panic: Non dma-reachable buffer at curaddr ADDR(raw) (2)
0 views
Skip to first unread message
syzbot
Nov 21, 2023, 6:35:49 AM11/21/23
to syzkaller-o...@googlegroups.com
Hello,
syzbot found the following issue on:
HEAD commit: 075cc07cd6bf drm/syncobj: fix DRM_SYNCOBJ_WAIT_FLAGS_WAIT_..
git tree: openbsd
console output: https://syzkaller.appspot.com/x/log.txt?x=1238cf24e80000
kernel config: https://syzkaller.appspot.com/x/.config?x=1bc15e68cd2a49e5
dashboard link: https://syzkaller.appspot.com/bug?extid=7ef6cbe277777a02245d
Unfortunately, I don't have any reproducer for this issue yet.
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/b842664d991f/disk-075cc07c.raw.xz
bsd.gdb: https://storage.googleapis.com/syzbot-assets/13f4185f2301/bsd-075cc07c.gdb.xz
kernel image: https://storage.googleapis.com/syzbot-assets/13a9838427b2/kernel-075cc07c.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+7ef6cb...@syzkaller.appspotmail.com
panic: Non dma-reachable buffer at curaddr 0xffff80002e8cc0c0(raw)
Stopped at db_enter+0x1c: addq $0x8,%rsp
TID PID UID PRFLAGS PFLAGS CPU COMMAND
*231833 85271 0 0x2 0 0 syz-executor.4
db_enter() at db_enter+0x1c sys/arch/amd64/amd64/db_interface.c:437
panic(ffffffff827ef538) at panic+0x165 sys/kern/subr_prf.c:198
_bus_dmamap_load_buffer(ffff80002e8cc150,ffff80000018dc00,ffff80000d4af000,800,0,401,c673ff85b0c2a718,800,ffff80000018dc00) at _bus_dmamap_load_buffer+0x386 sys/arch/amd64/amd64/bus_dma.c:589
_bus_dmamap_load(ffffffff82bdfdf0,ffff80000018dc00,ffff80000d4af000,800,0,401) at _bus_dmamap_load+0x9b sys/arch/amd64/amd64/bus_dma.c:179
vioscsi_scsi_cmd(fffffd8067d05a60) at vioscsi_scsi_cmd+0x1b0 sys/dev/pv/vioscsi.c:220
sdstart(fffffd8067d05a60) at sdstart+0x40e sys/scsi/sd.c:709
scsi_iopool_run(ffff8000000a2048) at scsi_iopool_run+0x10a scsi_ioh_pending sys/scsi/scsi_base.c:407 [inline]
scsi_iopool_run(ffff8000000a2048) at scsi_iopool_run+0x10a sys/scsi/scsi_base.c:423
scsi_xsh_runqueue(ffff80000002f800) at scsi_xsh_runqueue+0x203 sys/scsi/scsi_base.c:600
scsi_xsh_add(ffff800000024b80) at scsi_xsh_add+0xcd sys/scsi/scsi_base.c:538
sdstrategy(fffffd805a678b80) at sdstrategy+0x187 sys/scsi/sd.c:567
spec_strategy(ffff80002e8cc418) at spec_strategy+0x79 sys/kern/spec_vnops.c:451
VOP_STRATEGY(fffffd807efcfaf8,fffffd805a678b80) at VOP_STRATEGY+0x9f sys/kern/vfs_vops.c:628
ufs_strategy(ffff80002e8cc4c8) at ufs_strategy+0x15e
VOP_STRATEGY(fffffd807222bb50,fffffd805a678b80) at VOP_STRATEGY+0x9f sys/kern/vfs_vops.c:628
end trace frame: 0xffff80002e8cc570, count: 0
https://www.openbsd.org/ddb.html describes the minimum info required in bug
reports. Insufficient info makes it difficult to find and fix bugs.
ddb>
ddb> set $lines = 0
ddb> set $maxwidth = 0
ddb> show panic
*cpu0: Non dma-reachable buffer at curaddr 0xffff80002e8cc0c0(raw)
ddb> trace
db_enter() at db_enter+0x1c sys/arch/amd64/amd64/db_interface.c:437
panic(ffffffff827ef538) at panic+0x165 sys/kern/subr_prf.c:198
_bus_dmamap_load_buffer(ffff80002e8cc150,ffff80000018dc00,ffff80000d4af000,800,0,401,c673ff85b0c2a718,800,ffff80000018dc00) at _bus_dmamap_load_buffer+0x386 sys/arch/amd64/amd64/bus_dma.c:589
_bus_dmamap_load(ffffffff82bdfdf0,ffff80000018dc00,ffff80000d4af000,800,0,401) at _bus_dmamap_load+0x9b sys/arch/amd64/amd64/bus_dma.c:179
vioscsi_scsi_cmd(fffffd8067d05a60) at vioscsi_scsi_cmd+0x1b0 sys/dev/pv/vioscsi.c:220
sdstart(fffffd8067d05a60) at sdstart+0x40e sys/scsi/sd.c:709
scsi_iopool_run(ffff8000000a2048) at scsi_iopool_run+0x10a scsi_ioh_pending sys/scsi/scsi_base.c:407 [inline]
scsi_iopool_run(ffff8000000a2048) at scsi_iopool_run+0x10a sys/scsi/scsi_base.c:423
scsi_xsh_runqueue(ffff80000002f800) at scsi_xsh_runqueue+0x203 sys/scsi/scsi_base.c:600
scsi_xsh_add(ffff800000024b80) at scsi_xsh_add+0xcd sys/scsi/scsi_base.c:538
sdstrategy(fffffd805a678b80) at sdstrategy+0x187 sys/scsi/sd.c:567
spec_strategy(ffff80002e8cc418) at spec_strategy+0x79 sys/kern/spec_vnops.c:451
VOP_STRATEGY(fffffd807efcfaf8,fffffd805a678b80) at VOP_STRATEGY+0x9f sys/kern/vfs_vops.c:628
ufs_strategy(ffff80002e8cc4c8) at ufs_strategy+0x15e
VOP_STRATEGY(fffffd807222bb50,fffffd805a678b80) at VOP_STRATEGY+0x9f sys/kern/vfs_vops.c:628
bwrite(fffffd805a678b80) at bwrite+0x1eb sys/kern/vfs_bio.c:760
VOP_BWRITE(fffffd805a678b80) at VOP_BWRITE+0x4e sys/kern/vfs_vops.c:640
ufs_mkdir(ffff80002e8cc760) at ufs_mkdir+0x6c4 sys/ufs/ufs/ufs_vnops.c:1235
VOP_MKDIR(fffffd80736ab978,ffff80002e8cc8c0,ffff80002e8cc8f0,ffff80002e8cc7f0) at VOP_MKDIR+0xc3 sys/kern/vfs_vops.c:388
domkdirat(ffff800024b71550,ffffff9c,7891bcd397d0,1ff) at domkdirat+0x125 sys/kern/vfs_syscalls.c:3073
syscall(ffff80002e8cca70) at syscall+0x4a8 sys/arch/amd64/amd64/trap.c:623
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x7891bcd39840, count: -21
ddb> show registers
rdi 0
rsi 0x1
rbp 0xffff80002e8cbfd0
rbx 0
rdx 0
rcx 0
rax 0xffff800024b71550
r8 0x101010101010101
