panic: wakeup: p_stat is NUM (3)
1 view
Skip to first unread message
syzbot
Sep 4, 2023, 5:33:22 PM9/4/23
to syzkaller-o...@googlegroups.com
Hello,
syzbot found the following issue on:
HEAD commit: 1c33b230a824 Allow UDP for built-in inetd(8) services on 1..
git tree: openbsd
console output: https://syzkaller.appspot.com/x/log.txt?x=13d25d2fa80000
kernel config: https://syzkaller.appspot.com/x/.config?x=1bc15e68cd2a49e5
dashboard link: https://syzkaller.appspot.com/bug?extid=b8200678a074d118744c
Unfortunately, I don't have any reproducer for this issue yet.
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/bef6fe7a5176/disk-1c33b230.raw.xz
bsd.gdb: https://storage.googleapis.com/syzbot-assets/2f57caa645f9/bsd-1c33b230.gdb.xz
kernel image: https://storage.googleapis.com/syzbot-assets/10065c32ad81/kernel-1c33b230.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+b82006...@syzkaller.appspotmail.com
panic: wakeup: p_stat is 0
Starting stack trace...
panic(ffffffff82842e06) at panic+0x159 sys/kern/subr_prf.c:229
wakeup(fffffd805fa2a388) at wakeup+0xec sys/kern/kern_synch.c:545
sd_buf_done(fffffd805f6c25f8) at sd_buf_done+0x1fd sys/scsi/sd.c:772
vioscsi_vq_done(ffff8000000a2228) at vioscsi_vq_done+0xb1 sys/dev/pv/vioscsi.c:350
intr_handler(ffff80002e65e3b0,ffff80000006a080) at intr_handler+0x4f sys/arch/amd64/amd64/intr.c:537
Xintr_ioapic_edge23_untramp() at Xintr_ioapic_edge23_untramp+0x18f
Xspllower() at Xspllower+0x1d
softintr_dispatch(0) at softintr_dispatch+0xc4 sys/arch/amd64/amd64/softintr.c:103
Xsoftclock() at Xsoftclock+0x27
buf_get(0,0,10000000) at buf_get+0x77a sys/kern/vfs_bio.c:1196
geteblk(10000000) at geteblk+0x3c sys/kern/vfs_bio.c:1071
readdisklabel(2902,ffffffff81646310,ffff800000da1400,0) at readdisklabel+0x149 sys/arch/amd64/amd64/disksubr.c:96
vndopen(2902,1,2000,ffff8000217112c0) at vndopen+0x17e sys/dev/vnd.c:204
spec_open(ffff80002e65e8e8) at spec_open+0x3e3 sys/kern/spec_vnops.c:150
VOP_OPEN(fffffd807d08eeb8,1,fffffd807f7d7888,ffff8000217112c0) at VOP_OPEN+0x70 sys/kern/vfs_vops.c:138
vn_open(ffff80002e65eb38,1,0) at vn_open+0x452 sys/kern/vfs_vnops.c:177
doopenat(ffff8000217112c0,ffffff9c,20000200,0,0,ffff80002e65ed10) at doopenat+0x26e sys/kern/vfs_syscalls.c:1126
syscall(ffff80002e65ed90) at syscall+0x4a8 sys/arch/amd64/amd64/trap.c:623
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0xfbf22e071a0, count: 238
End of stack trace.
fatal page fault in supervisor mode
trap type 6 code 0 rip ffffffff82511e06 cs 8 rflags 10297 cr2 344 cpl c rsp ffff80002e65d880
gsbase 0xffffffff82be7ff0 kgsbase 0x0
panic: trap type 6, code=0, pc=ffffffff82511e06
Starting stack trace...
panic(ffffffff82774eaa) at panic+0x159 sys/kern/subr_prf.c:229
kerntrap(ffff80002e65d7d0) at kerntrap+0x1c7 sys/arch/amd64/amd64/trap.c:327
alltraps_kern_meltdown() at alltraps_kern_meltdown+0x7b
schedclock(ffff8000217112c0) at schedclock+0xa6 sys/kern/sched_bsd.c:569
clockintr_statclock(ffffffff82be8ab8,ffff80002e65d9c0) at clockintr_statclock+0x118 sys/kern/kern_clockintr.c:518
clockintr_dispatch(ffff80002e65d9c0) at clockintr_dispatch+0x255 sys/kern/kern_clockintr.c:266
lapic_clockintr(0,4000000000010000) at lapic_clockintr+0x3a sys/arch/amd64/amd64/lapic.c:482
Xresume_lapic_ltimer() at Xresume_lapic_ltimer+0x2a
Xspllower() at Xspllower+0x1d
tsleep(fffffd805fa2a388,11,ffffffff82843bea,0) at tsleep+0x117 sys/kern/kern_synch.c:149
getblk(fffffd807efcfa20,1fa560,4000,0,ffffffffffffffff) at getblk+0x14c sys/kern/vfs_bio.c:1038
bread(fffffd807efcfa20,1fa560,4000,ffff80002e65dd78) at bread+0x3e bio_doread sys/kern/vfs_bio.c:433 [inline]
bread(fffffd807efcfa20,1fa560,4000,ffff80002e65dd78) at bread+0x3e sys/kern/vfs_bio.c:478
ffs_update(fffffd805ef193c0,1) at ffs_update+0x14f sys/ufs/ffs/ffs_inode.c:91
ffs_truncate(fffffd805ef193c0,0,0,ffffffffffffffff) at ffs_truncate+0xcd5
ufs_inactive(ffff80002e65e038) at ufs_inactive+0x152 sys/ufs/ufs/ufs_inode.c:84
VOP_INACTIVE(fffffd805a8d2468,ffff8000217112c0) at VOP_INACTIVE+0xbf sys/kern/vfs_vops.c:489
vput(fffffd805a8d2468) at vput+0xa7 sys/kern/vfs_subr.c:779
vn_close(fffffd805a8d2468,2,ffffffffffffffff,ffff8000217112c0) at vn_close+0x82 sys/kern/vfs_vnops.c:294
acct_shutdown() at acct_shutdown+0x66 sys/kern/kern_acct.c:359
vfs_shutdown(ffff8000217112c0) at vfs_shutdown+0x1a sys/kern/vfs_subr.c:1779
boot(100) at boot+0xbf sys/arch/amd64/amd64/machdep.c:901
reboot(100) at reboot+0x7b
panic(ffffffff82842e06) at panic+0x179 sys/kern/subr_prf.c:231
wakeup(fffffd805fa2a388) at wakeup+0xec sys/kern/kern_synch.c:545
sd_buf_done(fffffd805f6c25f8) at sd_buf_done+0x1fd sys/scsi/sd.c:772
vioscsi_vq_done(ffff8000000a2228) at vioscsi_vq_done+0xb1 sys/dev/pv/vioscsi.c:350
intr_handler(ffff80002e65e3b0,ffff80000006a080) at intr_handler+0x4f sys/arch/amd64/amd64/intr.c:537
Xintr_ioapic_edge23_untramp() at Xintr_ioapic_edge23_untramp+0x18f
Xspllower() at Xspllower+0x1d
softintr_dispatch(0) at softintr_dispatch+0xc4 sys/arch/amd64/amd64/softintr.c:103
Xsoftclock() at Xsoftclock+0x27
buf_get(0,0,10000000) at buf_get+0x77a sys/kern/vfs_bio.c:1196
geteblk(10000000) at geteblk+0x3c sys/kern/vfs_bio.c:1071
readdisklabel(2902,ffffffff81646310,ffff800000da1400,0) at readdisklabel+0x149 sys/arch/amd64/amd64/disksubr.c:96
vndopen(2902,1,2000,ffff8000217112c0) at vndopen+0x17e sys/dev/vnd.c:204
spec_open(ffff80002e65e8e8) at spec_open+0x3e3 sys/kern/spec_vnops.c:150
VOP_OPEN(fffffd807d08eeb8,1,fffffd807f7d7888,ffff8000217112c0) at VOP_OPEN+0x70 sys/kern/vfs_vops.c:138
vn_open(ffff80002e65eb38,1,0) at vn_open+0x452 sys/kern/vfs_vnops.c:177
doopenat(ffff8000217112c0,ffffff9c,20000200,0,0,ffff80002e65ed10) at doopenat+0x26e sys/kern/vfs_syscalls.c:1126
syscall(ffff80002e65ed90) at syscall+0x4a8 sys/arch/amd64/amd64/trap.c:623
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0xfbf22e071a0, count: 216
End of stack trace.
panic: wakeup: p_stat is 0
Starting stack trace...
panic(ffffffff82842e06) at panic+0x159 sys/kern/subr_prf.c:229
wakeup(fffffd806912cdd0) at wakeup+0xec sys/kern/kern_synch.c:545
sowakeup(fffffd806912cd20,fffffd806912cdd0) at sowakeup+0xfd sys/kern/uipc_socket2.c:548
sorwakeup(fffffd806912cd20) at sorwakeup+0xcd sys/kern/uipc_socket.c:1769
rtm_sendup(fffffd806912cd20,fffffd807cc8c000) at rtm_sendup+0xfa sys/net/rtsock.c:604
route_input(fffffd807cc8c000,0,0) at route_input+0x194 sys/net/rtsock.c:574
rtm_ifchg(ffff8000006b7000) at rtm_ifchg+0xe1 sys/net/rtsock.c:1785
if_down(ffff8000006b7000) at if_down+0x10c if_linkstate sys/net/if.c:1792 [inline]
if_down(ffff8000006b7000) at if_down+0x10c sys/net/if.c:1740
if_downall() at if_downall+0x7d sys/net/if.c:1721
boot(104) at boot+0x123 sys/arch/amd64/amd64/machdep.c:909
reboot(104) at reboot+0x7b
panic(ffffffff82774eaa) at panic+0x179 sys/kern/subr_prf.c:231
kerntrap(ffff80002e65d7d0) at kerntrap+0x1c7 sys/arch/amd64/amd64/trap.c:327
alltraps_kern_meltdown() at alltraps_kern_meltdown+0x7b
schedclock(ffff8000217112c0) at schedclock+0xa6 sys/kern/sched_bsd.c:569
clockintr_statclock(ffffffff82be8ab8,ffff80002e65d9c0) at clockintr_statclock+0x118 sys/kern/kern_clockintr.c:518
clockintr_dispatch(ffff80002e65d9c0) at clockintr_dispatch+0x255 sys/kern/kern_clockintr.c:266
lapic_clockintr(0,4000000000010000) at lapic_clockintr+0x3a sys/arch/amd64/amd64/lapic.c:482
Xresume_lapic_ltimer() at Xresume_lapic_ltimer+0x2a
Xspllower() at Xspllower+0x1d
tsleep(fffffd805fa2a388,11,ffffffff82843bea,0) at tsleep+0x117 sys/kern/kern_synch.c:149
getblk(fffffd807efcfa20,1fa560,4000,0,ffffffffffffffff) at getblk+0x14c sys/kern/vfs_bio.c:1038
bread(fffffd807efcfa20,1fa560,4000,ffff80002e65dd78) at bread+0x3e bio_doread sys/kern/vfs_bio.c:433 [inline]
bread(fffffd807efcfa20,1fa560,4000,ffff80002e65dd78) at bread+0x3e sys/kern/vfs_bio.c:478
ffs_update(fffffd805ef193c0,1) at ffs_update+0x14f sys/ufs/ffs/ffs_inode.c:91
ffs_truncate(fffffd805ef193c0,0,0,ffffffffffffffff) at ffs_truncate+0xcd5
ufs_inactive(ffff80002e65e038) at ufs_inactive+0x152 sys/ufs/ufs/ufs_inode.c:84
VOP_INACTIVE(fffffd805a8d2468,ffff8000217112c0) at VOP_INACTIVE+0xbf sys/kern/vfs_vops.c:489
vput(fffffd805a8d2468) at vput+0xa7 sys/kern/vfs_subr.c:779
vn_close(fffffd805a8d2468,2,ffffffffffffffff,ffff8000217112c0) at vn_close+0x82 sys/kern/vfs_vnops.c:294
acct_shutdown() at acct_shutdown+0x66 sys/kern/kern_acct.c:359
vfs_shutdown(ffff8000217112c0) at vfs_shutdown+0x1a sys/kern/vfs_subr.c:1779
boot(100) at boot+0xbf sys/arch/amd64/amd64/machdep.c:901
reboot(100) at reboot+0x7b
panic(ffffffff82842e06) at panic+0x179 sys/kern/subr_prf.c:231
wakeup(fffffd805fa2a388) at wakeup+0xec sys/kern/kern_synch.c:545
sd_buf_done(fffffd805f6c25f8) at sd_buf_done+0x1fd sys/scsi/sd.c:772
vioscsi_vq_done(ffff8000000a2228) at vioscsi_vq_done+0xb1 sys/dev/pv/vioscsi.c:350
intr_handler(ffff80002e65e3b0,ffff80000006a080) at intr_handler+0x4f sys/arch/amd64/amd64/intr.c:537
Xintr_ioapic_edge23_untramp() at Xintr_ioapic_edge23_untramp+0x18f
Xspllower() at Xspllower+0x1d
softintr_dispatch(0) at softintr_dispatch+0xc4 sys/arch/amd64/amd64/softintr.c:103
Xsoftclock() at Xsoftclock+0x27
buf_get(0,0,10000000) at buf_get+0x77a sys/kern/vfs_bio.c:1196
geteblk(10000000) at geteblk+0x3c sys/kern/vfs_bio.c:1071
readdisklabel(2902,ffffffff81646310,ffff800000da1400,0) at readdisklabel+0x149 sys/arch/amd64/amd64/disksubr.c:96
vndopen(2902,1,2000,ffff8000217112c0) at vndopen+0x17e sys/dev/vnd.c:204
spec_open(ffff80002e65e8e8) at spec_open+0x3e3 sys/kern/spec_vnops.c:150
VOP_OPEN(fffffd807d08eeb8,1,fffffd807f7d7888,ffff8000217112c0) at VOP_OPEN+0x70 sys/kern/vfs_vops.c:138
vn_open(ffff80002e65eb38,1,0) at vn_open+0x452 sys/kern/vfs_vnops.c:177
doopenat(ffff8000217112c0,ffffff9c,20000200,0,0,ffff80002e65ed10) at doopenat+0x26e sys/kern/vfs_syscalls.c:1126
syscall(ffff80002e65ed90) at syscall+0x4a8 sys/arch/amd64/amd64/trap.c:623
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0xfbf22e071a0, count: 205
End of stack trace.
