protection_fault: nd6_timer
0 views
Skip to first unread message
syzbot
May 21, 2024, 3:21:35 PMMay 21
to syzkaller-o...@googlegroups.com
Hello,
syzbot found the following issue on:
HEAD commit: 6859a790d2a4 Inform user land when vltime / pltime changes.
git tree: openbsd
console output: https://syzkaller.appspot.com/x/log.txt?x=142307d0980000
kernel config: https://syzkaller.appspot.com/x/.config?x=7058272de1526588
dashboard link: https://syzkaller.appspot.com/bug?extid=0351a8f27b3722f884ab
Unfortunately, I don't have any reproducer for this issue yet.
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/e032a101680a/disk-6859a790.raw.xz
bsd.gdb: https://storage.googleapis.com/syzbot-assets/2d4ce5d0ce5d/bsd-6859a790.gdb.xz
kernel image: https://storage.googleapis.com/syzbot-assets/0390010e3aed/kernel-6859a790.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+0351a8...@syzkaller.appspotmail.com
kernel: protection fault trap, code=0
Stopped at nd6_timer+0x57: movq 0x48(%r13),%r12
ddb{0}>
ddb{0}> set $lines = 0
ddb{0}> set $maxwidth = 0
ddb{0}> show panic
the kernel did not panic
ddb{0}> trace
nd6_timer(0) at nd6_timer+0x57 sys/netinet6/nd6.c:278
timeout_run(ffffffff82e5ac08) at timeout_run+0xd0 sys/kern/kern_timeout.c:666
softclock_thread(ffff8000fffff480) at softclock_thread+0x113 sys/kern/kern_timeout.c:814
end trace frame: 0x0, count: -3
ddb{0}> show registers
rdi 0
rsi 0x1
rbp 0xffff80002a10b820
rbx 0x5ddffb6cb5992b18
rdx 0
rcx 0xffff8000fffff480
rax 0xffffffff82d37ff0 cpu_info_full_primary+0x1ff0
r8 0
r9 0
r10 0x7e94e6a52a64d234
r11 0x447e91ebb7aaa861
r12 0x1
r13 0xdead4110dead4110
r14 0x7c
r15 0x7a
rip 0xffffffff82136b47 nd6_timer+0x57
cs 0x8
rflags 0x10246 __ALIGN_SIZE+0xf246
rsp 0xffff80002a10b7e0
ss 0x10
nd6_timer+0x57: movq 0x48(%r13),%r12
ddb{0}> show proc
PROC (softclock) tid=492460 pid=14338 tcnt=1 stat=onproc
flags process=14000<NOZOMBIE,SYSTEM> proc=40000200<SYSTEM,CPUPEG>
runpri=50, usrpri=50, slppri=0, nice=20
wchan=0x0, wmesg=, ps_single=0x0 scnt=0 ecnt=0
forw=0xffffffffffffffff, list=0xffff8000fffff710,0xffff8000ffffef70
process=0xffff80002a0fecb0 user=0xffff80002a106000, vmspace=0xffffffff82e52208
estcpu=0, cpticks=0, pctcpu=0.16, user=0, sys=0, intr=0
ddb{0}> ps
PID TID PPID UID S FLAGS WAIT COMMAND
50096 156171 68030 0 2 0x8000000 syz-executor.1
50096 305068 68030 0 2 0xc000000 syz-executor.1
50096 287018 68030 0 3 0xc000080 fsleep syz-executor.1
92374 210235 67632 0 2 0x8000000 syz-executor.2
26575 92531 75724 0 2 0x8000000 syz-executor.0
37227 9334 6328 0 2 0x8000480 syz-executor.3
37227 370237 6328 0 3 0xc000080 kqsel syz-executor.3
37227 94057 6328 0 3 0xc000080 fsleep syz-executor.3
68030 168012 50061 0 2 0x8000482 syz-executor.1
78558 280285 27079 0 2 0x8000480 syz-executor.6
78558 64085 27079 0 3 0xc000080 ttyout syz-executor.6
78558 55339 27079 0 3 0xc000080 fsleep syz-executor.6
58712 476457 50061 0 2 0x8000002 syz-executor.7
67632 420346 50061 0 2 0x8000482 syz-executor.2
75724 188492 50061 0 2 0x8000482 syz-executor.0
88698 515098 50061 0 2 0x8000482 syz-executor.4
97641 343718 0 0 3 0x14200 bored sosplice
21179 267292 53355 0 2 0x18100082 arp
53355 432732 1 0 3 0x810008a sigsusp sh
6328 63653 50061 0 2 0x8000482 syz-executor.3
85297 147443 50061 0 2 0x8000482 syz-executor.5
27079 15824 50061 0 2 0x8000482 syz-executor.6
50061 433838 86412 0 3 0x1a000082 wait syz-fuzzer
50061 1453 86412 0 3 0x1e000082 nanoslp syz-fuzzer
50061 29537 86412 0 3 0x1e000082 wait syz-fuzzer
50061 420501 86412 0 3 0x1e000002 netlock syz-fuzzer
50061 134500 86412 0 3 0x1e000082 wait syz-fuzzer
50061 328126 86412 0 3 0x1e000082 thrsleep syz-fuzzer
50061 428130 86412 0 3 0x1e000082 wait syz-fuzzer
50061 59304 86412 0 3 0x1e000082 wait syz-fuzzer
50061 233016 86412 0 3 0x1e000082 wait syz-fuzzer
50061 400927 86412 0 3 0x1e000082 thrsleep syz-fuzzer
50061 518263 86412 0 3 0x1e000082 thrsleep syz-fuzzer
50061 414548 86412 0 3 0x1e000082 thrsleep syz-fuzzer
50061 39278 86412 0 3 0x1e000082 wait syz-fuzzer
50061 456725 86412 0 3 0x1e000082 kqread syz-fuzzer
50061 73514 86412 0 3 0x1e000082 wait syz-fuzzer
86412 498277 66207 0 3 0x810008a sigsusp ksh
66207 123019 40980 0 3 0x1800009a kqread sshd
