From nobody Tue Aug 02 06:30:09 2022
X-Original-To: bugs@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4LxlTs42xwz4YJd0
	for <bugs@mlmmj.nyi.freebsd.org>; Tue,  2 Aug 2022 06:30:09 +0000 (UTC)
	(envelope-from bugzilla-noreply@freebsd.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4LxlTs0p19z3t3v
	for <bugs@FreeBSD.org>; Tue,  2 Aug 2022 06:30:09 +0000 (UTC)
	(envelope-from bugzilla-noreply@freebsd.org)
Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4LxlTr6qDfz12tR
	for <bugs@FreeBSD.org>; Tue,  2 Aug 2022 06:30:08 +0000 (UTC)
	(envelope-from bugzilla-noreply@freebsd.org)
Received: from kenobi.freebsd.org ([127.0.1.5])
	by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 2726U8uV043956
	for <bugs@FreeBSD.org>; Tue, 2 Aug 2022 06:30:08 GMT
	(envelope-from bugzilla-noreply@freebsd.org)
Received: (from www@localhost)
	by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 2726U8fk043955
	for bugs@FreeBSD.org; Tue, 2 Aug 2022 06:30:08 GMT
	(envelope-from bugzilla-noreply@freebsd.org)
X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f
From: bugzilla-noreply@freebsd.org
To: bugs@FreeBSD.org
Subject: [Bug 265569] [panic] Fatal trap 9: general protection fault while in
 kernel mode arc_reap
Date: Tue, 02 Aug 2022 06:30:09 +0000
X-Bugzilla-Reason: AssignedTo
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: Base System
X-Bugzilla-Component: kern
X-Bugzilla-Version: 13.1-RELEASE
X-Bugzilla-Keywords: 
X-Bugzilla-Severity: Affects Only Me
X-Bugzilla-Who: postmaster@willardstanley.com
X-Bugzilla-Status: New
X-Bugzilla-Resolution: 
X-Bugzilla-Priority: ---
X-Bugzilla-Assigned-To: bugs@FreeBSD.org
X-Bugzilla-Flags: 
X-Bugzilla-Changed-Fields: 
Message-ID: <bug-265569-227-J2QuX5GveY@https.bugs.freebsd.org/bugzilla/>
In-Reply-To: <bug-265569-227@https.bugs.freebsd.org/bugzilla/>
References: <bug-265569-227@https.bugs.freebsd.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/
Auto-Submitted: auto-generated
List-Id: Bug reports <freebsd-bugs.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-bugs
List-Help: <mailto:freebsd-bugs+help@freebsd.org>
List-Post: <mailto:freebsd-bugs@freebsd.org>
List-Subscribe: <mailto:freebsd-bugs+subscribe@freebsd.org>
List-Unsubscribe: <mailto:freebsd-bugs+unsubscribe@freebsd.org>
Sender: owner-freebsd-bugs@freebsd.org
MIME-Version: 1.0
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1659421809;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references;
	bh=QrRv8L9/Z/qfTohOKXyRTUrcKh2/LXc1sxKyvcfove8=;
	b=R1kaqpNaACOBSrst6GipcUj2KcCyzGhGdJWGIiWV/HgMTdrr39sRSCbkR5v7v2gyo9g+Dh
	z37lUqJ7IPidxAamHyCdtNoEAPptu5TpxEO3iqSv99Qr5AVjvpFx4s2JKhdLuVpkM6S8nj
	32WaEv9OI02qk3z0oUIBB/nc5CN2cS3rM/WOJDchetWRF7EHJ7kx1tpJ1neq2wjvvV2YPW
	WLdQh58OFs4SfSI/cRKoFayTMPOzBqjviu2TmxPt6FbmzpG7/Nh55JFFuWzNPRF7vGSfUK
	1KzvzSjBiFDBzASVxNBnnHEHg7TIXmHghwh9snyvqT4Cu2k1CTEZMHtiVLfICg==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1659421809; a=rsa-sha256; cv=none;
	b=R0c0vf9gs1dqVvScDfPTjFvuaWtMXPDi3r/hLDUcEoum1aqkCdvfrYcO1foB2BYIsQfuuQ
	hRvlicr8mqcHj7PjW+qZRQac8bCRpum2wvYJZvjLqoDpBmftztvTLyD50gfLlQwLnvOPVU
	9ETmMyWh5tq8Nh6SYtxjvExMSkZ5H7LzQScQaoExy8uwXarPv8QAstynERclyNMIQTogzM
	Qq/C92n+NIv4+HMtToBvuN4L02RXmH07pw38oavQbrq4w1waOtp9M+9QYLooySHHNkHVsN
	42fgyJuhy+nyK2R9W8s4dRw1cuFavulHZH2ZkS16y3VdcWfPVNJUB9gyGO3qHg==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
X-ThisMailContainsUnwantedMimeParts: N

