kernel: page fault trap, code=0 (4)
1 view
Skip to first unread message
syzbot
Jul 24, 2021, 8:22:23 PM7/24/21
to syzkaller-o...@googlegroups.com
Hello,
syzbot found the following issue on:
HEAD commit: e1898f872af8 Implement a workaround for the SiFive FU740 C..
git tree: openbsd
console output: https://syzkaller.appspot.com/x/log.txt?x=1590300a300000
kernel config: https://syzkaller.appspot.com/x/.config?x=fe55924c11e64b0a
dashboard link: https://syzkaller.appspot.com/bug?extid=219e3ebfc7c766927a6d
Unfortunately, I don't have any reproducer for this issue yet.
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+219e3e...@syzkaller.appspotmail.com
PROC (kernel: page fault trap, code=0
Faulted in DDB; continuing...
ddb> ps
PID TID PPID UID S FLAGS WAIT COMMAND
74281 83493 12853 0 2 0 syz-executor.0
96062 183024 0 0 3 0x2 biowait syz-executor.1
12853 64167 0 0 3 0x82 nanoslp syz-executor.0
ddb> show all locks
No such command
ddb> show malloc
Type InUse MemUse HighUse Limit Requests Type Lim
devbuf 10112 6404K 6423K 78643K 12241 0
pcb 13 8K 8K 78643K 349 0
rtable 105 3K 3K 78643K 188 0
ifaddr 39 10K 10K 78643K 39 0
counters 21 16K 16K 78643K 21 0
ioctlops 0 0K 2K 78643K 93 0
iov 0 0K 1K 78643K 162 0
mount 1 1K 1K 78643K 1 0
log 0 0K 0K 78643K 1 0
vnodes 1217 77K 77K 78643K 1607 0
UFS quota 1 32K 32K 78643K 1 0
UFS mount 5 36K 36K 78643K 5 0
shm 2 1K 9K 78643K 1241 0
VM map 2 0K 0K 78643K 2 0
sem 12 0K 1K 78643K 464 0
dirhash 12 2K 2K 78643K 12 0
ACPI 1697 195K 286K 78643K 12598 0
file desc 5 13K 25K 78643K 23349 0
sigio 0 0K 0K 78643K 52 0
proc 47 38K 55K 78643K 235 0
subproc 32 2K 2K 78643K 34 0
NFS srvsock 1 0K 0K 78643K 1 0
NFS daemon 1 16K 16K 78643K 1 0
in_multi 33 2K 2K 78643K 33 0
ether_multi 1 0K 0K 78643K 1 0
ISOFS mount 1 32K 32K 78643K 1 0
MSDOSFS mount 1 16K 16K 78643K 1 0
ttys 43 201K 201K 78643K 43 0
exec 0 0K 2K 78643K 313 0
pfkey data 0 0K 0K 78643K 7 0
pagedep 1 8K 8K 78643K 1 0
inodedep 1 32K 32K 78643K 1 0
newblk 1 0K 0K 78643K 1 0
VM swap 7 26K 26K 78643K 7 0
UVM amap 180 24K 24K 78643K 273152 0
UVM aobj 131 4K 4K 78643K 139 0
memdesc 1 4K 4K 78643K 1 0
crypto data 1 1K 1K 78643K 1 0
NDP 5 0K 0K 78643K 9 0
temp 102 4201K 4265K 78643K 49185 0
kqueue 3 4K 8K 78643K 52 0
SYN cache 2 16K 16K 78643K 2 0
ddb> show all pools
Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle
rtpcb 120 19 0 17 1 0 1 1 0 8 0
rtentry 112 45 0 1 2 0 2 2 0 8 0
unpcb 120 7365 0 7357 1 0 1 1 0 8 0
syncache 296 4 0 4 1 1 0 1 0 8 0
tcpqe 32 14 0 14 1 1 0 1 0 8 0
tcpcb 736 375 0 371 6 5 1 3 0 8 0
