NetBSD Problem Report #56614
From Manuel.Bouyer@lip6.fr Tue Jan 11 08:15:57 2022
Return-Path: <Manuel.Bouyer@lip6.fr>
Received: from mail.netbsd.org (mail.netbsd.org [199.233.217.200])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))
(Client CN "mail.NetBSD.org", Issuer "mail.NetBSD.org CA" (not verified))
by mollari.NetBSD.org (Postfix) with ESMTPS id DA8CB1A9239
for <gnats-bugs@gnats.NetBSD.org>; Tue, 11 Jan 2022 08:15:57 +0000 (UTC)
Message-Id: <20220111081542.3B9586E66@armandeche.soc.lip6.fr>
Date: Tue, 11 Jan 2022 09:15:42 +0100 (MET)
From: Manuel.Bouyer@lip6.fr
Reply-To: Manuel.Bouyer@lip6.fr
To: gnats-bugs@NetBSD.org
Subject: kernel panic on tmux
X-Send-Pr-Version: 3.95
>Number: 56614
>Category: kern
>Synopsis: kernel panic on tmux
>Confidential: no
>Severity: critical
>Priority: high
>Responsible: kern-bug-people
>State: closed
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Tue Jan 11 08:20:00 +0000 2022
>Closed-Date: Tue Jan 11 17:05:51 +0000 2022
>Last-Modified: Tue Jan 11 17:05:51 +0000 2022
>Originator: Manuel Bouyer
>Release: NetBSD 9.99.93
>Organization:
>Environment:
System: NetBSD comore 9.99.93 NetBSD 9.99.93 (XEN3_DOMU) #11: Tue Jan 11 09:02:24 CET 2022 bouyer@bip:/dsk/l1/misc/bouyer/tmp/amd64/obj/dsk/l1/misc/bouyer/HEAD/clean/src/sys/arch/amd64/compile/XEN3_DOMU amd64
Architecture: x86_64
Machine: amd64
>Description:
With a -HEAD kernel, running a netbsd-9 userland, I get a panic
when starting tmux:
[ 140.3443697] uvm_fault(0xffffb900020b28b8, 0x0, 1) -> e
[ 140.3443697] fatal page fault in supervisor mode
[ 140.3443697] trap type 6 code 0 rip 0xffffffff80238b80 cs 0xe030 rflags 0x10202 cr2 0x310 ilevel 0 rsp 0xffffb9003c0d4a48
[ 140.3443697] curlwp 0xffffb90001a800c0 pid 1098.1098 lowest kstack 0xffffb9003c0d02c0
kernel: page fault trap, code=0
Stopped in pid 1098.1098 (tmux) at netbsd:rw_enter+0x40: movq 0(%rdi),
%rax
rw_enter() at netbsd:rw_enter+0x40
VOP_READDIR() at netbsd:VOP_READDIR+0x46
vn_readdir() at netbsd:vn_readdir+0xe8
sys___getdents30() at netbsd:sys___getdents30+0x72
syscall() at netbsd:syscall+0x9c
--- syscall (number 390) ---
A forced fsck doesn't find any filesystem issue.
This didn't happen with a kernel from a few days ago (thurday or
friday last week).
>How-To-Repeat:
boot a -HEAD kernel on a -9 userland, start a new tmux session
>Fix:
>Release-Note:
>Audit-Trail:
From: Manuel Bouyer <bouyer@antioche.eu.org>
To: gnats-bugs@netbsd.org
Cc: kern-bug-people@netbsd.org, gnats-admin@netbsd.org, netbsd-bugs@netbsd.org
Subject: Re: kern/56614: kernel panic on tmux
Date: Tue, 11 Jan 2022 09:34:19 +0100
On Tue, Jan 11, 2022 at 08:20:01AM +0000, Manuel.Bouyer@lip6.fr wrote:
> >Number: 56614
> >Category: kern
> >Synopsis: kernel panic on tmux
> >Confidential: no
> >Severity: critical
> >Priority: high
> >Responsible: kern-bug-people
> >State: open
> >Class: sw-bug
> >Submitter-Id: net
> >Arrival-Date: Tue Jan 11 08:20:00 +0000 2022
> >Originator: Manuel Bouyer
> >Release: NetBSD 9.99.93
> >Organization:
> >Environment:
> System: NetBSD comore 9.99.93 NetBSD 9.99.93 (XEN3_DOMU) #11: Tue Jan 11 09:02:24 CET 2022 bouyer@bip:/dsk/l1/misc/bouyer/tmp/amd64/obj/dsk/l1/misc/bouyer/HEAD/clean/src/sys/arch/amd64/compile/XEN3_DOMU amd64
> Architecture: x86_64
> Machine: amd64
> >Description:
> With a -HEAD kernel, running a netbsd-9 userland, I get a panic
> when starting tmux:
