panic: vop_genericp_baandiocp:
2 views
Skip to first unread message
syzbot
Apr 15, 2022, 10:24:21 AM4/15/22
to syzkaller-o...@googlegroups.com
Hello,
syzbot found the following issue on:
HEAD commit: f0263d44f958 delete an ancient paragraph suggesting the wr..
git tree: openbsd
console output: https://syzkaller.appspot.com/x/log.txt?x=11e5155cf00000
kernel config: https://syzkaller.appspot.com/x/.config?x=bf87b6915a88cd0d
dashboard link: https://syzkaller.appspot.com/bug?extid=a8a4e18deda76afd26cb
Unfortunately, I don't have any reproducer for this issue yet.
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+a8a4e1...@syzkaller.appspotmail.com
panic: vop_genericp_baandiocp:
Stopped at db_enter+0x18: addq $0x8,%rsp
TID PID UID PRFLAGS PFLAGS CPU COMMAND
69048 66159 32767 0x10 0x4000000 0 syz-executor.3
*284129 66938 32767 0x10 0 1 syz-executor.0
db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:437
panic(ffffffff82584174) at panic+0x177 sys/kern/subr_prf.c:202
vop_generic_badop(ffff80002464dbb8) at vop_generic_badop+0x1b sys/kern/vfs_default.c:133
VOP_STRATEGY(fffffd80715b6e48,fffffd8066394ed0) at VOP_STRATEGY+0x9b sys/kern/vfs_vops.c:644
bwrite(fffffd8066394ed0) at bwrite+0x1f0 sys/kern/vfs_bio.c:763
VOP_BWRITE(fffffd8066394ed0) at VOP_BWRITE+0x4a sys/kern/vfs_vops.c:656
ufs_mkdir(ffff80002464de50) at ufs_mkdir+0x6b4 sys/ufs/ufs/ufs_vnops.c:1248
VOP_MKDIR(fffffd8069263940,ffff80002464dfb0,ffff80002464dfe0,ffff80002464dee0) at VOP_MKDIR+0xbf sys/kern/vfs_vops.c:404
domkdirat(ffff8000ffff67f0,ffffff9c,7f7ffffbdb00,1ff) at domkdirat+0x121 sys/kern/vfs_syscalls.c:3101
syscall(ffff80002464e160) at syscall+0x489 mi_syscall sys/sys/syscall_mi.h:102 [inline]
syscall(ffff80002464e160) at syscall+0x489 sys/arch/amd64/amd64/trap.c:585
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x7f7ffffbdb70, count: 4
https://www.openbsd.org/ddb.html describes the minimum info required in bug
reports. Insufficient info makes it difficult to find and fix bugs.
ddb{1}>
ddb{1}> set $lines = 0
ddb{1}> set $maxwidth = 0
ddb{1}> show panic
cpu0: kernel diagnostic assertion "!_kernel_lock_held()" failed: file "/syzkaller/managers/setuid/kernel/sys/kern/kern_fork.c", line 678
*cpu1: vop_generic_badop
ddb{1}> trace
db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:437
panic(ffffffff82584174) at panic+0x177 sys/kern/subr_prf.c:202
vop_generic_badop(ffff80002464dbb8) at vop_generic_badop+0x1b sys/kern/vfs_default.c:133
VOP_STRATEGY(fffffd80715b6e48,fffffd8066394ed0) at VOP_STRATEGY+0x9b sys/kern/vfs_vops.c:644
bwrite(fffffd8066394ed0) at bwrite+0x1f0 sys/kern/vfs_bio.c:763
VOP_BWRITE(fffffd8066394ed0) at VOP_BWRITE+0x4a sys/kern/vfs_vops.c:656
ufs_mkdir(ffff80002464de50) at ufs_mkdir+0x6b4 sys/ufs/ufs/ufs_vnops.c:1248
VOP_MKDIR(fffffd8069263940,ffff80002464dfb0,ffff80002464dfe0,ffff80002464dee0) at VOP_MKDIR+0xbf sys/kern/vfs_vops.c:404
domkdirat(ffff8000ffff67f0,ffffff9c,7f7ffffbdb00,1ff) at domkdirat+0x121 sys/kern/vfs_syscalls.c:3101
syscall(ffff80002464e160) at syscall+0x489 mi_syscall sys/sys/syscall_mi.h:102 [inline]
syscall(ffff80002464e160) at syscall+0x489 sys/arch/amd64/amd64/trap.c:585
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x7f7ffffbdb70, count: -11
ddb{1}> show registers
rdi 0
rsi 0x1
rbp 0xffff80002464dae0
rbx 0xffff800020ce9bff
rdx 0
rcx 0
rax 0xffff8000ffff67f0
r8 0x101010101010101
r9 0x8080808080808080
r10 0xd4433746e194807e
r11 0xa8208454c2062a45
r12 0xffff800020ce9a00
r13 0
r14 0
r15 0x1
rip 0xffffffff8240e7d8 db_enter+0x18
cs 0x8
rflags 0x246
rsp 0xffff80002464dad0
ss 0
db_enter+0x18: addq $0x8,%rsp
ddb{1}> show proc
PROC (syz-executor.0) pid=284129 stat=onproc
flags process=10<SUGID> proc=0
pri=17, usrpri=81, nice=20
forw=0xffffffffffffffff, list=0xffff8000ffff6d30,0xffff800026ce2d38
process=0xffff8000fffefa50 user=0xffff800024649000, vmspace=0xfffffd8071285b90
estcpu=36, cpticks=0, pctcpu=0.3
user=0, sys=0, intr=0
ddb{1}> ps
PID TID PPID UID S FLAGS WAIT COMMAND
83915 499657 82247 32767 2 0x10 syz-executor.4
24533 249610 19466 32767 2 0x10 syz-executor.7
23112 186154 7748 32767 3 0x90 nanoslp syz-executor.1
23112 175376 7748 32767 3 0x4000090 fsleep syz-executor.1
23112 395328 7748 32767 3 0x4000090 fsleep syz-executor.1
82313 139545 77880 32767 3 0x90 nanoslp syz-executor.6
82313 9084 77880 32767 3 0x4000090 fsleep syz-executor.6
82313 146475 77880 32767 3 0x4000090 fsleep syz-executor.6
66159 193293 13539 32767 2 0x10 syz-executor.3
66159 24647 13539 32767 2 0x4000010 syz-executor.3
66159 421669 13539 32767 3 0x4000090 fsleep syz-executor.3
66159 38980 13539 32767 3 0x4000090 fsleep syz-executor.3
66159 69048 13539 32767 7 0x4000010 syz-executor.3
94722 201335 65170 32767 2 0x490 syz-executor.5
94722 507015 65170 32767 3 0x4000090 fsleep syz-executor.5
94722 353087 65170 32767 3 0x4000090 fsleep syz-executor.5
94722 301473 65170 32767 3 0x4000090 fsleep syz-executor.5
82247 374005 44910 32767 2 0x10 syz-executor.4
44910 449920 79048 0 3 0x82 wait syz-executor.4
65170 8976 40844 32767 2 0x490 syz-executor.5
40844 175618 79048 0 3 0x82 wait syz-executor.5
*66938 284129 38651 32767 7 0x10 syz-executor.0
38651 472931 79048 0 3 0x82 wait syz-executor.0
7748 238113 59725 32767 3 0x90 nanoslp syz-executor.1
59725 47577 79048 0 3 0x82 wait syz-executor.1
13539 287927 93458 32767 3 0x90 nanoslp syz-executor.3
93458 438473 79048 0 3 0x82 wait syz-executor.3
84094 138975 0 0 3 0x14200 bored sosplice
19466 134577 38108 32767 3 0x90 nanoslp syz-executor.7
77880 91597 16990 32767 2 0x490 syz-executor.6
