panic: kmmaplk rwlock 0xffffffff839e6ce0: enter read deadlock
Stopped at db_enter+0x25: addq $0x8,%rsp
TID PID UID PRFLAGS PFLAGS CPU COMMAND
db_enter() at db_enter+0x25 sys/arch/amd64/amd64/db_interface.c:438
panic(ffffffff833c03eb) at panic+0x1cf sys/kern/subr_prf.c:198
rw_do_enter_read(ffffffff839e6ce0,0) at rw_do_enter_read+0x435 sys/kern/kern_rwlock.c:379
uvmfault_lookup(ffff80002a7e1070,0) at uvmfault_lookup+0x122 sys/uvm/uvm_fault.c:1880
uvm_fault_check(ffff80002a7e1070,ffff80002a7e10a8,ffff80002a7e10e0,0) at uvm_fault_check+0x4f sys/uvm/uvm_fault.c:693
uvm_fault(ffffffff839e6bf8,ffff800029ef6000,0,2) at uvm_fault+0xe6 sys/uvm/uvm_fault.c:627
kpageflttrap(ffff80002a7e1210,ffff800029ef6000) at kpageflttrap+0x2d1 sys/arch/amd64/amd64/trap.c:-1
kerntrap(ffff80002a7e1210) at kerntrap+0x18a sys/arch/amd64/amd64/trap.c:528
alltraps_kern_meltdown() at alltraps_kern_meltdown+0x7b
kcov_remote_enter(0,ffff80002a7aed10) at kcov_remote_enter+0x122 sys/dev/kcov.c:670
timeout_run(ffffffff838f1cd0,ffff80002a7460a0) at timeout_run+0xdf sys/kern/kern_timeout.c:696
softclock_process_tick_timeout(ffff80002a7460a0,0) at softclock_process_tick_timeout+0x230 sys/kern/kern_timeout.c:756
softclock(0) at softclock+0x152 sys/kern/kern_timeout.c:788
softintr_dispatch(0) at softintr_dispatch+0xf9 sys/kern/kern_softintr.c:87
end trace frame: 0xffff80002a7e1460, count: 0
https://www.openbsd.org/ddb.html describes the minimum info required in bug
reports. Insufficient info makes it difficult to find and fix bugs.
ddb>
ddb> set $lines = 0
ddb> set $maxwidth = 0
ddb> show panic
*cpu0: kmmaplk rwlock 0xffffffff839e6ce0: enter read deadlock
ddb> trace
db_enter() at db_enter+0x25 sys/arch/amd64/amd64/db_interface.c:438
panic(ffffffff833c03eb) at panic+0x1cf sys/kern/subr_prf.c:198
rw_do_enter_read(ffffffff839e6ce0,0) at rw_do_enter_read+0x435 sys/kern/kern_rwlock.c:379
uvmfault_lookup(ffff80002a7e1070,0) at uvmfault_lookup+0x122 sys/uvm/uvm_fault.c:1880
uvm_fault_check(ffff80002a7e1070,ffff80002a7e10a8,ffff80002a7e10e0,0) at uvm_fault_check+0x4f sys/uvm/uvm_fault.c:693
uvm_fault(ffffffff839e6bf8,ffff800029ef6000,0,2) at uvm_fault+0xe6 sys/uvm/uvm_fault.c:627
kpageflttrap(ffff80002a7e1210,ffff800029ef6000) at kpageflttrap+0x2d1 sys/arch/amd64/amd64/trap.c:-1
kerntrap(ffff80002a7e1210) at kerntrap+0x18a sys/arch/amd64/amd64/trap.c:528
alltraps_kern_meltdown() at alltraps_kern_meltdown+0x7b
kcov_remote_enter(0,ffff80002a7aed10) at kcov_remote_enter+0x122 sys/dev/kcov.c:670
timeout_run(ffffffff838f1cd0,ffff80002a7460a0) at timeout_run+0xdf sys/kern/kern_timeout.c:696
softclock_process_tick_timeout(ffff80002a7460a0,0) at softclock_process_tick_timeout+0x230 sys/kern/kern_timeout.c:756
softclock(0) at softclock+0x152 sys/kern/kern_timeout.c:788
softintr_dispatch(0) at softintr_dispatch+0xf9 sys/kern/kern_softintr.c:87
dosoftint(0) at dosoftint+0x48 sys/arch/amd64/amd64/intr.c:862
Xsoftclock() at Xsoftclock+0x27
pmap_tlb_shootrange(0,ffff80002bcb4000,ffff80002c0b4000,1) at pmap_tlb_shootrange+0xc3 invpcid sys/arch/amd64/compile/SYZKALLER/obj/machine/cpufunc.h:192 [inline]