56895 321720 1 0 3 0x18100083 ttyin getty
40980 22604 1 0 3 0x18000088 kqread sshd
43018 135577 79428 73 2 0x19100010 syslogd
79428 106000 1 0 3 0x18100082 sbwait syslogd
9125 128564 1 0 3 0x18100080 kqread resolvd
15691 194978 29755 77 3 0x18100092 kqread dhcpleased
63865 94644 29755 77 3 0x18100092 kqread dhcpleased
29755 288445 1 0 3 0x18000080 kqread dhcpleased
4111 515378 0 0 3 0x14200 bored smr
10991 24547 0 0 2 0x14200 zerothread
47819 276122 0 0 3 0x14200 aiodoned aiodoned
30867 10586 0 0 7 0x14600 update
50109 460677 0 0 3 0x14200 cleaner cleaner
19517 1995 0 0 3 0x14200 reaper reaper
54659 421250 0 0 3 0x14200 pgdaemon pagedaemon
29634 144432 0 0 3 0x14200 bored viomb
12697 258301 0 0 3 0x40014200 acpi0 acpi0
82423 46030 0 0 3 0x40014200 idle1
81742 323264 0 0 3 0x14200 bored softnet3
1745 469701 0 0 3 0x14200 bored softnet2
34094 461951 0 0 3 0x14200 bored softnet1
85782 362042 0 0 2 0x14200 softnet0
69980 82127 0 0 3 0x14200 bored systqmp
93627 266313 0 0 3 0x14200 bored systq
48261 363543 0 0 3 0x14200 tmoslp softclockmp
*14338 492460 0 0 7 0x40014200 softclock
7817 206619 0 0 3 0x40014200 idle0
1 123563 0 0 3 0x8000082 wait init
0 0 -1 0 3 0x10200 scheduler swapper
ddb{0}> show all locks
Process 58712 (syz-executor.7) thread 0xffff8000ffff6018 (476457)
exclusive rrwlock inode r = 0 (0xfffffd806d941810)
#0 witness_lock+0x446 stacktrace_save sys/sys/stacktrace.h:37 [inline]
#0 witness_lock+0x446 sys/kern/subr_witness.c:1157
#1 rw_enter+0x32d sys/kern/kern_rwlock.c:309
#2 rrw_enter+0x91 sys/kern/kern_rwlock.c:464
#3 VOP_LOCK+0x8b sys/kern/vfs_vops.c:524
#4 vn_lock+0x85 sys/kern/vfs_vnops.c:564
#5 vget+0x1fd sys/kern/vfs_subr.c:676
#6 ufs_ihashget+0x121 sys/ufs/ufs/ufs_ihash.c:119
#7 ffs_vget+0x7c sys/ufs/ffs/ffs_vfsops.c:1201
#8 ufs_lookup+0x1373 sys/ufs/ufs/ufs_lookup.c:478
#9 VOP_LOOKUP+0x5c sys/kern/vfs_vops.c:85
#10 vfs_lookup+0x6f8 sys/kern/vfs_lookup.c:566
#11 namei+0x56a sys/kern/vfs_lookup.c:250
#12 dounlinkat+0x9d sys/kern/vfs_syscalls.c:1856
#13 syscall+0x854 mi_syscall sys/sys/syscall_mi.h:180 [inline]
#13 syscall+0x854 sys/arch/amd64/amd64/trap.c:577
#14 Xsyscall+0x128
exclusive rrwlock inode r = 0 (0xfffffd805c7545e8)
#0 witness_lock+0x446 stacktrace_save sys/sys/stacktrace.h:37 [inline]
#0 witness_lock+0x446 sys/kern/subr_witness.c:1157
#1 rw_enter+0x32d sys/kern/kern_rwlock.c:309
#2 rrw_enter+0x91 sys/kern/kern_rwlock.c:464
#3 VOP_LOCK+0x8b sys/kern/vfs_vops.c:524
#4 vn_lock+0x85 sys/kern/vfs_vnops.c:564
#5 vfs_lookup+0xd3 sys/kern/vfs_lookup.c:418
#6 namei+0x56a sys/kern/vfs_lookup.c:250
#7 dounlinkat+0x9d sys/kern/vfs_syscalls.c:1856
#8 syscall+0x854 mi_syscall sys/sys/syscall_mi.h:180 [inline]
#8 syscall+0x854 sys/arch/amd64/amd64/trap.c:577
#9 Xsyscall+0x128
Process 50061 (syz-fuzzer) thread 0xffff80002a148298 (420501)
exclusive rwlock sbufrcv r = 0 (0xffff800000dc3d60)
#0 witness_lock+0x446 stacktrace_save sys/sys/stacktrace.h:37 [inline]
#0 witness_lock+0x446 sys/kern/subr_witness.c:1157
#1 rw_enter+0x32d sys/kern/kern_rwlock.c:309
#2 sblock+0x8a sys/kern/uipc_socket2.c:548
#3 soreceive+0x201 sys/kern/uipc_socket.c:876
#4 soo_read+0x57 sys/kern/sys_socket.c:67
#5 dofilereadv+0x1a1 sys/kern/sys_generic.c:247
#6 sys_read+0x87 sys/kern/sys_generic.c:167
#7 syscall+0x8cf mi_syscall sys/sys/syscall_mi.h:180 [inline]
#7 syscall+0x8cf sys/arch/amd64/amd64/trap.c:577
#8 Xsyscall+0x128
Process 43018 (syslogd) thread 0xffff8000ffffdc40 (135577)
exclusive rrwlock inode r = 0 (0xfffffd806e7412c0)
#0 witness_lock+0x446 stacktrace_save sys/sys/stacktrace.h:37 [inline]
#0 witness_lock+0x446 sys/kern/subr_witness.c:1157
#1 rw_enter+0x32d sys/kern/kern_rwlock.c:309
#2 rrw_enter+0x91 sys/kern/kern_rwlock.c:464
#3 VOP_LOCK+0x8b sys/kern/vfs_vops.c:524
#4 vn_lock+0x85 sys/kern/vfs_vnops.c:564
#5 sys_fsync+0xf1 sys/kern/vfs_syscalls.c:2931
#6 syscall+0x854 mi_syscall sys/sys/syscall_mi.h:180 [inline]
#6 syscall+0x854 sys/arch/amd64/amd64/trap.c:577
#7 Xsyscall+0x128
Process 14338 (softclock) thread 0xffff8000fffff480 (492460)
exclusive rwlock netlock r = 0 (0xffffffff82c86ad0)
#0 witness_lock+0x446 stacktrace_save sys/sys/stacktrace.h:37 [inline]
