panic: kernel diagnostic assertion "va >= entry->start" failed: file "/syzkaller/managers/setuid/kernel/sys/uvm/uvm_fault.c", line 1739 Stopped at db_enter+0x25: addq $0x8,%rsp TID PID UID PRFLAGS PFLAGS CPU COMMAND 462656 28736 32767 0x10 0 1 syz-executor * 46871 28736 32767 0x10 0x4000000 0K syz-executor db_enter() at db_enter+0x25 sys/arch/amd64/amd64/db_interface.c:438 panic(ffffffff8343e1b1) at panic+0x1e5 sys/kern/subr_prf.c:198 __assert(ffffffff833e9664,ffffffff8342da84,6cb,ffffffff83340820) at __assert+0x29 uvm_fault_unwire_locked(fffffd806bdf1918,400000000000,400000003000) at uvm_fault_unwire_locked+0x4c1 uvm_fault_wire(fffffd806bdf1918,400000000000,400000011000,3) at uvm_fault_wire+0x12d uvm_fault_unwire sys/uvm/uvm_fault.c:1702 [inline] uvm_fault_wire(fffffd806bdf1918,400000000000,400000011000,3) at uvm_fault_wire+0x12d sys/uvm/uvm_fault.c:1684 sysctl_vslock(4000000001c0,ffb5) at sysctl_vslock+0x109 sys/kern/kern_sysctl.c:197 kern_sysctl_dirs(4e,ffff80002a44c738,1,4000000001c0,ffff80002a44c768,0,bc774b7cdf0f815c,1) at kern_sysctl_dirs+0x266 sys/kern/kern_sysctl.c:428 kern_sysctl(ffff80002a44c734,2,4000000001c0,ffff80002a44c768,0,37,ee79e8ace615be7b) at kern_sysctl+0x12d sys/kern/kern_sysctl.c:526 sys_sysctl(ffff8000ffff7730,ffff80002a44c8a0,ffff80002a44c7f0) at sys_sysctl+0x425 syscall(ffff80002a44c8a0) at syscall+0xbc6 mi_syscall sys/sys/syscall_mi.h:176 [inline] syscall(ffff80002a44c8a0) at syscall+0xbc6 sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x7dc020b450, count: 4 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb{0}> ddb{0}> set $lines = 0 ddb{0}> set $maxwidth = 0 ddb{0}> show panic *cpu0: kernel diagnostic assertion "va >= entry->start" failed: file "/syzkaller/managers/setuid/kernel/sys/uvm/uvm_fault.c", line 1739 ddb{0}> trace db_enter() at db_enter+0x25 sys/arch/amd64/amd64/db_interface.c:438 panic(ffffffff8343e1b1) at panic+0x1e5 sys/kern/subr_prf.c:198 __assert(ffffffff833e9664,ffffffff8342da84,6cb,ffffffff83340820) at __assert+0x29 uvm_fault_unwire_locked(fffffd806bdf1918,400000000000,400000003000) at uvm_fault_unwire_locked+0x4c1 uvm_fault_wire(fffffd806bdf1918,400000000000,400000011000,3) at uvm_fault_wire+0x12d uvm_fault_unwire sys/uvm/uvm_fault.c:1702 [inline] uvm_fault_wire(fffffd806bdf1918,400000000000,400000011000,3) at uvm_fault_wire+0x12d sys/uvm/uvm_fault.c:1684 sysctl_vslock(4000000001c0,ffb5) at sysctl_vslock+0x109 sys/kern/kern_sysctl.c:197 kern_sysctl_dirs(4e,ffff80002a44c738,1,4000000001c0,ffff80002a44c768,0,bc774b7cdf0f815c,1) at kern_sysctl_dirs+0x266 sys/kern/kern_sysctl.c:428 kern_sysctl(ffff80002a44c734,2,4000000001c0,ffff80002a44c768,0,37,ee79e8ace615be7b) at kern_sysctl+0x12d sys/kern/kern_sysctl.c:526 