witness: lock_object uninitialized: ADDR (2)
1 view
Skip to first unread message
syzbot
Oct 19, 2022, 9:32:44 AM10/19/22
to syzkaller-o...@googlegroups.com
Hello,
syzbot found the following issue on:
HEAD commit: a89e3c5aa499 Add support for the DS1339 RTC, like found on..
git tree: openbsd
console output: https://syzkaller.appspot.com/x/log.txt?x=111c0e26880000
kernel config: https://syzkaller.appspot.com/x/.config?x=7058272de1526588
dashboard link: https://syzkaller.appspot.com/bug?extid=bac18ca5a6a220881902
Unfortunately, I don't have any reproducer for this issue yet.
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/9547475b1e2b/disk-a89e3c5a.raw.xz
bsd.gdb: https://storage.googleapis.com/syzbot-assets/21c1e661ea70/bsd-a89e3c5a.gdb.xz
kernel image: https://storage.googleapis.com/syzbot-assets/3eaeb8155459/kernel-a89e3c5a.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+bac18c...@syzkaller.appspotmail.com
witness: lock_object uninitialized: 0xffff800001012028
Starting stack trace...
witness_checkorder(ffff800001012028,9,0) at witness_checkorder+0x133 witness_debugger sys/kern/subr_witness.c:2502 [inline]
witness_checkorder(ffff800001012028,9,0) at witness_checkorder+0x133 sys/kern/subr_witness.c:772
rw_enter_write(ffff800001012018) at rw_enter_write+0x5b sys/kern/kern_rwlock.c:128
unveil_delete_names(ffff800001012000) at unveil_delete_names+0x30 unvname_rbt_RBT_MIN sys/kern/kern_unveil.c:92 [inline]
unveil_delete_names(ffff800001012000) at unveil_delete_names+0x30 sys/kern/kern_unveil.c:102
unveil_destroy(ffff80002129b618) at unveil_destroy+0xad sys/kern/kern_unveil.c:183
exit1(ffff800024beba48,0,0,1) at exit1+0x3d5 sys/kern/kern_exit.c:219
sys_exit(ffff800024beba48,ffff80002e58d350,ffff80002e58d3a0) at sys_exit+0x16 sys/kern/kern_exit.c:89
syscall(ffff80002e58d420) at syscall+0x435 mi_syscall sys/sys/syscall_mi.h:101 [inline]
syscall(ffff80002e58d420) at syscall+0x435 sys/arch/amd64/amd64/trap.c:585
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x7f7fffffb7c0, count: 249
End of stack trace.
Stopped at db_enter+0x18: addq $0x8,%rsp
ddb{0}> set $lines = 0
ddb{0}> set $maxwidth = 0
ddb{0}> show panic
the kernel did not panic
ddb{0}> trace
db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:437
witness_checkorder(ffff800001012028,9,0) at witness_checkorder+0x138 witness_debugger sys/kern/subr_witness.c:2502 [inline]
witness_checkorder(ffff800001012028,9,0) at witness_checkorder+0x138 sys/kern/subr_witness.c:772
rw_enter_write(ffff800001012018) at rw_enter_write+0x5b sys/kern/kern_rwlock.c:128
unveil_delete_names(ffff800001012000) at unveil_delete_names+0x30 unvname_rbt_RBT_MIN sys/kern/kern_unveil.c:92 [inline]
unveil_delete_names(ffff800001012000) at unveil_delete_names+0x30 sys/kern/kern_unveil.c:102
unveil_destroy(ffff80002129b618) at unveil_destroy+0xad sys/kern/kern_unveil.c:183
exit1(ffff800024beba48,0,0,1) at exit1+0x3d5 sys/kern/kern_exit.c:219
sys_exit(ffff800024beba48,ffff80002e58d350,ffff80002e58d3a0) at sys_exit+0x16 sys/kern/kern_exit.c:89
syscall(ffff80002e58d420) at syscall+0x435 mi_syscall sys/sys/syscall_mi.h:101 [inline]
syscall(ffff80002e58d420) at syscall+0x435 sys/arch/amd64/amd64/trap.c:585
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x7f7fffffb7c0, count: -9
ddb{0}> show registers
rdi 0
rsi 0
rbp 0xffff80002e58d0f0
rbx 0x3
rdx 0
rcx 0
rax 0xffff800024beba48
r8 0xffff80002e58d090
r9 0x8080808080808080
r10 0x3eabca95a7abdcc5
r11 0xb568ebbf930b9c97
r12 0xffff800001012001
r13 0xffff800001012028
r14 0
r15 0
rip 0xffffffff81feffe8 db_enter+0x18
cs 0x8
rflags 0x246
rsp 0xffff80002e58d0e0
ss 0x10
db_enter+0x18: addq $0x8,%rsp
ddb{0}> show proc
PROC (syz-executor.0) pid=126983 stat=onproc
flags process=1008<EXITING,SINGLEEXIT> proc=2000<WEXIT>
pri=32, usrpri=86, nice=20
forw=0xffffffffffffffff, list=0xffff80002e53a550,0xffff800024beb278
process=0xffff80002129b618 user=0xffff80002e588000, vmspace=0xfffffd805ad76478
estcpu=36, cpticks=19, pctcpu=0.0
user=0, sys=8, intr=0
ddb{0}> ps
PID TID PPID UID S FLAGS WAIT COMMAND
25917 188903 43369 0 2 0 syz-executor.2
34630 255192 68894 0 2 0 syz-executor.7
56839 405855 17007 0 2 0x480 syz-executor.6
56839 421912 17007 0 3 0x4000080 fsleep syz-executor.6
56839 254256 17007 0 2 0x4000000 syz-executor.6
56839 27776 17007 0 3 0x4000080 fsleep syz-executor.6
68894 323000 17928 0 2 0x482 syz-executor.7
71168 181369 17928 0 2 0x482 syz-executor.4
68496 236978 17928 0 2 0x482 syz-executor.0
43369 487876 17928 0 2 0x482 syz-executor.2
17007 343196 17928 0 2 0x482 syz-executor.6
62368 200780 17928 0 3 0x82 piperd syz-executor.1
