panic: kernel diagnostic assertion "(pg->pg_flags & (PQ_INACTIVE|PQ_ACTIVE)) == NUM" failed: file "/syzkaller/managers/m
0 views
Skip to first unread message
syzbot
7:33 AM (3 hours ago) 7:33 AM
to syzkaller-o...@googlegroups.com
Hello,
syzbot found the following issue on:
HEAD commit: 6168265ddf60 Enable USBVERBOSE like we do on other modern ..
git tree: openbsd
console output: https://syzkaller.appspot.com/x/log.txt?x=12b0d592580000
kernel config: https://syzkaller.appspot.com/x/.config?x=7058272de1526588
dashboard link: https://syzkaller.appspot.com/bug?extid=cf1f0b70220496608003
Unfortunately, I don't have any reproducer for this issue yet.
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/cf4b93abf396/disk-6168265d.raw.xz
bsd.gdb: https://storage.googleapis.com/syzbot-assets/138f37bbc595/bsd-6168265d.gdb.xz
kernel image: https://storage.googleapis.com/syzbot-assets/9455b16a45cc/kernel-6168265d.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+cf1f0b...@syzkaller.appspotmail.com
panic:WA kRerNnIeNlG: dSPL iNaOgnoTsti c LOWEasREserDt iOoN nT R"A(Ppg E->XpITg_ fal a0gs
Stopped at proc_trampoline+0xc7: movl $0,%gs:0x688
TID PID UID PRFLAGS PFLAGS CPU COMMAND
*106615 26020 0 0 0 0 syz-executor
162632 30450 0 0 0 1 syz-executor
proc_trampoline() at proc_trampoline+0xc7
end of kernel
end trace frame: 0x7f53f1004000, count: 14
https://www.openbsd.org/ddb.html describes the minimum info required in bug
reports. Insufficient info makes it difficult to find and fix bugs.
ddb{0}>
ddb{0}> set $lines = 0
ddb{0}> set $maxwidth = 0
ddb{0}> show panic
*cpu1: kernel diagnostic assertion "(pg->pg_flags & (PQ_INACTIVE|PQ_ACTIVE)) == 0" failed: file "/syzkaller/managers/multicore/kernel/sys/uvm/uvm_page.c", line 1309
ddb{0}> trace
proc_trampoline() at proc_trampoline+0xc7
end of kernel
end trace frame: 0x7f53f1004000, count: -1
ddb{0}> show registers
rdi 0
rsi 0
rbp 0xffff80003c419f10
rbx 0
rdx 0
rcx 0xffff8000fffe9248
rax 0x2a
r8 0xffff80003c419e40
r9 0
r10 0x754fc39db2b1be1
r11 0xc6cef28e45778225
r12 0
r13 0xffffffff829f25b8 Xdoreti+0x18
r14 0
r15 0
rip 0xffffffff8293e4c7 proc_trampoline+0xc7
cs 0x8
rflags 0x246
rsp 0xffff80003c419e90
ss 0
proc_trampoline+0xc7: movl $0,%gs:0x688
ddb{0}> show proc
PROC (syz-executor) tid=106615 pid=26020 tcnt=2 stat=onproc
flags process=0 proc=0
runpri=81, usrpri=81, slppri=17, nice=20
wchan=0x0, wmesg=, ps_single=0x0 scnt=0 ecnt=0
forw=0xffffffffffffffff, list=0xffff8000fffe9778,0xffff80002a270fb8
process=0xffff8000fffcdd08 user=0xffff80003c414000, vmspace=0xfffffd805db529b8
estcpu=31, cpticks=4, pctcpu=0.0, user=2, sys=2, intr=0
ddb{0}> ps
PID TID PPID UID S FLAGS WAIT COMMAND
66702 248786 63775 0 3 0x80 nanoslp syz-executor
66702 68748 63775 0 3 0x4000080 fsleep syz-executor
42879 365963 67812 0 2 0 syz-executor
42879 489506 67812 0 3 0x4000080 fsleep syz-executor
*26020 106615 19019 0 7 0 syz-executor
26020 395236 19019 0 2 0x4000000 syz-executor
30450 162632 86865 0 7 0 syz-executor
30450 377975 86865 0 3 0x4000080 fsleep syz-executor
50701 120802 47422 0 2 0 syz-executor
50701 194200 47422 0 3 0x4000080 fsleep syz-executor
50701 323356 47422 0 3 0x4000080 fsleep syz-executor
14847 202928 1 0 3 0x100083 ttyin getty
45081 179511 0 0 3 0x14200 acct acct
73574 459738 0 0 3 0x14280 nfsidl nfsio
46851 450508 0 0 3 0x14280 nfsidl nfsio
10205 322300 0 0 3 0x14280 nfsidl nfsio
2307 328346 0 0 3 0x14280 nfsidl nfsio
43567 342221 0 0 3 0x14280 nfsidl nfsio
29979 369252 0 0 3 0x14280 nfsidl nfsio
74928 102790 0 0 3 0x14280 nfsidl nfsio
9170 189846 0 0 3 0x14280 nfsidl nfsio
8963 98471 0 0 3 0x14280 nfsidl nfsio
9764 247427 0 0 3 0x14280 nfsidl nfsio
52602 1239 0 0 3 0x14280 nfsidl nfsio
5186 481489 0 0 3 0x14280 nfsidl nfsio
7375 463876 0 0 3 0x14280 nfsidl nfsio
53678 174607 0 0 3 0x14280 nfsidl nfsio
44343 399597 0 0 3 0x14280 nfsidl nfsio
12140 343078 0 0 3 0x14280 nfsidl nfsio
85825 214152 0 0 3 0x14280 nfsidl nfsio
59835 344121 0 0 3 0x14280 nfsidl nfsio
87863 401507 0 0 3 0x14280 nfsidl nfsio
92141 84008 0 0 3 0x14280 nfsidl nfsio
86865 72420 28259 0 3 0x82 nanoslp syz-executor
19019 425552 28259 0 3 0x82 nanoslp syz-executor
63775 455690 28259 0 3 0x82 nanoslp syz-executor
44309 155498 28259 0 3 0x82 nanoslp syz-executor
4601 207574 28259 0 3 0x82 nanoslp syz-executor
67812 204821 28259 0 3 0x82 nanoslp syz-executor
47422 70925 28259 0 3 0x82 nanoslp syz-executor
9713 2767 28259 0 3 0x2 biowait syz-executor
28259 273206 95821 0 3 0x82 kqread syz-executor
95821 194781 46373 0 3 0x10008a sigsusp ksh
46373 18060 89246 0 3 0x98 kqread sshd-session
89246 308803 21343 0 3 0x92 kqread sshd-session
21343 104674 1 0 3 0x88 kqread sshd
