witness: lock order reversal:
1st 0xfffffd806827ed30 amaplk (&amap->am_lock)
2nd 0xffffffff82e169c8 vmmaplk (&map->lock)
lock order [1] amaplk (&amap->am_lock) -> [2] vmmaplk (&map->lock)
#0 rw_enter_read+0x87 sys/kern/kern_rwlock.c:112
#1 uvmfault_lookup+0xd9 sys/uvm/uvm_fault.c:1785
#2 uvm_fault_check+0x3e sys/uvm/uvm_fault.c:672
#3 uvm_fault+0xf2 sys/uvm/uvm_fault.c:600
#4 kpageflttrap+0x238 sys/arch/amd64/amd64/trap.c:279
#5 kerntrap+0xf2 sys/arch/amd64/amd64/trap.c:332
#6 alltraps_kern_meltdown+0x7b
#7 witness_checkorder+0x1db sys/kern/subr_witness.c:803
#8 mtx_enter+0x3e sys/kern/kern_lock.c:265
#9 pmap_page_remove+0xa7 rcr3 machine/cpufunc.h:139 [inline]
#9 pmap_page_remove+0xa7 pmap_map_ptes sys/arch/amd64/amd64/pmap.c:425 [inline]
#9 pmap_page_remove+0xa7 sys/arch/amd64/amd64/pmap.c:1950
#10 u
vm_a
OpenBSD/amd64 (ci-openbsd-multnifcore-6.c.syzkalrler.internal) (tety00)
login: e_list+0x98
#11 amap_wipeout+0x1af sys/uvm/uvm_amap.c:502
#12 uvm_unmap_detach+0x7d sys/uvm/uvm_map.c:1354
#13 uvm_map_teardown+0x2f8 sys/uvm/uvm_map.c:2554
#14 uvmspace_free+0xa6 sys/uvm/uvm_map.c:3461
#15 reaper+0x197 sys/kern/kern_exit.c:475
#16 proc_trampoline+0x10
lock order [2] vmmaplk (&map->lock) -> [1] amaplk (&amap->am_lock)
#0 rw_enter_write+0x5f sys/kern/kern_rwlock.c:128
#1 uvm_fault_check+0x401 sys/uvm/uvm_fault.c:782
#2 uvm_fault+0xf2 sys/uvm/uvm_fault.c:600
#3 kpageflttrap+0x238 sys/arch/amd64/amd64/trap.c:279
#4 kerntrap+0xf2 sys/arch/amd64/amd64/trap.c:332
#5 alltraps_kern_meltdown+0x7b
#6 copyout+0x57
#7 proc_trampoline+0x10
Stopped at db_enter+0x1c: addq $0x8,%rsp
ddb{1}> set $lines = 0
ddb{1}> set $maxwidth = 0
ddb{1}> show panic
the kernel did not panic
ddb{1}> trace
db_enter() at db_enter+0x1c sys/arch/amd64/amd64/db_interface.c:437
witness_checkorder(ffffffff82e169c8,1,0) at witness_checkorder+0xc05
rw_enter_read(ffffffff82e169b8) at rw_enter_read+0x87 sys/kern/kern_rwlock.c:112
uvmfault_lookup(ffff80002a154fc0,0) at uvmfault_lookup+0xd9 sys/uvm/uvm_fault.c:1785
uvm_fault_check(ffff80002a154fc0,ffff80002a154ff8,ffff80002a155020) at uvm_fault_check+0x3e sys/uvm/uvm_fault.c:672
uvm_fault(ffffffff82e168d8,fe000000000,0,1) at uvm_fault+0xf2 sys/uvm/uvm_fault.c:600
kpageflttrap(ffff80002a155160,fe00000000b) at kpageflttrap+0x238 sys/arch/amd64/amd64/trap.c:279
kerntrap(ffff80002a155160) at kerntrap+0xf2 sys/arch/amd64/amd64/trap.c:332
alltraps_kern_meltdown() at alltraps_kern_meltdown+0x7b
