uvm_fault(fffffd8064cc8758,20119000,2,3) at uvm_fault+0x176 sys/uvm/uvm_fault.c:946
uvm_fault_wire(fffffd8064cc8758,20119000,2011c000,3) at uvm_fault_wire+0x63 sys/uvm/uvm_fault.c:1386
uvm_map_pageable_wire(fffffd8064cc8758,fffffd806b83d7e8,fffffd806b1726d0,3e6,ffffffff816079fe,0) at uvm_map_pageable_wire+0x30d sys/uvm/uvm_map.c:2367
sys_mlock(ffff80002123d260,ffff80002129afe8,ffff80002129b030) at sys_mlock+0x180 sys/uvm/uvm_mmap.c:772
syscall(ffff80002129b0b0) at syscall+0x4a1 mi_syscall sys/sys/syscall_mi.h:102 [inline]
syscall(ffff80002129b0b0) at syscall+0x4a1 sys/arch/amd64/amd64/trap.c:590
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x99def222790, count: -14
ddb{0}> show registers
rdi 0x3
rsi 0x40000 acpi_pdirpa+0x2be68
rbp 0xffff80002129a880
rbx 0x3
rdx 0xffff800000ac7e80
rcx 0x3
rax 0x3ffff acpi_pdirpa+0x2be67
r8 0xffffffff8160568f witness_checkorder+0x101f
r9 0x5
r10 0xda78f6142eee7720
r11 0x5a7bed5a558eb8e7
r12 0xffffffff82818f80 w_lodata+0x542d0
r13 0xfffffd806ed933c8
r14 0xffffffff82805550 w_lodata+0x408a0
r15 0xfffffd8002cd3540
rip 0xffffffff81ce8318 db_enter+0x18
cs 0x8
rflags 0x246
rsp 0xffff80002129a870
ss 0x10
db_enter+0x18: addq $0x8,%rsp
ddb{0}> show proc
PROC (syz-executor.0) pid=370838 stat=onproc
flags process=0 proc=4000000<THREAD>
pri=32, usrpri=86, nice=20
forw=0xffffffffffffffff, list=0xffff80002123ca80,0xffffffff828c87f8
process=0xffff800021236190 user=0xffff800021296000, vmspace=0xfffffd8064cc8758
estcpu=36, cpticks=0, pctcpu=0.0
user=0, sys=0, intr=0
ddb{0}> ps
PID TID PPID UID S FLAGS WAIT COMMAND
93617 387145 38991 0 7 0 syz-executor.0
*93617 370838 38991 0 7 0x4000000 syz-executor.0
45593 278822 63183 0 3 0x82 nanoslp syz-executor.1
69023 125437 0 0 3 0x14200 acct acct
38991 163096 63183 0 3 0x82 nanoslp syz-executor.0
1556 500035 0 0 3 0x14200 bored sosplice
63183 116328 14280 0 3 0x82 thrsleep syz-fuzzer
63183 113282 14280 0 3 0x4000082 nanoslp syz-fuzzer
63183 35568 14280 0 3 0x4000082 kqread syz-fuzzer
63183 334156 14280 0 3 0x4000082 thrsleep syz-fuzzer
63183 100711 14280 0 3 0x4000082 thrsleep syz-fuzzer
63183 92840 14280 0 3 0x4000082 thrsleep syz-fuzzer
63183 445985 14280 0 3 0x4000082 thrsleep syz-fuzzer
63183 7821 14280 0 3 0x4000082 thrsleep syz-fuzzer
14280 391933 14656 0 3 0x10008a sigsusp ksh
14656 258640 51669 0 3 0x92 kqread sshd
49592 311390 1 0 3 0x100083 ttyin getty
51669 83774 1 0 3 0x80 kqread sshd
93609 74527 78879 74 3 0x100092 bpf pflogd
78879 483825 1 0 3 0x80 netio pflogd
31468 120852 55270 73 3 0x100090 kqread syslogd
