From owner-freebsd-current@freebsd.org  Tue Jun 20 21:45:41 2017
Return-Path: <owner-freebsd-current@freebsd.org>
Delivered-To: freebsd-current@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id AC89EDA32FA
 for <freebsd-current@mailman.ysv.freebsd.org>;
 Tue, 20 Jun 2017 21:45:41 +0000 (UTC)
 (envelope-from trond@fagskolen.gjovik.no)
Received: from smtp.fagskolen.gjovik.no (smtp.fagskolen.gjovik.no
 [IPv6:2001:700:1100:1:200:ff:fe00:b])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "smtp.fagskolen.gjovik.no",
 Issuer "Fagskolen i Gj??vik" (not verified))
 by mx1.freebsd.org (Postfix) with ESMTPS id 522CB75AD5
 for <freebsd-current@freebsd.org>; Tue, 20 Jun 2017 21:45:41 +0000 (UTC)
 (envelope-from trond@fagskolen.gjovik.no)
Received: from mail.fig.ol.no (localhost [127.0.0.1])
 by mail.fig.ol.no (8.15.2/8.15.2) with ESMTPS id v5KLjWxq061533
 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO)
 for <freebsd-current@freebsd.org>; Tue, 20 Jun 2017 23:45:32 +0200 (CEST)
 (envelope-from trond@fagskolen.gjovik.no)
Received: from localhost (trond@localhost)
 by mail.fig.ol.no (8.15.2/8.15.2/Submit) with ESMTP id v5KLjWNC061530
 for <freebsd-current@freebsd.org>; Tue, 20 Jun 2017 23:45:32 +0200 (CEST)
 (envelope-from trond@fagskolen.gjovik.no)
X-Authentication-Warning: mail.fig.ol.no: trond owned process doing -bs
Date: Tue, 20 Jun 2017 23:45:32 +0200 (CEST)
From: =?ISO-8859-1?Q?Trond_Endrest=F8l?= <Trond.Endrestol@fagskolen.gjovik.no>
Sender: Trond.Endrestol@fagskolen.gjovik.no
To: FreeBSD current <freebsd-current@freebsd.org>
Subject: Re: Crash in base/head in abd_put() after r320156
In-Reply-To: <3987075c-08cd-4add-11dc-24b1e4d071fc@freebsd.org>
Message-ID: <alpine.BSF.2.21.1706202344010.37790@mail.fig.ol.no>
References: <alpine.BSF.2.21.1706202259370.37790@mail.fig.ol.no>
 <3987075c-08cd-4add-11dc-24b1e4d071fc@freebsd.org>
User-Agent: Alpine 2.21 (BSF 202 2017-01-01)
Organization: Fagskolen Innlandet
OpenPGP: url=http://fig.ol.no/~trond/trond.key
MIME-Version: 1.0
Content-ID: <alpine.BSF.2.21.1706202344011.37790@mail.fig.ol.no>
X-Spam-Status: No, score=-1.0 required=5.0 tests=ALL_TRUSTED
 autolearn=unavailable autolearn_force=no version=3.4.1
X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on mail.fig.ol.no
Content-Type: text/plain; CHARSET=ISO-8859-1
Content-Transfer-Encoding: 8BIT
X-Content-Filtered-By: Mailman/MimeDel 2.1.23
X-BeenThere: freebsd-current@freebsd.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: Discussions about the use of FreeBSD-current
 <freebsd-current.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-current>, 
 <mailto:freebsd-current-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-current/>
List-Post: <mailto:freebsd-current@freebsd.org>
List-Help: <mailto:freebsd-current-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-current>, 
 <mailto:freebsd-current-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 20 Jun 2017 21:45:41 -0000

On Tue, 20 Jun 2017 17:31-0400, Allan Jude wrote:

