kernel: protection fault trap, code=0
Stopped at witness_checkorder+0xa9: movl 0x20(%r14),%r15d
ddb{1}>
ddb{1}> set $lines = 0
ddb{1}> set $maxwidth = 0
ddb{1}> show panic
the kernel did not panic
ddb{1}> trace
witness_checkorder(deafbeaddeafbfcd,9,0) at witness_checkorder+0xa9 sys/kern/subr_witness.c:779
mtx_enter(deafbeaddeafbfbd) at mtx_enter+0x4a sys/kern/kern_lock.c:251
prsignal(deafbeaddeafbead,14) at prsignal+0x36 sys/kern/kern_sig.c:904
reaper(ffff8000ffffc7b8) at reaper+0x2fc sys/kern/kern_exit.c:502
end trace frame: 0x0, count: -4
ddb{1}> show registers
rdi 0
rsi 0
rbp 0xffff80002a240a80
rbx 0
rdx 0
rcx 0xffff8000ffffc7b8
rax 0xffff8000299ddff0
r8 0x2
r9 0x1
r10 0x625cf1e5d67a8393
r11 0x46bd01614ab9d9cd
r12 0
r13 0x1
r14 0xdeafbeaddeafbfcd
r15 0x3
rip 0xffffffff8112e509 witness_checkorder+0xa9
cs 0x8
rflags 0x10246 __ALIGN_SIZE+0xf246
rsp 0xffff80002a2409d0
ss 0x10
witness_checkorder+0xa9: movl 0x20(%r14),%r15d
ddb{1}> show proc
PROC (reaper) tid=339294 pid=92901 tcnt=1 stat=onproc
flags process=14000<NOZOMBIE,SYSTEM> proc=200<SYSTEM>
runpri=32, usrpri=51, slppri=32, nice=20
wchan=0x0, wmesg=, ps_single=0x0 scnt=0 ecnt=0
forw=0xffffffffffffffff, list=0xffff8000ffffccd8,0xffff8000ffffc538
process=0xffff8000ffff65c8 user=0xffff80002a23b000, vmspace=0xffffffff83961580
estcpu=1, cpticks=2, pctcpu=1.18, user=0, sys=0, intr=0
ddb{1}> ps
PID TID PPID UID S FLAGS WAIT COMMAND
18313 84416 94769 32767 2 0x10 syz-executor
18313 269320 94769 32767 3 0x4000090 fsleep syz-executor
35 403054 59907 32767 2 0x10 syz-executor
35 221003 59907 32767 3 0x4000090 fsleep syz-executor
42629 73940 9955 32767 2 0x10 syz-executor
42629 301407 9955 32767 3 0x4000090 fsleep syz-executor
85276 28180 60007 32767 2 0x10 syz-executor
85276 520416 60007 32767 3 0x4000090 fsleep syz-executor
77197 154660 57544 32767 7 0x10 syz-executor
77197 230960 57544 32767 3 0x4000090 ttyin syz-executor
12796 507753 44336 32767 2 0x10 syz-executor
12796 356415 44336 32767 2 0x4000010 syz-executor
97951 246439 0 0 3 0x14200 bored sosplice
57544 57327 62348 32767 2 0xc90 syz-executor
94769 338274 4823 32767 2 0xc90 syz-executor
9955 516851 59602 32767 3 0x90 nanoslp syz-executor
44336 72961 20196 32767 3 0x90 nanoslp syz-executor
40226 484425 83113 32767 3 0x10 biowait syz-executor
60007 43867 46093 32767 3 0x90 nanoslp syz-executor
59907 506095 65431 32767 3 0x90 nanoslp syz-executor
65431 31986 12975 0 3 0x82 wait syz-executor
59602 122555 12975 0 3 0x82 wait syz-executor
46093 128396 12975 0 3 0x82 wait syz-executor
62348 94450 12975 0 3 0x82 wait syz-executor
83113 235572 12975 0 3 0x82 wait syz-executor
20196 135621 12975 0 3 0x82 wait syz-executor
4823 27837 12975 0 3 0x82 wait syz-executor
12975 518685 24336 0 3 0x82 nanoslp syz-executor
24336 265132 30760 0 3 0x10008a sigsusp ksh