55270 97736 1 0 3 0x100082 netio syslogd
79676 267125 1 77 3 0x100090 poll dhclient
59384 437046 1 0 3 0x80 poll dhclient
41736 96567 0 0 3 0x14200 bored smr
48518 78437 0 0 3 0x14200 pgzero zerothread
88644 9212 0 0 3 0x14200 aiodoned aiodoned
58893 52607 0 0 3 0x14200 syncer update
26361 206298 0 0 3 0x14200 cleaner cleaner
61698 280607 0 0 3 0x14200 reaper reaper
98609 246001 0 0 3 0x14200 pgdaemon pagedaemon
38463 420185 0 0 3 0x14200 bored crynlk
23830 2464 0 0 3 0x14200 bored crypto
28265 326635 0 0 3 0x14200 bored viomb
31514 67522 0 0 3 0x40014200 acpi0 acpi0
24925 154290 0 0 3 0x40014200 idle1
91747 119673 0 0 3 0x14200 bored softnet
70761 460622 0 0 3 0x14200 bored systqmp
19316 391151 0 0 3 0x14200 bored systq
9649 7134 0 0 3 0x40014200 bored softclock
67357 498493 0 0 3 0x40014200 idle0
1 394488 0 0 3 0x82 wait init
0 0 -1 0 3 0x10200 scheduler swapper
ddb{0}> show all locks
Process 93617 (syz-executor.0) thread 0xffff80002123d260 (370838)
shared rwlock vmmaplk r = 0 (0xfffffd8064cc8770)
#0 witness_lock+0x4b0 stacktrace_save sys/sys/stacktrace.h:36 [inline]
#0 witness_lock+0x4b0 sys/kern/subr_witness.c:1176
#1 rw_enter+0x446 sys/kern/kern_rwlock.c:311
#2 vm_map_lock_ln+0xda sys/uvm/uvm_map.c:5463
#3 uvm_map_pageable+0x120 sys/uvm/uvm_map.c:2463
#4 sys_mlock+0x180 sys/uvm/uvm_mmap.c:772
#5 syscall+0x4a1 mi_syscall sys/sys/syscall_mi.h:102 [inline]
#5 syscall+0x4a1 sys/arch/amd64/amd64/trap.c:590
#6 Xsyscall+0x128
exclusive kernel_lock &kernel_lock r = 1 (0xffffffff828c8a10)
#0 witness_lock+0x4b0 stacktrace_save sys/sys/stacktrace.h:36 [inline]
#0 witness_lock+0x4b0 sys/kern/subr_witness.c:1176
#1 syscall+0x3fd mi_syscall sys/sys/syscall_mi.h:93 [inline]
#1 syscall+0x3fd sys/arch/amd64/amd64/trap.c:590
#2 Xsyscall+0x128
ddb{0}> show malloc
Type InUse MemUse HighUse Limit Requests Type Lim
devbuf 9565 6452K 7222K 78643K 21367 0
pcb 13 8K 8K 78643K 515 0
rtable 83 3K 5K 78643K 1286 0
ifaddr 86 15K 16K 78643K 370 0
sysctl 2 0K 0K 78643K 2 0
counters 44 34K 34K 78643K 134 0
ioctlops 0 0K 4K 78643K 1809 0
iov 0 0K 24K 78643K 288 0
mount 1 1K 1K 78643K 1 0
vnodes 1233 78K 78K 78643K 5093 0
UFS quota 1 32K 32K 78643K 1 0
UFS mount 5 36K 36K 78643K 5 0
shm 2 1K 9K 78643K 46 0
VM map 2 1K 1K 78643K 2 0
sem 12 0K 0K 78643K 581 0
dirhash 12 2K 2K 78643K 12 0
ACPI 1697 195K 286K 78643K 12598 0
file desc 5 13K 25K 78643K 11201 0
sigio 0 0K 0K 78643K 32 0
proc 62 63K 95K 78643K 972 0
subproc 32 2K 2K 78643K 157 0
NFS srvsock 1 0K 0K 78643K 1 0
