assert "bp->b_data != NULL" failed in vfs_biomem.c (5)
0 views
Skip to first unread message
syzbot
Apr 8, 2024, 5:58:32 PMApr 8
to syzkaller-o...@googlegroups.com
Hello,
syzbot found the following issue on:
HEAD commit: 7e284d508f03 Fix capping of VAPs
git tree: openbsd
console output: https://syzkaller.appspot.com/x/log.txt?x=10280f9d180000
kernel config: https://syzkaller.appspot.com/x/.config?x=1bc15e68cd2a49e5
dashboard link: https://syzkaller.appspot.com/bug?extid=3a632c8695f46bf4e53a
Unfortunately, I don't have any reproducer for this issue yet.
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/9dc13d3284a4/disk-7e284d50.raw.xz
bsd.gdb: https://storage.googleapis.com/syzbot-assets/3198819dcdc1/bsd-7e284d50.gdb.xz
kernel image: https://storage.googleapis.com/syzbot-assets/71c921eecfc0/kernel-7e284d50.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+3a632c...@syzkaller.appspotmail.com
panic: kernel diagnostic assertion "bp->b_data != NULL" failed: file "/syzkaller/managers/main/kernel/sys/kern/vfs_biomem.c", line 235
Stopped at db_enter+0x1c: addq $0x8,%rsp
TID PID UID PRFLAGS PFLAGS CPU COMMAND
*114816 31548 0 0x8000002 0x1 0 syz-executor.7
db_enter() at db_enter+0x1c sys/arch/amd64/amd64/db_interface.c:437
panic(ffffffff8292d44c) at panic+0x165 sys/kern/subr_prf.c:198
__assert(ffffffff828e346f,ffffffff828f0e96,eb,ffffffff82870b09) at __assert+0x29 sys/kern/subr_prf.c:157
buf_unmap(fffffd8079396258) at buf_unmap+0x1a8 sys/kern/vfs_biomem.c:235
buf_map(fffffd806b7858c0) at buf_map+0x1c6 sys/kern/vfs_biomem.c:117
buf_get(fffffd805bc42a40,3e,4000) at buf_get+0x42f sys/kern/vfs_bio.c:1175
getblk(fffffd805bc42a40,3e,4000,0,ffffffffffffffff) at getblk+0xfd sys/kern/vfs_bio.c:1044
ffs2_balloc(fffffd807cd6f2e0,f8000,11,fffffd807f7d76e8,1,ffff80002a69ccb8) at ffs2_balloc+0x11d9 sys/ufs/ffs/ffs_balloc.c:684
ffs_write(ffff80002a69cd40) at ffs_write+0x3c7 sys/ufs/ffs/ffs_vnops.c:345
VOP_WRITE(fffffd805bc42a40,ffff80002a69cdf0,3,fffffd807f7d76e8) at VOP_WRITE+0xc3 sys/kern/vfs_vops.c:245
ktrwriteraw(ffff80002a6ac7f0,fffffd805bc42a40,fffffd807f7d76e8,ffff80002a69ceb8,ffff80002a69ce90) at ktrwriteraw+0x149 sys/kern/kern_ktrace.c:682
ktrstruct(ffff80002a6ac7f0,ffffffff82859f91,ffff80002a69cf78,10) at ktrstruct+0x163 ktrwrite2 sys/kern/kern_ktrace.c:645 [inline]
ktrstruct(ffff80002a6ac7f0,ffffffff82859f91,ffff80002a69cf78,10) at ktrstruct+0x163 sys/kern/kern_ktrace.c:308
sys_setrlimit(ffff80002a6ac7f0,ffff80002a69d0b0,ffff80002a69d000) at sys_setrlimit+0xba sys/kern/kern_resource.c:239
syscall(ffff80002a69d0b0) at syscall+0x72a sys/arch/amd64/amd64/trap.c:577
end trace frame: 0xffff80002a69d130, count: 0
https://www.openbsd.org/ddb.html describes the minimum info required in bug
reports. Insufficient info makes it difficult to find and fix bugs.
ddb>
ddb> set $lines = 0
ddb> set $maxwidth = 0
ddb> show panic
*cpu0: kernel diagnostic assertion "bp->b_data != NULL" failed: file "/syzkaller/managers/main/kernel/sys/kern/vfs_biomem.c", line 235
ddb> trace
db_enter() at db_enter+0x1c sys/arch/amd64/amd64/db_interface.c:437
panic(ffffffff8292d44c) at panic+0x165 sys/kern/subr_prf.c:198
__assert(ffffffff828e346f,ffffffff828f0e96,eb,ffffffff82870b09) at __assert+0x29 sys/kern/subr_prf.c:157
buf_unmap(fffffd8079396258) at buf_unmap+0x1a8 sys/kern/vfs_biomem.c:235
buf_map(fffffd806b7858c0) at buf_map+0x1c6 sys/kern/vfs_biomem.c:117
buf_get(fffffd805bc42a40,3e,4000) at buf_get+0x42f sys/kern/vfs_bio.c:1175
getblk(fffffd805bc42a40,3e,4000,0,ffffffffffffffff) at getblk+0xfd sys/kern/vfs_bio.c:1044
ffs2_balloc(fffffd807cd6f2e0,f8000,11,fffffd807f7d76e8,1,ffff80002a69ccb8) at ffs2_balloc+0x11d9 sys/ufs/ffs/ffs_balloc.c:684
ffs_write(ffff80002a69cd40) at ffs_write+0x3c7 sys/ufs/ffs/ffs_vnops.c:345
VOP_WRITE(fffffd805bc42a40,ffff80002a69cdf0,3,fffffd807f7d76e8) at VOP_WRITE+0xc3 sys/kern/vfs_vops.c:245
ktrwriteraw(ffff80002a6ac7f0,fffffd805bc42a40,fffffd807f7d76e8,ffff80002a69ceb8,ffff80002a69ce90) at ktrwriteraw+0x149 sys/kern/kern_ktrace.c:682
ktrstruct(ffff80002a6ac7f0,ffffffff82859f91,ffff80002a69cf78,10) at ktrstruct+0x163 ktrwrite2 sys/kern/kern_ktrace.c:645 [inline]
ktrstruct(ffff80002a6ac7f0,ffffffff82859f91,ffff80002a69cf78,10) at ktrstruct+0x163 sys/kern/kern_ktrace.c:308
sys_setrlimit(ffff80002a6ac7f0,ffff80002a69d0b0,ffff80002a69d000) at sys_setrlimit+0xba sys/kern/kern_resource.c:239
syscall(ffff80002a69d0b0) at syscall+0x72a sys/arch/amd64/amd64/trap.c:577
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x7e78ea6bd720, count: -15
ddb> show registers
rdi 0
rsi 0x1
rbp 0xffff80002a69c640
rbx 0xfffffd806b785801
rdx 0
rcx 0