54321 314285 17928 0 2 0x2 syz-executor.5
23589 461413 17928 0 3 0x82 piperd syz-executor.3
37367 41655 0 0 3 0x14280 nfsidl nfsio
15584 140154 0 0 3 0x14280 nfsidl nfsio
55896 86599 0 0 3 0x14280 nfsidl nfsio
56029 340999 0 0 3 0x14280 nfsidl nfsio
40962 323612 0 0 3 0x14280 nfsidl nfsio
78132 295002 0 0 3 0x14280 nfsidl nfsio
21180 507270 0 0 3 0x14280 nfsidl nfsio
14013 140619 0 0 3 0x14280 nfsidl nfsio
19368 318590 0 0 3 0x14280 nfsidl nfsio
73350 321569 0 0 3 0x14280 nfsidl nfsio
43317 454411 0 0 3 0x14280 nfsidl nfsio
94129 128229 0 0 3 0x14280 nfsidl nfsio
79642 167690 0 0 3 0x14280 nfsidl nfsio
83908 15582 0 0 3 0x14280 nfsidl nfsio
94119 6694 0 0 3 0x14280 nfsidl nfsio
59010 299730 0 0 3 0x14280 nfsidl nfsio
55045 387244 0 0 3 0x14280 nfsidl nfsio
73865 129133 0 0 3 0x14280 nfsidl nfsio
20533 119387 0 0 3 0x14280 nfsidl nfsio
61099 212335 0 0 3 0x14280 nfsidl nfsio
60303 131846 1 0 2 0x100083 getty
95667 494285 0 0 3 0x14200 bored sosplice
17928 317784 60605 0 3 0x82 wait syz-fuzzer
17928 379809 60605 0 3 0x4000082 thrsleep syz-fuzzer
17928 269681 60605 0 3 0x4000082 thrsleep syz-fuzzer
17928 214170 60605 0 3 0x4000082 wait syz-fuzzer
17928 329184 60605 0 3 0x4000082 thrsleep syz-fuzzer
17928 212365 60605 0 3 0x4000082 wait syz-fuzzer
17928 393387 60605 0 3 0x4000082 wait syz-fuzzer
17928 327339 60605 0 3 0x4000082 wait syz-fuzzer
17928 2432 60605 0 3 0x4000082 thrsleep syz-fuzzer
17928 227206 60605 0 3 0x4000082 kqread syz-fuzzer
17928 280114 60605 0 3 0x4000082 wait syz-fuzzer
17928 204161 60605 0 3 0x4000082 thrsleep syz-fuzzer
17928 27495 60605 0 3 0x4000082 wait syz-fuzzer
17928 431066 60605 0 3 0x4000082 thrsleep syz-fuzzer
17928 211200 60605 0 3 0x4000082 thrsleep syz-fuzzer
17928 135962 60605 0 3 0x4000082 wait syz-fuzzer
60605 87170 63473 0 3 0x10008a sigsusp ksh
63473 355480 66092 0 3 0x9a kqread sshd
66092 132270 1 0 3 0x88 kqread sshd
3896 72489 38762 74 3 0x1100092 bpf pflogd
38762 329351 1 0 3 0x80 netio pflogd
43176 100252 24585 73 2 0x1100090 syslogd
24585 320708 1 0 3 0x100082 netio syslogd
72530 312034 1 0 3 0x100080 kqread resolvd
95225 179017 83813 77 3 0x100092 kqread dhcpleased
97340 487555 83813 77 3 0x100092 kqread dhcpleased
83813 243711 1 0 3 0x80 kqread dhcpleased
93469 119443 0 0 3 0x14200 bored smr
96573 489538 0 0 2 0x14200 zerothread
68299 42065 0 0 3 0x14200 aiodoned aiodoned
57898 384934 0 0 3 0x14200 syncer update
27822 471518 0 0 3 0x14200 cleaner cleaner
56194 471103 0 0 2 0x14200 reaper
48405 368049 0 0 3 0x14200 pgdaemon pagedaemon
51859 409580 0 0 3 0x14200 bored viomb
18273 74328 0 0 3 0x40014200 acpi0 acpi0
4966 191677 0 0 7 0x40014200 idle1
97740 65310 0 0 3 0x14200 bored softnet
6879 100567 0 0 3 0x14200 bored softnet
20555 144478 0 0 3 0x14200 bored softnet
9375 92579 0 0 3 0x14200 bored softnet
20139 208837 0 0 3 0x14200 bored systqmp
72867 339879 0 0 3 0x14200 bored systq
23547 392115 0 0 2 0x40014200 softclock
79577 52276 0 0 3 0x40014200 idle0
1 138743 0 0 3 0x82 wait init
0 0 -1 0 3 0x10200 scheduler swapper
ddb{0}> show all locks
Process 25917 (syz-executor.2) thread 0xffff800024beb7a8 (188903)
exclusive rwlock vmmaplk r = 0 (0xfffffd805ad76040)
#0 witness_lock+0x44d
#1 rw_enter+0x3e1 sys/kern/kern_rwlock.c:310
#2 vm_map_lock_ln+0xda sys/uvm/uvm_map.c:5292
#3 uvmfault_lookup+0xb9 sys/uvm/uvm_fault.c:1766
#4 uvm_fault_check+0x660 uvmfault_amapcopy sys/uvm/uvm_fault.c:236 [inline]
#4 uvm_fault_check+0x660 sys/uvm/uvm_fault.c:711
#5 uvm_fault+0xf2 sys/uvm/uvm_fault.c:601
#6 upageflttrap+0x82 sys/arch/amd64/amd64/trap.c:181
#7 usertrap+0x1aa sys/arch/amd64/amd64/trap.c:403
#8 recall_trap+0x8
Process 34630 (syz-executor.7) thread 0xffff800024bead28 (255192)
exclusive rwlock vmmaplk r = 0 (0xfffffd805ad76770)
#0 witness_lock+0x44d
#1 rw_enter+0x3e1 sys/kern/kern_rwlock.c:310
#2 vm_map_lock_ln+0xda sys/uvm/uvm_map.c:5292
#3 uvmfault_lookup+0xb9 sys/uvm/uvm_fault.c:1766
#4 uvm_fault_check+0x660 uvmfault_amapcopy sys/uvm/uvm_fault.c:236 [inline]
#4 uvm_fault_check+0x660 sys/uvm/uvm_fault.c:711
#5 uvm_fault+0xf2 sys/uvm/uvm_fault.c:601
#6 upageflttrap+0x82 sys/arch/amd64/amd64/trap.c:181
#7 usertrap+0x1aa sys/arch/amd64/amd64/trap.c:403
#8 recall_trap+0x8
Process 54321 (syz-executor.5) thread 0xffff800024beaa88 (314285)
exclusive rwlock vmmaplk r = 0 (0xfffffd805ad76a50)
#0 witness_lock+0x44d
#1 rw_enter+0x3e1 sys/kern/kern_rwlock.c:310
#2 vm_map_lock_ln+0xda sys/uvm/uvm_map.c:5292
#3 uvmspace_fork+0x103 sys/uvm/uvm_map.c:3905
#4 process_new+0x304 sys/kern/kern_fork.c:260
#5 fork1+0x30b sys/kern/kern_fork.c:379
#6 syscall+0x435 mi_syscall sys/sys/syscall_mi.h:101 [inline]