r9 0x8080808080808080
r10 0x7567d32a07cb5e93
r11 0x36bdabecaeb223f9
r12 0
r13 0
r14 0
r15 0x1
rip 0xffffffff821011dc db_enter+0x1c
cs 0x8
rflags 0x246
rsp 0xffff80002e8cbfc0
ss 0x10
db_enter+0x1c: addq $0x8,%rsp
ddb> show proc
PROC (syz-executor.4) tid=231833 pid=85271 tcnt=1 stat=onproc
flags process=2<EXEC> proc=0
runpri=17, usrpri=83, slppri=17, nice=20
wchan=0x0, wmesg=, ps_single=0x0
forw=0xffffffffffffffff, list=0xffff800024b71000,0xffff800021688570
process=0xffff8000ffff5b90 user=0xffff80002e8c7000, vmspace=0xfffffd8073a2ea38
estcpu=36, cpticks=2, pctcpu=0.0, user=0, sys=1, intr=0
ddb> ps
PID TID PPID UID S FLAGS WAIT COMMAND
77961 228152 80343 0 2 0 syz-executor.1
77961 127992 80343 0 2 0x4000000 syz-executor.1
77961 45516 80343 0 2 0x4000000 syz-executor.1
77961 409673 80343 0 2 0x4000000 syz-executor.1
5357 327003 24369 0 2 0x480 syz-executor.0
5357 466684 24369 0 3 0x4000080 fifor syz-executor.0
5357 164858 24369 0 3 0x4000080 fsleep syz-executor.0
5357 146712 24369 0 3 0x4000080 fsleep syz-executor.0
55601 11622 62588 0 2 0 syz-executor.7
55601 331426 62588 0 3 0x4000080 fsleep syz-executor.7
55601 307018 62588 0 3 0x4000080 fsleep syz-executor.7
10242 395098 46395 0 2 0 syz-executor.6
10242 182625 46395 0 3 0x4000080 netcon syz-executor.6
10242 452041 46395 0 3 0x4000080 bell syz-executor.6
36389 360914 1054 0 2 0x2 syz-executor.2
*85271 231833 1054 0 7 0x2 syz-executor.4
35269 182814 1054 0 2 0x2 syz-executor.5
85114 413044 0 0 3 0x14280 nfsidl nfsio
7629 420768 0 0 3 0x14280 nfsidl nfsio
87431 176944 0 0 3 0x14280 nfsidl nfsio
77080 294667 0 0 3 0x14280 nfsidl nfsio
41167 262903 0 0 3 0x14280 nfsidl nfsio
57843 183202 0 0 3 0x14280 nfsidl nfsio
7069 13618 0 0 3 0x14280 nfsidl nfsio
58161 340254 0 0 3 0x14280 nfsidl nfsio
97561 493738 0 0 3 0x14280 nfsidl nfsio
68959 190816 0 0 3 0x14280 nfsidl nfsio
8805 334756 0 0 3 0x14280 nfsidl nfsio
60494 104311 0 0 3 0x14280 nfsidl nfsio
13429 194197 0 0 3 0x14280 nfsidl nfsio
44207 474504 0 0 3 0x14280 nfsidl nfsio
96287 158428 0 0 3 0x14280 nfsidl nfsio
27423 110396 0 0 3 0x14280 nfsidl nfsio
95178 374095 0 0 3 0x14280 nfsidl nfsio
31566 242521 0 0 3 0x14280 nfsidl nfsio
57399 296886 0 0 3 0x14280 nfsidl nfsio
25940 36855 0 0 3 0x14280 nfsidl nfsio
24369 351616 1054 0 2 0x482 syz-executor.0
80343 283636 1054 0 2 0x482 syz-executor.1
78860 197586 1054 0 2 0x482 syz-executor.3
46395 18237 1054 0 2 0x482 syz-executor.6
83842 518852 1 0 3 0x100083 ttyin getty
96967 403358 0 0 3 0x14200 acct acct
68270 400861 0 0 3 0x14200 bored sosplice
62588 323089 1054 0 2 0x482 syz-executor.7
1054 29204 74907 0 3 0x2000082 thrsleep syz-fuzzer
1054 158775 74907 0 2 0x6000482 syz-fuzzer
1054 323213 74907 0 3 0x6000082 wait syz-fuzzer
1054 444458 74907 0 3 0x6000082 wait syz-fuzzer
1054 499428 74907 0 3 0x6000082 thrsleep syz-fuzzer
1054 227790 74907 0 3 0x6000082 wait syz-fuzzer
1054 72920 74907 0 3 0x6000082 kqread syz-fuzzer
1054 353462 74907 0 3 0x6000082 wait syz-fuzzer
1054 508257 74907 0 3 0x6000082 wait syz-fuzzer
1054 238440 74907 0 3 0x6000082 wait syz-fuzzer
1054 149948 74907 0 3 0x6000082 thrsleep syz-fuzzer
1054 117666 74907 0 3 0x6000082 wait syz-fuzzer
1054 44524 74907 0 3 0x6000082 thrsleep syz-fuzzer
1054 308715 74907 0 3 0x6000082 wait syz-fuzzer
74907 441296 10604 0 3 0x10008a sigsusp ksh
10604 26737 6853 0 3 0x9a kqread sshd
6853 152454 1 0 3 0x88 kqread sshd
96146 116859 37072 73 3 0x1100090 kqread syslogd
37072 476040 1 0 3 0x100082 netio syslogd
17928 96888 1 0 3 0x100080 kqread resolvd
71644 402808 65412 77 3 0x100092 kqread dhcpleased
78416 348723 65412 77 3 0x100092 kqread dhcpleased
65412 201989 1 0 3 0x80 kqread dhcpleased
79456 189287 0 0 3 0x14200 bored smr
86783 211093 0 0 2 0x14200 zerothread
87453 294161 0 0 3 0x14200 aiodoned aiodoned
8719 46506 0 0 3 0x14200 syncer update
11290 118525 0 0 3 0x14200 cleaner cleaner
55585 114758 0 0 3 0x14200 reaper reaper
57700 149228 0 0 3 0x14200 pgdaemon pagedaemon
57804 74297 0 0 3 0x14200 bored viomb
64820 173345 0 0 3 0x40014200 acpi0 acpi0
15131 289861 0 0 3 0x14200 bored softnet3
79972 141596 0 0 3 0x14200 bored softnet2
53279 169781 0 0 3 0x14200 bored softnet1
9729 140636 0 0 3 0x14200 bored softnet0
1083 94571 0 0 3 0x14200 bored systqmp
34640 422036 0 0 3 0x14200 bored systq
42935 187219 0 0 2 0x40014200 softclock
25555 564 0 0 3 0x40014200 idle0
1 238086 0 0 3 0x80082 wait init
0 0 -1 0 3 0x10200 scheduler swapper
ddb> show all locks
No such command
ddb> show malloc
Type InUse MemUse HighUse Limit Requests Type Lim
devbuf 10205 6417K 7451K 78643K 33270 0
pcb 13 16K 18K 78643K 538 0
rtable 246 15K 15K 78643K 1068 0
pf 29 8K 9K 78643K 150 0
ifaddr 43 12K 12K 78643K 155 0
ifgroup 50 2K 2K 78643K 251 0
sysctl 4 1K 1K 78643K 5 0
counters 28 17K 17K 78643K 81 0
ioctlops 0 0K 2K 78643K 441 0
iov 0 0K 36K 78643K 887 0
mount 1 1K 1K 78643K 1 0
log 0 0K 0K 78643K 4 0
vnodes 1469 92K 92K 78643K 7935 0
