panic: kernel diagnpaosniticc: askserenretlio dnia g"tnnosamteic- >ausns_ferltaigosn "& !_UNkVerEneILl__UlSoEcRkS_hEeT
0 views
Skip to first unread message
syzbot
Mar 26, 2019, 7:42:06 AM3/26/19
to syzkaller-o...@googlegroups.com
Hello,
syzbot found the following crash on:
HEAD commit: 6a51f920 Fix authentication failures when "AuthenticationM..
git tree: openbsd
console output: https://syzkaller.appspot.com/x/log.txt?x=1582f317200000
kernel config: https://syzkaller.appspot.com/x/.config?x=fa145722143cbd64
dashboard link: https://syzkaller.appspot.com/bug?extid=bf847426343b5062a641
Unfortunately, I don't have any reproducer for this crash yet.
IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+bf8474...@syzkaller.appspotmail.com
login: panic: kernel diagnpaosniticc: askserenretlio dnia g"tnnosamteic-
>ausns_ferltaigosn "& !_UNkVerEneILl__UlSoEcRkS_hEeTl"d ()" failed:
file "/syzkaller/managers/setuid/kernel/sys/kern/kern_fork.c", line 689
Stopped at db_enter+0x18: addq $0x8,%rsp
TID PID UID PRFLAGS PFLAGS CPU COMMAND
*143904 64329 32767 0x10 0x4000000 1 syz-executor.0
247123 55465 32767 0x10 0x4000000 0 syz-executor.1
db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:398
panic() at panic+0x174 sys/kern/subr_prf.c:208
__assert(ffffffff81f7bdfb,ffffffff81f52a85,2b1,ffffffff81f4da4d) at
__assert+0x2e sys/kern/subr_prf.c:155
proc_trampoline_mp() at proc_trampoline_mp+0x13b
end trace frame: 0x0, count: 11
https://www.openbsd.org/ddb.html describes the minimum info required in bug
reports. Insufficient info makes it difficult to find and fix bugs.
ddb{1}>
ddb{1}> set $lines = 0
ddb{1}> set $maxwidth = 0
ddb{1}> show panic
kernel diagnostic assertion "tname->un_flags & UNVEIL_USERSET" failed:
file "/syzkaller/managers/setuid/kernel/sys/kern/kern_unveil.c", line 879
ddb{1}> trace
db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:398
panic() at panic+0x174 sys/kern/subr_prf.c:208
__assert(ffffffff81f7bdfb,ffffffff81f52a85,2b1,ffffffff81f4da4d) at
__assert+0x2e sys/kern/subr_prf.c:155
proc_trampoline_mp() at proc_trampoline_mp+0x13b
end trace frame: 0x0, count: -4
ddb{1}> show registers
rdi 0
rsi 0x1
rbp 0xffff800020c60f00
rbx 0xffff800020c60fb0
rdx 0xffffffff81f2146b cmd0646_9_tim_udma+0x16736
rcx 0
rax 0
r8 0xffffffff81e2f083 kprintf+0x183
r9 0x1
r10 0x25
r11 0xe833e472215270e1
r12 0x3000000008
r13 0xffff800020c60f10
r14 0x104
r15 0x1
rip 0xffffffff8188e158 db_enter+0x18
cs 0x8
rflags 0x246
rsp 0xffff800020c60ef0
ss 0x10
db_enter+0x18: addq $0x8,%rsp
ddb{1}> show proc
PROC (syz-executor.0) pid=143904 stat=onproc
flags process=10<SUGID> proc=4000000<THREAD>
pri=70, usrpri=70, nice=20
forw=0xffffffffffffffff, list=0xffff800020b392d8,0xffffffff82352f38
process=0xffff800020b8cd38 user=0xffff800020c5c000,
vmspace=0xfffffd807effd5a0
estcpu=20, cpticks=2, pctcpu=0.0
user=0, sys=2, intr=0