60322 32660 18601 74 3 0x1100092 bpf pflogd
18601 427430 1 0 3 0x80 sbwait pflogd
94431 165729 41680 73 3 0x1100090 kqread syslogd
41680 248966 1 0 3 0x100082 sbwait syslogd
61648 341331 1 0 3 0x100080 kqread resolvd
57604 53909 65650 77 3 0x100092 kqread dhcpleased
84688 68034 65650 77 3 0x100092 kqread dhcpleased
65650 267930 1 0 3 0x80 kqread dhcpleased
10893 184161 0 0 3 0x14200 bored smr
72164 57426 0 0 2 0x14200 zerothread
36007 469814 0 0 3 0x14200 aiodoned aiodoned
11300 475012 0 0 3 0x14200 syncer update
22049 426436 0 0 3 0x14200 cleaner cleaner
39841 429537 0 0 2 0x14200 reaper
2104 344796 0 0 3 0x14200 pgdaemon pagedaemon
43223 297585 0 0 3 0x14200 bored viomb
60742 52262 0 0 3 0x40014200 acpi0 acpi0
49002 273671 0 0 3 0x40014200 idle1
44813 303049 0 0 3 0x14200 bored softnet1
9116 459639 0 0 3 0x14200 bored softnet0
54238 179058 0 0 3 0x14200 bored systqmp
3390 183641 0 0 3 0x14200 bored systq
70595 506290 0 0 3 0x14200 tmoslp softclockmp
43846 446009 0 0 3 0x40014200 tmoslp softclock
30096 177666 0 0 3 0x40014200 idle0
1 37318 0 0 3 0x82 wait init
0 0 -1 0 3 0x10010200 scheduler swapper
ddb{0}> show all locks
CPU 0:
exclusive mutex &uvm.fpageqlock r = 0 (0xffffffff839e74c0)
#0 witness_lock+0x5f1 stacktrace_save sys/sys/stacktrace.h:37 [inline]
#0 witness_lock+0x5f1 sys/kern/subr_witness.c:1160
#1 mtx_enter_try+0x1ad sys/kern/kern_lock.c:311
#2 mtx_enter+0x62 sys/kern/kern_lock.c:261
#3 uvm_pmr_freepages+0x1a8 sys/uvm/uvm_pmemrange.c:-1
#4 pmap_do_remove+0x89f sys/arch/amd64/amd64/pmap.c:1939
#5 uvm_unmap_kill_entry_withlock+0x269 sys/uvm/uvm_map.c:1863
#6 uvm_map_teardown+0x117 uvm_map_addr_RBT_LEFT sys/uvm/uvm_map.h:-1 [inline]
#6 uvm_map_teardown+0x117 sys/uvm/uvm_map.c:2486
#7 exit1+0x6fc sys/kern/kern_exit.c:260
#8 sys_exit+0x1a sys/kern/kern_exit.c:-1
#9 syscall+0xb17 mi_syscall sys/sys/syscall_mi.h:176 [inline]
#9 syscall+0xb17 sys/arch/amd64/amd64/trap.c:775
#10 Xsyscall+0x128
Process 30450 (syz-executor) thread 0xffff8000fffe9778 (162632)
exclusive rwlock uobjlk r = 0 (0xfffffd806066bea8)
#0 witness_lock+0x5f1 stacktrace_save sys/sys/stacktrace.h:37 [inline]
#0 witness_lock+0x5f1 sys/kern/subr_witness.c:1160
#1 rw_do_enter_write+0x419 sys/kern/kern_rwlock.c:320
#2 uvm_fault_lower_lookup+0x53 sys/uvm/uvm_fault.c:1204
#3 uvm_fault_lower+0x89 sys/uvm/uvm_fault.c:1334
#4 uvm_fault+0x274 sys/uvm/uvm_fault.c:-1
#5 upageflttrap+0xa9 sys/arch/amd64/amd64/trap.c:192
#6 usertrap+0x42f sys/arch/amd64/amd64/trap.c:632
#7 recall_trap+0x8
shared rwlock vmmaplk r = 0 (0xfffffd805db52130)
#0 witness_lock+0x5f1 stacktrace_save sys/sys/stacktrace.h:37 [inline]
#0 witness_lock+0x5f1 sys/kern/subr_witness.c:1160
#1 rw_do_enter_read+0x3e8 sys/kern/kern_rwlock.c:413
#2 uvmfault_lookup+0x122 sys/uvm/uvm_fault.c:1880
#3 uvm_fault_check+0x4f sys/uvm/uvm_fault.c:693
#4 uvm_fault+0x106 sys/uvm/uvm_fault.c:627
#5 upageflttrap+0xa9 sys/arch/amd64/amd64/trap.c:192
#6 usertrap+0x42f sys/arch/amd64/amd64/trap.c:632
#7 recall_trap+0x8
Process 9713 (syz-executor) thread 0xffff8000ffffd4c8 (2767)
exclusive rrwlock inode r = 0 (0xfffffd806e89f488)
#0 witness_lock+0x5f1 stacktrace_save sys/sys/stacktrace.h:37 [inline]
#0 witness_lock+0x5f1 sys/kern/subr_witness.c:1160
#1 rw_do_enter_write+0x419 sys/kern/kern_rwlock.c:320
#2 rrw_enter+0xc6 sys/kern/kern_rwlock.c:621
#3 VOP_LOCK+0xa3 sys/kern/vfs_vops.c:527
#4 ufs_ihashins+0x4f ufs_ihash sys/ufs/ufs/ufs_ihash.c:-1 [inline]
#4 ufs_ihashins+0x4f sys/ufs/ufs/ufs_ihash.c:159
#5 ffs_vget+0x187 sys/ufs/ffs/ffs_vfsops.c:1232
#6 ffs_inode_alloc+0x279 sys/ufs/ffs/ffs_alloc.c:393
#7 ufs_mkdir+0xfc sys/ufs/ufs/ufs_vnops.c:1112
#8 VOP_MKDIR+0x101 sys/kern/vfs_vops.c:394
#9 domkdirat+0x179 sys/kern/vfs_syscalls.c:3113
#10 syscall+0xb17 mi_syscall sys/sys/syscall_mi.h:176 [inline]
#10 syscall+0xb17 sys/arch/amd64/amd64/trap.c:775
#11 Xsyscall+0x128
exclusive rrwlock inode r = 0 (0xfffffd80709eed80)
#0 witness_lock+0x5f1 stacktrace_save sys/sys/stacktrace.h:37 [inline]
#0 witness_lock+0x5f1 sys/kern/subr_witness.c:1160
#1 rw_do_enter_write+0x419 sys/kern/kern_rwlock.c:320
#2 rrw_enter+0xc6 sys/kern/kern_rwlock.c:621
#3 VOP_LOCK+0xa3 sys/kern/vfs_vops.c:527
#4 vn_lock+0xa4 sys/kern/vfs_vnops.c:570
#5 vfs_lookup+0x11c sys/kern/vfs_lookup.c:-1
#6 namei+0x7ca sys/kern/vfs_lookup.c:250
#7 domkdirat+0x8b sys/kern/vfs_syscalls.c:3098
#8 syscall+0xb17 mi_syscall sys/sys/syscall_mi.h:176 [inline]
#8 syscall+0xb17 sys/arch/amd64/amd64/trap.c:775
#9 Xsyscall+0x128
ddb{0}> show malloc
Type InUse MemUse HighUse Limit Requests Type Lim
devbuf 10211 11124K 12632K 166960K 13239 0
pcb 17 16K 20K 166960K 331 0
rtable 177 7K 8K 166960K 500 0