NFS daemon 1 16K 16K 78643K 1 0
ip_moptions 0 0K 0K 78643K 548 0
in_multi 26 1K 2K 78643K 522 0
ether_multi 1 0K 0K 78643K 94 0
mrt 0 0K 0K 78643K 51 0
ISOFS mount 1 32K 32K 78643K 1 0
MSDOSFS mount 1 16K 16K 78643K 1 0
ttys 67 307K 307K 78643K 67 0
exec 0 0K 2K 78643K 839 0
pfkey data 0 0K 0K 78643K 5 0
pagedep 1 8K 8K 78643K 1 0
inodedep 1 32K 32K 78643K 1 0
newblk 1 0K 0K 78643K 1 0
VM swap 7 26K 26K 78643K 7 0
UVM amap 319 621K 621K 78643K 27359 0
UVM aobj 100 3K 3K 78643K 109 0
memdesc 1 4K 4K 78643K 1 0
crypto data 1 1K 1K 78643K 1 0
ip6_options 0 0K 0K 78643K 503 0
NDP 16 0K 0K 78643K 118 0
temp 147 3981K 4616K 78643K 44310 0
kqueue 5 8K 16K 78643K 291 0
SYN cache 2 16K 16K 78643K 2 0
ddb{0}> show all pools
Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle
arp 64 20 0 14 1 0 1 1 0 8 0
plcache 128 20 0 0 1 0 1 1 0 8 0
rtpcb 120 222 0 220 1 0 1 1 0 8 0
rtentry 112 246 0 215 2 0 2 2 0 8 0
unpcb 120 1722 0 1698 3 2 1 2 0 8 0
syncache 296 53 0 53 8 8 0 1 0 8 0
tcpqe 32 23 0 23 4 4 0 1 0 8 0
tcpcb 736 1234 0 1227 20 18 2 4 0 8 0
inpcb 296 3540 0 3532 9 8 1 2 0 8 0
rttmr 72 10 0 10 2 2 0 1 0 8 0
nd6 48 67 0 62 1 0 1 1 0 8 0
pkpcb 40 20 0 20 5 5 0 1 0 8 0
kcovpl 48 9 0 7 1 0 1 1 0 8 0
ppxss 1128 6 0 6 3 3 0 1 0 8 0
pffrag 232 15 0 15 4 4 0 1 0 482 0
pffrnode 88 15 0 15 4 4 0 1 0 8 0
pffrent 40 218 0 218 6 6 0 1 0 8 0
pfosfp 40 1428 0 1005 5 0 5 5 0 8 0
pfosfpen 112 1428 0 714 21 0 21 21 0 8 0
pfrktable 1344 42 0 42 2 2 0 1 0 8 0
pftag 88 2 0 0 1 0 1 1 0 8 0
pfstitem 24 115 0 108 1 0 1 1 0 8 0
pfstkey 112 115 0 108 1 0 1 1 0 8 0
pfstate 328 115 0 108 5 2 3 3 0 8 0
pfrule 1360 129 0 103 4 1 3 3 0 8 0
art_heap8 4096 1 0 0 1 0 1 1 0 8 0
art_heap4 256 1057 0 902 16 5 11 13 0 8 0
art_table 32 1058 0 902 2 0 2 2 0 8 0
art_node 16 244 0 218 1 0 1 1 0 8 0
sysvmsgpl 40 76 0 36 2 1 1 1 0 8 0
semupl 112 5 0 5 1 1 0 1 0 8 0
semapl 112 579 0 569 1 0 1 1 0 8 0
shmpl 112 106 0 10 4 1 3 3 0 8 0
dirhash 1024 17 0 0 3 0 3 3 0 8 0
dino2pl 256 14444 0 13023 90 1 89 89 0 8 0
ffsino 272 14444 0 13023 95 0 95 95 0 8 0
nchpl 144 26873 0 25285 60 0 60 60 0 8 0
uvmvnodes 72 5926 0 0 108 0 108 108 0 8 0
vnodes 224 5926 0 0 349 0 349 349 0 8 0
namei 1024 66116 0 66116 2 1 1 1 0 8 1
percpumem 16 78 0 45 1 0 1 1 0 8 0
vcpupl 1984 44 0 0 6 0 6 6 0 8 0
vmpool 560 60 0 16 5 1 4 4 0 8 0
pfiaddrpl 120 14 0 14 2 2 0 1 0 8 0
scsiplug 72 2 0 2 1 1 0 1 0 8 0
scxspl 216 80657 0 80657 20 19 1 8 0 8 1
plimitpl 152 434 0 426 1 0 1 1 0 8 0
sigapl 424 11400 0 11366 4 0 4 4 0 8 0
futexpl 56 71639 0 71639 2 1 1 1 0 8 1
