Date: Wed, 11 Sep 2019 23:27:04 +0000 From: bugzilla-noreply@freebsd.org To: freebsd-arm@FreeBSD.org Subject: [Bug 240518] panic in pmap.c: acquiring blockable sleep lock with spinlock or cirtical section held Message-ID: <bug-240518-7@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D240518 Bug ID: 240518 Summary: panic in pmap.c: acquiring blockable sleep lock with spinlock or cirtical section held Product: Base System Version: CURRENT Hardware: arm64 OS: Any Status: New Severity: Affects Only Me Priority: --- Component: arm Assignee: freebsd-arm@FreeBSD.org Reporter: iz-rpi03@hs-karlsruhe.de While trying to get more information related to bug #240201, which happens with a kernel build as GENERIC-NODEBUG, it turnes out that in the same environment (RPi3, writing from the network into a ZFS mirrored pool via doveadm) a kernel build as GENERIC panics in less than 30 seconds. As I do follow CURRENT the panic message changed with the latest changes related to vm_page from mtx_lock to spinlock. Because of the size of the stack backtrace, without a serial console and without a unsable keyboard after the panic I used screenshots to get - most of - the panic information. I collected three of them. Please expect some typos. * From bug #240201, GENERIC base r352023 panic: mtx_lock() by idle thread 0x... on sleep mutex pmap @ /usr/src/sys/arm6... cpuid =3D 0 time =3D ... KDB: stack backtrace: db_trace_self() ar db_trace_self_wrapper+0x28 db_trace_self_wrapper() at vpanic+0x18c vpanic() at panix+0x44 panic() at __mtx_lock_flages+0x1c4 __mtx_lock_flags() at pmap_fault+0x1bc pmap_fault() at data_abort+0xc0 data_abort() at do_el1h_sync+0x120 do_el1h_sync() at handle_el1h_sync+0x74 handle_el1h_sync() at dwc_otg_write_fifo+0x98 dwc_otg_write_fifo() at dwc_otg_host_data_tx+0x784 dwc_otg_host_data_tx() at dwc_otg_interrupt_poll_locked+0x894 dwc_otg_interrupt_poll_locked() at dwc_otg_filter_interrupt+0x134 dwc_otg_filter_interrupt() at intr_event_handle+0xac intr_event_handle() at intr_isrc_dispatch+0x34 intr_isrc_dispatch() at bmc2835_intc_intr+0x178 bmc2835_intc_intr() at intr_event_handle+0xac intr_event_handle() at intr_isrc_dispatch+0x34 intr_isrc_dispatch() at bcm_lintc_intr+0x1bc bcm_lintc_intr() at intr_irq_handler+0x74 intr_irq_handler() at handle_el1h_irq+0x78 handle_el1h_irq() at cpu_idle+0x54 cpu_idle() at sched_idletd+0x388 sched_idletd() at fork_exit+0x7c fork_exit() at fork_trampoline+0x10 KDB: enter: panic [ thread pid 11 tid 100003 ] Stopped at generic_bs_wr_4+0x0: ldr w1, [x3], #4 db> * From GENERIC base r352119 panic: acquiring blockable sleep lock with spinlock or cirtical section held (sleep mutex) pmap @ /usr/src/sys/arm64/arm64/pmap.c:5013 cpuid =3D 0 time =3D ... KDB: stack backtrace: db_trace_self() ar db_trace_self_wrapper+0x28 db_trace_self_wrapper() at vpanic+0x18c vpanic() at panix+0x44 panic() at witness_checkorder+0x... witness_checkorder() at __mtx_lock_flages __mtx_lock_flags() at pmap_fault pmap_fault() at data_abort data_abort() at do_el1h_sync do_el1h_sync() at handle_el1h_sync handle_el1h_sync() at dwc_otg_write_fifo