Hello,
syzbot found the following issue on:
HEAD commit: 03319b45cc1f restrict filesystem access with unveil(2).
git tree: openbsd
console output:
https://syzkaller.appspot.com/x/log.txt?x=1730e169b00000
kernel config:
https://syzkaller.appspot.com/x/.config?x=bf87b6915a88cd0d
dashboard link:
https://syzkaller.appspot.com/bug?extid=40f25dd93335ce4e26e7
Unfortunately, I don't have any reproducer for this issue yet.
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by:
syzbot+40f25d...@syzkaller.appspotmail.com
panic: kernel diagnostic assertion "dupe == NULL" failed: file "/syzkaller/managers/multicore/kernel/sys/uvm/uvm_page.c", line 140
Stopped at db_enter+0x18: addq $0x8,%rsp
TID PID UID PRFLAGS PFLAGS CPU COMMAND
*411109 7157 0 0 0 0K syz-executor.1
db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:440
panic(ffffffff8244cf87) at panic+0x177 sys/kern/subr_prf.c:202
__assert(ffffffff824be1c4,ffffffff8243b8de,8c,ffffffff82425a41) at __assert+0x25 sys/kern/subr_prf.c:161
uvm_pagealloc(fffffd80663431a0,d965000,0,3) at uvm_pagealloc+0x333 sys/uvm/uvm_page.c:140
pmap_get_ptp(fffffd8066343170,1b2cb21000) at pmap_get_ptp+0x190 sys/arch/amd64/amd64/pmap.c:1183
pmap_enter(fffffd8066343170,1b2cb21000,67518000,3,20) at pmap_enter+0x28f
uvm_fault_lower_lookup(ffff800021245de0,ffff800021245e18,ffff800021245d60) at uvm_fault_lower_lookup+0x297 sys/uvm/uvm_fault.c:1167
uvm_fault_lower(ffff800021245de0,ffff800021245e18,ffff800021245d60,0) at uvm_fault_lower+0x60
uvm_fault(fffffd806675b000,1b2cb20000,0,2) at uvm_fault+0x240 sys/uvm/uvm_fault.c:638
upageflttrap(ffff800021245f50,1b2cb20170) at upageflttrap+0x82 sys/arch/amd64/amd64/trap.c:181
usertrap(ffff800021245f50) at usertrap+0x214 sys/arch/amd64/amd64/trap.c:403
recall_trap() at recall_trap+0x8
end of kernel
end trace frame: 0x7f7fffffadd0, count: 3
https://www.openbsd.org/ddb.html describes the minimum info required in bug
reports. Insufficient info makes it difficult to find and fix bugs.
ddb{0}>
ddb{0}> set $lines = 0
ddb{0}> set $maxwidth = 0
ddb{0}> show panic
*cpu0: kernel diagnostic assertion "dupe == NULL" failed: file "/syzkaller/managers/multicore/kernel/sys/uvm/uvm_page.c", line 140
ddb{0}> trace
db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:440
panic(ffffffff8244cf87) at panic+0x177 sys/kern/subr_prf.c:202
__assert(ffffffff824be1c4,ffffffff8243b8de,8c,ffffffff82425a41) at __assert+0x25 sys/kern/subr_prf.c:161
uvm_pagealloc(fffffd80663431a0,d965000,0,3) at uvm_pagealloc+0x333 sys/uvm/uvm_page.c:140