rax 0xffff80002a6ac7f0
r8 0x101010101010101
r9 0x8080808080808080
r10 0x21a3159ad557372
r11 0xa97d93a7688f87d8
r12 0
r13 0
r14 0
r15 0x1
rip 0xffffffff82782c8c db_enter+0x1c
cs 0x8
rflags 0x246
rsp 0xffff80002a69c630
ss 0x10
db_enter+0x1c: addq $0x8,%rsp
ddb> show proc
PROC (syz-executor.7) tid=114816 pid=31548 tcnt=1 stat=onproc
flags process=8000002<EXEC> proc=1<INKTR>
runpri=17, usrpri=52, slppri=17, nice=20
wchan=0x0, wmesg=, ps_single=0x0
forw=0xffffffffffffffff, list=0xffff80002a6adc70,0xffff80002a6ac570
process=0xffff8000343f2e28 user=0xffff80002a698000, vmspace=0xfffffd806b354ad8
estcpu=2, cpticks=1, pctcpu=0.0, user=0, sys=1, intr=0
ddb> ps
PID TID PPID UID S FLAGS WAIT COMMAND
53641 132074 43363 0 2 0x8000000 syz-executor.0
53641 5054 43363 0 2 0xc000000 syz-executor.0
24927 189480 13377 0 2 0x8000000 syz-executor.3
*31548 114816 58236 0 7 0x8000003 syz-executor.7
31418 402304 38146 0 2 0x8000000 syz-executor.4
31418 336094 38146 0 2 0xc000000 syz-executor.4
31418 468599 38146 0 3 0xc000080 fsleep syz-executor.4
55757 92006 3827 0 2 0x8000000 syz-executor.1
55757 333191 3827 0 3 0xc000080 fsleep syz-executor.1
13377 345710 58236 0 3 0x8000082 nanoslp syz-executor.3
67539 458332 58236 0 2 0x8000002 syz-executor.5
38146 130984 58236 0 3 0x8000082 nanoslp syz-executor.4
22523 61876 0 0 3 0x14280 nfsidl nfsio
95335 91064 0 0 3 0x14280 nfsidl nfsio
57636 523674 0 0 3 0x14280 nfsidl nfsio
14312 368980 0 0 3 0x14280 nfsidl nfsio
76266 448675 0 0 3 0x14280 nfsidl nfsio
16190 434091 0 0 3 0x14280 nfsidl nfsio
73551 486547 0 0 3 0x14280 nfsidl nfsio
64412 376824 0 0 3 0x14280 nfsidl nfsio
84372 73465 0 0 3 0x14280 nfsidl nfsio
19731 96502 0 0 3 0x14280 nfsidl nfsio
83358 102065 0 0 3 0x14280 nfsidl nfsio
21262 262514 0 0 3 0x14280 nfsidl nfsio
80267 363490 0 0 3 0x14280 nfsidl nfsio
48887 191645 0 0 3 0x14280 nfsidl nfsio
13904 30566 0 0 3 0x14280 nfsidl nfsio
64108 404568 0 0 3 0x14280 nfsidl nfsio
28022 427489 0 0 3 0x14280 nfsidl nfsio
43593 68813 0 0 3 0x14280 nfsidl nfsio
88678 315820 0 0 3 0x14280 nfsidl nfsio
65117 25221 0 0 3 0x14280 nfsidl nfsio
3827 34543 58236 0 3 0x8000082 nanoslp syz-executor.1
43363 195483 58236 0 3 0x8000082 nanoslp syz-executor.0
9695 125514 0 0 3 0x14200 bored sosplice
31955 204144 58236 0 3 0x8000082 nanoslp syz-executor.6
61016 308904 13893 0 3 0x18100082 netio ndp
13893 161278 1 0 3 0x810008a sigsusp sh
35236 51726 58236 0 2 0x8000002 syz-executor.2
58236 318565 35315 0 3 0x1a000082 thrsleep syz-fuzzer
58236 166999 35315 0 3 0x1e000082 nanoslp syz-fuzzer
58236 163056 35315 0 3 0x1e000082 wait syz-fuzzer
58236 468273 35315 0 3 0x1e000082 wait syz-fuzzer
58236 420245 35315 0 3 0x1e000082 thrsleep syz-fuzzer
58236 454320 35315 0 3 0x1e000082 thrsleep syz-fuzzer
58236 255035 35315 0 3 0x1e000082 wait syz-fuzzer
58236 48320 35315 0 3 0x1e000082 thrsleep syz-fuzzer
58236 356043 35315 0 3 0x1e000082 wait syz-fuzzer
58236 477228 35315 0 3 0x1e000082 wait syz-fuzzer
58236 7227 35315 0 3 0x1e000082 thrsleep syz-fuzzer
58236 235612 35315 0 3 0x1e000082 wait syz-fuzzer
58236 240837 35315 0 3 0x1e000082 wait syz-fuzzer
58236 373988 35315 0 3 0x1e000082 thrsleep syz-fuzzer
58236 222078 35315 0 3 0x1e000082 wait syz-fuzzer
35315 194458 49706 0 3 0x810008a sigsusp ksh
49706 180804 71409 0 3 0x1800009a kqread sshd
40979 500242 1 0 3 0x18100083 ttyin getty
71409 176521 1 0 3 0x18000088 kqread sshd
85355 276793 77355 73 3 0x19100090 kqread syslogd
77355 359170 1 0 3 0x18100082 sbwait syslogd
94666 305010 1 0 3 0x18100080 kqread resolvd
51375 36330 79248 77 3 0x18100092 kqread dhcpleased
23218 459001 79248 77 3 0x18100092 kqread dhcpleased
79248 497556 1 0 3 0x18000080 kqread dhcpleased
23693 101547 0 0 3 0x14200 bored smr
59686 319258 0 0 2 0x14200 zerothread
99309 231772 0 0 3 0x14200 aiodoned aiodoned
49627 98267 0 0 3 0x14200 syncer update
44693 158973 0 0 3 0x14200 cleaner cleaner
38460 57707 0 0 3 0x14200 reaper reaper
70366 271892 0 0 3 0x14200 pgdaemon pagedaemon
13505 369104 0 0 3 0x14200 bored viomb
39693 427766 0 0 3 0x40014200 acpi0 acpi0
49069 253482 0 0 3 0x14200 bored softnet3
13670 450840 0 0 3 0x14200 bored softnet2
90798 390538 0 0 3 0x14200 bored softnet1
10932 114062 0 0 3 0x14200 bored softnet0
97921 215949 0 0 3 0x14200 bored systqmp
65894 2831 0 0 3 0x14200 bored systq
12741 272780 0 0 3 0x40014200 tmoslp softclock
4499 280779 0 0 3 0x40014200 idle0
1 130989 0 0 3 0x8080082 wait init
0 0 -1 0 3 0x10200 scheduler swapper
ddb> show all locks
No such command
ddb> show malloc
Type InUse MemUse HighUse Limit Requests Type Lim
devbuf 10171 6415K 7247K 166960K 15325 0
pcb 16 14K 16K 166960K 326 0
