syzbot


Fatal trap 12: page fault while in kernel mode (2)

Status: auto-closed as invalid on 2019/12/31 21:21
Reported-by: syzbot+20d2a967e6f02996b5ea@syzkaller.appspotmail.com
First crash: 1638d, last: 1521d
Similar bugs (2)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
freebsd Fatal trap 12: page fault while in kernel mode C 103 1718d 1722d 0/2 closed as dup on 2019/03/22 15:29
freebsd Fatal trap 12: page fault while in kernel mode (3) C 140 805d 1411d 2/2 fixed on 2021/09/18 04:00

Sample crash report:
Fatal trap 12: page fault while in kernel mode
cpuid = 1; apic id = 01
fault virtual address	= 0x30
fault code		= supervisor read data, page not present
instruction pointer	= 0x20:0xffffffff815399ca
stack pointer	        = 0x28:0xfffffe0020e597a0
frame pointer	        = 0x28:0xfffffe0020e597e0
code segment		= base 0x0, limit 0xfffff, type 0x1b
			= DPL 0, pres 1, long 1, def32 0, gran 1
processor eflags	= interrupt enabled, resume, IOPL = 0
current process		= 14505 (syz-executor.3)
trap number		= 12
panic: page fault
cpuid = 1
time = 24300
KDB: stack backtrace:
db_trace_self_wrapper() at db_trace_self_wrapper+0x47/frame 0xfffffe0020e59400
vpanic() at vpanic+0x1e0/frame 0xfffffe0020e59460
06:45:00 executing program 2:
r0 = open$dir(&(0x7f0000000100)='./file0\x00', 0x40000400000002c2, 0x0)
execve(&(0x7f0000000140)='./file0\x00', &(0x7f00000002c0)=[&(0x7f0000000180)='-)/.\x00', &(0x7f00000001c0)='!\xb6+', &(0x7f0000000200)='\x00', &(0x7f0000000240)='\x00', &(0x7f0000000280)='\x00'], &(0x7f0000001480)=[&(0x7f0000000300)='\x00', &(0x7f0000001380)='\x00', &(0x7f00000013c0)='#\x00', &(0x7f0000001400)='\x00', &(0x7f0000001440)=']0\x00'])
truncate(&(0x7f0000000100)='./file0\x00', 0x308020005)
r1 = dup(r0)
ioctl$DIOCCHANGEADDR(r1, 0xc4704437, &(0x7f00000014c0)="6af5f4f12f01dbafd5ca0665d82b3f0154b10c7e9a349e53ce4738941f49bd6015e8a4a0b3e13a78a61cc7ba3cb7063c6238ebdd35030291827f63ded91c9c86588ea9386b3ab3cefa29ac2823ad9c2d8cc874f3bdc7d5aa9f0914c26e3389ab0f0c821c7eb17a6cb3183e768038b6dfd9223e032883b03eba55fc284c680b0b1a55a6bdac81aad203f79eeadb0aac34e8ef9277125566ef6403dd78adc9648aafd97280a7f51ee41240086c93e18d8ef4a93e6ad3718aece6f0dc52ca")
r2 = open(&(0x7f00000000c0)='./file0\x00', 0x80000000000206, 0x0)
ftruncate(r2, 0x7e2780e3)
r3 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
setrlimit(0x6, &(0x7f0000000000)={0x10000000000b35d, 0x800000b35d})
mlockall(0x3)
getsockopt$inet_sctp_SCTP_GET_ASSOC_NUMBER(r2, 0x84, 0x104, &(0x7f0000000080), &(0x7f0000000100)=0x4)
sync()