38108 27802 79048 0 3 0x82 wait syz-executor.7
16990 1146 79048 0 3 0x82 wait syz-executor.6
6516 42212 21843 32767 3 0x90 nanoslp syz-executor.2
21843 412765 79048 0 3 0x82 wait syz-executor.2
79048 173322 39723 0 3 0x82 thrsleep syz-fuzzer
79048 507406 39723 0 3 0x4000082 nanoslp syz-fuzzer
79048 278139 39723 0 3 0x4000082 thrsleep syz-fuzzer
79048 29823 39723 0 3 0x4000082 thrsleep syz-fuzzer
79048 438086 39723 0 3 0x4000082 thrsleep syz-fuzzer
79048 456016 39723 0 3 0x4000082 kqread syz-fuzzer
79048 10717 39723 0 3 0x4000082 thrsleep syz-fuzzer
79048 474116 39723 0 3 0x4000082 thrsleep syz-fuzzer
39723 38688 3440 0 3 0x10008a sigsusp ksh
3440 231615 86710 0 3 0x9a kqread sshd
76396 460242 1 0 3 0x100083 ttyin getty
86710 329007 1 0 3 0x88 kqread sshd
1794 518968 26086 73 3 0x1100090 kqread syslogd
26086 24469 1 0 3 0x100082 netio syslogd
55728 392593 1 0 3 0x100080 kqread resolvd
36077 455977 15438 77 3 0x100092 kqread dhcpleased
35608 420057 15438 77 3 0x100092 kqread dhcpleased
15438 283215 1 0 3 0x80 kqread dhcpleased
96185 511747 0 0 3 0x14200 bored smr
79865 170140 0 0 2 0x14200 zerothread
2835 339384 0 0 3 0x14200 aiodoned aiodoned
61067 408117 0 0 3 0x14200 syncer update
42436 244298 0 0 3 0x14200 cleaner cleaner
29267 337583 0 0 3 0x14200 reaper reaper
58255 364355 0 0 3 0x14200 pgdaemon pagedaemon
29632 13484 0 0 3 0x14200 bored viomb
91031 471975 0 0 3 0x40014200 acpi0 acpi0
48340 442319 0 0 3 0x40014200 idle1
15056 291249 0 0 3 0x14200 bored softnet
47523 335439 0 0 3 0x14200 bored systqmp
38382 85704 0 0 3 0x14200 bored systq
58075 53580 0 0 2 0x40014200 softclock
57514 66942 0 0 3 0x40014200 idle0
1 301784 0 0 3 0x82 wait init
0 0 -1 0 3 0x10200 scheduler swapper
ddb{1}> show all locks
Process 24533 (syz-executor.7) thread 0xffff800026ce2fc8 (249610)
exclusive rwlock vmmaplk r = 0 (0xfffffd80087362f8)
#0 witness_lock+0x44d
#1 rw_enter+0x3e1 sys/kern/kern_rwlock.c:310
#2 vm_map_lock_ln+0xda sys/uvm/uvm_map.c:5458
#3 uvmfault_lookup+0xb9 sys/uvm/uvm_fault.c:1756
#4 uvm_fault_check+0x603 uvmfault_amapcopy sys/uvm/uvm_fault.c:236 [inline]
#4 uvm_fault_check+0x603 sys/uvm/uvm_fault.c:712
#5 uvm_fault+0x102 sys/uvm/uvm_fault.c:602
#6 upageflttrap+0x82 sys/arch/amd64/amd64/trap.c:181
#7 usertrap+0x1aa sys/arch/amd64/amd64/trap.c:403
#8 recall_trap+0x8
Process 66159 (syz-executor.3) thread 0xffff8000ffff5a40 (38980)
exclusive rrwlock inode r = 0 (0xfffffd806eb42a38)
#0 witness_lock+0x44d
#1 rw_enter+0x3e1 sys/kern/kern_rwlock.c:310
#2 rrw_enter+0x8b sys/kern/kern_rwlock.c:461
#3 VOP_LOCK+0x87 sys/kern/vfs_vops.c:534
#4 ufs_ihashins+0x42 sys/ufs/ufs/ufs_ihash.c:140
#5 ffs_vget+0x141 sys/ufs/ffs/ffs_vfsops.c:1347
#6 ffs_inode_alloc+0x1be sys/ufs/ffs/ffs_alloc.c:394
#7 ufs_makeinode+0xae sys/ufs/ufs/ufs_vnops.c:1830
#8 ufs_create+0x41 sys/ufs/ufs/ufs_vnops.c:152
#9 VOP_CREATE+0xbc sys/kern/vfs_vops.c:103
#10 vn_open+0x28f sys/kern/vfs_vnops.c:122
#11 doopenat+0x26a sys/kern/vfs_syscalls.c:1129
#12 syscall+0x489 mi_syscall sys/sys/syscall_mi.h:102 [inline]
#12 syscall+0x489 sys/arch/amd64/amd64/trap.c:585
#13 Xsyscall+0x128
exclusive rrwlock inode r = 0 (0xfffffd807b42eb38)
#0 witness_lock+0x44d
#1 rw_enter+0x3e1 sys/kern/kern_rwlock.c:310
#2 rrw_enter+0x8b sys/kern/kern_rwlock.c:461
#3 VOP_LOCK+0x87 sys/kern/vfs_vops.c:534
#4 vn_lock+0x84 sys/kern/vfs_vnops.c:579
#5 vfs_lookup+0xd1 sys/kern/vfs_lookup.c:413
#6 namei+0x36a sys/kern/vfs_lookup.c:245
#7 vn_open+0x188 sys/kern/vfs_vnops.c:113
#8 doopenat+0x26a sys/kern/vfs_syscalls.c:1129
#9 syscall+0x489 mi_syscall sys/sys/syscall_mi.h:102 [inline]
#9 syscall+0x489 sys/arch/amd64/amd64/trap.c:585
#10 Xsyscall+0x128
Process 66938 (syz-executor.0) thread 0xffff8000ffff67f0 (284129)
exclusive kernel_lock &kernel_lock r = 0 (0xffffffff82b884f8)
#0 witness_lock+0x44d
#1 __mp_acquire_count+0x48 sys/kern/kern_lock.c:227
#2 mi_switch+0x3d3 sys/kern/sched_bsd.c:416
#3 sleep_finish+0x198 sys/kern/kern_synch.c:437
#4 tsleep+0x12c sys/kern/kern_synch.c:158
#5 biowait+0x91 sys/kern/vfs_bio.c:1271
#6 bwrite+0x21b sys/kern/vfs_bio.c:772
#7 ffs_update+0x27d sys/ufs/ffs/ffs_inode.c:113
#8 ufs_mkdir+0x662 sys/ufs/ufs/ufs_vnops.c:1232
#9 VOP_MKDIR+0xbf sys/kern/vfs_vops.c:404
#10 domkdirat+0x121 sys/kern/vfs_syscalls.c:3101
#11 syscall+0x489 mi_syscall sys/sys/syscall_mi.h:102 [inline]
#11 syscall+0x489 sys/arch/amd64/amd64/trap.c:585
#12 Xsyscall+0x128
exclusive rrwlock inode r = 0 (0xfffffd806eb420a8)
#0 witness_lock+0x44d
#1 rw_enter+0x3e1 sys/kern/kern_rwlock.c:310
#2 rrw_enter+0x8b sys/kern/kern_rwlock.c:461
#3 VOP_LOCK+0x87 sys/kern/vfs_vops.c:534
#4 vn_lock+0x84 sys/kern/vfs_vnops.c:579
#5 vget+0x1d3 sys/kern/vfs_subr.c:678
#6 ufs_ihashget+0x121 sys/ufs/ufs/ufs_ihash.c:119
#7 ffs_vget+0x7c sys/ufs/ffs/ffs_vfsops.c:1318
#8 ffs_inode_alloc+0x1be sys/ufs/ffs/ffs_alloc.c:394
#9 ufs_mkdir+0xf4 sys/ufs/ufs/ufs_vnops.c:1162
#10 VOP_MKDIR+0xbf sys/kern/vfs_vops.c:404
#11 domkdirat+0x121 sys/kern/vfs_syscalls.c:3101
#12 syscall+0x489 mi_syscall sys/sys/syscall_mi.h:102 [inline]
#12 syscall+0x489 sys/arch/amd64/amd64/trap.c:585
#13 Xsyscall+0x128
exclusive rrwlock inode r = 0 (0xfffffd806eb422c8)
#0 witness_lock+0x44d
#1 rw_enter+0x3e1 sys/kern/kern_rwlock.c:310
#2 rrw_enter+0x8b sys/kern/kern_rwlock.c:461
#3 VOP_LOCK+0x87 sys/kern/vfs_vops.c:534
#4 vn_lock+0x84 sys/kern/vfs_vnops.c:579
#5 vfs_lookup+0xd1 sys/kern/vfs_lookup.c:413
#6 namei+0x36a sys/kern/vfs_lookup.c:245
#7 domkdirat+0x75 sys/kern/vfs_syscalls.c:3086
#8 syscall+0x489 mi_syscall sys/sys/syscall_mi.h:102 [inline]
#8 syscall+0x489 sys/arch/amd64/amd64/trap.c:585
