MSan: Uninitialized Memory in VOP_GETATTR
1 view
Skip to first unread message
syzbot
May 26, 2021, 7:34:19 PM5/26/21
to syzkaller-...@googlegroups.com
Hello,
syzbot found the following issue on:
HEAD commit: c3e85a7b Fix ip_nat memory leak and use-after-free, wrong ..
git tree: netbsd
console output: https://syzkaller.appspot.com/x/log.txt?x=13faf34bd00000
kernel config: https://syzkaller.appspot.com/x/.config?x=739e57438eb9ed9e
dashboard link: https://syzkaller.appspot.com/bug?extid=553267bfc9cead58de56
compiler: Debian clang version 11.0.1-2
Unfortunately, I don't have any reproducer for this issue yet.
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+553267...@syzkaller.appspotmail.com
[ 986.5380890] panic: MSan: Uninitialized Variable 'nd' From firmware_open()
[ 986.5480936] cpu0: Begin traceback...
[ 986.6280546] vpanic() at netbsd:vpanic+0x91a sys/kern/subr_prf.c:288
[ 986.7580523] panic() at netbsd:panic+0x1ad sys/kern/subr_prf.c:209
[ 986.8980664] __msan_warning() at netbsd:__msan_warning+0x127 kmsan_report_inline sys/kern/subr_msan.c:229 [inline]
[ 986.8980664] __msan_warning() at netbsd:__msan_warning+0x127 sys/kern/subr_msan.c:609
[ 987.0280544] VOP_GETATTR() at netbsd:VOP_GETATTR+0x1d0 vop_pre sys/kern/vnode_if.c:59 [inline]
[ 987.0280544] VOP_GETATTR() at netbsd:VOP_GETATTR+0x1d0 sys/kern/vnode_if.c:431
[ 987.1680591] firmware_open() at netbsd:firmware_open+0x955 sys/dev/firmload.c:256
[ 987.3080550] cpu_ucode_intel_firmware_open() at netbsd:cpu_ucode_intel_firmware_open+0x352
[ 987.4480580] cpu_ucode_md_open() at netbsd:cpu_ucode_md_open+0x126
[ 987.5780757] cpu_ucode_load() at netbsd:cpu_ucode_load+0x19c sys/kern/kern_cpu.c:557
[ 987.7180565] cpu_ucode_apply() at netbsd:cpu_ucode_apply+0xa4 sys/arch/x86/x86/cpu_ucode.c:111
[ 987.8480602] cpuctl_ioctl() at netbsd:cpuctl_ioctl+0x895 sys/kern/kern_cpu.c:271
[ 987.9880606] cdev_ioctl() at netbsd:cdev_ioctl+0x386 sys/kern/subr_devsw.c:935
[ 988.1180644] spec_ioctl() at netbsd:spec_ioctl+0x3d9 sys/miscfs/specfs/spec_vnops.c:933
[ 988.2480604] VOP_IOCTL() at netbsd:VOP_IOCTL+0x2f2 sys/kern/vnode_if.c:646
[ 988.3980698] vn_ioctl() at netbsd:vn_ioctl+0x33f sys/kern/vfs_vnops.c:783
[ 988.5480659] sys_ioctl() at netbsd:sys_ioctl+0xe99 sys/kern/sys_generic.c:671
[ 988.6780615] sys___syscall() at netbsd:sys___syscall+0x2a4 sy_call sys/sys/syscallvar.h:65 [inline]
[ 988.6780615] sys___syscall() at netbsd:sys___syscall+0x2a4 sys/kern/sys_syscall.c:77
[ 988.8280647] syscall() at netbsd:syscall+0x42d sy_call sys/sys/syscallvar.h:65 [inline]
[ 988.8280647] syscall() at netbsd:syscall+0x42d sy_invoke sys/sys/syscallvar.h:94 [inline]
[ 988.8280647] syscall() at netbsd:syscall+0x42d sys/arch/x86/x86/syscall.c:138
[ 988.8580642] --- syscall (number 198) ---
[ 988.8980752] netbsd:syscall+0x42d:
[ 988.8980752] cpu0: End traceback...
[ 988.8980752] fatal breakpoint trap in supervisor mode
[ 988.9101666] trap type 1 code 0 rip 0xffffffff8022287d cs 0x8 rflags 0x246 cr2 0x783594553560 ilevel 0 rsp 0xfffff380942c4190
[ 988.9235191] curlwp 0xfffff38014d58480 pid 924.3653 lowest kstack 0xfffff380942bd2c0
Stopped in pid 924.3653 (syz-executor.4) at netbsd:breakpoint+0x5: leave
?
breakpoint() at netbsd:breakpoint+0x5
vpanic() at netbsd:vpanic+0x91a sys/kern/subr_prf.c:288
panic() at netbsd:panic+0x1ad sys/kern/subr_prf.c:209
__msan_warning() at netbsd:__msan_warning+0x127 kmsan_report_inline sys/kern/subr_msan.c:229 [inline]
__msan_warning() at netbsd:__msan_warning+0x127 sys/kern/subr_msan.c:609
VOP_GETATTR() at netbsd:VOP_GETATTR+0x1d0 vop_pre sys/kern/vnode_if.c:59 [inline]
VOP_GETATTR() at netbsd:VOP_GETATTR+0x1d0 sys/kern/vnode_if.c:431
firmware_open() at netbsd:firmware_open+0x955 sys/dev/firmload.c:256
cpu_ucode_intel_firmware_open() at netbsd:cpu_ucode_intel_firmware_open+0x352
cpu_ucode_md_open() at netbsd:cpu_ucode_md_open+0x126
cpu_ucode_load() at netbsd:cpu_ucode_load+0x19c sys/kern/kern_cpu.c:557
cpu_ucode_apply() at netbsd:cpu_ucode_apply+0xa4 sys/arch/x86/x86/cpu_ucode.c:111
cpuctl_ioctl() at netbsd:cpuctl_ioctl+0x895 sys/kern/kern_cpu.c:271
cdev_ioctl() at netbsd:cdev_ioctl+0x386 sys/kern/subr_devsw.c:935
spec_ioctl() at netbsd:spec_ioctl+0x3d9 sys/miscfs/specfs/spec_vnops.c:933
VOP_IOCTL() at netbsd:VOP_IOCTL+0x2f2 sys/kern/vnode_if.c:646
vn_ioctl() at netbsd:vn_ioctl+0x33f sys/kern/vfs_vnops.c:783
sys_ioctl() at netbsd:sys_ioctl+0xe99 sys/kern/sys_generic.c:671
sys___syscall() at netbsd:sys___syscall+0x2a4 sy_call sys/sys/syscallvar.h:65 [inline]
sys___syscall() at netbsd:sys___syscall+0x2a4 sys/kern/sys_syscall.c:77
syscall() at netbsd:syscall+0x42d sy_call sys/sys/syscallvar.h:65 [inline]
syscall() at netbsd:syscall+0x42d sy_invoke sys/sys/syscallvar.h:94 [inline]
syscall() at netbsd:syscall+0x42d sys/arch/x86/x86/syscall.c:138
--- syscall (number 198) ---
netbsd:syscall+0x42d:
Panic string: MSan: Uninitialized Variable 'nd' From firmware_open()
PID LID S CPU FLAGS STRUCT LWP * NAME WAIT
646 2659 3 1 180 fffff380152c4600 syz-executor.0 parked
646 646 2 0 10000000 fffff38014d588c0 syz-executor.0
303 303 2 0 0 fffff3801486c280 syz-executor.2
498 656 2 1 100 fffff38014d52780 syz-executor.3
498 498 2 1 10040000 fffff38014869680 syz-executor.3
924 1722 2 0 1100100 fffff38014b4eb40 syz-executor.4
924 >3653 7 0 1100100 fffff38014d58480 syz-executor.4
924 924 3 1 11040000 fffff38014d594c0 syz-executor.4 lwpwait
29939 137 2 0 1000100 fffff38014869ac0 syz-executor.5
29939 247 2 0 1040100 fffff38014d59080 syz-executor.5
29939 29939 2 0 11040000 fffff38014ec1100 syz-executor.5
26212 26212 3 0 180 fffff38014d5c0c0 syz-executor.2 parked
3538 3538 3 0 180 fffff380142df5c0 syz-executor.0 parked
2917 2917 3 1 180 fffff380150dca00 syz-executor.0 parked
29582 29582 3 0 180 fffff38014d59900 syz-executor.2 parked
29433 29433 3 1 180 fffff38014b52740 syz-executor.0 parked
810 810 3 0 180 fffff38014ec1980 syz-executor.2 parked
29661 29661 3 1 180 fffff38014ec1540 syz-executor.2 parked
3558 3558 3 1 180 fffff380142bf540 syz-executor.2 parked
29165 29165 3 0 180 fffff38014866a40 syz-executor.0 parked
25308 25308 3 0 180 fffff38014d52bc0 syz-executor.0 parked
24961 24961 3 1 180 fffff38014d58040 syz-executor.0 parked
25072 25072 3 0 180 fffff38014d52340 syz-executor.0 parked
25495 25495 3 1 180 fffff38013fa6240 syz-executor.0 parked
25958 25958 3 0 180 fffff38014869240 syz-executor.1 parked
22941 22941 3 0 180 fffff38014868640 syz-executor.1 parked
23349 23349 3 1 180 fffff38014b52b80 syz-executor.4 parked
22424 22424 3 0 180 fffff38014d5c940 syz-executor.4 parked
24648 24648 3 0 180 fffff38014d5c500 syz-executor.1 parked
22938 22938 3 1 180 fffff380148661c0 syz-executor.4 parked
25812 25812 3 1 180 fffff38014b4e2c0 syz-executor.4 parked
25802 25802 3 1 180 fffff38014868a80 syz-executor.4 parked
22706 22706 3 0 180 fffff38013e5d640 syz-executor.2 parked
21078 21078 3 0 180 fffff38014868200 syz-executor.2 parked
17917 17917 3 1 180 fffff380142a90c0 syz-executor.2 parked
17799 17799 3 1 180 fffff38014b52300 syz-executor.2 parked
18871 18871 3 1 180 fffff380142a74c0 syz-executor.2 parked
17536 17536 3 1 180 fffff3801486cb00 syz-executor.2 parked
17397 17397 3 1 180 fffff380142bf100 syz-executor.2 parked
18208 18208 3 1 180 fffff380137ccb00 syz-executor.2 parked
17406 17406 3 1 180 fffff380142a7900 syz-executor.2 parked
18633 18633 3 1 180 fffff3801486c6c0 syz-executor.2 parked
16420 16420 3 1 180 fffff38013fa8280 syz-executor.0 parked
16118 16118 3 1 180 fffff38014866600 syz-executor.0 parked
15855 15855 3 1 180 fffff380142c19c0 syz-executor.3 parked
13545 13545 3 0 180 fffff380142dfa00 syz-executor.5 parked
16429 16429 3 0 180 fffff3801458a480 syz-executor.0 parked
13455 13455 3 1 180 fffff3801458a8c0 syz-executor.5 parked
16561 16561 3 0 180 fffff380142a7080 syz-executor.5 parked
13307 13307 3 0 180 fffff380142a9500 syz-executor.0 parked
13192 13192 3 0 180 fffff380142df180 syz-executor.0 parked
11675 11675 3 0 180 fffff3801458a040 syz-executor.1 parked
12775 12775 3 1 180 fffff38013d71100 syz-executor.1 parked
15330 15330 3 1 180 fffff380142c1580 syz-executor.5 parked
14170 14170 3 1 180 fffff380142bf980 syz-executor.5 parked
11955 11955 3 0 180 fffff38013e4b140 syz-executor.5 parked
12004 12004 3 0 180 fffff38012baa4c0 syz-executor.5 parked
11587 11587 3 0 180 fffff380142a9940 syz-executor.5 parked
8323 8323 3 0 180 fffff380142c1140 syz-executor.3 parked
