panic: pmap_san_enter_alloc_4k: no memory to grow shadow map cpuid = 1 time = 1678664972 KDB: stack backtrace: db_trace_self_wrapper() at db_trace_self_wrapper+0xc7/frame 0xfffffe00a44db9b0 kdb_backtrace() at kdb_backtrace+0xd1/frame 0xfffffe00a44dbb10 vpanic() at vpanic+0x254/frame 0xfffffe00a44dbbf0 panic() at panic+0xb5/frame 0xfffffe00a44dbcb0 pmap_san_enter_alloc_4k() at pmap_san_enter_alloc_4k+0x4b/frame 0xfffffe00a44dbcd0 pmap_san_enter() at pmap_san_enter+0x351/frame 0xfffffe00a44dbd20 kasan_shadow_map() at kasan_shadow_map+0x98/frame 0xfffffe00a44dbd40 pmap_growkernel() at pmap_growkernel+0xca/frame 0xfffffe00a44dbd90 vm_map_insert() at vm_map_insert+0x677/frame 0xfffffe00a44dbf00 vm_map_find() at vm_map_find+0x943/frame 0xfffffe00a44dbff0 kva_import() at kva_import+0xd4/frame 0xfffffe00a44dc0d0 vmem_try_fetch() at vmem_try_fetch+0x21d/frame 0xfffffe00a44dc1c0 vmem_xalloc() at vmem_xalloc+0x52b/frame 0xfffffe00a44dc280 kva_import_domain() at kva_import_domain+0x5f/frame 0xfffffe00a44dc2d0 vmem_try_fetch() at vmem_try_fetch+0x21d/frame 0xfffffe00a44dc3b0 vmem_xalloc() at vmem_xalloc+0x52b/frame 0xfffffe00a44dc470 vmem_alloc() at vmem_alloc+0x101/frame 0xfffffe00a44dc4d0 kmem_malloc_domainset() at kmem_malloc_domainset+0x175/frame 0xfffffe00a44dc5f0 keg_alloc_slab() at keg_alloc_slab+0x1d3/frame 0xfffffe00a44dc710 zone_import() at zone_import+0x2c9/frame 0xfffffe00a44dc8e0 cache_alloc() at cache_alloc+0x84a/frame 0xfffffe00a44dc9a0 cache_alloc_retry() at cache_alloc_retry+0x33/frame 0xfffffe00a44dc9f0 malloc() at malloc+0xdb/frame 0xfffffe00a44dca30 sigacts_alloc() at sigacts_alloc+0x21/frame 0xfffffe00a44dca50 do_fork() at do_fork+0x82e/frame 0xfffffe00a44dcb30 fork1() at fork1+0xb39/frame 0xfffffe00a44dcc30 sys_fork() at sys_fork+0xe3/frame 0xfffffe00a44dcd30 amd64_syscall() at amd64_syscall+0x410/frame 0xfffffe00a44dcf30 fast_syscall_common() at fast_syscall_common+0xf8/frame 0xfffffe00a44dcf30 --- syscall (198, FreeBSD ELF64, __syscall), rip = 0x28e66a, rsp = 0x82d5fbf08, rbp = 0x82d5fbf70 --- KDB: enter: panic [ thread pid 3901 tid 105521 ] Stopped at kdb_enter+0x6b: movq $0,0x25788aa(%rip) db> db> set $lines = 0 db> set $maxwidth = 0 db> show registers cs 0x20 ds 0x3b es 0x3b fs 0x13 gs 0x1b ss 0 rax 0x12 rcx 0xfffffe00033eee30 rdx 0xdffff7c000000000 rbx 0 rsp 0xfffffe00a44dbaf0 rbp 0xfffffe00a44dbb10 rsi 0x1 rdi 0 r8 0x3 r9 0xffffffff r10 0 r11 0 r12 0 r13 0xfffffe00a478b900 r14 0xffffffff82af8ec0 .str.26 r15 0xffffffff82af8ec0 .str.26 rip 0xffffffff817181eb kdb_enter+0x6b rflags 0x46 kdb_enter+0x6b: movq $0,0x25788aa(%rip) db> show proc Process 3901 (syz-executor.3) at 0xfffffe00a47ba010: state: NORMAL uid: 0 gids: 0, 0, 5 parent: pid 3065 at 0xfffffe0096333568 ABI: FreeBSD ELF64 flag: 0x10000000 flag2: 0 arguments: /root/syz-executor.3 exec reaper: 0xfffffe00541da010 reapsubtree: 1 sigparent: 20 vmspace: 0xfffffe00a481a000 (map 0xfffffe00a481a000) (map.pmap 0xfffffe00a481a0c0) (pmap 0xfffffe00a481a130) threads: 1 105521 Run CPU 1 syz-executor.3 db> ps pid ppid pgrp uid state wmesg wchan cmd 7667 7667 0 0 NW syz-executor.3 7666 7666 0 0 NW syz-executor.3 7665 7665 0 0 NW syz-executor.3 7664 7664 0 0 NW syz-executor.3 7663 7663 0 0 NW syz-executor.3 7662 7662 0 0 NW syz-executor.3 7661 7661 0 0 NW