6.3 (GENERIC.MP) #3: panic: Data modified on freelist

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

6.3 (GENERIC.MP) #3: panic: Data modified on freelist

Axel Rau
This happened 36 hours after upgrading to 6.3 and applying syspatch:

ddb{0}> dmesg
OpenBSD 6.3 (GENERIC.MP) #3: Fri May 18 00:06:26 CEST 2018
    [hidden email]:/usr/src/sys/arch/amd64/compile/GENERIC.
MP
real mem = 4264062976 (4066MB)
avail mem = 4127744000 (3936MB)
mpath0 at root
scsibus0 at mpath0: 256 targets
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 2.8 @ 0x7f98a000 (53 entries)
bios0: vendor American Megatrends Inc. version "5.6.5" date 05/19/2014
acpi0 at bios0: rev 2
acpi0: sleep states S0 S4 S5
acpi0: tables DSDT FACP FPDT MCFG WDAT UEFI APIC BDAT HPET SSDT HEST BERT ERST E
INJ
acpi0: wakeup devices PEX1(S4) PEX2(S4) PEX3(S4) PEX4(S4) EHC1(S4)
acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpimcfg0 at acpi0 addr 0xe0000000, bus 0-255
acpimadt0 at acpi0 addr 0xfee00000: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: Intel(R) Atom(TM) CPU C2358 @ 1.74GHz, 1750.32 MHz
cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,C
FLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,V
MX,EST,TM2,SSSE3,CX16,xTPR,PDCM,SSE4.1,SSE4.2,MOVBE,POPCNT,DEADLINE,AES,RDRAND,
NXE,RDTSCP,LONG,LAHF,3DNOWP,PERF,ITSC,SMEP,ERMS,SENSOR,ARAT,MELTDOWN
cpu0: 1MB 64b/line 16-way L2 cache
acpitimer0: recalibrated TSC frequency 1750002519 Hz
cpu0: smt 0, core 0, package 0
mtrr: Pentium Pro MTRR support, 8 var ranges, 88 fixed ranges
cpu0: apic clock running at 83MHz
cpu0: mwait min=64, max=64, C-substates=0.2.0.0.0.0.3, IBE
cpu1 at mainbus0: apid 2 (application processor)
cpu1: Intel(R) Atom(TM) CPU C2358 @ 1.74GHz, 1750.01 MHz
cpu1: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,C
FLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,V
MX,EST,TM2,SSSE3,CX16,xTPR,PDCM,SSE4.1,SSE4.2,MOVBE,POPCNT,DEADLINE,AES,RDRAND,
NXE,RDTSCP,LONG,LAHF,3DNOWP,PERF,ITSC,SMEP,ERMS,SENSOR,ARAT,MELTDOWN
cpu1: 1MB 64b/line 16-way L2 cache
cpu1: smt 0, core 1, package 0
ioapic0 at mainbus0: apid 2 pa 0xfec00000, version 20, 24 pins
acpihpet0 at acpi0: 14318179 Hz
acpihpet0: recalibrated TSC frequency 1750004059 Hz
acpiprt0 at acpi0: bus 0 (PCI0)
acpiprt1 at acpi0: bus 1 (PEX1)
acpiprt2 at acpi0: bus 2 (PEX2)
acpiprt3 at acpi0: bus 3 (PEX3)
acpiprt4 at acpi0: bus 4 (PEX4)
acpicpu0 at acpi0: C2(350@41 mwait.3@0x51), C1(1000@1 mwait.1), PSS
acpicpu1 at acpi0: C2(350@41 mwait.3@0x51), C1(1000@1 mwait.1), PSS
"PNP0003" at acpi0 not configured
"PNP0C33" at acpi0 not configured
cpu0: Enhanced SpeedStep 1750 MHz: speeds: 1744, 1743, 1660, 1577, 1494, 1411, 1
328, 1245, 1162 MHz
pci0 at mainbus0 bus 0
pchb0 at pci0 dev 0 function 0 vendor "Intel", unknown product 0x1f0e rev 0x02
ppb0 at pci0 dev 1 function 0 "Intel Atom C2000 PCIE" rev 0x02: msi
pci1 at ppb0 bus 1
em0 at pci1 dev 0 function 0 "Intel I210" rev 0x03: msi, address 00:60:e0:5a:75
:40
ppb1 at pci0 dev 2 function 0 "Intel Atom C2000 PCIE" rev 0x02: msi
pci2 at ppb1 bus 2
em1 at pci2 dev 0 function 0 "Intel I210" rev 0x03: msi, address 00:60:e0:5a:75
:41
ppb2 at pci0 dev 3 function 0 "Intel Atom C2000 PCIE" rev 0x02: msi
pci3 at ppb2 bus 3
ppb3 at pci0 dev 4 function 0 "Intel Atom C2000 PCIE" rev 0x02: msi
pci4 at ppb3 bus 4
vendor "Intel", unknown product 0x1f18 (class processor subclass Co-processor, r
ev 0x02) at pci0 dev 11 function 0 not configured
pchb1 at pci0 dev 14 function 0 "Intel Atom C2000 RAS" rev 0x02
"Intel Atom C2000 RCEC" rev 0x02 at pci0 dev 15 function 0 not configured
"Intel Atom C2000 SMBus" rev 0x02 at pci0 dev 19 function 0 not configured
em2 at pci0 dev 20 function 0 "Intel I354 SGMII" rev 0x03: msi, address 00:60:e
0:5a:75:42
em3 at pci0 dev 20 function 1 "Intel I354 SGMII" rev 0x03: msi, address 00:60:e
0:5a:75:43
em4 at pci0 dev 20 function 2 "Intel I354 SGMII" rev 0x03: msi, address 00:60:e
0:5a:75:44
em5 at pci0 dev 20 function 3 "Intel I354 SGMII" rev 0x03: msi, address 00:60:e
0:5a:75:45
ehci0 at pci0 dev 22 function 0 "Intel Atom C2000 USB" rev 0x02: apic 2 int 23
usb0 at ehci0: USB revision 2.0
uhub0 at usb0 configuration 1 interface 0 "Intel EHCI root hub" rev 2.00/1.00 a
ddr 1
ahci0 at pci0 dev 23 function 0 "Intel Atom C2000 AHCI" rev 0x02: msi, AHCI 1.3

