20180802 05:27:31 all (109/576): cmp.sh panic: lookup: ni_pathlen underflow to -3 cpuid = 44 time = 1533180477 KDB: stack backtrace: db_trace_self_wrapper() at db_trace_self_wrapper+0x2b/frame 0xfffffe00f68b7db0 vpanic() at vpanic+0x1a3/frame 0xfffffe00f68b7e10 doadump() at doadump/frame 0xfffffe00f68b7e90 lookup() at lookup+0x9c0/frame 0xfffffe00f68b7f30 namei() at namei+0x4fd/frame 0xfffffe00f68b7ff0 kern_mkdirat() at kern_mkdirat+0x92/frame 0xfffffe00f68b8200 amd64_syscall() at amd64_syscall+0x29c/frame 0xfffffe00f68b8330 fast_syscall_common() at fast_syscall_common+0x101/frame 0xfffffe00f68b8330 --- syscall (136, FreeBSD ELF64, sys_mkdir), rip = 0x80040f3ba, rsp = 0x7fffffffdef8, rbp = 0x7fffffffe740 --- Details @ https://people.freebsd.org/~pho/stress/log/cmp-2.txt
More debug info here: https://people.freebsd.org/~pho/stress/log/cmp-3.txt
Seems to be introduced by r336876.
A commit references this bug: Author: kib Date: Fri Aug 3 15:35:29 UTC 2018 New revision: 337261 URL: https://svnweb.freebsd.org/changeset/base/337261 Log: Fix typo in copyinstr_smap, resulting in mis-handling of too long strings. Reported and tested by: pho PR: 230286 Sponsored by: The FreeBSD Foundation Changes: head/sys/amd64/amd64/support.S