Re: [virtio] Re: CVS commit: src/sys/dev/pci

To: Maxime Villard <max%m00nbsd.net@localhost>
Subject: Re: [virtio] Re: CVS commit: src/sys/dev/pci
From: Shoichi Yamaguchi <yamaguchi%netbsd.org@localhost>
Date: Wed, 27 May 2020 20:47:55 +0900

Hi,

On Wed, May 27, 2020 at 2:20 AM Maxime Villard <max%m00nbsd.net@localhost> wrote:
>
> Hi,
> I don't know if this is related to your changes, but kMSan detected one uninit
> variable in virtio 3h ago:
>
>         https://syzkaller.appspot.com/text?tag=CrashReport&x=12084ef6100000
>
>         [ 153.4370851] panic: MSan: Uninitialized Kmem Memory From virtio_pci_setup_interrupts()
>         [ 153.4448669] cpu0: Begin traceback...
>         [ 153.4448669] vpanic() at netbsd:vpanic+0x7c1 sys/kern/subr_prf.c:288
>         [ 153.4632004] panic() at netbsd:panic+0x1ad sys/kern/subr_prf.c:209
>         [ 153.4734357] __msan_warning() at netbsd:__msan_warning+0xe7 kmsan_report_inline sys/kern/subr_msan.c:239 [inline]
>         [ 153.4734357] __msan_warning() at netbsd:__msan_warning+0xe7 sys/kern/subr_msan.c:612
>         [ 153.4931985] virtio_pci_free_interrupts() at netbsd:virtio_pci_free_interrupts+0x1b4 sys/dev/pci/virtio_pci.c:740
>         [ 153.5132006] virtio_child_detach() at netbsd:virtio_child_detach+0x116 sys/dev/pci/virtio.c:924
>         [ 153.5331982] vioscsi_detach() at netbsd:vioscsi_detach+0x40d sys/dev/pci/vioscsi.c:244
>         [ 153.5532009] config_detach() at netbsd:config_detach+0x7e3 sys/kern/subr_autoconf.c:1760
>         [ 153.5732017] config_detach_all() at netbsd:config_detach_all+0x29a sys/kern/subr_autoconf.c:1906
>         [ 153.5831984] cpu_reboot() at netbsd:cpu_reboot+0x290 sys/arch/amd64/amd64/machdep.c:700
>         [ 153.6031986] kern_reboot() at netbsd:kern_reboot+0x18f sys/kern/kern_reboot.c:73
>         [ 153.6231980] sys_reboot() at netbsd:sys_reboot+0x28d
>
> This means that some memory allocated by virtio_pci_setup_interrupts() on
> the kmem allocator was not initialized, and later one access to it was made
> by virtio_pci_free_interrupts() at l.740 of the file.

Thank you for your pointed out.
I modified virtio(4) not to allocate unused memory.
I guess it fixes the issue.

Could you check this?

Thanks,
yamaguchi

Follow-Ups:
- Re: [virtio] Re: CVS commit: src/sys/dev/pci
  - From: Shoichi Yamaguchi

References:
- [virtio] Re: CVS commit: src/sys/dev/pci
  - From: Maxime Villard

Prev by Date: [virtio] Re: CVS commit: src/sys/dev/pci
Next by Date: Re: CVS commit: src/sys/dev/usb
Previous by Thread: [virtio] Re: CVS commit: src/sys/dev/pci
Next by Thread: Re: [virtio] Re: CVS commit: src/sys/dev/pci
Indexes:

Home | Main Index | Thread Index | Old Index