#0 witness_lock+0x446 sys/kern/subr_witness.c:1157
#1 nd6_timer+0x25 sys/netinet6/nd6.c:271
#2 timeout_run+0xd0 sys/kern/kern_timeout.c:666
#3 softclock_thread+0x113 sys/kern/kern_timeout.c:814
#4 proc_trampoline+0x10
shared rwlock timeout r = 0 (0xffffffff82ce25b0)
#0 witness_lock+0x446 stacktrace_save sys/sys/stacktrace.h:37 [inline]
#0 witness_lock+0x446 sys/kern/subr_witness.c:1157
#1 timeout_run+0xbb sys/kern/kern_timeout.c:662
#2 softclock_thread+0x113 sys/kern/kern_timeout.c:814
#3 proc_trampoline+0x10
exclusive kernel_lock &kernel_lock r = 0 (0xffffffff82e5a068)
#0 witness_lock+0x446 stacktrace_save sys/sys/stacktrace.h:37 [inline]
#0 witness_lock+0x446 sys/kern/subr_witness.c:1157
#1 __mp_acquire_count+0x48 sys/kern/kern_lock.c:227
#2 mi_switch+0x491 sys/kern/sched_bsd.c:470
#3 sleep_finish+0x19a sys/kern/kern_synch.c:417
#4 msleep+0xeb sys/kern/kern_synch.c:249
#5 softclock_thread+0xcf sys/kern/kern_timeout.c:810
#6 proc_trampoline+0x10
ddb{0}> show malloc
Type InUse MemUse HighUse Limit Requests Type Lim
devbuf 10189 6426K 6875K 166960K 12329 0
pcb 19 13K 14K 166960K 226 0
rtable 221 6K 7K 166960K 625 0
pf 27 8K 10K 166960K 71 0
ifaddr 40 14K 15K 166960K 83 0
ifgroup 46 2K 2K 166960K 109 0
sysctl 1 0K 1K 166960K 2 0
counters 62 36K 36K 166960K 90 0
ioctlops 0 0K 4K 166960K 1539 0
iov 0 0K 18K 166960K 32 0
mount 1 1K 1K 166960K 1 0
log 0 0K 0K 166960K 4 0
vnodes 1444 91K 91K 166960K 2047 0
UFS quota 1 32K 32K 166960K 1 0
UFS mount 5 36K 36K 166960K 5 0
shm 3 9K 9K 166960K 18 0
VM map 2 1K 1K 166960K 2 0
sem 11 1K 1K 166960K 17 0
dirhash 12 2K 2K 166960K 18 0
ACPI 1697 195K 286K 166960K 12548 0
file desc 17 61K 89K 166960K 785 0
sigio 0 0K 0K 166960K 9 0
proc 58 79K 127K 166960K 725 0
subproc 117 7K 7K 166960K 208 0
NFS srvsock 1 0K 0K 166960K 1 0
NFS daemon 1 16K 16K 166960K 1 0
ip_moptions 0 0K 0K 166960K 108 0
in_multi 88 6K 7K 166960K 210 0
ether_multi 1 0K 0K 166960K 7 0
mrt 0 0K 0K 166960K 1 0
ISOFS mount 1 32K 32K 166960K 1 0
MSDOSFS mount 1 16K 16K 166960K 1 0
ttys 73 334K 334K 166960K 73 0
exec 0 0K 1K 166960K 608 0
pfkey data 0 0K 0K 166960K 5 0
tdb 3 0K 0K 166960K 3 0
VM swap 8 62K 64K 166960K 10 0
UVM amap 281 76K 95K 166960K 9476 0
UVM aobj 36 6K 6K 166960K 41 0
pinsyscall 38 76K 100K 166960K 2163 0
memdesc 1 4K 4K 166960K 1 0
crypto data 1 1K 1K 166960K 1 0
ip6_options 1 0K 0K 166960K 87 0
NDP 12 0K 1K 166960K 54 0
temp 68 6818K 7311K 166960K 31985 0
kqueue 12 18K 24K 166960K 100 0
SYN cache 2 16K 16K 166960K 2 0
ddb{0}> show all pools
Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle
plcache 128 24 0 0 1 0 1 1 0 8 0
rtpcb 120 105 0 100 1 0 1 1 0 8 0
rtentry 112 198 0 96 3 0 3 3 0 8 0
unpcb 144 723 0 708 8 2 6 6 0 8 5
syncache 336 7 0 7 2 2 0 1 0 8 0
tcpqe 32 13 0 13 1 1 0 1 0 8 0
tcpcb 808 299 0 294 10 3 7 7 0 8 6
arp 120 34 0 18 1 0 1 1 0 8 0
inpcb 384 1002 0 991 24 16 8 11 0 8 6
nd6 136 49 0 26 1 0 1 1 0 8 0
pkpcb 40 10 0 10 6 5 1 1 0 8 1
kcovpl 48 16 0 7 1 0 1 1 0 8 0
pffrag 232 8 0 6 1 0 1 1 0 482 0
pffrnode 88 7 0 5 1 0 1 1 0 8 0
pffrent 40 10 0 8 1 0 1 1 0 8 0
pfosfp 40 1428 0 1005 5 0 5 5 0 8 0
pfosfpen 112 1428 0 714 21 0 21 21 0 8 0
pfstitem 24 46 0 30 1 0 1 1 0 8 0
pfstkey 128 46 0 30 1 0 1 1 0 8 0
pfstate 376 46 0 30 3 0 3 3 0 8 0
pfrule 1344 21 0 16 2 1 1 2 0 8 0
art_heap8 4096 1 0 0 1 0 1 1 0 8 0
art_heap4 256 771 0 357 31 5 26 27 0 8 0
art_table 32 772 0 357 4 0 4 4 0 8 0
art_node 16 197 0 105 1 0 1 1 0 8 0
sysvmsgpl 40 4 0 2 2 1 1 1 0 8 0
semupl 112 5 0 5 1 1 0 1 0 8 0
semapl 112 10 0 1 1 0 1 1 0 8 0
shmpl 112 38 0 5 1 0 1 1 0 8 0
dirhash 1024 21 0 4 3 0 3 3 0 8 0
dino2pl 256 2638 0 1104 97 0 97 97 0 8 0
ffsino 272 2638 0 1104 104 0 104 104 0 8 0
nchpl 144 3897 0 2153 67 0 67 67 0 8 0
uvmvnodes 80 3182 0 0 65 0 65 65 0 8 0
vnodes 216 3182 0 0 177 0 177 177 0 8 0
namei 1024 14830 0 14830 2 1 1 2 0 8 1
percpumem 16 59 0 14 1 0 1 1 0 8 0
vmpool 696 2 0 2 2 1 1 1 0 8 1
kstatmem 264 48 0 28 2 0 2 2 0 8 0
scxspl 216 18849 0 18849 15 11 4 8 1 8 4
plimitpl 152 303 0 285 1 0 1 1 0 8 0
sigapl 424 1087 0 1038 7 0 7 7 0 8 0
futexpl 64 10276 0 10273 2 1 1 1 0 8 0
knotepl 120 564 0 0 16 0 16 16 0 8 0
kqueuepl 216 322 0 312 4 3 1 3 0 8 0
pipepl 320 263 0 232 3 0 3 3 0 8 0
