panic: kernel diagnostic assertion "__mp_lock_held(&sched_lock, curcpu()) == 0" failed: file "/syzkaller/managers/setuid/kernel/sys/kern/kern_lock.c", line 63 Stopped at db_enter+0x18: addq $0x8,%rsp TID PID UID PRFLAGS PFLAGS CPU COMMAND * 10143 34841 32767 0x1810 0x4080080 0 syz-executor.1 263800 740 0 0x14000 0x200 1K reaper db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:437 panic(ffffffff8259bd82) at panic+0x177 sys/kern/subr_prf.c:202 __assert(ffffffff8261504d,ffffffff8261b5a3,3f,ffffffff8264d4fb) at __assert+0x25 sys/kern/subr_prf.c:161 _kernel_lock() at _kernel_lock+0xb2 sys/kern/kern_lock.c:63 single_thread_check_locked(ffff8000fffe62b0,1,c) at single_thread_check_locked+0x1f6 sys/kern/kern_sig.c:2037 single_thread_check(ffff8000fffe62b0,1) at single_thread_check+0x4b sys/kern/kern_sig.c:2057 sleep_finish(ffff8000212f6af0,1) at sleep_finish+0x75 sleep_signal_check sys/kern/kern_synch.c:464 [inline] sleep_finish(ffff8000212f6af0,1) at sleep_finish+0x75 sys/kern/kern_synch.c:400 rwsleep(ffff8000fffe62b0,ffffffff82957750,120,ffffffff82595e88,0) at rwsleep+0xd5 sys/kern/kern_synch.c:314 futex_wait(9625827e180,4,0,2) at futex_wait+0x13c sys/kern/sys_futex.c:260 sys_futex(ffff8000fffe62b0,ffff8000212f6c80,ffff8000212f6ce0) at sys_futex+0xf8 sys/kern/sys_futex.c:111 syscall(ffff8000212f6d50) at syscall+0x484 mi_syscall sys/sys/syscall_mi.h:102 [inline] syscall(ffff8000212f6d50) at syscall+0x484 sys/arch/amd64/amd64/trap.c:585 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x9628c8595a0, count: 3 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb{0}> ddb{0}> set $lines = 0 ddb{0}> set $maxwidth = 0 ddb{0}> show panic *cpu0: kernel diagnostic assertion "__mp_lock_held(&sched_lock, curcpu()) == 0" failed: file "/syzkaller/managers/setuid/kernel/sys/kern/kern_lock.c", line 63 ddb{0}> trace db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:437 panic(ffffffff8259bd82) at panic+0x177 sys/kern/subr_prf.c:202 __assert(ffffffff8261504d,ffffffff8261b5a3,3f,ffffffff8264d4fb) at __assert+0x25 sys/kern/subr_prf.c:161 _kernel_lock() at _kernel_lock+0xb2 sys/kern/kern_lock.c:63 single_thread_check_locked(ffff8000fffe62b0,1,c) at single_thread_check_locked+0x1f6 sys/kern/kern_sig.c:2037 single_thread_check(ffff8000fffe62b0,1) at single_thread_check+0x4b sys/kern/kern_sig.c:2057 sleep_finish(ffff8000212f6af0,1) at sleep_finish+0x75 sleep_signal_check sys/kern/kern_synch.c:464 [inline] sleep_finish(ffff8000212f6af0,1) at sleep_finish+0x75 