witness: lock_object uninitialized: 0xffff8000014d2030 Starting stack trace... witness_checkorder(ffff8000014d2030,9,0) at witness_checkorder+0x1af witness_debugger sys/kern/subr_witness.c:2522 [inline] witness_checkorder(ffff8000014d2030,9,0) at witness_checkorder+0x1af sys/kern/subr_witness.c:779 rw_do_enter_write(ffff8000014d2018,0) at rw_do_enter_write+0xb7 sys/kern/kern_rwlock.c:233 unveil_delete_names(ffff8000014d2000) at unveil_delete_names+0x3d sys/kern/kern_unveil.c:102 unveil_destroy(ffff80003c59a248) at unveil_destroy+0xbd sys/kern/kern_unveil.c:183 exit1(ffff8000ffff74d0,b,0,1) at exit1+0x60f sys/kern/kern_exit.c:233 sys_exit(ffff8000ffff74d0,ffff80003c5da780,ffff80003c5da6d0) at sys_exit+0x1a syscall(ffff80003c5da780) at syscall+0xb08 mi_syscall sys/sys/syscall_mi.h:176 [inline] syscall(ffff80003c5da780) at syscall+0xb08 sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x7ce63b6e6c90, count: 249 End of stack trace. Stopped at db_enter+0x25: addq $0x8,%rsp ddb{0}> set $lines = 0 ddb{0}> set $maxwidth = 0 ddb{0}> show panic the kernel did not panic ddb{0}> trace db_enter() at db_enter+0x25 sys/arch/amd64/amd64/db_interface.c:437 witness_checkorder(ffff8000014d2030,9,0) at witness_checkorder+0x1b4 rw_do_enter_write(ffff8000014d2018,0) at rw_do_enter_write+0xb7 sys/kern/kern_rwlock.c:233 unveil_delete_names(ffff8000014d2000) at unveil_delete_names+0x3d sys/kern/kern_unveil.c:102 unveil_destroy(ffff80003c59a248) at unveil_destroy+0xbd sys/kern/kern_unveil.c:183 exit1(ffff8000ffff74d0,b,0,1) at exit1+0x60f sys/kern/kern_exit.c:233 sys_exit(ffff8000ffff74d0,ffff80003c5da780,ffff80003c5da6d0) at sys_exit+0x1a syscall(ffff80003c5da780) at syscall+0xb08 mi_syscall sys/sys/syscall_mi.h:176 [inline] syscall(ffff80003c5da780) at syscall+0xb08 sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x7ce63b6e6c90, count: -9 ddb{0}> show registers rdi 0 rsi 0 rbp 0xffff80003c5da410 rbx 0 rdx 0 rcx 0xffff8000ffff74d0 rax 0xffffffff83791ff0 cpu_info_full_primary+0x1ff0 r8 0xffff80003c5da3b0 r9 0x8080808080808080 r10 0xcc6c6f24c161cb4f r11 0xedd5cfb410bf13e3 r12 0 r13 0x1 r14 0xffff8000014d2030 r15 0x3 rip 0xffffffff82edcdb5 db_enter+0x25 cs 0x8 rflags 0x246 rsp 0xffff80003c5da400 ss 0x10 db_enter+0x25: addq $0x8,%rsp ddb{0}> show proc PROC (syz-executor) tid=523744 pid=6889 tcnt=0 stat=onproc flags process=1008 proc=2000 runpri=32, usrpri=85, slppri=32, nice=20 wchan=0x0, wmesg=, ps_single=0xffff8000ffff74d0 scnt=-1 ecnt=1 forw=0xffffffffffffffff, list=0xffff8000ffff6050,0xffff8000ffff9768 process=0xffff80003c59a248 