sys_sysctl(ffff8000ffff7730,ffff80002a44c8a0,ffff80002a44c7f0) at sys_sysctl+0x425 syscall(ffff80002a44c8a0) at syscall+0xbc6 mi_syscall sys/sys/syscall_mi.h:176 [inline] syscall(ffff80002a44c8a0) at syscall+0xbc6 sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x7dc020b450, count: -11 ddb{0}> show registers rdi 0 rsi 0x1 rbp 0xffff80002a44c2a0 rbx 0xffffffff837bedc7 cpu_info_full_primary+0x2dc7 rdx 0 rcx 0xffff8000ffff7730 rax 0xffffffff837bdff0 cpu_info_full_primary+0x1ff0 r8 0x101010101010101 r9 0x8080808080808080 r10 0xf5006a22992aeadc r11 0x9f1ce1d97395e818 r12 0xffffffff837bebc8 cpu_info_full_primary+0x2bc8 r13 0 r14 0 r15 0x1 rip 0xffffffff81c4f0b5 db_enter+0x25 cs 0x8 rflags 0x246 rsp 0xffff80002a44c290 ss 0x10 db_enter+0x25: addq $0x8,%rsp ddb{0}> show proc PROC (syz-executor) tid=46871 pid=28736 tcnt=4 stat=onproc flags process=10 proc=4000000 runpri=36, usrpri=86, slppri=36, nice=20 wchan=0x0, wmesg=, ps_single=0x0 scnt=0 ecnt=0 forw=0xffffffffffffffff, list=0xffff8000ffff6020,0xffff8000ffff6a70 process=0xffff80003ace8b80 user=0xffff80002a447000, vmspace=0xfffffd806bdf1918 estcpu=36, cpticks=1, pctcpu=0.0, user=0, sys=1, intr=0 ddb{0}> ps PID TID PPID UID S FLAGS WAIT COMMAND 28736 462656 96808 32767 7 0x10 syz-executor *28736 46871 96808 32767 7 0x4000010 syz-executor 28736 263929 96808 32767 2 0x4000010 syz-executor 28736 371174 96808 32767 2 0x4000010 syz-executor 45444 202848 90469 32767 2 0x10 syz-executor 45499 170008 72685 0 2 0x2 syz-executor 6479 179147 0 0 3 0x14200 bored sosplice 87645 286873 56722 32767 3 0x90 wait syz-executor 85161 152746 46269 32767 3 0x90 piperd syz-executor 90469 152250 14856 32767 2 0x490 syz-executor 37064 280883 11384 32767 3 0x90 wait syz-executor 96808 452997 19651 32767 2 0x490 syz-executor 81046 234522 71841 32767 2 0x10 syz-executor 56722 99012 72685 0 3 0x82 wait syz-executor 46269 497251 72685 0 3 0x82 wait syz-executor 11384 273101 72685 0 3 0x82 wait syz-executor 14856 471043 72685 0 3 0x82 wait syz-executor 19651 249807 72685 0 3 0x82 wait syz-executor 71841 237814 72685 0 3 0x82 wait syz-executor 72685 495400 85833 0 3 0x82 nanoslp syz-executor 85833 98246 77984 0 3 0x10008a sigsusp ksh 77984 45352 61529 0 3 0x98 kqread sshd-session 61529 249819 35411 0 3 0x92 kqread sshd-session 87785 403188 1 0 3 0x100083 ttyin getty 35411 363143 1 0 3 0x88 kqread sshd 81274 175122 78968 73 3 0x1100090 kqread syslogd 78968 344574 1 0 3 0x100082 sbwait syslogd 8989 464141 1 0 3 0x100080 kqread resolvd 46036 348466 11346 77 3 0x100092 kqread dhcpleased 83162 483720 11346 77 3 0x100092 kqread dhcpleased 11346 307622 1 0 3 0x80 kqread dhcpleased 26099 434719 0 0 3 0x14200 bored smr 1823 359136 0 0 2 0x14200 zerothread 73845 282773 0 0 3 0x14200 aiodoned aiodoned 82889 139999 0 0 3 