sys/kern/kern_synch.c:400 rwsleep(ffff8000fffe62b0,ffffffff82957750,120,ffffffff82595e88,0) at rwsleep+0xd5 sys/kern/kern_synch.c:314 futex_wait(9625827e180,4,0,2) at futex_wait+0x13c sys/kern/sys_futex.c:260 sys_futex(ffff8000fffe62b0,ffff8000212f6c80,ffff8000212f6ce0) at sys_futex+0xf8 sys/kern/sys_futex.c:111 syscall(ffff8000212f6d50) at syscall+0x484 mi_syscall sys/sys/syscall_mi.h:102 [inline] syscall(ffff8000212f6d50) at syscall+0x484 sys/arch/amd64/amd64/trap.c:585 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x9628c8595a0, count: -12 ddb{0}> show registers rdi 0 rsi 0x1 rbp 0xffff8000212f68b0 rbx 0xffffffff8292bbb7 cpu_info_full_primary+0x2bb7 rdx 0 rcx 0 rax 0xffff8000fffe62b0 r8 0x101010101010101 r9 0x8080808080808080 r10 0x76ba47ccf070a5ee r11 0xb6ea25256c209e37 r12 0xffffffff8292b9b8 cpu_info_full_primary+0x29b8 r13 0 r14 0 r15 0x1 rip 0xffffffff81477f68 db_enter+0x18 cs 0x8 rflags 0x246 rsp 0xffff8000212f68a0 ss 0x10 db_enter+0x18: addq $0x8,%rsp ddb{0}> show proc PROC (syz-executor.1) pid=10143 stat=onproc flags process=1810 proc=4080080 pri=81, usrpri=81, nice=20 forw=0xffffffffffffffff, list=0xffff8000fffe6550,0xffffffff82ae5bb0 process=0xffff8000ffff8c80 user=0xffff8000212f1000, vmspace=0xfffffd806c800740 estcpu=31, cpticks=0, pctcpu=0.0 user=0, sys=0, intr=0 ddb{0}> ps PID TID PPID UID S FLAGS WAIT COMMAND 59502 205077 83603 32767 2 0x10 syz-executor.3 59502 65997 83603 32767 3 0x4000090 fsleep syz-executor.3 67136 239095 41072 32767 2 0x10 syz-executor.4 50452 319661 24158 32767 2 0x10 syz-executor.2 50452 407008 24158 32767 2 0x4000010 syz-executor.2 76720 219589 18285 32767 2 0x10 syz-executor.0 76720 295248 18285 32767 3 0x4000090 kqread syz-executor.0 94218 519003 32387 32767 2 0x10 syz-executor.6 94218 459720 32387 32767 2 0x4000010 syz-executor.6 69633 59611 89311 32767 2 0x10 syz-executor.7 69633 215504 89311 32767 3 0x4000090 fsleep syz-executor.7 34841 2256 36161 32767 2 0x3810 syz-executor.1 *34841 10143 36161 32767 7 0x4081890 syz-executor.1 18285 121163 80423 32767 3 0x90 nanoslp syz-executor.0 80423 59307 83165 0 3 0x82 wait syz-executor.0 24158 380418 83314 32767 3 0x90 nanoslp syz-executor.2 83314 22069 83165 0 3 0x82 wait syz-executor.2 32387 290567 56948 32767 3 0x90 nanoslp syz-executor.6 56948 221093 83165 0 3 0x82 wait syz-executor.6 45912 271969 0 0 3 0x14200 bored sosplice 98647 170055 92838 32767 3 0x90 nanoslp syz-executor.5 89311 468023 79710 32767 3 0x90 nanoslp syz-executor.7 92838 133234 83165 0 3 0x82 