uvm_fault(0xffffffff83ad1680, 0xffff800029ee5000, 0, 1) -> e kernel: page fault trap, code=0 Stopped at pvclock_get+0x53: movl 0(%r15),%r12d TID PID UID PRFLAGS PFLAGS CPU COMMAND *259559 9335 0 0 0x4000000 0 syz-executor pvclock_get(ffffffff839647d0) at pvclock_get+0x53 pvclock_read_begin sys/dev/pv/pvclock.c:278 [inline] pvclock_get(ffffffff839647d0) at pvclock_get+0x53 sys/dev/pv/pvclock.c:333 nsecuptime() at nsecuptime+0x62 tc_delta sys/kern/kern_tc.c:138 [inline] nsecuptime() at nsecuptime+0x62 binuptime sys/kern/kern_tc.c:191 [inline] nsecuptime() at nsecuptime+0x62 sys/kern/kern_tc.c:257 clockintr_dispatch(ffff80002a890eb0) at clockintr_dispatch+0xe8 sys/kern/kern_clockintr.c:180 lapic_clockintr(0,0) at lapic_clockintr+0x43 sys/arch/amd64/amd64/lapic.c:482 Xresume_lapic_ltimer() at Xresume_lapic_ltimer+0x2a pmap_tlb_shootrange(ffff8000314b8000,ffff800029df2000,ffff80002a49e000,1) at pmap_tlb_shootrange+0xc3 invpcid sys/arch/amd64/compile/SYZKALLER/obj/machine/cpufunc.h:192 [inline] pmap_tlb_shootrange(ffff8000314b8000,ffff800029df2000,ffff80002a49e000,1) at pmap_tlb_shootrange+0xc3 sys/arch/amd64/amd64/pmap.c:3363 buf_dealloc_mem(fffffd8075b76e40) at buf_dealloc_mem+0x125 sys/kern/vfs_biomem.c:186 buf_put(fffffd8075b76e40) at buf_put+0x1d9 sys/kern/vfs_bio.c:123 brelse(fffffd8075b76e40) at brelse+0x397 sys/kern/vfs_bio.c:932 writedisklabel(d02,ffffffff81a62d00,ffff800000039000) at writedisklabel+0x1b8 sys/arch/amd64/amd64/disksubr.c:158 sdioctl(d01,84946467,ffff80000160a000,3,ffff8000338bc7f8) at sdioctl+0x959 sys/scsi/sd.c:919 VOP_IOCTL(fffffd806a838390,84946467,ffff80000160a000,3,fffffd8007ffd750,ffff8000338bc7f8) at VOP_IOCTL+0xa3 sys/kern/vfs_vops.c:264 vn_ioctl(fffffd806b499bc0,84946467,ffff80000160a000,ffff8000338bc7f8) at vn_ioctl+0xea sys/kern/vfs_vnops.c:537 sys_ioctl(ffff8000338bc7f8,ffff80002a891530,ffff80002a891480) at sys_ioctl+0x660 sys/kern/sys_generic.c:-1 end trace frame: 0xffff80002a891520, count: 0 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic *cpu0: uvm_fault(0xffffffff83ad1680, 0xffff800029ee5000, 0, 1) -> e ddb> trace pvclock_get(ffffffff839647d0) at pvclock_get+0x53 pvclock_read_begin sys/dev/pv/pvclock.c:278 [inline] pvclock_get(ffffffff839647d0) at pvclock_get+0x53 sys/dev/pv/pvclock.c:333 nsecuptime() at nsecuptime+0x62 tc_delta sys/kern/kern_tc.c:138 [inline] nsecuptime() at nsecuptime+0x62 binuptime sys/kern/kern_tc.c:191 [inline] nsecuptime() at nsecuptime+0x62 sys/kern/kern_tc.c:257 