assert "(bp->b_flags & B_BUSY) == NUM" failed in vfs_biomem.c
0 views
Skip to first unread message
syzbot
Feb 12, 2024, 7:40:21 AMFeb 12
to syzkaller-o...@googlegroups.com
Hello,
syzbot found the following issue on:
HEAD commit: 6cbac32f9ea2 Retpolines are an anti-pattern for IBT, so we..
git tree: openbsd
console output: https://syzkaller.appspot.com/x/log.txt?x=17aff100180000
kernel config: https://syzkaller.appspot.com/x/.config?x=1bc15e68cd2a49e5
dashboard link: https://syzkaller.appspot.com/bug?extid=2971a12571a316826f01
Unfortunately, I don't have any reproducer for this issue yet.
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/03c9a3779e05/disk-6cbac32f.raw.xz
bsd.gdb: https://storage.googleapis.com/syzbot-assets/11918bafc182/bsd-6cbac32f.gdb.xz
kernel image: https://storage.googleapis.com/syzbot-assets/eac754339c34/kernel-6cbac32f.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+2971a1...@syzkaller.appspotmail.com
panic: kernel diagnostic assertion "(bp->b_flags & B_BUSY) == 0" failed: file "/syzkaller/managers/main/kernel/sys/kern/vfs_biomem.c", line 234
Stopped at db_enter+0x1c: addq $0x8,%rsp
TID PID UID PRFLAGS PFLAGS CPU COMMAND
*144650 90544 0 0 0x4000000 0 syz-executor.0
db_enter() at db_enter+0x1c sys/arch/amd64/amd64/db_interface.c:437
panic(ffffffff8283e8c1) at panic+0x165 sys/kern/subr_prf.c:198
__assert(ffffffff828c1e12,ffffffff828e1671,ea,ffffffff828c0016) at __assert+0x29 sys/kern/subr_prf.c:157
buf_unmap(fffffd806582d380) at buf_unmap+0x184 sys/kern/vfs_biomem.c:235
buf_map(fffffd8068335038) at buf_map+0x1c7 sys/kern/vfs_biomem.c:117
buf_get(fffffd80722c5a70,fffffffffffffff4,4000) at buf_get+0x758 sys/kern/vfs_bio.c:1175
getblk(fffffd80722c5a70,fffffffffffffff4,4000,0,ffffffffffffffff) at getblk+0x10d sys/kern/vfs_bio.c:1044
ffs2_balloc(fffffd8069af3a58,30000,4000,fffffd807f7d7618,0,ffff80002d9d7018) at ffs2_balloc+0xa7f sys/ufs/ffs/ffs_balloc.c:585
ffs_write(ffff80002d9d70b0) at ffs_write+0x411 sys/ufs/ffs/ffs_vnops.c:345
VOP_WRITE(fffffd80722c5a70,ffff80002d9d72d0,13,fffffd807f7d7618) at VOP_WRITE+0xc3 sys/kern/vfs_vops.c:245
vn_write(fffffd80631ae0f8,ffff80002d9d72d0,0) at vn_write+0x156 sys/kern/vfs_vnops.c:408
dofilewritev(ffff80002a6d22b8,5,ffff80002d9d72d0,0,ffff80002d9d7390) at dofilewritev+0x1a0 sys/kern/sys_generic.c:375
sys_writev(ffff80002a6d22b8,ffff80002d9d7440,ffff80002d9d7390) at sys_writev+0xab sys/kern/sys_generic.c:322
syscall(ffff80002d9d7440) at syscall+0x751 sys/arch/amd64/amd64/trap.c:577
end trace frame: 0xffff80002d9d74c0, count: 0
https://www.openbsd.org/ddb.html describes the minimum info required in bug
reports. Insufficient info makes it difficult to find and fix bugs.
ddb>
ddb> set $lines = 0
ddb> set $maxwidth = 0
ddb> show panic
*cpu0: kernel diagnostic assertion "(bp->b_flags & B_BUSY) == 0" failed: file "/syzkaller/managers/main/kernel/sys/kern/vfs_biomem.c", line 234
ddb> trace
db_enter() at db_enter+0x1c sys/arch/amd64/amd64/db_interface.c:437
panic(ffffffff8283e8c1) at panic+0x165 sys/kern/subr_prf.c:198
__assert(ffffffff828c1e12,ffffffff828e1671,ea,ffffffff828c0016) at __assert+0x29 sys/kern/subr_prf.c:157
buf_unmap(fffffd806582d380) at buf_unmap+0x184 sys/kern/vfs_biomem.c:235
buf_map(fffffd8068335038) at buf_map+0x1c7 sys/kern/vfs_biomem.c:117
buf_get(fffffd80722c5a70,fffffffffffffff4,4000) at buf_get+0x758 sys/kern/vfs_bio.c:1175
getblk(fffffd80722c5a70,fffffffffffffff4,4000,0,ffffffffffffffff) at getblk+0x10d sys/kern/vfs_bio.c:1044
ffs2_balloc(fffffd8069af3a58,30000,4000,fffffd807f7d7618,0,ffff80002d9d7018) at ffs2_balloc+0xa7f sys/ufs/ffs/ffs_balloc.c:585
ffs_write(ffff80002d9d70b0) at ffs_write+0x411 sys/ufs/ffs/ffs_vnops.c:345
VOP_WRITE(fffffd80722c5a70,ffff80002d9d72d0,13,fffffd807f7d7618) at VOP_WRITE+0xc3 sys/kern/vfs_vops.c:245
vn_write(fffffd80631ae0f8,ffff80002d9d72d0,0) at vn_write+0x156 sys/kern/vfs_vnops.c:408
dofilewritev(ffff80002a6d22b8,5,ffff80002d9d72d0,0,ffff80002d9d7390) at dofilewritev+0x1a0 sys/kern/sys_generic.c:375
sys_writev(ffff80002a6d22b8,ffff80002d9d7440,ffff80002d9d7390) at sys_writev+0xab sys/kern/sys_generic.c:322
syscall(ffff80002d9d7440) at syscall+0x751 sys/arch/amd64/amd64/trap.c:577
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x1d7855ec4a0, count: -15
ddb> show registers
rdi 0
rsi 0x1
rbp 0xffff80002d9d69a0
rbx 0xfffffd8068335001
rdx 0xffff800000daabc0
rcx 0
rax 0xffff80002a6d22b8
r8 0x101010101010101
