./bus./bus/file0€@À@ j‡9ú¢Ý"S6âÉýãöÁT÷é‚8T‚ª²§;‡Áªôí{4/dev/bpfwitness: lock_object uninitialized: 0xffff8000015e8030 Starting stack trace... witness_checkorder(ffff8000015e8030,9,0) at witness_checkorder+0x1af witness_debugger sys/kern/subr_witness.c:2522 [inline] witness_checkorder(ffff8000015e8030,9,0) at witness_checkorder+0x1af sys/kern/subr_witness.c:779 rw_do_enter_write(ffff8000015e8018,0) at rw_do_enter_write+0xb7 sys/kern/kern_rwlock.c:233 unveil_delete_names(ffff8000015e8000) at unveil_delete_names+0x3d sys/kern/kern_unveil.c:102 unveil_destroy(ffff80003b4c94b0) at unveil_destroy+0xbd sys/kern/kern_unveil.c:183 exit1(ffff8000ffffc008,0,0,1) at exit1+0x60f sys/kern/kern_exit.c:233 sys_exit(ffff8000ffffc008,ffff80003c57cb80,ffff80003c57cad0 ) at sys_exit+0x1a syscall(ffff80003c57cb80) at syscall+0xb08 mi_syscall sys/sys/syscall_mi.h:176 [inline] syscall(ffff80003c57cb80) at syscall+0xb08 sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x789dba2f18b0, count: 249 End of stack trace. Stopped at db_enter+0x25: addq $0x8,%rsp ddb{0}> set $lines = 0 ddb{0}> set $maxwidth = 0 ddb{0}> show panic the kernel did not panic ddb{0}> trace db_enter() at db_enter+0x25 sys/arch/amd64/amd64/db_interface.c:437 witness_checkorder(ffff8000015e8030,9,0) at witness_checkorder+0x1b4 rw_do_enter_write(ffff8000015e8018,0) at rw_do_enter_write+0xb7 sys/kern/kern_rwlock.c:233 unveil_delete_names(ffff8000015e8000) at unveil_delete_names+0x3d sys/kern/kern_unveil.c:102 unveil_destroy(ffff80003b4c94b0) at unveil_destroy+0xbd sys/kern/kern_unveil.c:183 exit1(ffff8000ffffc008,0,0,1) at exit1+0x60f sys/kern/kern_exit.c:233 sys_exit(ffff8000ffffc008,ffff80003c57cb80,ffff80003c57cad0) at sys_exit+0x1a syscall(ffff80003c57cb80) at syscall+0xb08 mi_syscall sys/sys/syscall_mi.h:176 [inline] syscall(ffff80003c57cb80) at syscall+0xb08 sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x789dba2f18b0, count: -9 ddb{0}> show registers rdi 0 rsi 0x4000000000000000 rbp 0xffff80003c57c810 rbx 0 rdx 0 rcx 0xffff8000ffffc008 rax 0xffffffff837e3ff0 cpu_info_full_primary+0x1ff0 r8 0xffff80003c57c7b0 r9 0x8080808080808080 r10 0xffff80003c57c700 r11 0xdb72df21580c315 r12 0 r13 0x1 r14 0xffff8000015e8030 r15 0x3 rip 0xffffffff8162a2e5 db_enter+0x25 cs 0x8 rflags 0x246 rsp 0xffff80003c57c800 ss 0x10 db_enter+0x25: addq $0x8,%rsp ddb{0}> show proc PROC (syz-executor) tid=214604 pid=7155 tcnt=0 stat=onproc flags process=1008 proc=2000 runpri=83, usrpri=85, slppri=32, nice=20 