From owner-freebsd-current@freebsd.org  Thu Oct  1 19:39:17 2015
Return-Path: <owner-freebsd-current@freebsd.org>
Delivered-To: freebsd-current@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 48305A0D8B1
 for <freebsd-current@mailman.ysv.freebsd.org>;
 Thu,  1 Oct 2015 19:39:17 +0000 (UTC)
 (envelope-from oliver.pinter@hardenedbsd.org)
Received: from mailman.ysv.freebsd.org (mailman.ysv.freebsd.org
 [IPv6:2001:1900:2254:206a::50:5])
 by mx1.freebsd.org (Postfix) with ESMTP id 29CEB1DCA
 for <freebsd-current@freebsd.org>; Thu,  1 Oct 2015 19:39:17 +0000 (UTC)
 (envelope-from oliver.pinter@hardenedbsd.org)
Received: by mailman.ysv.freebsd.org (Postfix)
 id 28749A0D8AF; Thu,  1 Oct 2015 19:39:17 +0000 (UTC)
Delivered-To: current@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 0EDB6A0D8AB
 for <current@mailman.ysv.freebsd.org>; Thu,  1 Oct 2015 19:39:17 +0000 (UTC)
 (envelope-from oliver.pinter@hardenedbsd.org)
Received: from mail-wi0-f177.google.com (mail-wi0-f177.google.com
 [209.85.212.177])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (Client CN "smtp.gmail.com",
 Issuer "Google Internet Authority G2" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id BAECE1DC7
 for <current@freebsd.org>; Thu,  1 Oct 2015 19:39:16 +0000 (UTC)
 (envelope-from oliver.pinter@hardenedbsd.org)
Received: by wicfx3 with SMTP id fx3so5484232wic.1
 for <current@freebsd.org>; Thu, 01 Oct 2015 12:39:14 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20130820;
 h=x-gm-message-state:mime-version:in-reply-to:references:date
 :message-id:subject:from:to:cc:content-type;
 bh=RRMLNnpdoUzZ6kgrGt2NSLpUD50215X29+PA7CybRtU=;
 b=bMAOO5eVGBBV0MvouXmoE2KLorJYBI3+AUaDtvkQeqVGWCYALSd6o1VHAH55YTP9pg
 4ZBDYfTLBuXO1XcKUYwMemQqht+A4tIOWRsoi9t5qiHn1glE79PL+ujJJ2ZlicN0k152
 dOZdcvsuP32DoN15SWBteR9HTCrErZWoEZTgjv16d804hMSgkvRGB1leXrykfMtH/8K9
 dmn5SfLjuOV7HcCoR51xTAAal1PPTFQZOkpXmL78KBj+BI3wZTUko+sJqvopqeiZ+sMA
 PO/azUt/IZvPJfzH6tP6i5ggZ5FNWxnf3gogW4p7vsSUY3NO4zrIm/v+J2pOydVsecTp
 IJkg==
X-Gm-Message-State: ALoCoQnm7z4ENnxBqRpTWN2dyYfH1CNRSyoPDeDsKjB7NrUUebHc+fhosWx+0sdqKLYoLvUzj4Vf
MIME-Version: 1.0
X-Received: by 10.194.80.197 with SMTP id t5mr11798837wjx.143.1443728354694;
 Thu, 01 Oct 2015 12:39:14 -0700 (PDT)
Received: by 10.194.240.226 with HTTP; Thu, 1 Oct 2015 12:39:14 -0700 (PDT)
In-Reply-To: <CAPQ4ffum0FwBXugFLHPujDUnZ0Vh5xEb8eU4sVemAOpRXhzKbQ@mail.gmail.com>
References: <CAPQ4ffum0FwBXugFLHPujDUnZ0Vh5xEb8eU4sVemAOpRXhzKbQ@mail.gmail.com>
Date: Thu, 1 Oct 2015 21:39:14 +0200
Message-ID: <CAPQ4ffsBwhhZftqGEHOc_qPbnk_LZgKV0H0DkmG8YfQ6PV1H4g@mail.gmail.com>
Subject: Re: ZFS panic
From: Oliver Pinter <oliver.pinter@hardenedbsd.org>
To: current@freebsd.org
Cc: jmg@freebsd.org, avg@freebsd.org, swills@freebsd.org
Content-Type: text/plain; charset=UTF-8
X-BeenThere: freebsd-current@freebsd.org
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: Discussions about the use of FreeBSD-current
 <freebsd-current.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-current>, 
 <mailto:freebsd-current-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-current/>
List-Post: <mailto:freebsd-current@freebsd.org>
List-Help: <mailto:freebsd-current-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-current>, 
 <mailto:freebsd-current-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 01 Oct 2015 19:39:17 -0000

CC+= swills

On 9/17/15, Oliver Pinter <oliver.pinter@hardenedbsd.org> wrote:
> Hi All!
>
> We got this panic on modified FreeBSD (we not touched the ZFS part).
