uvm_fault(0xffffffff81ea04f0, 0x7f810a0c1cb0, 0, 2) -> e kernel: page fault trap, code=0 Stopped at pmap_page_remove+0x295: xchgq %rax,0(%r12,%rcx,1) ddb{1}> ddb{1}> set $lines = 0 ddb{1}> show panic kernel page fault uvm_fault(0xffffffff81ea04f0, 0x7f810a0c1cb0, 0, 2) -> e pmap_page_remove(ffffff0005b61c00) at pmap_page_remove+0x295 _atomic_swap_64 sys/arch/amd64/compile/SYZKALLER/obj/machine/atomic.h:117 [inline] pmap_page_remove(ffffff0005b61c00) at pmap_page_remove+0x295 sys/arch/amd64/amd64/pmap.c:1740 end trace frame: 0xffff800021077aa0, count: 0 ddb{1}> trace pmap_page_remove(ffffff0005b61c00) at pmap_page_remove+0x295 _atomic_swap_64 sys/arch/amd64/compile/SYZKALLER/obj/machine/atomic.h:117 [inline] pmap_page_remove(ffffff0005b61c00) at pmap_page_remove+0x295 sys/arch/amd64/amd64/pmap.c:1740 uvm_anfree(0) at uvm_anfree+0x33 sys/uvm/uvm_anon.c:104 amap_wipeout(ffff800021077b30) at amap_wipeout+0x11d sys/uvm/uvm_amap.c:455 uvm_unmap_detach(0,ffffff006617a850) at uvm_unmap_detach+0xb7 sys/uvm/uvm_map.c:1549 uvm_map_teardown(ffff8000210a24c8) at uvm_map_teardown+0x22c sys/uvm/uvm_map.c:2650 uvmspace_free(ffff8000210b72e0) at uvmspace_free+0x4c sys/uvm/uvm_map.c:3501 uvm_exit(ffff8000210b72e0) at uvm_exit+0x1b sys/uvm/uvm_glue.c:289 reaper(0) at reaper+0x163 sys/kern/kern_exit.c:430 end trace frame: 0x0, count: -8 ddb{1}> show registers rdi 0xa rsi 0 rbp 0xffff800021077a70 rbx 0xffffff007f123700 rdx 0x1 rcx 0x7f8000000000 rax 0 r8 0xffffff0005130480 r9 0xffff800021077ae8 r10 0 r11 0xffffff00745f8eb8 r12 0x10a0c1cb0 r13 0xffffff006145b540 r14 0x80000000020c7000 r15 0xffffff0005b61c68 rip 0xffffffff812cbbe5 pmap_page_remove+0x295 cs 0x8 rflags 0x10246 __ALIGN_SIZE+0xf246 rsp 0xffff800021077a20 ss 0x10 pmap_page_remove+0x295: xchgq %rax,0(%r12,%rcx,1) ddb{1}> show proc PROC (reaper) pid=286958 stat=onproc flags process=14000 proc=200 pri=84, usrpri=84, nice=20 forw=0xffffffffffffffff, list=0xffff800021031518,0xffff8000210319d8 process=0xffff8000210715e8 user=0xffff800021072000, vmspace=0xffffffff81ea04f0 estcpu=34, cpticks=3, pctcpu=34.71 user=0, sys=3, intr=0 ddb{1}> ps PID TID PPID UID S FLAGS WAIT COMMAND 76424 25545 1 65534 3 0x10 biowait syz-executor0 36705 132862 0 0 3 0x14200 bored sosplice 23807 371373 1 65534 3 0x90 wait syz-executor1 72994 94476 99001 0 3 0x82 thrsleep syz-fuzzer 72994 263664 99001 0 3 0x4000082 nanosleep syz-fuzzer 72994 472858 99001 0 3 0x4000082 kqread syz-fuzzer 72994 184322 99001 0 3 0x4000082 thrsleep syz-fuzzer 72994 228928 99001 0 3 0x4000082 thrsleep syz-fuzzer 72994 49399 99001 0 3 0x4000082 thrsleep syz-fuzzer 72994 121519 99001 0 3 0x4000082 nanosleep syz-fuzzer 72994 359320 99001 0 3 0x4000082 thrsleep syz-fuzzer 72994 336975 99001 0 3 0x4000082 thrsleep syz-fuzzer 72994 491055 99001 0 3 0x4000082 thrsleep syz-fuzzer 72994 290561 99001 0 3 0x4000082 thrsleep syz-fuzzer 99001 372160 25220 0 3 0x10008a pause ksh 25220 329458 54434 0 3 0x92 select sshd 74131 119592 1 0 3 0x100083 ttyin getty 54434 518637 1 0 3 0x80 select sshd 31944 297955 42137 73 3 0x100010 biowait syslogd 42137 470970 1 0 3 0x100082 netio syslogd 91531 309773 1 77 3 0x100090 poll dhclient 22368 9159 1 0 3 0x80 poll dhclient 63780 316553 0 0 3 0x14200 pgzero zerothread 80598 332500 0 0 3 0x14200 aiodoned aiodoned 39732 39341 0 0 3 0x14200 syncer update 88414 20240 0 0 3 0x14200 cleaner cleaner *56242 286958 0 0 7 0x14200 reaper 16071 398448 0 0 3 0x14200 pgdaemon pagedaemon 19417 411010 0 0 3 0x14200 bored crynlk 77432 472171 0 0 3 0x14200 bored crypto 81419 251464 0 0 3 0x40014200 acpi0 acpi0 99041 128618 0 0 3 0x40014200 idle1 79315 387302 0 0 3 0x14200 bored softnet 80823 369376 0 0 3 0x14200 bored systqmp 67918 193968 0 0 3 0x14200 bored systq 83060 239326 0 0 3 0x40014200 bored softclock 33362 86125 0 0 7 0x40014200 idle0 1 492271 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper