With today's HEAD I get the following panic when booting a MALTA64 kernel on QEMU: Breakpoint 1, panic (fmt=0xffffffff80766a14 "keg %s initialization after use.") at /exports/users/alr48/sources/freebsd/sys/kern/kern_shutdown.c:835 835 vpanic(fmt, ap); (gdb) bt #0 panic (fmt=0xffffffff80766a14 "keg %s initialization after use.") at /exports/users/alr48/sources/freebsd/sys/kern/kern_shutdown.c:835 #1 0xffffffff8068a1f4 in uma_zone_set_allocf (zone=<optimized out>, allocf=0xffffffff8070a180 <busdma_bufalloc_alloc_uncacheable>) at /exports/users/alr48/sources/freebsd/sys/vm/uma_core.c:4265 #2 0xffffffff80709f68 in busdma_bufalloc_create (name=<optimized out>, minimum_alignment=<optimized out>, alloc_func=0xffffffff8070a180 <busdma_bufalloc_alloc_uncacheable>, free_func=0xffffffff8070a1e0 <busdma_bufalloc_free_uncacheable>, zcreate_flags=<optimized out>) at /exports/users/alr48/sources/freebsd/sys/kern/subr_busdma_bufalloc.c:110 #3 0xffffffff806e0678 in busdma_init (dummy=<optimized out>) at /exports/users/alr48/sources/freebsd/sys/mips/mips/busdma_machdep.c:246 #4 0xffffffff803a3f40 in mi_startup () at /exports/users/alr48/sources/freebsd/sys/kern/init_main.c:314 #5 0xffffffff80100388 in _locore () at /exports/users/alr48/sources/freebsd/sys/mips/mips/locore.S:201
Probably caused by https://reviews.freebsd.org/rS356348 ?
I think the issue is that the assertion checks the value of uz_allocs while it still points to EARLY_COUNTER, and so we get bogus values.
A commit references this bug: Author: jeff Date: Sun Jan 5 22:54:26 UTC 2020 New revision: 356389 URL: https://svnweb.freebsd.org/changeset/base/356389 Log: The fix in r356353 was insufficient. Not every architecture returns 0 for EARLY_COUNTER. Only amd64 seems to. Suggested by: markj Reported by: lwhsu Reviewed by: markj PR: 243117 Changes: head/sys/vm/uma_core.c
Before r356348 we were reading EARLY_COUNTER, giving a bogus allocation counter. It happens to work on amd64 because counter_u64_fetch() uses CPU_FOREACH, which is a no-op before SI_SUB_CPU.