NetBSD-Bugs archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
kern/57024: panic: solaris assert: arc_decompress(buf) == 0 (0x5 == 0x0), f ile: /home/riastradh/netbsd/current/src/sys/../external/cddl/osnet/dist/uts/common/fs/zfs/arc.c, line: 4962
>Number: 57024
>Category: kern
>Synopsis: panic: solaris assert: arc_decompress(buf) == 0 (0x5 == 0x0), f ile: /home/riastradh/netbsd/current/src/sys/../external/cddl/osnet/dist/uts/common/fs/zfs/arc.c, line: 4962
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: kern-bug-people
>State: open
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Sun Sep 25 07:15:00 +0000 2022
>Originator: Taylor R Campbell
>Release: current
>Organization:
The NetBSD Foundering
>Environment:
NetBSD singbulli 9.99.100 NetBSD 9.99.100 (GENERIC) #38: Fri Sep 23 17:56:58 UTC 2022 root@singbulli:/home/riastradh/netbsd/current/obj.amd64/sys/arch/amd64/compile/GENERIC amd64
>Description:
System panicked: solaris assert: arc_decompress(buf) == 0 (0x5 == 0x0), file: /home/riastradh/netbsd/current/src/sys/../external/cddl/osnet/dist/uts/common/fs/zfs/arc.c, line: 4962
Backtrace from time of crash is available.
crash> bt
vmx_insn_failinvalid() at 0
kern_reboot() at sys_reboot
vpanic() at vpanic+0x18d
panic() at printf_tolog
arc_read() at arc_read+0x9da
dbuf_read() at dbuf_read+0x1c3
dmu_buf_hold() at dmu_buf_hold+0x4e
zap_lockdir() at zap_lockdir+0x30
zap_cursor_retrieve() at zap_cursor_retrieve+0x139
zfs_readdir.constprop.0.isra.0() at zfs_readdir.constprop.0.isra.0+0x24c
VOP_READDIR() at VOP_READDIR+0x4c
vn_readdir() at vn_readdir+0xe8
sys___getdents30() at sys___getdents30+0x72
syscall() at syscall+0x196
--- syscall (number 390) ---
syscall+0x196:
(gdb) bt
#0 0xffffffff80239b25 in cpu_reboot (howto=howto@entry=260,
bootstr=bootstr@entry=0x0 <l2arc_remove_vdev.cold>)
at /home/riastradh/netbsd/current/src/sys/arch/amd64/amd64/machdep.c:721
#1 0xffffffff80ddcf2f in kern_reboot (howto=howto@entry=260,
bootstr=bootstr@entry=0x0 <l2arc_remove_vdev.cold>)
at /home/riastradh/netbsd/current/src/sys/kern/kern_reboot.c:73
#2 0xffffffff80e246ed in vpanic (
fmt=0xffffffff83f45578 "solaris assert: %s (0x%jx %s 0x%jx), file: %s, line: %d", fmt@entry=0x20568 <error: Cannot access memory at address 0x20568>,
ap=ap@entry=0xffffd890a201d8f8)
at /home/riastradh/netbsd/current/src/sys/kern/subr_prf.c:293
#3 0xffffffff80e247c2 in panic (
fmt=fmt@entry=0x20568 <error: Cannot access memory at address 0x20568>)
at /home/riastradh/netbsd/current/src/sys/kern/subr_prf.c:210
#4 0xffffffff83f6fea0 in arc_read (pio=pio@entry=0xfffffd377f6bf048,
spa=0xfffffd377e929000, bp=0xffffd884b09e6c40,
done=done@entry=0xffffffff83f75eba <dbuf_read_done>,
private=private@entry=0xfffffd3ca2a66ab8,
priority=priority@entry=ZIO_PRIORITY_SYNC_READ,
zio_flags=zio_flags@entry=128,
arc_flags=arc_flags@entry=0xffffd890a201da5c,
zb=zb@entry=0xffffd890a201da60)
at /home/riastradh/netbsd/current/src/sys/../external/cddl/osnet/dist/uts/common/fs/zfs/arc.c:4962
#5 0xffffffff83f74f0b in dbuf_read_impl (flags=0, zio=0xfffffd377f6bf048,
db=0xfffffd3ca2a66ab8)