>
> panic: solaris assert: error || lr->lr_length <= zp->z_blksz, file:
> /usr/src/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vnops.c,
> line: 1355
> cpuid = 6
> KDB: stack backtrace:
> #0 0xffffffff80639527 at kdb_backtrace+0x67
> #1 0xffffffff805fd509 at vpanic+0x189
> #2 0xffffffff805fd593 at panic+0x43
> #3 0xffffffff802ce3aa at assfail+0x1a
> #4 0xffffffff8039c391 at zfs_get_data+0x391
> #5 0xffffffff803afeac at zil_commit+0x94c
> #6 0xffffffff803a39d8 at zfs_freebsd_fsync+0xc8
> #7 0xffffffff8089a8a7 at VOP_FSYNC_APV+0xf7
> #8 0xffffffff806afc40 at sys_fsync+0x170
> #9 0xffffffff808311bc at amd64_syscall+0x2bc
> #10 0xffffffff8081285b at Xfast_syscall+0xfb
> Uptime: 7d5h19m13s
> Dumping 8207 out of 32742
> MB:..1%..11%..21%..31%..41%..51%..61%..71%..81%..91%
> Dump complete
> Automatic reboot in 15 seconds - press a key on the console to abort
> Rebooting...
> cpu_reset: Restarting BSP
> cpu_reset_proxy: Stopped CPU 6
>
>
> (kgdb) bt
> #0  doadump (textdump=<value optimized out>) at pcpu.h:221
> #1  0xffffffff805fcf70 in kern_reboot (howto=260) at
> /usr/src/sys/kern/kern_shutdown.c:329
> #2  0xffffffff805fd548 in vpanic (fmt=<value optimized out>, ap=<value
> optimized out>) at /usr/src/sys/kern/kern_shutdown.c:626
> #3  0xffffffff805fd593 in panic (fmt=0x0) at
> /usr/src/sys/kern/kern_shutdown.c:557
> #4  0xffffffff802ce3aa in assfail (a=<value optimized out>, f=<value
> optimized out>, l=<value optimized out>) at
> /usr/src/sys/cddl/compat/opensolaris/kern/opensolaris_cmn_err.c:81
> #5  0xffffffff8039c391 in zfs_get_data (arg=<value optimized out>,
> lr=<value optimized out>, buf=<value optimized out>,
> zio=0xfffff8019eeb1760) at
> /usr/src/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vnops.c:1355
> #6  0xffffffff803afeac in zil_commit (zilog=0xfffff8001d518800,
> foid=<value optimized out>) at
> /usr/src/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zil.c:1107
> #7  0xffffffff803a39d8 in zfs_freebsd_fsync (ap=<value optimized out>)
> at /usr/src/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vnops.c:2797
> #8  0xffffffff8089a8a7 in VOP_FSYNC_APV (vop=<value optimized out>,
> a=<value optimized out>) at vnode_if.c:1328
> #9  0xffffffff806afc40 in sys_fsync (td=0xfffff8001d0429c0, uap=<value
> optimized out>) at vnode_if.h:549
> #10 0xffffffff808311bc in amd64_syscall (td=0xfffff8001d0429c0,
> traced=0) at subr_syscall.c:139
> #11 0xffffffff8081285b in Xfast_syscall () at
> /usr/src/sys/amd64/amd64/exception.S:394
> #12 0x000000000058d23a in ?? ()
> Previous frame inner to this frame (corrupt stack?)
> Current language:  auto; currently minimal
> (kgdb) f 5
> #5  0xffffffff8039c391 in zfs_get_data (arg=<value optimized out>,
> lr=<value optimized out>, buf=<value optimized out>,
> zio=0xfffff8019eeb1760) at
> /usr/src/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vnops.c:1355
> 1355                            ASSERT(error || lr->lr_length <=
> zp->z_blksz);
> (kgdb) l
> 1350                            ASSERT(db->db_offset == offset);
> 1351                            ASSERT(db->db_size == size);
> 1352
> 1353                            error = dmu_sync(zio,
> lr->lr_common.lrc_txg,
> 1354                                zfs_get_done, zgd);
> 1355                            ASSERT(error || lr->lr_length <=
> zp->z_blksz);
> 1356
> 1357                            /*
> 1358                             * On success, we need to wait for the write
> I/O
> 1359                             * initiated by dmu_sync() to complete
> before we can
> (kgdb) p *lr
> Cannot access memory at address 0xa5a5a5a5a5a5a5a5
> (kgdb) p *zp
> Cannot access memory at address 0xa5a5a5a5a5a5a5a5
> (kgdb)
>
>
> Undefined info command: "regs".  Try "help info".
