protection_fault: __x86_indirect_thunk_r11 (2)
0 views
Skip to first unread message
syzbot
Mar 6, 2024, 4:09:24 AMMar 6
to syzkaller-o...@googlegroups.com
Hello,
syzbot found the following issue on:
HEAD commit: cf53fb485466 Ugly workaround to let this compile again on ..
git tree: openbsd
console output: https://syzkaller.appspot.com/x/log.txt?x=11dcc50e180000
kernel config: https://syzkaller.appspot.com/x/.config?x=1bc15e68cd2a49e5
dashboard link: https://syzkaller.appspot.com/bug?extid=96da3c3ca04921c53668
Unfortunately, I don't have any reproducer for this issue yet.
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/359cf38b1f84/disk-cf53fb48.raw.xz
bsd.gdb: https://storage.googleapis.com/syzbot-assets/b17975e053da/bsd-cf53fb48.gdb.xz
kernel image: https://storage.googleapis.com/syzbot-assets/d20df30aaed8/kernel-cf53fb48.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+96da3c...@syzkaller.appspotmail.com
kernel: protection fault trap, code=0
Stopped at __x86_indirect_thunk_r11+0x14: ret
ddb>
ddb> set $lines = 0
ddb> set $maxwidth = 0
ddb> show panic
the kernel did not panic
ddb> trace
__x86_indirect_thunk_r11() at __x86_indirect_thunk_r11+0x14
softclock_thread(ffff80002a57d298) at softclock_thread+0xc4 sys/kern/kern_timeout.c:814
end trace frame: 0x0, count: -2
ddb> show registers
rdi 0xdeaf4152deaf4152
rsi 0
rbp 0xffff80002a589290
rbx 0
rdx 0
rcx 0xffffffff82dda180 timeout_proc
rax 0x9
r8 0x2c
r9 0
r10 0x471690781e88a4dd
r11 0xdeaf4152deaf4152
r12 0xdeaf4152deaf4152
r13 0xffffffff82d28ff0 cpu_info_full_primary+0x1ff0
r14 0xffff8000ffffdd50
r15 0xdeaf4152deaf4152
rip 0xffffffff82595314 __x86_indirect_thunk_r11+0x14
cs 0x8
rflags 0x10246 __ALIGN_SIZE+0xf246
rsp 0xffff80002a589250
ss 0
__x86_indirect_thunk_r11+0x14: ret
ddb> show proc
PROC (softclock) tid=56697 pid=25365 tcnt=1 stat=onproc
flags process=14000<NOZOMBIE,SYSTEM> proc=40000200<SYSTEM,CPUPEG>
runpri=0, usrpri=50, slppri=0, nice=20
wchan=0x0, wmesg=, ps_single=0x0
forw=0xffffffffffffffff, list=0xffff80002a57d7e8,0xffff80002a57d000
process=0xffff8000ffffdd50 user=0xffff80002a584000, vmspace=0xffffffff82e496d8
estcpu=0, cpticks=1, pctcpu=0.0, user=0, sys=1, intr=0
ddb> ps
PID TID PPID UID S FLAGS WAIT COMMAND
56946 214387 73903 0 2 0x2 sh
19740 436211 46993 0 2 0 syz-executor.2
19740 509787 46993 0 3 0x4000080 fsleep syz-executor.2
19740 235066 46993 0 3 0x4000080 fsleep syz-executor.2
89786 381321 12024 0 2 0 syz-executor.5
89786 478857 12024 0 3 0x4000080 fsleep syz-executor.5
6110 385431 4115 0 2 0 syz-executor.0
6110 112285 4115 0 3 0x4000080 fsleep syz-executor.0
73903 447175 26050 0 3 0x82 wait syz-executor.7
39557 71237 31013 0 2 0 syz-executor.1
39557 467726 31013 0 3 0x4000080 fsleep syz-executor.1
39557 407071 31013 0 3 0x4000080 fsleep syz-executor.1
68272 232136 45033 0 2 0 syz-executor.6
68272 164152 45033 0 3 0x4000080 fsleep syz-executor.6
68272 518826 45033 0 3 0x4000080 fsleep syz-executor.6
45864 213954 40689 0 2 0 syz-executor.4
45864 340638 40689 0 3 0x4000080 ttyout syz-executor.4
45864 30665 40689 0 3 0x4000080 fsleep syz-executor.4
45864 389239 40689 0 3 0x4000080 fsleep syz-executor.4
80130 220454 45681 0 2 0x480 syz-executor.3
80130 261742 45681 0 3 0x4000080 netcon syz-executor.3
80130 515239 45681 0 3 0x4000080 fsleep syz-executor.3
31013 22516 26050 0 2 0x482 syz-executor.1