pmap_tlb_shootrange(0,ffff80002bcb4000,ffff80002c0b4000,1) at pmap_tlb_shootrange+0xc3 sys/arch/amd64/amd64/pmap.c:3363
pmap_do_remove(ffffffff8393c140,ffff80002bcb4000,ffff80002c0b4000,0) at pmap_do_remove+0x6d2 sys/arch/amd64/amd64/pmap.c:1931
uvm_unmap_kill_entry_withlock(ffffffff839e6bf8,fffffd8063c2e0b8,1) at uvm_unmap_kill_entry_withlock+0x269 sys/uvm/uvm_map.c:1869
uvm_unmap_remove(ffffffff839e6bf8,ffff80002bcb4000,ffff80002c0b4000,ffff80002a7e1778,0,1,f8f584293a3e831a) at uvm_unmap_remove+0x6c2 sys/uvm/uvm_map.c:2008
uvm_unmap(ffffffff839e6bf8,ffff80002bcb4000,ffff80002c0b4000) at uvm_unmap+0xa7 vm_map_unlock_ln sys/uvm/uvm_map.c:-1 [inline]
uvm_unmap(ffffffff839e6bf8,ffff80002bcb4000,ffff80002c0b4000) at uvm_unmap+0xa7 sys/uvm/uvm_map.c:1799
km_free(ffff80002bcb4000,400000,ffffffff836b7610,ffffffff836b76f8) at km_free+0x87 sys/uvm/uvm_km.c:714
kd_free(ffff8000015aea80) at kd_free+0x84 sys/dev/kcov.c:564
kcovclose(61300,3,2000,ffff80002a7762a8) at kcovclose+0xe4 sys/dev/kcov.c:-1
spec_close(ffff80002a7e1950) at spec_close+0x466 sys/kern/spec_vnops.c:-1
VOP_CLOSE(fffffd806cb188b0,3,fffffd8007ffd680,ffff80002a7762a8) at VOP_CLOSE+0x129 sys/kern/vfs_vops.c:156
vn_closefile(fffffd806cdfda68,ffff80002a7762a8) at vn_closefile+0x11d vn_close sys/kern/vfs_vnops.c:298 [inline]
vn_closefile(fffffd806cdfda68,ffff80002a7762a8) at vn_closefile+0x11d sys/kern/vfs_vnops.c:621
fdrop(fffffd806cdfda68,ffff80002a7762a8) at fdrop+0x121 sys/kern/kern_descrip.c:1281
closef(fffffd806cdfda68,ffff80002a7762a8) at closef+0x190 sys/kern/kern_descrip.c:1265
fdfree(ffff80002a7762a8) at fdfree+0x115 sys/kern/kern_descrip.c:1196
exit1(ffff80002a7762a8,1,0,1) at exit1+0x576 sys/kern/kern_exit.c:215
sys_exit(ffff80002a7762a8,ffff80002a7e1cb0,ffff80002a7e1c00) at sys_exit+0x1a sys/kern/kern_exit.c:-1
syscall(ffff80002a7e1cb0) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline]
syscall(ffff80002a7e1cb0) at syscall+0x962 sys/arch/amd64/amd64/trap.c:783
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x7823d2aa6110, count: -34
ddb> show registers
rdi 0
rsi 0x1
rbp 0xffff80002a7e0d70
rbx 0xffff800029ef6000
rdx 0
rcx 0
rax 0xffff80002a7762a8
r8 0x101010101010101
r9 0x8080808080808080
r10 0x5709b7ec40394bc5
r11 0xeb2516dd3f741b11
r12 0
r13 0xffff80002a7762ac
r14 0
r15 0x1
rip 0xffffffff81d7f335 db_enter+0x25
cs 0x8
rflags 0x246
rsp 0xffff80002a7e0d60
ss 0x10
db_enter+0x25: addq $0x8,%rsp
ddb> show proc
PROC (syz-executor) tid=150845 pid=14184 tcnt=0 stat=onproc
flags process=a<EXEC,EXITING> proc=2000<WEXIT>
runpri=50, usrpri=50, slppri=17, nice=20
wchan=0x0, wmesg=, ps_single=0x0 scnt=0 ecnt=1
forw=0xffffffffffffffff, list=0xffff80002a776540,0xffff80002a777248
process=0xffff80002a7ac490 user=0xffff80002a7dc000, vmspace=0xfffffd807ece0450
estcpu=36, cpticks=13, pctcpu=0.0, user=0, sys=1, intr=1
ddb> ps
PID TID PPID UID S FLAGS WAIT COMMAND
39325 377974 26893 0 2 0 syz-executor
39325 324680 26893 0 3 0x4000080 fsleep syz-executor