fdescpl 496 1066 0 1038 6 1 5 5 0 8 0
filepl 152 7850 0 7582 18 2 16 16 0 8 3
lockfpl 104 206 0 203 1 0 1 1 0 8 0
lockfspl 48 93 0 90 1 0 1 1 0 8 0
sessionpl 144 31 0 14 1 0 1 1 0 8 0
pgrppl 48 40 0 23 1 0 1 1 0 8 0
ucredpl 104 1205 0 1184 1 0 1 1 0 8 0
zombiepl 144 1040 0 1038 1 0 1 1 0 8 0
processpl 1144 1087 0 1038 4 0 4 4 0 8 0
procpl 656 2026 0 1957 7 0 7 7 0 8 0
srpgc 96 9 0 9 3 3 0 1 0 8 0
sosppl 168 1 0 1 1 1 0 1 0 8 0
sockpl 664 1848 0 1817 26 15 11 14 0 8 8
mcl64k 65536 7 0 0 1 0 1 1 0 8 0
mcl16k 16384 4 0 0 1 0 1 1 0 8 0
mcl12k 12288 3 0 0 1 0 1 1 0 8 0
mcl9k 9216 3 0 0 1 0 1 1 0 8 0
mcl8k 8192 4 0 0 1 0 1 1 0 8 0
mcl4k 4096 5 0 0 1 0 1 1 0 8 0
mcl2k2 2112 1 0 0 1 0 1 1 0 8 0
mcl2k 2048 389 0 0 49 0 49 49 0 8 0
mtagpl 96 12 0 0 1 0 1 1 0 8 0
mbufpl 256 422 0 0 27 0 27 27 0 8 0
bufpl 280 7854 0 1513 454 0 454 454 0 8 0
anonpl 24 302245 0 296446 76 10 66 66 0 186 12
amapchunkpl 152 31599 0 30961 44 6 38 41 0 158 8
amappl16 200 8002 0 7869 36 27 9 20 0 8 0
amappl15 192 18 0 18 1 1 0 1 0 8 0
amappl14 184 181 0 169 2 1 1 2 0 8 0
amappl13 176 51 0 51 1 1 0 1 0 8 0
amappl12 168 1885 0 1853 3 0 3 3 0 8 0
amappl11 160 52 0 42 1 0 1 1 0 8 0
amappl10 152 56 0 44 1 0 1 1 0 8 0
amappl9 144 373 0 373 2 2 0 1 0 8 0
amappl8 136 176 0 145 2 0 2 2 0 8 0
amappl7 128 59 0 45 1 0 1 1 0 8 0
amappl6 120 440 0 424 2 1 1 2 0 8 0
amappl5 112 249 0 237 1 0 1 1 0 8 0
amappl4 104 646 0 610 2 0 2 2 0 8 0
amappl3 96 5583 0 5503 3 0 3 3 0 8 0
amappl2 88 1476 0 1405 4 2 2 4 0 8 0
amappl1 80 12205 0 11692 22 9 13 22 0 8 0
amappl 88 8822 0 8634 6 0 6 6 0 92 0
dma4096 4096 1 0 1 1 1 0 1 0 8 0
dma1024 1024 1 0 0 1 0 1 1 0 8 0
dma256 256 6 0 6 1 1 0 1 0 8 0
dma128 128 253 0 253 1 1 0 1 0 8 0
dma64 64 6 0 6 1 1 0 1 0 8 0
dma32 32 7 0 7 1 1 0 1 0 8 0
dma16 16 18 0 17 1 0 1 1 0 8 0
aobjpl 72 40 0 5 1 0 1 1 0 8 0
uaddrrnd 24 1068 0 1040 1 0 1 1 0 8 0
uaddrbest 32 2 0 0 1 0 1 1 0 8 0
uaddr 24 1068 0 1040 1 0 1 1 0 8 0
vmmpekpl 168 12978 0 12921 4 0 4 4 0 8 0
vmmpepl 168 88733 0 86867 120 26 94 116 0 357 0
vmsppl 440 1067 0 1040 4 0 4 4 0 8 0
rwobjpl 56 32567 0 28232 66 3 63 63 0 8 0
pdppl 4096 2143 0 2080 133 62 71 79 0 8 8
pvpl 32 46399 0 0 375 0 375 375 0 265 0
pmappl 248 1067 0 1040 4 1 3 3 0 8 0
extentpl 40 56 0 38 1 0 1 1 0 8 0
phpool 112 466 0 75 12 0 12 12 0 8 0
ddb{0}> machine ddbcpu 0
Invalid cpu 0
ddb{0}> trace
nd6_timer(0) at nd6_timer+0x57 sys/netinet6/nd6.c:278
timeout_run(ffffffff82e5ac08) at timeout_run+0xd0 sys/kern/kern_timeout.c:666
softclock_thread(ffff8000fffff480) at softclock_thread+0x113 sys/kern/kern_timeout.c:814
end trace frame: 0x0, count: -3
ddb{0}> machine ddbcpu 1
Stopped at x86_ipi_db+0x1e: addq $0x8,%rsp
ddb{1}> trace
x86_ipi_db(ffff800029cebff0) at x86_ipi_db+0x1e sys/arch/amd64/amd64/db_interface.c:393
x86_ipi_handler() at x86_ipi_handler+0xb7 sys/arch/amd64/amd64/ipi.c:106
Xresume_lapic_ipi() at Xresume_lapic_ipi+0x27
__mp_lock(ffffffff82e59e60) at __mp_lock+0x122 __mp_lock_spin sys/kern/kern_lock.c:116 [inline]
__mp_lock(ffffffff82e59e60) at __mp_lock+0x122 sys/kern/kern_lock.c:147
__mp_acquire_count(ffffffff82e59e60,1) at __mp_acquire_count+0x48 sys/kern/kern_lock.c:227
mi_switch() at mi_switch+0x491 sys/kern/sched_bsd.c:470
sleep_finish(65,1) at sleep_finish+0x19a sys/kern/kern_synch.c:417
syncer_thread(ffff80002a148cd8) at syncer_thread+0x446 sys/kern/vfs_sync.c:204
end trace frame: 0x0, count: -8
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
If the report is already addressed, let syzbot know by replying with:
#syz fix: exact-commit-title
If you want to overwrite report's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)
If the report is a duplicate of another one, reply with:
#syz dup: exact-subject-of-another-report
If you want to undo deduplication, reply with:
#syz undup
syzbot found the following issue on:
HEAD commit: 6859a790d2a4 Inform user land when vltime / pltime changes.
git tree: openbsd
console output: https://syzkaller.appspot.com/x/log.txt?x=142307d0980000
kernel config: https://syzkaller.appspot.com/x/.config?x=7058272de1526588
dashboard link: https://syzkaller.appspot.com/bug?extid=0351a8f27b3722f884ab
Unfortunately, I don't have any reproducer for this issue yet.
