freebsd boot error: Fatal trap NUM: page fault while in kernel mode (3)
2 views
Skip to first unread message
syzbot
Dec 9, 2023, 1:16:25 AM12/9/23
to syzkaller-f...@googlegroups.com
Hello,
syzbot found the following issue on:
HEAD commit: 6abee52e0d79 strfmon: Silence scan-build warning
git tree: freebsd-src
console output: https://syzkaller.appspot.com/x/log.txt?x=10aee4f4e80000
dashboard link: https://syzkaller.appspot.com/bug?extid=5397f4d39219b85a9409
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+5397f4...@syzkaller.appspotmail.com
Fatal trap 12: page fault while in kernel mode
cpuid = 1; apic id = 01
fault virtual address = 0x0
fault code = supervisor read data, page not present
instruction pointer = 0x20:0xffffffff814a8204
stack pointer = 0x28:0xfffffe0007a7de90
frame pointer = 0x28:0xfffffe0007a7ded0
code segment = base 0x0, limit 0xfffff, type 0x1b
kbd1 at kbdmux0
= DPL 0, pres 1, long 1, def32 0, gran serialport: Connected to syzkaller.us-central1-b.ci-freebsd-main-test-2 port 1 (session ID: 9228dff20c11478c733b136544508cc5e5bcee6a73776d916d7affc116141885, active connections: 1).
1
processor eflags = resume, IOPL = 0
current process = 13 (g_event)
rdi: 0000000000000000 rsi: 0000000000000000 rdx: ffffffff8269ffe0
rcx: fffffe00033eee30 r8: 0000000000000000 r9: fffffe0007a7e000
rax: fffffe00033eee30 rbx: 0000000000000000 rbp: fffffe0007a7ded0
r10: 0000000000000000 r11: 0000000000000001 r12: 0000000000000000
r13: 0000000000000000 r14: 0000000000000074 r15: ffffffff8269ffe0
trap number = 12
panic: page fault
cpuid = 1
time = 1
KDB: stack backtrace:
db_trace_self_wrapper() at db_trace_self_wrapper+0xc6/frame 0xfffffe0007a7d5d0
kdb_backtrace() at kdb_backtrace+0xd0/frame 0xfffffe0007a7d730
vpanic() at vpanic+0x271/frame 0xfffffe0007a7d8d0
panic() at panic+0xb5/frame 0xfffffe0007a7d990
trap_fatal() at trap_fatal+0x7f1/frame 0xfffffe0007a7dab0
trap_pfault() at trap_pfault+0x179/frame 0xfffffe0007a7dbd0
trap() at trap+0x5f3/frame 0xfffffe0007a7ddc0
calltrap() at calltrap+0x8/frame 0xfffffe0007a7ddc0
--- trap 0xc, rip = 0xffffffff814a8204, rsp = 0xfffffe0007a7de90, rbp = 0xfffffe0007a7ded0 ---
_thread_lock() at _thread_lock+0x64/frame 0xfffffe0007a7ded0
g_event_procbody() at g_event_procbody+0x25/frame 0xfffffe0007a7def0
fork_exit() at fork_exit+0xcc/frame 0xfffffe0007a7df30
fork_trampoline() at fork_trampoline+0xe/frame 0xfffffe0007a7df30
--- trap 0, rip = 0, rsp = 0, rbp = 0 ---
KDB: enter: panic
[ thread pid 13 tid 100035 ]
Stopped at kdb_enter+0x6e: movq $0,0x2196cf7(%rip)
db>
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
If the report is already addressed, let syzbot know by replying with:
#syz fix: exact-commit-title
If you want to overwrite report's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)
If the report is a duplicate of another one, reply with:
#syz dup: exact-subject-of-another-report
If you want to undo deduplication, reply with:
#syz undup
syzbot found the following issue on:
HEAD commit: 6abee52e0d79 strfmon: Silence scan-build warning
git tree: freebsd-src
console output: https://syzkaller.appspot.com/x/log.txt?x=10aee4f4e80000
dashboard link: https://syzkaller.appspot.com/bug?extid=5397f4d39219b85a9409
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+5397f4...@syzkaller.appspotmail.com
Fatal trap 12: page fault while in kernel mode
cpuid = 1; apic id = 01
fault virtual address = 0x0
fault code = supervisor read data, page not present
instruction pointer = 0x20:0xffffffff814a8204
stack pointer = 0x28:0xfffffe0007a7de90
frame pointer = 0x28:0xfffffe0007a7ded0
code segment = base 0x0, limit 0xfffff, type 0x1b
kbd1 at kbdmux0
= DPL 0, pres 1, long 1, def32 0, gran serialport: Connected to syzkaller.us-central1-b.ci-freebsd-main-test-2 port 1 (session ID: 9228dff20c11478c733b136544508cc5e5bcee6a73776d916d7affc116141885, active connections: 1).
1
processor eflags = resume, IOPL = 0
current process = 13 (g_event)
rdi: 0000000000000000 rsi: 0000000000000000 rdx: ffffffff8269ffe0
rcx: fffffe00033eee30 r8: 0000000000000000 r9: fffffe0007a7e000
rax: fffffe00033eee30 rbx: 0000000000000000 rbp: fffffe0007a7ded0
r10: 0000000000000000 r11: 0000000000000001 r12: 0000000000000000
r13: 0000000000000000 r14: 0000000000000074 r15: ffffffff8269ffe0
trap number = 12
panic: page fault
cpuid = 1
time = 1
KDB: stack backtrace:
db_trace_self_wrapper() at db_trace_self_wrapper+0xc6/frame 0xfffffe0007a7d5d0
kdb_backtrace() at kdb_backtrace+0xd0/frame 0xfffffe0007a7d730
vpanic() at vpanic+0x271/frame 0xfffffe0007a7d8d0
panic() at panic+0xb5/frame 0xfffffe0007a7d990
trap_fatal() at trap_fatal+0x7f1/frame 0xfffffe0007a7dab0
trap_pfault() at trap_pfault+0x179/frame 0xfffffe0007a7dbd0
trap() at trap+0x5f3/frame 0xfffffe0007a7ddc0
calltrap() at calltrap+0x8/frame 0xfffffe0007a7ddc0
--- trap 0xc, rip = 0xffffffff814a8204, rsp = 0xfffffe0007a7de90, rbp = 0xfffffe0007a7ded0 ---
_thread_lock() at _thread_lock+0x64/frame 0xfffffe0007a7ded0
g_event_procbody() at g_event_procbody+0x25/frame 0xfffffe0007a7def0
fork_exit() at fork_exit+0xcc/frame 0xfffffe0007a7df30
fork_trampoline() at fork_trampoline+0xe/frame 0xfffffe0007a7df30
--- trap 0, rip = 0, rsp = 0, rbp = 0 ---
KDB: enter: panic
[ thread pid 13 tid 100035 ]
Stopped at kdb_enter+0x6e: movq $0,0x2196cf7(%rip)
db>
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
If the report is already addressed, let syzbot know by replying with:
#syz fix: exact-commit-title
If you want to overwrite report's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)
If the report is a duplicate of another one, reply with:
#syz dup: exact-subject-of-another-report
If you want to undo deduplication, reply with:
#syz undup
Reply all
Reply to author
Forward
0 new messages