wait syz-executor.5 79710 398052 83165 0 3 0x82 wait syz-executor.7 41072 185616 96959 32767 3 0x90 nanoslp syz-executor.4 83603 470455 91380 32767 2 0x10 syz-executor.3 36161 145329 21003 32767 3 0x90 nanoslp syz-executor.1 96959 189641 83165 0 3 0x82 wait syz-executor.4 91380 110180 83165 0 3 0x82 wait syz-executor.3 21003 22651 83165 0 3 0x82 wait syz-executor.1 83165 234803 50611 0 3 0x82 thrsleep syz-fuzzer 83165 361698 50611 0 3 0x4000082 thrsleep syz-fuzzer 83165 395801 50611 0 3 0x4000082 thrsleep syz-fuzzer 83165 489256 50611 0 3 0x4000082 thrsleep syz-fuzzer 83165 395330 50611 0 3 0x4000082 kqread syz-fuzzer 83165 77922 50611 0 3 0x4000082 thrsleep syz-fuzzer 83165 8864 50611 0 3 0x4000082 thrsleep syz-fuzzer 83165 191216 50611 0 3 0x4000082 thrsleep syz-fuzzer 83165 516894 50611 0 3 0x4000082 thrsleep syz-fuzzer 50611 355112 29754 0 3 0x10008a sigsusp ksh 29754 121947 27439 0 3 0x9a kqread sshd 24596 448992 1 0 3 0x100083 ttyin getty 27439 120873 1 0 3 0x88 kqread sshd 37408 302611 99363 73 3 0x1100090 kqread syslogd 99363 252364 1 0 3 0x100082 netio syslogd 64884 213180 1 0 3 0x100080 kqread resolvd 96761 134355 4494 77 3 0x100092 kqread dhcpleased 89404 21588 4494 77 3 0x100092 kqread dhcpleased 4494 150253 1 0 3 0x80 kqread dhcpleased 95661 251377 0 0 3 0x14200 bored smr 38928 308625 0 0 2 0x14200 zerothread 17886 392674 0 0 3 0x14200 aiodoned aiodoned 50975 330322 0 0 3 0x14200 syncer update 47820 126314 0 0 3 0x14200 cleaner cleaner 740 263800 0 0 7 0x14200 reaper 22744 130965 0 0 3 0x14200 pgdaemon pagedaemon 22548 398642 0 0 3 0x14200 bored viomb 77044 472784 0 0 3 0x40014200 acpi0 acpi0 64149 288938 0 0 3 0x40014200 idle1 78860 331716 0 0 3 0x14200 bored softnet 43377 410239 0 0 3 0x14200 bored softnet 98589 382298 0 0 3 0x14200 bored softnet 41783 153526 0 0 3 0x14200 bored softnet 24741 66238 0 0 3 0x14200 bored systqmp 67222 55795 0 0 3 0x14200 bored systq 15318 379441 0 0 3 0x40014200 bored softclock 16403 98110 0 0 3 0x40014200 idle0 1 237808 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb{0}> show all locks CPU 0: exclusive sched_lock &sched_lock r = 0 (0xffffffff82b5eeb8) #0 witness_lock+0x44d #1 __mp_acquire_count+0x48 sys/kern/kern_lock.c:227 #2 mi_switch+0x3d4 sys/kern/sched_bsd.c:419 #3 single_thread_check_locked+0x17f sys/kern/kern_sig.c:2045 #4 single_thread_check+0x4b sys/kern/kern_sig.c:2057 #5 sleep_finish+0x75 sleep_signal_check sys/kern/kern_synch.c:464 [inline] #5 sleep_finish+0x75 sys/kern/kern_synch.c:400 #6 rwsleep+0xd5 sys/kern/kern_synch.c:314 #7 futex_wait+0x13c sys/kern/sys_futex.c:260 #8 sys_futex+0xf8 sys/kern/sys_futex.c:111 #9 syscall+0x484 mi_syscall sys/sys/syscall_mi.h:102 [inline] #9 syscall+0x484 sys/arch/amd64/amd64/trap.c:585 #10 Xsyscall+0x128 Process 740 (reaper) thread 0xffff800021233a48 (263800) exclusive rwlock kmmaplk r = 0 (0xffffffff82b97478) #0 witness_lock+0x44d #1 rw_enter+0x3e1 sys/kern/kern_rwlock.c:310 #2 vm_map_lock_ln+0xda sys/uvm/uvm_map.c:5457 #3 uvm_unmap+0x78 sys/uvm/uvm_map.c:2068 #4 uvm_uarea_free+0x35 sys/uvm/uvm_glue.c:288 #5 reaper+0x168 sys/kern/kern_exit.c:443 #6 proc_trampoline+0x1c exclusive kernel_lock &kernel_lock r = 0 (0xffffffff82b97828) #0 witness_lock+0x44d #1 reaper+0x160 sys/kern/kern_exit.c:442 #2 proc_trampoline+0x1c ddb{0}> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10197 6411K 6420K 78643K 11309 0 pcb 13 12K 14K 78643K 17 0 rtable 240 6K 7K 78643K 944 0 ifaddr 81 17K 17K 78643K 132 0 sysctl 2 0K 0K 78643K 2 0 counters 56 35K 35K 78643K 70 0 ioctlops 0 0K 2K 78643K 1204 0 iov 0 0K 32K 78643K 877 0 mount 1 1K 1K 78643K 1 0 log 0 0K 0K 78643K 5 0 vnodes 1271 79K 79K 78643K 2742 0 UFS quota 1 32K 32K 78643K 1 0 UFS mount 5 36K 36K 78643K 5 0 shm 2 1K 9K 78643K 71 0 VM map 2 1K 1K 78643K 2 0 sem 12 0K 0K 78643K 1373 0 dirhash 12 2K 2K 78643K 12 0 ACPI 1697 195K 286K 78643K 12548 0 file desc 25 93K 117K 78643K 7483 0 sigio 0 0K 0K 78643K 244 0 proc 56 78K 127K 78643K 1171 0 subproc 104 6K 6K 78643K 195 0 NFS srvsock 1 0K 0K 78643K 1 0 NFS daemon 1 16K 16K 78643K 1 0 ip_moptions 0 0K 0K 78643K 621 0 in_multi 99 6K 7K 78643K 777 0 ether_multi 1 0K 0K 78643K 38 0 mrt 1 0K 0K 78643K 1 0 ISOFS mount 1 32K 32K 78643K 1 0 MSDOSFS mount 1 16K 16K 78643K 1 0 ttys 181 811K 811K 78643K 181 0 exec 0 0K 2K 78643K 1843 0 tdb 3 0K 0K 78643K 3 0 pagedep 1 8K 8K 78643K 1 0 inodedep 1 32K 32K 78643K 1 0 newblk 1 0K 0K 78643K 1 0 VM swap 7 26K 26K 78643K 7 0 UVM amap 299 87K 103K 78643K 47908 0 UVM aobj 131 8K 8K 78643K 140 0 memdesc 1 4K 4K 78643K 1 0 crypto data 1 1K 1K 78643K 1 0 ip6_options 0 0K 0K 78643K 274 0 NDP 11 0K 2K 78643K 48 0 temp 124 4722K 4850K 78643K 20354 0 kqueue 13 20K 50K 78643K 3717 0 SYN cache 2 16K 16K 78643K 2 0 ddb{0}> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle plcache 128 22 0 0 1 0 1 1 0 8 0 rtpcb 120 889 0 886 13 12 1 3 0 8 0 rtentry 112 197 0 84 4 0 4 4 0 8 0 unpcb 136 19193 0 19180 92 91 1 12 0 8 0 syncache 296 45 0 45 10 10 0 1 0 8 0 tcpqe 32 43 0 43 6 6 0 1 0 8 0 