uvm_fault(0xffffffff82516880, 0xffff800000bf0000, 0, 1) -> e kernel: page fault trap, code=0 Stopped at uvm_unmap_remove+0x3eb: movq 0x100(%r15),%r15 ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic kernel page fault uvm_fault(0xffffffff82516880, 0xffff800000bf0000, 0, 1) -> e uvm_unmap_remove(ffff800000beff00,0,80000000,ffff8000159442e8,1,0) at uvm_unmap_remove+0x3eb uvmspace_dused sys/uvm/uvm_map.c:496 [inline] uvm_unmap_remove(ffff800000beff00,0,80000000,ffff8000159442e8,1,0) at uvm_unmap_remove+0x3eb sys/uvm/uvm_map.c:2215 end trace frame: 0xffff800015944320, count: 0 ddb> trace uvm_unmap_remove(ffff800000beff00,0,80000000,ffff8000159442e8,1,0) at uvm_unmap_remove+0x3eb uvmspace_dused sys/uvm/uvm_map.c:496 [inline] uvm_unmap_remove(ffff800000beff00,0,80000000,ffff8000159442e8,1,0) at uvm_unmap_remove+0x3eb sys/uvm/uvm_map.c:2215 uvm_map_deallocate(ffff800000beff00) at uvm_map_deallocate+0x6e sys/uvm/uvm_map.c:4231 vm_impl_init_vmx(ffff800015929c98,ffff8000ffff3160) at vm_impl_init_vmx+0x1e0 vm_create(ffff800000ad6000,ffff8000ffff3160) at vm_create+0x182 vm_impl_init sys/arch/amd64/amd64/vmm.c:1376 [inline] vm_create(ffff800000ad6000,ffff8000ffff3160) at vm_create+0x182 sys/arch/amd64/amd64/vmm.c:1164 VOP_IOCTL(fffffd8036153750,c5005601,ffff800000ad6000,1,fffffd803f7c6a20,ffff8000ffff3160) at VOP_IOCTL+0x88 sys/kern/vfs_vops.c:291 vn_ioctl(fffffd8036226a58,c5005601,ffff800000ad6000,ffff8000ffff3160) at vn_ioctl+0xb7 sys/kern/vfs_vnops.c:524 sys_ioctl(ffff8000ffff3160,ffff8000159446c8,ffff800015944710) at sys_ioctl+0x5b9 syscall(ffff800015944790) at syscall+0x507 sys/arch/amd64/amd64/trap.c:555 Xsyscall(6,0,ffffffffffffff59,0,3,6d82058010) at Xsyscall+0x128 end of kernel end trace frame: 0x70391c6af0, count: -9 ddb> show registers rdi 0 rsi 0 rbp 0xffff8000159442d0 rbx 0 rdx 0x1943 __ALIGN_SIZE+0x943 rcx 0xffff80001490f000 rax 0xffff800000beff00 r8 0x1 r9 0 r10 0xfc5aaa084e5710a7 r11 0xb471be35521bb34b r12 0 r13 0xfffffd802f0bb750 r14 0 r15 0xffff800000beff00 rip 0xffffffff81dfd0bb uvm_unmap_remove+0x3eb cs 0x8 rflags 0x10246 __ALIGN_SIZE+0xf246 rsp 0xffff800015944220 ss 0x10 uvm_unmap_remove+0x3eb: movq 0x100(%r15),%r15 ddb> show proc PROC (syz-executor.1) pid=231108 stat=onproc flags process=0 proc=4000000 pri=79, usrpri=79, nice=20 forw=0xffffffffffffffff, list=0xffff8000ffff38c8,0xffffffff82555660 process=0xffff8000ffff6370 user=0xffff80001593f000, vmspace=0xfffffd803f013550 estcpu=36, cpticks=1, pctcpu=0.0 user=0, sys=1, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 91312 38339 12825 0 2 0 syz-executor.1 *91312 231108 12825 0 7 0x4000000 syz-executor.1 12825 174613 89127 0 2 0x482 syz-executor.1 44630 318887 1 0 3 0x100083 ttyin getty 41204 314759 89127 0 2 0x2 syz-executor.0 97640 95548 0 0 3 0x14200 acct acct 20189 221365 0 0 3 0x14200 bored sosplice 