syzbot

 sign-in | mailing list | source | docs
🐞 Open [10] 🐞 Fixed [25] 🐞 Invalid [75] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

assertion failed: page->pg_tree_slot == tree_slot

Status: auto-closed as invalid on 2021/03/23 04:14
Reported-by: syzbot+d25e4f651a347d89c1e0@syzkaller.appspotmail.com
First crash: 1286d, last: 1261d

Sample crash report:
kernel panic at kern/src/pagemap.c:131, from core 2: assertion failed: page->pg_tree_slot == tree_slot
Stack Backtrace on Core 2:
#01 [<0xffffffffc200aa6c>] in backtrace at src/kdebug.c:235
#02 [<0xffffffffc200a205>] in _panic at src/init.c:275
#03 [<0xffffffffc2046c9d>] in pm_find_page at src/pagemap.c:131
#04 [<0xffffffffc2047470>] in pm_load_page at src/pagemap.c:195
#05 [<0xffffffffc2039b73>] in fs_file_write at src/ns/fs_file.c:436
#06 [<0xffffffffc20449c6>] in tree_chan_write at src/ns/tree_file.c:1039
#07 [<0xffffffffc2040bc9>] in rwrite at src/ns/sysfile.c:1136
#08 [<0xffffffffc2040e1b>] in syswrite at src/ns/sysfile.c:1154
#09 [<0xffffffffc2059389>] in sys_write at src/syscall.c:1798
#10 [<0xffffffffc205a249>] in syscall at src/syscall.c:2582
#11 [<0xffffffffc205add8>] in run_local_syscall at src/syscall.c:2619
#12 [<0xffffffffc205b319>] in prep_syscalls at src/syscall.c:2639
#13 [<0xffffffffc20b7a92>] in sysenter_callwrapper at arch/x86/trap.c:932
04:13:10 executing program 1:
r0 = openat$prof_empty(0xffffffffffffff9c, &(0x7f0000000000)='/prof/.empty\x00', 0xd, 0x3, 0x0)
nmount(r0, &(0x7f0000000040)='./file0\x00', 0x8, 0x10)
write(r0, &(0x7f0000000080)="31027966129c8560061d7514c26e1455c820e71d4bbc99cda77e2debd0f75f9734ddf4ba638a0357", 0x28)
openat$net_udp_0_local(0xffffffffffffff9c, &(0x7f00000000c0)='/net/udp/0/local\x00', 0x11, 0x1, 0x0)
openat$net_iproute(0xffffffffffffff9c, &(0x7f0000000100)='/net/iproute\x00', 0xd, 0x3, 0x0)
openat$prof_kpdata(0xffffffffffffff9c, &(0x7f0000000140)='/prof/kpdata\x00', 0xd, 0x3, 0x0)
openat$dev_config(0xffffffffffffff9c, &(0x7f0000000180)='/dev/config\x00', 0xc, 0x1, 0x0)
openat$proc_self_strace_traceset(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/strace_traceset\x00', 0x1b, 0x3, 0x0)
openat$dev_pgrpid(0xffffffffffffff9c, &(0x7f0000000200)='/dev/pgrpid\x00', 0xc, 0x1, 0x0)
openat$proc_self_noteid(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/noteid\x00', 0x12, 0x3, 0x0)
r1 = proc_create(&(0x7f0000000280)='./file0\x00', 0x8, &(0x7f00000002c0)='\x00', 0x1, 0x0)
fchdir(r1, 0xffffffffffffffff)
04:13:10 executing program 7:
openat$prof_empty(0xffffffffffffff9c, &(0x7f0000000000)='/prof/.empty\x00', 0xd, 0x3, 0x0)
r0 = proc_create(&(0x7f0000000400)='./file0\x00', 0x8, &(0x7f0000000440)='\x00', 0x1, 0x0)
proc_run(r0)
04:13:10 executing program 4:
r0 = openat$prof_empty(0xffffffffffffff9c, &(0x7f0000000000)='/prof/.empty\x00', 0xd, 0x3, 0x0)
nmount(r0, &(0x7f0000000040)='./file0\x00', 0x8, 0x10)
write(r0, &(0x7f0000000080)="31027966129c8560061d7514c26e1455c820e71d4bbc99cda77e2debd0f75f9734ddf4ba638a0357", 0x28)
openat$net_udp_0_local(0xffffffffffffff9c, &(0x7f00000000c0)='/net/udp/0/local\x00', 0x11, 0x1, 0x0)
