*cpu0: uvm_fault(0xfffffd806af66d78, 0x0, 0, 1) -> e ddb{1}> trace savectx() at savectx+0xae end of kernel end trace frame: 0x78851eec4680, count: -1 ddb{1}> show registers rdi 0 rsi 0 rbp 0xffff80002a2cf4a0 rbx 0 rdx 0 rcx 0xffff8000ffff27d8 rax 0x32 r8 0xffff80002a2cf3d0 r9 0xffff80002a2cf2e8 r10 0xb3a1ea82c5a5c711 r11 0x47e9fffb82ff0bf1 r12 0 r13 0 r14 0xffff8000ffff27d8 r15 0 rip 0xffffffff813db3ee savectx+0xae cs 0x8 rflags 0x46 rsp 0xffff80002a2cf420 ss 0x10 savectx+0xae: movl $0,%gs:0x688 ddb{1}> show proc PROC (dhcpleased) tid=40144 pid=84215 tcnt=1 stat=onproc flags process=100012 proc=0 runpri=24, usrpri=50, slppri=24, nice=20 wchan=0x0, wmesg=, ps_single=0x0 scnt=0 ecnt=0 forw=0xffffffffffffffff, list=0xffff8000ffff22a8,0xffff8000ffff34e0 process=0xffff80002a2a44e0 user=0xffff80002a2ca000, vmspace=0xfffffd806ef64008 estcpu=0, cpticks=10, pctcpu=0.0, user=1, sys=9, intr=0 ddb{1}> ps PID TID PPID UID S FLAGS WAIT COMMAND 26832 133433 73577 0 3 0x82 nanoslp syz-executor 84899 517407 1 0 3 0x100083 ttyin getty 92945 112822 0 0 3 0x14200 bored sosplice 11286 379686 73577 0 3 0x82 nanoslp syz-executor 16442 258439 73577 0 3 0x82 wait syz-executor 67531 11232 73577 0 3 0x82 nanoslp syz-executor 51750 481474 73577 0 3 0x82 nanoslp syz-executor 75494 486604 73577 0 3 0x82 piperd syz-executor 39872 416748 73577 0 3 0x82 piperd syz-executor 73577 420661 51236 0 3 0x82 wait syz-executor 51236 36692 79900 0 3 0x10008a sigsusp ksh 79900 344496 75788 0 3 0x98 kqread sshd-session 75788 373222 83702 0 3 0x92 kqread sshd-session 83702 49576 1 0 3 0x88 kqread sshd 53535 18053 81944 74 3 0x1100092 bpf pflogd 81944 61220 1 0 3 0x80 sbwait pflogd 46794 470954 50156 73 3 0x1100090 kqread syslogd 50156 341882 1 0 3 0x100082 sbwait syslogd 84452 417223 1 0 2 0x100080 resolvd *84215 40144 9098 77 7 0x100012 dhcpleased 5336 122681 9098 77 3 0x100092 kqread dhcpleased 9098 229014 1 0 3 0x80 kqread dhcpleased 69170 172013 0 0 3 0x14200 bored smr 67962 161939 0 0 3 0x14200 pgzero zerothread 61080 60742 0 0 3 0x14200 aiodoned aiodoned 24667 462093 0 0 3 0x14200 syncer update 80266 228230 0 0 3 0x14200 cleaner cleaner 60591 100063 0 0 3 0x14200 reaper reaper 42684 478944 0 0 3 0x14200 pgdaemon pagedaemon 69446 358805 0 0 3 0x14200 bored viomb 87592 346960 0 0 3 0x40014200 acpi0 acpi0 57598 522284 0 0 3 0x40014200 idle1 80017 157329 0 0 3 0x14200 bored softnet7 96254 198546 0 0 3 0x14200 bored softnet6 91034 289885 0 0 3 0x14200 bored softnet5 42464 140520 0 0 3 0x14200 bored softnet4 45213 215267 0 0 3 0x14200 bored softnet3 50903 462483 