wchan=0x0, wmesg=, ps_single=0xffff8000ffffc008 scnt=-1 ecnt=1 forw=0xffffffffffffffff, list=0xffff8000ffff9bf8,0xffff8000ffffbbf8 process=0xffff80003b4c94b0 user=0xffff80003c577000, vmspace=0xfffffd806bef1738 estcpu=35, cpticks=8, pctcpu=0.15, user=0, sys=8, intr=0 ddb{0}> ps PID TID PPID UID S FLAGS WAIT COMMAND 58164 195141 91519 0 2 0 syz-executor 58164 89784 91519 0 2 0x4000000 syz-executor 81208 241706 31716 0 2 0 syz-executor 81208 238852 31716 0 3 0x4000080 fsleep syz-executor 14469 185990 91695 0 2 0x10 syz-executor 14469 7334 91695 0 3 0x4000090 fsleep syz-executor 90901 174337 51254 0 2 0 syz-executor 90901 147101 51254 0 2 0x4000000 syz-executor 90901 129402 51254 0 3 0x4000080 fsleep syz-executor 33039 251574 79425 0 3 0 vmmaplk syz-executor 33039 89636 79425 0 2 0x4000000 syz-executor 91695 340737 18899 0 2 0x482 syz-executor 51254 315219 18899 0 2 0x482 syz-executor 31716 371946 18899 0 2 0x482 syz-executor 91517 143282 1 0 2 0x100083 getty 91519 155793 18899 0 2 0x482 syz-executor 52887 466458 18899 0 2 0x2 syz-executor 90537 159716 18899 0 2 0x482 syz-executor 72076 381806 18899 0 2 0x2 syz-executor 79425 523543 18899 0 2 0x482 syz-executor 54425 2238 0 0 3 0x14200 bored sosplice 18899 230959 89860 0 3 0x82 kqread syz-executor 89860 283987 90398 0 3 0x10008a sigsusp ksh 90398 392317 46568 0 3 0x98 kqread sshd-session 46568 336679 95284 0 3 0x92 kqread sshd-session 95284 297493 1 0 3 0x88 kqread sshd 7784 82823 21193 74 3 0x1100092 bpf pflogd 21193 220969 1 0 3 0x80 sbwait pflogd 58050 116551 14257 73 2 0x1100090 syslogd 14257 41824 1 0 3 0x100082 sbwait syslogd 27681 177669 1 0 3 0x100080 kqread resolvd 38846 27290 69758 77 3 0x100092 kqread dhcpleased 61750 316797 69758 77 3 0x100092 kqread dhcpleased 69758 261527 1 0 3 0x80 kqread dhcpleased 78959 367737 0 0 3 0x14200 bored smr 34222 77722 0 0 2 0x14200 zerothread 62327 214080 0 0 3 0x14200 aiodoned aiodoned 33078 237741 0 0 3 0x14200 syncer update 74337 142788 0 0 3 0x14200 cleaner cleaner 83507 327564 0 0 3 0x14200 reaper reaper 16216 396996 0 0 3 0x14200 pgdaemon pagedaemon 71307 229899 0 0 3 0x14200 bored viomb 97714 482841 0 0 3 0x40014200 acpi0 acpi0 39437 253959 0 0 7 0x40014200 idle1 3113 269292 0 0 3 0x14200 bored softnet3 22291 83485 0 0 3 0x14200 bored softnet2 51755 62904 0 0 3 0x14200 bored softnet1 68564 191231 0 0 2 0x14200 softnet0 12515 472675 0 0 3 0x14200 bored systqmp 65801 43272 0 0 3 0x14200 bored systq 77787 425005 0 0 2 0x14200 softclockmp 