syzbot


assert failed: pg->wire_count != 0

Status: fixed on 2019/06/19 06:32
Reported-by: syzbot+59ac6d78f8e519e721af@syzkaller.appspotmail.com
Fix commit: shmctl(SHM_LOCK) does not need to mess with mappings of the shm segment, uvm_obj_wirepages() is sufficient. this fixes the problem reported in https://syzkaller.appspot.com/bug?id=71f9271d761f5b6ed517a18030dc04f0135e6179
First crash: 2096d, last: 2032d
Similar bugs (2)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
netbsd assert failed: pg->wire_count != 0 (2) C 174 1978d 2000d 1/3 fixed on 2019/08/25 05:45
netbsd assert failed: pg->wire_count != 0 (3) C 268 180d 1886d 0/3 upstream: reported C repro on 2019/10/12 00:14

Sample crash report:
[  33.1912916] panic: kernel diagnostic assertion "pg->wire_count != 0" failed: file "/syzkaller/managers/netbsd/kernel/sys/uvm/uvm_page.c", line 1608 
[  33.1912916] cpu0: Begin traceback...
[  33.1912916] vpanic() at netbsd:vpanic+0x214
[  33.2019951] _GLOBAL__sub_D_65535_0_cpu_configure() at netbsd:_GLOBAL__sub_D_65535_0_cpu_configure
[  33.2120897] uvm_pageunwire() at netbsd:uvm_pageunwire+0xc6
[  33.2120897] uvm_obj_unwirepages() at netbsd:uvm_obj_unwirepages+0x6a
[  33.2228172] shmctl1() at netbsd:shmctl1+0x399
[  33.2332709] sys___shmctl50() at netbsd:sys___shmctl50+0xb0
[  33.2432822] sys_syscall() at netbsd:sys_syscall+0xe2
[  33.2536874] syscall() at netbsd:syscall+0x32e
[  33.2536874] --- syscall (number 0) ---
[  33.2640843] 72b376e3f4ca:
[  33.2640843] cpu0: End traceback...

[  33.2640843] dumping to dev 4,1 (offset=0, size=0): not possible
[  33.2640843] rebooting...
SeaBIOS (version 1.8.2-20190122_225043-google)
Total RAM Size = 0x00000001e0000000 = 7680 MiB
CPUs found: 2     Max CPUs supported: 2
found virtio-scsi at 0:3
virtio-scsi vendor='Google' product='PersistentDisk' rev='1' type=0 removable=0
virtio-scsi blksize=512 sectors=4194304 = 2048 MiB
drive 0x000f29c0: PCHS=0/0/0 translation=lba LCHS=520/128/63 s=4194304
Booting from Hard Disk 0...

>> NetBSD/x86 BIOS Boot, Revision 5.10 (Tue Jul 17 14:59:51 UTC 2018) (from NetBSD 8.0)
>> Memory: 639/3144640 k

