panic: pmap_remove_ptes: unmanaged page marked PG_PVLIST, va = ADDR, pa = ADDR
0 views
Skip to first unread message
syzbot
Nov 2, 2019, 7:58:07 AM11/2/19
to syzkaller-o...@googlegroups.com
Hello,
syzbot found the following crash on:
HEAD commit: d9601055 switch ASN1_STRING_data() with constified ASN1_ST..
git tree: openbsd
console output: https://syzkaller.appspot.com/x/log.txt?x=13dd3468e00000
kernel config: https://syzkaller.appspot.com/x/.config?x=d0fe83f82fe104d4
dashboard link: https://syzkaller.appspot.com/bug?extid=1d0b234f02d2820e60cd
Unfortunately, I don't have any reproducer for this crash yet.
IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+1d0b23...@syzkaller.appspotmail.com
panic: pmap_remove_ptes: unmanaged page marked PG_PVLIST, va =
0x7f7fffe16000, pa = 0xffffffffff000
Stopped at db_enter+0x18: addq $0x8,%rsp
TID PID UID PRFLAGS PFLAGS CPU COMMAND
*258699 23288 0 0x14000 0x200 0 reaper
db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:398
panic() at panic+0x15c sys/kern/subr_prf.c:207
pmap_remove_ptes(fffffd802781d418,fffffd8003bf7280,7fbfbffff000,7f7fffe00000,7f7fffee8000,0)
at
pmap_remove_ptes+0x373 sys/arch/amd64/amd64/pmap.c:1569
pmap_do_remove(fffffd802781d418,7f7fff7e8000,7f7fffee8000,0) at
pmap_do_remove+0x430 sys/arch/amd64/amd64/pmap.c:1784
uvm_map_teardown(fffffd803f011660) at uvm_map_teardown+0x165
uvm_map_addr_RBT_LEFT sys/uvm/uvm_map.h:206 [inline]
uvm_map_teardown(fffffd803f011660) at uvm_map_teardown+0x165
sys/uvm/uvm_map.c:2719
uvmspace_free(fffffd803f011660) at uvmspace_free+0x86 sys/uvm/uvm_map.c:3592
uvm_exit(ffff8000ffff7450) at uvm_exit+0x29 sys/uvm/uvm_glue.c:297
reaper(ffff8000fffff638) at reaper+0x15c sys/kern/kern_exit.c:442
end trace frame: 0x0, count: 7
https://www.openbsd.org/ddb.html describes the minimum info required in bug
reports. Insufficient info makes it difficult to find and fix bugs.
ddb>
ddb> set $lines = 0
ddb> set $maxwidth = 0
ddb> show panic
pmap_remove_ptes: unmanaged page marked PG_PVLIST, va = 0x7f7fffe16000, pa
= 0xffffffffff000
ddb> trace
db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:398
panic() at panic+0x15c sys/kern/subr_prf.c:207
pmap_remove_ptes(fffffd802781d418,fffffd8003bf7280,7fbfbffff000,7f7fffe00000,7f7fffee8000,0)
at
pmap_remove_ptes+0x373 sys/arch/amd64/amd64/pmap.c:1569
pmap_do_remove(fffffd802781d418,7f7fff7e8000,7f7fffee8000,0) at
pmap_do_remove+0x430 sys/arch/amd64/amd64/pmap.c:1784
uvm_map_teardown(fffffd803f011660) at uvm_map_teardown+0x165
uvm_map_addr_RBT_LEFT sys/uvm/uvm_map.h:206 [inline]
uvm_map_teardown(fffffd803f011660) at uvm_map_teardown+0x165
sys/uvm/uvm_map.c:2719
uvmspace_free(fffffd803f011660) at uvmspace_free+0x86 sys/uvm/uvm_map.c:3592
uvm_exit(ffff8000ffff7450) at uvm_exit+0x29 sys/uvm/uvm_glue.c:297
reaper(ffff8000fffff638) at reaper+0x15c sys/kern/kern_exit.c:442