user=0xffff80003c5d5000, vmspace=0xfffffd806bcbd750 estcpu=35, cpticks=10, pctcpu=0.3, user=0, sys=7, intr=0 ddb{0}> ps PID TID PPID UID S FLAGS WAIT COMMAND 11857 361308 14767 0 2 0 syz-executor 11857 276418 14767 0 3 0x4000080 fsleep syz-executor 12787 335083 70256 0 2 0 syz-executor 12787 103096 70256 0 3 0x4000080 fsleep syz-executor 1000 368060 56740 0 2 0 syz-executor 1000 310928 56740 0 3 0x4000080 fsleep syz-executor 79556 82244 30592 0 2 0 syz-executor 79556 361606 30592 0 3 0x4000080 fsleep syz-executor 24638 491187 79615 0 2 0 syz-executor 24638 93399 79615 0 3 0x4000080 fsleep syz-executor 8044 358528 49062 0 2 0 syz-executor 8044 270825 49062 0 3 0x4000080 fsleep syz-executor 8044 430544 49062 0 3 0x4000080 fsleep syz-executor 86153 40471 1 0 2 0x100083 getty 92691 383419 0 0 3 0x14280 nfsidl nfsio 94832 437350 0 0 3 0x14280 nfsidl nfsio 32748 335938 0 0 3 0x14280 nfsidl nfsio 69042 74602 0 0 3 0x14280 nfsidl nfsio 46479 386912 0 0 3 0x14280 nfsidl nfsio 68178 338729 0 0 3 0x14280 nfsidl nfsio 51273 521589 0 0 3 0x14280 nfsidl nfsio 79678 385770 0 0 3 0x14280 nfsidl nfsio 72240 489973 0 0 3 0x14280 nfsidl nfsio 64753 54771 0 0 3 0x14280 nfsidl nfsio 94288 35279 0 0 3 0x14280 nfsidl nfsio 46335 274115 0 0 3 0x14280 nfsidl nfsio 59469 262171 0 0 3 0x14280 nfsidl nfsio 5832 203007 0 0 3 0x14280 nfsidl nfsio 99766 434392 0 0 3 0x14280 nfsidl nfsio 61646 404632 0 0 3 0x14280 nfsidl nfsio 60773 75114 0 0 3 0x14280 nfsidl nfsio 34907 346398 0 0 3 0x14280 nfsidl nfsio 2160 178095 0 0 3 0x14280 nfsidl nfsio 7567 454173 0 0 3 0x14280 nfsidl nfsio 86830 208328 0 0 3 0x14200 bored sosplice 70256 254421 97168 0 2 0x482 syz-executor 47161 413309 97168 0 2 0x482 syz-executor 56740 91040 97168 0 2 0x482 syz-executor 79615 4522 97168 0 2 0x482 syz-executor 30592 397668 97168 0 2 0x482 syz-executor 14767 26907 97168 0 2 0x482 syz-executor 49062 103911 97168 0 2 0x482 syz-executor 30164 321402 97168 0 2 0x2 syz-executor 97168 423106 98293 0 3 0x82 kqread syz-executor 98293 84973 16530 0 3 0x10008a sigsusp ksh 16530 151498 46950 0 3 0x98 kqread sshd-session 46950 393233 36227 0 3 0x92 kqread sshd-session 36227 417185 1 0 3 0x88 kqread sshd 4009 102454 10251 74 3 0x1100092 bpf pflogd 10251 403146 1 0 3 0x80 sbwait pflogd 56329 69175 29901 73 2 0x1100090 syslogd 29901 84559 1 0 3 0x100082 sbwait syslogd 4794 131135 1 0 3 0x100080 kqread resolvd 60553 32803 66548 77 3 0x100092 kqread dhcpleased 46509 210969 66548 77 3 0x100092 kqread dhcpleased 66548 473568 1 0 3 0x80 kqread dhcpleased 41083 495455 0 0 3 0x14200 bored smr 27865 343489 0 0 2 0x14200 