clockintr_dispatch(ffff80002a890eb0) at clockintr_dispatch+0xe8 sys/kern/kern_clockintr.c:180 lapic_clockintr(0,0) at lapic_clockintr+0x43 sys/arch/amd64/amd64/lapic.c:482 Xresume_lapic_ltimer() at Xresume_lapic_ltimer+0x2a pmap_tlb_shootrange(ffff8000314b8000,ffff800029df2000,ffff80002a49e000,1) at pmap_tlb_shootrange+0xc3 invpcid sys/arch/amd64/compile/SYZKALLER/obj/machine/cpufunc.h:192 [inline] pmap_tlb_shootrange(ffff8000314b8000,ffff800029df2000,ffff80002a49e000,1) at pmap_tlb_shootrange+0xc3 sys/arch/amd64/amd64/pmap.c:3363 buf_dealloc_mem(fffffd8075b76e40) at buf_dealloc_mem+0x125 sys/kern/vfs_biomem.c:186 buf_put(fffffd8075b76e40) at buf_put+0x1d9 sys/kern/vfs_bio.c:123 brelse(fffffd8075b76e40) at brelse+0x397 sys/kern/vfs_bio.c:932 writedisklabel(d02,ffffffff81a62d00,ffff800000039000) at writedisklabel+0x1b8 sys/arch/amd64/amd64/disksubr.c:158 sdioctl(d01,84946467,ffff80000160a000,3,ffff8000338bc7f8) at sdioctl+0x959 sys/scsi/sd.c:919 VOP_IOCTL(fffffd806a838390,84946467,ffff80000160a000,3,fffffd8007ffd750,ffff8000338bc7f8) at VOP_IOCTL+0xa3 sys/kern/vfs_vops.c:264 vn_ioctl(fffffd806b499bc0,84946467,ffff80000160a000,ffff8000338bc7f8) at vn_ioctl+0xea sys/kern/vfs_vnops.c:537 sys_ioctl(ffff8000338bc7f8,ffff80002a891530,ffff80002a891480) at sys_ioctl+0x660 sys/kern/sys_generic.c:-1 syscall(ffff80002a891530) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80002a891530) at syscall+0x962 sys/arch/amd64/amd64/trap.c:783 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x4b3872f8790, count: -16 ddb> show registers rdi 0xffffffff rsi 0xd rbp 0xffff80002a890da0 rbx 0x3 rdx 0xffff800001601bc0 rcx 0 rax 0xc r8 0 r9 0 r10 0 r11 0xc3618140f75de7c0 r12 0x1937 __ALIGN_SIZE+0x937 r13 0xffffffff838c8440 th0 r14 0xffffffff839647d0 pvclock_timecounter r15 0xffff800029ee5000 rip 0xffffffff82f9ae63 pvclock_get+0x53 cs 0x8 rflags 0x10246 __ALIGN_SIZE+0xf246 rsp 0xffff80002a890d50 ss 0x10 pvclock_get+0x53: movl 0(%r15),%r12d ddb> show proc PROC (syz-executor) tid=259559 pid=9335 tcnt=2 stat=onproc flags process=0 proc=4000000 runpri=50, usrpri=50, slppri=17, nice=20 wchan=0x0, wmesg=, ps_single=0x0 scnt=0 ecnt=0 forw=0xffffffffffffffff, list=0xffff8000338bdcb8,0xffffffff83ac5f50 process=0xffff8000ffffa418 user=0xffff80002a88c000, vmspace=0xfffffd807adeb5d8 estcpu=36, cpticks=0, pctcpu=0.0, user=0, sys=0, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 9335 54534 95394 0 3 0x80 fsleep syz-executor * 9335 259559 