r9 0x8080808080808080
r10 0xf2d6b405a821bedd
r11 0xd078f3ebfbbab645
r12 0
r13 0
r14 0
r15 0x1
rip 0xffffffff81e6d91c db_enter+0x1c
cs 0x8
rflags 0x246
rsp 0xffff80002d9d6990
ss 0x10
db_enter+0x1c: addq $0x8,%rsp
ddb> show proc
PROC (syz-executor.0) tid=144650 pid=90544 tcnt=2 stat=onproc
flags process=0 proc=4000000<THREAD>
runpri=32, usrpri=52, slppri=32, nice=20
wchan=0x0, wmesg=, ps_single=0x0
forw=0xffffffffffffffff, list=0xffff80002a6d2560,0xffffffff82dc10c0
process=0xffff800030f54020 user=0xffff80002d9d2000, vmspace=0xfffffd806bbf9438
estcpu=36, cpticks=1, pctcpu=0.0, user=0, sys=1, intr=0
ddb> ps
PID TID PPID UID S FLAGS WAIT COMMAND
90544 70590 32064 0 2 0 syz-executor.0
*90544 144650 32064 0 7 0x4000000 syz-executor.0
38835 9100 20599 0 2 0 syz-executor.3
38835 144559 20599 0 2 0x4000000 syz-executor.3
38835 262698 20599 0 3 0x4000080 kqpoll syz-executor.3
38835 320209 20599 0 2 0x4000000 syz-executor.3
38835 89193 20599 0 2 0x4000000 syz-executor.3
84366 7074 78546 0 3 0x80 nanoslp syz-executor.4
84366 487780 78546 0 3 0x4000080 ttyin syz-executor.4
84366 513421 78546 0 3 0x4000080 fsleep syz-executor.4
84366 442609 78546 0 3 0x4000080 fsleep syz-executor.4
32064 1752 6351 0 3 0x82 nanoslp syz-executor.0
12277 102748 6351 0 2 0x2 syz-executor.1
13232 68081 0 0 3 0x14200 acct acct
9968 361409 6351 0 2 0x2 syz-executor.2
23201 209332 0 0 3 0x14200 bored sosplice
29647 195864 1 0 3 0x100083 ttyin getty
1191 60067 0 0 3 0x14280 nfsidl nfsio
96521 216558 0 0 3 0x14280 nfsidl nfsio
94169 151990 0 0 3 0x14280 nfsidl nfsio
48193 124759 0 0 3 0x14280 nfsidl nfsio
1952 182053 0 0 3 0x14280 nfsidl nfsio
84180 126867 0 0 3 0x14280 nfsidl nfsio
3111 372312 0 0 3 0x14280 nfsidl nfsio
26619 309703 0 0 3 0x14280 nfsidl nfsio
46341 483132 0 0 3 0x14280 nfsidl nfsio
66237 516309 0 0 3 0x14280 nfsidl nfsio
965 95424 0 0 3 0x14280 nfsidl nfsio
44439 255240 0 0 3 0x14280 nfsidl nfsio
50648 130853 0 0 3 0x14280 nfsidl nfsio
16714 520528 0 0 3 0x14280 nfsidl nfsio
93891 465148 0 0 3 0x14280 nfsidl nfsio
43537 404011 0 0 3 0x14280 nfsidl nfsio
80410 302901 0 0 3 0x14280 nfsidl nfsio
27849 479194 0 0 3 0x14280 nfsidl nfsio
44432 240475 0 0 3 0x14280 nfsidl nfsio
48119 22992 0 0 3 0x14280 nfsidl nfsio
29101 223309 6351 0 2 0x2 syz-executor.6
20599 344230 6351 0 3 0x82 nanoslp syz-executor.3
78546 171529 6351 0 3 0x82 nanoslp syz-executor.4
81522 359353 6351 0 2 0x2 syz-executor.7
7995 134458 6351 0 2 0x2 syz-executor.5
6351 199904 9564 0 3 0x2000082 thrsleep syz-fuzzer
6351 44928 9564 0 2 0x6000002 syz-fuzzer
6351 102713 9564 0 3 0x6000082 kqread syz-fuzzer
6351 466970 9564 0 3 0x6000082 wait syz-fuzzer
6351 160794 9564 0 3 0x6000082 wait syz-fuzzer
6351 503461 9564 0 3 0x6000082 thrsleep syz-fuzzer
6351 159964 9564 0 3 0x6000082 thrsleep syz-fuzzer
6351 333369 9564 0 3 0x6000082 wait syz-fuzzer
6351 479681 9564 0 3 0x6000082 wait syz-fuzzer
6351 148679 9564 0 3 0x6000082 thrsleep syz-fuzzer
6351 157745 9564 0 3 0x6000082 wait syz-fuzzer
6351 115649 9564 0 3 0x6000082 wait syz-fuzzer
6351 4559 9564 0 3 0x6000082 wait syz-fuzzer
6351 9073 9564 0 3 0x6000082 wait syz-fuzzer
9564 307760 36874 0 3 0x10008a sigsusp ksh
36874 159430 28105 0 3 0x9a kqread sshd
28105 55943 1 0 3 0x88 kqread sshd
6409 332349 77996 73 3 0x1100090 kqread syslogd
77996 399059 1 0 3 0x100082 netio syslogd
85218 382971 1 0 3 0x100080 kqread resolvd
15544 361079 43294 77 3 0x100092 kqread dhcpleased
56520 160014 43294 77 3 0x100092 kqread dhcpleased
43294 169633 1 0 3 0x80 kqread dhcpleased
96805 105073 0 0 3 0x14200 bored smr
1317 490169 0 0 2 0x14200 zerothread
91381 384441 0 0 3 0x14200 aiodoned aiodoned
82081 133344 0 0 3 0x14200 syncer update
40768 512412 0 0 3 0x14200 cleaner cleaner
82724 351548 0 0 3 0x14200 reaper reaper
19384 239775 0 0 3 0x14200 pgdaemon pagedaemon
27653 323883 0 0 3 0x14200 bored viomb
45090 367949 0 0 3 0x40014200 acpi0 acpi0
64188 75587 0 0 3 0x14200 bored softnet3
55333 489811 0 0 3 0x14200 bored softnet2
24242 349446 0 0 3 0x14200 bored softnet1
15381 281515 0 0 3 0x14200 bored softnet0
19092 330644 0 0 3 0x14200 bored systqmp
25054 307391 0 0 3 0x14200 bored systq
29736 443872 0 0 3 0x40014200 tmoslp softclock
94570 27274 0 0 3 0x40014200 idle0
1 122056 0 0 3 0x82 wait init
0 0 -1 0 3 0x10200 scheduler swapper
ddb> show all locks
No such command
ddb> show malloc
Type InUse MemUse HighUse Limit Requests Type Lim
devbuf 10208 6606K 7479K 166960K 14181 0