end trace frame: 0x0, count: -8
ddb> show registers
rdi 0
rsi 0x1
rbp 0xffff800014842660
rbx 0xffff800014842710
rdx 0x2
rcx 0
rax 0
r8 0xffff800014842620
r9 0x1
r10 0
r11 0x22cf563170aa76e6
r12 0x3000000008
r13 0xffff800014842670
r14 0x100
r15 0x1
rip 0xffffffff81b6c3e8 db_enter+0x18
cs 0x8
rflags 0x246
rsp 0xffff800014842650
ss 0x10
db_enter+0x18: addq $0x8,%rsp
ddb> show proc
PROC (reaper) pid=258699 stat=onproc
flags process=14000<NOZOMBIE,SYSTEM> proc=200<SYSTEM>
pri=4, usrpri=50, nice=20
forw=0xffffffffffffffff, list=0xffff8000fffff3c0,0xffff8000ffff9b40
process=0xffff8000ffffa6c8 user=0xffff80001483d000,
vmspace=0xffffffff8258a9b8
estcpu=0, cpticks=1, pctcpu=0.0
user=0, sys=1, intr=0
ddb> ps
PID TID PPID UID S FLAGS WAIT COMMAND
43655 379934 51823 0 3 0x80 nanosleep syz-executor.0
43655 147952 51823 0 3 0x4000080 rest syz-executor.0
43655 492309 51823 0 3 0x4000080 fsleep syz-executor.0
51823 247487 94398 0 2 0x482 syz-executor.0
53656 179010 0 0 3 0x14200 acct acct
19115 457976 94398 0 2 0x482 syz-executor.1
21292 12539 1 0 3 0x100083 ttyin getty
32413 178360 0 0 3 0x14200 bored sosplice
94398 12799 31395 0 3 0x82 thrsleep syz-fuzzer
94398 122771 31395 0 3 0x4000082 thrsleep syz-fuzzer
94398 423933 31395 0 3 0x4000082 thrsleep syz-fuzzer
94398 250243 31395 0 3 0x4000082 thrsleep syz-fuzzer
94398 139064 31395 0 3 0x4000082 thrsleep syz-fuzzer
94398 195938 31395 0 3 0x4000082 kqread syz-fuzzer
94398 54257 31395 0 3 0x4000082 thrsleep syz-fuzzer
94398 316850 31395 0 3 0x4000082 thrsleep syz-fuzzer
31395 124845 85261 0 3 0x10008a pause ksh
85261 433853 42491 0 3 0x92 select sshd
42491 332970 1 0 3 0x80 select sshd
21682 21496 64676 73 3 0x100090 kqread syslogd
64676 257249 1 0 3 0x100082 netio syslogd
50156 330140 1 77 3 0x100090 poll dhclient
32499 324434 1 0 3 0x80 poll dhclient
53383 292175 0 0 3 0x14200 pgzero zerothread
44827 210295 0 0 3 0x14200 aiodoned aiodoned
28748 224523 0 0 3 0x14200 syncer update
16855 168626 0 0 3 0x14200 cleaner cleaner
*23288 258699 0 0 7 0x14200 reaper
74478 520878 0 0 3 0x14200 pgdaemon pagedaemon
82788 496090 0 0 3 0x14200 bored crynlk
40853 376580 0 0 3 0x14200 bored crypto
26660 315046 0 0 3 0x40014200 acpi0 acpi0
3584 461754 0 0 3 0x14200 bored softnet
77632 24833 0 0 3 0x14200 bored systqmp
84595 506082 0 0 3 0x14200 bored systq
27877 275648 0 0 3 0x40014200 bored softclock
33616 197026 0 0 3 0x40014200 idle0
94879 93560 0 0 3 0x14200 bored smr
1 360184 0 0 3 0x82 wait init
0 0 -1 0 3 0x10200 scheduler swapper
ddb> show all locks
No such command
ddb> show malloc
Type InUse MemUse HighUse Limit Requests Type Lim Kern Lim
devbuf 9622 7048K 8274K 78643K 38098 0 0
pcb 13 12K 14K 78643K 2173 0 0
rtable 173 16K 17K 78643K 6148 0 0
ifaddr 114 29K 30K 78643K 1485 0 0
counters 19 16K 16K 78643K 19 0 0
ioctlops 0 0K 2K 78643K 6293 0 0
iov 0 0K 32K 78643K 2126 0 0
