uvm_fault(0xfffffd805b4859b0, 0x0, 0, 1) -> e fatal page fault in supervisor mode trap type 6 code 0 rip ffffffff812084c8 cs 8 rflags 10207 cr2 0 cpl 0 rsp ffff80003c4a0ae0 gsbase 0xffff8000299edff0 kgsbase 0x0 panic: trap type 6, code=0, pc=ffffffff812084c8 Starting stack trace... panic(ffffffff833a6674) at panic+0x1d0 sys/kern/subr_prf.c:229 kerntrap(ffff80003c4a0a30) at kerntrap+0x30b alltraps_kern_meltdown() at alltraps_kern_meltdown+0x7b dt_ioctl_record_stop(ffff8000017ab000) at dt_ioctl_record_stop+0x108 sys/dev/dt/dt_dev.c:586 dtclose(11e5f,81,2000,ffff8000ffff22a8) at dtclose+0x109 dt_pcb_purge sys/dev/dt/dt_dev.c:-1 [inline] dtclose(11e5f,81,2000,ffff8000ffff22a8) at dtclose+0x109 sys/dev/dt/dt_dev.c:232 spec_close(ffff80003c4a0be0) at spec_close+0x466 sys/kern/spec_vnops.c:-1 VOP_CLOSE(fffffd805c763038,81,fffffd80097fb1a0,ffff8000ffff22a8) at VOP_CLOSE+0x132 sys/kern/vfs_vops.c:156 vn_closefile(fffffd80653d7608,ffff8000ffff22a8) at vn_closefile+0x12b vn_close sys/kern/vfs_vnops.c:292 [inline] vn_closefile(fffffd80653d7608,ffff8000ffff22a8) at vn_closefile+0x12b sys/kern/vfs_vnops.c:615 fdrop(fffffd80653d7608,ffff8000ffff22a8) at fdrop+0x121 sys/kern/kern_descrip.c:1280 closef(fffffd80653d7608,ffff8000ffff22a8) at closef+0x192 sys/kern/kern_descrip.c:1264 fdfree(ffff8000ffff22a8) at fdfree+0x116 sys/kern/kern_descrip.c:1195 exit1(ffff8000ffff22a8,b,0,1) at exit1+0x576 sys/kern/kern_exit.c:215 sys_exit(ffff8000ffff22a8,ffff80003c4a0f50,ffff80003c4a0ea0) at sys_exit+0x1a sys/kern/kern_exit.c:-1 syscall(ffff80003c4a0f50) at syscall+0xb17 mi_syscall sys/sys/syscall_mi.h:176 [inline] syscall(ffff80003c4a0f50) at syscall+0xb17 sys/arch/amd64/amd64/trap.c:748 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x78de792d3630, count: 242 End of stack trace. WARNING: SPL NOT LOWERED ON TRAP EXIT 4 0 Stopped at proc_trampoline+0xc7: movl $0,%gs:0x688 TID PID UID PRFLAGS PFLAGS CPU COMMAND * 67024 94537 0 0 0x4000000 1 syz-executor 319927 28883 0 0x14000 0x200 0 reaper proc_trampoline() at proc_trampoline+0xc7 end trace frame: 0x0, count: 14 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb{1}> set $lines = 0 ddb{1}> set $maxwidth = 0 ddb{1}> show panic *cpu1: uvm_fault(0xfffffd805b4859b0, 0x0, 0, 1) -> e ddb{1}> trace proc_trampoline() at proc_trampoline+0xc7 end trace frame: 0x0, count: -1 ddb{1}> show registers rdi 0 rsi 0 rbp 0xffff80002a2a0410 rbx 0 rdx 0 rcx 0xffff8000ffff3238 rax 0x2a r8 0xffff80002a2a0340 r9 0 r10 0xda8039bfc5df015 r11 0x979703916d741d2f r12 0 r13 0 r14 0 r15 0 rip 0xffffffff8229c4c7 proc_trampoline+0xc7 cs 0x8 rflags 0x246 rsp 0xffff80002a2a0390 ss 0 proc_trampoline+0xc7: movl $0,%gs:0x688 ddb{1}> show proc PROC (syz-executor) tid=67024 pid=94537 tcnt=3 stat=onproc flags process=0 proc=4000000 runpri=86, usrpri=86, slppri=17, nice=20 