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/e032a101680a/disk-6859a790.raw.xz
bsd.gdb: https://storage.googleapis.com/syzbot-assets/2d4ce5d0ce5d/bsd-6859a790.gdb.xz
kernel image: https://storage.googleapis.com/syzbot-assets/0390010e3aed/kernel-6859a790.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+0351a8...@syzkaller.appspotmail.com
kernel: protection fault trap, code=0
Stopped at nd6_timer+0x57: movq 0x48(%r13),%r12
ddb{0}>
ddb{0}> set $lines = 0
ddb{0}> set $maxwidth = 0
ddb{0}> show panic
the kernel did not panic
ddb{0}> trace
nd6_timer(0) at nd6_timer+0x57 sys/netinet6/nd6.c:278
timeout_run(ffffffff82e5ac08) at timeout_run+0xd0 sys/kern/kern_timeout.c:666
softclock_thread(ffff8000fffff480) at softclock_thread+0x113 sys/kern/kern_timeout.c:814
end trace frame: 0x0, count: -3
ddb{0}> show registers
rdi 0
rsi 0x1
rbp 0xffff80002a10b820
rbx 0x5ddffb6cb5992b18
rdx 0
rcx 0xffff8000fffff480
rax 0xffffffff82d37ff0 cpu_info_full_primary+0x1ff0
r8 0
r9 0
r10 0x7e94e6a52a64d234
r11 0x447e91ebb7aaa861
r12 0x1
r13 0xdead4110dead4110
r14 0x7c
r15 0x7a
rip 0xffffffff82136b47 nd6_timer+0x57
cs 0x8
rflags 0x10246 __ALIGN_SIZE+0xf246
rsp 0xffff80002a10b7e0
ss 0x10
nd6_timer+0x57: movq 0x48(%r13),%r12
ddb{0}> show proc
PROC (softclock) tid=492460 pid=14338 tcnt=1 stat=onproc
flags process=14000<NOZOMBIE,SYSTEM> proc=40000200<SYSTEM,CPUPEG>
runpri=50, usrpri=50, slppri=0, nice=20
wchan=0x0, wmesg=, ps_single=0x0 scnt=0 ecnt=0
forw=0xffffffffffffffff, list=0xffff8000fffff710,0xffff8000ffffef70
process=0xffff80002a0fecb0 user=0xffff80002a106000, vmspace=0xffffffff82e52208
estcpu=0, cpticks=0, pctcpu=0.16, user=0, sys=0, intr=0
ddb{0}> ps
PID TID PPID UID S FLAGS WAIT COMMAND
50096 156171 68030 0 2 0x8000000 syz-executor.1
50096 305068 68030 0 2 0xc000000 syz-executor.1
50096 287018 68030 0 3 0xc000080 fsleep syz-executor.1
92374 210235 67632 0 2 0x8000000 syz-executor.2
26575 92531 75724 0 2 0x8000000 syz-executor.0
37227 9334 6328 0 2 0x8000480 syz-executor.3
37227 370237 6328 0 3 0xc000080 kqsel syz-executor.3
37227 94057 6328 0 3 0xc000080 fsleep syz-executor.3
68030 168012 50061 0 2 0x8000482 syz-executor.1
78558 280285 27079 0 2 0x8000480 syz-executor.6
78558 64085 27079 0 3 0xc000080 ttyout syz-executor.6
78558 55339 27079 0 3 0xc000080 fsleep syz-executor.6
58712 476457 50061 0 2 0x8000002 syz-executor.7
67632 420346 50061 0 2 0x8000482 syz-executor.2
75724 188492 50061 0 2 0x8000482 syz-executor.0
88698 515098 50061 0 2 0x8000482 syz-executor.4
97641 343718 0 0 3 0x14200 bored sosplice
21179 267292 53355 0 2 0x18100082 arp
53355 432732 1 0 3 0x810008a sigsusp sh
6328 63653 50061 0 2 0x8000482 syz-executor.3
85297 147443 50061 0 2 0x8000482 syz-executor.5
27079 15824 50061 0 2 0x8000482 syz-executor.6
50061 433838 86412 0 3 0x1a000082 wait syz-fuzzer
50061 1453 86412 0 3 0x1e000082 nanoslp syz-fuzzer
50061 29537 86412 0 3 0x1e000082 wait syz-fuzzer
50061 420501 86412 0 3 0x1e000002 netlock syz-fuzzer
50061 134500 86412 0 3 0x1e000082 wait syz-fuzzer
50061 328126 86412 0 3 0x1e000082 thrsleep syz-fuzzer
50061 428130 86412 0 3 0x1e000082 wait syz-fuzzer
50061 59304 86412 0 3 0x1e000082 wait syz-fuzzer
50061 233016 86412 0 3 0x1e000082 wait syz-fuzzer
50061 400927 86412 0 3 0x1e000082 thrsleep syz-fuzzer
50061 518263 86412 0 3 0x1e000082 thrsleep syz-fuzzer
50061 414548 86412 0 3 0x1e000082 thrsleep syz-fuzzer
50061 39278 86412 0 3 0x1e000082 wait syz-fuzzer
50061 456725 86412 0 3 0x1e000082 kqread syz-fuzzer
50061 73514 86412 0 3 0x1e000082 wait syz-fuzzer
86412 498277 66207 0 3 0x810008a sigsusp ksh
66207 123019 40980 0 3 0x1800009a kqread sshd
56895 321720 1 0 3 0x18100083 ttyin getty
40980 22604 1 0 3 0x18000088 kqread sshd
43018 135577 79428 73 2 0x19100010 syslogd
79428 106000 1 0 3 0x18100082 sbwait syslogd
9125 128564 1 0 3 0x18100080 kqread resolvd
15691 194978 29755 77 3 0x18100092 kqread dhcpleased
63865 94644 29755 77 3 0x18100092 kqread dhcpleased