4115 325793 26050 0 2 0x482 syz-executor.0
25226 276228 1 0 3 0x100083 ttyin getty
45681 224407 26050 0 2 0x482 syz-executor.3
40689 29041 26050 0 2 0x482 syz-executor.4
12024 477552 26050 0 2 0x482 syz-executor.5
46993 233587 26050 0 2 0x482 syz-executor.2
64955 36160 0 0 3 0x14280 nfsidl nfsio
30888 439249 0 0 3 0x14280 nfsidl nfsio
95899 248189 0 0 3 0x14280 nfsidl nfsio
90675 376631 0 0 3 0x14280 nfsidl nfsio
91087 158303 0 0 3 0x14280 nfsidl nfsio
52261 74347 0 0 3 0x14280 nfsidl nfsio
7009 64906 0 0 3 0x14280 nfsidl nfsio
50392 330411 0 0 3 0x14280 nfsidl nfsio
13741 276068 0 0 3 0x14280 nfsidl nfsio
7947 245947 0 0 3 0x14280 nfsidl nfsio
68476 415435 0 0 3 0x14280 nfsidl nfsio
9056 437733 0 0 3 0x14280 nfsidl nfsio
94241 79632 0 0 3 0x14280 nfsidl nfsio
68445 309452 0 0 3 0x14280 nfsidl nfsio
46136 54119 0 0 3 0x14280 nfsidl nfsio
94443 172089 0 0 3 0x14280 nfsidl nfsio
4162 464161 0 0 3 0x14280 nfsidl nfsio
93335 12866 0 0 3 0x14280 nfsidl nfsio
95911 393266 0 0 3 0x14280 nfsidl nfsio
31356 151913 0 0 3 0x14280 nfsidl nfsio
45033 172972 26050 0 2 0x482 syz-executor.6
51498 440060 0 0 3 0x14200 bored sosplice
26050 177633 73141 0 3 0x2000082 wait syz-fuzzer
26050 498022 73141 0 3 0x6000082 thrsleep syz-fuzzer
26050 203171 73141 0 3 0x6000082 wait syz-fuzzer
26050 323995 73141 0 3 0x6000082 wait syz-fuzzer
26050 346606 73141 0 3 0x6000082 thrsleep syz-fuzzer
26050 268096 73141 0 3 0x6000082 thrsleep syz-fuzzer
26050 102206 73141 0 3 0x6000082 wait syz-fuzzer
26050 476271 73141 0 3 0x6000082 wait syz-fuzzer
26050 14484 73141 0 3 0x6000082 kqread syz-fuzzer
26050 39265 73141 0 3 0x6000082 wait syz-fuzzer
26050 24522 73141 0 3 0x6000082 thrsleep syz-fuzzer
26050 273679 73141 0 3 0x6000082 wait syz-fuzzer
26050 255821 73141 0 3 0x6000082 wait syz-fuzzer
26050 409878 73141 0 3 0x6000082 thrsleep syz-fuzzer
73141 66327 72376 0 3 0x10008a sigsusp ksh
72376 352398 46596 0 3 0x9a kqread sshd
46596 297498 1 0 3 0x88 kqread sshd
25361 74725 43978 73 3 0x1100090 kqread syslogd
43978 95116 1 0 3 0x100082 netio syslogd
27103 472882 1 0 3 0x100080 kqread resolvd
80715 264391 23151 77 3 0x100092 kqread dhcpleased
69267 40627 23151 77 3 0x100092 kqread dhcpleased
23151 425412 1 0 3 0x80 kqread dhcpleased
19307 208757 0 0 2 0x14200 smr
14453 129448 0 0 2 0x14200 zerothread
48836 37108 0 0 3 0x14200 aiodoned aiodoned
88465 231507 0 0 3 0x14200 syncer update
20352 161449 0 0 3 0x14200 cleaner cleaner
83208 264384 0 0 3 0x14200 reaper reaper
84085 281615 0 0 3 0x14200 pgdaemon pagedaemon
37606 395815 0 0 3 0x14200 bored viomb
90817 402317 0 0 3 0x40014200 acpi0 acpi0
76859 445150 0 0 3 0x14200 bored softnet3
2718 97832 0 0 3 0x14200 bored softnet2
17252 413232 0 0 3 0x14200 bored softnet1
75864 309226 0 0 3 0x14200 bored softnet0
93075 45209 0 0 3 0x14200 bored systqmp
82338 434537 0 0 3 0x14200 bored systq
*25365 56697 0 0 7 0x40014200 softclock
71339 16525 0 0 3 0x40014200 idle0
1 148592 0 0 3 0x80082 wait init
0 0 -1 0 3 0x10200 scheduler swapper
ddb> show all locks
No such command
ddb> show malloc
Type InUse MemUse HighUse Limit Requests Type Lim
devbuf 10280 6561K 9596K 166960K 60647 0
pcb 15 20K 22K 166960K 1668 0
rtable 184 13K 15K 166960K 6603 0
pf 30 9K 10K 166960K 961 0
ifaddr 35 13K 16K 166960K 938 0
ifgroup 51 2K 2K 166960K 1574 0
sysctl 3 1K 1K 166960K 15 0