#9 Xsyscall+0x128
ddb{1}> show malloc
Type InUse MemUse HighUse Limit Requests Type Lim
devbuf 10205 6411K 6419K 78643K 11348 0
pcb 13 12K 14K 78643K 17 0
rtable 252 7K 7K 78643K 1295 0
ifaddr 81 17K 17K 78643K 202 0
sysctl 3 1K 1K 78643K 3 0
counters 56 35K 35K 78643K 90 0
ioctlops 0 0K 2K 78643K 142 0
iov 0 0K 20K 78643K 1363 0
mount 1 1K 1K 78643K 1 0
log 0 0K 0K 78643K 5 0
vnodes 1271 79K 79K 78643K 7701 0
UFS quota 1 32K 32K 78643K 1 0
UFS mount 5 36K 36K 78643K 5 0
shm 2 1K 9K 78643K 135 0
VM map 2 1K 1K 78643K 2 0
sem 12 0K 1K 78643K 1081 0
dirhash 12 2K 2K 78643K 12 0
ACPI 1697 195K 286K 78643K 12548 0
file desc 24 89K 113K 78643K 9543 0
sigio 0 0K 0K 78643K 184 0
proc 56 78K 103K 78643K 1454 0
subproc 104 6K 6K 78643K 325 0
NFS srvsock 1 0K 0K 78643K 1 0
NFS daemon 1 16K 16K 78643K 1 0
ip_moptions 0 0K 0K 78643K 569 0
in_multi 99 6K 6K 78643K 433 0
ether_multi 1 0K 0K 78643K 57 0
mrt 1 0K 0K 78643K 1 0
ISOFS mount 1 32K 32K 78643K 1 0
MSDOSFS mount 1 16K 16K 78643K 1 0
ttys 247 1102K 1102K 78643K 247 0
exec 0 0K 2K 78643K 2090 0
tdb 3 0K 0K 78643K 3 0
pagedep 1 8K 8K 78643K 1 0
inodedep 1 32K 32K 78643K 1 0
newblk 1 0K 0K 78643K 1 0
VM swap 7 26K 26K 78643K 7 0
UVM amap 318 89K 109K 78643K 58270 0
UVM aobj 131 4K 4K 78643K 138 0
memdesc 1 4K 4K 78643K 1 0
crypto data 1 1K 1K 78643K 1 0
ip6_options 0 0K 0K 78643K 364 0
NDP 11 0K 2K 78643K 78 0
temp 124 4722K 4850K 78643K 26321 0
kqueue 12 18K 26K 78643K 842 0
SYN cache 2 16K 16K 78643K 2 0
ddb{1}> show all pools
Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle
plcache 128 22 0 0 1 0 1 1 0 8 0
rtpcb 120 714 0 711 11 8 3 5 0 8 2
rtentry 112 311 0 194 4 0 4 4 0 8 0
unpcb 136 10718 0 10703 71 63 8 8 0 8 7
syncache 296 114 0 114 19 18 1 1 0 8 1
tcpqe 32 15 0 15 5 5 0 1 0 8 0
tcpcb 736 4013 0 4009 129 120 9 14 0 8 8
arp 120 53 0 34 1 0 1 1 0 8 0
ipq 40 21 0 20 6 5 1 1 0 8 0
ipqe 40 593 0 591 6 5 1 1 0 8 0
inpcb 312 8014 0 8004 143 132 11 14 0 8 10
nd6 48 87 0 57 1 0 1 1 0 8 0
kcovpl 48 25 0 17 1 0 1 1 0 8 0
art_heap8 4096 1 0 0 1 0 1 1 0 8 0
art_heap4 256 1259 0 773 31 0 31 31 0 8 0
art_table 32 1260 0 773 4 0 4 4 0 8 0
art_node 16 310 0 203 1 0 1 1 0 8 0
sysvmsgpl 40 20 0 13 1 0 1 1 0 8 0
semapl 112 1079 0 1069 1 0 1 1 0 8 0
shmpl 112 135 0 7 4 0 4 4 0 8 0
dirhash 1024 17 0 0 3 0 3 3 0 8 0
dino2pl 256 18480 0 17046 91 0 91 91 0 8 0
ffsino 272 18480 0 17046 97 0 97 97 0 8 0
nchpl 144 30736 0 29096 63 0 63 63 0 8 0
uvmvnodes 80 5926 0 0 121 0 121 121 0 8 0
vnodes 224 5926 0 0 349 0 349 349 0 8 0
namei 1024 118151 0 118150 6 5 1 2 0 8 0
percpumem 16 57 0 17 1 0 1 1 0 8 0
scxspl 216 71700 0 71700 32 31 1 8 0 8 1
plimitpl 152 2152 0 2129 7 5 2 2 0 8 1
sigapl 424 9787 0 9736 7 0 7 7 0 8 0
futexpl 64 87172 0 87163 4 3 1 1 0 8 0
knotepl 120 526 0 0 11 1 10 11 0 8 0
kqueuepl 216 2984 0 2976 54 53 1 8 0 8 0
pipepl 336 1904 0 1876 49 46 3 8 0 8 0
fdescpl 496 9772 0 9737 7 2 5 6 0 8 0
filepl 152 85441 0 85203 135 117 18 19 0 8 8
lockfpl 104 1190 0 1188 2 1 1 2 0 8 0
lockfspl 48 348 0 346 1 0 1 1 0 8 0
sessionpl 144 40 0 24 1 0 1 1 0 8 0
pgrppl 48 694 0 678 1 0 1 1 0 8 0
ucredpl 96 30937 0 30919 1 0 1 1 0 8 0
zombiepl 144 9737 0 9736 3 2 1 1 0 8 0
processpl 1064 9787 0 9736 5 1 4 4 0 8 0
procpl 672 27890 0 27821 24 17 7 8 0 8 1
sosppl 168 121 0 121 17 16 1 1 0 8 1
sockpl 480 19785 0 19760 453 423 30 34 0 8 26
mcl64k 65536 23 0 0 3 1 2 3 0 8 0
mcl16k 16384 17 0 0 3 0 3 3 0 8 0
mcl12k 12288 25 0 0 2 0 2 2 0 8 0
mcl9k 9216 17 0 0 2 0 2 2 0 8 0
mcl8k 8192 35 0 0 3 0 3 3 0 8 0
mcl4k 4096 25 0 0 3 0 3 3 0 8 0
mcl2k2 2112 15 0 0 1 0 1 1 0 8 0
mcl2k 2048 266 0 0 18 3 15 18 0 8 0
mtagpl 96 2 0 0 1 0 1 1 0 8 0
mbufpl 256 1189 0 0 66 1 65 66 0 8 0
bufpl 288 16345 0 10014 453 0 453 453 0 8 0
anonpl 24 1908286 0 1894880 216 118 98 109 0 186 0
amapchunkpl 152 185365 0 184767 149 121 28 44 0 158 2
amappl16 200 28254 0 27851 165 143 22 35 0 8 0
amappl15 192 1035 0 1031 1 0 1 1 0 8 0
amappl14 184 37 0 31 1 0 1 1 0 8 0
amappl13 176 1900 0 1895 1 0 1 1 0 8 0
amappl12 168 20 0 18 2 1 1 1 0 8 0
amappl11 160 2644 0 2626 1 0 1 1 0 8 0
amappl10 152 772 0 764 2 1 1 1 0 8 0
amappl9 144 1355 0 1352 1 0 1 1 0 8 0
amappl8 136 3652 0 3517 5 0 5 5 0 8 0
amappl7 128 2677 0 2658 1 0 1 1 0 8 0
amappl6 120 1197 0 1178 2 1 1 2 0 8 0
amappl5 112 9225 0 9204 1 0 1 1 0 8 0
amappl4 104 4938 0 4903 5 4 1 2 0 8 0
amappl3 96 29094 0 29040 2 0 2 2 0 8 0
amappl2 88 12408 0 12338 3 1 2 3 0 8 0
amappl1 80 234450 0 233749 23 7 16 19 0 8 0
amappl 88 56976 0 56788 5 0 5 5 0 92 0
dma4096 4096 1 0 1 1 1 0 1 0 8 0
dma1024 1024 1 0 0 1 0 1 1 0 8 0
dma256 256 6 0 6 1 1 0 1 0 8 0
dma128 128 253 0 253 1 1 0 1 0 8 0
dma64 64 6 0 6 1 1 0 1 0 8 0
dma32 32 7 0 7 1 1 0 1 0 8 0
dma16 16 18 0 17 1 0 1 1 0 8 0
aobjpl 72 137 0 7 3 0 3 3 0 8 0
uaddrrnd 24 9772 0 9737 1 0 1 1 0 8 0
uaddrbest 32 2 0 0 1 0 1 1 0 8 0
uaddr 24 9772 0 9737 1 0 1 1 0 8 0
vmmpekpl 168 78620 0 78578 3 0 3 3 0 8 0
vmmpepl 168 963430 0 960651 244 111 133 141 0 357 2
vmsppl 368 9771 0 9737 4 0 4 4 0 8 0
rwobjpl 56 242642 0 235132 124 17 107 110 0 8 0
pdppl 4096 19551 0 19474 395 314 81 89 0 8 4
pvpl 32 3641771 0 3623222 455 290 165 256 0 265 0
pmappl 248 9771 0 9737 4 1 3 3 0 8 0
extentpl 40 58 0 38 1 0 1 1 0 8 0
phpool 112 1501 0 624 26 0 26 26 0 8 0
ddb{1}> machine ddbcpu 0
Stopped at x86_ipi_db+0x1a: addq $0x8,%rsp
x86_ipi_db(ffffffff8296bff0) at x86_ipi_db+0x1a sys/arch/amd64/amd64/db_interface.c:393
x86_ipi_handler() at x86_ipi_handler+0xb7 sys/arch/amd64/amd64/ipi.c:106
Xresume_lapic_ipi() at Xresume_lapic_ipi+0x23
x86_bus_space_io_read_1(3f8,5) at x86_bus_space_io_read_1+0x28 sys/arch/amd64/amd64/bus_space.c:639
