page fault in do_sys_accept
5 views
Skip to first unread message
syzbot
May 7, 2019, 6:44:08 PM5/7/19
to syzkaller-...@googlegroups.com
Hello,
syzbot found the following crash on:
HEAD commit: 014f8a6c revert most of:
git tree: netbsd
console output: https://syzkaller.appspot.com/x/log.txt?x=15a2f08ca00000
dashboard link: https://syzkaller.appspot.com/bug?extid=b582f7994fe98bdf0c72
Unfortunately, I don't have any reproducer for this crash yet.
IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+b582f7...@syzkaller.appspotmail.com
[ 3088.2865209] fatal page fault in supervisor mode
[ 3088.2865209] trap type 6 code 0x2 rip 0xffffffff8022b64c cs 0x8 rflags
0x10246 cr2 0 ilevel 0 rsp 0xffff9e816ed3fae8
[ 3088.2965278] curlwp 0xffff9e8012f3c4e0 pid 15906.2 lowest kstack
0xffff9e816ed382c0
[ 3088.3065441] panic: trap
[ 3088.3065441] cpu1: Begin traceback...
[ 3088.3165619] vpanic() at netbsd:vpanic+0x214
[ 3088.3265802] snprintf() at netbsd:snprintf
[ 3088.3365970] startlwp() at netbsd:startlwp
[ 3088.3466121] alltraps() at netbsd:alltraps+0xb2
[ 3088.3566297] do_sys_accept() at netbsd:do_sys_accept+0x2f4
[ 3088.3666569] sys_accept() at netbsd:sys_accept+0xac
[ 3088.3766653] sys___syscall() at netbsd:sys___syscall+0xe2
[ 3088.3866807] syscall() at netbsd:syscall+0x348
[ 3088.3966993] --- syscall (number 198) ---
[ 3088.3966993] 7d452943f4aa:
[ 3088.4067149] cpu1: End traceback...
[ 3088.4067149] dumping to dev 4,1 (offset=0, size=0): not possible
[ 3088.4167399] rebooting...
SeaBIOS (version 1.8.2-20190308_060531-google)
Total RAM Size = 0x00000001e0000000 = 7680 MiB
CPUs found: 2 Max CPUs supported: 2
found virtio-scsi at 0:3
virtio-scsi vendor='Google' product='PersistentDisk' rev='1' type=0
removable=0
virtio-scsi blksize=512 sectors=4194304 = 2048 MiB
drive 0x000f29d0: PCHS=0/0/0 translation=lba LCHS=520/128/63 s=4194304
Booting from Hard Disk 0...
>> NetBSD/x86 BIOS Boot, Revision 5.10 (Tue Jul 17 14:59:51 UTC 2018) (from
>> NetBSD 8.0)
>> Memory: 639/3144640 k
1. Boot normally
2. Boot single user
3. Disable ACPI
4. Disable ACPI and SMP
5. Drop to boot prompt
---
This bug is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this bug report. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot found the following crash on:
HEAD commit: 014f8a6c revert most of:
git tree: netbsd
console output: https://syzkaller.appspot.com/x/log.txt?x=15a2f08ca00000
dashboard link: https://syzkaller.appspot.com/bug?extid=b582f7994fe98bdf0c72
Unfortunately, I don't have any reproducer for this crash yet.
IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+b582f7...@syzkaller.appspotmail.com
[ 3088.2865209] fatal page fault in supervisor mode
[ 3088.2865209] trap type 6 code 0x2 rip 0xffffffff8022b64c cs 0x8 rflags
0x10246 cr2 0 ilevel 0 rsp 0xffff9e816ed3fae8
[ 3088.2965278] curlwp 0xffff9e8012f3c4e0 pid 15906.2 lowest kstack
0xffff9e816ed382c0
[ 3088.3065441] panic: trap
[ 3088.3065441] cpu1: Begin traceback...
[ 3088.3165619] vpanic() at netbsd:vpanic+0x214
[ 3088.3265802] snprintf() at netbsd:snprintf
[ 3088.3365970] startlwp() at netbsd:startlwp
[ 3088.3466121] alltraps() at netbsd:alltraps+0xb2
[ 3088.3566297] do_sys_accept() at netbsd:do_sys_accept+0x2f4
[ 3088.3666569] sys_accept() at netbsd:sys_accept+0xac
[ 3088.3766653] sys___syscall() at netbsd:sys___syscall+0xe2
[ 3088.3866807] syscall() at netbsd:syscall+0x348
[ 3088.3966993] --- syscall (number 198) ---
[ 3088.3966993] 7d452943f4aa:
[ 3088.4067149] cpu1: End traceback...