6652 6652 3 0 180 fffff38013e5b600 syz-executor.5 parked
9894 9894 3 0 180 fffff38014129740 syz-executor.5 parked
8912 8912 3 0 180 fffff38013fa6ac0 syz-executor.2 parked
7236 7236 3 0 180 fffff380139b4900 syz-executor.2 parked
8770 8770 3 1 180 fffff38014483780 syz-executor.2 parked
9278 9278 3 0 180 fffff38013e5da80 syz-executor.2 parked
6274 6274 3 1 180 fffff38013fa6680 syz-executor.2 parked
8791 8791 3 0 180 fffff38014129b80 syz-executor.1 parked
8529 8529 3 0 180 fffff38014483340 syz-executor.1 parked
6367 6367 3 0 180 fffff38014226b40 syz-executor.1 parked
9298 9298 3 0 180 fffff38013fa8b00 syz-executor.1 parked
9266 9266 3 1 180 fffff38013e54a00 syz-executor.1 parked
9389 9389 3 1 180 fffff38014129300 syz-executor.3 parked
5952 5952 3 1 180 fffff380135c4580 syz-executor.1 parked
9148 9148 3 0 180 fffff38013e545c0 syz-executor.3 parked
5567 5567 3 0 180 fffff380136dd1c0 syz-executor.2 parked
8933 8933 3 0 180 fffff38013fa86c0 syz-executor.2 parked
8901 8901 3 0 180 fffff38013e4b580 syz-executor.2 parked
3985 3985 2 0 140 fffff38014226700 syz-executor.0
4062 4062 3 1 180 fffff38013e5b1c0 syz-executor.2 parked
4814 4814 3 0 180 fffff38013e5ba40 syz-executor.2 parked
6497 6497 3 0 180 fffff38013d71980 syz-executor.1 parked
3384 3384 3 0 180 fffff380139b4080 syz-executor.1 parked
6068 6068 3 0 180 fffff380142262c0 syz-executor.1 parked
3210 3210 3 1 180 fffff38013e54180 syz-executor.2 parked
6248 6248 3 0 180 fffff38013e4b9c0 syz-executor.5 parked
3054 3054 3 0 180 fffff38013e5d200 syz-executor.1 parked
3050 3050 3 1 180 fffff38013a72bc0 syz-executor.5 parked
3533 3533 3 0 180 fffff380138e7b40 syz-executor.4 parked
1990 1990 3 1 180 fffff380139af480 syz-executor.5 parked
3919 3919 3 0 180 fffff380139b44c0 syz-executor.5 parked
3791 3791 3 0 180 fffff38013d60940 syz-executor.3 parked
2636 2636 3 1 180 fffff38013d60500 syz-executor.2 parked
3787 3787 3 0 180 fffff38013d600c0 syz-executor.5 parked
961 961 3 0 180 fffff38013d71540 syz-executor.3 parked
3774 3774 3 1 180 fffff380139af8c0 syz-executor.2 parked
1465 1465 3 1 180 fffff38013a4bb80 syz-executor.4 parked
1462 1462 3 1 180 fffff38013a4b740 syz-executor.5 parked
2736 2736 3 0 180 fffff380135c4140 syz-executor.3 parked
1449 1449 3 0 180 fffff380136dd600 syz-executor.2 parked
293 293 3 0 180 fffff380137cc6c0 syz-executor.4 parked
289 289 3 0 180 fffff38013a4b300 syz-executor.5 parked
404 404 3 1 180 fffff380139af040 syz-executor.4 parked
389 389 3 0 180 fffff380137cc280 syz-executor.4 parked
3412 3412 3 1 180 fffff38013a72780 syz-executor.4 parked
3110 3110 3 1 180 fffff38013a72340 syz-executor.1 parked
3031 3031 3 1 180 fffff38013700240 syz-executor.3 parked
2862 2862 3 1 180 fffff38013700680 syz-executor.2 parked
1992 1992 3 0 180 fffff380135c49c0 syz-executor.2 parked
2754 2754 3 1 180 fffff380136f6200 syz-executor.5 parked
2769 2769 3 1 180 fffff38013700ac0 syz-executor.2 parked
2787 2787 3 0 180 fffff380138e72c0 syz-executor.5 parked
2523 2523 3 0 180 fffff380138e7700 syz-executor.5 parked
2640 2640 3 1 180 fffff380134a7540 syz-executor.2 parked
2517 2517 3 1 180 fffff380135e55c0 syz-executor.5 parked
2352 2352 3 0 180 fffff380135e5a00 syz-executor.5 parked
1564 1564 3 0 180 fffff380136f6a80 syz-executor.1 parked
1594 1594 3 0 180 fffff380134a7980 syz-executor.1 parked
1450 1450 3 0 180 fffff380136dda40 syz-executor.1 parked
577 577 3 0 180 fffff380136f6640 syz-executor.1 parked
1101 1101 2 1 140 fffff380134a7100 syz-executor.3
420 420 3 1 1c0 fffff38013479940 syz-executor.4 wait
1220 1220 2 1 140 fffff38013479500 syz-executor.2
1187 1187 3 1 1c0 fffff380134790c0 syz-executor.5 wait
1102 1102 2 0 40 fffff38012baa900 syz-executor.1
1075 11233 2 0 140 fffff38014483bc0 syz-fuzzer
1075 1192 2 0 140 fffff38012baa080 syz-fuzzer
1075 1081 3 1 180 fffff38012b8a8c0 syz-fuzzer parked
1075 1078 3 0 180 fffff38012b8a480 syz-fuzzer parked
1075 1097 3 0 180 fffff38012b8a040 syz-fuzzer parked
1075 1085 3 1 1c0 fffff380124442c0 syz-fuzzer parked
1075 1151 3 1 180 fffff38012513740 syz-fuzzer parked
1075 >1079 7 1 140 fffff3801228dac0 syz-fuzzer
1075 1075 3 1 180 fffff3801228d240 syz-fuzzer parked
1067 1067 3 1 180 fffff38012ad8780 sshd select
949 949 3 1 180 fffff38012ad8bc0 getty nanoslp
1094 1094 3 0 180 fffff38012196a80 getty nanoslp
1107 1107 3 0 180 fffff38012196640 getty nanoslp
699 699 3 0 1c0 fffff38012113a00 getty ttyraw
1127 1127 3 1 180 fffff38012ad8340 sshd select
928 928 3 0 180 fffff3801236f280 powerd kqueue
687 687 3 0 180 fffff3801228d680 syslogd kqueue
600 600 3 0 180 fffff38012513b80 dhcpcd poll
440 440 3 1 180 fffff3801236fb00 dhcpcd poll
428 428 3 0 180 fffff38012513300 dhcpcd poll
351 351 3 0 180 fffff38012444b40 dhcpcd poll
350 350 3 0 180 fffff3801236f6c0 dhcpcd poll
349 349 3 0 180 fffff38012444700 dhcpcd poll
1 1 3 1 180 fffff38011e290c0 init wait
0 28044 3 1 600 fffff380150dc5c0 cgd/1 cgd
0 603 3 0 600 fffff380150dc180 cgd/0 cgd
0 1065 3 1 200 fffff380135e5180 acctwatch actwat
0 963 3 0 200 fffff380121951c0 physiod physiod
0 192 3 0 200 fffff38012196200 pooldrain pooldrain
0 167 2 0 240 fffff38012195a40 ioflush
0 165 3 1 200 fffff38012195600 pgdaemon pgdaemon
0 162 3 1 200 fffff380121135c0 usb7 usbevt
0 161 3 1 200 fffff38012113180 usb6 usbevt
0 31 3 0 200 fffff380120e39c0 usb5 usbevt
0 63 3 1 200 fffff380120e3580 usb4 usbevt
0 126 3 0 200 fffff380120e3140 usb3 usbevt
0 125 3 0 200 fffff38012033980 usb2 usbevt
0 124 3 1 200 fffff38012033540 usb1 usbevt
0 123 3 1 200 fffff38012033100 usb0 usbevt
0 122 3 0 200 fffff38011e29940 usbtask-dr usbtsk
0 121 3 1 200 fffff38011e29500 usbtask-hc usbtsk
0 120 3 1 200 fffff380103b7ac0 npfgc0 npfgcw
0 119 3 0 200 fffff38011e1d900 rt_free rt_free
0 118 3 0 200 fffff38011e1d4c0 unpgc unpgc
0 117 2 0 200 fffff38011e1d080 key_timehandler
0 116 3 1 200 fffff38011e178c0 icmp6_wqinput/1 icmp6_wqinput
0 115 3 0 200 fffff38011e17480 icmp6_wqinput/0 icmp6_wqinput
0 114 3 1 200 fffff38011e17040 nd6_timer nd6_timer
0 113 3 1 200 fffff38011e12bc0 carp6_wqinput/1 carp6_wqinput
0 112 3 0 200 fffff38011e12780 carp6_wqinput/0 carp6_wqinput
0 111 3 1 200 fffff38011e12340 carp_wqinput/1 carp_wqinput
0 110 3 0 200 fffff38011e08b80 carp_wqinput/0 carp_wqinput
0 109 3 1 200 fffff38011e08740 icmp_wqinput/1 icmp_wqinput
0 108 3 0 200 fffff38011e08300 icmp_wqinput/0 icmp_wqinput
0 107 3 1 200 fffff38011c64b40 rt_timer rt_timer
0 106 3 0 200 fffff38011c642c0 vmem_rehash vmem_rehash
0 105 3 0 200 fffff38011c64700 entbutler entropy
0 96 3 1 200 fffff380117a3b00 viomb balloon
0 30 3 1 200 fffff380117a36c0 vioif0_txrx/1 vioif0_txrx
0 29 2 0 200 fffff380117a3280 vioif0_txrx/0
0 27 3 0 200 fffff380103b7680 scsibus0 sccomp
0 26 3 0 200 fffff380103b7240 pms0 pmsreset
0 25 3 1 200 fffff380103a6a80 xcall/1 xcall
0 24 1 1 200 fffff380103a6640 softser/1
0 23 1 1 200 fffff380103a6200 softclk/1
0 22 1 1 200 fffff380103a4a40 softbio/1
0 21 1 1 200 fffff380103a4600 softnet/1
0 20 1 1 201 fffff380103a41c0 idle/1
0 19 3 1 200 fffff3800f220a00 lnxpwrwq lnxpwrwq
0 18 3 1 200 fffff3800f2205c0 lnxlngwq lnxlngwq
0 17 3 1 200 fffff3800f220180 lnxsyswq lnxsyswq
0 16 3 1 200 fffff3800f21b9c0 lnxrcugc lnxrcugc
0 15 3 0 200 fffff3800f21b580 sysmon smtaskq
0 14 3 1 200 fffff3800f21b140 pmfsuspend pmfsuspend
0 13 3 0 200 fffff3800f217980 pmfevent pmfevent
0 12 3 0 200 fffff3800f217540 sopendfree sopendfr
0 11 3 1 200 fffff3800f217100 iflnkst iflnkst
0 10 3 1 200 fffff3800f20e940 nfssilly nfssilly
0 9 3 0 200 fffff3800f20e500 vdrain vdrain
0 8 3 0 200 fffff3800f20e0c0 modunload mod_unld
0 7 3 0 200 fffff3800ec0a900 xcall/0 xcall
0 6 1 0 200 fffff3800ec0a4c0 softser/0
0 5 1 0 200 fffff3800ec0a080 softclk/0
0 4 1 0 200 fffff3800ec088c0 softbio/0
0 3 1 0 200 fffff3800ec08480 softnet/0
0 2 1 0 201 fffff3800ec08040 idle/0
0 0 2 0 240 ffffffff86250d40 swapper
[Locks tracked through LWPs]
****** LWP 303.303 (syz-executor.2) @ 0xfffff3801486c280, l_stat=2
*** Locks held:
* Lock 0 (initialized at amap_ctor)
lock address : 0xfffff38013480440 type : sleep/adaptive
initialized : 0xffffffff84b06520
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 0
relevant cpu : 0 last held: 0
relevant lwp : 0xfffff3801486c280 last held: 0xfffff3801486c280
last locked* : 0xffffffff84b3cb97 unlocked : 0xffffffff84b4cba5
owner/count : 0xfffff3801486c280 flags : 0x0000000000000004
Turnstile: no active turnstile for this lock.
