NetBSD-Bugs archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

kern/54223: -current 190522 panic: kernel diagnostic assertion "umap->refcount != 0" (/dev/kmem access)



>Number:         54223
>Category:       kern
>Synopsis:       kernel diagnostic assertion "umap->refcount != 0" failed: file "/src/NetBSD/cur/src/sys/uvm/uvm_bio.c", line 330 (/dev/kmem access)
>Confidential:   no
>Severity:       serious
>Priority:       high
>Responsible:    kern-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Wed May 22 20:15:00 +0000 2019
>Originator:     Frank Kardel
>Release:        NetBSD 8.99.41
>Organization:
	
>Environment:
	
	
System: NetBSD pip.kardel.name 8.99.41 NetBSD 8.99.41 (PIPGEN) #17: Wed May 22 12:06:24 CEST 2019 kardel%pip.kardel.name@localhost:/src/NetBSD/cur/src/obj.amd64/sys/arch/amd64/compile/PIPGEN amd64
Architecture: x86_64
Machine: amd64
>Description:
	While trying to gather more information on the lockups I run
	a /usr/sbin/crash based stack dumper once a second.
	This seems to trigger a panic in the /dev/(k)mem driver.
(gdb) print panicstr
$1 = 0xffffffff819a9360 <scratchstr> "kernel diagnostic assertion \"umap->refcount != 0\" failed: file \"/src/NetBSD/cur/src/sys/uvm/uvm_bio.c\", line 330 "
(gdb) bt
#0  0xffffffff80222bd5 in cpu_reboot (howto=howto@entry=260, bootstr=bootstr@entry=0x0) at /src/NetBSD/cur/src/sys/arch/amd64/amd64/machdep.c:728
#1  0xffffffff80a22476 in vpanic (fmt=0xffffffff8135a3c0 "kernel %sassertion \"%s\" failed: file \"%s\", line %d ", ap=ap@entry=0xffffa00499cfb788)
    at /src/NetBSD/cur/src/sys/kern/subr_prf.c:336
#2  0xffffffff80e6121b in kern_assert (fmt=fmt@entry=0xffffffff8135a3c0 "kernel %sassertion \"%s\" failed: file \"%s\", line %d ")
    at /src/NetBSD/cur/src/sys/lib/libkern/kern_assert.c:51
#3  0xffffffff80985b51 in ubc_fault (ufi=0xffffa00499cfb928, ign1=<optimized out>, ign2=<optimized out>, ign3=<optimized out>, ign4=<optimized out>,
    access_type=<optimized out>, flags=2) at /src/NetBSD/cur/src/sys/uvm/uvm_bio.c:330
#4  0xffffffff809881af in uvm_fault_internal (orig_map=orig_map@entry=0xffffffff8192bd20 <kernel_map_store>, vaddr=vaddr@entry=18446638540273086464,
    access_type=access_type@entry=1, fault_flag=fault_flag@entry=0) at /src/NetBSD/cur/src/sys/uvm/uvm_fault.c:890
#5  0xffffffff8022455e in trap (frame=0xffffa00499cfbb90) at /src/NetBSD/cur/src/sys/arch/amd64/amd64/trap.c:551
#6  0xffffffff8021d5f3 in alltraps ()
#7  0xffffffff8021cde3 in copyout ()
#8  0xffffffff80a0b14e in copyout_vmspace (vm=<optimized out>, kaddr=<optimized out>, uaddr=<optimized out>, len=<optimized out>)
    at /src/NetBSD/cur/src/sys/kern/subr_copy.c:253
#9  0xffffffff80a0b234 in uiomove (buf=buf@entry=0xffffa0049501f008, n=n@entry=8, uio=uio@entry=0xffffa00499cfbee0) at /src/NetBSD/cur/src/sys/kern/subr_copy.c:132
#10 0xffffffff80ab1d3f in dev_kmem_readwrite (iov=<optimized out>, uio=0xffffa00499cfbee0) at /src/NetBSD/cur/src/sys/dev/mm.c:285
#11 mm_readwrite (dev=<optimized out>, uio=0xffffa00499cfbee0, flags=<optimized out>) at /src/NetBSD/cur/src/sys/dev/mm.c:350
#12 0xffffffff80aa08d4 in spec_read (v=0xffffa00499cfbe38) at /src/NetBSD/cur/src/sys/miscfs/specfs/spec_vnops.c:700
#13 0xffffffff80a93fbe in VOP_READ (vp=vp@entry=0xffff9f2a9ba0b040, uio=uio@entry=0xffffa00499cfbee0, ioflag=ioflag@entry=0, cred=cred@entry=0xffff9f2a11fb0580)
    at /src/NetBSD/cur/src/sys/kern/vnode_if.c:468
#14 0xffffffff80a8aeb4 in vn_read (fp=<optimized out>, offset=0xffffa00499cfbf58, uio=0xffffa00499cfbee0, cred=0xffff9f2a11fb0580, flags=0)
    at /src/NetBSD/cur/src/sys/kern/vfs_vnops.c:566
#15 0xffffffff80a307bf in dofileread (fd=fd@entry=5, fp=fp@entry=0xffff9f2a22ba9080, buf=0x7f7fffe38468, nbyte=8, offset=offset@entry=0xffffa00499cfbf58,
    flags=flags@entry=0, retval=retval@entry=0xffffa00499cfbfb0) at /src/NetBSD/cur/src/sys/kern/sys_generic.c:156
#16 0xffffffff80a81c7b in sys_pread (l=<optimized out>, uap=0xffffa00499cfc000, retval=0xffffa00499cfbfb0) at /src/NetBSD/cur/src/sys/kern/vfs_syscalls.c:2848
#17 0xffffffff80251341 in sy_call (rval=0xffffa00499cfbfb0, uap=0xffffa00499cfc000, l=0xffff9f29f74f3640, sy=0xffffffff81858c98 <sysent+4152>)
    at /src/NetBSD/cur/src/sys/sys/syscallvar.h:65
#18 sy_invoke (code=173, rval=0xffffa00499cfbfb0, uap=0xffffa00499cfc000, l=0xffff9f29f74f3640, sy=0xffffffff81858c98 <sysent+4152>)
    at /src/NetBSD/cur/src/sys/sys/syscallvar.h:94
#19 syscall (frame=0xffffa00499cfc000) at /src/NetBSD/cur/src/sys/arch/x86/x86/syscall.c:138
#20 0xffffffff802096dd in handle_syscall ()
#21 0x0000000000000005 in ?? ()
#22 0x00007f7fffe38468 in ?? ()
#23 0x0000000000000008 in ?? ()
#24 0x0000000000000000 in ?? ()

>How-To-Repeat:
	run a full stack dumper using crash once a second while doing a build -u -U -N 1 -j 16 on a
	8 CPU/ 16 threads AMD 64GByte system.
>Fix:
	?

>Unformatted:
 	
 	


Home | Main Index | Thread Index | Old Index