wchan=0x0, wmesg=, ps_single=0x0 scnt=0 ecnt=0 forw=0xffffffffffffffff, list=0xffff80003c4462c0,0xffffffff8390dc48 process=0xffff80002a2a70d0 user=0xffff80002a29b000, vmspace=0xfffffd805b4853f8 estcpu=36, cpticks=1, pctcpu=0.0, user=0, sys=1, intr=0 ddb{1}> ps PID TID PPID UID S FLAGS WAIT COMMAND 25644 338933 11246 0 2 0 syz-executor 25644 471349 11246 0 2 0x4000000 syz-executor 94537 433307 6283 0 2 0 syz-executor 94537 179601 6283 0 3 0x4000080 kqread syz-executor *94537 67024 6283 0 7 0x4000000 syz-executor 67787 444388 80912 0 2 0 syz-executor 67787 516127 80912 0 2 0x4000000 syz-executor 60262 309820 71170 0 3 0x80 nanoslp syz-executor 60262 248015 71170 0 2 0x4000000 syz-executor 60262 20305 71170 0 3 0x4000080 fsleep syz-executor 38000 321081 65015 0 3 0x3000 suspend syz-executor 38000 401368 65015 0 3 0x4081000 biowait syz-executor 55208 220582 50100 60928 3 0x3010 suspend syz-executor 55208 391374 50100 60928 3 0x4081010 biowait syz-executor 55208 273993 50100 60928 3 0x4081010 inode syz-executor 55208 248755 50100 60928 3 0x4081010 inode syz-executor 55208 444084 50100 60928 3 0x4081010 inode syz-executor 71170 371181 58877 0 3 0x82 nanoslp syz-executor 311 400753 58877 0 3 0x2 biowait syz-executor 65015 132315 58877 0 3 0x82 nanoslp syz-executor 11246 455184 58877 0 3 0x82 nanoslp syz-executor 50100 220028 58877 0 3 0x82 wait syz-executor 6283 121234 58877 0 3 0x82 nanoslp syz-executor 80912 319976 58877 0 3 0x82 nanoslp syz-executor 54831 47304 58877 0 3 0x82 nanoslp syz-executor 17340 383578 0 0 3 0x14200 bored sosplice 84673 43995 1 0 3 0x100083 ttyin getty 58877 323147 40329 0 3 0x82 kqread syz-executor 40329 100317 3876 0 3 0x10008a sigsusp ksh 3876 372497 32724 0 3 0x98 kqread sshd-session 32724 188198 68747 0 3 0x92 kqread sshd-session 68747 117626 1 0 3 0x88 kqread sshd 6805 109705 84483 74 3 0x1100092 bpf pflogd 84483 133852 1 0 3 0x80 sbwait pflogd 46131 421520 75552 73 3 0x1100090 kqread syslogd 75552 387994 1 0 3 0x100082 sbwait syslogd 97714 366973 1 0 3 0x100080 kqread resolvd 11728 86678 0 0 3 0x14200 bored smr 95893 362397 0 0 3 0x14200 pgzero zerothread 89856 293072 0 0 3 0x14200 aiodoned aiodoned 50709 400278 0 0 3 0x14200 syncer update 58684 154722 0 0 3 0x14200 cleaner cleaner 28883 319927 0 0 7 0x14200 reaper 67003 14400 0 0 3 0x14200 pgdaemon pagedaemon 52934 515634 0 0 3 0x14200 bored viomb 52765 203926 0 0 3 0x40014200 acpi0 acpi0 64313 404859 0 0 3 0x40014200 idle1 12780 512704 0 0 3 0x14200 bored softnet7 9762 289255 0 0 3 0x14200 bored softnet6 79292 26736 0 0 3 0x14200 bored softnet5 7494 347440 0 0 3 0x14200 bored softnet4 61089 305015 0 0 3 0x14200 bored softnet3 68157 410890 0 0 3 0x14200 bored softnet2 46378 347697 0 0 3 0x14200 bored softnet1 8833 415592 0 0 3 0x14200 netlock softnet0 34383 463645 0 0 2 0x40014200 systqmp 