#6 syscall+0x435 sys/arch/amd64/amd64/trap.c:585
#7 Xsyscall+0x128
exclusive rwlock vmmaplk r = 0 (0xfffffd807390ebc0)
#0 witness_lock+0x44d
#1 rw_enter+0x3e1 sys/kern/kern_rwlock.c:310
#2 vm_map_lock_ln+0xda sys/uvm/uvm_map.c:5292
#3 uvmspace_fork+0x37 sys/uvm/uvm_map.c:3896
#4 process_new+0x304 sys/kern/kern_fork.c:260
#5 fork1+0x30b sys/kern/kern_fork.c:379
#6 syscall+0x435 mi_syscall sys/sys/syscall_mi.h:101 [inline]
#6 syscall+0x435 sys/arch/amd64/amd64/trap.c:585
#7 Xsyscall+0x128
Process 56194 (reaper) thread 0xffff8000212337a8 (471103)
exclusive rwlock kmmaplk r = 0 (0xffffffff82a2dfe0)
#0 witness_lock+0x44d
#1 rw_enter+0x3e1 sys/kern/kern_rwlock.c:310
#2 vm_map_lock_ln+0xda sys/uvm/uvm_map.c:5292
#3 uvm_unmap+0x78 sys/uvm/uvm_map.c:1845
#4 uvm_uarea_free+0x35 sys/uvm/uvm_glue.c:288
#5 reaper+0x168 sys/kern/kern_exit.c:437
#6 proc_trampoline+0x1c
ddb{0}> show malloc
Type InUse MemUse HighUse Limit Requests Type Lim
devbuf 10249 6528K 7449K 78643K 54403 0
pcb 24 26K 30K 78643K 4237 0
rtable 232 21K 23K 78643K 7323 0
ifaddr 169 47K 55K 78643K 3738 0
sysctl 3 1K 1K 78643K 11 0
counters 56 35K 36K 78643K 2104 0
ioctlops 0 0K 6K 78643K 8093 0
iov 0 0K 28K 78643K 4593 0
mount 1 1K 1K 78643K 1 0
log 0 0K 0K 78643K 4 0
vnodes 1536 96K 96K 78643K 15178 0
UFS quota 1 32K 32K 78643K 1 0
UFS mount 5 36K 36K 78643K 5 0
shm 2 1K 9K 78643K 272 0
VM map 2 1K 1K 78643K 2 0
sem 22 16K 32K 78643K 227 0
dirhash 12 2K 2K 78643K 12 0
ACPI 1697 195K 286K 78643K 12548 0
file desc 14 49K 93K 78643K 27636 0
sigio 1 0K 0K 78643K 539 0
proc 72 115K 115K 78643K 4722 0
subproc 104 6K 7K 78643K 1472 0
NFS srvsock 1 0K 0K 78643K 1 0
NFS daemon 1 16K 16K 78643K 1 0
ip_moptions 0 0K 0K 78643K 1985 0
in_multi 83 5K 6K 78643K 1918 0
ether_multi 1 0K 0K 78643K 154 0
mrt 1 0K 0K 78643K 162 0
ISOFS mount 1 32K 32K 78643K 1 0
MSDOSFS mount 1 16K 16K 78643K 1 0
ttys 247 1102K 1102K 78643K 247 0
exec 0 0K 2K 78643K 6782 0
pfkey data 0 0K 0K 78643K 7 0
tdb 3 0K 0K 78643K 3 0
pagedep 1 8K 8K 78643K 1 0
inodedep 1 32K 32K 78643K 1 0
newblk 1 0K 0K 78643K 1 0
VM swap 8 62K 64K 78643K 10 0
UVM amap 782 2102K 2103K 78643K 158632 0
UVM aobj 131 8K 8K 78643K 142 0
memdesc 1 4K 4K 78643K 1 0
crypto data 1 1K 1K 78643K 1 0
ip6_options 0 0K 0K 78643K 1107 0
NDP 16 0K 2K 78643K 772 0
temp 145 4734K 70270K 78643K 202442 0
kqueue 12 18K 24K 78643K 1781 0
SYN cache 2 16K 16K 78643K 2 0
ddb{0}> show all pools
Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle
plcache 128 22 0 0 1 0 1 1 0 8 0
rtpcb 120 1645 0 1642 21 20 1 3 0 8 0
rtentry 112 1892 0 1806 4 0 4 4 0 8 0
unpcb 144 26618 0 26603 230 224 6 10 0 8 5
syncache 296 179 0 179 43 43 0 1 0 8 0
tcpqe 32 151 0 151 15 15 0 1 0 8 0
tcpcb 768 52987 0 52977 1513 1504 9 48 0 8 7
arp 120 242 0 229 1 0 1 1 0 8 0
inpcb 368 68847 0 68829 925 916 9 29 0 8 7
ip6q 72 3 0 3 1 1 0 1 0 8 0
ip6af 40 6 0 6 1 1 0 1 0 8 0
nd6 48 393 0 372 1 0 1 1 0 8 0
pkpcb 40 100 0 100 15 15 0 1 0 8 0
kcovpl 48 112 0 104 1 0 1 1 0 8 0
ppxss 1256 669 0 669 50 49 1 1 0 8 1
pppxif 1704 387 0 387 38 38 0 1 0 8 0
pfstscr 40 98 0 98 10 10 0 1 0 8 0
pffrag 232 133 0 130 5 4 1 1 0 482 0
pffrnode 88 131 0 128 5 4 1 1 0 8 0
pffrent 40 396 0 393 5 4 1 1 0 8 0
pfosfp 40 1438 0 1012 5 0 5 5 0 8 0
pfosfpen 112 1438 0 719 21 0 21 21 0 8 0
pfrktable 1344 829 0 821 12 11 1 2 0 8 0
pfanchor 1280 733 0 300 40 3 37 37 0 8 0
pftag 88 13 0 11 4 3 1 1 0 8 0
pfqueue 264 6 0 6 2 2 0 1 0 8 0
pfstitem 24 30 0 28 1 0 1 1 0 8 0
pfstkey 120 216 0 214 1 0 1 1 0 8 0
pfstate 336 122 0 120 3 2 1 3 0 8 0
pfrule 1360 347 0 340 5 4 1 2 0 8 0
rttmr 136 43 0 43 13 13 0 1 0 8 0
art_heap8 4096 22 0 21 18 17 1 2 0 8 0
art_heap4 256 8031 0 7596 77 47 30 31 0 8 0
art_table 32 8053 0 7617 4 0 4 4 0 8 0
art_node 16 1878 0 1803 1 0 1 1 0 8 0
sysvmsgpl 40 4 0 2 1 0 1 1 0 8 0
semapl 112 205 0 185 1 0 1 1 0 8 0
shmpl 112 139 0 11 4 0 4 4 0 8 0
dirhash 1024 17 0 0 3 0 3 3 0 8 0
dino2pl 256 38186 0 36572 102 0 102 102 0 8 0
ffsino 272 38186 0 36572 109 0 109 109 0 8 0
nchpl 144 75581 0 75017 63 39 24 63 0 8 0
rtmask 32 21 0 21 8 8 0 1 0 8 0
uvmvnodes 80 18228 0 0 372 0 372 372 0 8 0
vnodes 216 18228 0 0 1013 0 1013 1013 0 8 0
namei 1024 264722 0 264722 12 11 1 3 0 8 1
percpumem 16 1064 0 1024 1 0 1 1 0 8 0
vcpupl 2048 377 0 0 48 0 48 48 0 8 0
vmpool 568 519 0 142 28 1 27 27 0 8 0
pfiaddrpl 120 328 0 324 5 4 1 1 0 8 0
kstatmem 264 1036 0 1004 7 4 3 3 0 8 0
scsiplug 72 34 0 34 9 9 0 1 0 8 0
scxspl 216 215968 0 215968 49 48 1 8 0 8 1
plimitpl 152 4084 0 4068 1 0 1 1 0 8 0
sigapl 424 27799 0 27732 12 4 8 8 0 8 0
futexpl 64 280792 0 280790 5 4 1 1 0 8 0
knotepl 120 1535 0 0 12 1 11 11 0 8 0