ddb{1}> ps
PID TID PPID UID S FLAGS WAIT COMMAND
64329 426292 54259 32767 2 0x10 syz-executor.0
*64329 143904 54259 32767 7 0x4000010 syz-executor.0
55465 347487 14978 32767 2 0x10 syz-executor.1
55465 247123 14978 32767 7 0x4000010 syz-executor.1
14978 240528 67369 32767 2 0x490 syz-executor.1
67369 416424 12803 0 3 0x82 wait syz-executor.1
54259 505917 18894 32767 3 0x90 nanosleep syz-executor.0
18894 35273 12803 0 3 0x82 wait syz-executor.0
90483 405431 0 0 3 0x14200 bored sosplice
12803 441079 41932 0 3 0x82 thrsleep syz-fuzzer
12803 492536 41932 0 3 0x4000082 thrsleep syz-fuzzer
12803 255739 41932 0 3 0x4000082 thrsleep syz-fuzzer
12803 124392 41932 0 3 0x4000082 thrsleep syz-fuzzer
12803 181906 41932 0 3 0x4000082 kqread syz-fuzzer
12803 151413 41932 0 3 0x4000082 thrsleep syz-fuzzer
12803 17972 41932 0 3 0x4000082 thrsleep syz-fuzzer
12803 423714 41932 0 3 0x4000082 thrsleep syz-fuzzer
12803 469128 41932 0 3 0x4000082 thrsleep syz-fuzzer
12803 392312 41932 0 3 0x4000082 thrsleep syz-fuzzer
41932 445056 98705 0 3 0x10008a pause ksh
98705 258772 55030 0 3 0x92 select sshd
90570 473446 1 0 3 0x100083 ttyin getty
55030 135444 1 0 3 0x80 select sshd
33406 25382 23065 73 3 0x100090 kqread syslogd
23065 104756 1 0 3 0x100082 netio syslogd
77537 20177 1 77 3 0x100090 poll dhclient
44764 299145 1 0 3 0x80 poll dhclient
47358 317971 0 0 2 0x14200 zerothread
13309 209601 0 0 3 0x14200 aiodoned aiodoned
33030 351842 0 0 2 0x14200 update
63647 289759 0 0 3 0x14200 cleaner cleaner
82177 167151 0 0 3 0x14200 reaper reaper
17772 172299 0 0 3 0x14200 pgdaemon pagedaemon
17448 407804 0 0 3 0x14200 bored crynlk
97475 313791 0 0 3 0x14200 bored crypto
28558 156275 0 0 3 0x40014200 acpi0 acpi0
97999 416032 0 0 3 0x40014200 idle1
38807 351492 0 0 3 0x14200 bored softnet
30670 375829 0 0 3 0x14200 bored systqmp
8657 228783 0 0 3 0x14200 bored systq
19565 87680 0 0 3 0x40014200 bored softclock
54360 249858 0 0 3 0x40014200 idle0
2304 404569 0 0 3 0x14200 bored smr
1 131865 0 0 3 0x82 wait init
0 0 -1 0 3 0x10200 scheduler swapper
ddb{1}> show all locks
Process 55465 (syz-executor.1) thread 0xffff800020b399e0 (247123)
exclusive rrwlock inode r = 0 (0xfffffd807e1e66f8) locked @
/syzkaller/managers/setuid/kernel/sys/ufs/ufs/ufs_vnops.c:1547
#0 witness_lock+0x594 sys/kern/subr_witness.c:1201
#1 _rw_enter+0x45d sys/kern/kern_rwlock.c:280
#2 _rrw_enter+0x60 sys/kern/kern_rwlock.c:410
#3 VOP_LOCK+0x57 sys/kern/vfs_vops.c:602
#4 vn_lock+0x6e sys/kern/vfs_vnops.c:549
#5 vget+0x1c3 sys/kern/vfs_subr.c:672
#6 cache_lookup+0x300 sys/kern/vfs_cache.c:224
#7 ufs_lookup+0x1d7 sys/ufs/ufs/ufs_lookup.c:162
#8 VOP_LOOKUP+0x67 sys/kern/vfs_vops.c:90
#9 vfs_lookup+0x556 sys/kern/vfs_lookup.c:523
#10 namei+0x4b2 sys/kern/vfs_lookup.c:224
#11 domkdirat+0x81 sys/kern/vfs_syscalls.c:2866