panic: wakeup: p_stat is 0
Starting stack trace...
panic(ffffffff82842e06) at panic+0x159 sys/kern/subr_prf.c:229
wakeup(fffffd807c8ccb80) at wakeup+0xec sys/kern/kern_synch.c:545
knote_enqueue(fffffd807c899708) at knote_enqueue+0x194 klist_empty sys/sys/event.h:362 [inline]
knote_enqueue(fffffd807c899708) at knote_enqueue+0x194 kqueue_wakeup sys/kern/kern_event.c:1689 [inline]
knote_enqueue(fffffd807c899708) at knote_enqueue+0x194 sys/kern/kern_event.c:2032
knote_locked(fffffd807ca3dbc8,0) at knote_locked+0x11d
sorwakeup(fffffd807ca3dab8) at sorwakeup+0xcd sys/kern/uipc_socket.c:1769
rtm_sendup(fffffd807ca3dab8,fffffd807cc8c800) at rtm_sendup+0xfa sys/net/rtsock.c:604
route_input(fffffd807cc8c800,0,0) at route_input+0x194 sys/net/rtsock.c:574
rtm_ifchg(ffff80000019e2a8) at rtm_ifchg+0xe1 sys/net/rtsock.c:1785
if_down(ffff80000019e2a8) at if_down+0x10c if_linkstate sys/net/if.c:1792 [inline]
if_down(ffff80000019e2a8) at if_down+0x10c sys/net/if.c:1740
if_downall() at if_downall+0x7d sys/net/if.c:1721
boot(104) at boot+0x123 sys/arch/amd64/amd64/machdep.c:909
reboot(104) at reboot+0x7b
panic(ffffffff82842e06) at panic+0x179 sys/kern/subr_prf.c:231
wakeup(fffffd806912cdd0) at wakeup+0xec sys/kern/kern_synch.c:545
sowakeup(fffffd806912cd20,fffffd806912cdd0) at sowakeup+0xfd sys/kern/uipc_socket2.c:548
sorwakeup(fffffd806912cd20) at sorwakeup+0xcd sys/kern/uipc_socket.c:1769
rtm_sendup(fffffd806912cd20,fffffd807cc8c000) at rtm_sendup+0xfa sys/net/rtsock.c:604
route_input(fffffd807cc8c000,0,0) at route_input+0x194 sys/net/rtsock.c:574
rtm_ifchg(ffff8000006b7000) at rtm_ifchg+0xe1 sys/net/rtsock.c:1785
if_down(ffff8000006b7000) at if_down+0x10c if_linkstate sys/net/if.c:1792 [inline]
if_down(ffff8000006b7000) at if_down+0x10c sys/net/if.c:1740
if_downall() at if_downall+0x7d sys/net/if.c:1721
boot(104) at boot+0x123 sys/arch/amd64/amd64/machdep.c:909
reboot(104) at reboot+0x7b
panic(ffffffff82774eaa) at panic+0x179 sys/kern/subr_prf.c:231
kerntrap(ffff80002e65d7d0) at kerntrap+0x1c7 sys/arch/amd64/amd64/trap.c:327
alltraps_kern_meltdown() at alltraps_kern_meltdown+0x7b
schedclock(ffff8000217112c0) at schedclock+0xa6 sys/kern/sched_bsd.c:569
clockintr_statclock(ffffffff82be8ab8,ffff80002e65d9c0) at clockintr_statclock+0x118 sys/kern/kern_clockintr.c:518
clockintr_dispatch(ffff80002e65d9c0) at clockintr_dispatch+0x255 sys/kern/kern_clockintr.c:266
lapic_clockintr(0,4000000000010000) at lapic_clockintr+0x3a sys/arch/amd64/amd64/lapic.c:482
Xresume_lapic_ltimer() at Xresume_lapic_ltimer+0x2a
Xspllower() at Xspllower+0x1d
tsleep(fffffd805fa2a388,11,ffffffff82843bea,0) at tsleep+0x117 sys/kern/kern_synch.c:149
getblk(fffffd807efcfa20,1fa560,4000,0,ffffffffffffffff) at getblk+0x14c sys/kern/vfs_bio.c:1038
bread(fffffd807efcfa20,1fa560,4000,ffff80002e65dd78) at bread+0x3e bio_doread sys/kern/vfs_bio.c:433 [inline]
bread(fffffd807efcfa20,1fa560,4000,ffff80002e65dd78) at bread+0x3e sys/kern/vfs_bio.c:478
ffs_update(fffffd805ef193c0,1) at ffs_update+0x14f sys/ufs/ffs/ffs_inode.c:91
ffs_truncate(fffffd805ef193c0,0,0,ffffffffffffffff) at ffs_truncate+0xcd5
ufs_inactive(ffff80002e65e038) at ufs_inactive+0x152 sys/ufs/ufs/ufs_inode.c:84
VOP_INACTIVE(fffffd805a8d2468,ffff8000217112c0) at VOP_INACTIVE+0xbf sys/kern/vfs_vops.c:489
vput(fffffd805a8d2468) at vput+0xa7 sys/kern/vfs_subr.c:779
vn_close(fffffd805a8d2468,2,ffffffffffffffff,ffff8000217112c0) at vn_close+0x82 sys/kern/vfs_vnops.c:294
acct_shutdown() at acct_shutdown+0x66 sys/kern/kern_acct.c:359
vfs_shutdown(ffff8000217112c0) at vfs_shutdown+0x1a sys/kern/vfs_subr.c:1779
boot(100) at boot+0xbf sys/arch/amd64/amd64/machdep.c:901
reboot(100) at reboot+0x7b
panic(ffffffff82842e06) at panic+0x179 sys/kern/subr_prf.c:231
wakeup(fffffd805fa2a388) at wakeup+0xec sys/kern/kern_synch.c:545
sd_buf_done(fffffd805f6c25f8) at sd_buf_done+0x1fd sys/scsi/sd.c:772
vioscsi_vq_done(ffff8000000a2228) at vioscsi_vq_done+0xb1 sys/dev/pv/vioscsi.c:350
intr_handler(ffff80002e65e3b0,ffff80000006a080) at intr_handler+0x4f sys/arch/amd64/amd64/intr.c:537
Xintr_ioapic_edge23_untramp() at Xintr_ioapic_edge23_untramp+0x18f
Xspllower() at Xspllower+0x1d
softintr_dispatch(0) at softintr_dispatch+0xc4 sys/arch/amd64/amd64/softintr.c:103
Xsoftclock() at Xsoftclock+0x27
buf_get(0,0,10000000) at buf_get+0x77a sys/kern/vfs_bio.c:1196
geteblk(10000000) at geteblk+0x3c sys/kern/vfs_bio.c:1071
readdisklabel(2902,ffffffff81646310,ffff800000da1400,0) at readdisklabel+0x149 sys/arch/amd64/amd64/disksubr.c:96
vndopen(2902,1,2000,ffff8000217112c0) at vndopen+0x17e sys/dev/vnd.c:204
spec_open(ffff80002e65e8e8) at spec_open+0x3e3 sys/kern/spec_vnops.c:150
VOP_OPEN(fffffd807d08eeb8,1,fffffd807f7d7888,ffff8000217112c0) at VOP_OPEN+0x70 sys/kern/vfs_vops.c:138
vn_open(ffff80002e65eb38,1,0) at vn_open+0x452 sys/kern/vfs_vnops.c:177
doopenat(ffff8000217112c0,ffffff9c,20000200,0,0,ffff80002e65ed10) at doopenat+0x26e sys/kern/vfs_syscalls.c:1126
syscall(ffff80002e65ed90) at syscall+0x4a8 sys/arch/amd64/amd64/trap.c:623
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0xfbf22e071a0, count: 193
End of stack trace.
panic: wakeup: p_stat is 0
Starting stack trace...