witness_checkorder(fffffd8067c558c8,9,0) at witness_checkorder+0x1db sys/kern/subr_witness.c:803
mtx_enter(fffffd8067c558b8) at mtx_enter+0x3e sys/kern/kern_lock.c:265
pmap_page_remove(fffffd8007907420) at pmap_page_remove+0xa7 rcr3 machine/cpufunc.h:139 [inline]
pmap_page_remove(fffffd8007907420) at pmap_page_remove+0xa7 pmap_map_ptes sys/arch/amd64/amd64/pmap.c:425 [inline]
pmap_page_remove(fffffd8007907420) at pmap_page_remove+0xa7 sys/arch/amd64/amd64/pmap.c:1950
uvm_anfree_list(fffffd8069ecb510,0) at uvm_anfree_list+0x98
amap_wipeout(fffffd806a22aeb0) at amap_wipeout+0x1af sys/uvm/uvm_amap.c:502
uvm_unmap_detach(ffff80002a155490,1) at uvm_unmap_detach+0x7d sys/uvm/uvm_map.c:1354
uvm_map_teardown(fffffd8065d1f538) at uvm_map_teardown+0x2f8 sys/uvm/uvm_map.c:2554
uvmspace_free(fffffd8065d1f538) at uvmspace_free+0xa6 sys/uvm/uvm_map.c:3461
reaper(ffff80002a149488) at reaper+0x197 sys/kern/kern_exit.c:475
end trace frame: 0x0, count: -18
ddb{1}> show registers
rdi 0
rsi 0
rbp 0xffff80002a154cc0
rbx 0xffffffff828e8252 pp_r600_decoded_lanes+0x32ae5
rdx 0
rcx 0xffff80002a149488
rax 0xffff800029cebff0
r8 0xffff80002a154ba0
r9 0x8080808080808080
r10 0xb98c0651233a9230
r11 0xdd543e0638cf6d38
r12 0xfffffd8003b26ab0
r13 0xfffffd8003338d80
r14 0x3
r15 0xffffffff
rip 0xffffffff8139239c db_enter+0x1c
cs 0x8
rflags 0x246
rsp 0xffff80002a154cb0
ss 0x10
db_enter+0x1c: addq $0x8,%rsp
ddb{1}> show proc
PROC (reaper) tid=224784 pid=36887 tcnt=1 stat=onproc
flags process=14000<NOZOMBIE,SYSTEM> proc=200<SYSTEM>
runpri=84, usrpri=86, slppri=4, nice=20
wchan=0x0, wmesg=, ps_single=0x0 scnt=0 ecnt=0
forw=0xffffffffffffffff, list=0xffff80002a149718,0xffff80002a1487c8
process=0xffff80002a15b5a8 user=0xffff80002a150000, vmspace=0xffffffff82e168d8
estcpu=36, cpticks=6, pctcpu=32.88, user=0, sys=5, intr=0
ddb{1}> ps
PID TID PPID UID S FLAGS WAIT COMMAND
22157 344544 2618 0 7 0x8000000 syz-executor.2
22157 63784 2618 0 3 0xc000000 getblk syz-executor.2
22157 174665 2618 0 3 0xc000000 inode syz-executor.2
80482 283734 12624 0 3 0x810008a sigsusp sh
12624 442340 29676 0 2 0x8000002 syz-executor.4
60846 409681 82143 0 3 0x810008a sigsusp sh
39676 31629 27976 0 3 0x810008a sigsusp sh
84920 378549 15797 0 3 0x810008a sigsusp sh
15797 3958 29676 0 3 0x8000082 wait syz-executor.7
27976 222785 29676 0 3 0x8000082 wait syz-executor.3
82143 171954 29676 0 3 0x8000082 wait syz-executor.0
62304 35403 0 0 3 0x14200 acct acct