at /home/riastradh/netbsd/current/src/sys/../external/cddl/osnet/dist/uts/common/fs/zfs/dbuf.c:1021
#6 dbuf_read (db=db@entry=0xfffffd3ca2a66ab8, zio=0xfffffd377f6bf048,
zio@entry=0x0 <l2arc_remove_vdev.cold>, flags=flags@entry=10)
at /home/riastradh/netbsd/current/src/sys/../external/cddl/osnet/dist/uts/common/fs/zfs/dbuf.c:1066
#7 0xffffffff83f7ca3c in dmu_buf_hold (os=<optimized out>,
object=<optimized out>, offset=offset@entry=0,
tag=tag@entry=0x0 <l2arc_remove_vdev.cold>,
dbp=dbp@entry=0xffffd890a201db28, flags=flags@entry=1)
at /home/riastradh/netbsd/current/src/sys/../external/cddl/osnet/dist/uts/common/fs/zfs/dmu.c:226
#8 0xffffffff83fde595 in zap_lockdir (os=<optimized out>,
obj=<optimized out>, tx=tx@entry=0x0 <l2arc_remove_vdev.cold>,
lti=lti@entry=RW_READER, fatreader=fatreader@entry=1,
adding=adding@entry=0, tag=tag@entry=0x0 <l2arc_remove_vdev.cold>,
zapp=zapp@entry=0xffffd890a201dc98)
at /home/riastradh/netbsd/current/src/sys/../external/cddl/osnet/dist/uts/common/fs/zfs/zap_micro.c:578
#9 0xffffffff83fdfc8f in zap_cursor_retrieve (zc=zc@entry=0xffffd890a201dc90,
za=za@entry=0xffffd890a201dcc8)
at /home/riastradh/netbsd/current/src/sys/../external/cddl/osnet/dist/uts/common/fs/zfs/zap_micro.c:1371
#10 0xffffffff84001ceb in zfs_readdir (uio=0xffffd890a201ded0,
eofp=0xffffd890a201deb4, ncookies=0x0 <l2arc_remove_vdev.cold>,
cookies=0x0 <l2arc_remove_vdev.cold>, cr=<optimized out>,
vp=<optimized out>, vp=<optimized out>)
at /home/riastradh/netbsd/current/src/sys/../external/cddl/osnet/dist/uts/common/fs/zfs/zfs_vnops.c:2835
#11 0xffffffff80ea54ba in VOP_READDIR (vp=0xfffffd3c8e765cc0,
uio=uio@entry=0xffffd890a201ded0, cred=<optimized out>,
eofflag=eofflag@entry=0xffffd890a201deb4,
cookies=cookies@entry=0x0 <l2arc_remove_vdev.cold>,
ncookies=ncookies@entry=0x0 <l2arc_remove_vdev.cold>)
at /home/riastradh/netbsd/current/src/sys/kern/vnode_if.c:1470
#12 0xffffffff80e9c0c6 in vn_readdir (fp=0xfffffd3fe86f7ec0,
bf=0x7c1ee9653000 <error: Cannot access memory at address 0x7c1ee9653000>,
segflg=segflg@entry=0, count=4096, done=done@entry=0xffffd890a201df64,
l=l@entry=0xfffffd428636d1c0,
cookies=cookies@entry=0x0 <l2arc_remove_vdev.cold>,
ncookies=ncookies@entry=0x0 <l2arc_remove_vdev.cold>)
at /home/riastradh/netbsd/current/src/sys/kern/vfs_vnops.c:594
#13 0xffffffff80e91912 in sys___getdents30 (l=0xfffffd428636d1c0,
uap=0xffffd890a201e000, retval=0xffffd890a201dfb0)
at /home/riastradh/netbsd/current/src/sys/kern/vfs_syscalls.c:4814
#14 0xffffffff805a536e in sy_call (rval=0xffffd890a201dfb0,
uap=0xffffd890a201e000, l=0xfffffd428636d1c0,
sy=0xffffffff81888590 <sysent+9360>)
at /home/riastradh/netbsd/current/src/sys/sys/syscallvar.h:65
#15 sy_invoke (code=390, rval=0xffffd890a201dfb0, uap=0xffffd890a201e000,
l=0xfffffd428636d1c0, sy=0xffffffff81888590 <sysent+9360>)
at /home/riastradh/netbsd/current/src/sys/sys/syscallvar.h:94
#16 syscall (frame=0xffffd890a201e000)
at /home/riastradh/netbsd/current/src/sys/arch/x86/x86/syscall.c:138
#17 0xffffffff8021025d in handle_syscall ()
#18 0x0000000000000005 in l2arc_remove_vdev.cold ()
Backtrace stopped: previous frame inner to this frame (corrupt stack?)
