syzbot


panic: thread_lock() of sleep mutex `*Fv @ /syzkaller/managers/main/kernel/sys/kern/kern_switch.c:LINE

Status: fixed on 2021/06/01 13:17
Reported-by: syzbot+6cfa544fd86ad4647ffc@syzkaller.appspotmail.com
Fix commit: 4a59cbc12532 amd64: Avoid enabling interrupts when handling kernel mode prot faults
First crash: 1274d, last: 1274d

Sample crash report:
panic: thread_lock() of sleep mutex `*Fv @ /syzkaller/managers/main/kernel/sys/kern/kern_switch.c:238
cpuid = 0
time = 1622269624
KDB: stack backtrace:
db_trace_self_wrapper() at db_trace_self_wrapper+0x47/frame 0xfffffe00a21b27f0
vpanic() at vpanic+0x1c7/frame 0xfffffe00a21b2850
panic() at panic+0x43/frame 0xfffffe00a21b28b0
thread_lock_flags_() at thread_lock_flags_/frame 0xfffffe00a21b28f0
_thread_lock() at _thread_lock+0x55/frame 0xfffffe00a21b2930
critical_exit_preempt() at critical_exit_preempt+0x69/frame 0xfffffe00a21b2960
spinlock_exit() at spinlock_exit+0x98/frame 0xfffffe00a21b2990
cngrab() at cngrab+0x6e/frame 0xfffffe00a21b29c0
vpanic() at vpanic+0x111/frame 0xfffffe00a21b2a20
panic() at panic+0x43/frame 0xfffffe00a21b2a80
sched_throw() at sched_throw+0x19d/frame 0xfffffe00a21b2ab0
thread_exit() at thread_exit+0x38a/frame 0xfffffe00a21b2b00
kern_thr_exit() at kern_thr_exit+0x199/frame 0xfffffe00a21b2b40
thread_suspend_check() at thread_suspend_check+0x51f/frame 0xfffffe00a21b2b90
ast() at ast+0x98a/frame 0xfffffe00a21b2bf0
fast_syscall_common() at fast_syscall_common+0x1a5/frame 0xfffffe00a21b2bf0
--- syscall (4kernel trap 12 with interrupts disabled
kernel trap 12 with interrupts disabled
kernel trap 12 with interrupts disabled
kernel trap 12 with interrupts disabled
kernel trap 12 with interrupts disabled
kernel trap 12 with interrupts disabled
kernel trap 12 with interrupts disabled
kernel trap 12 with interrupts disabled
kernel trap 12 with interrupts disabled
kernel trap 12 with interrupts disabled
kernel trap 12 with interrupts disabled
kernel trap 12 with interrupts disabled
kernel trap 12 with interrupts disabled
kernel trap 12 with interrupts disabled
kernel trap 12 with interrupts disabled
kernel trap 12 with interrupts disabled

Fatal double fault
rip 0xffffffff81167e25 rsp 0xfffffe00a21aefc0 rbp 0xfffffe00a21af190
rax 0x1dbfcb1861da592b rdx 0xffffffff81a8d6ff rbx 0x30000
rcx 0xc7 rsi 0xfffff8007fffcfe0 rdi 0x9
r8 0 r9 0x8080808080808080 r10 0xfffffe00a21af4f0
r11 0x7dced4ff r12 0xffffffff81a8d6ff r13 0xfffff8007fffcfe0
r14 0xfffff80067e6ba60 r15 0xc7 rflags 0x10086
cs 0x20 ss 0x28 ds 0x3b es 0x3b fs 0x13 gs 0x1b
fsbase 0x8003734a0 gsbase 0xffffffff83210000 kgsbase 0
cpuid = 0; apic id = 00
panic: double fault
cpuid = 0
time = 1622269624
KDB: stack backtrace:
db_trace_self_wrapper() at db_trace_self_wrapper+0x47/frame 0xffffffff8287abc0
vpanic() at vpanic+0x1c7/frame 0

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2021/05/29 06:23 freebsd-src e5f5b6a75c0a 858ea628 console log report ci-freebsd-main panic: thread_lock() of sleep mutex `*Fv @ /syzkaller/managers/main/kernel/sys/kern/kern_switch.c:LINE
* Struck through repros no longer work on HEAD.