#12 syscall+0x5b8 mi_syscall sys/sys/syscall_mi.h:99 [inline]
#12 syscall+0x5b8 sys/arch/amd64/amd64/trap.c:574
#13 Xsyscall+0x128
exclusive kernel_lock &kernel_lock r = 0 (0xffffffff82342968) locked @
/syzkaller/managers/setuid/kernel/sys/sys/syscall_mi.h:90
#0 witness_lock+0x594 sys/kern/subr_witness.c:1201
#1 syscall+0x48b mi_syscall sys/sys/syscall_mi.h:91 [inline]
#1 syscall+0x48b sys/arch/amd64/amd64/trap.c:574
#2 Xsyscall+0x128
ddb{1}> show malloc
Type InUse MemUse HighUse Limit Requests Type Lim Kern Lim
devbuf 9459 6321K 6321K 78643K 10676 0 0
pcb 23 9K 11K 78643K 363 0 0
rtable 97 3K 3K 78643K 1006 0 0
ifaddr 36 10K 10K 78643K 198 0 0
counters 39 33K 33K 78643K 39 0 0
ioctlops 0 0K 2K 78643K 43 0 0
iov 0 0K 16K 78643K 46 0 0
mount 1 1K 1K 78643K 1 0 0
vnodes 1200 75K 75K 78643K 1797 0 0
UFS quota 1 32K 32K 78643K 1 0 0
UFS mount 5 36K 36K 78643K 5 0 0
shm 2 1K 5K 78643K 9 0 0
VM map 2 1K 1K 78643K 2 0 0
sem 12 1K 1K 78643K 105 0 0
dirhash 12 2K 2K 78643K 12 0 0
ACPI 1808 196K 290K 78643K 12628 0 0
file desc 8 25K 33K 78643K 720 0 0
sigio 0 0K 0K 78643K 14 0 0
proc 44 50K 70K 78643K 848 0 0
subproc 68 69634K 69634K 78643K 952 0 0
NFS srvsock 1 0K 0K 78643K 1 0 0
NFS daemon 1 16K 16K 78643K 1 0 0
ip_moptions 0 0K 0K 78643K 93 0 0
in_multi 33 2K 2K 78643K 340 0 0
ether_multi 1 0K 0K 78643K 6 0 0
ISOFS mount 1 32K 32K 78643K 1 0 0
MSDOSFS mount 1 16K 16K 78643K 1 0 0
ttys 54 238K 238K 78643K 54 0 0
exec 0 0K 1K 78643K 343 0 0
pagedep 1 8K 8K 78643K 1 0 0
inodedep 1 32K 32K 78643K 1 0 0
newblk 1 0K 0K 78643K 1 0 0
VM swap 7 26K 26K 78643K 7 0 0
UVM amap 85 21K 30K 78643K 2972 0 0
UVM aobj 27 2K 2K 78643K 30 0 0
memdesc 1 4K 4K 78643K 1 0 0
crypto data 1 1K 1K 78643K 1 0 0
ip6_options 0 0K 0K 78643K 31 0 0
NDP 5 0K 0K 78643K 87 0 0
temp 120 2374K 2440K 78643K 6128 0 0
kqueue 0 0K 0K 78643K 8 0 0
SYN cache 2 16K 16K 78643K 2 0 0
ddb{1}> show all pools
Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg
Idle
arp 64 30 0 26 1 0 1 1 0
8 0
inpcbpl 280 374 0 367 1 0 1 1 0
8 0
plimitpl 152 97 0 88 1 0 1 1 0
8 0
plcache 128 20 0 0 1 0 1 1 0
8 0
rtentry 112 275 0 235 2 0 2 2 0
8 0
syncache 264 4 0 4 1 1 0 1 0
8 0
tcpcb 544 135 0 131 1 0 1 1 0
8 0
nd6 48 56 0 52 1 0 1 1 0
8 0
art_heap8 4096 1 0 0 1 0 1 1 0
8 0
art_heap4 256 1293 0 1105 12 0 12 12 0
8 0
art_table 32 1294 0 1105 2 0 2 2 0
8 0
art_node 16 274 0 240 1 0 1 1 0
8 0
sysvmsgpl 40 5 0 2 1 0 1 1 0
8 0
semapl 112 103 0 93 1 0 1 1 0
8 0
shmpl 112 28 0 3 1 0 1 1 0
8 0
dirhash 1024 17 0 0 3 0 3 3 0
8 0
dino1pl 128 2201 0 760 47 0 47 47 0
8 0
ffsino 272 2201 0 760 97 0 97 97 0
8 0
nchpl 144 3347 0 1715 61 0 61 61 0
8 0
uvmvnodes 72 2686 0 0 49 0 49 49 0
8 0
vnodes 200 2686 0 0 142 0 142 142 0
8 0
namei 1024 10617 0 10616 2 1 1 1 0
8 0
percpumem 16 30 0 0 1 0 1 1 0
8 0
scxspl 192 8530 0 8530 11 8 3 5 0
8 3
sigapl 432 812 0 796 3 1 2 3 0
8 0