* Lock 1 (initialized at pmap_ctor)
lock address : 0xfffff38014c01a80 type : sleep/adaptive
initialized : 0xffffffff8188ec82
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 0
relevant cpu : 0 last held: 0
relevant lwp : 0xfffff3801486c280 last held: 0xfffff3801486c280
last locked* : 0xffffffff818a9fcb unlocked : 0xffffffff8189c745
owner field : 0xfffff3801486c280 wait/spin: 0/0
Turnstile: no active turnstile for this lock.
*** Locks wanted: none
****** LWP 498.498 (syz-executor.3) @ 0xfffff38014869680, l_stat=2
*** Locks held: none
*** Locks wanted:
* Lock 0 (initialized at sched_cpuattach)
lock address : 0xfffff3800ebef340 type : spin
initialized : 0xffffffff84dbfb49
shared holds : 0 exclusive: 0
shares wanted: 0 exclusive: 1
relevant cpu : 1 last held: 1
relevant lwp : 0xfffff38014869680 last held: 000000000000000000
last locked : 0xffffffff84d90f18 unlocked*: 0xffffffff84ffa781
owner field : 0x0000000000000700 wait/spin: 0/1
****** LWP 924.3653 (syz-executor.4) @ 0xfffff38014d58480, l_stat=7
*** Locks held:
* Lock 0 (initialized at mi_cpu_init)
lock address : 0xffffffff862d7e80 type : sleep/adaptive
initialized : 0xffffffff84ebe726
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 0
relevant cpu : 0 last held: 0
relevant lwp : 0xfffff38014d58480 last held: 0xfffff38014d58480
last locked* : 0xffffffff84c8b41a unlocked : 0xffffffff84c8bf58
owner field : 0xfffff38014d58480 wait/spin: 0/0
Turnstile: no active turnstile for this lock.
*** Locks wanted: none
****** LWP 29939.29939 (syz-executor.5) @ 0xfffff38014ec1100, l_stat=2
*** Locks held:
* Lock 0 (initialized at amap_ctor)
lock address : 0xfffff380150c2f00 type : sleep/adaptive
initialized : 0xffffffff84b06520
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 0
relevant cpu : 0 last held: 0
relevant lwp : 0xfffff38014ec1100 last held: 0xfffff38014ec1100
last locked* : 0xffffffff84b3cb97 unlocked : 000000000000000000
owner/count : 0xfffff38014ec1100 flags : 0x0000000000000004
Turnstile: no active turnstile for this lock.
* Lock 1 (initialized at pmap_ctor)
lock address : 0xfffff38014c01380 type : sleep/adaptive
initialized : 0xffffffff8188ec82
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 0
relevant cpu : 0 last held: 0
relevant lwp : 0xfffff38014ec1100 last held: 0xfffff38014ec1100
last locked* : 0xffffffff818a9fcb unlocked : 0xffffffff818afd6e
owner field : 0xfffff38014ec1100 wait/spin: 0/0
Turnstile: no active turnstile for this lock.
* Lock 2 (initialized at pmap_ctor)
lock address : 0xfffff38014c01388 type : sleep/adaptive
initialized : 0xffffffff8188ec9a
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 0
relevant cpu : 0 last held: 0
relevant lwp : 0xfffff38014ec1100 last held: 0xfffff38014ec1100
last locked* : 0xffffffff818aa3c4 unlocked : 0xffffffff818aa9af
owner/count : 0xfffff38014ec1100 flags : 0x0000000000000004
Turnstile: no active turnstile for this lock.
*** Locks wanted: none
****** LWP 22706.22706 (syz-executor.2) @ 0xfffff38013e5d640, l_stat=3
*** Locks held: none
*** Locks wanted:
* Lock 0 (initialized at module_hook_init)
lock address : 0xffffffff862cefc0 type : sleep/adaptive
initialized : 0xffffffff84d57873
shared holds : 0 exclusive: 0
shares wanted: 0 exclusive: 0
relevant cpu : 0 last held: 0
relevant lwp : 0xfffff38013e5d640 last held: 000000000000000000
last locked : 000000000000000000 unlocked*: 000000000000000000
owner field : 000000000000000000 wait/spin: 0/0
Turnstile: no active turnstile for this lock.
****** LWP 8323.8323 (syz-executor.3) @ 0xfffff380142c1140, l_stat=3
*** Locks held: none
*** Locks wanted:
* Lock 0 (initialized at module_hook_init)
lock address : 0xffffffff862cefc0 type : sleep/adaptive
initialized : 0xffffffff84d57873
shared holds : 0 exclusive: 0
shares wanted: 0 exclusive: 0
relevant cpu : 0 last held: 0
relevant lwp : 0xfffff380142c1140 last held: 000000000000000000
last locked : 000000000000000000 unlocked*: 000000000000000000
owner field : 000000000000000000 wait/spin: 0/0
Turnstile: no active turnstile for this lock.
****** LWP 4062.4062 (syz-executor.2) @ 0xfffff38013e5b1c0, l_stat=3
*** Locks held: none
*** Locks wanted:
* Lock 0 (initialized at module_hook_init)
lock address : 0xffffffff862cefc0 type : sleep/adaptive
initialized : 0xffffffff84d57873
shared holds : 0 exclusive: 0
shares wanted: 0 exclusive: 0
relevant cpu : 1 last held: 0
relevant lwp : 0xfffff38013e5b1c0 last held: 000000000000000000
last locked : 000000000000000000 unlocked*: 000000000000000000
owner field : 000000000000000000 wait/spin: 0/0
Turnstile: no active turnstile for this lock.
****** LWP 4814.4814 (syz-executor.2) @ 0xfffff38013e5ba40, l_stat=3
*** Locks held: none
*** Locks wanted:
* Lock 0 (initialized at module_hook_init)
lock address : 0xffffffff862cefc0 type : sleep/adaptive
initialized : 0xffffffff84d57873
shared holds : 0 exclusive: 0
shares wanted: 0 exclusive: 0
relevant cpu : 0 last held: 0
relevant lwp : 0xfffff38013e5ba40 last held: 000000000000000000
last locked : 000000000000000000 unlocked*: 000000000000000000
owner field : 000000000000000000 wait/spin: 0/0
Turnstile: no active turnstile for this lock.
****** LWP 1102.1102 (syz-executor.1) @ 0xfffff38012baa900, l_stat=2
*** Locks held:
* Lock 0 (initialized at vcache_new)
lock address : 0xfffff38013436680 type : sleep/adaptive
initialized : 0xffffffff8522319e
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 0
relevant cpu : 0 last held: 0
relevant lwp : 0xfffff38012baa900 last held: 0xfffff38012baa900
last locked* : 0xffffffff852a6886 unlocked : 0xffffffff852a6c35
owner/count : 0xfffff38012baa900 flags : 0x0000000000000004
Turnstile: no active turnstile for this lock.
* Lock 1 (initialized at vcache_new)
lock address : 0xfffff38014e00680 type : sleep/adaptive
initialized : 0xffffffff8522319e
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 0
relevant cpu : 0 last held: 0
relevant lwp : 0xfffff38012baa900 last held: 0xfffff38012baa900
last locked* : 0xffffffff852a6886 unlocked : 0xffffffff852a6c35
owner/count : 0xfffff38012baa900 flags : 0x0000000000000004
Turnstile: no active turnstile for this lock.
*** Locks wanted: none
****** LWP 440.440 (dhcpcd) @ 0xfffff3801236fb00, l_stat=3
*** Locks held: none
*** Locks wanted:
* Lock 0 (initialized at module_hook_init)
lock address : 0xffffffff862cefc0 type : sleep/adaptive
initialized : 0xffffffff84d57873
shared holds : 0 exclusive: 0
shares wanted: 0 exclusive: 0
relevant cpu : 1 last held: 0
relevant lwp : 0xfffff3801236fb00 last held: 000000000000000000
last locked : 000000000000000000 unlocked*: 000000000000000000
owner field : 000000000000000000 wait/spin: 0/0
Turnstile: no active turnstile for this lock.
****** LWP 428.428 (dhcpcd) @ 0xfffff38012513300, l_stat=3
*** Locks held: none
*** Locks wanted:
* Lock 0 (initialized at module_hook_init)
lock address : 0xffffffff862cefc0 type : sleep/adaptive
initialized : 0xffffffff84d57873
shared holds : 0 exclusive: 0
shares wanted: 0 exclusive: 0
relevant cpu : 0 last held: 0
relevant lwp : 0xfffff38012513300 last held: 000000000000000000
last locked : 000000000000000000 unlocked*: 000000000000000000
owner field : 000000000000000000 wait/spin: 0/0
Turnstile: no active turnstile for this lock.
****** LWP 350.350 (dhcpcd) @ 0xfffff3801236f6c0, l_stat=3
*** Locks held: none
*** Locks wanted:
* Lock 0 (initialized at module_hook_init)
lock address : 0xffffffff862cefc0 type : sleep/adaptive
initialized : 0xffffffff84d57873
shared holds : 0 exclusive: 0
shares wanted: 0 exclusive: 0
relevant cpu : 0 last held: 0
relevant lwp : 0xfffff3801236f6c0 last held: 000000000000000000
last locked : 000000000000000000 unlocked*: 000000000000000000
owner field : 000000000000000000 wait/spin: 0/0
Turnstile: no active turnstile for this lock.
****** LWP 349.349 (dhcpcd) @ 0xfffff38012444700, l_stat=3
*** Locks held: none
*** Locks wanted:
* Lock 0 (initialized at module_hook_init)
lock address : 0xffffffff862cefc0 type : sleep/adaptive
initialized : 0xffffffff84d57873
shared holds : 0 exclusive: 0
shares wanted: 0 exclusive: 0
relevant cpu : 0 last held: 0
relevant lwp : 0xfffff38012444700 last held: 000000000000000000
last locked : 000000000000000000 unlocked*: 000000000000000000
owner field : 000000000000000000 wait/spin: 0/0
Turnstile: no active turnstile for this lock.
****** LWP 0.11 (iflnkst) @ 0xfffff3800f217100, l_stat=3
*** Locks held: none
*** Locks wanted:
* Lock 0 (initialized at module_hook_init)
lock address : 0xffffffff862cefc0 type : sleep/adaptive
initialized : 0xffffffff84d57873
shared holds : 0 exclusive: 0
shares wanted: 0 exclusive: 0
relevant cpu : 1 last held: 0
relevant lwp : 0xfffff3800f217100 last held: 000000000000000000
last locked : 000000000000000000 unlocked*: 000000000000000000
owner field : 000000000000000000 wait/spin: 0/0
Turnstile: no active turnstile for this lock.
****** LWP 0.5 (softclk/0) @ 0xfffff3800ec0a080, l_stat=1
*** Locks held: none
*** Locks wanted:
* Lock 0 (initialized at module_hook_init)
lock address : 0xffffffff862cefc0 type : sleep/adaptive
initialized : 0xffffffff84d57873
shared holds : 0 exclusive: 0
shares wanted: 0 exclusive: 0
relevant cpu : 0 last held: 0
relevant lwp : 0xfffff3800ec0a080 last held: 000000000000000000
last locked : 000000000000000000 unlocked*: 000000000000000000
owner field : 000000000000000000 wait/spin: 0/0
Turnstile: no active turnstile for this lock.
