uvm_fault(0xffffffff824f6a40, 0xffff800000b43000, 0, 1) -> e kernel: page fault trap, code=0 Stopped at uvm_unmap_remove+0x3eb: movq 0x100(%r15),%r15 ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic kernel page fault uvm_fault(0xffffffff824f6a40, 0xffff800000b43000, 0, 1) -> e uvm_unmap_remove(ffff800000b42f00,0,80000000,ffff800015929f58,1,0) at uvm_unmap_remove+0x3eb uvmspace_dused sys/uvm/uvm_map.c:497 [inline] uvm_unmap_remove(ffff800000b42f00,0,80000000,ffff800015929f58,1,0) at uvm_unmap_remove+0x3eb sys/uvm/uvm_map.c:2217 end trace frame: 0xffff800015929f90, count: 0 ddb> trace uvm_unmap_remove(ffff800000b42f00,0,80000000,ffff800015929f58,1,0) at uvm_unmap_remove+0x3eb uvmspace_dused sys/uvm/uvm_map.c:497 [inline] uvm_unmap_remove(ffff800000b42f00,0,80000000,ffff800015929f58,1,0) at uvm_unmap_remove+0x3eb sys/uvm/uvm_map.c:2217 uvm_map_deallocate(ffff800000b42f00) at uvm_map_deallocate+0x6e sys/uvm/uvm_map.c:4233 vm_impl_init_vmx(ffff800015951888,ffff800015953650) at vm_impl_init_vmx+0x1e0 vm_create(ffff800000ab0800,ffff800015953650) at vm_create+0x182 vm_impl_init sys/arch/amd64/amd64/vmm.c:1375 [inline] vm_create(ffff800000ab0800,ffff800015953650) at vm_create+0x182 sys/arch/amd64/amd64/vmm.c:1164 VOP_IOCTL(fffffd803ad3d680,c5005601,ffff800000ab0800,1,fffffd803f7c6a20,ffff800015953650) at VOP_IOCTL+0x88 sys/kern/vfs_vops.c:291 vn_ioctl(fffffd80390cdc38,c5005601,ffff800000ab0800,ffff800015953650) at vn_ioctl+0xb7 sys/kern/vfs_vnops.c:524 sys_ioctl(ffff800015953650,ffff80001592a338,ffff80001592a380) at sys_ioctl+0x5b9 syscall(ffff80001592a400) at syscall+0x507 sys/arch/amd64/amd64/trap.c:555 Xsyscall(6,0,ffffffffffffff59,0,3,59181fec010) at Xsyscall+0x128 end of kernel end trace frame: 0x593a3095620, count: -9 ddb> show registers rdi 0 rsi 0 rbp 0xffff800015929f40 rbx 0 rdx 0x17c3 __ALIGN_SIZE+0x7c3 rcx 0xffff80001490b000 rax 0xffff800000b42f00 r8 0x1 r9 0 r10 0x2e7b4b46f9cd49c5 r11 0xe1f3df04fe54ec83 r12 0 r13 0xfffffd8031b75380 r14 0 r15 0xffff800000b42f00 rip 0xffffffff8213458b uvm_unmap_remove+0x3eb cs 0x8 rflags 0x10246 __ALIGN_SIZE+0xf246 rsp 0xffff800015929e90 ss 0x10 uvm_unmap_remove+0x3eb: movq 0x100(%r15),%r15 ddb> show proc PROC (syz-executor.1) pid=305560 stat=onproc flags process=0 proc=4000000 pri=86, usrpri=86, nice=20 forw=0xffffffffffffffff, list=0xffff8000159529f8,0xffffffff82574928 process=0xffff8000ffff7b10 user=0xffff800015925000, vmspace=0xfffffd803f014550 estcpu=36, cpticks=2, pctcpu=0.0 user=0, sys=1, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 48191 182707 39767 0 2 0 syz-executor.1 *48191 305560 39767 0 7 0x4000000 syz-executor.1 90892 228151 0 0 3 0x14200 acct acct 38810 250688 20042 0 2 0x2 syz-executor.0 39767 352090 20042 0 2 0x482 syz-executor.1 7258 75902 1 0 3 0x100083 ttyin getty 25825 299688 0 0 3 0x14200 bored sosplice 20042 44471 28255 0 3 0x82 thrsleep syz-fuzzer 20042 517447 28255 0 2 0x4000482 syz-fuzzer 20042 153298 28255 0 3 0x4000082 kqread syz-fuzzer 20042 471533 28255 0 3 0x4000082 thrsleep syz-fuzzer 20042 413606 28255 0 3 0x4000082 thrsleep syz-fuzzer 20042 405305 