panic: kernel diagnostic assertion "__mp_lock_held(&sched_lock, curcpu()) == 0" failed: file "/syzkaller/managers/setuid/kernel/sys/kern/kern_lock.c", line 63 Stopped at db_enter+0x18: addq $0x8,%rsp TID PID UID PRFLAGS PFLAGS CPU COMMAND *109546 27241 32767 0x1810 0x4080080 0 syz-executor.3 3610 99366 0 0x14000 0x200 1K reaper db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:437 panic(ffffffff825a1086) at panic+0x177 sys/kern/subr_prf.c:202 __assert(ffffffff82613da6,ffffffff82617104,3f,ffffffff8264968f) at __assert+0x25 sys/kern/subr_prf.c:161 _kernel_lock() at _kernel_lock+0xb2 sys/kern/kern_lock.c:63 single_thread_check_locked(ffff800021268008,1,c) at single_thread_check_locked+0x1f6 sys/kern/kern_sig.c:2037 single_thread_check(ffff800021268008,1) at single_thread_check+0x4b sys/kern/kern_sig.c:2057 sleep_finish(ffff80002e44e190,1) at sleep_finish+0x75 sleep_signal_check sys/kern/kern_synch.c:464 [inline] sleep_finish(ffff80002e44e190,1) at sleep_finish+0x75 sys/kern/kern_synch.c:400 rwsleep(ffff800021268008,ffffffff8296a1a0,120,ffffffff82595f34,0) at rwsleep+0xd5 sys/kern/kern_synch.c:314 futex_wait(af7a7b3f1f0,3,0,2) at futex_wait+0x13c sys/kern/sys_futex.c:260 sys_futex(ffff800021268008,ffff80002e44e320,ffff80002e44e380) at sys_futex+0xf8 sys/kern/sys_futex.c:111 syscall(ffff80002e44e3f0) at syscall+0x484 mi_syscall sys/sys/syscall_mi.h:102 [inline] syscall(ffff80002e44e3f0) at syscall+0x484 sys/arch/amd64/amd64/trap.c:585 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xaf78c308a20, count: 3 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb{0}> ddb{0}> set $lines = 0 ddb{0}> set $maxwidth = 0 ddb{0}> show panic *cpu0: kernel diagnostic assertion "__mp_lock_held(&sched_lock, curcpu()) == 0" failed: file "/syzkaller/managers/setuid/kernel/sys/kern/kern_lock.c", line 63 ddb{0}> trace db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:437 panic(ffffffff825a1086) at panic+0x177 sys/kern/subr_prf.c:202 __assert(ffffffff82613da6,ffffffff82617104,3f,ffffffff8264968f) at __assert+0x25 sys/kern/subr_prf.c:161 _kernel_lock() at _kernel_lock+0xb2 sys/kern/kern_lock.c:63 single_thread_check_locked(ffff800021268008,1,c) at single_thread_check_locked+0x1f6 sys/kern/kern_sig.c:2037 single_thread_check(ffff800021268008,1) at single_thread_check+0x4b sys/kern/kern_sig.c:2057 sleep_finish(ffff80002e44e190,1) at sleep_finish+0x75 sleep_signal_check sys/kern/kern_synch.c:464 [inline] sleep_finish(ffff80002e44e190,1) at sleep_finish+0x75 