https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=279243
Bug ID: 279243
Summary: panic: Memory modified after free, Most recently used
by solaris
Product: Base System
Version: 14.0-STABLE
Hardware: Any
OS: Any
Status: New
Severity: Affects Only Me
Priority: ---
Component: kern
Assignee: b...@freebsd.org
Reporter: a...@freebsd.org
This happens on every other boot for me.
When it happens it always happens when loading nvidia driver.
<118>Mounting local filesystems:.
<118>Mounting ZFS filesystems: (354/354)
<118>Loading kernel modules:
nvidia0: <NVIDIA GeForce GTX 1660> on vgapci0
vgapci0: child nvidia0 requested pci_enable_io
vgapci0: child nvidia0 requested pci_enable_io
<6>nvidia-modeset: Loading NVIDIA Kernel Mode Setting Driver for UNIX platforms
550.54.14 Thu Feb 22 01:05:40 UTC 2024
sysctl_warn_reuse: can't re-use a leaf (hw.dri.debug)!
<6>[drm] [nvidia-drm] [GPU ID 0x00000100] Loading driver
Memory modified after free 0xfffff800207cf900(376) val=1010000 @
0xfffff800207cf900
panic: Most recently used by solaris
cpuid = 2
time = 1716443221
KDB: stack backtrace:
db_trace_self_wrapper() at 0xffffffff80614c2b =
db_trace_self_wrapper+0x2b/frame 0xfffffe01985cc060
kdb_backtrace() at 0xffffffff8094a037 = kdb_backtrace+0x37/frame
0xfffffe01985cc110
vpanic() at 0xffffffff808fba29 = vpanic+0x169/frame 0xfffffe01985cc250
panic() at 0xffffffff808fb803 = panic+0x43/frame 0xfffffe01985cc2b0
mtrash_ctor() at 0xffffffff80bb25ee = mtrash_ctor+0x7e/frame 0xfffffe01985cc2d0
item_ctor() at 0xffffffff80bb1818 = item_ctor+0x108/frame 0xfffffe01985cc320
uma_zalloc_arg() at 0xffffffff80baac3b = uma_zalloc_arg+0x10b/frame
0xfffffe01985cc360
malloc() at 0xffffffff808d4f60 = malloc+0x70/frame 0xfffffe01985cc3a0
os_alloc_mem() at 0xffffffff857de5f7 = os_alloc_mem+0x37/frame
0xfffffe01985cc3c0
_nv013606rm() at 0xffffffff854fc874 = _nv013606rm+0x34/frame 0xfffffe01a322fc00
Uptime: 42s
"Most recently used by solaris" makes me think that the problem is in ZFS.
Also, because the module loading happens right after mounting ZFS filesystems.
The zone is "malloc-384".
24 initial bytes are affected:
(kgdb) x/48a item
0xfffff800207cf900: 0x1010000 0x0
0xfffff800207cf910: 0x0 0xdeadc0dedeadc0de
0xfffff800207cf920: 0xdeadc0dedeadc0de 0xdeadc0dedeadc0de
0xfffff800207cf930: 0xdeadc0dedeadc0de 0xdeadc0dedeadc0de
0xfffff800207cf940: 0xdeadc0dedeadc0de 0xdeadc0dedeadc0de
0xfffff800207cf950: 0xdeadc0dedeadc0de 0xdeadc0dedeadc0de
0xfffff800207cf960: 0xdeadc0dedeadc0de 0xdeadc0dedeadc0de
0xfffff800207cf970: 0xdeadc0dedeadc0de 0xdeadc0dedeadc0de
0xfffff800207cf980: 0xdeadc0dedeadc0de 0xdeadc0dedeadc0de
0xfffff800207cf990: 0xdeadc0dedeadc0de 0xdeadc0dedeadc0de
0xfffff800207cf9a0: 0xdeadc0dedeadc0de 0xdeadc0dedeadc0de
0xfffff800207cf9b0: 0xdeadc0dedeadc0de 0xdeadc0dedeadc0de
0xfffff800207cf9c0: 0xdeadc0dedeadc0de 0xdeadc0dedeadc0de
0xfffff800207cf9d0: 0xdeadc0dedeadc0de 0xdeadc0dedeadc0de
0xfffff800207cf9e0: 0xdeadc0dedeadc0de 0xdeadc0dedeadc0de
0xfffff800207cf9f0: 0xdeadc0dedeadc0de 0xdeadc0dedeadc0de
0xfffff800207cfa00: 0xdeadc0dedeadc0de 0xdeadc0dedeadc0de
0xfffff800207cfa10: 0xdeadc0dedeadc0de 0xdeadc0dedeadc0de
0xfffff800207cfa20: 0xdeadc0dedeadc0de 0xdeadc0dedeadc0de
0xfffff800207cfa30: 0xdeadc0dedeadc0de 0xdeadc0dedeadc0de
0xfffff800207cfa40: 0xdeadc0dedeadc0de 0xdeadc0dedeadc0de
0xfffff800207cfa50: 0xdeadc0dedeadc0de 0xdeadc0dedeadc0de
0xfffff800207cfa60: 0xdeadc0dedeadc0de 0xdeadc0dedeadc0de
0xfffff800207cfa70: 0xdeadc0dedeadc0de 0xffffffff8121a800 <M_SOLARIS>
--
You are receiving this mail because:
You are the assignee for the bug.