scsibus1 at ahci0: 32 targets
ahci1 at pci0 dev 24 function 0 "Intel Atom C2000 AHCI" rev 0x02: msi, AHCI 1.3

ahci1: port 0: 3.0Gb/s
scsibus2 at ahci1: 32 targets
sd0 at scsibus2 targ 0 lun 0: <ATA, INTEL SSDSA2CT04, 4PC1> SCSI3 0/direct fixe
d naa.55cd2e40003e4c4f
sd0: 38166MB, 512 bytes/sector, 78165360 sectors, thin
pcib0 at pci0 dev 31 function 0 "Intel Atom C2000 PCU" rev 0x02
ichiic0 at pci0 dev 31 function 3 "Intel Atom C2000 PCU SMBus" rev 0x02: apic 2
 int 18
iic0 at ichiic0
sdtemp0 at iic0 addr 0x18: mcp98243
sdtemp1 at iic0 addr 0x19: mcp98243
spdmem0 at iic0 addr 0x50: 2GB DDR3 SDRAM ECC PC3-12800 with thermal sensor
spdmem1 at iic0 addr 0x51: 2GB DDR3 SDRAM ECC PC3-12800 with thermal sensor
isa0 at pcib0
isadma0 at isa0
com0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo
com0: console
com1 at isa0 port 0x2f8/8 irq 3: ns16550a, 16 byte fifo
pckbc0 at isa0 port 0x60/5 irq 1 irq 12
pckbd0 at pckbc0 (kbd slot)
wskbd0 at pckbd0 mux 1
pms0 at pckbc0 (aux slot)
wsmouse0 at pms0 mux 0
pcppi0 at isa0 port 0x61
spkr0 at pcppi0
lpt0 at isa0 port 0x378/4 irq 7
wbsio0 at isa0 port 0x2e/2: NCT5104D rev 0x52
wbsio0 port 0xa00/2 not configured
vmm0 at mainbus0: VMX/EPT
uhub1 at uhub0 port 1 configuration 1 interface 0 "Intel product 0x07db" rev 2.
00/0.02 addr 2
vscsi0 at root
scsibus3 at vscsi0: 256 targets
softraid0 at root
scsibus4 at softraid0: 256 targets
root on sd0a (ba26539e367c2c0f.a) swap on sd0b dump on sd0b
<2>carp3: state transition: BACKUP -> MASTER
<2>carp0: state transition: BACKUP -> MASTER
<2>carp1: state transition: BACKUP -> MASTER
<2>carp2: state transition: BACKUP -> MASTER
panic: Data modified on freelist: word 4 of object 0xffff800001212000 size 0x10
00 previous type free (0x0 != 0xdead4110)

Stopped at      db_enter+0x5:   popq    %rbp
    TID    PID    UID     PRFLAGS     PFLAGS  CPU  COMMAND
* 97319  59066      0    0x101004          0    0K sh
  89954  65841      0         0x2          0    1  tcpdump
db_enter() at db_enter+0x5
panic() at panic+0x129
malloc(8,ffff800021ec6bc0,ffff800021ec6cb0) at malloc+0x6e8
vmcmd_randomize(ffff800021ec6cdc,ffff800021ec6bc0) at vmcmd_randomize+0x44
exec_process_vmcmds(1530,5) at exec_process_vmcmds+0x6c
sys_execve(3b0,ffff8000ffff9cf8,0) at sys_execve+0x726
syscall() at syscall+0x279
--- syscall (number 59) ---
end of kernel
end trace frame: 0x7f7ffffde400, count: 8
0x1be436240c9a:
https://www.openbsd.org/ddb.html describes the minimum info required in bug
reports.  Insufficient info makes it difficult to find and fix bugs.