[ 3088.4067149] dumping to dev 4,1 (offset=0, size=0): not possible
[ 3088.4167399] rebooting...
SeaBIOS (version 1.8.2-20190308_060531-google)
Total RAM Size = 0x00000001e0000000 = 7680 MiB
CPUs found: 2 Max CPUs supported: 2
found virtio-scsi at 0:3
virtio-scsi vendor='Google' product='PersistentDisk' rev='1' type=0
removable=0
virtio-scsi blksize=512 sectors=4194304 = 2048 MiB
drive 0x000f29d0: PCHS=0/0/0 translation=lba LCHS=520/128/63 s=4194304
Booting from Hard Disk 0...
>> NetBSD/x86 BIOS Boot, Revision 5.10 (Tue Jul 17 14:59:51 UTC 2018) (from
>> NetBSD 8.0)
>> Memory: 639/3144640 k
1. Boot normally
2. Boot single user
3. Disable ACPI
4. Disable ACPI and SMP
5. Drop to boot prompt
---
This bug is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this bug report. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot
May 7, 2019, 7:12:08 PM5/7/19
to syzkaller-...@googlegroups.com
syzbot has found a reproducer for the following crash on:
HEAD commit: 014f8a6c revert most of:
git tree: netbsd
console output: https://syzkaller.appspot.com/x/log.txt?x=12b2b4e8a00000
dashboard link: https://syzkaller.appspot.com/bug?extid=b582f7994fe98bdf0c72
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=168a79d0a00000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=10251ef0a00000
IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+b582f7...@syzkaller.appspotmail.com
[ 34.0508791] fatal page fault in supervisor mode
[ 34.0607970] trap type 6 code 0x2 rip 0xffffffff8022b64c cs 0x8 rflags
0x10246 cr2 0 ilevel 0 rsp 0xffffce016ee83ae8
[ 34.0607970] curlwp 0xffffce0012e4d8c0 pid 828.1 lowest kstack
0xffffce016ee7c2c0
[ 34.0607970] panic: trap
[ 34.0607970] cpu0: Begin traceback...
[ 34.0607970] vpanic() at netbsd:vpanic+0x214
[ 34.0708075] snprintf() at netbsd:snprintf
[ 34.0708075] startlwp() at netbsd:startlwp
[ 34.0808072] alltraps() at netbsd:alltraps+0xb2
[ 34.0808072] do_sys_accept() at netbsd:do_sys_accept+0x2f4
[ 34.0915698] sys_accept() at netbsd:sys_accept+0xac
[ 34.1021091] sys_syscall() at netbsd:sys_syscall+0xe2
[ 34.1108637] syscall() at netbsd:syscall+0x348
[ 34.1210446] --- syscall (number 0) ---
[ 34.1210446] 710a5ec3f4ca:
[ 34.1210446] cpu0: End traceback...
[ 34.1321458] dumping to dev 4,1 (offset=0, size=0): not possible
[ 34.1321458] rebooting...
HEAD commit: 014f8a6c revert most of:
git tree: netbsd
dashboard link: https://syzkaller.appspot.com/bug?extid=b582f7994fe98bdf0c72
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=168a79d0a00000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=10251ef0a00000
IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+b582f7...@syzkaller.appspotmail.com
[ 34.0607970] trap type 6 code 0x2 rip 0xffffffff8022b64c cs 0x8 rflags
0x10246 cr2 0 ilevel 0 rsp 0xffffce016ee83ae8
[ 34.0607970] curlwp 0xffffce0012e4d8c0 pid 828.1 lowest kstack
0xffffce016ee7c2c0
[ 34.0607970] panic: trap
[ 34.0607970] cpu0: Begin traceback...
[ 34.0607970] vpanic() at netbsd:vpanic+0x214
[ 34.0708075] snprintf() at netbsd:snprintf
[ 34.0708075] startlwp() at netbsd:startlwp
[ 34.0808072] alltraps() at netbsd:alltraps+0xb2
[ 34.0808072] do_sys_accept() at netbsd:do_sys_accept+0x2f4
[ 34.0915698] sys_accept() at netbsd:sys_accept+0xac
[ 34.1021091] sys_syscall() at netbsd:sys_syscall+0xe2
[ 34.1108637] syscall() at netbsd:syscall+0x348
[ 34.1210446] --- syscall (number 0) ---
[ 34.1210446] 710a5ec3f4ca:
[ 34.1210446] cpu0: End traceback...
[ 34.1321458] dumping to dev 4,1 (offset=0, size=0): not possible
[ 34.1321458] rebooting...
Reply all
Reply to author
Forward
0 new messages