UFS quota 1 32K 32K 78643K 1 0
UFS mount 5 36K 36K 78643K 5 0
shm 2 1K 9K 78643K 113 0
VM map 2 1K 1K 78643K 2 0
sem 10 1K 1K 78643K 23 0
dirhash 12 2K 2K 78643K 21 0
ACPI 1697 195K 286K 78643K 12548 0
file desc 14 49K 69K 78643K 14965 0
sigio 0 0K 0K 78643K 103 0
proc 58 59K 83K 78643K 1552 0
subproc 104 6K 6K 78643K 327 0
NFS srvsock 1 0K 0K 78643K 1 0
NFS daemon 1 16K 16K 78643K 1 0
ip_moptions 0 0K 0K 78643K 276 0
in_multi 99 7K 7K 78643K 370 0
ether_multi 1 0K 0K 78643K 8 0
mrt 0 0K 0K 78643K 7 0
ISOFS mount 1 32K 32K 78643K 1 0
MSDOSFS mount 1 16K 16K 78643K 1 0
ttys 247 1102K 1102K 78643K 247 0
exec 0 0K 1K 78643K 1154 0
pfkey data 0 0K 0K 78643K 1 0
tdb 3 0K 0K 78643K 3 0
pagedep 1 8K 8K 78643K 1 0
inodedep 1 32K 32K 78643K 1 0
newblk 1 0K 0K 78643K 1 0
VM swap 8 62K 64K 78643K 10 0
UVM amap 479 238K 242K 78643K 137505 0
UVM aobj 131 4K 4K 78643K 147 0
memdesc 1 4K 4K 78643K 1 0
crypto data 1 1K 1K 78643K 1 0
ip6_options 0 0K 0K 78643K 247 0
NDP 11 0K 2K 78643K 114 0
temp 75 5916K 6044K 78643K 320394 0
kqueue 13 20K 26K 78643K 459 0
SYN cache 2 2456K 2464K 78643K 4 0
ddb> show all pools
Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle
rtpcb 120 295 0 292 3 2 1 3 0 8 0
rtentry 112 309 0 196 4 0 4 4 0 8 0
unpcb 144 9227 0 9204 113 112 1 10 0 8 0
syncache 312 112 0 112 19 19 0 1 0 8 0
tcpqe 32 517 0 517 15 15 0 1 0 8 0
tcpcb 808 2855 0 2845 84 82 2 11 0 8 0
arp 88 54 0 35 1 0 1 1 0 8 0
ipq 40 11 0 11 4 4 0 1 0 8 0
ipqe 40 25 0 25 4 4 0 1 0 8 0
inpcb 336 9877 0 9860 191 189 2 13 0 8 0
nd6 104 82 0 56 1 0 1 1 0 8 0
pkpcb 40 139 0 139 4 4 0 2 0 8 0
kcovpl 48 25 0 17 1 0 1 1 0 8 0
ppxss 1160 13 0 13 5 5 0 1 0 8 0
art_heap8 4096 1 0 0 1 0 1 1 0 8 0
art_heap4 256 1238 0 772 30 0 30 30 0 8 0
art_table 32 1239 0 772 4 0 4 4 0 8 0
art_node 16 306 0 203 1 0 1 1 0 8 0
sysvmsgpl 40 45 0 26 3 2 1 1 0 8 0
semupl 112 8 0 8 1 1 0 1 0 8 0
semapl 112 8 0 0 1 0 1 1 0 8 0
shmpl 112 144 0 16 4 0 4 4 0 8 0
dirhash 1024 23 0 6 3 0 3 3 0 8 0
dino2pl 256 20431 0 18756 105 0 105 105 0 8 0
ffsino 240 20431 0 18756 99 0 99 99 0 8 0
nchpl 144 40939 0 39303 63 0 63 63 0 8 0
uvmvnodes 80 7235 0 0 148 0 148 148 0 8 0
vnodes 216 7235 0 0 402 0 402 402 0 8 0
namei 1024 130997 0 130994 20 19 1 3 0 8 0
vcpupl 2048 38 0 2 5 0 5 5 0 8 0
vmpool 664 45 0 9 3 0 3 3 0 8 0
kstatmem 264 128 0 106 2 0 2 2 0 8 0
scxspl 216 124722 0 124721 22 21 1 8 1 8 0
plimitpl 152 2393 0 2378 1 0 1 1 0 8 0
sigapl 424 15252 0 15188 8 0 8 8 0 8 0
futexpl 64 117045 0 117041 10 9 1 1 0 8 0
knotepl 120 132606 0 132526 34 31 3 18 0 8 0
kqueuepl 184 1164 0 1155 16 15 1 7 0 8 0
pipepl 288 1751 0 1723 44 41 3 7 0 8 1
fdescpl 432 15214 0 15189 4 0 4 4 0 8 0
filepl 120 76024 0 75774 145 136 9 15 0 8 0
lockfpl 104 3087 0 3082 6 5 1 2 0 8 0
lockfspl 48 1224 0 1219 1 0 1 1 0 8 0
sessionpl 144 43 0 27 1 0 1 1 0 8 0
pgrppl 48 131 0 115 1 0 1 1 0 8 0
ucredpl 104 10057 0 10046 1 0 1 1 0 8 0
zombiepl 144 15189 0 15188 4 3 1 1 0 8 0
processpl 1008 15252 0 15188 10 1 9 9 0 8 0
procpl 680 36724 0 36637 20 12 8 9 0 8 0
sosppl 168 594 0 591 32 31 1 1 0 8 0
sockpl 456 19539 0 19499 554 549 5 35 0 8 0
mcl64k 65536 463 0 463 43 42 1 1 0 8 1
mcl16k 16384 207 0 207 39 38 1 1 0 8 1
mcl12k 12288 576 0 572 39 38 1 1 0 8 0
mcl9k 9216 208 0 208 46 45 1 1 0 8 1
mcl8k 8192 656 0 656 43 42 1 1 0 8 1
mcl4k 4096 1070 0 1070 41 40 1 1 0 8 1
mcl2k2 2112 99 0 99 36 35 1 1 0 8 1
mcl2k 2048 69609 0 69504 138 122 16 20 0 8 1
mtagpl 96 1542 0 1135 19 5 14 17 0 8 0
mbufpl 256 226215 0 225069 278 203 75 92 0 8 0
bufpl 288 29261 0 22025 517 0 517 517 0 8 0
anonpl 24 1271625 0 1260563 251 171 80 95 0 188 0
amapchunkpl 152 431006 0 430279 144 112 32 43 0 158 1
amappl16 200 25342 0 24987 179 160 19 34 0 8 0
amappl14 184 195 0 182 2 1 1 2 0 8 0
amappl13 176 1 0 0 1 0 1 1 0 8 0
amappl12 168 16081 0 16050 2 0 2 2 0 8 0
amappl11 160 40 0 30 1 0 1 1 0 8 0
amappl10 152 34 0 24 2 1 1 1 0 8 0
amappl9 144 76 0 74 1 0 1 1 0 8 0
amappl8 136 785 0 604 7 0 7 7 0 8 0
amappl7 128 216 0 194 2 0 2 2 0 8 0
amappl6 120 595 0 576 1 0 1 1 0 8 0
amappl5 112 346 0 337 1 0 1 1 0 8 0
amappl4 104 704 0 672 2 1 1 2 0 8 0
amappl3 96 87139 0 87050 3 0 3 3 0 8 0
amappl2 88 16174 0 16096 3 1 2 3 0 8 0
amappl1 80 61737 0 61229 22 10 12 22 0 8 0
amappl 88 136516 0 136298 8 2 6 6 0 92 0
dma4096 4096 1 0 1 1 1 0 1 0 8 0
dma1024 1024 1 0 0 1 0 1 1 0 8 0
dma256 256 6 0 6 1 1 0 1 0 8 0
dma128 128 253 0 253 1 1 0 1 0 8 0
dma64 64 6 0 6 1 1 0 1 0 8 0
dma32 32 7 0 7 1 1 0 1 0 8 0
dma16 16 18 0 17 1 0 1 1 0 8 0
aobjpl 72 146 0 16 3 0 3 3 0 8 0
uaddrrnd 24 15259 0 15198 1 0 1 1 0 8 0
uaddrbest 32 2 0 0 1 0 1 1 0 8 0
uaddr 24 15259 0 15198 1 0 1 1 0 8 0
vmmpekpl 168 96928 0 96860 4 0 4 4 0 8 0
vmmpepl 168 869538 0 867312 335 226 109 122 0 357 0
vmsppl 368 15258 0 15198 6 0 6 6 0 8 0
rwobjpl 24 201634 0 192774 60 6 54 55 0 8 0
pdppl 4096 30524 0 30432 835 735 100 100 0 8 8
pvpl 32 4253628 0 4236945 543 395 148 321 0 265 0
pmappl 216 15258 0 15198 5 1 4 4 0 8 0