counters 30 17K 17K 166960K 454 0
ioctlops 0 0K 2K 166960K 2083 0
iov 0 0K 32K 166960K 2990 0
mount 1 1K 1K 166960K 1 0
log 0 0K 0K 166960K 4 0
vnodes 1874 117K 118K 166960K 18195 0
UFS quota 1 32K 32K 166960K 1 0
UFS mount 5 36K 36K 166960K 5 0
shm 2 1K 9K 166960K 302 0
VM map 2 1K 1K 166960K 2 0
sem 12 0K 1K 166960K 3268 0
dirhash 12 2K 2K 166960K 129 0
ACPI 1697 195K 286K 166960K 12548 0
file desc 18 65K 97K 166960K 22775 0
sigio 0 0K 0K 166960K 620 0
proc 58 59K 108K 166960K 5149 0
subproc 104 6K 8K 166960K 2028 0
NFS srvsock 1 0K 0K 166960K 1 0
NFS daemon 1 16K 16K 166960K 1 0
ip_moptions 0 0K 0K 166960K 1851 0
in_multi 67 5K 7K 166960K 1878 0
ether_multi 1 0K 0K 166960K 19 0
mrt 1 0K 0K 166960K 16 0
ISOFS mount 1 32K 32K 166960K 1 0
MSDOSFS mount 1 16K 16K 166960K 1 0
ttys 247 1102K 1102K 166960K 247 0
exec 0 0K 1K 166960K 5002 0
pfkey data 0 0K 4K 166960K 10 0
tdb 3 0K 0K 166960K 3 0
VM swap 8 62K 64K 166960K 10 0
UVM amap 621 939K 940K 166960K 205998 0
UVM aobj 131 7K 7K 166960K 134 0
memdesc 1 4K 4K 166960K 1 0
crypto data 1 1K 1K 166960K 1 0
ip6_options 0 0K 1K 166960K 598 0
NDP 11 0K 1K 166960K 752 0
temp 74 6764K 7396K 166960K 181827 0
kqueue 12 18K 30K 166960K 1676 0
SYN cache 2 192K 200K 166960K 4 0
ddb> show all pools
Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle
rtpcb 120 1547 0 1544 11 8 3 3 0 8 2
rtentry 112 2272 0 2190 4 0 4 4 0 8 1
unpcb 144 15928 0 15908 35 29 6 10 0 8 5
syncache 336 248 0 248 6 5 1 1 0 8 1
tcpqe 32 319 0 319 6 5 1 1 0 8 1
tcpcb 808 7044 0 7020 64 53 11 19 0 8 8
arp 88 423 0 409 1 0 1 1 0 8 0
ipq 40 38 0 38 3 2 1 1 0 8 1
ipqe 40 137 0 137 3 2 1 1 0 8 1
inpcb 360 17769 0 17739 90 78 12 16 0 8 8
nd6 104 492 0 476 1 0 1 1 0 8 0
pkpcb 40 329 0 329 6 5 1 1 0 8 1
kcovpl 48 156 0 148 1 0 1 1 0 8 0
ppxss 1072 128 0 128 6 5 1 1 0 8 1
rttmr 136 2 0 2 1 0 1 1 0 8 1
pool(rttmr): free list modified: page 0xfffffd805722f000; item ordinal 0; addr 0xfffffd805722fe58 (p 0xfffffd805722f000); offset 0x10=0xffffffff
art_heap8 4096 4 0 3 3 2 1 3 0 8 0
art_heap4 256 8116 0 7776 83 53 30 32 0 8 5
art_table 32 8120 0 7779 5 0 5 5 0 8 1
art_node 16 2112 0 2037 1 0 1 1 0 8 0
sysvmsgpl 40 2 0 2 1 1 0 1 0 8 0
semupl 112 5 0 5 1 1 0 1 0 8 0
semapl 112 3262 0 3252 1 0 1 1 0 8 0
shmpl 112 131 0 3 4 0 4 4 0 8 0
dirhash 1024 95 0 78 3 0 3 3 0 8 0
dino2pl 256 31906 0 30198 107 0 107 107 0 8 0
ffsino 240 31906 0 30198 101 0 101 101 0 8 0
nchpl 144 61721 0 60083 63 0 63 63 0 8 0
uvmvnodes 80 10387 0 0 212 0 212 212 0 8 0
vnodes 216 10387 0 0 578 0 578 578 0 8 0
namei 1024 224073 0 224073 7 5 2 3 0 8 2
vcpupl 2048 286 0 1 36 0 36 36 0 8 0
vmpool 664 326 0 41 24 0 24 24 0 8 0
kstatmem 264 870 0 848 2 0 2 2 0 8 0
scxspl 216 213340 0 213340 24 20 4 8 1 8 4
plimitpl 152 2350 0 2334 1 0 1 1 0 8 0
sigapl 424 23072 0 23006 11 3 8 8 0 8 0
futexpl 64 208528 0 208517 1 0 1 1 0 8 0
knotepl 120 212125 0 212041 41 30 11 16 0 8 8
kqueuepl 184 3936 0 3928 24 17 7 7 0 8 6
pipepl 288 3993 0 3965 32 25 7 8 0 8 4
fdescpl 432 22732 0 22703 5 1 4 5 0 8 0
filepl 120 143948 0 143695 49 33 16 21 0 8 7
lockfpl 104 7323 0 7321 6 4 2 2 0 8 1
lockfspl 48 2444 0 2442 1 0 1 1 0 8 0
sessionpl 144 177 0 161 1 0 1 1 0 8 0
pgrppl 48 457 0 441 1 0 1 1 0 8 0
ucredpl 104 21661 0 21644 1 0 1 1 0 8 0
zombiepl 144 23006 0 23006 3 2 1 1 0 8 1
processpl 1072 23072 0 23006 6 1 5 5 0 8 0