0x14200 syncer update 19868 489699 0 0 3 0x14200 cleaner cleaner 71339 458278 0 0 3 0x14200 reaper reaper 65485 61659 0 0 3 0x14200 pgdaemon pagedaemon 10144 180267 0 0 3 0x14200 bored viomb 91477 339643 0 0 3 0x40014200 acpi0 acpi0 52092 431483 0 0 3 0x40014200 idle1 97568 129643 0 0 3 0x14200 bored softnet3 55260 372855 0 0 3 0x14200 bored softnet2 21297 69594 0 0 3 0x14200 bored softnet1 77723 491386 0 0 3 0x14200 bored softnet0 303 202927 0 0 3 0x14200 bored systqmp 81526 80510 0 0 3 0x14200 bored systq 19120 447545 0 0 3 0x14200 tmoslp softclockmp 15439 229952 0 0 3 0x40014200 tmoslp softclock 47866 350482 0 0 3 0x40014200 idle0 1 376871 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb{0}> show all locks Process 28736 (syz-executor) thread 0xffff8000ffff6020 (462656) exclusive rwlock uobjlk r = 0 (0xfffffd806c77d298) #0 witness_lock+0x5bb stacktrace_save sys/sys/stacktrace.h:37 [inline] #0 witness_lock+0x5bb sys/kern/subr_witness.c:1155 #1 rw_do_enter_write+0x3ea sys/kern/kern_rwlock.c:316 #2 uvm_fault+0x1e9 sys/uvm/uvm_fault.c:690 #3 upageflttrap+0xa9 sys/arch/amd64/amd64/trap.c:188 #4 usertrap+0x2d8 sys/arch/amd64/amd64/trap.c:436 #5 recall_trap+0x8 shared rwlock vmmaplk r = 0 (0xfffffd806bdf1a18) #0 witness_lock+0x5bb stacktrace_save sys/sys/stacktrace.h:37 [inline] #0 witness_lock+0x5bb sys/kern/subr_witness.c:1155 #1 rw_do_enter_read+0x3af sys/kern/kern_rwlock.c:405 #2 uvmfault_lookup+0x122 sys/uvm/uvm_fault.c:1864 #3 uvm_fault_check+0x4b sys/uvm/uvm_fault.c:732 #4 uvm_fault+0x106 sys/uvm/uvm_fault.c:668 #5 upageflttrap+0xa9 sys/arch/amd64/amd64/trap.c:188 #6 usertrap+0x2d8 sys/arch/amd64/amd64/trap.c:436 #7 recall_trap+0x8 Process 28736 (syz-executor) thread 0xffff8000ffff7730 (46871) exclusive rwlock amaplk r = 0 (0xfffffd805ee30d98) #0 witness_lock+0x5bb stacktrace_save sys/sys/stacktrace.h:37 [inline] #0 witness_lock+0x5bb sys/kern/subr_witness.c:1155 #1 rw_do_enter_write+0x3ea sys/kern/kern_rwlock.c:316 #2 uvm_map_lock_entry+0x51 sys/uvm/uvm_map.c:464 #3 uvm_fault_unwire_locked+0x253 sys/uvm/uvm_fault.c:1758 #4 uvm_fault_wire+0x12d uvm_fault_unwire sys/uvm/uvm_fault.c:1702 [inline] #4 uvm_fault_wire+0x12d sys/uvm/uvm_fault.c:1684 #5 sysctl_vslock+0x109 sys/kern/kern_sysctl.c:197 #6 kern_sysctl_dirs+0x266 sys/kern/kern_sysctl.c:428 #7 kern_sysctl+0x12d sys/kern/kern_sysctl.c:526 #8 sys_sysctl+0x425 #9 syscall+0xbc6 mi_syscall sys/sys/syscall_mi.h:176 [inline] #9 syscall+0xbc6 sys/arch/amd64/amd64/trap.c:577 #10 Xsyscall+0x128 shared rwlock vmmaplk r = 0 (0xfffffd806bdf1a18) #0 witness_lock+0x5bb stacktrace_save sys/sys/stacktrace.h:37 [inline] #0 witness_lock+0x5bb sys/kern/subr_witness.c:1155 #1 rw_do_enter_read+0x3af sys/kern/kern_rwlock.c:405 #2 uvm_fault_wire+0x116 