comcnputc(800,20) at comcnputc+0x1a7 sys/dev/ic/com.c:1269
cnputc(20) at cnputc+0x4b sys/dev/cons.c:239
db_putchar(6b) at db_putchar+0x316 db_force_whitespace sys/ddb/db_output.c:102 [inline]
db_putchar(6b) at db_putchar+0x316 sys/ddb/db_output.c:153
kprintf() at kprintf+0x20ec sys/kern/subr_prf.c:1068
db_printf(ffffffff8260c7e1) at db_printf+0x85 sys/kern/subr_prf.c:502
panic(ffffffff82593b97) at panic+0xd7 sys/kern/subr_prf.c:220
__assert(ffffffff82605519,ffffffff825cf5bb,2a6,ffffffff825c6d58) at __assert+0x25 sys/kern/subr_prf.c:161
proc_trampoline_mp() at proc_trampoline_mp+0x131
end trace frame: 0x0, count: 3
ddb{0}> trace
x86_ipi_db(ffffffff8296bff0) at x86_ipi_db+0x1a sys/arch/amd64/amd64/db_interface.c:393
x86_ipi_handler() at x86_ipi_handler+0xb7 sys/arch/amd64/amd64/ipi.c:106
Xresume_lapic_ipi() at Xresume_lapic_ipi+0x23
x86_bus_space_io_read_1(3f8,5) at x86_bus_space_io_read_1+0x28 sys/arch/amd64/amd64/bus_space.c:639
comcnputc(800,20) at comcnputc+0x1a7 sys/dev/ic/com.c:1269
cnputc(20) at cnputc+0x4b sys/dev/cons.c:239
db_putchar(6b) at db_putchar+0x316 db_force_whitespace sys/ddb/db_output.c:102 [inline]
db_putchar(6b) at db_putchar+0x316 sys/ddb/db_output.c:153
kprintf() at kprintf+0x20ec sys/kern/subr_prf.c:1068
db_printf(ffffffff8260c7e1) at db_printf+0x85 sys/kern/subr_prf.c:502
panic(ffffffff82593b97) at panic+0xd7 sys/kern/subr_prf.c:220
__assert(ffffffff82605519,ffffffff825cf5bb,2a6,ffffffff825c6d58) at __assert+0x25 sys/kern/subr_prf.c:161
proc_trampoline_mp() at proc_trampoline_mp+0x131
end trace frame: 0x0, count: -12
ddb{0}> machine ddbcpu 1
Stopped at db_enter+0x18: addq $0x8,%rsp
db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:437
panic(ffffffff82584174) at panic+0x177 sys/kern/subr_prf.c:202
vop_generic_badop(ffff80002464dbb8) at vop_generic_badop+0x1b sys/kern/vfs_default.c:133
VOP_STRATEGY(fffffd80715b6e48,fffffd8066394ed0) at VOP_STRATEGY+0x9b sys/kern/vfs_vops.c:644
bwrite(fffffd8066394ed0) at bwrite+0x1f0 sys/kern/vfs_bio.c:763
VOP_BWRITE(fffffd8066394ed0) at VOP_BWRITE+0x4a sys/kern/vfs_vops.c:656
ufs_mkdir(ffff80002464de50) at ufs_mkdir+0x6b4 sys/ufs/ufs/ufs_vnops.c:1248
VOP_MKDIR(fffffd8069263940,ffff80002464dfb0,ffff80002464dfe0,ffff80002464dee0) at VOP_MKDIR+0xbf sys/kern/vfs_vops.c:404
domkdirat(ffff8000ffff67f0,ffffff9c,7f7ffffbdb00,1ff) at domkdirat+0x121 sys/kern/vfs_syscalls.c:3101
syscall(ffff80002464e160) at syscall+0x489 mi_syscall sys/sys/syscall_mi.h:102 [inline]
syscall(ffff80002464e160) at syscall+0x489 sys/arch/amd64/amd64/trap.c:585
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x7f7ffffbdb70, count: 4
ddb{1}> trace
db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:437
panic(ffffffff82584174) at panic+0x177 sys/kern/subr_prf.c:202
vop_generic_badop(ffff80002464dbb8) at vop_generic_badop+0x1b sys/kern/vfs_default.c:133
VOP_STRATEGY(fffffd80715b6e48,fffffd8066394ed0) at VOP_STRATEGY+0x9b sys/kern/vfs_vops.c:644
bwrite(fffffd8066394ed0) at bwrite+0x1f0 sys/kern/vfs_bio.c:763
VOP_BWRITE(fffffd8066394ed0) at VOP_BWRITE+0x4a sys/kern/vfs_vops.c:656
ufs_mkdir(ffff80002464de50) at ufs_mkdir+0x6b4 sys/ufs/ufs/ufs_vnops.c:1248
VOP_MKDIR(fffffd8069263940,ffff80002464dfb0,ffff80002464dfe0,ffff80002464dee0) at VOP_MKDIR+0xbf sys/kern/vfs_vops.c:404
domkdirat(ffff8000ffff67f0,ffffff9c,7f7ffffbdb00,1ff) at domkdirat+0x121 sys/kern/vfs_syscalls.c:3101
syscall(ffff80002464e160) at syscall+0x489 mi_syscall sys/sys/syscall_mi.h:102 [inline]
syscall(ffff80002464e160) at syscall+0x489 sys/arch/amd64/amd64/trap.c:585
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x7f7ffffbdb70, count: -11
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot found the following issue on:
HEAD commit: f0263d44f958 delete an ancient paragraph suggesting the wr..
git tree: openbsd
console output: https://syzkaller.appspot.com/x/log.txt?x=11e5155cf00000
kernel config: https://syzkaller.appspot.com/x/.config?x=bf87b6915a88cd0d
dashboard link: https://syzkaller.appspot.com/bug?extid=a8a4e18deda76afd26cb
Unfortunately, I don't have any reproducer for this issue yet.
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+a8a4e1...@syzkaller.appspotmail.com
panic: vop_genericp_baandiocp:
Stopped at db_enter+0x18: addq $0x8,%rsp
TID PID UID PRFLAGS PFLAGS CPU COMMAND
69048 66159 32767 0x10 0x4000000 0 syz-executor.3
*284129 66938 32767 0x10 0 1 syz-executor.0
db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:437
panic(ffffffff82584174) at panic+0x177 sys/kern/subr_prf.c:202
vop_generic_badop(ffff80002464dbb8) at vop_generic_badop+0x1b sys/kern/vfs_default.c:133
VOP_STRATEGY(fffffd80715b6e48,fffffd8066394ed0) at VOP_STRATEGY+0x9b sys/kern/vfs_vops.c:644
bwrite(fffffd8066394ed0) at bwrite+0x1f0 sys/kern/vfs_bio.c:763
VOP_BWRITE(fffffd8066394ed0) at VOP_BWRITE+0x4a sys/kern/vfs_vops.c:656
ufs_mkdir(ffff80002464de50) at ufs_mkdir+0x6b4 sys/ufs/ufs/ufs_vnops.c:1248
VOP_MKDIR(fffffd8069263940,ffff80002464dfb0,ffff80002464dfe0,ffff80002464dee0) at VOP_MKDIR+0xbf sys/kern/vfs_vops.c:404
domkdirat(ffff8000ffff67f0,ffffff9c,7f7ffffbdb00,1ff) at domkdirat+0x121 sys/kern/vfs_syscalls.c:3101
syscall(ffff80002464e160) at syscall+0x489 mi_syscall sys/sys/syscall_mi.h:102 [inline]
syscall(ffff80002464e160) at syscall+0x489 sys/arch/amd64/amd64/trap.c:585
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x7f7ffffbdb70, count: 4
https://www.openbsd.org/ddb.html describes the minimum info required in bug
reports. Insufficient info makes it difficult to find and fix bugs.
