Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 23 Oct 2018 11:43:37 +0200
From:      Peter Holm <pho@freebsd.org>
To:        Eric Joyner <erj@freebsd.org>
Cc:        src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org
Subject:   Re: svn commit: r339634 - in head/sys: kern net
Message-ID:  <20181023094337.GA23352@x2.osted.lan>
In-Reply-To: <201810230437.w9N4bTxf050789@repo.freebsd.org>
References:  <201810230437.w9N4bTxf050789@repo.freebsd.org>

next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Oct 23, 2018 at 04:37:29AM +0000, Eric Joyner wrote:
> Author: erj
> Date: Tue Oct 23 04:37:29 2018
> New Revision: 339634
> URL: https://svnweb.freebsd.org/changeset/base/339634
> 
> Log:
>   iflib: drain enqueued tasks before detaching from taskqgroup
>   
>   The taskqgroup_detach function does not check if task is already enqueued when
>   detaching it. This may lead to kernel panic if enqueued task starts after
>   context state lock is destroyed. Ensure that the already enqueued admin tasks
>   are executed before detaching them.
>   
>   The issue was discovered during validation of D16429. Unloading of if_ixlv
>   followed by immediate removal of VFs with iovctl -D may lead to panic on
>   NODEBUG kernel.
>   
>   As well, check if iflib is in detach before enqueueing new admin or iov
>   tasks, to prevent new tasks from executing while the taskqgroup tasks
>   are being drained.
>   
>   Submitted by:	Krzysztof Galazka <krzysztof.galazka@intel.com>
>   Reviewed by:	shurd@, erj@
>   Sponsored by:	Intel Corporation
>   Differential Revision:	https://reviews.freebsd.org/D17404
> 
> Modified:
>   head/sys/kern/subr_gtaskqueue.c
>   head/sys/net/iflib.c
> 
> Modified: head/sys/kern/subr_gtaskqueue.c
> ==============================================================================
> --- head/sys/kern/subr_gtaskqueue.c	Tue Oct 23 03:30:14 2018	(r339633)

This commit seems to trigger:

panic: mtx_lock() by idle thread 0xfffff808400e5000 on sleep mutex igb0 @ ../../../net/iflib.c:2084
cpuid = 6
time = 1540287664
KDB: stack backtrace:
db_trace_self_wrapper() at db_trace_self_wrapper+0x2b/frame 0xfffffe0078778620
vpanic() at vpanic+0x1a3/frame 0xfffffe0078778680
panic() at panic+0x43/frame 0xfffffe00787786e0
__mtx_lock_flags() at __mtx_lock_flags+0x15a/frame 0xfffffe0078778730
iflib_admin_intr_deferred() at iflib_admin_intr_deferred+0x2a/frame 0xfffffe0078778760
em_msix_link() at em_msix_link+0x84/frame 0xfffffe0078778790
iflib_fast_intr_ctx() at iflib_fast_intr_ctx+0x21/frame 0xfffffe00787787b0
intr_event_handle() at intr_event_handle+0xbb/frame 0xfffffe0078778800
intr_execute_handlers() at intr_execute_handlers+0x58/frame 0xfffffe0078778830
lapic_handle_intr() at lapic_handle_intr+0x5f/frame 0xfffffe0078778850
Xapic_isr1() at Xapic_isr1+0xd9/frame 0xfffffe0078778850
--- interrupt, rip = 0xffffffff80489d11, rsp = 0xfffffe0078778920, rbp = 0xfffffe0078778960 ---
acpi_cpu_idle() at acpi_cpu_idle+0x2a1/frame 0xfffffe0078778960
cpu_idle_acpi() at cpu_idle_acpi+0x3f/frame 0xfffffe0078778980
cpu_idle() at cpu_idle+0xa7/frame 0xfffffe00787789a0
sched_idletd() at sched_idletd+0x517/frame 0xfffffe0078778a70
fork_exit() at fork_exit+0x84/frame 0xfffffe0078778ab0
fork_trampoline() at fork_trampoline+0xe/frame 0xfffffe0078778ab0
--- trap 0, rip = 0, rsp = 0, rbp = 0 ---
KDB: enter: panic
[ thread pid 11 tid 100009 ]
Stopped at      kdb_enter+0x3b: movq    $0,kdb_why
db> x/s version
version:        FreeBSD 13.0-CURRENT r339634 PHO-GENERIC\012
db> 

- Peter



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20181023094337.GA23352>