Bug 278319 - filemon(4) panics with KASAN enabled
Summary: filemon(4) panics with KASAN enabled
Status: Closed FIXED
Alias: None
Product: Base System
Classification: Unclassified
Component: kern (show other bugs)
Version: CURRENT
Hardware: Any Any
: --- Affects Some People
Assignee: freebsd-bugs (Nobody)
URL:
Keywords: crash
Depends on:
Blocks:
 
Reported: 2024-04-12 01:46 UTC by Christos Margiolis
Modified: 2024-04-21 16:51 UTC (History)
3 users (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Christos Margiolis freebsd_committer freebsd_triage 2024-04-12 01:46:19 UTC 
To reproduce, just start a buildkernel/buildworld with WITH_META_MODE and KASAN enabled. According to markj@, this might be a false-positive due to LLVM.

FreeBSD clang version 17.0.6 (https://github.com/llvm/llvm-project.git llvmorg-17.0.6-0-g6009708b4367)

panic: ASan: Invalid access, 8-byte write at 0xfffffe00457d2760, UseAfterScope(f8)
cpuid = 0
time = 1712697087
KDB: stack backtrace:
db_trace_self_wrapper() at db_trace_self_wrapper+0xa5/frame 0xfffffe00457d2290
kdb_backtrace() at kdb_backtrace+0xc6/frame 0xfffffe00457d23f0
vpanic() at vpanic+0x210/frame 0xfffffe00457d2590
panic() at panic+0xb5/frame 0xfffffe00457d2650
kasan_code_name() at kasan_code_name/frame 0xfffffe00457d2720
devfs_get_cdevpriv() at devfs_get_cdevpriv+0x52/frame 0xfffffe00457d2740
filemon_ioctl() at filemon_ioctl+0x23/frame 0xfffffe00457d2790
devfs_ioctl() at devfs_ioctl+0x1f6/frame 0xfffffe00457d2870
vn_ioctl() at vn_ioctl+0x235/frame 0xfffffe00457d2a80
devfs_ioctl_f() at devfs_ioctl_f+0x6c/frame 0xfffffe00457d2ad0
kern_ioctl() at kern_ioctl+0x3a1/frame 0xfffffe00457d2bb0
sys_ioctl() at sys_ioctl+0x247/frame 0xfffffe00457d2d10
amd64_syscall() at amd64_syscall+0x365/frame 0xfffffe00457d2f30
fast_syscall_common() at fast_syscall_common+0xf8/frame 0xfffffe00457d2f30
--- syscall (54, FreeBSD ELF64, ioctl), rip = 0xb5e318e48fa, rsp = 0xb5e2f280d78, rbp = 0xb5e2f280da0 ---
KDB: enter: panic
[ thread pid 3131 tid 100193 ]
Stopped at      kdb_enter+0x34: movq    $0,0x1ef4261(%rip)
db>
Comment 1 Ka Ho Ng freebsd_committer freebsd_triage 2024-04-19 19:27:09 UTC 
Hi christos@, please check if https://reviews.freebsd.org/rG68a3a7fc94833020403190c20bd9be186c6156ce solves the problem.

Ka Ho
Comment 2 Christos Margiolis freebsd_committer freebsd_triage 2024-04-21 16:51:33 UTC 
Thank you.