extentpl 40 56 0 38 1 0 1 1 0 8 0
phpool 112 2564 0 1586 29 1 28 28 0 8 0
ddb> machine ddbcpu 0
No such command
ddb> trace
db_enter() at db_enter+0x1c sys/arch/amd64/amd64/db_interface.c:437
panic(ffffffff827ef538) at panic+0x165 sys/kern/subr_prf.c:198
_bus_dmamap_load_buffer(ffff80002e8cc150,ffff80000018dc00,ffff80000d4af000,800,0,401,c673ff85b0c2a718,800,ffff80000018dc00) at _bus_dmamap_load_buffer+0x386 sys/arch/amd64/amd64/bus_dma.c:589
_bus_dmamap_load(ffffffff82bdfdf0,ffff80000018dc00,ffff80000d4af000,800,0,401) at _bus_dmamap_load+0x9b sys/arch/amd64/amd64/bus_dma.c:179
vioscsi_scsi_cmd(fffffd8067d05a60) at vioscsi_scsi_cmd+0x1b0 sys/dev/pv/vioscsi.c:220
sdstart(fffffd8067d05a60) at sdstart+0x40e sys/scsi/sd.c:709
scsi_iopool_run(ffff8000000a2048) at scsi_iopool_run+0x10a scsi_ioh_pending sys/scsi/scsi_base.c:407 [inline]
scsi_iopool_run(ffff8000000a2048) at scsi_iopool_run+0x10a sys/scsi/scsi_base.c:423
scsi_xsh_runqueue(ffff80000002f800) at scsi_xsh_runqueue+0x203 sys/scsi/scsi_base.c:600
scsi_xsh_add(ffff800000024b80) at scsi_xsh_add+0xcd sys/scsi/scsi_base.c:538
sdstrategy(fffffd805a678b80) at sdstrategy+0x187 sys/scsi/sd.c:567
spec_strategy(ffff80002e8cc418) at spec_strategy+0x79 sys/kern/spec_vnops.c:451
VOP_STRATEGY(fffffd807efcfaf8,fffffd805a678b80) at VOP_STRATEGY+0x9f sys/kern/vfs_vops.c:628
ufs_strategy(ffff80002e8cc4c8) at ufs_strategy+0x15e
VOP_STRATEGY(fffffd807222bb50,fffffd805a678b80) at VOP_STRATEGY+0x9f sys/kern/vfs_vops.c:628
bwrite(fffffd805a678b80) at bwrite+0x1eb sys/kern/vfs_bio.c:760
VOP_BWRITE(fffffd805a678b80) at VOP_BWRITE+0x4e sys/kern/vfs_vops.c:640
ufs_mkdir(ffff80002e8cc760) at ufs_mkdir+0x6c4 sys/ufs/ufs/ufs_vnops.c:1235
VOP_MKDIR(fffffd80736ab978,ffff80002e8cc8c0,ffff80002e8cc8f0,ffff80002e8cc7f0) at VOP_MKDIR+0xc3 sys/kern/vfs_vops.c:388
domkdirat(ffff800024b71550,ffffff9c,7891bcd397d0,1ff) at domkdirat+0x125 sys/kern/vfs_syscalls.c:3073
syscall(ffff80002e8cca70) at syscall+0x4a8 sys/arch/amd64/amd64/trap.c:623
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x7891bcd39840, count: -21
ddb> machine ddbcpu 1
No such command
ddb> trace
db_enter() at db_enter+0x1c sys/arch/amd64/amd64/db_interface.c:437
panic(ffffffff827ef538) at panic+0x165 sys/kern/subr_prf.c:198
_bus_dmamap_load_buffer(ffff80002e8cc150,ffff80000018dc00,ffff80000d4af000,800,0,401,c673ff85b0c2a718,800,ffff80000018dc00) at _bus_dmamap_load_buffer+0x386 sys/arch/amd64/amd64/bus_dma.c:589
_bus_dmamap_load(ffffffff82bdfdf0,ffff80000018dc00,ffff80000d4af000,800,0,401) at _bus_dmamap_load+0x9b sys/arch/amd64/amd64/bus_dma.c:179
vioscsi_scsi_cmd(fffffd8067d05a60) at vioscsi_scsi_cmd+0x1b0 sys/dev/pv/vioscsi.c:220
sdstart(fffffd8067d05a60) at sdstart+0x40e sys/scsi/sd.c:709
scsi_iopool_run(ffff8000000a2048) at scsi_iopool_run+0x10a scsi_ioh_pending sys/scsi/scsi_base.c:407 [inline]
scsi_iopool_run(ffff8000000a2048) at scsi_iopool_run+0x10a sys/scsi/scsi_base.c:423
scsi_xsh_runqueue(ffff80000002f800) at scsi_xsh_runqueue+0x203 sys/scsi/scsi_base.c:600
scsi_xsh_add(ffff800000024b80) at scsi_xsh_add+0xcd sys/scsi/scsi_base.c:538
sdstrategy(fffffd805a678b80) at sdstrategy+0x187 sys/scsi/sd.c:567
spec_strategy(ffff80002e8cc418) at spec_strategy+0x79 sys/kern/spec_vnops.c:451
VOP_STRATEGY(fffffd807efcfaf8,fffffd805a678b80) at VOP_STRATEGY+0x9f sys/kern/vfs_vops.c:628
ufs_strategy(ffff80002e8cc4c8) at ufs_strategy+0x15e
VOP_STRATEGY(fffffd807222bb50,fffffd805a678b80) at VOP_STRATEGY+0x9f sys/kern/vfs_vops.c:628
bwrite(fffffd805a678b80) at bwrite+0x1eb sys/kern/vfs_bio.c:760
VOP_BWRITE(fffffd805a678b80) at VOP_BWRITE+0x4e sys/kern/vfs_vops.c:640
ufs_mkdir(ffff80002e8cc760) at ufs_mkdir+0x6c4 sys/ufs/ufs/ufs_vnops.c:1235
VOP_MKDIR(fffffd80736ab978,ffff80002e8cc8c0,ffff80002e8cc8f0,ffff80002e8cc7f0) at VOP_MKDIR+0xc3 sys/kern/vfs_vops.c:388
domkdirat(ffff800024b71550,ffffff9c,7891bcd397d0,1ff) at domkdirat+0x125 sys/kern/vfs_syscalls.c:3073
syscall(ffff80002e8cca70) at syscall+0x4a8 sys/arch/amd64/amd64/trap.c:623
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x7891bcd39840, count: -21
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
If the report is already addressed, let syzbot know by replying with:
#syz fix: exact-commit-title
If you want to overwrite report's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)
If the report is a duplicate of another one, reply with:
#syz dup: exact-subject-of-another-report
If you want to undo deduplication, reply with:
#syz undup
syzbot found the following issue on:
HEAD commit: 075cc07cd6bf drm/syncobj: fix DRM_SYNCOBJ_WAIT_FLAGS_WAIT_..
git tree: openbsd
console output: https://syzkaller.appspot.com/x/log.txt?x=1238cf24e80000
kernel config: https://syzkaller.appspot.com/x/.config?x=1bc15e68cd2a49e5
dashboard link: https://syzkaller.appspot.com/bug?extid=7ef6cbe277777a02245d
Unfortunately, I don't have any reproducer for this issue yet.
