assert failed: vp->v_usecount != 0

5 views
Skip to first unread message

syzbot

unread,
Feb 24, 2019, 11:38:04 PM2/24/19
to syzkaller-...@googlegroups.com
Hello,

syzbot found the following crash on:

HEAD commit: 11eef5b2ee47 Clear per-lwp entries whose mount is gone bef..
git tree: netbsd
console output: https://syzkaller.appspot.com/x/log.txt?x=12553668c00000
dashboard link: https://syzkaller.appspot.com/bug?extid=889319cdf91a3d0373a9

Unfortunately, I don't have any reproducer for this crash yet.

IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+889319...@syzkaller.appspotmail.com

[ 55.4134400] panic: kernel diagnostic assertion "vp->v_usecount != 0"
failed: file "/syzkaller/managers/netbsd/kernel/sys/kern/vfs_vnode.c", line
869
[ 55.4134400] cpu0: Begin traceback...
[ 55.4234551] vpanic() at netbsd:vpanic+0x214
[ 55.4234551] _GLOBAL__sub_D_65535_0_cpu_configure() at
netbsd:_GLOBAL__sub_D_65535_0_cpu_configure
[ 55.4334731] vref() at netbsd:vref+0x54
[ 55.4437659] getcwd_common() at netbsd:getcwd_common+0x10d
[ 55.4541752] vn_isunder() at netbsd:vn_isunder+0x1e
[ 55.4641452] lookup_once() at netbsd:lookup_once+0x252
[ 55.4735342] namei_tryemulroot() at netbsd:namei_tryemulroot+0x613
[ 55.4846627] namei() at netbsd:namei+0x65
[ 55.4952737] vn_open() at netbsd:vn_open+0x12d
[ 55.5044428] do_open() at netbsd:do_open+0x228
[ 55.5138824] do_sys_openat() at netbsd:do_sys_openat+0x130
[ 55.5246915] sys_open() at netbsd:sys_open+0xab
[ 55.5351154] sys___syscall() at netbsd:sys___syscall+0xe2
[ 55.5536593] syscall() at netbsd:syscall+0x30e
[ 55.5536593] --- syscall (number 198) ---
[ 55.5641357] 75e1c923f4aa:
[ 55.5641357] cpu0: End traceback...

[ 55.5641357] dumping to dev 4,1 (offset=0, size=0): not possible
[ 55.5641357] rebooting...
SeaBIOS (version 1.8.2-20181029_212248-google)
Total RAM Size = 0x00000001e0000000 = 7680 MiB
CPUs found: 2 Max CPUs supported: 2
found virtio-scsi at 0:3
virtio-scsi vendor='Google' product='PersistentDisk' rev='1' type=0
removable=0
virtio-scsi blksize=512 sectors=4194304 = 2048 MiB
drive 0x000f2a00: PCHS=0/0/0 translation=lba LCHS=520/128/63 s=4194304
Booting from Hard Disk 0...

>> NetBSD/x86 BIOS Boot, Revision 5.10 (Tue Jul 17 14:59:51 UTC 2018) (from
>> NetBSD 8.0)
>> Memory: 639/3144640 k