pmap_get_ptp(fffffd8066343170,1b2cb21000) at pmap_get_ptp+0x190 sys/arch/amd64/amd64/pmap.c:1183
pmap_enter(fffffd8066343170,1b2cb21000,67518000,3,20) at pmap_enter+0x28f
uvm_fault_lower_lookup(ffff800021245de0,ffff800021245e18,ffff800021245d60) at uvm_fault_lower_lookup+0x297 sys/uvm/uvm_fault.c:1167
uvm_fault_lower(ffff800021245de0,ffff800021245e18,ffff800021245d60,0) at uvm_fault_lower+0x60
uvm_fault(fffffd806675b000,1b2cb20000,0,2) at uvm_fault+0x240 sys/uvm/uvm_fault.c:638
upageflttrap(ffff800021245f50,1b2cb20170) at upageflttrap+0x82 sys/arch/amd64/amd64/trap.c:181
usertrap(ffff800021245f50) at usertrap+0x214 sys/arch/amd64/amd64/trap.c:403
recall_trap() at recall_trap+0x8
end of kernel
end trace frame: 0x7f7fffffadd0, count: -12
ddb{0}> show registers
rdi 0
rsi 0x1
rbp 0xffff8000212458c0
rbx 0xffffffff827e3bff cpu_info_full_primary+0x2bff
rdx 0x8b
rcx 0x2
rax 0x83
r8 0xffffffff817eb474 kprintf+0x144
r9 0x1
r10 0x5ab1241317162b6e
r11 0x3da7f189cc79fa00
r12 0xffffffff827e3a00 cpu_info_full_primary+0x2a00
r13 0
r14 0
r15 0x1
rip 0xffffffff81552b08 db_enter+0x18
cs 0x8
rflags 0x246
rsp 0xffff8000212458b0
ss 0
db_enter+0x18: addq $0x8,%rsp
ddb{0}> show proc
PROC (syz-executor.1) pid=411109 stat=onproc
flags process=0 proc=0
pri=81, usrpri=81, nice=20
forw=0xffffffffffffffff, list=0xffff800021255270,0xffff800021255520
process=0xffff8000fffef620 user=0xffff800021241000, vmspace=0xfffffd806675b000
estcpu=31, cpticks=1, pctcpu=0.1
user=0, sys=1, intr=0
ddb{0}> ps
PID TID PPID UID S FLAGS WAIT COMMAND
1819 153012 72517 0 2 0 syz-executor.0
1819 460537 72517 0 3 0x4000080 fsleep syz-executor.0
* 7157 411109 5263 0 7 0 syz-executor.1
7157 372015 5263 0 3 0x4000080 fsleep syz-executor.1
7157 458162 5263 0 3 0x4000080 fsleep syz-executor.1
7157 5 5263 0 3 0x4000080 fsleep syz-executor.1
72517 314832 71274 0 3 0x82 nanoslp syz-executor.0
5263 350613 71274 0 3 0x82 nanoslp syz-executor.1
21105 73590 1 0 3 0x100083 ttyin getty
36056 497674 0 0 3 0x14280 nfsidl nfsio
49112 423526 0 0 3 0x14280 nfsidl nfsio
97287 406321 0 0 3 0x14280 nfsidl nfsio
23899 215815 0 0 3 0x14280 nfsidl nfsio
97270 436522 0 0 3 0x14280 nfsidl nfsio
7342 288782 0 0 3 0x14280 nfsidl nfsio
7517 137069 0 0 3 0x14280 nfsidl nfsio
60081 335933 0 0 3 0x14280 nfsidl nfsio
71255 74872 0 0 3 0x14280 nfsidl nfsio
11968 396866 0 0 3 0x14280 nfsidl nfsio
41888 167153 0 0 3 0x14280 nfsidl nfsio
