*cpu0: uvm_fault(0xfffffd806cdb66f8, 0xf, 0, 1) -> e
ddb{1}> trace
proc_trampoline() at proc_trampoline+0xc7
end of kernel
end trace frame: 0x74703fa3ab60, count: -1
ddb{1}> show registers
rdi 0
rsi 0
rbp 0xffff8000371bc2b0
rbx 0
rdx 0
rcx 0xffff8000371f6d00
rax 0x2a
r8 0xffff8000371bc1e0
r9 0
r10 0x40b29c0f5505b2e8
r11 0x5bf32f5effaad065
r12 0
r13 0
r14 0
r15 0
rip 0xffffffff826a94c7 proc_trampoline+0xc7
cs 0x8
rflags 0x246
rsp 0xffff8000371bc230
ss 0
proc_trampoline+0xc7: movl $0,%gs:0x680
ddb{1}> show proc
PROC (syz-executor) tid=123708 pid=29737 tcnt=1 stat=onproc
flags process=0 proc=0
runpri=50, usrpri=86, slppri=17, nice=20
wchan=0x0, wmesg=, ps_single=0x0 scnt=0 ecnt=0
forw=0xffffffffffffffff, list=0xffff8000371f6058,0xffffffff83518000
process=0xffff800037265238 user=0xffff8000371b7000, vmspace=0xfffffd806b929530
estcpu=36, cpticks=1, pctcpu=0.0, user=0, sys=1, intr=0
ddb{1}> ps
PID TID PPID UID S FLAGS WAIT COMMAND
*29737 123708 38442 0 7 0 syz-executor
41619 512071 73675 0 2 0 syz-executor
41619 162858 73675 0 7 0x4000000 syz-executor
72882 62291 88010 0 2 0x1000480 syz-executor
72882 242755 88010 0 3 0x5000080 sbwait syz-executor
72882 336459 88010 0 3 0x5000080 fsleep syz-executor
72882 94200 88010 0 3 0x5000080 fsleep syz-executor
90883 306237 1 0 3 0x80 nanoslp init
61178 432220 6659 0 2 0x2 syz-executor
88515 214507 6659 0 2 0x2 syz-executor
73675 268642 6659 0 3 0x82 nanoslp syz-executor
26374 28540 6659 0 2 0x482 syz-executor
1656 467849 6659 0 3 0x82 nanoslp syz-executor
53891 302451 6659 0 2 0x2 syz-executor
38442 17604 6659 0 3 0x82 nanoslp syz-executor
88010 296935 6659 0 2 0x482 syz-executor
70238 196016 0 0 3 0x14280 nfsidl nfsio
58015 100592 0 0 3 0x14280 nfsidl nfsio
87878 171375 0 0 3 0x14280 nfsidl nfsio
6505 505387 0 0 3 0x14280 nfsidl nfsio
9053 445591 0 0 3 0x14280 nfsidl nfsio
79312 315869 0 0 3 0x14280 nfsidl nfsio
61746 25248 0 0 3 0x14280 nfsidl nfsio
19947 202975 0 0 3 0x14280 nfsidl nfsio
77382 31685 0 0 3 0x14280 nfsidl nfsio
79654 130306 0 0 3 0x14280 nfsidl nfsio
64959 12218 0 0 3 0x14280 nfsidl nfsio
45718 250585 0 0 3 0x14280 nfsidl nfsio
55865 247591 0 0 3 0x14280 nfsidl nfsio
11020 47987 0 0 3 0x14280 nfsidl nfsio
88653 484894 0 0 3 0x14280 nfsidl nfsio
32643 504413 0 0 3 0x14280 nfsidl nfsio
98225 369778 0 0 3 0x14280 nfsidl nfsio
45736 200501 0 0 3 0x14280 nfsidl nfsio
30748 398738 0 0 3 0x14280 nfsidl nfsio
76576 161312 0 0 3 0x14280 nfsidl nfsio
33335 322552 0 0 3 0x14200 bored sosplice
6659 38492 91529 0 2 0x2 syz-executor
91529 216411 85817 0 3 0x10008a sigsusp ksh
85817 162807 63378 0 3 0x98 kqread sshd-session
63378 505852 41732 0 3 0x92 kqread sshd-session
41732 40823 1 0 3 0x88 kqread sshd
70849 401120 22427 74 3 0x1100092 bpf pflogd
22427 29124 1 0 3 0x80 sbwait pflogd