71830 464431 29676 0 3 0x8000082 wait syz-executor.5
8357 113175 0 0 3 0x14280 nfsidl nfsio
71443 455268 0 0 3 0x14280 nfsidl nfsio
44029 91957 0 0 3 0x14280 nfsidl nfsio
85996 257576 0 0 3 0x14280 nfsidl nfsio
66574 338396 0 0 3 0x14280 nfsidl nfsio
4548 260390 0 0 3 0x14280 nfsidl nfsio
54662 70507 0 0 3 0x14280 nfsidl nfsio
17081 439958 0 0 3 0x14280 nfsidl nfsio
55049 269290 0 0 3 0x14280 nfsidl nfsio
31231 20763 0 0 3 0x14280 nfsidl nfsio
58774 123726 0 0 3 0x14280 nfsidl nfsio
16060 130442 0 0 3 0x14280 nfsidl nfsio
16272 232206 0 0 3 0x14280 nfsidl nfsio
96374 424182 0 0 3 0x14280 nfsidl nfsio
38098 505931 0 0 3 0x14280 nfsidl nfsio
26379 130920 0 0 3 0x14280 nfsidl nfsio
24848 87321 0 0 3 0x14280 nfsidl nfsio
32816 26614 0 0 3 0x14280 nfsidl nfsio
91613 501978 0 0 3 0x14280 nfsidl nfsio
32867 323255 0 0 3 0x14280 nfsidl nfsio
68021 106315 29676 0 2 0x8000002 syz-executor.1
37394 52034 0 0 3 0x14200 bored sosplice
98250 384195 49877 0 3 0x18100082 netio arp
49877 404029 1 0 3 0x810008a sigsusp sh
2618 475846 29676 0 3 0x8000082 nanoslp syz-executor.2
82215 294086 29676 0 3 0x8000082 wait syz-executor.6
29676 233403 86269 0 2 0x1a081082 syz-fuzzer
29676 142327 86269 0 2 0x1e081482 syz-fuzzer
29676 315223 86269 0 2 0x1e081082 syz-fuzzer
29676 428287 86269 0 2 0x1e081082 syz-fuzzer
29676 383794 86269 0 3 0x1e003002 suspend syz-fuzzer
29676 172061 86269 0 2 0x1e081082 syz-fuzzer
29676 210368 86269 0 2 0x1e081082 syz-fuzzer
29676 501681 86269 0 2 0x1e081082 syz-fuzzer
29676 160089 86269 0 2 0x1e081082 syz-fuzzer
86269 400023 27141 0 3 0x810008a sigsusp ksh
27141 438177 85813 0 2 0x1800009a sshd
18396 331531 1 0 3 0x18100083 ttyin getty
85813 414959 1 0 3 0x18000088 kqread sshd
98612 140677 48096 73 2 0x19100010 syslogd
48096 211684 1 0 3 0x18100082 sbwait syslogd
73259 179129 1 0 3 0x18100080 kqread resolvd
46995 313602 10161 77 3 0x18100092 kqread dhcpleased
56271 483410 10161 77 3 0x18100092 kqread dhcpleased
10161 483468 1 0 3 0x18000080 kqread dhcpleased
58178 460019 0 0 3 0x14200 bored smr
9571 134987 0 0 2 0x14200 zerothread
31644 88139 0 0 3 0x14200 aiodoned aiodoned
50843 495746 0 0 3 0x14200 syncer update
23825 429761 0 0 3 0x14200 cleaner cleaner
*36887 224784 0 0 7 0x14200 reaper
91012 497034 0 0 3 0x14200 pgdaemon pagedaemon
63478 506728 0 0 3 0x14200 bored viomb
25268 315741 0 0 3 0x40014200 acpi0 acpi0
5422 360442 0 0 3 0x40014200 idle1
77491 232359 0 0 3 0x14200 bored softnet3