panic(ffffffff82842e06) at panic+0x159 sys/kern/subr_prf.c:229
wakeup_n(ffffffff82b99060,1) at wakeup_n+0xfc sys/kern/kern_synch.c:545
task_add(ffffffff82b99060,ffffffff82b863e0) at task_add+0xfa sys/kern/kern_task.c:376
art_table_put(ffff800000683b80,fffffd8067dc8110) at art_table_put+0x155 sys/net/art.c:781
art_table_delete(ffff800000683b80,fffffd8067dc8110,10,fffffd807d083a70) at art_table_delete+0x17b art_table_rele sys/net/art.c:545 [inline]
art_table_delete(ffff800000683b80,fffffd8067dc8110,10,fffffd807d083a70) at art_table_delete+0x17b art_table_free sys/net/art.c:561 [inline]
art_table_delete(ffff800000683b80,fffffd8067dc8110,10,fffffd807d083a70) at art_table_delete+0x17b sys/net/art.c:530
art_delete(ffff800000683b80,fffffd807d083a70,ffff800000d1aba8,80) at art_delete+0x1db
rtable_delete(0,ffff800000d1aba0,0,fffffd8076694db0) at rtable_delete+0x2c2 sys/net/rtable.c:703
rtrequest_delete(ffff80002e65cbd8,3,ffff800000d87800,ffff80002e65cc98,0) at rtrequest_delete+0x14a sys/net/route.c:791
rtdeletemsg(fffffd8076694db0,ffff800000d87800,0) at rtdeletemsg+0x1bc sys/net/route.c:681
rt_if_track(ffff800000d87800) at rt_if_track+0x10f sys/net/route.c:1748
if_down(ffff800000d87800) at if_down+0x114 if_linkstate sys/net/if.c:1794 [inline]
if_down(ffff800000d87800) at if_down+0x114 sys/net/if.c:1740
if_downall() at if_downall+0x7d sys/net/if.c:1721
boot(104) at boot+0x123 sys/arch/amd64/amd64/machdep.c:909
reboot(104) at reboot+0x7b
panic(ffffffff82842e06) at panic+0x179 sys/kern/subr_prf.c:231
wakeup(fffffd807c8ccb80) at wakeup+0xec sys/kern/kern_synch.c:545
knote_enqueue(fffffd807c899708) at knote_enqueue+0x194 klist_empty sys/sys/event.h:362 [inline]
knote_enqueue(fffffd807c899708) at knote_enqueue+0x194 kqueue_wakeup sys/kern/kern_event.c:1689 [inline]
knote_enqueue(fffffd807c899708) at knote_enqueue+0x194 sys/kern/kern_event.c:2032
knote_locked(fffffd807ca3dbc8,0) at knote_locked+0x11d
sorwakeup(fffffd807ca3dab8) at sorwakeup+0xcd sys/kern/uipc_socket.c:1769
rtm_sendup(fffffd807ca3dab8,fffffd807cc8c800) at rtm_sendup+0xfa sys/net/rtsock.c:604
route_input(fffffd807cc8c800,0,0) at route_input+0x194 sys/net/rtsock.c:574
rtm_ifchg(ffff80000019e2a8) at rtm_ifchg+0xe1 sys/net/rtsock.c:1785
if_down(ffff80000019e2a8) at if_down+0x10c if_linkstate sys/net/if.c:1792 [inline]
if_down(ffff80000019e2a8) at if_down+0x10c sys/net/if.c:1740
if_downall() at if_downall+0x7d sys/net/if.c:1721
boot(104) at boot+0x123 sys/arch/amd64/amd64/machdep.c:909
reboot(104) at reboot+0x7b
panic(ffffffff82842e06) at panic+0x179 sys/kern/subr_prf.c:231
wakeup(fffffd806912cdd0) at wakeup+0xec sys/kern/kern_synch.c:545
sowakeup(fffffd806912cd20,fffffd806912cdd0) at sowakeup+0xfd sys/kern/uipc_socket2.c:548
sorwakeup(fffffd806912cd20) at sorwakeup+0xcd sys/kern/uipc_socket.c:1769
rtm_sendup(fffffd806912cd20,fffffd807cc8c000) at rtm_sendup+0xfa sys/net/rtsock.c:604
route_input(fffffd807cc8c000,0,0) at route_input+0x194 sys/net/rtsock.c:574
rtm_ifchg(ffff8000006b7000) at rtm_ifchg+0xe1 sys/net/rtsock.c:1785
if_down(ffff8000006b7000) at if_down+0x10c if_linkstate sys/net/if.c:1792 [inline]
if_down(ffff8000006b7000) at if_down+0x10c sys/net/if.c:1740
if_downall() at if_downall+0x7d sys/net/if.c:1721
boot(104) at boot+0x123 sys/arch/amd64/amd64/machdep.c:909
reboot(104) at reboot+0x7b
panic(ffffffff82774eaa) at panic+0x179 sys/kern/subr_prf.c:231
kerntrap(ffff80002e65d7d0) at kerntrap+0x1c7 sys/arch/amd64/amd64/trap.c:327
alltraps_kern_meltdown() at alltraps_kern_meltdown+0x7b
schedclock(ffff8000217112c0) at schedclock+0xa6 sys/kern/sched_bsd.c:569
clockintr_statclock(ffffffff82be8ab8,ffff80002e65d9c0) at clockintr_statclock+0x118 sys/kern/kern_clockintr.c:518
clockintr_dispatch(ffff80002e65d9c0) at clockintr_dispatch+0x255 sys/kern/kern_clockintr.c:266
lapic_clockintr(0,4000000000010000) at lapic_clockintr+0x3a sys/arch/amd64/amd64/lapic.c:482
Xresume_lapic_ltimer() at Xresume_lapic_ltimer+0x2a
Xspllower() at Xspllower+0x1d
tsleep(fffffd805fa2a388,11,ffffffff82843bea,0) at tsleep+0x117 sys/kern/kern_synch.c:149
getblk(fffffd807efcfa20,1fa560,4000,0,ffffffffffffffff) at getblk+0x14c sys/kern/vfs_bio.c:1038
bread(fffffd807efcfa20,1fa560,4000,ffff80002e65dd78) at bread+0x3e bio_doread sys/kern/vfs_bio.c:433 [inline]
bread(fffffd807efcfa20,1fa560,4000,ffff80002e65dd78) at bread+0x3e sys/kern/vfs_bio.c:478
ffs_update(fffffd805ef193c0,1) at ffs_update+0x14f sys/ufs/ffs/ffs_inode.c:91
ffs_truncate(fffffd805ef193c0,0,0,ffffffffffffffff) at ffs_truncate+0xcd5
ufs_inactive(ffff80002e65e038) at ufs_inactive+0x152 sys/ufs/ufs/ufs_inode.c:84
VOP_INACTIVE(fffffd805a8d2468,ffff8000217112c0) at VOP_INACTIVE+0xbf sys/kern/vfs_vops.c:489
vput(fffffd805a8d2468) at vput+0xa7 sys/kern/vfs_subr.c:779
vn_close(fffffd805a8d2468,2,ffffffffffffffff,ffff8000217112c0) at vn_close+0x82 sys/kern/vfs_vnops.c:294
acct_shutdown() at acct_shutdown+0x66 sys/kern/kern_acct.c:359
vfs_shutdown(ffff8000217112c0) at vfs_shutdown+0x1a sys/kern/vfs_subr.c:1779
boot(100) at boot+0xbf sys/arch/amd64/amd64/machdep.c:901
reboot(100) at reboot+0x7b
panic(ffffffff82842e06) at panic+0x179 sys/kern/subr_prf.c:231
wakeup(fffffd805fa2a388) at wakeup+0xec sys/kern/kern_synch.c:545
sd_buf_done(fffffd805f6c25f8) at sd_buf_done+0x1fd sys/scsi/sd.c:772
vioscsi_vq_done(ffff8000000a2228) at vioscsi_vq_done+0xb1 sys/dev/pv/vioscsi.c:350
intr_handler(ffff80002e65e3b0,ffff80000006a080) at intr_handler+0x4f sys/arch/amd64/amd64/intr.c:537
Xintr_ioapic_edge23_untramp() at Xintr_ioapic_edge23_untramp+0x18f
Xspllower() at Xspllower+0x1d
softintr_dispatch(0) at softintr_dispatch+0xc4 sys/arch/amd64/amd64/softintr.c:103
Xsoftclock() at Xsoftclock+0x27
buf_get(0,0,10000000) at buf_get+0x77a sys/kern/vfs_bio.c:1196
geteblk(10000000) at geteblk+0x3c sys/kern/vfs_bio.c:1071
readdisklabel(2902,ffffffff81646310,ffff800000da1400,0) at readdisklabel+0x149 sys/arch/amd64/amd64/disksubr.c:96
vndopen(2902,1,2000,ffff8000217112c0) at vndopen+0x17e sys/dev/vnd.c:204
spec_open(ffff80002e65e8e8) at spec_open+0x3e3 sys/kern/spec_vnops.c:150
VOP_OPEN(fffffd807d08eeb8,1,fffffd807f7d7888,ffff8000217112c0) at VOP_OPEN+0x70 sys/kern/vfs_vops.c:138
vn_open(ffff80002e65eb38,1,0) at vn_open+0x452 sys/kern/vfs_vnops.c:177
doopenat(ffff8000217112c0,ffffff9c,20000200,0,0,ffff80002e65ed10) at doopenat+0x26e sys/kern/vfs_syscalls.c:1126
syscall(ffff80002e65ed90) at syscall+0x4a8 sys/arch/amd64/amd64/trap.c:623
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0xfbf22e071a0, count: 179
End of stack trace.
panic: wakeup: p_stat is 0
Starting stack trace...
panic(ffffffff82842e06) at panic+0x159 sys/kern/subr_prf.c:229
wakeup_n(ffffffff82b99060,1) at wakeup_n+0xfc sys/kern/kern_synch.c:545
task_add(ffffffff82b99060,ffffffff82b86420) at task_add+0xfa sys/kern/kern_task.c:376
rtable_delete(0,ffff800000da9c60,0,fffffd806d08bbe8) at rtable_delete+0x397 sys/net/rtable.c:708
rtrequest_delete(ffff80002e65c558,3,ffff800000da6800,ffff80002e65c618,0) at rtrequest_delete+0x14a sys/net/route.c:791
rtdeletemsg(fffffd806d08bbe8,ffff800000da6800,0) at rtdeletemsg+0x1bc sys/net/route.c:681
rt_if_track(ffff800000da6800) at rt_if_track+0x10f sys/net/route.c:1748
if_down(ffff800000da6800) at if_down+0x114 if_linkstate sys/net/if.c:1794 [inline]
if_down(ffff800000da6800) at if_down+0x114 sys/net/if.c:1740
if_downall() at if_downall+0x7d sys/net/if.c:1721
boot(104) at boot+0x123 sys/arch/amd64/amd64/machdep.c:909
reboot(104) at reboot+0x7b
panic(ffffffff82842e06) at panic+0x179 sys/kern/subr_prf.c:231
wakeup_n(ffffffff82b99060,1) at wakeup_n+0xfc sys/kern/kern_synch.c:545
task_add(ffffffff82b99060,ffffffff82b863e0) at task_add+0xfa sys/kern/kern_task.c:376
art_table_put(ffff800000683b80,fffffd8067dc8110) at art_table_put+0x155 sys/net/art.c:781
art_table_delete(ffff800000683b80,fffffd8067dc8110,10,fffffd807d083a70) at art_table_delete+0x17b art_table_rele sys/net/art.c:545 [inline]
art_table_delete(ffff800000683b80,fffffd8067dc8110,10,fffffd807d083a70) at art_table_delete+0x17b art_table_free sys/net/art.c:561 [inline]
art_table_delete(ffff800000683b80,fffffd8067dc8110,10,fffffd807d083a70) at art_table_delete+0x17b sys/net/art.c:530
art_delete(ffff800000683b80,fffffd807d083a70,ffff800000d1aba8,80) at art_delete+0x1db
rtable_delete(0,ffff800000d1aba0,0,fffffd8076694db0) at rtable_delete+0x2c2 sys/net/rtable.c:703
rtrequest_delete(ffff80002e65cbd8,3,ffff800000d87800,ffff80002e65cc98,0) at rtrequest_delete+0x14a sys/net/route.c:791
rtdeletemsg(fffffd8076694db0,ffff800000d87800,0) at rtdeletemsg+0x1bc sys/net/route.c:681
rt_if_track(ffff800000d87800) at rt_if_track+0x10f sys/net/route.c:1748
if_down(ffff800000d87800) at if_down+0x114 if_linkstate sys/net/if.c:1794 [inline]
if_down(ffff800000d87800) at if_down+0x114 sys/net/if.c:1740
if_downall() at if_downall+0x7d sys/net/if.c:1721
boot(104) at boot+0x123 sys/arch/amd64/amd64/machdep.c:909
reboot(104) at reboot+0x7b
panic(ffffffff82842e06) at panic+0x179 sys/kern/subr_prf.c:231
wakeup(fffffd807c8ccb80) at wakeup+0xec sys/kern/kern_synch.c:545
knote_enqueue(fffffd807c899708) at knote_enqueue+0x194 klist_empty sys/sys/event.h:362 [inline]
knote_enqueue(fffffd807c899708) at knote_enqueue+0x194 kqueue_wakeup sys/kern/kern_event.c:1689 [inline]
knote_enqueue(fffffd807c899708) at knote_enqueue+0x194 sys/kern/kern_event.c:2032
knote_locked(fffffd807ca3dbc8,0) at knote_locked+0x11d
sorwakeup(fffffd807ca3dab8) at sorwakeup+0xcd sys/kern/uipc_socket.c:1769
