netbsd boot error: panic: UBSan: Undefined Behavior in /syzkaller/managers/netbsd-kubsan/kernel/sys/arch/x86/x86/pmap.c:LINE, member access
0 views
Skip to first unread message
syzbot
Nov 16, 2019, 12:33:10 AM11/16/19
to syzkaller-...@googlegroups.com
Hello,
syzbot found the following crash on:
HEAD commit: 074d9895 Remove some XXX'd comments that were remnants of ..
git tree: netbsd
console output: https://syzkaller.appspot.com/x/log.txt?x=15854416e00000
kernel config: https://syzkaller.appspot.com/x/.config?x=824b23e1f4b6c76b
dashboard link: https://syzkaller.appspot.com/bug?extid=110b29c1973f38a38026
Unfortunately, I don't have any reproducer for this crash yet.
IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+110b29...@syzkaller.appspotmail.com
[ 1.7409391] panic: UBSan: Undefined Behavior in
/syzkaller/managers/netbsd-kubsan/kernel/sys/arch/x86/x86/pmap.c:545:9,
member access within null pointer of type 'struct pv_entry'
[ 1.7528073] cpu0: Begin traceback...
[ 1.7528073] vpanic() at netbsd:vpanic+0x2aa sys/kern/subr_prf.c:336
[ 1.7710033] isAlreadyReported() at netbsd:isAlreadyReported
[ 1.7910429] HandleTypeMismatch.part.1() at
netbsd:HandleTypeMismatch.part.1+0x15b
[ 1.8110827] HandleTypeMismatch() at netbsd:HandleTypeMismatch+0x7b
sys/../common/lib/libc/misc/ubsan.c:408
[ 1.8211050] pmap_pp_clear_attrs() at netbsd:pmap_pp_clear_attrs+0x2fb
pve_to_pvpte sys/arch/x86/x86/pmap.c:545 [inline]
[ 1.8211050] pmap_pp_clear_attrs() at netbsd:pmap_pp_clear_attrs+0x2fb
pv_pte_first sys/arch/x86/x86/pmap.c:567 [inline]
[ 1.8211050] pmap_pp_clear_attrs() at netbsd:pmap_pp_clear_attrs+0x2fb
sys/arch/x86/x86/pmap.c:3930
[ 1.8411422] genfs_getpages() at netbsd:genfs_getpages+0x1fdd
sys/miscfs/genfs/genfs_io.c:479
[ 1.8611833] VOP_GETPAGES() at netbsd:VOP_GETPAGES+0x14b
sys/kern/vnode_if.c:1596
[ 1.8812267] uvn_get() at netbsd:uvn_get+0x1d4 sys/uvm/uvm_vnode.c:187
[ 1.9012730] ubc_fault() at netbsd:ubc_fault+0x41a sys/uvm/uvm_bio.c:388
[ 1.9213107] uvm_fault_internal() at netbsd:uvm_fault_internal+0x1026
sys/uvm/uvm_fault.c:890
[ 1.9313299] trap() at netbsd:trap+0xe45 sys/arch/amd64/amd64/trap.c:538
[ 1.9413501] --- trap (number 6) ---
[ 1.9513704] kcopy() at netbsd:kcopy+0x15
[ 1.9613896] uiomove() at netbsd:uiomove+0xd3 sys/kern/subr_copy.c:132
[ 1.9814322] ubc_uiomove() at netbsd:ubc_uiomove+0x1c0
sys/uvm/uvm_bio.c:751
[ 1.9914483] ffs_read() at netbsd:ffs_read+0x334
sys/ufs/ufs/ufs_readwrite.c:110
[ 2.0114928] VOP_READ() at netbsd:VOP_READ+0x11b sys/kern/vnode_if.c:470
[ 2.0215095] vn_rdwr() at netbsd:vn_rdwr+0x196 sys/kern/vfs_vnops.c:463
[ 2.0415528] check_exec() at netbsd:check_exec+0x547
sys/kern/kern_exec.c:443
[ 2.0615944] execve_loadvm() at netbsd:execve_loadvm+0x830
sys/kern/kern_exec.c:822
[ 2.0716110] execve1() at netbsd:execve1+0x74 sys/kern/kern_exec.c:1419
[ 2.0916583] sys_execve() at netbsd:sys_execve+0x4f
sys/kern/kern_exec.c:588
[ 2.1117016] start_init() at netbsd:start_init+0x400
sys/kern/init_main.c:1104
[ 2.1226927] cpu0: End traceback...
