syzbot

 sign-in | mailing list | source | docs
🐞 Open [173]
🐞 Fixed [301]
🐞 Invalid [1056]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
💬 Send us feedback

panic: kmmaplk rwlock ADDR: enter read deadlock

Status: upstream: reported on 2026/04/04 23:48
Reported-by: syzbot+1e80f455c0ca2c6a3b54@syzkaller.appspotmail.com
First crash: 57d, last: 3d22h

Sample crash report:
panic: kmmaplk rwlock 0xffffffff83a06a18: enter read deadlock
Starting stack trace...
panic(ffffffff8342d42f) at panic+0x1ba sys/kern/subr_prf.c:229
rw_do_enter_read(ffffffff83a06a18,0) at rw_do_enter_read+0x435 sys/kern/kern_rwlock.c:379
uvmfault_lookup(ffff80002a80c930,0) at uvmfault_lookup+0x122 sys/uvm/uvm_fault.c:1880
uvm_fault_check(ffff80002a80c930,ffff80002a80c968,ffff80002a80c9a0,0) at uvm_fault_check+0x4f sys/uvm/uvm_fault.c:693
uvm_fault(ffffffff83a06930,ffff800029ee6000,0,2) at uvm_fault+0xe6 sys/uvm/uvm_fault.c:627
kpageflttrap(ffff80002a80cad0,ffff800029ee6000) at kpageflttrap+0x2d1 sys/arch/amd64/amd64/trap.c:-1
kerntrap(ffff80002a80cad0) at kerntrap+0x18a sys/arch/amd64/amd64/trap.c:528
alltraps_kern_meltdown() at alltraps_kern_meltdown+0x7b
kcov_remote_enter(0,ffff80002a79f610) at kcov_remote_enter+0x122 sys/dev/kcov.c:670
timeout_run(ffffffff838fea20,ffff80002a7365d0) at timeout_run+0xdf sys/kern/kern_timeout.c:696
softclock_process_tick_timeout(ffff80002a7365d0,0) at softclock_process_tick_timeout+0x230 sys/kern/kern_timeout.c:756
softclock(0) at softclock+0x152 sys/kern/kern_timeout.c:788
softintr_dispatch(0) at softintr_dispatch+0xf9 sys/kern/kern_softintr.c:87
dosoftint(0) at dosoftint+0x48 sys/arch/amd64/amd64/intr.c:862
Xsoftclock() at Xsoftclock+0x27
pmap_tlb_shootrange(0,ffff80002fcb2000,ffff8000300b2000,1) at pmap_tlb_shootrange+0xd6 invpcid sys/arch/amd64/compile/SYZKALLER/obj/machine/cpufunc.h:192 [inline]
pmap_tlb_shootrange(0,ffff80002fcb2000,ffff8000300b2000,1) at pmap_tlb_shootrange+0xd6 sys/arch/amd64/amd64/pmap.c:3364
pmap_do_remove(ffffffff8399d410,ffff80002fcb2000,ffff8000300b2000,0) at pmap_do_remove+0x6d2 sys/arch/amd64/amd64/pmap.c:1931
uvm_unmap_kill_entry_withlock(ffffffff83a06930,fffffd806a8065f8,1) at uvm_unmap_kill_entry_withlock+0x269 sys/uvm/uvm_map.c:1869
uvm_unmap_remove(ffffffff83a06930,ffff80002fcb2000,ffff8000300b2000,ffff80002a80d038,0,1,9b10db55a2ff91de) at uvm_unmap_remove+0x6c2 sys/uvm/uvm_map.c:2008
uvm_unmap(ffffffff83a06930,ffff80002fcb2000,ffff8000300b2000) at uvm_unmap+0xa7 vm_map_unlock_ln sys/uvm/uvm_map.c:-1 [inline]
uvm_unmap(ffffffff83a06930,ffff80002fcb2000,ffff8000300b2000) at uvm_unmap+0xa7 sys/uvm/uvm_map.c:1799
km_free(ffff80002fcb2000,400000,ffffffff836a9938,ffffffff836a9a20) at km_free+0x87 sys/uvm/uvm_km.c:714
kd_free(ffff8000015e23c0) at kd_free+0x84 sys/dev/kcov.c:564
kcovclose(161300,3,2000,ffff80002a767768) at kcovclose+0xe4 sys/dev/kcov.c:-1
spec_close(ffff80002a80d210) at spec_close+0x466 sys/kern/spec_vnops.c:-1
VOP_CLOSE(fffffd806cabe630,3,fffffd8007ffd4e0,ffff80002a767768) at VOP_CLOSE+0x129 sys/kern/vfs_vops.c:156
vn_closefile(fffffd806cac0438,ffff80002a767768) at vn_closefile+0x11d vn_close sys/kern/vfs_vnops.c:298 [inline]
vn_closefile(fffffd806cac0438,ffff80002a767768) at vn_closefile+0x11d sys/kern/vfs_vnops.c:621
fdrop(fffffd806cac0438,ffff80002a767768) at fdrop+0x121 sys/kern/kern_descrip.c:1281
closef(fffffd806cac0438,ffff80002a767768) at closef+0x190 sys/kern/kern_descrip.c:1265
fdfree(ffff80002a767768) at fdfree+0x115 sys/kern/kern_descrip.c:1196
exit1(ffff80002a767768,43,0,1) at exit1+0x576 sys/kern/kern_exit.c:215
sys_exit(ffff80002a767768,ffff80002a80d570,ffff80002a80d4c0) at sys_exit+0x1a sys/kern/kern_exit.c:-1
syscall(ffff80002a80d570) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline]
syscall(ffff80002a80d570) at syscall+0x962 sys/arch/amd64/amd64/trap.c:783
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x7da488c15fe0, count: 224
End of stack trace.
syncing disks...

Crashes (8):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2026/05/28 02:10 openbsd 3079a4a0a067 cb4e87ff .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-main panic: kmmaplk rwlock ADDR: enter read deadlock
2026/05/22 14:20 openbsd 54bbd1fe416a 95d90255 .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-main panic: kmmaplk rwlock ADDR: enter read deadlock
2026/05/19 10:46 openbsd 8a5afb5cdcf9 340bcdf0 .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-main panic: kmmaplk rwlock ADDR: enter read deadlock
2026/05/08 08:13 openbsd d1081477e0e5 340bcdf0 .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-main panic: kmmaplk rwlock ADDR: enter read deadlock
2026/05/06 03:42 openbsd eec9cf095b26 340bcdf0 .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-main panic: kmmaplk rwlock ADDR: enter read deadlock
2026/04/12 03:03 openbsd de62a587e27d 4b3d9a38 .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-main panic: kmmaplk rwlock ADDR: enter read deadlock
2026/04/05 22:38 openbsd bc22b0de1984 4b3d9a38 .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-main panic: kmmaplk rwlock ADDR: enter read deadlock
2026/04/04 23:47 openbsd c9c58e023502 4b3d9a38 .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-main panic: kmmaplk rwlock ADDR: enter read deadlock
* Struck through repros no longer work on HEAD.