uvm_fault(0xffffffff82538f58, 0xffff800000a3a000, 0, 1) -> e kernel: page fault trap, code=0 Stopped at uvm_unmap_remove+0x3eb: movq 0x100(%r15),%r15 ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic kernel page fault uvm_fault(0xffffffff82538f58, 0xffff800000a3a000, 0, 1) -> e uvm_unmap_remove(ffff800000a39f00,0,1000000,ffff800017971370,0,1) at uvm_unmap_remove+0x3eb uvmspace_dused sys/uvm/uvm_map.c:501 [inline] uvm_unmap_remove(ffff800000a39f00,0,1000000,ffff800017971370,0,1) at uvm_unmap_remove+0x3eb sys/uvm/uvm_map.c:2225 end trace frame: 0xffff800017971420, count: 0 ddb> trace uvm_unmap_remove(ffff800000a39f00,0,1000000,ffff800017971370,0,1) at uvm_unmap_remove+0x3eb uvmspace_dused sys/uvm/uvm_map.c:501 [inline] uvm_unmap_remove(ffff800000a39f00,0,1000000,ffff800017971370,0,1) at uvm_unmap_remove+0x3eb sys/uvm/uvm_map.c:2225 uvm_share(ffff800000a39f00,0,7,fffffd803f012cc0,20000000,80000000) at uvm_share+0x55b vm_impl_init_vmx(ffff80001796ba68,ffff8000ffff2508) at vm_impl_init_vmx+0xf1 sys/arch/amd64/amd64/vmm.c:1269 vm_create(ffff800000a37000,ffff8000ffff2508) at vm_create+0x193 vm_impl_init sys/arch/amd64/amd64/vmm.c:1384 [inline] vm_create(ffff800000a37000,ffff8000ffff2508) at vm_create+0x193 sys/arch/amd64/amd64/vmm.c:1173 VOP_IOCTL(fffffd803d4010d0,c5005601,ffff800000a37000,1,fffffd803f7c6ae0,ffff8000ffff2508) at VOP_IOCTL+0x88 sys/kern/vfs_vops.c:291 vn_ioctl(fffffd802a1da540,c5005601,ffff800000a37000,ffff8000ffff2508) at vn_ioctl+0xb7 sys/kern/vfs_vnops.c:533 sys_ioctl(ffff8000ffff2508,ffff8000179717c8,ffff800017971810) at sys_ioctl+0x5b9 syscall(ffff800017971890) at syscall+0x507 sys/arch/amd64/amd64/trap.c:555 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x3a30b281cd0, count: -9 ddb> show registers rdi 0 rsi 0 rbp 0xffff800017971340 rbx 0 rdx 0x44d rcx 0xffff800014f4f000 rax 0xffff800000a39f00 r8 0 r9 0x1 r10 0x19598772733f35de r11 0xfcb2c70d521e804f r12 0 r13 0xfffffd802d8c3630 r14 0x10000 __ALIGN_SIZE+0xf000 r15 0xffff800000a39f00 rip 0xffffffff815649cb uvm_unmap_remove+0x3eb cs 0x8 rflags 0x10246 __ALIGN_SIZE+0xf246 rsp 0xffff800017971290 ss 0x10 uvm_unmap_remove+0x3eb: movq 0x100(%r15),%r15 ddb> show proc PROC (syz-executor.0) pid=240134 stat=onproc flags process=0 proc=4000000 pri=86, usrpri=86, nice=20 forw=0xffffffffffffffff, list=0xffff8000ffff2c70,0xffffffff82545ea8 process=0xffff8000ffff70f0 user=0xffff80001796c000, vmspace=0xfffffd803f012cc0 estcpu=36, cpticks=7, pctcpu=0.0 user=0, sys=1, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 98561 55684 58648 0 2 0 syz-executor.0 *98561 240134 58648 0 7 0x4000000 syz-executor.0 75153 288509 0 0 3 0x14200 bored sosplice 58648 245112 47404 0 3 0x82 nanosleep syz-executor.0 71783 226439 47404 0 2 0x2 syz-executor.1 47404 48127 59448 0 3 0x82 thrsleep syz-fuzzer 47404 304233 59448 0 3 0x4000082 nanosleep