From nobody Mon Jan 29 18:37:25 2024 X-Original-To: riscv@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TNxqV2YD7z59B4r for ; Mon, 29 Jan 2024 18:37:26 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4TNxqV1VFDz58Bh for ; Mon, 29 Jan 2024 18:37:26 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1706553446; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=l1IetuNJOdi+I7xHQ7wbKrq3aM9sIHK7ricvkKtd76A=; b=eeH4JiiwOuD12xnBA/5ZclrSeEwxQdRzCMscw1oiZC9yfAPcqfG6e4dTHiqvega+BFMT8d mPwP0Lw3r0zw/IDHRK1oOH8vYJxsV4z8k1fqY7Dehb6W/5x0NxeZvwYqN6ktapYBWWkAYm XE2GMnxVl/JkK3pxqnTSo4p24VME1oz5VdF8jLE8SB8ctDVPU5R7w2sis/Dcoe1AfMZg6c Rwev1KsQO2QWOiyQ8+qtOoElEEwWB7nHakNbghca0L9oJri0xk4mBngdtCy7pRZK2WM3h4 hhAuxgoPdYQIPr4eZOT/+0SRZM7/EluGj2O9XhYzQytLC9ybnTK1wtwB3/iIQw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1706553446; a=rsa-sha256; cv=none; b=wJk/6OapzElcKcJnUnf1XF/rCmzYHz3W9WIav9Wn28OQtH1GaiJANcfMXncbfdq87vEksA UwieV0m8ALealLBQB9SHCPD+2I4Pxcz/zC5141P/TCAYb0bN2QrGYSE5uEZHjVVXu7NeJG t6uVPpFU7dkHscY5bAncJXbWQIH7UK1h9oQ9QIL6xD8oiOUrX+mu0iwf7B56GpiKPDMeIJ 971NTMeOb2BKVmxqudpmc4F6VDI94dqpLM+f2IGY1sDv4ycN0mSK3gdY51/uDTNmnVnH3h tpP2bl4rtEJZgjw+a8JoDxJNLahN/8ASTahtC/OsED7oKlBrf0CV8qvldWn84w== Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4TNxqV0VXKz12bh for ; Mon, 29 Jan 2024 18:37:26 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 40TIbQZC084964 for ; Mon, 29 Jan 2024 18:37:26 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 40TIbQ25084959 for riscv@FreeBSD.org; Mon, 29 Jan 2024 18:37:26 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: riscv@FreeBSD.org Subject: [Bug 273438] PANIC: memory modified after free on relatively idle riscv -CURRENT Date: Mon, 29 Jan 2024 18:37:25 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: CURRENT X-Bugzilla-Keywords: crash X-Bugzilla-Severity: Affects Many People X-Bugzilla-Who: mhorne@freebsd.org X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: riscv@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: cc Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: FreeBSD on the RISC-V instruction set architecture List-Archive: https://lists.freebsd.org/archives/freebsd-riscv List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-riscv@freebsd.org X-BeenThere: freebsd-riscv@freebsd.org MIME-Version: 1.0 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D273438 Mitchell Horne changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |mhorne@freebsd.org --- Comment #7 from Mitchell Horne --- I looked at the back traces provided, and the allocation is speculatively belonging to the 'dbuf_kmem_cache' UMA zone, in dbuf_create(). Unfortunatel= y, the core.txt does not provide the context of the thread responsible for the store-after-free, so there is not enough here to deconstruct what might have happened, and whether this is an OpenZFS bug, an OpenZFS/riscv bug, or a FreeBSD/riscv bug. Commit a03c23931eec (Nov. 2023) adds additional information to the panic message, which would help in confirming some details of the allocation in question, including the offset of the store-after-free. If you update past = this point it would aid in further diagnosis. Also, inclusion of 'alltrace' ddb command output after the panic _might_ he= lp. https://cgit.freebsd.org/src/commit/?id=3Da03c23931eec567b0957c2a0b1102dba8= d538d98 --=20 You are receiving this mail because: You are the assignee for the bug.=