29755 288445 1 0 3 0x18000080 kqread dhcpleased
4111 515378 0 0 3 0x14200 bored smr
10991 24547 0 0 2 0x14200 zerothread
47819 276122 0 0 3 0x14200 aiodoned aiodoned
30867 10586 0 0 7 0x14600 update
50109 460677 0 0 3 0x14200 cleaner cleaner
19517 1995 0 0 3 0x14200 reaper reaper
54659 421250 0 0 3 0x14200 pgdaemon pagedaemon
29634 144432 0 0 3 0x14200 bored viomb
12697 258301 0 0 3 0x40014200 acpi0 acpi0
82423 46030 0 0 3 0x40014200 idle1
81742 323264 0 0 3 0x14200 bored softnet3
1745 469701 0 0 3 0x14200 bored softnet2
34094 461951 0 0 3 0x14200 bored softnet1
85782 362042 0 0 2 0x14200 softnet0
69980 82127 0 0 3 0x14200 bored systqmp
93627 266313 0 0 3 0x14200 bored systq
48261 363543 0 0 3 0x14200 tmoslp softclockmp
*14338 492460 0 0 7 0x40014200 softclock
7817 206619 0 0 3 0x40014200 idle0
1 123563 0 0 3 0x8000082 wait init
0 0 -1 0 3 0x10200 scheduler swapper
ddb{0}> show all locks
Process 58712 (syz-executor.7) thread 0xffff8000ffff6018 (476457)
exclusive rrwlock inode r = 0 (0xfffffd806d941810)
#0 witness_lock+0x446 stacktrace_save sys/sys/stacktrace.h:37 [inline]
#0 witness_lock+0x446 sys/kern/subr_witness.c:1157
#1 rw_enter+0x32d sys/kern/kern_rwlock.c:309
#2 rrw_enter+0x91 sys/kern/kern_rwlock.c:464
#3 VOP_LOCK+0x8b sys/kern/vfs_vops.c:524
#4 vn_lock+0x85 sys/kern/vfs_vnops.c:564
#5 vget+0x1fd sys/kern/vfs_subr.c:676
#6 ufs_ihashget+0x121 sys/ufs/ufs/ufs_ihash.c:119
#7 ffs_vget+0x7c sys/ufs/ffs/ffs_vfsops.c:1201
#8 ufs_lookup+0x1373 sys/ufs/ufs/ufs_lookup.c:478
#9 VOP_LOOKUP+0x5c sys/kern/vfs_vops.c:85
#10 vfs_lookup+0x6f8 sys/kern/vfs_lookup.c:566
#11 namei+0x56a sys/kern/vfs_lookup.c:250
#12 dounlinkat+0x9d sys/kern/vfs_syscalls.c:1856
#13 syscall+0x854 mi_syscall sys/sys/syscall_mi.h:180 [inline]
#13 syscall+0x854 sys/arch/amd64/amd64/trap.c:577
#14 Xsyscall+0x128
exclusive rrwlock inode r = 0 (0xfffffd805c7545e8)
#0 witness_lock+0x446 stacktrace_save sys/sys/stacktrace.h:37 [inline]
#0 witness_lock+0x446 sys/kern/subr_witness.c:1157
#1 rw_enter+0x32d sys/kern/kern_rwlock.c:309
#2 rrw_enter+0x91 sys/kern/kern_rwlock.c:464
#3 VOP_LOCK+0x8b sys/kern/vfs_vops.c:524
#4 vn_lock+0x85 sys/kern/vfs_vnops.c:564
#5 vfs_lookup+0xd3 sys/kern/vfs_lookup.c:418
#6 namei+0x56a sys/kern/vfs_lookup.c:250
#7 dounlinkat+0x9d sys/kern/vfs_syscalls.c:1856
#8 syscall+0x854 mi_syscall sys/sys/syscall_mi.h:180 [inline]
#8 syscall+0x854 sys/arch/amd64/amd64/trap.c:577
#9 Xsyscall+0x128
Process 50061 (syz-fuzzer) thread 0xffff80002a148298 (420501)
exclusive rwlock sbufrcv r = 0 (0xffff800000dc3d60)
#0 witness_lock+0x446 stacktrace_save sys/sys/stacktrace.h:37 [inline]
#0 witness_lock+0x446 sys/kern/subr_witness.c:1157
#1 rw_enter+0x32d sys/kern/kern_rwlock.c:309
#2 sblock+0x8a sys/kern/uipc_socket2.c:548
#3 soreceive+0x201 sys/kern/uipc_socket.c:876
#4 soo_read+0x57 sys/kern/sys_socket.c:67
#5 dofilereadv+0x1a1 sys/kern/sys_generic.c:247
#6 sys_read+0x87 sys/kern/sys_generic.c:167
#7 syscall+0x8cf mi_syscall sys/sys/syscall_mi.h:180 [inline]
#7 syscall+0x8cf sys/arch/amd64/amd64/trap.c:577
#8 Xsyscall+0x128
Process 43018 (syslogd) thread 0xffff8000ffffdc40 (135577)
exclusive rrwlock inode r = 0 (0xfffffd806e7412c0)
#0 witness_lock+0x446 stacktrace_save sys/sys/stacktrace.h:37 [inline]
#0 witness_lock+0x446 sys/kern/subr_witness.c:1157
#1 rw_enter+0x32d sys/kern/kern_rwlock.c:309
#2 rrw_enter+0x91 sys/kern/kern_rwlock.c:464
#3 VOP_LOCK+0x8b sys/kern/vfs_vops.c:524
#4 vn_lock+0x85 sys/kern/vfs_vnops.c:564
#5 sys_fsync+0xf1 sys/kern/vfs_syscalls.c:2931
#6 syscall+0x854 mi_syscall sys/sys/syscall_mi.h:180 [inline]
#6 syscall+0x854 sys/arch/amd64/amd64/trap.c:577
#7 Xsyscall+0x128
Process 14338 (softclock) thread 0xffff8000fffff480 (492460)
exclusive rwlock netlock r = 0 (0xffffffff82c86ad0)
#0 witness_lock+0x446 stacktrace_save sys/sys/stacktrace.h:37 [inline]
#0 witness_lock+0x446 sys/kern/subr_witness.c:1157
#1 nd6_timer+0x25 sys/netinet6/nd6.c:271
#2 timeout_run+0xd0 sys/kern/kern_timeout.c:666