ddb{1}>
ddb{1}> set $lines = 0
ddb{1}> set $maxwidth = 0
ddb{1}> show panic
cpu0: kernel diagnostic assertion "!_kernel_lock_held()" failed: file "/syzkaller/managers/setuid/kernel/sys/kern/kern_fork.c", line 678
*cpu1: vop_generic_badop
ddb{1}> trace
db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:437
panic(ffffffff82584174) at panic+0x177 sys/kern/subr_prf.c:202
vop_generic_badop(ffff80002464dbb8) at vop_generic_badop+0x1b sys/kern/vfs_default.c:133
VOP_STRATEGY(fffffd80715b6e48,fffffd8066394ed0) at VOP_STRATEGY+0x9b sys/kern/vfs_vops.c:644
bwrite(fffffd8066394ed0) at bwrite+0x1f0 sys/kern/vfs_bio.c:763
VOP_BWRITE(fffffd8066394ed0) at VOP_BWRITE+0x4a sys/kern/vfs_vops.c:656
ufs_mkdir(ffff80002464de50) at ufs_mkdir+0x6b4 sys/ufs/ufs/ufs_vnops.c:1248
VOP_MKDIR(fffffd8069263940,ffff80002464dfb0,ffff80002464dfe0,ffff80002464dee0) at VOP_MKDIR+0xbf sys/kern/vfs_vops.c:404
domkdirat(ffff8000ffff67f0,ffffff9c,7f7ffffbdb00,1ff) at domkdirat+0x121 sys/kern/vfs_syscalls.c:3101
syscall(ffff80002464e160) at syscall+0x489 mi_syscall sys/sys/syscall_mi.h:102 [inline]
syscall(ffff80002464e160) at syscall+0x489 sys/arch/amd64/amd64/trap.c:585
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x7f7ffffbdb70, count: -11
ddb{1}> show registers
rdi 0
rsi 0x1
rbp 0xffff80002464dae0
rbx 0xffff800020ce9bff
rdx 0
rcx 0
rax 0xffff8000ffff67f0
r8 0x101010101010101
r9 0x8080808080808080
r10 0xd4433746e194807e
r11 0xa8208454c2062a45
r12 0xffff800020ce9a00
r13 0
r14 0
r15 0x1
rip 0xffffffff8240e7d8 db_enter+0x18
cs 0x8
rflags 0x246
rsp 0xffff80002464dad0
ss 0
db_enter+0x18: addq $0x8,%rsp
ddb{1}> show proc
PROC (syz-executor.0) pid=284129 stat=onproc
flags process=10<SUGID> proc=0
pri=17, usrpri=81, nice=20
forw=0xffffffffffffffff, list=0xffff8000ffff6d30,0xffff800026ce2d38
process=0xffff8000fffefa50 user=0xffff800024649000, vmspace=0xfffffd8071285b90
estcpu=36, cpticks=0, pctcpu=0.3
user=0, sys=0, intr=0
ddb{1}> ps
PID TID PPID UID S FLAGS WAIT COMMAND
83915 499657 82247 32767 2 0x10 syz-executor.4
24533 249610 19466 32767 2 0x10 syz-executor.7
23112 186154 7748 32767 3 0x90 nanoslp syz-executor.1
23112 175376 7748 32767 3 0x4000090 fsleep syz-executor.1
23112 395328 7748 32767 3 0x4000090 fsleep syz-executor.1
82313 139545 77880 32767 3 0x90 nanoslp syz-executor.6
82313 9084 77880 32767 3 0x4000090 fsleep syz-executor.6
82313 146475 77880 32767 3 0x4000090 fsleep syz-executor.6
66159 193293 13539 32767 2 0x10 syz-executor.3
66159 24647 13539 32767 2 0x4000010 syz-executor.3
66159 421669 13539 32767 3 0x4000090 fsleep syz-executor.3
66159 38980 13539 32767 3 0x4000090 fsleep syz-executor.3
66159 69048 13539 32767 7 0x4000010 syz-executor.3
94722 201335 65170 32767 2 0x490 syz-executor.5
94722 507015 65170 32767 3 0x4000090 fsleep syz-executor.5
94722 353087 65170 32767 3 0x4000090 fsleep syz-executor.5
94722 301473 65170 32767 3 0x4000090 fsleep syz-executor.5
82247 374005 44910 32767 2 0x10 syz-executor.4
44910 449920 79048 0 3 0x82 wait syz-executor.4
65170 8976 40844 32767 2 0x490 syz-executor.5
40844 175618 79048 0 3 0x82 wait syz-executor.5
*66938 284129 38651 32767 7 0x10 syz-executor.0
38651 472931 79048 0 3 0x82 wait syz-executor.0
7748 238113 59725 32767 3 0x90 nanoslp syz-executor.1
59725 47577 79048 0 3 0x82 wait syz-executor.1
13539 287927 93458 32767 3 0x90 nanoslp syz-executor.3
93458 438473 79048 0 3 0x82 wait syz-executor.3
84094 138975 0 0 3 0x14200 bored sosplice
19466 134577 38108 32767 3 0x90 nanoslp syz-executor.7
77880 91597 16990 32767 2 0x490 syz-executor.6
38108 27802 79048 0 3 0x82 wait syz-executor.7
16990 1146 79048 0 3 0x82 wait syz-executor.6
6516 42212 21843 32767 3 0x90 nanoslp syz-executor.2
21843 412765 79048 0 3 0x82 wait syz-executor.2
79048 173322 39723 0 3 0x82 thrsleep syz-fuzzer
79048 507406 39723 0 3 0x4000082 nanoslp syz-fuzzer
79048 278139 39723 0 3 0x4000082 thrsleep syz-fuzzer
79048 29823 39723 0 3 0x4000082 thrsleep syz-fuzzer
79048 438086 39723 0 3 0x4000082 thrsleep syz-fuzzer
79048 456016 39723 0 3 0x4000082 kqread syz-fuzzer
79048 10717 39723 0 3 0x4000082 thrsleep syz-fuzzer
79048 474116 39723 0 3 0x4000082 thrsleep syz-fuzzer
39723 38688 3440 0 3 0x10008a sigsusp ksh
3440 231615 86710 0 3 0x9a kqread sshd
76396 460242 1 0 3 0x100083 ttyin getty
86710 329007 1 0 3 0x88 kqread sshd
1794 518968 26086 73 3 0x1100090 kqread syslogd
26086 24469 1 0 3 0x100082 netio syslogd
55728 392593 1 0 3 0x100080 kqread resolvd
36077 455977 15438 77 3 0x100092 kqread dhcpleased
35608 420057 15438 77 3 0x100092 kqread dhcpleased
15438 283215 1 0 3 0x80 kqread dhcpleased
96185 511747 0 0 3 0x14200 bored smr
79865 170140 0 0 2 0x14200 zerothread
2835 339384 0 0 3 0x14200 aiodoned aiodoned
61067 408117 0 0 3 0x14200 syncer update
42436 244298 0 0 3 0x14200 cleaner cleaner
29267 337583 0 0 3 0x14200 reaper reaper
58255 364355 0 0 3 0x14200 pgdaemon pagedaemon
29632 13484 0 0 3 0x14200 bored viomb
91031 471975 0 0 3 0x40014200 acpi0 acpi0
48340 442319 0 0 3 0x40014200 idle1
15056 291249 0 0 3 0x14200 bored softnet
47523 335439 0 0 3 0x14200 bored systqmp
38382 85704 0 0 3 0x14200 bored systq
58075 53580 0 0 2 0x40014200 softclock
57514 66942 0 0 3 0x40014200 idle0
1 301784 0 0 3 0x82 wait init
0 0 -1 0 3 0x10200 scheduler swapper
ddb{1}> show all locks
Process 24533 (syz-executor.7) thread 0xffff800026ce2fc8 (249610)
exclusive rwlock vmmaplk r = 0 (0xfffffd80087362f8)
#0 witness_lock+0x44d
#1 rw_enter+0x3e1 sys/kern/kern_rwlock.c:310
#2 vm_map_lock_ln+0xda sys/uvm/uvm_map.c:5458
#3 uvmfault_lookup+0xb9 sys/uvm/uvm_fault.c:1756
#4 uvm_fault_check+0x603 uvmfault_amapcopy sys/uvm/uvm_fault.c:236 [inline]
#4 uvm_fault_check+0x603 sys/uvm/uvm_fault.c:712
#5 uvm_fault+0x102 sys/uvm/uvm_fault.c:602
#6 upageflttrap+0x82 sys/arch/amd64/amd64/trap.c:181