17123 168149 0 0 3 0x14280 nfsidl nfsio
53363 428816 0 0 3 0x14280 nfsidl nfsio
704 128285 0 0 3 0x14280 nfsidl nfsio
56966 249395 0 0 3 0x14280 nfsidl nfsio
90130 157737 0 0 3 0x14280 nfsidl nfsio
61478 413752 0 0 3 0x14280 nfsidl nfsio
80878 179176 0 0 3 0x14280 nfsidl nfsio
80387 366270 0 0 3 0x14280 nfsidl nfsio
47472 222142 0 0 3 0x14280 nfsidl nfsio
73361 331665 0 0 3 0x14200 bored sosplice
71274 166576 31 0 3 0x82 thrsleep syz-fuzzer
71274 36964 31 0 3 0x4000082 thrsleep syz-fuzzer
71274 333694 31 0 3 0x4000082 thrsleep syz-fuzzer
71274 161571 31 0 3 0x4000082 thrsleep syz-fuzzer
71274 323446 31 0 3 0x4000082 thrsleep syz-fuzzer
71274 234830 31 0 3 0x4000082 thrsleep syz-fuzzer
71274 458228 31 0 3 0x4000082 kqread syz-fuzzer
71274 481702 31 0 3 0x4000082 thrsleep syz-fuzzer
31 8294 91076 0 3 0x10008a sigsusp ksh
91076 176837 70949 0 3 0x9a kqread sshd
70949 475540 1 0 3 0x88 kqread sshd
26572 134021 27399 74 3 0x100092 bpf pflogd
27399 479643 1 0 3 0x80 netio pflogd
31852 376099 35710 73 3 0x100090 kqread syslogd
35710 195759 1 0 3 0x100082 netio syslogd
67911 75065 1 0 3 0x100080 kqread resolvd
13904 522047 2323 77 3 0x100092 kqread dhcpleased
2542 266529 2323 77 3 0x100092 kqread dhcpleased
2323 63096 1 0 3 0x80 kqread dhcpleased
23861 434959 0 0 3 0x14200 bored smr
39276 452640 0 0 2 0x14200 zerothread
53803 142214 0 0 3 0x14200 aiodoned aiodoned
5525 4236 0 0 3 0x14200 syncer update
56573 352835 0 0 3 0x14200 cleaner cleaner
29106 507316 0 0 3 0x14200 reaper reaper
6587 415258 0 0 3 0x14200 pgdaemon pagedaemon
44767 115574 0 0 3 0x14200 bored viomb
24672 132090 0 0 3 0x40014200 acpi0 acpi0
42265 377649 0 0 7 0x40014200 idle1
54506 178435 0 0 3 0x14200 bored softnet
54052 454965 0 0 3 0x14200 bored systqmp
96388 348941 0 0 3 0x14200 bored systq
65821 329691 0 0 3 0x40014200 bored softclock
33355 389961 0 0 3 0x40014200 idle0
1 477886 0 0 3 0x80082 wait init
0 0 -1 0 3 0x10200 scheduler swapper
ddb{0}> show all locks
CPU 0:
exclusive mutex &pmap->pm_mtx r = 0 (0xfffffd8066343180)
#0 witness_lock+0x4b0 stacktrace_save sys/sys/stacktrace.h:36 [inline]
#0 witness_lock+0x4b0 sys/kern/subr_witness.c:1182
#1 mtx_enter_try+0x100
#2 mtx_enter+0x4b sys/kern/kern_lock.c:266
#3 pmap_enter+0x1b2 rcr3 machine/cpufunc.h:141 [inline]
#3 pmap_enter+0x1b2 pmap_map_ptes sys/arch/amd64/amd64/pmap.c:414 [inline]
#3 pmap_enter+0x1b2 sys/arch/amd64/amd64/pmap.c:2691
#4 uvm_fault_lower_lookup+0x297 sys/uvm/uvm_fault.c:1167
