panic: ffs_update: bad link cnt (2)
0 views
Skip to first unread message
syzbot
Sep 18, 2023, 7:32:50 AM9/18/23
to syzkaller-o...@googlegroups.com
Hello,
syzbot found the following issue on:
HEAD commit: 649d9dd9bffc clockintr.h: forward-declare "struct cpu_info..
git tree: openbsd
console output: https://syzkaller.appspot.com/x/log.txt?x=14dcae54680000
kernel config: https://syzkaller.appspot.com/x/.config?x=1bc15e68cd2a49e5
dashboard link: https://syzkaller.appspot.com/bug?extid=432bf0268bbc057b7791
Unfortunately, I don't have any reproducer for this issue yet.
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/606a5f8c7181/disk-649d9dd9.raw.xz
bsd.gdb: https://storage.googleapis.com/syzbot-assets/7d4cb7339af1/bsd-649d9dd9.gdb.xz
kernel image: https://storage.googleapis.com/syzbot-assets/ef3e861fff2f/kernel-649d9dd9.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+432bf0...@syzkaller.appspotmail.com
syncing disks...panic: ffs_update: bad link cnt
Starting stack trace...
panic(ffffffff8281d977) at panic+0x159 sys/kern/subr_prf.c:229
ffs_update(fffffd8068242c30,0) at ffs_update+0x313 sys/ufs/ffs/ffs_inode.c:101
VOP_FSYNC(fffffd805b802b10,fffffd807f7d7888,2,ffff8000216edd48) at VOP_FSYNC+0xc9 sys/kern/vfs_vops.c:311
ffs_sync_vnode(fffffd805b802b10,ffff800029a44cc0) at ffs_sync_vnode+0x184 sys/ufs/ffs/ffs_vfsops.c:1187
vfs_mount_foreach_vnode(ffff8000006db000,ffffffff82445670,ffff800029a44cc0) at vfs_mount_foreach_vnode+0x55 sys/kern/vfs_subr.c:910
ffs_sync(ffff8000006db000,2,0,fffffd807f7d7888,ffff8000216edd48) at ffs_sync+0x11f sys/ufs/ffs/ffs_vfsops.c:1238
sys_sync(ffff8000216edd48,0,0) at sys_sync+0xbc sys/kern/vfs_syscalls.c:536
vfs_syncwait(ffff8000216edd48,1) at vfs_syncwait+0x3a
vfs_shutdown(ffff8000216edd48) at vfs_shutdown+0x61 sys/kern/vfs_subr.c:1791
boot(100) at boot+0xbf sys/arch/amd64/amd64/machdep.c:901
reboot(100) at reboot+0x7b
panic(ffffffff82771443) at panic+0x179 sys/kern/subr_prf.c:231
vop_generic_badop(ffff800029a44f78) at vop_generic_badop+0x1f sys/kern/vfs_default.c:133
VOP_STRATEGY(fffffd8058a79e98,fffffd8058975000) at VOP_STRATEGY+0x9f sys/kern/vfs_vops.c:628
bwrite(fffffd8058975000) at bwrite+0x1eb sys/kern/vfs_bio.c:760
VOP_BWRITE(fffffd8058975000) at VOP_BWRITE+0x4e sys/kern/vfs_vops.c:640
ufs_mkdir(ffff800029a45210) at ufs_mkdir+0x6c4 sys/ufs/ufs/ufs_vnops.c:1235
VOP_MKDIR(fffffd8061b508c0,ffff800029a45370,ffff800029a453a0,ffff800029a452a0) at VOP_MKDIR+0xc3 sys/kern/vfs_vops.c:388
domkdirat(ffff8000216edd48,ffffff9c,71e3ef3327d0,1ff) at domkdirat+0x125 sys/kern/vfs_syscalls.c:3073
syscall(ffff800029a45520) at syscall+0x4a8 sys/arch/amd64/amd64/trap.c:623
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x71e3ef332840, count: 236
End of stack trace.
dump to dev 4,1 not possible
rebooting...
SeaBIOS (version 1.8.2-google)
Total RAM Size = 0x0000000080000000 = 2048 MiB
CPUs found: 2 Max CPUs supported: 2
SeaBIOS (version 1.8.2-google)
Machine UUID e4c28bce-9379-8bb2-f2c8-a7cf484f58e0
found virtio-scsi at 0:3
virtio-scsi vendor='Google' product='PersistentDisk' rev='1' type=0 removable=0
virtio-scsi blksize=512 sectors=4194304 = 2048 MiB
drive 0x000f28a0: PCHS=0/0/0 translation=lba LCHS=520/128/63 s=4194304
Sending Seabios boot VM event.
Booting from Hard Disk 0...
>> OpenBSD/amd64 BOOT 3.65
boot> set $lines = 0
set: syntax error
boot> set $maxwidth = 0
set: syntax error
boot> show panic
boot: illegal argument panic
boot> trace
boot> show registers
boot> show proc
boot> ps
boot> show all locks
boot> show malloc
boot> show all pools
boot> machine ddbcpu 0
machine: syntax error
boot> trace
boot> machine ddbcpu 1
machine: syntax error
boot> trace
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
If the bug is already fixed, let syzbot know by replying with:
#syz fix: exact-commit-title
If you want to overwrite bug's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)
If the bug is a duplicate of another bug, reply with:
#syz dup: exact-subject-of-another-report
If you want to undo deduplication, reply with:
#syz undup
syzbot found the following issue on:
HEAD commit: 649d9dd9bffc clockintr.h: forward-declare "struct cpu_info..
git tree: openbsd
console output: https://syzkaller.appspot.com/x/log.txt?x=14dcae54680000
kernel config: https://syzkaller.appspot.com/x/.config?x=1bc15e68cd2a49e5
dashboard link: https://syzkaller.appspot.com/bug?extid=432bf0268bbc057b7791
Unfortunately, I don't have any reproducer for this issue yet.
