uvm_fault(0xffffffff839366c8, 0xffff800029ef5000, 0, 1) -> e kernel: page fault trap, code=0 Stopped at pvclock_get+0x53: movl 0(%r15),%r12d TID PID UID PRFLAGS PFLAGS CPU COMMAND * 22859 74400 0 0 0x4000000 0 syz-executor pvclock_get(ffffffff838d0610) at pvclock_get+0x53 pvclock_read_begin sys/dev/pv/pvclock.c:278 [inline] pvclock_get(ffffffff838d0610) at pvclock_get+0x53 sys/dev/pv/pvclock.c:333 nsecuptime() at nsecuptime+0x62 tc_delta sys/kern/kern_tc.c:138 [inline] nsecuptime() at nsecuptime+0x62 binuptime sys/kern/kern_tc.c:191 [inline] nsecuptime() at nsecuptime+0x62 sys/kern/kern_tc.c:257 clockintr_dispatch(ffff80002f0c4ec0) at clockintr_dispatch+0xe8 sys/kern/kern_clockintr.c:180 lapic_clockintr(0,0) at lapic_clockintr+0x43 sys/arch/amd64/amd64/lapic.c:482 Xresume_lapic_ltimer() at Xresume_lapic_ltimer+0x2a pmap_tlb_shootrange(ffff8000380f0000,ffff800029ed2000,ffff80002a57e000,1) at pmap_tlb_shootrange+0xc3 invpcid sys/arch/amd64/compile/SYZKALLER/obj/machine/cpufunc.h:192 [inline] pmap_tlb_shootrange(ffff8000380f0000,ffff800029ed2000,ffff80002a57e000,1) at pmap_tlb_shootrange+0xc3 sys/arch/amd64/amd64/pmap.c:3363 buf_dealloc_mem(fffffd806c6157e8) at buf_dealloc_mem+0x125 sys/kern/vfs_biomem.c:186 buf_put(fffffd806c6157e8) at buf_put+0x1d9 sys/kern/vfs_bio.c:123 brelse(fffffd806c6157e8) at brelse+0x397 sys/kern/vfs_bio.c:932 writedisklabel(d02,ffffffff831d2770,ffff800000039000) at writedisklabel+0x1b8 sys/arch/amd64/amd64/disksubr.c:158 sdioctl(d01,84946467,ffff80000164d000,3,ffff80002a7a4d20) at sdioctl+0x959 sys/scsi/sd.c:921 VOP_IOCTL(fffffd806c9b87d8,84946467,ffff80000164d000,3,fffffd8007ffd8f0,ffff80002a7a4d20) at VOP_IOCTL+0xa3 sys/kern/vfs_vops.c:264 vn_ioctl(fffffd8079765448,84946467,ffff80000164d000,ffff80002a7a4d20) at vn_ioctl+0xea sys/kern/vfs_vnops.c:537 sys_ioctl(ffff80002a7a4d20,ffff80002f0c5540,ffff80002f0c5490) at sys_ioctl+0x660 sys/kern/sys_generic.c:-1 end trace frame: 0xffff80002f0c5530, count: 0 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic *cpu0: uvm_fault(0xffffffff839366c8, 0xffff800029ef5000, 0, 1) -> e ddb> trace pvclock_get(ffffffff838d0610) at pvclock_get+0x53 pvclock_read_begin sys/dev/pv/pvclock.c:278 [inline] pvclock_get(ffffffff838d0610) at pvclock_get+0x53 sys/dev/pv/pvclock.c:333 nsecuptime() at nsecuptime+0x62 tc_delta sys/kern/kern_tc.c:138 [inline] nsecuptime() at nsecuptime+0x62 binuptime sys/kern/kern_tc.c:191 [inline] nsecuptime() at nsecuptime+0x62 sys/kern/kern_tc.c:257 clockintr_dispatch(ffff80002f0c4ec0) at clockintr_dispatch+0xe8 sys/kern/kern_clockintr.c:180 lapic_clockintr(0,0) at lapic_clockintr+0x43 sys/arch/amd64/amd64/lapic.c:482 Xresume_lapic_ltimer() at Xresume_lapic_ltimer+0x2a pmap_tlb_shootrange(ffff8000380f0000,ffff800029ed2000,ffff80002a57e000,1) at