rtm_sendup(fffffd807ca3dab8,fffffd807cc8c800) at rtm_sendup+0xfa sys/net/rtsock.c:604
route_input(fffffd807cc8c800,0,0) at route_input+0x194 sys/net/rtsock.c:574
rtm_ifchg(ffff80000019e2a8) at rtm_ifchg+0xe1 sys/net/rtsock.c:1785
if_down(ffff80000019e2a8) at if_down+0x10c if_linkstate sys/net/if.c:1792 [inline]
if_down(ffff80000019e2a8) at if_down+0x10c sys/net/if.c:1740
if_downall() at if_downall+0x7d sys/net/if.c:1721
boot(104) at boot+0x123 sys/arch/amd64/amd64/machdep.c:909
reboot(104) at reboot+0x7b
panic(ffffffff82842e06) at panic+0x179 sys/kern/subr_prf.c:231
wakeup(fffffd806912cdd0) at wakeup+0xec sys/kern/kern_synch.c:545
sowakeup(fffffd806912cd20,fffffd806912cdd0) at sowakeup+0xfd sys/kern/uipc_socket2.c:548
sorwakeup(fffffd806912cd20) at sorwakeup+0xcd sys/kern/uipc_socket.c:1769
rtm_sendup(fffffd806912cd20,fffffd807cc8c000) at rtm_sendup+0xfa sys/net/rtsock.c:604
route_input(fffffd807cc8c000,0,0) at route_input+0x194 sys/net/rtsock.c:574
rtm_ifchg(ffff8000006b7000) at rtm_ifchg+0xe1 sys/net/rtsock.c:1785
if_down(ffff8000006b7000) at if_down+0x10c if_linkstate sys/net/if.c:1792 [inline]
if_down(ffff8000006b7000) at if_down+0x10c sys/net/if.c:1740
if_downall() at if_downall+0x7d sys/net/if.c:1721
boot(104) at boot+0x123 sys/arch/amd64/amd64/machdep.c:909
reboot(104) at reboot+0x7b
panic(ffffffff82774eaa) at panic+0x179 sys/kern/subr_prf.c:231
kerntrap(ffff80002e65d7d0) at kerntrap+0x1c7 sys/arch/amd64/amd64/trap.c:327
alltraps_kern_meltdown() at alltraps_kern_meltdown+0x7b
schedclock(ffff8000217112c0) at schedclock+0xa6 sys/kern/sched_bsd.c:569
clockintr_statclock(ffffffff82be8ab8,ffff80002e65d9c0) at clockintr_statclock+0x118 sys/kern/kern_clockintr.c:518
clockintr_dispatch(ffff80002e65d9c0) at clockintr_dispatch+0x255 sys/kern/kern_clockintr.c:266
lapic_clockintr(0,4000000000010000) at lapic_clockintr+0x3a sys/arch/amd64/amd64/lapic.c:482
Xresume_lapic_ltimer() at Xresume_lapic_ltimer+0x2a
Xspllower() at Xspllower+0x1d
tsleep(fffffd805fa2a388,11,ffffffff82843bea,0) at tsleep+0x117 sys/kern/kern_synch.c:149
getblk(fffffd807efcfa20,1fa560,4000,0,ffffffffffffffff) at getblk+0x14c sys/kern/vfs_bio.c:1038
bread(fffffd807efcfa20,1fa560,4000,ffff80002e65dd78) at bread+0x3e bio_doread sys/kern/vfs_bio.c:433 [inline]
bread(fffffd807efcfa20,1fa560,4000,ffff80002e65dd78) at bread+0x3e sys/kern/vfs_bio.c:478
ffs_update(fffffd805ef193c0,1) at ffs_update+0x14f sys/ufs/ffs/ffs_inode.c:91
ffs_truncate(fffffd805ef193c0,0,0,ffffffffffffffff) at ffs_truncate+0xcd5
ufs_inactive(ffff80002e65e038) at ufs_inactive+0x152 sys/ufs/ufs/ufs_inode.c:84
VOP_INACTIVE(fffffd805a8d2468,ffff8000217112c0) at VOP_INACTIVE+0xbf sys/kern/vfs_vops.c:489
vput(fffffd805a8d2468) at vput+0xa7 sys/kern/vfs_subr.c:779
vn_close(fffffd805a8d2468,2,ffffffffffffffff,ffff8000217112c0) at vn_close+0x82 sys/kern/vfs_vnops.c:294
acct_shutdown() at acct_shutdown+0x66 sys/kern/kern_acct.c:359
vfs_shutdown(ffff8000217112c0) at vfs_shutdown+0x1a sys/kern/vfs_subr.c:1779
boot(100) at boot+0xbf sys/arch/amd64/amd64/machdep.c:901
reboot(100) at reboot+0x7b
panic(ffffffff82842e06) at panic+0x179 sys/kern/subr_prf.c:231
wakeup(fffffd805fa2a388) at wakeup+0xec sys/kern/kern_synch.c:545
sd_buf_done(fffffd805f6c25f8) at sd_buf_done+0x1fd sys/scsi/sd.c:772
vioscsi_vq_done(ffff8000000a2228) at vioscsi_vq_done+0xb1 sys/dev/pv/vioscsi.c:350
intr_handler(ffff80002e65e3b0,ffff80000006a080) at intr_handler+0x4f sys/arch/amd64/amd64/intr.c:537
Xintr_ioapic_edge23_untramp() at Xintr_ioapic_edge23_untramp+0x18f
Xspllower() at Xspllower+0x1d
softintr_dispatch(0) at softintr_dispatch+0xc4 sys/arch/amd64/amd64/softintr.c:103
Xsoftclock() at Xsoftclock+0x27
buf_get(0,0,10000000) at buf_get+0x77a sys/kern/vfs_bio.c:1196
geteblk(10000000) at geteblk+0x3c sys/kern/vfs_bio.c:1071
readdisklabel(2902,ffffffff81646310,ffff800000da1400,0) at readdisklabel+0x149 sys/arch/amd64/amd64/disksubr.c:96
vndopen(2902,1,2000,ffff8000217112c0) at vndopen+0x17e sys/dev/vnd.c:204
spec_open(ffff80002e65e8e8) at spec_open+0x3e3 sys/kern/spec_vnops.c:150
VOP_OPEN(fffffd807d08eeb8,1,fffffd807f7d7888,ffff8000217112c0) at VOP_OPEN+0x70 sys/kern/vfs_vops.c:138
vn_open(ffff80002e65eb38,1,0) at vn_open+0x452 sys/kern/vfs_vnops.c:177
doopenat(ffff8000217112c0,ffffff9c,20000200,0,0,ffff80002e65ed10) at doopenat+0x26e sys/kern/vfs_syscalls.c:1126
syscall(ffff80002e65ed90) at syscall+0x4a8 sys/arch/amd64/amd64/trap.c:623
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0xfbf22e071a0, count: 168
End of stack trace.
fatal double fault in supervisor mode
trap type 13 code 0 rip ffffffff817a73b8 cs 8 rflags 10286 cr2 ffff80002e65aff8 cpl c rsp ffff80002e65b000
gsbase 0xffffffff82be7ff0 kgsbase 0x0
panic: trap type 13, code=0, pc=ffffffff817a73b8
Starting stack trace...
panic(ffffffff82774eaa) at panic+0x159 sys/kern/subr_prf.c:229
kerntrap(ffffffff82be7730) at kerntrap+0x1c7 sys/arch/amd64/amd64/trap.c:327
Xcalltrap_specstk_untramp() at Xcalltrap_specstk_untramp+0xf
Bad frame pointer: 0xffff80002e65b080
end trace frame: 0xffff80002e65b080, count: 254
End of stack trace.
dump to dev 4,1 not possible
panic: wakeup: p_stat is 0
Starting stack trace...
panic(ffffffff82842e06) at panic+0x159 sys/kern/subr_prf.c:229
wakeup(fffffd80686b5a20) at wakeup+0xec sys/kern/kern_synch.c:545
sd_buf_done(fffffd805f6c20e8) at sd_buf_done+0x1fd sys/scsi/sd.c:772
vioscsi_vq_done(ffff8000000a2228) at vioscsi_vq_done+0xb1 sys/dev/pv/vioscsi.c:350
virtio_check_vqs(ffff800000024800) at virtio_check_vqs+0x160 virtio_check_vq sys/dev/pv/virtio.c:240 [inline]
virtio_check_vqs(ffff800000024800) at virtio_check_vqs+0x160 sys/dev/pv/virtio.c:225
virtio_pci_poll_intr(ffff800000024800) at virtio_pci_poll_intr+0x55 sys/dev/pci/virtio_pci.c:1096
vioscsi_scsi_cmd(fffffd805f6c2010) at vioscsi_scsi_cmd+0x400 sys/dev/pv/vioscsi.c:270
scsi_xs_sync(fffffd805f6c2010) at scsi_xs_sync+0xaa sys/scsi/scsi_base.c:1528
sdactivate(ffff800000024a00,6) at sdactivate+0x20c sd_flush sys/scsi/sd.c:1880 [inline]
sdactivate(ffff800000024a00,6) at sdactivate+0x20c sys/scsi/sd.c:271
config_suspend(ffff800000024a00,6) at config_suspend+0x4f sys/kern/subr_autoconf.c:831
scsibusactivate(ffff80000004b400,6) at scsibusactivate+0x7b scsi_activate_link sys/scsi/scsiconf.c:410 [inline]
scsibusactivate(ffff80000004b400,6) at scsibusactivate+0x7b scsi_activate_bus sys/scsi/scsiconf.c:360 [inline]
scsibusactivate(ffff80000004b400,6) at scsibusactivate+0x7b sys/scsi/scsiconf.c:259
config_activate_children(ffff8000000a2000,6) at config_activate_children+0x127 config_suspend sys/kern/subr_autoconf.c:831 [inline]
config_activate_children(ffff8000000a2000,6) at config_activate_children+0x127 sys/kern/subr_autoconf.c:893
config_activate_children(ffff800000024800,6) at config_activate_children+0x139 sys/kern/subr_autoconf.c:893
config_activate_children(ffff80000002f500,6) at config_activate_children+0x139 sys/kern/subr_autoconf.c:893
pciactivate(ffff80000002f500,6) at pciactivate+0x79 sys/dev/pci/pci.c:230
config_activate_children(ffff80000002c280,6) at config_activate_children+0x127 config_suspend sys/kern/subr_autoconf.c:831 [inline]
config_activate_children(ffff80000002c280,6) at config_activate_children+0x127 sys/kern/subr_autoconf.c:893
config_suspend_all(6) at config_suspend_all+0x30c sys/kern/subr_autoconf.c:855
boot(104) at boot+0x171 sys/arch/amd64/amd64/machdep.c:923
reboot(104) at reboot+0x7b
panic(ffffffff82774eaa) at panic+0x179 sys/kern/subr_prf.c:231
kerntrap(ffffffff82be7730) at kerntrap+0x1c7 sys/arch/amd64/amd64/trap.c:327
Xcalltrap_specstk_untramp() at Xcalltrap_specstk_untramp+0xf
Bad frame pointer: 0xffff80002e65b080
end trace frame: 0xffff80002e65b080, count: 235
End of stack trace.
The operating system has halted.
Please press any key to reboot.
rebooting...
SeaBIOS (version 1.8.2-google)
Total RAM Size = 0x0000000080000000 = 2048 MiB
CPUs found: 2 Max CPUs supported: 2
SeaBIOS (version 1.8.2-google)
Machine UUID 0fee9609-1d66-d0cb-3385-b9d53e0469ef
found virtio-scsi at 0:3
virtio-scsi vendor='Google' product='PersistentDisk' rev='1' type=0 removable=0
virtio-scsi blksize=512 sectors=4194304 = 2048 MiB
drive 0x000f2880: PCHS=0/0/0 translation=lba LCHS=520/128/63 s=4194304
Sending Seabios boot VM event.
Booting from Hard Disk 0...
>> OpenBSD/amd64 BOOT 3.65
boot> trace
| / - \ | / - \ | / booting hd0a:trace: - \ | / open hd0a:trace: No such file or directory
failed(2). will try /bsd
boot> show registers
boot> show proc
boot> ps
boot> show all locks
boot> show malloc
boot> show all pools
boot> machine ddbcpu 0
machine: syntax error
boot> trace
boot> machine ddbcpu 1
machine: syntax error
boot> trace
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
If the bug is already fixed, let syzbot know by replying with:
#syz fix: exact-commit-title
If you want to overwrite bug's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)
If the bug is a duplicate of another bug, reply with:
#syz dup: exact-subject-of-another-report
If you want to undo deduplication, reply with:
#syz undup
syzbot found the following issue on:
HEAD commit: 1c33b230a824 Allow UDP for built-in inetd(8) services on 1..
git tree: openbsd
console output: https://syzkaller.appspot.com/x/log.txt?x=13d25d2fa80000
kernel config: https://syzkaller.appspot.com/x/.config?x=1bc15e68cd2a49e5
dashboard link: https://syzkaller.appspot.com/bug?extid=b8200678a074d118744c
Unfortunately, I don't have any reproducer for this issue yet.