19379 287426 51662 73 3 0x1100090 kqread syslogd
51662 323118 1 0 3 0x100082 sbwait syslogd
70564 314820 1 0 3 0x100080 kqread resolvd
21507 449939 1749 77 3 0x100092 kqread dhcpleased
64729 109393 1749 77 3 0x100092 kqread dhcpleased
1749 39348 1 0 3 0x80 kqread dhcpleased
82406 29227 0 0 3 0x14200 bored smr
65311 102971 0 0 3 0x14200 pgzero zerothread
15597 93855 0 0 3 0x14200 aiodoned aiodoned
11560 330289 0 0 3 0x14200 syncer update
34935 88102 0 0 3 0x14200 cleaner cleaner
8900 387302 0 0 2 0x14200 reaper
8814 491195 0 0 3 0x14200 pgdaemon pagedaemon
38046 79881 0 0 3 0x14200 bored viomb
2026 407704 0 0 3 0x40014200 acpi0 acpi0
62722 515076 0 0 3 0x40014200 idle1
55353 392049 0 0 3 0x14200 bored softnet3
33803 256009 0 0 3 0x14200 bored softnet2
57537 208423 0 0 3 0x14200 bored softnet1
84078 50465 0 0 3 0x14200 bored softnet0
25630 229172 0 0 3 0x14200 bored systqmp
21882 509860 0 0 3 0x14200 bored systq
80513 205851 0 0 3 0x14200 tmoslp softclockmp
86693 67445 0 0 2 0x40014200 softclock
62286 175818 0 0 3 0x40014200 idle0
1 268680 0 0 3 0x80082 wait init
0 0 -1 0 3 0x10200 scheduler swapper
ddb{1}> show all locks
Process 29737 (syz-executor) thread 0xffff8000371f6d00 (123708)
Process 41619 (syz-executor) thread 0xffff8000371f6058 (162858)
Process 61178 (syz-executor) thread 0xffff8000371cc560 (432220)
Process 53891 (syz-executor) thread 0xffff80003728af68 (302451)
ddb{1}> show malloc
Type InUse MemUse HighUse Limit Requests Type Lim
devbuf 10396 11551K 11717K 166960K 34549 0
pcb 18 24K 26K 166960K 4999 0
rtable 222 8K 9K 166960K 9361 0
pf 42 19K 25K 166960K 1051 0
ifaddr 44 11K 12K 166960K 1333 0
ifgroup 64 2K 3K 166960K 1596 0
sysctl 4 1K 5K 166960K 58 0
counters 68 36K 37K 166960K 976 0
ioctlops 0 0K 4K 166960K 4050 0
iov 0 0K 28K 166960K 2021 0
mount 1 1K 1K 166960K 1 0
log 0 0K 0K 166960K 4 0
vnodes 1549 97K 98K 166960K 19053 0
UFS quota 1 32K 32K 166960K 1 0
UFS mount 5 36K 36K 166960K 5 0
shm 2 136K 188K 166960K 341 0
VM map 2 1K 1K 166960K 2 0
sem 21 141K 261K 166960K 223 0
dirhash 18 3K 4K 166960K 378 0
ACPI 1690 195K 286K 166960K 12468 0
file desc 14 49K 89K 166960K 21173 0
sigio 0 0K 0K 166960K 606 0
proc 69 91K 140K 166960K 9202 0
subproc 104 6K 7K 166960K 3240 0
NFS srvsock 1 0K 0K 166960K 1 0
NFS daemon 1 16K 16K 166960K 1 0
ip_moptions 0 0K 0K 166960K 3504 0
in_multi 86 6K 7K 166960K 3629 0
ether_multi 1 0K 0K 166960K 308 0
mrt 2 0K 0K 166960K 78 0
ISOFS mount 1 32K 32K 166960K 1 0
MSDOSFS mount 1 16K 16K 166960K 1 0
ttys 265 1182K 1182K 166960K 265 0
exec 0 0K 1K 166960K 7270 0
pfkey data 0 0K 0K 166960K 26 0
tdb 3 0K 0K 166960K 3 0
VM swap 8 62K 64K 166960K 10 0
UVM amap 222 73K 110K 166960K 183701 0
UVM aobj 873 38K 38K 166960K 947 0
pinsyscall 38 76K 100K 166960K 28751 0
memdesc 1 4K 4K 166960K 1 0