futexpl 56 6229 0 6229 1 0 1 1 0
8 1
knotepl 112 711 0 692 1 0 1 1 0
8 0
kqueuepl 104 195 0 193 1 0 1 1 0
8 0
pipepl 112 746 0 723 6 5 1 2 0
8 0
fdescpl 488 813 0 796 3 0 3 3 0
8 0
filepl 152 5309 0 5209 11 6 5 7 0
8 1
lockfpl 104 165 0 165 2 1 1 1 0
8 1
lockfspl 32 361 0 361 2 1 1 1 0
8 1
sessionpl 112 43 0 33 1 0 1 1 0
8 0
pgrppl 48 50 0 40 1 0 1 1 0
8 0
ucredpl 96 1369 0 1360 1 0 1 1 0
8 0
zombiepl 144 796 0 796 2 1 1 1 0
8 1
processpl 840 829 0 796 4 0 4 4 0
8 0
procpl 600 1916 0 1872 4 0 4 4 0
8 0
srpgc 64 148 0 148 2 1 1 1 0
8 1
sosppl 128 12 0 12 4 3 1 1 0
8 1
sockpl 384 730 0 713 6 3 3 4 0
8 1
mcl64k 65536 6 0 0 1 0 1 1 0
8 0
mcl16k 16384 1 0 0 1 0 1 1 0
8 0
mcl12k 12288 4 0 0 1 0 1 1 0
8 0
mcl9k 9216 3 0 0 1 0 1 1 0
8 0
mcl8k 8192 2 0 0 1 0 1 1 0
8 0
mcl4k 4096 7 0 0 1 0 1 1 0
8 0
mcl2k2 2112 3 0 0 1 0 1 1 0
8 0
mcl2k 2048 122 0 0 15 0 15 15 0
8 1
mtagpl 80 1 0 0 1 0 1 1 0
8 0
mbufpl 256 171 0 0 10 1 9 10 0
8 0
bufpl 256 6659 0 1122 347 0 347 347 0
8 0
anonpl 16 102059 0 95627 57 26 31 41 0
125 0
amapchunkpl 152 6173 0 6087 15 6 9 9 0
158 5
amappl16 192 3229 0 2893 44 26 18 28 0
8 1
amappl15 184 77 0 73 1 0 1 1 0
8 0
amappl14 176 324 0 314 2 1 1 1 0
8 0
amappl13 168 232 0 229 1 0 1 1 0
8 0
amappl12 160 209 0 202 1 0 1 1 0
8 0
amappl11 152 78 0 67 1 0 1 1 0
8 0
amappl10 144 100 0 100 3 3 0 1 0
8 0
amappl9 136 682 0 679 1 0 1 1 0
8 0
amappl8 128 285 0 267 1 0 1 1 0
8 0
amappl7 120 123 0 117 1 0 1 1 0
8 0
amappl6 112 107 0 101 1 0 1 1 0
8 0
amappl5 104 182 0 171 1 0 1 1 0
8 0
amappl4 96 846 0 818 2 1 1 2 0
8 0
amappl3 88 514 0 495 1 0 1 1 0
8 0
amappl2 80 5181 0 5117 2 0 2 2 0
8 0
amappl1 72 28087 0 27636 24 15 9 19 0
8 0
amappl 72 2317 0 2281 1 0 1 1 0
75 0
dma4096 4096 1 0 1 1 1 0 1 0
8 0
dma256 256 6 0 6 1 1 0 1 0
8 0
dma64 64 259 0 259 1 1 0 1 0
8 0
dma32 32 7 0 7 1 1 0 1 0
8 0
dma16 16 17 0 17 1 1 0 1 0
8 0
aobjpl 64 29 0 3 1 0 1 1 0
8 0
uaddrrnd 24 813 0 796 1 0 1 1 0
8 0
uaddrbest 32 2 0 0 1 0 1 1 0
8 0
uaddr 24 813 0 796 1 0 1 1 0
8 0
vmmpekpl 168 10525 0 10503 2 0 2 2 0
8 0
vmmpepl 168 99545 0 98075 102 33 69 75 0
357 5
vmsppl 360 812 0 796 2 0 2 2 0
8 0
pdppl 4096 1634 0 1592 6 0 6 6 0
8 0
pvpl 32 301291 0 291515 137 44 93 113 0 265
10
pmappl 224 812 0 796 6 5 1 2 0
8 0
extentpl 40 39 0 25 1 0 1 1 0
8 0
phpool 112 500 0 4 15 0 15 15 0
8 0
---
This bug is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this bug report. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot found the following crash on:
HEAD commit: 6a51f920 Fix authentication failures when "AuthenticationM..
git tree: openbsd
console output: https://syzkaller.appspot.com/x/log.txt?x=1582f317200000
kernel config: https://syzkaller.appspot.com/x/.config?x=fa145722143cbd64
dashboard link: https://syzkaller.appspot.com/bug?extid=bf847426343b5062a641
Unfortunately, I don't have any reproducer for this crash yet.
IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+bf8474...@syzkaller.appspotmail.com
login: panic: kernel diagnpaosniticc: askserenretlio dnia g"tnnosamteic-
>ausns_ferltaigosn "& !_UNkVerEneILl__UlSoEcRkS_hEeTl"d ()" failed:
file "/syzkaller/managers/setuid/kernel/sys/kern/kern_fork.c", line 689
Stopped at db_enter+0x18: addq $0x8,%rsp
TID PID UID PRFLAGS PFLAGS CPU COMMAND
*143904 64329 32767 0x10 0x4000000 1 syz-executor.0
247123 55465 32767 0x10 0x4000000 0 syz-executor.1
db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:398
panic() at panic+0x174 sys/kern/subr_prf.c:208
__assert(ffffffff81f7bdfb,ffffffff81f52a85,2b1,ffffffff81f4da4d) at
__assert+0x2e sys/kern/subr_prf.c:155
proc_trampoline_mp() at proc_trampoline_mp+0x13b
end trace frame: 0x0, count: 11
https://www.openbsd.org/ddb.html describes the minimum info required in bug
reports. Insufficient info makes it difficult to find and fix bugs.
ddb{1}>
ddb{1}> set $lines = 0
ddb{1}> set $maxwidth = 0
ddb{1}> show panic
kernel diagnostic assertion "tname->un_flags & UNVEIL_USERSET" failed:
file "/syzkaller/managers/setuid/kernel/sys/kern/kern_unveil.c", line 879
ddb{1}> trace
db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:398
panic() at panic+0x174 sys/kern/subr_prf.c:208
__assert(ffffffff81f7bdfb,ffffffff81f52a85,2b1,ffffffff81f4da4d) at
__assert+0x2e sys/kern/subr_prf.c:155
proc_trampoline_mp() at proc_trampoline_mp+0x13b
end trace frame: 0x0, count: -4
ddb{1}> show registers
rdi 0
rsi 0x1
rbp 0xffff800020c60f00
rbx 0xffff800020c60fb0
rdx 0xffffffff81f2146b cmd0646_9_tim_udma+0x16736
rcx 0
rax 0
r8 0xffffffff81e2f083 kprintf+0x183
r9 0x1
r10 0x25
r11 0xe833e472215270e1
r12 0x3000000008
r13 0xffff800020c60f10
r14 0x104
r15 0x1
rip 0xffffffff8188e158 db_enter+0x18
cs 0x8
rflags 0x246
rsp 0xffff800020c60ef0
ss 0x10
db_enter+0x18: addq $0x8,%rsp
ddb{1}> show proc
PROC (syz-executor.0) pid=143904 stat=onproc
flags process=10<SUGID> proc=4000000<THREAD>
pri=70, usrpri=70, nice=20
forw=0xffffffffffffffff, list=0xffff800020b392d8,0xffffffff82352f38
process=0xffff800020b8cd38 user=0xffff800020c5c000,
vmspace=0xfffffd807effd5a0
estcpu=20, cpticks=2, pctcpu=0.0
user=0, sys=2, intr=0
ddb{1}> ps
PID TID PPID UID S FLAGS WAIT COMMAND
64329 426292 54259 32767 2 0x10 syz-executor.0
*64329 143904 54259 32767 7 0x4000010 syz-executor.0
55465 347487 14978 32767 2 0x10 syz-executor.1
55465 247123 14978 32767 7 0x4000010 syz-executor.1
14978 240528 67369 32767 2 0x490 syz-executor.1
67369 416424 12803 0 3 0x82 wait syz-executor.1
54259 505917 18894 32767 3 0x90 nanosleep syz-executor.0
18894 35273 12803 0 3 0x82 wait syz-executor.0
