Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 1 Oct 2015 21:39:14 +0200
From:      Oliver Pinter <oliver.pinter@hardenedbsd.org>
To:        current@freebsd.org
Cc:        jmg@freebsd.org, avg@freebsd.org, swills@freebsd.org
Subject:   Re: ZFS panic
Message-ID:  <CAPQ4ffsBwhhZftqGEHOc_qPbnk_LZgKV0H0DkmG8YfQ6PV1H4g@mail.gmail.com>
In-Reply-To: <CAPQ4ffum0FwBXugFLHPujDUnZ0Vh5xEb8eU4sVemAOpRXhzKbQ@mail.gmail.com>
References:  <CAPQ4ffum0FwBXugFLHPujDUnZ0Vh5xEb8eU4sVemAOpRXhzKbQ@mail.gmail.com>

next in thread | previous in thread | raw e-mail | index | archive | help
CC+= swills

On 9/17/15, Oliver Pinter <oliver.pinter@hardenedbsd.org> wrote:
> Hi All!
>
> We got this panic on modified FreeBSD (we not touched the ZFS part).
>
> panic: solaris assert: error || lr->lr_length <= zp->z_blksz, file:
> /usr/src/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vnops.c,
> line: 1355
> cpuid = 6
> KDB: stack backtrace:
> #0 0xffffffff80639527 at kdb_backtrace+0x67
> #1 0xffffffff805fd509 at vpanic+0x189
> #2 0xffffffff805fd593 at panic+0x43
> #3 0xffffffff802ce3aa at assfail+0x1a
> #4 0xffffffff8039c391 at zfs_get_data+0x391
> #5 0xffffffff803afeac at zil_commit+0x94c
> #6 0xffffffff803a39d8 at zfs_freebsd_fsync+0xc8
> #7 0xffffffff8089a8a7 at VOP_FSYNC_APV+0xf7
> #8 0xffffffff806afc40 at sys_fsync+0x170
> #9 0xffffffff808311bc at amd64_syscall+0x2bc
> #10 0xffffffff8081285b at Xfast_syscall+0xfb
> Uptime: 7d5h19m13s
> Dumping 8207 out of 32742
> MB:..1%..11%..21%..31%..41%..51%..61%..71%..81%..91%
> Dump complete
> Automatic reboot in 15 seconds - press a key on the console to abort
> Rebooting...
> cpu_reset: Restarting BSP
> cpu_reset_proxy: Stopped CPU 6
>
>
> (kgdb) bt
> #0  doadump (textdump=<value optimized out>) at pcpu.h:221
> #1  0xffffffff805fcf70 in kern_reboot (howto=260) at
> /usr/src/sys/kern/kern_shutdown.c:329
> #2  0xffffffff805fd548 in vpanic (fmt=<value optimized out>, ap=<value
> optimized out>) at /usr/src/sys/kern/kern_shutdown.c:626
> #3  0xffffffff805fd593 in panic (fmt=0x0) at
> /usr/src/sys/kern/kern_shutdown.c:557
> #4  0xffffffff802ce3aa in assfail (a=<value optimized out>, f=<value
> optimized out>, l=<value optimized out>) at
> /usr/src/sys/cddl/compat/opensolaris/kern/opensolaris_cmn_err.c:81
> #5  0xffffffff8039c391 in zfs_get_data (arg=<value optimized out>,
> lr=<value optimized out>, buf=<value optimized out>,
> zio=0xfffff8019eeb1760) at
> /usr/src/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vnops.c:1355
> #6  0xffffffff803afeac in zil_commit (zilog=0xfffff8001d518800,
> foid=<value optimized out>) at
> /usr/src/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zil.c:1107
> #7  0xffffffff803a39d8 in zfs_freebsd_fsync (ap=<value optimized out>)
> at /usr/src/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vnops.c:2797
> #8  0xffffffff8089a8a7 in VOP_FSYNC_APV (vop=<value optimized out>,
> a=<value optimized out>) at vnode_if.c:1328
> #9  0xffffffff806afc40 in sys_fsync (td=0xfffff8001d0429c0, uap=<value
> optimized out>) at vnode_if.h:549
> #10 0xffffffff808311bc in amd64_syscall (td=0xfffff8001d0429c0,
> traced=0) at subr_syscall.c:139
> #11 0xffffffff8081285b in Xfast_syscall () at
> /usr/src/sys/amd64/amd64/exception.S:394
> #12 0x000000000058d23a in ?? ()
> Previous frame inner to this frame (corrupt stack?)
> Current language:  auto; currently minimal
> (kgdb) f 5
> #5  0xffffffff8039c391 in zfs_get_data (arg=<value optimized out>,
> lr=<value optimized out>, buf=<value optimized out>,
> zio=0xfffff8019eeb1760) at
> /usr/src/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vnops.c:1355
> 1355                            ASSERT(error || lr->lr_length <=
> zp->z_blksz);
> (kgdb) l
> 1350                            ASSERT(db->db_offset == offset);
> 1351                            ASSERT(db->db_size == size);
> 1352
> 1353                            error = dmu_sync(zio,
> lr->lr_common.lrc_txg,
> 1354                                zfs_get_done, zgd);
> 1355                            ASSERT(error || lr->lr_length <=
> zp->z_blksz);
> 1356
> 1357                            /*
> 1358                             * On success, we need to wait for the write
> I/O
> 1359                             * initiated by dmu_sync() to complete
> before we can
> (kgdb) p *lr
> Cannot access memory at address 0xa5a5a5a5a5a5a5a5
> (kgdb) p *zp
> Cannot access memory at address 0xa5a5a5a5a5a5a5a5
> (kgdb)
>
>