rtable 216 8K 9K 166960K 931 0
pf 27 8K 9K 166960K 82 0
ifaddr 38 10K 11K 166960K 103 0
ifgroup 46 2K 2K 166960K 143 0
sysctl 3 1K 1K 166960K 4 0
counters 29 17K 17K 166960K 54 0
ioctlops 0 0K 2K 166960K 173 0
iov 0 0K 18K 166960K 206 0
mount 1 1K 1K 166960K 1 0
log 0 0K 0K 166960K 4 0
vnodes 1502 94K 95K 166960K 3012 0
UFS quota 1 32K 32K 166960K 1 0
UFS mount 5 36K 36K 166960K 5 0
shm 2 1K 9K 166960K 58 0
VM map 2 1K 1K 166960K 2 0
sem 12 0K 1K 166960K 205 0
dirhash 12 2K 3K 166960K 36 0
ACPI 1697 195K 286K 166960K 12548 0
file desc 16 57K 77K 166960K 2072 0
sigio 0 0K 0K 166960K 101 0
proc 60 59K 75K 166960K 875 0
subproc 117 7K 7K 166960K 253 0
NFS srvsock 1 0K 0K 166960K 1 0
NFS daemon 1 16K 16K 166960K 1 0
ip_moptions 0 0K 0K 166960K 526 0
in_multi 87 6K 7K 166960K 263 0
ether_multi 2 0K 0K 166960K 11 0
mrt 2 0K 0K 166960K 7 0
ISOFS mount 1 32K 32K 166960K 1 0
MSDOSFS mount 1 16K 16K 166960K 1 0
ttys 97 440K 440K 166960K 97 0
exec 0 0K 1K 166960K 876 0
pfkey data 0 0K 1K 166960K 5 0
tdb 3 0K 0K 166960K 3 0
VM swap 8 62K 64K 166960K 10 0
UVM amap 305 185K 197K 166960K 20108 0
UVM aobj 108 3K 4K 166960K 114 0
pinsyscall 37 74K 100K 166960K 3459 0
memdesc 1 4K 4K 166960K 1 0
crypto data 1 1K 1K 166960K 1 0
ip6_options 0 0K 0K 166960K 104 0
NDP 10 0K 2K 166960K 71 0
temp 75 6804K 7440K 166960K 33185 0
kqueue 12 18K 26K 166960K 261 0
SYN cache 2 16K 16K 166960K 2 0
ddb> show all pools
Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle
rtpcb 120 180 0 176 1 0 1 1 0 8 0
rtentry 112 316 0 218 4 0 4 4 0 8 0
unpcb 144 1859 0 1844 6 0 6 6 0 8 5
syncache 336 57 0 57 1 0 1 1 0 8 1
sackhl 24 3 0 3 1 0 1 1 0 8 1
tcpqe 32 159 0 159 1 0 1 1 0 8 1
tcpcb 808 840 0 816 15 4 11 15 0 8 8
arp 88 40 0 26 1 0 1 1 0 8 0
ipq 40 1 0 1 1 0 1 1 0 8 1
ipqe 40 44 0 44 1 0 1 1 0 8 1
inpcb 360 2620 0 2591 14 2 12 14 0 8 8
nd6 104 59 0 35 1 0 1 1 0 8 0
pkpcb 40 81 0 81 1 0 1 1 0 8 1
kcovpl 48 19 0 10 1 0 1 1 0 8 0
ppxss 1072 4 0 4 1 0 1 1 0 8 1
art_heap8 4096 1 0 0 1 0 1 1 0 8 0
art_heap4 256 914 0 498 29 0 29 29 0 8 3
art_table 32 915 0 498 4 0 4 4 0 8 0
art_node 16 231 0 142 1 0 1 1 0 8 0
sysvmsgpl 40 34 0 19 1 0 1 1 0 8 0
semupl 112 2 0 2 1 0 1 1 0 8 1
semapl 112 200 0 190 1 0 1 1 0 8 0
shmpl 112 111 0 6 3 0 3 3 0 8 0
dirhash 1024 33 0 16 3 0 3 3 0 8 0
dino2pl 256 4566 0 3053 96 0 96 96 0 8 0
ffsino 240 4566 0 3053 90 0 90 90 0 8 0
nchpl 144 7621 0 5893 66 0 66 66 0 8 0
uvmvnodes 80 5822 0 0 119 0 119 119 0 8 0
vnodes 216 5822 0 0 324 0 324 324 0 8 0
namei 1024 25802 0 25802 2 0 2 2 0 8 2
vcpupl 2048 14 0 1 2 0 2 2 0 8 0
vmpool 664 19 0 6 2 0 2 2 0 8 0
kstatmem 264 70 0 50 2 0 2 2 0 8 0
scxspl 216 26576 0 26575 8 0 8 8 1 8 7
plimitpl 152 358 0 342 1 0 1 1 0 8 0
sigapl 424 2368 0 2303 8 0 8 8 0 8 0
futexpl 64 29240 0 29238 1 0 1 1 0 8 0
knotepl 120 20483 0 20399 10 0 10 10 0 8 7
kqueuepl 184 598 0 590 4 0 4 4 0 8 3
pipepl 288 419 0 388 7 0 7 7 0 8 4
fdescpl 432 2330 0 2303 4 0 4 4 0 8 0
filepl 120 15634 0 15378 15 0 15 15 0 8 5
lockfpl 104 580 0 578 1 0 1 1 0 8 0
lockfspl 48 267 0 265 1 0 1 1 0 8 0
sessionpl 144 34 0 17 1 0 1 1 0 8 0
pgrppl 48 265 0 248 1 0 1 1 0 8 0
ucredpl 104 2247 0 2237 1 0 1 1 0 8 0
zombiepl 144 2304 0 2303 1 0 1 1 0 8 0
processpl 1072 2368 0 2303 5 0 5 5 0 8 0
procpl 656 4754 0 4671 9 0 9 9 0 8 0
sosppl 168 64 0 64 1 0 1 1 0 8 1
sockpl 488 4752 0 4704 61 45 16 29 0 8 8
mcl64k 65536 81 0 81 1 0 1 1 0 8 1
mcl16k 16384 60 0 60 1 0 1 1 0 8 1
mcl12k 12288 104 0 104 1 0 1 1 0 8 1
mcl9k 9216 18 0 18 1 0 1 1 0 8 1
mcl8k 8192 141 0 140 1 0 1 1 0 8 0
mcl4k 4096 284 0 284 1 0 1 1 0 8 1
mcl2k2 2112 11 0 11 1 0 1 1 0 8 1
mcl2k 2048 32245 0 32197 39 25 14 39 0 8 6
mtagpl 96 452 0 209 9 0 9 9 0 8 1
mbufpl 256 84691 0 84277 44 8 36 36 0 8 5
bufpl 280 7884 0 1554 453 0 453 453 0 8 0
bufpl: pool(0xffffffff82d3de58:bufpl): page inconsistency: page 0x0; at page head addr 0xfffffd8079396f90 (p 0xfffffd8079396000)
anonpl 24 378870 0 373262 65 0 65 65 0 188 17
amapchunkpl 152 64856 0 64257 39 0 39 39 0 158 9
amappl16 200 8813 0 8720 33 18 15 18 0 8 8
amappl15 192 19 0 18 1 0 1 1 0 8 0
amappl14 184 199 0 184 2 0 2 2 0 8 1
amappl13 176 12 0 12 1 0 1 1 0 8 1
amappl12 168 3134 0 3104 2 0 2 2 0 8 0
amappl11 160 45 0 35 1 0 1 1 0 8 0
amappl10 152 89 0 72 1 0 1 1 0 8 0
amappl9 144 187 0 185 1 0 1 1 0 8 0
amappl8 136 262 0 196 3 0 3 3 0 8 0
amappl7 128 60 0 48 1 0 1 1 0 8 0
amappl6 120 510 0 489 2 0 2 2 0 8 0
amappl5 112 240 0 227 1 0 1 1 0 8 0
amappl4 104 622 0 586 2 0 2 2 0 8 0
amappl3 96 12989 0 12922 3 0 3 3 0 8 0
amappl2 88 2877 0 2806 3 0 3 3 0 8 1
amappl1 80 17073 0 16563 22 2 20 22 0 8 8
amappl 88 19354 0 19170 6 0 6 6 0 92 0
dma4096 4096 1 0 1 1 0 1 1 0 8 1