procpl 680 55475 0 55383 12 3 9 9 0 8 1
sosppl 168 219 0 219 5 4 1 1 0 8 1
sockpl 488 35641 0 35588 464 447 17 38 0 8 8
mcl64k 65536 981 0 981 7 6 1 1 0 8 1
mcl16k 16384 491 0 491 7 6 1 1 0 8 1
mcl12k 12288 906 0 906 7 6 1 1 0 8 1
mcl9k 9216 381 0 381 7 6 1 1 0 8 1
mcl8k 8192 1528 0 1528 8 7 1 2 0 8 1
mcl4k 4096 2417 0 2417 9 8 1 2 0 8 1
mcl2k2 2112 137 0 137 7 6 1 1 0 8 1
mcl2k 2048 121746 0 121701 54 37 17 29 0 8 8
mtagpl 96 3370 0 3277 27 20 7 10 0 8 2
mbufpl 256 406375 0 406111 1411 1382 29 416 0 8 6
bufpl 280 63449 0 53062 743 0 743 743 0 8 0
anonpl 24 2351490 0 2338812 259 143 116 151 0 188 8
amapchunkpl 152 663151 0 662236 117 72 45 62 0 158 8
amappl16 200 51694 0 51139 124 84 40 43 0 8 8
amappl15 192 178 0 177 1 0 1 1 0 8 0
amappl14 184 649 0 633 2 1 1 2 0 8 0
amappl13 176 39 0 39 4 3 1 1 0 8 1
amappl12 168 25508 0 25477 2 0 2 2 0 8 0
amappl11 160 55 0 45 1 0 1 1 0 8 0
amappl10 152 218 0 203 1 0 1 1 0 8 0
amappl9 144 238 0 238 3 2 1 1 0 8 1
amappl8 136 1035 0 910 5 0 5 5 0 8 0
amappl7 128 552 0 527 2 0 2 2 0 8 0
amappl6 120 2514 0 2502 1 0 1 1 0 8 0
amappl5 112 587 0 576 1 0 1 1 0 8 0
amappl4 104 1521 0 1492 2 1 1 2 0 8 0
amappl3 96 127268 0 127151 4 0 4 4 0 8 1
amappl2 88 24530 0 24454 3 1 2 3 0 8 0
amappl1 80 100018 0 99506 22 10 12 22 0 8 0
amappl 88 203768 0 203457 8 0 8 8 0 92 0
dma4096 4096 1 0 1 1 1 0 1 0 8 0
dma1024 1024 1 0 0 1 0 1 1 0 8 0
dma256 256 6 0 6 1 1 0 1 0 8 0
dma128 128 253 0 253 1 1 0 1 0 8 0
dma64 64 6 0 6 1 1 0 1 0 8 0
dma32 32 7 0 7 1 1 0 1 0 8 0
dma16 16 18 0 17 1 0 1 1 0 8 0
aobjpl 72 133 0 3 3 0 3 3 0 8 0
uaddrrnd 24 23058 0 22744 2 0 2 2 0 8 0
uaddrbest 32 2 0 0 1 0 1 1 0 8 0
uaddr 24 23058 0 22744 2 0 2 2 0 8 0
vmmpekpl 168 155984 0 155883 5 0 5 5 0 8 0
vmmpepl 168 1409839 0 1406937 280 113 167 167 0 357 23
vmsppl 352 23057 0 22744 29 0 29 29 0 8 0
rwobjpl 24 327964 0 315697 75 0 75 75 0 8 0
pdppl 4096 46122 0 45773 1497 1146 351 351 0 8 2
pvpl 32 6601143 0 6582427 579 363 216 363 0 265 27
pmappl 216 23057 0 22744 18 0 18 18 0 8 0
extentpl 40 56 0 38 1 0 1 1 0 8 0
phpool 112 3450 0 2740 28 7 21 24 0 8 0
ddb> machine ddbcpu 0
No such command
ddb> trace
__x86_indirect_thunk_r11() at __x86_indirect_thunk_r11+0x14
softclock_thread(ffff80002a57d298) at softclock_thread+0xc4 sys/kern/kern_timeout.c:814
end trace frame: 0x0, count: -2
ddb> machine ddbcpu 1
No such command
ddb> trace
__x86_indirect_thunk_r11() at __x86_indirect_thunk_r11+0x14
softclock_thread(ffff80002a57d298) at softclock_thread+0xc4 sys/kern/kern_timeout.c:814
end trace frame: 0x0, count: -2
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
If the report is already addressed, let syzbot know by replying with:
#syz fix: exact-commit-title
If you want to overwrite report's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)
If the report is a duplicate of another one, reply with:
#syz dup: exact-subject-of-another-report
If you want to undo deduplication, reply with:
#syz undup
syzbot found the following issue on:
HEAD commit: cf53fb485466 Ugly workaround to let this compile again on ..
git tree: openbsd
console output: https://syzkaller.appspot.com/x/log.txt?x=11dcc50e180000
kernel config: https://syzkaller.appspot.com/x/.config?x=1bc15e68cd2a49e5
dashboard link: https://syzkaller.appspot.com/bug?extid=96da3c3ca04921c53668
Unfortunately, I don't have any reproducer for this issue yet.