[Locks tracked through CPUs]
PAGE FLAG PQ UOBJECT UANON
0xfffff38000017180 0041 00000000 0x0 0x0
0xfffff38000017200 0041 00000000 0x0 0x0
0xfffff38000017280 0041 00000000 0x0 0x0
0xfffff38000017300 0041 00000000 0x0 0x0
0xfffff38000017380 0041 00000000 0x0 0x0
0xfffff38000017400 0041 00000000 0x0 0x0
0xfffff38000017480 0041 00000000 0x0 0x0
0xfffff38000017500 0041 00000000 0x0 0x0
0xfffff38000017580 0041 00000000 0x0 0x0
0xfffff38000017600 0041 00000000 0x0 0x0
0xfffff38000017680 0041 00000000 0x0 0x0
0xfffff38000017700 0041 00000000 0x0 0x0
0xfffff38000017780 0041 00000000 0x0 0x0
0xfffff38000017800 0041 00000000 0x0 0x0
0xfffff38000017880 0041 00000000 0x0 0x0
0xfffff38000017900 0041 00000000 0x0 0x0
0xfffff38000017980 0041 00000000 0x0 0x0
0xfffff38000017a00 0041 00000000 0x0 0x0
0xfffff38000017a80 0041 00000000 0x0 0x0
0xfffff38000017b00 0041 00000000 0x0 0x0
0xfffff38000017b80 0041 00000000 0x0 0x0
0xfffff38000017c00 0041 00000000 0x0 0x0
0xfffff38000017c80 0041 00000000 0x0 0x0
0xfffff38000017d00 0041 00000000 0x0 0x0
0xfffff38000017d80 0041 00000000 0x0 0x0
0xfffff38000017e00 0041 00000000 0x0 0x0
0xfffff38000017e80 0041 00000000 0x0 0x0
0xfffff38000017f00 0041 00000000 0x0 0x0
0xfffff38000017f80 0041 00000000 0x0 0x0
0xfffff38000018000 0041 00000000 0x0 0x0
0xfffff38000018080 0041 00000000 0x0 0x0
0xfffff38000018100 0041 00000000 0x0 0x0
0xfffff38000018180 0041 00000000 0x0 0x0
0xfffff38000018200 0041 00000000 0x0 0x0
0xfffff38000018280 0041 00000000 0x0 0x0
0xfffff38000018300 0041 00000000 0x0 0x0
0xfffff38000018380 0041 00000000 0x0 0x0
0xfffff38000018400 0041 00000000 0x0 0x0
0xfffff38000018480 0041 00000000 0x0 0x0
0xfffff38000018500 0041 00000000 0x0 0x0
0xfffff38000018580 0041 00000000 0x0 0x0
0xfffff38000018600 0041 00000000 0x0 0x0
0xfffff38000018680 0041 00000000 0x0 0x0
0xfffff38000018700 0041 00000000 0x0 0x0
0xfffff38000018780 0041 00000000 0x0 0x0
0xfffff38000018800 0041 00000000 0x0 0x0
0xfffff38000018880 0041 00000000 0x0 0x0
0xfffff38000018900 0041 00000000 0x0 0x0
0xfffff38000018980 0041 00000000 0x0 0x0
0xfffff38000018a00 0041 00000000 0x0 0x0
0xfffff38000018a80 0041 00000000 0x0 0x0
0xfffff38000018b00 0041 00000000 0x0 0x0
0xfffff38000018b80 0041 00000000 0x0 0x0
0xfffff38000018c00 0041 00000000 0x0 0x0
0xfffff38000018c80 0041 00000000 0x0 0x0
0xfffff38000018d00 0041 00000000 0x0 0x0
0xfffff38000018d80 0041 00000000 0x0 0x0
0xfffff38000018e00 0041 00000000 0x0 0x0
0xfffff38000018e80 0041 00000000 0x0 0x0
0xfffff38000018f00 0041 00000000 0x0 0x0
0xfffff38000018f80 0041 00000000 0x0 0x0
0xfffff38000019000 0041 00000000 0x0 0x0
0xfffff38000019080 0041 00000000 0x0 0x0
0xfffff38000019100 0041 00000000 0x0 0x0
0xfffff38000019180 0041 00000000 0x0 0x0
0xfffff38000019200 0041 00000000 0x0 0x0
0xfffff38000019280 0041 00000000 0x0 0x0
0xfffff38000019300 0041 00000000 0x0 0x0
0xfffff38000019380 0041 00000000 0x0 0x0
0xfffff38000019400 0041 00000000 0x0 0x0
0xfffff38000019480 0041 00000000 0x0 0x0
0xfffff38000019500 0041 00000000 0x0 0x0
0xfffff38000019580 0041 00000000 0x0 0x0
0xfffff38000019600 0041 00000000 0x0 0x0
0xfffff38000019680 0041 00000000 0x0 0x0
0xfffff38000019700 0041 00000000 0x0 0x0
0xfffff38000019780 0041 00000000 0x0 0x0
0xfffff38000019800 0041 00000000 0x0 0x0
0xfffff38000019880 0041 00000000 0x0 0x0
0xfffff38000019900 0041 00000000 0x0 0x0
0xfffff38000019980 0041 00000000 0x0 0x0
0xfffff38000019a00 0041 00000000 0x0 0x0
0xfffff38000019a80 0041 00000000 0x0 0x0
0xfffff38000019b00 0041 00000000 0x0 0x0
0xfffff38000019b80 0041 00000000 0x0 0x0
0xfffff38000019c00 0041 00000000 0x0 0x0
0xfffff38000019c80 0041 00000000 0x0 0x0
0xfffff38000019d00 0041 00000000 0x0 0x0
0xfffff38000019d80 0041 00000000 0x0 0x0
0xfffff38000019e00 0041 00000000 0x0 0x0
0xfffff38000019e80 0041 00000000 0x0 0x0
0xfffff38000019f00 0041 00000000 0x0 0x0
0xfffff38000019f80 0041 00000000 0x0 0x0
0xfffff3800001a000 0041 00000000 0x0 0x0
0xfffff3800001a080 0041 00000000 0x0 0x0
0xfffff3800001a100 0041 00000000 0x0 0x0
0xfffff3800001a180 0041 00000000 0x0 0x0
0xfffff3800001a200 0041 00000000 0x0 0x0
0xfffff3800001a280 0041 00000000 0x0 0x0
0xfffff3800001a300 0041 00000000 0x0 0x0
0xfffff3800001a380 0041 00000000 0x0 0x0
0xfffff3800001a400 0041 00000000 0x0 0x0
0xfffff3800001a480 0041 00000000 0x0 0x0
0xfffff3800001a500 0041 00000000 0x0 0x0
0xfffff3800001a580 0041 00000000 0x0 0x0
0xfffff3800001a600 0041 00000000 0x0 0x0
0xfffff3800001a680 0041 00000000 0x0 0x0
0xfffff3800001a700 0041 00000000 0x0 0x0
0xfffff3800001a780 0041 00000000 0x0 0x0
0xfffff3800001a800 0041 00000000 0x0 0x0
0xfffff3800001a880 0041 00000000 0x0 0x0
0xfffff3800001a900 0041 00000000 0x0 0x0
0xfffff3800001a980 0041 00000000 0x0 0x0
0xfffff3800001aa00 0041 00000000 0x0 0x0
0xfffff3800001aa80 0041 00000000 0x0 0x0
0xfffff3800001ab00 0041 00000000 0x0 0x0
0xfffff3800001ab80 0041 00000000 0x0 0x0
0xfffff3800001ac00 0041 00000000 0x0 0x0
0xfffff3800001ac80 0041 00000000 0x0 0x0
0xfffff3800001ad00 0041 00000000 0x0 0x0
0xfffff3800001ad80 0041 00000000 0x0 0x0
0xfffff3800001ae00 0041 00000000 0x0 0x0
0xfffff3800001ae80 0041 00000000 0x0 0x0
0xfffff3800001af00 0041 00000000 0x0 0x0
0xfffff3800001af80 0001 00000000 0x0 0x0
0xfffff3800001b000 0001 00000000 0x0 0x0
0xfffff3800001b080 0001 00000000 0x0 0x0
0xfffff3800001b100 0001 00000000 0x0 0x0
0xfffff3800001b180 0001 00000000 0x0 0x0
0xfffff3800001b200 0001 00000000 0x0 0x0
0xfffff3800001b280 0001 00000000 0x0 0x0
0xfffff3800001b300 0001 00000000 0x0 0x0
0xfffff3800001b380 0001 00000000 0x0 0x0
0xfffff3800001b400 0001 00000000 0x0 0x0
0xfffff3800001b480 0001 00000000 0x0 0x0
0xfffff3800001b500 0001 00000000 0x0 0x0
0xfffff3800001b580 0001 00000000 0x0 0x0
0xfffff3800001b600 0001 00000000 0x0 0x0
0xfffff3800001b680 0001 00000000 0x0 0x0
0xfffff3800001b700 0001 00000000 0x0 0x0
0xfffff3800001b780 0001 00000000 0x0 0x0
0xfffff3800001b800 0001 00000000 0x0 0x0
0xfffff3800001b880 0001 00000000 0x0 0x0
0xfffff3800001b900 0001 00000000 0x0 0x0
0xfffff3800001b980 0001 00000000 0x0 0x0
0xfffff3800001ba00 0001 00000000 0x0 0x0
0xfffff3800001ba80 0001 00000000 0x0 0x0
0xfffff3800001bb00 0001 00000000 0x0 0x0
0xfffff3800001bb80 0001 00000000 0x0 0x0
0xfffff3800001bc00 0001 00000000 0x0 0x0
0xfffff3800001bc80 0001 00000000 0x0 0x0
0xfffff3800001bd00 0001 00000000 0x0 0x0
0xfffff3800001bd80 0001 00000000 0x0 0x0
0xfffff3800001be00 0001 00000000 0x0 0x0
0xfffff3800001be80 0001 00000000 0x0 0x0
0xfffff3800001bf00 0001 00000000 0x0 0x0
0xfffff3800001bf80 0001 00000000 0x0 0x0
0xfffff3800001c000 0001 00000000 0x0 0x0
0xfffff3800001c080 0001 00000000 0x0 0x0
0xfffff3800001c100 0001 00000000 0x0 0x0
0xfffff3800001c180 0001 00000000 0x0 0x0
0xfffff3800001c200 0001 00000000 0x0 0x0
0xfffff3800001c280 0001 00000000 0x0 0x0
0xfffff3800001c300 0001 00000000 0x0 0x0
0xfffff3800001c380 0001 00000000 0x0 0x0
0xfffff3800001c400 0001 00000000 0x0 0x0
0xfffff3800001c480 0001 00000000 0x0 0x0
0xfffff3800001c500 0001 00000000 0x0 0x0
0xfffff3800001c580 0001 00000000 0x0 0x0
0xfffff3800001c600 0001 00000000 0x0 0x0
0xfffff3800001c680 0001 00000000 0x0 0x0
0xfffff3800001c700 0001 00000000 0x0 0x0
0xfffff3800001c780 0001 00000000 0x0 0x0
0xfffff3800001c800 0001 00000000 0x0 0x0
0xfffff3800001c880 0001 00000000 0x0 0x0
0xfffff3800001c900 0001 00000000 0x0 0x0
0xfffff3800001c980 0001 00000000 0x0 0x0
0xfffff3800001ca00 0001 00000000 0x0 0x0
0xfffff3800001ca80 0001 00000000 0x0 0x0
0xfffff3800001cb00 0001 00000000 0x0 0x0
0xfffff3800001cb80 0001 00000000 0x0 0x0
0xfffff3800001cc00 0001 00000000 0x0 0x0
0xfffff3800001cc80 0001 00000000 0x0 0x0
0xfffff3800001cd00 0001 00000000 0x0 0x0
0xfffff3800001cd80 0001 00000000 0x0 0x0
0xfffff3800001ce00 0001 00000000 0x0 0x0
0xfffff3800001ce80 0001 00000000 0x0 0x0
0xfffff3800001cf00 0001 00000000 0x0 0x0
0xfffff3800001cf80 0001 00000000 0x0 0x0
0xfffff3800001d000 0001 00000000 0x0 0x0
0xfffff3800001d080 0001 00000000 0x0 0x0
0xfffff3800001d100 0001 00000000 0x0 0x0
0xfffff3800001d180 0001 00000000 0x0 0x0
0xfffff3800001d200 0001 00000000 0x0 0x0
0xfffff3800001d280 0001 00000000 0x0 0x0
0xfffff3800001d300 0001 00000000 0x0 0x0
0xfffff3800001d380 0001 00000000 0x0 0x0
0xfffff3800001d400 0001 00000000 0x0 0x0
0xfffff3800001d480 0001 00000000 0x0 0x0
0xfffff3800001d500 0001 00000000 0x0 0x0
0xfffff3800001d580 0001 00000000 0x0 0x0
0xfffff3800001d600 0001 00000000 0x0 0x0
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot found the following issue on:
HEAD commit: c3e85a7b Fix ip_nat memory leak and use-after-free, wrong ..
git tree: netbsd
console output: https://syzkaller.appspot.com/x/log.txt?x=13faf34bd00000
kernel config: https://syzkaller.appspot.com/x/.config?x=739e57438eb9ed9e
dashboard link: https://syzkaller.appspot.com/bug?extid=553267bfc9cead58de56
compiler: Debian clang version 11.0.1-2
Unfortunately, I don't have any reproducer for this issue yet.
