kernel: NUM ageStopped at savectx+0xae: movl $NUM,%gs:0x688
0 views
Skip to first unread message
syzbot
Jun 10, 2026, 5:30:35 AM (14 days ago) Jun 10
to syzkaller-o...@googlegroups.com
Hello,
syzbot found the following issue on:
HEAD commit: 65c91b083cf7 Preserve the original text in the first line ..
git tree: openbsd
console output: https://syzkaller.appspot.com/x/log.txt?x=11b670ae580000
kernel config: https://syzkaller.appspot.com/x/.config?x=7058272de1526588
dashboard link: https://syzkaller.appspot.com/bug?extid=e088a3214a9e9aa22f43
Unfortunately, I don't have any reproducer for this issue yet.
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/e528a7f0af73/disk-65c91b08.raw.xz
bsd.gdb: https://storage.googleapis.com/syzbot-assets/4ad620322b83/bsd-65c91b08.gdb.xz
kernel image: https://storage.googleapis.com/syzbot-assets/6895cf61d082/kernel-65c91b08.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+e088a3...@syzkaller.appspotmail.com
kernel: 0 ageStopped at savectx+0xae: movl $0,%gs:0x688
TID PID UID PRFLAGS PFLAGS CPU COMMAND
235070 95174 0 0 0x4000000 1K syz-executor
*208699 83709 60928 0x10 0 0 syz-executor
savectx() at savectx+0xae
end of kernel
end trace frame: 0x77f52910f5b0, count: 14
https://www.openbsd.org/ddb.html describes the minimum info required in bug
reports. Insufficient info makes it difficult to find and fix bugs.
ddb{0}>
ddb{0}> set $lines = 0
ddb{0}> set $maxwidth = 0
ddb{0}> show panic
*cpu1: uvm_fault(0xfffff0006a767b90, 0x98, 0, 1) -> e
ddb{0}> trace
savectx() at savectx+0xae
end of kernel
end trace frame: 0x77f52910f5b0, count: -1
ddb{0}> show registers
rdi 0
rsi 0
rbp 0xffff80002a2bae00
rbx 0
rdx 0
rcx 0xffff8000fffe82b8
rax 0x3c
r8 0xffff80002a2bad30
r9 0
r10 0x4b4863e670a623c0
r11 0xbce09e03cdd83bc0
r12 0
r13 0
r14 0xffff8000fffe82b8
r15 0
rip 0xffffffff821e93ee savectx+0xae
cs 0x8
rflags 0x46
rsp 0xffff80002a2bad80
ss 0x10
savectx+0xae: movl $0,%gs:0x688
ddb{0}> show proc
PROC (syz-executor) tid=208699 pid=83709 tcnt=2 stat=onproc
flags process=10<SUGID> proc=0
runpri=80, usrpri=80, slppri=16, nice=20
wchan=0x0, wmesg=, ps_single=0x0 scnt=0 ecnt=0
forw=0xffffffffffffffff, list=0xffff800031b8dcb0,0xffff8000fffe8a90
process=0xffff8000fffe5360 user=0xffff80002a2b5000, vmspace=0xfffff0006a767d78
estcpu=30, cpticks=6, pctcpu=0.0, user=5, sys=1, intr=0
ddb{0}>
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
If the report is already addressed, let syzbot know by replying with:
#syz fix: exact-commit-title
If you want to overwrite report's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)
If the report is a duplicate of another one, reply with:
#syz dup: exact-subject-of-another-report
If you want to undo deduplication, reply with:
#syz undup
syzbot found the following issue on:
HEAD commit: 65c91b083cf7 Preserve the original text in the first line ..
git tree: openbsd
console output: https://syzkaller.appspot.com/x/log.txt?x=11b670ae580000
kernel config: https://syzkaller.appspot.com/x/.config?x=7058272de1526588
dashboard link: https://syzkaller.appspot.com/bug?extid=e088a3214a9e9aa22f43
Unfortunately, I don't have any reproducer for this issue yet.
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/e528a7f0af73/disk-65c91b08.raw.xz
bsd.gdb: https://storage.googleapis.com/syzbot-assets/4ad620322b83/bsd-65c91b08.gdb.xz
kernel image: https://storage.googleapis.com/syzbot-assets/6895cf61d082/kernel-65c91b08.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+e088a3...@syzkaller.appspotmail.com
kernel: 0 ageStopped at savectx+0xae: movl $0,%gs:0x688
TID PID UID PRFLAGS PFLAGS CPU COMMAND
235070 95174 0 0 0x4000000 1K syz-executor
*208699 83709 60928 0x10 0 0 syz-executor
savectx() at savectx+0xae
end of kernel
end trace frame: 0x77f52910f5b0, count: 14
https://www.openbsd.org/ddb.html describes the minimum info required in bug
reports. Insufficient info makes it difficult to find and fix bugs.
ddb{0}>
ddb{0}> set $lines = 0
ddb{0}> set $maxwidth = 0
ddb{0}> show panic
*cpu1: uvm_fault(0xfffff0006a767b90, 0x98, 0, 1) -> e
ddb{0}> trace
savectx() at savectx+0xae
end of kernel
end trace frame: 0x77f52910f5b0, count: -1
ddb{0}> show registers
rdi 0
rsi 0
rbp 0xffff80002a2bae00
rbx 0
rdx 0
rcx 0xffff8000fffe82b8
rax 0x3c
r8 0xffff80002a2bad30
r9 0
r10 0x4b4863e670a623c0
r11 0xbce09e03cdd83bc0
r12 0
r13 0
r14 0xffff8000fffe82b8
r15 0
rip 0xffffffff821e93ee savectx+0xae
cs 0x8
rflags 0x46
rsp 0xffff80002a2bad80
ss 0x10
savectx+0xae: movl $0,%gs:0x688
ddb{0}> show proc
PROC (syz-executor) tid=208699 pid=83709 tcnt=2 stat=onproc
flags process=10<SUGID> proc=0
runpri=80, usrpri=80, slppri=16, nice=20
wchan=0x0, wmesg=, ps_single=0x0 scnt=0 ecnt=0
forw=0xffffffffffffffff, list=0xffff800031b8dcb0,0xffff8000fffe8a90
process=0xffff8000fffe5360 user=0xffff80002a2b5000, vmspace=0xfffff0006a767d78
estcpu=30, cpticks=6, pctcpu=0.0, user=5, sys=1, intr=0
ddb{0}>
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
If the report is already addressed, let syzbot know by replying with:
#syz fix: exact-commit-title
If you want to overwrite report's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)
If the report is a duplicate of another one, reply with:
#syz dup: exact-subject-of-another-report
If you want to undo deduplication, reply with:
#syz undup
Reply all
Reply to author
Forward
0 new messages