zerothread 63590 438949 0 0 3 0x14200 aiodoned aiodoned 53299 393244 0 0 3 0x14200 syncer update 34739 311286 0 0 3 0x14200 cleaner cleaner 44330 391088 0 0 2 0x14200 reaper 33088 287843 0 0 3 0x14200 pgdaemon pagedaemon 86121 121250 0 0 3 0x14200 bored viomb 70755 127792 0 0 3 0x40014200 acpi0 acpi0 65857 164782 0 0 7 0x40014200 idle1 12243 14390 0 0 3 0x14200 bored softnet3 24611 197971 0 0 3 0x14200 bored softnet2 85898 313325 0 0 3 0x14200 bored softnet1 2737 313067 0 0 2 0x14200 softnet0 78437 320949 0 0 3 0x14200 bored systqmp 9673 377568 0 0 3 0x14200 bored systq 96893 352991 0 0 2 0x14200 softclockmp 81525 378552 0 0 2 0x40014200 softclock 15500 485961 0 0 3 0x40014200 idle0 1 64313 0 0 3 0x80082 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb{0}> show all locks Process 44330 (reaper) thread 0xffff8000ffffcf68 (391088) exclusive rwlock kmmaplk r = 0 (0xffffffff839bebf8) #0 witness_lock+0x5bb stacktrace_save sys/sys/stacktrace.h:37 [inline] #0 witness_lock+0x5bb sys/kern/subr_witness.c:1155 #1 rw_do_enter_write+0x3ea sys/kern/kern_rwlock.c:316 #2 vm_map_lock_ln+0x12e sys/uvm/uvm_map.c:5250 #3 uvm_unmap+0x81 sys/uvm/uvm_map.c:1792 #4 km_free+0x87 sys/uvm/uvm_km.c:833 #5 uvm_uarea_free+0x4f sys/uvm/uvm_glue.c:284 #6 reaper+0x1fe sys/kern/kern_exit.c:466 #7 proc_trampoline+0x10 ddb{0}> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10201 11025K 11753K 166960K 12006 0 pcb 17 14K 16K 166960K 120 0 rtable 211 6K 7K 166960K 393 0 pf 35 17K 21K 166960K 85 0 ifaddr 42 7K 7K 166960K 66 0 ifgroup 55 2K 2K 166960K 92 0 sysctl 4 1K 1K 166960K 4 0 counters 64 36K 37K 166960K 224 0 ioctlops 0 0K 4K 166960K 1584 0 iov 0 0K 16K 166960K 88 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1376 87K 87K 166960K 1772 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 1K 5K 166960K 9 0 VM map 2 1K 1K 166960K 2 0 sem 12 0K 0K 166960K 16 0 dirhash 12 2K 2K 166960K 30 0 ACPI 1692 195K 286K 166960K 12470 0 file desc 16 57K 93K 166960K 487 0 sigio 0 0K 0K 166960K 15 0 proc 76 115K 152K 166960K 578 0 subproc 72 4K 4K 166960K 72 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 0 0K 0K 166960K 44 0 in_multi 93 6K 7K 166960K 122 0 ether_multi 1 0K 0K 166960K 3 0 mrt 0 0K 0K 166960K 1 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 97 440K 440K 166960K 97 0 exec 0 0K 1K 166960K 500 0 fusefs mount 1 32K 32K 166960K 1 0 pfkey data 0 0K 0K 166960K 1 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 225 73K 88K 166960K 6379 0 UVM aobj 77 3K 3K 166960K 80 0 pinsyscall 42 84K 106K 166960K 1594 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 