pf 29 16K 18K 166960K 121 0
ifaddr 32 5K 7K 166960K 87 0
ifgroup 43 2K 2K 166960K 132 0
sysctl 3 1K 9K 166960K 17 0
counters 64 36K 37K 166960K 154 0
ioctlops 0 0K 4K 166960K 1633 0
iov 0 0K 16K 166960K 127 0
mount 1 1K 1K 166960K 1 0
log 0 0K 0K 166960K 4 0
vnodes 1453 91K 92K 166960K 2355 0
UFS quota 1 32K 32K 166960K 1 0
UFS mount 5 36K 36K 166960K 5 0
shm 2 1K 5K 166960K 14 0
VM map 2 1K 1K 166960K 2 0
sem 23 137K 137K 166960K 31 0
dirhash 12 2K 2K 166960K 18 0
ACPI 1692 195K 286K 166960K 12470 0
file desc 18 86K 110K 166960K 1025 0
sigio 0 0K 0K 166960K 22 0
proc 72 115K 163K 166960K 676 0
subproc 72 4K 4K 166960K 72 0
NFS srvsock 1 0K 0K 166960K 1 0
NFS daemon 1 16K 16K 166960K 1 0
ip_moptions 0 0K 0K 166960K 102 0
in_multi 65 4K 7K 166960K 139 0
ether_multi 1 0K 0K 166960K 4 0
mrt 1 0K 0K 166960K 2 0
ISOFS mount 1 32K 32K 166960K 1 0
MSDOSFS mount 1 16K 16K 166960K 1 0
ttys 91 413K 413K 166960K 91 0
exec 0 0K 1K 166960K 500 0
fusefs mount 1 32K 32K 166960K 1 0
tdb 3 0K 0K 166960K 3 0
VM swap 8 62K 64K 166960K 10 0
UVM amap 245 177K 198K 166960K 11328 0
UVM aobj 24 10K 12K 166960K 27 0
pinsyscall 41 82K 105K 166960K 2192 0
memdesc 1 4K 4K 166960K 1 0
crypto data 1 1K 1K 166960K 1 0
ip6_options 0 0K 0K 166960K 68 0
NDP 9 0K 2K 166960K 55 0
temp 69 8677K 8744K 166960K 49602 0
kqueue 13 20K 32K 166960K 205 0
SYN cache 2 16K 16K 166960K 2 0
ddb{0}> show all pools
Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle
plcache 128 26 0 0 1 0 1 1 0 8 0
rtpcb 120 187 0 184 3 0 3 3 0 8 2
rtentry 176 152 0 81 6 0 6 6 0 8 0
unpcb 144 606 0 589 5 1 4 4 0 8 3
syncache 336 8 0 8 3 2 1 1 0 8 1
tcpqe 32 3 0 3 2 1 1 1 0 8 1
tcpcb 736 275 0 268 4 0 4 4 0 8 2
arp 136 22 0 9 1 0 1 1 0 8 0
inpcb 328 1069 0 1059 15 6 9 10 0 8 8
nd6 152 28 0 13 1 0 1 1 0 8 0
pkpcb 40 2 0 2 2 1 1 1 0 8 1
kcovpl 48 8 0 0 1 0 1 1 0 8 0
ppxss 1192 34 0 34 1 0 1 1 0 8 1
pppxif 1504 6 0 6 3 2 1 1 0 8 1
pffrag 232 7 0 1 1 0 1 1 0 482 0
pffrnode 88 6 0 1 1 0 1 1 0 8 0
pffrent 40 9 0 3 1 0 1 1 0 8 0
pfosfp 40 1428 0 1005 5 0 5 5 0 8 0
pfosfpen 112 1428 0 714 21 0 21 21 0 8 0
pfrktable 1344 4 0 4 2 2 0 1 0 8 0
pfstitem 24 76 0 27 1 0 1 1 0 8 0
pfstkey 128 76 0 27 2 0 2 2 0 8 0
pfstate 448 76 0 27 6 0 6 6 0 8 0
pfrule 1344 27 0 22 2 1 1 2 0 8 0
art_heap8 4096 3 0 0 3 0 3 3 0 8 0
art_heap4 256 631 0 318 29 8 21 29 0 8 0
art_table 40 634 0 318 5 0 5 5 0 8 0
art_node 32 151 0 88 1 0 1 1 0 8 0
sysvmsgpl 40 11 0 8 1 0 1 1 0 8 0
semupl 112 1 0 1 1 1 0 1 0 8 0
semapl 112 26 0 5 1 0 1 1 0 8 0
shmpl 112 18 0 1 1 0 1 1 0 8 0
dirhash 1024 21 0 4 3 0 3 3 0 8 0
dino2pl 256 3283 0 1781 96 1 95 96 0 8 0
ffsino 296 3283 0 1781 117 0 117 117 0 8 0
nchpl 144 4761 0 3059 64 0 64 64 0 8 0
rtmask 32 5 0 5 3 2 1 1 0 8 1
vnodes 216 3996 0 0 222 0 222 222 0 8 0
namei 1024 15470 0 15469 2 1 1 2 0 8 0
percpumem 16 92 0 45 1 0 1 1 0 8 0
vcpupl 3968 5 0 1 1 0 1 1 0 8 0
vmpool 840 6 0 2 1 0 1 1 0 8 0
kstatmem 264 76 0 56 2 0 2 2 0 8 0
scsiplug 72 3 0 3 2 2 0 1 0 8 0
scxspl 216 30529 0 30528 6 5 1 4 1 8 0
plimitpl 152 272 0 254 1 0 1 1 0 8 0
sigapl 424 1361 0 1293 8 0 8 8 0 8 0
knotepl 120 748 0 0 23 0 23 23 0 8 0
kqueuepl 224 416 0 407 6 4 2 5 0 8 1
pipepl 344 200 0 173 3 0 3 3 0 8 0
fdescpl 528 1318 0 1288 3 0 3 3 0 8 0
filepl 160 7999 0 7780 23 6 17 23 0 8 6
lockfpl 104 667 0 663 4 3 1 4 0 8 0
lockfspl 48 184 0 181 1 0 1 1 0 8 0
sessionpl 144 28 0 19 1 0 1 1 0 8 0
pgrppl 48 44 0 27 1 0 1 1 0 8 0
ucredpl 104 1198 0 1183 1 0 1 1 0 8 0
zombiepl 144 1295 0 1293 1 0 1 1 0 8 0
processpl 1232 1361 0 1293 6 0 6 6 0 8 0
procpl 664 2926 0 2852 8 0 8 8 0 8 1
sosppl 176 5 0 5 1 1 0 1 0 8 0
sockpl 752 1912 0 1882 26 12 14 20 0 8 10
mcl64k 65536 5 0 0 1 0 1 1 0 8 0
mcl16k 16384 2 0 0 1 0 1 1 0 8 0
mcl12k 12288 2 0 0 1 0 1 1 0 8 0
mcl9k 9216 1 0 0 1 0 1 1 0 8 0
mcl8k 8192 3 0 0 1 0 1 1 0 8 0
mcl4k 4096 112 0 0 14 0 14 14 0 8 0
mcl2k2 2112 1 0 0 1 0 1 1 0 8 0
mcl2k 2048 33 0 0 5 0 5 5 0 8 0
mtagpl 96 24 0 0 1 0 1 1 0 8 0
mbufpl 256 733 0 0 46 0 46 46 0 8 0
bufpl 280 12383 0 6246 439 0 439 439 0 8 0
anonpl 32 10200 0 0 83 0 83 83 0 246 0
amapchunkpl 152 38431 0 37834 36 5 31 32 0 158 5
amappl16 200 5429 0 5393 45 32 13 24 0 8 8
amappl15 192 3 0 3 1 1 0 1 0 8 0
amappl14 184 39 0 39 1 1 0 1 0 8 0
amappl13 176 437 0 436 1 0 1 1 0 8 0
amappl12 168 1718 0 1677 3 0 3 3 0 8 0
amappl11 160 7 0 7 1 1 0 1 0 8 0
amappl10 152 48 0 33 1 0 1 1 0 8 0
amappl9 144 248 0 248 1 1 0 1 0 8 0
amappl8 136 29 0 27 1 0 1 1 0 8 0
amappl7 128 83 0 82 1 0 1 1 0 8 0
amappl6 120 298 0 284 1 0 1 1 0 8 0
amappl5 112 78 0 67 1 0 1 1 0 8 0
amappl4 104 449 0 417 1 0 1 1 0 8 0
amappl3 96 7393 0 7289 5 1 4 4 0 8 0
amappl2 88 576 0 516 2 0 2 2 0 8 0
amappl1 80 13792 0 13204 15 1 14 14 0 8 0
