Actions
Bug #14296
open
segfault on reboot in ficlVmInnerLoop
Status:
New
Priority:
Normal
Assignee:
-
Category:
cmd - userland programs
Start date:
Due date:
% Done:
0%
Estimated time:
Difficulty:
Medium
Tags:
Gerrit CR:
Description
Encountered a segfault when running `reboot`. This was on a nightly build and I was trying to go back to the previous BE. The steps I took are below. I can upload the core file somewhere or run additional mdb commands if needed.
rpz@midgar:~$ beadm list
BE Active Mountpoint Space Policy Created
omnios-r151037 - - 47.89M static 2021-04-30 23:01
omnios-r151037-1 - - 12.09M static 2021-05-01 00:01
omnios-r151039 - - 12.28M static 2021-06-19 18:01
omnios-r151039-backup-1 - - 240K static 2021-07-31 09:23
omnios-r151039-1 - - 11.10M static 2021-07-31 09:34
omnios-r151039-2 - - 4.80M static 2021-10-18 11:59
chelsio-14289 NR / 7.06G static 2021-12-09 14:52
rpz@midgar:~$ pfexec beadm activate omnios-r151039-2
Activated successfully
rpz@midgar:~$ beadm list
BE Active Mountpoint Space Policy Created
omnios-r151037 - - 47.89M static 2021-04-30 23:01
omnios-r151037-1 - - 12.09M static 2021-05-01 00:01
omnios-r151039 - - 12.28M static 2021-06-19 18:01
omnios-r151039-backup-1 - - 240K static 2021-07-31 09:23
omnios-r151039-1 - - 11.10M static 2021-07-31 09:34
omnios-r151039-2 R - 6.64G static 2021-10-18 11:59
chelsio-14289 N / 433.26M static 2021-12-09 14:52
rpz@midgar:~$ pfexec reboot
reboot: Not all drivers have implemented quiesce(9E)
Please see /var/adm/messages for drivers that haven't
implemented quiesce(9E).
Segmentation Fault
rpz@midgar:~$ pfexec pstack /var/cores/core.reboot.100565
core '/var/cores/core.reboot.100565' of 100565: reboot
fe98dd31 ficlVmInnerLoop (8c4b138, 0) + 2cf
fe9911ac ficlVmExecuteString (8c4b138, 4) + 111
fe991333 ficlVmEvaluate (8c4b138, 8037dcc) + 3f
feed8868 be_get_boot_args (80674e4, ffffffff) + 2cc
080551c3 parse_fastboot_args (8038a3c, 100, 80388a4, 0) + 398
08055e09 main (f7c0cc77, f7c88628, 8038b98, 80533bb) + 7ae
080533bb _start_crt (1, 8038bc4, f0bc3ac1, 0, 0, 0) + 9a
0805328a _start (1, 8038c9c, 0, 8038ca3, 8038cb3, 8038cca) + 1a
Updated by
Updated by Toomas Soome 7 months ago
Ryan Zezeski wrote:
Encountered a segfault when running `reboot`. This was on a nightly build and I was trying to go back to the previous BE. The steps I took are below. I can upload the core file somewhere or run additional mdb commands if needed.
[...]
8037dcc/S but also, we do have ficlVmExecuteString(ficlVm *vm, ficlString s) and in that stack output, 4 is hardly the address of string.... So we must get something bad from earlier calls.
Updated by Ryan Zezeski 7 months ago
Toomas Soome wrote in #note-2:
8037dcc/S but also, we do have ficlVmExecuteString(ficlVm *vm, ficlString s) and in that stack output, 4 is hardly the address of string.... So we must get something bad from earlier calls.