0K 166960K 49 0 NDP 13 0K 2K 166960K 43 0 temp 45 8636K 8715K 166960K 31025 0 kqueue 14 22K 26K 166960K 80 0 SYN cache 2 16K 16K 166960K 2 0 ddb{0}> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle plcache 128 24 0 0 1 0 1 1 0 8 0 rtpcb 120 57 0 54 1 0 1 1 0 8 0 rtentry 112 122 0 26 4 0 4 4 0 8 0 unpcb 144 326 0 309 5 1 4 4 0 8 3 syncache 336 8 0 8 3 2 1 1 0 8 1 tcpqe 32 5 0 5 2 1 1 1 0 8 1 tcpcb 808 220 0 210 13 4 9 11 0 8 7 arp 120 19 0 2 1 0 1 1 0 8 0 inpcb 376 614 0 601 18 8 10 12 0 8 8 nd6 136 27 0 4 1 0 1 1 0 8 0 pkpcb 40 3 0 3 3 2 1 1 0 8 1 kcovpl 48 8 0 0 1 0 1 1 0 8 0 ppxss 1168 75 0 75 3 2 1 1 0 8 1 pppxif 1472 66 0 66 2 1 1 1 0 8 1 pfstscr 40 5 0 5 1 1 0 1 0 8 0 pffrag 232 3 0 0 1 0 1 1 0 482 0 pffrnode 88 3 0 0 1 0 1 1 0 8 0 pffrent 40 3 0 0 1 0 1 1 0 8 0 pfosfp 40 1428 0 1005 5 0 5 5 0 8 0 pfosfpen 112 1428 0 714 21 0 21 21 0 8 0 pfstitem 24 45 0 20 1 0 1 1 0 8 0 pfstkey 128 55 0 30 2 0 2 2 0 8 0 pfstate 376 50 0 25 4 0 4 4 0 8 0 pfrule 1344 23 0 18 2 1 1 2 0 8 0 art_heap8 4096 2 0 0 2 0 2 2 0 8 0 art_heap4 256 540 0 98 29 1 28 29 0 8 0 art_table 32 542 0 98 4 0 4 4 0 8 0 art_node 16 121 0 34 1 0 1 1 0 8 0 sysvmsgpl 40 3 0 2 1 0 1 1 0 8 0 semupl 112 2 0 2 1 1 0 1 0 8 0 semapl 112 14 0 4 1 0 1 1 0 8 0 shmpl 112 77 0 3 3 0 3 3 0 8 0 dirhash 1024 29 0 12 3 0 3 3 0 8 0 dino2pl 256 2319 0 812 96 1 95 96 0 8 0 ffsino 280 2319 0 812 109 0 109 109 0 8 0 nchpl 144 3012 0 1324 63 0 63 63 0 8 0 uvmvnodes 80 2604 0 0 54 0 54 54 0 8 0 vnodes 216 2604 0 0 145 0 145 145 0 8 0 namei 1024 10484 0 10484 5 3 2 2 0 8 2 percpumem 16 126 0 80 1 0 1 1 0 8 0 kstatmem 264 48 0 24 3 0 3 3 0 8 1 scsiplug 72 2 0 2 2 1 1 1 0 8 1 scxspl 216 9340 0 9340 10 9 1 8 1 8 1 plimitpl 152 119 0 100 1 0 1 1 0 8 0 sigapl 424 812 0 742 10 1 9 9 0 8 0 futexpl 64 5613 0 5606 1 0 1 1 0 8 0 knotepl 120 502 0 0 16 0 16 16 0 8 0 kqueuepl 216 221 0 210 5 4 1 3 0 8 0 pipepl 328 177 0 150 3 0 3 3 0 8 0 fdescpl 504 773 0 743 6 1 5 5 0 8 0 filepl 152 4512 0 4293 19 6 13 16 0 8 3 lockfpl 104 147 0 145 1 0 1 1 0 8 0 lockfspl 48 54 0 52 1 0 1 1 0 8 0 sessionpl 144 28 0 19 1 0 1 1 0 8 0 pgrppl 48 51 0 34 1 0 1 1 0 8 0 ucredpl 104 739 0 725 1 0 1 1 0 8 0 zombiepl 144 958 0 957 1 0 1 1 0 8 0 processpl 1168 812 0 742 7 1 6 6 0 8 0 procpl 656 1478 0 1400 11 3 8 8 0 8 0 sockpl 688 1005 0 972 17 5 12 13 0 8 8 mcl64k 65536 1 0 0 1 0 1 1 0 8 0 mcl16k 16384 1 0 0 1 0 1 1 0 8 0 mcl9k 9216 1 0 0 1 0 1 1 0 8 0 mcl8k 8192 4 0 0 1 0 1 1 0 8 0 mcl4k 4096 113 0 0 15 1 14 15 0 8 0 mcl2k 2048 23 0 0 3 0 3 3 0 8 0 mtagpl 96 15 0 0 1 0 1 1 0 8 0 mbufpl 256 197 