mount 1 1K 1K 78643K 1 0 0
vnodes 1222 77K 78K 78643K 10628 0 0
UFS quota 1 32K 32K 78643K 1 0 0
UFS mount 5 36K 36K 78643K 5 0 0
shm 2 1K 9K 78643K 118 0 0
VM map 113 28K 28K 78643K 168 0 0
sem 12 0K 1K 78643K 2408 0 0
dirhash 12 2K 2K 78643K 12 0 0
ACPI 1794 195K 288K 78643K 12646 0 0
file desc 5 13K 25K 78643K 8927 0 0
sigio 0 0K 0K 78643K 201 0 0
proc 50 38K 71K 78643K 2931 0 0
subproc 32 2K 2K 78643K 767 0 0
NFS srvsock 1 0K 0K 78643K 1 0 0
NFS daemon 1 16K 16K 78643K 1 0 0
ip_moptions 0 0K 0K 78643K 765 0 0
in_multi 38 2K 3K 78643K 838 0 0
ether_multi 1 0K 0K 78643K 75 0 0
mrt 1 0K 0K 78643K 65 0 0
ISOFS mount 1 32K 32K 78643K 1 0 0
MSDOSFS mount 1 16K 16K 78643K 1 0 0
ttys 126 556K 556K 78643K 126 0 0
exec 0 0K 1K 78643K 1752 0 0
pfkey data 0 0K 4K 78643K 2 0 0
pagedep 1 8K 8K 78643K 1 0 0
inodedep 1 32K 32K 78643K 1 0 0
newblk 1 0K 0K 78643K 1 0 0
VM swap 7 26K 26K 78643K 7 0 0
UVM amap 288 807K 807K 78643K 23773 0 0
UVM aobj 130 4K 4K 78643K 134 0 0
memdesc 1 4K 4K 78643K 1 0 0
crypto data 1 1K 1K 78643K 1 0 0
ip6_options 0 0K 1K 78643K 2016 0 0
NDP 24 0K 1K 78643K 467 0 0
temp 254 3545K 4185K 78643K 320661 0 0
kqueue 0 0K 0K 78643K 100 0 0
SYN cache 2 16K 16K 78643K 2 0 0
ddb> show all pools
Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg
Idle
arp 64 166 0 162 1 0 1 1 0
8 0
rtpcb 80 1845 0 1843 1 0 1 1 0
8 0
rtentry 112 948 0 881 3 0 3 3 0
8 0
unpcb 120 5083 0 5063 11 10 1 2 0
8 0
syncache 264 45 0 45 22 21 1 1 0
8 1
tcpqe 32 99 0 99 12 11 1 1 0
8 1
tcpcb 544 8017 0 8013 102 101 1 15 0
8 0
ipq 40 101 0 101 27 26 1 1 0
8 1
ipqe 40 2213 0 2213 27 26 1 1 0
8 1
inpcb 280 18097 0 18090 109 107 2 13 0
8 1
rttmr 72 22 0 21 3 2 1 1 0
8 0
ip6q 72 3 0 3 3 3 0 1 0
8 0
ip6af 40 3 0 3 1 1 0 1 0
8 0
nd6 48 108 0 106 5 4 1 1 0
8 0
pkpcb 40 32 0 32 14 14 0 1 0
8 0
swfcl 56 1 0 0 1 0 1 1 0
8 0
ppxss 1128 202 0 202 35 34 1 1 0
8 1
art_heap8 4096 27 0 21 13 7 6 8 0
8 0
art_heap4 256 3546 0 3261 51 30 21 24 0
8 0
art_table 32 3573 0 3282 7 4 3 4 0
8 0
art_node 16 940 0 888 1 0 1 1 0
8 0
sysvmsgpl 40 37 0 28 1 0 1 1 0
8 0
semupl 112 2 0 2 2 2 0 1 0
8 0
semapl 112 2404 0 2394 1 0 1 1 0
8 0
shmpl 112 132 0 4 4 0 4 4 0
8 0
dirhash 1024 17 0 0 3 0 3 3 0
8 0
dino1pl 128 15481 0 14049 47 0 47 47 0
8 0
ffsino 240 15481 0 14049 85 0 85 85 0
8 0
nchpl 144 32314 0 31843 60 40 20 60 0
8 0
uvmvnodes 72 9419 0 0 172 0 172 172 0
8 0
vnodes 208 9419 0 0 496 0 496 496 0
8 0
namei 1024 116404 0 116404 7 6 1 1 0
8 1
vcpupl 1984 115 0 4 14 0 14 14 0
8 0
vmpool 520 166 0 55 9 1 8 8 0
8 0
scsiplug 64 11 0 11 7 7 0 1 0
8 0
scxspl 192 113204 0 113204 38 36 2 7 0
8 2
plimitpl 152 832 0 825 1 0 1 1 0
8 0
sigapl 432 8971 0 8958 2 0 2 2 0
8 0
futexpl 56 310231 0 310230 7 6 1 1 0
8 0
knotepl 112 2132 0 2113 7 6 1 3 0
8 0
kqueuepl 104 3396 0 3394 13 12 1 4 0
8 0
pipepl 112 5976 0 5957 16 15 1 2 0
8 0
fdescpl 424 8972 0 8958 2 0 2 2 0