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+553267...@syzkaller.appspotmail.com
[ 986.5380890] panic: MSan: Uninitialized Variable 'nd' From firmware_open()
[ 986.5480936] cpu0: Begin traceback...
[ 986.6280546] vpanic() at netbsd:vpanic+0x91a sys/kern/subr_prf.c:288
[ 986.7580523] panic() at netbsd:panic+0x1ad sys/kern/subr_prf.c:209
[ 986.8980664] __msan_warning() at netbsd:__msan_warning+0x127 kmsan_report_inline sys/kern/subr_msan.c:229 [inline]
[ 986.8980664] __msan_warning() at netbsd:__msan_warning+0x127 sys/kern/subr_msan.c:609
[ 987.0280544] VOP_GETATTR() at netbsd:VOP_GETATTR+0x1d0 vop_pre sys/kern/vnode_if.c:59 [inline]
[ 987.0280544] VOP_GETATTR() at netbsd:VOP_GETATTR+0x1d0 sys/kern/vnode_if.c:431
[ 987.1680591] firmware_open() at netbsd:firmware_open+0x955 sys/dev/firmload.c:256
[ 987.3080550] cpu_ucode_intel_firmware_open() at netbsd:cpu_ucode_intel_firmware_open+0x352
[ 987.4480580] cpu_ucode_md_open() at netbsd:cpu_ucode_md_open+0x126
[ 987.5780757] cpu_ucode_load() at netbsd:cpu_ucode_load+0x19c sys/kern/kern_cpu.c:557
[ 987.7180565] cpu_ucode_apply() at netbsd:cpu_ucode_apply+0xa4 sys/arch/x86/x86/cpu_ucode.c:111
[ 987.8480602] cpuctl_ioctl() at netbsd:cpuctl_ioctl+0x895 sys/kern/kern_cpu.c:271
[ 987.9880606] cdev_ioctl() at netbsd:cdev_ioctl+0x386 sys/kern/subr_devsw.c:935
[ 988.1180644] spec_ioctl() at netbsd:spec_ioctl+0x3d9 sys/miscfs/specfs/spec_vnops.c:933
[ 988.2480604] VOP_IOCTL() at netbsd:VOP_IOCTL+0x2f2 sys/kern/vnode_if.c:646
[ 988.3980698] vn_ioctl() at netbsd:vn_ioctl+0x33f sys/kern/vfs_vnops.c:783
[ 988.5480659] sys_ioctl() at netbsd:sys_ioctl+0xe99 sys/kern/sys_generic.c:671
[ 988.6780615] sys___syscall() at netbsd:sys___syscall+0x2a4 sy_call sys/sys/syscallvar.h:65 [inline]
[ 988.6780615] sys___syscall() at netbsd:sys___syscall+0x2a4 sys/kern/sys_syscall.c:77
[ 988.8280647] syscall() at netbsd:syscall+0x42d sy_call sys/sys/syscallvar.h:65 [inline]
[ 988.8280647] syscall() at netbsd:syscall+0x42d sy_invoke sys/sys/syscallvar.h:94 [inline]
[ 988.8280647] syscall() at netbsd:syscall+0x42d sys/arch/x86/x86/syscall.c:138
[ 988.8580642] --- syscall (number 198) ---
[ 988.8980752] netbsd:syscall+0x42d:
[ 988.8980752] cpu0: End traceback...
[ 988.8980752] fatal breakpoint trap in supervisor mode
[ 988.9101666] trap type 1 code 0 rip 0xffffffff8022287d cs 0x8 rflags 0x246 cr2 0x783594553560 ilevel 0 rsp 0xfffff380942c4190
[ 988.9235191] curlwp 0xfffff38014d58480 pid 924.3653 lowest kstack 0xfffff380942bd2c0
Stopped in pid 924.3653 (syz-executor.4) at netbsd:breakpoint+0x5: leave
?
breakpoint() at netbsd:breakpoint+0x5
vpanic() at netbsd:vpanic+0x91a sys/kern/subr_prf.c:288
panic() at netbsd:panic+0x1ad sys/kern/subr_prf.c:209
__msan_warning() at netbsd:__msan_warning+0x127 kmsan_report_inline sys/kern/subr_msan.c:229 [inline]
__msan_warning() at netbsd:__msan_warning+0x127 sys/kern/subr_msan.c:609
VOP_GETATTR() at netbsd:VOP_GETATTR+0x1d0 vop_pre sys/kern/vnode_if.c:59 [inline]
VOP_GETATTR() at netbsd:VOP_GETATTR+0x1d0 sys/kern/vnode_if.c:431
firmware_open() at netbsd:firmware_open+0x955 sys/dev/firmload.c:256
cpu_ucode_intel_firmware_open() at netbsd:cpu_ucode_intel_firmware_open+0x352
cpu_ucode_md_open() at netbsd:cpu_ucode_md_open+0x126
cpu_ucode_load() at netbsd:cpu_ucode_load+0x19c sys/kern/kern_cpu.c:557
cpu_ucode_apply() at netbsd:cpu_ucode_apply+0xa4 sys/arch/x86/x86/cpu_ucode.c:111
cpuctl_ioctl() at netbsd:cpuctl_ioctl+0x895 sys/kern/kern_cpu.c:271
cdev_ioctl() at netbsd:cdev_ioctl+0x386 sys/kern/subr_devsw.c:935
spec_ioctl() at netbsd:spec_ioctl+0x3d9 sys/miscfs/specfs/spec_vnops.c:933
VOP_IOCTL() at netbsd:VOP_IOCTL+0x2f2 sys/kern/vnode_if.c:646
vn_ioctl() at netbsd:vn_ioctl+0x33f sys/kern/vfs_vnops.c:783
sys_ioctl() at netbsd:sys_ioctl+0xe99 sys/kern/sys_generic.c:671
sys___syscall() at netbsd:sys___syscall+0x2a4 sy_call sys/sys/syscallvar.h:65 [inline]
sys___syscall() at netbsd:sys___syscall+0x2a4 sys/kern/sys_syscall.c:77
syscall() at netbsd:syscall+0x42d sy_call sys/sys/syscallvar.h:65 [inline]
syscall() at netbsd:syscall+0x42d sy_invoke sys/sys/syscallvar.h:94 [inline]
syscall() at netbsd:syscall+0x42d sys/arch/x86/x86/syscall.c:138
--- syscall (number 198) ---
netbsd:syscall+0x42d:
Panic string: MSan: Uninitialized Variable 'nd' From firmware_open()
PID LID S CPU FLAGS STRUCT LWP * NAME WAIT
646 2659 3 1 180 fffff380152c4600 syz-executor.0 parked
646 646 2 0 10000000 fffff38014d588c0 syz-executor.0
303 303 2 0 0 fffff3801486c280 syz-executor.2
498 656 2 1 100 fffff38014d52780 syz-executor.3
498 498 2 1 10040000 fffff38014869680 syz-executor.3
924 1722 2 0 1100100 fffff38014b4eb40 syz-executor.4
924 >3653 7 0 1100100 fffff38014d58480 syz-executor.4
924 924 3 1 11040000 fffff38014d594c0 syz-executor.4 lwpwait
29939 137 2 0 1000100 fffff38014869ac0 syz-executor.5
29939 247 2 0 1040100 fffff38014d59080 syz-executor.5
29939 29939 2 0 11040000 fffff38014ec1100 syz-executor.5
26212 26212 3 0 180 fffff38014d5c0c0 syz-executor.2 parked
3538 3538 3 0 180 fffff380142df5c0 syz-executor.0 parked
2917 2917 3 1 180 fffff380150dca00 syz-executor.0 parked
29582 29582 3 0 180 fffff38014d59900 syz-executor.2 parked
29433 29433 3 1 180 fffff38014b52740 syz-executor.0 parked
810 810 3 0 180 fffff38014ec1980 syz-executor.2 parked
29661 29661 3 1 180 fffff38014ec1540 syz-executor.2 parked
3558 3558 3 1 180 fffff380142bf540 syz-executor.2 parked
29165 29165 3 0 180 fffff38014866a40 syz-executor.0 parked
25308 25308 3 0 180 fffff38014d52bc0 syz-executor.0 parked
24961 24961 3 1 180 fffff38014d58040 syz-executor.0 parked
25072 25072 3 0 180 fffff38014d52340 syz-executor.0 parked
25495 25495 3 1 180 fffff38013fa6240 syz-executor.0 parked
25958 25958 3 0 180 fffff38014869240 syz-executor.1 parked
22941 22941 3 0 180 fffff38014868640 syz-executor.1 parked
23349 23349 3 1 180 fffff38014b52b80 syz-executor.4 parked
22424 22424 3 0 180 fffff38014d5c940 syz-executor.4 parked
24648 24648 3 0 180 fffff38014d5c500 syz-executor.1 parked
22938 22938 3 1 180 fffff380148661c0 syz-executor.4 parked
25812 25812 3 1 180 fffff38014b4e2c0 syz-executor.4 parked
25802 25802 3 1 180 fffff38014868a80 syz-executor.4 parked
22706 22706 3 0 180 fffff38013e5d640 syz-executor.2 parked
21078 21078 3 0 180 fffff38014868200 syz-executor.2 parked
17917 17917 3 1 180 fffff380142a90c0 syz-executor.2 parked
17799 17799 3 1 180 fffff38014b52300 syz-executor.2 parked
18871 18871 3 1 180 fffff380142a74c0 syz-executor.2 parked
17536 17536 3 1 180 fffff3801486cb00 syz-executor.2 parked
17397 17397 3 1 180 fffff380142bf100 syz-executor.2 parked
18208 18208 3 1 180 fffff380137ccb00 syz-executor.2 parked
17406 17406 3 1 180 fffff380142a7900 syz-executor.2 parked
18633 18633 3 1 180 fffff3801486c6c0 syz-executor.2 parked
16420 16420 3 1 180 fffff38013fa8280 syz-executor.0 parked
16118 16118 3 1 180 fffff38014866600 syz-executor.0 parked
15855 15855 3 1 180 fffff380142c19c0 syz-executor.3 parked
13545 13545 3 0 180 fffff380142dfa00 syz-executor.5 parked
16429 16429 3 0 180 fffff3801458a480 syz-executor.0 parked
13455 13455 3 1 180 fffff3801458a8c0 syz-executor.5 parked
16561 16561 3 0 180 fffff380142a7080 syz-executor.5 parked
13307 13307 3 0 180 fffff380142a9500 syz-executor.0 parked
13192 13192 3 0 180 fffff380142df180 syz-executor.0 parked
11675 11675 3 0 180 fffff3801458a040 syz-executor.1 parked
12775 12775 3 1 180 fffff38013d71100 syz-executor.1 parked
15330 15330 3 1 180 fffff380142c1580 syz-executor.5 parked
14170 14170 3 1 180 fffff380142bf980 syz-executor.5 parked
11955 11955 3 0 180 fffff38013e4b140 syz-executor.5 parked
12004 12004 3 0 180 fffff38012baa4c0 syz-executor.5 parked
11587 11587 3 0 180 fffff380142a9940 syz-executor.5 parked
8323 8323 3 0 180 fffff380142c1140 syz-executor.3 parked
6652 6652 3 0 180 fffff38013e5b600 syz-executor.5 parked
9894 9894 3 0 180 fffff38014129740 syz-executor.5 parked
8912 8912 3 0 180 fffff38013fa6ac0 syz-executor.2 parked
7236 7236 3 0 180 fffff380139b4900 syz-executor.2 parked
8770 8770 3 1 180 fffff38014483780 syz-executor.2 parked
9278 9278 3 0 180 fffff38013e5da80 syz-executor.2 parked
6274 6274 3 1 180 fffff38013fa6680 syz-executor.2 parked
8791 8791 3 0 180 fffff38014129b80 syz-executor.1 parked
8529 8529 3 0 180 fffff38014483340 syz-executor.1 parked