> > 8037dcc/S 0x8037dcc: boot
Here's the ficlVm argument if that's helpful:
> 8c4b138::print -t struct ficlVm
struct ficlVm {
ficlCallback callback = {
void *context = 0
ficlOutputFunction textOut = libbe.so.1`ficlSuppressTextOutput
ficlOutputFunction errorOut = 0
ficlSystem *system = 0x8c2e5c0
ficlVm *vm = 0x8c4b138
}
ficlVm *link = 0
jmp_buf *exceptionHandler = 0x8037c44
short restart = 0
ficlIp ip = 0x8c652e8
ficlWord *runningWord = 0x8c5e5b0
ficlUnsigned state = 0
ficlUnsigned base = 0xa
ficlStack *dataStack = 0x8c2e770
ficlStack *returnStack = 0x8c4a948
ficlStack *floatStack = 0x8c5a600
ficlCell sourceId = {
ficlInteger i = 0xffffffff
ficlUnsigned u = 0xffffffff
ficlFloat f = -NaN
void *p = 0xffffffff
void (*)() fn = 0xffffffff
}
ficlTIB tib = {
ficlInteger index = 0x4
char *end = 0x8037dd0 ""
char *text = 0x8037dcc "boot"
}
ficlCell [16] user = [
ficlCell {
ficlInteger i = 0
ficlUnsigned u = 0
ficlFloat f = +0.0000000e+00
void *p = 0
void (*)() fn = 0
},
ficlCell {
ficlInteger i = 0
ficlUnsigned u = 0
ficlFloat f = +0.0000000e+00
void *p = 0
void (*)() fn = 0
},
ficlCell {
ficlInteger i = 0
ficlUnsigned u = 0
ficlFloat f = +0.0000000e+00
void *p = 0
void (*)() fn = 0
},
ficlCell {
ficlInteger i = 0
ficlUnsigned u = 0
ficlFloat f = +0.0000000e+00
void *p = 0
void (*)() fn = 0
},
ficlCell {
ficlInteger i = 0
ficlUnsigned u = 0
ficlFloat f = +0.0000000e+00
void *p = 0
void (*)() fn = 0
},
ficlCell {
ficlInteger i = 0
ficlUnsigned u = 0
ficlFloat f = +0.0000000e+00
void *p = 0
void (*)() fn = 0
},
ficlCell {
ficlInteger i = 0
ficlUnsigned u = 0
ficlFloat f = +0.0000000e+00
void *p = 0
void (*)() fn = 0
},
ficlCell {
ficlInteger i = 0
ficlUnsigned u = 0
ficlFloat f = +0.0000000e+00
void *p = 0
void (*)() fn = 0
},
ficlCell {
ficlInteger i = 0
ficlUnsigned u = 0
ficlFloat f = +0.0000000e+00
void *p = 0
void (*)() fn = 0
},
ficlCell {
ficlInteger i = 0
ficlUnsigned u = 0
ficlFloat f = +0.0000000e+00
void *p = 0
void (*)() fn = 0
},
ficlCell {
ficlInteger i = 0
ficlUnsigned u = 0
ficlFloat f = +0.0000000e+00
void *p = 0
void (*)() fn = 0
},
ficlCell {
ficlInteger i = 0
ficlUnsigned u = 0
ficlFloat f = +0.0000000e+00
void *p = 0
void (*)() fn = 0
},
ficlCell {
ficlInteger i = 0
ficlUnsigned u = 0
ficlFloat f = +0.0000000e+00
void *p = 0
void (*)() fn = 0
},
ficlCell {
ficlInteger i = 0
ficlUnsigned u = 0
ficlFloat f = +0.0000000e+00
void *p = 0
void (*)() fn = 0
},
ficlCell {
ficlInteger i = 0
ficlUnsigned u = 0
ficlFloat f = +0.0000000e+00
void *p = 0
void (*)() fn = 0
},
ficlCell {
ficlInteger i = 0
ficlUnsigned u = 0
ficlFloat f = +0.0000000e+00
void *p = 0
void (*)() fn = 0
},
]
char [256] pad = [ "4" ]
}
Actions