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/bef6fe7a5176/disk-1c33b230.raw.xz
bsd.gdb: https://storage.googleapis.com/syzbot-assets/2f57caa645f9/bsd-1c33b230.gdb.xz
kernel image: https://storage.googleapis.com/syzbot-assets/10065c32ad81/kernel-1c33b230.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+b82006...@syzkaller.appspotmail.com
panic: wakeup: p_stat is 0
Starting stack trace...
panic(ffffffff82842e06) at panic+0x159 sys/kern/subr_prf.c:229
wakeup(fffffd805fa2a388) at wakeup+0xec sys/kern/kern_synch.c:545
sd_buf_done(fffffd805f6c25f8) at sd_buf_done+0x1fd sys/scsi/sd.c:772
vioscsi_vq_done(ffff8000000a2228) at vioscsi_vq_done+0xb1 sys/dev/pv/vioscsi.c:350
intr_handler(ffff80002e65e3b0,ffff80000006a080) at intr_handler+0x4f sys/arch/amd64/amd64/intr.c:537
Xintr_ioapic_edge23_untramp() at Xintr_ioapic_edge23_untramp+0x18f
Xspllower() at Xspllower+0x1d
softintr_dispatch(0) at softintr_dispatch+0xc4 sys/arch/amd64/amd64/softintr.c:103
Xsoftclock() at Xsoftclock+0x27
buf_get(0,0,10000000) at buf_get+0x77a sys/kern/vfs_bio.c:1196
geteblk(10000000) at geteblk+0x3c sys/kern/vfs_bio.c:1071
readdisklabel(2902,ffffffff81646310,ffff800000da1400,0) at readdisklabel+0x149 sys/arch/amd64/amd64/disksubr.c:96
vndopen(2902,1,2000,ffff8000217112c0) at vndopen+0x17e sys/dev/vnd.c:204
spec_open(ffff80002e65e8e8) at spec_open+0x3e3 sys/kern/spec_vnops.c:150
VOP_OPEN(fffffd807d08eeb8,1,fffffd807f7d7888,ffff8000217112c0) at VOP_OPEN+0x70 sys/kern/vfs_vops.c:138
vn_open(ffff80002e65eb38,1,0) at vn_open+0x452 sys/kern/vfs_vnops.c:177
doopenat(ffff8000217112c0,ffffff9c,20000200,0,0,ffff80002e65ed10) at doopenat+0x26e sys/kern/vfs_syscalls.c:1126
syscall(ffff80002e65ed90) at syscall+0x4a8 sys/arch/amd64/amd64/trap.c:623
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0xfbf22e071a0, count: 238
End of stack trace.
fatal page fault in supervisor mode
trap type 6 code 0 rip ffffffff82511e06 cs 8 rflags 10297 cr2 344 cpl c rsp ffff80002e65d880
gsbase 0xffffffff82be7ff0 kgsbase 0x0
panic: trap type 6, code=0, pc=ffffffff82511e06
Starting stack trace...
panic(ffffffff82774eaa) at panic+0x159 sys/kern/subr_prf.c:229
kerntrap(ffff80002e65d7d0) at kerntrap+0x1c7 sys/arch/amd64/amd64/trap.c:327
alltraps_kern_meltdown() at alltraps_kern_meltdown+0x7b
schedclock(ffff8000217112c0) at schedclock+0xa6 sys/kern/sched_bsd.c:569
clockintr_statclock(ffffffff82be8ab8,ffff80002e65d9c0) at clockintr_statclock+0x118 sys/kern/kern_clockintr.c:518
clockintr_dispatch(ffff80002e65d9c0) at clockintr_dispatch+0x255 sys/kern/kern_clockintr.c:266
lapic_clockintr(0,4000000000010000) at lapic_clockintr+0x3a sys/arch/amd64/amd64/lapic.c:482
Xresume_lapic_ltimer() at Xresume_lapic_ltimer+0x2a
Xspllower() at Xspllower+0x1d
tsleep(fffffd805fa2a388,11,ffffffff82843bea,0) at tsleep+0x117 sys/kern/kern_synch.c:149
getblk(fffffd807efcfa20,1fa560,4000,0,ffffffffffffffff) at getblk+0x14c sys/kern/vfs_bio.c:1038
bread(fffffd807efcfa20,1fa560,4000,ffff80002e65dd78) at bread+0x3e bio_doread sys/kern/vfs_bio.c:433 [inline]
bread(fffffd807efcfa20,1fa560,4000,ffff80002e65dd78) at bread+0x3e sys/kern/vfs_bio.c:478
ffs_update(fffffd805ef193c0,1) at ffs_update+0x14f sys/ufs/ffs/ffs_inode.c:91
ffs_truncate(fffffd805ef193c0,0,0,ffffffffffffffff) at ffs_truncate+0xcd5
ufs_inactive(ffff80002e65e038) at ufs_inactive+0x152 sys/ufs/ufs/ufs_inode.c:84
VOP_INACTIVE(fffffd805a8d2468,ffff8000217112c0) at VOP_INACTIVE+0xbf sys/kern/vfs_vops.c:489
vput(fffffd805a8d2468) at vput+0xa7 sys/kern/vfs_subr.c:779
vn_close(fffffd805a8d2468,2,ffffffffffffffff,ffff8000217112c0) at vn_close+0x82 sys/kern/vfs_vnops.c:294
acct_shutdown() at acct_shutdown+0x66 sys/kern/kern_acct.c:359
vfs_shutdown(ffff8000217112c0) at vfs_shutdown+0x1a sys/kern/vfs_subr.c:1779
boot(100) at boot+0xbf sys/arch/amd64/amd64/machdep.c:901
reboot(100) at reboot+0x7b
panic(ffffffff82842e06) at panic+0x179 sys/kern/subr_prf.c:231
wakeup(fffffd805fa2a388) at wakeup+0xec sys/kern/kern_synch.c:545
sd_buf_done(fffffd805f6c25f8) at sd_buf_done+0x1fd sys/scsi/sd.c:772
vioscsi_vq_done(ffff8000000a2228) at vioscsi_vq_done+0xb1 sys/dev/pv/vioscsi.c:350
intr_handler(ffff80002e65e3b0,ffff80000006a080) at intr_handler+0x4f sys/arch/amd64/amd64/intr.c:537
Xintr_ioapic_edge23_untramp() at Xintr_ioapic_edge23_untramp+0x18f
Xspllower() at Xspllower+0x1d
softintr_dispatch(0) at softintr_dispatch+0xc4 sys/arch/amd64/amd64/softintr.c:103
Xsoftclock() at Xsoftclock+0x27
buf_get(0,0,10000000) at buf_get+0x77a sys/kern/vfs_bio.c:1196
geteblk(10000000) at geteblk+0x3c sys/kern/vfs_bio.c:1071
readdisklabel(2902,ffffffff81646310,ffff800000da1400,0) at readdisklabel+0x149 sys/arch/amd64/amd64/disksubr.c:96
vndopen(2902,1,2000,ffff8000217112c0) at vndopen+0x17e sys/dev/vnd.c:204
spec_open(ffff80002e65e8e8) at spec_open+0x3e3 sys/kern/spec_vnops.c:150
VOP_OPEN(fffffd807d08eeb8,1,fffffd807f7d7888,ffff8000217112c0) at VOP_OPEN+0x70 sys/kern/vfs_vops.c:138
vn_open(ffff80002e65eb38,1,0) at vn_open+0x452 sys/kern/vfs_vnops.c:177
doopenat(ffff8000217112c0,ffffff9c,20000200,0,0,ffff80002e65ed10) at doopenat+0x26e sys/kern/vfs_syscalls.c:1126
syscall(ffff80002e65ed90) at syscall+0x4a8 sys/arch/amd64/amd64/trap.c:623
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0xfbf22e071a0, count: 216
End of stack trace.
panic: wakeup: p_stat is 0
Starting stack trace...
panic(ffffffff82842e06) at panic+0x159 sys/kern/subr_prf.c:229
wakeup(fffffd806912cdd0) at wakeup+0xec sys/kern/kern_synch.c:545
sowakeup(fffffd806912cd20,fffffd806912cdd0) at sowakeup+0xfd sys/kern/uipc_socket2.c:548
sorwakeup(fffffd806912cd20) at sorwakeup+0xcd sys/kern/uipc_socket.c:1769
rtm_sendup(fffffd806912cd20,fffffd807cc8c000) at rtm_sendup+0xfa sys/net/rtsock.c:604
route_input(fffffd807cc8c000,0,0) at route_input+0x194 sys/net/rtsock.c:574
rtm_ifchg(ffff8000006b7000) at rtm_ifchg+0xe1 sys/net/rtsock.c:1785
if_down(ffff8000006b7000) at if_down+0x10c if_linkstate sys/net/if.c:1792 [inline]
if_down(ffff8000006b7000) at if_down+0x10c sys/net/if.c:1740
if_downall() at if_downall+0x7d sys/net/if.c:1721
boot(104) at boot+0x123 sys/arch/amd64/amd64/machdep.c:909
reboot(104) at reboot+0x7b
panic(ffffffff82774eaa) at panic+0x179 sys/kern/subr_prf.c:231
kerntrap(ffff80002e65d7d0) at kerntrap+0x1c7 sys/arch/amd64/amd64/trap.c:327
alltraps_kern_meltdown() at alltraps_kern_meltdown+0x7b
schedclock(ffff8000217112c0) at schedclock+0xa6 sys/kern/sched_bsd.c:569
clockintr_statclock(ffffffff82be8ab8,ffff80002e65d9c0) at clockintr_statclock+0x118 sys/kern/kern_clockintr.c:518
clockintr_dispatch(ffff80002e65d9c0) at clockintr_dispatch+0x255 sys/kern/kern_clockintr.c:266
lapic_clockintr(0,4000000000010000) at lapic_clockintr+0x3a sys/arch/amd64/amd64/lapic.c:482
Xresume_lapic_ltimer() at Xresume_lapic_ltimer+0x2a
Xspllower() at Xspllower+0x1d
tsleep(fffffd805fa2a388,11,ffffffff82843bea,0) at tsleep+0x117 sys/kern/kern_synch.c:149
getblk(fffffd807efcfa20,1fa560,4000,0,ffffffffffffffff) at getblk+0x14c sys/kern/vfs_bio.c:1038
bread(fffffd807efcfa20,1fa560,4000,ffff80002e65dd78) at bread+0x3e bio_doread sys/kern/vfs_bio.c:433 [inline]
bread(fffffd807efcfa20,1fa560,4000,ffff80002e65dd78) at bread+0x3e sys/kern/vfs_bio.c:478
ffs_update(fffffd805ef193c0,1) at ffs_update+0x14f sys/ufs/ffs/ffs_inode.c:91
ffs_truncate(fffffd805ef193c0,0,0,ffffffffffffffff) at ffs_truncate+0xcd5
ufs_inactive(ffff80002e65e038) at ufs_inactive+0x152 sys/ufs/ufs/ufs_inode.c:84
VOP_INACTIVE(fffffd805a8d2468,ffff8000217112c0) at VOP_INACTIVE+0xbf sys/kern/vfs_vops.c:489
vput(fffffd805a8d2468) at vput+0xa7 sys/kern/vfs_subr.c:779
vn_close(fffffd805a8d2468,2,ffffffffffffffff,ffff8000217112c0) at vn_close+0x82 sys/kern/vfs_vnops.c:294
acct_shutdown() at acct_shutdown+0x66 sys/kern/kern_acct.c:359
vfs_shutdown(ffff8000217112c0) at vfs_shutdown+0x1a sys/kern/vfs_subr.c:1779
boot(100) at boot+0xbf sys/arch/amd64/amd64/machdep.c:901
reboot(100) at reboot+0x7b
panic(ffffffff82842e06) at panic+0x179 sys/kern/subr_prf.c:231
wakeup(fffffd805fa2a388) at wakeup+0xec sys/kern/kern_synch.c:545
sd_buf_done(fffffd805f6c25f8) at sd_buf_done+0x1fd sys/scsi/sd.c:772
vioscsi_vq_done(ffff8000000a2228) at vioscsi_vq_done+0xb1 sys/dev/pv/vioscsi.c:350
intr_handler(ffff80002e65e3b0,ffff80000006a080) at intr_handler+0x4f sys/arch/amd64/amd64/intr.c:537
Xintr_ioapic_edge23_untramp() at Xintr_ioapic_edge23_untramp+0x18f
Xspllower() at Xspllower+0x1d
softintr_dispatch(0) at softintr_dispatch+0xc4 sys/arch/amd64/amd64/softintr.c:103
Xsoftclock() at Xsoftclock+0x27
buf_get(0,0,10000000) at buf_get+0x77a sys/kern/vfs_bio.c:1196
geteblk(10000000) at geteblk+0x3c sys/kern/vfs_bio.c:1071
readdisklabel(2902,ffffffff81646310,ffff800000da1400,0) at readdisklabel+0x149 sys/arch/amd64/amd64/disksubr.c:96
vndopen(2902,1,2000,ffff8000217112c0) at vndopen+0x17e sys/dev/vnd.c:204
spec_open(ffff80002e65e8e8) at spec_open+0x3e3 sys/kern/spec_vnops.c:150
VOP_OPEN(fffffd807d08eeb8,1,fffffd807f7d7888,ffff8000217112c0) at VOP_OPEN+0x70 sys/kern/vfs_vops.c:138
vn_open(ffff80002e65eb38,1,0) at vn_open+0x452 sys/kern/vfs_vnops.c:177
doopenat(ffff8000217112c0,ffffff9c,20000200,0,0,ffff80002e65ed10) at doopenat+0x26e sys/kern/vfs_syscalls.c:1126
syscall(ffff80002e65ed90) at syscall+0x4a8 sys/arch/amd64/amd64/trap.c:623
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0xfbf22e071a0, count: 205
End of stack trace.