pcb 15 16K 19K 166960K 216 0
rtable 177 13K 16K 166960K 821 0
pf 27 8K 9K 166960K 118 0
ifaddr 33 9K 11K 166960K 105 0
ifgroup 46 2K 2K 166960K 199 0
sysctl 3 1K 1K 166960K 3 0
counters 29 17K 17K 166960K 65 0
ioctlops 0 0K 2K 166960K 218 0
iov 0 0K 18K 166960K 356 0
mount 1 1K 1K 166960K 1 0
log 0 0K 0K 166960K 4 0
vnodes 1373 86K 86K 166960K 2517 0
UFS quota 1 32K 32K 166960K 1 0
UFS mount 5 36K 36K 166960K 5 0
shm 2 1K 5K 166960K 10 0
VM map 2 1K 1K 166960K 2 0
sem 12 0K 1K 166960K 383 0
dirhash 12 2K 2K 166960K 39 0
ACPI 1697 195K 286K 166960K 12548 0
file desc 13 45K 73K 166960K 2236 0
sigio 0 0K 0K 166960K 40 0
proc 57 59K 83K 166960K 741 0
subproc 104 6K 6K 166960K 195 0
NFS srvsock 1 0K 0K 166960K 1 0
NFS daemon 1 16K 16K 166960K 1 0
ip_moptions 0 0K 0K 166960K 73 0
in_multi 66 4K 7K 166960K 205 0
ether_multi 1 0K 0K 166960K 4 0
ISOFS mount 1 32K 32K 166960K 1 0
MSDOSFS mount 1 16K 16K 166960K 1 0
ttys 139 625K 625K 166960K 139 0
exec 0 0K 1K 166960K 762 0
tdb 3 0K 0K 166960K 3 0
VM swap 8 62K 64K 166960K 10 0
UVM amap 313 102K 102K 166960K 22927 0
UVM aobj 131 4K 4K 166960K 134 0
memdesc 1 4K 4K 166960K 1 0
crypto data 1 1K 1K 166960K 1 0
ip6_options 0 0K 0K 166960K 91 0
NDP 12 0K 1K 166960K 76 0
temp 75 6704K 6974K 166960K 45456 0
kqueue 12 18K 24K 166960K 177 0
SYN cache 2 16K 16K 166960K 2 0
ddb> show all pools
Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle
rtpcb 120 238 0 235 4 3 1 3 0 8 0
rtentry 112 206 0 129 4 1 3 4 0 8 0
unpcb 144 2548 0 2534 20 18 2 10 0 8 1
syncache 320 15 0 15 3 3 0 1 0 8 0
tcpqe 32 94 0 94 4 4 0 1 0 8 0
tcpcb 808 867 0 859 24 16 8 9 0 8 5
arp 88 35 0 23 1 0 1 1 0 8 0
inpcb 344 2234 0 2223 41 33 8 14 0 8 6
nd6 104 46 0 31 1 0 1 1 0 8 0
pkpcb 40 10 0 10 1 1 0 1 0 8 0
kcovpl 48 15 0 7 1 0 1 1 0 8 0
ppxss 1072 5 0 5 2 2 0 1 0 8 0
art_heap8 4096 1 0 0 1 0 1 1 0 8 0
art_heap4 256 799 0 470 32 8 24 30 0 8 3
art_table 32 800 0 470 4 0 4 4 0 8 0
art_node 16 197 0 127 1 0 1 1 0 8 0
sysvmsgpl 40 37 0 20 1 0 1 1 0 8 0
semupl 112 1 0 1 1 1 0 1 0 8 0
semapl 112 380 0 370 1 0 1 1 0 8 0
shmpl 112 131 0 3 4 0 4 4 0 8 0
dirhash 1024 35 0 18 3 0 3 3 0 8 0
dino2pl 256 4594 0 3142 92 0 92 92 0 8 0
ffsino 240 4594 0 3142 86 0 86 86 0 8 0
nchpl 144 7679 0 6034 63 0 63 63 0 8 0
uvmvnodes 80 5344 0 0 110 0 110 110 0 8 0
vnodes 216 5344 0 0 297 0 297 297 0 8 0
namei 1024 27091 0 27091 4 3 1 3 0 8 1
vcpupl 2048 8 0 1 1 0 1 1 0 8 0
vmpool 664 8 0 1 1 0 1 1 0 8 0
kstatmem 264 92 0 72 2 0 2 2 0 8 0
scxspl 216 23829 0 23817 13 11 2 8 1 8 1
plimitpl 152 237 0 221 1 0 1 1 0 8 0
sigapl 424 2545 0 2483 8 0 8 8 0 8 0
futexpl 64 21407 0 21405 1 0 1 1 0 8 0
knotepl 120 21402 0 21320 4 1 3 4 0 8 0
kqueuepl 184 428 0 419 8 7 1 4 0 8 0
pipepl 288 621 0 563 16 9 7 7 0 8 2
fdescpl 432 2507 0 2483 4 0 4 4 0 8 0
filepl 120 16797 0 16463 32 19 13 16 0 8 2
lockfpl 104 603 0 601 2 1 1 2 0 8 0
lockfspl 48 252 0 250 1 0 1 1 0 8 0
sessionpl 144 31 0 15 1 0 1 1 0 8 0
pgrppl 48 56 0 40 1 0 1 1 0 8 0
ucredpl 104 2639 0 2628 1 0 1 1 0 8 0
zombiepl 144 2483 0 2483 1 0 1 1 0 8 1
processpl 1072 2545 0 2483 5 0 5 5 0 8 0
procpl 680 6064 0 5981 14 5 9 9 0 8 1
sosppl 168 24 0 24 1 0 1 1 0 8 1
sockpl 488 5030 0 5002 148 135 13 35 0 8 7
mcl64k 65536 104 0 104 4 3 1 1 0 8 1
mcl16k 16384 49 0 49 6 5 1 1 0 8 1
mcl12k 12288 85 0 85 5 4 1 1 0 8 1
mcl9k 9216 46 0 46 6 5 1 1 0 8 1
mcl8k 8192 299 0 299 3 2 1 1 0 8 1
mcl4k 4096 305 0 305 4 3 1 2 0 8 1
mcl2k2 2112 22 0 22 6 5 1 1 0 8 1
mcl2k 2048 72857 0 72811 34 26 8 29 0 8 1
mtagpl 96 429 0 332 6 1 5 5 0 8 0
mbufpl 256 146052 0 145852 218 196 22 104 0 8 0
bufpl 280 8504 0 2110 457 0 457 457 0 8 0
bufpl: pool(0xffffffff82e37e38:bufpl): page inconsistency: page 0x0; at page head addr 0xfffffd806582df90 (p 0xfffffd806582d000)
anonpl 24 384500 0 370833 135 48 87 109 0 188 0
amapchunkpl 152 73409 0 72614 50 13 37 46 0 158 1
amappl16 200 9238 0 8828 56 33 23 35 0 8 0
amappl15 192 18 0 18 2 2 0 1 0 8 0
amappl14 184 177 0 165 2 1 1 2 0 8 0
amappl13 176 41 0 40 1 0 1 1 0 8 0
amappl12 168 3239 0 3212 2 0 2 2 0 8 0
amappl11 160 47 0 37 1 0 1 1 0 8 0
amappl10 152 44 0 35 2 1 1 1 0 8 0
amappl9 144 154 0 153 1 0 1 1 0 8 0
amappl8 136 259 0 202 3 0 3 3 0 8 0
amappl7 128 176 0 153 2 0 2 2 0 8 0
amappl6 120 381 0 370 1 0 1 1 0 8 0
amappl5 112 157 0 149 1 0 1 1 0 8 0
amappl4 104 482 0 462 2 1 1 2 0 8 0
amappl3 96 14897 0 14831 3 0 3 3 0 8 0
amappl2 88 3090 0 3022 3 1 2 3 0 8 0
amappl1 80 17522 0 17021 22 11 11 22 0 8 0