0 0 3 0x14200 bored softnet2 11428 346655 0 0 3 0x14200 bored softnet1 39419 8351 0 0 2 0x14200 softnet0 15051 188426 0 0 3 0x14200 bored systqmp 76169 79827 0 0 3 0x14200 bored systq 38254 9978 0 0 3 0x14200 tmoslp softclockmp 51490 273942 0 0 3 0x40014200 tmoslp softclock 68985 82535 0 0 3 0x40014200 idle0 1 72792 0 0 3 0x82 wait init 0 0 -1 0 3 0x10010200 scheduler swapper ddb{1}> show all locks CPU 1: exclusive mutex &kq->kq_lock r = 0 (0xfffffd806f04a9b0) #0 witness_lock+0x5f1 stacktrace_save sys/sys/stacktrace.h:37 [inline] #0 witness_lock+0x5f1 sys/kern/subr_witness.c:1160 #1 mtx_enter_try+0x1ad sys/kern/kern_lock.c:311 #2 mtx_enter+0x62 sys/kern/kern_lock.c:261 #3 kqueue_scan_finish+0xfd sys/kern/kern_event.c:1841 #4 sys_kevent+0x85d sys/kern/kern_event.c:1334 #5 syscall+0xbd4 mi_syscall sys/sys/syscall_mi.h:176 [inline] #5 syscall+0xbd4 sys/arch/amd64/amd64/trap.c:746 #6 Xsyscall+0x128 ddb{1}> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10259 11098K 12392K 166960K 12520 0 pcb 17 17K 18K 166960K 360 0 rtable 189 10K 10K 166960K 686 0 pf 37 18K 81K 166960K 268 0 ifaddr 37 6K 8K 166960K 161 0 ifgroup 57 2K 2K 166960K 240 0 sysctl 4 1K 9K 166960K 10 0 counters 70 37K 38K 166960K 230 0 ioctlops 0 0K 8K 166960K 1816 0 iov 0 0K 24K 166960K 95 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1505 95K 95K 166960K 2689 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 1K 5K 166960K 14 0 VM map 2 1K 1K 166960K 2 0 sem 12 0K 0K 166960K 83 0 dirhash 12 2K 2K 166960K 18 0 ACPI 1692 195K 286K 166960K 12470 0 file desc 15 53K 240K 166960K 1452 0 sigio 0 0K 0K 166960K 18 0 proc 72 115K 196K 166960K 1058 0 subproc 72 4K 4K 166960K 199 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 0 0K 0K 166960K 149 0 in_multi 72 5K 7K 166960K 304 0 ether_multi 1 0K 0K 166960K 13 0 mrt 2 0K 0K 166960K 10 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 253 1129K 1129K 166960K 253 0 exec 0 0K 1K 166960K 829 0 fusefs mount 1 32K 32K 166960K 1 0 pfkey data 0 0K 0K 166960K 1 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 231 163K 177K 166960K 14063 0 UVM aobj 13 2K 2K 166960K 13 0 pinsyscall 40 80K 107K 166960K 2902 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 0K 166960K 60 0 NDP 15 0K 2K 166960K 116 0 temp 57 8646K 8714K 166960K 61469 0 kqueue 13 20K 32K 166960K 249 0 SYN cache 2 8K 16K 166960K 3 0 ddb{1}> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle plcache 128 26 0 0 1 0 1 1 0 8 0 rtpcb 120 157 0 153 1 0 1 1 0 8 0 rtentry 176 253 0 186 5 0 5 5 0 8 0 unpcb 144 1045 0 1026 13 9 4 6 0 8 3 