kernel panic: HW TRAP frame at ADDR on core 3

[akaros] kernel panic: HW TRAP frame at ADDR on core 3
Status: upstream: reported on 2018/07/16 16:19
Reported-by: syzbot+3b7b23aa69f356406273@syzkaller.appspotmail.com
First: 96d, last: 95d

Sample crash report:

nbuf 158, STAT_FIX_LEN_9P 49 kernel panic at kern/src/rcu.c:325, from core 2: HW TRAP frame at 0xfffffff000020f40 on core 3
assertion failed: rpi->gp_acked + 1 == READ_ONCE(rsp->gpnum)  rax  0x000000000000001d
  rbx  0xffffffffc8668140
Stack Backtrace on Core 2:
  rcx  0x00000000000003d4
#01 [<0xffffffffc200a3b7>] in backtrace at src/kdebug.c:219
  rdx  0x00000000000014db
#02 [<0xffffffffc2009b7c>] in _panic at src/init.c:266
  rbp  0xfffffff00006dc78
#03 [<0xffffffffc20502f9>] in rcu_report_qs_rpi at src/rcu.c:325
  rsi  0x000000000000079d
#04 [<0xffffffffc2050c4c>] in rcu_report_qs at src/rcu.c:340
  rdi  0xffffffffc210eba0
#05 [<0xffffffffc2054363>] in __smp_idle at src/smp.c:75
  r8   0x00000000000003f8
  r9   0x000000000000000d
  r10  0x0000000000000020
  r11  0x000000000000000a
  r12  0xfffffff00006dc90
  r13  0xffffffffc20b851b
  r14  0x0000000000000246
  r15  0xffff80000217aac0
ROS(Core 2)>   trap 0x00000008 Double Fault
  gsbs 0xffffffffc8668140
  fsbs 0x0000000000000000
  err  0x--------00000000
  rip  0xffffffffc20481d1
  cs   0x------------0008
  flag 0x0000000000010202
  rsp  0xfffffff00006dc28
  ss   0x------------0010
Backtrace of kernel context on Core 3:
#01 [<0xffffffffc20481d1>] in vcprintf at src/printf.c:92
#02 [<0xffffffffc2048223>] in cprintf at src/printf.c:103
#03 [<0xffffffffc2034cc6>] in statcheck at src/ns/convM2D.c:51
#04 [<0xffffffffc203dfa8>] in validstat at src/ns/sysfile.c:961
#05 [<0xffffffffc203e166>] in syswstat at src/ns/sysfile.c:1159
#06 [<0xffffffffc205597f>] in sys_wstat at src/syscall.c:2329
#07 [<0xffffffffc2059149>] in syscall at src/syscall.c:2528
#08 [<0xffffffffc2059304>] in run_local_syscall at src/syscall.c:2563
#09 [<0xffffffffc2059839>] in prep_syscalls at src/syscall.c:2583
#10 [<0xffffffffc20aaf1a>] in sysenter_callwrapper at arch/x86/trap.c:859
kernel panic at kern/arch/x86/trap.c:541, from core 3: Double fault!  Check the kernel stack pointer; you likely ran off the end of the stack.
Stack Backtrace on Core 3:
#01 [<0xffffffffc200a3b7>] in backtrace at src/kdebug.c:219
#02 [<0xffffffffc2009b7c>] in _panic at src/init.c:266
#03 [<0xffffffffc20aa253>] in handle_double_fault at arch/x86/trap.c:541

All crashes (13):
Manager	Time	Kernel	Commit	Syzkaller	Config	Log	Report
ci-akaros-main	2018/07/16 16:02	https://github.com/akaros/akaros.git master	93b9607e	40cb0c9a	.config	log	report
ci-akaros-main	2018/07/17 11:57	https://github.com/akaros/akaros.git master	93b9607e	570df9b2	.config	log	report
ci-akaros-main	2018/07/17 11:14	https://github.com/akaros/akaros.git master	93b9607e	570df9b2	.config	log	report
ci-akaros-main	2018/07/17 07:57	https://github.com/akaros/akaros.git master	93b9607e	13761366	.config	log	report
ci-akaros-main	2018/07/17 07:33	https://github.com/akaros/akaros.git master	93b9607e	13761366	.config	log	report
ci-akaros-main	2018/07/17 07:18	https://github.com/akaros/akaros.git master	93b9607e	13761366	.config	log	report
ci-akaros-main	2018/07/17 07:09	https://github.com/akaros/akaros.git master	93b9607e	13761366	.config	log	report
ci-akaros-main	2018/07/17 01:20	https://github.com/akaros/akaros.git master	93b9607e	13761366	.config	log	report
ci-akaros-main	2018/07/17 00:32	https://github.com/akaros/akaros.git master	93b9607e	13761366	.config	log	report
ci-akaros-main	2018/07/16 22:38	https://github.com/akaros/akaros.git master	93b9607e	13761366	.config	log	report
ci-akaros-main	2018/07/16 20:20	https://github.com/akaros/akaros.git master	93b9607e	13761366	.config	log	report
ci-akaros-main	2018/07/16 18:14	https://github.com/akaros/akaros.git master	93b9607e	40cb0c9a	.config	log	report
ci-akaros-main	2018/07/16 17:10	https://github.com/akaros/akaros.git master	93b9607e	40cb0c9a	.config	log	report