pmap_tlb_shootrange+0xc3 invpcid sys/arch/amd64/compile/SYZKALLER/obj/machine/cpufunc.h:192 [inline] pmap_tlb_shootrange(ffff8000380f0000,ffff800029ed2000,ffff80002a57e000,1) at pmap_tlb_shootrange+0xc3 sys/arch/amd64/amd64/pmap.c:3363 buf_dealloc_mem(fffffd806c6157e8) at buf_dealloc_mem+0x125 sys/kern/vfs_biomem.c:186 buf_put(fffffd806c6157e8) at buf_put+0x1d9 sys/kern/vfs_bio.c:123 brelse(fffffd806c6157e8) at brelse+0x397 sys/kern/vfs_bio.c:932 writedisklabel(d02,ffffffff831d2770,ffff800000039000) at writedisklabel+0x1b8 sys/arch/amd64/amd64/disksubr.c:158 sdioctl(d01,84946467,ffff80000164d000,3,ffff80002a7a4d20) at sdioctl+0x959 sys/scsi/sd.c:921 VOP_IOCTL(fffffd806c9b87d8,84946467,ffff80000164d000,3,fffffd8007ffd8f0,ffff80002a7a4d20) at VOP_IOCTL+0xa3 sys/kern/vfs_vops.c:264 vn_ioctl(fffffd8079765448,84946467,ffff80000164d000,ffff80002a7a4d20) at vn_ioctl+0xea sys/kern/vfs_vnops.c:537 sys_ioctl(ffff80002a7a4d20,ffff80002f0c5540,ffff80002f0c5490) at sys_ioctl+0x660 sys/kern/sys_generic.c:-1 syscall(ffff80002f0c5540) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80002f0c5540) at syscall+0x962 sys/arch/amd64/amd64/trap.c:783 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xda201cdfe20, count: -16 ddb> show registers rdi 0xffffffff rsi 0xd rbp 0xffff80002f0c4db0 rbx 0x3 rdx 0xffff8000015e2f00 rcx 0 rax 0xc r8 0 r9 0 r10 0 r11 0x43be6e78a16d0991 r12 0x160f __ALIGN_SIZE+0x60f r13 0xffffffff8386ec00 th0 r14 0xffffffff838d0610 pvclock_timecounter r15 0xffff800029ef5000 rip 0xffffffff82818fc3 pvclock_get+0x53 cs 0x8 rflags 0x10246 __ALIGN_SIZE+0xf246 rsp 0xffff80002f0c4d60 ss 0x10 pvclock_get+0x53: movl 0(%r15),%r12d ddb> show proc PROC (syz-executor) tid=22859 pid=74400 tcnt=2 stat=onproc flags process=0 proc=4000000 runpri=50, usrpri=50, slppri=32, nice=20 wchan=0x0, wmesg=, ps_single=0x0 scnt=0 ecnt=0 forw=0xffffffffffffffff, list=0xffff80002a7a42c0,0xffff80002a78d258 process=0xffff8000ffff9698 user=0xffff80002f0c0000, vmspace=0xfffffd806cc882f8 estcpu=36, cpticks=0, pctcpu=0.0, user=0, sys=0, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 63767 156569 28325 0 2 0 syz-executor 63767 11527 28325 0 3 0x4000080 fsleep syz-executor 74400 282490 26687 0 2 0 syz-executor *74400 22859 26687 0 7 0x4000000 syz-executor 86064 257533 90271 60929 2 0x10 syz-executor 86064 360046 90271 60929 3 0x4000090 fsleep syz-executor 86064 279621 90271 60929 3 0x4000090 fsleep syz-executor 86064 85421 90271 60929 3 0x4000090 fsleep syz-executor 96716 195419 13230 0 3 0x80 nanoslp syz-executor 96716 143559 13230 0 3 0x4000080 kqread syz-executor 96716 307035 13230 0 3 0x4000080 fsleep syz-executor 30609 402498 36735 0 2 0x1 syz-executor 30609 439749 36735 0 3 0x4000080 fsleep syz-executor 15296 15258 10050 0 2 0x1 