6367 6367 3 0 180 fffff38014226b40 syz-executor.1 parked
9298 9298 3 0 180 fffff38013fa8b00 syz-executor.1 parked
9266 9266 3 1 180 fffff38013e54a00 syz-executor.1 parked
9389 9389 3 1 180 fffff38014129300 syz-executor.3 parked
5952 5952 3 1 180 fffff380135c4580 syz-executor.1 parked
9148 9148 3 0 180 fffff38013e545c0 syz-executor.3 parked
5567 5567 3 0 180 fffff380136dd1c0 syz-executor.2 parked
8933 8933 3 0 180 fffff38013fa86c0 syz-executor.2 parked
8901 8901 3 0 180 fffff38013e4b580 syz-executor.2 parked
3985 3985 2 0 140 fffff38014226700 syz-executor.0
4062 4062 3 1 180 fffff38013e5b1c0 syz-executor.2 parked
4814 4814 3 0 180 fffff38013e5ba40 syz-executor.2 parked
6497 6497 3 0 180 fffff38013d71980 syz-executor.1 parked
3384 3384 3 0 180 fffff380139b4080 syz-executor.1 parked
6068 6068 3 0 180 fffff380142262c0 syz-executor.1 parked
3210 3210 3 1 180 fffff38013e54180 syz-executor.2 parked
6248 6248 3 0 180 fffff38013e4b9c0 syz-executor.5 parked
3054 3054 3 0 180 fffff38013e5d200 syz-executor.1 parked
3050 3050 3 1 180 fffff38013a72bc0 syz-executor.5 parked
3533 3533 3 0 180 fffff380138e7b40 syz-executor.4 parked
1990 1990 3 1 180 fffff380139af480 syz-executor.5 parked
3919 3919 3 0 180 fffff380139b44c0 syz-executor.5 parked
3791 3791 3 0 180 fffff38013d60940 syz-executor.3 parked
2636 2636 3 1 180 fffff38013d60500 syz-executor.2 parked
3787 3787 3 0 180 fffff38013d600c0 syz-executor.5 parked
961 961 3 0 180 fffff38013d71540 syz-executor.3 parked
3774 3774 3 1 180 fffff380139af8c0 syz-executor.2 parked
1465 1465 3 1 180 fffff38013a4bb80 syz-executor.4 parked
1462 1462 3 1 180 fffff38013a4b740 syz-executor.5 parked
2736 2736 3 0 180 fffff380135c4140 syz-executor.3 parked
1449 1449 3 0 180 fffff380136dd600 syz-executor.2 parked
293 293 3 0 180 fffff380137cc6c0 syz-executor.4 parked
289 289 3 0 180 fffff38013a4b300 syz-executor.5 parked
404 404 3 1 180 fffff380139af040 syz-executor.4 parked
389 389 3 0 180 fffff380137cc280 syz-executor.4 parked
3412 3412 3 1 180 fffff38013a72780 syz-executor.4 parked
3110 3110 3 1 180 fffff38013a72340 syz-executor.1 parked
3031 3031 3 1 180 fffff38013700240 syz-executor.3 parked
2862 2862 3 1 180 fffff38013700680 syz-executor.2 parked
1992 1992 3 0 180 fffff380135c49c0 syz-executor.2 parked
2754 2754 3 1 180 fffff380136f6200 syz-executor.5 parked
2769 2769 3 1 180 fffff38013700ac0 syz-executor.2 parked
2787 2787 3 0 180 fffff380138e72c0 syz-executor.5 parked
2523 2523 3 0 180 fffff380138e7700 syz-executor.5 parked
2640 2640 3 1 180 fffff380134a7540 syz-executor.2 parked
2517 2517 3 1 180 fffff380135e55c0 syz-executor.5 parked
2352 2352 3 0 180 fffff380135e5a00 syz-executor.5 parked
1564 1564 3 0 180 fffff380136f6a80 syz-executor.1 parked
1594 1594 3 0 180 fffff380134a7980 syz-executor.1 parked
1450 1450 3 0 180 fffff380136dda40 syz-executor.1 parked
577 577 3 0 180 fffff380136f6640 syz-executor.1 parked
1101 1101 2 1 140 fffff380134a7100 syz-executor.3
420 420 3 1 1c0 fffff38013479940 syz-executor.4 wait
1220 1220 2 1 140 fffff38013479500 syz-executor.2
1187 1187 3 1 1c0 fffff380134790c0 syz-executor.5 wait
1102 1102 2 0 40 fffff38012baa900 syz-executor.1
1075 11233 2 0 140 fffff38014483bc0 syz-fuzzer
1075 1192 2 0 140 fffff38012baa080 syz-fuzzer
1075 1081 3 1 180 fffff38012b8a8c0 syz-fuzzer parked
1075 1078 3 0 180 fffff38012b8a480 syz-fuzzer parked
1075 1097 3 0 180 fffff38012b8a040 syz-fuzzer parked
1075 1085 3 1 1c0 fffff380124442c0 syz-fuzzer parked
1075 1151 3 1 180 fffff38012513740 syz-fuzzer parked
1075 >1079 7 1 140 fffff3801228dac0 syz-fuzzer
1075 1075 3 1 180 fffff3801228d240 syz-fuzzer parked
1067 1067 3 1 180 fffff38012ad8780 sshd select
949 949 3 1 180 fffff38012ad8bc0 getty nanoslp
1094 1094 3 0 180 fffff38012196a80 getty nanoslp
1107 1107 3 0 180 fffff38012196640 getty nanoslp
699 699 3 0 1c0 fffff38012113a00 getty ttyraw
1127 1127 3 1 180 fffff38012ad8340 sshd select
928 928 3 0 180 fffff3801236f280 powerd kqueue
687 687 3 0 180 fffff3801228d680 syslogd kqueue
600 600 3 0 180 fffff38012513b80 dhcpcd poll
440 440 3 1 180 fffff3801236fb00 dhcpcd poll
428 428 3 0 180 fffff38012513300 dhcpcd poll
351 351 3 0 180 fffff38012444b40 dhcpcd poll
350 350 3 0 180 fffff3801236f6c0 dhcpcd poll
349 349 3 0 180 fffff38012444700 dhcpcd poll
1 1 3 1 180 fffff38011e290c0 init wait
0 28044 3 1 600 fffff380150dc5c0 cgd/1 cgd
0 603 3 0 600 fffff380150dc180 cgd/0 cgd
0 1065 3 1 200 fffff380135e5180 acctwatch actwat
0 963 3 0 200 fffff380121951c0 physiod physiod
0 192 3 0 200 fffff38012196200 pooldrain pooldrain
0 167 2 0 240 fffff38012195a40 ioflush
0 165 3 1 200 fffff38012195600 pgdaemon pgdaemon
0 162 3 1 200 fffff380121135c0 usb7 usbevt
0 161 3 1 200 fffff38012113180 usb6 usbevt
0 31 3 0 200 fffff380120e39c0 usb5 usbevt
0 63 3 1 200 fffff380120e3580 usb4 usbevt
0 126 3 0 200 fffff380120e3140 usb3 usbevt
0 125 3 0 200 fffff38012033980 usb2 usbevt
0 124 3 1 200 fffff38012033540 usb1 usbevt
0 123 3 1 200 fffff38012033100 usb0 usbevt
0 122 3 0 200 fffff38011e29940 usbtask-dr usbtsk
0 121 3 1 200 fffff38011e29500 usbtask-hc usbtsk
0 120 3 1 200 fffff380103b7ac0 npfgc0 npfgcw
0 119 3 0 200 fffff38011e1d900 rt_free rt_free
0 118 3 0 200 fffff38011e1d4c0 unpgc unpgc
0 117 2 0 200 fffff38011e1d080 key_timehandler
0 116 3 1 200 fffff38011e178c0 icmp6_wqinput/1 icmp6_wqinput
0 115 3 0 200 fffff38011e17480 icmp6_wqinput/0 icmp6_wqinput
0 114 3 1 200 fffff38011e17040 nd6_timer nd6_timer
0 113 3 1 200 fffff38011e12bc0 carp6_wqinput/1 carp6_wqinput
0 112 3 0 200 fffff38011e12780 carp6_wqinput/0 carp6_wqinput
0 111 3 1 200 fffff38011e12340 carp_wqinput/1 carp_wqinput
0 110 3 0 200 fffff38011e08b80 carp_wqinput/0 carp_wqinput
0 109 3 1 200 fffff38011e08740 icmp_wqinput/1 icmp_wqinput
0 108 3 0 200 fffff38011e08300 icmp_wqinput/0 icmp_wqinput
0 107 3 1 200 fffff38011c64b40 rt_timer rt_timer
0 106 3 0 200 fffff38011c642c0 vmem_rehash vmem_rehash
0 105 3 0 200 fffff38011c64700 entbutler entropy
0 96 3 1 200 fffff380117a3b00 viomb balloon
0 30 3 1 200 fffff380117a36c0 vioif0_txrx/1 vioif0_txrx
0 29 2 0 200 fffff380117a3280 vioif0_txrx/0
0 27 3 0 200 fffff380103b7680 scsibus0 sccomp
0 26 3 0 200 fffff380103b7240 pms0 pmsreset
0 25 3 1 200 fffff380103a6a80 xcall/1 xcall
0 24 1 1 200 fffff380103a6640 softser/1
0 23 1 1 200 fffff380103a6200 softclk/1
0 22 1 1 200 fffff380103a4a40 softbio/1
0 21 1 1 200 fffff380103a4600 softnet/1
0 20 1 1 201 fffff380103a41c0 idle/1
0 19 3 1 200 fffff3800f220a00 lnxpwrwq lnxpwrwq
0 18 3 1 200 fffff3800f2205c0 lnxlngwq lnxlngwq
0 17 3 1 200 fffff3800f220180 lnxsyswq lnxsyswq
0 16 3 1 200 fffff3800f21b9c0 lnxrcugc lnxrcugc
0 15 3 0 200 fffff3800f21b580 sysmon smtaskq
0 14 3 1 200 fffff3800f21b140 pmfsuspend pmfsuspend
0 13 3 0 200 fffff3800f217980 pmfevent pmfevent
0 12 3 0 200 fffff3800f217540 sopendfree sopendfr
0 11 3 1 200 fffff3800f217100 iflnkst iflnkst
0 10 3 1 200 fffff3800f20e940 nfssilly nfssilly
0 9 3 0 200 fffff3800f20e500 vdrain vdrain
0 8 3 0 200 fffff3800f20e0c0 modunload mod_unld
0 7 3 0 200 fffff3800ec0a900 xcall/0 xcall
0 6 1 0 200 fffff3800ec0a4c0 softser/0
0 5 1 0 200 fffff3800ec0a080 softclk/0
0 4 1 0 200 fffff3800ec088c0 softbio/0
0 3 1 0 200 fffff3800ec08480 softnet/0
0 2 1 0 201 fffff3800ec08040 idle/0
0 0 2 0 240 ffffffff86250d40 swapper
[Locks tracked through LWPs]
****** LWP 303.303 (syz-executor.2) @ 0xfffff3801486c280, l_stat=2
*** Locks held:
* Lock 0 (initialized at amap_ctor)
lock address : 0xfffff38013480440 type : sleep/adaptive
initialized : 0xffffffff84b06520
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 0
relevant cpu : 0 last held: 0
relevant lwp : 0xfffff3801486c280 last held: 0xfffff3801486c280
last locked* : 0xffffffff84b3cb97 unlocked : 0xffffffff84b4cba5
owner/count : 0xfffff3801486c280 flags : 0x0000000000000004
Turnstile: no active turnstile for this lock.
* Lock 1 (initialized at pmap_ctor)
lock address : 0xfffff38014c01a80 type : sleep/adaptive
initialized : 0xffffffff8188ec82
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 0
relevant cpu : 0 last held: 0
relevant lwp : 0xfffff3801486c280 last held: 0xfffff3801486c280
last locked* : 0xffffffff818a9fcb unlocked : 0xffffffff8189c745
owner field : 0xfffff3801486c280 wait/spin: 0/0
Turnstile: no active turnstile for this lock.
