From owner-freebsd-current@freebsd.org  Sat Oct 20 16:56:15 2018
Return-Path: <owner-freebsd-current@freebsd.org>
Delivered-To: freebsd-current@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id A973FFEC660
 for <freebsd-current@mailman.ysv.freebsd.org>;
 Sat, 20 Oct 2018 16:56:15 +0000 (UTC) (envelope-from pho@holm.cc)
Received: from mailman.ysv.freebsd.org (mailman.ysv.freebsd.org
 [IPv6:2001:1900:2254:206a::50:5])
 by mx1.freebsd.org (Postfix) with ESMTP id 4D3787B42D
 for <freebsd-current@freebsd.org>; Sat, 20 Oct 2018 16:56:15 +0000 (UTC)
 (envelope-from pho@holm.cc)
Received: by mailman.ysv.freebsd.org (Postfix)
 id 0F105FEC65F; Sat, 20 Oct 2018 16:56:15 +0000 (UTC)
Delivered-To: current@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id F1CACFEC65E
 for <current@mailman.ysv.freebsd.org>; Sat, 20 Oct 2018 16:56:14 +0000 (UTC)
 (envelope-from pho@holm.cc)
Received: from relay01.pair.com (relay01.pair.com [209.68.5.15])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id A694A7B42C
 for <current@freebsd.org>; Sat, 20 Oct 2018 16:56:14 +0000 (UTC)
 (envelope-from pho@holm.cc)
Received: from x2.osted.lan (87-58-223-204-dynamic.dk.customer.tdc.net
 [87.58.223.204])
 by relay01.pair.com (Postfix) with ESMTP id 42FDCD00B24
 for <current@freebsd.org>; Sat, 20 Oct 2018 12:56:07 -0400 (EDT)
Received: from x2.osted.lan (localhost [127.0.0.1])
 by x2.osted.lan (8.15.2/8.15.2) with ESMTPS id w9KGu5L3005089
 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO)
 for <current@freebsd.org>; Sat, 20 Oct 2018 18:56:05 +0200 (CEST)
 (envelope-from pho@x2.osted.lan)
Received: (from pho@localhost)
 by x2.osted.lan (8.15.2/8.15.2/Submit) id w9KGu5cL005088
 for current@freebsd.org; Sat, 20 Oct 2018 18:56:05 +0200 (CEST)
 (envelope-from pho)
Date: Sat, 20 Oct 2018 18:56:05 +0200
From: Peter Holm <peter@holm.cc>
To: current@freebsd.org
Subject: Page fault in midi/sequencer.c
Message-ID: <20181020165604.GA4946@x2.osted.lan>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.10.0 (2018-05-17)
X-BeenThere: freebsd-current@freebsd.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Discussions about the use of FreeBSD-current
 <freebsd-current.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-current>, 
 <mailto:freebsd-current-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-current/>
List-Post: <mailto:freebsd-current@freebsd.org>
List-Help: <mailto:freebsd-current-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-current>, 
 <mailto:freebsd-current-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 20 Oct 2018 16:56:15 -0000

I can trigger this on 13.0-CURRENT r339445 with a non-root test program:

Calling uiomove() with the following non-sleepable locks held:
exclusive sleep mutex seqflq (seqflq) r = 0 (0xfffff80003860c08) locked @ dev/sound/midi/sequencer.c:952
stack backtrace:
#0 0xffffffff80bfe263 at witness_debugger+0x73
#1 0xffffffff80bff1b8 at witness_warn+0x448
#2 0xffffffff80bf6a91 at uiomove_faultflag+0x71
#3 0xffffffff809439e6 at mseq_write+0x4c6
#4 0xffffffff80a4f725 at devfs_write_f+0x185
#5 0xffffffff80c02a87 at dofilewrite+0x97
#6 0xffffffff80c0287f at kern_pwritev+0x5f
#7 0xffffffff80c0277d at sys_pwrite+0x8d
#8 0xffffffff81070af7 at amd64_syscall+0x2a7
#9 0xffffffff8104a4ad at fast_syscall_common+0x101
Kernel page fault with the following non-sleepable locks held:
exclusive sleep mutex seqflq (seqflq) r = 0 (0xfffff80003860c08) locked @ dev/sound/midi/sequencer.c:952
stack backtrace:
#0 0xffffffff80bfe263 at witness_debugger+0x73
#1 0xffffffff80bff1b8 at witness_warn+0x448
#2 0xffffffff810700d3 at trap_pfault+0x53
#3 0xffffffff8106f70a at trap+0x2ba
#4 0xffffffff81049bc5 at calltrap+0x8
#5 0xffffffff80bf6b42 at uiomove_faultflag+0x122
#6 0xffffffff809439e6 at mseq_write+0x4c6
#7 0xffffffff80a4f725 at devfs_write_f+0x185
#8 0xffffffff80c02a87 at dofilewrite+0x97
#9 0xffffffff80c0287f at kern_pwritev+0x5f
#10 0xffffffff80c0277d at sys_pwrite+0x8d
#11 0xffffffff81070af7 at amd64_syscall+0x2a7
#12 0xffffffff8104a4ad at fast_syscall_common+0x101


Fatal trap 12: page fault while in kernel mode
cpuid = 4; apic id = 04
fault virtual address = 0x20ea6b
fault code  = supervisor read data, page not present
instruction pointer = 0x20:0xffffffff8106d32d
stack pointer         = 0x28:0xfffffe00a844a660
frame pointer         = 0x28:0xfffffe00a844a660
code segment  = base 0x0, limit 0xfffff, type 0x1b
   = DPL 0, pres 1, long 1, def32 0, gran 1
processor eflags = interrupt enabled, resume, IOPL = 0
current process  = 2356 (xxx)
[ thread pid 2356 tid 100278 ]
Stopped at      copyin_nosmap_erms+0xdd:        movl    (%rsi),%edx
db>

-- 
Peter