ZFS panic
Oliver Pinter
oliver.pinter at hardenedbsd.org
Thu Oct 1 19:39:17 UTC 2015
CC+= swills
On 9/17/15, Oliver Pinter <oliver.pinter at hardenedbsd.org> wrote:
> Hi All!
>
> We got this panic on modified FreeBSD (we not touched the ZFS part).
>
> panic: solaris assert: error || lr->lr_length <= zp->z_blksz, file:
> /usr/src/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vnops.c,
> line: 1355
> cpuid = 6
> KDB: stack backtrace:
> #0 0xffffffff80639527 at kdb_backtrace+0x67
> #1 0xffffffff805fd509 at vpanic+0x189
> #2 0xffffffff805fd593 at panic+0x43
> #3 0xffffffff802ce3aa at assfail+0x1a
> #4 0xffffffff8039c391 at zfs_get_data+0x391
> #5 0xffffffff803afeac at zil_commit+0x94c
> #6 0xffffffff803a39d8 at zfs_freebsd_fsync+0xc8
> #7 0xffffffff8089a8a7 at VOP_FSYNC_APV+0xf7
> #8 0xffffffff806afc40 at sys_fsync+0x170
> #9 0xffffffff808311bc at amd64_syscall+0x2bc
> #10 0xffffffff8081285b at Xfast_syscall+0xfb
> Uptime: 7d5h19m13s
> Dumping 8207 out of 32742
> MB:..1%..11%..21%..31%..41%..51%..61%..71%..81%..91%
> Dump complete
> Automatic reboot in 15 seconds - press a key on the console to abort
> Rebooting...
> cpu_reset: Restarting BSP
> cpu_reset_proxy: Stopped CPU 6
>
>
> (kgdb) bt
> #0 doadump (textdump=<value optimized out>) at pcpu.h:221
> #1 0xffffffff805fcf70 in kern_reboot (howto=260) at
> /usr/src/sys/kern/kern_shutdown.c:329
> #2 0xffffffff805fd548 in vpanic (fmt=<value optimized out>, ap=<value
> optimized out>) at /usr/src/sys/kern/kern_shutdown.c:626
> #3 0xffffffff805fd593 in panic (fmt=0x0) at
> /usr/src/sys/kern/kern_shutdown.c:557
> #4 0xffffffff802ce3aa in assfail (a=<value optimized out>, f=<value
> optimized out>, l=<value optimized out>) at
> /usr/src/sys/cddl/compat/opensolaris/kern/opensolaris_cmn_err.c:81
> #5 0xffffffff8039c391 in zfs_get_data (arg=<value optimized out>,
> lr=<value optimized out>, buf=<value optimized out>,
> zio=0xfffff8019eeb1760) at
> /usr/src/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vnops.c:1355
> #6 0xffffffff803afeac in zil_commit (zilog=0xfffff8001d518800,
> foid=<value optimized out>) at
> /usr/src/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zil.c:1107
> #7 0xffffffff803a39d8 in zfs_freebsd_fsync (ap=<value optimized out>)
> at /usr/src/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vnops.c:2797
> #8 0xffffffff8089a8a7 in VOP_FSYNC_APV (vop=<value optimized out>,
> a=<value optimized out>) at vnode_if.c:1328
> #9 0xffffffff806afc40 in sys_fsync (td=0xfffff8001d0429c0, uap=<value
> optimized out>) at vnode_if.h:549
> #10 0xffffffff808311bc in amd64_syscall (td=0xfffff8001d0429c0,
> traced=0) at subr_syscall.c:139
> #11 0xffffffff8081285b in Xfast_syscall () at
> /usr/src/sys/amd64/amd64/exception.S:394
> #12 0x000000000058d23a in ?? ()
> Previous frame inner to this frame (corrupt stack?)
> Current language: auto; currently minimal
> (kgdb) f 5
> #5 0xffffffff8039c391 in zfs_get_data (arg=<value optimized out>,
> lr=<value optimized out>, buf=<value optimized out>,
> zio=0xfffff8019eeb1760) at
> /usr/src/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vnops.c:1355
> 1355 ASSERT(error || lr->lr_length <=
> zp->z_blksz);
> (kgdb) l
> 1350 ASSERT(db->db_offset == offset);
> 1351 ASSERT(db->db_size == size);
> 1352
> 1353 error = dmu_sync(zio,
> lr->lr_common.lrc_txg,
> 1354 zfs_get_done, zgd);
> 1355 ASSERT(error || lr->lr_length <=
> zp->z_blksz);
> 1356
> 1357 /*
> 1358 * On success, we need to wait for the write
> I/O
> 1359 * initiated by dmu_sync() to complete
> before we can
> (kgdb) p *lr
> Cannot access memory at address 0xa5a5a5a5a5a5a5a5
> (kgdb) p *zp
> Cannot access memory at address 0xa5a5a5a5a5a5a5a5
> (kgdb)
>
>
> Undefined info command: "regs". Try "help info".