dma1024 1024 1 0 0 1 0 1 1 0 8 0
dma256 256 6 0 6 1 0 1 1 0 8 1
dma128 128 253 0 253 1 0 1 1 0 8 1
dma64 64 6 0 6 1 0 1 1 0 8 1
dma32 32 7 0 7 1 0 1 1 0 8 1
dma16 16 18 0 17 1 0 1 1 0 8 0
aobjpl 72 113 0 6 2 0 2 2 0 8 0
uaddrrnd 24 2349 0 2309 1 0 1 1 0 8 0
uaddrbest 32 2 0 0 1 0 1 1 0 8 0
uaddr 24 2349 0 2309 1 0 1 1 0 8 0
vmmpekpl 168 19570 0 19508 3 0 3 3 0 8 0
vmmpepl 168 158726 0 156896 110 0 110 110 0 357 19
vmsppl 344 2348 0 2309 4 0 4 4 0 8 0
rwobjpl 24 49488 0 42460 43 0 43 43 0 8 0
pdppl 4096 4704 0 4631 162 85 77 82 0 8 4
pvpl 32 963566 0 952114 358 13 345 358 0 265 231
pmappl 216 2348 0 2309 3 0 3 3 0 8 0
extentpl 40 56 0 38 1 0 1 1 0 8 0
phpool 112 498 0 122 11 0 11 11 0 8 0
ddb> machine ddbcpu 0
No such command
ddb> trace
db_enter() at db_enter+0x1c sys/arch/amd64/amd64/db_interface.c:437
panic(ffffffff8292d44c) at panic+0x165 sys/kern/subr_prf.c:198
__assert(ffffffff828e346f,ffffffff828f0e96,eb,ffffffff82870b09) at __assert+0x29 sys/kern/subr_prf.c:157
buf_unmap(fffffd8079396258) at buf_unmap+0x1a8 sys/kern/vfs_biomem.c:235
buf_map(fffffd806b7858c0) at buf_map+0x1c6 sys/kern/vfs_biomem.c:117
buf_get(fffffd805bc42a40,3e,4000) at buf_get+0x42f sys/kern/vfs_bio.c:1175
getblk(fffffd805bc42a40,3e,4000,0,ffffffffffffffff) at getblk+0xfd sys/kern/vfs_bio.c:1044
ffs2_balloc(fffffd807cd6f2e0,f8000,11,fffffd807f7d76e8,1,ffff80002a69ccb8) at ffs2_balloc+0x11d9 sys/ufs/ffs/ffs_balloc.c:684
ffs_write(ffff80002a69cd40) at ffs_write+0x3c7 sys/ufs/ffs/ffs_vnops.c:345
VOP_WRITE(fffffd805bc42a40,ffff80002a69cdf0,3,fffffd807f7d76e8) at VOP_WRITE+0xc3 sys/kern/vfs_vops.c:245
ktrwriteraw(ffff80002a6ac7f0,fffffd805bc42a40,fffffd807f7d76e8,ffff80002a69ceb8,ffff80002a69ce90) at ktrwriteraw+0x149 sys/kern/kern_ktrace.c:682
ktrstruct(ffff80002a6ac7f0,ffffffff82859f91,ffff80002a69cf78,10) at ktrstruct+0x163 ktrwrite2 sys/kern/kern_ktrace.c:645 [inline]
ktrstruct(ffff80002a6ac7f0,ffffffff82859f91,ffff80002a69cf78,10) at ktrstruct+0x163 sys/kern/kern_ktrace.c:308
sys_setrlimit(ffff80002a6ac7f0,ffff80002a69d0b0,ffff80002a69d000) at sys_setrlimit+0xba sys/kern/kern_resource.c:239
syscall(ffff80002a69d0b0) at syscall+0x72a sys/arch/amd64/amd64/trap.c:577
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x7e78ea6bd720, count: -15
ddb> machine ddbcpu 1
No such command
ddb> trace
db_enter() at db_enter+0x1c sys/arch/amd64/amd64/db_interface.c:437
panic(ffffffff8292d44c) at panic+0x165 sys/kern/subr_prf.c:198
__assert(ffffffff828e346f,ffffffff828f0e96,eb,ffffffff82870b09) at __assert+0x29 sys/kern/subr_prf.c:157
buf_unmap(fffffd8079396258) at buf_unmap+0x1a8 sys/kern/vfs_biomem.c:235
buf_map(fffffd806b7858c0) at buf_map+0x1c6 sys/kern/vfs_biomem.c:117
buf_get(fffffd805bc42a40,3e,4000) at buf_get+0x42f sys/kern/vfs_bio.c:1175
getblk(fffffd805bc42a40,3e,4000,0,ffffffffffffffff) at getblk+0xfd sys/kern/vfs_bio.c:1044
ffs2_balloc(fffffd807cd6f2e0,f8000,11,fffffd807f7d76e8,1,ffff80002a69ccb8) at ffs2_balloc+0x11d9 sys/ufs/ffs/ffs_balloc.c:684
ffs_write(ffff80002a69cd40) at ffs_write+0x3c7 sys/ufs/ffs/ffs_vnops.c:345
VOP_WRITE(fffffd805bc42a40,ffff80002a69cdf0,3,fffffd807f7d76e8) at VOP_WRITE+0xc3 sys/kern/vfs_vops.c:245
ktrwriteraw(ffff80002a6ac7f0,fffffd805bc42a40,fffffd807f7d76e8,ffff80002a69ceb8,ffff80002a69ce90) at ktrwriteraw+0x149 sys/kern/kern_ktrace.c:682
ktrstruct(ffff80002a6ac7f0,ffffffff82859f91,ffff80002a69cf78,10) at ktrstruct+0x163 ktrwrite2 sys/kern/kern_ktrace.c:645 [inline]
ktrstruct(ffff80002a6ac7f0,ffffffff82859f91,ffff80002a69cf78,10) at ktrstruct+0x163 sys/kern/kern_ktrace.c:308
sys_setrlimit(ffff80002a6ac7f0,ffff80002a69d0b0,ffff80002a69d000) at sys_setrlimit+0xba sys/kern/kern_resource.c:239
syscall(ffff80002a69d0b0) at syscall+0x72a sys/arch/amd64/amd64/trap.c:577
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x7e78ea6bd720, count: -15
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
If the report is already addressed, let syzbot know by replying with:
#syz fix: exact-commit-title
If you want to overwrite report's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)
If the report is a duplicate of another one, reply with:
#syz dup: exact-subject-of-another-report
If you want to undo deduplication, reply with:
#syz undup
syzbot found the following issue on:
HEAD commit: 7e284d508f03 Fix capping of VAPs
git tree: openbsd
console output: https://syzkaller.appspot.com/x/log.txt?x=10280f9d180000
kernel config: https://syzkaller.appspot.com/x/.config?x=1bc15e68cd2a49e5
dashboard link: https://syzkaller.appspot.com/bug?extid=3a632c8695f46bf4e53a
Unfortunately, I don't have any reproducer for this issue yet.