sys/kern/kern_synch.c:400 rwsleep(ffff800021268008,ffffffff8296a1a0,120,ffffffff82595f34,0) at rwsleep+0xd5 sys/kern/kern_synch.c:314 futex_wait(af7a7b3f1f0,3,0,2) at futex_wait+0x13c sys/kern/sys_futex.c:260 sys_futex(ffff800021268008,ffff80002e44e320,ffff80002e44e380) at sys_futex+0xf8 sys/kern/sys_futex.c:111 syscall(ffff80002e44e3f0) at syscall+0x484 mi_syscall sys/sys/syscall_mi.h:102 [inline] syscall(ffff80002e44e3f0) at syscall+0x484 sys/arch/amd64/amd64/trap.c:585 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xaf78c308a20, count: -12 ddb{0}> show registers rdi 0 rsi 0x1 rbp 0xffff80002e44df50 rbx 0xffffffff82989bb7 cpu_info_full_primary+0x2bb7 rdx 0 rcx 0 rax 0xffff800021268008 r8 0x101010101010101 r9 0x8080808080808080 r10 0x4a6d4342e50df66c r11 0x894dd7b7fca09d1c r12 0xffffffff829899b8 cpu_info_full_primary+0x29b8 r13 0 r14 0 r15 0x1 rip 0xffffffff813e2898 db_enter+0x18 cs 0x8 rflags 0x246 rsp 0xffff80002e44df40 ss 0 db_enter+0x18: addq $0x8,%rsp ddb{0}> show proc PROC (syz-executor.3) pid=109546 stat=onproc flags process=1810 proc=4080080 pri=76, usrpri=76, nice=20 forw=0xffffffffffffffff, list=0xffff8000fffef260,0xffffffff82adab00 process=0xffff8000ffff31f0 user=0xffff80002e449000, vmspace=0xfffffd80651cbd08 estcpu=36, cpticks=0, pctcpu=0.0 user=0, sys=0, intr=0 ddb{0}> ps PID TID PPID UID S FLAGS WAIT COMMAND 27241 364506 83405 32767 2 0x3810 syz-executor.3 *27241 109546 83405 32767 7 0x4081890 syz-executor.3 10274 373720 61895 32767 2 0x10 syz-executor.6 10274 96557 61895 32767 3 0x4000090 fsleep syz-executor.6 10274 348274 61895 32767 2 0x4000010 syz-executor.6 47498 126288 59791 32767 2 0x10 syz-executor.7 47498 473788 59791 32767 3 0x4000090 fsleep syz-executor.7 95225 333885 78788 32767 2 0x10 syz-executor.1 95225 99803 78788 32767 3 0x4000090 netio syz-executor.1 95225 276507 78788 32767 2 0x4000010 syz-executor.1 40480 257653 13911 32767 2 0x10 syz-executor.2 40480 445165 13911 32767 2 0x4000010 syz-executor.2 16645 182714 79519 32767 3 0x90 nanoslp syz-executor.0 16645 352084 79519 32767 3 0x4000090 netio syz-executor.0 16645 7418 79519 32767 3 0x4000090 fsleep syz-executor.0 78788 391523 80406 32767 3 0x90 nanoslp syz-executor.1 80406 292280 32256 0 3 0x82 wait syz-executor.1 79519 293129 2434 32767 3 0x90 nanoslp syz-executor.0 2434 23555 32256 0 3 0x82 wait syz-executor.0 59791 372832 75532 32767 3 0x90 nanoslp syz-executor.7 75532 79511 32256 0 3 0x82 wait syz-executor.7 83405 98294 2032 32767 3 0x90 nanoslp syz-executor.3 2032 61799 