arp 88 6 0 0 1 0 1 1 0 8 0
inpcb 304 1337 0 1331 1 0 1 1 0 8 0
nd6 48 6 0 0 1 0 1 1 0 8 0
pkpcb 40 80 0 80 3 3 0 1 0 8 0
kcovpl 48 2 0 0 1 0 1 1 0 8 0
art_heap8 4096 1 0 0 1 0 1 1 0 8 0
art_heap4 256 188 0 0 12 0 12 12 0 8 0
art_table 32 189 0 0 2 0 2 2 0 8 0
art_node 16 44 0 4 1 0 1 1 0 8 0
semapl 112 462 0 452 1 0 1 1 0 8 0
shmpl 112 136 0 8 4 0 4 4 0 8 0
dirhash 1024 17 0 0 3 0 3 3 0 8 0
dirhash: pool(0xffffffff8283c8d0:dirhash): free list modified: page 0xffff80002163c000; item ordinal 0; addr 0xffff80002163d400 (p 0xfffffd80783ea000); offset 0x0=0x0
pool(dirhash): free list modified: page 0xffff80002163c000; item ordinal 0; addr 0xffff80002163d400 (p 0xfffffd80783ea000); offset 0x0=0x0
dirhash: pool(0xffffffff8283c8d0:dirhash): page inconsistency: page 0xffff80002163c000; item ordinal 1; addr 0xb4568b3dc2b5e11b
dino2pl 256 25707 0 24309 88 0 88 88 0 8 0
ffsino 240 25707 0 24309 83 0 83 83 0 8 0
nchpl 144 51549 0 49939 60 0 60 60 0 8 0
uvmvnodes 72 5926 0 0 108 0 108 108 0 8 0
vnodes 224 5926 0 0 349 0 349 349 0 8 0
namei 1024 116105 0 116104 1 0 1 1 0 8 0
namei: pool(0xffffffff82882e28:namei): free list modified: page 0xffff800021629000; item ordinal 0; addr 0xffff800021629000 (p 0xfffffd807f7e4000); offset 0x0=0x0
pool(namei): free list modified: page 0xffff800021629000; item ordinal 0; addr 0xffff800021629000 (p 0xfffffd807f7e4000); offset 0x0=0x0
namei: pool(0xffffffff82882e28:namei): page inconsistency: page 0xffff800021629000; item ordinal 1; addr 0xd09ccbb86bff8fac
scxspl 216 147532 0 147531 9 8 1 8 0 8 0
plimitpl 152 102 0 95 1 0 1 1 0 8 0
sigapl 424 23535 0 23506 4 0 4 4 0 8 0
futexpl 56 103381 0 103381 5 4 1 1 0 8 1
knotepl 112 111 0 91 1 0 1 1 0 8 0
kqueuepl 184 412 0 410 1 0 1 1 0 8 0
pipepl 304 3099 0 3088 42 41 1 2 0 8 0
fdescpl 432 23520 0 23506 2 0 2 2 0 8 0
filepl 120 53706 0 53609 39 36 3 4 0 8 0
lockfpl 104 1401 0 1400 1 0 1 1 0 8 0
lockfspl 48 578 0 577 1 0 1 1 0 8 0
sessionpl 144 17 0 7 1 0 1 1 0 8 0
pgrppl 48 17 0 7 1 0 1 1 0 8 0
ucredpl 96 1051 0 1043 1 0 1 1 0 8 0
zombiepl 144 23506 0 23506 1 0 1 1 0 8 1
processpl 1008 23535 0 23506 5 1 4 5 0 8 0
processpl: pool(0xffffffff829129e8:processpl): page inconsistency: page 0x0; at page head addr 0xffff800021663f90 (p 0xffff800021662000)
procpl 672 47830 0 47795 4 0 4 4 0 8 1
procpl: pool(0xffffffff82912840:procpl): page inconsistency: page 0x0; at page head addr 0xffff80002163bf90 (p 0xffff80002163a000)
procpl: pool(0xffffffff82912840:procpl): page inconsistency: page 0x0; at page head addr 0xffff800021661f90 (p 0xffff800021660000)
