syzbot

panic: acquiring blockable sleep lock with spinlock or critical section held (rwlock) vmmaplk
Starting stack trace...
panic(ffffffff828e0cf4) at panic+0x16f sys/kern/subr_prf.c:229
witness_checkorder(ffffffff82d86940,1,0) at witness_checkorder+0xdf4 witness_debugger sys/kern/subr_witness.c:2513 [inline]
witness_checkorder(ffffffff82d86940,1,0) at witness_checkorder+0xdf4 sys/kern/subr_witness.c:777
rw_enter_read(ffffffff82d86930) at rw_enter_read+0x87 sys/kern/kern_rwlock.c:112
uvmfault_lookup(ffff80002a154d50,0) at uvmfault_lookup+0xd9 sys/uvm/uvm_fault.c:1785
uvm_fault_check(ffff80002a154d50,ffff80002a154d88,ffff80002a154db0) at uvm_fault_check+0x3e sys/uvm/uvm_fault.c:672
uvm_fault(ffffffff82d86850,7f80c65f3000,0,2) at uvm_fault+0xf2 sys/uvm/uvm_fault.c:600
kpageflttrap(ffff80002a154ef0,7f80c65f32e8) at kpageflttrap+0x238 sys/arch/amd64/amd64/trap.c:279
kerntrap(ffff80002a154ef0) at kerntrap+0xf2 sys/arch/amd64/amd64/trap.c:332
alltraps_kern_meltdown() at alltraps_kern_meltdown+0x7b
pmap_page_remove(fffffd80072e7980) at pmap_page_remove+0x33d _atomic_swap_64 machine/atomic.h:117 [inline]
pmap_page_remove(fffffd80072e7980) at pmap_page_remove+0x33d sys/arch/amd64/amd64/pmap.c:1990
uvm_anfree_list(fffffd806a9e8438,0) at uvm_anfree_list+0x98
amap_wipeout(fffffd806d4766f8) at amap_wipeout+0x1af sys/uvm/uvm_amap.c:502
uvm_unmap_detach(ffff80002a155120,1) at uvm_unmap_detach+0x7d sys/uvm/uvm_map.c:1354
uvm_map_teardown(fffffd806efdc6e8) at uvm_map_teardown+0x2f8 sys/uvm/uvm_map.c:2554
uvmspace_free(fffffd806efdc6e8) at uvmspace_free+0xa6 sys/uvm/uvm_map.c:3461
reaper(ffff80002a148cd8) at reaper+0x197 sys/kern/kern_exit.c:463
end trace frame: 0x0, count: 241
End of stack trace.