     1. Boot normally
     2. Boot single user
     3. Disable ACPI
     4. Disable ACPI and SMP
     5. Drop to boot prompt

Crashes (45):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2019/03/15 08:52 netbsd 6aca7d7acc04 bab43553 console log report syz C ci2-netbsd
2019/03/15 08:14 netbsd 6aca7d7acc04 d72db19b console log report syz ci2-netbsd
2019/05/18 14:36 netbsd 1435b93ddaa0 5a4461b0 console log report ci2-netbsd
2019/05/09 18:15 netbsd 352e2fc1629a 214bf476 console log report ci2-netbsd
2019/05/01 14:14 netbsd fe3c80c3ed2d 618456b4 console log report ci2-netbsd
2019/04/24 08:53 netbsd da4a0ea9100c 2398edea console log report ci2-netbsd
2019/04/23 10:19 netbsd c108bd436ea1 53199d6e console log report ci2-netbsd
2019/04/20 14:25 netbsd a389e269db1a b0e8efcb console log report ci2-netbsd
2019/04/17 05:03 netbsd 03a220cddffa b0e8efcb console log report ci2-netbsd
2019/04/07 14:05 netbsd a10759f081a1 c34fde03 console log report ci2-netbsd
2019/04/04 16:50 netbsd 4585ce927211 6a475fff console log report ci2-netbsd
2019/04/02 22:12 netbsd a4160cbcd30b dfd3394d console log report ci2-netbsd
2019/04/02 18:37 netbsd a4160cbcd30b dfd3394d console log report ci2-netbsd
2019/04/01 17:58 netbsd d14d7be1deda 36b433b7 console log report ci2-netbsd
2019/04/01 14:06 netbsd d14d7be1deda 36b433b7 console log report ci2-netbsd
2019/03/31 18:54 netbsd 8f84b6998922 0c624d4d console log report ci2-netbsd
2019/03/30 12:36 netbsd f1c1dd4d4cda c35ee0ea console log report ci2-netbsd
2019/03/27 21:58 netbsd e9135a77cb57 f94f56fe console log report ci2-netbsd
2019/03/25 10:20 netbsd 6eb76e802b22 2c86e0a5 console log report ci2-netbsd
2019/03/21 09:37 netbsd 779fde7bb3cc 427ea487 console log report ci2-netbsd
2019/03/20 23:51 netbsd 6e79b7c8422e 427ea487 console log report ci2-netbsd
2019/03/15 21:28 netbsd 287b396b094e bab43553 console log report ci2-netbsd
2019/03/15 21:28 netbsd 287b396b094e bab43553 console log report ci2-netbsd
2019/03/15 21:11 netbsd 6aca7d7acc04 bab43553 console log report ci2-netbsd
2019/03/15 21:00 netbsd 6aca7d7acc04 bab43553 console log report ci2-netbsd
2019/03/15 20:54 netbsd 6aca7d7acc04 bab43553 console log report ci2-netbsd
2019/03/15 19:59 netbsd 6aca7d7acc04 bab43553 console log report ci2-netbsd
2019/03/15 19:24 netbsd 6aca7d7acc04 bab43553 console log report ci2-netbsd
2019/03/15 17:26 netbsd 6aca7d7acc04 bab43553 console log report ci2-netbsd
2019/03/15 17:18 netbsd 6aca7d7acc04 bab43553 console log report ci2-netbsd
2019/03/15 16:30 netbsd 6aca7d7acc04 bab43553 console log report ci2-netbsd
2019/03/15 16:13 netbsd 6aca7d7acc04 bab43553 console log report ci2-netbsd
2019/03/15 15:59 netbsd 6aca7d7acc04 bab43553 console log report ci2-netbsd
2019/03/15 15:18 netbsd 6aca7d7acc04 bab43553 console log report ci2-netbsd
2019/03/15 14:30 netbsd 6aca7d7acc04 bab43553 console log report ci2-netbsd
2019/03/15 14:24 netbsd 6aca7d7acc04 bab43553 console log report ci2-netbsd
2019/03/15 12:48 netbsd 6aca7d7acc04 bab43553 console log report ci2-netbsd
2019/03/15 12:21 netbsd 6aca7d7acc04 bab43553 console log report ci2-netbsd
2019/03/15 11:54 netbsd 6aca7d7acc04 bab43553 console log report ci2-netbsd
2019/03/15 10:29 netbsd 6aca7d7acc04 bab43553 console log report ci2-netbsd
2019/03/15 10:25 netbsd 6aca7d7acc04 bab43553 console log report ci2-netbsd
2019/03/15 09:01 netbsd 6aca7d7acc04 bab43553 console log report ci2-netbsd
2019/03/15 08:21 netbsd 6aca7d7acc04 bab43553 console log report ci2-netbsd
2019/03/15 07:46 netbsd 6aca7d7acc04 d72db19b console log report ci2-netbsd
2019/03/15 07:46 netbsd 6aca7d7acc04 d72db19b console log report ci2-netbsd
* Struck through repros no longer work on HEAD.