#3 softclock_thread+0x113 sys/kern/kern_timeout.c:814
#4 proc_trampoline+0x10
shared rwlock timeout r = 0 (0xffffffff82ce25b0)
#0 witness_lock+0x446 stacktrace_save sys/sys/stacktrace.h:37 [inline]
#0 witness_lock+0x446 sys/kern/subr_witness.c:1157
#1 timeout_run+0xbb sys/kern/kern_timeout.c:662
#2 softclock_thread+0x113 sys/kern/kern_timeout.c:814
#3 proc_trampoline+0x10
exclusive kernel_lock &kernel_lock r = 0 (0xffffffff82e5a068)
#0 witness_lock+0x446 stacktrace_save sys/sys/stacktrace.h:37 [inline]
#0 witness_lock+0x446 sys/kern/subr_witness.c:1157
#1 __mp_acquire_count+0x48 sys/kern/kern_lock.c:227
#2 mi_switch+0x491 sys/kern/sched_bsd.c:470
#3 sleep_finish+0x19a sys/kern/kern_synch.c:417
#4 msleep+0xeb sys/kern/kern_synch.c:249
#5 softclock_thread+0xcf sys/kern/kern_timeout.c:810
#6 proc_trampoline+0x10
ddb{0}> show malloc
Type InUse MemUse HighUse Limit Requests Type Lim
devbuf 10189 6426K 6875K 166960K 12329 0
pcb 19 13K 14K 166960K 226 0
rtable 221 6K 7K 166960K 625 0
pf 27 8K 10K 166960K 71 0
ifaddr 40 14K 15K 166960K 83 0
ifgroup 46 2K 2K 166960K 109 0
sysctl 1 0K 1K 166960K 2 0
counters 62 36K 36K 166960K 90 0
ioctlops 0 0K 4K 166960K 1539 0
iov 0 0K 18K 166960K 32 0
mount 1 1K 1K 166960K 1 0
log 0 0K 0K 166960K 4 0
vnodes 1444 91K 91K 166960K 2047 0
UFS quota 1 32K 32K 166960K 1 0
UFS mount 5 36K 36K 166960K 5 0
shm 3 9K 9K 166960K 18 0
VM map 2 1K 1K 166960K 2 0
sem 11 1K 1K 166960K 17 0
dirhash 12 2K 2K 166960K 18 0
ACPI 1697 195K 286K 166960K 12548 0
file desc 17 61K 89K 166960K 785 0
sigio 0 0K 0K 166960K 9 0
proc 58 79K 127K 166960K 725 0
subproc 117 7K 7K 166960K 208 0
NFS srvsock 1 0K 0K 166960K 1 0
NFS daemon 1 16K 16K 166960K 1 0
ip_moptions 0 0K 0K 166960K 108 0
in_multi 88 6K 7K 166960K 210 0
ether_multi 1 0K 0K 166960K 7 0
mrt 0 0K 0K 166960K 1 0
ISOFS mount 1 32K 32K 166960K 1 0
MSDOSFS mount 1 16K 16K 166960K 1 0
ttys 73 334K 334K 166960K 73 0
exec 0 0K 1K 166960K 608 0
pfkey data 0 0K 0K 166960K 5 0
tdb 3 0K 0K 166960K 3 0
VM swap 8 62K 64K 166960K 10 0
UVM amap 281 76K 95K 166960K 9476 0
UVM aobj 36 6K 6K 166960K 41 0
pinsyscall 38 76K 100K 166960K 2163 0
memdesc 1 4K 4K 166960K 1 0
crypto data 1 1K 1K 166960K 1 0
ip6_options 1 0K 0K 166960K 87 0
NDP 12 0K 1K 166960K 54 0
temp 68 6818K 7311K 166960K 31985 0
kqueue 12 18K 24K 166960K 100 0
SYN cache 2 16K 16K 166960K 2 0
ddb{0}> show all pools
Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle
plcache 128 24 0 0 1 0 1 1 0 8 0
rtpcb 120 105 0 100 1 0 1 1 0 8 0
rtentry 112 198 0 96 3 0 3 3 0 8 0
unpcb 144 723 0 708 8 2 6 6 0 8 5
syncache 336 7 0 7 2 2 0 1 0 8 0
tcpqe 32 13 0 13 1 1 0 1 0 8 0
tcpcb 808 299 0 294 10 3 7 7 0 8 6
arp 120 34 0 18 1 0 1 1 0 8 0
inpcb 384 1002 0 991 24 16 8 11 0 8 6
nd6 136 49 0 26 1 0 1 1 0 8 0
pkpcb 40 10 0 10 6 5 1 1 0 8 1
kcovpl 48 16 0 7 1 0 1 1 0 8 0
pffrag 232 8 0 6 1 0 1 1 0 482 0
pffrnode 88 7 0 5 1 0 1 1 0 8 0
pffrent 40 10 0 8 1 0 1 1 0 8 0
pfosfp 40 1428 0 1005 5 0 5 5 0 8 0
pfosfpen 112 1428 0 714 21 0 21 21 0 8 0
pfstitem 24 46 0 30 1 0 1 1 0 8 0
pfstkey 128 46 0 30 1 0 1 1 0 8 0
pfstate 376 46 0 30 3 0 3 3 0 8 0
pfrule 1344 21 0 16 2 1 1 2 0 8 0
art_heap8 4096 1 0 0 1 0 1 1 0 8 0
art_heap4 256 771 0 357 31 5 26 27 0 8 0
art_table 32 772 0 357 4 0 4 4 0 8 0
art_node 16 197 0 105 1 0 1 1 0 8 0
sysvmsgpl 40 4 0 2 2 1 1 1 0 8 0
semupl 112 5 0 5 1 1 0 1 0 8 0
semapl 112 10 0 1 1 0 1 1 0 8 0
shmpl 112 38 0 5 1 0 1 1 0 8 0
dirhash 1024 21 0 4 3 0 3 3 0 8 0
dino2pl 256 2638 0 1104 97 0 97 97 0 8 0
ffsino 272 2638 0 1104 104 0 104 104 0 8 0
nchpl 144 3897 0 2153 67 0 67 67 0 8 0
uvmvnodes 80 3182 0 0 65 0 65 65 0 8 0
vnodes 216 3182 0 0 177 0 177 177 0 8 0
namei 1024 14830 0 14830 2 1 1 2 0 8 1
percpumem 16 59 0 14 1 0 1 1 0 8 0
vmpool 696 2 0 2 2 1 1 1 0 8 1
kstatmem 264 48 0 28 2 0 2 2 0 8 0
scxspl 216 18849 0 18849 15 11 4 8 1 8 4
plimitpl 152 303 0 285 1 0 1 1 0 8 0
sigapl 424 1087 0 1038 7 0 7 7 0 8 0
futexpl 64 10276 0 10273 2 1 1 1 0 8 0