amappl 88 22315 0 22117 6 0 6 6 0 92 0
dma4096 4096 1 0 1 1 1 0 1 0 8 0
dma1024 1024 1 0 0 1 0 1 1 0 8 0
dma256 256 6 0 6 1 1 0 1 0 8 0
dma128 128 253 0 253 1 1 0 1 0 8 0
dma64 64 6 0 6 1 1 0 1 0 8 0
dma32 32 7 0 7 1 1 0 1 0 8 0
dma16 16 18 0 17 1 0 1 1 0 8 0
aobjpl 72 133 0 3 3 0 3 3 0 8 0
uaddrrnd 24 2515 0 2484 1 0 1 1 0 8 0
uaddrbest 32 2 0 0 1 0 1 1 0 8 0
uaddr 24 2515 0 2484 1 0 1 1 0 8 0
vmmpekpl 168 24213 0 24145 4 0 4 4 0 8 0
vmmpepl 168 170013 0 167977 155 33 122 122 0 357 20
vmsppl 352 2514 0 2484 4 0 4 4 0 8 0
rwobjpl 24 52647 0 45785 42 0 42 42 0 8 0
pdppl 4096 5036 0 4975 198 128 70 71 0 8 9
pvpl 32 923988 0 905017 334 171 163 333 0 265 2
pmappl 216 2514 0 2484 2 0 2 2 0 8 0
extentpl 40 56 0 38 1 0 1 1 0 8 0
phpool 112 743 0 406 13 0 13 13 0 8 0
ddb> machine ddbcpu 0
No such command
ddb> trace
db_enter() at db_enter+0x1c sys/arch/amd64/amd64/db_interface.c:437
panic(ffffffff8283e8c1) at panic+0x165 sys/kern/subr_prf.c:198
__assert(ffffffff828c1e12,ffffffff828e1671,ea,ffffffff828c0016) at __assert+0x29 sys/kern/subr_prf.c:157
buf_unmap(fffffd806582d380) at buf_unmap+0x184 sys/kern/vfs_biomem.c:235
buf_map(fffffd8068335038) at buf_map+0x1c7 sys/kern/vfs_biomem.c:117
buf_get(fffffd80722c5a70,fffffffffffffff4,4000) at buf_get+0x758 sys/kern/vfs_bio.c:1175
getblk(fffffd80722c5a70,fffffffffffffff4,4000,0,ffffffffffffffff) at getblk+0x10d sys/kern/vfs_bio.c:1044
ffs2_balloc(fffffd8069af3a58,30000,4000,fffffd807f7d7618,0,ffff80002d9d7018) at ffs2_balloc+0xa7f sys/ufs/ffs/ffs_balloc.c:585
ffs_write(ffff80002d9d70b0) at ffs_write+0x411 sys/ufs/ffs/ffs_vnops.c:345
VOP_WRITE(fffffd80722c5a70,ffff80002d9d72d0,13,fffffd807f7d7618) at VOP_WRITE+0xc3 sys/kern/vfs_vops.c:245
vn_write(fffffd80631ae0f8,ffff80002d9d72d0,0) at vn_write+0x156 sys/kern/vfs_vnops.c:408
dofilewritev(ffff80002a6d22b8,5,ffff80002d9d72d0,0,ffff80002d9d7390) at dofilewritev+0x1a0 sys/kern/sys_generic.c:375
sys_writev(ffff80002a6d22b8,ffff80002d9d7440,ffff80002d9d7390) at sys_writev+0xab sys/kern/sys_generic.c:322
syscall(ffff80002d9d7440) at syscall+0x751 sys/arch/amd64/amd64/trap.c:577
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x1d7855ec4a0, count: -15
ddb> machine ddbcpu 1
No such command
ddb> trace
db_enter() at db_enter+0x1c sys/arch/amd64/amd64/db_interface.c:437
panic(ffffffff8283e8c1) at panic+0x165 sys/kern/subr_prf.c:198
__assert(ffffffff828c1e12,ffffffff828e1671,ea,ffffffff828c0016) at __assert+0x29 sys/kern/subr_prf.c:157
buf_unmap(fffffd806582d380) at buf_unmap+0x184 sys/kern/vfs_biomem.c:235
buf_map(fffffd8068335038) at buf_map+0x1c7 sys/kern/vfs_biomem.c:117
buf_get(fffffd80722c5a70,fffffffffffffff4,4000) at buf_get+0x758 sys/kern/vfs_bio.c:1175
getblk(fffffd80722c5a70,fffffffffffffff4,4000,0,ffffffffffffffff) at getblk+0x10d sys/kern/vfs_bio.c:1044
ffs2_balloc(fffffd8069af3a58,30000,4000,fffffd807f7d7618,0,ffff80002d9d7018) at ffs2_balloc+0xa7f sys/ufs/ffs/ffs_balloc.c:585
ffs_write(ffff80002d9d70b0) at ffs_write+0x411 sys/ufs/ffs/ffs_vnops.c:345
VOP_WRITE(fffffd80722c5a70,ffff80002d9d72d0,13,fffffd807f7d7618) at VOP_WRITE+0xc3 sys/kern/vfs_vops.c:245
vn_write(fffffd80631ae0f8,ffff80002d9d72d0,0) at vn_write+0x156 sys/kern/vfs_vnops.c:408
dofilewritev(ffff80002a6d22b8,5,ffff80002d9d72d0,0,ffff80002d9d7390) at dofilewritev+0x1a0 sys/kern/sys_generic.c:375
sys_writev(ffff80002a6d22b8,ffff80002d9d7440,ffff80002d9d7390) at sys_writev+0xab sys/kern/sys_generic.c:322
syscall(ffff80002d9d7440) at syscall+0x751 sys/arch/amd64/amd64/trap.c:577
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x1d7855ec4a0, count: -15
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
If the report is already addressed, let syzbot know by replying with:
#syz fix: exact-commit-title
If you want to overwrite report's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)
If the report is a duplicate of another one, reply with:
#syz dup: exact-subject-of-another-report
If you want to undo deduplication, reply with:
#syz undup
syzbot found the following issue on:
HEAD commit: 6cbac32f9ea2 Retpolines are an anti-pattern for IBT, so we..
git tree: openbsd
console output: https://syzkaller.appspot.com/x/log.txt?x=17aff100180000
kernel config: https://syzkaller.appspot.com/x/.config?x=1bc15e68cd2a49e5
dashboard link: https://syzkaller.appspot.com/bug?extid=2971a12571a316826f01
Unfortunately, I don't have any reproducer for this issue yet.