59662 398483 0 0 2 0x40014200 softclock 46140 412334 0 0 3 0x40014200 idle0 1 92533 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb{0}> show all locks Process 58164 (syz-executor) thread 0xffff8000ffffa7a8 (89784) exclusive rwlock fdlock r = 0 (0xfffffd806bef7858) #0 witness_lock+0x5bb stacktrace_save sys/sys/stacktrace.h:37 [inline] #0 witness_lock+0x5bb sys/kern/subr_witness.c:1155 #1 rw_do_enter_write+0x3ea sys/kern/kern_rwlock.c:316 #2 doopenat+0x173 #3 syscall+0xbc6 mi_syscall sys/sys/syscall_mi.h:176 [inline] #3 syscall+0xbc6 sys/arch/amd64/amd64/trap.c:577 #4 Xsyscall+0x128 Process 33039 (syz-executor) thread 0xffff8000ffff8a40 (89636) exclusive rwlock vmmaplk r = 0 (0xfffffd807eb8bbb0) #0 witness_lock+0x5bb stacktrace_save sys/sys/stacktrace.h:37 [inline] #0 witness_lock+0x5bb sys/kern/subr_witness.c:1155 #1 rw_do_enter_write+0x3ea sys/kern/kern_rwlock.c:316 #2 vm_map_lock_ln+0x12e sys/uvm/uvm_map.c:5250 #3 uvmfault_lookup+0xe8 sys/uvm/uvm_fault.c:1858 #4 uvm_fault_check+0x987 uvmfault_amapcopy sys/uvm/uvm_fault.c:235 [inline] #4 uvm_fault_check+0x987 sys/uvm/uvm_fault.c:774 #5 uvm_fault+0x106 sys/uvm/uvm_fault.c:668 #6 kpageflttrap+0x2d0 sys/arch/amd64/amd64/trap.c:279 #7 kerntrap+0x14a sys/arch/amd64/amd64/trap.c:332 #8 alltraps_kern_meltdown+0x7b #9 copyout+0x57 #10 mmrw+0x3de #11 spec_read+0x155 sys/kern/spec_vnops.c:215 #12 VOP_READ+0x102 sys/kern/vfs_vops.c:227 #13 vn_read+0x17b sys/kern/vfs_vnops.c:369 #14 dofilereadv+0x230 sys/kern/sys_generic.c:252 #15 sys_preadv+0xe3 sys/kern/vfs_syscalls.c:3325 #16 syscall+0xbc6 mi_syscall sys/sys/syscall_mi.h:176 [inline] #16 syscall+0xbc6 sys/arch/amd64/amd64/trap.c:577 #17 Xsyscall+0x128 Process 72076 (syz-executor) thread 0xffff8000ffff7978 (381806) exclusive rwlock vmmaplk r = 0 (0xfffffd807eb8b490) #0 witness_lock+0x5bb stacktrace_save sys/sys/stacktrace.h:37 [inline] #0 witness_lock+0x5bb sys/kern/subr_witness.c:1155 #1 rw_do_enter_write+0x3ea sys/kern/kern_rwlock.c:316 #2 vm_map_lock_ln+0x12e sys/uvm/uvm_map.c:5250 #3 uvmspace_fork+0x12b sys/uvm/uvm_map.c:3820 #4 process_new+0x553 sys/kern/kern_fork.c:279 #5 fork1+0x3ea sys/kern/kern_fork.c:405 #6 syscall+0xb08 mi_syscall sys/sys/syscall_mi.h:176 [inline] #6 syscall+0xb08 sys/arch/amd64/amd64/trap.c:577 #7 Xsyscall+0x128 exclusive rwlock vmmaplk r = 0 (0xfffffd806bcd7840) #0 witness_lock+0x5bb stacktrace_save sys/sys/stacktrace.h:37 [inline] #0 witness_lock+0x5bb sys/kern/subr_witness.c:1155 #1 rw_do_enter_write+0x3ea