witness: lock_object uninitializwitness_checkorder(ADDRwitness_checkordrw_enter_write(frw_enter_write+0unveil_delete_nau
0 views
Skip to first unread message
syzbot
Sep 15, 2024, 5:04:29 PMSep 15
to syzkaller-o...@googlegroups.com
Hello,
syzbot found the following issue on:
HEAD commit: ff1c29691e7d minor grammar/sort fixes for refuseconnection..
git tree: openbsd
console output: https://syzkaller.appspot.com/x/log.txt?x=13be5407980000
kernel config: https://syzkaller.appspot.com/x/.config?x=7058272de1526588
dashboard link: https://syzkaller.appspot.com/bug?extid=e2b95e53e311c3aa0b4a
Unfortunately, I don't have any reproducer for this issue yet.
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/95d156cfe9e9/disk-ff1c2969.raw.xz
bsd.gdb: https://storage.googleapis.com/syzbot-assets/eb6c9f4d6d13/bsd-ff1c2969.gdb.xz
kernel image: https://storage.googleapis.com/syzbot-assets/23bcc7b02911/kernel-ff1c2969.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+e2b95e...@syzkaller.appspotmail.com
pmap_unwire:pmap_unwire: wiring for pmap 0xfpmap_unwire: wiring for pmap 0xfffffd806b430ca8 pmap_unwire: wirwitness: lock_object uninitializwitness_checkorder(ffff80000124ewitness_checkordrw_enter_write(frw_enter_write+0unveil_delete_naunveil_delete_naunveil_destroy(funveil_destroy+0exit1(ffff8000371f3700,0,0,1) atsys_exit(ffff8000371f3700,ffff80+0x1a
syscall(ffff8000371c6380)syscall+0xaf8
Xsyscall() at Xsyscall+0x128
end of kernel
end trace
x86_ipi_db(ffff800029b7bff0) at x86_ipi_db+0x27 sys/arch/amd64/amd64/db_interface.c:393
x86_ipi_handler() at x86_ipi_handler+0xd9 sys/arch/amd64/amd64/ipi.c:106
Xresume_lapic_ipi() at Xresume_lapic_ipi+0x27
__mp_lock(ffffffff835e69f0) at __mp_lock+0x192 __mp_lock_spin sys/kern/kern_lock.c:113 [inline]
__mp_lock(ffffffff835e69f0) at __mp_lock+0x192 sys/kern/kern_lock.c:144
uvm_unmap_kill_entry_withlock(fffffd806c4c41d0,fffffd806e506380,0) at uvm_unmap_kill_entry_withlock+0x62 sys/uvm/uvm_map.c:1860
uvm_map_teardown(fffffd806c4c41d0) at uvm_map_teardown+0x1c7 sys/uvm/uvm_map.c:2498
uvmspace_free(fffffd806c4c41d0) at uvmspace_free+0xcd sys/uvm/uvm_map.c:3422
reaper(ffff800029fd8f38) at reaper+0x246 sys/kern/kern_exit.c:480
end trace frame: 0x0, count: -8
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
If the report is already addressed, let syzbot know by replying with:
#syz fix: exact-commit-title
If you want to overwrite report's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)
If the report is a duplicate of another one, reply with:
#syz dup: exact-subject-of-another-report
If you want to undo deduplication, reply with:
#syz undup
syzbot found the following issue on:
HEAD commit: ff1c29691e7d minor grammar/sort fixes for refuseconnection..
git tree: openbsd
console output: https://syzkaller.appspot.com/x/log.txt?x=13be5407980000
kernel config: https://syzkaller.appspot.com/x/.config?x=7058272de1526588
dashboard link: https://syzkaller.appspot.com/bug?extid=e2b95e53e311c3aa0b4a
Unfortunately, I don't have any reproducer for this issue yet.
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/95d156cfe9e9/disk-ff1c2969.raw.xz
bsd.gdb: https://storage.googleapis.com/syzbot-assets/eb6c9f4d6d13/bsd-ff1c2969.gdb.xz
kernel image: https://storage.googleapis.com/syzbot-assets/23bcc7b02911/kernel-ff1c2969.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+e2b95e...@syzkaller.appspotmail.com
pmap_unwire:pmap_unwire: wiring for pmap 0xfpmap_unwire: wiring for pmap 0xfffffd806b430ca8 pmap_unwire: wirwitness: lock_object uninitializwitness_checkorder(ffff80000124ewitness_checkordrw_enter_write(frw_enter_write+0unveil_delete_naunveil_delete_naunveil_destroy(funveil_destroy+0exit1(ffff8000371f3700,0,0,1) atsys_exit(ffff8000371f3700,ffff80+0x1a
syscall(ffff8000371c6380)syscall+0xaf8
Xsyscall() at Xsyscall+0x128
end of kernel
end trace
x86_ipi_db(ffff800029b7bff0) at x86_ipi_db+0x27 sys/arch/amd64/amd64/db_interface.c:393
x86_ipi_handler() at x86_ipi_handler+0xd9 sys/arch/amd64/amd64/ipi.c:106
Xresume_lapic_ipi() at Xresume_lapic_ipi+0x27
__mp_lock(ffffffff835e69f0) at __mp_lock+0x192 __mp_lock_spin sys/kern/kern_lock.c:113 [inline]
__mp_lock(ffffffff835e69f0) at __mp_lock+0x192 sys/kern/kern_lock.c:144
uvm_unmap_kill_entry_withlock(fffffd806c4c41d0,fffffd806e506380,0) at uvm_unmap_kill_entry_withlock+0x62 sys/uvm/uvm_map.c:1860
uvm_map_teardown(fffffd806c4c41d0) at uvm_map_teardown+0x1c7 sys/uvm/uvm_map.c:2498
uvmspace_free(fffffd806c4c41d0) at uvmspace_free+0xcd sys/uvm/uvm_map.c:3422
reaper(ffff800029fd8f38) at reaper+0x246 sys/kern/kern_exit.c:480
end trace frame: 0x0, count: -8
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
If the report is already addressed, let syzbot know by replying with:
#syz fix: exact-commit-title
If you want to overwrite report's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)
If the report is a duplicate of another one, reply with:
#syz dup: exact-subject-of-another-report
If you want to undo deduplication, reply with:
#syz undup
Reply all
Reply to author
Forward
0 new messages