95394 0 7 0x4000000 syz-executor 20985 120370 2 0 3 0x80 fsleep syz-executor 20985 114326 2 0 3 0x4000080 bell syz-executor 98118 465797 75051 0 3 0x80 fsleep syz-executor 98118 307179 75051 0 3 0x4000080 sbwait syz-executor 81018 209335 57015 0 3 0x80 fsleep syz-executor 81018 290258 57015 0 2 0x4000000 syz-executor 82032 355893 49004 0 3 0x80 fsleep syz-executor 82032 200408 49004 0 3 0x4000080 piperd syz-executor 3881 22765 63777 0 3 0x80 fsleep syz-executor 3881 132958 63777 0 3 0x4000080 sbwait syz-executor 97520 447663 42682 0 3 0x80 fsleep syz-executor 97520 165057 42682 0 3 0x4000080 fsleep syz-executor 97520 219877 42682 0 3 0x4000080 ttyout syz-executor 2 288761 91099 0 3 0x82 nanoslp syz-executor 95394 29408 91099 0 3 0x82 nanoslp syz-executor 90279 132083 0 0 3 0x14280 nfsidl nfsio 8886 257535 0 0 3 0x14280 nfsidl nfsio 98361 292336 0 0 3 0x14280 nfsidl nfsio 31348 282682 0 0 3 0x14280 nfsidl nfsio 77727 332120 0 0 3 0x14280 nfsidl nfsio 91029 402973 0 0 3 0x14280 nfsidl nfsio 38252 205183 0 0 3 0x14280 nfsidl nfsio 55809 454650 0 0 3 0x14280 nfsidl nfsio 94381 68152 0 0 3 0x14280 nfsidl nfsio 23610 509932 0 0 3 0x14280 nfsidl nfsio 43590 49986 0 0 3 0x14280 nfsidl nfsio 79535 473243 0 0 3 0x14280 nfsidl nfsio 98170 296021 0 0 3 0x14280 nfsidl nfsio 40011 229478 0 0 3 0x14280 nfsidl nfsio 30357 293745 0 0 3 0x14280 nfsidl nfsio 91625 94347 0 0 3 0x14280 nfsidl nfsio 55159 134382 0 0 3 0x14280 nfsidl nfsio 10122 192316 0 0 3 0x14280 nfsidl nfsio 48191 25813 0 0 3 0x14280 nfsidl nfsio 37305 415216 0 0 3 0x14280 nfsidl nfsio 49004 190482 91099 0 3 0x82 nanoslp syz-executor 32599 135631 91099 0 3 0x82 wait syz-executor 75051 209137 91099 0 3 0x82 nanoslp syz-executor 63777 127519 91099 0 3 0x82 nanoslp syz-executor 42682 249849 91099 0 3 0x82 nanoslp syz-executor 57015 5750 91099 0 3 0x82 nanoslp syz-executor 91099 377407 1 0 3 0x82 kqread syz-executor 4800 418282 78788 0 3 0x98 kqread sshd-session 78788 327073 37271 0 3 0x92 kqread sshd-session 6588 116997 1 0 3 0x100083 ttyin getty 37271 16557 1 0 3 0x88 kqread sshd 47166 154152 18191 73 3 0x1100090 kqread syslogd 18191 130360 1 0 3 0x100082 sbwait syslogd 65667 221086 1 0 3 0x100080 kqread resolvd 34216 373035 45160 77 3 0x100092 kqread dhcpleased 12089 8385 45160 77 3 0x100092 kqread dhcpleased 45160 354709 1 0 3 0x80 kqread dhcpleased 87045 490140 0 0 3 0x14200 bored smr 37528 154456 0 0 3 0x14200 pgzero zerothread 6822 427754 0 0 3 0x14200 aiodoned aiodoned 