1. Boot normally
2. Boot single user
3. Disable ACPI
4. Disable ACPI and SMP
5. Drop to boot prompt
| / - \ | / - 36967632\ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ |
/ - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ |
/ - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ |
/ - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ |
/ - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ |
/ - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ |
/ - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ |
/ - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ |
/ - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ |
/ - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ |
/ - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ |
/ - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ |
/ - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ |
/ - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ |
/ - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ |
/ - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ |
/ - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ |
/ - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ |
/ - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ |
/ - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ |
/ - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ |
/ - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ |
/ - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ |
/ - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ |
/ - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ |
/ - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ |
/ - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ |
/ - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ |
/ - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ |
/ - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ |
/ - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ |
/ - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ |
/ - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ |
/ - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ |
/ - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ |
/ - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ |
/ - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ |
/ - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ |
/ - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ |
/ - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ |
/ - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ |
/ - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ |
/ - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ |
/ - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ |
/ - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ |
/ - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ |
/ - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ |
/ - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ |
/ - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ |
/ - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ |
/ - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ |
/ - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ |
/ - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ |
/ - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ |
/ - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ |
/ - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ |
/ - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ |
/ - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ |
/ - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ |
/ - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ |
/ - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ |
/ - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ |
/ - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ |
/ - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ |
+2878256/ - \ | [1062137/ - \ | / - \ | / - \ | / - \ | / - \ | / - \ |
/ - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ |
/ - \ | / - \ +1363032| / - \ | / - \ | / - \ | / - \ | / - \ | / - \ |
/ - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ |
/ - \ | / - \ | / - \ | / - \ | / - \ | / - \ +1044802| / - \ | / - \ |
/ - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ |
/ - \ | / - \ | / - \ | / - \ | / - \ | ]=0x294fc90
/ - \ | / - \ | / - \ | / - \ | / - \ | / - \ | / - \ | WARNING: couldn't
open /var/db/entropy-file
WARNING: 1 module failed to load


---
This bug is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.

syzbot will keep track of this bug report. See:
https://goo.gl/tpsmEJ#bug-status-tracking for how to communicate with
syzbot.

syzbot

unread,
Feb 26, 2019, 4:34:05 AM2/26/19
to syzkaller-...@googlegroups.com
syzbot has found a reproducer for the following crash on:

HEAD commit: 5eba7b0ad839 Fix typo in kcov.h
git tree: netbsd
console output: https://syzkaller.appspot.com/x/log.txt?x=124306a4c00000
dashboard link: https://syzkaller.appspot.com/bug?extid=889319cdf91a3d0373a9
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=14144e92c00000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=147db034c00000

IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+889319...@syzkaller.appspotmail.com

login: [ 38.3025895] panic: kernel diagnostic assertion "vp->v_usecount !=
0" failed: file "/syzkaller/managers/netbsd/kernel/sys/kern/vfs_vnode.c",
line 869
[ 38.3025895] cpu0: Begin tracebacWkAR.N.I.
N[
38.3025895] G: SPL NOT LOWERED ON SYSCALL 0 -6891536 EXIT a06106b0 7
[ 38.3025895] vpanic() at netbsd:vpanic+0x214
[ 38.3025895] _GLOBAL__sub_D_65535_0_cpu_configure()W aARtN ING: SPL NOT
LOWERED ON SYSCALL 0ne -tbs68d91:5_3G6L OEBXIATL_ _a0s6u1b0_D_66b505 375
[ 38.3025895] _0_cpu_configure
[ 38.3025895] vref() at netbsd:vref+0x54
[ 38.3025895] getcwd_common() at netbsd:getcwd_common+0x10d
[ 38.3025895] vn_isunder() at netbsd:vn_isunder+0x1e
[ 38.3025895] lookup_once() at netbsd:lookup_once+0x252
[ 38.3025895] namei_tryemulroot() at netbsd:namei_tryemulroot+0x613
[ 38.3025895] namei() at netbsd:namei+0x65
[ 38.3025895] fd_nameiat.isra.2() at netbsd:fd_nameiat.isra.2+0xd0
[ 38.3025895] do_sys_statat() at netbsd:do_sys_statat+0x11b
[ 38.3025895] sys___stat50() at netbsd:sys___stat50+0x88
[ 38.3025895] sys_syscall() at netbsd:sys_syscall+0xe2
[ 38.3025895] syscall() at netbsd:syscall+0x30e
[ 38.3025895] --- syscall (number 0) ---
[ 38.3025895] 7d1fa003f4ca:
[ 38.3025895] cpu0: End traceback...

[ 38.3025895] dumping to dev 4,1 (offset=0, size=0): not possible
[ 38.3025895] rebooting...
SeaBIOS (version 1.8.2-20190204_181744-google)
Reply all
Reply to author
Forward
0 new messages