Date: Sun, 23 Feb 2020 19:58:10 +0000 From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 244344] [2] Kernel panic observed while plugging the UFS USB drive on FreeBSD13-CURRENT, FreeBSD 12.1-RELEASE r354233 and FreeBSD 12.1-STABLE r358121 Message-ID: <bug-244344-227@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D244344 Bug ID: 244344 Summary: [2] Kernel panic observed while plugging the UFS USB drive on FreeBSD13-CURRENT, FreeBSD 12.1-RELEASE r354233 and FreeBSD 12.1-STABLE r358121 Product: Base System Version: CURRENT Hardware: Any OS: Any Status: New Severity: Affects Only Me Priority: --- Component: kern Assignee: bugs@FreeBSD.org Reporter: neerajpal09@gmail.com Created attachment 211868 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=3D211868&action= =3Dedit Contains PoC UFS image and detailed logs includes 13-current, 12.1-release = and 12.1-stable Hi there, Kernel Panic is observed while attaching the usb drive which contains malic= ious UFS filesystem image. No user authentication and interaction is needed. Just flash the attached UFS image to usb drive and plug the usb drive to FreeBSD 13-CURRENT, 12.1-RELEASE, or 12.1-STABLE. [Kernel Log - FreeBSD 13-CURRENT (UAF)] freebsd dumped core - see /var/crash/vmcore.2 Fri Feb 21 07:01:11 UTC 2020 FreeBSD freebsd 13.0-CURRENT FreeBSD 13.0-CURRENT #3: Thu Feb 20 03:35:37 UTC 2020 root@freebsd:/usr/obj/usr/src/amd64.amd64/sys/GENERIC amd64 panic: Most recently used by GEOM GNU gdb (GDB) 8.3.1 [GDB v8.3.1 for FreeBSD] Copyright (C) 2019 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.htm= l> This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "x86_64-portbld-freebsd13.0". Type "show configuration" for configuration details. For bug reporting instructions, please see: <http://www.gnu.org/software/gdb/bugs/>. Find the GDB manual and other documentation resources online at: <http://www.gnu.org/software/gdb/documentation/>. For help, type "help". Type "apropos word" to search for commands related to "word"... Reading symbols from /boot/kernel/kernel... Reading symbols from /usr/lib/debug//boot/kernel/kernel.debug... Unread portion of the kernel message buffer: Superblock check-hash failed: recorded check-hash 0x9dafc69a !=3D computed check-hash 0x7ccaabd4 (Ignored) Memory modified after free 0xfffffe003a559000(65528) val=3D4 @ 0xfffffe003a= 559000 panic: Most recently used by GEOM cpuid =3D 1 time =3D 1582268274 KDB: stack backtrace: db_trace_self_wrapper() at db_trace_self_wrapper+0x2b/frame 0xfffffe002c779= 750 vpanic() at vpanic+0x185/frame 0xfffffe002c7797b0 panic() at panic+0x43/frame 0xfffffe002c779810 mtrash_ctor() at mtrash_ctor+0x7e/frame 0xfffffe002c779830 item_ctor() at item_ctor+0x2cb/frame 0xfffffe002c779890 uma_zalloc_arg() at uma_zalloc_arg+0x144/frame 0xfffffe002c7798e0 malloc() at malloc+0x99/frame 0xfffffe002c779930 g_read_data() at g_read_data+0x82/frame 0xfffffe002c779970 g_use_g_read_data() at g_use_g_read_data+0x35/frame 0xfffffe002c779990 ffs_sbget() at ffs_sbget+0x24f/frame 0xfffffe002c779a00 g_label_ufs_taste_common() at g_label_ufs_taste_common+0x79/frame 0xfffffe002c779a40 g_label_taste() at g_label_taste+0x2ac/frame 0xfffffe002c779b50 g_new_provider_event() at g_new_provider_event+0xaa/frame 0xfffffe002c779b70 g_run_events() at g_run_events+0x176/frame 0xfffffe002c779bb0 fork_exit() at fork_exit+0x80/frame 0xfffffe002c779bf0 fork_trampoline() at fork_trampoline+0xe/frame 0xfffffe002c779bf0 --- trap 0, rip =3D 0, rsp =3D 0, rbp =3D 0 --- KDB: enter: panic Uptime: 6m11s Dumping 264 out of 4062 MB:..7%..13%..25%..31%..43%..55%..61%..73%..85%..91% [Attachments] + UFS filesystem image + detailed logs from FreeBSD 13-CURRENT, 12.1-RELEASE, and 12.1-STABLE. --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-244344-227>