syz-executor 15296 16599 10050 0 3 0x4000080 netcon syz-executor 15296 305436 10050 0 3 0x4000080 fsleep syz-executor 15296 346837 10050 0 3 0x4000080 fsleep syz-executor 30196 459438 98260 0 2 0x1 syz-executor 30196 363173 98260 0 2 0x4000001 syz-executor 30196 279446 98260 0 3 0x4000080 fsleep syz-executor 30196 411471 98260 0 3 0x4000080 fsleep syz-executor 98260 348173 2238 0 3 0x82 nanoslp syz-executor 26687 111872 2238 0 3 0x82 nanoslp syz-executor 28325 172574 2238 0 3 0x82 nanoslp syz-executor 90271 518822 2238 0 3 0x82 nanoslp syz-executor 36735 286438 2238 0 3 0x82 nanoslp syz-executor 10050 134638 2238 0 3 0x82 nanoslp syz-executor 13230 368199 2238 0 3 0x82 nanoslp syz-executor 79529 283508 2238 0 3 0x82 nanoslp syz-executor 2238 82737 7403 0 3 0x82 kqread syz-executor 7403 127832 28233 0 3 0x10008a sigsusp ksh 28233 326671 14498 0 3 0x98 kqread sshd-session 14498 156472 29294 0 3 0x92 kqread sshd-session 28764 42426 1 0 3 0x100083 ttyin getty 29294 14858 1 0 3 0x88 kqread sshd 27344 293184 3564 73 3 0x1100090 kqread syslogd 3564 336941 1 0 3 0x100082 sbwait syslogd 43641 101544 1 0 3 0x100080 kqread resolvd 91603 196644 10645 77 3 0x100092 kqread dhcpleased 65099 134178 10645 77 3 0x100092 kqread dhcpleased 10645 206454 1 0 3 0x80 kqread dhcpleased 44810 326283 0 0 3 0x14200 bored smr 12360 94944 0 0 2 0x14200 zerothread 75416 347006 0 0 3 0x14200 aiodoned aiodoned 82131 352421 0 0 3 0x14200 syncer update 76949 256097 0 0 3 0x14200 cleaner cleaner 12605 199690 0 0 3 0x14200 reaper reaper 47370 9275 0 0 3 0x14200 pgdaemon pagedaemon 61057 73453 0 0 3 0x14200 bored viomb 30263 295164 0 0 3 0x40014200 acpi0 acpi0 49348 359341 0 0 3 0x14200 bored softnet0 31360 103143 0 0 3 0x14200 bored systqmp 23870 20188 0 0 3 0x14200 bored systq 60343 184421 0 0 3 0x40014200 tmoslp softclock 39953 342608 0 0 3 0x40014200 idle0 1 173475 0 0 3 0x80082 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 11090 12303K 12433K 166960K 13080 0 pcb 18 12K 12K 166960K 137 0 rtable 223 7K 8K 166960K 422 0 pf 32 13K 14K 166960K 71 0 ifaddr 41 7K 8K 166960K 66 0 ifgroup 50 2K 2K 166960K 97 0 sysctl 4 1K 9K 166960K 13 0 counters 33 17K 18K 166960K 58 0 ioctlops 1 2K 4K 166960K 143 0 iov 0 0K 16K 166960K 25 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1303 82K 82K 166960K 1814 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 3 5K 9K 166960K 12 0 VM map 2 1K 1K 166960K 2 0 sem 12 0K 0K 166960K 97 0 dirhash 12 2K 2K 166960K 24 0 ACPI 1692 195K 286K 166960K 12470 0 file desc 18 65K 85K 166960K 689 0 sigio 0 0K 0K 166960K 10 0 proc 60 59K 75K 166960K 541 0 subproc 72 4K 4K 166960K 72 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 0 0K 0K 166960K 77 0 in_multi 97 7K 7K 166960K 113 0 ether_multi 1 0K 0K 166960K 2 0 mrt 2 0K 