89127 358106 9903 0 3 0x82 thrsleep syz-fuzzer 89127 251563 9903 0 3 0x4000082 nanosleep syz-fuzzer 89127 261630 9903 0 3 0x4000082 thrsleep syz-fuzzer 89127 207280 9903 0 3 0x4000082 thrsleep syz-fuzzer 89127 76091 9903 0 3 0x4000082 thrsleep syz-fuzzer 89127 259355 9903 0 3 0x4000082 kqread syz-fuzzer 89127 21297 9903 0 3 0x4000082 thrsleep syz-fuzzer 9903 406844 33742 0 3 0x10008a pause ksh 33742 459682 49372 0 3 0x92 select sshd 49372 66047 1 0 3 0x80 select sshd 49663 31948 18217 73 2 0x100090 syslogd 18217 420790 1 0 3 0x100082 netio syslogd 41269 280341 1 77 3 0x100090 poll dhclient 95901 466435 1 0 3 0x80 poll dhclient 98571 41973 0 0 2 0x14200 zerothread 85354 513115 0 0 3 0x14200 aiodoned aiodoned 6117 179408 0 0 3 0x14200 syncer update 10400 401016 0 0 3 0x14200 cleaner cleaner 56831 48453 0 0 3 0x14200 reaper reaper 12475 12327 0 0 3 0x14200 pgdaemon pagedaemon 41155 236126 0 0 3 0x14200 bored crynlk 10584 283388 0 0 3 0x14200 bored crypto 63261 67684 0 0 3 0x40014200 acpi0 acpi0 80366 305606 0 0 3 0x14200 bored softnet 57596 119167 0 0 3 0x14200 bored systqmp 76220 324452 0 0 3 0x14200 bored systq 38246 319914 0 0 3 0x40014200 bored softclock 32394 434922 0 0 3 0x40014200 idle0 96933 154955 0 0 3 0x14200 bored smr 1 492498 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim Kern Lim devbuf 9566 6509K 7517K 78643K 24169 0 0 pcb 13 8K 8K 78643K 672 0 0 rtable 114 4K 4K 78643K 2038 0 0 ifaddr 74 18K 20K 78643K 667 0 0 counters 19 16K 16K 78643K 19 0 0 ioctlops 1 2K 2K 78643K 177 0 0 iov 0 0K 32K 78643K 9200 0 0 mount 1 1K 1K 78643K 1 0 0 vnodes 1223 77K 78K 78643K 6458 0 0 UFS quota 1 32K 32K 78643K 1 0 0 UFS mount 5 36K 36K 78643K 5 0 0 shm 2 1K 5K 78643K 92 0 0 VM map 3 0K 0K 78643K 17 0 0 sem 12 0K 1K 78643K 1387 0 0 dirhash 12 2K 2K 78643K 12 0 0 ACPI 1793 195K 288K 78643K 12645 0 0 file desc 5 13K 25K 78643K 6289 0 0 sigio 0 0K 0K 78643K 69 0 0 proc 50 38K 63K 78643K 1731 0 0 subproc 32 2K 2K 78643K 424 0 0 NFS srvsock 1 0K 0K 78643K 1 0 0 NFS daemon 1 16K 16K 78643K 1 0 0 ip_moptions 0 0K 0K 78643K 1215 0 0 in_multi 33 2K 2K 78643K 436 0 0 ether_multi 1 0K 0K 78643K 28 0 0 mrt 1 0K 0K 78643K 24 0 0 ISOFS mount 1 32K 32K 78643K 1 0 0 MSDOSFS mount 1 16K 16K 78643K 1 0 0 ttys 102 450K 450K 78643K 102 0 0 exec 0 0K 1K 78643K 969 0 0 pfkey data 0 0K 4K 78643K 2 0 0 pagedep 1 8K 8K 78643K 1 0 0 inodedep 1 32K 32K 78643K 1 0 0 newblk 1 0K 0K 78643K 1 0 0 VM swap 7 26K 26K 78643K 7 0 0 UVM amap 104 21K 31K 78643K 15828 0 0 UVM aobj 130 8K 8K 78643K 164 0 0 memdesc 1 4K 4K 78643K 1 0 0 crypto data 1 1K 1K 78643K 1 0 0 ip6_options 0 0K 1K 78643K 692 0 0 NDP 17 0K 0K 78643K 214 0 0 temp 206 3536K 4171K 78643K 126042 0 0 kqueue 0 0K 0K 78643K 46 0 0 SYN cache 2 16K 16K 78643K 2 0 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle arp 64 50 0 44 1 0 1 1 0 8 0 