syncache 336 10 0 10 4 3 1 1 0 8 1 tcpqe 32 2 0 2 2 1 1 1 0 8 1 tcpcb 736 331 0 325 7 6 1 7 0 8 0 arp 128 30 0 22 1 0 1 1 0 8 0 inpcb 328 1617 0 1608 33 26 7 15 0 8 5 nd6 144 49 0 34 1 0 1 1 0 8 0 pkpcb 40 7 0 7 4 3 1 1 0 8 1 kcovpl 48 22 0 14 1 0 1 1 0 8 0 mppekey 1024 1 0 1 1 1 0 1 0 8 0 ppxss 1192 53 0 51 3 2 1 1 0 8 0 pppxif 1504 5 0 5 3 2 1 1 0 8 1 pfstscr 40 1 0 1 1 1 0 1 0 8 0 pffrag 232 10 0 3 1 0 1 1 0 482 0 pffrnode 88 5 0 0 1 0 1 1 0 8 0 pffrent 40 15 0 8 1 0 1 1 0 8 0 pfosfp 40 1428 0 1005 5 0 5 5 0 8 0 pfosfpen 112 1428 0 714 21 0 21 21 0 8 0 pfrktable 1344 3 0 3 1 1 0 1 0 8 0 pfanchor 1288 1 0 1 1 1 0 1 0 8 0 pfstitem 24 114 0 40 1 0 1 1 0 8 0 pfstkey 128 120 0 46 3 0 3 3 0 8 0 pfstate 384 116 0 43 9 0 9 9 0 8 0 pfrule 1344 29 0 25 2 1 1 2 0 8 0 rttmr 136 1 0 1 1 1 0 1 0 8 0 art_heap8 4096 3 0 0 3 0 3 3 0 8 0 art_heap4 256 1164 0 822 31 8 23 31 0 8 0 art_table 40 1167 0 822 5 0 5 5 0 8 0 art_node 32 252 0 194 1 0 1 1 0 8 0 sysvmsgpl 40 13 0 9 1 0 1 1 0 8 0 semupl 112 2 0 2 2 2 0 1 0 8 0 semapl 112 76 0 66 1 0 1 1 0 8 0 shmpl 112 10 0 0 1 0 1 1 0 8 0 dirhash 1024 21 0 4 3 0 3 3 0 8 0 dino2pl 256 3922 0 2386 97 0 97 97 0 8 0 ffsino 296 3922 0 2386 119 0 119 119 0 8 0 nchpl 144 5835 0 5258 63 39 24 63 0 8 0 rtmask 32 10 0 10 2 2 0 1 0 8 0 uvmvnodes 80 4666 0 0 96 0 96 96 0 8 0 vnodes 216 4666 0 0 260 0 260 260 0 8 0 namei 1024 21597 0 21597 4 3 1 2 0 8 1 percpumem 16 130 0 80 1 0 1 1 0 8 0 pfiaddrpl 120 1 0 1 1 1 0 1 0 8 0 kstatmem 264 148 0 117 6 3 3 3 0 8 0 scsiplug 72 3 0 3 3 3 0 1 0 8 0 scxspl 216 27160 0 27160 18 17 1 8 1 8 1 plimitpl 152 332 0 315 1 0 1 1 0 8 0 sigapl 424 1710 0 1658 7 0 7 7 0 8 0 knotepl 120 609 0 0 19 0 19 19 0 8 0 kqueuepl 224 425 0 416 1 0 1 1 0 8 0 pipepl 344 269 0 242 6 3 3 6 0 8 0 fdescpl 528 1685 0 1656 3 0 3 3 0 8 0 filepl 160 11185 0 10966 31 16 15 23 0 8 4 lockfpl 104 538 0 536 2 1 1 2 0 8 0 lockfspl 48 205 0 203 1 0 1 1 0 8 0 sessionpl 144 43 0 34 1 0 1 1 0 8 0 pgrppl 48 79 0 62 1 0 1 1 0 8 0 ucredpl 104 2278 0 2265 1 0 1 1 0 8 0 zombiepl 144 1914 0 1908 1 0 1 1 0 8 0 processpl 1232 1710 0 1658 5 0 5 5 0 8 0 procpl 664 3583 0 3531 7 1 6 7 0 8 0 sosppl 168 2 0 2 1 1 0 1 0 8 0 sockpl 752 2854 0 2822 55 44 11 20 0 8 7 mcl64k 65536 5 0 0 1 0 1 1 0 8 0 mcl16k 16384 1 0 0 1 0 1 1 0 8 0 mcl12k 12288 1 0 0 1 0 1 1 0 8 0 mcl9k 9216 1 0 0 1 0 1 1 0 8 0 mcl8k 8192 2 0 0 1 0 1 1 0 8 0 mcl4k 4096 121 0 0 16 0 16 16 0 8 0 mcl2k2 2112 1 0 0 1 0 1 1 0 8 0 mcl2k 2048 30 0 0 4 0 4 4 0 8 0 mtagpl 96 3 0 0 1 0 1 1 0 8 0 mbufpl 256 254 0 0 16 0 16 16 0 8 0 bufpl 280 11625 0 5482 440 0 440 440 