tcpcb 736 2919 0 2914 104 98 6 15 0 8 5 arp 120 32 0 14 1 0 1 1 0 8 0 ipq 40 9 0 9 2 2 0 1 0 8 0 ipqe 40 18 0 18 2 2 0 1 0 8 0 inpcb 320 5892 0 5885 104 100 4 13 0 8 3 ip6q 72 6 0 6 2 2 0 1 0 8 0 ip6af 40 18 0 18 2 2 0 1 0 8 0 nd6 48 54 0 27 1 0 1 1 0 8 0 kcovpl 48 15 0 7 1 0 1 1 0 8 0 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 819 0 347 31 1 30 30 0 8 0 art_table 32 820 0 347 4 0 4 4 0 8 0 art_node 16 196 0 93 1 0 1 1 0 8 0 sysvmsgpl 40 20 0 13 1 0 1 1 0 8 0 semupl 112 1 0 1 1 1 0 1 0 8 0 semapl 112 1371 0 1361 1 0 1 1 0 8 0 shmpl 112 137 0 9 4 0 4 4 0 8 0 dirhash 1024 17 0 0 3 0 3 3 0 8 0 dino2pl 256 11396 0 9942 92 0 92 92 0 8 0 ffsino 272 11396 0 9942 98 0 98 98 0 8 0 nchpl 144 21267 0 19627 63 0 63 63 0 8 0 uvmvnodes 80 5926 0 0 121 0 121 121 0 8 0 vnodes 224 5926 0 0 349 0 349 349 0 8 0 namei 1024 72344 0 72344 3 2 1 2 0 8 1 percpumem 16 47 0 7 1 0 1 1 0 8 0 kstatmem 264 36 0 14 2 0 2 2 0 8 0 scxspl 216 64513 0 64513 27 26 1 8 0 8 1 plimitpl 152 1603 0 1580 7 6 1 2 0 8 0 sigapl 424 7746 0 7691 7 0 7 7 0 8 0 futexpl 64 69786 0 69783 2 1 1 1 0 8 0 knotepl 120 585 0 0 12 0 12 12 0 8 0 kqueuepl 224 10032 0 10020 66 64 2 11 0 8 1 pipepl 336 2832 0 2804 59 56 3 9 0 8 0 fdescpl 496 7728 0 7692 7 2 5 6 0 8 0 filepl 152 69865 0 69625 121 110 11 27 0 8 1 lockfpl 104 1261 0 1259 3 2 1 2 0 8 0 lockfspl 48 286 0 284 1 0 1 1 0 8 0 sessionpl 144 30 0 14 1 0 1 1 0 8 0 pgrppl 48 189 0 173 1 0 1 1 0 8 0 ucredpl 104 9121 0 9103 1 0 1 1 0 8 0 zombiepl 144 7692 0 7691 1 0 1 1 0 8 0 processpl 1064 7746 0 7691 4 0 4 4 0 8 0 procpl 672 23398 0 23328 20 13 7 8 0 8 1 sosppl 168 59 0 59 15 15 0 1 0 8 0 sockpl 480 26164 0 26141 627 618 9 42 0 8 6 mcl64k 65536 34 0 0 3 1 2 3 0 8 0 mcl16k 16384 25 0 0 4 1 3 3 0 8 0 mcl12k 12288 25 0 0 2 0 2 2 0 8 0 mcl9k 9216 17 0 0 2 0 2 2 0 8 0 mcl8k 8192 17 0 0 3 0 3 3 0 8 0 mcl4k 4096 26 0 0 3 0 3 3 0 8 0 mcl2k2 2112 10 0 0 1 0 1 1 0 8 0 mcl2k 2048 215 0 0 20 0 20 20 0 8 0 mtagpl 96 3 0 0 1 0 1 1 0 8 0 mbufpl 256 7388 0 0 444 0 444 444 0 8 0 bufpl 288 16100 0 9770 453 0 453 453 0 8 0 anonpl 24 1562892 0 1549878 208 119 89 108 0 186 0 amapchunkpl 152 139538 0 138899 86 57 29 39 0 158 0 amappl16 200 22222 0 21846 115 94 21 33 0 8 0 amappl15 192 1643 0 1641 1 0 1 1 0 8 0 amappl14 184 2460 0 2449 2 1 1 1 0 8 0 amappl13 176 892 0 890 1 0 1 1 0 8 0 amappl12 168 1497 0 1488 1 0 1 1 0 8 0 amappl11 160 2252 0 2230 1 0 1 1 0 8 0 amappl10 152 47 0 42 1 0 1 1 0 8 0 amappl9 144 584 0 581 1 0 1 1 0 8 0 amappl8 136 873 0 775 4 0 4 4 0 8 0 