Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 22 Oct 2024 12:30:41 +0000
From:      bugzilla-noreply@freebsd.org
To:        bugs@FreeBSD.org
Subject:   [Bug 282268] linker_load_module() panics with KASAN after post-panic reboot
Message-ID:  <bug-282268-227@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help 
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D282268

            Bug ID: 282268
           Summary: linker_load_module() panics with KASAN after
                    post-panic reboot
           Product: Base System
           Version: CURRENT
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Some People
          Priority: ---
         Component: kern
          Assignee: bugs@FreeBSD.org
          Reporter: christos@freebsd.org

Created attachment 254444
  --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=3D254444&action=
=3Dedit
linker_load_module() disassembly

This is a relatively consistent bug, although it does not have a 100%
reproduction rate. What I usually do is the following:

1. Boot into a KASAN kernel.
2. Panic the kernel somehow and reboot.
3. During the reboot, it is likely that linker_load_module() will panic when
rc(8) is trying to load the modules.

I have also attached the linker_load_module() disassembly.

Sample panic message:

Loading kernel modules:
panic: ASan: Invalid access, 4-byte read at 0xfffffe0047935020,
MallocRedZone(fb)
cpuid =3D 1
time =3D 1729606284
KDB: stack backtrace:
db_trace_self_wrapper() at db_trace_self_wrapper+0xa5/frame 0xfffffe0046c3f=
070
kdb_backtrace() at kdb_backtrace+0xc6/frame 0xfffffe0046c3f1d0
vpanic() at vpanic+0x226/frame 0xfffffe0046c3f370
panic() at panic+0xb5/frame 0xfffffe0046c3f440
kasan_code_name() at kasan_code_name/frame 0xfffffe0046c3f510
linker_load_module() at linker_load_module+0xe03/frame 0xfffffe0046c3fbb0
kern_kldload() at kern_kldload+0x233/frame 0xfffffe0046c3fc70
sys_kldload() at sys_kldload+0xd2/frame 0xfffffe0046c3fd10
amd64_syscall() at amd64_syscall+0x39e/frame 0xfffffe0046c3ff30
fast_syscall_common() at fast_syscall_common+0xf8/frame 0xfffffe0046c3ff30
--- syscall (304, FreeBSD ELF64, kldload), rip =3D 0x311d0dce37da, rsp =3D
0x311d0c9d2428, rbp =3D 0x311d0c9d29a0 ---
KDB: enter: panic
[ thread pid 92 tid 100096 ]
Stopped at      kdb_enter+0x34: movq    $0,0x1f09b11(%rip)
db>

--=20
You are receiving this mail because:
You are the assignee for the bug.=

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-282268-227>