protection fault in Xosyscall
0 views
Skip to first unread message
syzbot
Apr 23, 2024, 6:52:23 AM (11 days ago) Apr 23
to syzkaller-...@googlegroups.com
Hello,
syzbot found the following issue on:
HEAD commit: 8a12906d648f Switch to mesa 21
git tree: netbsd
console output: https://syzkaller.appspot.com/x/log.txt?x=175508d3180000
kernel config: https://syzkaller.appspot.com/x/.config?x=fab579639ba4bf0a
dashboard link: https://syzkaller.appspot.com/bug?extid=a770f2443225bc887c8c
compiler: g++ (Debian 12.2.0-14) 12.2.0
Unfortunately, I don't have any reproducer for this issue yet.
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/fc21869d57a3/disk-8a12906d.raw.xz
netbsd.gdb: https://storage.googleapis.com/syzbot-assets/972e11abc826/netbsd-8a12906d.gdb.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+a770f2...@syzkaller.appspotmail.com
[ 159.8215152] fatal protection fault in supervisor mode
[ 159.8215152] trap type 4 code 0 rip 0xffffffff802000b0 cs 0x8 rflags 0x10046 cr2 0x624040 ilevel 0 rsp 0xffff9c825dd49f00
[ 159.8215152] curlwp 0xffff9c801343d780 pid 1674.1674 lowest kstack 0xffff9c825dd422c0
kernel: protection fault trap, code=0
Stopped in pid 1674.1674 (syz-executor.2) at netbsd:Xosyscall+0xa0: addb %al,0(%rax)
?
Xosyscall() at netbsd:Xosyscall+0xa0
[ 159.8215152] prevented access to 0x623718 (SMAP)
[ 159.8215152] fatal page fault in supervisor mode
[ 159.8215152] trap type 6 code 0x1 rip 0xffffffff80980e33 cs 0x8 rflags 0x10282 cr2 0x623718 ilevel 0x8 rsp 0xffff9c825dd48b70
[ 159.8215152] curlwp 0xffff9c801343d780 pid 1674.1674 lowest kstack 0xffff9c825dd422c0
kernel: page fault trap, code=0
Faulted in DDB; continuing...
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
If the report is already addressed, let syzbot know by replying with:
#syz fix: exact-commit-title
If you want to overwrite report's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)
If the report is a duplicate of another one, reply with:
#syz dup: exact-subject-of-another-report
If you want to undo deduplication, reply with:
#syz undup
syzbot found the following issue on:
HEAD commit: 8a12906d648f Switch to mesa 21
git tree: netbsd
console output: https://syzkaller.appspot.com/x/log.txt?x=175508d3180000
kernel config: https://syzkaller.appspot.com/x/.config?x=fab579639ba4bf0a
dashboard link: https://syzkaller.appspot.com/bug?extid=a770f2443225bc887c8c
compiler: g++ (Debian 12.2.0-14) 12.2.0
Unfortunately, I don't have any reproducer for this issue yet.
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/fc21869d57a3/disk-8a12906d.raw.xz
netbsd.gdb: https://storage.googleapis.com/syzbot-assets/972e11abc826/netbsd-8a12906d.gdb.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+a770f2...@syzkaller.appspotmail.com
[ 159.8215152] fatal protection fault in supervisor mode
[ 159.8215152] trap type 4 code 0 rip 0xffffffff802000b0 cs 0x8 rflags 0x10046 cr2 0x624040 ilevel 0 rsp 0xffff9c825dd49f00
[ 159.8215152] curlwp 0xffff9c801343d780 pid 1674.1674 lowest kstack 0xffff9c825dd422c0
kernel: protection fault trap, code=0
Stopped in pid 1674.1674 (syz-executor.2) at netbsd:Xosyscall+0xa0: addb %al,0(%rax)
?
Xosyscall() at netbsd:Xosyscall+0xa0
[ 159.8215152] prevented access to 0x623718 (SMAP)
[ 159.8215152] fatal page fault in supervisor mode
[ 159.8215152] trap type 6 code 0x1 rip 0xffffffff80980e33 cs 0x8 rflags 0x10282 cr2 0x623718 ilevel 0x8 rsp 0xffff9c825dd48b70
[ 159.8215152] curlwp 0xffff9c801343d780 pid 1674.1674 lowest kstack 0xffff9c825dd422c0
kernel: page fault trap, code=0
Faulted in DDB; continuing...
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
If the report is already addressed, let syzbot know by replying with:
#syz fix: exact-commit-title
If you want to overwrite report's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)
If the report is a duplicate of another one, reply with:
#syz dup: exact-subject-of-another-report
If you want to undo deduplication, reply with:
#syz undup
Reply all
Reply to author
Forward
0 new messages