uvm_fault(0xffffffff8253beb0, 0xffff800000a1f000, 0, 1) -> e kernel: page fault trap, code=0 Stopped at uvm_unmap_remove+0x3eb: movq 0x100(%r15),%r15 ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic kernel page fault uvm_fault(0xffffffff8253beb0, 0xffff800000a1f000, 0, 1) -> e uvm_unmap_remove(ffff800000a1ef00,0,80000000,ffff8000149521d8,1,0) at uvm_unmap_remove+0x3eb uvmspace_dused sys/uvm/uvm_map.c:501 [inline] uvm_unmap_remove(ffff800000a1ef00,0,80000000,ffff8000149521d8,1,0) at uvm_unmap_remove+0x3eb sys/uvm/uvm_map.c:2225 end trace frame: 0xffff800014952210, count: 0 ddb> trace uvm_unmap_remove(ffff800000a1ef00,0,80000000,ffff8000149521d8,1,0) at uvm_unmap_remove+0x3eb uvmspace_dused sys/uvm/uvm_map.c:501 [inline] uvm_unmap_remove(ffff800000a1ef00,0,80000000,ffff8000149521d8,1,0) at uvm_unmap_remove+0x3eb sys/uvm/uvm_map.c:2225 uvm_map_deallocate(ffff800000a1ef00) at uvm_map_deallocate+0x6e sys/uvm/uvm_map.c:4242 vm_impl_init_vmx(ffff800015997450,ffff80001492c508) at vm_impl_init_vmx+0x1e0 vm_create(ffff800000a1d800,ffff80001492c508) at vm_create+0x193 vm_impl_init sys/arch/amd64/amd64/vmm.c:1384 [inline] vm_create(ffff800000a1d800,ffff80001492c508) at vm_create+0x193 sys/arch/amd64/amd64/vmm.c:1173 VOP_IOCTL(fffffd803a26b340,c5005601,ffff800000a1d800,1,fffffd803f7c6960,ffff80001492c508) at VOP_IOCTL+0x88 sys/kern/vfs_vops.c:291 vn_ioctl(fffffd802d972e20,c5005601,ffff800000a1d800,ffff80001492c508) at vn_ioctl+0xb7 sys/kern/vfs_vnops.c:533 sys_ioctl(ffff80001492c508,ffff8000149525b8,ffff800014952600) at sys_ioctl+0x5b9 syscall(ffff800014952680) at syscall+0x507 sys/arch/amd64/amd64/trap.c:555 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x9d61ef2ff60, count: -9 ddb> show registers rdi 0 rsi 0 rbp 0xffff8000149521c0 rbx 0 rdx 0x162f __ALIGN_SIZE+0x62f rcx 0xffff80001495b000 rax 0xffff800000a1ef00 r8 0x1 r9 0 r10 0xeaa902c3ec7dde1c r11 0xf63b268fa9bfede1 r12 0 r13 0xfffffd802d9e3a20 r14 0 r15 0xffff800000a1ef00 rip 0xffffffff818c51eb uvm_unmap_remove+0x3eb cs 0x8 rflags 0x10246 __ALIGN_SIZE+0xf246 rsp 0xffff800014952110 ss 0x10 uvm_unmap_remove+0x3eb: movq 0x100(%r15),%r15 ddb> show proc PROC (syz-executor.0) pid=208771 stat=onproc flags process=0 proc=4000000 pri=86, usrpri=86, nice=20 forw=0xffffffffffffffff, list=0xffff80001492c290,0xffffffff825770b0 process=0xffff8000ffff70f0 user=0xffff80001494d000, vmspace=0xfffffd803f012660 estcpu=36, cpticks=2, pctcpu=0.0 user=0, sys=2, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 43760 147644 67975 0 2 0 syz-executor.0 *43760 208771 67975 0 7 0x4000000 syz-executor.0 99491 71915 0 0 3 0x14200 bored sosplice 67975 194329 3035 0 2 0x482 syz-executor.0 72412 151775 3035 0 2 0x2 syz-executor.1 3035 34577 14086 0 3 0x82 thrsleep syz-fuzzer 3035 475198 14086 0 2 0x4000482 syz-fuzzer 3035 10873 14086 0 3 0x4000082 kqread syz-fuzzer 3035 512419 14086 0 3 0x4000082 thrsleep syz-fuzzer 