#7 usertrap+0x1aa sys/arch/amd64/amd64/trap.c:403
#8 recall_trap+0x8
Process 66159 (syz-executor.3) thread 0xffff8000ffff5a40 (38980)
exclusive rrwlock inode r = 0 (0xfffffd806eb42a38)
#0 witness_lock+0x44d
#1 rw_enter+0x3e1 sys/kern/kern_rwlock.c:310
#2 rrw_enter+0x8b sys/kern/kern_rwlock.c:461
#3 VOP_LOCK+0x87 sys/kern/vfs_vops.c:534
#4 ufs_ihashins+0x42 sys/ufs/ufs/ufs_ihash.c:140
#5 ffs_vget+0x141 sys/ufs/ffs/ffs_vfsops.c:1347
#6 ffs_inode_alloc+0x1be sys/ufs/ffs/ffs_alloc.c:394
#7 ufs_makeinode+0xae sys/ufs/ufs/ufs_vnops.c:1830
#8 ufs_create+0x41 sys/ufs/ufs/ufs_vnops.c:152
#9 VOP_CREATE+0xbc sys/kern/vfs_vops.c:103
#10 vn_open+0x28f sys/kern/vfs_vnops.c:122
#11 doopenat+0x26a sys/kern/vfs_syscalls.c:1129
#12 syscall+0x489 mi_syscall sys/sys/syscall_mi.h:102 [inline]
#12 syscall+0x489 sys/arch/amd64/amd64/trap.c:585
#13 Xsyscall+0x128
exclusive rrwlock inode r = 0 (0xfffffd807b42eb38)
#0 witness_lock+0x44d
#1 rw_enter+0x3e1 sys/kern/kern_rwlock.c:310
#2 rrw_enter+0x8b sys/kern/kern_rwlock.c:461
#3 VOP_LOCK+0x87 sys/kern/vfs_vops.c:534
#4 vn_lock+0x84 sys/kern/vfs_vnops.c:579
#5 vfs_lookup+0xd1 sys/kern/vfs_lookup.c:413
#6 namei+0x36a sys/kern/vfs_lookup.c:245
#7 vn_open+0x188 sys/kern/vfs_vnops.c:113
#8 doopenat+0x26a sys/kern/vfs_syscalls.c:1129
#9 syscall+0x489 mi_syscall sys/sys/syscall_mi.h:102 [inline]
#9 syscall+0x489 sys/arch/amd64/amd64/trap.c:585
#10 Xsyscall+0x128
Process 66938 (syz-executor.0) thread 0xffff8000ffff67f0 (284129)
exclusive kernel_lock &kernel_lock r = 0 (0xffffffff82b884f8)
#0 witness_lock+0x44d
#1 __mp_acquire_count+0x48 sys/kern/kern_lock.c:227
#2 mi_switch+0x3d3 sys/kern/sched_bsd.c:416
#3 sleep_finish+0x198 sys/kern/kern_synch.c:437
#4 tsleep+0x12c sys/kern/kern_synch.c:158
#5 biowait+0x91 sys/kern/vfs_bio.c:1271
#6 bwrite+0x21b sys/kern/vfs_bio.c:772
#7 ffs_update+0x27d sys/ufs/ffs/ffs_inode.c:113
#8 ufs_mkdir+0x662 sys/ufs/ufs/ufs_vnops.c:1232
#9 VOP_MKDIR+0xbf sys/kern/vfs_vops.c:404
#10 domkdirat+0x121 sys/kern/vfs_syscalls.c:3101
#11 syscall+0x489 mi_syscall sys/sys/syscall_mi.h:102 [inline]
#11 syscall+0x489 sys/arch/amd64/amd64/trap.c:585
#12 Xsyscall+0x128
exclusive rrwlock inode r = 0 (0xfffffd806eb420a8)
#0 witness_lock+0x44d
#1 rw_enter+0x3e1 sys/kern/kern_rwlock.c:310
#2 rrw_enter+0x8b sys/kern/kern_rwlock.c:461
#3 VOP_LOCK+0x87 sys/kern/vfs_vops.c:534
#4 vn_lock+0x84 sys/kern/vfs_vnops.c:579
#5 vget+0x1d3 sys/kern/vfs_subr.c:678
#6 ufs_ihashget+0x121 sys/ufs/ufs/ufs_ihash.c:119
#7 ffs_vget+0x7c sys/ufs/ffs/ffs_vfsops.c:1318
#8 ffs_inode_alloc+0x1be sys/ufs/ffs/ffs_alloc.c:394
#9 ufs_mkdir+0xf4 sys/ufs/ufs/ufs_vnops.c:1162
#10 VOP_MKDIR+0xbf sys/kern/vfs_vops.c:404
#11 domkdirat+0x121 sys/kern/vfs_syscalls.c:3101
#12 syscall+0x489 mi_syscall sys/sys/syscall_mi.h:102 [inline]
#12 syscall+0x489 sys/arch/amd64/amd64/trap.c:585
#13 Xsyscall+0x128
exclusive rrwlock inode r = 0 (0xfffffd806eb422c8)
#0 witness_lock+0x44d
#1 rw_enter+0x3e1 sys/kern/kern_rwlock.c:310
#2 rrw_enter+0x8b sys/kern/kern_rwlock.c:461
#3 VOP_LOCK+0x87 sys/kern/vfs_vops.c:534
#4 vn_lock+0x84 sys/kern/vfs_vnops.c:579
#5 vfs_lookup+0xd1 sys/kern/vfs_lookup.c:413
#6 namei+0x36a sys/kern/vfs_lookup.c:245
#7 domkdirat+0x75 sys/kern/vfs_syscalls.c:3086
#8 syscall+0x489 mi_syscall sys/sys/syscall_mi.h:102 [inline]
#8 syscall+0x489 sys/arch/amd64/amd64/trap.c:585
#9 Xsyscall+0x128
ddb{1}> show malloc
Type InUse MemUse HighUse Limit Requests Type Lim
devbuf 10205 6411K 6419K 78643K 11348 0
pcb 13 12K 14K 78643K 17 0
rtable 252 7K 7K 78643K 1295 0
ifaddr 81 17K 17K 78643K 202 0
sysctl 3 1K 1K 78643K 3 0
counters 56 35K 35K 78643K 90 0
ioctlops 0 0K 2K 78643K 142 0
iov 0 0K 20K 78643K 1363 0
mount 1 1K 1K 78643K 1 0
log 0 0K 0K 78643K 5 0
vnodes 1271 79K 79K 78643K 7701 0
UFS quota 1 32K 32K 78643K 1 0
UFS mount 5 36K 36K 78643K 5 0
shm 2 1K 9K 78643K 135 0
VM map 2 1K 1K 78643K 2 0
sem 12 0K 1K 78643K 1081 0
dirhash 12 2K 2K 78643K 12 0
ACPI 1697 195K 286K 78643K 12548 0
file desc 24 89K 113K 78643K 9543 0
sigio 0 0K 0K 78643K 184 0
proc 56 78K 103K 78643K 1454 0
subproc 104 6K 6K 78643K 325 0
NFS srvsock 1 0K 0K 78643K 1 0
NFS daemon 1 16K 16K 78643K 1 0
ip_moptions 0 0K 0K 78643K 569 0
in_multi 99 6K 6K 78643K 433 0
ether_multi 1 0K 0K 78643K 57 0
mrt 1 0K 0K 78643K 1 0
ISOFS mount 1 32K 32K 78643K 1 0
MSDOSFS mount 1 16K 16K 78643K 1 0
ttys 247 1102K 1102K 78643K 247 0
exec 0 0K 2K 78643K 2090 0
tdb 3 0K 0K 78643K 3 0
pagedep 1 8K 8K 78643K 1 0
inodedep 1 32K 32K 78643K 1 0
newblk 1 0K 0K 78643K 1 0
VM swap 7 26K 26K 78643K 7 0
UVM amap 318 89K 109K 78643K 58270 0
UVM aobj 131 4K 4K 78643K 138 0
memdesc 1 4K 4K 78643K 1 0
crypto data 1 1K 1K 78643K 1 0
ip6_options 0 0K 0K 78643K 364 0
NDP 11 0K 2K 78643K 78 0
temp 124 4722K 4850K 78643K 26321 0
kqueue 12 18K 26K 78643K 842 0
SYN cache 2 16K 16K 78643K 2 0
ddb{1}> show all pools
Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle
plcache 128 22 0 0 1 0 1 1 0 8 0
rtpcb 120 714 0 711 11 8 3 5 0 8 2
rtentry 112 311 0 194 4 0 4 4 0 8 0
unpcb 136 10718 0 10703 71 63 8 8 0 8 7
syncache 296 114 0 114 19 18 1 1 0 8 1
tcpqe 32 15 0 15 5 5 0 1 0 8 0
tcpcb 736 4013 0 4009 129 120 9 14 0 8 8
arp 120 53 0 34 1 0 1 1 0 8 0
ipq 40 21 0 20 6 5 1 1 0 8 0
ipqe 40 593 0 591 6 5 1 1 0 8 0
inpcb 312 8014 0 8004 143 132 11 14 0 8 10
nd6 48 87 0 57 1 0 1 1 0 8 0
kcovpl 48 25 0 17 1 0 1 1 0 8 0
art_heap8 4096 1 0 0 1 0 1 1 0 8 0
art_heap4 256 1259 0 773 31 0 31 31 0 8 0
art_table 32 1260 0 773 4 0 4 4 0 8 0
art_node 16 310 0 203 1 0 1 1 0 8 0
sysvmsgpl 40 20 0 13 1 0 1 1 0 8 0
semapl 112 1079 0 1069 1 0 1 1 0 8 0
shmpl 112 135 0 7 4 0 4 4 0 8 0
dirhash 1024 17 0 0 3 0 3 3 0 8 0
dino2pl 256 18480 0 17046 91 0 91 91 0 8 0
ffsino 272 18480 0 17046 97 0 97 97 0 8 0
nchpl 144 30736 0 29096 63 0 63 63 0 8 0