60178 1004 0 0 3 0x14200 bored softnet2
91308 449092 0 0 3 0x14200 bored softnet1
43523 502565 0 0 3 0x14200 bored softnet0
52070 363699 0 0 3 0x14200 bored systqmp
98974 292684 0 0 3 0x14200 bored systq
15266 188434 0 0 3 0x14200 tmoslp softclockmp
31509 441500 0 0 3 0x40014200 tmoslp softclock
63651 506163 0 0 3 0x40014200 idle0
1 217503 0 0 3 0x8000082 wait init
0 0 -1 0 3 0x10200 scheduler swapper
ddb{1}> show all locks
Process 22157 (syz-executor.2) thread 0xffff80002a2aafb8 (63784)
exclusive rrwlock inode r = 0 (0xfffffd80680f7918)
#0 witness_lock+0x446 stacktrace_save sys/sys/stacktrace.h:37 [inline]
#0 witness_lock+0x446 sys/kern/subr_witness.c:1157
#1 rw_enter+0x32d sys/kern/kern_rwlock.c:309
#2 rrw_enter+0x91 sys/kern/kern_rwlock.c:464
#3 VOP_LOCK+0x8b sys/kern/vfs_vops.c:524
#4 ufs_ihashins+0x46
#5 ffs_vget+0x141 sys/ufs/ffs/ffs_vfsops.c:1230
#6 ffs_inode_alloc+0x1e4 sys/ufs/ffs/ffs_alloc.c:393
#7 ufs_makeinode+0xb0 sys/ufs/ufs/ufs_vnops.c:1728
#8 ufs_create+0x45 sys/ufs/ufs/ufs_vnops.c:147
#9 VOP_CREATE+0xc0 sys/kern/vfs_vops.c:103
#10 vn_open+0x353 sys/kern/vfs_vnops.c:116
#11 doopenat+0x269 sys/kern/vfs_syscalls.c:1127
#12 syscall+0x854 mi_syscall sys/sys/syscall_mi.h:180 [inline]
#12 syscall+0x854 sys/arch/amd64/amd64/trap.c:577
#13 Xsyscall+0x128
exclusive rrwlock inode r = 0 (0xfffffd80680f76f8)
#0 witness_lock+0x446 stacktrace_save sys/sys/stacktrace.h:37 [inline]
#0 witness_lock+0x446 sys/kern/subr_witness.c:1157
#1 rw_enter+0x32d sys/kern/kern_rwlock.c:309
#2 rrw_enter+0x91 sys/kern/kern_rwlock.c:464
#3 VOP_LOCK+0x8b sys/kern/vfs_vops.c:524
#4 vn_lock+0x85 sys/kern/vfs_vnops.c:564
#5 vfs_lookup+0xd3 sys/kern/vfs_lookup.c:418
#6 namei+0x56a sys/kern/vfs_lookup.c:250
#7 vn_open+0x180 sys/kern/vfs_vnops.c:107
#8 doopenat+0x269 sys/kern/vfs_syscalls.c:1127
#9 syscall+0x854 mi_syscall sys/sys/syscall_mi.h:180 [inline]
#9 syscall+0x854 sys/arch/amd64/amd64/trap.c:577
#10 Xsyscall+0x128
Process 68021 (syz-executor.1) thread 0xffff80002e1119d0 (106315)
exclusive rrwlock inode r = 0 (0xfffffd80680f7f78)
#0 witness_lock+0x446 stacktrace_save sys/sys/stacktrace.h:37 [inline]
#0 witness_lock+0x446 sys/kern/subr_witness.c:1157
#1 rw_enter+0x32d sys/kern/kern_rwlock.c:309
#2 rrw_enter+0x91 sys/kern/kern_rwlock.c:464
#3 VOP_LOCK+0x8b sys/kern/vfs_vops.c:524
#4 ufs_ihashins+0x46
#5 ffs_vget+0x141 sys/ufs/ffs/ffs_vfsops.c:1230
#6 ffs_inode_alloc+0x1e4 sys/ufs/ffs/ffs_alloc.c:393