32256 0 3 0x82 wait syz-executor.3 88693 195844 0 0 3 0x14200 bored sosplice 61895 232091 42804 32767 3 0x90 nanoslp syz-executor.6 77730 54050 66090 32767 2 0x10 syz-executor.5 42804 380840 32256 0 3 0x82 wait syz-executor.6 91911 224853 706 32767 3 0x90 nanoslp syz-executor.4 66090 90153 32256 0 3 0x82 wait syz-executor.5 706 270716 32256 0 3 0x82 wait syz-executor.4 13911 494010 57484 32767 3 0x90 nanoslp syz-executor.2 57484 359279 32256 0 3 0x82 wait syz-executor.2 32256 460332 48694 0 3 0x82 thrsleep syz-fuzzer 32256 288878 48694 0 3 0x4000082 nanoslp syz-fuzzer 32256 432701 48694 0 3 0x4000082 nanoslp syz-fuzzer 32256 44146 48694 0 3 0x4000082 thrsleep syz-fuzzer 32256 263398 48694 0 3 0x4000082 kqread syz-fuzzer 32256 274688 48694 0 3 0x4000082 thrsleep syz-fuzzer 32256 38901 48694 0 3 0x4000082 thrsleep syz-fuzzer 32256 512419 48694 0 3 0x4000082 thrsleep syz-fuzzer 32256 445285 48694 0 3 0x4000082 thrsleep syz-fuzzer 48694 87187 83719 0 3 0x10008a sigsusp ksh 83719 473230 51393 0 3 0x9a kqread sshd 73180 387211 1 0 3 0x100083 ttyin getty 51393 442707 1 0 3 0x88 kqread sshd 52749 292856 62521 73 3 0x1100090 kqread syslogd 62521 336989 1 0 3 0x100082 netio syslogd 73908 328817 1 0 3 0x100080 kqread resolvd 63339 444612 69901 77 3 0x100092 kqread dhcpleased 2508 274676 69901 77 3 0x100092 kqread dhcpleased 69901 224123 1 0 3 0x80 kqread dhcpleased 23593 328699 0 0 3 0x14200 bored smr 88122 470573 0 0 2 0x14200 zerothread 3855 460638 0 0 3 0x14200 aiodoned aiodoned 25220 212623 0 0 3 0x14200 syncer update 661 22575 0 0 3 0x14200 cleaner cleaner 99366 3610 0 0 7 0x14200 reaper 60400 308634 0 0 3 0x14200 pgdaemon pagedaemon 95535 291512 0 0 3 0x14200 bored viomb 16760 136310 0 0 3 0x40014200 acpi0 acpi0 78770 396161 0 0 3 0x40014200 idle1 90174 262651 0 0 3 0x14200 bored softnet 50163 509149 0 0 3 0x14200 bored softnet 61869 380941 0 0 3 0x14200 bored softnet 86237 331147 0 0 3 0x14200 bored softnet 54509 169134 0 0 3 0x14200 bored systqmp 53553 106407 0 0 3 0x14200 bored systq 87775 1365 0 0 3 0x40014200 bored softclock 77920 500797 0 0 3 0x40014200 idle0 1 451777 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb{0}> show all locks CPU 0: exclusive sched_lock &sched_lock r = 0 (0xffffffff82a153e0) #0 witness_lock+0x44d #1 __mp_acquire_count+0x48 sys/kern/kern_lock.c:227 #2 mi_switch+0x3d4 sys/kern/sched_bsd.c:419 #3 single_thread_check_locked+0x17f sys/kern/kern_sig.c:2045 #4 single_thread_check+0x4b sys/kern/kern_sig.c:2057 #5 sleep_finish+0x75 