amappl 88 10371 0 10208 5 0 5 5 0 92 0
uvmvnodes 80 145 0 0 3 0 3 3 0 8 0
dma4096 4096 1 0 1 1 1 0 1 0 8 0
dma1024 1024 1 0 0 1 0 1 1 0 8 0
dma512 512 1 0 1 1 1 0 1 0 8 0
dma256 256 8 0 8 2 2 0 1 0 8 0
dma128 128 254 0 254 2 2 0 1 0 8 0
dma64 64 6 0 6 1 1 0 1 0 8 0
dma32 32 7 0 7 1 1 0 1 0 8 0
dma16 16 18 0 17 1 0 1 1 0 8 0
aobjpl 72 26 0 3 1 0 1 1 0 8 0
uaddrrnd 24 1318 0 1288 1 0 1 1 0 8 0
uaddrbest 32 2 0 0 1 0 1 1 0 8 0
uaddr 24 1318 0 1288 1 0 1 1 0 8 0
vmmpekpl 168 12449 0 12411 3 0 3 3 0 8 0
vmmpepl 168 91457 0 89573 111 8 103 106 0 357 8
vmsppl 488 1317 0 1287 7 2 5 5 0 8 0
rwobjpl 80 27357 0 26261 33 3 30 31 0 8 0
pdppl 4096 2655 0 2582 114 38 76 85 0 8 3
pvpl 32 17402 0 0 141 0 141 141 0 265 0
pmappl 256 1323 0 1289 3 0 3 3 0 8 0
extentpl 40 45 0 27 1 0 1 1 0 8 0
phpool 112 336 0 54 9 0 9 9 0 8 0
ddb{0}> machine ddbcpu 0
Invalid cpu 0
ddb{0}> trace
proc_trampoline() at proc_trampoline+0xc7
end of kernel
end trace frame: 0x7f53f1004000, count: -1
ddb{0}> machine ddbcpu 1
Stopped at x86_ipi_db+0x27: addq $0x8,%rsp
x86_ipi_db(ffff8000299edff0) at x86_ipi_db+0x27 sys/arch/amd64/amd64/db_interface.c:394
x86_ipi_handler() at x86_ipi_handler+0xd9 sys/arch/amd64/amd64/ipi.c:106
Xresume_lapic_ipi() at Xresume_lapic_ipi+0x27
x86_bus_space_io_read_1(3f8,5) at x86_bus_space_io_read_1+0x37 sys/arch/amd64/amd64/bus_space.c:670
comcnputc(800,20) at comcnputc+0x250 comcn_read_reg sys/dev/ic/com.c:1655 [inline]
comcnputc(800,20) at comcnputc+0x250 sys/dev/ic/com.c:1269
cnputc(20) at cnputc+0x67 sys/dev/cons.c:218
db_putchar(26) at db_putchar+0x126 db_force_whitespace sys/ddb/db_output.c:102 [inline]
db_putchar(26) at db_putchar+0x126 sys/ddb/db_output.c:153
kprintf() at kprintf+0x29a5 sys/kern/subr_prf.c:-1
db_printf(ffffffff833850a9) at db_printf+0x9b sys/kern/subr_prf.c:-1
panic(ffffffff833adf27) at panic+0x103 sys/kern/subr_prf.c:217
__assert(ffffffff833f0c16,ffffffff833e0b18,51d,ffffffff8341d8f1) at __assert+0x29 sys/kern/subr_prf.c:-1
uvm_pageactivate(fffffd80088818f8) at uvm_pageactivate+0x1e3 sys/uvm/uvm_page.c:1306
uvm_fault_lower(ffff80003c40dfd0,ffff80003c40e008,ffff80003c40df50) at uvm_fault_lower+0x25c sys/uvm/uvm_fault.c:1379
uvm_fault(fffffd805db52030,200000000000,0,2) at uvm_fault+0x274 sys/uvm/uvm_fault.c:-1
end trace frame: 0xffff80003c40e100, count: 0
ddb{1}> trace
x86_ipi_db(ffff8000299edff0) at x86_ipi_db+0x27 sys/arch/amd64/amd64/db_interface.c:394
x86_ipi_handler() at x86_ipi_handler+0xd9 sys/arch/amd64/amd64/ipi.c:106
Xresume_lapic_ipi() at Xresume_lapic_ipi+0x27
x86_bus_space_io_read_1(3f8,5) at x86_bus_space_io_read_1+0x37 sys/arch/amd64/amd64/bus_space.c:670
comcnputc(800,20) at comcnputc+0x250 comcn_read_reg sys/dev/ic/com.c:1655 [inline]
comcnputc(800,20) at comcnputc+0x250 sys/dev/ic/com.c:1269
cnputc(20) at cnputc+0x67 sys/dev/cons.c:218
db_putchar(26) at db_putchar+0x126 db_force_whitespace sys/ddb/db_output.c:102 [inline]
db_putchar(26) at db_putchar+0x126 sys/ddb/db_output.c:153
kprintf() at kprintf+0x29a5 sys/kern/subr_prf.c:-1
db_printf(ffffffff833850a9) at db_printf+0x9b sys/kern/subr_prf.c:-1
panic(ffffffff833adf27) at panic+0x103 sys/kern/subr_prf.c:217
__assert(ffffffff833f0c16,ffffffff833e0b18,51d,ffffffff8341d8f1) at __assert+0x29 sys/kern/subr_prf.c:-1
uvm_pageactivate(fffffd80088818f8) at uvm_pageactivate+0x1e3 sys/uvm/uvm_page.c:1306
uvm_fault_lower(ffff80003c40dfd0,ffff80003c40e008,ffff80003c40df50) at uvm_fault_lower+0x25c sys/uvm/uvm_fault.c:1379
uvm_fault(fffffd805db52030,200000000000,0,2) at uvm_fault+0x274 sys/uvm/uvm_fault.c:-1
upageflttrap(ffff80003c40e170,200000000040) at upageflttrap+0xa9 sys/arch/amd64/amd64/trap.c:192
usertrap(ffff80003c40e170) at usertrap+0x42f sys/arch/amd64/amd64/trap.c:632
recall_trap() at recall_trap+0x8
end of kernel
end trace frame: 0x798addb433c0, count: -17
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
If the report is already addressed, let syzbot know by replying with:
#syz fix: exact-commit-title
If you want to overwrite report's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)
If the report is a duplicate of another one, reply with:
#syz dup: exact-subject-of-another-report
If you want to undo deduplication, reply with:
#syz undup
syzbot found the following issue on:
HEAD commit: 6168265ddf60 Enable USBVERBOSE like we do on other modern ..
git tree: openbsd
console output: https://syzkaller.appspot.com/x/log.txt?x=12b0d592580000
kernel config: https://syzkaller.appspot.com/x/.config?x=7058272de1526588
dashboard link: https://syzkaller.appspot.com/bug?extid=cf1f0b70220496608003
Unfortunately, I don't have any reproducer for this issue yet.
