Date: Thu, 24 Oct 2024 23:15:54 +0000 From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 282313] [panic] free: address 0xfffff8000989b900(0xfffff8000989b000) has not been allocated. Message-ID: <bug-282313-227@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D282313 Bug ID: 282313 Summary: [panic] free: address 0xfffff8000989b900(0xfffff8000989b000) has not been allocated. Product: Base System Version: 14.1-STABLE Hardware: Any OS: Any Status: New Severity: Affects Only Me Priority: --- Component: bin Assignee: bugs@FreeBSD.org Reporter: admin@support.od.ua # uname -Kv FreeBSD 14.1-STABLE f5fabf3dc SUPPORT-14-1 1401501 # kgdb /boot/kernel/kernel /var/crash/vmcore.2 ... Reading symbols from /boot/kernel/kernel... Reading symbols from /usr/lib/debug//boot/kernel/kernel.debug... Unread portion of the kernel message buffer: panic: free: address 0xfffff8000989b900(0xfffff8000989b000) has not been allocated. cpuid =3D 3 time =3D 1727914194 KDB: stack backtrace: db_trace_self_wrapper() at 0xffffffff804c959b =3D db_trace_self_wrapper+0x2b/frame 0xfffffe0083db2bd0 vpanic() at 0xffffffff80c24011 =3D vpanic+0x131/frame 0xfffffe0083db2d00 panic() at 0xffffffff80c23ed3 =3D panic+0x43/frame 0xfffffe0083db2d60 free() at 0xffffffff80bf8c3d =3D free+0xfd/frame 0xfffffe0083db2d90 dbuf_destroy() at 0xffffffff8290a774 =3D dbuf_destroy+0x64/frame 0xfffffe0083db2dd0 dnode_destroy() at 0xffffffff829379fe =3D dnode_destroy+0x13e/frame 0xfffffe0083db2e10 dnode_buf_evict_async() at 0xffffffff82938ac5 =3D dnode_buf_evict_async+0x85/frame 0xfffffe0083db2e40 taskqueue_run_locked() at 0xffffffff80c97332 =3D taskqueue_run_locked+0x182= /frame 0xfffffe0083db2ec0 taskqueue_thread_loop() at 0xffffffff80c985b2 =3D taskqueue_thread_loop+0xc2/frame 0xfffffe0083db2ef0 fork_exit() at 0xffffffff80bdc06f =3D fork_exit+0x7f/frame 0xfffffe0083db2f= 30 fork_trampoline() at 0xffffffff8123b78e =3D fork_trampoline+0xe/frame 0xfffffe0083db2f30 --- trap 0, rip =3D 0, rsp =3D 0, rbp =3D 0 --- KDB: enter: panic Reading symbols from /boot/kernel/zfs.ko... Reading symbols from /usr/lib/debug//boot/kernel/zfs.ko.debug... Reading symbols from /boot/kernel/acpi_wmi.ko... Reading symbols from /usr/lib/debug//boot/kernel/acpi_wmi.ko.debug... Reading symbols from /boot/kernel/uhid.ko... Reading symbols from /usr/lib/debug//boot/kernel/uhid.ko.debug... Reading symbols from /boot/kernel/wmt.ko... Reading symbols from /usr/lib/debug//boot/kernel/wmt.ko.debug... Reading symbols from /boot/kernel/mac_ntpd.ko... Reading symbols from /usr/lib/debug//boot/kernel/mac_ntpd.ko.debug... Reading symbols from /boot/kernel/fdescfs.ko... Reading symbols from /usr/lib/debug//boot/kernel/fdescfs.ko.debug... __curthread () at /usr/src/sys/amd64/include/pcpu_aux.h:57 57 return (td); (kgdb) bt #0 __curthread () at /usr/src/sys/amd64/include/pcpu_aux.h:57 #1 doadump (textdump=3D0) at /usr/src/sys/kern/kern_shutdown.c:405 #2 0xffffffff804c69b8 in db_fncall_generic (nargs=3D0, args=3D0xfffffe0083= db2600, addr=3D<optimized out>, rv=3D<optimized out>) at /usr/src/sys/ddb/db_command.c:626 #3 db_fncall (dummy1=3D<optimized out>, dummy2=3D<optimized out>, dummy3=3D<optimized out>, dummy4=3D<optimized out>) at /usr/src/sys/ddb/db_command.c:674 #4 0xffffffff804c642d in db_command (last_cmdp=3D<optimized out>, cmd_table=3D<optimized out>, dopager=3Dfalse) at /usr/src/sys/ddb/db_comman= d.c:504 #5 0xffffffff804c6576 in db_command_script (command=3Dcommand@entry=3D0xffffffff8201a722 <db_recursion_data+82> "call doadump") at /usr/src/sys/ddb/db_command.c:569 #6 0xffffffff804cb718 in db_script_exec (scriptname=3Dscriptname@entry=3D0xfffffe0083db27d0 "kdb.enter.panic", warnifnotfound=3Dwarnifnotfound@entry=3D0) at /usr/src/sys/ddb/db_script.c:302 #7 0xffffffff804cb612 in db_script_kdbenter (eventname=3D<optimized out>) = at /usr/src/sys/ddb/db_script.c:324 #8 0xffffffff804c96e1 in db_trap (type=3D<optimized out>, code=3D<optimize= d out>) at /usr/src/sys/ddb/db_main.c:267 #9 0xffffffff80c73236 in kdb_trap (type=3Dtype@entry=3D3, code=3Dcode@entr= y=3D0, tf=3Dtf@entry=3D0xfffffe0083db2b10) at /usr/src/sys/kern/subr_kdb.c:790 #10 0xffffffff81263978 in trap (frame=3D0xfffffe0083db2b10) at /usr/src/sys/amd64/amd64/trap.c:608 #11 <signal handler called> #12 kdb_enter (why=3D<optimized out>, msg=3D<optimized out>) at /usr/src/sys/kern/subr_kdb.c:556 #13 0xffffffff80c24042 in vpanic (fmt=3D0xffffffff81541553 "free: address %= p(%p) has not been allocated.\n", ap=3Dap@entry=3D0xfffffe0083db2d40) at /usr/src/sys/kern/kern_shutdown.c:955 #14 0xffffffff80c23ed3 in panic (fmt=3D0xffffffff81caf7a8 <vt_conswindow+16> "\217?V\201\377\377\377\377") at /usr/src/sys/kern/kern_shutdown.c:891 #15 0xffffffff80bf8c3d in free (addr=3D0xfffff8000989b900, mtp=3D0xffffffff= 82b7e610 <M_SOLARIS>) at /usr/src/sys/kern/kern_malloc.c:919 #16 0xffffffff828b3951 in zfs_kmem_free (buf=3D0xffffffff81caf7a8 <vt_conswindow+16>, size=3Dsize@entry=3D320) at /usr/src/sys/contrib/openzfs/module/os/freebsd/spl/spl_kmem.c:120 #17 0xffffffff8290a774 in dbuf_destroy (db=3D0xfffff800b0848be0) at /usr/src/sys/contrib/openzfs/module/zfs/dbuf.c:3024 #18 0xffffffff829379fe in dnode_destroy (dn=3D0xfffff801fde61650) at /usr/src/sys/contrib/openzfs/module/zfs/dnode.c:666 #19 0xffffffff82938ac5 in dnode_buf_evict_async (dbu=3D0xfffff800683c4000) = at /usr/src/sys/contrib/openzfs/module/zfs/dnode.c:1350 #20 0xffffffff80c97332 in taskqueue_run_locked (queue=3Dqueue@entry=3D0xfffff8001188de00) at /usr/src/sys/kern/subr_taskqueue.c:518 #21 0xffffffff80c985b2 in taskqueue_thread_loop (arg=3Darg@entry=3D0xfffff80011898a70) at /usr/src/sys/kern/subr_taskqueue.= c:830 #22 0xffffffff80bdc06f in fork_exit (callout=3D0xffffffff80c984f0 <taskqueue_thread_loop>, arg=3D0xfffff80011898a70, frame=3D0xfffffe0083db2f= 40) at /usr/src/sys/kern/kern_fork.c:1164 #23 <signal handler called> --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-282313-227>