sleep_signal_check sys/kern/kern_synch.c:464 [inline] #5 sleep_finish+0x75 sys/kern/kern_synch.c:400 #6 rwsleep+0xd5 sys/kern/kern_synch.c:314 #7 futex_wait+0x13c sys/kern/sys_futex.c:260 #8 sys_futex+0xf8 sys/kern/sys_futex.c:111 #9 syscall+0x484 mi_syscall sys/sys/syscall_mi.h:102 [inline] #9 syscall+0x484 sys/arch/amd64/amd64/trap.c:585 #10 Xsyscall+0x128 Process 99366 (reaper) thread 0xffff8000212437a8 (3610) exclusive kernel_lock &kernel_lock r = 0 (0xffffffff82ad3210) #0 witness_lock+0x44d #1 reaper+0x160 sys/kern/kern_exit.c:442 #2 proc_trampoline+0x1c ddb{0}> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10211 6413K 6420K 78643K 11339 0 pcb 13 12K 14K 78643K 17 0 rtable 240 6K 7K 78643K 1112 0 ifaddr 81 17K 17K 78643K 167 0 sysctl 2 0K 0K 78643K 2 0 counters 56 35K 35K 78643K 80 0 ioctlops 0 0K 2K 78643K 105 0 iov 1 12K 32K 78643K 1777 0 mount 1 1K 1K 78643K 1 0 log 0 0K 0K 78643K 5 0 vnodes 1271 79K 79K 78643K 13456 0 UFS quota 1 32K 32K 78643K 1 0 UFS mount 5 36K 36K 78643K 5 0 shm 2 1K 9K 78643K 139 0 VM map 2 1K 1K 78643K 2 0 sem 12 0K 0K 78643K 1485 0 dirhash 12 2K 2K 78643K 12 0 ACPI 1697 195K 286K 78643K 12548 0 file desc 24 89K 121K 78643K 11943 0 sigio 0 0K 0K 78643K 148 0 proc 56 78K 103K 78643K 1539 0 subproc 104 6K 6K 78643K 260 0 NFS srvsock 1 0K 0K 78643K 1 0 NFS daemon 1 16K 16K 78643K 1 0 ip_moptions 0 0K 0K 78643K 555 0 in_multi 99 6K 7K 78643K 331 0 ether_multi 1 0K 0K 78643K 19 0 mrt 1 0K 0K 78643K 2 0 ISOFS mount 1 32K 32K 78643K 1 0 MSDOSFS mount 1 16K 16K 78643K 1 0 ttys 265 1182K 1182K 78643K 265 0 exec 0 0K 2K 78643K 2413 0 tdb 3 0K 0K 78643K 3 0 pagedep 1 8K 8K 78643K 1 0 inodedep 1 32K 32K 78643K 1 0 newblk 1 0K 0K 78643K 1 0 VM swap 7 26K 26K 78643K 7 0 UVM amap 330 92K 108K 78643K 74912 0 UVM aobj 131 4K 4K 78643K 137 0 memdesc 1 4K 4K 78643K 1 0 crypto data 1 1K 1K 78643K 1 0 ip6_options 0 0K 0K 78643K 377 0 NDP 11 0K 2K 78643K 63 0 temp 124 4722K 4802K 78643K 31858 0 kqueue 12 18K 28K 78643K 1147 0 SYN cache 2 16K 16K 78643K 2 0 ddb{0}> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle plcache 128 22 0 0 1 0 1 1 0 8 0 rtpcb 120 666 0 662 3 2 1 2 0 8 0 rtentry 112 255 0 142 4 0 4 4 0 8 0 unpcb 136 14594 0 14579 152 147 5 9 0 8 4 syncache 296 137 0 137 29 29 0 1 0 8 0 tcpqe 32 506 0 506 15 15 0 2 0 8 0 tcpcb 736 5085 0 5078 165 161 4 14 0 8 3 arp 120 47 0 28 1 0 1 1 0 8 0 ipq 40 2 0 2 1 1 0 1 0 8 0 ipqe 40 7 0 7 1 1 0 1 0 8 0 inpcb 320 9216 0 9209 203 197 6 12 0 8 5 ip6q 72 10 0 10 2 2 0 1 0 8 0 ip6af 40 30 