> (kgdb) info registers
> rax            0x0      0
> rbx            0xfffff804aab14e00       -8776049406464
> rcx            0x0      0
> rdx            0x0      0
> rsi            0x0      0
> rdi            0x0      0
> rbp            0xfffffe085f78e8f0       0xfffffe085f78e8f0
> rsp            0xfffffe085f78e890       0xfffffe085f78e890
> r8             0x0      0
> r9             0x0      0
> r10            0x0      0
> r11            0x0      0
> r12            0x0      0
> r13            0xfffffe034cecd0b8       -2184847765320
> r14            0x20000  131072
> r15            0x0      0
> rip            0xffffffff8039c391       0xffffffff8039c391
> <zfs_get_data+913>
> eflags         0x0      0
> cs             0x0      0
> ss             0x0      0
> ds             0x0      0
> es             0x0      0
> fs             0x0      0
> gs             0x0      0
>
> [...]
> ffffffff8039c2f9:       48 8b 7d b0             mov    -0x50(%rbp),%rdi
> ffffffff8039c2fd:       48 89 d9                mov    %rbx,%rcx
> ffffffff8039c300:       e8 db 50 f6 ff          callq
> ffffffff803013e0 <dmu_sync>
> ffffffff8039c305:       41 89 c4                mov    %eax,%r12d
> ffffffff8039c308:       41 83 fc 25             cmp    $0x25,%r12d
> ffffffff8039c30c:       75 53                   jne
> ffffffff8039c361 <zfs_get_data+0x361>
> ffffffff8039c30e:       49 c7 45 00 14 00 00    movq   $0x14,0x0(%r13)
> ffffffff8039c315:       00
> ffffffff8039c316:       45 31 e4                xor    %r12d,%r12d
> ffffffff8039c319:       eb 29                   jmp
> ffffffff8039c344 <zfs_get_data+0x344>
> ffffffff8039c31b:       48 8b 3c 25 38 a4 c1    mov
> 0xffffffff80c1a438,%rdi
> ffffffff8039c322:       80
> ffffffff8039c323:       41 bc 02 00 00 00       mov    $0x2,%r12d
> ffffffff8039c329:       48 85 ff                test   %rdi,%rdi
> ffffffff8039c32c:       74 16                   je
> ffffffff8039c344 <zfs_get_data+0x344>
> ffffffff8039c32e:       be 02 00 00 00          mov    $0x2,%esi
> ffffffff8039c333:       31 d2                   xor    %edx,%edx
> ffffffff8039c335:       31 c9                   xor    %ecx,%ecx
> ffffffff8039c337:       45 31 c0                xor    %r8d,%r8d
> ffffffff8039c33a:       45 31 c9                xor    %r9d,%r9d
> ffffffff8039c33d:       ff 14 25 78 9a c6 80    callq  *0xffffffff80c69a78
> ffffffff8039c344:       48 89 df                mov    %rbx,%rdi
> ffffffff8039c347:       44 89 e6                mov    %r12d,%esi
> ffffffff8039c34a:       e8 f1 fb ff ff          callq
> ffffffff8039bf40 <zfs_get_done>
> ffffffff8039c34f:       44 89 e0                mov    %r12d,%eax
> ffffffff8039c352:       48 83 c4 38             add    $0x38,%rsp
> ffffffff8039c356:       5b                      pop    %rbx
> ffffffff8039c357:       41 5c                   pop    %r12
> ffffffff8039c359:       41 5d                   pop    %r13
> ffffffff8039c35b:       41 5e                   pop    %r14
> ffffffff8039c35d:       41 5f                   pop    %r15
> ffffffff8039c35f:       5d                      pop    %rbp
> ffffffff8039c360:       c3                      retq
> ffffffff8039c361:       45 85 e4                test   %r12d,%r12d
> ffffffff8039c364:       75 de                   jne
> ffffffff8039c344 <zfs_get_data+0x344>
> ffffffff8039c366:       48 8b 45 d0             mov    -0x30(%rbp),%rax
> ffffffff8039c36a:       8b 80 cc 00 00 00       mov    0xcc(%rax),%eax
> ffffffff8039c370:       45 31 e4                xor    %r12d,%r12d
> ffffffff8039c373:       49 39 45 30             cmp    %rax,0x30(%r13)
> ffffffff8039c377:       76 d6                   jbe
> ffffffff8039c34f <zfs_get_data+0x34f>
> ffffffff8039c379:       48 c7 c7 60 d5 91 80    mov
> $0xffffffff8091d560,%rdi
> ffffffff8039c380:       48 c7 c6 f0 d4 91 80    mov
> $0xffffffff8091d4f0,%rsi
> ffffffff8039c387:       ba 4b 05 00 00          mov    $0x54b,%edx
> ffffffff8039c38c:       e8 ff 1f f3 ff          callq
> ffffffff802ce390 <assfail>
> ffffffff8039c391:       eb bc                   jmp
> ffffffff8039c34f <zfs_get_data+0x34f>
> ffffffff8039c393:       66 66 66 66 2e 0f 1f    nopw   %cs:0x0(%rax,%rax,1)
> ffffffff8039c39a:       84 00 00 00 00 00
>
> If you need more details, then please ping me, I have a core dump from
> the crash.
>