0 8 0 anonpl 32 8034 0 0 65 0 65 65 0 246 0 amapchunkpl 152 45352 0 44890 48 22 26 27 0 158 5 amappl16 200 5159 0 5115 54 39 15 17 0 8 10 amappl15 192 4 0 4 1 1 0 1 0 8 0 amappl14 184 152 0 140 1 0 1 1 0 8 0 amappl13 176 4 0 4 1 1 0 1 0 8 0 amappl12 168 2555 0 2526 4 2 2 3 0 8 0 amappl11 160 53 0 39 1 0 1 1 0 8 0 amappl10 152 8 0 8 1 1 0 1 0 8 0 amappl9 144 343 0 343 1 1 0 1 0 8 0 amappl8 136 28 0 26 1 0 1 1 0 8 0 amappl7 128 162 0 149 1 0 1 1 0 8 0 amappl6 120 319 0 316 1 0 1 1 0 8 0 amappl5 112 183 0 173 1 0 1 1 0 8 0 amappl4 104 333 0 313 1 0 1 1 0 8 0 amappl3 96 9177 0 9072 5 1 4 4 0 8 0 amappl2 88 963 0 898 2 0 2 2 0 8 0 amappl1 80 15636 0 15046 16 1 15 15 0 8 0 amappl 88 12938 0 12779 5 0 5 5 0 92 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 254 0 254 2 2 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 12 0 0 1 0 1 1 0 8 0 uaddrrnd 24 1685 0 1656 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 1685 0 1656 1 0 1 1 0 8 0 vmmpekpl 168 14663 0 14611 3 0 3 3 0 8 0 vmmpepl 168 111925 0 110013 106 11 95 102 0 357 1 vmsppl 488 1684 0 1656 5 0 5 5 0 8 0 rwobjpl 80 35908 0 30291 120 4 116 116 0 8 0 pdppl 4096 3378 0 3312 130 56 74 86 0 8 8 pvpl 32 16125 0 0 131 1 130 131 0 265 0 pmappl 256 1684 0 1656 3 0 3 3 0 8 0 extentpl 40 45 0 27 1 0 1 1 0 8 0 phpool 112 325 0 79 8 0 8 8 0 8 0 ddb{1}> machine ddbcpu 0 Stopped at x86_ipi_db+0x27: addq $0x8,%rsp x86_ipi_db(ffffffff83781ff0) at x86_ipi_db+0x27 sys/arch/amd64/amd64/db_interface.c:394 x86_ipi_handler() at x86_ipi_handler+0xd9 sys/arch/amd64/amd64/ipi.c:106 Xresume_lapic_ipi() at Xresume_lapic_ipi+0x27 x86_bus_space_io_read_1(3f8,5) at x86_bus_space_io_read_1+0x37 sys/arch/amd64/amd64/bus_space.c:662 comcnputc(800,d) at comcnputc+0x250 comcn_read_reg sys/dev/ic/com.c:1655 [inline] comcnputc(800,d) at comcnputc+0x250 sys/dev/ic/com.c:1269 db_putchar(a) at db_putchar+0x498 sys/ddb/db_output.c:168 kprintf() at kprintf+0x203 sys/kern/subr_prf.c:723 db_printf(ffffffff83313d4b) at db_printf+0x9b sys/kern/subr_prf.c:-1 fault(ffffffff833d39fb) at fault+0xa7 sys/arch/amd64/amd64/trap.c:161 kpageflttrap(ffff80003c45d180,0) at kpageflttrap+0x37d sys/arch/amd64/amd64/trap.c:296 kerntrap(ffff80003c45d180) at kerntrap+0x198 sys/arch/amd64/amd64/trap.c:489 alltraps_kern_meltdown() at alltraps_kern_meltdown+0x7b dt_ioctl_record_stop(ffff80000147a000) at dt_ioctl_record_stop+0x108 sys/dev/dt/dt_dev.c:586 dtclose(41e5f,81,2000,ffff80003a41f780) at dtclose+0x109 dt_pcb_purge sys/dev/dt/dt_dev.c:-1 [inline] dtclose(41e5f,81,2000,ffff80003a41f780) at dtclose+0x109 