uvm_fault_unwire sys/uvm/uvm_fault.c:1701 [inline] #2 uvm_fault_wire+0x116 sys/uvm/uvm_fault.c:1684 #3 sysctl_vslock+0x109 sys/kern/kern_sysctl.c:197 #4 kern_sysctl_dirs+0x266 sys/kern/kern_sysctl.c:428 #5 kern_sysctl+0x12d sys/kern/kern_sysctl.c:526 #6 sys_sysctl+0x425 #7 syscall+0xbc6 mi_syscall sys/sys/syscall_mi.h:176 [inline] #7 syscall+0xbc6 sys/arch/amd64/amd64/trap.c:577 #8 Xsyscall+0x128 exclusive kernel_lock &kernel_lock r = 0 (0xffffffff839a2370) #0 witness_lock+0x5bb stacktrace_save sys/sys/stacktrace.h:37 [inline] #0 witness_lock+0x5bb sys/kern/subr_witness.c:1155 #1 __mp_acquire_count+0x58 #2 mi_switch+0x4b7 sys/kern/sched_bsd.c:441 #3 sleep_finish+0x24f sys/kern/kern_synch.c:414 #4 rw_do_enter_read+0x2de sys/kern/kern_rwlock.c:385 #5 uvmfault_lookup+0x122 sys/uvm/uvm_fault.c:1864 #6 uvm_fault_check+0x4b sys/uvm/uvm_fault.c:732 #7 uvm_fault+0x106 sys/uvm/uvm_fault.c:668 #8 uvm_fault_wire+0x73 sys/uvm/uvm_fault.c:1681 #9 sysctl_vslock+0x109 sys/kern/kern_sysctl.c:197 #10 kern_sysctl_dirs+0x266 sys/kern/kern_sysctl.c:428 #11 kern_sysctl+0x12d sys/kern/kern_sysctl.c:526 #12 sys_sysctl+0x425 #13 syscall+0xbc6 mi_syscall sys/sys/syscall_mi.h:176 [inline] #13 syscall+0xbc6 sys/arch/amd64/amd64/trap.c:577 #14 Xsyscall+0x128 exclusive rwlock sysctllk r = 0 (0xffffffff8380b1a8) #0 witness_lock+0x5bb stacktrace_save sys/sys/stacktrace.h:37 [inline] #0 witness_lock+0x5bb sys/kern/subr_witness.c:1155 #1 rw_do_enter_write+0x3ea sys/kern/kern_rwlock.c:316 #2 sysctl_vslock+0x45 sys/kern/kern_sysctl.c:187 #3 kern_sysctl_dirs+0x266 sys/kern/kern_sysctl.c:428 #4 kern_sysctl+0x12d sys/kern/kern_sysctl.c:526 #5 sys_sysctl+0x425 #6 syscall+0xbc6 mi_syscall sys/sys/syscall_mi.h:176 [inline] #6 syscall+0xbc6 sys/arch/amd64/amd64/trap.c:577 #7 Xsyscall+0x128 Process 81046 (syz-executor) thread 0xffff8000ffff8a58 (234522) exclusive rrwlock inode r = 0 (0xfffffd806be1cee0) #0 witness_lock+0x5bb stacktrace_save sys/sys/stacktrace.h:37 [inline] #0 witness_lock+0x5bb sys/kern/subr_witness.c:1155 #1 rw_do_enter_write+0x3ea sys/kern/kern_rwlock.c:316 #2 rrw_enter+0xc6 sys/kern/kern_rwlock.c:616 #3 VOP_LOCK+0xa6 sys/kern/vfs_vops.c:524 #4 vn_lock+0xa4 sys/kern/vfs_vnops.c:570 #5 vget+0x2bd sys/kern/vfs_subr.c:694 #6 ufs_ihashget+0x185 sys/ufs/ufs/ufs_ihash.c:98 #7 ffs_vget+0x8c sys/ufs/ffs/ffs_vfsops.c:1201 #8 ufs_lookup+0x19f8 sys/ufs/ufs/ufs_lookup.c:478 #9 VOP_LOOKUP+0x6e sys/kern/vfs_vops.c:85 #10 vfs_lookup+0x8fa sys/kern/vfs_lookup.c:566 #11 namei+0x7aa sys/kern/vfs_lookup.c:250 #12 dounlinkat+0xc1 sys/kern/vfs_syscalls.c:1860 #13 syscall+0xb08 mi_syscall sys/sys/syscall_mi.h:176 [inline] #13 syscall+0xb08 sys/arch/amd64/amd64/trap.c:577 #14 Xsyscall+0x128 exclusive rrwlock inode r = 0 (0xfffffd806d5f7aa0) #0 