dwc_otg_write_fifo() at dwc_otg_host_data_tx dwc_otg_host_data_tx() at dwc_otg_interrupt_poll_locked dwc_otg_interrupt_poll_locked() at dwc_otg_filter_interrupt dwc_otg_filter_interrupt() at intr_event_handle intr_event_handle() at intr_isrc_dispatch intr_isrc_dispatch() at bmc2835_intc_intr bmc2835_intc_intr() at intr_event_handle intr_event_handle() at intr_isrc_dispatch intr_isrc_dispatch() at bcm_lintc_intr bcm_lintc_intr() at intr_irq_handler intr_irq_handler() at handle_el1h_irq handle_el1h_irq() at lz4compress lz4compress() at zio_compress_data zio_compress_data() at zio_write_compress zio_write_compress() at zio_execute zio_execute() at taskqueue_run_locked taskqueue_run_locked() at taskqueue_thread_loop taskqueue_thread_loop() at fork_exit fork_exit() at fork_trampoline+0x10 KDB: enter: panic [ thread pid 0 tid 100224 ] Stopped at generic_bs_wr_4+0x0: ldr w1, [x3], #4 db> * From GENERIC base r352207 lock order reversal: 1st 0x... abd_chunk (UMA zone) 0 /usr/src/sys&vm/uma_core.c:4232 2nd 0x... pmap (pmap) 0 /usr/src/sys/arm64/arm64/pmap.c:5813 stack backtrace: #0 0x... at witness_debugger+0x64 #1 0x... at __mtx_lock_flags+0xb8 #2 0x... at pmap_fault+0x1bc #3 0x... at data_abort+0xc0 #4 0x... at do_el1h_sync+0x120 #5 0x... at handle_el1h_sync+0x74 #6 0x... at uma_dbg_free+0x58 #7 0x... at uma_zfree_arg+0x13c #8 0x... at abd_free+0xc0 #9 0x... at arc_hdr_free_pabd+0x94 #10 0x... at arc_write+0x1f8 #11 0x... at dbuf_write+0x630 #12 0x... at dbus_sync_leaf+0x5ac #13 0x... at dbus_sync_list+0xb4 #14 0x... at dbuf_sync_indirect+0x2e4 #15 0x... at dbus_sync_list+0xa4 #16 0x... at dnode_sync+0xdd4 #17 0x... at sync_dnodes_task+0x12c And a few seconds later: panic: acquiring blockable sleep lock with spinlock or cirtical section held (sleep mutex) pmap @ /usr/src/sys/arm64/arm64/pmap.c:5013 cpuid =3D 0 time =3D ... KDB: stack backtrace: db_trace_self() ar db_trace_self_wrapper+0x28 db_trace_self_wrapper() at vpanic+0x18c vpanic() at panix+0x44 panic() at witness_checkorder+0x... witness_checkorder() at __mtx_lock_flages __mtx_lock_flags() at pmap_fault pmap_fault() at data_abort data_abort() at do_el1h_sync do_el1h_sync() at handle_el1h_sync handle_el1h_sync() at dwc_otg_write_fifo dwc_otg_write_fifo() at dwc_otg_host_data_tx dwc_otg_host_data_tx() at dwc_otg_interrupt_poll_locked dwc_otg_interrupt_poll_locked() at dwc_otg_filter_interrupt+0x134 dwc_otg_filter_interrupt() at intr_event_handle+0xac intr_event_handle() at intr_isrc_dispatch+0x34 intr_isrc_dispatch() at bmc2835_intc_intr+0x178 bmc2835_intc_intr() at intr_event_handle+0xac intr_event_handle() at intr_isrc_dispatch+0x34 intr_isrc_dispatch() at bcm_lintc_intr+0x1bc bcm_lintc_intr() at intr_irq_handler+0x74 intr_irq_handler() at handle_el1h_irq+0x78 handle_el1h_irq() at cpu_idle+0x54 cpu_idle() at sched_idletd+0x388 sched_idletd() at fork_exit+0x7c fork_exit() at fork_trampoline+0x10 KDB: enter: panic [ thread pid 11 tid 100003 ] Stopped at generic_bs_wr_4+0x0: ldr w1, [x3], #4 db> Best regrads, Ralf --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-240518-7>