kqueuepl 216 4571 0 4563 81 80 1 5 0 8 0
pipepl 320 5972 0 5944 154 147 7 8 0 8 4
fdescpl 496 27717 0 27690 8 4 4 5 0 8 0
filepl 152 224137 0 223886 370 352 18 25 0 8 8
lockfpl 104 8862 0 8860 11 10 1 2 0 8 0
lockfspl 48 2699 0 2697 1 0 1 1 0 8 0
sessionpl 144 129 0 112 1 0 1 1 0 8 0
pgrppl 48 390 0 373 1 0 1 1 0 8 0
ucredpl 104 24043 0 24021 1 0 1 1 0 8 0
zombiepl 144 29900 0 29898 7 6 1 1 0 8 0
processpl 1064 27799 0 27732 5 0 5 5 0 8 0
procpl 672 74823 0 74737 47 38 9 10 0 8 0
srpgc 96 124 0 124 35 35 0 1 0 8 0
sosppl 168 204 0 204 32 32 0 1 0 8 0
sockpl 488 97251 0 97214 1998 1986 12 45 0 8 7
mcl64k 65536 17 0 0 3 0 3 3 0 8 0
mcl16k 16384 17 0 0 3 0 3 3 0 8 0
mcl12k 12288 33 0 0 2 0 2 2 0 8 0
mcl9k 9216 20 0 0 2 0 2 2 0 8 0
mcl8k 8192 34 0 0 3 0 3 3 0 8 0
mcl4k 4096 25 0 0 3 0 3 3 0 8 0
mcl2k2 2112 5 0 0 1 0 1 1 0 8 0
mcl2k 2048 531 0 0 47 22 25 47 0 8 0
mtagpl 96 1253 0 0 12 0 12 12 0 8 0
mbufpl 256 7796 0 0 420 0 420 420 0 8 0
bufpl 288 46210 0 38280 568 1 567 567 0 8 0
anonpl 24 5404588 0 5385867 295 163 132 147 0 186 0
amapchunkpl 152 468813 0 468077 171 138 33 46 0 158 0
amappl16 200 78535 0 77813 324 284 40 51 0 8 0
amappl15 192 3953 0 3938 2 1 1 2 0 8 0
amappl14 184 1632 0 1621 1 0 1 1 0 8 0
amappl13 176 3041 0 3039 1 0 1 1 0 8 0
amappl12 168 5096 0 5093 2 1 1 1 0 8 0
amappl11 160 4432 0 4412 2 1 1 2 0 8 0
amappl10 152 4653 0 4646 1 0 1 1 0 8 0
amappl9 144 1670 0 1662 2 1 1 1 0 8 0
amappl8 136 8191 0 8012 9 2 7 7 0 8 0
amappl7 128 5630 0 5607 1 0 1 1 0 8 0
amappl6 120 1641 0 1611 3 2 1 2 0 8 0
amappl5 112 23500 0 23484 1 0 1 1 0 8 0
amappl4 104 10523 0 10474 7 5 2 2 0 8 0
amappl3 96 87534 0 87481 3 1 2 2 0 8 0
amappl2 88 33647 0 33576 3 1 2 3 0 8 0
amappl1 80 652794 0 652062 24 6 18 22 0 8 0
amappl 88 155755 0 155423 11 2 9 9 0 92 0
dma4096 4096 1 0 1 1 1 0 1 0 8 0
dma1024 1024 1 0 0 1 0 1 1 0 8 0
dma256 256 6 0 6 1 1 0 1 0 8 0
dma128 128 253 0 253 1 1 0 1 0 8 0
dma64 64 6 0 6 1 1 0 1 0 8 0
dma32 32 7 0 7 1 1 0 1 0 8 0
dma16 16 18 0 17 1 0 1 1 0 8 0
aobjpl 72 141 0 11 3 0 3 3 0 8 0
uaddrrnd 24 28236 0 27831 3 0 3 3 0 8 0
uaddrbest 32 2 0 0 1 0 1 1 0 8 0
uaddr 24 28236 0 27831 3 0 3 3 0 8 0
vmmpekpl 168 199638 0 199534 6 0 6 6 0 8 0
vmmpepl 168 2721497 0 2717755 594 408 186 211 0 357 0
vmsppl 368 28235 0 27831 41 3 38 38 0 8 0
rwobjpl 56 667599 0 647080 329 38 291 291 0 8 0
pdppl 4096 56479 0 56039 1447 1001 446 446 0 8 6
pvpl 32 10563502 0 10538924 739 526 213 273 0 265 0
pmappl 248 28235 0 27831 29 3 26 26 0 8 0
extentpl 40 56 0 38 1 0 1 1 0 8 0
phpool 112 3890 0 2075 52 0 52 52 0 8 0
ddb{0}> machine ddbcpu 0
Invalid cpu 0
ddb{0}> trace
db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:437
witness_checkorder(ffff800001012028,9,0) at witness_checkorder+0x138 witness_debugger sys/kern/subr_witness.c:2502 [inline]
witness_checkorder(ffff800001012028,9,0) at witness_checkorder+0x138 sys/kern/subr_witness.c:772
rw_enter_write(ffff800001012018) at rw_enter_write+0x5b sys/kern/kern_rwlock.c:128
unveil_delete_names(ffff800001012000) at unveil_delete_names+0x30 unvname_rbt_RBT_MIN sys/kern/kern_unveil.c:92 [inline]
unveil_delete_names(ffff800001012000) at unveil_delete_names+0x30 sys/kern/kern_unveil.c:102
unveil_destroy(ffff80002129b618) at unveil_destroy+0xad sys/kern/kern_unveil.c:183
exit1(ffff800024beba48,0,0,1) at exit1+0x3d5 sys/kern/kern_exit.c:219
sys_exit(ffff800024beba48,ffff80002e58d350,ffff80002e58d3a0) at sys_exit+0x16 sys/kern/kern_exit.c:89
syscall(ffff80002e58d420) at syscall+0x435 mi_syscall sys/sys/syscall_mi.h:101 [inline]
syscall(ffff80002e58d420) at syscall+0x435 sys/arch/amd64/amd64/trap.c:585
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x7f7fffffb7c0, count: -9
ddb{0}> machine ddbcpu 1
Stopped at x86_ipi_db+0x1a: addq $0x8,%rsp
ddb{1}> trace
x86_ipi_db(ffff800020dd8ff0) at x86_ipi_db+0x1a sys/arch/amd64/amd64/db_interface.c:393
x86_ipi_handler() at x86_ipi_handler+0xb7 sys/arch/amd64/amd64/ipi.c:106
Xresume_lapic_ipi() at Xresume_lapic_ipi+0x23
acpicpu_idle() at acpicpu_idle+0x312 sys/dev/acpi/acpicpu.c:1206
sched_idle(ffff800020dd8ff0) at sched_idle+0x417 sys/kern/kern_sched.c:175
end trace frame: 0x0, count: -5
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot found the following issue on:
HEAD commit: a89e3c5aa499 Add support for the DS1339 RTC, like found on..
git tree: openbsd
console output: https://syzkaller.appspot.com/x/log.txt?x=111c0e26880000
kernel config: https://syzkaller.appspot.com/x/.config?x=7058272de1526588
dashboard link: https://syzkaller.appspot.com/bug?extid=bac18ca5a6a220881902
Unfortunately, I don't have any reproducer for this issue yet.