sockpl 448 8801 0 8785 35 33 2 4 0 8 0
mcl64k 65536 56 0 56 13 13 0 1 0 8 0
mcl16k 16384 38 0 38 7 7 0 1 0 8 0
mcl12k 12288 883 0 883 37 37 0 1 0 8 0
mcl9k 9216 825 0 825 35 35 0 1 0 8 0
mcl8k 8192 342 0 342 17 17 0 1 0 8 0
mcl4k 4096 529 0 529 51 51 0 1 0 8 0
mcl2k2 2112 6 0 6 4 4 0 1 0 8 0
mcl2k 2048 40370 0 40331 11 5 6 8 0 8 0
mtagpl 96 2 0 2 1 1 0 1 0 8 0
mbufpl 256 175797 0 175686 20 11 9 11 0 8 0
bufpl 280 26820 0 20431 457 0 457 457 0 8 0
anonpl 24 5771928 0 5766269 83 46 37 38 0 188 0
amapchunkpl 152 645153 0 644847 37 23 14 14 0 158 2
amappl16 200 43921 0 43770 10 1 9 9 0 8 0
amappl15 192 53 0 47 1 0 1 1 0 8 0
amappl13 176 11798 0 11794 1 0 1 1 0 8 0
amappl12 168 11544 0 11542 1 0 1 1 0 8 0
amappl11 160 35 0 26 1 0 1 1 0 8 0
amappl10 152 34 0 27 1 0 1 1 0 8 0
amappl9 144 82 0 81 1 0 1 1 0 8 0
amappl8 136 468 0 405 3 0 3 3 0 8 0
amappl7 128 58 0 53 1 0 1 1 0 8 0
amappl6 120 105 0 91 1 0 1 1 0 8 0
amappl5 112 23790 0 23781 1 0 1 1 0 8 0
amappl4 104 500 0 474 1 0 1 1 0 8 0
amappl3 96 13367 0 13359 1 0 1 1 0 8 0
amappl2 88 35698 0 35654 10 8 2 2 0 8 1
amappl1 80 349300 0 348917 12 3 9 12 0 8 0
amappl 88 272875 0 272777 3 0 3 3 0 92 0
dma4096 4096 1 0 1 1 1 0 1 0 8 0
dma1024 1024 1 0 0 1 0 1 1 0 8 0
dma256 256 6 0 6 1 1 0 1 0 8 0
dma128 128 253 0 253 1 1 0 1 0 8 0
dma64 64 6 0 6 1 1 0 1 0 8 0
dma32 32 7 0 7 1 1 0 1 0 8 0
dma16 16 18 0 17 1 0 1 1 0 8 0
aobjpl 64 138 0 8 3 0 3 3 0 8 0
uaddrrnd 24 23520 0 23506 1 0 1 1 0 8 0
uaddrbest 32 2 0 0 1 0 1 1 0 8 0
uaddr 24 23520 0 23506 1 0 1 1 0 8 0
vmmpekpl 168 95025 0 95007 1 0 1 1 0 8 0
vmmpepl 168 2574189 0 2572886 89 27 62 62 0 357 4
vmsppl 272 23519 0 23506 2 1 1 2 0 8 0
rwobjpl 24 415343 0 414567 6 1 5 6 0 8 0
pdppl 4096 47047 0 47012 51 14 37 41 0 8 2
pvpl 32 9441081 0 9432363 302 226 76 128 0 265 0
pmappl 192 23519 0 23506 1 0 1 1 0 8 0
extentpl 40 58 0 40 1 0 1 1 0 8 0
phpool 112 404 0 159 8 0 8 8 0 8 0
ddb> machine ddbcpu 0
No such command
ddb> trace
end trace frame: 0x0, count: -1
ddb> machine ddbcpu 1
No such command
ddb> trace
end trace frame: 0x0, count: -1
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot found the following issue on:
HEAD commit: e1898f872af8 Implement a workaround for the SiFive FU740 C..
git tree: openbsd
console output: https://syzkaller.appspot.com/x/log.txt?x=1590300a300000
kernel config: https://syzkaller.appspot.com/x/.config?x=fe55924c11e64b0a
dashboard link: https://syzkaller.appspot.com/bug?extid=219e3ebfc7c766927a6d
Unfortunately, I don't have any reproducer for this issue yet.
