ZFS pool creation from files leads to a crash

K. Macy kmacy at freebsd.org
Sun Nov 16 07:29:27 UTC 2014 

I can reproduce this easily on head and have a deoptimized kernel so
that gdb gives useful information. It looks like the trim changes
might have broken this. It's too late for me in PST to try and track
this down tonight. Maybe others who have spent more time in this code
can chime in in a timely fashion. Otherwise I'll look at it on Monday
or Tuesday.

Unread portion of the kernel message buffer:


Fatal trap 12: page fault while in kernel mode
cpuid = 3; apic id = 04
fault virtual address   = 0x0
fault code              = supervisor read data, page not present
instruction pointer     = 0x20:0xffffffff80d8373a
stack pointer           = 0x28:0xfffffe01219f66a0
frame pointer           = 0x28:0xfffffe01219f66b0
code segment            = base 0x0, limit 0xfffff, type 0x1b
                        = DPL 0, pres 1, long 1, def32 0, gran 1
processor eflags        = interrupt enabled, resume, IOPL = 0
current process         = 1280 (zpool)

Reading symbols from /boot/kernel/zfs.ko.symbols...done.
Loaded symbols for /boot/kernel/zfs.ko.symbols
Reading symbols from /boot/kernel/opensolaris.ko.symbols...done.
Loaded symbols for /boot/kernel/opensolaris.ko.symbols
Reading symbols from /boot/kernel/sem.ko.symbols...done.
Loaded symbols for /boot/kernel/sem.ko.symbols
#0  doadump (textdump=564092400) at
/usr/home/kmacy/devel/freebsd-head/sys/kern/kern_shutdown.c:261
261             dumptid = curthread->td_tid;
(kgdb) bt
#0  doadump (textdump=564092400) at
/usr/home/kmacy/devel/freebsd-head/sys/kern/kern_shutdown.c:261
#1  0xffffffff80361e48 in db_fncall_generic (addr=-2137746016,
rv=0xfffffe01219f5d80, nargs=0, args=0xfffffe01219f5d90)
    at /usr/home/kmacy/devel/freebsd-head/sys/ddb/db_command.c:568
#2  0xffffffff80361b1a in db_fncall (dummy1=0, dummy2=0, dummy3=-2199009086476,
    dummy4=0xfffffe01219f5e70 " ^\237!\001þÿÿ\231\022\215\200\001")
    at /usr/home/kmacy/devel/freebsd-head/sys/ddb/db_command.c:616
#3  0xffffffff80361794 in db_command (last_cmdp=0xffffffff812a67d8,
cmd_table=0x0, dopager=1)
    at /usr/home/kmacy/devel/freebsd-head/sys/ddb/db_command.c:440
#4  0xffffffff803613ad in db_command_loop () at
/usr/home/kmacy/devel/freebsd-head/sys/ddb/db_command.c:493
#5  0xffffffff803658f8 in db_trap (type=12, code=0) at
/usr/home/kmacy/devel/freebsd-head/sys/ddb/db_main.c:251
#6  0xffffffff809a310c in kdb_trap (type=12, code=0, tf=0xfffffe01219f65f0)
    at /usr/home/kmacy/devel/freebsd-head/sys/kern/subr_kdb.c:654
#7  0xffffffff80d87036 in trap_fatal (frame=0xfffffe01219f65f0, eva=0)
    at /usr/home/kmacy/devel/freebsd-head/sys/amd64/amd64/trap.c:861
#8  0xffffffff80d872aa in trap_pfault (frame=0xfffffe01219f65f0, usermode=0)
    at /usr/home/kmacy/devel/freebsd-head/sys/amd64/amd64/trap.c:709
#9  0xffffffff80d86240 in trap (frame=0xfffffe01219f65f0) at
/usr/home/kmacy/devel/freebsd-head/sys/amd64/amd64/trap.c:426
#10 0xffffffff80d87918 in trap_check (frame=0xfffffe01219f65f0)
    at /usr/home/kmacy/devel/freebsd-head/sys/amd64/amd64
/trap.c:620