uvmvnodes 80 5926 0 0 121 0 121 121 0 8 0
vnodes 224 5926 0 0 349 0 349 349 0 8 0
namei 1024 118151 0 118150 6 5 1 2 0 8 0
percpumem 16 57 0 17 1 0 1 1 0 8 0
scxspl 216 71700 0 71700 32 31 1 8 0 8 1
plimitpl 152 2152 0 2129 7 5 2 2 0 8 1
sigapl 424 9787 0 9736 7 0 7 7 0 8 0
futexpl 64 87172 0 87163 4 3 1 1 0 8 0
knotepl 120 526 0 0 11 1 10 11 0 8 0
kqueuepl 216 2984 0 2976 54 53 1 8 0 8 0
pipepl 336 1904 0 1876 49 46 3 8 0 8 0
fdescpl 496 9772 0 9737 7 2 5 6 0 8 0
filepl 152 85441 0 85203 135 117 18 19 0 8 8
lockfpl 104 1190 0 1188 2 1 1 2 0 8 0
lockfspl 48 348 0 346 1 0 1 1 0 8 0
sessionpl 144 40 0 24 1 0 1 1 0 8 0
pgrppl 48 694 0 678 1 0 1 1 0 8 0
ucredpl 96 30937 0 30919 1 0 1 1 0 8 0
zombiepl 144 9737 0 9736 3 2 1 1 0 8 0
processpl 1064 9787 0 9736 5 1 4 4 0 8 0
procpl 672 27890 0 27821 24 17 7 8 0 8 1
sosppl 168 121 0 121 17 16 1 1 0 8 1
sockpl 480 19785 0 19760 453 423 30 34 0 8 26
mcl64k 65536 23 0 0 3 1 2 3 0 8 0
mcl16k 16384 17 0 0 3 0 3 3 0 8 0
mcl12k 12288 25 0 0 2 0 2 2 0 8 0
mcl9k 9216 17 0 0 2 0 2 2 0 8 0
mcl8k 8192 35 0 0 3 0 3 3 0 8 0
mcl4k 4096 25 0 0 3 0 3 3 0 8 0
mcl2k2 2112 15 0 0 1 0 1 1 0 8 0
mcl2k 2048 266 0 0 18 3 15 18 0 8 0
mtagpl 96 2 0 0 1 0 1 1 0 8 0
mbufpl 256 1189 0 0 66 1 65 66 0 8 0
bufpl 288 16345 0 10014 453 0 453 453 0 8 0
anonpl 24 1908286 0 1894880 216 118 98 109 0 186 0
amapchunkpl 152 185365 0 184767 149 121 28 44 0 158 2
amappl16 200 28254 0 27851 165 143 22 35 0 8 0
amappl15 192 1035 0 1031 1 0 1 1 0 8 0
amappl14 184 37 0 31 1 0 1 1 0 8 0
amappl13 176 1900 0 1895 1 0 1 1 0 8 0
amappl12 168 20 0 18 2 1 1 1 0 8 0
amappl11 160 2644 0 2626 1 0 1 1 0 8 0
amappl10 152 772 0 764 2 1 1 1 0 8 0
amappl9 144 1355 0 1352 1 0 1 1 0 8 0
amappl8 136 3652 0 3517 5 0 5 5 0 8 0
amappl7 128 2677 0 2658 1 0 1 1 0 8 0
amappl6 120 1197 0 1178 2 1 1 2 0 8 0
amappl5 112 9225 0 9204 1 0 1 1 0 8 0
amappl4 104 4938 0 4903 5 4 1 2 0 8 0
amappl3 96 29094 0 29040 2 0 2 2 0 8 0
amappl2 88 12408 0 12338 3 1 2 3 0 8 0
amappl1 80 234450 0 233749 23 7 16 19 0 8 0
amappl 88 56976 0 56788 5 0 5 5 0 92 0
dma4096 4096 1 0 1 1 1 0 1 0 8 0
dma1024 1024 1 0 0 1 0 1 1 0 8 0
dma256 256 6 0 6 1 1 0 1 0 8 0
dma128 128 253 0 253 1 1 0 1 0 8 0
dma64 64 6 0 6 1 1 0 1 0 8 0
dma32 32 7 0 7 1 1 0 1 0 8 0
dma16 16 18 0 17 1 0 1 1 0 8 0
aobjpl 72 137 0 7 3 0 3 3 0 8 0
uaddrrnd 24 9772 0 9737 1 0 1 1 0 8 0
uaddrbest 32 2 0 0 1 0 1 1 0 8 0
uaddr 24 9772 0 9737 1 0 1 1 0 8 0
vmmpekpl 168 78620 0 78578 3 0 3 3 0 8 0
vmmpepl 168 963430 0 960651 244 111 133 141 0 357 2
vmsppl 368 9771 0 9737 4 0 4 4 0 8 0
rwobjpl 56 242642 0 235132 124 17 107 110 0 8 0
pdppl 4096 19551 0 19474 395 314 81 89 0 8 4
pvpl 32 3641771 0 3623222 455 290 165 256 0 265 0
pmappl 248 9771 0 9737 4 1 3 3 0 8 0
extentpl 40 58 0 38 1 0 1 1 0 8 0
phpool 112 1501 0 624 26 0 26 26 0 8 0
ddb{1}> machine ddbcpu 0
Stopped at x86_ipi_db+0x1a: addq $0x8,%rsp
x86_ipi_db(ffffffff8296bff0) at x86_ipi_db+0x1a sys/arch/amd64/amd64/db_interface.c:393
x86_ipi_handler() at x86_ipi_handler+0xb7 sys/arch/amd64/amd64/ipi.c:106
Xresume_lapic_ipi() at Xresume_lapic_ipi+0x23
x86_bus_space_io_read_1(3f8,5) at x86_bus_space_io_read_1+0x28 sys/arch/amd64/amd64/bus_space.c:639
comcnputc(800,20) at comcnputc+0x1a7 sys/dev/ic/com.c:1269
cnputc(20) at cnputc+0x4b sys/dev/cons.c:239
db_putchar(6b) at db_putchar+0x316 db_force_whitespace sys/ddb/db_output.c:102 [inline]
db_putchar(6b) at db_putchar+0x316 sys/ddb/db_output.c:153
kprintf() at kprintf+0x20ec sys/kern/subr_prf.c:1068
db_printf(ffffffff8260c7e1) at db_printf+0x85 sys/kern/subr_prf.c:502
panic(ffffffff82593b97) at panic+0xd7 sys/kern/subr_prf.c:220
__assert(ffffffff82605519,ffffffff825cf5bb,2a6,ffffffff825c6d58) at __assert+0x25 sys/kern/subr_prf.c:161
proc_trampoline_mp() at proc_trampoline_mp+0x131
end trace frame: 0x0, count: 3
ddb{0}> trace
x86_ipi_db(ffffffff8296bff0) at x86_ipi_db+0x1a sys/arch/amd64/amd64/db_interface.c:393
x86_ipi_handler() at x86_ipi_handler+0xb7 sys/arch/amd64/amd64/ipi.c:106
Xresume_lapic_ipi() at Xresume_lapic_ipi+0x23
x86_bus_space_io_read_1(3f8,5) at x86_bus_space_io_read_1+0x28 sys/arch/amd64/amd64/bus_space.c:639
comcnputc(800,20) at comcnputc+0x1a7 sys/dev/ic/com.c:1269
cnputc(20) at cnputc+0x4b sys/dev/cons.c:239
db_putchar(6b) at db_putchar+0x316 db_force_whitespace sys/ddb/db_output.c:102 [inline]
db_putchar(6b) at db_putchar+0x316 sys/ddb/db_output.c:153
kprintf() at kprintf+0x20ec sys/kern/subr_prf.c:1068
db_printf(ffffffff8260c7e1) at db_printf+0x85 sys/kern/subr_prf.c:502
panic(ffffffff82593b97) at panic+0xd7 sys/kern/subr_prf.c:220
__assert(ffffffff82605519,ffffffff825cf5bb,2a6,ffffffff825c6d58) at __assert+0x25 sys/kern/subr_prf.c:161
proc_trampoline_mp() at proc_trampoline_mp+0x131
end trace frame: 0x0, count: -12
ddb{0}> machine ddbcpu 1
Stopped at db_enter+0x18: addq $0x8,%rsp
db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:437
panic(ffffffff82584174) at panic+0x177 sys/kern/subr_prf.c:202
vop_generic_badop(ffff80002464dbb8) at vop_generic_badop+0x1b sys/kern/vfs_default.c:133
VOP_STRATEGY(fffffd80715b6e48,fffffd8066394ed0) at VOP_STRATEGY+0x9b sys/kern/vfs_vops.c:644
bwrite(fffffd8066394ed0) at bwrite+0x1f0 sys/kern/vfs_bio.c:763
VOP_BWRITE(fffffd8066394ed0) at VOP_BWRITE+0x4a sys/kern/vfs_vops.c:656
ufs_mkdir(ffff80002464de50) at ufs_mkdir+0x6b4 sys/ufs/ufs/ufs_vnops.c:1248
VOP_MKDIR(fffffd8069263940,ffff80002464dfb0,ffff80002464dfe0,ffff80002464dee0) at VOP_MKDIR+0xbf sys/kern/vfs_vops.c:404
domkdirat(ffff8000ffff67f0,ffffff9c,7f7ffffbdb00,1ff) at domkdirat+0x121 sys/kern/vfs_syscalls.c:3101
syscall(ffff80002464e160) at syscall+0x489 mi_syscall sys/sys/syscall_mi.h:102 [inline]
syscall(ffff80002464e160) at syscall+0x489 sys/arch/amd64/amd64/trap.c:585