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+219e3e...@syzkaller.appspotmail.com
PROC (kernel: page fault trap, code=0
Faulted in DDB; continuing...
ddb> ps
PID TID PPID UID S FLAGS WAIT COMMAND
74281 83493 12853 0 2 0 syz-executor.0
96062 183024 0 0 3 0x2 biowait syz-executor.1
12853 64167 0 0 3 0x82 nanoslp syz-executor.0
ddb> show all locks
No such command
ddb> show malloc
Type InUse MemUse HighUse Limit Requests Type Lim
devbuf 10112 6404K 6423K 78643K 12241 0
pcb 13 8K 8K 78643K 349 0
rtable 105 3K 3K 78643K 188 0
ifaddr 39 10K 10K 78643K 39 0
counters 21 16K 16K 78643K 21 0
ioctlops 0 0K 2K 78643K 93 0
iov 0 0K 1K 78643K 162 0
mount 1 1K 1K 78643K 1 0
log 0 0K 0K 78643K 1 0
vnodes 1217 77K 77K 78643K 1607 0
UFS quota 1 32K 32K 78643K 1 0
UFS mount 5 36K 36K 78643K 5 0
shm 2 1K 9K 78643K 1241 0
VM map 2 0K 0K 78643K 2 0
sem 12 0K 1K 78643K 464 0
dirhash 12 2K 2K 78643K 12 0
ACPI 1697 195K 286K 78643K 12598 0
file desc 5 13K 25K 78643K 23349 0
sigio 0 0K 0K 78643K 52 0
proc 47 38K 55K 78643K 235 0
subproc 32 2K 2K 78643K 34 0
NFS srvsock 1 0K 0K 78643K 1 0
NFS daemon 1 16K 16K 78643K 1 0
in_multi 33 2K 2K 78643K 33 0
ether_multi 1 0K 0K 78643K 1 0
ISOFS mount 1 32K 32K 78643K 1 0
MSDOSFS mount 1 16K 16K 78643K 1 0
ttys 43 201K 201K 78643K 43 0
exec 0 0K 2K 78643K 313 0
pfkey data 0 0K 0K 78643K 7 0
pagedep 1 8K 8K 78643K 1 0
inodedep 1 32K 32K 78643K 1 0
newblk 1 0K 0K 78643K 1 0
VM swap 7 26K 26K 78643K 7 0
UVM amap 180 24K 24K 78643K 273152 0
UVM aobj 131 4K 4K 78643K 139 0
memdesc 1 4K 4K 78643K 1 0
crypto data 1 1K 1K 78643K 1 0
NDP 5 0K 0K 78643K 9 0
temp 102 4201K 4265K 78643K 49185 0
kqueue 3 4K 8K 78643K 52 0
SYN cache 2 16K 16K 78643K 2 0
ddb> show all pools
Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle
rtpcb 120 19 0 17 1 0 1 1 0 8 0
rtentry 112 45 0 1 2 0 2 2 0 8 0
unpcb 120 7365 0 7357 1 0 1 1 0 8 0
syncache 296 4 0 4 1 1 0 1 0 8 0
tcpqe 32 14 0 14 1 1 0 1 0 8 0
tcpcb 736 375 0 371 6 5 1 3 0 8 0
arp 88 6 0 0 1 0 1 1 0 8 0
inpcb 304 1337 0 1331 1 0 1 1 0 8 0
nd6 48 6 0 0 1 0 1 1 0 8 0
pkpcb 40 80 0 80 3 3 0 1 0 8 0
kcovpl 48 2 0 0 1 0 1 1 0 8 0
art_heap8 4096 1 0 0 1 0 1 1 0 8 0
art_heap4 256 188 0 0 12 0 12 12 0 8 0
art_table 32 189 0 0 2 0 2 2 0 8 0
art_node 16 44 0 4 1 0 1 1 0 8 0
semapl 112 462 0 452 1 0 1 1 0 8 0