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/b842664d991f/disk-075cc07c.raw.xz
bsd.gdb: https://storage.googleapis.com/syzbot-assets/13f4185f2301/bsd-075cc07c.gdb.xz
kernel image: https://storage.googleapis.com/syzbot-assets/13a9838427b2/kernel-075cc07c.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+7ef6cb...@syzkaller.appspotmail.com
panic: Non dma-reachable buffer at curaddr 0xffff80002e8cc0c0(raw)
Stopped at db_enter+0x1c: addq $0x8,%rsp
TID PID UID PRFLAGS PFLAGS CPU COMMAND
*231833 85271 0 0x2 0 0 syz-executor.4
db_enter() at db_enter+0x1c sys/arch/amd64/amd64/db_interface.c:437
panic(ffffffff827ef538) at panic+0x165 sys/kern/subr_prf.c:198
_bus_dmamap_load_buffer(ffff80002e8cc150,ffff80000018dc00,ffff80000d4af000,800,0,401,c673ff85b0c2a718,800,ffff80000018dc00) at _bus_dmamap_load_buffer+0x386 sys/arch/amd64/amd64/bus_dma.c:589
_bus_dmamap_load(ffffffff82bdfdf0,ffff80000018dc00,ffff80000d4af000,800,0,401) at _bus_dmamap_load+0x9b sys/arch/amd64/amd64/bus_dma.c:179
vioscsi_scsi_cmd(fffffd8067d05a60) at vioscsi_scsi_cmd+0x1b0 sys/dev/pv/vioscsi.c:220
sdstart(fffffd8067d05a60) at sdstart+0x40e sys/scsi/sd.c:709
scsi_iopool_run(ffff8000000a2048) at scsi_iopool_run+0x10a scsi_ioh_pending sys/scsi/scsi_base.c:407 [inline]
scsi_iopool_run(ffff8000000a2048) at scsi_iopool_run+0x10a sys/scsi/scsi_base.c:423
scsi_xsh_runqueue(ffff80000002f800) at scsi_xsh_runqueue+0x203 sys/scsi/scsi_base.c:600
scsi_xsh_add(ffff800000024b80) at scsi_xsh_add+0xcd sys/scsi/scsi_base.c:538
sdstrategy(fffffd805a678b80) at sdstrategy+0x187 sys/scsi/sd.c:567
spec_strategy(ffff80002e8cc418) at spec_strategy+0x79 sys/kern/spec_vnops.c:451
VOP_STRATEGY(fffffd807efcfaf8,fffffd805a678b80) at VOP_STRATEGY+0x9f sys/kern/vfs_vops.c:628
ufs_strategy(ffff80002e8cc4c8) at ufs_strategy+0x15e
VOP_STRATEGY(fffffd807222bb50,fffffd805a678b80) at VOP_STRATEGY+0x9f sys/kern/vfs_vops.c:628
end trace frame: 0xffff80002e8cc570, count: 0
https://www.openbsd.org/ddb.html describes the minimum info required in bug
reports. Insufficient info makes it difficult to find and fix bugs.
ddb>
ddb> set $lines = 0
ddb> set $maxwidth = 0
ddb> show panic
*cpu0: Non dma-reachable buffer at curaddr 0xffff80002e8cc0c0(raw)
ddb> trace
db_enter() at db_enter+0x1c sys/arch/amd64/amd64/db_interface.c:437
panic(ffffffff827ef538) at panic+0x165 sys/kern/subr_prf.c:198
_bus_dmamap_load_buffer(ffff80002e8cc150,ffff80000018dc00,ffff80000d4af000,800,0,401,c673ff85b0c2a718,800,ffff80000018dc00) at _bus_dmamap_load_buffer+0x386 sys/arch/amd64/amd64/bus_dma.c:589
_bus_dmamap_load(ffffffff82bdfdf0,ffff80000018dc00,ffff80000d4af000,800,0,401) at _bus_dmamap_load+0x9b sys/arch/amd64/amd64/bus_dma.c:179
vioscsi_scsi_cmd(fffffd8067d05a60) at vioscsi_scsi_cmd+0x1b0 sys/dev/pv/vioscsi.c:220
sdstart(fffffd8067d05a60) at sdstart+0x40e sys/scsi/sd.c:709
scsi_iopool_run(ffff8000000a2048) at scsi_iopool_run+0x10a scsi_ioh_pending sys/scsi/scsi_base.c:407 [inline]
scsi_iopool_run(ffff8000000a2048) at scsi_iopool_run+0x10a sys/scsi/scsi_base.c:423
scsi_xsh_runqueue(ffff80000002f800) at scsi_xsh_runqueue+0x203 sys/scsi/scsi_base.c:600
scsi_xsh_add(ffff800000024b80) at scsi_xsh_add+0xcd sys/scsi/scsi_base.c:538
sdstrategy(fffffd805a678b80) at sdstrategy+0x187 sys/scsi/sd.c:567
spec_strategy(ffff80002e8cc418) at spec_strategy+0x79 sys/kern/spec_vnops.c:451
VOP_STRATEGY(fffffd807efcfaf8,fffffd805a678b80) at VOP_STRATEGY+0x9f sys/kern/vfs_vops.c:628
ufs_strategy(ffff80002e8cc4c8) at ufs_strategy+0x15e
VOP_STRATEGY(fffffd807222bb50,fffffd805a678b80) at VOP_STRATEGY+0x9f sys/kern/vfs_vops.c:628
bwrite(fffffd805a678b80) at bwrite+0x1eb sys/kern/vfs_bio.c:760
VOP_BWRITE(fffffd805a678b80) at VOP_BWRITE+0x4e sys/kern/vfs_vops.c:640
ufs_mkdir(ffff80002e8cc760) at ufs_mkdir+0x6c4 sys/ufs/ufs/ufs_vnops.c:1235
VOP_MKDIR(fffffd80736ab978,ffff80002e8cc8c0,ffff80002e8cc8f0,ffff80002e8cc7f0) at VOP_MKDIR+0xc3 sys/kern/vfs_vops.c:388
domkdirat(ffff800024b71550,ffffff9c,7891bcd397d0,1ff) at domkdirat+0x125 sys/kern/vfs_syscalls.c:3073
syscall(ffff80002e8cca70) at syscall+0x4a8 sys/arch/amd64/amd64/trap.c:623
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x7891bcd39840, count: -21
ddb> show registers
rdi 0
rsi 0x1
rbp 0xffff80002e8cbfd0
rbx 0
rdx 0
rcx 0
rax 0xffff800024b71550
r8 0x101010101010101
r9 0x8080808080808080
r10 0x7567d32a07cb5e93
r11 0x36bdabecaeb223f9
r12 0
r13 0
r14 0
r15 0x1
rip 0xffffffff821011dc db_enter+0x1c
cs 0x8
rflags 0x246
rsp 0xffff80002e8cbfc0
ss 0x10
db_enter+0x1c: addq $0x8,%rsp
ddb> show proc
PROC (syz-executor.4) tid=231833 pid=85271 tcnt=1 stat=onproc
flags process=2<EXEC> proc=0
runpri=17, usrpri=83, slppri=17, nice=20
