uvm_fault: kcov_remote_enter (4)
0 views
Skip to first unread message
syzbot
Dec 8, 2025, 3:56:24 AM (4 days ago) Dec 8
to syzkaller-o...@googlegroups.com
Hello,
syzbot found the following issue on:
HEAD commit: c5b72cc0187d errant line
git tree: openbsd
console output: https://syzkaller.appspot.com/x/log.txt?x=1101321a580000
kernel config: https://syzkaller.appspot.com/x/.config?x=1bc15e68cd2a49e5
dashboard link: https://syzkaller.appspot.com/bug?extid=a2fe1c2e473ccee55891
Unfortunately, I don't have any reproducer for this issue yet.
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/f86caf94a75e/disk-c5b72cc0.raw.xz
bsd.gdb: https://storage.googleapis.com/syzbot-assets/082e797b287a/bsd-c5b72cc0.gdb.xz
kernel image: https://storage.googleapis.com/syzbot-assets/656135282c37/kernel-c5b72cc0.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+a2fe1c...@syzkaller.appspotmail.com
uvm_fault(0xffffffff838b92d0, 0xffff800029f26000, 0, 2) -> e
kernel: page fault trap, code=2
Stopped at kcov_remote_enter+0x122: movq $0,0(%rcx)
TID PID UID PRFLAGS PFLAGS CPU COMMAND
*306285 3633 0 0 0 0 syz-executor
kcov_remote_enter(0,ffff80002a7df610) at kcov_remote_enter+0x122 sys/dev/kcov.c:670
timeout_run(ffffffff837d2fc0,ffff80002a777d28) at timeout_run+0xc2 sys/kern/kern_timeout.c:696
softclock_process_tick_timeout(ffff80002a777d28,0) at softclock_process_tick_timeout+0x230 sys/kern/kern_timeout.c:756
softclock(0) at softclock+0x152 sys/kern/kern_timeout.c:788
softintr_dispatch(0) at softintr_dispatch+0xf9 sys/kern/kern_softintr.c:87
dosoftint(0) at dosoftint+0x48 sys/arch/amd64/amd64/intr.c:862
Xsoftclock() at Xsoftclock+0x27
end of kernel
end trace frame: 0x7a66c4220ad0, count: 8
https://www.openbsd.org/ddb.html describes the minimum info required in bug
reports. Insufficient info makes it difficult to find and fix bugs.
ddb>
ddb> set $lines = 0
ddb> set $maxwidth = 0
ddb> show panic
*cpu0: uvm_fault(0xffffffff838b92d0, 0xffff800029f26000, 0, 2) -> e
ddb> trace
kcov_remote_enter(0,ffff80002a7df610) at kcov_remote_enter+0x122 sys/dev/kcov.c:670
timeout_run(ffffffff837d2fc0,ffff80002a777d28) at timeout_run+0xc2 sys/kern/kern_timeout.c:696
softclock_process_tick_timeout(ffff80002a777d28,0) at softclock_process_tick_timeout+0x230 sys/kern/kern_timeout.c:756
softclock(0) at softclock+0x152 sys/kern/kern_timeout.c:788
softintr_dispatch(0) at softintr_dispatch+0xf9 sys/kern/kern_softintr.c:87
dosoftint(0) at dosoftint+0x48 sys/arch/amd64/amd64/intr.c:862
Xsoftclock() at Xsoftclock+0x27
end of kernel
end trace frame: 0x7a66c4220ad0, count: -7
ddb> show registers
rdi 0xffffffff
rsi 0xffff800000b11c00
rbp 0xffff80003c9310e0
rbx 0xffff80002a7df610
rdx 0xffff80003c9e67f8
rcx 0xffff800029f26000
rax 0xfffffd806cb1dba0
r8 0
r9 0
r10 0xb2a6c4b086bb46e
r11 0x9f16dba797f00fef
r12 0xffffffff8249a7a0 endtsleep
r13 0xffff80002a777c90
r14 0xffff80002a7df610
r15 0
rip 0xffffffff82bbab62 kcov_remote_enter+0x122
cs 0x8
rflags 0x10297 __ALIGN_SIZE+0xf297
rsp 0xffff80003c9310c0
ss 0
kcov_remote_enter+0x122: movq $0,0(%rcx)
ddb> show proc
PROC (syz-executor) tid=306285 pid=3633 tcnt=3 stat=onproc
flags process=0 proc=0
runpri=86, usrpri=86, slppri=17, nice=20
wchan=0x0, wmesg=, ps_single=0x0 scnt=0 ecnt=0
forw=0xffffffffffffffff, list=0xffff80003c9e7788,0xffff80003c9e7a30
process=0xffff800031904498 user=0xffff80003c92c000, vmspace=0xfffffd807d9b7468
estcpu=36, cpticks=5, pctcpu=0.0, user=4, sys=0, intr=1
ddb> ps
PID TID PPID UID S FLAGS WAIT COMMAND