> On 2017-06-20 17:27, Trond Endrestøl wrote:
> > Has anyone else seen a crash in base/head in abd_put() after r320156?
> > 
> > One of my experimental VMs at home crashed spectacularly after 
> > upgrading to r320156. I even wiped my /usr/obj, recompiled everything 
> > and got the same result. Everything's back to normal when I boot 
> > r320146.
> > 
> > Here's the backtrace:
> > 
> > Fatal trap 12: page fault while in kernel mode
> > cpuid = 3; apic id = 03
> > 
> > fault virtual address	= 0x8
> > 
> > Fatal trap 12: page fault while in kernel mode
> > 
> > cpuid = 2; 
> > Fatal trap 12: page fault while in kernel mode
> > apic id = 02
> > fault virtual address	= 0x8
> > cpuid = 0; apic id = 00
> > fault virtual address	= 0x8
> > fault code		= supervisor read data, page not present
> > fault code		= supervisor read data, page not present
> > instruction pointer	= 0x20:0xffffffff803260fa
> > stack pointer	        = 0x28:0xfffffe01b0231860
> > frame pointer	        = 0x28:0xfffffe01b0231870
> > code segment		= base 0x0, limit 0xfffff, type 0x1b
> > 
> > 			= DPL 0, pres 1, long 1, def32 0, gran 1
> > 
> > Fatal trap 12: page fault while in kernel mode
> > fault code		= supervisor read data, page not present
> > processor eflags	= interrupt enabled, resume, IOPL = 0
> > current process		= 0 (zio_free_issue_5_2)
> > trap number		= 12
> > instruction pointer	= 0x20:0xffffffff803260fa
> > stack pointer	        = 0x28:0xfffffe01b022c860
> > frame pointer	        = 0x28:0xfffffe01b022c870
> > panic: page fault
> > cpuid = 0
> > time = 4
> > KDB: stack backtrace:
> > db_trace_self_wrapper() at 0xffffffff8044f93b = db_trace_self_wrapper+0x2b/frame 0xfffffe01b0231440
> > vpanic() at 0xffffffff8067ec0c = vpanic+0x19c/frame 0xfffffe01b02314c0
> > panic() at 0xffffffff8067ea63 = panic+0x43/frame 0xfffffe01b0231520
> > trap_fatal() at 0xffffffff80983b32 = trap_fatal+0x322/frame 0xfffffe01b0231570
> > trap_pfault() at 0xffffffff80983b89 = trap_pfault+0x49/frame 0xfffffe01b02315d0
> > trap() at 0xffffffff809833c5 = trap+0x295/frame 0xfffffe01b0231790
> > calltrap() at 0xffffffff80968c21 = calltrap+0x8/frame 0xfffffe01b0231790
> > --- trap 0xc, rip = 0xffffffff803260fa, rsp = 0xfffffe01b0231860, rbp = 0xfffffe01b0231870 ---
> > abd_put() at 0xffffffff803260fa = abd_put+0xa/frame 0xfffffe01b0231870
> > vdev_raidz_map_free() at 0xffffffff803aa7c2 = vdev_raidz_map_free+0x82/frame 0xfffffe01b02318a0
> > zio_vdev_io_assess() at 0xffffffff803ecc04 = zio_vdev_io_assess+0x74/frame 0xfffffe01b02318e0
> > zio_execute() at 0xffffffff803e913c = zio_execute+0xac/frame 0xfffffe01b0231930
> > zio_vdev_io_start() at 0xffffffff803ec894 = zio_vdev_io_start+0x2b4/frame 0xfffffe01b0231990
> > zio_execute() at 0xffffffff803e913c = zio_execute+0xac/frame 0xfffffe01b02319e0
> > zio_nowait() at 0xffffffff803e8a8b = zio_nowait+0xcb/frame 0xfffffe01b0231a20
> > vdev_mirror_io_start() at 0xffffffff803a744c = vdev_mirror_io_start+0x35c/frame 0xfffffe01b0231a70
> > zio_vdev_io_start() at 0xffffffff803ec86c = zio_vdev_io_start+0x28c/frame 0xfffffe01b0231ad0
> > zio_execute() at 0xffffffff803e913c = zio_execute+0xac/frame 0xfffffe01b0231b20
> > taskqueue_run_locked() at 0xffffffff806d3d27 = taskqueue_run_locked+0x127/frame 0xfffffe01b0231b80
> > taskqueue_thread_loop() at 0xffffffff806d4ee8 = taskqueue_thread_loop+0xc8/frame 0xfffffe01b0231bb0
> > fork_exit() at 0xffffffff80640df5 = fork_exit+0x85/frame 0xfffffe01b0231bf0
> > fork_trampoline() at 0xffffffff8096915e = fork_trampoline+0xe/frame 0xfffffe01b0231bf0
> > --- trap 0, rip = 0, rsp = 0, rbp = 0 ---
> > Uptime: 4s
> > 
> 
> This seems to be an unintended consequence of some code that was pulled
> in from upstream today.
> 
> Try adding: vfs.zfs.trim.enabled=0
> to /boot/loader.conf
> 
> (you can set it manually from the boot loader menu with the set command
> to get the system to boot)

That worked. Thanks.