syz-fuzzer 47404 50735 59448 0 3 0x4000082 kqread syz-fuzzer 47404 226973 59448 0 3 0x4000082 thrsleep syz-fuzzer 47404 181409 59448 0 3 0x4000082 thrsleep syz-fuzzer 47404 37730 59448 0 3 0x4000082 thrsleep syz-fuzzer 47404 488166 59448 0 3 0x4000082 thrsleep syz-fuzzer 47404 136340 59448 0 3 0x4000082 thrsleep syz-fuzzer 59448 416994 76197 0 3 0x10008a pause ksh 76197 425608 68564 0 3 0x92 select sshd 54064 14941 1 0 3 0x100083 ttyin getty 68564 208821 1 0 3 0x80 select sshd 9633 354994 77810 73 2 0x100010 syslogd 77810 137198 1 0 3 0x100082 netio syslogd 18097 130351 1 77 3 0x100090 poll dhclient 82263 405116 1 0 3 0x80 poll dhclient 14348 163921 0 0 2 0x14200 zerothread 59927 450587 0 0 3 0x14200 aiodoned aiodoned 53977 136908 0 0 3 0x14200 syncer update 54682 303189 0 0 3 0x14200 cleaner cleaner 57842 449352 0 0 3 0x14200 reaper reaper 80901 17276 0 0 3 0x14200 pgdaemon pagedaemon 41822 85231 0 0 3 0x14200 bored crynlk 48866 34231 0 0 3 0x14200 bored crypto 99151 427764 0 0 3 0x40014200 acpi0 acpi0 526 62064 0 0 3 0x14200 bored softnet 85004 290610 0 0 3 0x14200 bored systqmp 3812 142979 0 0 3 0x14200 bored systq 47585 449276 0 0 3 0x40014200 bored softclock 71967 69794 0 0 3 0x40014200 idle0 69058 402293 0 0 3 0x14200 bored smr 1 112288 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 9493 6410K 6789K 78643K 10932 0 pcb 13 8K 8K 78643K 35 0 rtable 99 2K 3K 78643K 211 0 ifaddr 65 14K 14K 78643K 67 0 counters 19 16K 16K 78643K 19 0 ioctlops 1 2K 2K 78643K 118 0 iov 0 0K 16K 78643K 49 0 mount 1 1K 1K 78643K 1 0 vnodes 1225 77K 77K 78643K 1365 0 UFS quota 1 32K 32K 78643K 1 0 UFS mount 5 36K 36K 78643K 5 0 shm 2 1K 5K 78643K 4 0 VM map 3 0K 0K 78643K 96 0 sem 12 0K 0K 78643K 66 0 dirhash 12 2K 2K 78643K 12 0 ACPI 1794 195K 288K 78643K 12646 0 file desc 5 13K 25K 78643K 134 0 proc 47 38K 54K 78643K 376 0 subproc 32 2K 2K 78643K 34 0 NFS srvsock 1 0K 0K 78643K 1 0 NFS daemon 1 16K 16K 78643K 1 0 ip_moptions 0 0K 0K 78643K 7 0 in_multi 64 3K 3K 78643K 67 0 ether_multi 1 0K 0K 78643K 2 0 ISOFS mount 1 32K 32K 78643K 1 0 MSDOSFS mount 1 16K 16K 78643K 1 0 ttys 72 318K 318K 78643K 72 0 exec 0 0K 1K 78643K 189 0 pagedep 1 8K 8K 78643K 1 0 inodedep 1 32K 32K 78643K 1 0 newblk 1 0K 0K 78643K 1 0 VM swap 7 26K 26K 78643K 7 0 UVM amap 110 22K 38K 78643K 1207 0 UVM aobj 8 2K 2K 78643K 8 0 memdesc 1 4K 4K 78643K 1 0 crypto data 1 1K 1K 78643K 1 0 ip6_options 0 0K 0K 78643K 26 0 NDP 9 0K 0K 78643K 13 0 temp 121 3014K 3078K 78643K 3641 0 kqueue 0 0K 0K 78643K 2 0 SYN cache 2 16K 16K 78643K 2 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle arp 64 6 0 2 1 0 1 1 0 8 0 rtpcb 80 29 0 27 1 0 1 1 0 8 0 rtentry 112 47 0 6 2 0 2 2 0 8 0 unpcb 120 124 0 112 1 0 1 1 0 8 0 syncache 264 4 0 4 1 1 0 1 0 8 0 tcpqe 32 176 0 176 1 1 0 1 0 8 0 tcpcb 544 46 0 42 1 0 1 1 0 8 0 inpcb 280 163 0 156 3 1 2 2 0 8 1 nd6 