uvm_fault: pckbc_start (2)
Status: fixed on 2019/06/03 23:49
Fix commit: bc79b6e32eb3 Prevent corruption of the pckbc command queue. If multiple synchronous commands are in flight and all corresponding threads are sleeping waiting for a response, the first command to timeout will clear the command queue. The remaining threads once awake will then try to remove a dequeued command from the queue, leading to corruption. Instead, remove commands from the queue before waking up the sleeping thread. A quirk is still needed to handle the case where tsleep() returns successfully during suspend.
First crash: 796d, last: 796d
similar bugs (1):
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
openbsd uvm_fault: pckbc_start 1 889d 889d 3/3 fixed on 2019/02/19 14:52
Patch testing requests:
Created Duration User Patch Repo Result
2019/06/02 16:24 15m pckbc OK
2019/05/30 21:06 16m pckbc OK
2019/05/30 10:17 15m pckbc report log
2019/05/28 15:25 15m pckbc OK
2019/05/27 20:02 9m cd6858bee94 report log
2019/05/27 18:24 9m b50fe85dab5 report log
2019/05/27 18:08 8m c77fcae412c report log
2019/05/27 17:32 11m 50ca04f8b6d report log
2019/05/25 11:25 14m bcbc3a82a68f0522eac31ab9060119194f065d13 report log

Sample crash report:

Crashes (2):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Title
ci-openbsd-multicore 2019/05/22 20:22 openbsd f537473e237b 84b9d384 .config log report syz
ci-openbsd-multicore 2019/05/22 18:34 openbsd f537473e237b 84b9d384 .config log report