48696 351925 15814 0 2 0 syz-executor
48696 114881 15814 0 3 0x4000080 fsleep syz-executor
48696 208257 15814 0 3 0x4000080 fsleep syz-executor
* 3633 306285 87487 0 7 0 syz-executor
3633 142415 87487 0 3 0x4000080 fsleep syz-executor
3633 288117 87487 0 3 0x4000080 fsleep syz-executor
59595 264194 91143 0 2 0 syz-executor
59595 44525 91143 0 2 0x4000000 syz-executor
67116 201560 49599 0 3 0x82 piperd syz-executor
91143 212650 49599 0 3 0x82 nanoslp syz-executor
39999 386213 0 0 3 0x14200 acct acct
19252 161437 11338 0 3 0x82 sbwait sshd-session
87487 41779 49599 0 3 0x82 nanoslp syz-executor
81906 147325 0 0 3 0x14280 nfsidl nfsio
13715 476990 0 0 3 0x14280 nfsidl nfsio
79784 506040 0 0 3 0x14280 nfsidl nfsio
73760 398331 0 0 3 0x14280 nfsidl nfsio
2108 418870 0 0 3 0x14280 nfsidl nfsio
17979 244105 0 0 3 0x14280 nfsidl nfsio
57484 355481 0 0 3 0x14280 nfsidl nfsio
50448 55823 0 0 3 0x14280 nfsidl nfsio
56115 418019 0 0 3 0x14280 nfsidl nfsio
27561 26913 0 0 3 0x14280 nfsidl nfsio
74836 289641 0 0 3 0x14280 nfsidl nfsio
55419 266247 0 0 3 0x14280 nfsidl nfsio
37379 114993 0 0 3 0x14280 nfsidl nfsio
40684 168070 0 0 3 0x14280 nfsidl nfsio
20030 237842 0 0 3 0x14280 nfsidl nfsio
23330 35770 0 0 3 0x14280 nfsidl nfsio
65412 49865 0 0 3 0x14280 nfsidl nfsio
56206 192714 0 0 3 0x14280 nfsidl nfsio
97614 155084 0 0 3 0x14280 nfsidl nfsio
37410 123867 0 0 3 0x14280 nfsidl nfsio
15814 269563 49599 0 3 0x82 nanoslp syz-executor
27056 10157 49599 0 3 0x82 nanoslp syz-executor
59743 177283 49599 0 3 0x82 nanoslp syz-executor
49599 23255 51876 0 3 0x82 wait syz-executor
51876 252344 62395 0 3 0x10008a sigsusp ksh
62395 463965 42702 0 3 0x98 kqread sshd-session
42702 97312 11338 0 3 0x92 kqread sshd-session
13473 37874 1 0 3 0x100083 ttyopn getty
11338 465071 1 0 3 0x88 kqread sshd
71470 204656 32856 73 3 0x1100090 kqread syslogd
32856 278030 1 0 3 0x100082 sbwait syslogd
22965 501484 1 0 3 0x100080 kqread resolvd
18883 451598 91936 77 3 0x100092 kqread dhcpleased
3028 31298 91936 77 3 0x100092 kqread dhcpleased
91936 280164 1 0 3 0x80 kqread dhcpleased
69005 434549 0 0 3 0x14200 bored smr
59191 214921 0 0 2 0x14200 zerothread
77564 157724 0 0 3 0x14200 aiodoned aiodoned
13804 213807 0 0 3 0x14200 syncer update
902 208133 0 0 3 0x14200 cleaner cleaner
86433 396793 0 0 3 0x14200 reaper reaper
99190 331324 0 0 3 0x14200 pgdaemon pagedaemon
81230 491680 0 0 3 0x14200 bored viomb
63088 68817 0 0 3 0x40014200 acpi0 acpi0
99404 503487 0 0 3 0x14200 bored softnet0
67290 69986 0 0 3 0x14200 bored systqmp
23978 169946 0 0 3 0x14200 bored systq
56470 403571 0 0 3 0x40014200 tmoslp softclock
26004 493467 0 0 3 0x40014200 idle0
1 342821 0 0 3 0x80082 wait init
0 0 -1 0 3 0x10010200 scheduler swapper
ddb> show all locks
No such command
ddb> show malloc
Type InUse MemUse HighUse Limit Requests Type Lim
devbuf 10199 11042K 11709K 166960K 12775 0
pcb 18 16K 18K 166960K 235 0
rtable 180 9K 9K 166960K 645 0
pf 28 12K 19K 166960K 127 0
ifaddr 29 5K 8K 166960K 104 0
ifgroup 45 2K 2K 166960K 156 0
sysctl 3 1K 9K 166960K 12 0
counters 31 17K 18K 166960K 91 0
ioctlops 0 0K 4K 166960K 158 0
iov 0 0K 24K 166960K 70 0
mount 1 1K 1K 166960K 1 0
log 0 0K 0K 166960K 4 0
vnodes 1419 89K 89K 166960K 2282 0
UFS quota 1 32K 32K 166960K 1 0
UFS mount 5 36K 36K 166960K 5 0
shm 2 1K 5K 166960K 7 0
VM map 2 1K 1K 166960K 2 0
sem 12 0K 0K 166960K 85 0
dirhash 72 12K 14K 166960K 699 0
ACPI 1692 195K 286K 166960K 12470 0
file desc 14 49K 89K 166960K 945 0
sigio 0 0K 0K 166960K 13 0