BTW, the call to abd_put() was given a NULL pointer.

-- 
+-------------------------------+------------------------------------+
| Vennlig hilsen,               | Best regards,                      |
| Trond Endrestøl,              | Trond Endrestøl,                   |
| IT-ansvarlig,                 | System administrator,              |
| Fagskolen Innlandet,          | Gjøvik Technical College, Norway,  |
| tlf. mob.   952 62 567,       | Cellular...: +47 952 62 567,       |
| sentralbord 61 14 54 00.      | Switchboard: +47 61 14 54 00.      |
+-------------------------------+------------------------------------+
From owner-freebsd-current@freebsd.org  Tue Jun 20 21:56:29 2017
Return-Path: <owner-freebsd-current@freebsd.org>
Delivered-To: freebsd-current@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id CC978DA35A7
 for <freebsd-current@mailman.ysv.freebsd.org>;
 Tue, 20 Jun 2017 21:56:29 +0000 (UTC)
 (envelope-from allanjude@freebsd.org)
Received: from mx1.scaleengine.net (mx1.scaleengine.net [209.51.186.6])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 9ED3675FD6
 for <freebsd-current@freebsd.org>; Tue, 20 Jun 2017 21:56:29 +0000 (UTC)
 (envelope-from allanjude@freebsd.org)
Received: from [192.168.1.10] (unknown [192.168.1.10])
 (Authenticated sender: allanjude.freebsd@scaleengine.com)
 by mx1.scaleengine.net (Postfix) with ESMTPSA id B0ACB134AA
 for <freebsd-current@freebsd.org>; Tue, 20 Jun 2017 21:56:27 +0000 (UTC)
Subject: Re: Crash in base/head in abd_put() after r320156
To: freebsd-current@freebsd.org
References: <alpine.BSF.2.21.1706202259370.37790@mail.fig.ol.no>
 <3987075c-08cd-4add-11dc-24b1e4d071fc@freebsd.org>
 <alpine.BSF.2.21.1706202344010.37790@mail.fig.ol.no>
From: Allan Jude <allanjude@freebsd.org>
Message-ID: <5557f896-248a-9524-d4a9-34101b9d2e39@freebsd.org>
Date: Tue, 20 Jun 2017 17:56:23 -0400
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:52.0) Gecko/20100101
 Thunderbird/52.2.0
MIME-Version: 1.0
In-Reply-To: <alpine.BSF.2.21.1706202344010.37790@mail.fig.ol.no>
Content-Type: text/plain; charset=utf-8
Content-Language: en-CA
Content-Transfer-Encoding: 8bit
X-BeenThere: freebsd-current@freebsd.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: Discussions about the use of FreeBSD-current
 <freebsd-current.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-current>, 
 <mailto:freebsd-current-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-current/>
List-Post: <mailto:freebsd-current@freebsd.org>
List-Help: <mailto:freebsd-current-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-current>, 
 <mailto:freebsd-current-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 20 Jun 2017 21:56:29 -0000

