syzbot

 sign-in | mailing list | source | docs
🐞 Open [195]
🐞 Fixed [376]
🐞 Invalid [1339]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
💬 Send us feedback

netbsd boot error: MSan: Uninitialized Memory in pmap_ctor

Status: fixed on 2020/06/02 13:04
Reported-by: syzbot+6dd5a230d19f0cbc7814@syzkaller.appspotmail.com
Fix commit: 248fe10b7a27 Reported-by: syzbot+6dd5a230d19f0cbc7814@syzkaller.appspotmail.com
First crash: 1640d, last: 1637d

Sample crash report:
[   1.1031748] panic: MSan: Uninitialized Pool Memory From pmap_ctor()

[   1.1133019] cpu0: Begin traceback...
[   1.1133019] vpanic() at netbsd:vpanic+0x7c1 sys/kern/subr_prf.c:288
[   1.1231751] panic() at netbsd:panic+0x1ad sys/kern/subr_prf.c:209
[   1.1332471] __msan_warning() at netbsd:__msan_warning+0xe7 kmsan_report_inline sys/kern/subr_msan.c:239 [inline]
[   1.1332471] __msan_warning() at netbsd:__msan_warning+0xe7 sys/kern/subr_msan.c:612
[   1.1531746] pmap_ctor() at netbsd:pmap_ctor+0x892 sys/arch/x86/x86/pmap.c:2812
[   1.1631720] pool_cache_get_slow() at netbsd:pool_cache_get_slow+0xa6e sys/kern/subr_pool.c:2492
[   1.1831751] pool_cache_get_paddr() at netbsd:pool_cache_get_paddr+0x8c6 sys/kern/subr_pool.c:2577
[   1.1931745] pmap_create() at netbsd:pmap_create+0x52 sys/arch/x86/x86/pmap.c:2860
[   1.2041763] uvmspace_fork() at netbsd:uvmspace_fork+0x435 uvmspace_init sys/uvm/uvm_map.c:4052 [inline]
[   1.2041763] uvmspace_fork() at netbsd:uvmspace_fork+0x435 uvmspace_alloc sys/uvm/uvm_map.c:4024 [inline]
[   1.2041763] uvmspace_fork() at netbsd:uvmspace_fork+0x435 sys/uvm/uvm_map.c:4499
[   1.2231783] uvm_proc_fork() at netbsd:uvm_proc_fork+0x118 sys/uvm/uvm_glue.c:193
[   1.2331721] fork1() at netbsd:fork1+0x18e7 sys/kern/kern_fork.c:475
[   1.2431728] main() at netbsd:main+0xc9e sys/kern/init_main.c:624
[   1.2535679] cpu0: End traceback...
[   1.2535679] fatal breakpoint trap in supervisor mode
[   1.2535679] trap type 1 code 0 rip 0xffffffff802226fd cs 0x8 rflags 0x246 cr2 0 ilevel 0 rsp 0xffffffff85df2600
[   1.2725250] curlwp 0xffffffff859f6ec0 pid 0.0 lowest kstack 0xffffffff85deb2c0
Stopped in pid 0.0 (system) at  netbsd:breakpoint+0x5:  leave
breakpoint() at netbsd:breakpoint+0x5
vpanic() at netbsd:vpanic+0x7c1 sys/kern/subr_prf.c:288
panic() at netbsd:panic+0x1ad sys/kern/subr_prf.c:209
__msan_warning() at netbsd:__msan_warning+0xe7 kmsan_report_inline sys/kern/subr_msan.c:239 [inline]
__msan_warning() at netbsd:__msan_warning+0xe7 sys/kern/subr_msan.c:612
pmap_ctor() at netbsd:pmap_ctor+0x892 sys/arch/x86/x86/pmap.c:2812
pool_cache_get_slow() at netbsd:pool_cache_get_slow+0xa6e sys/kern/subr_pool.c:2492
pool_cache_get_paddr() at netbsd:pool_cache_get_paddr+0x8c6 sys/kern/subr_pool.c:2577
pmap_create() at netbsd:pmap_create+0x52 sys/arch/x86/x86/pmap.c:2860
uvmspace_fork() at netbsd:uvmspace_fork+0x435 uvmspace_init sys/uvm/uvm_map.c:4052 [inline]
uvmspace_fork() at netbsd:uvmspace_fork+0x435 uvmspace_alloc sys/uvm/uvm_map.c:4024 [inline]
uvmspace_fork() at netbsd:uvmspace_fork+0x435 sys/uvm/uvm_map.c:4499
uvm_proc_fork() at netbsd:uvm_proc_fork+0x118 sys/uvm/uvm_glue.c:193
fork1() at netbsd:fork1+0x18e7 sys/kern/kern_fork.c:475
main() at netbsd:main+0xc9e sys/kern/init_main.c:624
ds          25f0
es          918
fs          1
gs          c120
rdi         8000000000
rsi         fffffb8000000000
rbp         ffffffff85df2600
rbx         0
rdx         ffff818005948360
rcx         ffffffff859f6ec0    lwp0
--db_more--

