0 8 0 uaddrrnd 24 837 0 819 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 837 0 819 1 0 1 1 0 8 0 vmmpekpl 168 8130 0 8086 3 0 3 3 0 8 0 vmmpepl 168 59906 0 58915 100 0 100 100 0 357 37 vmsppl 488 836 0 819 5 0 5 5 0 8 0 rwobjpl 80 18853 0 18235 29 0 29 29 0 8 2 pdppl 4096 1681 0 1638 101 30 71 85 0 8 28 pvpl 32 18357 0 0 151 2 149 149 0 265 0 pmappl 256 836 0 819 3 0 3 3 0 8 0 extentpl 40 45 0 27 1 0 1 1 0 8 0 phpool 112 285 0 36 8 0 8 8 0 8 0 ddb{1}> machine ddbcpu 0 Stopped at x86_ipi_db+0x27: addq $0x8,%rsp x86_ipi_db(ffffffff838c0ff0) at x86_ipi_db+0x27 sys/arch/amd64/amd64/db_interface.c:394 x86_ipi_handler() at x86_ipi_handler+0xd9 sys/arch/amd64/amd64/ipi.c:106 Xresume_lapic_ipi() at Xresume_lapic_ipi+0x27 __mp_lock(ffffffff83a23980) at __mp_lock+0x19e __mp_lock_spin sys/kern/kern_lock.c:142 [inline] __mp_lock(ffffffff83a23980) at __mp_lock+0x19e sys/kern/kern_lock.c:173 softintr_dispatch(0) at softintr_dispatch+0x125 sys/kern/kern_softintr.c:83 dosoftint(0) at dosoftint+0x54 sys/arch/amd64/amd64/intr.c:862 Xsoftclock() at Xsoftclock+0x27 end of kernel end trace frame: 0x70a72ef3d6a0, count: 8 ddb{0}>