panic: wakeup: p_stat is 0
Starting stack trace...
panic(ffffffff82842e06) at panic+0x159 sys/kern/subr_prf.c:229
wakeup(fffffd807c8ccb80) at wakeup+0xec sys/kern/kern_synch.c:545
knote_enqueue(fffffd807c899708) at knote_enqueue+0x194 klist_empty sys/sys/event.h:362 [inline]
knote_enqueue(fffffd807c899708) at knote_enqueue+0x194 kqueue_wakeup sys/kern/kern_event.c:1689 [inline]
knote_enqueue(fffffd807c899708) at knote_enqueue+0x194 sys/kern/kern_event.c:2032
knote_locked(fffffd807ca3dbc8,0) at knote_locked+0x11d
sorwakeup(fffffd807ca3dab8) at sorwakeup+0xcd sys/kern/uipc_socket.c:1769
rtm_sendup(fffffd807ca3dab8,fffffd807cc8c800) at rtm_sendup+0xfa sys/net/rtsock.c:604
route_input(fffffd807cc8c800,0,0) at route_input+0x194 sys/net/rtsock.c:574
rtm_ifchg(ffff80000019e2a8) at rtm_ifchg+0xe1 sys/net/rtsock.c:1785
if_down(ffff80000019e2a8) at if_down+0x10c if_linkstate sys/net/if.c:1792 [inline]
if_down(ffff80000019e2a8) at if_down+0x10c sys/net/if.c:1740
if_downall() at if_downall+0x7d sys/net/if.c:1721
boot(104) at boot+0x123 sys/arch/amd64/amd64/machdep.c:909
reboot(104) at reboot+0x7b
panic(ffffffff82842e06) at panic+0x179 sys/kern/subr_prf.c:231
wakeup(fffffd806912cdd0) at wakeup+0xec sys/kern/kern_synch.c:545
sowakeup(fffffd806912cd20,fffffd806912cdd0) at sowakeup+0xfd sys/kern/uipc_socket2.c:548
sorwakeup(fffffd806912cd20) at sorwakeup+0xcd sys/kern/uipc_socket.c:1769
rtm_sendup(fffffd806912cd20,fffffd807cc8c000) at rtm_sendup+0xfa sys/net/rtsock.c:604
route_input(fffffd807cc8c000,0,0) at route_input+0x194 sys/net/rtsock.c:574
rtm_ifchg(ffff8000006b7000) at rtm_ifchg+0xe1 sys/net/rtsock.c:1785
if_down(ffff8000006b7000) at if_down+0x10c if_linkstate sys/net/if.c:1792 [inline]
if_down(ffff8000006b7000) at if_down+0x10c sys/net/if.c:1740
if_downall() at if_downall+0x7d sys/net/if.c:1721
boot(104) at boot+0x123 sys/arch/amd64/amd64/machdep.c:909
reboot(104) at reboot+0x7b
panic(ffffffff82774eaa) at panic+0x179 sys/kern/subr_prf.c:231
kerntrap(ffff80002e65d7d0) at kerntrap+0x1c7 sys/arch/amd64/amd64/trap.c:327
alltraps_kern_meltdown() at alltraps_kern_meltdown+0x7b
schedclock(ffff8000217112c0) at schedclock+0xa6 sys/kern/sched_bsd.c:569
clockintr_statclock(ffffffff82be8ab8,ffff80002e65d9c0) at clockintr_statclock+0x118 sys/kern/kern_clockintr.c:518
clockintr_dispatch(ffff80002e65d9c0) at clockintr_dispatch+0x255 sys/kern/kern_clockintr.c:266
lapic_clockintr(0,4000000000010000) at lapic_clockintr+0x3a sys/arch/amd64/amd64/lapic.c:482
Xresume_lapic_ltimer() at Xresume_lapic_ltimer+0x2a
Xspllower() at Xspllower+0x1d
tsleep(fffffd805fa2a388,11,ffffffff82843bea,0) at tsleep+0x117 sys/kern/kern_synch.c:149
getblk(fffffd807efcfa20,1fa560,4000,0,ffffffffffffffff) at getblk+0x14c sys/kern/vfs_bio.c:1038
bread(fffffd807efcfa20,1fa560,4000,ffff80002e65dd78) at bread+0x3e bio_doread sys/kern/vfs_bio.c:433 [inline]
bread(fffffd807efcfa20,1fa560,4000,ffff80002e65dd78) at bread+0x3e sys/kern/vfs_bio.c:478
ffs_update(fffffd805ef193c0,1) at ffs_update+0x14f sys/ufs/ffs/ffs_inode.c:91
ffs_truncate(fffffd805ef193c0,0,0,ffffffffffffffff) at ffs_truncate+0xcd5
ufs_inactive(ffff80002e65e038) at ufs_inactive+0x152 sys/ufs/ufs/ufs_inode.c:84
VOP_INACTIVE(fffffd805a8d2468,ffff8000217112c0) at VOP_INACTIVE+0xbf sys/kern/vfs_vops.c:489
vput(fffffd805a8d2468) at vput+0xa7 sys/kern/vfs_subr.c:779
vn_close(fffffd805a8d2468,2,ffffffffffffffff,ffff8000217112c0) at vn_close+0x82 sys/kern/vfs_vnops.c:294
acct_shutdown() at acct_shutdown+0x66 sys/kern/kern_acct.c:359
vfs_shutdown(ffff8000217112c0) at vfs_shutdown+0x1a sys/kern/vfs_subr.c:1779
boot(100) at boot+0xbf sys/arch/amd64/amd64/machdep.c:901
reboot(100) at reboot+0x7b
panic(ffffffff82842e06) at panic+0x179 sys/kern/subr_prf.c:231
wakeup(fffffd805fa2a388) at wakeup+0xec sys/kern/kern_synch.c:545
sd_buf_done(fffffd805f6c25f8) at sd_buf_done+0x1fd sys/scsi/sd.c:772
vioscsi_vq_done(ffff8000000a2228) at vioscsi_vq_done+0xb1 sys/dev/pv/vioscsi.c:350
intr_handler(ffff80002e65e3b0,ffff80000006a080) at intr_handler+0x4f sys/arch/amd64/amd64/intr.c:537
Xintr_ioapic_edge23_untramp() at Xintr_ioapic_edge23_untramp+0x18f
Xspllower() at Xspllower+0x1d
softintr_dispatch(0) at softintr_dispatch+0xc4 sys/arch/amd64/amd64/softintr.c:103
Xsoftclock() at Xsoftclock+0x27
buf_get(0,0,10000000) at buf_get+0x77a sys/kern/vfs_bio.c:1196
geteblk(10000000) at geteblk+0x3c sys/kern/vfs_bio.c:1071
readdisklabel(2902,ffffffff81646310,ffff800000da1400,0) at readdisklabel+0x149 sys/arch/amd64/amd64/disksubr.c:96
vndopen(2902,1,2000,ffff8000217112c0) at vndopen+0x17e sys/dev/vnd.c:204
spec_open(ffff80002e65e8e8) at spec_open+0x3e3 sys/kern/spec_vnops.c:150
VOP_OPEN(fffffd807d08eeb8,1,fffffd807f7d7888,ffff8000217112c0) at VOP_OPEN+0x70 sys/kern/vfs_vops.c:138
vn_open(ffff80002e65eb38,1,0) at vn_open+0x452 sys/kern/vfs_vnops.c:177
doopenat(ffff8000217112c0,ffffff9c,20000200,0,0,ffff80002e65ed10) at doopenat+0x26e sys/kern/vfs_syscalls.c:1126
syscall(ffff80002e65ed90) at syscall+0x4a8 sys/arch/amd64/amd64/trap.c:623
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0xfbf22e071a0, count: 193
End of stack trace.
panic: wakeup: p_stat is 0
Starting stack trace...