proc 61 59K 91K 166960K 681 0
subproc 63 3K 4K 166960K 117 0
NFS srvsock 1 0K 0K 166960K 1 0
NFS daemon 1 16K 16K 166960K 1 0
ip_moptions 0 0K 0K 166960K 85 0
in_multi 55 4K 7K 166960K 177 0
ether_multi 1 0K 0K 166960K 4 0
mrt 0 0K 0K 166960K 6 0
ISOFS mount 1 32K 32K 166960K 1 0
MSDOSFS mount 1 16K 16K 166960K 1 0
ttys 241 1076K 1076K 166960K 241 0
exec 0 0K 1K 166960K 499 0
fusefs mount 1 32K 32K 166960K 1 0
pfkey data 0 0K 0K 166960K 1 0
tdb 3 0K 0K 166960K 3 0
VM swap 8 62K 64K 166960K 10 0
UVM amap 214 151K 177K 166960K 9879 0
UVM aobj 13 8K 10K 166960K 19 0
pinsyscall 37 74K 93K 166960K 2143 0
memdesc 1 4K 4K 166960K 1 0
crypto data 1 1K 1K 166960K 1 0
ip6_options 0 0K 0K 166960K 79 0
NDP 11 0K 2K 166960K 72 0
temp 52 8666K 8732K 166960K 43308 0
kqueue 13 20K 30K 166960K 168 0
SYN cache 2 16K 16K 166960K 2 0
ddb> show all pools
Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle
rtpcb 120 106 0 103 1 0 1 1 0 8 0
rtentry 136 188 0 128 4 0 4 4 0 8 0
unpcb 144 491 0 474 6 3 3 4 0 8 2
syncache 336 7 0 7 1 1 0 1 0 8 0
tcpcb 736 333 0 326 7 6 1 7 0 8 0
arp 96 31 0 21 1 0 1 1 0 8 0
ipq 40 3 0 0 1 0 1 1 0 8 0
ipqe 40 3 0 0 1 0 1 1 0 8 0
inpcb 328 920 0 909 12 5 7 7 0 8 6
ip6q 72 68 0 66 1 0 1 1 0 8 0
ip6af 40 134 0 132 1 0 1 1 0 8 0
nd6 112 42 0 30 1 0 1 1 0 8 0
pkpcb 40 2 0 2 1 1 0 1 0 8 0
kcovpl 48 13 0 6 1 0 1 1 0 8 0
mppekey 1024 3 0 3 2 1 1 1 0 8 1
ppxss 1072 45 0 45 2 1 1 1 0 8 1
pppxif 1384 6 0 6 2 1 1 1 0 8 1
pfstscr 40 1 0 1 1 0 1 1 0 8 1
pfrktable 1344 1 0 1 1 1 0 1 0 8 0
pfanchor 1288 2 0 0 1 0 1 1 0 8 0
pfstkey 128 2 0 2 1 0 1 1 0 8 1
pfstate 384 1 0 1 1 0 1 1 0 8 1
pfrule 1344 6 0 6 2 1 1 1 0 8 1
rttmr 136 1 0 1 1 1 0 1 0 8 0
art_heap8 4096 4 0 0 4 0 4 4 0 8 0
art_heap4 256 751 0 475 29 6 23 29 0 8 5
art_table 40 755 0 475 5 0 5 5 0 8 0
art_node 32 186 0 132 1 0 1 1 0 8 0
sysvmsgpl 40 14 0 10 1 0 1 1 0 8 0
semupl 112 2 0 2 1 1 0 1 0 8 0
semapl 112 83 0 73 1 0 1 1 0 8 0
shmpl 112 12 0 5 1 0 1 1 0 8 0
dirhash 1024 249 0 212 6 0 6 6 0 8 1
dino2pl 256 3080 0 1574 95 0 95 95 0 8 0
ffsino 256 3080 0 1574 95 0 95 95 0 8 0
nchpl 144 4351 0 2652 64 0 64 64 0 8 0
rtmask 32 10 0 10 2 1 1 1 0 8 1
vnodes 216 3673 0 0 205 0 205 205 0 8 0
namei 1024 15426 0 15426 2 1 1 1 0 8 1
vcpupl 3904 3 0 0 1 0 1 1 0 8 0
vmpool 800 4 0 1 1 0 1 1 0 8 0
kstatmem 264 90 0 72 2 0 2 2 0 8 0
acpiwqpl 32 3 0 3 1 0 1 1 1 8 1
scsiplug 72 5 0 5 2 1 1 1 0 8 1
scxspl 216 18375 0 18375 8 7 1 8 1 8 1
plimitpl 152 246 0 230 1 0 1 1 0 8 0
sigapl 424 1242 0 1180 8 0 8 8 0 8 0
knotepl 120 31864 0 31816 25 14 11 24 0 8 8
kqueuepl 184 352 0 343 4 3 1 4 0 8 0
pipepl 304 217 0 190 3 0 3 3 0 8 0
fdescpl 448 1207 0 1180 5 1 4 5 0 8 0
filepl 120 7988 0 7783 13 2 11 11 0 8 2
lockfpl 104 428 0 425 2 1 1 2 0 8 0
lockfspl 48 128 0 125 1 0 1 1 0 8 0
sessionpl 144 28 0 19 1 0 1 1 0 8 0
pgrppl 48 52 0 35 1 0 1 1 0 8 0
ucredpl 104 1620 0 1607 1 0 1 1 0 8 0
zombiepl 144 1316 0 1312 1 0 1 1 0 8 0
processpl 1152 1242 0 1180 5 0 5 5 0 8 0
procpl 664 2421 0 2353 8 0 8 8 0 8 0
sosppl 176 7 0 7 1 1 0 1 0 8 0
sockpl 552 1549 0 1518 13 5 8 8 0 8 5
mcl64k 65536 108 0 108 2 1 1 1 0 8 1
mcl16k 16384 11 0 11 1 1 0 1 0 8 0
mcl12k 12288 2 0 2 1 1 0 1 0 8 0
mcl9k 9216 1 0 1 1 0 1 1 0 8 1
mcl8k 8192 10 0 10 2 1 1 1 0 8 1
mcl4k 4096 3462 0 3407 15 7 8 15 0 8 0
mcl2k2 2112 2 0 2 2 1 1 1 0 8 1
mcl2k 2048 1486 0 1481 4 2 2 3 0 8 1
mtagpl 96 28 0 20 1 0 1 1 0 8 0
mbufpl 256 13112 0 12987 20 4 16 17 0 8 4
bufpl 280 7295 0 1074 445 0 445 445 0 8 0
anonpl 24 185275 0 182175 54 19 35 54 0 187 0