8 0
filepl 120 92927 0 92831 76 72 4 11 0
8 0
lockfpl 104 6283 0 6282 1 0 1 1 0
8 0
lockfspl 48 2419 0 2418 1 0 1 1 0
8 0
sessionpl 112 63 0 53 1 0 1 1 0
8 0
pgrppl 48 189 0 179 1 0 1 1 0
8 0
ucredpl 96 16024 0 16012 28 27 1 4 0
8 0
zombiepl 144 8961 0 8960 1 0 1 1 0
8 0
processpl 864 8991 0 8960 4 0 4 4 0
8 0
procpl 632 20479 0 20439 6 2 4 5 0
8 0
sosppl 128 183 0 183 32 32 0 1 0
8 0
sockpl 384 25393 0 25362 193 188 5 22 0
8 1
mcl64k 65536 2251 0 2251 177 176 1 33 0
8 1
mcl16k 16384 114 0 114 40 39 1 1 0
8 1
mcl12k 12288 283 0 283 26 25 1 1 0
8 1
mcl9k 9216 168 0 168 29 28 1 1 0
8 1
mcl8k 8192 473 0 473 17 16 1 1 0
8 1
mcl4k 4096 1100 0 1100 8 7 1 1 0
8 1
mcl2k2 2112 86 0 86 32 32 0 1 0
8 0
mcl2k 2048 86521 0 86480 30 24 6 15 0
8 0
mtagpl 80 1469 0 1452 13 11 2 3 0
8 0
mbufpl 256 241032 0 240913 339 322 17 37 0
8 2
bufpl 256 46560 0 37141 589 0 589 589 0
8 0
anonpl 16 1252773 0 1228198 370 265 105 114 0
62 0
amapchunkpl 152 51010 0 50810 208 200 8 22 0
158 0
amappl16 192 60082 0 58635 495 420 75 84 0
8 1
amappl15 184 1535 0 1535 3 3 0 1 0
8 0
amappl14 176 1591 0 1586 1 0 1 1 0
8 0
amappl13 168 1093 0 1089 10 9 1 1 0
8 0
amappl12 160 2001 0 1998 1 0 1 1 0
8 0
amappl11 152 782 0 769 1 0 1 1 0
8 0
amappl10 144 948 0 948 7 7 0 1 0
8 0
amappl9 136 2719 0 2716 1 0 1 1 0
8 0
amappl8 128 2393 0 2317 4 1 3 3 0
8 0
amappl7 120 1111 0 1103 1 0 1 1 0
8 0
amappl6 112 671 0 652 1 0 1 1 0
8 0
amappl5 104 2678 0 2669 1 0 1 1 0
8 0
amappl4 96 8468 0 8434 1 0 1 1 0
8 0
amappl3 88 3412 0 3403 1 0 1 1 0
8 0
amappl2 80 69591 0 69485 4 1 3 3 0
8 0
amappl1 72 173350 0 172915 26 16 10 20 0
8 0
amappl 80 21591 0 21490 3 0 3 3 0
84 0
dma4096 4096 1 0 1 1 1 0 1 0
8 0
dma256 256 6 0 6 1 1 0 1 0
8 0
dma128 128 253 0 253 1 1 0 1 0
8 0
dma64 64 6 0 6 1 1 0 1 0
8 0
dma32 32 7 0 7 1 1 0 1 0
8 0
dma16 16 18 0 17 1 0 1 1 0
8 0
aobjpl 64 133 0 4 3 0 3 3 0
8 0
uaddrrnd 24 9138 0 8958 2 0 2 2 0
8 0
uaddrbest 32 2 0 0 1 0 1 1 0
8 0
uaddr 24 9138 0 8958 2 0 2 2 0
8 0
vmmpekpl 168 55632 0 55575 3 0 3 3 0
8 0
vmmpepl 168 1102096 0 1098909 681 533 148 178 0
357 5
vmsppl 272 8971 0 8957 8 7 1 2 0
8 0
pdppl 4096 18282 0 18135 27 8 19 19 0
8 0
pvpl 32 3274624 0 3251774 852 640 212 329 0 265
14
pmappl 200 9137 0 9012 7 0 7 7 0
8 0
extentpl 40 46 0 29 1 0 1 1 0
8 0
phpool 112 1498 0 745 23 0 23 23 0
8 0
---
This bug is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this bug report. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot found the following crash on:
HEAD commit: d9601055 switch ASN1_STRING_data() with constified ASN1_ST..
git tree: openbsd
console output: https://syzkaller.appspot.com/x/log.txt?x=13dd3468e00000
kernel config: https://syzkaller.appspot.com/x/.config?x=d0fe83f82fe104d4
dashboard link: https://syzkaller.appspot.com/bug?extid=1d0b234f02d2820e60cd
Unfortunately, I don't have any reproducer for this crash yet.
IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+1d0b23...@syzkaller.appspotmail.com
panic: pmap_remove_ptes: unmanaged page marked PG_PVLIST, va =
0x7f7fffe16000, pa = 0xffffffffff000
Stopped at db_enter+0x18: addq $0x8,%rsp
TID PID UID PRFLAGS PFLAGS CPU COMMAND
*258699 23288 0 0x14000 0x200 0 reaper
db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:398
panic() at panic+0x15c sys/kern/subr_prf.c:207
pmap_remove_ptes(fffffd802781d418,fffffd8003bf7280,7fbfbffff000,7f7fffe00000,7f7fffee8000,0)
at
pmap_remove_ptes+0x373 sys/arch/amd64/amd64/pmap.c:1569
pmap_do_remove(fffffd802781d418,7f7fff7e8000,7f7fffee8000,0) at
pmap_do_remove+0x430 sys/arch/amd64/amd64/pmap.c:1784
uvm_map_teardown(fffffd803f011660) at uvm_map_teardown+0x165
uvm_map_addr_RBT_LEFT sys/uvm/uvm_map.h:206 [inline]
uvm_map_teardown(fffffd803f011660) at uvm_map_teardown+0x165
sys/uvm/uvm_map.c:2719
uvmspace_free(fffffd803f011660) at uvmspace_free+0x86 sys/uvm/uvm_map.c:3592
uvm_exit(ffff8000ffff7450) at uvm_exit+0x29 sys/uvm/uvm_glue.c:297
reaper(ffff8000fffff638) at reaper+0x15c sys/kern/kern_exit.c:442
end trace frame: 0x0, count: 7
https://www.openbsd.org/ddb.html describes the minimum info required in bug
reports. Insufficient info makes it difficult to find and fix bugs.
ddb>
ddb> set $lines = 0
ddb> set $maxwidth = 0
ddb> show panic
pmap_remove_ptes: unmanaged page marked PG_PVLIST, va = 0x7f7fffe16000, pa
= 0xffffffffff000
ddb> trace
db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:398
panic() at panic+0x15c sys/kern/subr_prf.c:207
pmap_remove_ptes(fffffd802781d418,fffffd8003bf7280,7fbfbffff000,7f7fffe00000,7f7fffee8000,0)
at
pmap_remove_ptes+0x373 sys/arch/amd64/amd64/pmap.c:1569
pmap_do_remove(fffffd802781d418,7f7fff7e8000,7f7fffee8000,0) at
pmap_do_remove+0x430 sys/arch/amd64/amd64/pmap.c:1784
uvm_map_teardown(fffffd803f011660) at uvm_map_teardown+0x165
uvm_map_addr_RBT_LEFT sys/uvm/uvm_map.h:206 [inline]
uvm_map_teardown(fffffd803f011660) at uvm_map_teardown+0x165
sys/uvm/uvm_map.c:2719
uvmspace_free(fffffd803f011660) at uvmspace_free+0x86 sys/uvm/uvm_map.c:3592
uvm_exit(ffff8000ffff7450) at uvm_exit+0x29 sys/uvm/uvm_glue.c:297
reaper(ffff8000fffff638) at reaper+0x15c sys/kern/kern_exit.c:442
end trace frame: 0x0, count: -8
ddb> show registers
rdi 0
rsi 0x1
rbp 0xffff800014842660
rbx 0xffff800014842710
rdx 0x2
rcx 0
rax 0
r8 0xffff800014842620
r9 0x1
r10 0
r11 0x22cf563170aa76e6
r12 0x3000000008
r13 0xffff800014842670
r14 0x100
r15 0x1
rip 0xffffffff81b6c3e8 db_enter+0x18
cs 0x8
rflags 0x246
rsp 0xffff800014842650
ss 0x10
db_enter+0x18: addq $0x8,%rsp
ddb> show proc
PROC (reaper) pid=258699 stat=onproc
flags process=14000<NOZOMBIE,SYSTEM> proc=200<SYSTEM>