> [ 140.3443697] uvm_fault(0xffffb900020b28b8, 0x0, 1) -> e
> [ 140.3443697] fatal page fault in supervisor mode
> [ 140.3443697] trap type 6 code 0 rip 0xffffffff80238b80 cs 0xe030 rflags 0x10202 cr2 0x310 ilevel 0 rsp 0xffffb9003c0d4a48
> [ 140.3443697] curlwp 0xffffb90001a800c0 pid 1098.1098 lowest kstack 0xffffb9003c0d02c0
> kernel: page fault trap, code=0
> Stopped in pid 1098.1098 (tmux) at netbsd:rw_enter+0x40: movq 0(%rdi),
> %rax
> rw_enter() at netbsd:rw_enter+0x40
> VOP_READDIR() at netbsd:VOP_READDIR+0x46
> vn_readdir() at netbsd:vn_readdir+0xe8
> sys___getdents30() at netbsd:sys___getdents30+0x72
> syscall() at netbsd:syscall+0x9c
> --- syscall (number 390) ---
reverting procfs_vnops.c to 1.220 fixes it
--
Manuel Bouyer <bouyer@antioche.eu.org>
NetBSD: 26 ans d'experience feront toujours la difference
--
From: "J. Hannken-Illjes" <hannken@mailbox.org>
To: NetBSD GNATS <gnats-bugs@netbsd.org>
Cc:
Subject: Re: kern/56614: kernel panic on tmux
Date: Tue, 11 Jan 2022 11:37:40 +0100
--Apple-Mail=_7924C4EC-2776-494A-ACA5-5E6AAB06C160
Content-Transfer-Encoding: 7bit
Content-Type: text/plain;
charset=us-ascii
Seems to be line 1571 of procfs_vnops.c:
procfs_proc_unlock(p);
and "p" points to garbage.
Should revert procfs_vnops.c to rev. 1.120
--
J. Hannken-Illjes - hannken@mailbox.org
--Apple-Mail=_7924C4EC-2776-494A-ACA5-5E6AAB06C160
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment;
filename=signature.asc
Content-Type: application/pgp-signature;
name=signature.asc
Content-Description: Message signed with OpenPGP
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEyLVMkhxs8fxixv+2IOocBq6p/bMFAmHdXfQACgkQIOocBq6p
/bN/nBAApOp7GuMZmf4EQS7UkIQmynXi2TlooxvsBsXh8qolpyBNXPDzjdMJd5Xn
/AaaQuoSsGD32QWZ/yP/oLF1lOaFzUNf4tZiC8BUdcD+x/9aPKH+53xypukR3qfK
/oFRVVYPNVFLQXMCFlvTFV1nmkm3QUnQf36i1UqGgzQdOtt1UDqgSa2IhevIDq1x
S65k1mnWeln911z55THeXfa/FPd2l1JoW/LMlt5l0QjvZ9Aosm7qFv1XZ+gOztJb
U0+I0yh6Yx9PpmFsVTUEM957IF8Il0CQJNm7sZGTFFf7AeBXtT5X7h9XBMqlCxkt
wwOjcsHDZXia8HCtjnWgtvgbjj7orv2MNsOqljsILvhceCwzAKiQ9eKWz+EU23rA
HFrpcCXFhsPwHsb5XYl5aO3+EKBd8i3LNU5rptxX3g9txFyu+405KNWLc2JBkIP7
eK+MPzoa7/ZlkQM/H37Z6fhvnpKf4TO0WJY2j9Cw6GFUp9g8Y0nM8AdLmyjt69FN
1Qcr/i+IYbfwl2234uVA88O9tMLBfSXDobJlIDO17JMv6R80KetqHJbEJ/0Sfpr9
+gKtbaWw7Zqqa8bE0ScjdXRyDwT72FxqiS4/T7mvIQEhp5CJlzhm+xyiRmttjIPB
OzJei/UElrCOnkiiKrJS/s8VyLCOoy16vBIjUBKfi2Oav5m/Z+w=
=FDCu
-----END PGP SIGNATURE-----
--Apple-Mail=_7924C4EC-2776-494A-ACA5-5E6AAB06C160--
From: "Juergen Hannken-Illjes" <hannken@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc:
Subject: PR/56614 CVS commit: src/sys/miscfs/procfs
Date: Tue, 11 Jan 2022 11:10:46 +0000
Module Name: src
Committed By: hannken
Date: Tue Jan 11 11:10:46 UTC 2022
Modified Files:
src/sys/miscfs/procfs: procfs_vnops.c
Log Message:
Use a single "p" variable.
Should fix PR kern/56614: kernel panic on tmux
To generate a diff of this commit:
cvs rdiff -u -r1.222 -r1.223 src/sys/miscfs/procfs/procfs_vnops.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
State-Changed-From-To: open->closed
State-Changed-By: bouyer@NetBSD.org
State-Changed-When: Tue, 11 Jan 2022 17:05:51 +0000
State-Changed-Why:
Fixed, thanks !
>Unformatted:
(Contact us)
$NetBSD: query-full-pr,v 1.46 2020/01/03 16:35:01 leot Exp $
$NetBSD: gnats_config.sh,v 1.9 2014/08/02 14:16:04 spz Exp $
Copyright © 1994-2020
The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.