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/9dc13d3284a4/disk-7e284d50.raw.xz
bsd.gdb: https://storage.googleapis.com/syzbot-assets/3198819dcdc1/bsd-7e284d50.gdb.xz
kernel image: https://storage.googleapis.com/syzbot-assets/71c921eecfc0/kernel-7e284d50.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+3a632c...@syzkaller.appspotmail.com
panic: kernel diagnostic assertion "bp->b_data != NULL" failed: file "/syzkaller/managers/main/kernel/sys/kern/vfs_biomem.c", line 235
Stopped at db_enter+0x1c: addq $0x8,%rsp
TID PID UID PRFLAGS PFLAGS CPU COMMAND
*114816 31548 0 0x8000002 0x1 0 syz-executor.7
db_enter() at db_enter+0x1c sys/arch/amd64/amd64/db_interface.c:437
panic(ffffffff8292d44c) at panic+0x165 sys/kern/subr_prf.c:198
__assert(ffffffff828e346f,ffffffff828f0e96,eb,ffffffff82870b09) at __assert+0x29 sys/kern/subr_prf.c:157
buf_unmap(fffffd8079396258) at buf_unmap+0x1a8 sys/kern/vfs_biomem.c:235
buf_map(fffffd806b7858c0) at buf_map+0x1c6 sys/kern/vfs_biomem.c:117
buf_get(fffffd805bc42a40,3e,4000) at buf_get+0x42f sys/kern/vfs_bio.c:1175
getblk(fffffd805bc42a40,3e,4000,0,ffffffffffffffff) at getblk+0xfd sys/kern/vfs_bio.c:1044
ffs2_balloc(fffffd807cd6f2e0,f8000,11,fffffd807f7d76e8,1,ffff80002a69ccb8) at ffs2_balloc+0x11d9 sys/ufs/ffs/ffs_balloc.c:684
ffs_write(ffff80002a69cd40) at ffs_write+0x3c7 sys/ufs/ffs/ffs_vnops.c:345
VOP_WRITE(fffffd805bc42a40,ffff80002a69cdf0,3,fffffd807f7d76e8) at VOP_WRITE+0xc3 sys/kern/vfs_vops.c:245
ktrwriteraw(ffff80002a6ac7f0,fffffd805bc42a40,fffffd807f7d76e8,ffff80002a69ceb8,ffff80002a69ce90) at ktrwriteraw+0x149 sys/kern/kern_ktrace.c:682
ktrstruct(ffff80002a6ac7f0,ffffffff82859f91,ffff80002a69cf78,10) at ktrstruct+0x163 ktrwrite2 sys/kern/kern_ktrace.c:645 [inline]
ktrstruct(ffff80002a6ac7f0,ffffffff82859f91,ffff80002a69cf78,10) at ktrstruct+0x163 sys/kern/kern_ktrace.c:308
sys_setrlimit(ffff80002a6ac7f0,ffff80002a69d0b0,ffff80002a69d000) at sys_setrlimit+0xba sys/kern/kern_resource.c:239
syscall(ffff80002a69d0b0) at syscall+0x72a sys/arch/amd64/amd64/trap.c:577
end trace frame: 0xffff80002a69d130, count: 0
https://www.openbsd.org/ddb.html describes the minimum info required in bug
reports. Insufficient info makes it difficult to find and fix bugs.
ddb>
ddb> set $lines = 0
ddb> set $maxwidth = 0
ddb> show panic
*cpu0: kernel diagnostic assertion "bp->b_data != NULL" failed: file "/syzkaller/managers/main/kernel/sys/kern/vfs_biomem.c", line 235
ddb> trace
db_enter() at db_enter+0x1c sys/arch/amd64/amd64/db_interface.c:437
panic(ffffffff8292d44c) at panic+0x165 sys/kern/subr_prf.c:198
__assert(ffffffff828e346f,ffffffff828f0e96,eb,ffffffff82870b09) at __assert+0x29 sys/kern/subr_prf.c:157
buf_unmap(fffffd8079396258) at buf_unmap+0x1a8 sys/kern/vfs_biomem.c:235
buf_map(fffffd806b7858c0) at buf_map+0x1c6 sys/kern/vfs_biomem.c:117
buf_get(fffffd805bc42a40,3e,4000) at buf_get+0x42f sys/kern/vfs_bio.c:1175
getblk(fffffd805bc42a40,3e,4000,0,ffffffffffffffff) at getblk+0xfd sys/kern/vfs_bio.c:1044
ffs2_balloc(fffffd807cd6f2e0,f8000,11,fffffd807f7d76e8,1,ffff80002a69ccb8) at ffs2_balloc+0x11d9 sys/ufs/ffs/ffs_balloc.c:684
ffs_write(ffff80002a69cd40) at ffs_write+0x3c7 sys/ufs/ffs/ffs_vnops.c:345
VOP_WRITE(fffffd805bc42a40,ffff80002a69cdf0,3,fffffd807f7d76e8) at VOP_WRITE+0xc3 sys/kern/vfs_vops.c:245
ktrwriteraw(ffff80002a6ac7f0,fffffd805bc42a40,fffffd807f7d76e8,ffff80002a69ceb8,ffff80002a69ce90) at ktrwriteraw+0x149 sys/kern/kern_ktrace.c:682
ktrstruct(ffff80002a6ac7f0,ffffffff82859f91,ffff80002a69cf78,10) at ktrstruct+0x163 ktrwrite2 sys/kern/kern_ktrace.c:645 [inline]
ktrstruct(ffff80002a6ac7f0,ffffffff82859f91,ffff80002a69cf78,10) at ktrstruct+0x163 sys/kern/kern_ktrace.c:308
sys_setrlimit(ffff80002a6ac7f0,ffff80002a69d0b0,ffff80002a69d000) at sys_setrlimit+0xba sys/kern/kern_resource.c:239
syscall(ffff80002a69d0b0) at syscall+0x72a sys/arch/amd64/amd64/trap.c:577
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x7e78ea6bd720, count: -15
ddb> show registers
rdi 0
rsi 0x1
rbp 0xffff80002a69c640
rbx 0xfffffd806b785801
rdx 0
rcx 0
rax 0xffff80002a6ac7f0
r8 0x101010101010101
r9 0x8080808080808080
r10 0x21a3159ad557372
r11 0xa97d93a7688f87d8
r12 0
r13 0
r14 0
r15 0x1
rip 0xffffffff82782c8c db_enter+0x1c
cs 0x8
rflags 0x246
rsp 0xffff80002a69c630
ss 0x10
db_enter+0x1c: addq $0x8,%rsp
ddb> show proc
PROC (syz-executor.7) tid=114816 pid=31548 tcnt=1 stat=onproc