> (kgdb) info registers
> rax 0x0 0
> rbx 0xfffff804aab14e00 -8776049406464
> rcx 0x0 0
> rdx 0x0 0
> rsi 0x0 0
> rdi 0x0 0
> rbp 0xfffffe085f78e8f0 0xfffffe085f78e8f0
> rsp 0xfffffe085f78e890 0xfffffe085f78e890
> r8 0x0 0
> r9 0x0 0
> r10 0x0 0
> r11 0x0 0
> r12 0x0 0
> r13 0xfffffe034cecd0b8 -2184847765320
> r14 0x20000 131072
> r15 0x0 0
> rip 0xffffffff8039c391 0xffffffff8039c391
> <zfs_get_data+913>
> eflags 0x0 0
> cs 0x0 0
> ss 0x0 0
> ds 0x0 0
> es 0x0 0
> fs 0x0 0
> gs 0x0 0
>
> [...]
> ffffffff8039c2f9: 48 8b 7d b0 mov -0x50(%rbp),%rdi
> ffffffff8039c2fd: 48 89 d9 mov %rbx,%rcx
> ffffffff8039c300: e8 db 50 f6 ff callq
> ffffffff803013e0 <dmu_sync>
> ffffffff8039c305: 41 89 c4 mov %eax,%r12d
> ffffffff8039c308: 41 83 fc 25 cmp $0x25,%r12d
> ffffffff8039c30c: 75 53 jne
> ffffffff8039c361 <zfs_get_data+0x361>
> ffffffff8039c30e: 49 c7 45 00 14 00 00 movq $0x14,0x0(%r13)
> ffffffff8039c315: 00
> ffffffff8039c316: 45 31 e4 xor %r12d,%r12d
> ffffffff8039c319: eb 29 jmp
> ffffffff8039c344 <zfs_get_data+0x344>
> ffffffff8039c31b: 48 8b 3c 25 38 a4 c1 mov
> 0xffffffff80c1a438,%rdi
> ffffffff8039c322: 80
> ffffffff8039c323: 41 bc 02 00 00 00 mov $0x2,%r12d
> ffffffff8039c329: 48 85 ff test %rdi,%rdi
> ffffffff8039c32c: 74 16 je
> ffffffff8039c344 <zfs_get_data+0x344>
> ffffffff8039c32e: be 02 00 00 00 mov $0x2,%esi
> ffffffff8039c333: 31 d2 xor %edx,%edx
> ffffffff8039c335: 31 c9 xor %ecx,%ecx
> ffffffff8039c337: 45 31 c0 xor %r8d,%r8d
> ffffffff8039c33a: 45 31 c9 xor %r9d,%r9d
> ffffffff8039c33d: ff 14 25 78 9a c6 80 callq *0xffffffff80c69a78
> ffffffff8039c344: 48 89 df mov %rbx,%rdi
> ffffffff8039c347: 44 89 e6 mov %r12d,%esi
> ffffffff8039c34a: e8 f1 fb ff ff callq
> ffffffff8039bf40 <zfs_get_done>
> ffffffff8039c34f: 44 89 e0 mov %r12d,%eax
> ffffffff8039c352: 48 83 c4 38 add $0x38,%rsp
> ffffffff8039c356: 5b pop %rbx
> ffffffff8039c357: 41 5c pop %r12
> ffffffff8039c359: 41 5d pop %r13
> ffffffff8039c35b: 41 5e pop %r14
> ffffffff8039c35d: 41 5f pop %r15
> ffffffff8039c35f: 5d pop %rbp
> ffffffff8039c360: c3 retq
> ffffffff8039c361: 45 85 e4 test %r12d,%r12d
> ffffffff8039c364: 75 de jne
> ffffffff8039c344 <zfs_get_data+0x344>
> ffffffff8039c366: 48 8b 45 d0 mov -0x30(%rbp),%rax
> ffffffff8039c36a: 8b 80 cc 00 00 00 mov 0xcc(%rax),%eax
> ffffffff8039c370: 45 31 e4 xor %r12d,%r12d
> ffffffff8039c373: 49 39 45 30 cmp %rax,0x30(%r13)
> ffffffff8039c377: 76 d6 jbe
> ffffffff8039c34f <zfs_get_data+0x34f>
> ffffffff8039c379: 48 c7 c7 60 d5 91 80 mov
> $0xffffffff8091d560,%rdi
> ffffffff8039c380: 48 c7 c6 f0 d4 91 80 mov
> $0xffffffff8091d4f0,%rsi
> ffffffff8039c387: ba 4b 05 00 00 mov $0x54b,%edx
> ffffffff8039c38c: e8 ff 1f f3 ff callq
> ffffffff802ce390 <assfail>
> ffffffff8039c391: eb bc jmp
> ffffffff8039c34f <zfs_get_data+0x34f>
> ffffffff8039c393: 66 66 66 66 2e 0f 1f nopw %cs:0x0(%rax,%rax,1)
> ffffffff8039c39a: 84 00 00 00 00 00
>
> If you need more details, then please ping me, I have a core dump from
> the crash.
>
More information about the freebsd-current
mailing list