On 2017-06-20 17:45, Trond EndrestÃ¸l wrote:
> On Tue, 20 Jun 2017 17:31-0400, Allan Jude wrote:
> 
>> On 2017-06-20 17:27, Trond EndrestÃ¸l wrote:
>>> Has anyone else seen a crash in base/head in abd_put() after r320156?
>>>
>>> One of my experimental VMs at home crashed spectacularly after 
>>> upgrading to r320156. I even wiped my /usr/obj, recompiled everything 
>>> and got the same result. Everything's back to normal when I boot 
>>> r320146.
>>>
>>> Here's the backtrace:
>>>
>>> Fatal trap 12: page fault while in kernel mode
>>> cpuid = 3; apic id = 03
>>>
>>> fault virtual address	= 0x8
>>>
>>> Fatal trap 12: page fault while in kernel mode
>>>
>>> cpuid = 2; 
>>> Fatal trap 12: page fault while in kernel mode
>>> apic id = 02
>>> fault virtual address	= 0x8
>>> cpuid = 0; apic id = 00
>>> fault virtual address	= 0x8
>>> fault code		= supervisor read data, page not present
>>> fault code		= supervisor read data, page not present
>>> instruction pointer	= 0x20:0xffffffff803260fa
>>> stack pointer	        = 0x28:0xfffffe01b0231860
>>> frame pointer	        = 0x28:0xfffffe01b0231870
>>> code segment		= base 0x0, limit 0xfffff, type 0x1b
>>>
>>> 			= DPL 0, pres 1, long 1, def32 0, gran 1
>>>
>>> Fatal trap 12: page fault while in kernel mode
>>> fault code		= supervisor read data, page not present
>>> processor eflags	= interrupt enabled, resume, IOPL = 0
>>> current process		= 0 (zio_free_issue_5_2)
>>> trap number		= 12
>>> instruction pointer	= 0x20:0xffffffff803260fa
>>> stack pointer	        = 0x28:0xfffffe01b022c860
>>> frame pointer	        = 0x28:0xfffffe01b022c870
>>> panic: page fault
>>> cpuid = 0
>>> time = 4
>>> KDB: stack backtrace:
>>> db_trace_self_wrapper() at 0xffffffff8044f93b = db_trace_self_wrapper+0x2b/frame 0xfffffe01b0231440
>>> vpanic() at 0xffffffff8067ec0c = vpanic+0x19c/frame 0xfffffe01b02314c0
>>> panic() at 0xffffffff8067ea63 = panic+0x43/frame 0xfffffe01b0231520
>>> trap_fatal() at 0xffffffff80983b32 = trap_fatal+0x322/frame 0xfffffe01b0231570
>>> trap_pfault() at 0xffffffff80983b89 = trap_pfault+0x49/frame 0xfffffe01b02315d0
>>> trap() at 0xffffffff809833c5 = trap+0x295/frame 0xfffffe01b0231790
>>> calltrap() at 0xffffffff80968c21 = calltrap+0x8/frame 0xfffffe01b0231790
>>> --- trap 0xc, rip = 0xffffffff803260fa, rsp = 0xfffffe01b0231860, rbp = 0xfffffe01b0231870 ---
>>> abd_put() at 0xffffffff803260fa = abd_put+0xa/frame 0xfffffe01b0231870
>>> vdev_raidz_map_free() at 0xffffffff803aa7c2 = vdev_raidz_map_free+0x82/frame 0xfffffe01b02318a0
>>> zio_vdev_io_assess() at 0xffffffff803ecc04 = zio_vdev_io_assess+0x74/frame 0xfffffe01b02318e0
>>> zio_execute() at 0xffffffff803e913c = zio_execute+0xac/frame 0xfffffe01b0231930
>>> zio_vdev_io_start() at 0xffffffff803ec894 = zio_vdev_io_start+0x2b4/frame 0xfffffe01b0231990
>>> zio_execute() at 0xffffffff803e913c = zio_execute+0xac/frame 0xfffffe01b02319e0
>>> zio_nowait() at 0xffffffff803e8a8b = zio_nowait+0xcb/frame 0xfffffe01b0231a20
>>> vdev_mirror_io_start() at 0xffffffff803a744c = vdev_mirror_io_start+0x35c/frame 0xfffffe01b0231a70
>>> zio_vdev_io_start() at 0xffffffff803ec86c = zio_vdev_io_start+0x28c/frame 0xfffffe01b0231ad0
>>> zio_execute() at 0xffffffff803e913c = zio_execute+0xac/frame 0xfffffe01b0231b20
>>> taskqueue_run_locked() at 0xffffffff806d3d27 = taskqueue_run_locked+0x127/frame 0xfffffe01b0231b80
>>> taskqueue_thread_loop() at 0xffffffff806d4ee8 = taskqueue_thread_loop+0xc8/frame 0xfffffe01b0231bb0
>>> fork_exit() at 0xffffffff80640df5 = fork_exit+0x85/frame 0xfffffe01b0231bf0
>>> fork_trampoline() at 0xffffffff8096915e = fork_trampoline+0xe/frame 0xfffffe01b0231bf0
>>> --- trap 0, rip = 0, rsp = 0, rbp = 0 ---
>>> Uptime: 4s
>>>
>>
>> This seems to be an unintended consequence of some code that was pulled
>> in from upstream today.
>>
>> Try adding: vfs.zfs.trim.enabled=0
>> to /boot/loader.conf
>>
>> (you can set it manually from the boot loader menu with the set command
>> to get the system to boot)
> 
> That worked. Thanks.
> 
> BTW, the call to abd_put() was given a NULL pointer.
> 

Yeah, if you want more detail, there is a thread on
svn-src-head@FreeBSD.org that discusses it. Should be fixed tomorrow.

-- 
Allan Jude