pri=4, usrpri=50, nice=20
forw=0xffffffffffffffff, list=0xffff8000fffff3c0,0xffff8000ffff9b40
process=0xffff8000ffffa6c8 user=0xffff80001483d000,
vmspace=0xffffffff8258a9b8
estcpu=0, cpticks=1, pctcpu=0.0
user=0, sys=1, intr=0
ddb> ps
PID TID PPID UID S FLAGS WAIT COMMAND
43655 379934 51823 0 3 0x80 nanosleep syz-executor.0
43655 147952 51823 0 3 0x4000080 rest syz-executor.0
43655 492309 51823 0 3 0x4000080 fsleep syz-executor.0
51823 247487 94398 0 2 0x482 syz-executor.0
53656 179010 0 0 3 0x14200 acct acct
19115 457976 94398 0 2 0x482 syz-executor.1
21292 12539 1 0 3 0x100083 ttyin getty
32413 178360 0 0 3 0x14200 bored sosplice
94398 12799 31395 0 3 0x82 thrsleep syz-fuzzer
94398 122771 31395 0 3 0x4000082 thrsleep syz-fuzzer
94398 423933 31395 0 3 0x4000082 thrsleep syz-fuzzer
94398 250243 31395 0 3 0x4000082 thrsleep syz-fuzzer
94398 139064 31395 0 3 0x4000082 thrsleep syz-fuzzer
94398 195938 31395 0 3 0x4000082 kqread syz-fuzzer
94398 54257 31395 0 3 0x4000082 thrsleep syz-fuzzer
94398 316850 31395 0 3 0x4000082 thrsleep syz-fuzzer
31395 124845 85261 0 3 0x10008a pause ksh
85261 433853 42491 0 3 0x92 select sshd
42491 332970 1 0 3 0x80 select sshd
21682 21496 64676 73 3 0x100090 kqread syslogd
64676 257249 1 0 3 0x100082 netio syslogd
50156 330140 1 77 3 0x100090 poll dhclient
32499 324434 1 0 3 0x80 poll dhclient
53383 292175 0 0 3 0x14200 pgzero zerothread
44827 210295 0 0 3 0x14200 aiodoned aiodoned
28748 224523 0 0 3 0x14200 syncer update
16855 168626 0 0 3 0x14200 cleaner cleaner
*23288 258699 0 0 7 0x14200 reaper
74478 520878 0 0 3 0x14200 pgdaemon pagedaemon
82788 496090 0 0 3 0x14200 bored crynlk
40853 376580 0 0 3 0x14200 bored crypto
26660 315046 0 0 3 0x40014200 acpi0 acpi0
3584 461754 0 0 3 0x14200 bored softnet
77632 24833 0 0 3 0x14200 bored systqmp
84595 506082 0 0 3 0x14200 bored systq
27877 275648 0 0 3 0x40014200 bored softclock
33616 197026 0 0 3 0x40014200 idle0
94879 93560 0 0 3 0x14200 bored smr
1 360184 0 0 3 0x82 wait init
0 0 -1 0 3 0x10200 scheduler swapper
ddb> show all locks
No such command
ddb> show malloc
Type InUse MemUse HighUse Limit Requests Type Lim Kern Lim
devbuf 9622 7048K 8274K 78643K 38098 0 0
pcb 13 12K 14K 78643K 2173 0 0
rtable 173 16K 17K 78643K 6148 0 0
ifaddr 114 29K 30K 78643K 1485 0 0
counters 19 16K 16K 78643K 19 0 0
ioctlops 0 0K 2K 78643K 6293 0 0
iov 0 0K 32K 78643K 2126 0 0
mount 1 1K 1K 78643K 1 0 0
vnodes 1222 77K 78K 78643K 10628 0 0
UFS quota 1 32K 32K 78643K 1 0 0
UFS mount 5 36K 36K 78643K 5 0 0
shm 2 1K 9K 78643K 118 0 0
VM map 113 28K 28K 78643K 168 0 0
sem 12 0K 1K 78643K 2408 0 0
dirhash 12 2K 2K 78643K 12 0 0
ACPI 1794 195K 288K 78643K 12646 0 0