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/03c9a3779e05/disk-6cbac32f.raw.xz
bsd.gdb: https://storage.googleapis.com/syzbot-assets/11918bafc182/bsd-6cbac32f.gdb.xz
kernel image: https://storage.googleapis.com/syzbot-assets/eac754339c34/kernel-6cbac32f.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+2971a1...@syzkaller.appspotmail.com
panic: kernel diagnostic assertion "(bp->b_flags & B_BUSY) == 0" failed: file "/syzkaller/managers/main/kernel/sys/kern/vfs_biomem.c", line 234
Stopped at db_enter+0x1c: addq $0x8,%rsp
TID PID UID PRFLAGS PFLAGS CPU COMMAND
*144650 90544 0 0 0x4000000 0 syz-executor.0
db_enter() at db_enter+0x1c sys/arch/amd64/amd64/db_interface.c:437
panic(ffffffff8283e8c1) at panic+0x165 sys/kern/subr_prf.c:198
__assert(ffffffff828c1e12,ffffffff828e1671,ea,ffffffff828c0016) at __assert+0x29 sys/kern/subr_prf.c:157
buf_unmap(fffffd806582d380) at buf_unmap+0x184 sys/kern/vfs_biomem.c:235
buf_map(fffffd8068335038) at buf_map+0x1c7 sys/kern/vfs_biomem.c:117
buf_get(fffffd80722c5a70,fffffffffffffff4,4000) at buf_get+0x758 sys/kern/vfs_bio.c:1175
getblk(fffffd80722c5a70,fffffffffffffff4,4000,0,ffffffffffffffff) at getblk+0x10d sys/kern/vfs_bio.c:1044
ffs2_balloc(fffffd8069af3a58,30000,4000,fffffd807f7d7618,0,ffff80002d9d7018) at ffs2_balloc+0xa7f sys/ufs/ffs/ffs_balloc.c:585
ffs_write(ffff80002d9d70b0) at ffs_write+0x411 sys/ufs/ffs/ffs_vnops.c:345
VOP_WRITE(fffffd80722c5a70,ffff80002d9d72d0,13,fffffd807f7d7618) at VOP_WRITE+0xc3 sys/kern/vfs_vops.c:245
vn_write(fffffd80631ae0f8,ffff80002d9d72d0,0) at vn_write+0x156 sys/kern/vfs_vnops.c:408
dofilewritev(ffff80002a6d22b8,5,ffff80002d9d72d0,0,ffff80002d9d7390) at dofilewritev+0x1a0 sys/kern/sys_generic.c:375
sys_writev(ffff80002a6d22b8,ffff80002d9d7440,ffff80002d9d7390) at sys_writev+0xab sys/kern/sys_generic.c:322
syscall(ffff80002d9d7440) at syscall+0x751 sys/arch/amd64/amd64/trap.c:577
end trace frame: 0xffff80002d9d74c0, count: 0
https://www.openbsd.org/ddb.html describes the minimum info required in bug
reports. Insufficient info makes it difficult to find and fix bugs.
ddb>
ddb> set $lines = 0
ddb> set $maxwidth = 0
ddb> show panic
*cpu0: kernel diagnostic assertion "(bp->b_flags & B_BUSY) == 0" failed: file "/syzkaller/managers/main/kernel/sys/kern/vfs_biomem.c", line 234
ddb> trace
db_enter() at db_enter+0x1c sys/arch/amd64/amd64/db_interface.c:437
panic(ffffffff8283e8c1) at panic+0x165 sys/kern/subr_prf.c:198
__assert(ffffffff828c1e12,ffffffff828e1671,ea,ffffffff828c0016) at __assert+0x29 sys/kern/subr_prf.c:157
buf_unmap(fffffd806582d380) at buf_unmap+0x184 sys/kern/vfs_biomem.c:235
buf_map(fffffd8068335038) at buf_map+0x1c7 sys/kern/vfs_biomem.c:117
buf_get(fffffd80722c5a70,fffffffffffffff4,4000) at buf_get+0x758 sys/kern/vfs_bio.c:1175
getblk(fffffd80722c5a70,fffffffffffffff4,4000,0,ffffffffffffffff) at getblk+0x10d sys/kern/vfs_bio.c:1044
ffs2_balloc(fffffd8069af3a58,30000,4000,fffffd807f7d7618,0,ffff80002d9d7018) at ffs2_balloc+0xa7f sys/ufs/ffs/ffs_balloc.c:585
ffs_write(ffff80002d9d70b0) at ffs_write+0x411 sys/ufs/ffs/ffs_vnops.c:345
VOP_WRITE(fffffd80722c5a70,ffff80002d9d72d0,13,fffffd807f7d7618) at VOP_WRITE+0xc3 sys/kern/vfs_vops.c:245
vn_write(fffffd80631ae0f8,ffff80002d9d72d0,0) at vn_write+0x156 sys/kern/vfs_vnops.c:408
dofilewritev(ffff80002a6d22b8,5,ffff80002d9d72d0,0,ffff80002d9d7390) at dofilewritev+0x1a0 sys/kern/sys_generic.c:375
sys_writev(ffff80002a6d22b8,ffff80002d9d7440,ffff80002d9d7390) at sys_writev+0xab sys/kern/sys_generic.c:322
syscall(ffff80002d9d7440) at syscall+0x751 sys/arch/amd64/amd64/trap.c:577
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x1d7855ec4a0, count: -15
ddb> show registers
rdi 0
rsi 0x1
rbp 0xffff80002d9d69a0
rbx 0xfffffd8068335001
rdx 0xffff800000daabc0
rcx 0
rax 0xffff80002a6d22b8
r8 0x101010101010101
r9 0x8080808080808080
r10 0xf2d6b405a821bedd
r11 0xd078f3ebfbbab645
r12 0
r13 0
r14 0
r15 0x1
rip 0xffffffff81e6d91c db_enter+0x1c
cs 0x8
rflags 0x246
rsp 0xffff80002d9d6990
ss 0x10
db_enter+0x1c: addq $0x8,%rsp
ddb> show proc
PROC (syz-executor.0) tid=144650 pid=90544 tcnt=2 stat=onproc
flags process=0 proc=4000000<THREAD>
runpri=32, usrpri=52, slppri=32, nice=20