panic(ffffffff82842e06) at panic+0x159 sys/kern/subr_prf.c:229
wakeup_n(ffffffff82b99060,1) at wakeup_n+0xfc sys/kern/kern_synch.c:545
task_add(ffffffff82b99060,ffffffff82b863e0) at task_add+0xfa sys/kern/kern_task.c:376
art_table_put(ffff800000683b80,fffffd8067dc8110) at art_table_put+0x155 sys/net/art.c:781
art_table_delete(ffff800000683b80,fffffd8067dc8110,10,fffffd807d083a70) at art_table_delete+0x17b art_table_rele sys/net/art.c:545 [inline]
art_table_delete(ffff800000683b80,fffffd8067dc8110,10,fffffd807d083a70) at art_table_delete+0x17b art_table_free sys/net/art.c:561 [inline]
art_table_delete(ffff800000683b80,fffffd8067dc8110,10,fffffd807d083a70) at art_table_delete+0x17b sys/net/art.c:530
art_delete(ffff800000683b80,fffffd807d083a70,ffff800000d1aba8,80) at art_delete+0x1db
rtable_delete(0,ffff800000d1aba0,0,fffffd8076694db0) at rtable_delete+0x2c2 sys/net/rtable.c:703
rtrequest_delete(ffff80002e65cbd8,3,ffff800000d87800,ffff80002e65cc98,0) at rtrequest_delete+0x14a sys/net/route.c:791
rtdeletemsg(fffffd8076694db0,ffff800000d87800,0) at rtdeletemsg+0x1bc sys/net/route.c:681
rt_if_track(ffff800000d87800) at rt_if_track+0x10f sys/net/route.c:1748
if_down(ffff800000d87800) at if_down+0x114 if_linkstate sys/net/if.c:1794 [inline]
if_down(ffff800000d87800) at if_down+0x114 sys/net/if.c:1740
if_downall() at if_downall+0x7d sys/net/if.c:1721
boot(104) at boot+0x123 sys/arch/amd64/amd64/machdep.c:909
reboot(104) at reboot+0x7b
panic(ffffffff82842e06) at panic+0x179 sys/kern/subr_prf.c:231
wakeup(fffffd807c8ccb80) at wakeup+0xec sys/kern/kern_synch.c:545
knote_enqueue(fffffd807c899708) at knote_enqueue+0x194 klist_empty sys/sys/event.h:362 [inline]
knote_enqueue(fffffd807c899708) at knote_enqueue+0x194 kqueue_wakeup sys/kern/kern_event.c:1689 [inline]
knote_enqueue(fffffd807c899708) at knote_enqueue+0x194 sys/kern/kern_event.c:2032
knote_locked(fffffd807ca3dbc8,0) at knote_locked+0x11d
sorwakeup(fffffd807ca3dab8) at sorwakeup+0xcd sys/kern/uipc_socket.c:1769
rtm_sendup(fffffd807ca3dab8,fffffd807cc8c800) at rtm_sendup+0xfa sys/net/rtsock.c:604
route_input(fffffd807cc8c800,0,0) at route_input+0x194 sys/net/rtsock.c:574
rtm_ifchg(ffff80000019e2a8) at rtm_ifchg+0xe1 sys/net/rtsock.c:1785
if_down(ffff80000019e2a8) at if_down+0x10c if_linkstate sys/net/if.c:1792 [inline]
if_down(ffff80000019e2a8) at if_down+0x10c sys/net/if.c:1740
if_downall() at if_downall+0x7d sys/net/if.c:1721
boot(104) at boot+0x123 sys/arch/amd64/amd64/machdep.c:909
reboot(104) at reboot+0x7b
panic(ffffffff82842e06) at panic+0x179 sys/kern/subr_prf.c:231
wakeup(fffffd806912cdd0) at wakeup+0xec sys/kern/kern_synch.c:545
sowakeup(fffffd806912cd20,fffffd806912cdd0) at sowakeup+0xfd sys/kern/uipc_socket2.c:548
sorwakeup(fffffd806912cd20) at sorwakeup+0xcd sys/kern/uipc_socket.c:1769
rtm_sendup(fffffd806912cd20,fffffd807cc8c000) at rtm_sendup+0xfa sys/net/rtsock.c:604
route_input(fffffd807cc8c000,0,0) at route_input+0x194 sys/net/rtsock.c:574
rtm_ifchg(ffff8000006b7000) at rtm_ifchg+0xe1 sys/net/rtsock.c:1785
if_down(ffff8000006b7000) at if_down+0x10c if_linkstate sys/net/if.c:1792 [inline]
if_down(ffff8000006b7000) at if_down+0x10c sys/net/if.c:1740
if_downall() at if_downall+0x7d sys/net/if.c:1721
boot(104) at boot+0x123 sys/arch/amd64/amd64/machdep.c:909
reboot(104) at reboot+0x7b
panic(ffffffff82774eaa) at panic+0x179 sys/kern/subr_prf.c:231
kerntrap(ffff80002e65d7d0) at kerntrap+0x1c7 sys/arch/amd64/amd64/trap.c:327
alltraps_kern_meltdown() at alltraps_kern_meltdown+0x7b
schedclock(ffff8000217112c0) at schedclock+0xa6 sys/kern/sched_bsd.c:569
clockintr_statclock(ffffffff82be8ab8,ffff80002e65d9c0) at clockintr_statclock+0x118 sys/kern/kern_clockintr.c:518
clockintr_dispatch(ffff80002e65d9c0) at clockintr_dispatch+0x255 sys/kern/kern_clockintr.c:266
lapic_clockintr(0,4000000000010000) at lapic_clockintr+0x3a sys/arch/amd64/amd64/lapic.c:482
Xresume_lapic_ltimer() at Xresume_lapic_ltimer+0x2a
Xspllower() at Xspllower+0x1d
tsleep(fffffd805fa2a388,11,ffffffff82843bea,0) at tsleep+0x117 sys/kern/kern_synch.c:149
getblk(fffffd807efcfa20,1fa560,4000,0,ffffffffffffffff) at getblk+0x14c sys/kern/vfs_bio.c:1038
bread(fffffd807efcfa20,1fa560,4000,ffff80002e65dd78) at bread+0x3e bio_doread sys/kern/vfs_bio.c:433 [inline]
bread(fffffd807efcfa20,1fa560,4000,ffff80002e65dd78) at bread+0x3e sys/kern/vfs_bio.c:478
ffs_update(fffffd805ef193c0,1) at ffs_update+0x14f sys/ufs/ffs/ffs_inode.c:91
ffs_truncate(fffffd805ef193c0,0,0,ffffffffffffffff) at ffs_truncate+0xcd5
ufs_inactive(ffff80002e65e038) at ufs_inactive+0x152 sys/ufs/ufs/ufs_inode.c:84
VOP_INACTIVE(fffffd805a8d2468,ffff8000217112c0) at VOP_INACTIVE+0xbf sys/kern/vfs_vops.c:489
vput(fffffd805a8d2468) at vput+0xa7 sys/kern/vfs_subr.c:779
vn_close(fffffd805a8d2468,2,ffffffffffffffff,ffff8000217112c0) at vn_close+0x82 sys/kern/vfs_vnops.c:294
acct_shutdown() at acct_shutdown+0x66 sys/kern/kern_acct.c:359
vfs_shutdown(ffff8000217112c0) at vfs_shutdown+0x1a sys/kern/vfs_subr.c:1779
boot(100) at boot+0xbf sys/arch/amd64/amd64/machdep.c:901
reboot(100) at reboot+0x7b
panic(ffffffff82842e06) at panic+0x179 sys/kern/subr_prf.c:231
wakeup(fffffd805fa2a388) at wakeup+0xec sys/kern/kern_synch.c:545
sd_buf_done(fffffd805f6c25f8) at sd_buf_done+0x1fd sys/scsi/sd.c:772
vioscsi_vq_done(ffff8000000a2228) at vioscsi_vq_done+0xb1 sys/dev/pv/vioscsi.c:350
intr_handler(ffff80002e65e3b0,ffff80000006a080) at intr_handler+0x4f sys/arch/amd64/amd64/intr.c:537
Xintr_ioapic_edge23_untramp() at Xintr_ioapic_edge23_untramp+0x18f
Xspllower() at Xspllower+0x1d
softintr_dispatch(0) at softintr_dispatch+0xc4 sys/arch/amd64/amd64/softintr.c:103
Xsoftclock() at Xsoftclock+0x27
buf_get(0,0,10000000) at buf_get+0x77a sys/kern/vfs_bio.c:1196
geteblk(10000000) at geteblk+0x3c sys/kern/vfs_bio.c:1071
readdisklabel(2902,ffffffff81646310,ffff800000da1400,0) at readdisklabel+0x149 sys/arch/amd64/amd64/disksubr.c:96
vndopen(2902,1,2000,ffff8000217112c0) at vndopen+0x17e sys/dev/vnd.c:204
spec_open(ffff80002e65e8e8) at spec_open+0x3e3 sys/kern/spec_vnops.c:150
VOP_OPEN(fffffd807d08eeb8,1,fffffd807f7d7888,ffff8000217112c0) at VOP_OPEN+0x70 sys/kern/vfs_vops.c:138
vn_open(ffff80002e65eb38,1,0) at vn_open+0x452 sys/kern/vfs_vnops.c:177
doopenat(ffff8000217112c0,ffffff9c,20000200,0,0,ffff80002e65ed10) at doopenat+0x26e sys/kern/vfs_syscalls.c:1126
syscall(ffff80002e65ed90) at syscall+0x4a8 sys/arch/amd64/amd64/trap.c:623
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0xfbf22e071a0, count: 179
End of stack trace.
panic: wakeup: p_stat is 0
Starting stack trace...
panic(ffffffff82842e06) at panic+0x159 sys/kern/subr_prf.c:229
wakeup_n(ffffffff82b99060,1) at wakeup_n+0xfc sys/kern/kern_synch.c:545
task_add(ffffffff82b99060,ffffffff82b86420) at task_add+0xfa sys/kern/kern_task.c:376
rtable_delete(0,ffff800000da9c60,0,fffffd806d08bbe8) at rtable_delete+0x397 sys/net/rtable.c:708
rtrequest_delete(ffff80002e65c558,3,ffff800000da6800,ffff80002e65c618,0) at rtrequest_delete+0x14a sys/net/route.c:791
rtdeletemsg(fffffd806d08bbe8,ffff800000da6800,0) at rtdeletemsg+0x1bc sys/net/route.c:681
rt_if_track(ffff800000da6800) at rt_if_track+0x10f sys/net/route.c:1748
if_down(ffff800000da6800) at if_down+0x114 if_linkstate sys/net/if.c:1794 [inline]
if_down(ffff800000da6800) at if_down+0x114 sys/net/if.c:1740
if_downall() at if_downall+0x7d sys/net/if.c:1721
boot(104) at boot+0x123 sys/arch/amd64/amd64/machdep.c:909
reboot(104) at reboot+0x7b
panic(ffffffff82842e06) at panic+0x179 sys/kern/subr_prf.c:231
wakeup_n(ffffffff82b99060,1) at wakeup_n+0xfc sys/kern/kern_synch.c:545
task_add(ffffffff82b99060,ffffffff82b863e0) at task_add+0xfa sys/kern/kern_task.c:376
art_table_put(ffff800000683b80,fffffd8067dc8110) at art_table_put+0x155 sys/net/art.c:781
art_table_delete(ffff800000683b80,fffffd8067dc8110,10,fffffd807d083a70) at art_table_delete+0x17b art_table_rele sys/net/art.c:545 [inline]
art_table_delete(ffff800000683b80,fffffd8067dc8110,10,fffffd807d083a70) at art_table_delete+0x17b art_table_free sys/net/art.c:561 [inline]
art_table_delete(ffff800000683b80,fffffd8067dc8110,10,fffffd807d083a70) at art_table_delete+0x17b sys/net/art.c:530
art_delete(ffff800000683b80,fffffd807d083a70,ffff800000d1aba8,80) at art_delete+0x1db
rtable_delete(0,ffff800000d1aba0,0,fffffd8076694db0) at rtable_delete+0x2c2 sys/net/rtable.c:703
rtrequest_delete(ffff80002e65cbd8,3,ffff800000d87800,ffff80002e65cc98,0) at rtrequest_delete+0x14a sys/net/route.c:791
rtdeletemsg(fffffd8076694db0,ffff800000d87800,0) at rtdeletemsg+0x1bc sys/net/route.c:681
rt_if_track(ffff800000d87800) at rt_if_track+0x10f sys/net/route.c:1748
if_down(ffff800000d87800) at if_down+0x114 if_linkstate sys/net/if.c:1794 [inline]
if_down(ffff800000d87800) at if_down+0x114 sys/net/if.c:1740
if_downall() at if_downall+0x7d sys/net/if.c:1721
boot(104) at boot+0x123 sys/arch/amd64/amd64/machdep.c:909
reboot(104) at reboot+0x7b
panic(ffffffff82842e06) at panic+0x179 sys/kern/subr_prf.c:231
wakeup(fffffd807c8ccb80) at wakeup+0xec sys/kern/kern_synch.c:545
knote_enqueue(fffffd807c899708) at knote_enqueue+0x194 klist_empty sys/sys/event.h:362 [inline]
knote_enqueue(fffffd807c899708) at knote_enqueue+0x194 kqueue_wakeup sys/kern/kern_event.c:1689 [inline]
knote_enqueue(fffffd807c899708) at knote_enqueue+0x194 sys/kern/kern_event.c:2032
knote_locked(fffffd807ca3dbc8,0) at knote_locked+0x11d