28255 0 3 0x4000082 thrsleep syz-fuzzer 20042 396827 28255 0 3 0x4000082 thrsleep syz-fuzzer 28255 88386 40889 0 3 0x10008a pause ksh 40889 3605 41805 0 3 0x92 select sshd 41805 519295 1 0 3 0x80 select sshd 47677 502566 68212 73 2 0x100010 syslogd 68212 251191 1 0 3 0x100082 netio syslogd 29261 236964 0 0 2 0x14200 zerothread 40149 437780 0 0 3 0x14200 aiodoned aiodoned 78086 252079 0 0 3 0x14200 syncer update 70262 507687 0 0 3 0x14200 cleaner cleaner 94048 291229 0 0 3 0x14200 reaper reaper 35552 431000 0 0 3 0x14200 pgdaemon pagedaemon 90813 226446 0 0 3 0x14200 bored crynlk 77216 489998 0 0 3 0x14200 bored crypto 10769 465706 0 0 3 0x40014200 acpi0 acpi0 76802 365798 0 0 3 0x14200 bored softnet 80745 414234 0 0 3 0x14200 bored systqmp 80655 397625 0 0 3 0x14200 bored systq 6197 465571 0 0 3 0x40014200 bored softclock 18709 363860 0 0 3 0x40014200 idle0 37160 205297 0 0 3 0x14200 bored smr 1 290493 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim Kern Lim devbuf 9580 7016K 7338K 78643K 30308 0 0 pcb 13 8K 8K 78643K 1325 0 0 rtable 124 12K 13K 78643K 1556 0 0 ifaddr 83 23K 28K 78643K 1147 0 0 counters 19 16K 16K 78643K 19 0 0 ioctlops 1 2K 2K 78643K 457 0 0 iov 0 0K 24K 78643K 1249 0 0 mount 1 1K 1K 78643K 1 0 0 vnodes 1198 75K 77K 78643K 9731 0 0 UFS quota 1 32K 32K 78643K 1 0 0 UFS mount 5 36K 36K 78643K 5 0 0 shm 2 1K 5K 78643K 200 0 0 VM map 3 0K 0K 78643K 14 0 0 sem 12 0K 1K 78643K 1285 0 0 dirhash 12 2K 2K 78643K 12 0 0 ACPI 1793 195K 288K 78643K 12645 0 0 file desc 5 13K 25K 78643K 10626 0 0 sigio 0 0K 0K 78643K 123 0 0 proc 45 30K 62K 78643K 2731 0 0 subproc 32 2K 2K 78643K 650 0 0 NFS srvsock 1 0K 0K 78643K 1 0 0 NFS daemon 1 16K 16K 78643K 1 0 0 ip_moptions 0 0K 0K 78643K 1012 0 0 in_multi 35 2K 2K 78643K 726 0 0 ether_multi 1 0K 0K 78643K 50 0 0 mrt 0 0K 0K 78643K 36 0 0 ISOFS mount 1 32K 32K 78643K 1 0 0 MSDOSFS mount 1 16K 16K 78643K 1 0 0 ttys 186 821K 821K 78643K 186 0 0 exec 0 0K 1K 78643K 1498 0 0 pagedep 1 8K 8K 78643K 1 0 0 inodedep 1 32K 32K 78643K 1 0 0 newblk 1 0K 0K 78643K 1 0 0 VM swap 7 26K 26K 78643K 7 0 0 UVM amap 143 24K 33K 78643K 29697 0 0 UVM aobj 129 7K 7K 78643K 173 0 0 memdesc 1 4K 4K 78643K 1 0 0 crypto data 1 1K 1K 78643K 1 0 0 ip6_options 0 0K 1K 78643K 1248 0 0 NDP 19 0K 1K 78643K 357 0 0 temp 225 3537K 4177K 78643K 143957 0 0 kqueue 0 0K 0K 78643K 41 0 0 SYN cache 2 16K 16K 78643K 2 0 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle arp 64 70 0 64 1 0 1 1 0 8 0 rtpcb 80 557 0 557 64 63 1 1 0 8 1 rtentry 112 427 0 382 2 0 2 2 0 8 0 unpcb 120 4489 0 4461 8 6 2 2 0 8 1 syncache 264 4 0 4 1 1 0 1 0 8 0 sackhl 24 2 0 2 1 1 0 1 0 8 0 tcpqe 32 4318 0 4318 1 1 0 1 0 8 0 tcpcb 544 2244 0 2240 3 1 2 2 0 8 1 ipq 40 21 0 21 12 12 0 1 0 8 0 ipqe 40 49 0 49 12 12 0 1 0 8 0 inpcb 280 6716 0 6712 12 10 2 2 0 8 1 rttmr 72 4 0 4 4 4 0 1 0 8 0 nd6 48 76 0 72 1 0 1 1 0 8 0 pkpcb 40 56 0 56 20 20 0 1 0 8 0 swfcl 56 3 0 0 1 0 1 1 0 8 0 ppxss 1128 169 0 169 66 66 0 1 0 8 0 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 1868 0 1622 30 14 16 16 0 8 0 art_table 32 1869 0 1622 2 0 2 2 0 8 0 