wchan=0x0, wmesg=, ps_single=0x0
forw=0xffffffffffffffff, list=0xffff800024b71000,0xffff800021688570
process=0xffff8000ffff5b90 user=0xffff80002e8c7000, vmspace=0xfffffd8073a2ea38
estcpu=36, cpticks=2, pctcpu=0.0, user=0, sys=1, intr=0
ddb> ps
PID TID PPID UID S FLAGS WAIT COMMAND
77961 228152 80343 0 2 0 syz-executor.1
77961 127992 80343 0 2 0x4000000 syz-executor.1
77961 45516 80343 0 2 0x4000000 syz-executor.1
77961 409673 80343 0 2 0x4000000 syz-executor.1
5357 327003 24369 0 2 0x480 syz-executor.0
5357 466684 24369 0 3 0x4000080 fifor syz-executor.0
5357 164858 24369 0 3 0x4000080 fsleep syz-executor.0
5357 146712 24369 0 3 0x4000080 fsleep syz-executor.0
55601 11622 62588 0 2 0 syz-executor.7
55601 331426 62588 0 3 0x4000080 fsleep syz-executor.7
55601 307018 62588 0 3 0x4000080 fsleep syz-executor.7
10242 395098 46395 0 2 0 syz-executor.6
10242 182625 46395 0 3 0x4000080 netcon syz-executor.6
10242 452041 46395 0 3 0x4000080 bell syz-executor.6
36389 360914 1054 0 2 0x2 syz-executor.2
*85271 231833 1054 0 7 0x2 syz-executor.4
35269 182814 1054 0 2 0x2 syz-executor.5
85114 413044 0 0 3 0x14280 nfsidl nfsio
7629 420768 0 0 3 0x14280 nfsidl nfsio
87431 176944 0 0 3 0x14280 nfsidl nfsio
77080 294667 0 0 3 0x14280 nfsidl nfsio
41167 262903 0 0 3 0x14280 nfsidl nfsio
57843 183202 0 0 3 0x14280 nfsidl nfsio
7069 13618 0 0 3 0x14280 nfsidl nfsio
58161 340254 0 0 3 0x14280 nfsidl nfsio
97561 493738 0 0 3 0x14280 nfsidl nfsio
68959 190816 0 0 3 0x14280 nfsidl nfsio
8805 334756 0 0 3 0x14280 nfsidl nfsio
60494 104311 0 0 3 0x14280 nfsidl nfsio
13429 194197 0 0 3 0x14280 nfsidl nfsio
44207 474504 0 0 3 0x14280 nfsidl nfsio
96287 158428 0 0 3 0x14280 nfsidl nfsio
27423 110396 0 0 3 0x14280 nfsidl nfsio
95178 374095 0 0 3 0x14280 nfsidl nfsio
31566 242521 0 0 3 0x14280 nfsidl nfsio
57399 296886 0 0 3 0x14280 nfsidl nfsio
25940 36855 0 0 3 0x14280 nfsidl nfsio
24369 351616 1054 0 2 0x482 syz-executor.0
80343 283636 1054 0 2 0x482 syz-executor.1
78860 197586 1054 0 2 0x482 syz-executor.3
46395 18237 1054 0 2 0x482 syz-executor.6
83842 518852 1 0 3 0x100083 ttyin getty
96967 403358 0 0 3 0x14200 acct acct
68270 400861 0 0 3 0x14200 bored sosplice
62588 323089 1054 0 2 0x482 syz-executor.7
1054 29204 74907 0 3 0x2000082 thrsleep syz-fuzzer
1054 158775 74907 0 2 0x6000482 syz-fuzzer
1054 323213 74907 0 3 0x6000082 wait syz-fuzzer
1054 444458 74907 0 3 0x6000082 wait syz-fuzzer
1054 499428 74907 0 3 0x6000082 thrsleep syz-fuzzer
1054 227790 74907 0 3 0x6000082 wait syz-fuzzer
1054 72920 74907 0 3 0x6000082 kqread syz-fuzzer
1054 353462 74907 0 3 0x6000082 wait syz-fuzzer
1054 508257 74907 0 3 0x6000082 wait syz-fuzzer
1054 238440 74907 0 3 0x6000082 wait syz-fuzzer
1054 149948 74907 0 3 0x6000082 thrsleep syz-fuzzer
1054 117666 74907 0 3 0x6000082 wait syz-fuzzer
1054 44524 74907 0 3 0x6000082 thrsleep syz-fuzzer
1054 308715 74907 0 3 0x6000082 wait syz-fuzzer
74907 441296 10604 0 3 0x10008a sigsusp ksh
10604 26737 6853 0 3 0x9a kqread sshd
6853 152454 1 0 3 0x88 kqread sshd
96146 116859 37072 73 3 0x1100090 kqread syslogd
37072 476040 1 0 3 0x100082 netio syslogd
17928 96888 1 0 3 0x100080 kqread resolvd
71644 402808 65412 77 3 0x100092 kqread dhcpleased
78416 348723 65412 77 3 0x100092 kqread dhcpleased
65412 201989 1 0 3 0x80 kqread dhcpleased
79456 189287 0 0 3 0x14200 bored smr
86783 211093 0 0 2 0x14200 zerothread
87453 294161 0 0 3 0x14200 aiodoned aiodoned
8719 46506 0 0 3 0x14200 syncer update
11290 118525 0 0 3 0x14200 cleaner cleaner
55585 114758 0 0 3 0x14200 reaper reaper
57700 149228 0 0 3 0x14200 pgdaemon pagedaemon
57804 74297 0 0 3 0x14200 bored viomb
64820 173345 0 0 3 0x40014200 acpi0 acpi0
15131 289861 0 0 3 0x14200 bored softnet3
79972 141596 0 0 3 0x14200 bored softnet2
53279 169781 0 0 3 0x14200 bored softnet1
9729 140636 0 0 3 0x14200 bored softnet0
1083 94571 0 0 3 0x14200 bored systqmp
34640 422036 0 0 3 0x14200 bored systq
42935 187219 0 0 2 0x40014200 softclock
25555 564 0 0 3 0x40014200 idle0
1 238086 0 0 3 0x80082 wait init
0 0 -1 0 3 0x10200 scheduler swapper
ddb> show all locks
No such command
ddb> show malloc
Type InUse MemUse HighUse Limit Requests Type Lim
devbuf 10205 6417K 7451K 78643K 33270 0
pcb 13 16K 18K 78643K 538 0
rtable 246 15K 15K 78643K 1068 0
pf 29 8K 9K 78643K 150 0
ifaddr 43 12K 12K 78643K 155 0
ifgroup 50 2K 2K 78643K 251 0
sysctl 4 1K 1K 78643K 5 0
counters 28 17K 17K 78643K 81 0
ioctlops 0 0K 2K 78643K 441 0
iov 0 0K 36K 78643K 887 0
mount 1 1K 1K 78643K 1 0
log 0 0K 0K 78643K 4 0
vnodes 1469 92K 92K 78643K 7935 0
UFS quota 1 32K 32K 78643K 1 0
UFS mount 5 36K 36K 78643K 5 0
shm 2 1K 9K 78643K 113 0
VM map 2 1K 1K 78643K 2 0