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/9547475b1e2b/disk-a89e3c5a.raw.xz
bsd.gdb: https://storage.googleapis.com/syzbot-assets/21c1e661ea70/bsd-a89e3c5a.gdb.xz
kernel image: https://storage.googleapis.com/syzbot-assets/3eaeb8155459/kernel-a89e3c5a.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+bac18c...@syzkaller.appspotmail.com
witness: lock_object uninitialized: 0xffff800001012028
Starting stack trace...
witness_checkorder(ffff800001012028,9,0) at witness_checkorder+0x133 witness_debugger sys/kern/subr_witness.c:2502 [inline]
witness_checkorder(ffff800001012028,9,0) at witness_checkorder+0x133 sys/kern/subr_witness.c:772
rw_enter_write(ffff800001012018) at rw_enter_write+0x5b sys/kern/kern_rwlock.c:128
unveil_delete_names(ffff800001012000) at unveil_delete_names+0x30 unvname_rbt_RBT_MIN sys/kern/kern_unveil.c:92 [inline]
unveil_delete_names(ffff800001012000) at unveil_delete_names+0x30 sys/kern/kern_unveil.c:102
unveil_destroy(ffff80002129b618) at unveil_destroy+0xad sys/kern/kern_unveil.c:183
exit1(ffff800024beba48,0,0,1) at exit1+0x3d5 sys/kern/kern_exit.c:219
sys_exit(ffff800024beba48,ffff80002e58d350,ffff80002e58d3a0) at sys_exit+0x16 sys/kern/kern_exit.c:89
syscall(ffff80002e58d420) at syscall+0x435 mi_syscall sys/sys/syscall_mi.h:101 [inline]
syscall(ffff80002e58d420) at syscall+0x435 sys/arch/amd64/amd64/trap.c:585
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x7f7fffffb7c0, count: 249
End of stack trace.
Stopped at db_enter+0x18: addq $0x8,%rsp
ddb{0}> set $lines = 0
ddb{0}> set $maxwidth = 0
ddb{0}> show panic
the kernel did not panic
ddb{0}> trace
db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:437
witness_checkorder(ffff800001012028,9,0) at witness_checkorder+0x138 witness_debugger sys/kern/subr_witness.c:2502 [inline]
witness_checkorder(ffff800001012028,9,0) at witness_checkorder+0x138 sys/kern/subr_witness.c:772
rw_enter_write(ffff800001012018) at rw_enter_write+0x5b sys/kern/kern_rwlock.c:128
unveil_delete_names(ffff800001012000) at unveil_delete_names+0x30 unvname_rbt_RBT_MIN sys/kern/kern_unveil.c:92 [inline]
unveil_delete_names(ffff800001012000) at unveil_delete_names+0x30 sys/kern/kern_unveil.c:102
unveil_destroy(ffff80002129b618) at unveil_destroy+0xad sys/kern/kern_unveil.c:183
exit1(ffff800024beba48,0,0,1) at exit1+0x3d5 sys/kern/kern_exit.c:219
sys_exit(ffff800024beba48,ffff80002e58d350,ffff80002e58d3a0) at sys_exit+0x16 sys/kern/kern_exit.c:89
syscall(ffff80002e58d420) at syscall+0x435 mi_syscall sys/sys/syscall_mi.h:101 [inline]
syscall(ffff80002e58d420) at syscall+0x435 sys/arch/amd64/amd64/trap.c:585
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x7f7fffffb7c0, count: -9
ddb{0}> show registers
rdi 0
rsi 0
rbp 0xffff80002e58d0f0
rbx 0x3
rdx 0
rcx 0
rax 0xffff800024beba48
r8 0xffff80002e58d090
r9 0x8080808080808080
r10 0x3eabca95a7abdcc5
r11 0xb568ebbf930b9c97
r12 0xffff800001012001
r13 0xffff800001012028
r14 0
r15 0
rip 0xffffffff81feffe8 db_enter+0x18
cs 0x8
rflags 0x246
rsp 0xffff80002e58d0e0
ss 0x10
db_enter+0x18: addq $0x8,%rsp
ddb{0}> show proc
PROC (syz-executor.0) pid=126983 stat=onproc
flags process=1008<EXITING,SINGLEEXIT> proc=2000<WEXIT>
pri=32, usrpri=86, nice=20
forw=0xffffffffffffffff, list=0xffff80002e53a550,0xffff800024beb278
process=0xffff80002129b618 user=0xffff80002e588000, vmspace=0xfffffd805ad76478
estcpu=36, cpticks=19, pctcpu=0.0
user=0, sys=8, intr=0
ddb{0}> ps
PID TID PPID UID S FLAGS WAIT COMMAND
25917 188903 43369 0 2 0 syz-executor.2
34630 255192 68894 0 2 0 syz-executor.7
56839 405855 17007 0 2 0x480 syz-executor.6
56839 421912 17007 0 3 0x4000080 fsleep syz-executor.6
56839 254256 17007 0 2 0x4000000 syz-executor.6
56839 27776 17007 0 3 0x4000080 fsleep syz-executor.6
68894 323000 17928 0 2 0x482 syz-executor.7
71168 181369 17928 0 2 0x482 syz-executor.4
68496 236978 17928 0 2 0x482 syz-executor.0
43369 487876 17928 0 2 0x482 syz-executor.2
17007 343196 17928 0 2 0x482 syz-executor.6
62368 200780 17928 0 3 0x82 piperd syz-executor.1
54321 314285 17928 0 2 0x2 syz-executor.5
23589 461413 17928 0 3 0x82 piperd syz-executor.3
37367 41655 0 0 3 0x14280 nfsidl nfsio
15584 140154 0 0 3 0x14280 nfsidl nfsio
55896 86599 0 0 3 0x14280 nfsidl nfsio
56029 340999 0 0 3 0x14280 nfsidl nfsio
40962 323612 0 0 3 0x14280 nfsidl nfsio
78132 295002 0 0 3 0x14280 nfsidl nfsio
21180 507270 0 0 3 0x14280 nfsidl nfsio
14013 140619 0 0 3 0x14280 nfsidl nfsio