openat$net_iproute(0xffffffffffffff9c, &(0x7f0000000100)='/net/iproute\x00', 0xd, 0x3, 0x0)
openat$prof_kpdata(0xffffffffffffff9c, &(0x7f0000000140)='/prof/kpdata\x00', 0xd, 0x3, 0x0)
openat$dev_config(0xffffffffffffff9c, &(0x7f0000000180)='/dev/config\x00', 0xc, 0x1, 0x0)
openat$net_ipifc_1_local(0xffffffffffffff9c, &(0x7f00000003c0)='/net/ipifc/1/local\x00', 0x13, 0x1, 0x0)
04:13:10 executing program 5:
r0 = openat$prof_empty(0xffffffffffffff9c, &(0x7f0000000000)='/prof/.empty\x00', 0xd, 0x3, 0x0)
nmount(r0, &(0x7f0000000040)='./file0\x00', 0x8, 0x10)
write(r0, &(0x7f0000000080)="31027966129c8560061d7514c26e1455c820e71d4bbc99cda77e2debd0f75f9734ddf4ba638a0357", 0x28)
openat$net_udp_0_local(0xffffffffffffff9c, &(0x7f00000000c0)='/net/udp/0/local\x00', 0x11, 0x1, 0x0)
openat$net_iproute(0xffffffffffffff9c, &(0x7f0000000100)='/net/iproute\x00', 0xd, 0x3, 0x0)
openat$prof_kpdata(0xffffffffffffff9c, &(0x7f0000000140)='/prof/kpdata\x00', 0xd, 0x3, 0x0)
openat$dev_config(0xffffffffffffff9c, &(0x7f0000000180)='/dev/config\x00', 0xc, 0x1, 0x0)
openat$proc_self_strace_traceset(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/strace_traceset\x00', 0x1b, 0x3, 0x0)
openat$dev_pgrpid(0xffffffffffffff9c, &(0x7f0000000200)='/dev/pgrpid\x00', 0xc, 0x1, 0x0)
openat$proc_self_noteid(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/noteid\x00', 0x12, 0x3, 0x0)
openat$dev_null(0xffffffffffffff9c, &(0x7f0000000340)='/dev/null\x00', 0xa, 0x1, 0x0)
04:13:10 executing program 0:
openat$net_ipifc_0_listen(0xffffffffffffff9c, 0x0, 0x0, 0x3, 0x0)
04:13:10 executing program 3:
r0 = openat$prof_empty(0xffffffffffffff9c, &(0x7f0000000000)='/prof/.empty\x00', 0xd, 0x3, 0x0)
nmount(r0, &(0x7f0000000040)='./file0\x00', 0x8, 0x10)
write(r0, &(0x7f0000000080)="31027966129c8560061d7514c26e1455c820e71d4bbc99cda77e2debd0f75f9734ddf4ba638a0357", 0x28)
openat$net_udp_0_local(0xffffffffffffff9c, &(0x7f00000000c0)='/net/udp/0/local\x00', 0x11, 0x1, 0x0)
openat$net_iproute(0xffffffffffffff9c, &(0x7f0000000100)='/net/iproute\x00', 0xd, 0x3, 0x0)
openat$prof_kpdata(0xffffffffffffff9c, &(0x7f0000000140)='/prof/kpdata\x00', 0xd, 0x3, 0x0)
openat$dev_config(0xffffffffffffff9c, &(0x7f0000000180)='/dev/config\x00', 0xc, 0x1, 0x0)
openat$proc_self_strace_traceset(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/strace_traceset\x00', 0x1b, 0x3, 0x0)
openat$dev_pgrpid(0xffffffffffffff9c, &(0x7f0000000200)='/dev/pgrpid\x00', 0xc, 0x1, 0x0)
openat$proc_self_noteid(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/noteid\x00', 0x12, 0x3, 0x0)
proc_create(&(0x7f0000000280)='./file0\x00', 0x8, &(0x7f00000002c0)='\x00', 0x1, 0x0)
04:13:10 executing program 2:
r0 = openat$prof_empty(0xffffffffffffff9c, &(0x7f0000000000)='/prof/.empty\x00', 0xd, 0x3, 0x0)
nmount(r0, &(0x7f0000000040)='./file0\x00', 0x8, 0x10)
write(r0, &(0x7f0000000080)="31027966129c8560061d7514c26e1455c820e71d4bbc99cda77e2debd0f75f9734ddf4ba638a0357", 0x28)
openat$net_udp_0_local(0xffffffffffffff9c, &(0x7f00000000c0)='/net/udp/0/local\x00', 0x11, 0x1, 0x0)
openat$net_iproute(0xffffffffffffff9c, &(0x7f0000000100)='/net/iproute\x00', 0xd, 0x3, 0x0)