30760 383417 59036 0 3 0x98 kqread sshd-session
59036 398810 11549 0 3 0x92 kqread sshd-session
24257 165150 1 0 3 0x100083 ttyin getty
11549 321096 1 0 3 0x88 kqread sshd
32220 512993 13459 73 3 0x1100090 kqread syslogd
13459 264846 1 0 3 0x100082 sbwait syslogd
77715 102607 1 0 3 0x100080 kqread resolvd
92131 130062 32688 77 3 0x100092 kqread dhcpleased
21608 456799 32688 77 3 0x100092 kqread dhcpleased
32688 183695 1 0 3 0x80 kqread dhcpleased
42274 69745 0 0 3 0x14200 bored smr
82722 106000 0 0 2 0x14200 zerothread
21491 494452 0 0 3 0x14200 aiodoned aiodoned
28546 402028 0 0 3 0x14200 syncer update
96105 440724 0 0 3 0x14200 cleaner cleaner
*92901 339294 0 0 7 0x14200 reaper
18328 277862 0 0 3 0x14200 pgdaemon pagedaemon
83991 213434 0 0 3 0x14200 bored viomb
39268 170086 0 0 3 0x40014200 acpi0 acpi0
74332 364860 0 0 3 0x40014200 idle1
29380 465269 0 0 3 0x14200 bored softnet3
15753 67838 0 0 3 0x14200 bored softnet2
32795 141677 0 0 3 0x14200 bored softnet1
53302 120371 0 0 2 0x14200 softnet0
8708 208446 0 0 3 0x14200 bored systqmp
59700 43769 0 0 3 0x14200 bored systq
54495 71954 0 0 3 0x14200 tmoslp softclockmp
86322 476271 0 0 3 0x40014200 tmoslp softclock
35777 96160 0 0 3 0x40014200 idle0
1 52260 0 0 3 0x82 wait init
0 0 -1 0 3 0x10200 scheduler swapper
ddb{1}> show all locks
Process 40226 (syz-executor) thread 0xffff80002a273208 (484425)
exclusive rrwlock inode r = 0 (0xfffffd8066fecd00)
#0 witness_lock+0x5bb stacktrace_save sys/sys/stacktrace.h:37 [inline]
#0 witness_lock+0x5bb sys/kern/subr_witness.c:1160
#1 rw_do_enter_write+0x367 sys/kern/kern_rwlock.c:311
#2 rrw_enter+0xc6 sys/kern/kern_rwlock.c:606
#3 VOP_LOCK+0xa6 sys/kern/vfs_vops.c:527
#4 ufs_ihashins+0x4f ufs_ihash sys/ufs/ufs/ufs_ihash.c:-1 [inline]
#4 ufs_ihashins+0x4f sys/ufs/ufs/ufs_ihash.c:159
#5 ffs_vget+0x187 sys/ufs/ffs/ffs_vfsops.c:1230
#6 ffs_inode_alloc+0x283 sys/ufs/ffs/ffs_alloc.c:393
#7 ufs_mkdir+0x113 sys/ufs/ufs/ufs_vnops.c:1112
#8 VOP_MKDIR+0x102 sys/kern/vfs_vops.c:394
#9 domkdirat+0x179 sys/kern/vfs_syscalls.c:3109
#10 syscall+0xb08 mi_syscall sys/sys/syscall_mi.h:176 [inline]
#10 syscall+0xb08 sys/arch/amd64/amd64/trap.c:579
#11 Xsyscall+0x128
exclusive rrwlock inode r = 0 (0xfffffd806c6180d0)
#0 witness_lock+0x5bb stacktrace_save sys/sys/stacktrace.h:37 [inline]
#0 witness_lock+0x5bb sys/kern/subr_witness.c:1160
#1 rw_do_enter_write+0x367 sys/kern/kern_rwlock.c:311
#2 rrw_enter+0xc6 sys/kern/kern_rwlock.c:606
#3 VOP_LOCK+0xa6 sys/kern/vfs_vops.c:527
#4 vn_lock+0xa4 sys/kern/vfs_vnops.c:570
#5 vfs_lookup+0x109 sys/kern/vfs_lookup.c:418
#6 namei+0x7aa sys/kern/vfs_lookup.c:250
#7 domkdirat+0x8b sys/kern/vfs_syscalls.c:3094
#8 syscall+0xb08 mi_syscall sys/sys/syscall_mi.h:176 [inline]
#8 syscall+0xb08 sys/arch/amd64/amd64/trap.c:579