62097 422180 0 0 3 0x14200 syncer update 11183 188099 0 0 3 0x14200 cleaner cleaner 54518 168031 0 0 3 0x14200 reaper reaper 99596 485457 0 0 3 0x14200 pgdaemon pagedaemon 67197 520733 0 0 3 0x14200 bored viomb 26408 3714 0 0 3 0x40014200 acpi0 acpi0 39855 278165 0 0 3 0x14200 bored softnet0 13196 132154 0 0 3 0x14200 smrbar systqmp 25617 469011 0 0 3 0x14200 bored systq 31523 94975 0 0 3 0x40014200 tmoslp softclock 40308 319989 0 0 3 0x40014200 idle0 1 417466 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 11058 12175K 12394K 166960K 12728 0 pcb 17 14K 15K 166960K 134 0 rtable 202 7K 10K 166960K 1424 0 pf 27 12K 72K 166960K 1004 0 ifaddr 31 5K 7K 166960K 70 0 ifgroup 38 1K 2K 166960K 97 0 sysctl 4 1K 9K 166960K 11 0 counters 30 17K 18K 166960K 52 0 ioctlops 1 2K 4K 166960K 330 0 iov 1 4K 36K 166960K 49 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1390 87K 88K 166960K 2265 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 3 5K 9K 166960K 13 0 VM map 2 1K 1K 166960K 2 0 sem 12 0K 1K 166960K 34 0 dirhash 12 2K 2K 166960K 15 0 ACPI 1692 195K 286K 166960K 12470 0 file desc 18 65K 93K 166960K 729 0 sigio 0 0K 0K 166960K 11 0 proc 60 59K 91K 166960K 611 0 subproc 72 4K 4K 166960K 90 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 2 0K 0K 166960K 68 0 in_multi 69 4K 7K 166960K 146 0 ether_multi 1 0K 0K 166960K 6 0 mrt 1 0K 0K 166960K 26 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 229 1023K 1023K 166960K 229 0 exec 0 0K 1K 166960K 530 0 fusefs mount 1 32K 32K 166960K 1 0 pfkey data 0 0K 0K 166960K 1 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 227 143K 160K 166960K 8048 0 UVM aobj 24 4K 6K 166960K 27 0 pinsyscall 38 76K 94K 166960K 1884 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 1K 166960K 20 0 NDP 8 0K 2K 166960K 45 0 temp 75 9116K 9183K 166960K 38602 0 kqueue 14 22K 36K 166960K 139 0 SYN cache 2 16K 16K 166960K 2 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle rtpcb 120 185 0 182 4 0 4 4 0 8 3 rtentry 136 157 0 73 4 0 4 4 0 8 0 unpcb 144 355 0 335 1 0 1 1 0 8 0 syncache 336 4 0 4 1 0 1 1 0 8 1 tcpcb 736 156 0 152 4 0 4 4 0 8 3 arp 96 24 0 13 1 0 1 1 0 8 0 ipq 40 2 0 0 1 0 1 1 0 8 0 ipqe 40 3 0 1 1 0 1 1 0 8 0 inpcb 328 723 0 713 9 0 9 9 0 8 8 ip6q 72 4 0 1 1 0 1 1 0 8 0 ip6af 40 5 0 2 1 0 1 1 0 8 0 nd6 112 36 0 16 1 0 1 1 0 8 0 pkpcb 40 6 0 6 1 0 1 1 0 8 1 kcovpl 48 10 0 2 1 0 1 1 0 8 0 ppxss 1072 12 0 12 1 0 1 1 0 8 1 pppxif 1416 2 0 2 1 0 1 1 0 8 1 pfstscr 40 