mmap(&(0x7f0000fee000/0x12000)=nil, 0x807000, 0x6, 0x12, r3, 0x0)
getsockopt$inet6_sctp_SCTP_RESET_STREAMS(0xffffffffffffffff, 0x84, 0x901, 0x0, 0x0)
r4 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
mmap(&(0x7f0000fee000/0x12000)=nil, 0x800000, 0x1, 0x12, r4, 0x0)
r5 = fcntl$dupfd(r0, 0x0, r0)
sendmsg$unix(r5, &(0x7f00000000c0)={0xffffffffffffffff, 0x0, &(0x7f0000000000)=[{&(0x7f0000000380)="af35acc3b63f219478dc9841462efa58c14b7617846165a60bdca311092b147ecceabdeff14457a71eb949df6416a5800a520eebd9d215b095565eef3bd8516d1313abc6ed6e3060864d98895e467e26e4ab60a12513ca02f353374b99a3e3c0de919aad727e0d3e0c4e03c86d9985cc44f7df25a6116b936b0ab0fbfd924ae7ddb3dbb3b41a1856b55d31988c4fd4d6ae3ed7081750a9917da393bc675ed85414edd48910ab463b80d1e335d211523d543ea5fef18cc2b329dfd5bdd06591f1c1776154c6b52399909b2f23a2a6831abaca819a1555d6a9571b3f4c0957c4678af32f0f3fec04b54f16e8f2b4593ad99a991f35f456f386b9d9077880930dd71f614043759d81388cccf0a9e92c8ea90008a97a6a97b81bdae9710821f7cece13a0284e81587037e232f5674baa5ec60e443a252ad85e3fdb008e350934176add54bd1e6bbde84ba63c8b53f9a2ec1f33e4a71afff727c18b9e9be7acb61487e82abeb4a7a482740d48bd4bbb510011ef0c1de378c9342d1134d798b9fe1a47f3ad23323e7e0be9e87bb8e8a3bb124423a3d9393387faf04a7f947cc967c75d0346187390cdb244e5d30767bd2a8908d67fd25018ea0b0d45f727a2ce39dd5c170416de26f1dd760d30f9b83b4d4bd7269538cd34375274eeb0a07da54dd7a43cbdb4322fcfd07c13259227255ee37a1cdb095eb371cebbb9fbaa603edce5c947ab98e440ddc0f4a2dc35edb2bb6d5254647f67a820cac0877d80360b8686c6d9d9ad61cb3e665abef9020f197b05832ac8557ce3880bd0e4a65f76eba45a9861f631cf62d5c8f373c99b3e6a769552a7751887eb225fa3c41e491769dd0f9b55dfa75d59208b9f9d23e0e216a70ed6d25f4242160c4b8d50b059c676cfd0cdfbacfc0f27cf7052e75b143cae5e7e249a0198fc04532ea13f476af4c1f5292657ce69c6a864e8803ee309f3c3478eab0963e83d875bd0a6981d1fa10ba1eb6899712c45ce2529185b48c0953b53052153f62abcf092844981be2cf74a8635298b0249ece74d8e07d220482ccd7a2385e214c6cb82d9614e20a7e2fa85feb2f767f0641a09f9ac4f8d9d307d7190193907eca98a710290e9d37799065344ac2fc9b5b8451dccba5b5bb6a022dc8fa140915b73c2b7a2e7bd76fe450c67dde290775ad89569e73e5ae7cd9914d0257df432812b2626555b81cd7b421cd1784eb5b3e7b88e246c5bec6fb5c73244f88710a4ff5a12f4123c66890f2c01d9e4752276fbaec39b86442ec04617a571d595de1135d226e7860f4c5375901e70c5c85b79572004baec9fd5ddcb9a6496ad155c0bfee969becf26741fdacab6aad8cf76d6c71890e20acfddee5568daf20cb3da75b754a50e03533a4d33e17993569bf8cf7728683afb7b6cc439a7d0b35dca58cc643b7d74e13dd987679c119495d726ccfb885799351d4722270fa0240f06897639407d041506f247b43ffeb64eed303d1dcad07b4e799e1acd30d5539e1cd3c50182ed7d6f41a80bfc34456fb333defe458da392881ffbe308256b6a4a57ff6b80b88b0638a3f855912dd7f0b5efc5a0cb666b03e64afe5d0368f5d73fcaa21a324e61afee2de369efebd3b9cabe61e9516125515b6cfa608c1f457ddf68a0eacc78914ca65629d420bd0349cc6ef7d4430534fbaf798315efb4fb95061870d192df0b26199063f427e20442a6496a3bb35b43894a6fc49700bce05db8aea2d6180a2e9d2d98208d471cdfa9c2daae8771c67c757e563a95617090d8127b35fa68742dbb699cbbb42f2d68c5dc842127362be4e25d627cbc915a60592340e08ab43810b369dbb66441c81a420f77a0fba37f0fa22d2e623b074a7b51bb70402767daba620098fa5c47c47b5b88c7a7d50eee6a3b0b7713c9532902bf933916f2c511107cf3d63fa2c602ab691d42bfefcf9ac285b3873095850f9e6809eff6b24a55d76e94d01d76f609bb3a846e9457d3776b2e694a88990a12c7625a0b50bc5d1418c83919e3f8a5988622606fe0fbc362e2798a013df66e348e28c7c0a07800692b8a573047fe580b8673e3bccb578a2003788205ff18bb5a26fcc9b6ed6a95c65055c5b0f9d4c40296c5d3db259d84dca5b5e15c5866a5ec8eb43ea0ebe35a97ae0284cba9b0267fe155a16df48d1a6c2e1a5a3f7a864e93c415da388f20109fe9b408d1815687470438289917a7a2441b1a8347c90bcd1bba27f5eaec574f498d13f6687b961c81ded1edb43fb850d015b6dd6c5c33031778d826e1940c118c624b79e5fe7a6665be9797b905117a1caa469a3af866b16627ba70a6b9f9304c9fd88ca6cee5d484c5ed553a2d147d1ad126e732eaeba6cb5c5a56583396dac0f4db6f125585ce50827a963909964a00a6a0e735fceb1e1102d17a5fdb60b44f691a1d8357cf24452543178c616bde6c6d12d4558d4a664ee3c53e85d6fea6ebcff2a5656fef038e13f1bb2aa03fcbbb17abc2c01085f3097f752e73c6f11616294c0c0b317824a8365a2235752fe88e935d7c08e198642214e86d113f866d269347aabe33a16853d56b5f4574427c53283423cc69821268a4bde6ca6f30b1d1e149b3a3d51128acc47d02a3715d1dcbbe0c6931fddc07ac59f04c23aea72c7d8c7f5399208b616bdd545c4708ca38f66ec0aef5a18fd5c6bee1d77743b94a8bd01321509f392fcca8363210a15c7840efcd06efe1d62f50d5815d966195ef387dd1bee28e31b02127e521fe2e428444fc005283dba9afd01015b4ac2bcea75b7d9a7726d7c3eec97b2013394eaafb76d51ca24d18dddec3ad2e330e3facc1b6da01e2f2cc845322886834d2dda975121a383c2eff7a01cbf16efc0ce7fd53e38350c5a5b9b61d7a2bdfe50e6e8954f88fb44d49029fadb2d1fd1bc3ae75981419eb8ec30639a4ea95f7a43969c9a7709f154daad6eefc8f4f9e214caf0a08cca9eee51ca12d84a92e77980b68f40c5786c3a50c0a7afeb760031ded87cbf5cbcd43d712e1245be802fb5e40b0c9145b97e7becd1f6f1f2681b88deb67196922aa7791304b29d7dafee77bef1fe6fd65a5535aeb5c6c54eaf49d211e67f1a60553e5358185fe570e21c2359d4eb16504ee5b3e1b16924928fa4dc6b50a3fcee78f75e551fe410e6d67a7ceb9bda6eb51a118d56f8d89291584ebc7cc337ff79b4f61c37033ed61a4b002696022bcc792ddc234ccde724faf7cdec06768b76a6aed894b91b3cdca834687a705a231fefa846b85c291d7c8204ba63ec06f23d9bd13ac37a41926e4d2f5e98a7d2f8de10626ee411c0d6d8787afd47d7b370fb57663447abd99da