art_node 16 417 0 376 1 0 1 1 0 8 0 sysvmsgpl 40 24 0 17 1 0 1 1 0 8 0 semupl 112 3 0 3 2 2 0 1 0 8 0 semapl 112 1283 0 1273 1 0 1 1 0 8 0 shmpl 112 171 0 44 4 0 4 4 0 8 0 dirhash 1024 17 0 0 3 0 3 3 0 8 0 dino1pl 128 20159 0 18775 46 0 46 46 0 8 0 ffsino 240 20159 0 18775 83 0 83 83 0 8 0 nchpl 144 35886 0 34222 62 0 62 62 0 8 0 uvmvnodes 72 7550 0 0 138 0 138 138 0 8 0 vnodes 208 7550 0 0 398 0 398 398 0 8 0 namei 1024 121181 0 121180 10 9 1 1 0 8 0 vmpool 520 12 0 11 6 5 1 1 0 8 0 scsiplug 64 11 0 11 9 9 0 1 0 8 0 scxspl 192 116062 0 116062 32 31 1 7 0 8 1 plimitpl 152 864 0 858 1 0 1 1 0 8 0 sigapl 432 10696 0 10685 2 0 2 2 0 8 0 futexpl 56 278783 0 278783 7 6 1 1 0 8 1 knotepl 112 1932 0 1913 3 2 1 3 0 8 0 kqueuepl 104 2400 0 2398 1 0 1 1 0 8 0 pipepl 112 31702 0 31683 82 80 2 4 0 8 1 fdescpl 424 10697 0 10685 2 0 2 2 0 8 0 filepl 120 100706 0 100621 41 37 4 7 0 8 1 lockfpl 104 2806 0 2806 16 15 1 1 0 8 1 lockfspl 48 949 0 949 16 15 1 1 0 8 1 sessionpl 112 60 0 52 1 0 1 1 0 8 0 pgrppl 48 184 0 176 1 0 1 1 0 8 0 ucredpl 96 12481 0 12475 1 0 1 1 0 8 0 zombiepl 144 10691 0 10691 4 3 1 1 0 8 1 processpl 864 10719 0 10691 4 0 4 4 0 8 0 procpl 632 27132 0 27097 7 3 4 5 0 8 0 sosppl 128 84 0 84 32 32 0 1 0 8 0 sockpl 384 11944 0 11912 25 20 5 7 0 8 1 mcl64k 65536 2279 0 2279 221 220 1 33 0 8 1 mcl16k 16384 109 0 109 67 67 0 1 0 8 0 mcl12k 12288 246 0 246 64 64 0 1 0 8 0 mcl9k 9216 102 0 102 65 64 1 1 0 8 1 mcl8k 8192 542 0 542 38 37 1 1 0 8 1 mcl4k 4096 1420 0 1420 11 10 1 1 0 8 1 mcl2k2 2112 93 0 93 49 48 1 1 0 8 1 mcl2k 2048 72132 0 72088 36 30 6 12 0 8 0 mtagpl 80 263 0 242 7 6 1 1 0 8 0 mbufpl 256 173050 0 172928 110 101 9 26 0 8 0 bufpl 256 35618 0 28068 474 1 473 473 0 8 0 anonpl 16 984406 0 970136 374 310 64 105 0 62 0 amapchunkpl 152 55046 0 54943 164 159 5 33 0 158 0 amappl16 192 52084 0 51262 396 353 43 54 0 8 1 amappl15 184 2709 0 2708 7 6 1 1 0 8 0 amappl14 176 1118 0 1113 2 1 1 1 0 8 0 amappl13 168 2368 0 2365 1 0 1 1 0 8 0 amappl12 160 2694 0 2692 1 0 1 1 0 8 0 amappl11 152 1558 0 1554 1 0 1 1 0 8 0 amappl10 144 651 0 651 4 4 0 1 0 8 0 amappl9 136 1702 0 1696 1 0 1 1 0 8 0 amappl8 128 1319 0 1263 3 1 2 2 0 8 0 amappl7 120 821 0 813 1 0 1 1 0 8 0 amappl6 112 1460 0 1449 1 0 1 1 0 8 0 amappl5 104 3203 0 3196 1 0 1 1 0 8 0 amappl4 96 9155 0 9124 1 0 1 1 0 8 0 amappl3 88 3251 0 3245 1 0 1 1 0 8 0 amappl2 80 86629 0 86569 4 2 2 3 0 8 0 amappl1 72 212645 0 212271 37 29 8 20 0 8 0 amappl 80 27931 0 27898 2 1 1 2 0 84 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma64 64 259 0 259 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 17 0 17 1 1 0 1 0 8 0 aobjpl 64 172 0 44 3 0 3 3 0 8 0 uaddrrnd 24 10709 0 10685 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 10709 0 10685 1 0 1 1 0 8 0 vmmpekpl 168 129596 0 129572 2 0 2 2 0 8 0 vmmpepl 168 1285248 0 1283418 783 695 88 117 0 357 0 vmsppl 272 10696 0 10685 3 2 1 2 0 8 0 pdppl 4096 21424 0 21392 7 2 5 6 0 8 0 pvpl 32 2929612 0 2912226 1059 896 163 343 0 265 16 pmappl 200 10708 0 10696 1 0 1 1 0 8 0 extentpl 40 41 0 26 1 0 1 1 0 8 0 phpool 112 1099 0 496 19 0 19 19 0 8 0