shmpl 112 136 0 8 4 0 4 4 0 8 0
dirhash 1024 17 0 0 3 0 3 3 0 8 0
dirhash: pool(0xffffffff8283c8d0:dirhash): free list modified: page 0xffff80002163c000; item ordinal 0; addr 0xffff80002163d400 (p 0xfffffd80783ea000); offset 0x0=0x0
pool(dirhash): free list modified: page 0xffff80002163c000; item ordinal 0; addr 0xffff80002163d400 (p 0xfffffd80783ea000); offset 0x0=0x0
dirhash: pool(0xffffffff8283c8d0:dirhash): page inconsistency: page 0xffff80002163c000; item ordinal 1; addr 0xb4568b3dc2b5e11b
dino2pl 256 25707 0 24309 88 0 88 88 0 8 0
ffsino 240 25707 0 24309 83 0 83 83 0 8 0
nchpl 144 51549 0 49939 60 0 60 60 0 8 0
uvmvnodes 72 5926 0 0 108 0 108 108 0 8 0
vnodes 224 5926 0 0 349 0 349 349 0 8 0
namei 1024 116105 0 116104 1 0 1 1 0 8 0
namei: pool(0xffffffff82882e28:namei): free list modified: page 0xffff800021629000; item ordinal 0; addr 0xffff800021629000 (p 0xfffffd807f7e4000); offset 0x0=0x0
pool(namei): free list modified: page 0xffff800021629000; item ordinal 0; addr 0xffff800021629000 (p 0xfffffd807f7e4000); offset 0x0=0x0
namei: pool(0xffffffff82882e28:namei): page inconsistency: page 0xffff800021629000; item ordinal 1; addr 0xd09ccbb86bff8fac
scxspl 216 147532 0 147531 9 8 1 8 0 8 0
plimitpl 152 102 0 95 1 0 1 1 0 8 0
sigapl 424 23535 0 23506 4 0 4 4 0 8 0
futexpl 56 103381 0 103381 5 4 1 1 0 8 1
knotepl 112 111 0 91 1 0 1 1 0 8 0
kqueuepl 184 412 0 410 1 0 1 1 0 8 0
pipepl 304 3099 0 3088 42 41 1 2 0 8 0
fdescpl 432 23520 0 23506 2 0 2 2 0 8 0
filepl 120 53706 0 53609 39 36 3 4 0 8 0
lockfpl 104 1401 0 1400 1 0 1 1 0 8 0
lockfspl 48 578 0 577 1 0 1 1 0 8 0
sessionpl 144 17 0 7 1 0 1 1 0 8 0
pgrppl 48 17 0 7 1 0 1 1 0 8 0
ucredpl 96 1051 0 1043 1 0 1 1 0 8 0
zombiepl 144 23506 0 23506 1 0 1 1 0 8 1
processpl 1008 23535 0 23506 5 1 4 5 0 8 0
processpl: pool(0xffffffff829129e8:processpl): page inconsistency: page 0x0; at page head addr 0xffff800021663f90 (p 0xffff800021662000)
procpl 672 47830 0 47795 4 0 4 4 0 8 1
procpl: pool(0xffffffff82912840:procpl): page inconsistency: page 0x0; at page head addr 0xffff80002163bf90 (p 0xffff80002163a000)
procpl: pool(0xffffffff82912840:procpl): page inconsistency: page 0x0; at page head addr 0xffff800021661f90 (p 0xffff800021660000)
sockpl 448 8801 0 8785 35 33 2 4 0 8 0
mcl64k 65536 56 0 56 13 13 0 1 0 8 0