ddb{0}> bt
db_enter() at db_enter+0x5
panic() at panic+0x129
malloc(8,ffff800021ec6bc0,ffff800021ec6cb0) at malloc+0x6e8
vmcmd_randomize(ffff800021ec6cdc,ffff800021ec6bc0) at vmcmd_randomize+0x44
exec_process_vmcmds(1530,5) at exec_process_vmcmds+0x6c
sys_execve(3b0,ffff8000ffff9cf8,0) at sys_execve+0x726
syscall() at syscall+0x279
--- syscall (number 59) ---
end of kernel
end trace frame: 0x7f7ffffde400, count: -7
0x1be436240c9a:
ddb{0}> ps
   PID     TID   PPID    UID  S       FLAGS  WAIT          COMMAND
*59066   97319  56832      0  7    0x101004                sh
 65841   89954  56832      0  7         0x2                tcpdump
 56832  206888  12862      0  3    0x10008a  pause         sh
 12862   53970  30440      0  3    0x10008a  pause         sh
 30440   36952  48318      0  3    0x100090  piperd        cron
  5616  175171  86106     51  3    0x1000b2  poll          ping
 86106  395923  11823      0  3    0x10008a  pause         sh
 37730   99489      1     51  3    0x1000b2  poll          ping
 59416  390881      1     92  3    0x100090  kqread        rtadvd
 14676  492331      1      0  3    0x100083  ttyin         getty
 48318   63563      1      0  3    0x100098  poll          cron
 91516  457177      1      0  3        0x90  select        bacula-fd
 91516  310271      1      0  3   0x4000090  fsleep        bacula-fd
 54859  274529      1     99  3    0x100090  poll          sndiod
 65695  520661      1    110  3    0x100090  poll          sndiod
 31890  274960      1    109  3        0x90  kqread        ftp-proxy
 44306  365794  98048     95  3    0x100092  kqread        smtpd
 79096  371769  98048    103  3    0x100092  kqread        smtpd
 27669   22273  98048     95  3    0x100092  kqread        smtpd
 38790  522981  98048     95  3    0x100092  kqread        smtpd
 42136  280886  98048     95  3    0x100092  kqread        smtpd
 44115  276789  98048     95  3    0x100092  kqread        smtpd
 98048  351117      1      0  3    0x100080  kqread        smtpd
 50911  339551      1     77  3    0x100090  poll          dhcpd
 11823  488868      1      0  3    0x100080  kqread        ifstated
 42087  303720      1      0  3        0x80  select        sshd
 71976  270048  23264     68  3        0x90  select        sasyncd
 23264  390517      1      0  3        0x80  select        sasyncd
 70363   40542  95557     68  3        0x90  select        isakmpd
 95557  313982      1      0  3        0x80  netio         isakmpd
 85604  387833      1      0  3    0x100080  poll          ntpd
 51551  391890  41190     83  3    0x100092  poll          ntpd
 41190  252827      1     83  3    0x100092  poll          ntpd
 79516  183228  98199     74  3    0x100092  bpf           pflogd
 98199  156524      1      0  3        0x80  netio         pflogd
 43487  457117  82813     73  3    0x100090  kqread        syslogd
 82813  407999      1      0  3    0x100082  netio         syslogd
 67161   34078  97116    115  3    0x100092  kqread        slaacd
 13646   51354  97116    115  3    0x100092  kqread        slaacd
 97116   70527      1      0  3        0x80  kqread        slaacd
 39981  208752      0      0  2     0x14200                zerothread
  7179  154952      0      0  3     0x14200  aiodoned      aiodoned
 60237  345932      0      0  3     0x14200  syncer        update
 54168  156334      0      0  3     0x14200  cleaner       cleaner
 30821   44166      0      0  3     0x14200  reaper        reaper
 27269  202389      0      0  3     0x14200  pgdaemon      pagedaemon
 48329  519243      0      0  3     0x14200  bored         crynlk
 61566  358639      0      0  3     0x14200  bored         crypto
 53804  499616      0      0  3     0x14200  usbtsk        usbtask
 52213  486933      0      0  3     0x14200  usbatsk       usbatsk
 90927  172830      0      0  3  0x40014200  acpi0         acpi0
 19858  206654      0      0  3  0x40014200                idle1
 36628  301582      0      0  3     0x14200  bored         sensors
 72764  369891      0      0  3     0x14200  bored         softnet
 14699   59478      0      0  3     0x14200  bored         systqmp
 41502  356361      0      0  3     0x14200  bored         systq
 74638  287044      0      0  3  0x40014200  bored         softclock
 37937  295470      0      0  3  0x40014200                idle0
     1  316629      0      0  3        0x82  wait          init
     0       0     -1      0  3     0x10200  scheduler     swapper

Thanks, Axel
---
PGP-Key:29E99DD6  ☀  computing @ chaos claudius