amapchunkpl 152 32626 0 32223 38 3 35 35 0 158 13
amappl16 200 3133 0 3109 22 17 5 20 0 8 1
amappl15 192 3 0 3 1 1 0 1 0 8 0
amappl14 184 7 0 6 1 0 1 1 0 8 0
amappl13 176 463 0 462 1 0 1 1 0 8 0
amappl12 168 1580 0 1543 2 0 2 2 0 8 0
amappl11 160 6 0 5 1 0 1 1 0 8 0
amappl10 152 40 0 30 1 0 1 1 0 8 0
amappl9 144 256 0 256 1 1 0 1 0 8 0
amappl8 136 18 0 17 1 0 1 1 0 8 0
amappl7 128 106 0 105 1 0 1 1 0 8 0
amappl6 120 321 0 308 1 0 1 1 0 8 0
amappl5 112 77 0 68 1 0 1 1 0 8 0
amappl4 104 401 0 376 1 0 1 1 0 8 0
amappl3 96 6416 0 6327 4 0 4 4 0 8 0
amappl2 88 563 0 501 2 0 2 2 0 8 0
amappl1 80 12772 0 12169 14 0 14 14 0 8 0
amappl 88 8989 0 8851 5 0 5 5 0 92 0
uvmvnodes 80 117 0 0 3 0 3 3 0 8 0
dma16384 16384 1 0 1 1 1 0 1 0 8 0
dma4096 4096 1 0 1 1 1 0 1 0 8 0
dma1024 1024 1 0 0 1 0 1 1 0 8 0
dma256 256 6 0 6 1 1 0 1 0 8 0
dma128 128 255 0 255 1 1 0 1 0 8 0
dma64 64 6 0 6 1 1 0 1 0 8 0
dma32 32 8 0 8 1 1 0 1 0 8 0
dma16 16 18 0 17 1 0 1 1 0 8 0
aobjpl 72 18 0 6 1 0 1 1 0 8 0
uaddrrnd 24 1207 0 1180 1 0 1 1 0 8 0
uaddrbest 32 2 0 0 1 0 1 1 0 8 0
uaddr 24 1207 0 1180 1 0 1 1 0 8 0
vmmpekpl 168 11177 0 11123 4 1 3 3 0 8 0
vmmpepl 168 81892 0 80132 95 7 88 94 0 357 1
vmsppl 368 1206 0 1180 4 1 3 4 0 8 0
rwobjpl 40 23294 0 22271 14 0 14 14 0 8 0
pdppl 4096 2428 0 2365 111 38 73 78 0 8 10
pvpl 32 528833 0 519896 130 24 106 123 0 265 3
pmappl 216 1210 0 1181 2 0 2 2 0 8 0
extentpl 40 45 0 27 1 0 1 1 0 8 0
phpool 112 409 0 74 11 0 11 11 0 8 0
ddb> machine ddbcpu 0
No such command
ddb> trace
kcov_remote_enter(0,ffff80002a7df610) at kcov_remote_enter+0x122 sys/dev/kcov.c:670
timeout_run(ffffffff837d2fc0,ffff80002a777d28) at timeout_run+0xc2 sys/kern/kern_timeout.c:696
softclock_process_tick_timeout(ffff80002a777d28,0) at softclock_process_tick_timeout+0x230 sys/kern/kern_timeout.c:756
softclock(0) at softclock+0x152 sys/kern/kern_timeout.c:788
softintr_dispatch(0) at softintr_dispatch+0xf9 sys/kern/kern_softintr.c:87
dosoftint(0) at dosoftint+0x48 sys/arch/amd64/amd64/intr.c:862
Xsoftclock() at Xsoftclock+0x27
end of kernel
end trace frame: 0x7a66c4220ad0, count: -7
ddb> machine ddbcpu 1
No such command
ddb> trace
kcov_remote_enter(0,ffff80002a7df610) at kcov_remote_enter+0x122 sys/dev/kcov.c:670
timeout_run(ffffffff837d2fc0,ffff80002a777d28) at timeout_run+0xc2 sys/kern/kern_timeout.c:696
softclock_process_tick_timeout(ffff80002a777d28,0) at softclock_process_tick_timeout+0x230 sys/kern/kern_timeout.c:756
softclock(0) at softclock+0x152 sys/kern/kern_timeout.c:788
softintr_dispatch(0) at softintr_dispatch+0xf9 sys/kern/kern_softintr.c:87
dosoftint(0) at dosoftint+0x48 sys/arch/amd64/amd64/intr.c:862
Xsoftclock() at Xsoftclock+0x27
end of kernel
end trace frame: 0x7a66c4220ad0, count: -7
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
If the report is already addressed, let syzbot know by replying with:
#syz fix: exact-commit-title
If you want to overwrite report's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)
If the report is a duplicate of another one, reply with:
#syz dup: exact-subject-of-another-report
If you want to undo deduplication, reply with:
#syz undup
syzbot found the following issue on:
HEAD commit: c5b72cc0187d errant line
git tree: openbsd
console output: https://syzkaller.appspot.com/x/log.txt?x=1101321a580000
kernel config: https://syzkaller.appspot.com/x/.config?x=1bc15e68cd2a49e5
dashboard link: https://syzkaller.appspot.com/bug?extid=a2fe1c2e473ccee55891
Unfortunately, I don't have any reproducer for this issue yet.