90483 405431 0 0 3 0x14200 bored sosplice
12803 441079 41932 0 3 0x82 thrsleep syz-fuzzer
12803 492536 41932 0 3 0x4000082 thrsleep syz-fuzzer
12803 255739 41932 0 3 0x4000082 thrsleep syz-fuzzer
12803 124392 41932 0 3 0x4000082 thrsleep syz-fuzzer
12803 181906 41932 0 3 0x4000082 kqread syz-fuzzer
12803 151413 41932 0 3 0x4000082 thrsleep syz-fuzzer
12803 17972 41932 0 3 0x4000082 thrsleep syz-fuzzer
12803 423714 41932 0 3 0x4000082 thrsleep syz-fuzzer
12803 469128 41932 0 3 0x4000082 thrsleep syz-fuzzer
12803 392312 41932 0 3 0x4000082 thrsleep syz-fuzzer
41932 445056 98705 0 3 0x10008a pause ksh
98705 258772 55030 0 3 0x92 select sshd
90570 473446 1 0 3 0x100083 ttyin getty
55030 135444 1 0 3 0x80 select sshd
33406 25382 23065 73 3 0x100090 kqread syslogd
23065 104756 1 0 3 0x100082 netio syslogd
77537 20177 1 77 3 0x100090 poll dhclient
44764 299145 1 0 3 0x80 poll dhclient
47358 317971 0 0 2 0x14200 zerothread
13309 209601 0 0 3 0x14200 aiodoned aiodoned
33030 351842 0 0 2 0x14200 update
63647 289759 0 0 3 0x14200 cleaner cleaner
82177 167151 0 0 3 0x14200 reaper reaper
17772 172299 0 0 3 0x14200 pgdaemon pagedaemon
17448 407804 0 0 3 0x14200 bored crynlk
97475 313791 0 0 3 0x14200 bored crypto
28558 156275 0 0 3 0x40014200 acpi0 acpi0
97999 416032 0 0 3 0x40014200 idle1
38807 351492 0 0 3 0x14200 bored softnet
30670 375829 0 0 3 0x14200 bored systqmp
8657 228783 0 0 3 0x14200 bored systq
19565 87680 0 0 3 0x40014200 bored softclock
54360 249858 0 0 3 0x40014200 idle0
2304 404569 0 0 3 0x14200 bored smr
1 131865 0 0 3 0x82 wait init
0 0 -1 0 3 0x10200 scheduler swapper
ddb{1}> show all locks
Process 55465 (syz-executor.1) thread 0xffff800020b399e0 (247123)
exclusive rrwlock inode r = 0 (0xfffffd807e1e66f8) locked @
/syzkaller/managers/setuid/kernel/sys/ufs/ufs/ufs_vnops.c:1547
#0 witness_lock+0x594 sys/kern/subr_witness.c:1201
#1 _rw_enter+0x45d sys/kern/kern_rwlock.c:280
#2 _rrw_enter+0x60 sys/kern/kern_rwlock.c:410
#3 VOP_LOCK+0x57 sys/kern/vfs_vops.c:602
#4 vn_lock+0x6e sys/kern/vfs_vnops.c:549
#5 vget+0x1c3 sys/kern/vfs_subr.c:672
#6 cache_lookup+0x300 sys/kern/vfs_cache.c:224
#7 ufs_lookup+0x1d7 sys/ufs/ufs/ufs_lookup.c:162
#8 VOP_LOOKUP+0x67 sys/kern/vfs_vops.c:90
#9 vfs_lookup+0x556 sys/kern/vfs_lookup.c:523
#10 namei+0x4b2 sys/kern/vfs_lookup.c:224
#11 domkdirat+0x81 sys/kern/vfs_syscalls.c:2866
#12 syscall+0x5b8 mi_syscall sys/sys/syscall_mi.h:99 [inline]
#12 syscall+0x5b8 sys/arch/amd64/amd64/trap.c:574
#13 Xsyscall+0x128
exclusive kernel_lock &kernel_lock r = 0 (0xffffffff82342968) locked @
/syzkaller/managers/setuid/kernel/sys/sys/syscall_mi.h:90
#0 witness_lock+0x594 sys/kern/subr_witness.c:1201