crypto data 1 1K 1K 166960K 1 0
ip6_options 0 0K 1K 166960K 1261 0
NDP 14 0K 2K 166960K 1031 0
temp 81 6824K 7080K 166960K 917145 0
kqueue 13 20K 34K 166960K 3192 0
SYN cache 2 16K 16K 166960K 2 0
ddb{1}> show all pools
Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle
plcache 128 24 0 0 1 0 1 1 0 8 0
rtpcb 120 2437 0 2434 17 16 1 4 0 8 0
rtentry 112 3219 0 3124 5 1 4 4 0 8 0
unpcb 144 15873 0 15856 118 116 2 9 0 8 1
syncache 336 47 0 47 17 17 0 1 0 8 0
tcpqe 32 7 26 7 6 6 0 1 0 8 0
tcpcb 808 7313 0 7304 130 128 2 15 0 8 0
arp 120 573 0 557 1 0 1 1 0 8 0
inpcb 336 25977 0 25910 188 177 11 17 0 8 2
nd6 136 867 0 843 3 2 1 2 0 8 0
pkpcb 40 308 0 308 41 40 1 2 0 8 1
kcovpl 48 246 0 238 1 0 1 1 0 8 0
ppxss 1168 152 0 152 36 35 1 1 0 8 1
pfstscr 40 2 0 2 2 2 0 1 0 8 0
pffrag 232 227 0 215 1 0 1 1 0 482 0
pffrnode 88 210 0 199 1 0 1 1 0 8 0
pffrent 40 886 0 874 1 0 1 1 0 8 0
pfosfp 40 1428 0 1005 5 0 5 5 0 8 0
pfosfpen 112 1428 0 714 21 0 21 21 0 8 0
pfanchor 1288 3 0 0 1 0 1 1 0 8 0
pftag 88 1 0 0 1 0 1 1 0 8 0
pfstitem 24 58 0 44 1 0 1 1 0 8 0
pfstkey 128 61 0 45 1 0 1 1 0 8 0
pfstate 376 57 0 45 4 2 2 3 0 8 0
pfrule 1344 45 0 32 5 3 2 2 0 8 0
art_heap8 4096 7 0 2 7 2 5 6 0 8 0
art_heap4 256 13347 0 12951 76 50 26 34 0 8 0
art_table 32 13354 0 12953 6 1 5 5 0 8 0
art_node 16 3163 0 3079 1 0 1 1 0 8 0
sysvmsgpl 40 38 0 26 1 0 1 1 0 8 0
semupl 112 5 0 5 5 5 0 1 0 8 0
semapl 112 209 0 190 1 0 1 1 0 8 0
shmpl 112 944 0 74 25 0 25 25 0 8 0
dirhash 1024 266 0 243 24 21 3 4 0 8 0
dino2pl 256 35015 0 32980 130 2 128 128 0 8 0
ffsino 272 35015 0 32980 136 0 136 136 0 8 0
nchpl 144 61086 0 60156 72 37 35 66 0 8 0
uvmvnodes 80 17175 0 0 351 0 351 351 0 8 0
vnodes 216 17175 0 0 955 0 955 955 0 8 0
namei 1024 247078 0 247076 26 25 1 2 0 8 0
percpumem 16 502 0 454 1 0 1 1 0 8 0
kstatmem 264 936 0 908 11 8 3 3 0 8 0
acpiwqpl 32 3 0 3 1 0 1 1 1 8 1
scsiplug 72 32 0 32 21 20 1 1 0 8 1
scxspl 216 334396 0 334396 48 47 1 8 1 8 1
plimitpl 152 4672 0 4656 1 0 1 1 0 8 0
sigapl 424 21143 0 21075 13 4 9 9 0 8 0
futexpl 64 274940 0 274938 21 20 1 1 0 8 0
knotepl 120 1384 0 0 24 0 24 24 0 8 0
kqueuepl 216 6942 0 6933 67 66 1 9 0 8 0
pipepl 320 3755 0 3728 61 53 8 8 0 8 5
fdescpl 496 21051 0 21023 9 4 5 5 0 8 0
filepl 152 154168 0 153924 184 168 16 25 0 8 4
lockfpl 104 8097 0 8095 12 11 1 2 0 8 0
lockfspl 48 2945 0 2943 1 0 1 1 0 8 0
sessionpl 144 321 0 313 1 0 1 1 0 8 0
pgrppl 48 958 0 942 1 0 1 1 0 8 0
ucredpl 104 28899 0 28885 1 0 1 1 0 8 0
zombiepl 144 21077 0 21075 2 1 1 1 0 8 0
processpl 1160 21143 0 21075 9 3 6 6 0 8 0
procpl 648 48353 0 48281 12 4 8 8 0 8 0
srpgc 96 126 0 126 30 30 0 1 0 8 0
sosppl 168 135 0 135 27 26 1 1 0 8 1
sockpl 664 48430 0 48343 323 309 14 27 0 8 5
mcl64k 65536 13 0 0 2 0 2 2 0 8 0