19368 318590 0 0 3 0x14280 nfsidl nfsio
73350 321569 0 0 3 0x14280 nfsidl nfsio
43317 454411 0 0 3 0x14280 nfsidl nfsio
94129 128229 0 0 3 0x14280 nfsidl nfsio
79642 167690 0 0 3 0x14280 nfsidl nfsio
83908 15582 0 0 3 0x14280 nfsidl nfsio
94119 6694 0 0 3 0x14280 nfsidl nfsio
59010 299730 0 0 3 0x14280 nfsidl nfsio
55045 387244 0 0 3 0x14280 nfsidl nfsio
73865 129133 0 0 3 0x14280 nfsidl nfsio
20533 119387 0 0 3 0x14280 nfsidl nfsio
61099 212335 0 0 3 0x14280 nfsidl nfsio
60303 131846 1 0 2 0x100083 getty
95667 494285 0 0 3 0x14200 bored sosplice
17928 317784 60605 0 3 0x82 wait syz-fuzzer
17928 379809 60605 0 3 0x4000082 thrsleep syz-fuzzer
17928 269681 60605 0 3 0x4000082 thrsleep syz-fuzzer
17928 214170 60605 0 3 0x4000082 wait syz-fuzzer
17928 329184 60605 0 3 0x4000082 thrsleep syz-fuzzer
17928 212365 60605 0 3 0x4000082 wait syz-fuzzer
17928 393387 60605 0 3 0x4000082 wait syz-fuzzer
17928 327339 60605 0 3 0x4000082 wait syz-fuzzer
17928 2432 60605 0 3 0x4000082 thrsleep syz-fuzzer
17928 227206 60605 0 3 0x4000082 kqread syz-fuzzer
17928 280114 60605 0 3 0x4000082 wait syz-fuzzer
17928 204161 60605 0 3 0x4000082 thrsleep syz-fuzzer
17928 27495 60605 0 3 0x4000082 wait syz-fuzzer
17928 431066 60605 0 3 0x4000082 thrsleep syz-fuzzer
17928 211200 60605 0 3 0x4000082 thrsleep syz-fuzzer
17928 135962 60605 0 3 0x4000082 wait syz-fuzzer
60605 87170 63473 0 3 0x10008a sigsusp ksh
63473 355480 66092 0 3 0x9a kqread sshd
66092 132270 1 0 3 0x88 kqread sshd
3896 72489 38762 74 3 0x1100092 bpf pflogd
38762 329351 1 0 3 0x80 netio pflogd
43176 100252 24585 73 2 0x1100090 syslogd
24585 320708 1 0 3 0x100082 netio syslogd
72530 312034 1 0 3 0x100080 kqread resolvd
95225 179017 83813 77 3 0x100092 kqread dhcpleased
97340 487555 83813 77 3 0x100092 kqread dhcpleased
83813 243711 1 0 3 0x80 kqread dhcpleased
93469 119443 0 0 3 0x14200 bored smr
96573 489538 0 0 2 0x14200 zerothread
68299 42065 0 0 3 0x14200 aiodoned aiodoned
57898 384934 0 0 3 0x14200 syncer update
27822 471518 0 0 3 0x14200 cleaner cleaner
56194 471103 0 0 2 0x14200 reaper
48405 368049 0 0 3 0x14200 pgdaemon pagedaemon
51859 409580 0 0 3 0x14200 bored viomb
18273 74328 0 0 3 0x40014200 acpi0 acpi0
4966 191677 0 0 7 0x40014200 idle1
97740 65310 0 0 3 0x14200 bored softnet
6879 100567 0 0 3 0x14200 bored softnet
20555 144478 0 0 3 0x14200 bored softnet
9375 92579 0 0 3 0x14200 bored softnet
20139 208837 0 0 3 0x14200 bored systqmp
72867 339879 0 0 3 0x14200 bored systq
23547 392115 0 0 2 0x40014200 softclock
79577 52276 0 0 3 0x40014200 idle0
1 138743 0 0 3 0x82 wait init
0 0 -1 0 3 0x10200 scheduler swapper
ddb{0}> show all locks
Process 25917 (syz-executor.2) thread 0xffff800024beb7a8 (188903)
exclusive rwlock vmmaplk r = 0 (0xfffffd805ad76040)
#0 witness_lock+0x44d
#1 rw_enter+0x3e1 sys/kern/kern_rwlock.c:310
#2 vm_map_lock_ln+0xda sys/uvm/uvm_map.c:5292
#3 uvmfault_lookup+0xb9 sys/uvm/uvm_fault.c:1766
#4 uvm_fault_check+0x660 uvmfault_amapcopy sys/uvm/uvm_fault.c:236 [inline]
#4 uvm_fault_check+0x660 sys/uvm/uvm_fault.c:711
#5 uvm_fault+0xf2 sys/uvm/uvm_fault.c:601
#6 upageflttrap+0x82 sys/arch/amd64/amd64/trap.c:181
#7 usertrap+0x1aa sys/arch/amd64/amd64/trap.c:403
#8 recall_trap+0x8
Process 34630 (syz-executor.7) thread 0xffff800024bead28 (255192)
exclusive rwlock vmmaplk r = 0 (0xfffffd805ad76770)
#0 witness_lock+0x44d
#1 rw_enter+0x3e1 sys/kern/kern_rwlock.c:310
#2 vm_map_lock_ln+0xda sys/uvm/uvm_map.c:5292
#3 uvmfault_lookup+0xb9 sys/uvm/uvm_fault.c:1766
#4 uvm_fault_check+0x660 uvmfault_amapcopy sys/uvm/uvm_fault.c:236 [inline]
#4 uvm_fault_check+0x660 sys/uvm/uvm_fault.c:711
#5 uvm_fault+0xf2 sys/uvm/uvm_fault.c:601
#6 upageflttrap+0x82 sys/arch/amd64/amd64/trap.c:181
#7 usertrap+0x1aa sys/arch/amd64/amd64/trap.c:403
#8 recall_trap+0x8
Process 54321 (syz-executor.5) thread 0xffff800024beaa88 (314285)
exclusive rwlock vmmaplk r = 0 (0xfffffd805ad76a50)
#0 witness_lock+0x44d
#1 rw_enter+0x3e1 sys/kern/kern_rwlock.c:310
#2 vm_map_lock_ln+0xda sys/uvm/uvm_map.c:5292
#3 uvmspace_fork+0x103 sys/uvm/uvm_map.c:3905
#4 process_new+0x304 sys/kern/kern_fork.c:260
#5 fork1+0x30b sys/kern/kern_fork.c:379
#6 syscall+0x435 mi_syscall sys/sys/syscall_mi.h:101 [inline]
#6 syscall+0x435 sys/arch/amd64/amd64/trap.c:585
#7 Xsyscall+0x128
exclusive rwlock vmmaplk r = 0 (0xfffffd807390ebc0)
#0 witness_lock+0x44d
#1 rw_enter+0x3e1 sys/kern/kern_rwlock.c:310
#2 vm_map_lock_ln+0xda sys/uvm/uvm_map.c:5292
