Project

General

Profile

Actions

Bug #5831

closed

"beadm umount <dir>" core dump

Added by Igor Kozhukhov over 6 years ago. Updated over 6 years ago.

Status:
Closed
Priority:
Normal
Category:
-
Start date:
2015-04-12
Due date:
% Done:

100%

Estimated time:
Difficulty:
Medium
Tags:
needs-triage
Gerrit CR:

Description

steps for reproduce:
beadm create newBE
beadm mount newBE /a
beadm umount /a
(beadm core dump)

but we have no core dump with:
beadm umount newBE

core file:

root@myhost.vnet:~# mdb core
Loading modules: [ libc.so.1 libnvpair.so.1 libumem.so.1 libtopo.so.1 libavl.so.1 libuutil.so.1 ld.so.1 ]
> $C
fffffd7fffdfdf80 libc.so.1`realfree+0x42(4208a0)
fffffd7fffdfdfc0 libc.so.1`_malloc_unlocked+0x100(4000)
fffffd7fffdfdff0 libc.so.1`malloc+0x3b(4000)
fffffd7fffdfe020 libc.so.1`calloc+0x31(1, 4000)
fffffd7fffdfe050 libzfs.so.1`zfs_alloc+0x25(41f060, 4000)
fffffd7fffdfe090 libzfs.so.1`zcmd_alloc_dst_nvlist+0x2e(41f060, fffffd7fffdfe0d0, 0)
fffffd7fffdff2b0 libzfs.so.1`namespace_reload+0x8a(41f060)
fffffd7fffdff320 libzfs.so.1`zpool_iter+0x30(41f060, fffffd7ffd09d080, fffffd7fffdff380)
fffffd7fffdffc10 libbe.so.1`_be_unmount+0x9a(41b20b, 0)
fffffd7fffdffc50 libbe.so.1`be_unmount+0x12f(41b050)
fffffd7fffdffca0 be_do_unmount+0xd8(2, fffffd7fffdffd60)
fffffd7fffdffcf0 run_be_cmd+0x49(fffffd7fffdffede, 2, fffffd7fffdffd60)
fffffd7fffdffd30 main+0x4e(3, fffffd7fffdffd58)
fffffd7fffdffd40 _start+0x6c()

The problem here is that we're trying to free a string that we received
from looking it up in an nvlist, which is illegal.

Actions

Also available in: Atom PDF