NetBSD-Bugs archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
kern/60170: panic: LOCKDEBUG: Mutex error: rw_vector_enter,NUM: spin lock held
>Number: 60170
>Category: kern
>Synopsis: panic: LOCKDEBUG: Mutex error: rw_vector_enter,NUM: spin lock held
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: kern-bug-people
>State: open
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Thu Apr 02 08:35:00 +0000 2026
>Originator: Jiaming Zhang
>Release: image: NetBSD-10.1; kernel: trunk branch, commit fcca2226d50a3222f4010b6ef59cb5a1f9aa319b
>Organization:
>Environment:
NetBSD 11.99.5 NetBSD 11.99.5 (CLOUD) #0: Wed Apr 1 18:34:06 CST 2026 root@ustb520lab-MS-7E07:/vol/workdir/cloud-netbsd-dev/netbsd/20260401-fcca2226/src/sys/arch/amd64/compile/obj/CLOUD amd64
>Description:
When fuzzing NetBSD kernel with syzkaller and our generated syscall descriptions, we encountered an issue: panic: LOCKDEBUG: Mutex error: rw_vector_enter,NUM: spin lock held. This issues is reproducible in a recent version of NetBSD kernel (commit fcca2226d50a3222f4010b6ef59cb5a1f9aa319b).
The kernel console output, kernel config, and reproducers are available at: https://drive.google.com/drive/folders/1vvmCaqXjUHF68Khh6k_inZGm4ltvFEln?usp=sharing
The symbolized issue report is also shown below to help with analysis:
```
TITLE: panic: LOCKDEBUG: Mutex error: rw_vector_enter,NUM: spin lock held
CORRUPTED: false ()
SUPPRESSED: false
MAINTAINERS (TO): []
MAINTAINERS (CC): []
[ 21.7507141] panic: LOCKDEBUG: Mutex error: rw_vector_enter,304: spin lock held
[ 21.7507141] cpu0: Begin traceback...
[ 21.7507141] asan.module_ctor() at ffffffff81ebbd0e
[ 21.7507141] asan.module_ctor() at ffffffff81ebb905
[ 21.7507141] asan.module_ctor() at ffffffff81ea5c53
[ 21.7507141] asan.module_ctor() at ffffffff81ea7336
[ 21.7507141] rw_abort() at netbsd:rw_abort+0x1c3 vol/workdir/cloud-netbsd-dev/netbsd/20260401-fcca2226/src/sys/kern/kern_rwlock.c:-1
[ 21.7507141] asan.module_dtor() at ffffffff81d2e0c6
[ 21.7507141] trap_print() at netbsd:trap_print+0x1116 vol/workdir/cloud-netbsd-dev/netbsd/20260401-fcca2226/src/sys/arch/amd64/amd64/trap.c:523
[ 21.7507141] ?() at ffffffff80231abe
[ 21.7507141] asan.module_ctor() at ffffffff81ffe18b
[ 21.7507141] asan.module_ctor() at ffffffff81fe0471
[ 21.7507141] asan.module_ctor() at ffffffff81fcbe4b
[ 21.7507141] fd_unused() at netbsd:fd_unused+0x7c3 vol/workdir/cloud-netbsd-dev/netbsd/20260401-fcca2226/src/sys/kern/kern_descrip.c:865
[ 21.7507141] fd_checkmaps() at netbsd:fd_checkmaps+0x330a vol/workdir/cloud-netbsd-dev/netbsd/20260401-fcca2226/src/sys/kern/kern_descrip.c:-1
[ 21.7507141] asan.module_dtor() at ffffffff81dcace5
[ 21.7507141] asan.module_dtor() at ffffffff81dca9ce
[ 21.7507141] syscall() at netbsd:syscall+0x26d sy_call vol/workdir/cloud-netbsd-dev/netbsd/20260401-fcca2226/src/sys/sys/syscallvar.h:65 [inline]
[ 21.7507141] syscall() at netbsd:syscall+0x26d sy_invoke vol/workdir/cloud-netbsd-dev/netbsd/20260401-fcca2226/src/sys/sys/syscallvar.h:94 [inline]
[ 21.7507141] syscall() at netbsd:syscall+0x26d vol/workdir/cloud-netbsd-dev/netbsd/20260401-fcca2226/src/sys/arch/x86/x86/syscall.c:137
[ 21.7507141] --- syscall (number 1) ---
[ 21.7507141] netbsd:syscall+0x26d:
[ 21.7507141] cpu0: End traceback...
[ 21.7507141] WARNING: lwp 1354 (repro.out) flags 0x20020020: timecounter went backwards from (22 + 0xbdafd09a8863d330/2^64) sec to (21 + 0xc03ecb1ec86938f0/2^64) sec in netbsd:sched_lendpri+0x12fc
```
>How-To-Repeat:
The issues can be reproduced by running the C or syz reproducer on the kernel under a specified config.
>Fix:
Home |
Main Index |
Thread Index |
Old Index