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/cf4b93abf396/disk-6168265d.raw.xz
bsd.gdb: https://storage.googleapis.com/syzbot-assets/138f37bbc595/bsd-6168265d.gdb.xz
kernel image: https://storage.googleapis.com/syzbot-assets/9455b16a45cc/kernel-6168265d.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+cf1f0b...@syzkaller.appspotmail.com
panic:WA kRerNnIeNlG: dSPL iNaOgnoTsti c LOWEasREserDt iOoN nT R"A(Ppg E->XpITg_ fal a0gs
Stopped at proc_trampoline+0xc7: movl $0,%gs:0x688
TID PID UID PRFLAGS PFLAGS CPU COMMAND
*106615 26020 0 0 0 0 syz-executor
162632 30450 0 0 0 1 syz-executor
proc_trampoline() at proc_trampoline+0xc7
end of kernel
end trace frame: 0x7f53f1004000, count: 14
https://www.openbsd.org/ddb.html describes the minimum info required in bug
reports. Insufficient info makes it difficult to find and fix bugs.
ddb{0}>
ddb{0}> set $lines = 0
ddb{0}> set $maxwidth = 0
ddb{0}> show panic
*cpu1: kernel diagnostic assertion "(pg->pg_flags & (PQ_INACTIVE|PQ_ACTIVE)) == 0" failed: file "/syzkaller/managers/multicore/kernel/sys/uvm/uvm_page.c", line 1309
ddb{0}> trace
proc_trampoline() at proc_trampoline+0xc7
end of kernel
end trace frame: 0x7f53f1004000, count: -1
ddb{0}> show registers
rdi 0
rsi 0
rbp 0xffff80003c419f10
rbx 0
rdx 0
rcx 0xffff8000fffe9248
rax 0x2a
r8 0xffff80003c419e40
r9 0
r10 0x754fc39db2b1be1
r11 0xc6cef28e45778225
r12 0
r13 0xffffffff829f25b8 Xdoreti+0x18
r14 0
r15 0
rip 0xffffffff8293e4c7 proc_trampoline+0xc7
cs 0x8
rflags 0x246
rsp 0xffff80003c419e90
ss 0
proc_trampoline+0xc7: movl $0,%gs:0x688
ddb{0}> show proc
PROC (syz-executor) tid=106615 pid=26020 tcnt=2 stat=onproc
flags process=0 proc=0
runpri=81, usrpri=81, slppri=17, nice=20
wchan=0x0, wmesg=, ps_single=0x0 scnt=0 ecnt=0
forw=0xffffffffffffffff, list=0xffff8000fffe9778,0xffff80002a270fb8
process=0xffff8000fffcdd08 user=0xffff80003c414000, vmspace=0xfffffd805db529b8
estcpu=31, cpticks=4, pctcpu=0.0, user=2, sys=2, intr=0
ddb{0}> ps
PID TID PPID UID S FLAGS WAIT COMMAND
66702 248786 63775 0 3 0x80 nanoslp syz-executor
66702 68748 63775 0 3 0x4000080 fsleep syz-executor
42879 365963 67812 0 2 0 syz-executor
42879 489506 67812 0 3 0x4000080 fsleep syz-executor
*26020 106615 19019 0 7 0 syz-executor
26020 395236 19019 0 2 0x4000000 syz-executor
30450 162632 86865 0 7 0 syz-executor
30450 377975 86865 0 3 0x4000080 fsleep syz-executor
50701 120802 47422 0 2 0 syz-executor
50701 194200 47422 0 3 0x4000080 fsleep syz-executor
50701 323356 47422 0 3 0x4000080 fsleep syz-executor
14847 202928 1 0 3 0x100083 ttyin getty
45081 179511 0 0 3 0x14200 acct acct
73574 459738 0 0 3 0x14280 nfsidl nfsio
46851 450508 0 0 3 0x14280 nfsidl nfsio
10205 322300 0 0 3 0x14280 nfsidl nfsio
2307 328346 0 0 3 0x14280 nfsidl nfsio
43567 342221 0 0 3 0x14280 nfsidl nfsio
29979 369252 0 0 3 0x14280 nfsidl nfsio
74928 102790 0 0 3 0x14280 nfsidl nfsio
9170 189846 0 0 3 0x14280 nfsidl nfsio
8963 98471 0 0 3 0x14280 nfsidl nfsio
9764 247427 0 0 3 0x14280 nfsidl nfsio
52602 1239 0 0 3 0x14280 nfsidl nfsio
5186 481489 0 0 3 0x14280 nfsidl nfsio
7375 463876 0 0 3 0x14280 nfsidl nfsio
53678 174607 0 0 3 0x14280 nfsidl nfsio
44343 399597 0 0 3 0x14280 nfsidl nfsio
12140 343078 0 0 3 0x14280 nfsidl nfsio
85825 214152 0 0 3 0x14280 nfsidl nfsio
59835 344121 0 0 3 0x14280 nfsidl nfsio
87863 401507 0 0 3 0x14280 nfsidl nfsio
92141 84008 0 0 3 0x14280 nfsidl nfsio
86865 72420 28259 0 3 0x82 nanoslp syz-executor
19019 425552 28259 0 3 0x82 nanoslp syz-executor
63775 455690 28259 0 3 0x82 nanoslp syz-executor
44309 155498 28259 0 3 0x82 nanoslp syz-executor
4601 207574 28259 0 3 0x82 nanoslp syz-executor
67812 204821 28259 0 3 0x82 nanoslp syz-executor
47422 70925 28259 0 3 0x82 nanoslp syz-executor
9713 2767 28259 0 3 0x2 biowait syz-executor
28259 273206 95821 0 3 0x82 kqread syz-executor
95821 194781 46373 0 3 0x10008a sigsusp ksh
46373 18060 89246 0 3 0x98 kqread sshd-session
89246 308803 21343 0 3 0x92 kqread sshd-session
21343 104674 1 0 3 0x88 kqread sshd
60322 32660 18601 74 3 0x1100092 bpf pflogd
18601 427430 1 0 3 0x80 sbwait pflogd
94431 165729 41680 73 3 0x1100090 kqread syslogd
41680 248966 1 0 3 0x100082 sbwait syslogd
61648 341331 1 0 3 0x100080 kqread resolvd
57604 53909 65650 77 3 0x100092 kqread dhcpleased
84688 68034 65650 77 3 0x100092 kqread dhcpleased
65650 267930 1 0 3 0x80 kqread dhcpleased
10893 184161 0 0 3 0x14200 bored smr