openat$prof_kpdata(0xffffffffffffff9c, &(0x7f0000000140)='/prof/kpdata\x00', 0xd, 0x3, 0x0)
openat$dev_config(0xffffffffffffff9c, &(0x7f0000000180)='/dev/config\x00', 0xc, 0x1, 0x0)
openat$proc_self_strace_traceset(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/strace_traceset\x00', 0x1b, 0x3, 0x0)
openat$dev_hostowner(0xffffffffffffff9c, &(0x7f0000000380)='/dev/hostowner\x00', 0xf, 0x3, 0x0)
04:13:15 executing program 1:
r0 = openat$prof_empty(0xffffffffffffff9c, &(0x7f0000000000)='/prof/.empty\x00', 0xd, 0x3, 0x0)
nmount(r0, &(0x7f0000000040)='./file0\x00', 0x8, 0x10)
write(r0, &(0x7f0000000080)="31027966129c8560061d7514c26e1455c820e71d4bbc99cda77e2debd0f75f9734ddf4ba638a0357", 0x28)
openat$net_udp_0_local(0xffffffffffffff9c, &(0x7f00000000c0)='/net/udp/0/local\x00', 0x11, 0x1, 0x0)
openat$net_iproute(0xffffffffffffff9c, &(0x7f0000000100)='/net/iproute\x00', 0xd, 0x3, 0x0)
openat$prof_kpdata(0xffffffffffffff9c, &(0x7f0000000140)='/prof/kpdata\x00', 0xd, 0x3, 0x0)
openat$dev_config(0xffffffffffffff9c, &(0x7f0000000180)='/dev/config\x00', 0xc, 0x1, 0x0)
openat$proc_self_strace_traceset(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/strace_traceset\x00', 0x1b, 0x3, 0x0)
openat$dev_pgrpid(0xffffffffffffff9c, &(0x7f0000000200)='/dev/pgrpid\x00', 0xc, 0x1, 0x0)
openat$proc_self_noteid(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/noteid\x00', 0x12, 0x3, 0x0)
r1 = proc_create(&(0x7f0000000280)='./file0\x00', 0x8, &(0x7f00000002c0)='\x00', 0x1, 0x0)
fchdir(r1, 0xffffffffffffffff)
04:13:15 executing program 7:
openat$prof_empty(0xffffffffffffff9c, &(0x7f0000000000)='/prof/.empty\x00', 0xd, 0x3, 0x0)
r0 = proc_create(&(0x7f0000000400)='./file0\x00', 0x8, &(0x7f0000000440)='\x00', 0x1, 0x0)
proc_run(r0)
04:13:15 executing program 5:
r0 = openat$prof_empty(0xffffffffffffff9c, &(0x7f0000000000)='/prof/.empty\x00', 0xd, 0x3, 0x0)
nmount(r0, &(0x7f0000000040)='./file0\x00', 0x8, 0x10)
write(r0, &(0x7f0000000080)="31027966129c8560061d7514c26e1455c820e71d4bbc99cda77e2debd0f75f9734ddf4ba638a0357", 0x28)
openat$net_udp_0_local(0xffffffffffffff9c, &(0x7f00000000c0)='/net/udp/0/local\x00', 0x11, 0x1, 0x0)
openat$net_iproute(0xffffffffffffff9c, &(0x7f0000000100)='/net/iproute\x00', 0xd, 0x3, 0x0)
openat$prof_kpdata(0xffffffffffffff9c, &(0x7f0000000140)='/prof/kpdata\x00', 0xd, 0x3, 0x0)
openat$dev_config(0xffffffffffffff9c, &(0x7f0000000180)='/dev/config\x00', 0xc, 0x1, 0x0)
openat$proc_self_strace_traceset(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/strace_traceset\x00', 0x1b, 0x3, 0x0)
openat$dev_pgrpid(0xffffffffffffff9c, &(0x7f0000000200)='/dev/pgrpid\x00', 0xc, 0x1, 0x0)
openat$proc_self_noteid(0xffffffffffffff9c, &(0x7f0000000240)='/proc/self/noteid\x00', 0x12, 0x3, 0x0)
openat$dev_null(0xffffffffffffff9c, &(0x7f0000000340)='/dev/null\x00', 0xa, 0x1, 0x0)

Crashes (2):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2020/11/23 04:13 akaros d8b15e15415b 0d27f508 .config console log report info ci-akaros-main
2020/10/28 15:13 akaros d8b15e15415b 96e03c1c .config console log report info ci-akaros-main
* Struck through repros no longer work on HEAD.