ZFS panic

From: Oliver Pinter <oliver.pinter_at_hardenedbsd.org>
Date: Thu, 17 Sep 2015 14:52:23 +0200
Hi All!

We got this panic on modified FreeBSD (we not touched the ZFS part).

panic: solaris assert: error || lr->lr_length <= zp->z_blksz, file:
/usr/src/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vnops.c,
line: 1355
cpuid = 6
KDB: stack backtrace:
#0 0xffffffff80639527 at kdb_backtrace+0x67
#1 0xffffffff805fd509 at vpanic+0x189
#2 0xffffffff805fd593 at panic+0x43
#3 0xffffffff802ce3aa at assfail+0x1a
#4 0xffffffff8039c391 at zfs_get_data+0x391
#5 0xffffffff803afeac at zil_commit+0x94c
#6 0xffffffff803a39d8 at zfs_freebsd_fsync+0xc8
#7 0xffffffff8089a8a7 at VOP_FSYNC_APV+0xf7
#8 0xffffffff806afc40 at sys_fsync+0x170
#9 0xffffffff808311bc at amd64_syscall+0x2bc
#10 0xffffffff8081285b at Xfast_syscall+0xfb
Uptime: 7d5h19m13s
Dumping 8207 out of 32742 MB:..1%..11%..21%..31%..41%..51%..61%..71%..81%..91%
Dump complete
Automatic reboot in 15 seconds - press a key on the console to abort
Rebooting...
cpu_reset: Restarting BSP
cpu_reset_proxy: Stopped CPU 6


(kgdb) bt
#0  doadump (textdump=<value optimized out>) at pcpu.h:221
#1  0xffffffff805fcf70 in kern_reboot (howto=260) at
/usr/src/sys/kern/kern_shutdown.c:329
#2  0xffffffff805fd548 in vpanic (fmt=<value optimized out>, ap=<value
optimized out>) at /usr/src/sys/kern/kern_shutdown.c:626
#3  0xffffffff805fd593 in panic (fmt=0x0) at
/usr/src/sys/kern/kern_shutdown.c:557
#4  0xffffffff802ce3aa in assfail (a=<value optimized out>, f=<value
optimized out>, l=<value optimized out>) at
/usr/src/sys/cddl/compat/opensolaris/kern/opensolaris_cmn_err.c:81
#5  0xffffffff8039c391 in zfs_get_data (arg=<value optimized out>,
lr=<value optimized out>, buf=<value optimized out>,
zio=0xfffff8019eeb1760) at
/usr/src/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vnops.c:1355
#6  0xffffffff803afeac in zil_commit (zilog=0xfffff8001d518800,
foid=<value optimized out>) at
/usr/src/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zil.c:1107
#7  0xffffffff803a39d8 in zfs_freebsd_fsync (ap=<value optimized out>)
at /usr/src/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vnops.c:2797
#8  0xffffffff8089a8a7 in VOP_FSYNC_APV (vop=<value optimized out>,
a=<value optimized out>) at vnode_if.c:1328
#9  0xffffffff806afc40 in sys_fsync (td=0xfffff8001d0429c0, uap=<value
optimized out>) at vnode_if.h:549
#10 0xffffffff808311bc in amd64_syscall (td=0xfffff8001d0429c0,
traced=0) at subr_syscall.c:139
#11 0xffffffff8081285b in Xfast_syscall () at
/usr/src/sys/amd64/amd64/exception.S:394
#12 0x000000000058d23a in ?? ()
Previous frame inner to this frame (corrupt stack?)
Current language:  auto; currently minimal
(kgdb) f 5
#5  0xffffffff8039c391 in zfs_get_data (arg=<value optimized out>,
lr=<value optimized out>, buf=<value optimized out>,
zio=0xfffff8019eeb1760) at
/usr/src/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vnops.c:1355
1355                            ASSERT(error || lr->lr_length <= zp->z_blksz);
(kgdb) l
1350                            ASSERT(db->db_offset == offset);
1351                            ASSERT(db->db_size == size);
1352
1353                            error = dmu_sync(zio, lr->lr_common.lrc_txg,
1354                                zfs_get_done, zgd);
1355                            ASSERT(error || lr->lr_length <= zp->z_blksz);
1356
1357                            /*
1358                             * On success, we need to wait for the write I/O
1359                             * initiated by dmu_sync() to complete
before we can
(kgdb) p *lr
Cannot access memory at address 0xa5a5a5a5a5a5a5a5
(kgdb) p *zp
Cannot access memory at address 0xa5a5a5a5a5a5a5a5
(kgdb)


