I was using Dtrace using the FBT provider on an arm platform with witness enabled. When FBT is used with the kernel module, it generates a kernel panic or the system becomes unresponsive. Is this problem know or seen before. I am copying the kernel backtrace below for reference. The issue seems to be with a blockable sleep lock(kld_sx) acquired which is conflicting with the td->td_critnest positive value. The following is the kernel backtrace : dtrace: script 'dtrace_script' matched 1 probe panic: acquiring blockable sleep lock with spinlock or critical section held (sx) kernel linker @ /.amd/svl-engdata1vs1/occamdev/build/freebsd/head/20160325.175306_fbsd-bui lder_head.324786/src/sys/kern/kern_linker.c:552 newpanic = 1, trace_on_panic = 1, debugger_on_panic = 0 [panic] backtrace is as follows: KDB: stack backtrace: db_trace_self() at db_trace_self pc = 0xc128bb68 lr = 0xc1039f8c (db_trace_self_wrapper+0x30) sp = 0xea736798 fp = 0xea7368b0 r10 = 0xc63bc6a0 db_trace_self_wrapper() at db_trace_self_wrapper+0x30 pc = 0xc1039f8c lr = 0xc1180e3c (kdb_backtrace+0x3c) sp = 0xea7368b8 fp = 0xea7368c0 r4 = 0xc13d4b64 r5 = 0x00000001 r6 = 0xc139c600 r7 = 0xc139c640 kdb_backtrace() at kdb_backtrace+0x3c pc = 0xc1180e3c lr = 0xc1148400 (vpanic+0xec) sp = 0xea7368c8 fp = 0xea7368e0 r4 = 0x00000100 r10 = 0xc63bc6a0 vpanic() at vpanic+0xec pc = 0xc1148400 lr = 0xc1148314 (vpanic) sp = 0xea7368e8 fp = 0xea736900 r4 = 0xc13c7018 r5 = 0xc12fc5ed r6 = 0xea73690c r7 = 0xc13c6f80 r8 = 0xc12e76f0 r9 = 0xc139f740 vpanic() at vpanic pc = 0xc1148314 lr = 0xc119b080 (witness_checkorder+0x128) sp = 0xea736908 fp = 0xea736960 r4 = 0xea73690c r5 = 0x00000000 r6 = 0x00000009 r7 = 0xc12d6222 r8 = 0xc155e6c0 r9 = 0x00000228 witness_checkorder() at witness_checkorder+0x128 pc = 0xc119b080 lr = 0xc114fafc (_sx_xlock+0x80) sp = 0xea736968 fp = 0xea736988 r4 = 0x00000228 r5 = 0xc12ef932 r6 = 0xc13c5800 r7 = 0xc13c57f0 r8 = 0x00000000 r9 = 0x0000003c r10 = 0x0000000f _sx_xlock() at _sx_xlock+0x80 pc = 0xc114fafc lr = 0xc112583c (linker_file_foreach+0x34) sp = 0xea736990 fp = 0xea7369a8 r4 = 0xc13c57d0 r5 = 0xea7369b0 r6 = 0xc12a6bc0 r7 = 0xc6e50c70 r8 = 0xc13c57f0 r10 = 0x0000000f linker_file_foreach() at linker_file_foreach+0x34 pc = 0xc112583c lr = 0xc12a67d0 (unwind_stack_one+0x5c) sp = 0xea7369b0 fp = 0xea7369d8 r4 = 0xea736b38 r5 = 0xea7369b0 r6 = 0x00000000 r7 = 0xc6e50c70 r8 = 0xc137e698 r10 = 0x0000000f unwind_stack_one() at unwind_stack_one+0x5c pc = 0xc12a67d0 lr = 0xc6e4d688 ($a+0x2e8) sp = 0xea7369e0 fp = 0xea736bb0 r4 = 0xc86a0400 r5 = 0x00000000 r6 = 0xea736b38 r7 = 0x00000004 r8 = 0xc8b14018 r9 = 0x0000003c r10 = 0x0000000f $a() at $a+0x2e8 pc = 0xc6e4d688 lr = 0xc6e8823c (fbt_invop+0x94) sp = 0xea736bb8 fp = 0xea736bd0 r4 = 0xc6fb3040 r5 = 0xc6e7a058 r6 = 0x00000000 r7 = 0xc6b16ca0 r8 = 0xc63bc6a0 r9 = 0xc119be08 r10 = 0x00000000 fbt_invop() at