panic: pmap_remove_ptes: unmanaged page marked PG_PVLIST: va ADDR, opte ADDR (4)
0 views
Skip to first unread message
syzbot
Mar 3, 2024, 1:04:21 AMMar 3
to syzkaller-o...@googlegroups.com
Hello,
syzbot found the following issue on:
HEAD commit: a60241574931 snc
git tree: openbsd
console output: https://syzkaller.appspot.com/x/log.txt?x=11cb0516180000
kernel config: https://syzkaller.appspot.com/x/.config?x=7058272de1526588
dashboard link: https://syzkaller.appspot.com/bug?extid=abb80ed418744cd324bc
Unfortunately, I don't have any reproducer for this issue yet.
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/44a7ede60a70/disk-a6024157.raw.xz
bsd.gdb: https://storage.googleapis.com/syzbot-assets/759103c1f15a/bsd-a6024157.gdb.xz
kernel image: https://storage.googleapis.com/syzbot-assets/ce21c47bba0b/kernel-a6024157.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+abb80e...@syzkaller.appspotmail.com
panic: pmap_remove_ptes: unmanaged page marked PG_PVLIST: va 0x729167816000, opte 0xfffffffffffffffd
Starting stack trace...
panic(ffffffff828c423b) at panic+0x16f sys/kern/subr_prf.c:229
pmap_remove_ptes(fffffd806835e4d8,fffffd800782ab00,7fb948b3c000,729167800000,7291678dc000,0,635197ed28ce9078) at pmap_remove_ptes+0x34e
pmap_do_remove(fffffd806835e4d8,7291677dc000,7291678dc000,0) at pmap_do_remove+0x426 sys/arch/amd64/amd64/pmap.c:1896
uvm_unmap_kill_entry_withlock(fffffd80683e28f0,fffffd806b8097f8,0) at uvm_unmap_kill_entry_withlock+0x1b0 sys/uvm/uvm_map.c:1928
uvm_map_teardown(fffffd80683e28f0) at uvm_map_teardown+0x1c7 uvm_map_addr_RBT_LEFT sys/uvm/uvm_map.h:176 [inline]
uvm_map_teardown(fffffd80683e28f0) at uvm_map_teardown+0x1c7 sys/uvm/uvm_map.c:2565
uvmspace_free(fffffd80683e28f0) at uvmspace_free+0xa6 sys/uvm/uvm_map.c:3497
reaper(ffff80002a145d50) at reaper+0x19a sys/kern/kern_exit.c:463
end trace frame: 0x0, count: 250
End of stack trace.
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
If the report is already addressed, let syzbot know by replying with:
#syz fix: exact-commit-title
If you want to overwrite report's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)
If the report is a duplicate of another one, reply with:
#syz dup: exact-subject-of-another-report
If you want to undo deduplication, reply with:
#syz undup
syzbot found the following issue on:
HEAD commit: a60241574931 snc
git tree: openbsd
console output: https://syzkaller.appspot.com/x/log.txt?x=11cb0516180000
kernel config: https://syzkaller.appspot.com/x/.config?x=7058272de1526588
dashboard link: https://syzkaller.appspot.com/bug?extid=abb80ed418744cd324bc
Unfortunately, I don't have any reproducer for this issue yet.
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/44a7ede60a70/disk-a6024157.raw.xz
bsd.gdb: https://storage.googleapis.com/syzbot-assets/759103c1f15a/bsd-a6024157.gdb.xz
kernel image: https://storage.googleapis.com/syzbot-assets/ce21c47bba0b/kernel-a6024157.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+abb80e...@syzkaller.appspotmail.com
panic: pmap_remove_ptes: unmanaged page marked PG_PVLIST: va 0x729167816000, opte 0xfffffffffffffffd
Starting stack trace...
panic(ffffffff828c423b) at panic+0x16f sys/kern/subr_prf.c:229
pmap_remove_ptes(fffffd806835e4d8,fffffd800782ab00,7fb948b3c000,729167800000,7291678dc000,0,635197ed28ce9078) at pmap_remove_ptes+0x34e
pmap_do_remove(fffffd806835e4d8,7291677dc000,7291678dc000,0) at pmap_do_remove+0x426 sys/arch/amd64/amd64/pmap.c:1896
uvm_unmap_kill_entry_withlock(fffffd80683e28f0,fffffd806b8097f8,0) at uvm_unmap_kill_entry_withlock+0x1b0 sys/uvm/uvm_map.c:1928
uvm_map_teardown(fffffd80683e28f0) at uvm_map_teardown+0x1c7 uvm_map_addr_RBT_LEFT sys/uvm/uvm_map.h:176 [inline]
uvm_map_teardown(fffffd80683e28f0) at uvm_map_teardown+0x1c7 sys/uvm/uvm_map.c:2565
uvmspace_free(fffffd80683e28f0) at uvmspace_free+0xa6 sys/uvm/uvm_map.c:3497
reaper(ffff80002a145d50) at reaper+0x19a sys/kern/kern_exit.c:463
end trace frame: 0x0, count: 250
End of stack trace.
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
If the report is already addressed, let syzbot know by replying with:
#syz fix: exact-commit-title
If you want to overwrite report's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)
If the report is a duplicate of another one, reply with:
#syz dup: exact-subject-of-another-report
If you want to undo deduplication, reply with:
#syz undup
Reply all
Reply to author
Forward
0 new messages