[ 2.1226927] fatal breakpoint trap in supervisor mode
[ 2.1226927] trap type 1 code 0 rip 0xffffffff8021dddd cs 0x8 rflags
0x286 cr2 0xffffde00a5c64000 ilevel 0 rsp 0xffffde00a68ae950
[ 2.1383426] curlwp 0xffffc611c1de7a60 pid 1.1 lowest kstack
0xffffde00a68ac2c0
Stopped in pid 1.1 (init) at netbsd:breakpoint+0x5: leave
db{0}>
---
This bug is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this bug report. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot found the following crash on:
HEAD commit: 074d9895 Remove some XXX'd comments that were remnants of ..
git tree: netbsd
console output: https://syzkaller.appspot.com/x/log.txt?x=15854416e00000
kernel config: https://syzkaller.appspot.com/x/.config?x=824b23e1f4b6c76b
dashboard link: https://syzkaller.appspot.com/bug?extid=110b29c1973f38a38026
Unfortunately, I don't have any reproducer for this crash yet.
IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+110b29...@syzkaller.appspotmail.com
[ 1.7409391] panic: UBSan: Undefined Behavior in
/syzkaller/managers/netbsd-kubsan/kernel/sys/arch/x86/x86/pmap.c:545:9,
member access within null pointer of type 'struct pv_entry'
[ 1.7528073] cpu0: Begin traceback...
[ 1.7528073] vpanic() at netbsd:vpanic+0x2aa sys/kern/subr_prf.c:336
[ 1.7710033] isAlreadyReported() at netbsd:isAlreadyReported
[ 1.7910429] HandleTypeMismatch.part.1() at
netbsd:HandleTypeMismatch.part.1+0x15b
[ 1.8110827] HandleTypeMismatch() at netbsd:HandleTypeMismatch+0x7b
sys/../common/lib/libc/misc/ubsan.c:408
[ 1.8211050] pmap_pp_clear_attrs() at netbsd:pmap_pp_clear_attrs+0x2fb
pve_to_pvpte sys/arch/x86/x86/pmap.c:545 [inline]
[ 1.8211050] pmap_pp_clear_attrs() at netbsd:pmap_pp_clear_attrs+0x2fb
pv_pte_first sys/arch/x86/x86/pmap.c:567 [inline]
[ 1.8211050] pmap_pp_clear_attrs() at netbsd:pmap_pp_clear_attrs+0x2fb
sys/arch/x86/x86/pmap.c:3930
[ 1.8411422] genfs_getpages() at netbsd:genfs_getpages+0x1fdd
sys/miscfs/genfs/genfs_io.c:479
[ 1.8611833] VOP_GETPAGES() at netbsd:VOP_GETPAGES+0x14b
sys/kern/vnode_if.c:1596
[ 1.8812267] uvn_get() at netbsd:uvn_get+0x1d4 sys/uvm/uvm_vnode.c:187
[ 1.9012730] ubc_fault() at netbsd:ubc_fault+0x41a sys/uvm/uvm_bio.c:388
[ 1.9213107] uvm_fault_internal() at netbsd:uvm_fault_internal+0x1026
sys/uvm/uvm_fault.c:890
[ 1.9313299] trap() at netbsd:trap+0xe45 sys/arch/amd64/amd64/trap.c:538
[ 1.9413501] --- trap (number 6) ---
[ 1.9513704] kcopy() at netbsd:kcopy+0x15
[ 1.9613896] uiomove() at netbsd:uiomove+0xd3 sys/kern/subr_copy.c:132
[ 1.9814322] ubc_uiomove() at netbsd:ubc_uiomove+0x1c0
sys/uvm/uvm_bio.c:751
[ 1.9914483] ffs_read() at netbsd:ffs_read+0x334
sys/ufs/ufs/ufs_readwrite.c:110
[ 2.0114928] VOP_READ() at netbsd:VOP_READ+0x11b sys/kern/vnode_if.c:470
[ 2.0215095] vn_rdwr() at netbsd:vn_rdwr+0x196 sys/kern/vfs_vnops.c:463
[ 2.0415528] check_exec() at netbsd:check_exec+0x547
sys/kern/kern_exec.c:443
[ 2.0615944] execve_loadvm() at netbsd:execve_loadvm+0x830
sys/kern/kern_exec.c:822
[ 2.0716110] execve1() at netbsd:execve1+0x74 sys/kern/kern_exec.c:1419
[ 2.0916583] sys_execve() at netbsd:sys_execve+0x4f
sys/kern/kern_exec.c:588
[ 2.1117016] start_init() at netbsd:start_init+0x400
sys/kern/init_main.c:1104
[ 2.1226927] cpu0: End traceback...
[ 2.1226927] fatal breakpoint trap in supervisor mode
[ 2.1226927] trap type 1 code 0 rip 0xffffffff8021dddd cs 0x8 rflags
0x286 cr2 0xffffde00a5c64000 ilevel 0 rsp 0xffffde00a68ae950
[ 2.1383426] curlwp 0xffffc611c1de7a60 pid 1.1 lowest kstack
0xffffde00a68ac2c0
Stopped in pid 1.1 (init) at netbsd:breakpoint+0x5: leave
db{0}>
---
This bug is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this bug report. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
Reply all
Reply to author
Forward
0 new messages