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x7f7ffffbdb70, count: 4
ddb{1}> trace
db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:437
panic(ffffffff82584174) at panic+0x177 sys/kern/subr_prf.c:202
vop_generic_badop(ffff80002464dbb8) at vop_generic_badop+0x1b sys/kern/vfs_default.c:133
VOP_STRATEGY(fffffd80715b6e48,fffffd8066394ed0) at VOP_STRATEGY+0x9b sys/kern/vfs_vops.c:644
bwrite(fffffd8066394ed0) at bwrite+0x1f0 sys/kern/vfs_bio.c:763
VOP_BWRITE(fffffd8066394ed0) at VOP_BWRITE+0x4a sys/kern/vfs_vops.c:656
ufs_mkdir(ffff80002464de50) at ufs_mkdir+0x6b4 sys/ufs/ufs/ufs_vnops.c:1248
VOP_MKDIR(fffffd8069263940,ffff80002464dfb0,ffff80002464dfe0,ffff80002464dee0) at VOP_MKDIR+0xbf sys/kern/vfs_vops.c:404
domkdirat(ffff8000ffff67f0,ffffff9c,7f7ffffbdb00,1ff) at domkdirat+0x121 sys/kern/vfs_syscalls.c:3101
syscall(ffff80002464e160) at syscall+0x489 mi_syscall sys/sys/syscall_mi.h:102 [inline]
syscall(ffff80002464e160) at syscall+0x489 sys/arch/amd64/amd64/trap.c:585
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x7f7ffffbdb70, count: -11
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
Greg Steuck
Jun 9, 2022, 11:01:17 PM6/9/22
to syzbot, 'Dmitry Vyukov' via syzkaller-openbsd-bugs
#syz dup panic: vpoapn_igc:e kernel diagnostic assertion "!_kernel_lock_held()" failed: file "/syzkaller/managers/setuid/kernel/s
syzbot
Jun 9, 2022, 11:01:18 PM6/9/22
to Greg Steuck, gr...@nest.cx, syzkaller-o...@googlegroups.com
> #syz dup panic: vpoapn_igc:e kernel diagnostic assertion
can't find the dup bug
> "!_kernel_lock_held()" failed: file "/syzkaller/managers/setuid/kernel/s
syzbot
Jun 9, 2022, 11:01:19 PM6/9/22
to Greg Steuck, gr...@nest.cx, syzkaller-o...@googlegroups.com
> #syz dup panic: vpoapn_igc:e kernel diagnostic assertion
can't find the dup bug
> "!_kernel_lock_held()" failed: file "/syzkaller/managers/setuid/kernel/s
>
> --
> "!_kernel_lock_held()" failed: file "/syzkaller/managers/setuid/kernel/s
>
> You received this message because you are subscribed to the Google Groups "syzkaller-openbsd-bugs" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to syzkaller-openbsd...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/syzkaller-openbsd-bugs/CANMcDo-a27GrXT1D4bp%3DB28rvLVYcgaGRWcEsoguscDUJjJ20A%40mail.gmail.com.
Greg Steuck
Jun 9, 2022, 11:05:33 PM6/9/22
to syzbot, 'Dmitry Vyukov' via syzkaller-openbsd-bugs
#syz dup: panic: vpoapn_igc:e kernel diagnostic assertion "!_kernel_lock_held()" failed: file "/syzkaller/managers/setuid/kernel/s
nest.cx is Gmail hosted, use PGP: https://pgp.key-server.io/0x0B1542BD8DF5A1B0
Fingerprint: 5E2B 2D0E 1E03 2046 BEC3 4D50 0B15 42BD 8DF5 A1B0
Fingerprint: 5E2B 2D0E 1E03 2046 BEC3 4D50 0B15 42BD 8DF5 A1B0
syzbot
Jun 9, 2022, 11:05:33 PM6/9/22
to Greg Steuck, gr...@nest.cx, syzkaller-o...@googlegroups.com
syzbot
Jun 9, 2022, 11:05:34 PM6/9/22
to Greg Steuck, gr...@nest.cx, syzkaller-o...@googlegroups.com
> #syz dup: panic: vpoapn_igc:e kernel diagnostic assertion
can't find the dup bug
> "!_kernel_lock_held()" failed: file "/syzkaller/managers/setuid/kernel/s
>
> On Thu, Jun 9, 2022 at 8:01 PM syzbot <
> syzbot+a8a4e1...@syzkaller.appspotmail.com> wrote:
>
>> > #syz dup panic: vpoapn_igc:e kernel diagnostic assertion
>>
>> can't find the dup bug
>>
>> > "!_kernel_lock_held()" failed: file "/syzkaller/managers/setuid/kernel/s
>> >
>> > --
>> > You received this message because you are subscribed to the Google
>> Groups "syzkaller-openbsd-bugs" group.
>> > To unsubscribe from this group and stop receiving emails from it, send
>> an email to syzkaller-openbsd...@googlegroups.com.
>> > To view this discussion on the web visit
>> https://groups.google.com/d/msgid/syzkaller-openbsd-bugs/CANMcDo-a27GrXT1D4bp%3DB28rvLVYcgaGRWcEsoguscDUJjJ20A%40mail.gmail.com
>> .
>>
>
>
> --
> nest.cx is Gmail hosted, use PGP:
> https://pgp.key-server.io/0x0B1542BD8DF5A1B0
> Fingerprint: 5E2B 2D0E 1E03 2046 BEC3 4D50 0B15 42BD 8DF5 A1B0
>
> --
> You received this message because you are subscribed to the Google Groups "syzkaller-openbsd-bugs" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to syzkaller-openbsd...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/syzkaller-openbsd-bugs/CANMcDo81GU64kPudH55Ec5mhdh8ShPQejNBpFTy6vw6LCUHfPA%40mail.gmail.com.
can't find the dup bug
> "!_kernel_lock_held()" failed: file "/syzkaller/managers/setuid/kernel/s
>
> On Thu, Jun 9, 2022 at 8:01 PM syzbot <
> syzbot+a8a4e1...@syzkaller.appspotmail.com> wrote:
>
>> > #syz dup panic: vpoapn_igc:e kernel diagnostic assertion
>>
>> can't find the dup bug
>>
>> > "!_kernel_lock_held()" failed: file "/syzkaller/managers/setuid/kernel/s
>> >
>> > --
>> > You received this message because you are subscribed to the Google
>> Groups "syzkaller-openbsd-bugs" group.
>> > To unsubscribe from this group and stop receiving emails from it, send
>> an email to syzkaller-openbsd...@googlegroups.com.
>> > To view this discussion on the web visit
>> https://groups.google.com/d/msgid/syzkaller-openbsd-bugs/CANMcDo-a27GrXT1D4bp%3DB28rvLVYcgaGRWcEsoguscDUJjJ20A%40mail.gmail.com
>> .
>>
>
>
> --
> nest.cx is Gmail hosted, use PGP:
> https://pgp.key-server.io/0x0B1542BD8DF5A1B0
> Fingerprint: 5E2B 2D0E 1E03 2046 BEC3 4D50 0B15 42BD 8DF5 A1B0
>
> --
> You received this message because you are subscribed to the Google Groups "syzkaller-openbsd-bugs" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to syzkaller-openbsd...@googlegroups.com.
Greg Steuck
Jun 9, 2022, 11:14:45 PM6/9/22
to syzbot, 'Dmitry Vyukov' via syzkaller-openbsd-bugs
#syz dup: 68192c41a5af12eecec8
Greg Steuck
Jun 16, 2022, 9:20:11 PM6/16/22
to syzbot, 'Dmitry Vyukov' via syzkaller-openbsd-bugs
#syz dup: assert "!_kernel_lock_held()" failed in uvm_map.c
Reply all
Reply to author
Forward
0 new messages