#3 uvmspace_fork+0x37 sys/uvm/uvm_map.c:3896
#4 process_new+0x304 sys/kern/kern_fork.c:260
#5 fork1+0x30b sys/kern/kern_fork.c:379
#6 syscall+0x435 mi_syscall sys/sys/syscall_mi.h:101 [inline]
#6 syscall+0x435 sys/arch/amd64/amd64/trap.c:585
#7 Xsyscall+0x128
Process 56194 (reaper) thread 0xffff8000212337a8 (471103)
exclusive rwlock kmmaplk r = 0 (0xffffffff82a2dfe0)
#0 witness_lock+0x44d
#1 rw_enter+0x3e1 sys/kern/kern_rwlock.c:310
#2 vm_map_lock_ln+0xda sys/uvm/uvm_map.c:5292
#3 uvm_unmap+0x78 sys/uvm/uvm_map.c:1845
#4 uvm_uarea_free+0x35 sys/uvm/uvm_glue.c:288
#5 reaper+0x168 sys/kern/kern_exit.c:437
#6 proc_trampoline+0x1c
ddb{0}> show malloc
Type InUse MemUse HighUse Limit Requests Type Lim
devbuf 10249 6528K 7449K 78643K 54403 0
pcb 24 26K 30K 78643K 4237 0
rtable 232 21K 23K 78643K 7323 0
ifaddr 169 47K 55K 78643K 3738 0
sysctl 3 1K 1K 78643K 11 0
counters 56 35K 36K 78643K 2104 0
ioctlops 0 0K 6K 78643K 8093 0
iov 0 0K 28K 78643K 4593 0
mount 1 1K 1K 78643K 1 0
log 0 0K 0K 78643K 4 0
vnodes 1536 96K 96K 78643K 15178 0
UFS quota 1 32K 32K 78643K 1 0
UFS mount 5 36K 36K 78643K 5 0
shm 2 1K 9K 78643K 272 0
VM map 2 1K 1K 78643K 2 0
sem 22 16K 32K 78643K 227 0
dirhash 12 2K 2K 78643K 12 0
ACPI 1697 195K 286K 78643K 12548 0
file desc 14 49K 93K 78643K 27636 0
sigio 1 0K 0K 78643K 539 0
proc 72 115K 115K 78643K 4722 0
subproc 104 6K 7K 78643K 1472 0
NFS srvsock 1 0K 0K 78643K 1 0
NFS daemon 1 16K 16K 78643K 1 0
ip_moptions 0 0K 0K 78643K 1985 0
in_multi 83 5K 6K 78643K 1918 0
ether_multi 1 0K 0K 78643K 154 0
mrt 1 0K 0K 78643K 162 0
ISOFS mount 1 32K 32K 78643K 1 0
MSDOSFS mount 1 16K 16K 78643K 1 0
ttys 247 1102K 1102K 78643K 247 0
exec 0 0K 2K 78643K 6782 0
pfkey data 0 0K 0K 78643K 7 0
tdb 3 0K 0K 78643K 3 0
pagedep 1 8K 8K 78643K 1 0
inodedep 1 32K 32K 78643K 1 0
newblk 1 0K 0K 78643K 1 0
VM swap 8 62K 64K 78643K 10 0
UVM amap 782 2102K 2103K 78643K 158632 0
UVM aobj 131 8K 8K 78643K 142 0
memdesc 1 4K 4K 78643K 1 0
crypto data 1 1K 1K 78643K 1 0
ip6_options 0 0K 0K 78643K 1107 0
NDP 16 0K 2K 78643K 772 0
temp 145 4734K 70270K 78643K 202442 0
kqueue 12 18K 24K 78643K 1781 0
SYN cache 2 16K 16K 78643K 2 0
ddb{0}> show all pools
Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle
plcache 128 22 0 0 1 0 1 1 0 8 0
rtpcb 120 1645 0 1642 21 20 1 3 0 8 0
rtentry 112 1892 0 1806 4 0 4 4 0 8 0
unpcb 144 26618 0 26603 230 224 6 10 0 8 5
syncache 296 179 0 179 43 43 0 1 0 8 0
tcpqe 32 151 0 151 15 15 0 1 0 8 0
tcpcb 768 52987 0 52977 1513 1504 9 48 0 8 7
arp 120 242 0 229 1 0 1 1 0 8 0
inpcb 368 68847 0 68829 925 916 9 29 0 8 7
ip6q 72 3 0 3 1 1 0 1 0 8 0
ip6af 40 6 0 6 1 1 0 1 0 8 0
nd6 48 393 0 372 1 0 1 1 0 8 0
pkpcb 40 100 0 100 15 15 0 1 0 8 0
kcovpl 48 112 0 104 1 0 1 1 0 8 0
ppxss 1256 669 0 669 50 49 1 1 0 8 1
pppxif 1704 387 0 387 38 38 0 1 0 8 0
pfstscr 40 98 0 98 10 10 0 1 0 8 0
pffrag 232 133 0 130 5 4 1 1 0 482 0
pffrnode 88 131 0 128 5 4 1 1 0 8 0
pffrent 40 396 0 393 5 4 1 1 0 8 0
pfosfp 40 1438 0 1012 5 0 5 5 0 8 0
pfosfpen 112 1438 0 719 21 0 21 21 0 8 0
pfrktable 1344 829 0 821 12 11 1 2 0 8 0
pfanchor 1280 733 0 300 40 3 37 37 0 8 0
pftag 88 13 0 11 4 3 1 1 0 8 0
pfqueue 264 6 0 6 2 2 0 1 0 8 0
pfstitem 24 30 0 28 1 0 1 1 0 8 0
pfstkey 120 216 0 214 1 0 1 1 0 8 0
pfstate 336 122 0 120 3 2 1 3 0 8 0
pfrule 1360 347 0 340 5 4 1 2 0 8 0
rttmr 136 43 0 43 13 13 0 1 0 8 0
art_heap8 4096 22 0 21 18 17 1 2 0 8 0
art_heap4 256 8031 0 7596 77 47 30 31 0 8 0
art_table 32 8053 0 7617 4 0 4 4 0 8 0
art_node 16 1878 0 1803 1 0 1 1 0 8 0
sysvmsgpl 40 4 0 2 1 0 1 1 0 8 0
semapl 112 205 0 185 1 0 1 1 0 8 0
shmpl 112 139 0 11 4 0 4 4 0 8 0
dirhash 1024 17 0 0 3 0 3 3 0 8 0
dino2pl 256 38186 0 36572 102 0 102 102 0 8 0
ffsino 272 38186 0 36572 109 0 109 109 0 8 0
nchpl 144 75581 0 75017 63 39 24 63 0 8 0
rtmask 32 21 0 21 8 8 0 1 0 8 0
uvmvnodes 80 18228 0 0 372 0 372 372 0 8 0
vnodes 216 18228 0 0 1013 0 1013 1013 0 8 0
namei 1024 264722 0 264722 12 11 1 3 0 8 1
percpumem 16 1064 0 1024 1 0 1 1 0 8 0
vcpupl 2048 377 0 0 48 0 48 48 0 8 0
vmpool 568 519 0 142 28 1 27 27 0 8 0
pfiaddrpl 120 328 0 324 5 4 1 1 0 8 0
kstatmem 264 1036 0 1004 7 4 3 3 0 8 0
scsiplug 72 34 0 34 9 9 0 1 0 8 0
scxspl 216 215968 0 215968 49 48 1 8 0 8 1
plimitpl 152 4084 0 4068 1 0 1 1 0 8 0
sigapl 424 27799 0 27732 12 4 8 8 0 8 0
futexpl 64 280792 0 280790 5 4 1 1 0 8 0
knotepl 120 1535 0 0 12 1 11 11 0 8 0
kqueuepl 216 4571 0 4563 81 80 1 5 0 8 0
