assertion failed: kref_refcnt(kref) > 0
8 views
Skip to first unread message
syzbot
Aug 22, 2018, 4:38:03 PM8/22/18
to aka...@googlegroups.com
Hello,
syzbot found the following crash on:
HEAD commit: e94ea40da19b Don't cache pcpui in sys_fork()
git tree: https://github.com/akaros/akaros.git/master
console output: https://syzkaller.appspot.com/x/log.txt?x=1488e41e400000
kernel config: https://syzkaller.appspot.com/x/.config?x=efef8cf2939304d3
dashboard link: https://syzkaller.appspot.com/bug?extid=75a997a9a55827b3871d
compiler:
syzkaller repro:https://syzkaller.appspot.com/x/repro.syz?x=1597aea6400000
IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+75a997...@syzkaller.appspotmail.com
kernel panic at /syzkaller/managers/main/kernel/kern/include/kref.h:68,
from core 3: assertion failed: kref_refcnt(kref) > 0
Stack Backtrace on Core 3:
#01 [<0xffffffffc200a33c>] in backtrace at src/kdebug.c:220
#02 [<0xffffffffc2009b3d>] in _panic at src/init.c:268
#03 [< [inline] >] in kref_put at include/kref.h:68
#03 [<0xffffffffc200abab>] in kfree at src/kmalloc.c:236
#04 [<0xffffffffc20313b4>] in kstrdup at src/ns/chan.c:122
#05 [<0xffffffffc201774c>] in Fsprotoclone at src/net/devip.c:1776
#06 [<0xffffffffc2017b48>] in ipopen at src/net/devip.c:499
#07 [<0xffffffffc2033910>] in __namec_from at src/ns/chan.c:1232
#08 [<0xffffffffc20340ef>] in namec at src/ns/chan.c:1516
#09 [<0xffffffffc2041446>] in sysopenat at src/ns/sysfile.c:590
#10 [<0xffffffffc20589af>] in sys_openat at src/syscall.c:1724
#11 [<0xffffffffc2059569>] in syscall at src/syscall.c:2455
#12 [<0xffffffffc2059734>] in run_local_syscall at src/syscall.c:2490
#13 [<0xffffffffc2059c69>] in prep_syscalls at src/syscall.c:2510
#14 [<0xffffffffc20ab5fa>] in sysenter_callwrapper at arch/x86/trap.c:854
---
This bug is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this bug report. See:
https://goo.gl/tpsmEJ#bug-status-tracking for how to communicate with
syzbot.
syzbot can test patches for this bug, for details see:
https://goo.gl/tpsmEJ#testing-patches
syzbot found the following crash on:
HEAD commit: e94ea40da19b Don't cache pcpui in sys_fork()
git tree: https://github.com/akaros/akaros.git/master
console output: https://syzkaller.appspot.com/x/log.txt?x=1488e41e400000
kernel config: https://syzkaller.appspot.com/x/.config?x=efef8cf2939304d3
dashboard link: https://syzkaller.appspot.com/bug?extid=75a997a9a55827b3871d
compiler:
syzkaller repro:https://syzkaller.appspot.com/x/repro.syz?x=1597aea6400000
IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+75a997...@syzkaller.appspotmail.com
kernel panic at /syzkaller/managers/main/kernel/kern/include/kref.h:68,
from core 3: assertion failed: kref_refcnt(kref) > 0
Stack Backtrace on Core 3:
#01 [<0xffffffffc200a33c>] in backtrace at src/kdebug.c:220
#02 [<0xffffffffc2009b3d>] in _panic at src/init.c:268
#03 [< [inline] >] in kref_put at include/kref.h:68
#03 [<0xffffffffc200abab>] in kfree at src/kmalloc.c:236
#04 [<0xffffffffc20313b4>] in kstrdup at src/ns/chan.c:122
#05 [<0xffffffffc201774c>] in Fsprotoclone at src/net/devip.c:1776
#06 [<0xffffffffc2017b48>] in ipopen at src/net/devip.c:499
#07 [<0xffffffffc2033910>] in __namec_from at src/ns/chan.c:1232
#08 [<0xffffffffc20340ef>] in namec at src/ns/chan.c:1516
#09 [<0xffffffffc2041446>] in sysopenat at src/ns/sysfile.c:590
#10 [<0xffffffffc20589af>] in sys_openat at src/syscall.c:1724
#11 [<0xffffffffc2059569>] in syscall at src/syscall.c:2455
#12 [<0xffffffffc2059734>] in run_local_syscall at src/syscall.c:2490
#13 [<0xffffffffc2059c69>] in prep_syscalls at src/syscall.c:2510
#14 [<0xffffffffc20ab5fa>] in sysenter_callwrapper at arch/x86/trap.c:854
---
This bug is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this bug report. See:
https://goo.gl/tpsmEJ#bug-status-tracking for how to communicate with
syzbot.