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/f86caf94a75e/disk-c5b72cc0.raw.xz
bsd.gdb: https://storage.googleapis.com/syzbot-assets/082e797b287a/bsd-c5b72cc0.gdb.xz
kernel image: https://storage.googleapis.com/syzbot-assets/656135282c37/kernel-c5b72cc0.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+a2fe1c...@syzkaller.appspotmail.com
uvm_fault(0xffffffff838b92d0, 0xffff800029f26000, 0, 2) -> e
kernel: page fault trap, code=2
Stopped at kcov_remote_enter+0x122: movq $0,0(%rcx)
TID PID UID PRFLAGS PFLAGS CPU COMMAND
*306285 3633 0 0 0 0 syz-executor
kcov_remote_enter(0,ffff80002a7df610) at kcov_remote_enter+0x122 sys/dev/kcov.c:670
timeout_run(ffffffff837d2fc0,ffff80002a777d28) at timeout_run+0xc2 sys/kern/kern_timeout.c:696
softclock_process_tick_timeout(ffff80002a777d28,0) at softclock_process_tick_timeout+0x230 sys/kern/kern_timeout.c:756
softclock(0) at softclock+0x152 sys/kern/kern_timeout.c:788
softintr_dispatch(0) at softintr_dispatch+0xf9 sys/kern/kern_softintr.c:87
dosoftint(0) at dosoftint+0x48 sys/arch/amd64/amd64/intr.c:862
Xsoftclock() at Xsoftclock+0x27
end of kernel
end trace frame: 0x7a66c4220ad0, count: 8
https://www.openbsd.org/ddb.html describes the minimum info required in bug
reports. Insufficient info makes it difficult to find and fix bugs.
ddb>
ddb> set $lines = 0
ddb> set $maxwidth = 0
ddb> show panic
*cpu0: uvm_fault(0xffffffff838b92d0, 0xffff800029f26000, 0, 2) -> e
ddb> trace
kcov_remote_enter(0,ffff80002a7df610) at kcov_remote_enter+0x122 sys/dev/kcov.c:670
timeout_run(ffffffff837d2fc0,ffff80002a777d28) at timeout_run+0xc2 sys/kern/kern_timeout.c:696
softclock_process_tick_timeout(ffff80002a777d28,0) at softclock_process_tick_timeout+0x230 sys/kern/kern_timeout.c:756
softclock(0) at softclock+0x152 sys/kern/kern_timeout.c:788
softintr_dispatch(0) at softintr_dispatch+0xf9 sys/kern/kern_softintr.c:87
dosoftint(0) at dosoftint+0x48 sys/arch/amd64/amd64/intr.c:862
Xsoftclock() at Xsoftclock+0x27
end of kernel
end trace frame: 0x7a66c4220ad0, count: -7
ddb> show registers
rdi 0xffffffff
rsi 0xffff800000b11c00
rbp 0xffff80003c9310e0
rbx 0xffff80002a7df610
rdx 0xffff80003c9e67f8
rcx 0xffff800029f26000
rax 0xfffffd806cb1dba0
r8 0
r9 0
r10 0xb2a6c4b086bb46e
r11 0x9f16dba797f00fef
r12 0xffffffff8249a7a0 endtsleep
r13 0xffff80002a777c90
r14 0xffff80002a7df610
r15 0
rip 0xffffffff82bbab62 kcov_remote_enter+0x122
cs 0x8
rflags 0x10297 __ALIGN_SIZE+0xf297
rsp 0xffff80003c9310c0
ss 0
kcov_remote_enter+0x122: movq $0,0(%rcx)
ddb> show proc
PROC (syz-executor) tid=306285 pid=3633 tcnt=3 stat=onproc
flags process=0 proc=0
runpri=86, usrpri=86, slppri=17, nice=20
wchan=0x0, wmesg=, ps_single=0x0 scnt=0 ecnt=0
forw=0xffffffffffffffff, list=0xffff80003c9e7788,0xffff80003c9e7a30
process=0xffff800031904498 user=0xffff80003c92c000, vmspace=0xfffffd807d9b7468
estcpu=36, cpticks=5, pctcpu=0.0, user=4, sys=0, intr=1
ddb> ps
PID TID PPID UID S FLAGS WAIT COMMAND
48696 351925 15814 0 2 0 syz-executor
48696 114881 15814 0 3 0x4000080 fsleep syz-executor
48696 208257 15814 0 3 0x4000080 fsleep syz-executor
* 3633 306285 87487 0 7 0 syz-executor
3633 142415 87487 0 3 0x4000080 fsleep syz-executor
3633 288117 87487 0 3 0x4000080 fsleep syz-executor
59595 264194 91143 0 2 0 syz-executor