witness_lock+0x5bb stacktrace_save sys/sys/stacktrace.h:37 [inline] #0 witness_lock+0x5bb sys/kern/subr_witness.c:1155 #1 rw_do_enter_write+0x3ea sys/kern/kern_rwlock.c:316 #2 rrw_enter+0xc6 sys/kern/kern_rwlock.c:616 #3 VOP_LOCK+0xa6 sys/kern/vfs_vops.c:524 #4 vn_lock+0xa4 sys/kern/vfs_vnops.c:570 #5 vfs_lookup+0x109 sys/kern/vfs_lookup.c:418 #6 namei+0x7aa sys/kern/vfs_lookup.c:250 #7 dounlinkat+0xc1 sys/kern/vfs_syscalls.c:1860 #8 syscall+0xb08 mi_syscall sys/sys/syscall_mi.h:176 [inline] #8 syscall+0xb08 sys/arch/amd64/amd64/trap.c:577 #9 Xsyscall+0x128 ddb{0}> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10208 10953K 10966K 166960K 11295 0 pcb 17 12K 12K 166960K 17 0 rtable 190 5K 6K 166960K 352 0 pf 27 16K 16K 166960K 31 0 ifaddr 34 6K 7K 166960K 44 0 ifgroup 42 1K 2K 166960K 50 0 sysctl 3 1K 1K 166960K 4 0 counters 60 35K 36K 166960K 64 0 ioctlops 0 0K 2K 166960K 33 0 iov 0 0K 12K 166960K 15 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1332 84K 84K 166960K 1551 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 1K 9K 166960K 8 0 VM map 2 1K 1K 166960K 2 0 sem 11 1K 1K 166960K 13 0 dirhash 12 2K 2K 166960K 12 0 ACPI 1692 195K 286K 166960K 12470 0 file desc 19 66K 129K 166960K 384 0 proc 58 79K 127K 166960K 496 0 subproc 54 3K 4K 166960K 270 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 0 0K 0K 166960K 29 0 in_multi 77 5K 7K 166960K 104 0 ether_multi 1 0K 0K 166960K 2 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 229 1023K 1023K 166960K 229 0 exec 0 0K 1K 166960K 385 0 fusefs mount 1 32K 32K 166960K 1 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 191 61K 84K 166960K 4387 0 UVM aobj 11 4K 6K 166960K 12 0 pinsyscall 40 80K 116K 166960K 1391 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 0K 166960K 8 0 NDP 9 0K 2K 166960K 27 0 temp 32 8639K 8703K 166960K 4721 0 kqueue 13 20K 28K 166960K 53 0 SYN cache 2 16K 16K 166960K 2 0 ddb{0}> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle plcache 128 24 0 0 1 0 1 1 0 8 0 rtpcb 120 80 0 77 2 0 2 2 0 8 1 rtentry 168 112 0 24 5 0 5 5 0 8 0 unpcb 144 133 0 116 2 0 2 2 0 8 1 syncache 336 6 0 6 1 0 1 1 0 8 1 tcpqe 32 2 0 2 1 0 1 1 0 8 1 tcpcb 808 134 0 126 8 0 8 8 0 8 6 arp 120 18 0 4 1 0 1 1 0 8 0 inpcb 376 253 0 242 9 0 9 9 0 8 7 nd6 136 25 0 7 1 0 1 1 0 8 0 kcovpl 48 30 0 24 1 0 1 1 0 8 0 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 467 0 103 30 0 30 30 0 8 3 art_table 32 468 0 103 4 0 4 4 0 8 0 art_node 16 111 0 31 1 0 1 1 0 8 0 sysvmsgpl 40 3 0 3 1 0 1 1 0 8 1 semupl 112 2 0 2 1 0 1 1 0 8 1 semapl 112 10 0 1 1 0 1 1 0 8 0 shmpl 112 9 0 1 1 0 1 1 0 8 0 dirhash 1024 17 0 0 3 0 3 3 0 8 0 dino2pl 256 1781 0 254 96 0 96 96 0 8 0 ffsino 280 1781 0 254 110 0 110 110 0 8 0 nchpl 144 2189 0 493 63 0 63 63 