7d10800bc9c18b7ac61f786baef5a29436031e5ceb5ffd7f0a35a392ced6842e2335118338931d705a89294a4bb8ab454670d1700c9dc71eefa7a342a5f26f88c2f491e0fd012ee46d9256cd44fbb25e917c97e4b2eb1fd1b7dfae59f630fd85181967f641927c85bd6412bc16335e8cabb1fe6ee5e3457b2ff18341f45fa777fe267d5794cf8043353da73e6b87e1d308cd4f3f1f12720731bb64c36874a9bc56d24cb6fc6829abbfe6685550a446633d37250e98cbf512f444649ba4c3fe8e9477959eddeeaaedfb676b3f0d273a639edb98fa34d3d4498c7c95fc915d857fa143415fe08d6a6a9aaed9b5fa4f81f8e9920129f7c929f043bc0808e10da061900ff0e4a65a25ad21cfaf9f727a379aa56f7e7d17b0bfdf5e49703d1168acc00f62e3046a5ae8517899e9f0dcd07532e0f4322d47e708b6847474b70d52f24f30dc6876aa76666f8e8fbdf0ec7ce16b171293b32dad0c36b016813beae5293607bff430f01bdf2c283ea2546501aafc3c791c85e4c85e72508ba8e9cef858ba75aeac5caf96ad59d6c6d8420f13cfc69d80de0a43fce8e965dfb4396eb6b0b8ad06b4ca2e3ff8706dd70fbfafc5e1fea64b706dd5645ad0b112cc9ed7d6a39e715ff95babe77c5a16e2a0a3b7ba5547b78ec45b54e82e79d58bdd50900b6849d0058367b3f179c09a2e946a6b1ee7ae95252f082c130c6206e90f9c262e3ce39c99956a891a85f083207e3cd5bf7ff0110deeb14b0f1190170f58fb312647021eebf62682b9e2bedae3b4f600a23f74e05b0921c4da7dc20e8b462195f6f65a04d6ddbcaa7674eabcab62b5d41bbf79d7e0b0e5f1e1851be6f2d337ae85565e7c981e5d75b927d25529822f318c79603a251cdf8fed9ae962ccd1712aea2fce314dfd55180138b9fb7ad5f3a27a3d9e2a461fb9fa77b49d0179097d347e9b91bb2f60dc0c71e0557cbbadf8352015423445ea67b54e10b0501c3005f0ad4af9170e41b10051e91734c3cee3d135634f4f70cddf3ff162ab4b9a2494025e31546e34e5582ad42b64b67dc948d871df70162044a27926f9ab7cfff1fddf15db3e80e1db2c7055bfcc486e3e60416d91791ac2a72d357e2c7935e8bc2200d34e1467a6abcca0f6fd0df7834f65226c8ae5ddb7e62bf957036f3a6fdf46548522e0b821bae9af2f451770e841417017eedfec05ffd486d367b8a7c5b443c3757c4f89c7c4573f178fa7ea959246b1e520fccdfa15360d3498861cc6679498de4c89c21d2a8739783e12834bbdae41a01c10c2647a443c21b7bd2d7032e24594c96d7a92bdc92f61e6432cbe6af5f915eab3a44fe28e8918a7916cfdf798dd5e571c022876da82957a39eef27096069ba98673349326795ec33aa2ddad9ddb29efd9fdfbcc7c76ec4b387224dc33a8d125cfd44d3f295512be90446bb737ff892a8c77cbea73e2719767828bbfa1c2c0138289f04fb090cb2570df150c1537e50b03d8141d5315b2d9425cd58b74dd561b05a22c0100b4cf6fd298d4d3e0718bb65beb601e991c73189d9dced94a653b33b705e829e6fdbc914b0080856770adfa8b79817088ef0bc4ead92502890343668e5c7879106651a7a6b64391c46df9e73fe8c42198eff0f37269d0bc6736d7532de4cb3fee61b73a4d9eca6c53a438fa20e6a02125bbb10c7468902606fe050ea14d2b78aeaab57dcc3600f6187b5074674cc3ac5747b1ebfdbbee2d282557be91421e0805c81d7fdc05c0639b803669dbd47189ab28b217bfb477d14f1819c819201cb5c7f32b894cb