0 0 13 0 13 13 0 8 0 bufpl 280 3113 0 137 213 0 213 213 0 8 0 anonpl 24 151869 0 144693 89 23 66 69 0 184 3 amapchunkpl 152 20539 0 19997 37 5 32 34 0 158 8 amappl16 200 3307 0 3109 28 11 17 20 0 8 0 amappl15 192 10 0 10 1 1 0 1 0 8 0 amappl14 184 123 0 111 1 0 1 1 0 8 0 amappl13 176 4 0 4 1 1 0 1 0 8 0 amappl12 168 1423 0 1392 4 2 2 3 0 8 0 amappl11 160 62 0 48 1 0 1 1 0 8 0 amappl10 152 3 0 3 1 1 0 1 0 8 0 amappl9 144 247 0 247 1 1 0 1 0 8 0 amappl8 136 30 0 26 1 0 1 1 0 8 0 amappl7 128 112 0 100 1 0 1 1 0 8 0 amappl6 120 185 0 181 1 0 1 1 0 8 0 amappl5 112 128 0 118 1 0 1 1 0 8 0 amappl4 104 331 0 312 1 0 1 1 0 8 0 amappl3 96 3746 0 3638 4 0 4 4 0 8 0 amappl2 88 691 0 626 2 0 2 2 0 8 0 amappl1 80 10087 0 9506 15 1 14 14 0 8 0 amappl 88 5952 0 5783 6 1 5 5 0 92 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 79 0 3 2 0 2 2 0 8 0 uaddrrnd 24 773 0 742 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 773 0 742 1 0 1 1 0 8 0 vmmpekpl 168 8648 0 8604 3 0 3 3 0 8 0 vmmpepl 168 55485 0 53437 110 11 99 104 0 357 1 vmsppl 456 772 0 742 7 2 5 5 0 8 0 rwobjpl 64 21718 0 17935 64 1 63 63 0 8 0 pdppl 4096 1554 0 1484 106 34 72 88 0 8 2 pvpl 32 17270 0 0 140 0 140 140 0 265 0 pmappl 248 772 0 742 3 0 3 3 0 8 0 extentpl 40 55 0 38 1 0 1 1 0 8 0 phpool 112 310 0 52 8 0 8 8 0 8 0 ddb{0}> machine ddbcpu 0 Invalid cpu 0 ddb{0}> trace db_enter() at db_enter+0x25 sys/arch/amd64/amd64/db_interface.c:437 witness_checkorder(ffff8000014d2030,9,0) at witness_checkorder+0x1b4 rw_do_enter_write(ffff8000014d2018,0) at rw_do_enter_write+0xb7 sys/kern/kern_rwlock.c:233 unveil_delete_names(ffff8000014d2000) at unveil_delete_names+0x3d sys/kern/kern_unveil.c:102 unveil_destroy(ffff80003c59a248) at unveil_destroy+0xbd sys/kern/kern_unveil.c:183 exit1(ffff8000ffff74d0,b,0,1) at exit1+0x60f sys/kern/kern_exit.c:233 sys_exit(ffff8000ffff74d0,ffff80003c5da780,ffff80003c5da6d0) at sys_exit+0x1a syscall(ffff80003c5da780) at syscall+0xb08 mi_syscall sys/sys/syscall_mi.h:176 [inline] syscall(ffff80003c5da780) at syscall+0xb08 sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x7ce63b6e6c90, count: -9 ddb{0}> machine ddbcpu 1 Stopped at x86_ipi_db+0x27: addq $0x8,%rsp ddb{1}> trace x86_ipi_db(ffff800029a9bff0) at x86_ipi_db+0x27 sys/arch/amd64/amd64/db_interface.c:393 x86_ipi_handler() at x86_ipi_handler+0xd9 sys/arch/amd64/amd64/ipi.c:106 Xresume_lapic_ipi() at Xresume_lapic_ipi+0x27 acpicpu_idle() at acpicpu_idle+0x41e sys/dev/acpi/acpicpu.c:1218 sched_idle(ffff800029a9bff0) at sched_idle+0x558 sys/kern/kern_sched.c:182 end trace frame: 0x0, count: -5