#7 ufs_mkdir+0xe6 sys/ufs/ufs/ufs_vnops.c:1112
#8 VOP_MKDIR+0xc3 sys/kern/vfs_vops.c:394
#9 domkdirat+0x125 sys/kern/vfs_syscalls.c:3104
#10 syscall+0x854 mi_syscall sys/sys/syscall_mi.h:180 [inline]
#10 syscall+0x854 sys/arch/amd64/amd64/trap.c:577
#11 Xsyscall+0x128
exclusive rrwlock inode r = 0 (0xfffffd8069bc22c8)
#0 witness_lock+0x446 stacktrace_save sys/sys/stacktrace.h:37 [inline]
#0 witness_lock+0x446 sys/kern/subr_witness.c:1157
#1 rw_enter+0x32d sys/kern/kern_rwlock.c:309
#2 rrw_enter+0x91 sys/kern/kern_rwlock.c:464
#3 VOP_LOCK+0x8b sys/kern/vfs_vops.c:524
#4 vn_lock+0x85 sys/kern/vfs_vnops.c:564
#5 vfs_lookup+0xd3 sys/kern/vfs_lookup.c:418
#6 namei+0x56a sys/kern/vfs_lookup.c:250
#7 domkdirat+0x79 sys/kern/vfs_syscalls.c:3089
#8 syscall+0x854 mi_syscall sys/sys/syscall_mi.h:180 [inline]
#8 syscall+0x854 sys/arch/amd64/amd64/trap.c:577
#9 Xsyscall+0x128
Process 98612 (syslogd) thread 0xffff8000ffffdc40 (140677)
exclusive rrwlock inode r = 0 (0xfffffd806e74e1b0)
#0 witness_lock+0x446 stacktrace_save sys/sys/stacktrace.h:37 [inline]
#0 witness_lock+0x446 sys/kern/subr_witness.c:1157
#1 rw_enter+0x32d sys/kern/kern_rwlock.c:309
#2 rrw_enter+0x91 sys/kern/kern_rwlock.c:464
#3 VOP_LOCK+0x8b sys/kern/vfs_vops.c:524
#4 vn_lock+0x85 sys/kern/vfs_vnops.c:564
#5 sys_fsync+0xf1 sys/kern/vfs_syscalls.c:2931
#6 syscall+0x854 mi_syscall sys/sys/syscall_mi.h:180 [inline]
#6 syscall+0x854 sys/arch/amd64/amd64/trap.c:577
#7 Xsyscall+0x128
Process 36887 (reaper) thread 0xffff80002a149488 (224784)
exclusive rwlock amaplk r = 0 (0xfffffd806827ed30)
#0 witness_lock+0x446 stacktrace_save sys/sys/stacktrace.h:37 [inline]
#0 witness_lock+0x446 sys/kern/subr_witness.c:1157
#1 amap_unref+0x2f sys/uvm/uvm_amap.c:1360
#2 uvm_unmap_detach+0x7d sys/uvm/uvm_map.c:1354
#3 uvm_map_teardown+0x2f8 sys/uvm/uvm_map.c:2554
#4 uvmspace_free+0xa6 sys/uvm/uvm_map.c:3461
#5 reaper+0x197 sys/kern/kern_exit.c:475
#6 proc_trampoline+0x10
ddb{1}> show malloc
Type InUse MemUse HighUse Limit Requests Type Lim
devbuf 10193 6427K 7011K 166960K 13186 0
pcb 17 14K 16K 166960K 266 0
rtable 162 6K 7K 166960K 856 0
pf 33 9K 10K 166960K 112 0
ifaddr 36 13K 15K 166960K 125 0
ifgroup 58 2K 2K 166960K 170 0
sysctl 2 0K 0K 166960K 2 0
counters 66 36K 37K 166960K 134 0
ioctlops 0 0K 4K 166960K 1565 0
iov 0 0K 16K 166960K 72 0
mount 1 1K 1K 166960K 1 0
log 0 0K 0K 166960K 4 0
vnodes 1376 87K 87K 166960K 2563 0
UFS quota 1 32K 32K 166960K 1 0
UFS mount 5 36K 36K 166960K 5 0