knotepl 112 104576 0 104550 4 3 1 2 0 8 0
kqueuepl 168 6203 0 6198 1 0 1 1 0 8 0
pipepl 336 408 0 397 13 11 2 3 0 8 0
fdescpl 496 11380 0 11364 3 0 3 3 0 8 0
filepl 152 33957 0 33853 11 6 5 7 0 8 1
lockfpl 104 894 0 893 1 0 1 1 0 8 0
lockfspl 48 345 0 344 1 0 1 1 0 8 0
sessionpl 144 25 0 14 1 0 1 1 0 8 0
pgrppl 48 60 0 49 1 0 1 1 0 8 0
ucredpl 96 3662 0 3653 1 0 1 1 0 8 0
zombiepl 144 11366 0 11365 2 1 1 1 0 8 0
processpl 1072 11400 0 11365 3 0 3 3 0 8 0
procpl 672 25536 0 25493 8 4 4 5 0 8 0
sosppl 168 55 0 55 7 7 0 1 0 8 0
sockpl 432 5544 0 5510 14 9 5 8 0 8 0
mcl64k 65536 18 0 0 3 0 3 3 0 8 0
mcl16k 16384 15 0 0 2 0 2 2 0 8 0
mcl12k 12288 25 0 0 2 0 2 2 0 8 0
mcl9k 9216 19 0 0 2 0 2 2 0 8 0
mcl8k 8192 17 0 0 3 0 3 3 0 8 0
mcl4k 4096 17 0 0 3 0 3 3 0 8 0
mcl2k2 2112 4 0 0 1 0 1 1 0 8 0
mcl2k 2048 314 0 0 18 0 18 18 0 8 0
mtagpl 96 379 0 0 8 0 8 8 0 8 0
mbufpl 256 1021 0 0 57 0 57 57 0 8 0
bufpl 280 19847 0 13598 447 0 447 447 0 8 0
anonpl 16 761459 0 750939 84 30 54 59 0 124 11
amapchunkpl 152 41908 0 41647 34 23 11 25 0 158 0
amappl16 192 35045 0 34626 48 24 24 33 0 8 2
amappl15 184 1570 0 1569 1 0 1 1 0 8 0
amappl14 176 135 0 129 1 0 1 1 0 8 0
amappl13 168 1615 0 1612 1 0 1 1 0 8 0
amappl12 160 333 0 332 1 0 1 1 0 8 0
amappl11 152 87 0 70 1 0 1 1 0 8 0
amappl10 144 2042 0 2037 1 0 1 1 0 8 0
amappl9 136 3300 0 3298 2 1 1 1 0 8 0
amappl8 128 392 0 272 4 0 4 4 0 8 0
amappl7 120 3353 0 3344 1 0 1 1 0 8 0
amappl6 112 2136 0 2114 1 0 1 1 0 8 0
amappl5 104 10812 0 10794 1 0 1 1 0 8 0
amappl4 96 669 0 635 1 0 1 1 0 8 0
amappl3 88 2314 0 2306 1 0 1 1 0 8 0
amappl2 80 90518 0 90421 3 0 3 3 0 8 0
amappl1 72 330176 0 329699 26 16 10 19 0 8 0
amappl 80 26033 0 25909 3 0 3 3 0 84 0
dma4096 4096 1 0 1 1 1 0 1 0 8 0
dma1024 1024 1 0 0 1 0 1 1 0 8 0
dma256 256 6 0 6 1 1 0 1 0 8 0
dma128 128 253 0 253 1 1 0 1 0 8 0
dma64 64 6 0 6 1 1 0 1 0 8 0
dma32 32 7 0 7 1 1 0 1 0 8 0
dma16 16 18 0 17 1 0 1 1 0 8 0
aobjpl 64 108 0 9 2 0 2 2 0 8 0
uaddrrnd 24 11440 0 11380 1 0 1 1 0 8 0
uaddrbest 32 2 0 0 1 0 1 1 0 8 0
uaddr 24 11440 0 11380 1 0 1 1 0 8 0
vmmpekpl 168 54491 0 54452 2 0 2 2 0 8 0
vmmpepl 168 1419206 0 1417352 155 56 99 99 0 357 12
vmsppl 368 11439 0 11380 6 0 6 6 0 8 0
pdppl 4096 22887 0 22804 105 20 85 85 0 8 2
pvpl 32 4239539 0 4226582 233 96 137 142 0 265 30
pmappl 232 11439 0 11380 5 1 4 4 0 8 0
extentpl 40 58 0 40 1 0 1 1 0 8 0
phpool 112 444 0 59 12 0 12 12 0 8 0
ddb{0}> machine ddbcpu 0
Invalid cpu 0
ddb{0}> trace
db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:398
