panic: rw_enter: vmmaplk locking against myself
Stopped at db_enter+0xa: popq %rbp
TID PID UID PRFLAGS PFLAGS CPU COMMAND
*307710 23359 0 0x2 0 0 syz-executor1
db_enter() at db_enter+0xa
panic() at panic+0x147
_rw_enter(0,ffff800014aa1d68) at _rw_enter+0x2fa
uvmfault_lookup(1,ffffff00356cb220) at uvmfault_lookup+0x99
uvm_fault(ffff800014ad1790,ffff800014a9d000,0,6000118) at uvm_fault+0x6e
pageflttrap() at pageflttrap+0x197
kerntrap(0) at kerntrap+0x7c
alltraps_kern(6,42,6000100,0,0,1) at alltraps_kern+0x7b
_bpf_mtap(ffff800000074340,1,ffff800000074340,ffffff003499bc00) at _bpf_mtap+0x68
bpf_mtap_ether(ffff800014aa21d0,42,ffff800000074340) at bpf_mtap_ether+0xeb
ifiq_input(ffff800000171050,ffff800000171290,ffffff003499bc00) at ifiq_input+0x105
vio_rxeof(ffff800000171050) at vio_rxeof+0x220
vio_rx_intr(ffffffff) at vio_rx_intr+0x23
virtio_check_vqs(ffff80000001c300) at virtio_check_vqs+0x166
end trace frame: 0xffff800014aa22c8, count: 0
https://www.openbsd.org/ddb.html describes the minimum info required in bug
reports. Insufficient info makes it difficult to find and fix bugs.
ddb>
ddb> set $lines = 0
ddb> show panic
rw_enter: vmmaplk locking against myself
ddb> trace
db_enter() at db_enter+0xa
panic() at panic+0x147
_rw_enter(0,ffff800014aa1d68) at _rw_enter+0x2fa
uvmfault_lookup(1,ffffff00356cb220) at uvmfault_lookup+0x99
uvm_fault(ffff800014ad1790,ffff800014a9d000,0,6000118) at uvm_fault+0x6e
pageflttrap() at pageflttrap+0x197
kerntrap(0) at kerntrap+0x7c
alltraps_kern(6,42,6000100,0,0,1) at alltraps_kern+0x7b
_bpf_mtap(ffff800000074340,1,ffff800000074340,ffffff003499bc00) at _bpf_mtap+0x68
bpf_mtap_ether(ffff800014aa21d0,42,ffff800000074340) at bpf_mtap_ether+0xeb
ifiq_input(ffff800000171050,ffff800000171290,ffffff003499bc00) at ifiq_input+0x105
vio_rxeof(ffff800000171050) at vio_rxeof+0x220
vio_rx_intr(ffffffff) at vio_rx_intr+0x23
virtio_check_vqs(ffff80000001c300) at virtio_check_vqs+0x166
intr_handler(0,ffff80000024b980) at intr_handler+0x3f
Xintr_ioapic_edge19_untramp(0,ffffffff81b50a90,0,18041969,0,a) at Xintr_ioapic_edge19_untramp+0x19f
Xspllower(ae487ec000,1,ffffff003f12a240,0,ffffffff81348301,ae487dc000) at Xspllower+0xc
pmap_write_protect(ffffff002caa91a8,ffffff0031397d48,ae487dc000,1) at pmap_write_protect+0x328
uvm_mapent_forkcopy(ae487dc000,ffffff0031397370,ffffff00356cb430,10000,ffffff002caa91a8) at uvm_mapent_forkcopy+0x19d
uvmspace_fork(ffff8000149fa960) at uvmspace_fork+0x1c9
process_new(ffffffff81a1f750,1,ffff800014ad1790) at process_new+0x1d9
fork1() at fork1+0x26d
syscall(0) at syscall+0x3e4
Xsyscall(6,2,0,2,0,7f7ffffcf920) at Xsyscall+0x128
end of kernel
end trace frame: 0x7f7ffffcf8d0, count: -24
ddb> show registers
rdi 0xffffffff81e22360 kprintf_mutex
rsi 0x5
rbp 0xffff800014aa1b80
rbx 0xffff800014aa1c20
rdx 0x3fd
rcx 0
rax 0x1
r8 0xffff800014aa1b50
r9 0x8080808080808080
r10 0xffff800014aa2388
r11 0xffffffff81550c30 x86_bus_space_io_read_1
r12 0x3000000008
r13 0xffff800014aa1b90
r14 0x100
r15 0xffffffff81c0ba78 apollo_udma33_tim+0x278a
rip 0xffffffff81425d5a db_enter+0xa
cs 0x8
rflags 0x202
rsp 0xffff800014aa1b80
ss 0x10
db_enter+0xa: popq %rbp
ddb> show proc
PROC (syz-executor1) pid=307710 stat=onproc
flags process=2<EXEC> proc=0
pri=81, usrpri=81, nice=20
forw=0xffffffffffffffff, list=0xffff800014ad04d0,0xffff800014ad0738
process=0xffff8000149fa960 user=0xffff800014a9d000, vmspace=0xffffff00356cb220
estcpu=31, cpticks=0, pctcpu=0.1
user=0, sys=0, intr=0
ddb> ps
PID TID PPID UID S FLAGS WAIT COMMAND
59961 344347 76114 0 3 0x82 netio sshd
48883 277392 63196 0 2 0x2 syz-executor0
*23359 307710 63196 0 7 0x2 syz-executor1
26393 262929 1 0 3 0x100083 ttyin getty
49012 80930 0 0 3 0x14200 bored sosplice
63196 515702 76471 0 3 0x82 thrsleep syz-fuzzer
63196 213031 76471 0 3 0x4000082 nanosleep syz-fuzzer
63196 296969 76471 0 3 0x4000082 thrsleep syz-fuzzer
63196 424934 76471 0 2 0x4000002 syz-fuzzer
63196 252116 76471 0 3 0x4000082 thrsleep syz-fuzzer
63196 183552 76471 0 3 0x4000082 thrsleep syz-fuzzer
63196 438253 76471 0 3 0x4000082 thrsleep syz-fuzzer
76471 109035 51628 0 3 0x10008a pause ksh
51628 477330 76114 0 3 0x92 select sshd
76114 199970 1 0 3 0x80 select sshd
89824 405661 41802 73 3 0x100090 kqread syslogd
41802 415429 1 0 3 0x100082 netio syslogd
39618 194209 1 77 3 0x100090 poll dhclient
99392 135723 1 0 3 0x80 poll dhclient
91654 53756 0 0 3 0x14200 pgzero zerothread
58662 27038 0 0 3 0x14200 aiodoned aiodoned
63053 476172 0 0 3 0x14200 syncer update
63125 130268 0 0 3 0x14200 cleaner cleaner
87618 411992 0 0 3 0x14200 reaper reaper
91680 292050 0 0 3 0x14200 pgdaemon pagedaemon
39401 323472 0 0 3 0x14200 bored crynlk
92278 3203 0 0 3 0x14200 bored crypto
79060 174491 0 0 3 0x40014200 acpi0 acpi0
91395 379484 0 0 3 0x14200 bored softnet
68546 455496 0 0 3 0x14200 bored systqmp
89133 190330 0 0 3 0x14200 bored systq
82814 199638 0 0 3 0x40014200 bored softclock
39740 188873 0 0 3 0x40014200 idle0
1 21314 0 0 3 0x82 wait init
0 0 -1 0 3 0x10200 scheduler swapper