kernel diagnostic assertion "hispgrp->pg_jobc > 0"

To: NetBSD-current Users's Discussion List <current-users%netbsd.org@localhost>
Subject: kernel diagnostic assertion "hispgrp->pg_jobc > 0"
From: Kamil Rytarowski <n54%gmx.com@localhost>
Date: Mon, 4 May 2020 22:21:40 +0200

I'm hitting a kernel crash that is reproduced by syzkaller in several
reports, e.g.:

[  98.5966763] panic: kernel diagnostic assertion "hispgrp->pg_jobc > 0"
failed: file
"/syzkaller/managers/netbsd-kmsan/kernel/sys/kern/kern_proc.c", line 1529
[  98.6166813] cpu1: Begin traceback...
[  98.6266992] vpanic() at netbsd:vpanic+0x7c1 sys/kern/subr_prf.c:288
[  98.6667705] kern_assert() at netbsd:kern_assert+0x214
[  98.7068431] fixjobc() at netbsd:fixjobc+0x108e sys/kern/kern_proc.c:1523
[  98.7469082] exit1() at netbsd:exit1+0x1390 sys/kern/kern_exit.c:425
[  98.7769618] exit1() at netbsd:exit1
[  98.8170343] syscall() at netbsd:syscall+0x35d sy_call
sys/sys/syscallvar.h:65 [inline]
[  98.8170343] syscall() at netbsd:syscall+0x35d sy_invoke
sys/sys/syscallvar.h:94 [inline]
[  98.8170343] syscall() at netbsd:syscall+0x35d
sys/arch/x86/x86/syscall.c:138
[  98.8370672] --- syscall (number 1) ---
[  98.8470856] 712271199a6a:
[  98.8571000] cpu1: End traceback...
[  98.8571000] fatal breakpoint trap in supervisor mode
[  98.8571000] trap type 1 code 0 rip 0xffffffff802227ed cs 0x8 rflags
0x246 cr2 0x1b33b29000 ilevel 0 rsp 0xffffa500871839c0
[  98.8671175] curlwp 0xffffa50012ce0080 pid 1232.1232 lowest kstack
0xffffa5008717c2c0
Stopped in pid 1232.1232 (syz-executor.5) at    netbsd:breakpoint+0x5:
leave

https://syzkaller.appspot.com/bug?extid=06601733f8b21e0dae84

---

[ 193.1213202] panic: kernel diagnostic assertion "pgrp->pg_jobc > 0"
failed: file
"/syzkaller/managers/netbsd-kmsan/kernel/sys/kern/kern_proc.c", line 1510
[ 193.1356075] cpu0: Begin traceback...
[ 193.1413239] vpanic() at netbsd:vpanic+0x7c1 sys/kern/subr_prf.c:288
[ 193.1613555] kern_assert() at netbsd:kern_assert+0x214
[ 193.1813789] fixjobc() at netbsd:fixjobc+0x7c1 sys/kern/kern_proc.c:1495
[ 193.2013978] exit1() at netbsd:exit1+0x1390 sys/kern/kern_exit.c:425
[ 193.2114074] sigexit() at netbsd:sigexit+0xb8a sys/kern/kern_sig.c:2305
[ 193.2314312] postsig() at netbsd:postsig+0xb0a sys/kern/kern_sig.c:2138
[ 193.2514550] lwp_userret() at netbsd:lwp_userret+0x254
sys/kern/kern_lwp.c:1607
[ 193.2714789] userret() at netbsd:userret+0xd00 KPREEMPT_DISABLE
sys/sys/lwp.h:536 [inline]
[ 193.2714789] userret() at netbsd:userret+0xd00 mi_userret
sys/sys/userret.h:97 [inline]
[ 193.2714789] userret() at netbsd:userret+0xd00
sys/arch/amd64/compile/obj/GENERIC_SYZKALLER/./machine/userret.h:81
[ 193.3015153] syscall() at netbsd:syscall+0x4ed
sys/arch/x86/x86/syscall.c:167
[ 193.3116138] --- syscall (number 4) ---
[ 193.3215367] 715c584ade7a:
[ 193.3215367] cpu0: End traceback...
[ 193.3215367] fatal breakpoint trap in supervisor mode
[ 193.3322920] trap type 1 code 0 rip 0xffffffff802227ed cs 0x8 rflags
0x246 cr2 0x7c32ac608ea8 ilevel 0 rsp 0xffffa5008822f6c0
[ 193.3453151] curlwp 0xffffa500141ec040 pid 1384.1384 lowest kstack
0xffffa500882282c0
Stopped in pid 1384.1384 (syz-executor.1) at    netbsd:breakpoint+0x5:
leave
?

https://syzkaller.appspot.com/bug?extid=fe84004c3e01607be979

Attachment: signature.asc
Description: OpenPGP digital signature

Prev by Date: KASLR kernel fails to boot
Next by Date: i386 Xen integration breaks linking NET4501 kernel
Previous by Thread: KASLR kernel fails to boot
Next by Thread: i386 Xen integration breaks linking NET4501 kernel
Indexes:

Home | Main Index | Thread Index | Old Index