#1 syscall+0x48b mi_syscall sys/sys/syscall_mi.h:91 [inline]
#1 syscall+0x48b sys/arch/amd64/amd64/trap.c:574
#2 Xsyscall+0x128
ddb{1}> show malloc
Type InUse MemUse HighUse Limit Requests Type Lim Kern Lim
devbuf 9459 6321K 6321K 78643K 10676 0 0
pcb 23 9K 11K 78643K 363 0 0
rtable 97 3K 3K 78643K 1006 0 0
ifaddr 36 10K 10K 78643K 198 0 0
counters 39 33K 33K 78643K 39 0 0
ioctlops 0 0K 2K 78643K 43 0 0
iov 0 0K 16K 78643K 46 0 0
mount 1 1K 1K 78643K 1 0 0
vnodes 1200 75K 75K 78643K 1797 0 0
UFS quota 1 32K 32K 78643K 1 0 0
UFS mount 5 36K 36K 78643K 5 0 0
shm 2 1K 5K 78643K 9 0 0
VM map 2 1K 1K 78643K 2 0 0
sem 12 1K 1K 78643K 105 0 0
dirhash 12 2K 2K 78643K 12 0 0
ACPI 1808 196K 290K 78643K 12628 0 0
file desc 8 25K 33K 78643K 720 0 0
sigio 0 0K 0K 78643K 14 0 0
proc 44 50K 70K 78643K 848 0 0
subproc 68 69634K 69634K 78643K 952 0 0
NFS srvsock 1 0K 0K 78643K 1 0 0
NFS daemon 1 16K 16K 78643K 1 0 0
ip_moptions 0 0K 0K 78643K 93 0 0
in_multi 33 2K 2K 78643K 340 0 0
ether_multi 1 0K 0K 78643K 6 0 0
ISOFS mount 1 32K 32K 78643K 1 0 0
MSDOSFS mount 1 16K 16K 78643K 1 0 0
ttys 54 238K 238K 78643K 54 0 0
exec 0 0K 1K 78643K 343 0 0
pagedep 1 8K 8K 78643K 1 0 0
inodedep 1 32K 32K 78643K 1 0 0
newblk 1 0K 0K 78643K 1 0 0
VM swap 7 26K 26K 78643K 7 0 0
UVM amap 85 21K 30K 78643K 2972 0 0
UVM aobj 27 2K 2K 78643K 30 0 0
memdesc 1 4K 4K 78643K 1 0 0
crypto data 1 1K 1K 78643K 1 0 0
ip6_options 0 0K 0K 78643K 31 0 0
NDP 5 0K 0K 78643K 87 0 0
temp 120 2374K 2440K 78643K 6128 0 0
kqueue 0 0K 0K 78643K 8 0 0
SYN cache 2 16K 16K 78643K 2 0 0
ddb{1}> show all pools
Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg
Idle
arp 64 30 0 26 1 0 1 1 0
8 0
inpcbpl 280 374 0 367 1 0 1 1 0
8 0
plimitpl 152 97 0 88 1 0 1 1 0
8 0
plcache 128 20 0 0 1 0 1 1 0
8 0
rtentry 112 275 0 235 2 0 2 2 0
8 0
syncache 264 4 0 4 1 1 0 1 0
8 0
tcpcb 544 135 0 131 1 0 1 1 0
8 0
nd6 48 56 0 52 1 0 1 1 0
8 0
art_heap8 4096 1 0 0 1 0 1 1 0
8 0
art_heap4 256 1293 0 1105 12 0 12 12 0
8 0
art_table 32 1294 0 1105 2 0 2 2 0
8 0
art_node 16 274 0 240 1 0 1 1 0
8 0
sysvmsgpl 40 5 0 2 1 0 1 1 0
8 0
semapl 112 103 0 93 1 0 1 1 0
8 0
shmpl 112 28 0 3 1 0 1 1 0
8 0
dirhash 1024 17 0 0 3 0 3 3 0
8 0
dino1pl 128 2201 0 760 47 0 47 47 0
8 0
ffsino 272 2201 0 760 97 0 97 97 0
8 0
nchpl 144 3347 0 1715 61 0 61 61 0
8 0
uvmvnodes 72 2686 0 0 49 0 49 49 0
8 0
vnodes 200 2686 0 0 142 0 142 142 0
8 0
namei 1024 10617 0 10616 2 1 1 1 0
8 0
percpumem 16 30 0 0 1 0 1 1 0
8 0
scxspl 192 8530 0 8530 11 8 3 5 0
8 3
sigapl 432 812 0 796 3 1 2 3 0
8 0
futexpl 56 6229 0 6229 1 0 1 1 0
8 1
knotepl 112 711 0 692 1 0 1 1 0
8 0
kqueuepl 104 195 0 193 1 0 1 1 0
8 0
pipepl 112 746 0 723 6 5 1 2 0