0K 166960K 27 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 223 996K 996K 166960K 223 0 exec 0 0K 1K 166960K 431 0 fusefs mount 1 32K 32K 166960K 1 0 pfkey data 0 0K 0K 166960K 2 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 249 151K 168K 166960K 8244 0 UVM aobj 86 5K 6K 166960K 87 0 pinsyscall 39 78K 92K 166960K 1780 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 0K 166960K 43 0 NDP 11 0K 2K 166960K 44 0 temp 54 9074K 9140K 166960K 31071 0 kqueue 16 26K 28K 166960K 129 0 SYN cache 2 16K 16K 166960K 2 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle rtpcb 120 64 0 61 1 0 1 1 0 8 0 rtentry 136 129 0 32 4 0 4 4 0 8 0 unpcb 144 363 0 347 2 1 1 2 0 8 0 syncache 336 6 0 6 2 1 1 1 0 8 1 tcpqe 32 1 0 1 1 0 1 1 0 8 1 tcpcb 736 246 0 239 7 0 7 7 0 8 6 arp 96 20 0 4 1 0 1 1 0 8 0 ipq 40 8 0 0 1 0 1 1 0 8 0 ipqe 40 13 0 2 1 0 1 1 0 8 0 inpcb 328 670 0 656 12 5 7 7 0 8 5 ip6q 72 9 0 3 1 0 1 1 0 8 0 ip6af 40 12 0 6 1 0 1 1 0 8 0 nd6 112 30 0 3 1 0 1 1 0 8 0 pkpcb 40 3 0 3 2 1 1 1 0 8 1 kcovpl 48 8 0 0 1 0 1 1 0 8 0 ppxss 1072 20 0 20 2 1 1 1 0 8 1 pppxif 1416 4 0 4 1 1 0 1 0 8 0 pfstscr 40 4 0 2 1 0 1 1 0 8 0 pfstitem 24 4 0 0 1 0 1 1 0 8 0 pfstkey 128 6 0 2 1 0 1 1 0 8 0 pfstate 384 3 0 1 1 0 1 1 0 8 0 pfrule 1360 1 0 1 1 1 0 1 0 8 0 rttmr 136 2 0 2 1 1 0 1 0 8 0 art_heap8 4096 2 0 0 2 0 2 2 0 8 0 art_heap4 256 539 0 85 29 0 29 29 0 8 0 art_table 40 541 0 85 5 0 5 5 0 8 0 art_node 32 128 0 43 1 0 1 1 0 8 0 sysvmsgpl 40 30 0 24 2 1 1 1 0 8 0 semupl 112 2 0 2 2 1 1 1 0 8 1 semapl 112 94 0 84 1 0 1 1 0 8 0 shmpl 112 84 0 1 3 0 3 3 0 8 0 dirhash 1024 25 0 8 3 0 3 3 0 8 0 dino2pl 256 2685 0 1226 92 0 92 92 0 8 0 ffsino 256 2685 0 1226 92 0 92 92 0 8 0 nchpl 144 3658 0 1956 64 0 64 64 0 8 0 rtmask 32 3 0 3 1 0 1 1 0 8 1 vnodes 216 2958 0 0 165 0 165 165 0 8 0 namei 1024 12007 0 12007 1 0 1 1 0 8 1 kstatmem 264 57 0 34 2 0 2 2 0 8 0 scsiplug 72 3 0 3 2 1 1 1 0 8 1 scxspl 216 17535 0 17535 10 2 8 8 1 8 8 plimitpl 152 109 0 91 1 0 1 1 0 8 0 sigapl 424 981 0 938 7 1 6 6 0 8 1 knotepl 120 27317 0 27047 47 36 11 21 0 8 2 kqueuepl 184 196 0 183 1 0 1 1 0 8 0 pipepl 304 146 0 119 3 0 3 3 0 8 0 fdescpl 448 968 0 938 4 0 4 4 0 8 0 filepl 120 5374 0 5148 13 2 11 11 0 8 3 lockfpl 104 355 0 353 2 0 2 2 0 8 1 lockfspl 48 100 0 98 1 0 1 1 0 8 0 sessionpl 144 45 0 37 1 0 1 1 0 8 0 pgrppl 48 60 0 44 1 0 1 1 0 8 0 ucredpl 104 1100 0 1086 1 0 1 1 0 8 0 zombiepl 144 1251 0 1250 2 1 1 1 0 8 0 processpl 1152 981 0 938 4 0 4 4 0 8 0 procpl 664 1928 0 1871 6 0 6 6 0 8 1 sosppl 176 6 0 6 2 1 1 1 0 8 1 sockpl 552 1118 0 1085 11 4 7 7 0 8 4 mcl64k 65536 112 0 108 1 0 1 1 0 8 0 mcl9k128 9344 1 0 1 1 0 1 1 0 8 1 mcl8k 8192 4 0 4 1 1 0 1 0 8 0 mcl4k 4096 3294 0 3244 16 8 8 15 0 8 1 mcl2k 2048 667 0 664 4 1 3 3 0 8 1 mtagpl 96 14 0 5 1 