sys/kern/kern_rwlock.c:316 #2 vm_map_lock_ln+0x12e sys/uvm/uvm_map.c:5250 #3 uvmspace_fork+0x44 sys/uvm/uvm_map.c:3811 #4 process_new+0x553 sys/kern/kern_fork.c:279 #5 fork1+0x3ea sys/kern/kern_fork.c:405 #6 syscall+0xb08 mi_syscall sys/sys/syscall_mi.h:176 [inline] #6 syscall+0xb08 sys/arch/amd64/amd64/trap.c:577 #7 Xsyscall+0x128 ddb{0}> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10244 11126K 11568K 166960K 23128 0 pcb 17 22K 24K 166960K 1389 0 rtable 224 13K 13K 166960K 1540 0 pf 38 18K 21K 166960K 367 0 ifaddr 40 8K 9K 166960K 296 0 ifgroup 59 2K 3K 166960K 519 0 sysctl 4 1K 1K 166960K 20 0 counters 66 36K 37K 166960K 450 0 ioctlops 0 0K 4K 166960K 2345 0 iov 1 2K 34K 166960K 697 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1390 87K 88K 166960K 7334 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 3 40K 48K 166960K 146 0 VM map 2 1K 1K 166960K 2 0 sem 25 21K 31K 166960K 75 0 dirhash 12 2K 3K 166960K 141 0 ACPI 1690 195K 286K 166960K 12468 0 file desc 16 57K 89K 166960K 6394 0 sigio 0 0K 0K 166960K 277 0 proc 78 115K 140K 166960K 1758 0 subproc 72 4K 4K 166960K 271 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 0 0K 0K 166960K 1686 0 in_multi 85 6K 7K 166960K 596 0 ether_multi 1 0K 0K 166960K 99 0 mrt 1 0K 0K 166960K 14 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 241 1076K 1076K 166960K 241 0 exec 0 0K 1K 166960K 2717 0 fusefs mount 1 32K 32K 166960K 1 0 pfkey data 0 0K 0K 166960K 12 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 234 73K 91K 166960K 59605 0 UVM aobj 269 10K 10K 166960K 277 0 pinsyscall 42 84K 106K 166960K 8052 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 1 0K 1K 166960K 510 0 NDP 13 0K 1K 166960K 219 0 temp 79 8644K 12499K 166960K 247861 0 kqueue 13 20K 34K 166960K 1072 0 SYN cache 2 16K 16K 166960K 2 0 ddb{0}> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle plcache 128 24 0 0 1 0 1 1 0 8 0 rtpcb 120 705 0 702 6 4 2 3 0 8 1 rtentry 112 458 0 365 4 1 3 4 0 8 0 unpcb 144 6022 0 6002 39 33 6 6 0 8 5 syncache 336 3 0 3 1 1 0 1 0 8 0 tcpqe 32 3 0 3 1 1 0 1 0 8 0 tcpcb 808 2819 0 2815 61 60 1 14 0 8 0 arp 120 79 0 58 1 0 1 1 0 8 0 inpcb 376 9254 0 9245 110 105 5 28 0 8 3 nd6 136 106 0 83 1 0 1 1 0 8 0 pkpcb 40 38 0 38 8 8 0 1 0 8 0 kcovpl 48 30 0 22 1 0 1 1 0 8 0 ppxss 1168 118 0 118 7 6 1 1 0 8 1 pppxif 1472 26 0 26 8 8 0 1 0 8 0 pffrag 232 26 0 24 1 0 1 1 0 482 0 pffrnode 88 23 0 21 1 0 1 1 0 8 0 pffrent 40 54 0 52 1 0 1 1 0 8 0 pfosfp 40 1428 0 1005 