assert "pg->wire_count != NUM" failed in uvm_page.c
0 views
Skip to first unread message
syzbot
10:16 AM (4 hours ago) 10:16 AM
to syzkaller-o...@googlegroups.com
Hello,
syzbot found the following issue on:
HEAD commit: 7a245af8e4c1 Assert that `wire_count' doesn't wrap around.
git tree: openbsd
console output: https://syzkaller.appspot.com/x/log.txt?x=15ae0f7c580000
kernel config: https://syzkaller.appspot.com/x/.config?x=1bc15e68cd2a49e5
dashboard link: https://syzkaller.appspot.com/bug?extid=db99726653fba0697bd8
Unfortunately, I don't have any reproducer for this issue yet.
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/36b1758bd034/disk-7a245af8.raw.xz
bsd.gdb: https://storage.googleapis.com/syzbot-assets/a79d3487efec/bsd-7a245af8.gdb.xz
kernel image: https://storage.googleapis.com/syzbot-assets/ecb20cf1397f/kernel-7a245af8.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+db9972...@syzkaller.appspotmail.com
panic: kernel diagnostic assertion "pg->wire_count != 0" failed: file "/syzkaller/managers/main/kernel/sys/uvm/uvm_page.c", line 1250
Starting stack trace...
panic(ffffffff8337a776) at panic+0x1ba sys/kern/subr_prf.c:229
__assert(ffffffff833ba14d,ffffffff833a3203,4e2,ffffffff833104be) at __assert+0x29 sys/kern/subr_prf.c:-1
uvm_pageunwire(fffffd80070f3e80) at uvm_pageunwire+0x17d sys/uvm/uvm_page.c:1249
uvm_fault_unwire_locked(fffffd806c910468,200000000000,200000002000) at uvm_fault_unwire_locked+0x33a sys/uvm/uvm_fault.c:1790
uvm_map_pageable_wire(fffffd806c910468,fffffd806c99b698,fffffd806c9b1848,13a,3b9aca00,0) at uvm_map_pageable_wire+0x6ea sys/uvm/uvm_map.c:-1
kern_sysctl_dirs(5a,ffff80003ca2db58,1,200000000100,ffff80003ca2db88,0,2f62d0771295f78e,ffff80003ca2db58) at kern_sysctl_dirs+0x4b2 sysctl_vslock sys/kern/kern_sysctl.c:201 [inline]
kern_sysctl_dirs(5a,ffff80003ca2db58,1,200000000100,ffff80003ca2db88,0,2f62d0771295f78e,ffff80003ca2db58) at kern_sysctl_dirs+0x4b2 sys/kern/kern_sysctl.c:440
kern_sysctl(ffff80003ca2db54,2,200000000100,ffff80003ca2db88,0,37,e40266fa17cebbad) at kern_sysctl+0x139 sys/kern/kern_sysctl.c:733
sys_sysctl(ffff8000314f1a08,ffff80003ca2dcb0,ffff80003ca2dc00) at sys_sysctl+0x3e5 sys/kern/kern_sysctl.c:-1
syscall(ffff80003ca2dcb0) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline]
syscall(ffff80003ca2dcb0) at syscall+0x962 sys/arch/amd64/amd64/trap.c:775
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0xa35526e1340, count: 247
End of stack trace.
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
If the report is already addressed, let syzbot know by replying with:
#syz fix: exact-commit-title
If you want to overwrite report's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)
If the report is a duplicate of another one, reply with:
#syz dup: exact-subject-of-another-report
If you want to undo deduplication, reply with:
#syz undup
syzbot found the following issue on:
HEAD commit: 7a245af8e4c1 Assert that `wire_count' doesn't wrap around.
git tree: openbsd
console output: https://syzkaller.appspot.com/x/log.txt?x=15ae0f7c580000
kernel config: https://syzkaller.appspot.com/x/.config?x=1bc15e68cd2a49e5
dashboard link: https://syzkaller.appspot.com/bug?extid=db99726653fba0697bd8
Unfortunately, I don't have any reproducer for this issue yet.
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/36b1758bd034/disk-7a245af8.raw.xz
bsd.gdb: https://storage.googleapis.com/syzbot-assets/a79d3487efec/bsd-7a245af8.gdb.xz
kernel image: https://storage.googleapis.com/syzbot-assets/ecb20cf1397f/kernel-7a245af8.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+db9972...@syzkaller.appspotmail.com
panic: kernel diagnostic assertion "pg->wire_count != 0" failed: file "/syzkaller/managers/main/kernel/sys/uvm/uvm_page.c", line 1250
Starting stack trace...
panic(ffffffff8337a776) at panic+0x1ba sys/kern/subr_prf.c:229
__assert(ffffffff833ba14d,ffffffff833a3203,4e2,ffffffff833104be) at __assert+0x29 sys/kern/subr_prf.c:-1
uvm_pageunwire(fffffd80070f3e80) at uvm_pageunwire+0x17d sys/uvm/uvm_page.c:1249
uvm_fault_unwire_locked(fffffd806c910468,200000000000,200000002000) at uvm_fault_unwire_locked+0x33a sys/uvm/uvm_fault.c:1790
uvm_map_pageable_wire(fffffd806c910468,fffffd806c99b698,fffffd806c9b1848,13a,3b9aca00,0) at uvm_map_pageable_wire+0x6ea sys/uvm/uvm_map.c:-1
kern_sysctl_dirs(5a,ffff80003ca2db58,1,200000000100,ffff80003ca2db88,0,2f62d0771295f78e,ffff80003ca2db58) at kern_sysctl_dirs+0x4b2 sysctl_vslock sys/kern/kern_sysctl.c:201 [inline]
kern_sysctl_dirs(5a,ffff80003ca2db58,1,200000000100,ffff80003ca2db88,0,2f62d0771295f78e,ffff80003ca2db58) at kern_sysctl_dirs+0x4b2 sys/kern/kern_sysctl.c:440
kern_sysctl(ffff80003ca2db54,2,200000000100,ffff80003ca2db88,0,37,e40266fa17cebbad) at kern_sysctl+0x139 sys/kern/kern_sysctl.c:733
sys_sysctl(ffff8000314f1a08,ffff80003ca2dcb0,ffff80003ca2dc00) at sys_sysctl+0x3e5 sys/kern/kern_sysctl.c:-1
syscall(ffff80003ca2dcb0) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline]
syscall(ffff80003ca2dcb0) at syscall+0x962 sys/arch/amd64/amd64/trap.c:775
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0xa35526e1340, count: 247
End of stack trace.
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
If the report is already addressed, let syzbot know by replying with:
#syz fix: exact-commit-title
If you want to overwrite report's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)
If the report is a duplicate of another one, reply with:
#syz dup: exact-subject-of-another-report
If you want to undo deduplication, reply with:
#syz undup
Reply all
Reply to author
Forward
0 new messages