mcl16k 16384 11 0 0 2 0 2 2 0 8 0
mcl12k 12288 6 0 0 1 0 1 1 0 8 0
mcl9k 9216 4 0 0 1 0 1 1 0 8 0
mcl8k 8192 16 0 0 2 0 2 2 0 8 0
mcl4k 4096 222 0 0 18 5 13 18 0 8 0
mcl2k2 2112 2 0 0 1 0 1 1 0 8 0
mcl2k 2048 228 0 0 13 3 10 12 0 8 0
mtagpl 96 431 0 0 6 2 4 5 0 8 0
mbufpl 256 9518 0 0 552 0 552 552 0 8 0
bufpl 280 66469 0 59914 642 97 545 642 0 8 0
anonpl 24 2490423 0 2480873 314 227 87 109 0 185 4
amapchunkpl 152 603211 0 602637 233 203 30 44 0 158 1
amappl16 200 55348 0 55078 440 412 28 39 0 8 4
amappl15 192 12 0 12 1 1 0 1 0 8 0
amappl14 184 705 0 694 1 0 1 1 0 8 0
amappl13 176 31 0 31 5 5 0 1 0 8 0
amappl12 168 25559 0 25532 4 2 2 3 0 8 0
amappl11 160 58 0 43 1 0 1 1 0 8 0
amappl10 152 7 0 6 2 1 1 1 0 8 0
amappl9 144 138 0 137 2 1 1 1 0 8 0
amappl8 136 21 0 18 1 0 1 1 0 8 0
amappl7 128 649 0 637 1 0 1 1 0 8 0
amappl6 120 2553 0 2551 1 0 1 1 0 8 0
amappl5 112 1153 0 1139 1 0 1 1 0 8 0
amappl4 104 1315 0 1296 1 0 1 1 0 8 0
amappl3 96 126906 0 126811 5 1 4 4 0 8 0
amappl2 88 4532 0 4463 2 0 2 2 0 8 0
amappl1 80 95238 0 94708 21 7 14 17 0 8 0
amappl 88 179684 0 179520 6 0 6 6 0 92 0
dma65536 65536 3 0 3 3 3 0 1 0 8 0
dma32768 32768 6 0 6 5 5 0 1 0 8 0
dma16384 16384 3 0 3 3 3 0 1 0 8 0
dma8192 8192 1 0 1 1 1 0 1 0 8 0
dma4096 4096 3 0 3 2 2 0 1 0 8 0
dma2048 2048 8 0 8 5 5 0 1 0 8 0
dma1024 1024 1 0 0 1 0 1 1 0 8 0
dma512 512 36 0 36 4 4 0 1 0 8 0
dma256 256 9 0 9 4 4 0 1 0 8 0
dma128 128 298 0 298 8 7 1 1 0 8 1
dma64 64 10 0 10 5 5 0 1 0 8 0
dma32 32 14 0 14 7 7 0 1 0 8 0
dma16 16 26 0 25 1 0 1 1 0 8 0
aobjpl 72 946 0 74 16 0 16 16 0 8 0
uaddrrnd 24 21051 0 21023 1 0 1 1 0 8 0
uaddrbest 32 2 0 0 1 0 1 1 0 8 0
uaddr 24 21051 0 21023 1 0 1 1 0 8 0
vmmpekpl 168 139346 0 139268 5 1 4 4 0 8 0
vmmpepl 168 1260419 0 1258456 355 248 107 117 0 357 2
vmsppl 440 21050 0 21022 6 2 4 5 0 8 0
rwobjpl 56 317227 0 298049 304 30 274 274 0 8 0
pdppl 4096 42109 0 42044 519 448 71 83 0 8 6
pvpl 32 33357 0 0 266 0 266 266 0 265 0
pmappl 248 21050 0 21022 3 0 3 3 0 8 0
extentpl 40 55 0 38 1 0 1 1 0 8 0
phpool 112 1906 0 940 29 0 29 29 0 8 0
ddb{1}> machine ddbcpu 0
Stopped at x86_ipi_db+0x27: addq $0x8,%rsp
x86_ipi_db(ffffffff83474ff0) at x86_ipi_db+0x27 sys/arch/amd64/amd64/db_interface.c:393
x86_ipi_handler() at x86_ipi_handler+0xd9 sys/arch/amd64/amd64/ipi.c:106
Xresume_lapic_ipi() at Xresume_lapic_ipi+0x27
x86_bus_space_io_read_4(b008,0) at x86_bus_space_io_read_4+0x37 sys/arch/amd64/amd64/bus_space.c:666
acpitimer_delay(1) at acpitimer_delay+0x58 acpitimer_read sys/dev/acpi/acpitimer.c:141 [inline]
acpitimer_delay(1) at acpitimer_delay+0x58 sys/dev/acpi/acpitimer.c:120
comcnputc(800,20) at comcnputc+0x29b sys/dev/ic/com.c:1269
cnputc(20) at cnputc+0x61 sys/dev/cons.c:218
db_putchar(31) at db_putchar+0x524 db_force_whitespace sys/ddb/db_output.c:102 [inline]
