panic: softclock: invalid to_clock: -ADDR
0 views
Skip to first unread message
syzbot
Feb 29, 2024, 6:51:25 PMFeb 29
to syzkaller-o...@googlegroups.com
Hello,
syzbot found the following issue on:
HEAD commit: b0ca02faf19d align qwx_ce_rx error code checking with linu..
git tree: openbsd
console output: https://syzkaller.appspot.com/x/log.txt?x=1448db16180000
kernel config: https://syzkaller.appspot.com/x/.config?x=7058272de1526588
dashboard link: https://syzkaller.appspot.com/bug?extid=c66ca5ccd811720e4d4a
Unfortunately, I don't have any reproducer for this issue yet.
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/b47525acb723/disk-b0ca02fa.raw.xz
bsd.gdb: https://storage.googleapis.com/syzbot-assets/36ffde84fc61/bsd-b0ca02fa.gdb.xz
kernel image: https://storage.googleapis.com/syzbot-assets/6f1b3ad5354e/kernel-b0ca02fa.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+c66ca5...@syzkaller.appspotmail.com
panic: softclock: invalid to_clock: -1148841396
Starting stack trace...
panic(ffffffff8291ac52) at panic+0x16f sys/kern/subr_prf.c:229
softclock(0) at softclock+0x22d sys/kern/kern_timeout.c:759
softintr_dispatch(0) at softintr_dispatch+0xfb sys/arch/amd64/amd64/softintr.c:90
Xsoftclock() at Xsoftclock+0x27
x86_bus_space_io_read_4(b008,0) at x86_bus_space_io_read_4+0x2c sys/arch/amd64/amd64/bus_space.c:666
acpitimer_delay(3e8) at acpitimer_delay+0x14e acpitimer_read sys/dev/acpi/acpitimer.c:146 [inline]
acpitimer_delay(3e8) at acpitimer_delay+0x14e sys/dev/acpi/acpitimer.c:125
pckbc_poll_cmd1(ffff800000681100,0,ffff80002baa8400) at pckbc_poll_cmd1+0x285 pckbc_poll_data1 sys/dev/ic/pckbc.c:148 [inline]
pckbc_poll_cmd1(ffff800000681100,0,ffff80002baa8400) at pckbc_poll_cmd1+0x285 sys/dev/ic/pckbc.c:620
pckbc_poll_cmd(ffff800000681100,0,ffff80002baa84bf,1,0,0,b3b4cd7b7003a25d) at pckbc_poll_cmd+0xfa sys/dev/ic/pckbc.c:692
pckbd_enable(ffff800000685900,1) at pckbd_enable+0xc4 sys/dev/pckbc/pckbd.c:502
wskbdopen(4300,81,2000,ffff80002a1bb000) at wskbdopen+0x1fa wskbd_enable sys/dev/wscons/wskbd.c:810 [inline]
wskbdopen(4300,81,2000,ffff80002a1bb000) at wskbdopen+0x1fa wskbd_do_open sys/dev/wscons/wskbd.c:886 [inline]
wskbdopen(4300,81,2000,ffff80002a1bb000) at wskbdopen+0x1fa sys/dev/wscons/wskbd.c:868
spec_open(ffff80002baa85d8) at spec_open+0x3e3 sys/kern/spec_vnops.c:150
VOP_OPEN(fffffd806e3766d0,81,fffffd807f7d75b0,ffff80002a1bb000) at VOP_OPEN+0x76 sys/kern/vfs_vops.c:138
vn_open(ffff80002baa8828,81,0) at vn_open+0x452 sys/kern/vfs_vnops.c:177
doopenat(ffff80002a1bb000,ffffff9c,20000040,80,0,ffff80002baa89d0) at doopenat+0x26e sys/kern/vfs_syscalls.c:1126
syscall(ffff80002baa8a80) at syscall+0x533 mi_syscall sys/sys/syscall_mi.h:183 [inline]
syscall(ffff80002baa8a80) at syscall+0x533 sys/arch/amd64/amd64/trap.c:577
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x9fbf1d1530, count: 241
End of stack trace.
syncing disks...23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 giving up
dump to dev 4,1 not possible
rebooting...
SeaBIOS (version 1.8.2-google)
Total RAM Size = 0x0000000080000000 = 2048 MiB
CPUs found: 2 Max CPUs supported: 2
SeaBIOS (version 1.8.2-google)
Machine UUID dc1537e2-3f8b-09d0-7a97-ada6c38139e5
found virtio-scsi at 0:3
virtio-scsi vendor='Google' product='PersistentDisk' rev='1' type=0 removable=0
virtio-scsi blksize=512 sectors=4194304 = 2048 MiB
drive 0x000f2860: PCHS=0/0/0 translation=lba LCHS=520/128/63 s=4194304
Sending Seabios boot VM event.
Booting from Hard Disk 0...