27ca211b24463e1fe35294c9a36683b4cf264ec5814cb5ed26132a0c1f221e783b391af4e0cba2a90cba24f0279e25a33aef8de4b9a345a73a6f35c44775e25dd80698dd20faa893a88842cd5e0332650611cac5150fbcc7b300397c0161e949d8fcbb960407ab499e1159a3cbc88dab93fe0c7d40126144d21afa6071b85f9d29648025d5157ce3408441906645e9e2906a9b331f7dfc5f6cef01bf0f25f2de1481711ec59b80c4f9fb5ee1da6cfab35df0cdd6a9318e726e575a7f82269b3391cd3e97c7b5598691182b8c63a5d6762c846a8fe9c4c426261f9ba8bdf3707c42282c50672e081af6ca5427e07300228c36fa53c9c462b3f4eb5c6cddf6f452fe75a17e4e18643acdde5e528d96fb60b1d719b279df70830e0c3b36542c8d438438a414bb030ce87483cb5353c2c10daf449984af7922e5e23f11badc6b38538e14bd4083a74315640226a498fb0d149b9b3125ff8de7fd67ab1da3f9370789107991b357cdd739865a3e509577ea11f5c308e7973c303a5e892a566622c67efc65518ace005ff286b75c459e15ee1ce5d0a26587857f9fa3609f9e87636f772fde61b3ee753ca2514680d8e0890fdfcbb937c4d2011bdf47985b2aaaff2d02bbb477c8a651e9169976e64b3bc0d", 0x1000}], 0x1, &(0x7f0000000040)=[@rights={0x18, 0xffff, 0x1, [r0, r0]}, @rights={0x20, 0xffff, 0x1, [r0, r0, r0, r0]}, @rights={0x18, 0xffff, 0x1, [r0]}], 0x50, 0x4}, 0x8)
writev(r0, &(0x7f0000000340)=[{&(0x7f0000000180), 0x81700}], 0x1000000000000013)
ftruncate(r0, 0x0)
recvfrom$inet6(r4, &(0x7f0000001580)=""/87, 0x57, 0x2, 0x0, 0x0)

panic() at panic+0x43/frame 0xfffffe0020e594c0
trap_fatal() at trap_fatal+0x4c6/frame 0xfffffe0020e59540
trap_pfault() at trap_pfault+0x9f/frame 0xfffffe0020e595b0
trap() at trap+0x44d/frame 0xfffffe0020e596d0
calltrap() at calltrap+0x8/frame 0xfffffe0020e596d0
--- trap 0xc, rip = 0xffffffff815399ca, rsp = 0xfffffe0020e597a0, rbp = 0xfffffe0020e597e0 ---
vm_page_unhold_pages() at vm_page_unhold_pages+0x5a/frame 0xfffffe0020e597e0
pipe_write() at pipe_write+0x16d8/frame 0xfffffe0020e598b0
dofilewrite() at dofilewrite+0xfd/frame 0xfffffe0020e59910
kern_writev() at kern_writev+0x66/frame 0xfffffe0020e59950
sys_writev() at sys_writev+0x50/frame 0xfffffe0020e59980
amd64_syscall() at amd64_syscall+0x436/frame 0xfffffe0020e59ab0
fast_syscall_common() at fast_syscall_common+0x101/frame 0xfffffe0020e59ab0
--- syscall (198, FreeBSD ELF64, nosys), rip = 0x4131ba, rsp = 0x7fffdfffdf38, rbp = 0x3 ---
KDB: enter: panic
[ thread pid 14505 tid 100380 ]
Stopped at      kdb_enter+0x6a: movq    $0,kdb_why

Crashes (2):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2019/06/08 08:18 freebsd 2374f8977455 cf9c3a50 console log report ci-freebsd-main
2019/10/02 21:20 freebsd bf9e96343b31 2e29b534 console log report ci-freebsd-i386
* Struck through repros no longer work on HEAD.