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D265569

--- Comment #1 from Charlie Stanley <postmaster@willardstanley.com> ---
I was doing some more debugging and the call chain looks sane until the slab
address is computed. The slab pointer seems to be at an odd offset, and whe=
n I
dereference it, the data looks like garbage to my limited understanding.

(kgdb) frame 8
#8  zone_release (arg=3D0xfffffe015a7c8000, bucket=3D0xfffff80f4784e410,
cnt=3D<optimized out>) at /usr/src/sys/vm/uma_core.c:4730
4730                    slab_free_item(zone, slab, item);
(kgdb) print zone
$19 =3D (uma_zone_t) 0xfffffe015a7c8000
(kgdb) print slab
$20 =3D (uma_slab_t) 0xfffff80e00000158
(kgdb) print *zone
$21 =3D {uz_flags =3D 10551296, uz_size =3D 4096, uz_ctor =3D 0x0, uz_dtor =
=3D 0x0,
uz_smr =3D 0x0, uz_max_items =3D 0, uz_bucket_max =3D 18446744073709551615,
uz_bucket_size =3D 80, uz_bucket_size_max =3D 254, uz_sleepers =3D 0, uz_xd=
omain =3D
0xfffffe01d3cb4590, uz_keg =3D 0xfffff80005f13a80,=20
  uz_import =3D 0xffffffff80f4a370 <zone_import>, uz_release =3D 0xffffffff=
80f465e0
<zone_release>, uz_arg =3D 0xfffffe015a7c8000, uz_init =3D 0x0, uz_fini =3D=
 0x0,
uz_items =3D 0, uz_sleeps =3D 0, uz_link =3D {le_next =3D 0x0, le_prev =3D
0xfffff80005f13a90}, uz_allocs =3D 0xfffffe01d3cb45a8,=20
  uz_frees =3D 0xfffffe01d3cb45a0, uz_fails =3D 0xfffffe01d3cb4598, uz_name=
 =3D
0xfffff80005f0a180 "abd_chunk", uz_ctlname =3D 0xfffff80005f18de0 "abd_chun=
k",
uz_namecnt =3D 0, uz_bucket_size_min =3D 2, uz_reclaimers =3D 1, uz_oid =3D
0xfffff80005f07b80, uz_warning =3D 0x0, uz_ratecheck =3D {
    tv_sec =3D 0, tv_usec =3D 0}, uz_maxaction =3D {ta_link =3D {stqe_next =
=3D 0x0},
ta_pending =3D 0, ta_priority =3D 0 '\000', ta_flags =3D 0 '\000', ta_func =
=3D 0x0,
ta_context =3D 0x0}, uz_cross_lock =3D {lock_object =3D {lo_name =3D 0xffff=
ffff812a0598
"UMA Cross", lo_flags =3D 16973824,=20
      lo_data =3D 0, lo_witness =3D 0x0}, mtx_lock =3D 0}, uz_cpu =3D
0xfffffe015a7c8180}
(kgdb) print *slab
$22 =3D {us_link =3D {le_next =3D 0xda39576285989539, le_prev =3D 0x732ca6f=
15f8ff3dc},
us_freecount =3D 4147, us_flags =3D 27 '\033', us_domain =3D 120 'x', us_fr=
ee =3D
{__bits =3D 0xfffff80e00000170}}

--=20
You are receiving this mail because:
You are the assignee for the bug.=