#5 uvm_fault_lower+0x60
#6 uvm_fault+0x240 sys/uvm/uvm_fault.c:638
#7 upageflttrap+0x82 sys/arch/amd64/amd64/trap.c:181
#8 usertrap+0x214 sys/arch/amd64/amd64/trap.c:403
#9 recall_trap+0x8
Process 7157 (syz-executor.1) thread 0xffff800021254010 (411109)
exclusive kernel_lock &kernel_lock r = 0 (0xffffffff828ba480)
#0 witness_lock+0x4b0 stacktrace_save sys/sys/stacktrace.h:36 [inline]
#0 witness_lock+0x4b0 sys/kern/subr_witness.c:1182
#1 uvm_fault+0x224 sys/uvm/uvm_fault.c:637
#2 upageflttrap+0x82 sys/arch/amd64/amd64/trap.c:181
#3 usertrap+0x214 sys/arch/amd64/amd64/trap.c:403
#4 recall_trap+0x8
shared rwlock vmmaplk r = 0 (0xfffffd806675b018)
#0 witness_lock+0x4b0 stacktrace_save sys/sys/stacktrace.h:36 [inline]
#0 witness_lock+0x4b0 sys/kern/subr_witness.c:1182
#1 uvmfault_lookup+0xd9 sys/uvm/uvm_fault.c:1701
#2 uvm_fault_check+0x3a sys/uvm/uvm_fault.c:674
#3 uvm_fault+0x102 sys/uvm/uvm_fault.c:601
#4 upageflttrap+0x82 sys/arch/amd64/amd64/trap.c:181
#5 usertrap+0x214 sys/arch/amd64/amd64/trap.c:403
#6 recall_trap+0x8
exclusive mutex &pmap->pm_mtx r = 0 (0xfffffd8066343180)
#0 witness_lock+0x4b0 stacktrace_save sys/sys/stacktrace.h:36 [inline]
#0 witness_lock+0x4b0 sys/kern/subr_witness.c:1182
#1 mtx_enter_try+0x100
#2 mtx_enter+0x4b sys/kern/kern_lock.c:266
#3 pmap_enter+0x1b2 rcr3 machine/cpufunc.h:141 [inline]
#3 pmap_enter+0x1b2 pmap_map_ptes sys/arch/amd64/amd64/pmap.c:414 [inline]
#3 pmap_enter+0x1b2 sys/arch/amd64/amd64/pmap.c:2691
#4 uvm_fault_lower_lookup+0x297 sys/uvm/uvm_fault.c:1167
#5 uvm_fault_lower+0x60
#6 uvm_fault+0x240 sys/uvm/uvm_fault.c:638
#7 upageflttrap+0x82 sys/arch/amd64/amd64/trap.c:181
#8 usertrap+0x214 sys/arch/amd64/amd64/trap.c:403
#9 recall_trap+0x8
ddb{0}> show malloc
Type InUse MemUse HighUse Limit Requests Type Lim
devbuf 10146 6458K 6957K 78643K 57473 0
pcb 13 16K 18K 78643K 1312 0
rtable 120 11K 13K 78643K 11836 0
ifaddr 68 23K 27K 78643K 15875 0
sysctl 3 1K 2K 78643K 9 0
counters 44 34K 34K 78643K 936 0
ioctlops 0 0K 4K 78643K 22131 0
iov 0 0K 24K 78643K 1932 0
mount 1 1K 1K 78643K 1 0
log 0 0K 0K 78643K 5 0
vnodes 1435 90K 90K 78643K 23770 0
UFS quota 1 32K 32K 78643K 1 0
UFS mount 5 36K 36K 78643K 5 0
shm 2 1K 9K 78643K 220 0
VM map 2 1K 1K 78643K 2 0
sem 10 1K 1K 78643K 17 0
dirhash 12 2K 2K 78643K 12 0
ACPI 1697 195K 286K 78643K 12598 0
file desc 6 17K 25K 78643K 29998 0
sigio 0 0K 0K 78643K 345 0
proc 71 87K 99K 78643K 1659 0
subproc 26 1K 1K 78643K 506 0
