[Bug 273438] PANIC: memory modified after free on relatively idle riscv -CURRENT

Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: <bugzilla-noreply_at_freebsd.org>
Date: Mon, 29 Jan 2024 18:37:25 UTC

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=273438

Mitchell Horne <mhorne@freebsd.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |mhorne@freebsd.org

--- Comment #7 from Mitchell Horne <mhorne@freebsd.org> ---
I looked at the back traces provided, and the allocation is speculatively
belonging to the 'dbuf_kmem_cache' UMA zone, in dbuf_create(). Unfortunately,
the core.txt does not provide the context of the thread responsible for the
store-after-free, so there is not enough here to deconstruct what might have
happened, and whether this is an OpenZFS bug, an OpenZFS/riscv bug, or a
FreeBSD/riscv bug.

Commit a03c23931eec (Nov. 2023) adds additional information to the panic
message, which would help in confirming some details of the allocation in
question, including the offset of the store-after-free. If you update past this
point it would aid in further diagnosis.

Also, inclusion of 'alltrace' ddb command output after the panic _might_ help.

https://cgit.freebsd.org/src/commit/?id=a03c23931eec567b0957c2a0b1102dba8d538d98

-- 
You are receiving this mail because:
You are the assignee for the bug.