netbsd test error: panic: kernel debugging assertion "rw_lock_held(&map->lock)" failed: file "/syzkaller/managers/ci2-netbsd/kernel/sys/uvm
0 views
Skip to first unread message
syzbot
Aug 13, 2024, 8:33:29 PM8/13/24
to syzkaller-...@googlegroups.com
Hello,
syzbot found the following issue on:
HEAD commit: 036625911e3f Redo uvm_map.c 1.414 without the null pointer..
git tree: netbsd
console output: https://syzkaller.appspot.com/x/log.txt?x=175bd409980000
kernel config: https://syzkaller.appspot.com/x/.config?x=fab579639ba4bf0a
dashboard link: https://syzkaller.appspot.com/bug?extid=a8ec3d5f3186e31e6559
compiler: g++ (Debian 12.2.0-14) 12.2.0
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/e5a7ef11e0a4/disk-03662591.raw.xz
netbsd.gdb: https://storage.googleapis.com/syzbot-assets/278f634265e8/netbsd-03662591.gdb.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+a8ec3d...@syzkaller.appspotmail.com
[ 5.8308423] panic: kernel debugging assertion "rw_lock_held(&map->lock)" failed: file "/syzkaller/managers/ci2-netbsd/kernel/sys/uvm/uvm_map.c", line 1703
[ 5.8308423] cpu0: Begin traceback...
[ 5.8508431] vpanic() at netbsd:vpanic+0x27a sys/kern/subr_prf.c:288
[ 5.8808395] _sub_D_65535_0() at netbsd:_sub_D_65535_0+-0xc9f4
[ 5.9108362] uvm_map_lookup_entry() at netbsd:uvm_map_lookup_entry+0x1f4 sys/uvm/uvm_map.c:1703
[ 5.9508390] uvm_unmap_remove() at netbsd:uvm_unmap_remove+0xc3 sys/uvm/uvm_map.c:2333
[ 5.9808372] uvmspace_free() at netbsd:uvmspace_free+0x201 sys/uvm/uvm_map.c:4425
[ 6.0108400] uvm_proc_exit() at netbsd:uvm_proc_exit+0xbb sys/uvm/uvm_glue.c:444
[ 6.0408408] exit1() at netbsd:exit1+0x3fc sys/kern/kern_exit.c:349
[ 6.0808419] sys_exit() at netbsd:sys_exit+0x94 sys/kern/kern_exit.c:181
[ 6.1108408] syscall() at netbsd:syscall+0x35c sy_call sys/sys/syscallvar.h:65 [inline]
[ 6.1108408] syscall() at netbsd:syscall+0x35c sy_invoke sys/sys/syscallvar.h:94 [inline]
[ 6.1108408] syscall() at netbsd:syscall+0x35c sys/arch/x86/x86/syscall.c:137
[ 6.1208455] --- syscall (number 1) ---
[ 6.1308420] netbsd:syscall+0x35c:
[ 6.1308420] cpu0: End traceback...
[ 6.1308420] fatal breakpoint trap in supervisor mode
[ 6.1308420] trap type 1 code 0 rip 0xffffffff80232415 cs 0x8 rflags 0x286 cr2 0xffffde8248289000 ilevel 0 rsp 0xffffde824829d960
[ 6.1308420] curlwp 0xffffde8012a20b80 pid 200.200 lowest kstack 0xffffde82482962c0
Stopped in pid 200.200 (sysctl) at netbsd:breakpoint+0x5: leave
breakpoint() at netbsd:breakpoint+0x5
db_panic() at netbsd:db_panic+0x105 sys/ddb/db_panic.c:71
vpanic() at netbsd:vpanic+0x27a sys/kern/subr_prf.c:288
_sub_D_65535_0() at netbsd:_sub_D_65535_0+-0xc9f4
uvm_map_lookup_entry() at netbsd:uvm_map_lookup_entry+0x1f4 sys/uvm/uvm_map.c:1703
uvm_unmap_remove() at netbsd:uvm_unmap_remove+0xc3 sys/uvm/uvm_map.c:2333
uvmspace_free() at netbsd:uvmspace_free+0x201 sys/uvm/uvm_map.c:4425
uvm_proc_exit() at netbsd:uvm_proc_exit+0xbb sys/uvm/uvm_glue.c:444
exit1() at netbsd:exit1+0x3fc sys/kern/kern_exit.c:349
sys_exit() at netbsd:sys_exit+0x94 sys/kern/kern_exit.c:181
syscall() at netbsd:syscall+0x35c sy_call sys/sys/syscallvar.h:65 [inline]
syscall() at netbsd:syscall+0x35c sy_invoke sys/sys/syscallvar.h:94 [inline]
syscall() at netbsd:syscall+0x35c sys/arch/x86/x86/syscall.c:137
--- syscall (number 1) ---
netbsd:syscall+0x35c:
ds 0
es 0
fs 8ab3
gs 4ec
rdi 5
rsi 0
rbp ffffde824829d960
rbx 1
rdx 0
--db_more--
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
If the report is already addressed, let syzbot know by replying with:
#syz fix: exact-commit-title
If you want to overwrite report's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)
If the report is a duplicate of another one, reply with:
#syz dup: exact-subject-of-another-report
If you want to undo deduplication, reply with:
#syz undup
syzbot found the following issue on:
HEAD commit: 036625911e3f Redo uvm_map.c 1.414 without the null pointer..
