kern/55251: use of ZFS may trigger kernel memory corruption (KASAN error)

To: kern-bug-people%netbsd.org@localhost,gnats-admin%netbsd.org@localhost,netbsd-bugs%netbsd.org@localhost
Subject: kern/55251: use of ZFS may trigger kernel memory corruption (KASAN error)
From: clare%csel.org@localhost
Date: Sun, 10 May 2020 05:20:01 +0000 (UTC)

>Number:         55251
>Category:       kern
>Synopsis:       use of ZFS may trigger kernel memory corruption (KASAN error)
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    kern-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Sun May 10 05:20:01 +0000 2020
>Originator:     Shinichi Doyashiki
>Release:        NetBSD 9.99.59
>Organization:
	at home
>Environment:
System: NetBSD yuzuki.nas.csel.org 9.99.59 NetBSD 9.99.59 (YUZUKI2_KASAN) #0: Tue May 5 19:13:50 JST 2020 clare%yuzuki.nas.csel.org@localhost:/export/netbsd/stage/hack/src/sys/arch/amd64/compile/YUZUKI2_KASAN amd64
Architecture: x86_64
Machine: amd64
>Description:
	I got a error report from the KASAN while ZFS load testing.
	(the ZFS module itself was not compiled with the KASAN option
	at the time, how to enable it?)

[ 403635.376449] panic: ASan: Unauthorized Access In 0xffffffff80fbb04f: Addr 0xffffc90012f16a18 [8 bytes, read, PoolUseAfterFree]

[ 403635.376449] cpu0: Begin traceback...
[ 403635.386461] vpanic() at netbsd:vpanic+0x1f3
[ 403635.396466] snprintf() at netbsd:snprintf
[ 403635.416470] kasan_report() at netbsd:kasan_report+0x9c
[ 403635.426476] __asan_load8() at netbsd:__asan_load8+0x294
[ 403635.446481] mutex_oncpu() at netbsd:mutex_oncpu+0x25
[ 403635.456491] mutex_vector_enter() at netbsd:mutex_vector_enter+0xeb
[ 403635.466491] pool_put() at netbsd:pool_put+0x81
[ 403635.486499] pathbuf_destroy() at netbsd:pathbuf_destroy+0x57
[ 403635.496505] do_sys_openat() at netbsd:do_sys_openat+0x191
[ 403635.516516] sys_open() at netbsd:sys_open+0xaf
[ 403635.526518] syscall() at netbsd:syscall+0x4e8
[ 403635.536522] --- syscall (number 5) ---
[ 403635.536522] 6f8748a42cca:
[ 403635.536522] cpu0: End traceback...


>How-To-Repeat:
	create a zpool. (I chosen RAIDZ configuration and added a slog
	device, not yet narrowed down)
	# zpool create zpool raidz wd2 wd3 wd4 wd5
	# zpool add zpool log dk1

	run load test like "build.sh -j4" few days on the pool created.


>Fix:
	unknown.

Prev by Date: NetBSD Nightly Trouble Ticket Report
Next by Date: Re: kern/55229: cond_timedwait_race now fails randomly on real hardware
Previous by Thread: Re: lib/55249 (lib/libi386/t_user_ldt tests failing since inception)
Next by Thread: Re: kern/55229 (cond_timedwait_race now fails randomly on real hardware)
Indexes:

Home | Main Index | Thread Index | Old Index