10 0 6 1 0 1 1 0 8 0 pfrktable 1344 455 0 455 1 0 1 1 0 8 1 pfanchor 1288 132 0 130 1 0 1 1 0 8 0 pftag 88 131 0 130 1 0 1 1 0 8 0 pfqueue 320 1 0 1 1 0 1 1 0 8 1 pfstitem 24 7 0 2 1 0 1 1 0 8 0 pfstkey 128 12 0 6 1 0 1 1 0 8 0 pfstate 384 7 0 4 1 0 1 1 0 8 0 pfrule 1360 68 0 68 1 0 1 1 0 8 1 rttmr 136 3 0 3 1 0 1 1 0 8 1 art_heap8 4096 2 0 0 2 0 2 2 0 8 0 art_heap4 256 736 0 270 30 0 30 30 0 8 0 art_table 40 738 0 270 5 0 5 5 0 8 0 art_node 32 154 0 78 1 0 1 1 0 8 0 sysvmsgpl 40 5 0 5 1 0 1 1 0 8 1 semupl 112 1 0 1 1 0 1 1 0 8 1 semapl 72 29 0 19 1 0 1 1 0 8 0 shmpl 112 24 0 3 1 0 1 1 0 8 0 dirhash 1024 19 0 2 3 0 3 3 0 8 0 dino2pl 256 2923 0 1464 92 0 92 92 0 8 0 ffsino 256 2923 0 1464 92 0 92 92 0 8 0 nchpl 144 3953 0 2252 64 0 64 64 0 8 0 rtmask 32 2 0 2 1 0 1 1 0 8 1 vnodes 216 3393 0 0 189 0 189 189 0 8 0 namei 1024 13258 0 13258 1 0 1 1 0 8 1 pfiaddrpl 120 130 0 130 1 0 1 1 0 8 1 kstatmem 264 51 0 34 2 0 2 2 0 8 0 scsiplug 72 4 0 4 1 0 1 1 0 8 1 scxspl 216 14878 0 14878 8 0 8 8 1 8 8 plimitpl 152 174 0 159 1 0 1 1 0 8 0 sigapl 424 1041 0 979 8 0 8 8 0 8 0 knotepl 120 26690 0 26634 21 10 11 16 0 8 8 kqueuepl 184 258 0 248 1 0 1 1 0 8 0 pipepl 304 169 0 140 3 0 3 3 0 8 0 fdescpl 448 1008 0 979 5 0 5 5 0 8 1 filepl 120 6512 0 6287 13 0 13 13 0 8 5 lockfpl 104 393 0 391 2 0 2 2 0 8 1 lockfspl 48 171 0 169 1 0 1 1 0 8 0 sessionpl 144 52 0 44 1 0 1 1 0 8 0 pgrppl 48 68 0 52 1 0 1 1 0 8 0 ucredpl 104 1887 0 1876 1 0 1 1 0 8 0 zombiepl 144 980 0 979 1 0 1 1 0 8 0 processpl 1152 1041 0 979 5 0 5 5 0 8 0 procpl 664 1888 0 1818 7 0 7 7 0 8 0 sosppl 176 9 0 9 1 0 1 1 0 8 1 sockpl 552 1290 0 1257 14 4 10 14 0 8 7 mcl64k 65536 37 0 36 1 0 1 1 0 8 0 mcl8k 8192 7 0 7 1 0 1 1 0 8 1 mcl4k 4096 3306 0 3243 15 0 15 15 0 8 6 mcl2k2 2112 1 0 1 1 0 1 1 0 8 1 mcl2k 2048 607 0 601 3 0 3 3 0 8 1 mtagpl 96 13 0 10 1 0 1 1 0 8 0 mbufpl 256 10096 0 9932 17 0 17 17 0 8 3 bufpl 280 6310 0 108 443 0 443 443 0 8 0 anonpl 24 167164 0 163699 45 0 45 45 0 186 18 amapchunkpl 152 25702 0 25208 34 0 34 34 0 158 15 amappl16 200 3622 0 3576 26 15 11 15 0 8 8 amappl15 192 3 0 3 1 0 1 1 0 8 1 amappl14 184 436 0 436 1 0 1 1 0 8 1 amappl13 176 121 0 111 1 0 1 1 0 8 0 amappl12 168 1284 0 1255 2 0 2 2 0 8 0 amappl11 160 7 0 7 1 0 1 1 0 8 1 amappl10 152 79 0 69 1 0 1 1 0 8 0 amappl9 144 271 0 271 1 0 1 1 0 8 1 amappl8 136 121 0 119 1 0 1 1 0 8 0 amappl7 128 146 0 134 1 0 1 1 0 8 0 amappl6 120 194 0 193 1 0 1 1 0 8 0 amappl5 112 133 0 125 1 0 1 1 0 8 0 amappl4 