5 0 5 5 0 8 0 pfosfpen 112 1428 0 714 21 0 21 21 0 8 0 pfanchor 1288 2 0 0 1 0 1 1 0 8 0 pfstitem 24 440 0 365 2 0 2 2 0 8 0 pfstkey 128 442 0 367 8 0 8 8 0 8 0 pfstate 376 440 0 366 23 3 20 23 0 8 0 pfrule 1344 24 0 19 2 1 1 2 0 8 0 art_heap8 4096 4 0 0 4 0 4 4 0 8 0 art_heap4 256 1929 0 1527 45 19 26 29 0 8 0 art_table 32 1933 0 1527 4 0 4 4 0 8 0 art_node 16 441 0 361 1 0 1 1 0 8 0 sysvmsgpl 40 39 0 31 1 0 1 1 0 8 0 semupl 112 2 0 2 1 1 0 1 0 8 0 semapl 112 67 0 44 1 0 1 1 0 8 0 shmpl 112 274 0 8 8 0 8 8 0 8 0 dirhash 1024 104 0 87 3 0 3 3 0 8 0 dino2pl 256 12990 0 11439 98 0 98 98 0 8 0 ffsino 280 12990 0 11439 111 0 111 111 0 8 0 nchpl 144 21886 0 21284 65 39 26 65 0 8 0 rtmask 32 5 0 5 3 3 0 1 0 8 0 uvmvnodes 80 5926 0 0 121 0 121 121 0 8 0 vnodes 216 5926 0 0 330 0 330 330 0 8 0 namei 1024 85023 0 85022 8 5 3 4 0 8 2 percpumem 16 239 0 192 1 0 1 1 0 8 0 kstatmem 264 294 0 268 4 2 2 3 0 8 0 acpiwqpl 32 2 0 2 1 0 1 1 1 8 1 scsiplug 72 16 0 16 8 8 0 1 0 8 0 scxspl 216 64108 0 64108 14 13 1 8 1 8 1 plimitpl 152 1723 0 1706 1 0 1 1 0 8 0 sigapl 424 6675 0 6625 8 1 7 8 0 8 0 futexpl 64 98146 0 98143 1 0 1 1 0 8 0 knotepl 120 701 0 0 18 0 18 18 0 8 0 kqueuepl 216 2379 0 2370 21 20 1 5 0 8 0 pipepl 328 1250 0 1223 19 16 3 8 0 8 0 fdescpl 504 6629 0 6599 5 0 5 5 0 8 0 filepl 152 55159 0 54942 53 36 17 21 0 8 5 lockfpl 104 2814 0 2812 5 4 1 2 0 8 0 lockfspl 48 843 0 841 1 0 1 1 0 8 0 sessionpl 144 47 0 38 1 0 1 1 0 8 0 pgrppl 48 143 0 126 1 0 1 1 0 8 0 ucredpl 104 9342 0 9327 1 0 1 1 0 8 0 zombiepl 144 7314 0 7313 2 1 1 1 0 8 0 processpl 1168 6675 0 6625 6 2 4 6 0 8 0 procpl 648 15889 0 15831 8 2 6 8 0 8 0 srpgc 96 50 0 50 8 8 0 1 0 8 0 sosppl 168 40 0 40 10 9 1 1 0 8 1 sockpl 688 16293 0 16262 166 154 12 28 0 8 8 mcl64k 65536 8 0 0 1 0 1 1 0 8 0 mcl16k 16384 3 0 0 1 0 1 1 0 8 0 mcl12k 12288 1 0 0 1 0 1 1 0 8 0 mcl9k 9216 2 0 0 1 0 1 1 0 8 0 mcl8k 8192 7 0 0 1 0 1 1 0 8 0 mcl4k 4096 128 0 0 16 0 16 16 0 8 0 mcl2k2 2112 1 0 0 1 0 1 1 0 8 0 mcl2k 2048 71 0 0 5 0 5 5 0 8 0 mtagpl 96 355 0 0 7 0 7 7 0 8 0 mbufpl 256 1248 0 0 78 0 78 78 0 8 0 bufpl 280 16701 0 10546 440 0 440 440 0 8 0 anonpl 24 731496 0 716691 152 62 90 111 0 184 0 amapchunkpl 152 194374 0 193747 61 30 31 36 0 158 1 amappl16 200 15401 0 14809 75 43 32 42 0 8 0 amappl15 192 7 0 7 2 2 0 1 0 8 0 amappl14 184 163 0 151 1 0 1 1 0 8 0 amappl13 176 5 0 5 2 2 0 1 0 8 0 amappl12 168 7652 0 7621 3 0 3 3 0 8 0 amappl11 160 54 0 40 1 0 1 1 0 8 0 amappl10 152 9 0 9 4 4 0 1 0 8 0 amappl9 