file desc 5 13K 25K 78643K 8927 0 0
sigio 0 0K 0K 78643K 201 0 0
proc 50 38K 71K 78643K 2931 0 0
subproc 32 2K 2K 78643K 767 0 0
NFS srvsock 1 0K 0K 78643K 1 0 0
NFS daemon 1 16K 16K 78643K 1 0 0
ip_moptions 0 0K 0K 78643K 765 0 0
in_multi 38 2K 3K 78643K 838 0 0
ether_multi 1 0K 0K 78643K 75 0 0
mrt 1 0K 0K 78643K 65 0 0
ISOFS mount 1 32K 32K 78643K 1 0 0
MSDOSFS mount 1 16K 16K 78643K 1 0 0
ttys 126 556K 556K 78643K 126 0 0
exec 0 0K 1K 78643K 1752 0 0
pfkey data 0 0K 4K 78643K 2 0 0
pagedep 1 8K 8K 78643K 1 0 0
inodedep 1 32K 32K 78643K 1 0 0
newblk 1 0K 0K 78643K 1 0 0
VM swap 7 26K 26K 78643K 7 0 0
UVM amap 288 807K 807K 78643K 23773 0 0
UVM aobj 130 4K 4K 78643K 134 0 0
memdesc 1 4K 4K 78643K 1 0 0
crypto data 1 1K 1K 78643K 1 0 0
ip6_options 0 0K 1K 78643K 2016 0 0
NDP 24 0K 1K 78643K 467 0 0
temp 254 3545K 4185K 78643K 320661 0 0
kqueue 0 0K 0K 78643K 100 0 0
SYN cache 2 16K 16K 78643K 2 0 0
ddb> show all pools
Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg
Idle
arp 64 166 0 162 1 0 1 1 0
8 0
rtpcb 80 1845 0 1843 1 0 1 1 0
8 0
rtentry 112 948 0 881 3 0 3 3 0
8 0
unpcb 120 5083 0 5063 11 10 1 2 0
8 0
syncache 264 45 0 45 22 21 1 1 0
8 1
tcpqe 32 99 0 99 12 11 1 1 0
8 1
tcpcb 544 8017 0 8013 102 101 1 15 0
8 0
ipq 40 101 0 101 27 26 1 1 0
8 1
ipqe 40 2213 0 2213 27 26 1 1 0
8 1
inpcb 280 18097 0 18090 109 107 2 13 0
8 1
rttmr 72 22 0 21 3 2 1 1 0
8 0
ip6q 72 3 0 3 3 3 0 1 0
8 0
ip6af 40 3 0 3 1 1 0 1 0
8 0
nd6 48 108 0 106 5 4 1 1 0
8 0
pkpcb 40 32 0 32 14 14 0 1 0
8 0
swfcl 56 1 0 0 1 0 1 1 0
8 0
ppxss 1128 202 0 202 35 34 1 1 0
8 1
art_heap8 4096 27 0 21 13 7 6 8 0
8 0
art_heap4 256 3546 0 3261 51 30 21 24 0
8 0
art_table 32 3573 0 3282 7 4 3 4 0
8 0
art_node 16 940 0 888 1 0 1 1 0
8 0
sysvmsgpl 40 37 0 28 1 0 1 1 0
8 0
semupl 112 2 0 2 2 2 0 1 0
8 0
semapl 112 2404 0 2394 1 0 1 1 0
8 0
shmpl 112 132 0 4 4 0 4 4 0
8 0
dirhash 1024 17 0 0 3 0 3 3 0
8 0
dino1pl 128 15481 0 14049 47 0 47 47 0
8 0
ffsino 240 15481 0 14049 85 0 85 85 0
8 0
nchpl 144 32314 0 31843 60 40 20 60 0
8 0
uvmvnodes 72 9419 0 0 172 0 172 172 0
8 0
vnodes 208 9419 0 0 496 0 496 496 0
8 0
namei 1024 116404 0 116404 7 6 1 1 0
8 1
vcpupl 1984 115 0 4 14 0 14 14 0
8 0
vmpool 520 166 0 55 9 1 8 8 0
8 0
scsiplug 64 11 0 11 7 7 0 1 0
8 0
scxspl 192 113204 0 113204 38 36 2 7 0
8 2
plimitpl 152 832 0 825 1 0 1 1 0
8 0
sigapl 432 8971 0 8958 2 0 2 2 0
8 0
futexpl 56 310231 0 310230 7 6 1 1 0
8 0
knotepl 112 2132 0 2113 7 6 1 3 0
8 0
kqueuepl 104 3396 0 3394 13 12 1 4 0
8 0
pipepl 112 5976 0 5957 16 15 1 2 0
8 0
fdescpl 424 8972 0 8958 2 0 2 2 0
8 0
filepl 120 92927 0 92831 76 72 4 11 0
8 0
lockfpl 104 6283 0 6282 1 0 1 1 0
8 0
lockfspl 48 2419 0 2418 1 0 1 1 0
8 0