59595 44525 91143 0 2 0x4000000 syz-executor
67116 201560 49599 0 3 0x82 piperd syz-executor
91143 212650 49599 0 3 0x82 nanoslp syz-executor
39999 386213 0 0 3 0x14200 acct acct
19252 161437 11338 0 3 0x82 sbwait sshd-session
87487 41779 49599 0 3 0x82 nanoslp syz-executor
81906 147325 0 0 3 0x14280 nfsidl nfsio
13715 476990 0 0 3 0x14280 nfsidl nfsio
79784 506040 0 0 3 0x14280 nfsidl nfsio
73760 398331 0 0 3 0x14280 nfsidl nfsio
2108 418870 0 0 3 0x14280 nfsidl nfsio
17979 244105 0 0 3 0x14280 nfsidl nfsio
57484 355481 0 0 3 0x14280 nfsidl nfsio
50448 55823 0 0 3 0x14280 nfsidl nfsio
56115 418019 0 0 3 0x14280 nfsidl nfsio
27561 26913 0 0 3 0x14280 nfsidl nfsio
74836 289641 0 0 3 0x14280 nfsidl nfsio
55419 266247 0 0 3 0x14280 nfsidl nfsio
37379 114993 0 0 3 0x14280 nfsidl nfsio
40684 168070 0 0 3 0x14280 nfsidl nfsio
20030 237842 0 0 3 0x14280 nfsidl nfsio
23330 35770 0 0 3 0x14280 nfsidl nfsio
65412 49865 0 0 3 0x14280 nfsidl nfsio
56206 192714 0 0 3 0x14280 nfsidl nfsio
97614 155084 0 0 3 0x14280 nfsidl nfsio
37410 123867 0 0 3 0x14280 nfsidl nfsio
15814 269563 49599 0 3 0x82 nanoslp syz-executor
27056 10157 49599 0 3 0x82 nanoslp syz-executor
59743 177283 49599 0 3 0x82 nanoslp syz-executor
49599 23255 51876 0 3 0x82 wait syz-executor
51876 252344 62395 0 3 0x10008a sigsusp ksh
62395 463965 42702 0 3 0x98 kqread sshd-session
42702 97312 11338 0 3 0x92 kqread sshd-session
13473 37874 1 0 3 0x100083 ttyopn getty
11338 465071 1 0 3 0x88 kqread sshd
71470 204656 32856 73 3 0x1100090 kqread syslogd
32856 278030 1 0 3 0x100082 sbwait syslogd
22965 501484 1 0 3 0x100080 kqread resolvd
18883 451598 91936 77 3 0x100092 kqread dhcpleased
3028 31298 91936 77 3 0x100092 kqread dhcpleased
91936 280164 1 0 3 0x80 kqread dhcpleased
69005 434549 0 0 3 0x14200 bored smr
59191 214921 0 0 2 0x14200 zerothread
77564 157724 0 0 3 0x14200 aiodoned aiodoned
13804 213807 0 0 3 0x14200 syncer update
902 208133 0 0 3 0x14200 cleaner cleaner
86433 396793 0 0 3 0x14200 reaper reaper
99190 331324 0 0 3 0x14200 pgdaemon pagedaemon
81230 491680 0 0 3 0x14200 bored viomb
63088 68817 0 0 3 0x40014200 acpi0 acpi0
99404 503487 0 0 3 0x14200 bored softnet0
67290 69986 0 0 3 0x14200 bored systqmp
23978 169946 0 0 3 0x14200 bored systq
56470 403571 0 0 3 0x40014200 tmoslp softclock
26004 493467 0 0 3 0x40014200 idle0
1 342821 0 0 3 0x80082 wait init
0 0 -1 0 3 0x10010200 scheduler swapper
ddb> show all locks
No such command
ddb> show malloc
Type InUse MemUse HighUse Limit Requests Type Lim
devbuf 10199 11042K 11709K 166960K 12775 0
pcb 18 16K 18K 166960K 235 0
rtable 180 9K 9K 166960K 645 0
pf 28 12K 19K 166960K 127 0
ifaddr 29 5K 8K 166960K 104 0
ifgroup 45 2K 2K 166960K 156 0
sysctl 3 1K 9K 166960K 12 0
counters 31 17K 18K 166960K 91 0
ioctlops 0 0K 4K 166960K 158 0
iov 0 0K 24K 166960K 70 0
mount 1 1K 1K 166960K 1 0
log 0 0K 0K 166960K 4 0
vnodes 1419 89K 89K 166960K 2282 0
UFS quota 1 32K 32K 166960K 1 0
UFS mount 5 36K 36K 166960K 5 0
shm 2 1K 5K 166960K 7 0
VM map 2 1K 1K 166960K 2 0
sem 12 0K 0K 166960K 85 0
dirhash 72 12K 14K 166960K 699 0
ACPI 1692 195K 286K 166960K 12470 0
file desc 14 49K 89K 166960K 945 0
sigio 0 0K 0K 166960K 13 0
proc 61 59K 91K 166960K 681 0
subproc 63 3K 4K 166960K 117 0
NFS srvsock 1 0K 0K 166960K 1 0
NFS daemon 1 16K 16K 166960K 1 0