0 30 2 2 0 1 0 8 0 nd6 48 67 0 41 1 0 1 1 0 8 0 kcovpl 48 20 0 12 1 0 1 1 0 8 0 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 1030 0 571 32 3 29 30 0 8 0 art_table 32 1031 0 571 4 0 4 4 0 8 0 art_node 16 254 0 151 1 0 1 1 0 8 0 semupl 112 7 0 7 1 1 0 1 0 8 0 semapl 112 1483 0 1473 1 0 1 1 0 8 0 shmpl 112 134 0 6 4 0 4 4 0 8 0 dirhash 1024 17 0 0 3 0 3 3 0 8 0 dino2pl 256 26962 0 25508 92 0 92 92 0 8 0 ffsino 272 26962 0 25508 98 0 98 98 0 8 0 nchpl 144 42473 0 40835 63 0 63 63 0 8 0 uvmvnodes 80 5926 0 0 121 0 121 121 0 8 0 vnodes 224 5926 0 0 349 0 349 349 0 8 0 namei 1024 174993 0 174993 4 3 1 2 0 8 1 percpumem 16 52 0 12 1 0 1 1 0 8 0 kstatmem 264 46 0 24 2 0 2 2 0 8 0 scxspl 216 89714 0 89714 34 33 1 8 0 8 1 plimitpl 152 2438 0 2415 9 7 2 2 0 8 1 sigapl 424 12196 0 12142 7 0 7 7 0 8 0 futexpl 64 113496 0 113492 3 2 1 1 0 8 0 knotepl 120 1087 0 0 25 4 21 21 0 8 0 kqueuepl 224 4065 0 4057 89 88 1 9 0 8 0 pipepl 336 2367 0 2339 79 76 3 11 0 8 0 fdescpl 496 12178 0 12143 7 2 5 6 0 8 0 filepl 152 129743 0 129504 244 228 16 22 0 8 4 lockfpl 104 1291 0 1288 1 0 1 1 0 8 0 lockfspl 48 425 0 422 1 0 1 1 0 8 0 sessionpl 144 35 0 19 1 0 1 1 0 8 0 pgrppl 48 152 0 136 1 0 1 1 0 8 0 ucredpl 104 62101 0 62083 1 0 1 1 0 8 0 zombiepl 144 12144 0 12142 3 2 1 1 0 8 0 processpl 1064 12196 0 12142 5 1 4 5 0 8 0 procpl 672 36913 0 36841 31 23 8 9 0 8 1 sosppl 168 364 0 364 17 16 1 1 0 8 1 sockpl 480 24967 0 24938 661 641 20 35 0 8 15 mcl64k 65536 42 0 0 3 0 3 3 0 8 0 mcl16k 16384 28 0 0 3 0 3 3 0 8 0 mcl12k 12288 49 0 0 3 1 2 2 0 8 0 mcl9k 9216 17 0 0 2 0 2 2 0 8 0 mcl8k 8192 29 0 0 3 1 2 3 0 8 0 mcl4k 4096 33 0 0 3 0 3 3 0 8 0 mcl2k2 2112 14 0 0 1 0 1 1 0 8 0 mcl2k 2048 488 0 0 39 16 23 39 0 8 0 mtagpl 96 2 0 0 1 0 1 1 0 8 0 mbufpl 256 1079 0 0 36 1 35 36 0 8 0 bufpl 288 20520 0 14192 453 0 453 453 0 8 0 anonpl 24 2400569 0 2387502 288 200 88 105 0 186 1 amapchunkpl 152 257400 0 256790 155 118 37 42 0 158 11 amappl16 200 32553 0 32197 172 152 20 32 0 8 0 amappl15 192 2559 0 2559 1 0 1 1 0 8 1 amappl14 184 2639 0 2630 1 0 1 1 0 8 0 amappl13 176 2114 0 2107 1 0 1 1 0 8 0 amappl12 168 327 0 323 2 1 1 1 0 8 0 amappl11 160 269 0 251 1 0 1 1 0 8 0 amappl10 152 1145 0 1135 1 0 1 1 0 8 0 amappl9 144 3465 0 3460 1 0 1 1 0 8 0 amappl8 136 3933 0 3788 5 0 5 5 0 8 0 amappl7 128 2929 0 2914 1 0 1 1 0 8 0 amappl6 120 3283 0 3259 2 1 1 2 0 8 0 amappl5 112 9511 0 9496 1 0 1 1 0 8 0 amappl4 104 4134 0 4092 3 1 2 2 0 8 0 amappl3 96 38247 0 38189 2 0 2 2 0 8 0 amappl2 88 15300 0 