shm 2 1K 5K 166960K 34 0
VM map 2 1K 1K 166960K 2 0
sem 12 0K 1K 166960K 82 0
dirhash 12 2K 3K 166960K 36 0
ACPI 1697 195K 286K 166960K 12548 0
file desc 17 61K 89K 166960K 1271 0
sigio 0 0K 0K 166960K 26 0
proc 58 79K 103K 166960K 966 0
subproc 117 7K 7K 166960K 312 0
NFS srvsock 1 0K 0K 166960K 1 0
NFS daemon 1 16K 16K 166960K 1 0
ip_moptions 0 0K 0K 166960K 149 0
in_multi 61 4K 6K 166960K 279 0
ether_multi 1 0K 0K 166960K 9 0
mrt 0 0K 0K 166960K 2 0
ISOFS mount 1 32K 32K 166960K 1 0
MSDOSFS mount 1 16K 16K 166960K 1 0
ttys 91 413K 413K 166960K 91 0
exec 0 0K 1K 166960K 653 0
pfkey data 0 0K 0K 166960K 1 0
tdb 3 0K 0K 166960K 3 0
VM swap 8 62K 64K 166960K 10 0
UVM amap 308 85K 109K 166960K 13068 0
UVM aobj 60 6K 6K 166960K 65 0
pinsyscall 38 76K 100K 166960K 2784 0
memdesc 1 4K 4K 166960K 1 0
crypto data 1 1K 1K 166960K 1 0
ip6_options 0 0K 1K 166960K 89 0
NDP 12 0K 1K 166960K 86 0
temp 76 6808K 6878K 166960K 42185 0
kqueue 12 18K 26K 166960K 144 0
SYN cache 2 16K 16K 166960K 2 0
ddb{1}> show all pools
Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle
plcache 128 24 0 0 1 0 1 1 0 8 0
rtpcb 120 182 0 178 2 1 1 2 0 8 0
rtentry 112 286 0 216 3 0 3 3 0 8 0
unpcb 144 862 0 849 6 5 1 4 0 8 0
syncache 336 9 0 9 4 4 0 1 0 8 0
tcpqe 32 18 0 18 1 1 0 1 0 8 0
tcpcb 808 331 0 326 6 5 1 2 0 8 0
arp 120 55 0 39 1 0 1 1 0 8 0
inpcb 384 1224 0 1215 14 12 2 8 0 8 1
nd6 136 70 0 54 1 0 1 1 0 8 0
pkpcb 40 6 0 6 5 5 0 1 0 8 0
kcovpl 48 24 0 15 1 0 1 1 0 8 0
ppxss 1168 12 0 12 4 4 0 1 0 8 0
pffrag 232 10 0 10 1 1 0 1 0 482 0
pffrnode 88 10 0 10 1 1 0 1 0 8 0
pffrent 40 144 0 144 1 1 0 1 0 8 0
pfosfp 40 1428 0 1005 5 0 5 5 0 8 0
pfosfpen 112 1428 0 714 21 0 21 21 0 8 0
pfstitem 24 94 0 89 1 0 1 1 0 8 0
pfstkey 128 94 0 89 2 1 1 2 0 8 0
pfstate 376 94 0 89 5 4 1 5 0 8 0
pfrule 1344 21 0 16 2 1 1 2 0 8 0
art_heap8 4096 1 0 0 1 0 1 1 0 8 0
art_heap4 256 1062 0 772 29 6 23 25 0 8 1
art_table 32 1063 0 772 4 0 4 4 0 8 0
art_node 16 285 0 221 1 0 1 1 0 8 0
sysvmsgpl 40 17 0 6 1 0 1 1 0 8 0
semapl 112 79 0 69 1 0 1 1 0 8 0
shmpl 112 62 0 5 2 0 2 2 0 8 0
dirhash 1024 33 0 16 3 0 3 3 0 8 0
dino2pl 256 3513 0 2001 96 0 96 96 0 8 0
ffsino 272 3514 0 2001 102 0 102 102 0 8 0
nchpl 144 5329 0 3590 67 0 67 67 0 8 0
uvmvnodes 80 4396 0 0 90 0 90 90 0 8 0
vnodes 216 4396 0 0 245 0 245 245 0 8 0
namei 1024 19636 0 19633 3 2 1 2 0 8 0
percpumem 16 81 0 34 1 0 1 1 0 8 0
vcpupl 3904 6 0 1 1 0 1 1 0 8 0