> Undefined info command: "regs".  Try "help info".
> (kgdb) info registers
> rax            0x0      0
> rbx            0xfffff804aab14e00       -8776049406464
> rcx            0x0      0
> rdx            0x0      0
> rsi            0x0      0
> rdi            0x0      0
> rbp            0xfffffe085f78e8f0       0xfffffe085f78e8f0
> rsp            0xfffffe085f78e890       0xfffffe085f78e890
> r8             0x0      0
> r9             0x0      0
> r10            0x0      0
> r11            0x0      0
> r12            0x0      0
> r13            0xfffffe034cecd0b8       -2184847765320
> r14            0x20000  131072
> r15            0x0      0
> rip            0xffffffff8039c391       0xffffffff8039c391
> <zfs_get_data+913>
> eflags         0x0      0
> cs             0x0      0
> ss             0x0      0
> ds             0x0      0
> es             0x0      0
> fs             0x0      0
> gs             0x0      0
>
> [...]
> ffffffff8039c2f9:       48 8b 7d b0             mov    -0x50(%rbp),%rdi
> ffffffff8039c2fd:       48 89 d9                mov    %rbx,%rcx
> ffffffff8039c300:       e8 db 50 f6 ff          callq
> ffffffff803013e0 <dmu_sync>
> ffffffff8039c305:       41 89 c4                mov    %eax,%r12d
> ffffffff8039c308:       41 83 fc 25             cmp    $0x25,%r12d
> ffffffff8039c30c:       75 53                   jne
> ffffffff8039c361 <zfs_get_data+0x361>
> ffffffff8039c30e:       49 c7 45 00 14 00 00    movq   $0x14,0x0(%r13)
> ffffffff8039c315:       00
> ffffffff8039c316:       45 31 e4                xor    %r12d,%r12d
> ffffffff8039c319:       eb 29                   jmp
> ffffffff8039c344 <zfs_get_data+0x344>
> ffffffff8039c31b:       48 8b 3c 25 38 a4 c1    mov
> 0xffffffff80c1a438,%rdi
> ffffffff8039c322:       80
> ffffffff8039c323:       41 bc 02 00 00 00       mov    $0x2,%r12d
> ffffffff8039c329:       48 85 ff                test   %rdi,%rdi
> ffffffff8039c32c:       74 16                   je
> ffffffff8039c344 <zfs_get_data+0x344>
> ffffffff8039c32e:       be 02 00 00 00          mov    $0x2,%esi
> ffffffff8039c333:       31 d2                   xor    %edx,%edx
> ffffffff8039c335:       31 c9                   xor    %ecx,%ecx
> ffffffff8039c337:       45 31 c0                xor    %r8d,%r8d
> ffffffff8039c33a:       45 31 c9                xor    %r9d,%r9d
> ffffffff8039c33d:       ff 14 25 78 9a c6 80    callq  *0xffffffff80c69a78
> ffffffff8039c344:       48 89 df                mov    %rbx,%rdi
> ffffffff8039c347:       44 89 e6                mov    %r12d,%esi
> ffffffff8039c34a:       e8 f1 fb ff ff          callq
> ffffffff8039bf40 <zfs_get_done>
> ffffffff8039c34f:       44 89 e0                mov    %r12d,%eax
> ffffffff8039c352:       48 83 c4 38             add    $0x38,%rsp
> ffffffff8039c356:       5b                      pop    %rbx
> ffffffff8039c357:       41 5c                   pop    %r12
> ffffffff8039c359:       41 5d                   pop    %r13
> ffffffff8039c35b:       41 5e                   pop    %r14
> ffffffff8039c35d:       41 5f                   pop    %r15
> ffffffff8039c35f:       5d                      pop    %rbp
> ffffffff8039c360:       c3                      retq
> ffffffff8039c361:       45 85 e4                test   %r12d,%r12d
> ffffffff8039c364:       75 de                   jne
> ffffffff8039c344 <zfs_get_data+0x344>
> ffffffff8039c366:       48 8b 45 d0             mov    -0x30(%rbp),%rax
> ffffffff8039c36a:       8b 80 cc 00 00 00       mov    0xcc(%rax),%eax
> ffffffff8039c370:       45 31 e4                xor    %r12d,%r12d
> ffffffff8039c373:       49 39 45 30             cmp    %rax,0x30(%r13)
> ffffffff8039c377:       76 d6                   jbe
> ffffffff8039c34f <zfs_get_data+0x34f>
> ffffffff8039c379:       48 c7 c7 60 d5 91 80    mov
> $0xffffffff8091d560,%rdi
> ffffffff8039c380:       48 c7 c6 f0 d4 91 80    mov
> $0xffffffff8091d4f0,%rsi
> ffffffff8039c387:       ba 4b 05 00 00          mov    $0x54b,%edx
> ffffffff8039c38c:       e8 ff 1f f3 ff          callq
> ffffffff802ce390 <assfail>
> ffffffff8039c391:       eb bc                   jmp
> ffffffff8039c34f <zfs_get_data+0x34f>
> ffffffff8039c393:       66 66 66 66 2e 0f 1f    nopw   %cs:0x0(%rax,%rax,1)
> ffffffff8039c39a:       84 00 00 00 00 00
>
> If you need more details, then please ping me, I have a core dump from
> the crash.
>



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAPQ4ffsBwhhZftqGEHOc_qPbnk_LZgKV0H0DkmG8YfQ6PV1H4g>