15221 3 1 2 3 0 8 0 amappl1 80 295301 0 294572 27 10 17 19 0 8 0 amappl 88 73808 0 73624 6 1 5 5 0 92 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 136 0 6 3 0 3 3 0 8 0 uaddrrnd 24 12178 0 12143 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 12178 0 12143 1 0 1 1 0 8 0 vmmpekpl 168 100883 0 100823 3 0 3 3 0 8 0 vmmpepl 168 1204777 0 1201955 289 157 132 139 0 357 5 vmsppl 368 12177 0 12143 4 0 4 4 0 8 0 rwobjpl 56 305681 0 298180 115 6 109 110 0 8 0 pdppl 4096 24363 0 24286 531 450 81 93 0 8 4 pvpl 32 4592017 0 4573638 514 347 167 244 0 265 11 pmappl 248 12177 0 12143 4 1 3 3 0 8 0 extentpl 40 58 0 38 1 0 1 1 0 8 0 phpool 112 1552 0 713 25 0 25 25 0 8 0 ddb{0}> machine ddbcpu 0 Invalid cpu 0 ddb{0}> trace db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:437 panic(ffffffff825a1086) at panic+0x177 sys/kern/subr_prf.c:202 __assert(ffffffff82613da6,ffffffff82617104,3f,ffffffff8264968f) at __assert+0x25 sys/kern/subr_prf.c:161 _kernel_lock() at _kernel_lock+0xb2 sys/kern/kern_lock.c:63 single_thread_check_locked(ffff800021268008,1,c) at single_thread_check_locked+0x1f6 sys/kern/kern_sig.c:2037 single_thread_check(ffff800021268008,1) at single_thread_check+0x4b sys/kern/kern_sig.c:2057 sleep_finish(ffff80002e44e190,1) at sleep_finish+0x75 sleep_signal_check sys/kern/kern_synch.c:464 [inline] sleep_finish(ffff80002e44e190,1) at sleep_finish+0x75 sys/kern/kern_synch.c:400 rwsleep(ffff800021268008,ffffffff8296a1a0,120,ffffffff82595f34,0) at rwsleep+0xd5 sys/kern/kern_synch.c:314 futex_wait(af7a7b3f1f0,3,0,2) at futex_wait+0x13c sys/kern/sys_futex.c:260 sys_futex(ffff800021268008,ffff80002e44e320,ffff80002e44e380) at sys_futex+0xf8 sys/kern/sys_futex.c:111 syscall(ffff80002e44e3f0) at syscall+0x484 mi_syscall sys/sys/syscall_mi.h:102 [inline] syscall(ffff80002e44e3f0) at syscall+0x484 sys/arch/amd64/amd64/trap.c:585 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xaf78c308a20, count: -12 ddb{0}> machine ddbcpu 1 Stopped at x86_ipi_db+0x1a: addq $0x8,%rsp x86_ipi_db(ffff800020de8ff0) at x86_ipi_db+0x1a sys/arch/amd64/amd64/db_interface.c:393 x86_ipi_handler() at x86_ipi_handler+0xb7 sys/arch/amd64/amd64/ipi.c:106 Xresume_lapic_ipi() at Xresume_lapic_ipi+0x23 __sanitizer_cov_trace_pc() at __sanitizer_cov_trace_pc+0x28 kd_curproc sys/dev/kcov.c:577 [inline] __sanitizer_cov_trace_pc() at __sanitizer_cov_trace_pc+0x28 sys/dev/kcov.c:148 __mp_lock(ffffffff82a151d8) at __mp_lock+0x133 __mp_lock_spin sys/kern/kern_lock.c:116 [inline] __mp_lock(ffffffff82a151d8) at __mp_lock+0x133 sys/kern/kern_lock.c:147 wakeup_n(ffffffff82ba36c0,ffffffff) at wakeup_n+0x37 uvm_pmr_freepages(fffffd8006ec0a60,1) at uvm_pmr_freepages+0x2ce sys/uvm/uvm_pmemrange.c:1303 uvm_km_pgremove(ffffffff82b0ba48,ffff80002e443000,ffff80002e449000) at uvm_km_pgremove+0x102 sys/uvm/uvm_km.c:271 uvm_unmap_kill_entry_withlock(ffffffff82addaa8,fffffd8070f5a200,1) at uvm_unmap_kill_entry_withlock+0x197 sys/uvm/uvm_map.c:2186 uvm_unmap_remove(ffffffff82addaa8,ffff80002e443000,ffff80002e449000,ffff800021249c20,0,1) at uvm_unmap_remove+0x3b9 sys/uvm/uvm_map.c:2263 uvm_unmap(ffffffff82addaa8,ffff80002e443000,ffff80002e449000) at uvm_unmap+0x92 vm_map_unlock_ln sys/uvm/uvm_map.c:5493 [inline] uvm_unmap(ffffffff82addaa8,ffff80002e443000,ffff80002e449000) at uvm_unmap+0x92 sys/uvm/uvm_map.c:2069 uvm_uarea_free(ffff8000fffef7a0) at uvm_uarea_free+0x35 sys/uvm/uvm_glue.c:288 reaper(ffff8000212437a8) at reaper+0x168 sys/kern/kern_exit.c:443 end trace frame: 0x0, count: 2 ddb{1}> trace x86_ipi_db(ffff800020de8ff0) at x86_ipi_db+0x1a sys/arch/amd64/amd64/db_interface.c:393 x86_ipi_handler() at x86_ipi_handler+0xb7 sys/arch/amd64/amd64/ipi.c:106 Xresume_lapic_ipi() at Xresume_lapic_ipi+0x23 __sanitizer_cov_trace_pc() at __sanitizer_cov_trace_pc+0x28 kd_curproc sys/dev/kcov.c:577 [inline] __sanitizer_cov_trace_pc() at __sanitizer_cov_trace_pc+0x28 sys/dev/kcov.c:148 __mp_lock(ffffffff82a151d8) at __mp_lock+0x133 __mp_lock_spin sys/kern/kern_lock.c:116 [inline] __mp_lock(ffffffff82a151d8) at __mp_lock+0x133 sys/kern/kern_lock.c:147 wakeup_n(ffffffff82ba36c0,ffffffff) at wakeup_n+0x37 uvm_pmr_freepages(fffffd8006ec0a60,1) at uvm_pmr_freepages+0x2ce sys/uvm/uvm_pmemrange.c:1303 uvm_km_pgremove(ffffffff82b0ba48,ffff80002e443000,ffff80002e449000) at uvm_km_pgremove+0x102 sys/uvm/uvm_km.c:271 uvm_unmap_kill_entry_withlock(ffffffff82addaa8,fffffd8070f5a200,1) at uvm_unmap_kill_entry_withlock+0x197 sys/uvm/uvm_map.c:2186 uvm_unmap_remove(ffffffff82addaa8,ffff80002e443000,ffff80002e449000,ffff800021249c20,0,1) at uvm_unmap_remove+0x3b9 sys/uvm/uvm_map.c:2263 uvm_unmap(ffffffff82addaa8,ffff80002e443000,ffff80002e449000) at uvm_unmap+0x92 vm_map_unlock_ln sys/uvm/uvm_map.c:5493 [inline] uvm_unmap(ffffffff82addaa8,ffff80002e443000,ffff80002e449000) at uvm_unmap+0x92 sys/uvm/uvm_map.c:2069 uvm_uarea_free(ffff8000fffef7a0) at uvm_uarea_free+0x35 sys/uvm/uvm_glue.c:288 reaper(ffff8000212437a8) at reaper+0x168 sys/kern/kern_exit.c:443 end trace frame: 0x0, count: -13