#11 0xffffffff80d5b9f2 in calltrap () at
/usr/home/kmacy/devel/freebsd-head/sys/amd64/amd64/exception.S:231
#12 0xffffffff80d8373a in bcopy () at
/usr/home/kmacy/devel/freebsd-head/sys/amd64/amd64/support.S:119
#13 0xffffffff809c6f97 in uiomove_faultflag (cp=0xfffffe0005e0e000,
n=131072, uio=0xfffffe01219f6d78, nofault=0)
    at /usr/home/kmacy/devel/freebsd-head/sys/kern/subr_uio.c:208
#14 0xffffffff809c6cd5 in uiomove (cp=0xfffffe0005e0e000, n=131072,
uio=0xfffffe01219f6d78)
    at /usr/home/kmacy/devel/freebsd-head/sys/kern/subr_uio.c:142
#15 0xffffffff8191810d in zfs_uiomove (cp=0xfffffe0005e0e000,
n=131072, dir=UIO_WRITE, uio=0xfffffe01219f6d78) at uio.h:81
#16 0xffffffff81914df6 in dmu_write_uio_dnode (dn=0xfffff8006e78cb70,
uio=0xfffffe01219f6d78, size=131072,
    tx=0xfffff800098f5600) at
/usr/home/kmacy/devel/freebsd-head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/dmu.c:1171
#17 0xffffffff81914be3 in dmu_write_uio_dbuf (zdb=0xfffff8005d975408,
uio=0xfffffe01219f6d78, size=131072,
    tx=0xfffff800098f5600) at
/usr/home/kmacy/devel/freebsd-head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/dmu.c:1209
#18 0xffffffff81a4a698 in zfs_write (vp=0xfffff8005d94a3b0,
uio=0xfffffe01219f6d78, ioflag=128, cr=0xfffff80002cd9000,
    ct=0x0) at /usr/home/kmacy/devel/freebsd-head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vnops.c:1051
#19 0xffffffff81a4106e in zfs_freebsd_write (ap=0xfffffe01219f6ca8)
    at /usr/home/kmacy/devel/freebsd-head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vnops.c:6104
#20 0xffffffff80e9fc50 in VOP_WRITE_APV (vop=0xffffffff81ae6600,
a=0xfffffe01219f6ca8) at vnode_if.c:997
#21 0xffffffff80a7508e in VOP_WRITE (vp=0xfffff8005d94a3b0,
uio=0xfffffe01219f6d78, ioflag=128, cred=0xfffff80002cd9000)
    at vnode_if.h:413
#22 0xffffffff80a74932 in vn_rdwr (rw=UIO_WRITE,
vp=0xfffff8005d94a3b0, base=0x0, len=104857600, offset=0,
    segflg=UIO_SYSSPACE, ioflg=128, active_cred=0xfffff80002cd9000,
file_cred=0x0, aresid=0xfffffe01219f6e50,
    td=0xfffff80009ac14a0) at
/usr/home/kmacy/devel/freebsd-head/sys/kern/vfs_vnops.c:559
#23 0xffffffff819b9a2c in zfs_vn_rdwr (rw=UIO_WRITE,
vp=0xfffff8005d94a3b0, base=0x0, len=104857600, offset=0,
    seg=UIO_SYSSPACE, ioflag=128, ulimit=0, cr=0xfffff80002cd9000,
residp=0xfffffe01219f6f18) at vnode.h:237
#24 0xffffffff819b9706 in vdev_file_io_start (zio=0xfffff80009ebb000)
    at /usr/home/kmacy/devel/freebsd-head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_file.c:188
#25 0xffffffff819fcea3 in zio_vdev_io_start (zio=0xfffff80009ebb000)
    at /usr/home/kmacy/devel/freebsd-head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zio.c:2709
#26 0xffffffff819f51f1 in zio_execute (zio=0xfffff80009ebb000)
    at /usr/home/kmacy/devel/freebsd-head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zio.c:1409
#27 0xffffffff819f368a in zio_wait (zio=0xfffff80009ebb000)
    at /usr/home/kmacy/devel/freebsd-head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zio.c:1433
#28 0xffffffff819bb51e in vdev_label_init (vd=0xfffff80009919800,
crtxg=4, reason=VDEV_LABEL_CREATE)
    at /usr/home/kmacy/devel/freebsd-head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_label.c:718
#29 0xffffffff819bb0f9 in vdev_label_init (vd=0xfffff8000991a000,
crtxg=4, reason=VDEV_LABEL_CREATE)
    at /usr/home/kmacy/devel/freebsd-head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_label.c:642
#30 0xffffffff819b2ab6 in vdev_create (vd=0xfffff8000991a000, txg=4,
isreplacing=0)
    at /usr/home/kmacy/devel/freebsd-head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev.c:1662
#31 0xffffffff8198cd7b in spa_create (pool=0xfffffe0005e4e000
"test-pool", nvroot=0xfffff80009511d60,
    props=0xfffff8006e277580, zplprops=0xfffff800097317e0)
    at /usr/home/kmacy/devel/freebsd-head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/spa.c:3617
#32 0xffffffff81a218fe in zfs_ioc_pool_create (zc=0xfffffe0005e4e000)
    at /usr/home/kmacy/devel/freebsd-head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_ioctl.c:1542
#33 0xffffffff81a1de0d in zfsdev_ioctl (dev=0xfffff80007125c00,
zcmd=3222821376, arg=0xfffffe01219f78a0 "\004", flag=3,
    td=0xfffff80009ac14a0)
    at /usr/home/kmacy/devel/freebsd-head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_ioctl.c:6198
#34 0xffffffff80783c23 in devfs_ioctl_f (fp=0xfffff800096b4280,
com=3222821376, data=0xfffffe01219f78a0,
    cred=0xfffff80002cd6600, td=0xfffff80009ac14a0) at
/usr/home/kmacy#13 0xffffffff809c6f97 in uiomove_faultflag
(cp=0xfffffe0005e0e000, n=131072, uio=0xfffffe01219f6d78, nofault=0)
    at /usr/home/kmacy/devel/freebsd-head/sys/kern/subr_uio.c:208
208                                     bcopy(iov->iov_base, cp, cnt);
Current language:  auto; currently minimal
(kgdb) p iov->iov_base
$1 = (void *) 0x0
(kgdb) p *iov
$2 = {iov_base = 0x0, iov_len = 104857600}
/devel/freebsd-head/sys/fs/devfs/devfs_vnops.c:775