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/606a5f8c7181/disk-649d9dd9.raw.xz
bsd.gdb: https://storage.googleapis.com/syzbot-assets/7d4cb7339af1/bsd-649d9dd9.gdb.xz
kernel image: https://storage.googleapis.com/syzbot-assets/ef3e861fff2f/kernel-649d9dd9.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+432bf0...@syzkaller.appspotmail.com
syncing disks...panic: ffs_update: bad link cnt
Starting stack trace...
panic(ffffffff8281d977) at panic+0x159 sys/kern/subr_prf.c:229
ffs_update(fffffd8068242c30,0) at ffs_update+0x313 sys/ufs/ffs/ffs_inode.c:101
VOP_FSYNC(fffffd805b802b10,fffffd807f7d7888,2,ffff8000216edd48) at VOP_FSYNC+0xc9 sys/kern/vfs_vops.c:311
ffs_sync_vnode(fffffd805b802b10,ffff800029a44cc0) at ffs_sync_vnode+0x184 sys/ufs/ffs/ffs_vfsops.c:1187
vfs_mount_foreach_vnode(ffff8000006db000,ffffffff82445670,ffff800029a44cc0) at vfs_mount_foreach_vnode+0x55 sys/kern/vfs_subr.c:910
ffs_sync(ffff8000006db000,2,0,fffffd807f7d7888,ffff8000216edd48) at ffs_sync+0x11f sys/ufs/ffs/ffs_vfsops.c:1238
sys_sync(ffff8000216edd48,0,0) at sys_sync+0xbc sys/kern/vfs_syscalls.c:536
vfs_syncwait(ffff8000216edd48,1) at vfs_syncwait+0x3a
vfs_shutdown(ffff8000216edd48) at vfs_shutdown+0x61 sys/kern/vfs_subr.c:1791
boot(100) at boot+0xbf sys/arch/amd64/amd64/machdep.c:901
reboot(100) at reboot+0x7b
panic(ffffffff82771443) at panic+0x179 sys/kern/subr_prf.c:231
vop_generic_badop(ffff800029a44f78) at vop_generic_badop+0x1f sys/kern/vfs_default.c:133
VOP_STRATEGY(fffffd8058a79e98,fffffd8058975000) at VOP_STRATEGY+0x9f sys/kern/vfs_vops.c:628
bwrite(fffffd8058975000) at bwrite+0x1eb sys/kern/vfs_bio.c:760
VOP_BWRITE(fffffd8058975000) at VOP_BWRITE+0x4e sys/kern/vfs_vops.c:640
ufs_mkdir(ffff800029a45210) at ufs_mkdir+0x6c4 sys/ufs/ufs/ufs_vnops.c:1235
VOP_MKDIR(fffffd8061b508c0,ffff800029a45370,ffff800029a453a0,ffff800029a452a0) at VOP_MKDIR+0xc3 sys/kern/vfs_vops.c:388
domkdirat(ffff8000216edd48,ffffff9c,71e3ef3327d0,1ff) at domkdirat+0x125 sys/kern/vfs_syscalls.c:3073
syscall(ffff800029a45520) at syscall+0x4a8 sys/arch/amd64/amd64/trap.c:623
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x71e3ef332840, count: 236
End of stack trace.
dump to dev 4,1 not possible
rebooting...
SeaBIOS (version 1.8.2-google)
Total RAM Size = 0x0000000080000000 = 2048 MiB
CPUs found: 2 Max CPUs supported: 2
SeaBIOS (version 1.8.2-google)
Machine UUID e4c28bce-9379-8bb2-f2c8-a7cf484f58e0
found virtio-scsi at 0:3
virtio-scsi vendor='Google' product='PersistentDisk' rev='1' type=0 removable=0
virtio-scsi blksize=512 sectors=4194304 = 2048 MiB
drive 0x000f28a0: PCHS=0/0/0 translation=lba LCHS=520/128/63 s=4194304
Sending Seabios boot VM event.
Booting from Hard Disk 0...
>> OpenBSD/amd64 BOOT 3.65
boot> set $lines = 0
set: syntax error
boot> set $maxwidth = 0
set: syntax error
boot> show panic
boot: illegal argument panic
boot> trace
boot> show registers
boot> show proc
boot> ps
boot> show all locks
boot> show malloc
boot> show all pools
boot> machine ddbcpu 0
machine: syntax error
boot> trace
boot> machine ddbcpu 1
machine: syntax error
boot> trace
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
If the bug is already fixed, let syzbot know by replying with:
#syz fix: exact-commit-title
If you want to overwrite bug's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)
If the bug is a duplicate of another bug, reply with:
#syz dup: exact-subject-of-another-report
If you want to undo deduplication, reply with:
#syz undup
Reply all
Reply to author
Forward
0 new messages