NetBSD Problem Report #55597
From martin@duskware.de Sat Aug 22 09:09:49 2020
Return-Path: <martin@duskware.de>
Received: from mail.netbsd.org (mail.netbsd.org [199.233.217.200])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
(Client CN "mail.NetBSD.org", Issuer "mail.NetBSD.org CA" (not verified))
by mollari.NetBSD.org (Postfix) with ESMTPS id BEF8D1A9249
for <gnats-bugs@gnats.NetBSD.org>; Sat, 22 Aug 2020 09:09:48 +0000 (UTC)
From: martin@NetBSD.org
Reply-To: martin@NetBSD.org
To: gnats-bugs@NetBSD.org
Subject: amap KASSERTs/panics
X-Send-Pr-Version: 3.95
>Number: 55597
>Category: kern
>Synopsis: amap KASSERTs/panics
>Confidential: no
>Severity: critical
>Priority: high
>Responsible: kern-bug-people
>State: open
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Sat Aug 22 09:10:00 +0000 2020
>Last-Modified: Tue Oct 20 09:35:01 +0000 2020
>Originator: Martin Husemann
>Release: NetBSD 9.99.71
>Organization:
The NetBSD Foundation, Inc.
>Environment:
System: NetBSD space-truckin.duskware.de 9.99.71 NetBSD 9.99.71 (GENERIC) #102: Fri Aug 21 19:02:48 CEST 2020 martin@seven-days-to-the-wolves.aprisoft.de:/work/src/sys/arch/evbarm/compile/GENERIC evbarm
Architecture: earmv7hfeb
Machine: evbarm
>Description:
During several ATF runs I got a sequence of amap related panics, with
various levels of diagnostic available:
t_audio (1/2): 159 test cases
[...]
[ 41059.7554972] uvm_fault(0x80b6e908, 0, 1) -> e
[ 41059.7655086] Fatal kernel mode data abort: 'Translation Fault (S)'
[ 41059.7655086] trapframe: 0xc7f5bc50
[ 41059.7755008] FSR=00000005, FAR=00000000, spsr=800c0213
[ 41059.7755008] r0 =00000000, r1 =9331c040, r2 =9331c168, r3 =94646300
[ 41059.7855041] r4 =9beee890, r5 =00000000, r6 =0000000b, r7 =00000128
[ 41059.7955016] r8 =00000024, r9 =00000000, r10=00000000, r11=c7f5bcec
[ 41059.7955016] r12=80093f24, ssp=c7f5bca0, slr=80003270, pc =80409a80
Stopped in pid 10273.10273 (audiotest) at netbsd:amap_wiperange+0x174:
This is:
0x80409a80 is in amap_wiperange (../../../../uvm/uvm_amap.c:1308).
1303 continue;
1304 }
1305 stop--; /* drop stop, since anon will be removed */
1306 }
1307 anon = amap->am_anon[curslot];
1308 KASSERT(anon->an_lock == amap->am_lock);
Could anon be NULL?
Another one in the ptrace tests (have seen this backtrace in a previous run
too but had no proper logging enabled, so not sure it happend at the same
place):
traceme_lwpinfo2: [0.187480s] Passed.
traceme_lwpinfo2_lwpstatus: [0.159634s] Passed.
traceme_lwpinfo2_lwpstatus_pl_name: [0.218605s] Passed.
traceme_lwpinfo2_lwpstatus_pl_private: [0.198824s] Passed.
traceme_lwpinfo2_lwpstatus_pl_sigmask: [0.197590s] Passed.
traceme_lwpinfo3: [0.217410s] Passed.
traceme_lwpinfo3_lwpstatus:
[ 2596.6324836] panic: kernel diagnostic assertion "anon != NULL && anon->an_ref != 0" failed: file "../../../../uvm/uvm_amap.c", line 777
[ 2596.6511788] cpu0: Begin traceback...
[ 2596.6511788] 0xc88a5d3c: netbsd:db_panic+0x14
[ 2596.6618087] 0xc88a5d54: netbsd:vpanic+0xe4
[ 2596.6618087] 0xc88a5d6c: netbsd:__aeabi_uldivmod
[ 2596.6714532] 0xc88a5dbc: netbsd:amap_wipeout+0xb4
[ 2596.6714532] 0xc88a5dfc: netbsd:uvm_unmap_detach+0x80
[ 2596.6817913] 0xc88a5e24: netbsd:uvmspace_free+0xf0
[ 2596.6929471] 0xc88a5ecc: netbsd:exit1+0x1a0
[ 2596.6929471] 0xc88a5eec: netbsd:sys_exit+0x3c
[ 2596.7029680] 0xc88a5fac: netbsd:syscall+0x188
[ 2596.7029680] cpu0: End traceback...
and this is:
(gdb) list *(amap_wipeout+0xb4)
0x804092f0 is in amap_wipeout (../../../../uvm/uvm_amap.c:779).