72164 57426 0 0 2 0x14200 zerothread
36007 469814 0 0 3 0x14200 aiodoned aiodoned
11300 475012 0 0 3 0x14200 syncer update
22049 426436 0 0 3 0x14200 cleaner cleaner
39841 429537 0 0 2 0x14200 reaper
2104 344796 0 0 3 0x14200 pgdaemon pagedaemon
43223 297585 0 0 3 0x14200 bored viomb
60742 52262 0 0 3 0x40014200 acpi0 acpi0
49002 273671 0 0 3 0x40014200 idle1
44813 303049 0 0 3 0x14200 bored softnet1
9116 459639 0 0 3 0x14200 bored softnet0
54238 179058 0 0 3 0x14200 bored systqmp
3390 183641 0 0 3 0x14200 bored systq
70595 506290 0 0 3 0x14200 tmoslp softclockmp
43846 446009 0 0 3 0x40014200 tmoslp softclock
30096 177666 0 0 3 0x40014200 idle0
1 37318 0 0 3 0x82 wait init
0 0 -1 0 3 0x10010200 scheduler swapper
ddb{0}> show all locks
CPU 0:
exclusive mutex &uvm.fpageqlock r = 0 (0xffffffff839e74c0)
#0 witness_lock+0x5f1 stacktrace_save sys/sys/stacktrace.h:37 [inline]
#0 witness_lock+0x5f1 sys/kern/subr_witness.c:1160
#1 mtx_enter_try+0x1ad sys/kern/kern_lock.c:311
#2 mtx_enter+0x62 sys/kern/kern_lock.c:261
#3 uvm_pmr_freepages+0x1a8 sys/uvm/uvm_pmemrange.c:-1
#4 pmap_do_remove+0x89f sys/arch/amd64/amd64/pmap.c:1939
#5 uvm_unmap_kill_entry_withlock+0x269 sys/uvm/uvm_map.c:1863
#6 uvm_map_teardown+0x117 uvm_map_addr_RBT_LEFT sys/uvm/uvm_map.h:-1 [inline]
#6 uvm_map_teardown+0x117 sys/uvm/uvm_map.c:2486
#7 exit1+0x6fc sys/kern/kern_exit.c:260
#8 sys_exit+0x1a sys/kern/kern_exit.c:-1
#9 syscall+0xb17 mi_syscall sys/sys/syscall_mi.h:176 [inline]
#9 syscall+0xb17 sys/arch/amd64/amd64/trap.c:775
#10 Xsyscall+0x128
Process 30450 (syz-executor) thread 0xffff8000fffe9778 (162632)
exclusive rwlock uobjlk r = 0 (0xfffffd806066bea8)
#0 witness_lock+0x5f1 stacktrace_save sys/sys/stacktrace.h:37 [inline]
#0 witness_lock+0x5f1 sys/kern/subr_witness.c:1160
#1 rw_do_enter_write+0x419 sys/kern/kern_rwlock.c:320
#2 uvm_fault_lower_lookup+0x53 sys/uvm/uvm_fault.c:1204
#3 uvm_fault_lower+0x89 sys/uvm/uvm_fault.c:1334
#4 uvm_fault+0x274 sys/uvm/uvm_fault.c:-1
#5 upageflttrap+0xa9 sys/arch/amd64/amd64/trap.c:192
#6 usertrap+0x42f sys/arch/amd64/amd64/trap.c:632
#7 recall_trap+0x8
shared rwlock vmmaplk r = 0 (0xfffffd805db52130)
#0 witness_lock+0x5f1 stacktrace_save sys/sys/stacktrace.h:37 [inline]
#0 witness_lock+0x5f1 sys/kern/subr_witness.c:1160
#1 rw_do_enter_read+0x3e8 sys/kern/kern_rwlock.c:413
#2 uvmfault_lookup+0x122 sys/uvm/uvm_fault.c:1880
#3 uvm_fault_check+0x4f sys/uvm/uvm_fault.c:693
#4 uvm_fault+0x106 sys/uvm/uvm_fault.c:627
#5 upageflttrap+0xa9 sys/arch/amd64/amd64/trap.c:192
#6 usertrap+0x42f sys/arch/amd64/amd64/trap.c:632
#7 recall_trap+0x8
Process 9713 (syz-executor) thread 0xffff8000ffffd4c8 (2767)
exclusive rrwlock inode r = 0 (0xfffffd806e89f488)
#0 witness_lock+0x5f1 stacktrace_save sys/sys/stacktrace.h:37 [inline]
#0 witness_lock+0x5f1 sys/kern/subr_witness.c:1160
#1 rw_do_enter_write+0x419 sys/kern/kern_rwlock.c:320
#2 rrw_enter+0xc6 sys/kern/kern_rwlock.c:621
#3 VOP_LOCK+0xa3 sys/kern/vfs_vops.c:527
#4 ufs_ihashins+0x4f ufs_ihash sys/ufs/ufs/ufs_ihash.c:-1 [inline]
#4 ufs_ihashins+0x4f sys/ufs/ufs/ufs_ihash.c:159
#5 ffs_vget+0x187 sys/ufs/ffs/ffs_vfsops.c:1232
#6 ffs_inode_alloc+0x279 sys/ufs/ffs/ffs_alloc.c:393
#7 ufs_mkdir+0xfc sys/ufs/ufs/ufs_vnops.c:1112
#8 VOP_MKDIR+0x101 sys/kern/vfs_vops.c:394
#9 domkdirat+0x179 sys/kern/vfs_syscalls.c:3113
#10 syscall+0xb17 mi_syscall sys/sys/syscall_mi.h:176 [inline]
#10 syscall+0xb17 sys/arch/amd64/amd64/trap.c:775
#11 Xsyscall+0x128
exclusive rrwlock inode r = 0 (0xfffffd80709eed80)
#0 witness_lock+0x5f1 stacktrace_save sys/sys/stacktrace.h:37 [inline]
#0 witness_lock+0x5f1 sys/kern/subr_witness.c:1160
#1 rw_do_enter_write+0x419 sys/kern/kern_rwlock.c:320
#2 rrw_enter+0xc6 sys/kern/kern_rwlock.c:621
#3 VOP_LOCK+0xa3 sys/kern/vfs_vops.c:527
#4 vn_lock+0xa4 sys/kern/vfs_vnops.c:570
#5 vfs_lookup+0x11c sys/kern/vfs_lookup.c:-1
#6 namei+0x7ca sys/kern/vfs_lookup.c:250
#7 domkdirat+0x8b sys/kern/vfs_syscalls.c:3098
#8 syscall+0xb17 mi_syscall sys/sys/syscall_mi.h:176 [inline]
#8 syscall+0xb17 sys/arch/amd64/amd64/trap.c:775
#9 Xsyscall+0x128
ddb{0}> show malloc
Type InUse MemUse HighUse Limit Requests Type Lim
devbuf 10211 11124K 12632K 166960K 13239 0
pcb 17 16K 20K 166960K 331 0
rtable 177 7K 8K 166960K 500 0
pf 29 16K 18K 166960K 121 0
ifaddr 32 5K 7K 166960K 87 0
ifgroup 43 2K 2K 166960K 132 0
sysctl 3 1K 9K 166960K 17 0
counters 64 36K 37K 166960K 154 0