104 286 0 269 1 0 1 1 0 8 0 amappl3 96 5181 0 5066 3 0 3 3 0 8 0 amappl2 88 549 0 493 2 0 2 2 0 8 0 amappl1 80 12724 0 12171 14 0 14 14 0 8 2 amappl 88 7217 0 7051 5 0 5 5 0 92 1 uvmvnodes 80 118 0 0 3 0 3 3 0 8 0 dma8192 8192 1 0 1 1 0 1 1 0 8 1 dma4096 4096 1 0 1 1 0 1 1 0 8 1 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma512 512 1 0 1 1 0 1 1 0 8 1 dma256 256 6 0 6 1 0 1 1 0 8 1 dma128 128 255 0 255 1 0 1 1 0 8 1 dma64 64 6 0 6 1 0 1 1 0 8 1 dma32 32 7 0 7 1 0 1 1 0 8 1 dma16 16 21 0 20 1 0 1 1 0 8 0 aobjpl 72 26 0 3 1 0 1 1 0 8 0 uaddrrnd 24 1008 0 979 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 1008 0 979 1 0 1 1 0 8 0 vmmpekpl 168 9310 0 9267 3 0 3 3 0 8 0 vmmpepl 168 71308 0 69476 91 0 91 91 0 357 11 vmsppl 368 1007 0 979 4 0 4 4 0 8 1 rwobjpl 40 21841 0 20836 13 0 13 13 0 8 1 pdppl 4096 2022 0 1958 108 44 64 80 0 8 0 pvpl 32 455744 0 446446 115 0 115 115 0 265 30 pmappl 216 1007 0 979 3 0 3 3 0 8 0 extentpl 40 45 0 27 1 0 1 1 0 8 0 phpool 112 385 0 44 10 0 10 10 0 8 0 ddb> machine ddbcpu 0 No such command ddb> trace pvclock_get(ffffffff839647d0) at pvclock_get+0x53 pvclock_read_begin sys/dev/pv/pvclock.c:278 [inline] pvclock_get(ffffffff839647d0) at pvclock_get+0x53 sys/dev/pv/pvclock.c:333 nsecuptime() at nsecuptime+0x62 tc_delta sys/kern/kern_tc.c:138 [inline] nsecuptime() at nsecuptime+0x62 binuptime sys/kern/kern_tc.c:191 [inline] nsecuptime() at nsecuptime+0x62 sys/kern/kern_tc.c:257 clockintr_dispatch(ffff80002a890eb0) at clockintr_dispatch+0xe8 sys/kern/kern_clockintr.c:180 lapic_clockintr(0,0) at lapic_clockintr+0x43 sys/arch/amd64/amd64/lapic.c:482 Xresume_lapic_ltimer() at Xresume_lapic_ltimer+0x2a pmap_tlb_shootrange(ffff8000314b8000,ffff800029df2000,ffff80002a49e000,1) at pmap_tlb_shootrange+0xc3 invpcid sys/arch/amd64/compile/SYZKALLER/obj/machine/cpufunc.h:192 [inline] pmap_tlb_shootrange(ffff8000314b8000,ffff800029df2000,ffff80002a49e000,1) at pmap_tlb_shootrange+0xc3 sys/arch/amd64/amd64/pmap.c:3363 buf_dealloc_mem(fffffd8075b76e40) at buf_dealloc_mem+0x125 sys/kern/vfs_biomem.c:186 buf_put(fffffd8075b76e40) at buf_put+0x1d9 sys/kern/vfs_bio.c:123 brelse(fffffd8075b76e40) at brelse+0x397 sys/kern/vfs_bio.c:932 writedisklabel(d02,ffffffff81a62d00,ffff800000039000) at writedisklabel+0x1b8 sys/arch/amd64/amd64/disksubr.c:158 sdioctl(d01,84946467,ffff80000160a000,3,ffff8000338bc7f8) at sdioctl+0x959 sys/scsi/sd.c:919 VOP_IOCTL(fffffd806a838390,84946467,ffff80000160a000,3,fffffd8007ffd750,ffff8000338bc7f8) at