21788 505885 0 0 3 0x14200 bored systq 75105 347213 0 0 3 0x14200 tmoslp softclockmp 2477 428459 0 0 3 0x40014200 tmoslp softclock 61031 494214 0 0 3 0x40014200 idle0 1 312933 0 0 3 0x80082 wait init 0 0 -1 0 3 0x10010200 scheduler swapper ddb{1}> show all locks Process 25644 (syz-executor) thread 0xffff80003c4462c0 (471349) Process 94537 (syz-executor) thread 0xffff8000ffff3238 (67024) Process 60262 (syz-executor) thread 0xffff8000ffff2d08 (248015) Process 38000 (syz-executor) thread 0xffff8000ffff2fa0 (401368) Process 55208 (syz-executor) thread 0xffff80002a2b8d10 (391374) Process 55208 (syz-executor) thread 0xffff800033408d18 (248755) Process 55208 (syz-executor) thread 0xffff80003c446a88 (444084) Process 311 (syz-executor) thread 0xffff800033408020 (400753) Process 28883 (reaper) thread 0xffff8000ffffc7d0 (319927) ddb{1}> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10272 11090K 15071K 166960K 19520 0 pcb 17 22K 38K 166960K 3076 0 rtable 263 19K 20K 166960K 3021 0 pf 42 18K 67486K 166960K 1091 0 ifaddr 43 10K 12K 166960K 655 0 ifgroup 70 2K 3K 166960K 1272 0 sysctl 4 1K 9K 166960K 115 0 counters 74 37K 38K 166960K 1662 0 ioctlops 0 0K 4K 166960K 4197 0 iov 0 0K 48K 166960K 1049 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1661 104K 105K 166960K 10431 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 136K 240K 166960K 94 0 VM map 2 1K 1K 166960K 2 0 sem 21 149K 245K 166960K 256 0 dirhash 12 2K 3K 166960K 231 0 ACPI 1692 195K 286K 166960K 12470 0 file desc 17 61K 240K 166960K 12470 0 sigio 2 0K 0K 166960K 309 0 proc 69 83K 164K 166960K 2692 0 subproc 72 4K 5K 166960K 330 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 0 0K 0K 166960K 2477 0 in_multi 68 5K 7K 166960K 803 0 ether_multi 1 0K 0K 166960K 142 0 mrt 1 0K 0K 166960K 70 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 259 1155K 1155K 166960K 259 0 exec 0 0K 1K 166960K 2757 0 fusefs mount 1 32K 32K 166960K 1 0 pfkey data 0 0K 0K 166960K 22 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 245 144K 180K 166960K 111182 0 UVM aobj 220 8K 8K 166960K 237 0 pinsyscall 36 72K 106K 166960K 14161 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 1K 166960K 820 0 NDP 15 0K 2K 166960K 523 0 temp 103 8652K 29644K 166960K 630898 0 kqueue 7 12K 38K 166960K 2482 0 SYN cache 2 8K 16K 166960K 3 0 ddb{1}> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle plcache 128 26 0 0 1 0 1 1 0 8 0 rtpcb 120 1484 0 1483 9 8 1 3 0 8 0 rtentry 176 911 0 828 5 0 5 5 0 8 0 unpcb 144 10496 0 10484 79 73 6 6 0 8 5 syncache 336 29 0 29 9 9 0 1 0 8 0 tcpqe 32 7 0 7 3 3 0 1 0 8 0 tcpcb 736 5468 0 5464 132 131 1 13 0 8 0 arp 128 170 0 152 1 0 1 1 0 8 0 inpcb 328 16821 0 16815 178 171 7 18 0 8 5 nd6 144 141 0 125 2 1 1 2 0 8 0 pkpcb 40 187 0 187 24 23 1 1 0 8 1 kcovpl 48 35 0 27 1 0 1 1 0 8 0 mppekey 1024 