db_putchar(31) at db_putchar+0x524 sys/ddb/db_output.c:153
kprintf() at kprintf+0x2aba sys/kern/subr_prf.c:1065
db_printf(ffffffff8309412d) at db_printf+0x9b
fault(ffffffff830425d9) at fault+0xa7 sys/arch/amd64/amd64/trap.c:157
kpageflttrap(ffff800036987e30,f) at kpageflttrap+0x385 sys/arch/amd64/amd64/trap.c:290
kerntrap(ffff800036987e30) at kerntrap+0x14a sys/arch/amd64/amd64/trap.c:332
alltraps_kern_meltdown() at alltraps_kern_meltdown+0x7b
end trace frame: 0xffff800036987f60, count: 0
ddb{0}> trace
x86_ipi_db(ffffffff83474ff0) at x86_ipi_db+0x27 sys/arch/amd64/amd64/db_interface.c:393
x86_ipi_handler() at x86_ipi_handler+0xd9 sys/arch/amd64/amd64/ipi.c:106
Xresume_lapic_ipi() at Xresume_lapic_ipi+0x27
x86_bus_space_io_read_4(b008,0) at x86_bus_space_io_read_4+0x37 sys/arch/amd64/amd64/bus_space.c:666
acpitimer_delay(1) at acpitimer_delay+0x58 acpitimer_read sys/dev/acpi/acpitimer.c:141 [inline]
acpitimer_delay(1) at acpitimer_delay+0x58 sys/dev/acpi/acpitimer.c:120
comcnputc(800,20) at comcnputc+0x29b sys/dev/ic/com.c:1269
cnputc(20) at cnputc+0x61 sys/dev/cons.c:218
db_putchar(31) at db_putchar+0x524 db_force_whitespace sys/ddb/db_output.c:102 [inline]
db_putchar(31) at db_putchar+0x524 sys/ddb/db_output.c:153
kprintf() at kprintf+0x2aba sys/kern/subr_prf.c:1065
db_printf(ffffffff8309412d) at db_printf+0x9b
fault(ffffffff830425d9) at fault+0xa7 sys/arch/amd64/amd64/trap.c:157
kpageflttrap(ffff800036987e30,f) at kpageflttrap+0x385 sys/arch/amd64/amd64/trap.c:290
kerntrap(ffff800036987e30) at kerntrap+0x14a sys/arch/amd64/amd64/trap.c:332
alltraps_kern_meltdown() at alltraps_kern_meltdown+0x7b
ktrops(ffff8000371f6058,ffffffffffffffff,0,80000310,fffffd804ddbcda8,fffffd807f7d32d8) at ktrops+0x58 ktrcanset sys/kern/kern_ktrace.c:718 [inline]
ktrops(ffff8000371f6058,ffffffffffffffff,0,80000310,fffffd804ddbcda8,fffffd807f7d32d8) at ktrops+0x58 sys/kern/kern_ktrace.c:561
doktrace(fffffd804ddbcda8,4,310,0,ffff8000371f6058) at doktrace+0x6dd ktrsetchildren sys/kern/kern_ktrace.c:586 [inline]
doktrace(fffffd804ddbcda8,4,310,0,ffff8000371f6058) at doktrace+0x6dd sys/kern/kern_ktrace.c:508
sys_ktrace(ffff8000371f6058,ffff800036988240,ffff800036988190) at sys_ktrace+0x11c sys/kern/kern_ktrace.c:549
syscall(ffff800036988240) at syscall+0xaf8 mi_syscall sys/sys/syscall_mi.h:179 [inline]
syscall(ffff800036988240) at syscall+0xaf8 sys/arch/amd64/amd64/trap.c:577
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x2b44e465d20, count: -19
ddb{0}> machine ddbcpu 1
Stopped at proc_trampoline+0xc7: movl $0,%gs:0x680
proc_trampoline() at proc_trampoline+0xc7
end of kernel
end trace frame: 0x74703fa3ab60, count: 14
ddb{1}> trace
proc_trampoline() at proc_trampoline+0xc7
end of kernel
end trace frame: 0x74703fa3ab60, count: -1