syzbot can test patches for this bug, for details see:
https://goo.gl/tpsmEJ#testing-patches
syzbot
Oct 19, 2018, 10:12:04 AM10/19/18
to aka...@googlegroups.com
syzbot has found a reproducer for the following crash on:
HEAD commit: 73001cbb86fe alarm: Clean up condition variable usage
git tree: https://github.com/akaros/akaros.git master
console output: https://syzkaller.appspot.com/x/log.txt?x=1567e279400000
kernel config: https://syzkaller.appspot.com/x/.config?x=bc709c3b83482973
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=16ba1be6400000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=1281d629400000
IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+75a997...@syzkaller.appspotmail.com
kernel panic at /syzkaller/managers/main/kernel/kern/include/kref.h:68,
from core 2: assertion failed: kref_refcnt(kref) > 0
Stack Backtrace on Core 2:
#01 [<0xffffffffc200a3ac>] in backtrace at src/kdebug.c:229
#04 [<0xffffffffc2031474>] in kstrdup at src/ns/chan.c:122
#05 [<0xffffffffc20755b3>] in conswrite at drivers/dev/cons.c:1246
#06 [<0xffffffffc207e11e>] in mntversion at drivers/dev/mnt.c:213
#07 [<0xffffffffc207f532>] in mntattach at drivers/dev/mnt.c:360
#08 [<0xffffffffc203f431>] in sysmount at src/ns/sysfile.c:530
#09 [<0xffffffffc2056581>] in sys_nmount at src/syscall.c:2196
#10 [<0xffffffffc2059f59>] in syscall at src/syscall.c:2465
#11 [<0xffffffffc205a124>] in run_local_syscall at src/syscall.c:2500
#12 [<0xffffffffc205a659>] in prep_syscalls at src/syscall.c:2520
#13 [<0xffffffffc20ac10a>] in sysenter_callwrapper at arch/x86/trap.c:854
HEAD commit: 73001cbb86fe alarm: Clean up condition variable usage
git tree: https://github.com/akaros/akaros.git master
console output: https://syzkaller.appspot.com/x/log.txt?x=1567e279400000
kernel config: https://syzkaller.appspot.com/x/.config?x=bc709c3b83482973
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=16ba1be6400000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=1281d629400000
IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+75a997...@syzkaller.appspotmail.com
kernel panic at /syzkaller/managers/main/kernel/kern/include/kref.h:68,
Stack Backtrace on Core 2:
#01 [<0xffffffffc200a3ac>] in backtrace at src/kdebug.c:229
#02 [<0xffffffffc2009b3d>] in _panic at src/init.c:268
#03 [< [inline] >] in kref_put at include/kref.h:68
#03 [<0xffffffffc200ac1b>] in kfree at src/kmalloc.c:236
#03 [< [inline] >] in kref_put at include/kref.h:68
#04 [<0xffffffffc2031474>] in kstrdup at src/ns/chan.c:122
#05 [<0xffffffffc20755b3>] in conswrite at drivers/dev/cons.c:1246
#06 [<0xffffffffc207e11e>] in mntversion at drivers/dev/mnt.c:213
#07 [<0xffffffffc207f532>] in mntattach at drivers/dev/mnt.c:360
#08 [<0xffffffffc203f431>] in sysmount at src/ns/sysfile.c:530
#09 [<0xffffffffc2056581>] in sys_nmount at src/syscall.c:2196
#10 [<0xffffffffc2059f59>] in syscall at src/syscall.c:2465
#11 [<0xffffffffc205a124>] in run_local_syscall at src/syscall.c:2500
#12 [<0xffffffffc205a659>] in prep_syscalls at src/syscall.c:2520
#13 [<0xffffffffc20ac10a>] in sysenter_callwrapper at arch/x86/trap.c:854
Reply all
Reply to author
Forward
0 new messages