syz-executor.3 7660 7660 0 0 NW syz-executor.3 7659 1 0 0 NE rtsol 7658 7658 0 0 NW syz-executor.3 7657 7657 0 0 NW syz-executor.3 7656 7656 0 0 NW syz-executor.3 7655 7655 0 0 NW syz-executor.3 7654 7654 0 0 NW syz-executor.3 7653 7653 0 0 NW syz-executor.3 7652 7652 0 0 NW syz-executor.3 7651 7651 0 0 NW syz-executor.3 7650 7650 0 0 NW syz-executor.3 7649 7649 0 0 NW syz-executor.3 7648 7648 0 0 NW syz-executor.3 7647 7647 0 0 NW syz-executor.3 7646 7646 0 0 NW syz-executor.3 7645 7645 0 0 NW syz-executor.3 7644 7644 0 0 NW syz-executor.3 7643 7643 0 0 NW syz-executor.3 7642 7642 0 0 NW syz-executor.3 7641 7641 0 0 NW syz-executor.3 7640 7640 0 0 NW syz-executor.3 7639 7639 0 0 NW syz-executor.3 7638 7638 0 0 NW syz-executor.3 7637 7637 0 0 NW syz-executor.3 7636 7636 0 0 NW syz-executor.3 7635 7635 0 0 NW syz-executor.3 7634 7634 0 0 NW syz-executor.3 7633 7633 0 0 NW syz-executor.3 7632 7632 0 0 NW syz-executor.3 7631 7631 0 0 NW syz-executor.3 7630 7630 0 0 NW syz-executor.3 7629 7629 0 0 NW syz-executor.3 7628 7628 0 0 NW syz-executor.3 7627 7627 0 0 NW syz-executor.3 7626 7626 0 0 NW syz-executor.3 7625 7625 0 0 NW syz-executor.3 7624 7624 0 0 NW syz-executor.3 7623 7623 0 0 NW syz-executor.3 7622 7622 0 0 NW syz-executor.3 7621 7621 0 0 NW syz-executor.3 7620 7620 0 0 NW syz-executor.3 7619 7619 0 0 NW syz-executor.3 7618 7618 0 0 NW syz-executor.3 7617 7617 0 0 NW syz-executor.3 7616 7616 0 0 NW syz-executor.3 7615 7615 0 0 NW syz-executor.3 7614 7614 0 0 NW syz-executor.3 7613 7613 0 0 NW syz-executor.3 7612 7612 0 0 NW syz-executor.3 7611 7611 0 0 NW syz-executor.3 7610 7610 0 0 NW syz-executor.3 7609 7609 0 0 NW syz-executor.3 7608 7608 0 0 NW syz-executor.3 7607 7607 0 0 NW syz-executor.3 7606 7606 0 0 NW syz-executor.3 7605 7605 0 0 NW syz-executor.3 7604 7604 0 0 NW syz-executor.3 7603 7603 0 0 NW syz-executor.3 7602 7602 0 0 NW syz-executor.3 7601 7601 0 0 NW syz-executor.3 7600 7600 0 0 NW syz-executor.3 7599 7599 0 0 NW syz-executor.3 7598 7598 0 0 NW syz-executor.3 7597 7597 0 0 NW syz-executor.3 7596 7596 0 0 NW syz-executor.3 7595 7595 0 0 NW syz-executor.3 7594 7594 0 0 NW syz-executor.3 7593 7593 0 0 NW syz-executor.3 7592 7592 0 0 NW syz-executor.3 7591 7591 0 0 NW syz-executor.3 7590 7590 0 0 NW syz-executor.3 7589 7589 0 0 NW syz-executor.3 7588 7588 0 0 NW syz-executor.3 7587 7587 0 0 NW syz-executor.3 7586 2119 784 0 N syz-executor.3 7585 7585 0 0 NW syz-executor.3 7584 7584 0 0 NW syz-executor.3 7583 7583 0 0 NW syz-executor.3 7582 7582 0 0 NW syz-executor.3 7581 7581 0 0 NW syz-executor.3 7580 7580 0 0 NW syz-executor.3 7579 7579 0 0 NW syz-executor.3 7578 7578 0 0 NW syz-executor.3 7577 7577 0 0 NW syz-executor.3 7576 7576 0 0 NW syz-executor.3 7575 7575 0 0 NW syz-executor.3 7574 7574 0 0 NW syz-executor.3 7573 7573 0 0 NW syz-executor.3 7572 7572 0 0 NW syz-executor.3 7571 7571 0 0 NW syz-executor.3 7570 7570 0 0 NW syz-executor.3 7569 7569 0 0 NW syz-executor.3 7568 7568 0 0 NW syz-executor.3 7567 7567 0 0 NW syz-executor.3 7566 7566 0 0 NW syz-executor.3 7565 7565 0 0 NW syz-executor.3 7564 7564 0 0 NW syz-executor.3 7563 7563 0 0 NW syz-executor.3 7562 7562 0 0 NW syz-executor.3 7561 7561 0 0 NW syz-executor.3 7560 7560 0 0 NW syz-executor.3 7559 7559 0 0 NW syz-executor.3 7558 7558 