I got the following crash on Freebsd/Riscv64 using Syzkaller: --- Kernel Version: FreeBSD 14.0-CURRENT #2 main-8e59ec29e: Fri Aug 26 22:25:12 CST 2022 --- Report: --- panic: Unknown userland exception 4, trap value 27bd3 cpuid = 3 time = 1661773411 KDB: stack backtrace: db_trace_self() at db_trace_self db_trace_self_wrapper() at db_trace_self_wrapper+0x66 kdb_backtrace() at kdb_backtrace+0x3c vpanic() at vpanic+0x1bc panic() at panic+0x26 do_trap_user() at do_trap_user+0xb84 cpu_exception_handler_user() at cpu_exception_handler_user+0x72 --- exception 4, tval = 0x27bd3 KDB: enter: panic [ thread pid 56309 tid 162740 ] Stopped at kdb_enter+0x8c: sd zero,0(s1) --- There are no reproducer available.
*** Bug 266110 has been marked as a duplicate of this bug. ***
A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/src/commit/?id=9b4cbaa9c3da233cf06381c3d22e3472ee586585 commit 9b4cbaa9c3da233cf06381c3d22e3472ee586585 Author: Mitchell Horne <mhorne@FreeBSD.org> AuthorDate: 2022-10-11 13:39:50 +0000 Commit: Mitchell Horne <mhorne@FreeBSD.org> CommitDate: 2022-10-11 13:39:50 +0000 riscv: handle misaligned address exceptions If this exception is coming from userspace, send the appropriate SIGBUS to the process. If it's coming from the kernel this is still fatal, but we can give a better panic message. Typical misaligned loads/stores are emulated by the SBI firmware, and require no intervention from our kernel. The notable exception here is misaligned access with atomic instructions. These can generate the exception and panic seen in the PR. With this, we now handle all defined exception types. PR: 266109 MFC after: 1 week Found by: syzkaller Reported by: P1umer <p1umer1337@gmail.com> Differential Revision: https://reviews.freebsd.org/D36876 sys/riscv/riscv/trap.c | 14 ++++++++++++++ 1 file changed, 14 insertions(+)
A commit in branch stable/13 references this bug: URL: https://cgit.FreeBSD.org/src/commit/?id=97edb6baa91096a2d7d37546ad59596abe5c5b1b commit 97edb6baa91096a2d7d37546ad59596abe5c5b1b Author: Mitchell Horne <mhorne@FreeBSD.org> AuthorDate: 2022-10-11 13:39:50 +0000 Commit: Mitchell Horne <mhorne@FreeBSD.org> CommitDate: 2022-10-18 14:08:22 +0000 riscv: handle misaligned address exceptions If this exception is coming from userspace, send the appropriate SIGBUS to the process. If it's coming from the kernel this is still fatal, but we can give a better panic message. Typical misaligned loads/stores are emulated by the SBI firmware, and require no intervention from our kernel. The notable exception here is misaligned access with atomic instructions. These can generate the exception and panic seen in the PR. With this, we now handle all defined exception types. PR: 266109 MFC after: 1 week Found by: syzkaller Reported by: P1umer <p1umer1337@gmail.com> Differential Revision: https://reviews.freebsd.org/D36876 (cherry picked from commit 9b4cbaa9c3da233cf06381c3d22e3472ee586585) sys/riscv/riscv/trap.c | 14 ++++++++++++++ 1 file changed, 14 insertions(+)