amappl7 128 174 0 161 1 0 1 1 0 8 0 amappl6 120 327 0 307 2 1 1 2 0 8 0 amappl5 112 3899 0 3883 1 0 1 1 0 8 0 amappl4 104 5671 0 5634 2 1 1 2 0 8 0 amappl3 96 25807 0 25749 2 0 2 2 0 8 0 amappl2 88 9751 0 9675 3 0 3 3 0 8 0 amappl1 80 191547 0 190806 28 12 16 19 0 8 0 amappl 88 47017 0 46835 5 0 5 5 0 92 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 139 0 9 3 0 3 3 0 8 0 uaddrrnd 24 7728 0 7691 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 7728 0 7691 1 0 1 1 0 8 0 vmmpekpl 168 72940 0 72894 3 0 3 3 0 8 0 vmmpepl 168 766888 0 763988 209 80 129 140 0 357 2 vmsppl 368 7727 0 7691 4 0 4 4 0 8 0 rwobjpl 56 199850 0 192386 114 7 107 110 0 8 0 pdppl 4096 15463 0 15382 235 154 81 91 0 8 0 pvpl 32 2970431 0 2952186 363 202 161 240 0 265 0 pmappl 248 7727 0 7691 4 1 3 3 0 8 0 extentpl 40 58 0 38 1 0 1 1 0 8 0 phpool 112 1563 0 315 36 0 36 36 0 8 0 ddb{0}> machine ddbcpu 0 Invalid cpu 0 ddb{0}> trace db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:437 panic(ffffffff8259bd82) at panic+0x177 sys/kern/subr_prf.c:202 __assert(ffffffff8261504d,ffffffff8261b5a3,3f,ffffffff8264d4fb) at __assert+0x25 sys/kern/subr_prf.c:161 _kernel_lock() at _kernel_lock+0xb2 sys/kern/kern_lock.c:63 single_thread_check_locked(ffff8000fffe62b0,1,c) at single_thread_check_locked+0x1f6 sys/kern/kern_sig.c:2037 single_thread_check(ffff8000fffe62b0,1) at single_thread_check+0x4b sys/kern/kern_sig.c:2057 sleep_finish(ffff8000212f6af0,1) at sleep_finish+0x75 sleep_signal_check sys/kern/kern_synch.c:464 [inline] sleep_finish(ffff8000212f6af0,1) at sleep_finish+0x75 sys/kern/kern_synch.c:400 rwsleep(ffff8000fffe62b0,ffffffff82957750,120,ffffffff82595e88,0) at rwsleep+0xd5 sys/kern/kern_synch.c:314 futex_wait(9625827e180,4,0,2) at futex_wait+0x13c sys/kern/sys_futex.c:260 sys_futex(ffff8000fffe62b0,ffff8000212f6c80,ffff8000212f6ce0) at sys_futex+0xf8 sys/kern/sys_futex.c:111 syscall(ffff8000212f6d50) at syscall+0x484 mi_syscall sys/sys/syscall_mi.h:102 [inline] syscall(ffff8000212f6d50) at syscall+0x484 sys/arch/amd64/amd64/trap.c:585 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x9628c8595a0, count: -12 ddb{0}> machine ddbcpu 1 Stopped at x86_ipi_db+0x1a: addq $0x8,%rsp x86_ipi_db(ffff800020dd8ff0) at x86_ipi_db+0x1a sys/arch/amd64/amd64/db_interface.c:393 x86_ipi_handler() at x86_ipi_handler+0xb7 sys/arch/amd64/amd64/ipi.c:106 Xresume_lapic_ipi() at Xresume_lapic_ipi+0x23 __sanitizer_cov_trace_pc() at __sanitizer_cov_trace_pc+0x34 sys/dev/kcov.c:154 __mp_lock(ffffffff82b5ecb0) at __mp_lock+0x133 __mp_lock_spin sys/kern/kern_lock.c:116 [inline] __mp_lock(ffffffff82b5ecb0) at __mp_lock+0x133 sys/kern/kern_lock.c:147 wakeup_n(ffffffff829e0538,ffffffff) at wakeup_n+0x37 uvm_pmr_freepages(fffffd8007b2b7a0,1) at uvm_pmr_freepages+0x2ce sys/uvm/uvm_pmemrange.c:1303 uvm_km_pgremove(ffffffff82b60048,ffff800027bd9000,ffff800027bdf000) at uvm_km_pgremove+0x102 sys/uvm/uvm_km.c:271 uvm_unmap_kill_entry_withlock(ffffffff82b97460,fffffd8069409550,1) at uvm_unmap_kill_entry_withlock+0x197 sys/uvm/uvm_map.c:2186 uvm_unmap_remove(ffffffff82b97460,ffff800027bd9000,ffff800027bdf000,ffff800021239b50,0,1) at uvm_unmap_remove+0x3b9 sys/uvm/uvm_map.c:2263 uvm_unmap(ffffffff82b97460,ffff800027bd9000,ffff800027bdf000) at uvm_unmap+0x92 vm_map_unlock_ln sys/uvm/uvm_map.c:5493 [inline] uvm_unmap(ffffffff82b97460,ffff800027bd9000,ffff800027bdf000) at uvm_unmap+0x92 sys/uvm/uvm_map.c:2069 uvm_uarea_free(ffff8000fffec2a8) at uvm_uarea_free+0x35 sys/uvm/uvm_glue.c:288 reaper(ffff800021233a48) at reaper+0x168 sys/kern/kern_exit.c:443 end trace frame: 0x0, count: 2 ddb{1}> trace x86_ipi_db(ffff800020dd8ff0) at x86_ipi_db+0x1a sys/arch/amd64/amd64/db_interface.c:393 x86_ipi_handler() at x86_ipi_handler+0xb7 sys/arch/amd64/amd64/ipi.c:106 Xresume_lapic_ipi() at Xresume_lapic_ipi+0x23 __sanitizer_cov_trace_pc() at __sanitizer_cov_trace_pc+0x34 sys/dev/kcov.c:154 __mp_lock(ffffffff82b5ecb0) at __mp_lock+0x133 __mp_lock_spin sys/kern/kern_lock.c:116 [inline] __mp_lock(ffffffff82b5ecb0) at __mp_lock+0x133 sys/kern/kern_lock.c:147 wakeup_n(ffffffff829e0538,ffffffff) at wakeup_n+0x37 uvm_pmr_freepages(fffffd8007b2b7a0,1) at uvm_pmr_freepages+0x2ce sys/uvm/uvm_pmemrange.c:1303 uvm_km_pgremove(ffffffff82b60048,ffff800027bd9000,ffff800027bdf000) at uvm_km_pgremove+0x102 sys/uvm/uvm_km.c:271 uvm_unmap_kill_entry_withlock(ffffffff82b97460,fffffd8069409550,1) at uvm_unmap_kill_entry_withlock+0x197 sys/uvm/uvm_map.c:2186 uvm_unmap_remove(ffffffff82b97460,ffff800027bd9000,ffff800027bdf000,ffff800021239b50,0,1) at uvm_unmap_remove+0x3b9 sys/uvm/uvm_map.c:2263 uvm_unmap(ffffffff82b97460,ffff800027bd9000,ffff800027bdf000) at uvm_unmap+0x92 vm_map_unlock_ln sys/uvm/uvm_map.c:5493 [inline] uvm_unmap(ffffffff82b97460,ffff800027bd9000,ffff800027bdf000) at uvm_unmap+0x92 sys/uvm/uvm_map.c:2069 uvm_uarea_free(ffff8000fffec2a8) at uvm_uarea_free+0x35 sys/uvm/uvm_glue.c:288 reaper(ffff800021233a48) at reaper+0x168 sys/kern/kern_exit.c:443 end trace frame: 0x0, count: -13