*** Locks wanted: none
****** LWP 498.498 (syz-executor.3) @ 0xfffff38014869680, l_stat=2
*** Locks held: none
*** Locks wanted:
* Lock 0 (initialized at sched_cpuattach)
lock address : 0xfffff3800ebef340 type : spin
initialized : 0xffffffff84dbfb49
shared holds : 0 exclusive: 0
shares wanted: 0 exclusive: 1
relevant cpu : 1 last held: 1
relevant lwp : 0xfffff38014869680 last held: 000000000000000000
last locked : 0xffffffff84d90f18 unlocked*: 0xffffffff84ffa781
owner field : 0x0000000000000700 wait/spin: 0/1
****** LWP 924.3653 (syz-executor.4) @ 0xfffff38014d58480, l_stat=7
*** Locks held:
* Lock 0 (initialized at mi_cpu_init)
lock address : 0xffffffff862d7e80 type : sleep/adaptive
initialized : 0xffffffff84ebe726
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 0
relevant cpu : 0 last held: 0
relevant lwp : 0xfffff38014d58480 last held: 0xfffff38014d58480
last locked* : 0xffffffff84c8b41a unlocked : 0xffffffff84c8bf58
owner field : 0xfffff38014d58480 wait/spin: 0/0
Turnstile: no active turnstile for this lock.
*** Locks wanted: none
****** LWP 29939.29939 (syz-executor.5) @ 0xfffff38014ec1100, l_stat=2
*** Locks held:
* Lock 0 (initialized at amap_ctor)
lock address : 0xfffff380150c2f00 type : sleep/adaptive
initialized : 0xffffffff84b06520
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 0
relevant cpu : 0 last held: 0
relevant lwp : 0xfffff38014ec1100 last held: 0xfffff38014ec1100
last locked* : 0xffffffff84b3cb97 unlocked : 000000000000000000
owner/count : 0xfffff38014ec1100 flags : 0x0000000000000004
Turnstile: no active turnstile for this lock.
* Lock 1 (initialized at pmap_ctor)
lock address : 0xfffff38014c01380 type : sleep/adaptive
initialized : 0xffffffff8188ec82
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 0
relevant cpu : 0 last held: 0
relevant lwp : 0xfffff38014ec1100 last held: 0xfffff38014ec1100
last locked* : 0xffffffff818a9fcb unlocked : 0xffffffff818afd6e
owner field : 0xfffff38014ec1100 wait/spin: 0/0
Turnstile: no active turnstile for this lock.
* Lock 2 (initialized at pmap_ctor)
lock address : 0xfffff38014c01388 type : sleep/adaptive
initialized : 0xffffffff8188ec9a
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 0
relevant cpu : 0 last held: 0
relevant lwp : 0xfffff38014ec1100 last held: 0xfffff38014ec1100
last locked* : 0xffffffff818aa3c4 unlocked : 0xffffffff818aa9af
owner/count : 0xfffff38014ec1100 flags : 0x0000000000000004
Turnstile: no active turnstile for this lock.
*** Locks wanted: none
****** LWP 22706.22706 (syz-executor.2) @ 0xfffff38013e5d640, l_stat=3
*** Locks held: none
*** Locks wanted:
* Lock 0 (initialized at module_hook_init)
lock address : 0xffffffff862cefc0 type : sleep/adaptive
initialized : 0xffffffff84d57873
shared holds : 0 exclusive: 0
shares wanted: 0 exclusive: 0
relevant cpu : 0 last held: 0
relevant lwp : 0xfffff38013e5d640 last held: 000000000000000000
last locked : 000000000000000000 unlocked*: 000000000000000000
owner field : 000000000000000000 wait/spin: 0/0
Turnstile: no active turnstile for this lock.
****** LWP 8323.8323 (syz-executor.3) @ 0xfffff380142c1140, l_stat=3
*** Locks held: none
*** Locks wanted:
* Lock 0 (initialized at module_hook_init)
lock address : 0xffffffff862cefc0 type : sleep/adaptive
initialized : 0xffffffff84d57873
shared holds : 0 exclusive: 0
shares wanted: 0 exclusive: 0
relevant cpu : 0 last held: 0
relevant lwp : 0xfffff380142c1140 last held: 000000000000000000
last locked : 000000000000000000 unlocked*: 000000000000000000
owner field : 000000000000000000 wait/spin: 0/0
Turnstile: no active turnstile for this lock.
****** LWP 4062.4062 (syz-executor.2) @ 0xfffff38013e5b1c0, l_stat=3
*** Locks held: none
*** Locks wanted:
* Lock 0 (initialized at module_hook_init)
lock address : 0xffffffff862cefc0 type : sleep/adaptive
initialized : 0xffffffff84d57873
shared holds : 0 exclusive: 0
shares wanted: 0 exclusive: 0
relevant cpu : 1 last held: 0
relevant lwp : 0xfffff38013e5b1c0 last held: 000000000000000000
last locked : 000000000000000000 unlocked*: 000000000000000000
owner field : 000000000000000000 wait/spin: 0/0
Turnstile: no active turnstile for this lock.
****** LWP 4814.4814 (syz-executor.2) @ 0xfffff38013e5ba40, l_stat=3
*** Locks held: none
*** Locks wanted:
* Lock 0 (initialized at module_hook_init)
lock address : 0xffffffff862cefc0 type : sleep/adaptive
initialized : 0xffffffff84d57873
shared holds : 0 exclusive: 0
shares wanted: 0 exclusive: 0
relevant cpu : 0 last held: 0
relevant lwp : 0xfffff38013e5ba40 last held: 000000000000000000
last locked : 000000000000000000 unlocked*: 000000000000000000
owner field : 000000000000000000 wait/spin: 0/0
Turnstile: no active turnstile for this lock.
****** LWP 1102.1102 (syz-executor.1) @ 0xfffff38012baa900, l_stat=2
*** Locks held:
* Lock 0 (initialized at vcache_new)
lock address : 0xfffff38013436680 type : sleep/adaptive
initialized : 0xffffffff8522319e
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 0
relevant cpu : 0 last held: 0
relevant lwp : 0xfffff38012baa900 last held: 0xfffff38012baa900
last locked* : 0xffffffff852a6886 unlocked : 0xffffffff852a6c35
owner/count : 0xfffff38012baa900 flags : 0x0000000000000004
Turnstile: no active turnstile for this lock.
* Lock 1 (initialized at vcache_new)
lock address : 0xfffff38014e00680 type : sleep/adaptive
initialized : 0xffffffff8522319e
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 0
relevant cpu : 0 last held: 0
relevant lwp : 0xfffff38012baa900 last held: 0xfffff38012baa900
last locked* : 0xffffffff852a6886 unlocked : 0xffffffff852a6c35
owner/count : 0xfffff38012baa900 flags : 0x0000000000000004
Turnstile: no active turnstile for this lock.
*** Locks wanted: none
****** LWP 440.440 (dhcpcd) @ 0xfffff3801236fb00, l_stat=3
*** Locks held: none
*** Locks wanted:
* Lock 0 (initialized at module_hook_init)
lock address : 0xffffffff862cefc0 type : sleep/adaptive
initialized : 0xffffffff84d57873
shared holds : 0 exclusive: 0
shares wanted: 0 exclusive: 0
relevant cpu : 1 last held: 0
relevant lwp : 0xfffff3801236fb00 last held: 000000000000000000
last locked : 000000000000000000 unlocked*: 000000000000000000
owner field : 000000000000000000 wait/spin: 0/0
Turnstile: no active turnstile for this lock.
****** LWP 428.428 (dhcpcd) @ 0xfffff38012513300, l_stat=3
*** Locks held: none
*** Locks wanted:
* Lock 0 (initialized at module_hook_init)
lock address : 0xffffffff862cefc0 type : sleep/adaptive
initialized : 0xffffffff84d57873
shared holds : 0 exclusive: 0
shares wanted: 0 exclusive: 0
relevant cpu : 0 last held: 0
relevant lwp : 0xfffff38012513300 last held: 000000000000000000
last locked : 000000000000000000 unlocked*: 000000000000000000
owner field : 000000000000000000 wait/spin: 0/0
Turnstile: no active turnstile for this lock.
****** LWP 350.350 (dhcpcd) @ 0xfffff3801236f6c0, l_stat=3
*** Locks held: none
*** Locks wanted:
* Lock 0 (initialized at module_hook_init)
lock address : 0xffffffff862cefc0 type : sleep/adaptive
initialized : 0xffffffff84d57873
shared holds : 0 exclusive: 0
shares wanted: 0 exclusive: 0
relevant cpu : 0 last held: 0
relevant lwp : 0xfffff3801236f6c0 last held: 000000000000000000
last locked : 000000000000000000 unlocked*: 000000000000000000
owner field : 000000000000000000 wait/spin: 0/0
Turnstile: no active turnstile for this lock.
****** LWP 349.349 (dhcpcd) @ 0xfffff38012444700, l_stat=3
*** Locks held: none
*** Locks wanted:
* Lock 0 (initialized at module_hook_init)
lock address : 0xffffffff862cefc0 type : sleep/adaptive
initialized : 0xffffffff84d57873
shared holds : 0 exclusive: 0
shares wanted: 0 exclusive: 0
relevant cpu : 0 last held: 0
relevant lwp : 0xfffff38012444700 last held: 000000000000000000
last locked : 000000000000000000 unlocked*: 000000000000000000
owner field : 000000000000000000 wait/spin: 0/0
Turnstile: no active turnstile for this lock.
****** LWP 0.11 (iflnkst) @ 0xfffff3800f217100, l_stat=3
*** Locks held: none
*** Locks wanted:
* Lock 0 (initialized at module_hook_init)
lock address : 0xffffffff862cefc0 type : sleep/adaptive
initialized : 0xffffffff84d57873
shared holds : 0 exclusive: 0
shares wanted: 0 exclusive: 0
relevant cpu : 1 last held: 0
relevant lwp : 0xfffff3800f217100 last held: 000000000000000000
last locked : 000000000000000000 unlocked*: 000000000000000000
owner field : 000000000000000000 wait/spin: 0/0
Turnstile: no active turnstile for this lock.
****** LWP 0.5 (softclk/0) @ 0xfffff3800ec0a080, l_stat=1
*** Locks held: none
*** Locks wanted:
* Lock 0 (initialized at module_hook_init)
lock address : 0xffffffff862cefc0 type : sleep/adaptive
initialized : 0xffffffff84d57873
shared holds : 0 exclusive: 0
shares wanted: 0 exclusive: 0
relevant cpu : 0 last held: 0
relevant lwp : 0xfffff3800ec0a080 last held: 000000000000000000
last locked : 000000000000000000 unlocked*: 000000000000000000
owner field : 000000000000000000 wait/spin: 0/0
Turnstile: no active turnstile for this lock.