witness_checkorder(fffffd806ed933c8,9,0) at witness_checkorder+0x1049
rw_enter(fffffd806ed933b8,81) at rw_enter+0xd4
rrw_enter(fffffd806ed933b8,81) at rrw_enter+0x88 sys/kern/kern_rwlock.c:462
VOP_LOCK(fffffd8069ecacc0,81) at VOP_LOCK+0x4b sys/kern/vfs_vops.c:614
vn_lock(fffffd8069ecacc0,81) at vn_lock+0x6c sys/kern/vfs_vnops.c:575
uvn_get(fffffd806a41d208,119000,ffff80002129ac28,ffff80002129ac14,0,1) at uvn_get+0x276 uvm_vnode_lock sys/uvm/uvm_vnode.c:1499 [inline]
uvn_get(fffffd806a41d208,119000,ffff80002129ac28,ffff80002129ac14,0,1) at uvn_get+0x276 sys/uvm/uvm_vnode.c:993
uvm_fault_lower(ffff80002129adc8,ffff80002129ada0,ffff80002129aca0,2,3) at uvm_fault_lower+0x6ff sys/uvm/uvm_fault.c:1116
uvm_fault(fffffd8064cc8758,20119000,2,3) at uvm_fault+0x176 sys/uvm/uvm_fault.c:946
uvm_fault_wire(fffffd8064cc8758,20119000,2011c000,3) at uvm_fault_wire+0x63 sys/uvm/uvm_fault.c:1386
uvm_map_pageable_wire(fffffd8064cc8758,fffffd806b83d7e8,fffffd806b1726d0,3e6,ffffffff816079fe,0) at uvm_map_pageable_wire+0x30d sys/uvm/uvm_map.c:2367
sys_mlock(ffff80002123d260,ffff80002129afe8,ffff80002129b030) at sys_mlock+0x180 sys/uvm/uvm_mmap.c:772
syscall(ffff80002129b0b0) at syscall+0x4a1 mi_syscall sys/sys/syscall_mi.h:102 [inline]
syscall(ffff80002129b0b0) at syscall+0x4a1 sys/arch/amd64/amd64/trap.c:590
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x99def222790, count: -14
ddb{0}> machine ddbcpu 1
Stopped at x86_ipi_db+0x1a: addq $0x8,%rsp
ddb{1}> trace
x86_ipi_db(ffff800020d68ff0) at x86_ipi_db+0x1a sys/arch/amd64/amd64/db_interface.c:352
x86_ipi_handler() at x86_ipi_handler+0xb7 sys/arch/amd64/amd64/ipi.c:106
Xresume_lapic_ipi() at Xresume_lapic_ipi+0x23
__mp_lock(ffffffff828c8808) at __mp_lock+0x122 __mp_lock_spin sys/kern/kern_lock.c:116 [inline]
__mp_lock(ffffffff828c8808) at __mp_lock+0x122 sys/kern/kern_lock.c:147
sleep_setup(ffff8000222d5a30,ffffffff82849450,120,ffffffff823a2ad2) at sleep_setup+0xcf sys/kern/kern_synch.c:382
tsleep(ffffffff82849450,120,ffffffff823a2ad2,2) at tsleep+0x113 sleep_setup_timeout sys/kern/kern_synch.c:444 [inline]
tsleep(ffffffff82849450,120,ffffffff823a2ad2,2) at tsleep+0x113 sys/kern/kern_synch.c:158
sys_nanosleep(ffff80002123ca80,ffff8000222d5b60,ffff8000222d5bb0) at sys_nanosleep+0x1f5 sys/kern/kern_time.c:297
syscall(ffff8000222d5c30) at syscall+0x4a1 mi_syscall sys/sys/syscall_mi.h:102 [inline]
syscall(ffff8000222d5c30) at syscall+0x4a1 sys/arch/amd64/amd64/trap.c:590
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x7f7fffffae60, count: -9