#9 Xsyscall+0x128
Process 92901 (reaper) thread 0xffff8000ffffc7b8 (339294)
exclusive kernel_lock &kernel_lock r = 0 (0xffffffff83914358)
#0 witness_lock+0x5bb stacktrace_save sys/sys/stacktrace.h:37 [inline]
#0 witness_lock+0x5bb sys/kern/subr_witness.c:1160
#1 __mp_acquire_count+0x58 sys/kern/kern_lock.c:-1
#2 mi_switch+0x4b7 sys/kern/sched_bsd.c:441
#3 sleep_finish+0x24f sys/kern/kern_synch.c:412
#4 rw_do_enter_write+0x1ce sys/kern/kern_rwlock.c:292
#5 knote_processexit+0x2b sys/kern/kern_event.c:2217
#6 reaper+0x27d sys/kern/kern_exit.c:499
#7 proc_trampoline+0x10
ddb{1}> show malloc
Type InUse MemUse HighUse Limit Requests Type Lim
devbuf 10188 10953K 10966K 166960K 11268 0
pcb 17 12K 12K 166960K 17 0
rtable 216 6K 7K 166960K 367 0
pf 29 16K 16K 166960K 31 0
ifaddr 38 6K 7K 166960K 44 0
ifgroup 46 2K 2K 166960K 50 0
sysctl 2 1K 9K 166960K 6 0
counters 66 36K 36K 166960K 68 0
ioctlops 0 0K 2K 166960K 36 0
iov 0 0K 16K 166960K 16 0
mount 1 1K 1K 166960K 1 0
log 0 0K 0K 166960K 4 0
vnodes 1334 84K 84K 166960K 1528 0
UFS quota 1 32K 32K 166960K 1 0
UFS mount 5 36K 36K 166960K 5 0
shm 2 1K 9K 166960K 7 0
VM map 2 1K 1K 166960K 2 0
sem 12 0K 0K 166960K 51 0
dirhash 12 2K 2K 166960K 18 0
ACPI 1692 195K 286K 166960K 12470 0
file desc 22 81K 125K 166960K 446 0
sigio 0 0K 0K 166960K 3 0
proc 61 91K 115K 166960K 503 0
subproc 63 3K 4K 166960K 171 0
NFS srvsock 1 0K 0K 166960K 1 0
NFS daemon 1 16K 16K 166960K 1 0
ip_moptions 2 0K 0K 166960K 36 0
in_multi 88 6K 7K 166960K 109 0
ether_multi 1 0K 0K 166960K 2 0
mrt 1 0K 0K 166960K 1 0
ISOFS mount 1 32K 32K 166960K 1 0
MSDOSFS mount 1 16K 16K 166960K 1 0
ttys 73 334K 334K 166960K 73 0
exec 0 0K 1K 166960K 415 0
fusefs mount 1 32K 32K 166960K 1 0
tdb 3 0K 0K 166960K 3 0
VM swap 8 62K 64K 166960K 10 0
UVM amap 224 151K 182K 166960K 5466 0
UVM aobj 47 3K 3K 166960K 47 0
pinsyscall 43 86K 116K 166960K 1496 0
memdesc 1 4K 4K 166960K 1 0
crypto data 1 1K 1K 166960K 1 0
ip6_options 0 0K 0K 166960K 12 0
NDP 10 0K 2K 166960K 27 0
temp 45 8677K 8741K 166960K 5079 0
kqueue 14 20K 28K 166960K 74 0
SYN cache 2 16K 16K 166960K 2 0
ddb{1}> show all pools
Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle
plcache 128 26 0 0 1 0 1 1 0 8 0
rtpcb 120 56 0 51 1 0 1 1 0 8 0
rtentry 176 116 0 15 6 0 6 6 0 8 0
unpcb 144 356 0 341 6 3 3 6 0 8 2
syncache 336 8 0 8 1 0 1 1 0 8 1
tcpqe 32 5 0 5 1 0 1 1 0 8 1
tcpcb 808 142 0 137 4 2 2 4 0 8 1
arp 128 18 0 2 1 0 1 1 0 8 0
ipq 40 2 0 0 1 0 1 1 0 8 0
ipqe 40 2 0 0 1 0 1 1 0 8 0
inpcb 384 497 0 488 8 0 8 8 0 8 6
nd6 144 29 0 6 2 0 2 2 0 8 1
kcovpl 48 19 0 12 1 0 1 1 0 8 0
art_heap8 4096 1 0 0 1 0 1 1 0 8 0
art_heap4 256 476 0 50 29 0 29 29 0 8 2
art_table 32 477 0 50 4 0 4 4 0 8 0
art_node 16 115 0 23 1 0 1 1 0 8 0
sysvmsgpl 40 15 0 8 1 0 1 1 0 8 0