ip_moptions 0 0K 0K 166960K 85 0
in_multi 55 4K 7K 166960K 177 0
ether_multi 1 0K 0K 166960K 4 0
mrt 0 0K 0K 166960K 6 0
ISOFS mount 1 32K 32K 166960K 1 0
MSDOSFS mount 1 16K 16K 166960K 1 0
ttys 241 1076K 1076K 166960K 241 0
exec 0 0K 1K 166960K 499 0
fusefs mount 1 32K 32K 166960K 1 0
pfkey data 0 0K 0K 166960K 1 0
tdb 3 0K 0K 166960K 3 0
VM swap 8 62K 64K 166960K 10 0
UVM amap 214 151K 177K 166960K 9879 0
UVM aobj 13 8K 10K 166960K 19 0
pinsyscall 37 74K 93K 166960K 2143 0
memdesc 1 4K 4K 166960K 1 0
crypto data 1 1K 1K 166960K 1 0
ip6_options 0 0K 0K 166960K 79 0
NDP 11 0K 2K 166960K 72 0
temp 52 8666K 8732K 166960K 43308 0
kqueue 13 20K 30K 166960K 168 0
SYN cache 2 16K 16K 166960K 2 0
ddb> show all pools
Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle
rtpcb 120 106 0 103 1 0 1 1 0 8 0
rtentry 136 188 0 128 4 0 4 4 0 8 0
unpcb 144 491 0 474 6 3 3 4 0 8 2
syncache 336 7 0 7 1 1 0 1 0 8 0
tcpcb 736 333 0 326 7 6 1 7 0 8 0
arp 96 31 0 21 1 0 1 1 0 8 0
ipq 40 3 0 0 1 0 1 1 0 8 0
ipqe 40 3 0 0 1 0 1 1 0 8 0
inpcb 328 920 0 909 12 5 7 7 0 8 6
ip6q 72 68 0 66 1 0 1 1 0 8 0
ip6af 40 134 0 132 1 0 1 1 0 8 0
nd6 112 42 0 30 1 0 1 1 0 8 0
pkpcb 40 2 0 2 1 1 0 1 0 8 0
kcovpl 48 13 0 6 1 0 1 1 0 8 0
mppekey 1024 3 0 3 2 1 1 1 0 8 1
ppxss 1072 45 0 45 2 1 1 1 0 8 1
pppxif 1384 6 0 6 2 1 1 1 0 8 1
pfstscr 40 1 0 1 1 0 1 1 0 8 1
pfrktable 1344 1 0 1 1 1 0 1 0 8 0
pfanchor 1288 2 0 0 1 0 1 1 0 8 0
pfstkey 128 2 0 2 1 0 1 1 0 8 1
pfstate 384 1 0 1 1 0 1 1 0 8 1
pfrule 1344 6 0 6 2 1 1 1 0 8 1
rttmr 136 1 0 1 1 1 0 1 0 8 0
art_heap8 4096 4 0 0 4 0 4 4 0 8 0
art_heap4 256 751 0 475 29 6 23 29 0 8 5
art_table 40 755 0 475 5 0 5 5 0 8 0
art_node 32 186 0 132 1 0 1 1 0 8 0
sysvmsgpl 40 14 0 10 1 0 1 1 0 8 0
semupl 112 2 0 2 1 1 0 1 0 8 0
semapl 112 83 0 73 1 0 1 1 0 8 0
shmpl 112 12 0 5 1 0 1 1 0 8 0
dirhash 1024 249 0 212 6 0 6 6 0 8 1
dino2pl 256 3080 0 1574 95 0 95 95 0 8 0
ffsino 256 3080 0 1574 95 0 95 95 0 8 0
nchpl 144 4351 0 2652 64 0 64 64 0 8 0
rtmask 32 10 0 10 2 1 1 1 0 8 1
vnodes 216 3673 0 0 205 0 205 205 0 8 0
namei 1024 15426 0 15426 2 1 1 1 0 8 1
vcpupl 3904 3 0 0 1 0 1 1 0 8 0
vmpool 800 4 0 1 1 0 1 1 0 8 0
kstatmem 264 90 0 72 2 0 2 2 0 8 0
acpiwqpl 32 3 0 3 1 0 1 1 1 8 1
scsiplug 72 5 0 5 2 1 1 1 0 8 1
scxspl 216 18375 0 18375 8 7 1 8 1 8 1
plimitpl 152 246 0 230 1 0 1 1 0 8 0
sigapl 424 1242 0 1180 8 0 8 8 0 8 0
knotepl 120 31864 0 31816 25 14 11 24 0 8 8
kqueuepl 184 352 0 343 4 3 1 4 0 8 0
pipepl 304 217 0 190 3 0 3 3 0 8 0
fdescpl 448 1207 0 1180 5 1 4 5 0 8 0
filepl 120 7988 0 7783 13 2 11 11 0 8 2
lockfpl 104 428 0 425 2 1 1 2 0 8 0
lockfspl 48 128 0 125 1 0 1 1 0 8 0
sessionpl 144 28 0 19 1 0 1 1 0 8 0
pgrppl 48 52 0 35 1 0 1 1 0 8 0
ucredpl 104 1620 0 1607 1 0 1 1 0 8 0
zombiepl 144 1316 0 1312 1 0 1 1 0 8 0
processpl 1152 1242 0 1180 5 0 5 5 0 8 0
procpl 664 2421 0 2353 8 0 8 8 0 8 0
sosppl 176 7 0 7 1 1 0 1 0 8 0
sockpl 552 1549 0 1518 13 5 8 8 0 8 5
mcl64k 65536 108 0 108 2 1 1 1 0 8 1
mcl16k 16384 11 0 11 1 1 0 1 0 8 0
mcl12k 12288 2 0 2 1 1 0 1 0 8 0
mcl9k 9216 1 0 1 1 0 1 1 0 8 1
mcl8k 8192 10 0 10 2 1 1 1 0 8 1
mcl4k 4096 3462 0 3407 15 7 8 15 0 8 0
mcl2k2 2112 2 0 2 2 1 1 1 0 8 1
mcl2k 2048 1486 0 1481 4 2 2 3 0 8 1
mtagpl 96 28 0 20 1 0 1 1 0 8 0
mbufpl 256 13112 0 12987 20 4 16 17 0 8 4
