From owner-freebsd-current@freebsd.org Thu Aug 6 03:57:57 2015 Return-Path: Delivered-To: freebsd-current@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id C38529B44DA for ; Thu, 6 Aug 2015 03:57:57 +0000 (UTC) (envelope-from carpeddiem@gmail.com) Received: from mail-io0-x229.google.com (mail-io0-x229.google.com [IPv6:2607:f8b0:4001:c06::229]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 90F4B161F; Thu, 6 Aug 2015 03:57:57 +0000 (UTC) (envelope-from carpeddiem@gmail.com) Received: by iodb91 with SMTP id b91so9495397iod.1; Wed, 05 Aug 2015 20:57:57 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc:content-type; bh=+3ux21Biaf1bsDfGatqWM9x02zd/smK7T1KczKQ6Obs=; b=gxTxqyzxVhgWnGumqqufgmIvsYplG0v7ux6Z84zu/+lM7+YKfGFYtk8qfdjCsYTJuY GPBLJp0ft7WClU3UzxJ/Fnxs/ZaeG7DbhGyjgW6ubSEnN0omtokndaYrrR474b1uVsdX xymacBE8IIPS4MPz+ujOdN5Il986WjOxLs0MmfY+6lacLbXWLwEwAxFUWNFB2C7S3STy 3rcWmPU1q9keTMWswAU0KtPPIpxHoZuxEfuJ/KVEJ3o0rEjVEnp5DbExX3uPKf4n1tOR QnhF15OeNPNWcsVt84ZHJ1wAzmOfS8pTXycwd4i1ud9UBUsKKK9jwsj+Iytr4JfY0fvD +exQ== X-Received: by 10.107.150.141 with SMTP id y135mr13085903iod.38.1438833477012; Wed, 05 Aug 2015 20:57:57 -0700 (PDT) MIME-Version: 1.0 Sender: carpeddiem@gmail.com Received: by 10.107.136.200 with HTTP; Wed, 5 Aug 2015 20:57:37 -0700 (PDT) In-Reply-To: <20150806031157.GA1116@garage.freebsd.pl> References: <20150806020639.GA72832@garage.freebsd.pl> <20150806031157.GA1116@garage.freebsd.pl> From: Ed Maste Date: Thu, 6 Aug 2015 03:57:37 +0000 X-Google-Sender-Auth: TyJ7KEvWUnXP_9RG0YDLhTyoLcM Message-ID: Subject: Re: Memory modified after free, seemingly geli related To: Pawel Jakub Dawidek Cc: FreeBSD Current Content-Type: text/plain; charset=UTF-8 X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 06 Aug 2015 03:57:57 -0000 On 6 August 2015 at 03:11, Pawel Jakub Dawidek wrote: >> >> I'm seeing it too. I tracked it down to ZFS. The bio was last owned by >> the ZFS::VDEV GEOM class, which is modyfing bio_error on freed bio. I'm >> investigating further and will let you know here once I find the >> cause. > > Ok. It was bio from ZFS in my case, but it was GELI which modified > bio_error after delivering bio. Ok, so this is (sadly) the same issue as PR 199705. > I'm not fully convinced that panic is the right response to > crypto_dispatch() failure. It means that the driver failed our request > and didn't call our callback, which is bad as we never complete the I/O. > The crypto drivers tend to return errors only if the request itself is > bogus, but that is program's bug and not a runtime condition. In other > words panic should be fine here. The patch in the PR just discards the return value from crypto_dispatch(). I'm happy either way, or perhaps a KASSERT.