sys/dev/dt/dt_dev.c:232 end trace frame: 0xffff80003c45d320, count: 0 ddb{0}> trace x86_ipi_db(ffffffff83781ff0) at x86_ipi_db+0x27 sys/arch/amd64/amd64/db_interface.c:394 x86_ipi_handler() at x86_ipi_handler+0xd9 sys/arch/amd64/amd64/ipi.c:106 Xresume_lapic_ipi() at Xresume_lapic_ipi+0x27 x86_bus_space_io_read_1(3f8,5) at x86_bus_space_io_read_1+0x37 sys/arch/amd64/amd64/bus_space.c:662 comcnputc(800,d) at comcnputc+0x250 comcn_read_reg sys/dev/ic/com.c:1655 [inline] comcnputc(800,d) at comcnputc+0x250 sys/dev/ic/com.c:1269 db_putchar(a) at db_putchar+0x498 sys/ddb/db_output.c:168 kprintf() at kprintf+0x203 sys/kern/subr_prf.c:723 db_printf(ffffffff83313d4b) at db_printf+0x9b sys/kern/subr_prf.c:-1 fault(ffffffff833d39fb) at fault+0xa7 sys/arch/amd64/amd64/trap.c:161 kpageflttrap(ffff80003c45d180,0) at kpageflttrap+0x37d sys/arch/amd64/amd64/trap.c:296 kerntrap(ffff80003c45d180) at kerntrap+0x198 sys/arch/amd64/amd64/trap.c:489 alltraps_kern_meltdown() at alltraps_kern_meltdown+0x7b dt_ioctl_record_stop(ffff80000147a000) at dt_ioctl_record_stop+0x108 sys/dev/dt/dt_dev.c:586 dtclose(41e5f,81,2000,ffff80003a41f780) at dtclose+0x109 dt_pcb_purge sys/dev/dt/dt_dev.c:-1 [inline] dtclose(41e5f,81,2000,ffff80003a41f780) at dtclose+0x109 sys/dev/dt/dt_dev.c:232 spec_close(ffff80003c45d330) at spec_close+0x466 sys/kern/spec_vnops.c:-1 VOP_CLOSE(fffffd805ef8bde0,81,fffffd80097fb7b8,ffff80003a41f780) at VOP_CLOSE+0x132 sys/kern/vfs_vops.c:156 vn_closefile(fffffd806aec8898,ffff80003a41f780) at vn_closefile+0x12b vn_close sys/kern/vfs_vnops.c:292 [inline] vn_closefile(fffffd806aec8898,ffff80003a41f780) at vn_closefile+0x12b sys/kern/vfs_vnops.c:615 fdrop(fffffd806aec8898,ffff80003a41f780) at fdrop+0x121 sys/kern/kern_descrip.c:1280 closef(fffffd806aec8898,ffff80003a41f780) at closef+0x192 sys/kern/kern_descrip.c:1264 fdfree(ffff80003a41f780) at fdfree+0x116 sys/kern/kern_descrip.c:1195 exit1(ffff80003a41f780,0,0,1) at exit1+0x576 sys/kern/kern_exit.c:215 sys_exit(ffff80003a41f780,ffff80003c45d6a0,ffff80003c45d5f0) at sys_exit+0x1a sys/kern/kern_exit.c:-1 syscall(ffff80003c45d6a0) at syscall+0xb17 mi_syscall sys/sys/syscall_mi.h:176 [inline] syscall(ffff80003c45d6a0) at syscall+0xb17 sys/arch/amd64/amd64/trap.c:746 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x7c9a9fe25d10, count: -24 ddb{0}> machine ddbcpu 1 Stopped at savectx+0xae: movl $0,%gs:0x688 savectx() at savectx+0xae end of kernel end trace frame: 0x78851eec4680, count: 14 ddb{1}> trace savectx() at savectx+0xae end of kernel end trace frame: 0x78851eec4680, count: -1