NetBSD-Bugs archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: kern/53259: opera causes kernel panic



On Fri, May 4, 2018 at 8:45 AM <n54%gmx.com@localhost> wrote:

> >Number:         53259
> >Category:       kern
> >Synopsis:       opera causes kernel panic
> >Confidential:   no
> >Severity:       critical
> >Priority:       high
> >Responsible:    kern-bug-people
> >State:          open
> >Class:          sw-bug
> >Submitter-Id:   net
> >Arrival-Date:   Thu May 03 23:45:00 +0000 2018
> >Originator:     Kamil Rytarowski
> >Release:        NetBSD/amd64 8.99.14
> >Organization:
> TNF
> >Environment:
> NetBSD chieftec 8.99.14 NetBSD 8.99.14 (GENERIC) #36: Tue May  1 18:02:53
CEST 2018  root@chieftec:/public/netbsd-root/sys/arch/amd64/compile/GENERIC
amd64
> >Description:
> opera-12.16         Standards-compliant graphical Web browser

> An attempt to run opera causes kernel panic always.
> >How-To-Repeat:
> [  107.864737] WARNING: SPL NOT LOWERED ON SYSCALL 0 6 EXIT 6 5
> [  107.864737] panic: assert_sleepable: pserialize
caller=0xffffffff809e038e
> [  107.864737] cpu0: Begin traceback...
> [  107.864737] vpanic() at netbsd:vpanic+0x19a
> [  107.864737] snprintf() at netbsd:snprintf
> [  107.864737] assert_sleepable() at netbsd:assert_sleepable+0xc3
> [  107.864737] kauth_cred_free() at netbsd:kauth_cred_free+0x2f
> [  107.864737] soclose() at netbsd:soclose+0x206
> [  107.874725] soo_close() at netbsd:soo_close+0x1a
> [  107.874725] closef() at netbsd:closef+0x79
> [  107.874725] fd_close() at netbsd:fd_close+0x623
> [  107.874725] sys_close() at netbsd:sys_close+0x20
> [  107.874725] linux_syscall() at netbsd:linux_syscall+0xc1
> [  107.874725] cpu0: End traceback...
> [  107.874725] fatal breakpoint trap in supervisor mode
> [  107.874725] trap type 1 code 0 rip 0xffffffff8021eb75 cs 0x8 rflags
0x202 cr2 0x1ce8648 ilevel 0 rsp 0xffff80013fb0cd80
> [  107.874725] curlwp 0xffffe403f7fe40e0 pid 609.609 lowest kstack
0xffff80013fb092c0

> [  107.874725] dumping to dev 20,0 (offset=193655, size=4170097):
> [  107.874725] dump device not ready
> >Fix:
> N/A

Could you try the below patch?

Thanks,
   ozaki-r

diff --git a/sys/compat/linux/common/linux_socket.c
b/sys/compat/linux/common/linux_socket.c
index 7f31512496d..85b0f787243 100644
--- a/sys/compat/linux/common/linux_socket.c
+++ b/sys/compat/linux/common/linux_socket.c
@@ -1183,7 +1183,7 @@ linux_getifconf(struct lwp *l, register_t *retval,
void *data)
                         ifa_release(ifa, &psref_ifa);
                 }

-               s = pserialize_read_enter();
+               KASSERT(pserialize_in_read_section());
                 if_release(ifp, &psref);
         }
         pserialize_read_exit(s);
diff --git a/sys/compat/linux32/common/linux32_socket.c
b/sys/compat/linux32/common/linux32_socket.c
index aa0ef2df4bc..7fd678d0cab 100644
--- a/sys/compat/linux32/common/linux32_socket.c
+++ b/sys/compat/linux32/common/linux32_socket.c
@@ -478,7 +478,7 @@ linux32_getifconf(struct lwp *l, register_t *retval,
void *data)
                         ifa_release(ifa, &psref_ifa);
                 }

-               s = pserialize_read_enter();
+               KASSERT(pserialize_in_read_section());
                 if_release(ifp, &psref);
         }
         pserialize_read_exit(s);


Home | Main Index | Thread Index | Old Index