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/359cf38b1f84/disk-cf53fb48.raw.xz
bsd.gdb: https://storage.googleapis.com/syzbot-assets/b17975e053da/bsd-cf53fb48.gdb.xz
kernel image: https://storage.googleapis.com/syzbot-assets/d20df30aaed8/kernel-cf53fb48.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+96da3c...@syzkaller.appspotmail.com
kernel: protection fault trap, code=0
Stopped at __x86_indirect_thunk_r11+0x14: ret
ddb>
ddb> set $lines = 0
ddb> set $maxwidth = 0
ddb> show panic
the kernel did not panic
ddb> trace
__x86_indirect_thunk_r11() at __x86_indirect_thunk_r11+0x14
softclock_thread(ffff80002a57d298) at softclock_thread+0xc4 sys/kern/kern_timeout.c:814
end trace frame: 0x0, count: -2
ddb> show registers
rdi 0xdeaf4152deaf4152
rsi 0
rbp 0xffff80002a589290
rbx 0
rdx 0
rcx 0xffffffff82dda180 timeout_proc
rax 0x9
r8 0x2c
r9 0
r10 0x471690781e88a4dd
r11 0xdeaf4152deaf4152
r12 0xdeaf4152deaf4152
r13 0xffffffff82d28ff0 cpu_info_full_primary+0x1ff0
r14 0xffff8000ffffdd50
r15 0xdeaf4152deaf4152
rip 0xffffffff82595314 __x86_indirect_thunk_r11+0x14
cs 0x8
rflags 0x10246 __ALIGN_SIZE+0xf246
rsp 0xffff80002a589250
ss 0
__x86_indirect_thunk_r11+0x14: ret
ddb> show proc
PROC (softclock) tid=56697 pid=25365 tcnt=1 stat=onproc
flags process=14000<NOZOMBIE,SYSTEM> proc=40000200<SYSTEM,CPUPEG>
runpri=0, usrpri=50, slppri=0, nice=20
wchan=0x0, wmesg=, ps_single=0x0
forw=0xffffffffffffffff, list=0xffff80002a57d7e8,0xffff80002a57d000
process=0xffff8000ffffdd50 user=0xffff80002a584000, vmspace=0xffffffff82e496d8
estcpu=0, cpticks=1, pctcpu=0.0, user=0, sys=1, intr=0
ddb> ps
PID TID PPID UID S FLAGS WAIT COMMAND
56946 214387 73903 0 2 0x2 sh
19740 436211 46993 0 2 0 syz-executor.2
19740 509787 46993 0 3 0x4000080 fsleep syz-executor.2
19740 235066 46993 0 3 0x4000080 fsleep syz-executor.2
89786 381321 12024 0 2 0 syz-executor.5
89786 478857 12024 0 3 0x4000080 fsleep syz-executor.5
6110 385431 4115 0 2 0 syz-executor.0
6110 112285 4115 0 3 0x4000080 fsleep syz-executor.0
73903 447175 26050 0 3 0x82 wait syz-executor.7
39557 71237 31013 0 2 0 syz-executor.1
39557 467726 31013 0 3 0x4000080 fsleep syz-executor.1
39557 407071 31013 0 3 0x4000080 fsleep syz-executor.1
68272 232136 45033 0 2 0 syz-executor.6
68272 164152 45033 0 3 0x4000080 fsleep syz-executor.6
68272 518826 45033 0 3 0x4000080 fsleep syz-executor.6
45864 213954 40689 0 2 0 syz-executor.4
45864 340638 40689 0 3 0x4000080 ttyout syz-executor.4
45864 30665 40689 0 3 0x4000080 fsleep syz-executor.4
45864 389239 40689 0 3 0x4000080 fsleep syz-executor.4
80130 220454 45681 0 2 0x480 syz-executor.3
80130 261742 45681 0 3 0x4000080 netcon syz-executor.3
80130 515239 45681 0 3 0x4000080 fsleep syz-executor.3
31013 22516 26050 0 2 0x482 syz-executor.1
4115 325793 26050 0 2 0x482 syz-executor.0
25226 276228 1 0 3 0x100083 ttyin getty
45681 224407 26050 0 2 0x482 syz-executor.3
40689 29041 26050 0 2 0x482 syz-executor.4
12024 477552 26050 0 2 0x482 syz-executor.5
46993 233587 26050 0 2 0x482 syz-executor.2
64955 36160 0 0 3 0x14280 nfsidl nfsio
30888 439249 0 0 3 0x14280 nfsidl nfsio