ioctlops 0 0K 4K 166960K 1633 0
iov 0 0K 16K 166960K 127 0
mount 1 1K 1K 166960K 1 0
log 0 0K 0K 166960K 4 0
vnodes 1453 91K 92K 166960K 2355 0
UFS quota 1 32K 32K 166960K 1 0
UFS mount 5 36K 36K 166960K 5 0
shm 2 1K 5K 166960K 14 0
VM map 2 1K 1K 166960K 2 0
sem 23 137K 137K 166960K 31 0
dirhash 12 2K 2K 166960K 18 0
ACPI 1692 195K 286K 166960K 12470 0
file desc 18 86K 110K 166960K 1025 0
sigio 0 0K 0K 166960K 22 0
proc 72 115K 163K 166960K 676 0
subproc 72 4K 4K 166960K 72 0
NFS srvsock 1 0K 0K 166960K 1 0
NFS daemon 1 16K 16K 166960K 1 0
ip_moptions 0 0K 0K 166960K 102 0
in_multi 65 4K 7K 166960K 139 0
ether_multi 1 0K 0K 166960K 4 0
mrt 1 0K 0K 166960K 2 0
ISOFS mount 1 32K 32K 166960K 1 0
MSDOSFS mount 1 16K 16K 166960K 1 0
ttys 91 413K 413K 166960K 91 0
exec 0 0K 1K 166960K 500 0
fusefs mount 1 32K 32K 166960K 1 0
tdb 3 0K 0K 166960K 3 0
VM swap 8 62K 64K 166960K 10 0
UVM amap 245 177K 198K 166960K 11328 0
UVM aobj 24 10K 12K 166960K 27 0
pinsyscall 41 82K 105K 166960K 2192 0
memdesc 1 4K 4K 166960K 1 0
crypto data 1 1K 1K 166960K 1 0
ip6_options 0 0K 0K 166960K 68 0
NDP 9 0K 2K 166960K 55 0
temp 69 8677K 8744K 166960K 49602 0
kqueue 13 20K 32K 166960K 205 0
SYN cache 2 16K 16K 166960K 2 0
ddb{0}> show all pools
Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle
plcache 128 26 0 0 1 0 1 1 0 8 0
rtpcb 120 187 0 184 3 0 3 3 0 8 2
rtentry 176 152 0 81 6 0 6 6 0 8 0
unpcb 144 606 0 589 5 1 4 4 0 8 3
syncache 336 8 0 8 3 2 1 1 0 8 1
tcpqe 32 3 0 3 2 1 1 1 0 8 1
tcpcb 736 275 0 268 4 0 4 4 0 8 2
arp 136 22 0 9 1 0 1 1 0 8 0
inpcb 328 1069 0 1059 15 6 9 10 0 8 8
nd6 152 28 0 13 1 0 1 1 0 8 0
pkpcb 40 2 0 2 2 1 1 1 0 8 1
kcovpl 48 8 0 0 1 0 1 1 0 8 0
ppxss 1192 34 0 34 1 0 1 1 0 8 1
pppxif 1504 6 0 6 3 2 1 1 0 8 1
pffrag 232 7 0 1 1 0 1 1 0 482 0
pffrnode 88 6 0 1 1 0 1 1 0 8 0
pffrent 40 9 0 3 1 0 1 1 0 8 0
pfosfp 40 1428 0 1005 5 0 5 5 0 8 0
pfosfpen 112 1428 0 714 21 0 21 21 0 8 0
pfrktable 1344 4 0 4 2 2 0 1 0 8 0
pfstitem 24 76 0 27 1 0 1 1 0 8 0
pfstkey 128 76 0 27 2 0 2 2 0 8 0
pfstate 448 76 0 27 6 0 6 6 0 8 0
pfrule 1344 27 0 22 2 1 1 2 0 8 0
art_heap8 4096 3 0 0 3 0 3 3 0 8 0
art_heap4 256 631 0 318 29 8 21 29 0 8 0
art_table 40 634 0 318 5 0 5 5 0 8 0
art_node 32 151 0 88 1 0 1 1 0 8 0
sysvmsgpl 40 11 0 8 1 0 1 1 0 8 0
semupl 112 1 0 1 1 1 0 1 0 8 0
semapl 112 26 0 5 1 0 1 1 0 8 0
shmpl 112 18 0 1 1 0 1 1 0 8 0
dirhash 1024 21 0 4 3 0 3 3 0 8 0
dino2pl 256 3283 0 1781 96 1 95 96 0 8 0
ffsino 296 3283 0 1781 117 0 117 117 0 8 0
nchpl 144 4761 0 3059 64 0 64 64 0 8 0
rtmask 32 5 0 5 3 2 1 1 0 8 1
vnodes 216 3996 0 0 222 0 222 222 0 8 0
namei 1024 15470 0 15469 2 1 1 2 0 8 0
percpumem 16 92 0 45 1 0 1 1 0 8 0
vcpupl 3968 5 0 1 1 0 1 1 0 8 0
vmpool 840 6 0 2 1 0 1 1 0 8 0
kstatmem 264 76 0 56 2 0 2 2 0 8 0
scsiplug 72 3 0 3 2 2 0 1 0 8 0
scxspl 216 30529 0 30528 6 5 1 4 1 8 0
plimitpl 152 272 0 254 1 0 1 1 0 8 0
sigapl 424 1361 0 1293 8 0 8 8 0 8 0
knotepl 120 748 0 0 23 0 23 23 0 8 0
kqueuepl 224 416 0 407 6 4 2 5 0 8 1
pipepl 344 200 0 173 3 0 3 3 0 8 0
fdescpl 528 1318 0 1288 3 0 3 3 0 8 0
filepl 160 7999 0 7780 23 6 17 23 0 8 6
lockfpl 104 667 0 663 4 3 1 4 0 8 0
lockfspl 48 184 0 181 1 0 1 1 0 8 0
sessionpl 144 28 0 19 1 0 1 1 0 8 0
pgrppl 48 44 0 27 1 0 1 1 0 8 0
ucredpl 104 1198 0 1183 1 0 1 1 0 8 0
zombiepl 144 1295 0 1293 1 0 1 1 0 8 0
processpl 1232 1361 0 1293 6 0 6 6 0 8 0
procpl 664 2926 0 2852 8 0 8 8 0 8 1
sosppl 176 5 0 5 1 1 0 1 0 8 0
sockpl 752 1912 0 1882 26 12 14 20 0 8 10
mcl64k 65536 5 0 0 1 0 1 1 0 8 0
mcl16k 16384 2 0 0 1 0 1 1 0 8 0
mcl12k 12288 2 0 0 1 0 1 1 0 8 0
mcl9k 9216 1 0 0 1 0 1 1 0 8 0
mcl8k 8192 3 0 0 1 0 1 1 0 8 0
mcl4k 4096 112 0 0 14 0 14 14 0 8 0
mcl2k2 2112 1 0 0 1 0 1 1 0 8 0
mcl2k 2048 33 0 0 5 0 5 5 0 8 0
mtagpl 96 24 0 0 1 0 1 1 0 8 0
mbufpl 256 733 0 0 46 0 46 46 0 8 0
bufpl 280 12383 0 6246 439 0 439 439 0 8 0
anonpl 32 10200 0 0 83 0 83 83 0 246 0
amapchunkpl 152 38431 0 37834 36 5 31 32 0 158 5
amappl16 200 5429 0 5393 45 32 13 24 0 8 8
amappl15 192 3 0 3 1 1 0 1 0 8 0
amappl14 184 39 0 39 1 1 0 1 0 8 0
amappl13 176 437 0 436 1 0 1 1 0 8 0
amappl12 168 1718 0 1677 3 0 3 3 0 8 0
amappl11 160 7 0 7 1 1 0 1 0 8 0
amappl10 152 48 0 33 1 0 1 1 0 8 0
amappl9 144 248 0 248 1 1 0 1 0 8 0
amappl8 136 29 0 27 1 0 1 1 0 8 0
amappl7 128 83 0 82 1 0 1 1 0 8 0
amappl6 120 298 0 284 1 0 1 1 0 8 0
amappl5 112 78 0 67 1 0 1 1 0 8 0