0 1 1 0 8 0 mbufpl 256 14219 0 13995 18 0 18 18 0 8 2 bufpl 280 6558 0 344 445 0 445 445 0 8 0 anonpl 24 124678 0 121327 64 0 64 64 0 187 27 amapchunkpl 152 25624 0 25067 37 1 36 36 0 158 14 amappl16 200 1543 0 1514 17 5 12 16 0 8 8 amappl15 192 2 0 2 1 1 0 1 0 8 0 amappl14 184 407 0 406 1 0 1 1 0 8 0 amappl13 176 111 0 101 1 0 1 1 0 8 0 amappl12 168 1202 0 1173 2 0 2 2 0 8 0 amappl11 160 4 0 3 1 0 1 1 0 8 0 amappl10 152 60 0 49 1 0 1 1 0 8 0 amappl9 144 267 0 266 1 0 1 1 0 8 0 amappl8 136 100 0 99 1 0 1 1 0 8 0 amappl7 128 136 0 124 1 0 1 1 0 8 0 amappl6 120 148 0 147 1 0 1 1 0 8 0 amappl5 112 87 0 79 1 0 1 1 0 8 0 amappl4 104 255 0 237 1 0 1 1 0 8 0 amappl3 96 5232 0 5104 4 0 4 4 0 8 0 amappl2 88 517 0 462 2 0 2 2 0 8 0 amappl1 80 11524 0 10971 16 1 15 15 0 8 2 amappl 88 7451 0 7265 5 0 5 5 0 92 0 uvmvnodes 80 120 0 0 3 0 3 3 0 8 0 dma8192 8192 1 0 1 1 1 0 1 0 8 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma2048 2048 1 0 1 1 0 1 1 0 8 1 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 254 0 254 1 1 0 1 0 8 0 dma64 64 7 0 7 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 20 0 19 1 0 1 1 0 8 0 aobjpl 72 86 0 1 2 0 2 2 0 8 0 uaddrrnd 24 968 0 938 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 968 0 938 1 0 1 1 0 8 0 vmmpekpl 168 9232 0 9201 3 0 3 3 0 8 0 vmmpepl 168 66052 0 64183 92 0 92 92 0 357 10 vmsppl 368 967 0 938 4 1 3 4 0 8 0 rwobjpl 40 19317 0 18219 14 1 13 13 0 8 0 pdppl 4096 1942 0 1876 94 28 66 76 0 8 0 pvpl 32 395220 0 385952 133 2 131 131 0 265 41 pmappl 216 967 0 938 2 0 2 2 0 8 0 extentpl 40 45 0 27 1 0 1 1 0 8 0 phpool 112 376 0 44 10 0 10 10 0 8 0 ddb> machine ddbcpu 0 No such command ddb> trace pvclock_get(ffffffff838d0610) at pvclock_get+0x53 pvclock_read_begin sys/dev/pv/pvclock.c:278 [inline] pvclock_get(ffffffff838d0610) at pvclock_get+0x53 sys/dev/pv/pvclock.c:333 nsecuptime() at nsecuptime+0x62 tc_delta sys/kern/kern_tc.c:138 [inline] nsecuptime() at nsecuptime+0x62 binuptime sys/kern/kern_tc.c:191 [inline] nsecuptime() at nsecuptime+0x62 sys/kern/kern_tc.c:257 clockintr_dispatch(ffff80002f0c4ec0) at clockintr_dispatch+0xe8 sys/kern/kern_clockintr.c:180 lapic_clockintr(0,0) at lapic_clockintr+0x43 sys/arch/amd64/amd64/lapic.c:482 Xresume_lapic_ltimer() at Xresume_lapic_ltimer+0x2a pmap_tlb_shootrange(ffff8000380f0000,ffff800029ed2000,ffff80002a57e000,1) at pmap_tlb_shootrange+0xc3 invpcid sys/arch/amd64/compile/SYZKALLER/obj/machine/cpufunc.h:192 [inline] pmap_tlb_shootrange(ffff8000380f0000,ffff800029ed2000,ffff80002a57e000,1) at pmap_tlb_shootrange+0xc3 sys/arch/amd64/amd64/pmap.c:3363 buf_dealloc_mem(fffffd806c6157e8) at buf_dealloc_mem+0x125 sys/kern/vfs_biomem.c:186 buf_put(fffffd806c6157e8) at buf_put+0x1d9 sys/kern/vfs_bio.c:123 brelse(fffffd806c6157e8) at