VOP_IOCTL+0xa3 sys/kern/vfs_vops.c:264 vn_ioctl(fffffd806b499bc0,84946467,ffff80000160a000,ffff8000338bc7f8) at vn_ioctl+0xea sys/kern/vfs_vnops.c:537 sys_ioctl(ffff8000338bc7f8,ffff80002a891530,ffff80002a891480) at sys_ioctl+0x660 sys/kern/sys_generic.c:-1 syscall(ffff80002a891530) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80002a891530) at syscall+0x962 sys/arch/amd64/amd64/trap.c:783 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x4b3872f8790, count: -16 ddb> machine ddbcpu 1 No such command ddb> trace pvclock_get(ffffffff839647d0) at pvclock_get+0x53 pvclock_read_begin sys/dev/pv/pvclock.c:278 [inline] pvclock_get(ffffffff839647d0) at pvclock_get+0x53 sys/dev/pv/pvclock.c:333 nsecuptime() at nsecuptime+0x62 tc_delta sys/kern/kern_tc.c:138 [inline] nsecuptime() at nsecuptime+0x62 binuptime sys/kern/kern_tc.c:191 [inline] nsecuptime() at nsecuptime+0x62 sys/kern/kern_tc.c:257 clockintr_dispatch(ffff80002a890eb0) at clockintr_dispatch+0xe8 sys/kern/kern_clockintr.c:180 lapic_clockintr(0,0) at lapic_clockintr+0x43 sys/arch/amd64/amd64/lapic.c:482 Xresume_lapic_ltimer() at Xresume_lapic_ltimer+0x2a pmap_tlb_shootrange(ffff8000314b8000,ffff800029df2000,ffff80002a49e000,1) at pmap_tlb_shootrange+0xc3 invpcid sys/arch/amd64/compile/SYZKALLER/obj/machine/cpufunc.h:192 [inline] pmap_tlb_shootrange(ffff8000314b8000,ffff800029df2000,ffff80002a49e000,1) at pmap_tlb_shootrange+0xc3 sys/arch/amd64/amd64/pmap.c:3363 buf_dealloc_mem(fffffd8075b76e40) at buf_dealloc_mem+0x125 sys/kern/vfs_biomem.c:186 buf_put(fffffd8075b76e40) at buf_put+0x1d9 sys/kern/vfs_bio.c:123 brelse(fffffd8075b76e40) at brelse+0x397 sys/kern/vfs_bio.c:932 writedisklabel(d02,ffffffff81a62d00,ffff800000039000) at writedisklabel+0x1b8 sys/arch/amd64/amd64/disksubr.c:158 sdioctl(d01,84946467,ffff80000160a000,3,ffff8000338bc7f8) at sdioctl+0x959 sys/scsi/sd.c:919 VOP_IOCTL(fffffd806a838390,84946467,ffff80000160a000,3,fffffd8007ffd750,ffff8000338bc7f8) at VOP_IOCTL+0xa3 sys/kern/vfs_vops.c:264 vn_ioctl(fffffd806b499bc0,84946467,ffff80000160a000,ffff8000338bc7f8) at vn_ioctl+0xea sys/kern/vfs_vnops.c:537 sys_ioctl(ffff8000338bc7f8,ffff80002a891530,ffff80002a891480) at sys_ioctl+0x660 sys/kern/sys_generic.c:-1 syscall(ffff80002a891530) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80002a891530) at syscall+0x962 sys/arch/amd64/amd64/trap.c:783 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x4b3872f8790, count: -16