95899 248189 0 0 3 0x14280 nfsidl nfsio
90675 376631 0 0 3 0x14280 nfsidl nfsio
91087 158303 0 0 3 0x14280 nfsidl nfsio
52261 74347 0 0 3 0x14280 nfsidl nfsio
7009 64906 0 0 3 0x14280 nfsidl nfsio
50392 330411 0 0 3 0x14280 nfsidl nfsio
13741 276068 0 0 3 0x14280 nfsidl nfsio
7947 245947 0 0 3 0x14280 nfsidl nfsio
68476 415435 0 0 3 0x14280 nfsidl nfsio
9056 437733 0 0 3 0x14280 nfsidl nfsio
94241 79632 0 0 3 0x14280 nfsidl nfsio
68445 309452 0 0 3 0x14280 nfsidl nfsio
46136 54119 0 0 3 0x14280 nfsidl nfsio
94443 172089 0 0 3 0x14280 nfsidl nfsio
4162 464161 0 0 3 0x14280 nfsidl nfsio
93335 12866 0 0 3 0x14280 nfsidl nfsio
95911 393266 0 0 3 0x14280 nfsidl nfsio
31356 151913 0 0 3 0x14280 nfsidl nfsio
45033 172972 26050 0 2 0x482 syz-executor.6
51498 440060 0 0 3 0x14200 bored sosplice
26050 177633 73141 0 3 0x2000082 wait syz-fuzzer
26050 498022 73141 0 3 0x6000082 thrsleep syz-fuzzer
26050 203171 73141 0 3 0x6000082 wait syz-fuzzer
26050 323995 73141 0 3 0x6000082 wait syz-fuzzer
26050 346606 73141 0 3 0x6000082 thrsleep syz-fuzzer
26050 268096 73141 0 3 0x6000082 thrsleep syz-fuzzer
26050 102206 73141 0 3 0x6000082 wait syz-fuzzer
26050 476271 73141 0 3 0x6000082 wait syz-fuzzer
26050 14484 73141 0 3 0x6000082 kqread syz-fuzzer
26050 39265 73141 0 3 0x6000082 wait syz-fuzzer
26050 24522 73141 0 3 0x6000082 thrsleep syz-fuzzer
26050 273679 73141 0 3 0x6000082 wait syz-fuzzer
26050 255821 73141 0 3 0x6000082 wait syz-fuzzer
26050 409878 73141 0 3 0x6000082 thrsleep syz-fuzzer
73141 66327 72376 0 3 0x10008a sigsusp ksh
72376 352398 46596 0 3 0x9a kqread sshd
46596 297498 1 0 3 0x88 kqread sshd
25361 74725 43978 73 3 0x1100090 kqread syslogd
43978 95116 1 0 3 0x100082 netio syslogd
27103 472882 1 0 3 0x100080 kqread resolvd
80715 264391 23151 77 3 0x100092 kqread dhcpleased
69267 40627 23151 77 3 0x100092 kqread dhcpleased
23151 425412 1 0 3 0x80 kqread dhcpleased
19307 208757 0 0 2 0x14200 smr
14453 129448 0 0 2 0x14200 zerothread
48836 37108 0 0 3 0x14200 aiodoned aiodoned
88465 231507 0 0 3 0x14200 syncer update
20352 161449 0 0 3 0x14200 cleaner cleaner
83208 264384 0 0 3 0x14200 reaper reaper
84085 281615 0 0 3 0x14200 pgdaemon pagedaemon
37606 395815 0 0 3 0x14200 bored viomb
90817 402317 0 0 3 0x40014200 acpi0 acpi0
76859 445150 0 0 3 0x14200 bored softnet3
2718 97832 0 0 3 0x14200 bored softnet2
17252 413232 0 0 3 0x14200 bored softnet1
75864 309226 0 0 3 0x14200 bored softnet0
93075 45209 0 0 3 0x14200 bored systqmp
82338 434537 0 0 3 0x14200 bored systq
*25365 56697 0 0 7 0x40014200 softclock
71339 16525 0 0 3 0x40014200 idle0
1 148592 0 0 3 0x80082 wait init
0 0 -1 0 3 0x10200 scheduler swapper
ddb> show all locks
No such command
ddb> show malloc
Type InUse MemUse HighUse Limit Requests Type Lim
devbuf 10280 6561K 9596K 166960K 60647 0
pcb 15 20K 22K 166960K 1668 0
rtable 184 13K 15K 166960K 6603 0
pf 30 9K 10K 166960K 961 0
ifaddr 35 13K 16K 166960K 938 0
ifgroup 51 2K 2K 166960K 1574 0
sysctl 3 1K 1K 166960K 15 0
counters 30 17K 17K 166960K 454 0
ioctlops 0 0K 2K 166960K 2083 0
iov 0 0K 32K 166960K 2990 0
mount 1 1K 1K 166960K 1 0