Crashes (60):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2020/05/31 22:58 netbsd 42029ecc3374 a0331e89 .config console log report ci2-netbsd-kmsan
2020/05/31 20:47 netbsd b9ddffb1df4d a0331e89 .config console log report ci2-netbsd-kmsan
2020/05/31 18:58 netbsd e5fdb45204fd a0331e89 .config console log report ci2-netbsd-kmsan
2020/05/31 16:47 netbsd eb36f7449653 a0331e89 .config console log report ci2-netbsd-kmsan
2020/05/31 14:37 netbsd b312cb44359f a0331e89 .config console log report ci2-netbsd-kmsan
2020/05/31 12:07 netbsd 4b2974ff8834 a0331e89 .config console log report ci2-netbsd-kmsan
2020/05/31 09:57 netbsd d4fb2f6aaeb0 a0331e89 .config console log report ci2-netbsd-kmsan
2020/05/31 09:57 netbsd d4fb2f6aaeb0 a0331e89 .config console log report ci2-netbsd-kmsan
2020/05/31 08:56 netbsd e8330d11bb28 a0331e89 .config console log report ci2-netbsd-kmsan
2020/05/31 08:56 netbsd e8330d11bb28 a0331e89 .config console log report ci2-netbsd-kmsan
2020/05/31 08:56 netbsd e8330d11bb28 a0331e89 .config console log report ci2-netbsd-kmsan
2020/05/31 08:14 netbsd e8330d11bb28 6f3e1c7c .config console log report ci2-netbsd-kmsan
2020/05/31 08:13 netbsd e8330d11bb28 6f3e1c7c .config console log report ci2-netbsd-kmsan
2020/05/31 08:13 netbsd e8330d11bb28 6f3e1c7c .config console log report ci2-netbsd-kmsan
2020/05/31 06:24 netbsd e5a86e9cc2a0 6f3e1c7c .config console log report ci2-netbsd-kmsan
2020/05/31 06:24 netbsd e5a86e9cc2a0 6f3e1c7c .config console log report ci2-netbsd-kmsan
2020/05/31 06:24 netbsd e5a86e9cc2a0 6f3e1c7c .config console log report ci2-netbsd-kmsan
2020/05/31 04:34 netbsd d9e55e24a4fd 6f3e1c7c .config console log report ci2-netbsd-kmsan
2020/05/31 04:34 netbsd d9e55e24a4fd 6f3e1c7c .config console log report ci2-netbsd-kmsan
2020/05/31 04:34 netbsd d9e55e24a4fd 6f3e1c7c .config console log report ci2-netbsd-kmsan
2020/05/31 02:14 netbsd 210304d1fa88 6f3e1c7c .config console log report ci2-netbsd-kmsan
2020/05/31 02:14 netbsd 210304d1fa88 6f3e1c7c .config console log report ci2-netbsd-kmsan
2020/05/31 02:14 netbsd 210304d1fa88 6f3e1c7c .config console log report ci2-netbsd-kmsan
2020/05/31 00:24 netbsd b821830053dc 6f3e1c7c .config console log report ci2-netbsd-kmsan
2020/05/31 00:24 netbsd b821830053dc 6f3e1c7c .config console log report ci2-netbsd-kmsan
2020/05/31 00:24 netbsd b821830053dc 6f3e1c7c .config console log report ci2-netbsd-kmsan
2020/05/30 18:03 netbsd 2adf1ff854d7 6f3e1c7c .config console log report ci2-netbsd-kmsan
2020/05/30 18:03 netbsd 2adf1ff854d7 6f3e1c7c .config console log report ci2-netbsd-kmsan
2020/05/30 18:03 netbsd 2adf1ff854d7 6f3e1c7c .config console log report ci2-netbsd-kmsan
2020/05/30 16:14 netbsd 84d9ddef35cd 6f3e1c7c .config console log report ci2-netbsd-kmsan
2020/05/30 16:14 netbsd 84d9ddef35cd 6f3e1c7c .config console log report ci2-netbsd-kmsan
2020/05/30 16:14 netbsd 84d9ddef35cd 6f3e1c7c .config console log report ci2-netbsd-kmsan
2020/05/30 15:18 netbsd 7d30358b345b 6f3e1c7c .config console log report ci2-netbsd-kmsan
2020/05/30 15:18 netbsd 7d30358b345b 6f3e1c7c .config console log report ci2-netbsd-kmsan
2020/05/30 15:18 netbsd 7d30358b345b 6f3e1c7c .config console log report ci2-netbsd-kmsan
2020/05/28 13:47 netbsd 54fc79061107 c7192a2f .config console log report ci2-netbsd-kmsan
2020/05/28 13:47 netbsd 54fc79061107 c7192a2f .config console log report ci2-netbsd-kmsan
2020/05/28 13:47 netbsd 54fc79061107 c7192a2f .config console log report ci2-netbsd-kmsan
2020/05/28 12:50 netbsd 15641b84b576 c7192a2f .config console log report ci2-netbsd-kmsan
2020/05/28 12:50 netbsd 15641b84b576 c7192a2f .config console log report ci2-netbsd-kmsan
2020/05/28 12:50 netbsd 15641b84b576 c7192a2f .config console log report ci2-netbsd-kmsan
2020/05/28 11:18 netbsd 15641b84b576 9072c126 .config console log report ci2-netbsd-kmsan
2020/05/28 11:18 netbsd 15641b84b576 9072c126 .config console log report ci2-netbsd-kmsan
2020/05/28 11:18 netbsd 15641b84b576 9072c126 .config console log report ci2-netbsd-kmsan
2020/05/28 09:32 netbsd aa85acd0249a 9072c126 .config console log report ci2-netbsd-kmsan
2020/05/28 09:32 netbsd aa85acd0249a 9072c126 .config console log report ci2-netbsd-kmsan
2020/05/28 09:32 netbsd aa85acd0249a 9072c126 .config console log report ci2-netbsd-kmsan
* Struck through repros no longer work on HEAD.