page fault in pipewrite

[dvyukov]

On commit 94fd376914eea7ba30ceab9d6034f75bdf46e87f kernel reliably crashes with:

/ $ HW TRAP frame at 0xfffffff000061b90 on core 0
  rax  0xffff8000044a0660
  rbx  0x000000000000000b
  rcx  0x0000000000000000
  rdx  0x000000000000000b
  rbp  0xfffffff000061c58
  rsi  0x0000000000483e33
  rdi  0xffff8000044a0660
  r8   0x0000000000000003
  r9   0x0000000000000000
  r10  0x0000000000000000
  r11  0x0000000000000202
  r12  0xffff800003ab2820
  r13  0x0000000000483e33
  r14  0x0000000000010000
  r15  0xffff8000044a0660
  trap 0x0000000e Page Fault
  gsbs 0xffffffffc82e58c0
  fsbs 0x0000000000000000
  err  0x--------00000000
  rip  0xffffffffc20536a8
  cs   0x------------0008
  flag 0x0000000000010202
  rsp  0xfffffff000061c58
  ss   0x------------0010

Backtrace of kernel context on Core 0:
#01 [<0xffffffffc20536a8>] in memcpy
#02 [<0xffffffffc203a495>] in __qwrite
#03 [<0xffffffffc207ef26>] in pipewrite
#04 [<0xffffffffc203f3c4>] in rwrite
#05 [<0xffffffffc2057ca9>] in syscall
#06 [<0xffffffffc2057e64>] in run_local_syscall
#07 [<0xffffffffc20a957a>] in sysenter_callwrapper
kernel panic at kern/arch/x86/trap.c:311, from core 0: Proc-ful Page Fault in the Kernel at 0x0000000000483e33!
Entering Nanwan's Dungeon on Core 0 (Ints off):
Type 'help' for a list of commands.

Repro instructions: checkout https://github.com/dvyukov/syzkaller.git dvyukov-akaros-pipe-crash branch into $GOPATH/src/github.com/google/syzkaller Run: make execprog make TARGETOS=akaros SOURCEDIR=/path/to/akaros/toolchain executor /path/to/akaros/toolchain is the dir containing x86_64-ucb-akaros-gcc scp bin/akaros_amd64/syz-executor to the akaros VM create /tmp/simple file with a single line openat(0xffffffffffffff9c, &(0x7f0000000500)='file1\x00', 0x10002, 0x1a0) finally run: bin/linux_amd64/syz-execprog -os=akaros -debug -threaded=1 -executor "/usr/bin/ssh -p 5555 -i id_rsa.akaros -o IdentitiesOnly=yes -v root@localhost /syz-executor" /tmp/simple