27 0 27 14 13 1 1 0 8 1 ppxss 1192 672 0 672 18 17 1 1 0 8 1 pppxif 1504 35 0 35 18 17 1 1 0 8 1 pffrag 232 125 0 115 1 0 1 1 0 482 0 pffrnode 88 111 0 102 1 0 1 1 0 8 0 pffrent 40 426 0 416 2 1 1 2 0 8 0 pfosfp 40 1428 0 1005 5 0 5 5 0 8 0 pfosfpen 112 1428 0 714 21 0 21 21 0 8 0 pfrktable 1344 44 0 44 9 9 0 1 0 8 0 pfstitem 24 960 0 812 2 0 2 2 0 8 0 pfstkey 128 960 0 812 6 0 6 6 0 8 0 pfstate 384 959 0 812 27 9 18 20 0 8 0 pfrule 1344 23 0 18 2 1 1 2 0 8 0 rttmr 136 13 0 13 8 8 0 1 0 8 0 art_heap8 4096 13 0 8 12 7 5 7 0 8 0 art_heap4 256 3050 0 2723 64 40 24 44 0 8 0 art_table 40 3063 0 2731 8 3 5 8 0 8 0 art_node 32 899 0 832 3 2 1 3 0 8 0 sysvmsgpl 40 17 0 15 3 2 1 1 0 8 0 semupl 112 3 0 3 3 3 0 1 0 8 0 semapl 112 241 0 222 1 0 1 1 0 8 0 shmpl 112 234 0 17 7 0 7 7 0 8 0 dirhash 1024 165 0 148 3 0 3 3 0 8 0 dino2pl 256 25762 0 24167 101 1 100 100 0 8 0 ffsino 296 25762 0 24167 124 0 124 124 0 8 0 nchpl 144 42925 0 42300 65 39 26 65 0 8 0 rtmask 32 112 0 112 21 21 0 1 0 8 0 uvmvnodes 80 29160 0 0 596 0 596 596 0 8 0 vnodes 216 29160 0 0 1620 0 1620 1620 0 8 0 namei 1024 155553 0 155549 16 15 1 2 0 8 0 percpumem 16 846 0 794 1 0 1 1 0 8 0 kstatmem 264 910 0 872 5 2 3 3 0 8 0 acpiwqpl 32 13 0 13 1 0 1 1 1 8 1 scsiplug 72 52 0 52 26 25 1 1 0 8 1 scxspl 216 327837 0 327834 40 39 1 8 1 8 0 plimitpl 152 3686 0 3667 1 0 1 1 0 8 0 sigapl 424 12616 0 12565 9 2 7 9 0 8 0 knotepl 120 1091 0 0 33 0 33 33 0 8 0 kqueuepl 224 5237 0 5229 44 39 5 6 0 8 3 pipepl 344 1848 0 1820 25 18 7 9 0 8 3 fdescpl 528 12535 0 12507 3 0 3 3 0 8 0 filepl 160 98688 0 98479 113 93 20 28 0 8 7 lockfpl 104 5874 0 5872 10 9 1 5 0 8 0 lockfspl 48 1938 0 1936 2 1 1 2 0 8 0 sessionpl 144 62 0 54 1 0 1 1 0 8 0 pgrppl 48 506 0 490 1 0 1 1 0 8 0 ucredpl 104 17479 0 17468 1 0 1 1 0 8 0 zombiepl 144 15875 0 15872 4 3 1 1 0 8 0 processpl 1248 12616 0 12565 6 1 5 6 0 8 0 procpl 664 33251 0 33188 9 2 7 8 0 8 0 srpgc 96 1 0 1 1 1 0 1 0 8 0 sosppl 168 73 0 73 23 22 1 1 0 8 1 sockpl 752 29563 0 29544 313 301 12 33 0 8 8 mcl64k 65536 26 0 0 4 0 4 4 0 8 0 mcl16k 16384 7 0 0 1 0 1 1 0 8 0 mcl12k 12288 4 0 0 1 0 1 1 0 8 0 mcl9k 9216 2 0 0 1 0 1 1 0 8 0 mcl8k 8192 7 0 0 1 0 1 1 0 8 0 mcl4k 4096 148 0 0 17 1 16 17 0 8 0 mcl2k2 2112 2 0 0 1 0 1 1 0 8 0 mcl2k 2048 146 0 0 13 2 11 11 0 8 0 mtagpl 96 41 0 0 1 0 1 1 0 8 0 mbufpl 256 8630 0 0 527 0 527 527 0 8 0 bufpl 280 138421 0 132277 440 0 440 440 0 8 0 anonpl 32 25661 0 0 205 0 205 205 0 246 0 amapchunkpl 152 395338 0 394577 135 100 35 39 0 158 0 amappl16 200 47618 0 46620 275 222 53 59 0 8 0 amappl15 192 4 0 4 3 3 0 1 0 8 0 amappl14 184 200 0 191 1 0 1 1 0 8 0 amappl13 176 8 0 7 1 0 1 1 0 8 0 amappl12 168 13635 0 13607 4 2 2 3 0 8 0 amappl11 160 53 0 45 1 0 1 1 0 8 0 amappl10 152 8 0 8 6 6 0 1 0 8 0 amappl9 144 261 0 261 2 2 0 1 0 8 0 amappl8 136 21 0 18 1 0 1 1 0 8 