flags process=8000002<EXEC> proc=1<INKTR>
runpri=17, usrpri=52, slppri=17, nice=20
wchan=0x0, wmesg=, ps_single=0x0
forw=0xffffffffffffffff, list=0xffff80002a6adc70,0xffff80002a6ac570
process=0xffff8000343f2e28 user=0xffff80002a698000, vmspace=0xfffffd806b354ad8
estcpu=2, cpticks=1, pctcpu=0.0, user=0, sys=1, intr=0
ddb> ps
PID TID PPID UID S FLAGS WAIT COMMAND
53641 132074 43363 0 2 0x8000000 syz-executor.0
53641 5054 43363 0 2 0xc000000 syz-executor.0
24927 189480 13377 0 2 0x8000000 syz-executor.3
*31548 114816 58236 0 7 0x8000003 syz-executor.7
31418 402304 38146 0 2 0x8000000 syz-executor.4
31418 336094 38146 0 2 0xc000000 syz-executor.4
31418 468599 38146 0 3 0xc000080 fsleep syz-executor.4
55757 92006 3827 0 2 0x8000000 syz-executor.1
55757 333191 3827 0 3 0xc000080 fsleep syz-executor.1
13377 345710 58236 0 3 0x8000082 nanoslp syz-executor.3
67539 458332 58236 0 2 0x8000002 syz-executor.5
38146 130984 58236 0 3 0x8000082 nanoslp syz-executor.4
22523 61876 0 0 3 0x14280 nfsidl nfsio
95335 91064 0 0 3 0x14280 nfsidl nfsio
57636 523674 0 0 3 0x14280 nfsidl nfsio
14312 368980 0 0 3 0x14280 nfsidl nfsio
76266 448675 0 0 3 0x14280 nfsidl nfsio
16190 434091 0 0 3 0x14280 nfsidl nfsio
73551 486547 0 0 3 0x14280 nfsidl nfsio
64412 376824 0 0 3 0x14280 nfsidl nfsio
84372 73465 0 0 3 0x14280 nfsidl nfsio
19731 96502 0 0 3 0x14280 nfsidl nfsio
83358 102065 0 0 3 0x14280 nfsidl nfsio
21262 262514 0 0 3 0x14280 nfsidl nfsio
80267 363490 0 0 3 0x14280 nfsidl nfsio
48887 191645 0 0 3 0x14280 nfsidl nfsio
13904 30566 0 0 3 0x14280 nfsidl nfsio
64108 404568 0 0 3 0x14280 nfsidl nfsio
28022 427489 0 0 3 0x14280 nfsidl nfsio
43593 68813 0 0 3 0x14280 nfsidl nfsio
88678 315820 0 0 3 0x14280 nfsidl nfsio
65117 25221 0 0 3 0x14280 nfsidl nfsio
3827 34543 58236 0 3 0x8000082 nanoslp syz-executor.1
43363 195483 58236 0 3 0x8000082 nanoslp syz-executor.0
9695 125514 0 0 3 0x14200 bored sosplice
31955 204144 58236 0 3 0x8000082 nanoslp syz-executor.6
61016 308904 13893 0 3 0x18100082 netio ndp
13893 161278 1 0 3 0x810008a sigsusp sh
35236 51726 58236 0 2 0x8000002 syz-executor.2
58236 318565 35315 0 3 0x1a000082 thrsleep syz-fuzzer
58236 166999 35315 0 3 0x1e000082 nanoslp syz-fuzzer
58236 163056 35315 0 3 0x1e000082 wait syz-fuzzer
58236 468273 35315 0 3 0x1e000082 wait syz-fuzzer
58236 420245 35315 0 3 0x1e000082 thrsleep syz-fuzzer
58236 454320 35315 0 3 0x1e000082 thrsleep syz-fuzzer
58236 255035 35315 0 3 0x1e000082 wait syz-fuzzer
58236 48320 35315 0 3 0x1e000082 thrsleep syz-fuzzer
58236 356043 35315 0 3 0x1e000082 wait syz-fuzzer
58236 477228 35315 0 3 0x1e000082 wait syz-fuzzer
58236 7227 35315 0 3 0x1e000082 thrsleep syz-fuzzer
58236 235612 35315 0 3 0x1e000082 wait syz-fuzzer
58236 240837 35315 0 3 0x1e000082 wait syz-fuzzer
58236 373988 35315 0 3 0x1e000082 thrsleep syz-fuzzer
58236 222078 35315 0 3 0x1e000082 wait syz-fuzzer
35315 194458 49706 0 3 0x810008a sigsusp ksh
49706 180804 71409 0 3 0x1800009a kqread sshd
40979 500242 1 0 3 0x18100083 ttyin getty
71409 176521 1 0 3 0x18000088 kqread sshd
85355 276793 77355 73 3 0x19100090 kqread syslogd
77355 359170 1 0 3 0x18100082 sbwait syslogd
94666 305010 1 0 3 0x18100080 kqread resolvd
51375 36330 79248 77 3 0x18100092 kqread dhcpleased
23218 459001 79248 77 3 0x18100092 kqread dhcpleased
79248 497556 1 0 3 0x18000080 kqread dhcpleased
23693 101547 0 0 3 0x14200 bored smr
59686 319258 0 0 2 0x14200 zerothread
99309 231772 0 0 3 0x14200 aiodoned aiodoned
49627 98267 0 0 3 0x14200 syncer update
44693 158973 0 0 3 0x14200 cleaner cleaner
38460 57707 0 0 3 0x14200 reaper reaper
70366 271892 0 0 3 0x14200 pgdaemon pagedaemon
13505 369104 0 0 3 0x14200 bored viomb
39693 427766 0 0 3 0x40014200 acpi0 acpi0
49069 253482 0 0 3 0x14200 bored softnet3
13670 450840 0 0 3 0x14200 bored softnet2
90798 390538 0 0 3 0x14200 bored softnet1
10932 114062 0 0 3 0x14200 bored softnet0
97921 215949 0 0 3 0x14200 bored systqmp
65894 2831 0 0 3 0x14200 bored systq
12741 272780 0 0 3 0x40014200 tmoslp softclock
4499 280779 0 0 3 0x40014200 idle0
1 130989 0 0 3 0x8080082 wait init
0 0 -1 0 3 0x10200 scheduler swapper
ddb> show all locks
No such command
ddb> show malloc
Type InUse MemUse HighUse Limit Requests Type Lim
devbuf 10171 6415K 7247K 166960K 15325 0
pcb 16 14K 16K 166960K 326 0
rtable 216 8K 9K 166960K 931 0
pf 27 8K 9K 166960K 82 0
ifaddr 38 10K 11K 166960K 103 0
ifgroup 46 2K 2K 166960K 143 0