[Locks tracked through CPUs]
PAGE FLAG PQ UOBJECT UANON
0xfffff38000017180 0041 00000000 0x0 0x0
0xfffff38000017200 0041 00000000 0x0 0x0
0xfffff38000017280 0041 00000000 0x0 0x0
0xfffff38000017300 0041 00000000 0x0 0x0
0xfffff38000017380 0041 00000000 0x0 0x0
0xfffff38000017400 0041 00000000 0x0 0x0
0xfffff38000017480 0041 00000000 0x0 0x0
0xfffff38000017500 0041 00000000 0x0 0x0
0xfffff38000017580 0041 00000000 0x0 0x0
0xfffff38000017600 0041 00000000 0x0 0x0
0xfffff38000017680 0041 00000000 0x0 0x0
0xfffff38000017700 0041 00000000 0x0 0x0
0xfffff38000017780 0041 00000000 0x0 0x0
0xfffff38000017800 0041 00000000 0x0 0x0
0xfffff38000017880 0041 00000000 0x0 0x0
0xfffff38000017900 0041 00000000 0x0 0x0
0xfffff38000017980 0041 00000000 0x0 0x0
0xfffff38000017a00 0041 00000000 0x0 0x0
0xfffff38000017a80 0041 00000000 0x0 0x0
0xfffff38000017b00 0041 00000000 0x0 0x0
0xfffff38000017b80 0041 00000000 0x0 0x0
0xfffff38000017c00 0041 00000000 0x0 0x0
0xfffff38000017c80 0041 00000000 0x0 0x0
0xfffff38000017d00 0041 00000000 0x0 0x0
0xfffff38000017d80 0041 00000000 0x0 0x0
0xfffff38000017e00 0041 00000000 0x0 0x0
0xfffff38000017e80 0041 00000000 0x0 0x0
0xfffff38000017f00 0041 00000000 0x0 0x0
0xfffff38000017f80 0041 00000000 0x0 0x0
0xfffff38000018000 0041 00000000 0x0 0x0
0xfffff38000018080 0041 00000000 0x0 0x0
0xfffff38000018100 0041 00000000 0x0 0x0
0xfffff38000018180 0041 00000000 0x0 0x0
0xfffff38000018200 0041 00000000 0x0 0x0
0xfffff38000018280 0041 00000000 0x0 0x0
0xfffff38000018300 0041 00000000 0x0 0x0
0xfffff38000018380 0041 00000000 0x0 0x0
0xfffff38000018400 0041 00000000 0x0 0x0
0xfffff38000018480 0041 00000000 0x0 0x0
0xfffff38000018500 0041 00000000 0x0 0x0
0xfffff38000018580 0041 00000000 0x0 0x0
0xfffff38000018600 0041 00000000 0x0 0x0
0xfffff38000018680 0041 00000000 0x0 0x0
0xfffff38000018700 0041 00000000 0x0 0x0
0xfffff38000018780 0041 00000000 0x0 0x0
0xfffff38000018800 0041 00000000 0x0 0x0
0xfffff38000018880 0041 00000000 0x0 0x0
0xfffff38000018900 0041 00000000 0x0 0x0
0xfffff38000018980 0041 00000000 0x0 0x0
0xfffff38000018a00 0041 00000000 0x0 0x0
0xfffff38000018a80 0041 00000000 0x0 0x0
0xfffff38000018b00 0041 00000000 0x0 0x0
0xfffff38000018b80 0041 00000000 0x0 0x0
0xfffff38000018c00 0041 00000000 0x0 0x0
0xfffff38000018c80 0041 00000000 0x0 0x0
0xfffff38000018d00 0041 00000000 0x0 0x0
0xfffff38000018d80 0041 00000000 0x0 0x0
0xfffff38000018e00 0041 00000000 0x0 0x0
0xfffff38000018e80 0041 00000000 0x0 0x0
0xfffff38000018f00 0041 00000000 0x0 0x0
0xfffff38000018f80 0041 00000000 0x0 0x0
0xfffff38000019000 0041 00000000 0x0 0x0
0xfffff38000019080 0041 00000000 0x0 0x0
0xfffff38000019100 0041 00000000 0x0 0x0
0xfffff38000019180 0041 00000000 0x0 0x0
0xfffff38000019200 0041 00000000 0x0 0x0
0xfffff38000019280 0041 00000000 0x0 0x0
0xfffff38000019300 0041 00000000 0x0 0x0
0xfffff38000019380 0041 00000000 0x0 0x0
0xfffff38000019400 0041 00000000 0x0 0x0
0xfffff38000019480 0041 00000000 0x0 0x0
0xfffff38000019500 0041 00000000 0x0 0x0
0xfffff38000019580 0041 00000000 0x0 0x0
0xfffff38000019600 0041 00000000 0x0 0x0
0xfffff38000019680 0041 00000000 0x0 0x0
0xfffff38000019700 0041 00000000 0x0 0x0
0xfffff38000019780 0041 00000000 0x0 0x0
0xfffff38000019800 0041 00000000 0x0 0x0
0xfffff38000019880 0041 00000000 0x0 0x0
0xfffff38000019900 0041 00000000 0x0 0x0
0xfffff38000019980 0041 00000000 0x0 0x0
0xfffff38000019a00 0041 00000000 0x0 0x0
0xfffff38000019a80 0041 00000000 0x0 0x0
0xfffff38000019b00 0041 00000000 0x0 0x0
0xfffff38000019b80 0041 00000000 0x0 0x0
0xfffff38000019c00 0041 00000000 0x0 0x0
0xfffff38000019c80 0041 00000000 0x0 0x0
0xfffff38000019d00 0041 00000000 0x0 0x0
0xfffff38000019d80 0041 00000000 0x0 0x0
0xfffff38000019e00 0041 00000000 0x0 0x0
0xfffff38000019e80 0041 00000000 0x0 0x0
0xfffff38000019f00 0041 00000000 0x0 0x0
0xfffff38000019f80 0041 00000000 0x0 0x0
0xfffff3800001a000 0041 00000000 0x0 0x0
0xfffff3800001a080 0041 00000000 0x0 0x0
0xfffff3800001a100 0041 00000000 0x0 0x0
0xfffff3800001a180 0041 00000000 0x0 0x0
0xfffff3800001a200 0041 00000000 0x0 0x0
0xfffff3800001a280 0041 00000000 0x0 0x0
0xfffff3800001a300 0041 00000000 0x0 0x0
0xfffff3800001a380 0041 00000000 0x0 0x0
0xfffff3800001a400 0041 00000000 0x0 0x0
0xfffff3800001a480 0041 00000000 0x0 0x0
0xfffff3800001a500 0041 00000000 0x0 0x0
0xfffff3800001a580 0041 00000000 0x0 0x0
0xfffff3800001a600 0041 00000000 0x0 0x0
0xfffff3800001a680 0041 00000000 0x0 0x0
0xfffff3800001a700 0041 00000000 0x0 0x0
0xfffff3800001a780 0041 00000000 0x0 0x0
0xfffff3800001a800 0041 00000000 0x0 0x0
0xfffff3800001a880 0041 00000000 0x0 0x0
0xfffff3800001a900 0041 00000000 0x0 0x0
0xfffff3800001a980 0041 00000000 0x0 0x0
0xfffff3800001aa00 0041 00000000 0x0 0x0
0xfffff3800001aa80 0041 00000000 0x0 0x0
0xfffff3800001ab00 0041 00000000 0x0 0x0
0xfffff3800001ab80 0041 00000000 0x0 0x0
0xfffff3800001ac00 0041 00000000 0x0 0x0
0xfffff3800001ac80 0041 00000000 0x0 0x0
0xfffff3800001ad00 0041 00000000 0x0 0x0
0xfffff3800001ad80 0041 00000000 0x0 0x0
0xfffff3800001ae00 0041 00000000 0x0 0x0
0xfffff3800001ae80 0041 00000000 0x0 0x0
0xfffff3800001af00 0041 00000000 0x0 0x0
0xfffff3800001af80 0001 00000000 0x0 0x0
0xfffff3800001b000 0001 00000000 0x0 0x0
0xfffff3800001b080 0001 00000000 0x0 0x0
0xfffff3800001b100 0001 00000000 0x0 0x0
0xfffff3800001b180 0001 00000000 0x0 0x0
0xfffff3800001b200 0001 00000000 0x0 0x0
0xfffff3800001b280 0001 00000000 0x0 0x0
0xfffff3800001b300 0001 00000000 0x0 0x0
0xfffff3800001b380 0001 00000000 0x0 0x0
0xfffff3800001b400 0001 00000000 0x0 0x0
0xfffff3800001b480 0001 00000000 0x0 0x0
0xfffff3800001b500 0001 00000000 0x0 0x0
0xfffff3800001b580 0001 00000000 0x0 0x0
0xfffff3800001b600 0001 00000000 0x0 0x0
0xfffff3800001b680 0001 00000000 0x0 0x0
0xfffff3800001b700 0001 00000000 0x0 0x0
0xfffff3800001b780 0001 00000000 0x0 0x0
0xfffff3800001b800 0001 00000000 0x0 0x0
0xfffff3800001b880 0001 00000000 0x0 0x0
0xfffff3800001b900 0001 00000000 0x0 0x0
0xfffff3800001b980 0001 00000000 0x0 0x0
0xfffff3800001ba00 0001 00000000 0x0 0x0
0xfffff3800001ba80 0001 00000000 0x0 0x0
0xfffff3800001bb00 0001 00000000 0x0 0x0
0xfffff3800001bb80 0001 00000000 0x0 0x0
0xfffff3800001bc00 0001 00000000 0x0 0x0
0xfffff3800001bc80 0001 00000000 0x0 0x0
0xfffff3800001bd00 0001 00000000 0x0 0x0
0xfffff3800001bd80 0001 00000000 0x0 0x0
0xfffff3800001be00 0001 00000000 0x0 0x0
0xfffff3800001be80 0001 00000000 0x0 0x0
0xfffff3800001bf00 0001 00000000 0x0 0x0
0xfffff3800001bf80 0001 00000000 0x0 0x0
0xfffff3800001c000 0001 00000000 0x0 0x0
0xfffff3800001c080 0001 00000000 0x0 0x0
0xfffff3800001c100 0001 00000000 0x0 0x0
0xfffff3800001c180 0001 00000000 0x0 0x0
0xfffff3800001c200 0001 00000000 0x0 0x0
0xfffff3800001c280 0001 00000000 0x0 0x0
0xfffff3800001c300 0001 00000000 0x0 0x0
0xfffff3800001c380 0001 00000000 0x0 0x0
0xfffff3800001c400 0001 00000000 0x0 0x0
0xfffff3800001c480 0001 00000000 0x0 0x0
0xfffff3800001c500 0001 00000000 0x0 0x0
0xfffff3800001c580 0001 00000000 0x0 0x0
0xfffff3800001c600 0001 00000000 0x0 0x0
0xfffff3800001c680 0001 00000000 0x0 0x0
0xfffff3800001c700 0001 00000000 0x0 0x0
0xfffff3800001c780 0001 00000000 0x0 0x0
0xfffff3800001c800 0001 00000000 0x0 0x0
0xfffff3800001c880 0001 00000000 0x0 0x0
0xfffff3800001c900 0001 00000000 0x0 0x0
0xfffff3800001c980 0001 00000000 0x0 0x0
0xfffff3800001ca00 0001 00000000 0x0 0x0
0xfffff3800001ca80 0001 00000000 0x0 0x0
0xfffff3800001cb00 0001 00000000 0x0 0x0
0xfffff3800001cb80 0001 00000000 0x0 0x0
0xfffff3800001cc00 0001 00000000 0x0 0x0
0xfffff3800001cc80 0001 00000000 0x0 0x0
0xfffff3800001cd00 0001 00000000 0x0 0x0
0xfffff3800001cd80 0001 00000000 0x0 0x0
0xfffff3800001ce00 0001 00000000 0x0 0x0
0xfffff3800001ce80 0001 00000000 0x0 0x0
0xfffff3800001cf00 0001 00000000 0x0 0x0
0xfffff3800001cf80 0001 00000000 0x0 0x0
0xfffff3800001d000 0001 00000000 0x0 0x0
0xfffff3800001d080 0001 00000000 0x0 0x0
0xfffff3800001d100 0001 00000000 0x0 0x0
0xfffff3800001d180 0001 00000000 0x0 0x0
0xfffff3800001d200 0001 00000000 0x0 0x0
0xfffff3800001d280 0001 00000000 0x0 0x0
0xfffff3800001d300 0001 00000000 0x0 0x0
0xfffff3800001d380 0001 00000000 0x0 0x0
0xfffff3800001d400 0001 00000000 0x0 0x0
0xfffff3800001d480 0001 00000000 0x0 0x0
0xfffff3800001d500 0001 00000000 0x0 0x0
0xfffff3800001d580 0001 00000000 0x0 0x0
0xfffff3800001d600 0001 00000000 0x0 0x0
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot
Sep 6, 2021, 4:42:17 AM9/6/21
to syzkaller-...@googlegroups.com
Auto-closing this bug as obsolete.
Crashes did not happen for a while, no reproducer and no activity.
Crashes did not happen for a while, no reproducer and no activity.
Reply all
Reply to author
Forward
0 new messages