semapl 112 49 0 39 1 0 1 1 0 8 0
shmpl 112 44 0 0 2 0 2 2 0 8 0
dirhash 1024 21 0 4 3 0 3 3 0 8 0
dino2pl 256 1996 0 478 95 0 95 95 0 8 0
ffsino 288 1996 0 478 109 0 109 109 0 8 0
nchpl 144 2576 0 889 63 0 63 63 0 8 0
uvmvnodes 80 2176 0 0 45 0 45 45 0 8 0
vnodes 216 2176 0 0 121 0 121 121 0 8 0
namei 1024 8359 0 8358 1 0 1 1 0 8 0
percpumem 16 49 0 1 1 0 1 1 0 8 0
kstatmem 264 24 0 2 2 0 2 2 0 8 0
scxspl 216 8485 0 8484 9 5 4 8 1 8 3
plimitpl 152 119 0 96 2 0 2 2 0 8 1
sigapl 424 710 0 657 8 0 8 8 0 8 0
knotepl 120 521 0 0 16 0 16 16 0 8 0
kqueuepl 224 98 0 88 1 0 1 1 0 8 0
pipepl 336 189 0 162 6 0 6 6 0 8 3
fdescpl 520 691 0 657 4 0 4 4 0 8 1
filepl 160 3745 0 3545 18 4 14 18 0 8 5
lockfpl 104 98 0 95 1 0 1 1 0 8 0
lockfspl 48 37 0 34 1 0 1 1 0 8 0
sessionpl 144 37 0 22 1 0 1 1 0 8 0
pgrppl 48 60 0 38 1 0 1 1 0 8 0
ucredpl 104 558 0 540 1 0 1 1 0 8 0
zombiepl 144 657 0 657 1 0 1 1 0 8 1
processpl 1208 710 0 657 5 0 5 5 0 8 0
procpl 656 1158 0 1099 7 1 6 7 0 8 0
sosppl 168 5 0 5 1 0 1 1 0 8 1
sockpl 728 914 0 885 22 13 9 22 0 8 5
mcl64k 65536 5 0 0 1 0 1 1 0 8 0
mcl16k 16384 3 0 0 1 0 1 1 0 8 0
mcl12k 12288 1 0 0 1 0 1 1 0 8 0
mcl8k 8192 3 0 0 1 0 1 1 0 8 0
mcl4k 4096 113 0 0 15 1 14 15 0 8 0
mcl2k 2048 19 0 0 3 0 3 3 0 8 0
mtagpl 96 1 0 0 1 0 1 1 0 8 0
mbufpl 256 236 0 0 15 0 15 15 0 8 0
bufpl 280 2775 0 117 190 0 190 190 0 8 0
anonpl 32 7731 0 0 63 0 63 63 0 246 0
amapchunkpl 152 17359 0 16881 31 0 31 31 0 158 11
amappl16 200 2607 0 2584 19 5 14 16 0 8 10
amappl15 192 72 0 72 1 1 0 1 0 8 0
amappl14 184 134 0 124 1 0 1 1 0 8 0
amappl13 176 5 0 4 1 0 1 1 0 8 0
amappl12 168 1304 0 1270 2 0 2 2 0 8 0
amappl11 160 75 0 65 1 0 1 1 0 8 0
amappl10 152 6 0 6 1 1 0 1 0 8 0
amappl9 144 263 0 263 1 1 0 1 0 8 0
amappl8 136 24 0 23 1 0 1 1 0 8 0
amappl7 128 97 0 87 1 0 1 1 0 8 0
amappl6 120 180 0 177 1 0 1 1 0 8 0
amappl5 112 110 0 104 1 0 1 1 0 8 0
amappl4 104 302 0 288 1 0 1 1 0 8 0
amappl3 96 3064 0 2951 4 0 4 4 0 8 0
amappl2 88 652 0 596 2 0 2 2 0 8 0
amappl1 80 10295 0 9738 15 0 15 15 0 8 0
amappl 88 4732 0 4570 5 0 5 5 0 92 0
dma4096 4096 1 0 1 1 1 0 1 0 8 0
dma1024 1024 1 0 0 1 0 1 1 0 8 0
dma256 256 6 0 6 1 1 0 1 0 8 0
dma128 128 253 0 253 1 1 0 1 0 8 0
dma64 64 6 0 6 1 1 0 1 0 8 0
dma32 32 7 0 7 1 1 0 1 0 8 0
dma16 16 18 0 17 1 0 1 1 0 8 0
aobjpl 72 46 0 0 1 0 1 1 0 8 0
uaddrrnd 24 691 0 657 1 0 1 1 0 8 0
uaddrbest 32 2 0 0 1 0 1 1 0 8 0
uaddr 24 691 0 657 1 0 1 1 0 8 0
vmmpekpl 168 7816 0 7765 3 0 3 3 0 8 0
vmmpepl 168 50955 0 49000 106 1 105 106 0 357 9
vmsppl 480 690 0 657 7 2 5 6 0 8 0
rwobjpl 72 18823 0 15803 59 0 59 59 0 8 1
pdppl 4096 1389 0 1314 123 42 81 97 0 8 6
pvpl 32 15318 0 0 124 0 124 124 0 265 0
pmappl 256 690 0 657 4 1 3 3 0 8 0
extentpl 40 45 0 27 1 0 1 1 0 8 0
phpool 112 415 0 48 11 0 11 11 0 8 0
ddb{1}> machine ddbcpu 0