amappl4 104 449 0 417 1 0 1 1 0 8 0
amappl3 96 7393 0 7289 5 1 4 4 0 8 0
amappl2 88 576 0 516 2 0 2 2 0 8 0
amappl1 80 13792 0 13204 15 1 14 14 0 8 0
amappl 88 10371 0 10208 5 0 5 5 0 92 0
uvmvnodes 80 145 0 0 3 0 3 3 0 8 0
dma4096 4096 1 0 1 1 1 0 1 0 8 0
dma1024 1024 1 0 0 1 0 1 1 0 8 0
dma512 512 1 0 1 1 1 0 1 0 8 0
dma256 256 8 0 8 2 2 0 1 0 8 0
dma128 128 254 0 254 2 2 0 1 0 8 0
dma64 64 6 0 6 1 1 0 1 0 8 0
dma32 32 7 0 7 1 1 0 1 0 8 0
dma16 16 18 0 17 1 0 1 1 0 8 0
aobjpl 72 26 0 3 1 0 1 1 0 8 0
uaddrrnd 24 1318 0 1288 1 0 1 1 0 8 0
uaddrbest 32 2 0 0 1 0 1 1 0 8 0
uaddr 24 1318 0 1288 1 0 1 1 0 8 0
vmmpekpl 168 12449 0 12411 3 0 3 3 0 8 0
vmmpepl 168 91457 0 89573 111 8 103 106 0 357 8
vmsppl 488 1317 0 1287 7 2 5 5 0 8 0
rwobjpl 80 27357 0 26261 33 3 30 31 0 8 0
pdppl 4096 2655 0 2582 114 38 76 85 0 8 3
pvpl 32 17402 0 0 141 0 141 141 0 265 0
pmappl 256 1323 0 1289 3 0 3 3 0 8 0
extentpl 40 45 0 27 1 0 1 1 0 8 0
phpool 112 336 0 54 9 0 9 9 0 8 0
ddb{0}> machine ddbcpu 0
Invalid cpu 0
ddb{0}> trace
proc_trampoline() at proc_trampoline+0xc7
end of kernel
end trace frame: 0x7f53f1004000, count: -1
ddb{0}> machine ddbcpu 1
Stopped at x86_ipi_db+0x27: addq $0x8,%rsp
x86_ipi_db(ffff8000299edff0) at x86_ipi_db+0x27 sys/arch/amd64/amd64/db_interface.c:394
x86_ipi_handler() at x86_ipi_handler+0xd9 sys/arch/amd64/amd64/ipi.c:106
Xresume_lapic_ipi() at Xresume_lapic_ipi+0x27
x86_bus_space_io_read_1(3f8,5) at x86_bus_space_io_read_1+0x37 sys/arch/amd64/amd64/bus_space.c:670
comcnputc(800,20) at comcnputc+0x250 comcn_read_reg sys/dev/ic/com.c:1655 [inline]
comcnputc(800,20) at comcnputc+0x250 sys/dev/ic/com.c:1269
cnputc(20) at cnputc+0x67 sys/dev/cons.c:218
db_putchar(26) at db_putchar+0x126 db_force_whitespace sys/ddb/db_output.c:102 [inline]
db_putchar(26) at db_putchar+0x126 sys/ddb/db_output.c:153
kprintf() at kprintf+0x29a5 sys/kern/subr_prf.c:-1
db_printf(ffffffff833850a9) at db_printf+0x9b sys/kern/subr_prf.c:-1
panic(ffffffff833adf27) at panic+0x103 sys/kern/subr_prf.c:217
__assert(ffffffff833f0c16,ffffffff833e0b18,51d,ffffffff8341d8f1) at __assert+0x29 sys/kern/subr_prf.c:-1
uvm_pageactivate(fffffd80088818f8) at uvm_pageactivate+0x1e3 sys/uvm/uvm_page.c:1306
uvm_fault_lower(ffff80003c40dfd0,ffff80003c40e008,ffff80003c40df50) at uvm_fault_lower+0x25c sys/uvm/uvm_fault.c:1379
uvm_fault(fffffd805db52030,200000000000,0,2) at uvm_fault+0x274 sys/uvm/uvm_fault.c:-1
end trace frame: 0xffff80003c40e100, count: 0
ddb{1}> trace
x86_ipi_db(ffff8000299edff0) at x86_ipi_db+0x27 sys/arch/amd64/amd64/db_interface.c:394
x86_ipi_handler() at x86_ipi_handler+0xd9 sys/arch/amd64/amd64/ipi.c:106
Xresume_lapic_ipi() at Xresume_lapic_ipi+0x27
x86_bus_space_io_read_1(3f8,5) at x86_bus_space_io_read_1+0x37 sys/arch/amd64/amd64/bus_space.c:670
comcnputc(800,20) at comcnputc+0x250 comcn_read_reg sys/dev/ic/com.c:1655 [inline]
comcnputc(800,20) at comcnputc+0x250 sys/dev/ic/com.c:1269
cnputc(20) at cnputc+0x67 sys/dev/cons.c:218
db_putchar(26) at db_putchar+0x126 db_force_whitespace sys/ddb/db_output.c:102 [inline]
db_putchar(26) at db_putchar+0x126 sys/ddb/db_output.c:153
kprintf() at kprintf+0x29a5 sys/kern/subr_prf.c:-1
db_printf(ffffffff833850a9) at db_printf+0x9b sys/kern/subr_prf.c:-1
panic(ffffffff833adf27) at panic+0x103 sys/kern/subr_prf.c:217
__assert(ffffffff833f0c16,ffffffff833e0b18,51d,ffffffff8341d8f1) at __assert+0x29 sys/kern/subr_prf.c:-1
uvm_pageactivate(fffffd80088818f8) at uvm_pageactivate+0x1e3 sys/uvm/uvm_page.c:1306
uvm_fault_lower(ffff80003c40dfd0,ffff80003c40e008,ffff80003c40df50) at uvm_fault_lower+0x25c sys/uvm/uvm_fault.c:1379
uvm_fault(fffffd805db52030,200000000000,0,2) at uvm_fault+0x274 sys/uvm/uvm_fault.c:-1
upageflttrap(ffff80003c40e170,200000000040) at upageflttrap+0xa9 sys/arch/amd64/amd64/trap.c:192
usertrap(ffff80003c40e170) at usertrap+0x42f sys/arch/amd64/amd64/trap.c:632
recall_trap() at recall_trap+0x8
end of kernel
end trace frame: 0x798addb433c0, count: -17
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
If the report is already addressed, let syzbot know by replying with:
#syz fix: exact-commit-title
If you want to overwrite report's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)
If the report is a duplicate of another one, reply with:
#syz dup: exact-subject-of-another-report
If you want to undo deduplication, reply with:
#syz undup
Reply all
Reply to author
Forward
0 new messages