0 8 0 uvmvnodes 80 2060 0 0 43 0 43 43 0 8 0 vnodes 216 2060 0 0 115 0 115 115 0 8 0 namei 1024 7221 0 7221 1 0 1 1 0 8 1 percpumem 16 46 0 2 1 0 1 1 0 8 0 kstatmem 264 22 0 4 2 0 2 2 0 8 0 scxspl 216 6925 0 6925 3 2 1 2 1 8 1 plimitpl 152 111 0 90 2 0 2 2 0 8 1 sigapl 424 614 0 564 8 0 8 8 0 8 0 futexpl 64 2041 0 2041 1 0 1 1 0 8 1 knotepl 120 339 0 0 11 0 11 11 0 8 0 kqueuepl 216 73 0 64 1 0 1 1 0 8 0 pipepl 328 187 0 160 3 0 3 3 0 8 0 fdescpl 504 595 0 564 7 1 6 6 0 8 0 filepl 152 2890 0 2703 12 0 12 12 0 8 1 lockfpl 104 48 0 46 1 0 1 1 0 8 0 lockfspl 48 21 0 19 1 0 1 1 0 8 0 sessionpl 144 45 0 31 1 0 1 1 0 8 0 pgrppl 48 84 0 63 1 0 1 1 0 8 0 ucredpl 104 375 0 358 1 0 1 1 0 8 0 zombiepl 144 566 0 564 1 0 1 1 0 8 0 processpl 1168 614 0 564 5 0 5 5 0 8 0 procpl 656 894 0 841 7 0 7 7 0 8 1 sosppl 168 2 0 2 1 0 1 1 0 8 1 sockpl 688 466 0 435 10 0 10 10 0 8 5 mcl64k 65536 1 0 0 1 0 1 1 0 8 0 mcl8k 8192 3 0 0 1 0 1 1 0 8 0 mcl4k 4096 113 0 0 15 0 15 15 0 8 0 mcl2k 2048 20 0 0 3 0 3 3 0 8 0 mtagpl 96 3 0 0 1 0 1 1 0 8 0 mbufpl 256 205 0 0 13 0 13 13 0 8 0 bufpl 280 2505 0 124 171 0 171 171 0 8 0 anonpl 24 136430 0 131531 56 0 56 56 0 184 18 amapchunkpl 152 14402 0 13873 34 0 34 34 0 158 5 amappl16 200 2715 0 2699 20 10 10 14 0 8 8 amappl15 192 4 0 4 1 1 0 1 0 8 0 amappl14 184 112 0 102 1 0 1 1 0 8 0 amappl13 176 23 0 23 1 1 0 1 0 8 0 amappl12 168 1192 0 1161 2 0 2 2 0 8 0 amappl11 160 46 0 36 1 0 1 1 0 8 0 amappl10 152 9 0 9 1 1 0 1 0 8 0 amappl9 144 247 0 247 1 1 0 1 0 8 0 amappl8 136 40 0 39 1 0 1 1 0 8 0 amappl7 128 96 0 86 1 0 1 1 0 8 0 amappl6 120 192 0 189 1 0 1 1 0 8 0 amappl5 112 118 0 112 1 0 1 1 0 8 0 amappl4 104 277 0 263 1 0 1 1 0 8 0 amappl3 96 2340 0 2244 4 0 4 4 0 8 0 amappl2 88 616 0 559 2 0 2 2 0 8 0 amappl1 80 8499 0 7969 16 0 16 16 0 8 2 amappl 88 4012 0 3868 6 0 6 6 0 92 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 11 0 1 1 0 1 1 0 8 0 uaddrrnd 24 595 0 564 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 595 0 564 1 0 1 1 0 8 0 vmmpekpl 168 7103 0 7055 3 0 3 3 0 8 0 vmmpepl 168 43454 0 41752 103 0 103 103 0 357 12 vmsppl 456 594 0 564 7 1 6 6 0 8 1 rwobjpl 64 17195 0 14350 51 1 50 50 0 8 3 pdppl 4096 1198 0 1128 112 38 74 100 0 8 4 pvpl 32 16283 0 0 132 0 132 132 0 265 0 pmappl 248 594 0 564 4 1 3 3 0 8 0 extentpl 40 55 0 38 1 0 1 1 0 8 0 phpool 112 300 0 41 8 0 8 8 0 8 0 ddb{0}> machine ddbcpu 0 Invalid cpu 0 ddb{0}> trace db_enter() at db_enter+0x25 sys/arch/amd64/amd64/db_interface.c:438 panic(ffffffff8343e1b1) at panic+0x1e5 sys/kern/subr_prf.c:198 __assert(ffffffff833e9664,ffffffff8342da84,6cb,ffffffff83340820) at __assert+0x29 uvm_fault_unwire_locked(fffffd806bdf1918,400000000000,400000003000) at uvm_fault_unwire_locked+0x4c1 uvm_fault_wire(fffffd806bdf1918,400000000000,400000011000,3) at