panic: acquiring blockable sleep lock with spinlock or critical section held (rwlock) vmmaplk (3)

1 view
Skip to first unread message

syzbot

unread,
Oct 24, 2023, 2:13:54 AM10/24/23
to syzkaller-o...@googlegroups.com
Hello,

syzbot found the following issue on:

HEAD commit: e0c1f4798a44 Use xoff instead of *olen in the shift_right(..
git tree: openbsd
console output: https://syzkaller.appspot.com/x/log.txt?x=10877593680000
kernel config: https://syzkaller.appspot.com/x/.config?x=7058272de1526588
dashboard link: https://syzkaller.appspot.com/bug?extid=7b6b9003a6b59dff1abb

Unfortunately, I don't have any reproducer for this issue yet.

Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/ac66645f0d97/disk-e0c1f479.raw.xz
bsd.gdb: https://storage.googleapis.com/syzbot-assets/8610cce9f100/bsd-e0c1f479.gdb.xz
kernel image: https://storage.googleapis.com/syzbot-assets/033c51df4b71/kernel-e0c1f479.xz

IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+7b6b90...@syzkaller.appspotmail.com

panic: acquiring blockable sleep lock with spinlock or critical section held (rwlock) vmmaplk
Starting stack trace...
panic(ffffffff827c2411) at panic+0x16f sys/kern/subr_prf.c:229
witness_checkorder(ffffffff82cf06b0,1,0) at witness_checkorder+0x116d sys/kern/subr_witness.c:838
rw_enter_read(ffffffff82cf06a0) at rw_enter_read+0x87 sys/kern/kern_rwlock.c:112
uvmfault_lookup(ffff80002115f1c0,0) at uvmfault_lookup+0xd9 sys/uvm/uvm_fault.c:1785
uvm_fault_check(ffff80002115f1c0,ffff80002115f1f8,ffff80002115f220) at uvm_fault_check+0x3e sys/uvm/uvm_fault.c:672
uvm_fault(ffffffff82cf05b8,88bd92000,0,1) at uvm_fault+0xf2 sys/uvm/uvm_fault.c:600
kpageflttrap(ffff80002115f360,88bd92d50) at kpageflttrap+0x252 sys/arch/amd64/amd64/trap.c:279
kerntrap(ffff80002115f360) at kerntrap+0xf3 sys/arch/amd64/amd64/trap.c:332
alltraps_kern_meltdown() at alltraps_kern_meltdown+0x7b
softclock_process_kclock_timeout(fffffd80669eddf0,0) at softclock_process_kclock_timeout+0x3e sys/kern/kern_timeout.c:676
softclock(0) at softclock+0x11a sys/kern/kern_timeout.c:754
softintr_dispatch(0) at softintr_dispatch+0xfb sys/arch/amd64/amd64/softintr.c:90
Xsoftclock() at Xsoftclock+0x27
acpicpu_idle() at acpicpu_idle+0x312 sys/dev/acpi/acpicpu.c:1206
sched_idle(ffffffff82c0cff0) at sched_idle+0x41e sys/kern/kern_sched.c:191
end trace frame: 0x0, count: 242
End of stack trace.

syncing disks...24 24 24 24 24 24 24 24 24 24 24 24 24 24 24 24 24 24 24 24 giving up

dump to dev 4,1 not possible
rpaenbiooc:ti nkeg.r.nel.
diagnostic SeaBIOS (version 1.8.2-google)
Total RAM Size = 0x0000000080000000 = 2048 MiB
CPUs found: 2 Max CPUs supported: 2
SeaBIOS (version 1.8.2-google)
Machine UUID 479bd2e4-6073-186a-8c25-a69e4074584d
found virtio-scsi at 0:3
virtio-scsi vendor='Google' product='PersistentDisk' rev='1' type=0 removable=0
virtio-scsi blksize=512 sectors=4194304 = 2048 MiB
drive 0x000f2890: PCHS=0/0/0 translation=lba LCHS=520/128/63 s=4194304
Sending Seabios boot VM event.
Booting from Hard Disk 0...
>> OpenBSD/amd64 BOOT 3.65
boot> show malloc
boot: illegal argument malloc
boot> show all pools
boot> machine ddbcpu 0
machine: syntax error
boot> trace
boot> machine ddbcpu 1
machine: syntax error
boot> trace


---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.

syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.

If the bug is already fixed, let syzbot know by replying with:
#syz fix: exact-commit-title

If you want to overwrite bug's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)

If the bug is a duplicate of another bug, reply with:
#syz dup: exact-subject-of-another-report

If you want to undo deduplication, reply with:
#syz undup
Reply all
Reply to author
Forward
0 new messages