wchan=0x0, wmesg=, ps_single=0x0
forw=0xffffffffffffffff, list=0xffff80002a6d2560,0xffffffff82dc10c0
process=0xffff800030f54020 user=0xffff80002d9d2000, vmspace=0xfffffd806bbf9438
estcpu=36, cpticks=1, pctcpu=0.0, user=0, sys=1, intr=0
ddb> ps
PID TID PPID UID S FLAGS WAIT COMMAND
90544 70590 32064 0 2 0 syz-executor.0
*90544 144650 32064 0 7 0x4000000 syz-executor.0
38835 9100 20599 0 2 0 syz-executor.3
38835 144559 20599 0 2 0x4000000 syz-executor.3
38835 262698 20599 0 3 0x4000080 kqpoll syz-executor.3
38835 320209 20599 0 2 0x4000000 syz-executor.3
38835 89193 20599 0 2 0x4000000 syz-executor.3
84366 7074 78546 0 3 0x80 nanoslp syz-executor.4
84366 487780 78546 0 3 0x4000080 ttyin syz-executor.4
84366 513421 78546 0 3 0x4000080 fsleep syz-executor.4
84366 442609 78546 0 3 0x4000080 fsleep syz-executor.4
32064 1752 6351 0 3 0x82 nanoslp syz-executor.0
12277 102748 6351 0 2 0x2 syz-executor.1
13232 68081 0 0 3 0x14200 acct acct
9968 361409 6351 0 2 0x2 syz-executor.2
23201 209332 0 0 3 0x14200 bored sosplice
29647 195864 1 0 3 0x100083 ttyin getty
1191 60067 0 0 3 0x14280 nfsidl nfsio
96521 216558 0 0 3 0x14280 nfsidl nfsio
94169 151990 0 0 3 0x14280 nfsidl nfsio
48193 124759 0 0 3 0x14280 nfsidl nfsio
1952 182053 0 0 3 0x14280 nfsidl nfsio
84180 126867 0 0 3 0x14280 nfsidl nfsio
3111 372312 0 0 3 0x14280 nfsidl nfsio
26619 309703 0 0 3 0x14280 nfsidl nfsio
46341 483132 0 0 3 0x14280 nfsidl nfsio
66237 516309 0 0 3 0x14280 nfsidl nfsio
965 95424 0 0 3 0x14280 nfsidl nfsio
44439 255240 0 0 3 0x14280 nfsidl nfsio
50648 130853 0 0 3 0x14280 nfsidl nfsio
16714 520528 0 0 3 0x14280 nfsidl nfsio
93891 465148 0 0 3 0x14280 nfsidl nfsio
43537 404011 0 0 3 0x14280 nfsidl nfsio
80410 302901 0 0 3 0x14280 nfsidl nfsio
27849 479194 0 0 3 0x14280 nfsidl nfsio
44432 240475 0 0 3 0x14280 nfsidl nfsio
48119 22992 0 0 3 0x14280 nfsidl nfsio
29101 223309 6351 0 2 0x2 syz-executor.6
20599 344230 6351 0 3 0x82 nanoslp syz-executor.3
78546 171529 6351 0 3 0x82 nanoslp syz-executor.4
81522 359353 6351 0 2 0x2 syz-executor.7
7995 134458 6351 0 2 0x2 syz-executor.5
6351 199904 9564 0 3 0x2000082 thrsleep syz-fuzzer
6351 44928 9564 0 2 0x6000002 syz-fuzzer
6351 102713 9564 0 3 0x6000082 kqread syz-fuzzer
6351 466970 9564 0 3 0x6000082 wait syz-fuzzer
6351 160794 9564 0 3 0x6000082 wait syz-fuzzer
6351 503461 9564 0 3 0x6000082 thrsleep syz-fuzzer
6351 159964 9564 0 3 0x6000082 thrsleep syz-fuzzer
6351 333369 9564 0 3 0x6000082 wait syz-fuzzer
6351 479681 9564 0 3 0x6000082 wait syz-fuzzer
6351 148679 9564 0 3 0x6000082 thrsleep syz-fuzzer
6351 157745 9564 0 3 0x6000082 wait syz-fuzzer
6351 115649 9564 0 3 0x6000082 wait syz-fuzzer
6351 4559 9564 0 3 0x6000082 wait syz-fuzzer
6351 9073 9564 0 3 0x6000082 wait syz-fuzzer
9564 307760 36874 0 3 0x10008a sigsusp ksh
36874 159430 28105 0 3 0x9a kqread sshd
28105 55943 1 0 3 0x88 kqread sshd
6409 332349 77996 73 3 0x1100090 kqread syslogd
77996 399059 1 0 3 0x100082 netio syslogd
85218 382971 1 0 3 0x100080 kqread resolvd
15544 361079 43294 77 3 0x100092 kqread dhcpleased
56520 160014 43294 77 3 0x100092 kqread dhcpleased
43294 169633 1 0 3 0x80 kqread dhcpleased
96805 105073 0 0 3 0x14200 bored smr
1317 490169 0 0 2 0x14200 zerothread
91381 384441 0 0 3 0x14200 aiodoned aiodoned
82081 133344 0 0 3 0x14200 syncer update
40768 512412 0 0 3 0x14200 cleaner cleaner
82724 351548 0 0 3 0x14200 reaper reaper
19384 239775 0 0 3 0x14200 pgdaemon pagedaemon
27653 323883 0 0 3 0x14200 bored viomb
45090 367949 0 0 3 0x40014200 acpi0 acpi0
64188 75587 0 0 3 0x14200 bored softnet3
55333 489811 0 0 3 0x14200 bored softnet2
24242 349446 0 0 3 0x14200 bored softnet1
15381 281515 0 0 3 0x14200 bored softnet0
19092 330644 0 0 3 0x14200 bored systqmp
25054 307391 0 0 3 0x14200 bored systq
29736 443872 0 0 3 0x40014200 tmoslp softclock
94570 27274 0 0 3 0x40014200 idle0
1 122056 0 0 3 0x82 wait init
0 0 -1 0 3 0x10200 scheduler swapper
ddb> show all locks
No such command
ddb> show malloc
Type InUse MemUse HighUse Limit Requests Type Lim
devbuf 10208 6606K 7479K 166960K 14181 0
pcb 15 16K 19K 166960K 216 0
rtable 177 13K 16K 166960K 821 0
pf 27 8K 9K 166960K 118 0