sysctl 3 1K 1K 166960K 4 0
counters 29 17K 17K 166960K 54 0
ioctlops 0 0K 2K 166960K 173 0
iov 0 0K 18K 166960K 206 0
mount 1 1K 1K 166960K 1 0
log 0 0K 0K 166960K 4 0
vnodes 1502 94K 95K 166960K 3012 0
UFS quota 1 32K 32K 166960K 1 0
UFS mount 5 36K 36K 166960K 5 0
shm 2 1K 9K 166960K 58 0
VM map 2 1K 1K 166960K 2 0
sem 12 0K 1K 166960K 205 0
dirhash 12 2K 3K 166960K 36 0
ACPI 1697 195K 286K 166960K 12548 0
file desc 16 57K 77K 166960K 2072 0
sigio 0 0K 0K 166960K 101 0
proc 60 59K 75K 166960K 875 0
subproc 117 7K 7K 166960K 253 0
NFS srvsock 1 0K 0K 166960K 1 0
NFS daemon 1 16K 16K 166960K 1 0
ip_moptions 0 0K 0K 166960K 526 0
in_multi 87 6K 7K 166960K 263 0
ether_multi 2 0K 0K 166960K 11 0
mrt 2 0K 0K 166960K 7 0
ISOFS mount 1 32K 32K 166960K 1 0
MSDOSFS mount 1 16K 16K 166960K 1 0
ttys 97 440K 440K 166960K 97 0
exec 0 0K 1K 166960K 876 0
pfkey data 0 0K 1K 166960K 5 0
tdb 3 0K 0K 166960K 3 0
VM swap 8 62K 64K 166960K 10 0
UVM amap 305 185K 197K 166960K 20108 0
UVM aobj 108 3K 4K 166960K 114 0
pinsyscall 37 74K 100K 166960K 3459 0
memdesc 1 4K 4K 166960K 1 0
crypto data 1 1K 1K 166960K 1 0
ip6_options 0 0K 0K 166960K 104 0
NDP 10 0K 2K 166960K 71 0
temp 75 6804K 7440K 166960K 33185 0
kqueue 12 18K 26K 166960K 261 0
SYN cache 2 16K 16K 166960K 2 0
ddb> show all pools
Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle
rtpcb 120 180 0 176 1 0 1 1 0 8 0
rtentry 112 316 0 218 4 0 4 4 0 8 0
unpcb 144 1859 0 1844 6 0 6 6 0 8 5
syncache 336 57 0 57 1 0 1 1 0 8 1
sackhl 24 3 0 3 1 0 1 1 0 8 1
tcpqe 32 159 0 159 1 0 1 1 0 8 1
tcpcb 808 840 0 816 15 4 11 15 0 8 8
arp 88 40 0 26 1 0 1 1 0 8 0
ipq 40 1 0 1 1 0 1 1 0 8 1
ipqe 40 44 0 44 1 0 1 1 0 8 1
inpcb 360 2620 0 2591 14 2 12 14 0 8 8
nd6 104 59 0 35 1 0 1 1 0 8 0
pkpcb 40 81 0 81 1 0 1 1 0 8 1
kcovpl 48 19 0 10 1 0 1 1 0 8 0
ppxss 1072 4 0 4 1 0 1 1 0 8 1
art_heap8 4096 1 0 0 1 0 1 1 0 8 0
art_heap4 256 914 0 498 29 0 29 29 0 8 3
art_table 32 915 0 498 4 0 4 4 0 8 0
art_node 16 231 0 142 1 0 1 1 0 8 0
sysvmsgpl 40 34 0 19 1 0 1 1 0 8 0
semupl 112 2 0 2 1 0 1 1 0 8 1
semapl 112 200 0 190 1 0 1 1 0 8 0
shmpl 112 111 0 6 3 0 3 3 0 8 0
dirhash 1024 33 0 16 3 0 3 3 0 8 0
dino2pl 256 4566 0 3053 96 0 96 96 0 8 0
ffsino 240 4566 0 3053 90 0 90 90 0 8 0
nchpl 144 7621 0 5893 66 0 66 66 0 8 0
uvmvnodes 80 5822 0 0 119 0 119 119 0 8 0
vnodes 216 5822 0 0 324 0 324 324 0 8 0
namei 1024 25802 0 25802 2 0 2 2 0 8 2
vcpupl 2048 14 0 1 2 0 2 2 0 8 0
vmpool 664 19 0 6 2 0 2 2 0 8 0
kstatmem 264 70 0 50 2 0 2 2 0 8 0
scxspl 216 26576 0 26575 8 0 8 8 1 8 7
plimitpl 152 358 0 342 1 0 1 1 0 8 0
sigapl 424 2368 0 2303 8 0 8 8 0 8 0
futexpl 64 29240 0 29238 1 0 1 1 0 8 0
knotepl 120 20483 0 20399 10 0 10 10 0 8 7
kqueuepl 184 598 0 590 4 0 4 4 0 8 3
pipepl 288 419 0 388 7 0 7 7 0 8 4
fdescpl 432 2330 0 2303 4 0 4 4 0 8 0
filepl 120 15634 0 15378 15 0 15 15 0 8 5
lockfpl 104 580 0 578 1 0 1 1 0 8 0
lockfspl 48 267 0 265 1 0 1 1 0 8 0
sessionpl 144 34 0 17 1 0 1 1 0 8 0
pgrppl 48 265 0 248 1 0 1 1 0 8 0
ucredpl 104 2247 0 2237 1 0 1 1 0 8 0
zombiepl 144 2304 0 2303 1 0 1 1 0 8 0
processpl 1072 2368 0 2303 5 0 5 5 0 8 0
procpl 656 4754 0 4671 9 0 9 9 0 8 0
sosppl 168 64 0 64 1 0 1 1 0 8 1
sockpl 488 4752 0 4704 61 45 16 29 0 8 8
mcl64k 65536 81 0 81 1 0 1 1 0 8 1
mcl16k 16384 60 0 60 1 0 1 1 0 8 1
mcl12k 12288 104 0 104 1 0 1 1 0 8 1
mcl9k 9216 18 0 18 1 0 1 1 0 8 1
mcl8k 8192 141 0 140 1 0 1 1 0 8 0
mcl4k 4096 284 0 284 1 0 1 1 0 8 1
mcl2k2 2112 11 0 11 1 0 1 1 0 8 1
mcl2k 2048 32245 0 32197 39 25 14 39 0 8 6
mtagpl 96 452 0 209 9 0 9 9 0 8 1
mbufpl 256 84691 0 84277 44 8 36 36 0 8 5
bufpl 280 7884 0 1554 453 0 453 453 0 8 0
bufpl: pool(0xffffffff82d3de58:bufpl): page inconsistency: page 0x0; at page head addr 0xfffffd8079396f90 (p 0xfffffd8079396000)
anonpl 24 378870 0 373262 65 0 65 65 0 188 17
amapchunkpl 152 64856 0 64257 39 0 39 39 0 158 9
amappl16 200 8813 0 8720 33 18 15 18 0 8 8
amappl15 192 19 0 18 1 0 1 1 0 8 0
amappl14 184 199 0 184 2 0 2 2 0 8 1
amappl13 176 12 0 12 1 0 1 1 0 8 1
amappl12 168 3134 0 3104 2 0 2 2 0 8 0
amappl11 160 45 0 35 1 0 1 1 0 8 0
amappl10 152 89 0 72 1 0 1 1 0 8 0
amappl9 144 187 0 185 1 0 1 1 0 8 0
amappl8 136 262 0 196 3 0 3 3 0 8 0
amappl7 128 60 0 48 1 0 1 1 0 8 0
amappl6 120 510 0 489 2 0 2 2 0 8 0
amappl5 112 240 0 227 1 0 1 1 0 8 0
amappl4 104 622 0 586 2 0 2 2 0 8 0
amappl3 96 12989 0 12922 3 0 3 3 0 8 0
amappl2 88 2877 0 2806 3 0 3 3 0 8 1
