Fatal trap NUM: page fault while in kernel mode (6)
4 views
Skip to first unread message
syzbot
Jul 19, 2024, 9:39:23 AM7/19/24
to syzkaller-f...@googlegroups.com
Hello,
syzbot found the following issue on:
HEAD commit: fb05f761ac0b siftr: remove the shutdown_pre_sync event han..
git tree: freebsd-src
console output: https://syzkaller.appspot.com/x/log.txt?x=158c05fd980000
dashboard link: https://syzkaller.appspot.com/bug?extid=64ccce81ff5f7b695b06
Unfortunately, I don't have any reproducer for this issue yet.
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+64ccce...@syzkaller.appspotmail.com
Fatal trap 12: page fault while in kernel mode
cpuid = 1; apic id = 01
fault virtual address = 0x0
fault code = supervisor read data, page not present
instruction pointer = 0x20:0xffffffff81a265e3
stack pointer = 0x28:0xfffffe0056c8a1c0
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
frame pointer = 0x28:0xfffffe0056c8a6f0
code segment = base 0x0, limit 0xfffff, type 0x1b
= DPL 0, pres 1, long 1, def32 0, gran 1
processor eflags = interrupt enabled, resume, IOPL = 0
current process = 2 (clock (0))
rdi: 0000000000000000 rsi: 0000000000000000 rdx: 0000000000f6df60
rcx: fffffe00033eee30 r8: 0000000000000000 r9: 00000000060080fe
rax: fffffe00033eee30 rbx: fffffe006d1740e0 rbp: fffffe0056c8a6f0
r10: aa02000000000000 r11: 000000000000001f r12: fffffe0056c8a4c0
r13: fffffe0056c8a500 r14: 0000000000000000 r15: fffffe00829b7338
trap number = 12
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
If the report is already addressed, let syzbot know by replying with:
#syz fix: exact-commit-title
If you want to overwrite report's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)
If the report is a duplicate of another one, reply with:
#syz dup: exact-subject-of-another-report
If you want to undo deduplication, reply with:
#syz undup
syzbot found the following issue on:
HEAD commit: fb05f761ac0b siftr: remove the shutdown_pre_sync event han..
git tree: freebsd-src
console output: https://syzkaller.appspot.com/x/log.txt?x=158c05fd980000
dashboard link: https://syzkaller.appspot.com/bug?extid=64ccce81ff5f7b695b06
Unfortunately, I don't have any reproducer for this issue yet.
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+64ccce...@syzkaller.appspotmail.com
Fatal trap 12: page fault while in kernel mode
cpuid = 1; apic id = 01
fault virtual address = 0x0
fault code = supervisor read data, page not present
instruction pointer = 0x20:0xffffffff81a265e3
stack pointer = 0x28:0xfffffe0056c8a1c0
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
frame pointer = 0x28:0xfffffe0056c8a6f0
code segment = base 0x0, limit 0xfffff, type 0x1b
= DPL 0, pres 1, long 1, def32 0, gran 1
processor eflags = interrupt enabled, resume, IOPL = 0
current process = 2 (clock (0))
rdi: 0000000000000000 rsi: 0000000000000000 rdx: 0000000000f6df60
rcx: fffffe00033eee30 r8: 0000000000000000 r9: 00000000060080fe
rax: fffffe00033eee30 rbx: fffffe006d1740e0 rbp: fffffe0056c8a6f0
r10: aa02000000000000 r11: 000000000000001f r12: fffffe0056c8a4c0
r13: fffffe0056c8a500 r14: 0000000000000000 r15: fffffe00829b7338
trap number = 12
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
If the report is already addressed, let syzbot know by replying with:
#syz fix: exact-commit-title
If you want to overwrite report's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)
If the report is a duplicate of another one, reply with:
#syz dup: exact-subject-of-another-report
If you want to undo deduplication, reply with:
#syz undup
syzbot
Aug 17, 2024, 5:44:19 PM8/17/24
to syzkaller-f...@googlegroups.com
syzbot has found a reproducer for the following issue on:
HEAD commit: c7bc30c24f86 stress2: Some tests use hw.ncpu to scale the ..
git tree: freebsd-src
console output: https://syzkaller.appspot.com/x/log.txt?x=17b69d83980000
dashboard link: https://syzkaller.appspot.com/bug?extid=64ccce81ff5f7b695b06
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=162f17d3980000
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+64ccce...@syzkaller.appspotmail.com
Fatal trap 12: page fault while in kernel mode
cpuid = 0; apic id = 00
r10: aa03000000000000 r11: 000000000000001f r12: fffffe0056c8a4c0
if_delmulti_locked: detaching ifnet instance 0xfffffe006e463000
#syz test: git://repo/address.git branch-or-commit-hash
If you attach or paste a git patch, syzbot will apply it before testing.
HEAD commit: c7bc30c24f86 stress2: Some tests use hw.ncpu to scale the ..
git tree: freebsd-src
console output: https://syzkaller.appspot.com/x/log.txt?x=17b69d83980000
dashboard link: https://syzkaller.appspot.com/bug?extid=64ccce81ff5f7b695b06
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=162f17d3980000
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+64ccce...@syzkaller.appspotmail.com
Fatal trap 12: page fault while in kernel mode
fault virtual address = 0x0
fault code = supervisor read data, page not present
instruction pointer = 0x20:0xffffffff81a27ea3
fault code = supervisor read data, page not present
stack pointer = 0x28:0xfffffe0056c8a1c0
frame pointer = 0x28:0xfffffe0056c8a6f0
code segment = base 0x0, limit 0xfffff, type 0x1b
= DPL 0, pres 1, long 1, def32 0, gran 1
processor eflags = interrupt enabled, resume, IOPL = 0
current process = 2 (clock (0))
rdi: 0000000000000000 rsi: 0000000000000000 rdx: 000000000dc8c760
code segment = base 0x0, limit 0xfffff, type 0x1b
= DPL 0, pres 1, long 1, def32 0, gran 1
processor eflags = interrupt enabled, resume, IOPL = 0
current process = 2 (clock (0))
rcx: fffffe00033eee30 r8: 0000000000000000 r9: 00000000060080fe
rax: fffffe00033eee30 rbx: fffffe006dc79ce0 rbp: fffffe0056c8a6f0
r10: aa03000000000000 r11: 000000000000001f r12: fffffe0056c8a4c0
if_delmulti_locked: detaching ifnet instance 0xfffffe006e463000
r13: fffffe0056c8a500 r14: 0000000000000000 r15: fffffe00829b7338
trap number = 12
---
If you want syzbot to run the reproducer, reply with:
trap number = 12
---
#syz test: git://repo/address.git branch-or-commit-hash
If you attach or paste a git patch, syzbot will apply it before testing.
Reply all
Reply to author
Forward
0 new messages