8 0
fdescpl 488 813 0 796 3 0 3 3 0
8 0
filepl 152 5309 0 5209 11 6 5 7 0
8 1
lockfpl 104 165 0 165 2 1 1 1 0
8 1
lockfspl 32 361 0 361 2 1 1 1 0
8 1
sessionpl 112 43 0 33 1 0 1 1 0
8 0
pgrppl 48 50 0 40 1 0 1 1 0
8 0
ucredpl 96 1369 0 1360 1 0 1 1 0
8 0
zombiepl 144 796 0 796 2 1 1 1 0
8 1
processpl 840 829 0 796 4 0 4 4 0
8 0
procpl 600 1916 0 1872 4 0 4 4 0
8 0
srpgc 64 148 0 148 2 1 1 1 0
8 1
sosppl 128 12 0 12 4 3 1 1 0
8 1
sockpl 384 730 0 713 6 3 3 4 0
8 1
mcl64k 65536 6 0 0 1 0 1 1 0
8 0
mcl16k 16384 1 0 0 1 0 1 1 0
8 0
mcl12k 12288 4 0 0 1 0 1 1 0
8 0
mcl9k 9216 3 0 0 1 0 1 1 0
8 0
mcl8k 8192 2 0 0 1 0 1 1 0
8 0
mcl4k 4096 7 0 0 1 0 1 1 0
8 0
mcl2k2 2112 3 0 0 1 0 1 1 0
8 0
mcl2k 2048 122 0 0 15 0 15 15 0
8 1
mtagpl 80 1 0 0 1 0 1 1 0
8 0
mbufpl 256 171 0 0 10 1 9 10 0
8 0
bufpl 256 6659 0 1122 347 0 347 347 0
8 0
anonpl 16 102059 0 95627 57 26 31 41 0
125 0
amapchunkpl 152 6173 0 6087 15 6 9 9 0
158 5
amappl16 192 3229 0 2893 44 26 18 28 0
8 1
amappl15 184 77 0 73 1 0 1 1 0
8 0
amappl14 176 324 0 314 2 1 1 1 0
8 0
amappl13 168 232 0 229 1 0 1 1 0
8 0
amappl12 160 209 0 202 1 0 1 1 0
8 0
amappl11 152 78 0 67 1 0 1 1 0
8 0
amappl10 144 100 0 100 3 3 0 1 0
8 0
amappl9 136 682 0 679 1 0 1 1 0
8 0
amappl8 128 285 0 267 1 0 1 1 0
8 0
amappl7 120 123 0 117 1 0 1 1 0
8 0
amappl6 112 107 0 101 1 0 1 1 0
8 0
amappl5 104 182 0 171 1 0 1 1 0
8 0
amappl4 96 846 0 818 2 1 1 2 0
8 0
amappl3 88 514 0 495 1 0 1 1 0
8 0
amappl2 80 5181 0 5117 2 0 2 2 0
8 0
amappl1 72 28087 0 27636 24 15 9 19 0
8 0
amappl 72 2317 0 2281 1 0 1 1 0
75 0
dma4096 4096 1 0 1 1 1 0 1 0
8 0
dma256 256 6 0 6 1 1 0 1 0
8 0
dma64 64 259 0 259 1 1 0 1 0
8 0
dma32 32 7 0 7 1 1 0 1 0
8 0
dma16 16 17 0 17 1 1 0 1 0
8 0
aobjpl 64 29 0 3 1 0 1 1 0
8 0
uaddrrnd 24 813 0 796 1 0 1 1 0
8 0
uaddrbest 32 2 0 0 1 0 1 1 0
8 0
uaddr 24 813 0 796 1 0 1 1 0
8 0
vmmpekpl 168 10525 0 10503 2 0 2 2 0
8 0
vmmpepl 168 99545 0 98075 102 33 69 75 0
357 5
vmsppl 360 812 0 796 2 0 2 2 0
8 0
pdppl 4096 1634 0 1592 6 0 6 6 0
8 0
pvpl 32 301291 0 291515 137 44 93 113 0 265
10
pmappl 224 812 0 796 6 5 1 2 0
8 0
extentpl 40 39 0 25 1 0 1 1 0
8 0
phpool 112 500 0 4 15 0 15 15 0
8 0
---
This bug is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this bug report. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
Anton Lindqvist
Mar 26, 2019, 9:50:07 AM3/26/19
to syzbot, syzkaller-o...@googlegroups.com
The assertion has been removed meaning this noise will soon stop.
#syz dup: assert "tname->un_flags & UNVEIL_USERSET" failed in kern_unveil.c
#syz dup: assert "tname->un_flags & UNVEIL_USERSET" failed in kern_unveil.c
Reply all
Reply to author
Forward
0 new messages