Re: kern/59663

To: kern-bug-people%netbsd.org@localhost,gnats-admin%netbsd.org@localhost,netbsd-bugs%netbsd.org@localhost,hpaluch%seznam.cz@localhost
Subject: Re: kern/59663
From: "Henryk Paluch via gnats" <gnats-admin%NetBSD.org@localhost>
Date: Tue, 23 Sep 2025 18:30:02 +0000 (UTC)

The following reply was made to PR kern/59663; it has been noted by GNATS.

From: "Henryk Paluch" <hpaluch%seznam.cz@localhost>
To: <gnats-bugs%NetBSD.org@localhost>
Cc: 
Subject: Re: kern/59663
Date: Tue, 23 Sep 2025 20:04:20 +0200 (CEST)

 I found reliable way how to crash above "NetBSD 11.0_BETA (GENERIC) #0: Tu=
 e Sep 16 04:05:29 UTC 2025" in *few seconds*.
 
 Just these 2 commands are enough (reproducible on both VM and bare metal):=
 
 
 nbsd11-test3# fssconfig -cx fss0 / /root/backup
 nbsd11-test3# dd if=3D/dev/fss0 of=3D/dev/null bs=3D1024k
 
 After few seconds:
 
 [ 58.8640367] panic: kernel diagnostic assertion "(i * BITMAP_SIZE) < pp->=
 pr_itemsperpage" failed: file "/usr/src/sys/kern/subr_pool.c", line 450
 [ 58.8640367] cpu0: Begin traceback...
 [ 58.8741603] vpanic() at netbsd:vpanic+0x171
 [ 58.8741603] kern_assert() at netbsd:kern_assert+0x4b
 [ 58.8741603] pool_get() at netbsd:pool_get+0x46b
 [ 58.8741603] allocbuf() at netbsd:allocbuf+0x113
 [ 58.8741603] getblk() at netbsd:getblk+0x18c
 [ 58.8741603] bio_doread() at netbsd:bio_doread+0x1d
 [ 58.8842815] breadn() at netbsd:breadn+0x24
 [ 58.8842815] ffs_snapshot_read() at netbsd:ffs_snapshot_read+0x1b2
 [ 58.8842815] VOP_READ() at netbsd:VOP_READ+0x42
 [ 58.8842815] vn_rdwr() at netbsd:vn_rdwr+0xf1
 [ 58.8842815] fss_bs_io() at netbsd:fss_bs_io+0x89
 [ 58.8842815] fss_bs_thread() at netbsd:fss_bs_thread+0x50f
 [ 58.8842815] cpu0: End traceback...
 [ 58.8842815] fatal breakpoint trap in supervisor mode
 [ 58.8842815] trap type 1 code 0 rip 0xffffffff8023541d cs 0x8 rflags 0x20=
 2 cr2 0xffff8f026ade5000 ilevel 0 rsp 0xffff8f0277ef7b70
 [ 58.8955114] curlwp 0xffff8889b54f7800 pid 0.1426 lowest kstack 0xffff8f0=
 277ef32c0
 Stopped in pid 0.1426 (system) at netbsd:breakpoint+0x5: leave
 breakpoint() at netbsd:breakpoint+0x5
 vpanic() at netbsd:vpanic+0x171
 kern_assert() at netbsd:kern_assert+0x4b
 pool_get() at netbsd:pool_get+0x46b
 allocbuf() at netbsd:allocbuf+0x113
 getblk() at netbsd:getblk+0x18c
 bio_doread() at netbsd:bio_doread+0x1d
 breadn() at netbsd:breadn+0x24
 ffs_snapshot_read() at netbsd:ffs_snapshot_read+0x1b2
 VOP_READ() at netbsd:VOP_READ+0x42
 vn_rdwr() at netbsd:vn_rdwr+0xf1
 fss_bs_io() at netbsd:fss_bs_io+0x89
 fss_bs_thread() at netbsd:fss_bs_thread+0x50f
 ds 0
 es 0
 fs 180
 gs 7b20
 rdi 0
 rsi 3f8
 rbp ffff8f0277ef7b70
 rbx ffffffff8142a670 ostype+0x7867e
 rdx 1
 --db_more--rcx ffffffffffffff
 rax 800000000000000
 r8 0
 r9 0
 r10 0
 r11 0
 r12 ffff8f0277ef7bb8
 r13 104
 r14 1
 r15 ffff8f02670b0000
 rip ffffffff8023541d breakpoint+0x5
 cs 8
 rflags 202
 rsp ffff8f0277ef7b70
 ss 10
 netbsd:breakpoint+0x5: leave
 db{0}> bt
 breakpoint() at netbsd:breakpoint+0x5
 vpanic() at netbsd:vpanic+0x171
 kern_assert() at netbsd:kern_assert+0x4b
 pool_get() at netbsd:pool_get+0x46b
 allocbuf() at netbsd:allocbuf+0x113
 getblk() at netbsd:getblk+0x18c
 bio_doread() at netbsd:bio_doread+0x1d
 breadn() at netbsd:breadn+0x24
 ffs_snapshot_read() at netbsd:ffs_snapshot_read+0x1b2
 VOP_READ() at netbsd:VOP_READ+0x42
 vn_rdwr() at netbsd:vn_rdwr+0xf1
 fss_bs_io() at netbsd:fss_bs_io+0x89
 fss_bs_thread() at netbsd:fss_bs_thread+0x50f

Prev by Date: Subject: Re: kern/59663
Previous by Thread: Subject: Re: kern/59663
Indexes:

Home | Main Index | Thread Index | Old Index