0 amappl7 128 181 0 171 1 0 1 1 0 8 0 amappl6 120 460 0 456 1 0 1 1 0 8 0 amappl5 112 228 0 220 1 0 1 1 0 8 0 amappl4 104 395 0 375 1 0 1 1 0 8 0 amappl3 96 83459 0 83348 5 1 4 4 0 8 0 amappl2 88 1241 0 1190 2 0 2 2 0 8 0 amappl1 80 62530 0 62026 18 3 15 15 0 8 0 amappl 88 107783 0 107594 5 0 5 5 0 92 0 dma65536 65536 1 0 1 1 1 0 1 0 8 0 dma32768 32768 36 0 36 4 4 0 1 0 8 0 dma16384 16384 2 0 2 2 2 0 1 0 8 0 dma8192 8192 2 0 2 2 2 0 1 0 8 0 dma4096 4096 3 0 3 3 3 0 1 0 8 0 dma2048 2048 1 0 1 1 1 0 1 0 8 0 dma1024 1024 4 0 3 1 0 1 1 0 8 0 dma512 512 3 0 3 3 3 0 1 0 8 0 dma256 256 12 0 12 6 6 0 1 0 8 0 dma128 128 275 0 275 17 17 0 1 0 8 0 dma64 64 11 0 11 6 6 0 1 0 8 0 dma32 32 8 0 8 2 2 0 1 0 8 0 dma16 16 57 0 56 1 0 1 1 0 8 0 aobjpl 72 236 0 17 4 0 4 4 0 8 0 uaddrrnd 24 12535 0 12507 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 12535 0 12507 1 0 1 1 0 8 0 vmmpekpl 168 82725 0 82668 4 0 4 4 0 8 0 vmmpepl 168 796978 0 794247 210 86 124 130 0 357 2 vmsppl 488 12534 0 12507 6 1 5 5 0 8 0 rwobjpl 80 220780 0 189589 643 6 637 637 0 8 0 pdppl 4096 25077 0 25014 181 116 65 87 0 8 2 pvpl 32 34055 0 0 272 0 272 272 0 265 0 pmappl 256 12534 0 12507 3 0 3 3 0 8 0 extentpl 40 45 0 27 1 0 1 1 0 8 0 phpool 112 1121 0 357 23 0 23 23 0 8 0 ddb{1}> machine ddbcpu 0 Stopped at x86_ipi_db+0x27: addq $0x8,%rsp x86_ipi_db(ffffffff83827ff0) at x86_ipi_db+0x27 sys/arch/amd64/amd64/db_interface.c:394 x86_ipi_handler() at x86_ipi_handler+0xd9 sys/arch/amd64/amd64/ipi.c:106 Xresume_lapic_ipi() at Xresume_lapic_ipi+0x27 __mp_lock(ffffffff8394fb18) at __mp_lock+0x192 __mp_lock_spin sys/kern/kern_lock.c:134 [inline] __mp_lock(ffffffff8394fb18) at __mp_lock+0x192 sys/kern/kern_lock.c:165 softintr_dispatch(2) at softintr_dispatch+0x125 sys/kern/kern_softintr.c:83 dosoftint(2) at dosoftint+0x54 sys/arch/amd64/amd64/intr.c:847 Xsofttty() at Xsofttty+0x27 __mp_lock(ffffffff8394fb18) at __mp_lock+0x19e __mp_lock_spin sys/kern/kern_lock.c:134 [inline] __mp_lock(ffffffff8394fb18) at __mp_lock+0x19e sys/kern/kern_lock.c:165 intr_handler(ffff80002a267d50,ffff800000079a80) at intr_handler+0xe9 sys/arch/amd64/amd64/intr.c:559 Xintr_ioapic_edge23_untramp() at Xintr_ioapic_edge23_untramp+0x18f pmap_tlb_shootrange(ffffffff838c3820,ffff80002a396000,ffff80002a39c000,1) at pmap_tlb_shootrange+0x5ab invpcid sys/arch/amd64/compile/SYZKALLER/obj/machine/cpufunc.h:192 [inline] pmap_tlb_shootrange(ffffffff838c3820,ffff80002a396000,ffff80002a39c000,1) at pmap_tlb_shootrange+0x5ab sys/arch/amd64/amd64/pmap.c:3314 pmap_do_remove(ffffffff838c3820,ffff80002a396000,ffff80002a39c000,0) at pmap_do_remove+0x6ae pmap_map_ptes sys/arch/amd64/amd64/pmap.c:427 [inline] pmap_do_remove(ffffffff838c3820,ffff80002a396000,ffff80002a39c000,0) at pmap_do_remove+0x6ae sys/arch/amd64/amd64/pmap.c:1824 