144 295 0 294 2 1 1 1 0 8 0 amappl8 136 27 0 24 1 0 1 1 0 8 0 amappl7 128 151 0 138 1 0 1 1 0 8 0 amappl6 120 397 0 393 1 0 1 1 0 8 0 amappl5 112 219 0 209 1 0 1 1 0 8 0 amappl4 104 391 0 371 1 0 1 1 0 8 0 amappl3 96 41868 0 41759 4 0 4 4 0 8 0 amappl2 88 991 0 927 2 0 2 2 0 8 0 amappl1 80 28035 0 27472 15 2 13 14 0 8 0 amappl 88 58607 0 58429 5 0 5 5 0 92 0 dma32768 32768 2 0 2 2 2 0 1 0 8 0 dma16384 16384 2 0 2 2 1 1 1 0 8 1 dma4096 4096 2 0 2 2 2 0 1 0 8 0 dma2048 2048 2 0 2 2 2 0 1 0 8 0 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 7 0 7 2 2 0 1 0 8 0 dma128 128 257 0 257 5 5 0 1 0 8 0 dma64 64 7 0 7 2 2 0 1 0 8 0 dma32 32 9 0 9 2 2 0 1 0 8 0 dma16 16 24 0 23 1 0 1 1 0 8 0 aobjpl 72 276 0 8 5 0 5 5 0 8 0 uaddrrnd 24 6629 0 6598 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 6629 0 6598 1 0 1 1 0 8 0 vmmpekpl 168 43021 0 42955 4 0 4 4 0 8 0 vmmpepl 168 400083 0 397640 164 54 110 118 0 357 1 vmsppl 456 6628 0 6598 5 0 5 5 0 8 0 rwobjpl 64 96135 0 88435 143 18 125 127 0 8 0 pdppl 4096 13266 0 13196 132 60 72 84 0 8 2 pvpl 32 24598 0 0 198 0 198 198 0 265 0 pmappl 248 6628 0 6598 3 0 3 3 0 8 0 extentpl 40 55 0 38 1 0 1 1 0 8 0 phpool 112 483 0 162 10 0 10 10 0 8 0 ddb{0}> machine ddbcpu 0 Invalid cpu 0 ddb{0}> trace db_enter() at db_enter+0x25 sys/arch/amd64/amd64/db_interface.c:437 witness_checkorder(ffff8000015e8030,9,0) at witness_checkorder+0x1b4 rw_do_enter_write(ffff8000015e8018,0) at rw_do_enter_write+0xb7 sys/kern/kern_rwlock.c:233 unveil_delete_names(ffff8000015e8000) at unveil_delete_names+0x3d sys/kern/kern_unveil.c:102 unveil_destroy(ffff80003b4c94b0) at unveil_destroy+0xbd sys/kern/kern_unveil.c:183 exit1(ffff8000ffffc008,0,0,1) at exit1+0x60f sys/kern/kern_exit.c:233 sys_exit(ffff8000ffffc008,ffff80003c57cb80,ffff80003c57cad0) at sys_exit+0x1a syscall(ffff80003c57cb80) at syscall+0xb08 mi_syscall sys/sys/syscall_mi.h:176 [inline] syscall(ffff80003c57cb80) at syscall+0xb08 sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x789dba2f18b0, count: -9 ddb{0}> machine ddbcpu 1 Stopped at x86_ipi_db+0x27: addq $0x8,%rsp ddb{1}> trace x86_ipi_db(ffff800029aabff0) at x86_ipi_db+0x27 sys/arch/amd64/amd64/db_interface.c:393 x86_ipi_handler() at x86_ipi_handler+0xd9 sys/arch/amd64/amd64/ipi.c:106 Xresume_lapic_ipi() at Xresume_lapic_ipi+0x27 acpicpu_idle() at acpicpu_idle+0x41e sys/dev/acpi/acpicpu.c:1218 sched_idle(ffff800029aabff0) at sched_idle+0x558 sys/kern/kern_sched.c:182 end trace frame: 0x0, count: -5