uvm_fault_wire+0x12d uvm_fault_unwire sys/uvm/uvm_fault.c:1702 [inline] uvm_fault_wire(fffffd806bdf1918,400000000000,400000011000,3) at uvm_fault_wire+0x12d sys/uvm/uvm_fault.c:1684 sysctl_vslock(4000000001c0,ffb5) at sysctl_vslock+0x109 sys/kern/kern_sysctl.c:197 kern_sysctl_dirs(4e,ffff80002a44c738,1,4000000001c0,ffff80002a44c768,0,bc774b7cdf0f815c,1) at kern_sysctl_dirs+0x266 sys/kern/kern_sysctl.c:428 kern_sysctl(ffff80002a44c734,2,4000000001c0,ffff80002a44c768,0,37,ee79e8ace615be7b) at kern_sysctl+0x12d sys/kern/kern_sysctl.c:526 sys_sysctl(ffff8000ffff7730,ffff80002a44c8a0,ffff80002a44c7f0) at sys_sysctl+0x425 syscall(ffff80002a44c8a0) at syscall+0xbc6 mi_syscall sys/sys/syscall_mi.h:176 [inline] syscall(ffff80002a44c8a0) at syscall+0xbc6 sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x7dc020b450, count: -11 ddb{0}> machine ddbcpu 1 Stopped at x86_ipi_db+0x27: addq $0x8,%rsp x86_ipi_db(ffff800029a9bff0) at x86_ipi_db+0x27 sys/arch/amd64/amd64/db_interface.c:394 x86_ipi_handler() at x86_ipi_handler+0xd9 sys/arch/amd64/amd64/ipi.c:106 Xresume_lapic_ipi() at Xresume_lapic_ipi+0x27 __sanitizer_cov_trace_pc() at __sanitizer_cov_trace_pc+0x2c kd_curproc sys/dev/kcov.c:584 [inline] __sanitizer_cov_trace_pc() at __sanitizer_cov_trace_pc+0x2c sys/dev/kcov.c:153 __mp_lock(ffffffff839a2168) at __mp_lock+0x1a3 __mp_lock_spin sys/kern/kern_lock.c:113 [inline] __mp_lock(ffffffff839a2168) at __mp_lock+0x1a3 sys/kern/kern_lock.c:144 uvm_fault(fffffd806bdf1918,7db2b84000,0,2) at uvm_fault+0x1ee sys/uvm/uvm_fault.c:691 upageflttrap(ffff80003acf0870,7db2b84000) at upageflttrap+0xa9 sys/arch/amd64/amd64/trap.c:188 usertrap(ffff80003acf0870) at usertrap+0x2d8 sys/arch/amd64/amd64/trap.c:436 recall_trap() at recall_trap+0x8 end of kernel end trace frame: 0x76b92ccb3240, count: 6 ddb{1}> trace x86_ipi_db(ffff800029a9bff0) at x86_ipi_db+0x27 sys/arch/amd64/amd64/db_interface.c:394 x86_ipi_handler() at x86_ipi_handler+0xd9 sys/arch/amd64/amd64/ipi.c:106 Xresume_lapic_ipi() at Xresume_lapic_ipi+0x27 __sanitizer_cov_trace_pc() at __sanitizer_cov_trace_pc+0x2c kd_curproc sys/dev/kcov.c:584 [inline] __sanitizer_cov_trace_pc() at __sanitizer_cov_trace_pc+0x2c sys/dev/kcov.c:153 __mp_lock(ffffffff839a2168) at __mp_lock+0x1a3 __mp_lock_spin sys/kern/kern_lock.c:113 [inline] __mp_lock(ffffffff839a2168) at __mp_lock+0x1a3 sys/kern/kern_lock.c:144 uvm_fault(fffffd806bdf1918,7db2b84000,0,2) at uvm_fault+0x1ee sys/uvm/uvm_fault.c:691 upageflttrap(ffff80003acf0870,7db2b84000) at upageflttrap+0xa9 sys/arch/amd64/amd64/trap.c:188 usertrap(ffff80003acf0870) at usertrap+0x2d8 sys/arch/amd64/amd64/trap.c:436 recall_trap() at recall_trap+0x8 end of kernel end trace frame: 0x76b92ccb3240, count: -9