vmpool 696 14 0 9 1 0 1 1 0 8 0
kstatmem 264 92 0 68 3 0 3 3 0 8 0
scsiplug 72 3 0 3 2 2 0 1 0 8 0
scxspl 216 19531 0 19531 18 17 1 7 1 8 1
plimitpl 152 227 0 209 1 0 1 1 0 8 0
sigapl 424 1568 0 1493 9 0 9 9 0 8 0
futexpl 64 18135 0 18135 4 3 1 1 0 8 1
knotepl 120 467 0 0 11 0 11 11 0 8 0
kqueuepl 216 387 0 379 5 4 1 3 0 8 0
pipepl 320 336 0 305 3 0 3 3 0 8 0
fdescpl 496 1528 0 1500 6 1 5 5 0 8 0
filepl 152 9961 0 9706 26 15 11 19 0 8 0
lockfpl 104 434 0 432 1 0 1 1 0 8 0
lockfspl 48 182 0 180 1 0 1 1 0 8 0
sessionpl 144 39 0 21 1 0 1 1 0 8 0
pgrppl 48 63 0 45 1 0 1 1 0 8 0
ucredpl 104 1679 0 1668 1 0 1 1 0 8 0
zombiepl 144 1501 0 1493 1 0 1 1 0 8 0
processpl 1144 1568 0 1493 6 0 6 6 0 8 0
procpl 656 2799 0 2702 12 3 9 9 0 8 0
srpgc 96 7 0 7 3 3 0 1 0 8 0
sosppl 168 5 0 5 3 2 1 1 0 8 1
sockpl 664 2277 0 2251 21 18 3 15 0 8 0
mcl64k 65536 12 0 0 2 0 2 2 0 8 0
mcl16k 16384 4 0 0 1 0 1 1 0 8 0
mcl12k 12288 3 0 0 1 0 1 1 0 8 0
mcl9k 9216 1 0 0 1 0 1 1 0 8 0
mcl8k 8192 9 0 0 2 0 2 2 0 8 0
mcl4k 4096 5 0 0 1 0 1 1 0 8 0
mcl2k 2048 344 0 0 43 0 43 43 0 8 0
mtagpl 96 21 0 0 1 0 1 1 0 8 0
mbufpl 256 457 0 0 26 0 26 26 0 8 0
bufpl 280 10183 0 2222 569 0 569 569 0 8 0
anonpl 24 387906 0 381321 139 49 90 98 0 186 25
amapchunkpl 152 45228 0 44519 83 39 44 52 0 158 13
amappl16 200 9774 0 9641 54 35 19 23 0 8 4
amappl15 192 16 0 16 1 1 0 1 0 8 0
amappl14 184 191 0 178 2 1 1 2 0 8 0
amappl13 176 15 0 15 1 1 0 1 0 8 0
amappl12 168 2403 0 2362 2 0 2 2 0 8 0
amappl11 160 55 0 45 1 0 1 1 0 8 0
amappl10 152 56 0 47 1 0 1 1 0 8 0
amappl9 144 309 0 308 1 0 1 1 0 8 0
amappl8 136 230 0 193 2 0 2 2 0 8 0
amappl7 128 54 0 39 1 0 1 1 0 8 0
amappl6 120 555 0 530 2 1 1 2 0 8 0
amappl5 112 229 0 215 1 0 1 1 0 8 0
amappl4 104 663 0 622 2 0 2 2 0 8 0
amappl3 96 7991 0 7898 3 0 3 3 0 8 0
amappl2 88 1941 0 1859 3 1 2 3 0 8 0
amappl1 80 13830 0 13248 22 9 13 22 0 8 0
amappl 88 12339 0 12135 6 0 6 6 0 92 0
dma4096 4096 1 0 1 1 1 0 1 0 8 0
dma1024 1024 1 0 0 1 0 1 1 0 8 0
dma256 256 6 0 6 1 1 0 1 0 8 0
dma128 128 253 0 253 1 1 0 1 0 8 0
dma64 64 6 0 6 1 1 0 1 0 8 0
dma32 32 7 0 7 1 1 0 1 0 8 0
dma16 16 18 0 17 1 0 1 1 0 8 0
aobjpl 72 64 0 5 2 0 2 2 0 8 0
uaddrrnd 24 1542 0 1503 1 0 1 1 0 8 0
uaddrbest 32 2 0 0 1 0 1 1 0 8 0
uaddr 24 1542 0 1503 1 0 1 1 0 8 0
vmmpekpl 168 14938 0 14869 4 0 4 4 0 8 0
vmmpepl 168 117012 0 114949 148 47 101 112 0 357 2
vmsppl 440 1541 0 1502 7 2 5 5 0 8 0
rwobjpl 56 39803 0 34080 86 2 84 84 0 8 0