NFS srvsock 1 0K 0K 78643K 1 0
NFS daemon 1 16K 16K 78643K 1 0
ip_moptions 0 0K 0K 78643K 504 0
in_multi 35 2K 2K 78643K 990 0
ether_multi 1 0K 0K 78643K 160 0
mrt 1 0K 0K 78643K 42 0
ISOFS mount 1 32K 32K 78643K 1 0
MSDOSFS mount 1 16K 16K 78643K 1 0
ttys 157 705K 705K 78643K 157 0
exec 0 0K 2K 78643K 2964 0
pfkey data 0 0K 0K 78643K 16 0
tdb 3 0K 0K 78643K 3 0
pagedep 1 8K 8K 78643K 1 0
inodedep 1 32K 32K 78643K 1 0
newblk 1 0K 0K 78643K 1 0
VM swap 7 26K 26K 78643K 7 0
UVM amap 500 615K 615K 78643K 359246 0
UVM aobj 35 2K 2K 78643K 83 0
memdesc 1 4K 4K 78643K 1 0
crypto data 1 1K 1K 78643K 1 0
ip6_options 0 0K 0K 78643K 1378 0
NDP 7 0K 0K 78643K 568 0
temp 96 4218K 4296K 78643K 206410 0
kqueue 12 18K 28K 78643K 422 0
SYN cache 2 16K 16K 78643K 2 0
ddb{0}> show all pools
Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle
plcache 128 22 0 0 1 0 1 1 0 8 0
rtpcb 120 718 0 715 9 8 1 4 0 8 0
rtentry 112 645 0 612 3 1 2 2 0 8 0
unpcb 128 5770 0 5755 59 58 1 5 0 8 0
syncache 296 72 0 72 11 11 0 1 0 8 0
tcpqe 32 42 15 42 5 5 0 1 0 8 0
tcpcb 736 3243 0 3237 102 97 5 13 0 8 4
arp 120 91 0 85 1 0 1 1 0 8 0
inpcb 304 9829 0 9820 140 134 6 11 0 8 5
rttmr 72 2 0 2 2 2 0 1 0 8 0
nd6 48 167 0 163 3 2 1 1 0 8 0
pkpcb 40 23 0 23 7 7 0 1 0 8 0
kcovpl 48 38 0 36 1 0 1 1 0 8 0
ppxss 1248 28 0 28 6 6 0 1 0 8 0
pfstscr 40 20 0 20 4 4 0 1 0 8 0
pffrag 232 43 0 43 8 8 0 1 0 482 0
pffrnode 88 43 0 43 8 8 0 1 0 8 0
pffrent 40 568 0 568 15 15 0 1 0 8 0
pfosfp 40 1454 0 1030 5 0 5 5 0 8 0
pfosfpen 112 1454 0 739 21 0 21 21 0 8 0
pfrktable 1344 4725 0 4710 9 7 2 2 0 8 0
pftag 88 3 0 0 1 0 1 1 0 8 0
pfstitem 24 46 0 44 1 0 1 1 0 8 0
pfstkey 112 68 0 66 1 0 1 1 0 8 0
pfstate 320 55 0 53 2 1 1 2 0 8 0
pfsrctr 152 31 0 31 8 8 0 1 0 8 0
pfrule 1360 17532 0 16984 47 1 46 46 0 8 0
art_heap8 4096 5 0 4 3 2 1 3 0 8 0
art_heap4 256 3097 0 2924 41 28 13 16 0 8 0
art_table 32 3102 0 2928 4 2 2 3 0 8 0
art_node 16 644 0 616 1 0 1 1 0 8 0
sysvmsgpl 40 36 0 20 1 0 1 1 0 8 0
semupl 112 3 0 3 1 1 0 1 0 8 0
semapl 112 8 0 0 1 0 1 1 0 8 0
shmpl 112 80 0 48 1 0 1 1 0 8 0
dirhash 1024 17 0 0 3 0 3 3 0 8 0
dino2pl 256 35678 0 34249 90 0 90 90 0 8 0
ffsino 272 35678 0 34249 96 0 96 96 0 8 0
nchpl 144 70709 0 69109 61 1 60 61 0 8 0
uvmvnodes 72 5926 0 0 108 0 108 108 0 8 0
vnodes 224 5926 0 0 349 0 349 349 0 8 0
namei 1024 228253 0 228253 7 6 1 1 0 8 1
percpumem 16 480 0 446 1 0 1 1 0 8 0
vcpupl 2048 297 0 1 38 0 38 38 0 8 0
