Re: kern/52324: assertion "(target->prt_class == class)" failed: subr_psref.c", line 285

To: kern-bug-people%netbsd.org@localhost,gnats-admin%netbsd.org@localhost,netbsd-bugs%netbsd.org@localhost,tnn%NetBSD.org@localhost
Subject: Re: kern/52324: assertion "(target->prt_class == class)" failed: subr_psref.c", line 285
From: Ryota Ozaki <ozaki-r%netbsd.org@localhost>
Date: Fri, 23 Jun 2017 01:45:01 +0000 (UTC)

The following reply was made to PR kern/52324; it has been noted by GNATS.

From: Ryota Ozaki <ozaki-r%netbsd.org@localhost>
To: "gnats-bugs%NetBSD.org@localhost" <gnats-bugs%netbsd.org@localhost>
Cc: kern-bug-people%netbsd.org@localhost, gnats-admin%netbsd.org@localhost, netbsd-bugs%netbsd.org@localhost
Subject: Re: kern/52324: assertion "(target->prt_class == class)" failed:
 subr_psref.c", line 285
Date: Fri, 23 Jun 2017 10:42:18 +0900

 On Fri, Jun 23, 2017 at 4:40 AM,  <tnn%netbsd.org@localhost> wrote:
 >>Number:         52324
 >>Category:       kern
 >>Synopsis:       assertion "(target->prt_class =3D=3D class)" failed: subr=
 _psref.c", line 285
 >>Confidential:   no
 >>Severity:       serious
 >>Priority:       medium
 >>Responsible:    kern-bug-people
 >>State:          open
 >>Class:          sw-bug
 >>Submitter-Id:   net
 >>Arrival-Date:   Thu Jun 22 19:40:00 +0000 2017
 >>Originator:     Tobias Nygren
 >>Release:        8.99.1 amd64
 >>Organization:
 >>Environment:
 >>Description:
 > I can reliably trigger this panic from userland by running a certain java=
  application.
 >
 > panic: kernel diagnostic assertion "(target->prt_class =3D=3D class)" fai=
 led: file "/work/src/sys/kern/subr_psref.c", line 285 mismatched psref targ=
 et class: 0x0 (ref) !=3D 0xffffe400bfe0ed08 (expected)
 > fatal breakpoint trap in supervisor mode
 > trap type 1 code 0 rip 0xffffffff802249f5 cs 0x8 rflags 0x246 cr2 0x10020=
 f000 ilevel 0x4 rsp 0xffffe40045b75b60
 > curlwp 0xffffe400beb28200 pid 533.2 lowest kstack 0xffffe40045b722c0
 > [0xffffffff802249f5->breakpoint][0xffffffff80226450->cpu_Debugger][0xffff=
 ffff80742474->db_panic][0xffffffff80990401->vpanic][0xffffffff80ce36b8->ker=
 n_assert][0xffffffff8099140b->psref_release][0xffffffff80a20d7e->if_put][0x=
 ffffffff806f4b38->ip6_ctloutput][0xffffffff80708380->udp6_ctloutput][0xffff=
 ffff806ea121->udp6_ctloutput_wrapper][0xffffffff809c286a->sosetopt][0xfffff=
 fff809c6ef2->sys_setsockopt][0xffffffff80250765->syscall]
 > dumping to dev 20,1 (offset=3D14682167, size=3D786319):
 
 Could you try the following diff?
 
   ozaki-r
 
 diff --git a/sys/netinet6/ip6_output.c b/sys/netinet6/ip6_output.c
 index f9ddeaba9ac..688327e10e6 100644
 --- a/sys/netinet6/ip6_output.c
 +++ b/sys/netinet6/ip6_output.c
 @@ -2561,6 +2561,7 @@ ip6_setmoptions(const struct sockopt *sopt,
 struct in6pcb *in6p)
                  * Group must be a valid IP6 multicast address.
                  */
                 bound =3D curlwp_bind();
 +               ifp =3D NULL;
                 error =3D ip6_get_membership(sopt, &ifp, &psref, &ia, sizeo=
 f(ia));
                 if (error !=3D 0) {
                         curlwp_bindx(bound);

Follow-Ups:
- Re: kern/52324: assertion "(target->prt_class == class)" failed: subr_psref.c", line 285
  - From: Robert Elz
- Re: kern/52324: assertion "(target->prt_class == class)" failed: subr_psref.c", line 285
  - From: Ryota Ozaki

Prev by Date: Re: kern/52324: assertion "(target->prt_class == class)" failed: subr_psref.c", line 285
Next by Date: Re: kern/52324: assertion "(target->prt_class == class)" failed: subr_psref.c", line 285
Previous by Thread: Re: kern/52324: assertion "(target->prt_class == class)" failed: subr_psref.c", line 285
Next by Thread: Re: kern/52324: assertion "(target->prt_class == class)" failed: subr_psref.c", line 285
Indexes:

Home | Main Index | Thread Index | Old Index