git tree: netbsd
console output: https://syzkaller.appspot.com/x/log.txt?x=175bd409980000
kernel config: https://syzkaller.appspot.com/x/.config?x=fab579639ba4bf0a
dashboard link: https://syzkaller.appspot.com/bug?extid=a8ec3d5f3186e31e6559
compiler: g++ (Debian 12.2.0-14) 12.2.0
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/e5a7ef11e0a4/disk-03662591.raw.xz
netbsd.gdb: https://storage.googleapis.com/syzbot-assets/278f634265e8/netbsd-03662591.gdb.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+a8ec3d...@syzkaller.appspotmail.com
[ 5.8308423] panic: kernel debugging assertion "rw_lock_held(&map->lock)" failed: file "/syzkaller/managers/ci2-netbsd/kernel/sys/uvm/uvm_map.c", line 1703
[ 5.8308423] cpu0: Begin traceback...
[ 5.8508431] vpanic() at netbsd:vpanic+0x27a sys/kern/subr_prf.c:288
[ 5.8808395] _sub_D_65535_0() at netbsd:_sub_D_65535_0+-0xc9f4
[ 5.9108362] uvm_map_lookup_entry() at netbsd:uvm_map_lookup_entry+0x1f4 sys/uvm/uvm_map.c:1703
[ 5.9508390] uvm_unmap_remove() at netbsd:uvm_unmap_remove+0xc3 sys/uvm/uvm_map.c:2333
[ 5.9808372] uvmspace_free() at netbsd:uvmspace_free+0x201 sys/uvm/uvm_map.c:4425
[ 6.0108400] uvm_proc_exit() at netbsd:uvm_proc_exit+0xbb sys/uvm/uvm_glue.c:444
[ 6.0408408] exit1() at netbsd:exit1+0x3fc sys/kern/kern_exit.c:349
[ 6.0808419] sys_exit() at netbsd:sys_exit+0x94 sys/kern/kern_exit.c:181
[ 6.1108408] syscall() at netbsd:syscall+0x35c sy_call sys/sys/syscallvar.h:65 [inline]
[ 6.1108408] syscall() at netbsd:syscall+0x35c sy_invoke sys/sys/syscallvar.h:94 [inline]
[ 6.1108408] syscall() at netbsd:syscall+0x35c sys/arch/x86/x86/syscall.c:137
[ 6.1208455] --- syscall (number 1) ---
[ 6.1308420] netbsd:syscall+0x35c:
[ 6.1308420] cpu0: End traceback...
[ 6.1308420] fatal breakpoint trap in supervisor mode
[ 6.1308420] trap type 1 code 0 rip 0xffffffff80232415 cs 0x8 rflags 0x286 cr2 0xffffde8248289000 ilevel 0 rsp 0xffffde824829d960
[ 6.1308420] curlwp 0xffffde8012a20b80 pid 200.200 lowest kstack 0xffffde82482962c0
Stopped in pid 200.200 (sysctl) at netbsd:breakpoint+0x5: leave
breakpoint() at netbsd:breakpoint+0x5
db_panic() at netbsd:db_panic+0x105 sys/ddb/db_panic.c:71
vpanic() at netbsd:vpanic+0x27a sys/kern/subr_prf.c:288
_sub_D_65535_0() at netbsd:_sub_D_65535_0+-0xc9f4
uvm_map_lookup_entry() at netbsd:uvm_map_lookup_entry+0x1f4 sys/uvm/uvm_map.c:1703
uvm_unmap_remove() at netbsd:uvm_unmap_remove+0xc3 sys/uvm/uvm_map.c:2333
uvmspace_free() at netbsd:uvmspace_free+0x201 sys/uvm/uvm_map.c:4425
uvm_proc_exit() at netbsd:uvm_proc_exit+0xbb sys/uvm/uvm_glue.c:444
exit1() at netbsd:exit1+0x3fc sys/kern/kern_exit.c:349
sys_exit() at netbsd:sys_exit+0x94 sys/kern/kern_exit.c:181
syscall() at netbsd:syscall+0x35c sy_call sys/sys/syscallvar.h:65 [inline]
syscall() at netbsd:syscall+0x35c sy_invoke sys/sys/syscallvar.h:94 [inline]
syscall() at netbsd:syscall+0x35c sys/arch/x86/x86/syscall.c:137
--- syscall (number 1) ---
netbsd:syscall+0x35c:
ds 0
es 0
fs 8ab3
gs 4ec
rdi 5
rsi 0
rbp ffffde824829d960
rbx 1
rdx 0
--db_more--
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
If the report is already addressed, let syzbot know by replying with:
#syz fix: exact-commit-title
If you want to overwrite report's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)
If the report is a duplicate of another one, reply with:
#syz dup: exact-subject-of-another-report
If you want to undo deduplication, reply with:
#syz undup
syzbot
Nov 12, 2024, 12:47:24 AM11/12/24
to syzkaller-...@googlegroups.com
Auto-closing this bug as obsolete.
Crashes did not happen for a while, no reproducer and no activity.
Crashes did not happen for a while, no reproducer and no activity.
Reply all
Reply to author
Forward
0 new messages