vmpool 560 301 0 5 22 0 22 22 0 8 0
pfiaddrpl 120 586 0 512 4 1 3 3 0 8 0
scxspl 216 218208 0 218208 18 17 1 8 0 8 1
plimitpl 152 1365 0 1356 1 0 1 1 0 8 0
sigapl 424 30163 0 30109 7 0 7 7 0 8 0
futexpl 64 209144 0 209140 10 9 1 1 0 8 0
knotepl 112 78 0 0 2 0 2 2 0 8 0
kqueuepl 216 2046 0 2034 23 20 3 5 0 8 2
pipepl 336 2526 0 2516 119 117 2 9 0 8 0
fdescpl 496 30128 0 30109 3 0 3 3 0 8 0
filepl 152 133349 0 133238 192 183 9 14 0 8 4
lockfpl 104 5626 0 5624 7 6 1 2 0 8 0
lockfspl 48 1676 0 1674 1 0 1 1 0 8 0
sessionpl 144 57 0 46 1 0 1 1 0 8 0
pgrppl 48 99 0 88 1 0 1 1 0 8 0
ucredpl 96 10438 0 10426 1 0 1 1 0 8 0
zombiepl 144 30109 0 30109 3 2 1 1 0 8 1
processpl 1064 30163 0 30109 4 0 4 4 0 8 0
procpl 672 67980 0 67915 25 19 6 7 0 8 0
srpgc 96 38 0 38 9 9 0 1 0 8 0
sosppl 168 62 0 62 6 6 0 1 0 8 0
sockpl 480 16358 0 16331 416 404 12 28 0 8 8
mcl64k 65536 8 0 0 1 0 1 1 0 8 0
mcl16k 16384 2 0 0 1 0 1 1 0 8 0
mcl12k 12288 9 0 0 1 0 1 1 0 8 0
mcl9k 9216 1 0 0 1 0 1 1 0 8 0
mcl8k 8192 9 0 0 2 0 2 2 0 8 0
mcl4k 4096 9 0 0 2 0 2 2 0 8 0
mcl2k2 2112 6 0 0 1 0 1 1 0 8 0
mcl2k 2048 992 0 0 18 4 14 18 0 8 0
mtagpl 96 1195 0 0 13 4 9 10 0 8 0
mbufpl 256 2084 0 0 64 1 63 63 0 8 0
bufpl 280 42280 0 35951 453 0 453 453 0 8 0
anonpl 24 7831808 0 7819746 331 243 88 95 0 186 15
amapchunkpl 152 861125 0 860567 151 129 22 35 0 158 0
amappl16 200 69341 0 68997 165 144 21 31 0 8 2
amappl15 192 5487 0 5481 1 0 1 1 0 8 0
amappl14 184 5957 0 5955 1 0 1 1 0 8 0
amappl13 176 1947 0 1946 1 0 1 1 0 8 0
amappl12 168 295 0 287 1 0 1 1 0 8 0
amappl11 160 1354 0 1335 1 0 1 1 0 8 0
amappl10 152 4477 0 4464 1 0 1 1 0 8 0
amappl9 144 4892 0 4889 1 0 1 1 0 8 0
amappl8 136 7787 0 7569 9 1 8 8 0 8 0
amappl7 128 6422 0 6415 1 0 1 1 0 8 0
amappl6 120 4857 0 4835 1 0 1 1 0 8 0
amappl5 112 34177 0 34148 1 0 1 1 0 8 0
amappl4 104 3351 0 3315 1 0 1 1 0 8 0
amappl3 96 2360 0 2338 1 0 1 1 0 8 0
amappl2 88 35304 0 35245 11 9 2 2 0 8 0
amappl1 80 474958 0 474497 13 3 10 13 0 8 0
amappl 88 357519 0 357302 5 0 5 5 0 92 0
dma4096 4096 1 0 1 1 1 0 1 0 8 0
dma1024 1024 1 0 0 1 0 1 1 0 8 0
dma256 256 6 0 6 1 1 0 1 0 8 0
dma128 128 253 0 253 1 1 0 1 0 8 0
dma64 64 6 0 6 1 1 0 1 0 8 0
dma32 32 7 0 7 1 1 0 1 0 8 0
dma16 16 18 0 17 1 0 1 1 0 8 0
aobjpl 64 82 0 48 1 0 1 1 0 8 0
uaddrrnd 24 30429 0 30114 2 0 2 2 0 8 0
uaddrbest 32 2 0 0 1 0 1 1 0 8 0
uaddr 24 30429 0 30114 2 0 2 2 0 8 0
vmmpekpl 168 157292 0 157255 3 1 2 2 0 8 0
vmmpepl 168 2593028 0 2590219 431 305 126 147 0 357 2