774
775 slot = amap->am_slots[lcv];
776 anon = amap->am_anon[slot];
777 KASSERT(anon != NULL && anon->an_ref != 0);
778
779 KASSERT(anon->an_lock == amap->am_lock);
780 UVMHIST_LOG(maphist," processing anon %#jx, ref=%jd",
781 (uintptr_t)anon, anon->an_ref, 0, 0);
>How-To-Repeat:
as root: cd /usr/tests && atf-run
>Fix:
n/a
>Audit-Trail:
From: "J. Hannken-Illjes" <hannken@eis.cs.tu-bs.de>
To: gnats-bugs@netbsd.org
Cc:
Subject: Re: kern/55597: amap KASSERTs/panics
Date: Sat, 22 Aug 2020 13:11:13 +0200
--Apple-Mail=_17033AA9-F27D-4C4E-A075-C91DA0344996
Content-Transfer-Encoding: 7bit
Content-Type: text/plain;
charset=us-ascii
PRs 54421 55366 may be related ...
--
J. Hannken-Illjes - hannken@eis.cs.tu-bs.de - TU Braunschweig
--Apple-Mail=_17033AA9-F27D-4C4E-A075-C91DA0344996
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment;
filename=signature.asc
Content-Type: application/pgp-signature;
name=signature.asc
Content-Description: Message signed with OpenPGP
-----BEGIN PGP SIGNATURE-----
iQEzBAEBCAAdFiEE2BL3ha7Xao4WUZVYKoaVJdNr+uEFAl9A/VEACgkQKoaVJdNr
+uHc/Af9GNfHeyBrqtB4QA9cjgkITWuv0i3XVjvcRuctN845tl47o6t+ApObo2r9
dJ4z/ApMn8QVXDdHi7VCoV/deP4U4+lxIotOyV5KCRIFDx1/GDPl6N44dyqgo6s1
tmBY31hpyPbgaZW+4j4JUKANjZL5xSze5J4cHKsKgfGjrjRzi6HSD7es8Ix9Wtmj
JQgesJVBb9WPp+2sSXuM/NY6vUSDlegPRUcZ+cO5K8vJXYvx+aNet8KqnH2vQFVC
GWSumDrUNJMwCIi0OEpopB/1cmkecPR4raCO/5DGv3WflRS80gmPuG11r4p+mJpY
uqEZoNMwIsEq1qZhhyHzxwHEUkbBvQ==
=x//M
-----END PGP SIGNATURE-----
--Apple-Mail=_17033AA9-F27D-4C4E-A075-C91DA0344996--
From: "J. Hannken-Illjes" <hannken@eis.cs.tu-bs.de>
To: gnats-bugs@netbsd.org
Cc:
Subject: Re: kern/55597: amap KASSERTs/panics
Date: Tue, 20 Oct 2020 11:30:34 +0200
--Apple-Mail=_BE186E37-F7DD-43F3-8C85-C0CCEB51658D
Content-Transfer-Encoding: 7bit
Content-Type: text/plain;
charset=us-ascii
This should be fixed with
sys/uvm/uvm_amap.c: revision 1.125
sys/uvm/uvm_io.c: revision 1.29
from PR #55366. Please confirm.
--
J. Hannken-Illjes - hannken@eis.cs.tu-bs.de - TU Braunschweig (Germany)
--Apple-Mail=_BE186E37-F7DD-43F3-8C85-C0CCEB51658D
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment;
filename=signature.asc
Content-Type: application/pgp-signature;
name=signature.asc
Content-Description: Message signed with OpenPGP
-----BEGIN PGP SIGNATURE-----
iQEzBAEBCAAdFiEE2BL3ha7Xao4WUZVYKoaVJdNr+uEFAl+OrjoACgkQKoaVJdNr
+uHb4QgAnkTn3UZF4vEgpJaOmKxXW9vDfTxKViqH69/0KYb6VpL3Rg1iVMrVPEOZ
LCGlYDNOc8GVgxJBwtQh4Mzx2A38K91t+qbdlfum13IiXNz9pFKxuahHmu0gBYvg
XCff/wPkHN7zJB3JKjLGux3WfdkbEoLOd0pKwr5bFVfU8Cs/SnNTFo/wyxLAngWq
9pKjAMB5Y/7MDEL2H+0gQLF7GXYFc1L4j+mnijQkq3hjYs0A7HE5fSlC5yUVjNtg
tuaq1bOiiNJ043Axz6GwN59ht7kSjQk33d2ye7lHcQbK5gLSCOpwcQRfVowQyjrz
3Vi32nmRhDWLlXwzApwBB7jJAiDhOg==
=fTRm
-----END PGP SIGNATURE-----
--Apple-Mail=_BE186E37-F7DD-43F3-8C85-C0CCEB51658D--
(Contact us)
$NetBSD: query-full-pr,v 1.46 2020/01/03 16:35:01 leot Exp $
$NetBSD: gnats_config.sh,v 1.9 2014/08/02 14:16:04 spz Exp $
Copyright © 1994-2020
The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.