(gdb) fr 4
#4 0xffffffff83f6fea0 in arc_read (pio=pio@entry=0xfffffd377f6bf048,
spa=0xfffffd377e929000, bp=0xffffd884b09e6c40,
done=done@entry=0xffffffff83f75eba <dbuf_read_done>,
private=private@entry=0xfffffd3ca2a66ab8,
priority=priority@entry=ZIO_PRIORITY_SYNC_READ,
zio_flags=zio_flags@entry=128,
arc_flags=arc_flags@entry=0xffffd890a201da5c,
zb=zb@entry=0xffffd890a201da60)
at /home/riastradh/netbsd/current/src/sys/../external/cddl/osnet/dist/uts/co
mmon/fs/zfs/arc.c:4962 4962 VERIFY0(arc_decompress(buf));
(gdb) print buf
$13 = (arc_buf_t *) 0xfffffd3ce882bb28
(gdb) print *buf
$14 = {b_hdr = 0xfffffd3ef88056e0, b_next = 0x0 <l2arc_remove_vdev.cold>,
b_evict_lock = {u = {mtxa_owner = 0, s = {mtxs_dummy = 0 '\000', mtxs_ipl = {
_ipl = 0 '\000'}, mtxs_lock = 0 '\000', mtxs_unused = 0 '\000'}}},
b_data = 0xfffffd438cc92200}
(gdb) print *buf->b_hdr
$15 = {b_dva = {dva_word = {1, 321331549}}, b_birth = 73509,
b_type = ARC_BUFC_METADATA, b_hash_next = 0x0 <l2arc_remove_vdev.cold>,
b_flags = (ARC_FLAG_L2CACHE | ARC_FLAG_IN_HASH_TABLE | ARC_FLAG_BUFC_METADATA
| ARC_FLAG_HAS_L1HDR | ARC_FLAG_COMPRESSED_ARC | ARC_FLAG_COMPRESS_0 | ARC_FLAG_COMPRESS_1 | ARC_FLAG_COMPRESS_2 | ARC_FLAG_COMPRESS_3), b_psize = 1, b_lsize = 2, b_spa = 2166755451084772709, b_l2hdr = {
b_dev = 0x0 <l2arc_remove_vdev.cold>, b_daddr = 0, b_l2node = {
list_next = 0x0 <l2arc_remove_vdev.cold>,
list_prev = 0x0 <l2arc_remove_vdev.cold>}}, b_l1hdr = {b_freeze_lock = {
u = {mtxa_owner = 0, s = {mtxs_dummy = 0 '\000', mtxs_ipl = {
_ipl = 0 '\000'}, mtxs_lock = 0 '\000', mtxs_unused = 0 '\000'}}},
b_freeze_cksum = 0x0 <l2arc_remove_vdev.cold>, b_buf = 0xfffffd3ce882bb28,
b_bufcnt = 1, b_cv = {cv_opaque = {0x0 <l2arc_remove_vdev.cold>,
0xffffffff83f20eae}}, b_byteswap = 10 '\n',
b_state = 0xffffffff83e9caa0 <ARC_mru>, b_arc_node = {
list_next = 0x0 <l2arc_remove_vdev.cold>,
list_prev = 0x0 <l2arc_remove_vdev.cold>}, b_arc_access = 2985704,
b_refcnt = {rc_count = 1}, b_acb = 0x0 <l2arc_remove_vdev.cold>,
b_pdata = 0xfffffd3cc3bfd800}}
Compressed buffer content (buf->b_hdr->b_l1hdr.b_pdata):
00000000 00 00 00 d3 21 03 00 01 00 61 80 65 d0 f8 02 7f |....!....a.e....|
00000010 0b 00 0f 02 00 1b 30 e9 2c 07 31 00 10 40 05 00 |......0.,.1..@..|
00000020 50 00 00 43 56 53 07 00 0f 02 00 d8 30 a8 fa 0f |P..CVS......0...|
00000030 6e 00 10 80 05 00 f0 00 00 00 70 72 65 64 69 63 |n.........predic|
00000040 61 74 65 73 2e 6d 64 11 00 0f 02 00 0e 19 96 40 |ates.md........@|
00000050 00 8f 69 71 32 30 30 30 2e 63 37 00 0e 0f 02 00 |..iq2000.c7.....|
00000060 36 19 84 80 00 3f 61 62 69 5a 00 36 0f 02 00 13 |6....?abiZ.6....|
00000070 19 9b 80 00 03 00 01 1f 68 3c 00 13 00 02 00 19 |........h<......|
00000080 89 40 00 af 63 6f 6e 73 74 72 61 69 6e 74 81 01 |.@..constraint..|
00000090 16 0f 02 00 2c 19 9f 80 00 03 c0 00 0f fc 01 14 |....,...........|
000000a0 00 02 00 1f 8d 40 00 00 5f 2d 6f 70 74 73 05 01 |.....@.._-opts..|
000000b0 19 0f 02 00 28 1f a4 80 00 00 4f 2e 6f 70 74 53 |....(.....O.optS|
000000c0 00 15 1f 92 40 00 00 6f 2d 70 72 6f 74 6f c2 00 |....@..o-proto..|
000000d0 0e 50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |.P..............|
000000e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
*
00000200
Decompressed buffer as far as lz4_decompress will generate output:
00000000 03 00 00 00 00 00 00 80 65 d0 f8 02 7f 00 00 00 |........e.......|
00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
*
00000040 e9 2c 07 00 00 00 00 40 00 00 00 00 00 00 43 56 |.,.....@......CV|
00000050 53 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |S...............|
00000060 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
*
00000140 a8 fa 0f 00 00 00 00 80 00 00 00 00 00 00 70 72 |..............pr|
00000150 65 64 69 63 61 74 65 73 2e 6d 64 00 00 00 00 00 |edicates.md.....|
00000160 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
*
00000180 96 fa 0f 00 00 00 00 80 00 00 00 00 00 00 69 71 |..............iq|
00000190 32 30 30 30 2e 63 00 00 00 00 00 00 00 00 00 00 |2000.c..........|
000001a0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
*
00000200 84 fa 0f 00 00 00 00 80 00 00 00 00 00 00 61 62 |..............ab|
00000210 69 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |i...............|
00000220 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
*
00000280 9b fa 0f 00 00 00 00 80 00 00 00 00 00 00 69 71 |..............iq|
00000290 32 30 30 30 2e 68 00 00 00 00 00 00 00 00 00 00 |2000.h..........|
000002a0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
*
000002c0 89 fa 0f 00 00 00 00 80 00 00 00 00 00 00 63 6f |..............co|
000002d0 6e 73 74 72 61 69 6e 74 73 2e 6d 64 00 00 00 00 |nstraints.md....|
000002e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
*
00000340 9f fa 0f 00 00 00 00 80 00 00 00 00 00 00 69 71 |..............iq|
00000350 32 30 30 30 2e 6d 64 00 00 00 00 00 00 00 00 00 |2000.md.........|
00000360 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
*
00000380 8d fa 0f 00 00 00 00 80 00 00 00 00 00 00 69 71 |..............iq|
00000390 32 30 30 30 2d 6f 70 74 73 2e 68 00 00 00 00 00 |2000-opts.h.....|
000003a0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
*
00000400 00 00 00 d3 21 03 00 01 00 61 80 65 d0 f8 02 7f |....!....a.e....|
00000410 0b 00 0f 02 00 1b 30 e9 2c 07 31 00 10 40 05 00 |......0.,.1..@..|
00000420 50 00 00 43 56 53 07 00 0f 02 00 d8 30 a8 fa 0f |P..CVS......0...|
00000430 6e 00 10 80 05 00 f0 00 00 00 70 72 65 64 69 63 |n.........predic|
00000440 61 74 65 73 2e 6d 64 11 00 0f 02 00 0e 19 96 40 |ates.md........@|
00000450 00 8f 69 71 32 30 30 30 2e 63 37 00 0e 0f 02 00 |..iq2000.c7.....|
00000460 36 19 84 80 00 3f 61 62 69 5a 00 36 0f 02 00 13 |6....?abiZ.6....|
00000470 19 9b 80 00 03 00 01 1f 68 3c 00 13 00 02 00 19 |........h<......|
00000480 89 40 00 af 63 6f 6e 73 74 72 61 69 6e 74 81 01 |.@..constraint..|
00000490 16 0f 02 00 2c 19 9f 80 00 03 c0 00 0f fc 01 14 |....,...........|
000004a0 00 02 00 1f 8d 40 00 00 5f 2d 6f 70 74 73 05 01 |.....@.._-opts..|
000004b0 19 0f 02 00 28 1f a4 80 00 00 4f 2e 6f 70 74 53 |....(.....O.optS|
000004c0 00 15 1f 92 40 00 00 6f 2d 70 72 6f 74 6f c2 00 |....@..o-proto..|
000004d0 0e 50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |.P..............|
000004e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
*
00000600
If I feed this into just the lz4_decompress logic of zfs (copied & pasted from http://cvsweb.netbsd.org/bsdweb.cgi/src/external/cddl/osnet/dist/uts/common/fs/zfs/lz4.c?rev=1.2&content-type=text/x-cvsweb-markup&only_with_tag=MAIN), the point at which it fails is:
LZ4_SECURECOPY(ref, op, (oend - COPYLENGTH));
while (op < cpy)
*op++ = *ref++;
op = cpy;
if (op == oend)
/*
* Check EOF (should never happen, since
* last 5 bytes are supposed to be literals)
*/
goto _output_error;
Crash dump available for further diagnostics.
>How-To-Repeat:
dunno
>Fix:
Yes, please!
Home |
Main Index |
Thread Index |
Old Index