vmsppl 368 30428 0 30114 29 0 29 29 0 8 0
rwobjpl 56 575780 0 574419 59 39 20 23 0 8 0
pdppl 4096 60866 0 60524 391 48 343 343 0 8 1
pvpl 32 13544235 0 13529232 664 517 147 174 0 265 26
pmappl 224 30428 0 30114 19 0 19 19 0 8 0
extentpl 40 58 0 40 1 0 1 1 0 8 0
phpool 112 1057 0 306 25 3 22 22 0 8 0
ddb{0}> machine ddbcpu 0
Invalid cpu 0
ddb{0}> trace
db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:440
panic(ffffffff8244cf87) at panic+0x177 sys/kern/subr_prf.c:202
__assert(ffffffff824be1c4,ffffffff8243b8de,8c,ffffffff82425a41) at __assert+0x25 sys/kern/subr_prf.c:161
uvm_pagealloc(fffffd80663431a0,d965000,0,3) at uvm_pagealloc+0x333 sys/uvm/uvm_page.c:140
pmap_get_ptp(fffffd8066343170,1b2cb21000) at pmap_get_ptp+0x190 sys/arch/amd64/amd64/pmap.c:1183
pmap_enter(fffffd8066343170,1b2cb21000,67518000,3,20) at pmap_enter+0x28f
uvm_fault_lower_lookup(ffff800021245de0,ffff800021245e18,ffff800021245d60) at uvm_fault_lower_lookup+0x297 sys/uvm/uvm_fault.c:1167
uvm_fault_lower(ffff800021245de0,ffff800021245e18,ffff800021245d60,0) at uvm_fault_lower+0x60
uvm_fault(fffffd806675b000,1b2cb20000,0,2) at uvm_fault+0x240 sys/uvm/uvm_fault.c:638
upageflttrap(ffff800021245f50,1b2cb20170) at upageflttrap+0x82 sys/arch/amd64/amd64/trap.c:181
usertrap(ffff800021245f50) at usertrap+0x214 sys/arch/amd64/amd64/trap.c:403
recall_trap() at recall_trap+0x8
end of kernel
end trace frame: 0x7f7fffffadd0, count: -12
ddb{0}> machine ddbcpu 1
Stopped at x86_ipi_db+0x1a: addq $0x8,%rsp
x86_ipi_db(ffff800020d38ff0) at x86_ipi_db+0x1a sys/arch/amd64/amd64/db_interface.c:393
x86_ipi_handler() at x86_ipi_handler+0xb7 sys/arch/amd64/amd64/ipi.c:106
Xresume_lapic_ipi() at Xresume_lapic_ipi+0x23
acpicpu_idle() at acpicpu_idle+0x2eb sys/dev/acpi/acpicpu.c:1206
sched_idle(ffff800020d38ff0) at sched_idle+0x417 sys/kern/kern_sched.c:178
end trace frame: 0x0, count: 10
ddb{1}> trace
x86_ipi_db(ffff800020d38ff0) at x86_ipi_db+0x1a sys/arch/amd64/amd64/db_interface.c:393
x86_ipi_handler() at x86_ipi_handler+0xb7 sys/arch/amd64/amd64/ipi.c:106
Xresume_lapic_ipi() at Xresume_lapic_ipi+0x23
acpicpu_idle() at acpicpu_idle+0x2eb sys/dev/acpi/acpicpu.c:1206
sched_idle(ffff800020d38ff0) at sched_idle+0x417 sys/kern/kern_sched.c:178
end trace frame: 0x0, count: -5
---
This report is generated by a bot. It may contain errors.
See
https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at
syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.