kern/43456: KASSERT from ptyfs null mount

To: kern-bug-people%netbsd.org@localhost,gnats-admin%netbsd.org@localhost,netbsd-bugs%netbsd.org@localhost
Subject: kern/43456: KASSERT from ptyfs null mount
From: njoly%pasteur.fr@localhost
Date: Fri, 11 Jun 2010 10:20:05 +0000 (UTC)

>Number:         43456
>Category:       kern
>Synopsis:       KASSERT from ptyfs null mount
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    kern-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Fri Jun 11 10:20:04 +0000 2010
>Originator:     Nicolas Joly
>Release:        NetBSD 5.99.30
>Organization:
Insitut Pasteur
>Environment:
System: NetBSD lanfeust.sis.pasteur.fr 5.99.30 NetBSD 5.99.30 (LANFEUST) #5: 
Fri Jun 11 12:01:51 CEST 2010 
njoly%lanfeust.sis.pasteur.fr@localhost:/local/src/NetBSD/obj.amd64/sys/arch/amd64/compile/LANFEUST
 amd64
Architecture: x86_64
Machine: amd64
>Description:
I got hit by a KASSERT from a ptyfs null mount in a i386 chroot on my amd64
workstation. It's highly reproductible; simply launch an xterm from the
chroot, then exit.

panic: kernel diagnostic assertion "sn->sn_opencnt == 0" failed: file 
"/local/src/NetBSD/src/sys/miscfs/specfs/spec_vnops.c", line 321
fatal breakpoint trap in supervisor mode
trap type 1 code 0 rip ffffffff8022b7cd cs 8 rflags 246 cr2  fbfe811c cpl 0 rsp 
ffff800048ebf7c0
Stopped in pid 23990.1 (ksh) at netbsd:breakpoint+0x5:  leave

Here follow the corresponding backtrace :
#0  0xffffffff804cc8ad in cpu_reboot (howto=256, bootstr=<value optimized out>)
    at /local/src/NetBSD/src/sys/arch/amd64/amd64/machdep.c:675
#1  0xffffffff8024321c in db_sync_cmd (addr=<value optimized out>, 
    have_addr=<value optimized out>, count=0, modif=0x0)
    at /local/src/NetBSD/src/sys/ddb/db_command.c:1375
#2  0xffffffff80243995 in db_command (last_cmdp=0xffffffff80cc6440)
    at /local/src/NetBSD/src/sys/ddb/db_command.c:909
#3  0xffffffff80243bf4 in db_command_loop ()
    at /local/src/NetBSD/src/sys/ddb/db_command.c:567
#4  0xffffffff80248f74 in db_trap (type=<value optimized out>, 
    code=<value optimized out>) at /local/src/NetBSD/src/sys/ddb/db_trap.c:101
#5  0xffffffff80246663 in kdb_trap (type=1, code=0, regs=0xffff800049ced6d0)
    at /local/src/NetBSD/src/sys/arch/amd64/amd64/db_interface.c:214
#6  0xffffffff806cbf40 in trap (frame=0xffff800049ced6d0)
    at /local/src/NetBSD/src/sys/arch/amd64/amd64/trap.c:284
#7  0xffffffff80100fe1 in calltrap ()
#8  0xffffffff8022b7cd in breakpoint ()
#9  0xffffffff8068d9f2 in panic (
    fmt=0xffffffff80adb220 "kernel %sassertion \"%s\" failed: file \"%s\", line 
%d") at /local/src/NetBSD/src/sys/kern/subr_prf.c:299
#10 0xffffffff807d4915 in kern_assert (t=0x3f8 <Address 0x3f8 out of bounds>, 
    f=0x0, l=-2136142718, e=0x8 <Address 0x8 out of bounds>)
    at /local/src/NetBSD/src/sys/lib/libkern/kern_assert.c:50
#11 0xffffffff8067180f in spec_node_destroy (vp=0xffff80004a55f198)
    at /local/src/NetBSD/src/sys/miscfs/specfs/spec_vnops.c:321
#12 0xffffffff80773fa7 in vrelel (vp=0xffff80004a55f198, flags=0)
    at /local/src/NetBSD/src/sys/kern/vfs_subr.c:1578
#13 0xffffffff807752b6 in vrevoke (vp=<value optimized out>)
    at /local/src/NetBSD/src/sys/kern/vfs_subr.c:2106
#14 0xffffffff802c65ea in genfs_revoke (v=<value optimized out>)
    at /local/src/NetBSD/src/sys/miscfs/genfs/genfs_vnops.c:275
#15 0xffffffff8048d4fa in layer_bypass (v=<value optimized out>)
    at /local/src/NetBSD/src/sys/miscfs/genfs/layer_vnops.c:355
#16 0xffffffff8078b083 in VOP_REVOKE (vp=0xffff80004a569658, 
    flags=<value optimized out>)
    at /local/src/NetBSD/src/sys/kern/vnode_if.c:593
#17 0xffffffff80459aae in exit1 (l=0xffff800049aab800, 
    rv=<value optimized out>) at /local/src/NetBSD/src/sys/kern/kern_exit.c:391
#18 0xffffffff80459ce2 in sys_exit (l=0xffff800049aab800, 
    uap=0xffff800049cedba0, retval=<value optimized out>)
    at /local/src/NetBSD/src/sys/kern/kern_exit.c:183
#19 0xffffffff80521b68 in netbsd32_exit (l=0x0, uap=<value optimized out>, 
    retval=0x8)
    at /local/src/NetBSD/src/sys/compat/netbsd32/netbsd32_netbsd.c:182
#20 0xffffffff80524d53 in netbsd32_syscall (frame=0xffff800049cedc80)
    at /local/src/NetBSD/src/sys/sys/syscallvar.h:61
#21 0xffffffff8010085a in osyscall1 ()
#22 0x00000000fbd1a0b8 in ?? ()
#23 0x00000000ffffdc88 in ?? ()
#24 0x0000000000000000 in ?? ()

>How-To-Repeat:
Do a ptyfs null mount in a chroot, launch and exit an xterm fromn it.
>Fix:

Prev by Date: Re: bin/43454: gpt(8) and disklabel(8) conflict with each other
Next by Date: xsrc/43457: X11 does not set MTRR register for framebuffer memory
Previous by Thread: bin/43454: gpt(8) and disklabel(8) conflict with each other
Next by Thread: Re: kern/43456: KASSERT from ptyfs null mount
Indexes:

Home | Main Index | Thread Index | Old Index