(kgdb) f 28
#28 0xffffffff819bb51e in vdev_label_init (vd=0xfffff80009919800,
crtxg=4, reason=VDEV_LABEL_CREATE)
    at /usr/home/kmacy/devel/freebsd-head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_label.c:718
718                     zio_wait(zio_trim(NULL, spa, vd, 0,
vd->vdev_psize));kgdb) down
#27 0xffffffff819f368a in zio_wait (zio=0xfffff80009ebb000)
    at /usr/home/kmacy/devel/freebsd-head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zio.c:1433
1433            zio_execute(zio);
(kgdb) p zio->io_data
$2 = (void *) 0x0
(kgdb) f 23
#23 0xffffffff819b9a2c in zfs_vn_rdwr (rw=UIO_WRITE,
vp=0xfffff8005d94a3b0, base=0x0, len=104857600, offset=0,
    seg=UIO_SYSSPACE, ioflag=128, ulimit=0, cr=0xfffff80002cd9000,
residp=0xfffffe01219f6f18) at vnode.h:237
237             error = vn_rdwr(rw, vp, base, len, offset, seg,
ioflag, cr, NOCRED,
(kgdb) p base
$3 = 0x0



On Sat, Nov 15, 2014 at 10:38 PM, Bogdan SOLGA <bogdan.solga at gmail.com> wrote:
> Hello, everyone!
>
> Yesterday I have started to test FreeBSD-10.1-RELEASE, using VirtualBox VMs
> created from the mfsBSD <http://mfsbsd.vx.sk/> 10.1 image. I installed the
> system on a 2 GB zpool, with fletcher4 checksumming and LZJB compression.
>
> As I need some other ZFS zpools for testing purposes, I have tried to
> create them from a few empty files, created as follows:
> # truncate -s 100M /tmp/file1
> # truncate -s 100M /tmp/file2
> # zpool create test-pool /tmp/zfile1 /tmp/file2
>
> When the 'zpool create' command is executed, it leads to a crash and the VM
> is automatically restarted. I have searched the crash dump in the logs, but
> coulnd't find it.
>
> The same operation (creating a ZFS pool from files) works properly on
> FreeBSD-10-RELEASE.
>
> Any help is appreciated :)
>
> Thank you!
>
> Kind regards,
> Bogdan
> _______________________________________________
> freebsd-stable at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-stable
> To unsubscribe, send any mail to "freebsd-stable-unsubscribe at freebsd.org"

More information about the freebsd-stable mailing list