ifaddr 33 9K 11K 166960K 105 0
ifgroup 46 2K 2K 166960K 199 0
sysctl 3 1K 1K 166960K 3 0
counters 29 17K 17K 166960K 65 0
ioctlops 0 0K 2K 166960K 218 0
iov 0 0K 18K 166960K 356 0
mount 1 1K 1K 166960K 1 0
log 0 0K 0K 166960K 4 0
vnodes 1373 86K 86K 166960K 2517 0
UFS quota 1 32K 32K 166960K 1 0
UFS mount 5 36K 36K 166960K 5 0
shm 2 1K 5K 166960K 10 0
VM map 2 1K 1K 166960K 2 0
sem 12 0K 1K 166960K 383 0
dirhash 12 2K 2K 166960K 39 0
ACPI 1697 195K 286K 166960K 12548 0
file desc 13 45K 73K 166960K 2236 0
sigio 0 0K 0K 166960K 40 0
proc 57 59K 83K 166960K 741 0
subproc 104 6K 6K 166960K 195 0
NFS srvsock 1 0K 0K 166960K 1 0
NFS daemon 1 16K 16K 166960K 1 0
ip_moptions 0 0K 0K 166960K 73 0
in_multi 66 4K 7K 166960K 205 0
ether_multi 1 0K 0K 166960K 4 0
ISOFS mount 1 32K 32K 166960K 1 0
MSDOSFS mount 1 16K 16K 166960K 1 0
ttys 139 625K 625K 166960K 139 0
exec 0 0K 1K 166960K 762 0
tdb 3 0K 0K 166960K 3 0
VM swap 8 62K 64K 166960K 10 0
UVM amap 313 102K 102K 166960K 22927 0
UVM aobj 131 4K 4K 166960K 134 0
memdesc 1 4K 4K 166960K 1 0
crypto data 1 1K 1K 166960K 1 0
ip6_options 0 0K 0K 166960K 91 0
NDP 12 0K 1K 166960K 76 0
temp 75 6704K 6974K 166960K 45456 0
kqueue 12 18K 24K 166960K 177 0
SYN cache 2 16K 16K 166960K 2 0
ddb> show all pools
Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle
rtpcb 120 238 0 235 4 3 1 3 0 8 0
rtentry 112 206 0 129 4 1 3 4 0 8 0
unpcb 144 2548 0 2534 20 18 2 10 0 8 1
syncache 320 15 0 15 3 3 0 1 0 8 0
tcpqe 32 94 0 94 4 4 0 1 0 8 0
tcpcb 808 867 0 859 24 16 8 9 0 8 5
arp 88 35 0 23 1 0 1 1 0 8 0
inpcb 344 2234 0 2223 41 33 8 14 0 8 6
nd6 104 46 0 31 1 0 1 1 0 8 0
pkpcb 40 10 0 10 1 1 0 1 0 8 0
kcovpl 48 15 0 7 1 0 1 1 0 8 0
ppxss 1072 5 0 5 2 2 0 1 0 8 0
art_heap8 4096 1 0 0 1 0 1 1 0 8 0
art_heap4 256 799 0 470 32 8 24 30 0 8 3
art_table 32 800 0 470 4 0 4 4 0 8 0
art_node 16 197 0 127 1 0 1 1 0 8 0
sysvmsgpl 40 37 0 20 1 0 1 1 0 8 0
semupl 112 1 0 1 1 1 0 1 0 8 0
semapl 112 380 0 370 1 0 1 1 0 8 0
shmpl 112 131 0 3 4 0 4 4 0 8 0
dirhash 1024 35 0 18 3 0 3 3 0 8 0
dino2pl 256 4594 0 3142 92 0 92 92 0 8 0
ffsino 240 4594 0 3142 86 0 86 86 0 8 0
nchpl 144 7679 0 6034 63 0 63 63 0 8 0
uvmvnodes 80 5344 0 0 110 0 110 110 0 8 0
vnodes 216 5344 0 0 297 0 297 297 0 8 0
namei 1024 27091 0 27091 4 3 1 3 0 8 1
vcpupl 2048 8 0 1 1 0 1 1 0 8 0
vmpool 664 8 0 1 1 0 1 1 0 8 0
kstatmem 264 92 0 72 2 0 2 2 0 8 0
scxspl 216 23829 0 23817 13 11 2 8 1 8 1
plimitpl 152 237 0 221 1 0 1 1 0 8 0
sigapl 424 2545 0 2483 8 0 8 8 0 8 0
futexpl 64 21407 0 21405 1 0 1 1 0 8 0
knotepl 120 21402 0 21320 4 1 3 4 0 8 0
kqueuepl 184 428 0 419 8 7 1 4 0 8 0
pipepl 288 621 0 563 16 9 7 7 0 8 2
fdescpl 432 2507 0 2483 4 0 4 4 0 8 0
filepl 120 16797 0 16463 32 19 13 16 0 8 2
lockfpl 104 603 0 601 2 1 1 2 0 8 0
lockfspl 48 252 0 250 1 0 1 1 0 8 0
sessionpl 144 31 0 15 1 0 1 1 0 8 0
pgrppl 48 56 0 40 1 0 1 1 0 8 0
ucredpl 104 2639 0 2628 1 0 1 1 0 8 0
zombiepl 144 2483 0 2483 1 0 1 1 0 8 1
processpl 1072 2545 0 2483 5 0 5 5 0 8 0
procpl 680 6064 0 5981 14 5 9 9 0 8 1
sosppl 168 24 0 24 1 0 1 1 0 8 1
sockpl 488 5030 0 5002 148 135 13 35 0 8 7
mcl64k 65536 104 0 104 4 3 1 1 0 8 1
mcl16k 16384 49 0 49 6 5 1 1 0 8 1
mcl12k 12288 85 0 85 5 4 1 1 0 8 1
mcl9k 9216 46 0 46 6 5 1 1 0 8 1
mcl8k 8192 299 0 299 3 2 1 1 0 8 1
mcl4k 4096 305 0 305 4 3 1 2 0 8 1
mcl2k2 2112 22 0 22 6 5 1 1 0 8 1
mcl2k 2048 72857 0 72811 34 26 8 29 0 8 1
mtagpl 96 429 0 332 6 1 5 5 0 8 0
mbufpl 256 146052 0 145852 218 196 22 104 0 8 0
bufpl 280 8504 0 2110 457 0 457 457 0 8 0
bufpl: pool(0xffffffff82e37e38:bufpl): page inconsistency: page 0x0; at page head addr 0xfffffd806582df90 (p 0xfffffd806582d000)
anonpl 24 384500 0 370833 135 48 87 109 0 188 0
amapchunkpl 152 73409 0 72614 50 13 37 46 0 158 1
amappl16 200 9238 0 8828 56 33 23 35 0 8 0
amappl15 192 18 0 18 2 2 0 1 0 8 0
amappl14 184 177 0 165 2 1 1 2 0 8 0
amappl13 176 41 0 40 1 0 1 1 0 8 0
amappl12 168 3239 0 3212 2 0 2 2 0 8 0
amappl11 160 47 0 37 1 0 1 1 0 8 0
amappl10 152 44 0 35 2 1 1 1 0 8 0
amappl9 144 154 0 153 1 0 1 1 0 8 0
amappl8 136 259 0 202 3 0 3 3 0 8 0
amappl7 128 176 0 153 2 0 2 2 0 8 0
amappl6 120 381 0 370 1 0 1 1 0 8 0
amappl5 112 157 0 149 1 0 1 1 0 8 0