mcl16k 16384 38 0 38 7 7 0 1 0 8 0
mcl12k 12288 883 0 883 37 37 0 1 0 8 0
mcl9k 9216 825 0 825 35 35 0 1 0 8 0
mcl8k 8192 342 0 342 17 17 0 1 0 8 0
mcl4k 4096 529 0 529 51 51 0 1 0 8 0
mcl2k2 2112 6 0 6 4 4 0 1 0 8 0
mcl2k 2048 40370 0 40331 11 5 6 8 0 8 0
mtagpl 96 2 0 2 1 1 0 1 0 8 0
mbufpl 256 175797 0 175686 20 11 9 11 0 8 0
bufpl 280 26820 0 20431 457 0 457 457 0 8 0
anonpl 24 5771928 0 5766269 83 46 37 38 0 188 0
amapchunkpl 152 645153 0 644847 37 23 14 14 0 158 2
amappl16 200 43921 0 43770 10 1 9 9 0 8 0
amappl15 192 53 0 47 1 0 1 1 0 8 0
amappl13 176 11798 0 11794 1 0 1 1 0 8 0
amappl12 168 11544 0 11542 1 0 1 1 0 8 0
amappl11 160 35 0 26 1 0 1 1 0 8 0
amappl10 152 34 0 27 1 0 1 1 0 8 0
amappl9 144 82 0 81 1 0 1 1 0 8 0
amappl8 136 468 0 405 3 0 3 3 0 8 0
amappl7 128 58 0 53 1 0 1 1 0 8 0
amappl6 120 105 0 91 1 0 1 1 0 8 0
amappl5 112 23790 0 23781 1 0 1 1 0 8 0
amappl4 104 500 0 474 1 0 1 1 0 8 0
amappl3 96 13367 0 13359 1 0 1 1 0 8 0
amappl2 88 35698 0 35654 10 8 2 2 0 8 1
amappl1 80 349300 0 348917 12 3 9 12 0 8 0
amappl 88 272875 0 272777 3 0 3 3 0 92 0
dma4096 4096 1 0 1 1 1 0 1 0 8 0
dma1024 1024 1 0 0 1 0 1 1 0 8 0
dma256 256 6 0 6 1 1 0 1 0 8 0
dma128 128 253 0 253 1 1 0 1 0 8 0
dma64 64 6 0 6 1 1 0 1 0 8 0
dma32 32 7 0 7 1 1 0 1 0 8 0
dma16 16 18 0 17 1 0 1 1 0 8 0
aobjpl 64 138 0 8 3 0 3 3 0 8 0
uaddrrnd 24 23520 0 23506 1 0 1 1 0 8 0
uaddrbest 32 2 0 0 1 0 1 1 0 8 0
uaddr 24 23520 0 23506 1 0 1 1 0 8 0
vmmpekpl 168 95025 0 95007 1 0 1 1 0 8 0
vmmpepl 168 2574189 0 2572886 89 27 62 62 0 357 4
vmsppl 272 23519 0 23506 2 1 1 2 0 8 0
rwobjpl 24 415343 0 414567 6 1 5 6 0 8 0
pdppl 4096 47047 0 47012 51 14 37 41 0 8 2
pvpl 32 9441081 0 9432363 302 226 76 128 0 265 0
pmappl 192 23519 0 23506 1 0 1 1 0 8 0
extentpl 40 58 0 40 1 0 1 1 0 8 0
phpool 112 404 0 159 8 0 8 8 0 8 0
ddb> machine ddbcpu 0
No such command
ddb> trace
end trace frame: 0x0, count: -1
ddb> machine ddbcpu 1
No such command
ddb> trace
end trace frame: 0x0, count: -1
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot
Nov 20, 2021, 1:10:15 PM11/20/21
to syzkaller-o...@googlegroups.com
Auto-closing this bug as obsolete.
Crashes did not happen for a while, no reproducer and no activity.
Crashes did not happen for a while, no reproducer and no activity.
Reply all
Reply to author
Forward
0 new messages