sessionpl 112 63 0 53 1 0 1 1 0
8 0
pgrppl 48 189 0 179 1 0 1 1 0
8 0
ucredpl 96 16024 0 16012 28 27 1 4 0
8 0
zombiepl 144 8961 0 8960 1 0 1 1 0
8 0
processpl 864 8991 0 8960 4 0 4 4 0
8 0
procpl 632 20479 0 20439 6 2 4 5 0
8 0
sosppl 128 183 0 183 32 32 0 1 0
8 0
sockpl 384 25393 0 25362 193 188 5 22 0
8 1
mcl64k 65536 2251 0 2251 177 176 1 33 0
8 1
mcl16k 16384 114 0 114 40 39 1 1 0
8 1
mcl12k 12288 283 0 283 26 25 1 1 0
8 1
mcl9k 9216 168 0 168 29 28 1 1 0
8 1
mcl8k 8192 473 0 473 17 16 1 1 0
8 1
mcl4k 4096 1100 0 1100 8 7 1 1 0
8 1
mcl2k2 2112 86 0 86 32 32 0 1 0
8 0
mcl2k 2048 86521 0 86480 30 24 6 15 0
8 0
mtagpl 80 1469 0 1452 13 11 2 3 0
8 0
mbufpl 256 241032 0 240913 339 322 17 37 0
8 2
bufpl 256 46560 0 37141 589 0 589 589 0
8 0
anonpl 16 1252773 0 1228198 370 265 105 114 0
62 0
amapchunkpl 152 51010 0 50810 208 200 8 22 0
158 0
amappl16 192 60082 0 58635 495 420 75 84 0
8 1
amappl15 184 1535 0 1535 3 3 0 1 0
8 0
amappl14 176 1591 0 1586 1 0 1 1 0
8 0
amappl13 168 1093 0 1089 10 9 1 1 0
8 0
amappl12 160 2001 0 1998 1 0 1 1 0
8 0
amappl11 152 782 0 769 1 0 1 1 0
8 0
amappl10 144 948 0 948 7 7 0 1 0
8 0
amappl9 136 2719 0 2716 1 0 1 1 0
8 0
amappl8 128 2393 0 2317 4 1 3 3 0
8 0
amappl7 120 1111 0 1103 1 0 1 1 0
8 0
amappl6 112 671 0 652 1 0 1 1 0
8 0
amappl5 104 2678 0 2669 1 0 1 1 0
8 0
amappl4 96 8468 0 8434 1 0 1 1 0
8 0
amappl3 88 3412 0 3403 1 0 1 1 0
8 0
amappl2 80 69591 0 69485 4 1 3 3 0
8 0
amappl1 72 173350 0 172915 26 16 10 20 0
8 0
amappl 80 21591 0 21490 3 0 3 3 0
84 0
dma4096 4096 1 0 1 1 1 0 1 0
8 0
dma256 256 6 0 6 1 1 0 1 0
8 0
dma128 128 253 0 253 1 1 0 1 0
8 0
dma64 64 6 0 6 1 1 0 1 0
8 0
dma32 32 7 0 7 1 1 0 1 0
8 0
dma16 16 18 0 17 1 0 1 1 0
8 0
aobjpl 64 133 0 4 3 0 3 3 0
8 0
uaddrrnd 24 9138 0 8958 2 0 2 2 0
8 0
uaddrbest 32 2 0 0 1 0 1 1 0
8 0
uaddr 24 9138 0 8958 2 0 2 2 0
8 0
vmmpekpl 168 55632 0 55575 3 0 3 3 0
8 0
vmmpepl 168 1102096 0 1098909 681 533 148 178 0
357 5
vmsppl 272 8971 0 8957 8 7 1 2 0
8 0
pdppl 4096 18282 0 18135 27 8 19 19 0
8 0
pvpl 32 3274624 0 3251774 852 640 212 329 0 265
14
pmappl 200 9137 0 9012 7 0 7 7 0
8 0
extentpl 40 46 0 29 1 0 1 1 0
8 0
phpool 112 1498 0 745 23 0 23 23 0
8 0
---
This bug is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this bug report. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
Anton Lindqvist
Nov 3, 2019, 3:39:49 AM11/3/19
to syzbot, syzkaller-o...@googlegroups.com
Probably a regression by this recently reverted commit:
https://github.com/openbsd/src/commit/001c308cab429e75abbaf5761d6cee6c1cf091c9
#syz invalid
https://github.com/openbsd/src/commit/001c308cab429e75abbaf5761d6cee6c1cf091c9
#syz invalid
Reply all
Reply to author
Forward
0 new messages