3035 331539 14086 0 3 0x4000082 thrsleep syz-fuzzer 3035 91727 14086 0 3 0x4000082 thrsleep syz-fuzzer 3035 518350 14086 0 3 0x4000082 thrsleep syz-fuzzer 3035 236210 14086 0 3 0x4000082 thrsleep syz-fuzzer 14086 495591 33102 0 3 0x10008a pause ksh 33102 152444 36792 0 3 0x92 select sshd 79232 57532 1 0 3 0x100083 ttyin getty 36792 283376 1 0 3 0x80 select sshd 78645 380239 94262 73 3 0x100090 kqread syslogd 94262 256848 1 0 3 0x100082 netio syslogd 37082 3626 1 77 3 0x100090 poll dhclient 11056 452023 1 0 3 0x80 poll dhclient 41597 427836 0 0 2 0x14200 zerothread 29965 156996 0 0 3 0x14200 aiodoned aiodoned 42766 412810 0 0 3 0x14200 syncer update 64040 188258 0 0 3 0x14200 cleaner cleaner 45975 136820 0 0 3 0x14200 reaper reaper 85147 514823 0 0 3 0x14200 pgdaemon pagedaemon 25404 57001 0 0 3 0x14200 bored crynlk 25595 216520 0 0 3 0x14200 bored crypto 58192 51042 0 0 3 0x40014200 acpi0 acpi0 66417 146237 0 0 3 0x14200 bored softnet 91729 42276 0 0 3 0x14200 bored systqmp 88003 89971 0 0 3 0x14200 bored systq 54163 237540 0 0 3 0x40014200 bored softclock 66946 153836 0 0 3 0x40014200 idle0 18287 464868 0 0 3 0x14200 bored smr 1 350502 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 9565 7003K 7325K 78643K 12435 0 pcb 13 8K 8K 78643K 162 0 rtable 101 5K 6K 78643K 344 0 ifaddr 80 15K 16K 78643K 131 0 counters 19 16K 16K 78643K 19 0 ioctlops 1 2K 2K 78643K 34 0 iov 0 0K 24K 78643K 89 0 mount 1 1K 1K 78643K 1 0 vnodes 1220 77K 77K 78643K 1686 0 UFS quota 1 32K 32K 78643K 1 0 UFS mount 5 36K 36K 78643K 5 0 shm 2 1K 5K 78643K 5 0 VM map 5 1K 1K 78643K 7 0 sem 12 0K 0K 78643K 280 0 dirhash 12 2K 2K 78643K 12 0 ACPI 1794 195K 288K 78643K 12646 0 file desc 5 13K 25K 78643K 329 0 sigio 0 0K 0K 78643K 2 0 proc 48 38K 54K 78643K 376 0 subproc 32 2K 2K 78643K 34 0 NFS srvsock 1 0K 0K 78643K 1 0 NFS daemon 1 16K 16K 78643K 1 0 ip_moptions 0 0K 0K 78643K 16 0 in_multi 45 2K 2K 78643K 86 0 ether_multi 1 0K 0K 78643K 1 0 mrt 0 0K 0K 78643K 1 0 ISOFS mount 1 32K 32K 78643K 1 0 MSDOSFS mount 1 16K 16K 78643K 1 0 ttys 66 291K 291K 78643K 66 0 exec 0 0K 1K 78643K 201 0 pagedep 1 8K 8K 78643K 1 0 inodedep 1 32K 32K 78643K 1 0 newblk 1 0K 0K 78643K 1 0 VM swap 7 26K 26K 78643K 7 0 UVM amap 117 22K 23K 78643K 1629 0 UVM aobj 11 2K 2K 78643K 15 0 memdesc 1 4K 4K 78643K 1 0 crypto data 1 1K 1K 78643K 1 0 ip6_options 0 0K 0K 78643K 57 0 NDP 14 0K 0K 78643K 28 0 temp 142 3015K 3088K 78643K 22126 0 kqueue 0 0K 0K 78643K 5 0 SYN cache 2 16K 16K 78643K 2 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle arp 64 8 0 4 1 0 1 1 0 8 0 rtpcb 80 49 0 47 1 0 1 1 0 8 0 rtentry 112 76 0 37 2 0 2 2 0 8 0 unpcb 120 163 0 155 1 0 1 1 0 8 0 syncache 264 7 0 7 2 1 1 1 0 8 1 sackhl 24 2 0 2 1 1 0 1 0 8 0 tcpqe 32 280 0 280 2 1 1 1 0 8 1 tcpcb 544 413 0 409 2 0 2 2 0 8 1 ipq 40 3 0 3 1 1 0 1 0 8 0 ipqe 40 135 0 135 1 1 0 1 0 8 0 inpcb 280 748 0 741 3 1 2 3 0 8 1 nd6 