sorwakeup(fffffd807ca3dab8) at sorwakeup+0xcd sys/kern/uipc_socket.c:1769
rtm_sendup(fffffd807ca3dab8,fffffd807cc8c800) at rtm_sendup+0xfa sys/net/rtsock.c:604
route_input(fffffd807cc8c800,0,0) at route_input+0x194 sys/net/rtsock.c:574
rtm_ifchg(ffff80000019e2a8) at rtm_ifchg+0xe1 sys/net/rtsock.c:1785
if_down(ffff80000019e2a8) at if_down+0x10c if_linkstate sys/net/if.c:1792 [inline]
if_down(ffff80000019e2a8) at if_down+0x10c sys/net/if.c:1740
if_downall() at if_downall+0x7d sys/net/if.c:1721
boot(104) at boot+0x123 sys/arch/amd64/amd64/machdep.c:909
reboot(104) at reboot+0x7b
panic(ffffffff82842e06) at panic+0x179 sys/kern/subr_prf.c:231
wakeup(fffffd806912cdd0) at wakeup+0xec sys/kern/kern_synch.c:545
sowakeup(fffffd806912cd20,fffffd806912cdd0) at sowakeup+0xfd sys/kern/uipc_socket2.c:548
sorwakeup(fffffd806912cd20) at sorwakeup+0xcd sys/kern/uipc_socket.c:1769
rtm_sendup(fffffd806912cd20,fffffd807cc8c000) at rtm_sendup+0xfa sys/net/rtsock.c:604
route_input(fffffd807cc8c000,0,0) at route_input+0x194 sys/net/rtsock.c:574
rtm_ifchg(ffff8000006b7000) at rtm_ifchg+0xe1 sys/net/rtsock.c:1785
if_down(ffff8000006b7000) at if_down+0x10c if_linkstate sys/net/if.c:1792 [inline]
if_down(ffff8000006b7000) at if_down+0x10c sys/net/if.c:1740
if_downall() at if_downall+0x7d sys/net/if.c:1721
boot(104) at boot+0x123 sys/arch/amd64/amd64/machdep.c:909
reboot(104) at reboot+0x7b
panic(ffffffff82774eaa) at panic+0x179 sys/kern/subr_prf.c:231
kerntrap(ffff80002e65d7d0) at kerntrap+0x1c7 sys/arch/amd64/amd64/trap.c:327
alltraps_kern_meltdown() at alltraps_kern_meltdown+0x7b
schedclock(ffff8000217112c0) at schedclock+0xa6 sys/kern/sched_bsd.c:569
clockintr_statclock(ffffffff82be8ab8,ffff80002e65d9c0) at clockintr_statclock+0x118 sys/kern/kern_clockintr.c:518
clockintr_dispatch(ffff80002e65d9c0) at clockintr_dispatch+0x255 sys/kern/kern_clockintr.c:266
lapic_clockintr(0,4000000000010000) at lapic_clockintr+0x3a sys/arch/amd64/amd64/lapic.c:482
Xresume_lapic_ltimer() at Xresume_lapic_ltimer+0x2a
Xspllower() at Xspllower+0x1d
tsleep(fffffd805fa2a388,11,ffffffff82843bea,0) at tsleep+0x117 sys/kern/kern_synch.c:149
getblk(fffffd807efcfa20,1fa560,4000,0,ffffffffffffffff) at getblk+0x14c sys/kern/vfs_bio.c:1038
bread(fffffd807efcfa20,1fa560,4000,ffff80002e65dd78) at bread+0x3e bio_doread sys/kern/vfs_bio.c:433 [inline]
bread(fffffd807efcfa20,1fa560,4000,ffff80002e65dd78) at bread+0x3e sys/kern/vfs_bio.c:478
ffs_update(fffffd805ef193c0,1) at ffs_update+0x14f sys/ufs/ffs/ffs_inode.c:91
ffs_truncate(fffffd805ef193c0,0,0,ffffffffffffffff) at ffs_truncate+0xcd5
ufs_inactive(ffff80002e65e038) at ufs_inactive+0x152 sys/ufs/ufs/ufs_inode.c:84
VOP_INACTIVE(fffffd805a8d2468,ffff8000217112c0) at VOP_INACTIVE+0xbf sys/kern/vfs_vops.c:489
vput(fffffd805a8d2468) at vput+0xa7 sys/kern/vfs_subr.c:779
vn_close(fffffd805a8d2468,2,ffffffffffffffff,ffff8000217112c0) at vn_close+0x82 sys/kern/vfs_vnops.c:294
acct_shutdown() at acct_shutdown+0x66 sys/kern/kern_acct.c:359
vfs_shutdown(ffff8000217112c0) at vfs_shutdown+0x1a sys/kern/vfs_subr.c:1779
boot(100) at boot+0xbf sys/arch/amd64/amd64/machdep.c:901
reboot(100) at reboot+0x7b
panic(ffffffff82842e06) at panic+0x179 sys/kern/subr_prf.c:231
wakeup(fffffd805fa2a388) at wakeup+0xec sys/kern/kern_synch.c:545
sd_buf_done(fffffd805f6c25f8) at sd_buf_done+0x1fd sys/scsi/sd.c:772
vioscsi_vq_done(ffff8000000a2228) at vioscsi_vq_done+0xb1 sys/dev/pv/vioscsi.c:350
intr_handler(ffff80002e65e3b0,ffff80000006a080) at intr_handler+0x4f sys/arch/amd64/amd64/intr.c:537
Xintr_ioapic_edge23_untramp() at Xintr_ioapic_edge23_untramp+0x18f
Xspllower() at Xspllower+0x1d
softintr_dispatch(0) at softintr_dispatch+0xc4 sys/arch/amd64/amd64/softintr.c:103
Xsoftclock() at Xsoftclock+0x27
buf_get(0,0,10000000) at buf_get+0x77a sys/kern/vfs_bio.c:1196
geteblk(10000000) at geteblk+0x3c sys/kern/vfs_bio.c:1071
readdisklabel(2902,ffffffff81646310,ffff800000da1400,0) at readdisklabel+0x149 sys/arch/amd64/amd64/disksubr.c:96
vndopen(2902,1,2000,ffff8000217112c0) at vndopen+0x17e sys/dev/vnd.c:204
spec_open(ffff80002e65e8e8) at spec_open+0x3e3 sys/kern/spec_vnops.c:150
VOP_OPEN(fffffd807d08eeb8,1,fffffd807f7d7888,ffff8000217112c0) at VOP_OPEN+0x70 sys/kern/vfs_vops.c:138
vn_open(ffff80002e65eb38,1,0) at vn_open+0x452 sys/kern/vfs_vnops.c:177
doopenat(ffff8000217112c0,ffffff9c,20000200,0,0,ffff80002e65ed10) at doopenat+0x26e sys/kern/vfs_syscalls.c:1126
syscall(ffff80002e65ed90) at syscall+0x4a8 sys/arch/amd64/amd64/trap.c:623
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0xfbf22e071a0, count: 168
End of stack trace.
fatal double fault in supervisor mode
trap type 13 code 0 rip ffffffff817a73b8 cs 8 rflags 10286 cr2 ffff80002e65aff8 cpl c rsp ffff80002e65b000
gsbase 0xffffffff82be7ff0 kgsbase 0x0
panic: trap type 13, code=0, pc=ffffffff817a73b8
Starting stack trace...
panic(ffffffff82774eaa) at panic+0x159 sys/kern/subr_prf.c:229
kerntrap(ffffffff82be7730) at kerntrap+0x1c7 sys/arch/amd64/amd64/trap.c:327
Xcalltrap_specstk_untramp() at Xcalltrap_specstk_untramp+0xf
Bad frame pointer: 0xffff80002e65b080
end trace frame: 0xffff80002e65b080, count: 254
End of stack trace.
dump to dev 4,1 not possible
panic: wakeup: p_stat is 0
Starting stack trace...
panic(ffffffff82842e06) at panic+0x159 sys/kern/subr_prf.c:229
wakeup(fffffd80686b5a20) at wakeup+0xec sys/kern/kern_synch.c:545
sd_buf_done(fffffd805f6c20e8) at sd_buf_done+0x1fd sys/scsi/sd.c:772
vioscsi_vq_done(ffff8000000a2228) at vioscsi_vq_done+0xb1 sys/dev/pv/vioscsi.c:350
virtio_check_vqs(ffff800000024800) at virtio_check_vqs+0x160 virtio_check_vq sys/dev/pv/virtio.c:240 [inline]
virtio_check_vqs(ffff800000024800) at virtio_check_vqs+0x160 sys/dev/pv/virtio.c:225
virtio_pci_poll_intr(ffff800000024800) at virtio_pci_poll_intr+0x55 sys/dev/pci/virtio_pci.c:1096
vioscsi_scsi_cmd(fffffd805f6c2010) at vioscsi_scsi_cmd+0x400 sys/dev/pv/vioscsi.c:270
scsi_xs_sync(fffffd805f6c2010) at scsi_xs_sync+0xaa sys/scsi/scsi_base.c:1528
sdactivate(ffff800000024a00,6) at sdactivate+0x20c sd_flush sys/scsi/sd.c:1880 [inline]
sdactivate(ffff800000024a00,6) at sdactivate+0x20c sys/scsi/sd.c:271
config_suspend(ffff800000024a00,6) at config_suspend+0x4f sys/kern/subr_autoconf.c:831
scsibusactivate(ffff80000004b400,6) at scsibusactivate+0x7b scsi_activate_link sys/scsi/scsiconf.c:410 [inline]
scsibusactivate(ffff80000004b400,6) at scsibusactivate+0x7b scsi_activate_bus sys/scsi/scsiconf.c:360 [inline]
scsibusactivate(ffff80000004b400,6) at scsibusactivate+0x7b sys/scsi/scsiconf.c:259
config_activate_children(ffff8000000a2000,6) at config_activate_children+0x127 config_suspend sys/kern/subr_autoconf.c:831 [inline]
config_activate_children(ffff8000000a2000,6) at config_activate_children+0x127 sys/kern/subr_autoconf.c:893
config_activate_children(ffff800000024800,6) at config_activate_children+0x139 sys/kern/subr_autoconf.c:893
config_activate_children(ffff80000002f500,6) at config_activate_children+0x139 sys/kern/subr_autoconf.c:893
pciactivate(ffff80000002f500,6) at pciactivate+0x79 sys/dev/pci/pci.c:230
config_activate_children(ffff80000002c280,6) at config_activate_children+0x127 config_suspend sys/kern/subr_autoconf.c:831 [inline]
config_activate_children(ffff80000002c280,6) at config_activate_children+0x127 sys/kern/subr_autoconf.c:893
config_suspend_all(6) at config_suspend_all+0x30c sys/kern/subr_autoconf.c:855
boot(104) at boot+0x171 sys/arch/amd64/amd64/machdep.c:923
reboot(104) at reboot+0x7b
panic(ffffffff82774eaa) at panic+0x179 sys/kern/subr_prf.c:231
kerntrap(ffffffff82be7730) at kerntrap+0x1c7 sys/arch/amd64/amd64/trap.c:327
Xcalltrap_specstk_untramp() at Xcalltrap_specstk_untramp+0xf
Bad frame pointer: 0xffff80002e65b080
end trace frame: 0xffff80002e65b080, count: 235
End of stack trace.
The operating system has halted.
Please press any key to reboot.
rebooting...
SeaBIOS (version 1.8.2-google)
Total RAM Size = 0x0000000080000000 = 2048 MiB
CPUs found: 2 Max CPUs supported: 2
SeaBIOS (version 1.8.2-google)
Machine UUID 0fee9609-1d66-d0cb-3385-b9d53e0469ef
found virtio-scsi at 0:3
virtio-scsi vendor='Google' product='PersistentDisk' rev='1' type=0 removable=0
virtio-scsi blksize=512 sectors=4194304 = 2048 MiB
drive 0x000f2880: PCHS=0/0/0 translation=lba LCHS=520/128/63 s=4194304
Sending Seabios boot VM event.
Booting from Hard Disk 0...
>> OpenBSD/amd64 BOOT 3.65
boot> trace
| / - \ | / - \ | / booting hd0a:trace: - \ | / open hd0a:trace: No such file or directory
failed(2). will try /bsd
boot> show registers
boot> show proc
boot> ps
boot> show all locks
boot> show malloc
boot> show all pools
boot> machine ddbcpu 0
machine: syntax error
boot> trace
boot> machine ddbcpu 1
machine: syntax error
boot> trace
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
If the bug is already fixed, let syzbot know by replying with:
#syz fix: exact-commit-title
If you want to overwrite bug's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)
If the bug is a duplicate of another bug, reply with:
#syz dup: exact-subject-of-another-report
If you want to undo deduplication, reply with:
#syz undup
syzbot
Feb 27, 2024, 6:32:11 AMFeb 27
to syzkaller-o...@googlegroups.com
Auto-closing this bug as obsolete.
Crashes did not happen for a while, no reproducer and no activity.
Crashes did not happen for a while, no reproducer and no activity.
Reply all
Reply to author
Forward
0 new messages