amappl4 104 482 0 462 2 1 1 2 0 8 0
amappl3 96 14897 0 14831 3 0 3 3 0 8 0
amappl2 88 3090 0 3022 3 1 2 3 0 8 0
amappl1 80 17522 0 17021 22 11 11 22 0 8 0
amappl 88 22315 0 22117 6 0 6 6 0 92 0
dma4096 4096 1 0 1 1 1 0 1 0 8 0
dma1024 1024 1 0 0 1 0 1 1 0 8 0
dma256 256 6 0 6 1 1 0 1 0 8 0
dma128 128 253 0 253 1 1 0 1 0 8 0
dma64 64 6 0 6 1 1 0 1 0 8 0
dma32 32 7 0 7 1 1 0 1 0 8 0
dma16 16 18 0 17 1 0 1 1 0 8 0
aobjpl 72 133 0 3 3 0 3 3 0 8 0
uaddrrnd 24 2515 0 2484 1 0 1 1 0 8 0
uaddrbest 32 2 0 0 1 0 1 1 0 8 0
uaddr 24 2515 0 2484 1 0 1 1 0 8 0
vmmpekpl 168 24213 0 24145 4 0 4 4 0 8 0
vmmpepl 168 170013 0 167977 155 33 122 122 0 357 20
vmsppl 352 2514 0 2484 4 0 4 4 0 8 0
rwobjpl 24 52647 0 45785 42 0 42 42 0 8 0
pdppl 4096 5036 0 4975 198 128 70 71 0 8 9
pvpl 32 923988 0 905017 334 171 163 333 0 265 2
pmappl 216 2514 0 2484 2 0 2 2 0 8 0
extentpl 40 56 0 38 1 0 1 1 0 8 0
phpool 112 743 0 406 13 0 13 13 0 8 0
ddb> machine ddbcpu 0
No such command
ddb> trace
db_enter() at db_enter+0x1c sys/arch/amd64/amd64/db_interface.c:437
panic(ffffffff8283e8c1) at panic+0x165 sys/kern/subr_prf.c:198
__assert(ffffffff828c1e12,ffffffff828e1671,ea,ffffffff828c0016) at __assert+0x29 sys/kern/subr_prf.c:157
buf_unmap(fffffd806582d380) at buf_unmap+0x184 sys/kern/vfs_biomem.c:235
buf_map(fffffd8068335038) at buf_map+0x1c7 sys/kern/vfs_biomem.c:117
buf_get(fffffd80722c5a70,fffffffffffffff4,4000) at buf_get+0x758 sys/kern/vfs_bio.c:1175
getblk(fffffd80722c5a70,fffffffffffffff4,4000,0,ffffffffffffffff) at getblk+0x10d sys/kern/vfs_bio.c:1044
ffs2_balloc(fffffd8069af3a58,30000,4000,fffffd807f7d7618,0,ffff80002d9d7018) at ffs2_balloc+0xa7f sys/ufs/ffs/ffs_balloc.c:585
ffs_write(ffff80002d9d70b0) at ffs_write+0x411 sys/ufs/ffs/ffs_vnops.c:345
VOP_WRITE(fffffd80722c5a70,ffff80002d9d72d0,13,fffffd807f7d7618) at VOP_WRITE+0xc3 sys/kern/vfs_vops.c:245
vn_write(fffffd80631ae0f8,ffff80002d9d72d0,0) at vn_write+0x156 sys/kern/vfs_vnops.c:408
dofilewritev(ffff80002a6d22b8,5,ffff80002d9d72d0,0,ffff80002d9d7390) at dofilewritev+0x1a0 sys/kern/sys_generic.c:375
sys_writev(ffff80002a6d22b8,ffff80002d9d7440,ffff80002d9d7390) at sys_writev+0xab sys/kern/sys_generic.c:322
syscall(ffff80002d9d7440) at syscall+0x751 sys/arch/amd64/amd64/trap.c:577
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x1d7855ec4a0, count: -15
ddb> machine ddbcpu 1
No such command
ddb> trace
db_enter() at db_enter+0x1c sys/arch/amd64/amd64/db_interface.c:437
panic(ffffffff8283e8c1) at panic+0x165 sys/kern/subr_prf.c:198
__assert(ffffffff828c1e12,ffffffff828e1671,ea,ffffffff828c0016) at __assert+0x29 sys/kern/subr_prf.c:157
buf_unmap(fffffd806582d380) at buf_unmap+0x184 sys/kern/vfs_biomem.c:235
buf_map(fffffd8068335038) at buf_map+0x1c7 sys/kern/vfs_biomem.c:117
buf_get(fffffd80722c5a70,fffffffffffffff4,4000) at buf_get+0x758 sys/kern/vfs_bio.c:1175
getblk(fffffd80722c5a70,fffffffffffffff4,4000,0,ffffffffffffffff) at getblk+0x10d sys/kern/vfs_bio.c:1044
ffs2_balloc(fffffd8069af3a58,30000,4000,fffffd807f7d7618,0,ffff80002d9d7018) at ffs2_balloc+0xa7f sys/ufs/ffs/ffs_balloc.c:585
ffs_write(ffff80002d9d70b0) at ffs_write+0x411 sys/ufs/ffs/ffs_vnops.c:345
VOP_WRITE(fffffd80722c5a70,ffff80002d9d72d0,13,fffffd807f7d7618) at VOP_WRITE+0xc3 sys/kern/vfs_vops.c:245
vn_write(fffffd80631ae0f8,ffff80002d9d72d0,0) at vn_write+0x156 sys/kern/vfs_vnops.c:408
dofilewritev(ffff80002a6d22b8,5,ffff80002d9d72d0,0,ffff80002d9d7390) at dofilewritev+0x1a0 sys/kern/sys_generic.c:375
sys_writev(ffff80002a6d22b8,ffff80002d9d7440,ffff80002d9d7390) at sys_writev+0xab sys/kern/sys_generic.c:322
syscall(ffff80002d9d7440) at syscall+0x751 sys/arch/amd64/amd64/trap.c:577
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x1d7855ec4a0, count: -15
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
If the report is already addressed, let syzbot know by replying with:
#syz fix: exact-commit-title
If you want to overwrite report's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)
If the report is a duplicate of another one, reply with:
#syz dup: exact-subject-of-another-report
If you want to undo deduplication, reply with:
#syz undup
Reply all
Reply to author
Forward
0 new messages