Undefined info command: "regs".  Try "help info".
(kgdb) info registers
rax            0x0      0
rbx            0xfffff804aab14e00       -8776049406464
rcx            0x0      0
rdx            0x0      0
rsi            0x0      0
rdi            0x0      0
rbp            0xfffffe085f78e8f0       0xfffffe085f78e8f0
rsp            0xfffffe085f78e890       0xfffffe085f78e890
r8             0x0      0
r9             0x0      0
r10            0x0      0
r11            0x0      0
r12            0x0      0
r13            0xfffffe034cecd0b8       -2184847765320
r14            0x20000  131072
r15            0x0      0
rip            0xffffffff8039c391       0xffffffff8039c391 <zfs_get_data+913>
eflags         0x0      0
cs             0x0      0
ss             0x0      0
ds             0x0      0
es             0x0      0
fs             0x0      0
gs             0x0      0

[...]
ffffffff8039c2f9:       48 8b 7d b0             mov    -0x50(%rbp),%rdi
ffffffff8039c2fd:       48 89 d9                mov    %rbx,%rcx
ffffffff8039c300:       e8 db 50 f6 ff          callq
ffffffff803013e0 <dmu_sync>
ffffffff8039c305:       41 89 c4                mov    %eax,%r12d
ffffffff8039c308:       41 83 fc 25             cmp    $0x25,%r12d
ffffffff8039c30c:       75 53                   jne
ffffffff8039c361 <zfs_get_data+0x361>
ffffffff8039c30e:       49 c7 45 00 14 00 00    movq   $0x14,0x0(%r13)
ffffffff8039c315:       00
ffffffff8039c316:       45 31 e4                xor    %r12d,%r12d
ffffffff8039c319:       eb 29                   jmp
ffffffff8039c344 <zfs_get_data+0x344>
ffffffff8039c31b:       48 8b 3c 25 38 a4 c1    mov    0xffffffff80c1a438,%rdi
ffffffff8039c322:       80
ffffffff8039c323:       41 bc 02 00 00 00       mov    $0x2,%r12d
ffffffff8039c329:       48 85 ff                test   %rdi,%rdi
ffffffff8039c32c:       74 16                   je
ffffffff8039c344 <zfs_get_data+0x344>
ffffffff8039c32e:       be 02 00 00 00          mov    $0x2,%esi
ffffffff8039c333:       31 d2                   xor    %edx,%edx
ffffffff8039c335:       31 c9                   xor    %ecx,%ecx
ffffffff8039c337:       45 31 c0                xor    %r8d,%r8d
ffffffff8039c33a:       45 31 c9                xor    %r9d,%r9d
ffffffff8039c33d:       ff 14 25 78 9a c6 80    callq  *0xffffffff80c69a78
ffffffff8039c344:       48 89 df                mov    %rbx,%rdi
ffffffff8039c347:       44 89 e6                mov    %r12d,%esi
ffffffff8039c34a:       e8 f1 fb ff ff          callq
ffffffff8039bf40 <zfs_get_done>
ffffffff8039c34f:       44 89 e0                mov    %r12d,%eax
ffffffff8039c352:       48 83 c4 38             add    $0x38,%rsp
ffffffff8039c356:       5b                      pop    %rbx
ffffffff8039c357:       41 5c                   pop    %r12
ffffffff8039c359:       41 5d                   pop    %r13
ffffffff8039c35b:       41 5e                   pop    %r14
ffffffff8039c35d:       41 5f                   pop    %r15
ffffffff8039c35f:       5d                      pop    %rbp
ffffffff8039c360:       c3                      retq
ffffffff8039c361:       45 85 e4                test   %r12d,%r12d
ffffffff8039c364:       75 de                   jne
ffffffff8039c344 <zfs_get_data+0x344>
ffffffff8039c366:       48 8b 45 d0             mov    -0x30(%rbp),%rax
ffffffff8039c36a:       8b 80 cc 00 00 00       mov    0xcc(%rax),%eax
ffffffff8039c370:       45 31 e4                xor    %r12d,%r12d
ffffffff8039c373:       49 39 45 30             cmp    %rax,0x30(%r13)
ffffffff8039c377:       76 d6                   jbe
ffffffff8039c34f <zfs_get_data+0x34f>
ffffffff8039c379:       48 c7 c7 60 d5 91 80    mov    $0xffffffff8091d560,%rdi
ffffffff8039c380:       48 c7 c6 f0 d4 91 80    mov    $0xffffffff8091d4f0,%rsi
ffffffff8039c387:       ba 4b 05 00 00          mov    $0x54b,%edx
ffffffff8039c38c:       e8 ff 1f f3 ff          callq
ffffffff802ce390 <assfail>
ffffffff8039c391:       eb bc                   jmp
ffffffff8039c34f <zfs_get_data+0x34f>
ffffffff8039c393:       66 66 66 66 2e 0f 1f    nopw   %cs:0x0(%rax,%rax,1)
ffffffff8039c39a:       84 00 00 00 00 00

If you need more details, then please ping me, I have a core dump from
the crash.
Received on Thu Sep 17 2015 - 10:52:27 UTC

This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:40:59 UTC