>> OpenBSD/amd64 BOOT 3.65
boot> show malloc
boot: illegal argument malloc
boot> show all pools
boot> machine ddbcpu 0
machine: syntax error
boot> trace
boot> machine ddbcpu 1
machine: syntax error
boot> trace
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
If the report is already addressed, let syzbot know by replying with:
#syz fix: exact-commit-title
If you want to overwrite report's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)
If the report is a duplicate of another one, reply with:
#syz dup: exact-subject-of-another-report
If you want to undo deduplication, reply with:
#syz undup
syzbot found the following issue on:
HEAD commit: b0ca02faf19d align qwx_ce_rx error code checking with linu..
git tree: openbsd
console output: https://syzkaller.appspot.com/x/log.txt?x=1448db16180000
kernel config: https://syzkaller.appspot.com/x/.config?x=7058272de1526588
dashboard link: https://syzkaller.appspot.com/bug?extid=c66ca5ccd811720e4d4a
Unfortunately, I don't have any reproducer for this issue yet.
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/b47525acb723/disk-b0ca02fa.raw.xz
bsd.gdb: https://storage.googleapis.com/syzbot-assets/36ffde84fc61/bsd-b0ca02fa.gdb.xz
kernel image: https://storage.googleapis.com/syzbot-assets/6f1b3ad5354e/kernel-b0ca02fa.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+c66ca5...@syzkaller.appspotmail.com
panic: softclock: invalid to_clock: -1148841396
Starting stack trace...
panic(ffffffff8291ac52) at panic+0x16f sys/kern/subr_prf.c:229
softclock(0) at softclock+0x22d sys/kern/kern_timeout.c:759
softintr_dispatch(0) at softintr_dispatch+0xfb sys/arch/amd64/amd64/softintr.c:90
Xsoftclock() at Xsoftclock+0x27
x86_bus_space_io_read_4(b008,0) at x86_bus_space_io_read_4+0x2c sys/arch/amd64/amd64/bus_space.c:666
acpitimer_delay(3e8) at acpitimer_delay+0x14e acpitimer_read sys/dev/acpi/acpitimer.c:146 [inline]
acpitimer_delay(3e8) at acpitimer_delay+0x14e sys/dev/acpi/acpitimer.c:125
pckbc_poll_cmd1(ffff800000681100,0,ffff80002baa8400) at pckbc_poll_cmd1+0x285 pckbc_poll_data1 sys/dev/ic/pckbc.c:148 [inline]
pckbc_poll_cmd1(ffff800000681100,0,ffff80002baa8400) at pckbc_poll_cmd1+0x285 sys/dev/ic/pckbc.c:620
pckbc_poll_cmd(ffff800000681100,0,ffff80002baa84bf,1,0,0,b3b4cd7b7003a25d) at pckbc_poll_cmd+0xfa sys/dev/ic/pckbc.c:692
pckbd_enable(ffff800000685900,1) at pckbd_enable+0xc4 sys/dev/pckbc/pckbd.c:502
wskbdopen(4300,81,2000,ffff80002a1bb000) at wskbdopen+0x1fa wskbd_enable sys/dev/wscons/wskbd.c:810 [inline]
wskbdopen(4300,81,2000,ffff80002a1bb000) at wskbdopen+0x1fa wskbd_do_open sys/dev/wscons/wskbd.c:886 [inline]
wskbdopen(4300,81,2000,ffff80002a1bb000) at wskbdopen+0x1fa sys/dev/wscons/wskbd.c:868
spec_open(ffff80002baa85d8) at spec_open+0x3e3 sys/kern/spec_vnops.c:150
VOP_OPEN(fffffd806e3766d0,81,fffffd807f7d75b0,ffff80002a1bb000) at VOP_OPEN+0x76 sys/kern/vfs_vops.c:138
vn_open(ffff80002baa8828,81,0) at vn_open+0x452 sys/kern/vfs_vnops.c:177
doopenat(ffff80002a1bb000,ffffff9c,20000040,80,0,ffff80002baa89d0) at doopenat+0x26e sys/kern/vfs_syscalls.c:1126
syscall(ffff80002baa8a80) at syscall+0x533 mi_syscall sys/sys/syscall_mi.h:183 [inline]
syscall(ffff80002baa8a80) at syscall+0x533 sys/arch/amd64/amd64/trap.c:577
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x9fbf1d1530, count: 241
End of stack trace.
syncing disks...23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 23 giving up
dump to dev 4,1 not possible
rebooting...
SeaBIOS (version 1.8.2-google)
Total RAM Size = 0x0000000080000000 = 2048 MiB
CPUs found: 2 Max CPUs supported: 2
SeaBIOS (version 1.8.2-google)
Machine UUID dc1537e2-3f8b-09d0-7a97-ada6c38139e5
found virtio-scsi at 0:3
virtio-scsi vendor='Google' product='PersistentDisk' rev='1' type=0 removable=0
virtio-scsi blksize=512 sectors=4194304 = 2048 MiB
drive 0x000f2860: PCHS=0/0/0 translation=lba LCHS=520/128/63 s=4194304
Sending Seabios boot VM event.
Booting from Hard Disk 0...
>> OpenBSD/amd64 BOOT 3.65
boot> show malloc
boot: illegal argument malloc
boot> show all pools
boot> machine ddbcpu 0
machine: syntax error
boot> trace
boot> machine ddbcpu 1
machine: syntax error
boot> trace
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
If the report is already addressed, let syzbot know by replying with:
#syz fix: exact-commit-title
If you want to overwrite report's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)
If the report is a duplicate of another one, reply with:
#syz dup: exact-subject-of-another-report
If you want to undo deduplication, reply with:
#syz undup
Reply all
Reply to author
Forward
0 new messages