bufpl 280 7295 0 1074 445 0 445 445 0 8 0
anonpl 24 185275 0 182175 54 19 35 54 0 187 0
amapchunkpl 152 32626 0 32223 38 3 35 35 0 158 13
amappl16 200 3133 0 3109 22 17 5 20 0 8 1
amappl15 192 3 0 3 1 1 0 1 0 8 0
amappl14 184 7 0 6 1 0 1 1 0 8 0
amappl13 176 463 0 462 1 0 1 1 0 8 0
amappl12 168 1580 0 1543 2 0 2 2 0 8 0
amappl11 160 6 0 5 1 0 1 1 0 8 0
amappl10 152 40 0 30 1 0 1 1 0 8 0
amappl9 144 256 0 256 1 1 0 1 0 8 0
amappl8 136 18 0 17 1 0 1 1 0 8 0
amappl7 128 106 0 105 1 0 1 1 0 8 0
amappl6 120 321 0 308 1 0 1 1 0 8 0
amappl5 112 77 0 68 1 0 1 1 0 8 0
amappl4 104 401 0 376 1 0 1 1 0 8 0
amappl3 96 6416 0 6327 4 0 4 4 0 8 0
amappl2 88 563 0 501 2 0 2 2 0 8 0
amappl1 80 12772 0 12169 14 0 14 14 0 8 0
amappl 88 8989 0 8851 5 0 5 5 0 92 0
uvmvnodes 80 117 0 0 3 0 3 3 0 8 0
dma16384 16384 1 0 1 1 1 0 1 0 8 0
dma4096 4096 1 0 1 1 1 0 1 0 8 0
dma1024 1024 1 0 0 1 0 1 1 0 8 0
dma256 256 6 0 6 1 1 0 1 0 8 0
dma128 128 255 0 255 1 1 0 1 0 8 0
dma64 64 6 0 6 1 1 0 1 0 8 0
dma32 32 8 0 8 1 1 0 1 0 8 0
dma16 16 18 0 17 1 0 1 1 0 8 0
aobjpl 72 18 0 6 1 0 1 1 0 8 0
uaddrrnd 24 1207 0 1180 1 0 1 1 0 8 0
uaddrbest 32 2 0 0 1 0 1 1 0 8 0
uaddr 24 1207 0 1180 1 0 1 1 0 8 0
vmmpekpl 168 11177 0 11123 4 1 3 3 0 8 0
vmmpepl 168 81892 0 80132 95 7 88 94 0 357 1
vmsppl 368 1206 0 1180 4 1 3 4 0 8 0
rwobjpl 40 23294 0 22271 14 0 14 14 0 8 0
pdppl 4096 2428 0 2365 111 38 73 78 0 8 10
pvpl 32 528833 0 519896 130 24 106 123 0 265 3
pmappl 216 1210 0 1181 2 0 2 2 0 8 0
extentpl 40 45 0 27 1 0 1 1 0 8 0
phpool 112 409 0 74 11 0 11 11 0 8 0
ddb> machine ddbcpu 0
No such command
ddb> trace
kcov_remote_enter(0,ffff80002a7df610) at kcov_remote_enter+0x122 sys/dev/kcov.c:670
timeout_run(ffffffff837d2fc0,ffff80002a777d28) at timeout_run+0xc2 sys/kern/kern_timeout.c:696
softclock_process_tick_timeout(ffff80002a777d28,0) at softclock_process_tick_timeout+0x230 sys/kern/kern_timeout.c:756
softclock(0) at softclock+0x152 sys/kern/kern_timeout.c:788
softintr_dispatch(0) at softintr_dispatch+0xf9 sys/kern/kern_softintr.c:87
dosoftint(0) at dosoftint+0x48 sys/arch/amd64/amd64/intr.c:862
Xsoftclock() at Xsoftclock+0x27
end of kernel
end trace frame: 0x7a66c4220ad0, count: -7
ddb> machine ddbcpu 1
No such command
ddb> trace
kcov_remote_enter(0,ffff80002a7df610) at kcov_remote_enter+0x122 sys/dev/kcov.c:670
timeout_run(ffffffff837d2fc0,ffff80002a777d28) at timeout_run+0xc2 sys/kern/kern_timeout.c:696
softclock_process_tick_timeout(ffff80002a777d28,0) at softclock_process_tick_timeout+0x230 sys/kern/kern_timeout.c:756
softclock(0) at softclock+0x152 sys/kern/kern_timeout.c:788
softintr_dispatch(0) at softintr_dispatch+0xf9 sys/kern/kern_softintr.c:87
dosoftint(0) at dosoftint+0x48 sys/arch/amd64/amd64/intr.c:862
Xsoftclock() at Xsoftclock+0x27
end of kernel
end trace frame: 0x7a66c4220ad0, count: -7
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
If the report is already addressed, let syzbot know by replying with:
#syz fix: exact-commit-title
If you want to overwrite report's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)
If the report is a duplicate of another one, reply with:
#syz dup: exact-subject-of-another-report
If you want to undo deduplication, reply with:
#syz undup
Reply all
Reply to author
Forward
0 new messages