log 0 0K 0K 166960K 4 0
vnodes 1874 117K 118K 166960K 18195 0
UFS quota 1 32K 32K 166960K 1 0
UFS mount 5 36K 36K 166960K 5 0
shm 2 1K 9K 166960K 302 0
VM map 2 1K 1K 166960K 2 0
sem 12 0K 1K 166960K 3268 0
dirhash 12 2K 2K 166960K 129 0
ACPI 1697 195K 286K 166960K 12548 0
file desc 18 65K 97K 166960K 22775 0
sigio 0 0K 0K 166960K 620 0
proc 58 59K 108K 166960K 5149 0
subproc 104 6K 8K 166960K 2028 0
NFS srvsock 1 0K 0K 166960K 1 0
NFS daemon 1 16K 16K 166960K 1 0
ip_moptions 0 0K 0K 166960K 1851 0
in_multi 67 5K 7K 166960K 1878 0
ether_multi 1 0K 0K 166960K 19 0
mrt 1 0K 0K 166960K 16 0
ISOFS mount 1 32K 32K 166960K 1 0
MSDOSFS mount 1 16K 16K 166960K 1 0
ttys 247 1102K 1102K 166960K 247 0
exec 0 0K 1K 166960K 5002 0
pfkey data 0 0K 4K 166960K 10 0
tdb 3 0K 0K 166960K 3 0
VM swap 8 62K 64K 166960K 10 0
UVM amap 621 939K 940K 166960K 205998 0
UVM aobj 131 7K 7K 166960K 134 0
memdesc 1 4K 4K 166960K 1 0
crypto data 1 1K 1K 166960K 1 0
ip6_options 0 0K 1K 166960K 598 0
NDP 11 0K 1K 166960K 752 0
temp 74 6764K 7396K 166960K 181827 0
kqueue 12 18K 30K 166960K 1676 0
SYN cache 2 192K 200K 166960K 4 0
ddb> show all pools
Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle
rtpcb 120 1547 0 1544 11 8 3 3 0 8 2
rtentry 112 2272 0 2190 4 0 4 4 0 8 1
unpcb 144 15928 0 15908 35 29 6 10 0 8 5
syncache 336 248 0 248 6 5 1 1 0 8 1
tcpqe 32 319 0 319 6 5 1 1 0 8 1
tcpcb 808 7044 0 7020 64 53 11 19 0 8 8
arp 88 423 0 409 1 0 1 1 0 8 0
ipq 40 38 0 38 3 2 1 1 0 8 1
ipqe 40 137 0 137 3 2 1 1 0 8 1
inpcb 360 17769 0 17739 90 78 12 16 0 8 8
nd6 104 492 0 476 1 0 1 1 0 8 0
pkpcb 40 329 0 329 6 5 1 1 0 8 1
kcovpl 48 156 0 148 1 0 1 1 0 8 0
ppxss 1072 128 0 128 6 5 1 1 0 8 1
rttmr 136 2 0 2 1 0 1 1 0 8 1
pool(rttmr): free list modified: page 0xfffffd805722f000; item ordinal 0; addr 0xfffffd805722fe58 (p 0xfffffd805722f000); offset 0x10=0xffffffff
art_heap8 4096 4 0 3 3 2 1 3 0 8 0
art_heap4 256 8116 0 7776 83 53 30 32 0 8 5
art_table 32 8120 0 7779 5 0 5 5 0 8 1
art_node 16 2112 0 2037 1 0 1 1 0 8 0
sysvmsgpl 40 2 0 2 1 1 0 1 0 8 0
semupl 112 5 0 5 1 1 0 1 0 8 0
semapl 112 3262 0 3252 1 0 1 1 0 8 0
shmpl 112 131 0 3 4 0 4 4 0 8 0
dirhash 1024 95 0 78 3 0 3 3 0 8 0
dino2pl 256 31906 0 30198 107 0 107 107 0 8 0
ffsino 240 31906 0 30198 101 0 101 101 0 8 0
nchpl 144 61721 0 60083 63 0 63 63 0 8 0
uvmvnodes 80 10387 0 0 212 0 212 212 0 8 0
vnodes 216 10387 0 0 578 0 578 578 0 8 0
namei 1024 224073 0 224073 7 5 2 3 0 8 2
vcpupl 2048 286 0 1 36 0 36 36 0 8 0
vmpool 664 326 0 41 24 0 24 24 0 8 0
kstatmem 264 870 0 848 2 0 2 2 0 8 0
scxspl 216 213340 0 213340 24 20 4 8 1 8 4
plimitpl 152 2350 0 2334 1 0 1 1 0 8 0
sigapl 424 23072 0 23006 11 3 8 8 0 8 0
futexpl 64 208528 0 208517 1 0 1 1 0 8 0
knotepl 120 212125 0 212041 41 30 11 16 0 8 8
kqueuepl 184 3936 0 3928 24 17 7 7 0 8 6
pipepl 288 3993 0 3965 32 25 7 8 0 8 4
fdescpl 432 22732 0 22703 5 1 4 5 0 8 0
filepl 120 143948 0 143695 49 33 16 21 0 8 7
lockfpl 104 7323 0 7321 6 4 2 2 0 8 1
lockfspl 48 2444 0 2442 1 0 1 1 0 8 0
sessionpl 144 177 0 161 1 0 1 1 0 8 0
pgrppl 48 457 0 441 1 0 1 1 0 8 0