15889 435504 78889 0 2 0 syz-executor
15889 110627 78889 0 3 0x4000080 ttyout syz-executor
15889 97061 78889 0 2 0x4000000 syz-executor
77147 418257 24873 0 3 0x80 nanoslp syz-executor
77147 373526 24873 0 3 0x4000080 ttyout syz-executor
38777 138774 43772 0 2 0 syz-executor
38777 458546 43772 0 3 0x4000080 fsleep syz-executor
59199 186033 7588 0 2 0 syz-executor
59199 254234 7588 0 3 0x4000080 fsleep syz-executor
59199 226879 7588 0 3 0x4000080 fsleep syz-executor
19872 485128 73670 0 2 0 syz-executor
19872 515673 73670 0 3 0x4000080 fsleep syz-executor
70262 384223 90726 0 3 0x80 nanoslp syz-executor
70262 281748 90726 0 3 0x4000080 fsleep syz-executor
70262 112617 90726 0 3 0x4000080 ttyout syz-executor
70262 252927 90726 0 3 0x4000080 fsleep syz-executor
91836 226380 1 0 3 0x82 nanoslp getty
24873 90022 49048 0 3 0x82 nanoslp syz-executor
58018 152073 0 0 3 0x14280 nfsidl nfsio
11896 382703 0 0 3 0x14280 nfsidl nfsio
28885 140213 0 0 3 0x14280 nfsidl nfsio
66187 177617 0 0 3 0x14280 nfsidl nfsio
18536 434574 0 0 3 0x14280 nfsidl nfsio
24778 11020 0 0 3 0x14280 nfsidl nfsio
74759 74639 0 0 3 0x14280 nfsidl nfsio
67674 463073 0 0 3 0x14280 nfsidl nfsio
28484 517956 0 0 3 0x14280 nfsidl nfsio
41546 18706 0 0 3 0x14280 nfsidl nfsio
52102 382454 0 0 3 0x14280 nfsidl nfsio
94291 374994 0 0 3 0x14280 nfsidl nfsio
96553 114783 0 0 3 0x14280 nfsidl nfsio
27880 349796 0 0 3 0x14280 nfsidl nfsio
89411 520934 0 0 3 0x14280 nfsidl nfsio
60055 412856 0 0 3 0x14280 nfsidl nfsio
95669 280895 0 0 3 0x14280 nfsidl nfsio
66949 183577 0 0 3 0x14280 nfsidl nfsio
5775 470662 0 0 3 0x14280 nfsidl nfsio
56563 37428 0 0 3 0x14280 nfsidl nfsio
26893 122772 49048 0 3 0x82 nanoslp syz-executor
73670 198707 49048 0 3 0x82 nanoslp syz-executor
78889 119257 49048 0 3 0x82 nanoslp syz-executor
90726 22746 49048 0 3 0x82 nanoslp syz-executor
7588 457220 49048 0 3 0x82 nanoslp syz-executor
43772 207960 49048 0 3 0x82 nanoslp syz-executor
49048 491666 1 0 2 0x82 syz-executor
24897 229636 1 73 3 0x1100090 kqread syslogd
63841 429834 0 0 3 0x14200 bored smr
56069 30573 0 0 2 0x14200 zerothread
90783 806 0 0 3 0x14200 aiodoned aiodoned
50622 160029 0 0 3 0x14200 syncer update
36234 236454 0 0 3 0x14200 cleaner cleaner
28864 170726 0 0 3 0x14200 reaper reaper
15696 472336 0 0 3 0x14200 pgdaemon pagedaemon
78002 349010 0 0 3 0x14200 bored viomb
89777 309310 0 0 3 0x40014200 acpi0 acpi0
16663 271109 0 0 3 0x14200 bored softnet0
9364 44869 0 0 3 0x14200 bored systqmp
95268 486551 0 0 3 0x14200 bored systq
71695 385293 0 0 3 0x40014200 tmoslp softclock
43045 75512 0 0 3 0x40014200 idle0
1 500421 0 0 3 0x82 wait init
0 0 -1 0 3 0x10010200 scheduler swapper
ddb> show all locks
No such command
ddb> show malloc
Type InUse MemUse HighUse Limit Requests Type Lim
devbuf 11062 12238K 13838K 166960K 14772 0
pcb 18 16K 18K 166960K 457 0
rtable 199 8K 9K 166960K 603 0
pf 26 12K 19K 166960K 112 0
ifaddr 33 6K 8K 166960K 96 0
ifgroup 42 1K 2K 166960K 156 0
sysctl 4 1K 9K 166960K 10 0
counters 31