sem 10 1K 1K 78643K 23 0
dirhash 12 2K 2K 78643K 21 0
ACPI 1697 195K 286K 78643K 12548 0
file desc 14 49K 69K 78643K 14965 0
sigio 0 0K 0K 78643K 103 0
proc 58 59K 83K 78643K 1552 0
subproc 104 6K 6K 78643K 327 0
NFS srvsock 1 0K 0K 78643K 1 0
NFS daemon 1 16K 16K 78643K 1 0
ip_moptions 0 0K 0K 78643K 276 0
in_multi 99 7K 7K 78643K 370 0
ether_multi 1 0K 0K 78643K 8 0
mrt 0 0K 0K 78643K 7 0
ISOFS mount 1 32K 32K 78643K 1 0
MSDOSFS mount 1 16K 16K 78643K 1 0
ttys 247 1102K 1102K 78643K 247 0
exec 0 0K 1K 78643K 1154 0
pfkey data 0 0K 0K 78643K 1 0
tdb 3 0K 0K 78643K 3 0
pagedep 1 8K 8K 78643K 1 0
inodedep 1 32K 32K 78643K 1 0
newblk 1 0K 0K 78643K 1 0
VM swap 8 62K 64K 78643K 10 0
UVM amap 479 238K 242K 78643K 137505 0
UVM aobj 131 4K 4K 78643K 147 0
memdesc 1 4K 4K 78643K 1 0
crypto data 1 1K 1K 78643K 1 0
ip6_options 0 0K 0K 78643K 247 0
NDP 11 0K 2K 78643K 114 0
temp 75 5916K 6044K 78643K 320394 0
kqueue 13 20K 26K 78643K 459 0
SYN cache 2 2456K 2464K 78643K 4 0
ddb> show all pools
Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle
rtpcb 120 295 0 292 3 2 1 3 0 8 0
rtentry 112 309 0 196 4 0 4 4 0 8 0
unpcb 144 9227 0 9204 113 112 1 10 0 8 0
syncache 312 112 0 112 19 19 0 1 0 8 0
tcpqe 32 517 0 517 15 15 0 1 0 8 0
tcpcb 808 2855 0 2845 84 82 2 11 0 8 0
arp 88 54 0 35 1 0 1 1 0 8 0
ipq 40 11 0 11 4 4 0 1 0 8 0
ipqe 40 25 0 25 4 4 0 1 0 8 0
inpcb 336 9877 0 9860 191 189 2 13 0 8 0
nd6 104 82 0 56 1 0 1 1 0 8 0
pkpcb 40 139 0 139 4 4 0 2 0 8 0
kcovpl 48 25 0 17 1 0 1 1 0 8 0
ppxss 1160 13 0 13 5 5 0 1 0 8 0
art_heap8 4096 1 0 0 1 0 1 1 0 8 0
art_heap4 256 1238 0 772 30 0 30 30 0 8 0
art_table 32 1239 0 772 4 0 4 4 0 8 0
art_node 16 306 0 203 1 0 1 1 0 8 0
sysvmsgpl 40 45 0 26 3 2 1 1 0 8 0
semupl 112 8 0 8 1 1 0 1 0 8 0
semapl 112 8 0 0 1 0 1 1 0 8 0
shmpl 112 144 0 16 4 0 4 4 0 8 0
dirhash 1024 23 0 6 3 0 3 3 0 8 0
dino2pl 256 20431 0 18756 105 0 105 105 0 8 0
ffsino 240 20431 0 18756 99 0 99 99 0 8 0
nchpl 144 40939 0 39303 63 0 63 63 0 8 0
uvmvnodes 80 7235 0 0 148 0 148 148 0 8 0
vnodes 216 7235 0 0 402 0 402 402 0 8 0
namei 1024 130997 0 130994 20 19 1 3 0 8 0
vcpupl 2048 38 0 2 5 0 5 5 0 8 0
vmpool 664 45 0 9 3 0 3 3 0 8 0
kstatmem 264 128 0 106 2 0 2 2 0 8 0
scxspl 216 124722 0 124721 22 21 1 8 1 8 0
plimitpl 152 2393 0 2378 1 0 1 1 0 8 0
sigapl 424 15252 0 15188 8 0 8 8 0 8 0
futexpl 64 117045 0 117041 10 9 1 1 0 8 0
knotepl 120 132606 0 132526 34 31 3 18 0 8 0
kqueuepl 184 1164 0 1155 16 15 1 7 0 8 0
pipepl 288 1751 0 1723 44 41 3 7 0 8 1
fdescpl 432 15214 0 15189 4 0 4 4 0 8 0
filepl 120 76024 0 75774 145 136 9 15 0 8 0
lockfpl 104 3087 0 3082 6 5 1 2 0 8 0
lockfspl 48 1224 0 1219 1 0 1 1 0 8 0
sessionpl 144 43 0 27 1 0 1 1 0 8 0
pgrppl 48 131 0 115 1 0 1 1 0 8 0
ucredpl 104 10057 0 10046 1 0 1 1 0 8 0
zombiepl 144 15189 0 15188 4 3 1 1 0 8 0
processpl 1008 15252 0 15188 10 1 9 9 0 8 0
procpl 680 36724 0 36637 20 12 8 9 0 8 0
sosppl 168 594 0 591 32 31 1 1 0 8 0
sockpl 456 19539 0 19499 554 549 5 35 0 8 0
mcl64k 65536 463 0 463 43 42 1 1 0 8 1
mcl16k 16384 207 0 207 39 38 1 1 0 8 1
mcl12k 12288 576 0 572 39 38 1 1 0 8 0
mcl9k 9216 208 0 208 46 45 1 1 0 8 1
mcl8k 8192 656 0 656 43 42 1 1 0 8 1
mcl4k 4096 1070 0 1070 41 40 1 1 0 8 1
mcl2k2 2112 99 0 99 36 35 1 1 0 8 1
mcl2k 2048 69609 0 69504 138 122 16 20 0 8 1
mtagpl 96 1542 0 1135 19 5 14 17 0 8 0
mbufpl 256 226215 0 225069 278 203 75 92 0 8 0
bufpl 288 29261 0 22025 517 0 517 517 0 8 0
anonpl 24 1271625 0 1260563 251 171 80 95 0 188 0
amapchunkpl 152 431006 0 430279 144 112 32 43 0 158 1
amappl16 200 25342 0 24987 179 160 19 34 0 8 0
amappl14 184 195 0 182 2 1 1 2 0 8 0
amappl13 176 1 0 0 1 0 1 1 0 8 0
amappl12 168 16081 0 16050 2 0 2 2 0 8 0
amappl11 160 40 0 30 1 0 1 1 0 8 0
amappl10 152 34 0 24 2 1 1 1 0 8 0
amappl9 144 76 0 74 1 0 1 1 0 8 0
amappl8 136 785 0 604 7 0 7 7 0 8 0
amappl7 128 216 0 194 2 0 2 2 0 8 0
amappl6 120 595 0 576 1 0 1 1 0 8 0
amappl5 112 346 0 337 1 0 1 1 0 8 0
amappl4 104 704 0 672 2 1 1 2 0 8 0
amappl3 96 87139 0 87050 3 0 3 3 0 8 0
amappl2 88 16174 0 16096 3 1 2 3 0 8 0
amappl1 80 61737 0 61229 22 10 12 22 0 8 0
amappl 88 136516 0 136298 8 2 6 6 0 92 0
dma4096 4096 1 0 1 1 1 0 1 0 8 0
dma1024 1024 1 0 0 1 0 1 1 0 8 0
dma256 256 6 0 6 1 1 0 1 0 8 0
dma128 128 253 0 253 1 1 0 1 0 8 0
dma64 64 6 0 6 1 1 0 1 0 8 0
dma32 32 7 0 7 1 1 0 1 0 8 0
dma16 16 18 0 17 1 0 1 1 0 8 0
aobjpl 72 146 0 16 3 0 3 3 0 8 0
uaddrrnd 24 15259 0 15198 1 0 1 1 0 8 0
uaddrbest 32 2 0 0 1 0 1 1 0 8 0
uaddr 24 15259 0 15198 1 0 1 1 0 8 0
vmmpekpl 168 96928 0 96860 4 0 4 4 0 8 0
vmmpepl 168 869538 0 867312 335 226 109 122 0 357 0
vmsppl 368 15258 0 15198 6 0 6 6 0 8 0
rwobjpl 24 201634 0 192774 60 6 54 55 0 8 0