pdppl 4096 3091 0 3009 189 107 82 82 0 8 0
pvpl 32 45840 0 0 370 0 370 370 0 265 0
pmappl 248 1541 0 1502 4 1 3 3 0 8 0
pool(pmappl): free list modified: page 0xfffffd8067c55000; item ordinal 2; addr 0xfffffd8067c558b8 (p 0xfffffd8067c55000); offset 0x3c=0xdeafbeae
extentpl 40 56 0 38 1 0 1 1 0 8 0
phpool 112 515 0 130 11 0 11 11 0 8 0
ddb{1}> machine ddbcpu 0
Stopped at x86_ipi_db+0x1e: addq $0x8,%rsp
ddb{0}> trace
x86_ipi_db(ffffffff82c80ff0) at x86_ipi_db+0x1e sys/arch/amd64/amd64/db_interface.c:393
x86_ipi_handler() at x86_ipi_handler+0xb7 sys/arch/amd64/amd64/ipi.c:106
Xresume_lapic_ipi() at Xresume_lapic_ipi+0x27
end of kernel
end trace frame: 0x7d0631fc1b60, count: -3
ddb{0}> machine ddbcpu 1
Stopped at db_enter+0x1c: addq $0x8,%rsp
ddb{1}> trace
db_enter() at db_enter+0x1c sys/arch/amd64/amd64/db_interface.c:437
witness_checkorder(ffffffff82e169c8,1,0) at witness_checkorder+0xc05
rw_enter_read(ffffffff82e169b8) at rw_enter_read+0x87 sys/kern/kern_rwlock.c:112
uvmfault_lookup(ffff80002a154fc0,0) at uvmfault_lookup+0xd9 sys/uvm/uvm_fault.c:1785
uvm_fault_check(ffff80002a154fc0,ffff80002a154ff8,ffff80002a155020) at uvm_fault_check+0x3e sys/uvm/uvm_fault.c:672
uvm_fault(ffffffff82e168d8,fe000000000,0,1) at uvm_fault+0xf2 sys/uvm/uvm_fault.c:600
kpageflttrap(ffff80002a155160,fe00000000b) at kpageflttrap+0x238 sys/arch/amd64/amd64/trap.c:279
kerntrap(ffff80002a155160) at kerntrap+0xf2 sys/arch/amd64/amd64/trap.c:332
alltraps_kern_meltdown() at alltraps_kern_meltdown+0x7b
witness_checkorder(fffffd8067c558c8,9,0) at witness_checkorder+0x1db sys/kern/subr_witness.c:803
mtx_enter(fffffd8067c558b8) at mtx_enter+0x3e sys/kern/kern_lock.c:265
pmap_page_remove(fffffd8007907420) at pmap_page_remove+0xa7 rcr3 machine/cpufunc.h:139 [inline]
pmap_page_remove(fffffd8007907420) at pmap_page_remove+0xa7 pmap_map_ptes sys/arch/amd64/amd64/pmap.c:425 [inline]
pmap_page_remove(fffffd8007907420) at pmap_page_remove+0xa7 sys/arch/amd64/amd64/pmap.c:1950
uvm_anfree_list(fffffd8069ecb510,0) at uvm_anfree_list+0x98
amap_wipeout(fffffd806a22aeb0) at amap_wipeout+0x1af sys/uvm/uvm_amap.c:502
uvm_unmap_detach(ffff80002a155490,1) at uvm_unmap_detach+0x7d sys/uvm/uvm_map.c:1354
uvm_map_teardown(fffffd8065d1f538) at uvm_map_teardown+0x2f8 sys/uvm/uvm_map.c:2554
uvmspace_free(fffffd8065d1f538) at uvmspace_free+0xa6 sys/uvm/uvm_map.c:3461
reaper(ffff80002a149488) at reaper+0x197 sys/kern/kern_exit.c:475
end trace frame: 0x0, count: -18