amappl1 80 17073 0 16563 22 2 20 22 0 8 8
amappl 88 19354 0 19170 6 0 6 6 0 92 0
dma4096 4096 1 0 1 1 0 1 1 0 8 1
dma1024 1024 1 0 0 1 0 1 1 0 8 0
dma256 256 6 0 6 1 0 1 1 0 8 1
dma128 128 253 0 253 1 0 1 1 0 8 1
dma64 64 6 0 6 1 0 1 1 0 8 1
dma32 32 7 0 7 1 0 1 1 0 8 1
dma16 16 18 0 17 1 0 1 1 0 8 0
aobjpl 72 113 0 6 2 0 2 2 0 8 0
uaddrrnd 24 2349 0 2309 1 0 1 1 0 8 0
uaddrbest 32 2 0 0 1 0 1 1 0 8 0
uaddr 24 2349 0 2309 1 0 1 1 0 8 0
vmmpekpl 168 19570 0 19508 3 0 3 3 0 8 0
vmmpepl 168 158726 0 156896 110 0 110 110 0 357 19
vmsppl 344 2348 0 2309 4 0 4 4 0 8 0
rwobjpl 24 49488 0 42460 43 0 43 43 0 8 0
pdppl 4096 4704 0 4631 162 85 77 82 0 8 4
pvpl 32 963566 0 952114 358 13 345 358 0 265 231
pmappl 216 2348 0 2309 3 0 3 3 0 8 0
extentpl 40 56 0 38 1 0 1 1 0 8 0
phpool 112 498 0 122 11 0 11 11 0 8 0
ddb> machine ddbcpu 0
No such command
ddb> trace
db_enter() at db_enter+0x1c sys/arch/amd64/amd64/db_interface.c:437
panic(ffffffff8292d44c) at panic+0x165 sys/kern/subr_prf.c:198
__assert(ffffffff828e346f,ffffffff828f0e96,eb,ffffffff82870b09) at __assert+0x29 sys/kern/subr_prf.c:157
buf_unmap(fffffd8079396258) at buf_unmap+0x1a8 sys/kern/vfs_biomem.c:235
buf_map(fffffd806b7858c0) at buf_map+0x1c6 sys/kern/vfs_biomem.c:117
buf_get(fffffd805bc42a40,3e,4000) at buf_get+0x42f sys/kern/vfs_bio.c:1175
getblk(fffffd805bc42a40,3e,4000,0,ffffffffffffffff) at getblk+0xfd sys/kern/vfs_bio.c:1044
ffs2_balloc(fffffd807cd6f2e0,f8000,11,fffffd807f7d76e8,1,ffff80002a69ccb8) at ffs2_balloc+0x11d9 sys/ufs/ffs/ffs_balloc.c:684
ffs_write(ffff80002a69cd40) at ffs_write+0x3c7 sys/ufs/ffs/ffs_vnops.c:345
VOP_WRITE(fffffd805bc42a40,ffff80002a69cdf0,3,fffffd807f7d76e8) at VOP_WRITE+0xc3 sys/kern/vfs_vops.c:245
ktrwriteraw(ffff80002a6ac7f0,fffffd805bc42a40,fffffd807f7d76e8,ffff80002a69ceb8,ffff80002a69ce90) at ktrwriteraw+0x149 sys/kern/kern_ktrace.c:682
ktrstruct(ffff80002a6ac7f0,ffffffff82859f91,ffff80002a69cf78,10) at ktrstruct+0x163 ktrwrite2 sys/kern/kern_ktrace.c:645 [inline]
ktrstruct(ffff80002a6ac7f0,ffffffff82859f91,ffff80002a69cf78,10) at ktrstruct+0x163 sys/kern/kern_ktrace.c:308
sys_setrlimit(ffff80002a6ac7f0,ffff80002a69d0b0,ffff80002a69d000) at sys_setrlimit+0xba sys/kern/kern_resource.c:239
syscall(ffff80002a69d0b0) at syscall+0x72a sys/arch/amd64/amd64/trap.c:577
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x7e78ea6bd720, count: -15
ddb> machine ddbcpu 1
No such command
ddb> trace
db_enter() at db_enter+0x1c sys/arch/amd64/amd64/db_interface.c:437
panic(ffffffff8292d44c) at panic+0x165 sys/kern/subr_prf.c:198
__assert(ffffffff828e346f,ffffffff828f0e96,eb,ffffffff82870b09) at __assert+0x29 sys/kern/subr_prf.c:157
buf_unmap(fffffd8079396258) at buf_unmap+0x1a8 sys/kern/vfs_biomem.c:235
buf_map(fffffd806b7858c0) at buf_map+0x1c6 sys/kern/vfs_biomem.c:117
buf_get(fffffd805bc42a40,3e,4000) at buf_get+0x42f sys/kern/vfs_bio.c:1175
getblk(fffffd805bc42a40,3e,4000,0,ffffffffffffffff) at getblk+0xfd sys/kern/vfs_bio.c:1044
ffs2_balloc(fffffd807cd6f2e0,f8000,11,fffffd807f7d76e8,1,ffff80002a69ccb8) at ffs2_balloc+0x11d9 sys/ufs/ffs/ffs_balloc.c:684
ffs_write(ffff80002a69cd40) at ffs_write+0x3c7 sys/ufs/ffs/ffs_vnops.c:345
VOP_WRITE(fffffd805bc42a40,ffff80002a69cdf0,3,fffffd807f7d76e8) at VOP_WRITE+0xc3 sys/kern/vfs_vops.c:245
ktrwriteraw(ffff80002a6ac7f0,fffffd805bc42a40,fffffd807f7d76e8,ffff80002a69ceb8,ffff80002a69ce90) at ktrwriteraw+0x149 sys/kern/kern_ktrace.c:682
ktrstruct(ffff80002a6ac7f0,ffffffff82859f91,ffff80002a69cf78,10) at ktrstruct+0x163 ktrwrite2 sys/kern/kern_ktrace.c:645 [inline]
ktrstruct(ffff80002a6ac7f0,ffffffff82859f91,ffff80002a69cf78,10) at ktrstruct+0x163 sys/kern/kern_ktrace.c:308
sys_setrlimit(ffff80002a6ac7f0,ffff80002a69d0b0,ffff80002a69d000) at sys_setrlimit+0xba sys/kern/kern_resource.c:239
syscall(ffff80002a69d0b0) at syscall+0x72a sys/arch/amd64/amd64/trap.c:577
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x7e78ea6bd720, count: -15
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
If the report is already addressed, let syzbot know by replying with:
#syz fix: exact-commit-title
If you want to overwrite report's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)
If the report is a duplicate of another one, reply with:
#syz dup: exact-subject-of-another-report
If you want to undo deduplication, reply with:
#syz undup
Reply all
Reply to author
Forward
0 new messages