NetBSD-Bugs archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: kern/54311: panic: kernel diagnostic assertion "!"kernel path too long in pathbuf_create"" failed

The following reply was made to PR kern/54311; it has been noted by GNATS.

From: Kamil Rytarowski <n54%gmx.com@localhost>
To: Thomas Klausner <wiz%NetBSD.org@localhost>, gnats-bugs%netbsd.org@localhost
Cc: 
Subject: Re: kern/54311: panic: kernel diagnostic assertion "!"kernel path too
 long in pathbuf_create"" failed
Date: Wed, 19 Jun 2019 22:11:26 +0200

 On 19.06.2019 22:05, Thomas Klausner wrote:
 > On Wed, Jun 19, 2019 at 06:35:00PM +0000, Andreas Gustafsson wrote:
 >> lib/libc/sys/t_mknod (290/801): 4 test cases
 >>     mknod_err: [ 7935.4265244] panic: kernel diagnostic assertion "!"ke=
 rnel path too long in pathbuf_create"" failed: file "/tmp/bracket/build/20=
 19.06.18.23.53.55-i386/src/sys/kern/vfs_lookup.c", line 308
 >> [ 7935.4265244] cpu0: Begin traceback...
 >> [ 7935.4265244] vpanic(c10a7000,c9906dec,c9906e00,c09c2b66,c10a7000,c10=
 a6f3f,c1175994,c117566c,134,c9906e3c) at netbsd:vpanic+0x12d
 >> [ 7935.4465199] kern_assert(c10a7000,c10a6f3f,c1175994,c117566c,134,c99=
 06e3c,c9906e10,c09c2bf4,bfb4f993,c23f30a0) at netbsd:kern_assert+0x23
 >> [ 7935.4465199] pathbuf_create(bfb4f993,c23f30a0,c9906f14,c09d0a46,bfb4=
 f993,1,c9906e3c,0,0,0) at netbsd:pathbuf_create+0x63
 >> [ 7935.4465199] pathbuf_maybe_copyin(bfb4f993,1,c9906e3c,0,0,0,16,c1baf=
 000,c23d6270,c1a65e08) at netbsd:pathbuf_maybe_copyin+0x1c
 >> [ 7935.4665218] do_sys_mknodat(c23f30a0,ffffff9c,bfb4f993,2000,0,0,1,c9=
 906f9c,c01589c1,c23f30a0) at netbsd:do_sys_mknodat+0x86
 >> [ 7935.4665218] sys___mknod50(c23f30a0,c9906f68,c9906f60,c1b899e0,fffff=
 fff,c9906f60,1c2,c9906f68,0,0) at netbsd:sys___mknod50+0x3f
 >> [ 7935.4865231] syscall() at netbsd:syscall+0x151
 >> [ 7935.4865231] --- syscall (number 450) ---
 >> [ 7935.4865231] b8243357:
 >> [ 7935.4865231] cpu0: End traceback...
 >
 > I see something similar on amd64 just booting -current from nvme0 (handc=
 opied):
 >
 > kern.module.path=3D/stand/amd64/8.99.46/modules
 > panic: prevented access to 0x7f7fffbe6d69 (SMAP)
 > cpu0: Begin traceback...
 > vapnic() at netbsd:vpanic
 > snprintf() at netbsd:snprintf
 > trap() at netbsd:trap
 > --- trap (number 6) --
 > copystr() at netbsd:copystr+0xe
 > pathbuf_maybe_copyin() at netbsd:pathbuf_maybe_copyin+0x13
 > do_sys_mknodat() at netbsd:do_sys_mknodat+0x18d
 > syscall() at netbsd:syscall+0x348
 > --- syscall (number 450) ---
 > 7e52c8c8f32a:
 > cpu0: End traceback...
 > fatal breakpoint trap in supervisor mode
 > trap type 1 code 0 rip 0xffffffff8021ccfd cs 0x8 rflags 0x286 cr2 0x7f7f=
 fffbe6e69 ilevel 0 rsp 0xffff94965d2b3850
 > curlwp ...
 > Stopped in pid 26.1 (mknod) at netbsd:breakpoint+0x5: leave
 >
 >  Thomas
 >
 
 Please retry with this patch:
 
 Module Name:	src
 Committed By:	kamil
 Date:		Wed Jun 19 14:16:06 UTC 2019
 
 Modified Files:
 	src/sys/kern: vfs_syscalls.c
 
 Log Message:
 Correct wrong type of uio_seg passed to do_sys_mknodat()
 
 It was introduced by an accident in previous commit to this file.
 
 Detected by syzbot:
 https://syzkaller.appspot.com/text?tag=3DCrashLog&x=3D16635d9ea00000
 
 
 To generate a diff of this commit:
 cvs rdiff -u -r1.529 -r1.530 src/sys/kern/vfs_syscalls.c
 
 Please note that diffs are not public domain; they are subject to the
 copyright notices on the relevant files.
Home | Main Index | Thread Index | Old Index