pdppl 4096 30524 0 30432 835 735 100 100 0 8 8
pvpl 32 4253628 0 4236945 543 395 148 321 0 265 0
pmappl 216 15258 0 15198 5 1 4 4 0 8 0
extentpl 40 56 0 38 1 0 1 1 0 8 0
phpool 112 2564 0 1586 29 1 28 28 0 8 0
ddb> machine ddbcpu 0
No such command
ddb> trace
db_enter() at db_enter+0x1c sys/arch/amd64/amd64/db_interface.c:437
panic(ffffffff827ef538) at panic+0x165 sys/kern/subr_prf.c:198
_bus_dmamap_load_buffer(ffff80002e8cc150,ffff80000018dc00,ffff80000d4af000,800,0,401,c673ff85b0c2a718,800,ffff80000018dc00) at _bus_dmamap_load_buffer+0x386 sys/arch/amd64/amd64/bus_dma.c:589
_bus_dmamap_load(ffffffff82bdfdf0,ffff80000018dc00,ffff80000d4af000,800,0,401) at _bus_dmamap_load+0x9b sys/arch/amd64/amd64/bus_dma.c:179
vioscsi_scsi_cmd(fffffd8067d05a60) at vioscsi_scsi_cmd+0x1b0 sys/dev/pv/vioscsi.c:220
sdstart(fffffd8067d05a60) at sdstart+0x40e sys/scsi/sd.c:709
scsi_iopool_run(ffff8000000a2048) at scsi_iopool_run+0x10a scsi_ioh_pending sys/scsi/scsi_base.c:407 [inline]
scsi_iopool_run(ffff8000000a2048) at scsi_iopool_run+0x10a sys/scsi/scsi_base.c:423
scsi_xsh_runqueue(ffff80000002f800) at scsi_xsh_runqueue+0x203 sys/scsi/scsi_base.c:600
scsi_xsh_add(ffff800000024b80) at scsi_xsh_add+0xcd sys/scsi/scsi_base.c:538
sdstrategy(fffffd805a678b80) at sdstrategy+0x187 sys/scsi/sd.c:567
spec_strategy(ffff80002e8cc418) at spec_strategy+0x79 sys/kern/spec_vnops.c:451
VOP_STRATEGY(fffffd807efcfaf8,fffffd805a678b80) at VOP_STRATEGY+0x9f sys/kern/vfs_vops.c:628
ufs_strategy(ffff80002e8cc4c8) at ufs_strategy+0x15e
VOP_STRATEGY(fffffd807222bb50,fffffd805a678b80) at VOP_STRATEGY+0x9f sys/kern/vfs_vops.c:628
bwrite(fffffd805a678b80) at bwrite+0x1eb sys/kern/vfs_bio.c:760
VOP_BWRITE(fffffd805a678b80) at VOP_BWRITE+0x4e sys/kern/vfs_vops.c:640
ufs_mkdir(ffff80002e8cc760) at ufs_mkdir+0x6c4 sys/ufs/ufs/ufs_vnops.c:1235
VOP_MKDIR(fffffd80736ab978,ffff80002e8cc8c0,ffff80002e8cc8f0,ffff80002e8cc7f0) at VOP_MKDIR+0xc3 sys/kern/vfs_vops.c:388
domkdirat(ffff800024b71550,ffffff9c,7891bcd397d0,1ff) at domkdirat+0x125 sys/kern/vfs_syscalls.c:3073
syscall(ffff80002e8cca70) at syscall+0x4a8 sys/arch/amd64/amd64/trap.c:623
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x7891bcd39840, count: -21
ddb> machine ddbcpu 1
No such command
ddb> trace
db_enter() at db_enter+0x1c sys/arch/amd64/amd64/db_interface.c:437
panic(ffffffff827ef538) at panic+0x165 sys/kern/subr_prf.c:198
_bus_dmamap_load_buffer(ffff80002e8cc150,ffff80000018dc00,ffff80000d4af000,800,0,401,c673ff85b0c2a718,800,ffff80000018dc00) at _bus_dmamap_load_buffer+0x386 sys/arch/amd64/amd64/bus_dma.c:589
_bus_dmamap_load(ffffffff82bdfdf0,ffff80000018dc00,ffff80000d4af000,800,0,401) at _bus_dmamap_load+0x9b sys/arch/amd64/amd64/bus_dma.c:179
vioscsi_scsi_cmd(fffffd8067d05a60) at vioscsi_scsi_cmd+0x1b0 sys/dev/pv/vioscsi.c:220
sdstart(fffffd8067d05a60) at sdstart+0x40e sys/scsi/sd.c:709
scsi_iopool_run(ffff8000000a2048) at scsi_iopool_run+0x10a scsi_ioh_pending sys/scsi/scsi_base.c:407 [inline]
scsi_iopool_run(ffff8000000a2048) at scsi_iopool_run+0x10a sys/scsi/scsi_base.c:423
scsi_xsh_runqueue(ffff80000002f800) at scsi_xsh_runqueue+0x203 sys/scsi/scsi_base.c:600
scsi_xsh_add(ffff800000024b80) at scsi_xsh_add+0xcd sys/scsi/scsi_base.c:538
sdstrategy(fffffd805a678b80) at sdstrategy+0x187 sys/scsi/sd.c:567
spec_strategy(ffff80002e8cc418) at spec_strategy+0x79 sys/kern/spec_vnops.c:451
VOP_STRATEGY(fffffd807efcfaf8,fffffd805a678b80) at VOP_STRATEGY+0x9f sys/kern/vfs_vops.c:628
ufs_strategy(ffff80002e8cc4c8) at ufs_strategy+0x15e
VOP_STRATEGY(fffffd807222bb50,fffffd805a678b80) at VOP_STRATEGY+0x9f sys/kern/vfs_vops.c:628
bwrite(fffffd805a678b80) at bwrite+0x1eb sys/kern/vfs_bio.c:760
VOP_BWRITE(fffffd805a678b80) at VOP_BWRITE+0x4e sys/kern/vfs_vops.c:640
ufs_mkdir(ffff80002e8cc760) at ufs_mkdir+0x6c4 sys/ufs/ufs/ufs_vnops.c:1235
VOP_MKDIR(fffffd80736ab978,ffff80002e8cc8c0,ffff80002e8cc8f0,ffff80002e8cc7f0) at VOP_MKDIR+0xc3 sys/kern/vfs_vops.c:388
domkdirat(ffff800024b71550,ffffff9c,7891bcd397d0,1ff) at domkdirat+0x125 sys/kern/vfs_syscalls.c:3073
syscall(ffff80002e8cca70) at syscall+0x4a8 sys/arch/amd64/amd64/trap.c:623
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x7891bcd39840, count: -21
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
If the report is already addressed, let syzbot know by replying with:
#syz fix: exact-commit-title
If you want to overwrite report's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)
If the report is a duplicate of another one, reply with:
#syz dup: exact-subject-of-another-report
If you want to undo deduplication, reply with:
#syz undup
Reply all
Reply to author
Forward
0 new messages