fbt_invop+0x94 pc = 0xc6e8823c lr = 0xc6e6466c ($a+0x38) sp = 0xea736bd8 fp = 0xea736be8 r4 = 0xea736c70 r5 = 0xffffffff r6 = 0xc119be08 r10 = 0x00000000 $a() at $a+0x38 pc = 0xc6e6466c lr = 0xc12a66f0 (undefinedinstruction+0x3b8) sp = 0xea736bf0 fp = 0xea736c68 r4 = 0xea736c70 r5 = 0xc63bc6a0 r6 = 0x00000000 r7 = 0xe7f000f0 undefinedinstruction() at undefinedinstruction+0x3b8 pc = 0xc12a66f0 lr = 0xc128e5a8 (exception_exit) sp = 0xea736c70 fp = 0xea736d48 r4 = 0xc5b25ca0 r5 = 0xc6032028 r6 = 0xc155e6c0 r7 = 0xc5b201a0 r8 = 0xc140e194 r9 = 0xc155e70c r10 = 0x00000009 exception_exit() at exception_exit pc = 0xc128e5a8 lr = 0xc119b5dc (witness_checkorder+0x684) sp = 0xea736d00 fp = 0xea736d48 r0 = 0xc5b201a0 r1 = 0xc5b25ca0 r2 = 0x0000003c r3 = 0xc12fd0fa r4 = 0xc5b25ca0 r5 = 0xc6032028 r6 = 0xc155e6c0 r7 = 0xc5b201a0 r8 = 0xc140e194 r9 = 0xc155e70c r10 = 0x00000009 r12 = 0xc155e6c0 witness_lock_order_add() at witness_lock_order_add pc = 0xc119be08 lr = 0xc114fafc (_sx_xlock+0x80) sp = 0xea736d50 fp = 0xea736d70 r4 = 0x00000aba r5 = 0xc12dccfb r6 = 0xc6032038 r7 = 0xc6032028 r8 = 0x00000000 r9 = 0xc13c4988 r10 = 0x00000002 _sx_xlock() at _sx_xlock+0x80 pc = 0xc114fafc lr = 0xc107dcdc (usbd_enum_lock+0x40) sp = 0xea736d78 fp = 0xea736d80 r4 = 0xc6032000 r5 = 0xc12dccfb r6 = 0xc63d2500 r7 = 0xc63e8800 r8 = 0x00000001 r10 = 0x00000002 usbd_enum_lock() at usbd_enum_lock+0x40 pc = 0xc107dcdc lr = 0xc10869b0 (uhub_explore_handle_re_enumerate+0x20) sp = 0xea736d88 fp = 0xea736d98 r4 = 0xc6032000 r5 = 0xc6032000 uhub_explore_handle_re_enumerate() at uhub_explore_handle_re_enumerate+0x20 pc = 0xc10869b0 lr = 0xc1089bf4 ($a+0x3c8) sp = 0xea736da0 fp = 0xea736de8 r4 = 0xc659a168 r5 = 0xc6032000 r6 = 0xc63d2500 r10 = 0x00000002 $a() at $a+0x3c8 pc = 0xc1089bf4 lr = 0xc1070f50 (usb_bus_explore+0xf0) sp = 0xea736df0 fp = 0xea736e00 r4 = 0xc6052c78 r5 = 0xc63e8800 r6 = 0xc6052eb0 r7 = 0xc12daed8 r8 = 0xc13c49a0 r9 = 0xc12df2a9 r10 = 0xc6052d0c usb_bus_explore() at usb_bus_explore+0xf0 pc = 0xc1070f50 lr = 0xc108c014 (usb_process+0xdc) sp = 0xea736e08 fp = 0xea736e28 r4 = 0xc6052cfc r5 = 0xc6052d04 r6 = 0xc6052d5c r7 = 0xc12df29d usb_process() at usb_process+0xdc pc = 0xc108c014 lr = 0xc1117c94 (fork_exit+0x84) sp = 0xea736e30 fp = 0xea736e48 r4 = 0xc63bc6a0 r5 = 0xc5f7cac8 r6 = 0xc108bf38 r7 = 0xc6052cfc r8 = 0xea736e50 r9 = 0x00000000 r10 = 0x00000000 fork_exit() at fork_exit+0x84 pc = 0xc1117c94 lr = 0xc128e538 (swi_exit) sp = 0xea736e50 fp = 0x00000000 r4 = 0xc108bf38 r5 = 0xc6052cfc r6 = 0x00000000 r7 = 0x00000000 r8 = 0x00000000 r10 = 0x00000000 swi_exit() at swi_exit pc = 0xc128e538 lr = 0xc128e538 (swi_exit) sp = 0xea736e50 fp = 0x00000000 KDB: Current process: usb [panic] backtrace end [panic] rebooting kernel with options 104 Uptime: 7m58s Had an email exchange with Mark Johnston who agreed upon a bug being filed about this.