48 9 0 7 1 0 1 1 0 8 0 ppxss 1128 5 0 5 1 0 1 1 0 8 1 art_heap8 4096 4 0 1 3 0 3 3 0 8 0 art_heap4 256 377 0 166 15 0 15 15 0 8 0 art_table 32 381 0 167 2 0 2 2 0 8 0 art_node 16 75 0 38 1 0 1 1 0 8 0 sysvmsgpl 40 24 0 16 1 0 1 1 0 8 0 semapl 112 278 0 268 1 0 1 1 0 8 0 shmpl 112 13 0 4 1 0 1 1 0 8 0 dirhash 1024 17 0 0 3 0 3 3 0 8 0 dino1pl 128 1899 0 504 46 0 46 46 0 8 0 ffsino 240 1899 0 504 83 0 83 83 0 8 0 nchpl 144 2609 0 998 60 0 60 60 0 8 0 uvmvnodes 72 2335 0 0 43 0 43 43 0 8 0 vnodes 208 2335 0 0 123 0 123 123 0 8 0 namei 1024 7433 0 7432 1 0 1 1 0 8 0 vcpupl 1984 2 0 0 1 0 1 1 0 8 0 vmpool 520 5 0 2 1 0 1 1 0 8 0 scxspl 192 8187 0 8187 10 7 3 7 0 8 3 plimitpl 152 47 0 40 1 0 1 1 0 8 0 sigapl 432 500 0 487 2 0 2 2 0 8 0 futexpl 56 11948 0 11948 1 0 1 1 0 8 1 knotepl 112 86 0 67 1 0 1 1 0 8 0 kqueuepl 104 93 0 91 1 0 1 1 0 8 0 pipepl 128 286 0 267 3 1 2 2 0 8 1 fdescpl 424 501 0 487 2 0 2 2 0 8 0 filepl 120 4023 0 3927 5 1 4 5 0 8 1 lockfpl 104 140 0 139 1 0 1 1 0 8 0 lockfspl 48 45 0 44 1 0 1 1 0 8 0 sessionpl 112 17 0 7 1 0 1 1 0 8 0 pgrppl 48 17 0 7 1 0 1 1 0 8 0 ucredpl 96 692 0 685 1 0 1 1 0 8 0 zombiepl 144 487 0 487 1 0 1 1 0 8 1 processpl 864 516 0 487 4 0 4 4 0 8 0 procpl 632 904 0 867 4 0 4 4 0 8 0 sosppl 128 3 0 3 1 0 1 1 0 8 1 sockpl 384 1010 0 993 5 1 4 5 0 8 2 mcl64k 65536 45 0 45 1 0 1 1 0 8 1 mcl16k 16384 7 0 7 1 0 1 1 0 8 1 mcl12k 12288 14 0 14 1 0 1 1 0 8 1 mcl9k 9216 10 0 10 1 0 1 1 0 8 1 mcl8k 8192 18 0 18 1 0 1 1 0 8 1 mcl4k 4096 60 0 60 2 1 1 1 0 8 1 mcl2k2 2112 2 0 2 2 1 1 1 0 8 1 mcl2k 2048 69600 0 69533 24 14 10 18 0 8 0 mtagpl 80 27 0 4 2 1 1 1 0 8 0 mbufpl 256 113153 0 112967 23 5 18 18 0 8 1 bufpl 280 7555 0 2617 353 0 353 353 0 8 0 anonpl 16 68853 0 48531 103 4 99 99 0 62 15 amapchunkpl 152 2415 0 2264 12 1 11 11 0 158 4 amappl16 192 3027 0 1903 73 5 68 68 0 8 11 amappl15 184 50 0 46 1 0 1 1 0 8 0 amappl14 176 180 0 178 1 0 1 1 0 8 0 amappl13 168 8 0 7 1 0 1 1 0 8 0 amappl12 160 11 0 8 1 0 1 1 0 8 0 amappl11 152 46 0 35 1 0 1 1 0 8 0 amappl10 144 11 0 9 1 0 1 1 0 8 0 amappl9 136 686 0 681 1 0 1 1 0 8 0 amappl8 128 270 0 239 2 0 2 2 0 8 0 amappl7 120 90 0 80 1 0 1 1 0 8 0 amappl6 112 58 0 50 1 0 1 1 0 8 0 amappl5 104 169 0 157 1 0 1 1 0 8 0 amappl4 96 715 0 690 1 0 1 1 0 8 0 amappl3 88 136 0 128 1 0 1 1 0 8 0 amappl2 80 3273 0 3203 3 1 2 3 0 8 0 amappl1 72 18707 0 18287 26 16 10 20 0 8 0 amappl 80 1139 0 1095 2 0 2 2 0 84 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 64 14 0 4 1 0 1 1 0 8 0 uaddrrnd 24 506 0 487 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 506 0 487 1 0 1 1 0 8 0 vmmpekpl 168 6990 0 6966 2 0 2 2 0 8 0 vmmpepl 168 67474 0 65211 134 20 114 126 0 357 13 vmsppl 272 500 0 487 2 1 1 2 0 8 0 pdppl 4096 1018 0 980 6 1 5 6 0 8 0 pvpl 32 199958 0 177149 222 3 219 219 0 265 32 pmappl 200 505 0 489 1 0 1 1 0 8 0 extentpl 40 46 0 29 1 0 1 1 0 8 0 phpool 112 169 0 24 5 0 5 5 0 8 0