(gdb) bt #0 0xffffffff80222bba in cpu_reboot (howto=howto@entry=260, bootstr=bootstr@entry=0x0 ) at /home/riastradh/netbsd/9/src/sys/arch/amd64/amd64/machdep.c:728 #1 0xffffffff80a307d6 in vpanic ( fmt=0xffffffff843887e0 "zfs: accessing past end of object %llx/%llx (size=%u access=%llu+%llu)", ap=0xffffae0496d1f688) at /home/riastradh/netbsd/9/src/sys/kern/subr_prf.c:336 #2 0xffffffff842ccce9 in ?? () #3 0xffffae0496d1f5d0 in ?? () #4 0xffffffff84de21ce in dsl_dir_tempreserve_impl (dd=0x10000, asize=, netfree=-1, ignorequota=, checkrefquota=, tr_list=0xffffae0496d1f6d0, tx=0xffffae0496d1f788, first=48) at /home/riastradh/netbsd/9/src/sys/../external/cddl/osnet/dist/uts/common/fs/zfs/dsl_dir.c:1232 #5 0xffffffff84e07ecb in zfs_panic_recover ( fmt=fmt@entry=0x27840 ) at /home/riastradh/netbsd/9/src/sys/../external/cddl/osnet/dist/uts/common/fs/zfs/spa_misc.c:1651 #6 0xffffffff84dc0484 in dmu_buf_hold_array_by_dnode ( dn=0x0 , offset=16384, offset@entry=65536, length=18446744071632738416, length@entry=16384, read=read@entry=0, tag=tag@entry=0xffffffff84365870, numbufsp=numbufsp@entry=0xffffae0496d1f824, dbpp=dbpp@entry=0xffffae0496d1f828, flags=flags@entry=0) at /home/riastradh/netbsd/9/src/sys/../external/cddl/osnet/dist/uts/common/fs/zfs/dmu.c:471 #7 0xffffffff84dc0728 in dmu_buf_hold_array (os=, object=, offset=offset@entry=65536, length=length@entry=16384, tag=0xffffffff84365870, tag@entry=0x48d0 <__func__.22685>, numbufsp=numbufsp@entry=0xffffae0496d1f824, dbpp=dbpp@entry=0xffffae0496d1f828, read=0) at /home/riastradh/netbsd/9/src/sys/../external/cddl/osnet/dist/uts/common/fs/zfs/dmu.c:563 #8 0xffffffff84dc1e02 in dmu_write_pages (os=, object=, offset=offset@entry=65536, size=size@entry=16384, pgs=pgs@entry=0xffffae0496d1fb30, tx=tx@entry=0xffff82ea8b8d21c8) at /home/riastradh/netbsd/9/src/sys/../external/cddl/osnet/dist/uts/common/fs/zfs/dmu.c:1504 #9 0xffffffff84e42fa5 in zfs_putapage (vp=, pp=0xffffae0496d1fb30, count=4, flags=) at /home/riastradh/netbsd/9/src/sys/../external/cddl/osnet/dist/uts/common/fs/zfs/zfs_vnops.c:6074 #10 0xffffffff80aa6e01 in genfs_do_putpages (vp=, startoff=0, endoff=9223372036854771712, origflags=8219, busypg=busypg@entry=0x0 ) at /home/riastradh/netbsd/9/src/sys/miscfs/genfs/genfs_io.c:1252 #11 0xffffffff80aa7708 in genfs_putpages (v=v@entry=0xffffae0496d1fc78) at /home/riastradh/netbsd/9/src/sys/miscfs/genfs/genfs_io.c:835 #12 0xffffffff84e3b7ab in zfs_netbsd_putpages (v=0xffffae0496d1fc78) at /home/riastradh/netbsd/9/src/sys/../external/cddl/osnet/dist/uts/common/fs/zfs/zfs_vnops.c:6189 #13 0xffffffff80aa2f31 in VOP_PUTPAGES (vp=vp@entry=0xffff82ec49a87190, offlo=offlo@entry=0, offhi=offhi@entry=0, flags=flags@entry=8219) at /home/riastradh/netbsd/9/src/sys/kern/vnode_if.c:1632 #14 0xffffffff80a879cb in vinvalbuf (vp=vp@entry=0xffff82ec49a87190, flags=flags@entry=1, cred=cred@entry=0xffffffffffffffff, l=l@entry=0xffff82f8c541ba80, catch_p=catch_p@entry=false, slptimeo=slptimeo@entry=0) at /home/riastradh/netbsd/9/src/sys/kern/vfs_subr.c:158 #15 0xffffffff80a93ced in vcache_reclaim (vp=vp@entry=0xffff82ec49a87190) at /home/riastradh/netbsd/9/src/sys/kern/vfs_vnode.c:1601 #16 0xffffffff80a94972 in vrelel (vp=0xffff82ec49a87190, flags=) at /home/riastradh/netbsd/9/src/sys/kern/vfs_vnode.c:808 #17 0xffffffff84e3f5b5 in zfs_netbsd_remove (v=) at /home/riastradh/netbsd/9/src/sys/../external/cddl/osnet/dist/uts/common/fs/zfs/zfs_vnops.c:5396 #18 0xffffffff80aa2042 in VOP_REMOVE (dvp=0xffff82f700105190, vp=, cnp=cnp@entry=0xffffae0496d1ff48) at /home/riastradh/netbsd/9/src/sys/kern/vnode_if.c:889 #19 0xffffffff80a8b791 in do_sys_unlinkat (l=, fdat=, arg=, flags=, seg=) at /home/riastradh/netbsd/9/src/sys/kern/vfs_syscalls.c:2747 #20 0xffffffff802530f9 in sy_call (rval=0xffffae0496d1ffb0, uap=0xffffae0496d20000, l=0xffff82f8c541ba80, sy=0xffffffff8185c4b0 ) at /home/riastradh/netbsd/9/src/sys/sys/syscallvar.h:65 #21 0xffffffff802096dd in handle_syscall () (gdb) fr 9 #9 0xffffffff84e42fa5 in zfs_putapage (vp=, pp=0xffffae0496d1fb30, count=4, flags=) at /home/riastradh/netbsd/9/src/sys/../external/cddl/osnet/dist/uts/common/fs/zfs/zfs_vnops.c:6074 6074 err = dmu_write_pages(zfsvfs->z_os, zp->z_id, off, len, pp, tx); (gdb) print *pp[0] $4 = {rb_node = {rb_nodes = {0x0 , 0x0 }, rb_info = 18446653914468790776}, pageq = { queue = {tqe_next = 0xffffae002a7b31f8, tqe_prev = 0xffffae001e7f5450}, list = {le_next = 0xffffae002a7b31f8, le_prev = 0xffffae001e7f5450}}, listq = {queue = {tqe_next = 0xffffae002a7b31f8, tqe_prev = 0xffff82ec49a871a0}, list = {le_next = 0xffffae002a7b31f8, le_prev = 0xffff82ec49a871a0}}, uanon = 0x0 , uobject = 0xffff82ec49a87190, offset = 65536, flags = 45, loan_count = 0, wire_count = 0, pqflags = 512, phys_addr = 9909108736, mdpage = {mp_pp = { pp_u = {u_pte = {pte_ptp = 0x0 , pte_va = 136473003634688}, u_head = {pvh_list = { lh_first = 0x0 }}, u_link = 0x0 }, pp_flags = 0 '\000', pp_attrs = 6 '\006'}}} (gdb) fr 13 #13 0xffffffff80aa2f31 in VOP_PUTPAGES (vp=vp@entry=0xffff82ec49a87190, offlo=offlo@entry=0, offhi=offhi@entry=0, flags=flags@entry=8219) at /home/riastradh/netbsd/9/src/sys/kern/vnode_if.c:1632 1632 error = (VCALL(vp, VOFFSET(vop_putpages), &a)); (gdb) print *vp $5 = {v_uobj = {vmobjlock = 0xffff82ecb785ecc0, pgops = 0xffffffff81272220 , memq = { tqh_first = 0xffffae0009cde900, tqh_last = 0xffffae0496d1fae0}, uo_npages = 4, uo_refs = 1, rb_tree = {rbt_root = 0xffffae002a7b31f8, rbt_ops = 0xffffffff81272080 , rbt_minmax = { 0xffffae0009cde900, 0xffffae0001198d28}}, uo_ubc = { lh_first = 0x0 }}, v_cv = {cv_opaque = { 0x0 , 0xffff82ec49a871e0, 0xffffffff813d8ed6}}, v_size = 80408, v_writesize = 80408, v_iflag = 18432, v_vflag = 16, v_uflag = 0, v_numoutput = 0, v_writecount = 0, v_holdcnt = 1, v_mount = 0xffff82f966468008, v_op = 0xffff82f97640cc88, v_cleanblkhd = { lh_first = 0x0 }, v_dirtyblkhd = { lh_first = 0x0 }, v_un = { vu_mountedhere = 0xffff82ed76fc7138, vu_socket = 0xffff82ed76fc7138, vu_specnode = 0xffff82ed76fc7138, vu_fifoinfo = 0xffff82ed76fc7138, vu_ractx = 0xffff82ed76fc7138}, v_type = VREG, v_tag = VT_ZFS, v_data = 0xffff82ed7aff9920, v_klist = { slh_first = 0x0 }} (gdb) print *(struct znode *)vp->v_data $6 = {z_gnode = {g_op = 0xffffffff84369aa0, g_glock = {rw_owner = 0}, g_dirtygen = 0}, z_zfsvfs = 0xffff82f966891008, z_vnode = 0xffff82ec49a87190, z_id = 97164, z_range_lock = {u = { mtxa_owner = 0}}, z_range_avl = {avl_root = 0xffff82f90bae33d0, avl_compar = 0xffffffff84e37211 , avl_offset = 8, avl_numnodes = 1, avl_size = 112}, z_unlinked = 1 '\001', z_atime_dirty = 0 '\000', z_zn_prefetch = 0 '\000', z_moved = 0 '\000', z_blksz = 80896, z_seq = 8013398, z_mapcnt = 0, z_gen = 2598307, z_size = 80408, z_atime = {1587596209, 374743243}, z_links = 0, z_pflags = 4432406249476, z_uid = 1002, z_gid = 1002, z_mode = 33188, z_sync_cnt = 0, z_acl_lock = {u = {mtxa_owner = 0}}, z_acl_cached = 0xffff82f8533d7408, z_link_node = { list_next = 0xffff82ed7aff9cd8, list_prev = 0xffff82eb109a8bc0}, z_sa_hdl = 0xffff82ebe3a51838, z_is_sa = 1, z_lockf = 0x0 }