48 5 0 1 1 0 1 1 0 8 0 pkpcb 40 4 0 4 1 0 1 1 0 8 1 swfcl 56 2 0 0 1 0 1 1 0 8 0 art_heap8 4096 2 0 0 2 0 2 2 0 8 0 art_heap4 256 221 0 6 14 0 14 14 0 8 0 art_table 32 223 0 6 2 0 2 2 0 8 0 art_node 16 46 0 9 1 0 1 1 0 8 0 sysvmsgpl 40 64 0 44 1 0 1 1 0 8 0 semupl 112 1 0 1 1 1 0 1 0 8 0 semapl 112 64 0 54 1 0 1 1 0 8 0 shmpl 112 6 0 0 1 0 1 1 0 8 0 dirhash 1024 17 0 0 3 0 3 3 0 8 0 dino1pl 128 1600 0 198 46 0 46 46 0 8 0 ffsino 240 1600 0 198 83 0 83 83 0 8 0 nchpl 144 2014 0 401 60 0 60 60 0 8 0 uvmvnodes 72 1731 0 0 32 0 32 32 0 8 0 vnodes 208 1731 0 0 92 0 92 92 0 8 0 namei 1024 5517 0 5517 1 0 1 1 0 8 1 vmpool 520 94 0 93 1 0 1 1 0 8 0 scxspl 192 5743 0 5743 8 3 5 7 0 8 5 plimitpl 152 24 0 17 1 0 1 1 0 8 0 sigapl 432 305 0 292 2 0 2 2 0 8 0 futexpl 56 3893 0 3893 1 0 1 1 0 8 1 knotepl 112 71 0 52 1 0 1 1 0 8 0 kqueuepl 104 27 0 24 1 0 1 1 0 8 0 pipepl 128 202 0 183 1 0 1 1 0 8 0 fdescpl 424 306 0 292 2 0 2 2 0 8 0 filepl 120 2359 0 2245 4 0 4 4 0 8 0 lockfpl 104 22 0 21 1 0 1 1 0 8 0 lockfspl 48 10 0 9 1 0 1 1 0 8 0 sessionpl 112 17 0 7 1 0 1 1 0 8 0 pgrppl 48 23 0 13 1 0 1 1 0 8 0 ucredpl 96 456 0 449 1 0 1 1 0 8 0 zombiepl 144 292 0 292 1 0 1 1 0 8 1 processpl 864 321 0 292 4 0 4 4 0 8 0 procpl 632 484 0 447 4 0 4 4 0 8 0 sosppl 128 3 0 3 1 0 1 1 0 8 1 sockpl 384 320 0 299 4 1 3 4 0 8 0 mcl64k 65536 25 0 25 1 0 1 1 0 8 1 mcl16k 16384 1 0 1 1 1 0 1 0 8 0 mcl12k 12288 6 0 6 1 0 1 1 0 8 1 mcl9k 9216 1 0 1 1 0 1 1 0 8 1 mcl8k 8192 7 0 7 1 0 1 1 0 8 1 mcl4k 4096 38 0 38 2 1 1 1 0 8 1 mcl2k2 2112 1 0 1 1 0 1 1 0 8 1 mcl2k 2048 69514 0 69469 16 9 7 15 0 8 0 mtagpl 80 5 0 2 2 1 1 1 0 8 0 mbufpl 256 110768 0 110670 14 3 11 11 0 8 3 bufpl 280 6403 0 1519 350 1 349 349 0 8 0 anonpl 16 46015 0 26807 80 1 79 79 0 62 0 amapchunkpl 152 1421 0 1261 8 1 7 8 0 158 0 amappl16 192 1613 0 572 54 0 54 54 0 8 1 amappl15 184 50 0 46 1 0 1 1 0 8 0 amappl14 176 29 0 26 1 0 1 1 0 8 0 amappl12 160 50 0 48 2 1 1 1 0 8 0 amappl11 152 49 0 37 1 0 1 1 0 8 0 amappl10 144 10 0 7 1 0 1 1 0 8 0 amappl9 136 547 0 544 1 0 1 1 0 8 0 amappl8 128 119 0 92 1 0 1 1 0 8 0 amappl7 120 92 0 81 1 0 1 1 0 8 0 amappl6 112 66 0 56 1 0 1 1 0 8 0 amappl5 104 213 0 200 1 0 1 1 0 8 0 amappl4 96 472 0 448 1 0 1 1 0 8 0 amappl3 88 164 0 156 1 0 1 1 0 8 0 amappl2 80 1668 0 1599 3 1 2 3 0 8 0 amappl1 72 15447 0 15025 26 16 10 20 0 8 0 amappl 80 730 0 682 2 0 2 2 0 84 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 64 7 0 0 1 0 1 1 0 8 0 uaddrrnd 24 400 0 292 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 400 0 292 1 0 1 1 0 8 0 vmmpekpl 168 6195 0 6170 2 0 2 2 0 8 0 vmmpepl 168 45288 0 43134 135 16 119 127 0 357 24 vmsppl 272 305 0 292 2 1 1 2 0 8 0 pdppl 4096 806 0 770 6 1 5 6 0 8 0 pvpl 32 150974 0 128745 185 0 185 185 0 265 4 pmappl 200 399 0 385 1 0 1 1 0 8 0 extentpl 40 46 0 29 1 0 1 1 0 8 0 phpool 112 149 0 18 4 0 4 4 0 8 0