knotepl 120 564 0 0 16 0 16 16 0 8 0
kqueuepl 216 322 0 312 4 3 1 3 0 8 0
pipepl 320 263 0 232 3 0 3 3 0 8 0
fdescpl 496 1066 0 1038 6 1 5 5 0 8 0
filepl 152 7850 0 7582 18 2 16 16 0 8 3
lockfpl 104 206 0 203 1 0 1 1 0 8 0
lockfspl 48 93 0 90 1 0 1 1 0 8 0
sessionpl 144 31 0 14 1 0 1 1 0 8 0
pgrppl 48 40 0 23 1 0 1 1 0 8 0
ucredpl 104 1205 0 1184 1 0 1 1 0 8 0
zombiepl 144 1040 0 1038 1 0 1 1 0 8 0
processpl 1144 1087 0 1038 4 0 4 4 0 8 0
procpl 656 2026 0 1957 7 0 7 7 0 8 0
srpgc 96 9 0 9 3 3 0 1 0 8 0
sosppl 168 1 0 1 1 1 0 1 0 8 0
sockpl 664 1848 0 1817 26 15 11 14 0 8 8
mcl64k 65536 7 0 0 1 0 1 1 0 8 0
mcl16k 16384 4 0 0 1 0 1 1 0 8 0
mcl12k 12288 3 0 0 1 0 1 1 0 8 0
mcl9k 9216 3 0 0 1 0 1 1 0 8 0
mcl8k 8192 4 0 0 1 0 1 1 0 8 0
mcl4k 4096 5 0 0 1 0 1 1 0 8 0
mcl2k2 2112 1 0 0 1 0 1 1 0 8 0
mcl2k 2048 389 0 0 49 0 49 49 0 8 0
mtagpl 96 12 0 0 1 0 1 1 0 8 0
mbufpl 256 422 0 0 27 0 27 27 0 8 0
bufpl 280 7854 0 1513 454 0 454 454 0 8 0
anonpl 24 302245 0 296446 76 10 66 66 0 186 12
amapchunkpl 152 31599 0 30961 44 6 38 41 0 158 8
amappl16 200 8002 0 7869 36 27 9 20 0 8 0
amappl15 192 18 0 18 1 1 0 1 0 8 0
amappl14 184 181 0 169 2 1 1 2 0 8 0
amappl13 176 51 0 51 1 1 0 1 0 8 0
amappl12 168 1885 0 1853 3 0 3 3 0 8 0
amappl11 160 52 0 42 1 0 1 1 0 8 0
amappl10 152 56 0 44 1 0 1 1 0 8 0
amappl9 144 373 0 373 2 2 0 1 0 8 0
amappl8 136 176 0 145 2 0 2 2 0 8 0
amappl7 128 59 0 45 1 0 1 1 0 8 0
amappl6 120 440 0 424 2 1 1 2 0 8 0
amappl5 112 249 0 237 1 0 1 1 0 8 0
amappl4 104 646 0 610 2 0 2 2 0 8 0
amappl3 96 5583 0 5503 3 0 3 3 0 8 0
amappl2 88 1476 0 1405 4 2 2 4 0 8 0
amappl1 80 12205 0 11692 22 9 13 22 0 8 0
amappl 88 8822 0 8634 6 0 6 6 0 92 0
dma4096 4096 1 0 1 1 1 0 1 0 8 0
dma1024 1024 1 0 0 1 0 1 1 0 8 0
dma256 256 6 0 6 1 1 0 1 0 8 0
dma128 128 253 0 253 1 1 0 1 0 8 0
dma64 64 6 0 6 1 1 0 1 0 8 0
dma32 32 7 0 7 1 1 0 1 0 8 0
dma16 16 18 0 17 1 0 1 1 0 8 0
aobjpl 72 40 0 5 1 0 1 1 0 8 0
uaddrrnd 24 1068 0 1040 1 0 1 1 0 8 0
uaddrbest 32 2 0 0 1 0 1 1 0 8 0
uaddr 24 1068 0 1040 1 0 1 1 0 8 0
vmmpekpl 168 12978 0 12921 4 0 4 4 0 8 0
vmmpepl 168 88733 0 86867 120 26 94 116 0 357 0
vmsppl 440 1067 0 1040 4 0 4 4 0 8 0
rwobjpl 56 32567 0 28232 66 3 63 63 0 8 0
pdppl 4096 2143 0 2080 133 62 71 79 0 8 8
pvpl 32 46399 0 0 375 0 375 375 0 265 0
pmappl 248 1067 0 1040 4 1 3 3 0 8 0
extentpl 40 56 0 38 1 0 1 1 0 8 0
phpool 112 466 0 75 12 0 12 12 0 8 0
ddb{0}> machine ddbcpu 0
Invalid cpu 0
ddb{0}> trace
nd6_timer(0) at nd6_timer+0x57 sys/netinet6/nd6.c:278
timeout_run(ffffffff82e5ac08) at timeout_run+0xd0 sys/kern/kern_timeout.c:666
softclock_thread(ffff8000fffff480) at softclock_thread+0x113 sys/kern/kern_timeout.c:814
end trace frame: 0x0, count: -3
ddb{0}> machine ddbcpu 1
Stopped at x86_ipi_db+0x1e: addq $0x8,%rsp
ddb{1}> trace
x86_ipi_db(ffff800029cebff0) at x86_ipi_db+0x1e sys/arch/amd64/amd64/db_interface.c:393
x86_ipi_handler() at x86_ipi_handler+0xb7 sys/arch/amd64/amd64/ipi.c:106
Xresume_lapic_ipi() at Xresume_lapic_ipi+0x27
__mp_lock(ffffffff82e59e60) at __mp_lock+0x122 __mp_lock_spin sys/kern/kern_lock.c:116 [inline]
__mp_lock(ffffffff82e59e60) at __mp_lock+0x122 sys/kern/kern_lock.c:147
__mp_acquire_count(ffffffff82e59e60,1) at __mp_acquire_count+0x48 sys/kern/kern_lock.c:227
mi_switch() at mi_switch+0x491 sys/kern/sched_bsd.c:470
sleep_finish(65,1) at sleep_finish+0x19a sys/kern/kern_synch.c:417
syncer_thread(ffff80002a148cd8) at syncer_thread+0x446 sys/kern/vfs_sync.c:204
end trace frame: 0x0, count: -8
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
If the report is already addressed, let syzbot know by replying with:
#syz fix: exact-commit-title
If you want to overwrite report's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)
If the report is a duplicate of another one, reply with:
#syz dup: exact-subject-of-another-report
If you want to undo deduplication, reply with:
#syz undup
Reply all
Reply to author
Forward
0 new messages