pipepl 320 5972 0 5944 154 147 7 8 0 8 4
fdescpl 496 27717 0 27690 8 4 4 5 0 8 0
filepl 152 224137 0 223886 370 352 18 25 0 8 8
lockfpl 104 8862 0 8860 11 10 1 2 0 8 0
lockfspl 48 2699 0 2697 1 0 1 1 0 8 0
sessionpl 144 129 0 112 1 0 1 1 0 8 0
pgrppl 48 390 0 373 1 0 1 1 0 8 0
ucredpl 104 24043 0 24021 1 0 1 1 0 8 0
zombiepl 144 29900 0 29898 7 6 1 1 0 8 0
processpl 1064 27799 0 27732 5 0 5 5 0 8 0
procpl 672 74823 0 74737 47 38 9 10 0 8 0
srpgc 96 124 0 124 35 35 0 1 0 8 0
sosppl 168 204 0 204 32 32 0 1 0 8 0
sockpl 488 97251 0 97214 1998 1986 12 45 0 8 7
mcl64k 65536 17 0 0 3 0 3 3 0 8 0
mcl16k 16384 17 0 0 3 0 3 3 0 8 0
mcl12k 12288 33 0 0 2 0 2 2 0 8 0
mcl9k 9216 20 0 0 2 0 2 2 0 8 0
mcl8k 8192 34 0 0 3 0 3 3 0 8 0
mcl4k 4096 25 0 0 3 0 3 3 0 8 0
mcl2k2 2112 5 0 0 1 0 1 1 0 8 0
mcl2k 2048 531 0 0 47 22 25 47 0 8 0
mtagpl 96 1253 0 0 12 0 12 12 0 8 0
mbufpl 256 7796 0 0 420 0 420 420 0 8 0
bufpl 288 46210 0 38280 568 1 567 567 0 8 0
anonpl 24 5404588 0 5385867 295 163 132 147 0 186 0
amapchunkpl 152 468813 0 468077 171 138 33 46 0 158 0
amappl16 200 78535 0 77813 324 284 40 51 0 8 0
amappl15 192 3953 0 3938 2 1 1 2 0 8 0
amappl14 184 1632 0 1621 1 0 1 1 0 8 0
amappl13 176 3041 0 3039 1 0 1 1 0 8 0
amappl12 168 5096 0 5093 2 1 1 1 0 8 0
amappl11 160 4432 0 4412 2 1 1 2 0 8 0
amappl10 152 4653 0 4646 1 0 1 1 0 8 0
amappl9 144 1670 0 1662 2 1 1 1 0 8 0
amappl8 136 8191 0 8012 9 2 7 7 0 8 0
amappl7 128 5630 0 5607 1 0 1 1 0 8 0
amappl6 120 1641 0 1611 3 2 1 2 0 8 0
amappl5 112 23500 0 23484 1 0 1 1 0 8 0
amappl4 104 10523 0 10474 7 5 2 2 0 8 0
amappl3 96 87534 0 87481 3 1 2 2 0 8 0
amappl2 88 33647 0 33576 3 1 2 3 0 8 0
amappl1 80 652794 0 652062 24 6 18 22 0 8 0
amappl 88 155755 0 155423 11 2 9 9 0 92 0
dma4096 4096 1 0 1 1 1 0 1 0 8 0
dma1024 1024 1 0 0 1 0 1 1 0 8 0
dma256 256 6 0 6 1 1 0 1 0 8 0
dma128 128 253 0 253 1 1 0 1 0 8 0
dma64 64 6 0 6 1 1 0 1 0 8 0
dma32 32 7 0 7 1 1 0 1 0 8 0
dma16 16 18 0 17 1 0 1 1 0 8 0
aobjpl 72 141 0 11 3 0 3 3 0 8 0
uaddrrnd 24 28236 0 27831 3 0 3 3 0 8 0
uaddrbest 32 2 0 0 1 0 1 1 0 8 0
uaddr 24 28236 0 27831 3 0 3 3 0 8 0
vmmpekpl 168 199638 0 199534 6 0 6 6 0 8 0
vmmpepl 168 2721497 0 2717755 594 408 186 211 0 357 0
vmsppl 368 28235 0 27831 41 3 38 38 0 8 0
rwobjpl 56 667599 0 647080 329 38 291 291 0 8 0
pdppl 4096 56479 0 56039 1447 1001 446 446 0 8 6
pvpl 32 10563502 0 10538924 739 526 213 273 0 265 0
pmappl 248 28235 0 27831 29 3 26 26 0 8 0
extentpl 40 56 0 38 1 0 1 1 0 8 0
phpool 112 3890 0 2075 52 0 52 52 0 8 0
ddb{0}> machine ddbcpu 0
Invalid cpu 0
ddb{0}> trace
db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:437
witness_checkorder(ffff800001012028,9,0) at witness_checkorder+0x138 witness_debugger sys/kern/subr_witness.c:2502 [inline]
witness_checkorder(ffff800001012028,9,0) at witness_checkorder+0x138 sys/kern/subr_witness.c:772
rw_enter_write(ffff800001012018) at rw_enter_write+0x5b sys/kern/kern_rwlock.c:128
unveil_delete_names(ffff800001012000) at unveil_delete_names+0x30 unvname_rbt_RBT_MIN sys/kern/kern_unveil.c:92 [inline]
unveil_delete_names(ffff800001012000) at unveil_delete_names+0x30 sys/kern/kern_unveil.c:102
unveil_destroy(ffff80002129b618) at unveil_destroy+0xad sys/kern/kern_unveil.c:183
exit1(ffff800024beba48,0,0,1) at exit1+0x3d5 sys/kern/kern_exit.c:219
sys_exit(ffff800024beba48,ffff80002e58d350,ffff80002e58d3a0) at sys_exit+0x16 sys/kern/kern_exit.c:89
syscall(ffff80002e58d420) at syscall+0x435 mi_syscall sys/sys/syscall_mi.h:101 [inline]
syscall(ffff80002e58d420) at syscall+0x435 sys/arch/amd64/amd64/trap.c:585
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x7f7fffffb7c0, count: -9
ddb{0}> machine ddbcpu 1
Stopped at x86_ipi_db+0x1a: addq $0x8,%rsp
ddb{1}> trace
x86_ipi_db(ffff800020dd8ff0) at x86_ipi_db+0x1a sys/arch/amd64/amd64/db_interface.c:393
x86_ipi_handler() at x86_ipi_handler+0xb7 sys/arch/amd64/amd64/ipi.c:106
Xresume_lapic_ipi() at Xresume_lapic_ipi+0x23
acpicpu_idle() at acpicpu_idle+0x312 sys/dev/acpi/acpicpu.c:1206
sched_idle(ffff800020dd8ff0) at sched_idle+0x417 sys/kern/kern_sched.c:175
end trace frame: 0x0, count: -5
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot
Jan 17, 2023, 8:32:27 AM1/17/23
to syzkaller-o...@googlegroups.com
Auto-closing this bug as obsolete.
Crashes did not happen for a while, no reproducer and no activity.
Crashes did not happen for a while, no reproducer and no activity.
Reply all
Reply to author
Forward
0 new messages