0 0 NW syz-executor.3 7557 7557 0 0 NW syz-executor.3 7556 7556 0 0 NW syz-executor.3 7555 7555 0 0 NW syz-executor.3 7554 7554 0 0 NW syz-executor.3 7553 7553 0 0 NW syz-executor.3 7552 7552 0 0 NW syz-executor.3 7551 7551 0 0 NW syz-executor.3 7550 7550 0 0 NW syz-executor.3 7549 7549 0 0 NW syz-executor.3 7548 7548 0 0 NW syz-executor.3 7547 7547 0 0 NW syz-executor.3 7546 3260 784 0 N syz-executor.3 7545 1611 784 0 N syz-executor.3 7544 7544 0 0 NW syz-executor.3 7543 993 784 0 N syz-executor.3 7542 1034 784 0 N syz-executor.3 7541 3521 784 0 N syz-executor.3 7540 1202 784 0 N syz-executor.3 7539 4525 784 0 N syz-executor.3 7538 4514 784 0 N syz-executor.3 7537 4484 784 0 N syz-executor.3 7536 4270 784 0 N syz-executor.3 7535 4267 784 0 N syz-executor.3 7534 4300 784 0 N syz-executor.3 7533 4202 784 0 N syz-executor.3 7532 4201 784 0 N syz-executor.3 7531 4185 784 0 N syz-executor.3 7530 4177 784 0 N syz-executor.3 7529 4170 784 0 N syz-executor.3 7528 7528 0 0 NW syz-executor.3 7527 4158 784 0 N syz-executor.3 7526 4145 784 0 N syz-executor.3 7525 4111 784 0 N syz-executor.3 7524 4073 784 0 N syz-executor.3 7523 4119 784 0 N syz-executor.3 7522 4116 784 0 N syz-executor.3 7521 4094 784 0 N syz-executor.3 7520 4090 784 0 N syz-executor.3 7519 4071 784 0 N syz-executor.3 7518 4225 781 0 N syz-executor.0 7517 4162 781 0 N syz-executor.0 7516 4305 784 0 N syz-executor.3 7515 3990 784 0 N syz-executor.3 7514 3981 784 0 N syz-executor.3 7513 3969 784 0 N syz-executor.3 7512 7512 0 0 NW syz-executor.3 7511 3327 784 0 N syz-executor.3 7510 1911 784 0 N syz-executor.3 7509 3309 784 0 N syz-executor.3 7508 3292 784 0 N syz-executor.3 7507 2731 784 0 N syz-executor.3 7506 3291 784 0 N syz-executor.3 7505 3290 784 0 N syz-executor.3 7504 3243 784 0 N syz-executor.3 7503 3207 784 0 N syz-executor.3 7502 3199 784 0 N syz-executor.3 7501 3055 784 0 N syz-executor.3 7500 2896 784 0 N syz-executor.3 7499 3022 784 0 N syz-executor.3 7498 3087 784 0 N syz-executor.3 7497 2503 784 0 N syz-executor.3 7496 7496 0 0 NW syz-executor.3 7495 2545 784 0 N syz-executor.3 7494 3139 784 0 N syz-executor.3 7493 2520 784 0 N syz-executor.3 7492 2518 784 0 N syz-executor.3 7491 2514 784 0 N syz-executor.3 7490 2312 784 0 N syz-executor.3 7489 2201 784 0 N syz-executor.3 7488 2270 784 0 N syz-executor.3 7487 2105 784 0 N syz-executor.3 7486 1198 784 0 N syz-executor.3 7485 1176 784 0 N syz-executor.3 7484 1152 784 0 N syz-executor.3 7483 1060 784 0 N syz-executor.3 7482 1882 781 0 N syz-executor.0 7481 3882 784 0 N syz-executor.3 7480 7480 0 0 NW syz-executor.3 7479 3155 784 0 N syz-executor.3 7478 7478 0 0 NW syz-executor.3 7477 2732 784 0 N syz-executor.3 7476 2612 784 0 N syz-executor.3 7475 2831 784 0 N syz-executor.3 7474 2596 784 0 N syz-executor.3 7473 2707 784 0 N syz-executor.3 7472 2590 784 0 N syz-executor.3 7471 2704 784 0 N syz-executor.3 7470 2584 784 0 N syz-executor.3 7469 7469 0 0 NW syz-executor.3 7468 7468 0 0 NW syz-executor.3 7467 7467 0 0 NW syz-executor.3 7466 7466 0 0 NW syz-executor.3 7465 7465 0 0 NW syz-executor.3 7464 7464 0 0 NW syz-executor.3 7463 7463 0 0 NW syz-executor.3 7462 7462 0 0 NW syz-executor.3 7461 7461 0 0 NW syz-executor.3 7460 7460 0 0 NW syz-executor.3 7459 7459 0 0 NW syz-executor.3 7458 7458 0 0 NW