uvm_unmap_kill_entry_withlock(ffffffff83985ed8,fffffd806bf362a8,1) at uvm_unmap_kill_entry_withlock+0x269 sys/uvm/uvm_map.c:1863 uvm_unmap_remove(ffffffff83985ed8,ffff80002a396000,ffff80002a39c000,ffff80002a268078,0,1,352683a7abad22d3) at uvm_unmap_remove+0x6b2 sys/uvm/uvm_map.c:2002 end trace frame: 0xffff80002a2680d0, count: 0 ddb{0}> trace x86_ipi_db(ffffffff83827ff0) at x86_ipi_db+0x27 sys/arch/amd64/amd64/db_interface.c:394 x86_ipi_handler() at x86_ipi_handler+0xd9 sys/arch/amd64/amd64/ipi.c:106 Xresume_lapic_ipi() at Xresume_lapic_ipi+0x27 __mp_lock(ffffffff8394fb18) at __mp_lock+0x192 __mp_lock_spin sys/kern/kern_lock.c:134 [inline] __mp_lock(ffffffff8394fb18) at __mp_lock+0x192 sys/kern/kern_lock.c:165 softintr_dispatch(2) at softintr_dispatch+0x125 sys/kern/kern_softintr.c:83 dosoftint(2) at dosoftint+0x54 sys/arch/amd64/amd64/intr.c:847 Xsofttty() at Xsofttty+0x27 __mp_lock(ffffffff8394fb18) at __mp_lock+0x19e __mp_lock_spin sys/kern/kern_lock.c:134 [inline] __mp_lock(ffffffff8394fb18) at __mp_lock+0x19e sys/kern/kern_lock.c:165 intr_handler(ffff80002a267d50,ffff800000079a80) at intr_handler+0xe9 sys/arch/amd64/amd64/intr.c:559 Xintr_ioapic_edge23_untramp() at Xintr_ioapic_edge23_untramp+0x18f pmap_tlb_shootrange(ffffffff838c3820,ffff80002a396000,ffff80002a39c000,1) at pmap_tlb_shootrange+0x5ab invpcid sys/arch/amd64/compile/SYZKALLER/obj/machine/cpufunc.h:192 [inline] pmap_tlb_shootrange(ffffffff838c3820,ffff80002a396000,ffff80002a39c000,1) at pmap_tlb_shootrange+0x5ab sys/arch/amd64/amd64/pmap.c:3314 pmap_do_remove(ffffffff838c3820,ffff80002a396000,ffff80002a39c000,0) at pmap_do_remove+0x6ae pmap_map_ptes sys/arch/amd64/amd64/pmap.c:427 [inline] pmap_do_remove(ffffffff838c3820,ffff80002a396000,ffff80002a39c000,0) at pmap_do_remove+0x6ae sys/arch/amd64/amd64/pmap.c:1824 uvm_unmap_kill_entry_withlock(ffffffff83985ed8,fffffd806bf362a8,1) at uvm_unmap_kill_entry_withlock+0x269 sys/uvm/uvm_map.c:1863 uvm_unmap_remove(ffffffff83985ed8,ffff80002a396000,ffff80002a39c000,ffff80002a268078,0,1,352683a7abad22d3) at uvm_unmap_remove+0x6b2 sys/uvm/uvm_map.c:2002 uvm_unmap(ffffffff83985ed8,ffff80002a396000,ffff80002a39c000) at uvm_unmap+0xa7 vm_map_unlock_ln sys/uvm/uvm_map.c:-1 [inline] uvm_unmap(ffffffff83985ed8,ffff80002a396000,ffff80002a39c000) at uvm_unmap+0xa7 sys/uvm/uvm_map.c:1793 km_free(ffff80002a396000,6000,ffffffff83753b70,ffffffff836417a0) at km_free+0x87 sys/uvm/uvm_km.c:831 uvm_uarea_free(ffff80003c4467f0) at uvm_uarea_free+0x4f sys/uvm/uvm_glue.c:304 reaper(ffff8000ffffc7d0) at reaper+0x1aa sys/kern/kern_exit.c:493 end trace frame: 0x0, count: -18 ddb{0}> machine ddbcpu 1 Stopped at proc_trampoline+0xc7: movl $0,%gs:0x688 proc_trampoline() at proc_trampoline+0xc7 end trace frame: 0x0, count: 14 ddb{1}> trace proc_trampoline() at proc_trampoline+0xc7 end trace frame: 0x0, count: -1