ucredpl 104 21661 0 21644 1 0 1 1 0 8 0
zombiepl 144 23006 0 23006 3 2 1 1 0 8 1
processpl 1072 23072 0 23006 6 1 5 5 0 8 0
procpl 680 55475 0 55383 12 3 9 9 0 8 1
sosppl 168 219 0 219 5 4 1 1 0 8 1
sockpl 488 35641 0 35588 464 447 17 38 0 8 8
mcl64k 65536 981 0 981 7 6 1 1 0 8 1
mcl16k 16384 491 0 491 7 6 1 1 0 8 1
mcl12k 12288 906 0 906 7 6 1 1 0 8 1
mcl9k 9216 381 0 381 7 6 1 1 0 8 1
mcl8k 8192 1528 0 1528 8 7 1 2 0 8 1
mcl4k 4096 2417 0 2417 9 8 1 2 0 8 1
mcl2k2 2112 137 0 137 7 6 1 1 0 8 1
mcl2k 2048 121746 0 121701 54 37 17 29 0 8 8
mtagpl 96 3370 0 3277 27 20 7 10 0 8 2
mbufpl 256 406375 0 406111 1411 1382 29 416 0 8 6
bufpl 280 63449 0 53062 743 0 743 743 0 8 0
anonpl 24 2351490 0 2338812 259 143 116 151 0 188 8
amapchunkpl 152 663151 0 662236 117 72 45 62 0 158 8
amappl16 200 51694 0 51139 124 84 40 43 0 8 8
amappl15 192 178 0 177 1 0 1 1 0 8 0
amappl14 184 649 0 633 2 1 1 2 0 8 0
amappl13 176 39 0 39 4 3 1 1 0 8 1
amappl12 168 25508 0 25477 2 0 2 2 0 8 0
amappl11 160 55 0 45 1 0 1 1 0 8 0
amappl10 152 218 0 203 1 0 1 1 0 8 0
amappl9 144 238 0 238 3 2 1 1 0 8 1
amappl8 136 1035 0 910 5 0 5 5 0 8 0
amappl7 128 552 0 527 2 0 2 2 0 8 0
amappl6 120 2514 0 2502 1 0 1 1 0 8 0
amappl5 112 587 0 576 1 0 1 1 0 8 0
amappl4 104 1521 0 1492 2 1 1 2 0 8 0
amappl3 96 127268 0 127151 4 0 4 4 0 8 1
amappl2 88 24530 0 24454 3 1 2 3 0 8 0
amappl1 80 100018 0 99506 22 10 12 22 0 8 0
amappl 88 203768 0 203457 8 0 8 8 0 92 0
dma4096 4096 1 0 1 1 1 0 1 0 8 0
dma1024 1024 1 0 0 1 0 1 1 0 8 0
dma256 256 6 0 6 1 1 0 1 0 8 0
dma128 128 253 0 253 1 1 0 1 0 8 0
dma64 64 6 0 6 1 1 0 1 0 8 0
dma32 32 7 0 7 1 1 0 1 0 8 0
dma16 16 18 0 17 1 0 1 1 0 8 0
aobjpl 72 133 0 3 3 0 3 3 0 8 0
uaddrrnd 24 23058 0 22744 2 0 2 2 0 8 0
uaddrbest 32 2 0 0 1 0 1 1 0 8 0
uaddr 24 23058 0 22744 2 0 2 2 0 8 0
vmmpekpl 168 155984 0 155883 5 0 5 5 0 8 0
vmmpepl 168 1409839 0 1406937 280 113 167 167 0 357 23
vmsppl 352 23057 0 22744 29 0 29 29 0 8 0
rwobjpl 24 327964 0 315697 75 0 75 75 0 8 0
pdppl 4096 46122 0 45773 1497 1146 351 351 0 8 2
pvpl 32 6601143 0 6582427 579 363 216 363 0 265 27
pmappl 216 23057 0 22744 18 0 18 18 0 8 0
extentpl 40 56 0 38 1 0 1 1 0 8 0
phpool 112 3450 0 2740 28 7 21 24 0 8 0
ddb> machine ddbcpu 0
No such command
ddb> trace
__x86_indirect_thunk_r11() at __x86_indirect_thunk_r11+0x14
softclock_thread(ffff80002a57d298) at softclock_thread+0xc4 sys/kern/kern_timeout.c:814
end trace frame: 0x0, count: -2
ddb> machine ddbcpu 1
No such command
ddb> trace
__x86_indirect_thunk_r11() at __x86_indirect_thunk_r11+0x14
softclock_thread(ffff80002a57d298) at softclock_thread+0xc4 sys/kern/kern_timeout.c:814
end trace frame: 0x0, count: -2
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
If the report is already addressed, let syzbot know by replying with:
#syz fix: exact-commit-title
If you want to overwrite report's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)
If the report is a duplicate of another one, reply with:
#syz dup: exact-subject-of-another-report
If you want to undo deduplication, reply with:
#syz undup
Reply all
Reply to author
Forward
0 new messages