brelse+0x397 sys/kern/vfs_bio.c:932 writedisklabel(d02,ffffffff831d2770,ffff800000039000) at writedisklabel+0x1b8 sys/arch/amd64/amd64/disksubr.c:158 sdioctl(d01,84946467,ffff80000164d000,3,ffff80002a7a4d20) at sdioctl+0x959 sys/scsi/sd.c:921 VOP_IOCTL(fffffd806c9b87d8,84946467,ffff80000164d000,3,fffffd8007ffd8f0,ffff80002a7a4d20) at VOP_IOCTL+0xa3 sys/kern/vfs_vops.c:264 vn_ioctl(fffffd8079765448,84946467,ffff80000164d000,ffff80002a7a4d20) at vn_ioctl+0xea sys/kern/vfs_vnops.c:537 sys_ioctl(ffff80002a7a4d20,ffff80002f0c5540,ffff80002f0c5490) at sys_ioctl+0x660 sys/kern/sys_generic.c:-1 syscall(ffff80002f0c5540) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80002f0c5540) at syscall+0x962 sys/arch/amd64/amd64/trap.c:783 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xda201cdfe20, count: -16 ddb> machine ddbcpu 1 No such command ddb> trace pvclock_get(ffffffff838d0610) at pvclock_get+0x53 pvclock_read_begin sys/dev/pv/pvclock.c:278 [inline] pvclock_get(ffffffff838d0610) at pvclock_get+0x53 sys/dev/pv/pvclock.c:333 nsecuptime() at nsecuptime+0x62 tc_delta sys/kern/kern_tc.c:138 [inline] nsecuptime() at nsecuptime+0x62 binuptime sys/kern/kern_tc.c:191 [inline] nsecuptime() at nsecuptime+0x62 sys/kern/kern_tc.c:257 clockintr_dispatch(ffff80002f0c4ec0) at clockintr_dispatch+0xe8 sys/kern/kern_clockintr.c:180 lapic_clockintr(0,0) at lapic_clockintr+0x43 sys/arch/amd64/amd64/lapic.c:482 Xresume_lapic_ltimer() at Xresume_lapic_ltimer+0x2a pmap_tlb_shootrange(ffff8000380f0000,ffff800029ed2000,ffff80002a57e000,1) at pmap_tlb_shootrange+0xc3 invpcid sys/arch/amd64/compile/SYZKALLER/obj/machine/cpufunc.h:192 [inline] pmap_tlb_shootrange(ffff8000380f0000,ffff800029ed2000,ffff80002a57e000,1) at pmap_tlb_shootrange+0xc3 sys/arch/amd64/amd64/pmap.c:3363 buf_dealloc_mem(fffffd806c6157e8) at buf_dealloc_mem+0x125 sys/kern/vfs_biomem.c:186 buf_put(fffffd806c6157e8) at buf_put+0x1d9 sys/kern/vfs_bio.c:123 brelse(fffffd806c6157e8) at brelse+0x397 sys/kern/vfs_bio.c:932 writedisklabel(d02,ffffffff831d2770,ffff800000039000) at writedisklabel+0x1b8 sys/arch/amd64/amd64/disksubr.c:158 sdioctl(d01,84946467,ffff80000164d000,3,ffff80002a7a4d20) at sdioctl+0x959 sys/scsi/sd.c:921 VOP_IOCTL(fffffd806c9b87d8,84946467,ffff80000164d000,3,fffffd8007ffd8f0,ffff80002a7a4d20) at VOP_IOCTL+0xa3 sys/kern/vfs_vops.c:264 vn_ioctl(fffffd8079765448,84946467,ffff80000164d000,ffff80002a7a4d20) at vn_ioctl+0xea sys/kern/vfs_vnops.c:537 sys_ioctl(ffff80002a7a4d20,ffff80002f0c5540,ffff80002f0c5490) at sys_ioctl+0x660 sys/kern/sys_generic.c:-1 syscall(ffff80002f0c5540) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80002f0c5540) at syscall+0x962 sys/arch/amd64/amd64/trap.c:783 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xda201cdfe20, count: -16