rtpcb 80 330 0 328 1 0 1 1 0 8 0 rtentry 112 278 0 233 2 0 2 2 0 8 0 unpcb 120 2313 0 2296 2 1 1 2 0 8 0 syncache 264 4 0 4 1 1 0 1 0 8 0 tcpqe 32 4854 0 4854 1 1 0 1 0 8 0 tcpcb 544 2604 0 2600 18 16 2 3 0 8 1 inpcb 280 4894 0 4885 17 15 2 3 0 8 1 rttmr 72 5 0 5 4 4 0 1 0 8 0 nd6 48 48 0 44 1 0 1 1 0 8 0 pkpcb 40 36 0 36 12 11 1 1 0 8 1 ppxss 1128 94 0 94 17 16 1 1 0 8 1 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 1304 0 1086 17 3 14 15 0 8 0 art_table 32 1305 0 1086 2 0 2 2 0 8 0 art_node 16 270 0 230 1 0 1 1 0 8 0 sysvmsgpl 40 4 0 1 1 0 1 1 0 8 0 semupl 112 2 0 2 1 1 0 1 0 8 0 semapl 112 1379 0 1369 1 0 1 1 0 8 0 shmpl 112 162 0 34 4 0 4 4 0 8 0 dirhash 1024 17 0 0 3 0 3 3 0 8 0 dino1pl 128 10615 0 9210 46 0 46 46 0 8 0 ffsino 240 10615 0 9210 83 0 83 83 0 8 0 nchpl 144 23977 0 22355 61 0 61 61 0 8 0 uvmvnodes 72 6819 0 0 124 0 124 124 0 8 0 vnodes 208 6819 0 0 359 0 359 359 0 8 0 namei 1024 75101 0 75101 4 3 1 1 0 8 1 vmpool 520 15 0 14 6 5 1 1 0 8 0 scsiplug 64 7 0 7 7 7 0 1 0 8 0 scxspl 192 58975 0 58975 26 24 2 7 0 8 2 plimitpl 152 457 0 450 1 0 1 1 0 8 0 sigapl 432 6400 0 6387 2 0 2 2 0 8 0 futexpl 56 148994 0 148994 2 1 1 1 0 8 1 knotepl 112 1502 0 1483 3 2 1 2 0 8 0 kqueuepl 104 1469 0 1467 1 0 1 1 0 8 0 pipepl 112 4538 0 4519 12 10 2 2 0 8 0 fdescpl 424 6401 0 6387 2 0 2 2 0 8 0 filepl 120 51610 0 51513 12 7 5 5 0 8 2 lockfpl 104 1701 0 1700 1 0 1 1 0 8 0 lockfspl 48 549 0 548 1 0 1 1 0 8 0 sessionpl 112 45 0 35 1 0 1 1 0 8 0 pgrppl 48 76 0 66 1 0 1 1 0 8 0 ucredpl 96 9215 0 9208 1 0 1 1 0 8 0 zombiepl 144 6389 0 6389 3 2 1 1 0 8 1 processpl 864 6419 0 6389 4 0 4 4 0 8 0 procpl 632 14033 0 13996 4 0 4 4 0 8 0 sosppl 128 68 0 68 22 21 1 1 0 8 1 sockpl 384 7639 0 7613 27 22 5 6 0 8 1 mcl64k 65536 204 0 204 20 19 1 1 0 8 1 mcl16k 16384 37 0 37 18 17 1 1 0 8 1 mcl12k 12288 108 0 108 21 20 1 1 0 8 1 mcl9k 9216 59 0 59 21 20 1 1 0 8 1 mcl8k 8192 184 0 184 14 13 1 1 0 8 1 mcl4k 4096 467 0 467 3 2 1 1 0 8 1 mcl2k2 2112 62 0 62 23 22 1 1 0 8 1 mcl2k 2048 63034 0 62989 22 15 7 17 0 8 0 mtagpl 80 162 0 152 4 3 1 1 0 8 0 mbufpl 256 140678 0 140562 26 17 9 12 0 8 0 bufpl 256 22522 0 15341 450 0 450 450 0 8 0 anonpl 16 540841 0 527467 174 113 61 73 0 62 0 amapchunkpl 152 28566 0 28460 92 86 6 29 0 158 1 amappl16 192 29627 0 28828 142 101 41 53 0 8 0 amappl15 184 1077 0 1076 5 4 1 1 0 8 0 amappl14 176 693 0 690 2 1 1 1 0 8 0 amappl13 168 1251 0 1251 2 2 0 1 0 8 0 amappl12 160 512 0 508 1 0 1 1 0 8 0 amappl11 152 1108 0 1096 1 0 1 1 0 8 0 amappl10 144 1079 0 1077 1 0 1 1 0 8 0 amappl9 136 1535 0 1527 1 0 1 1 0 8 0 amappl8 128 1077 0 1043 2 0 2 2 0 8 0 amappl7 120 1213 0 1207 1 0 1 1 0 8 0 amappl6 112 1059 0 1047 1 0 1 1 0 8 0 amappl5 104 828 0 818 1 0 1 1 0 8 0 amappl4 96 6684 0 6655 1 0 1 1 0 8 0 amappl3 88 1088 0 1083 1 0 1 1 0 8 0 amappl2 80 50542 0 50475 4 2 2 3 0 8 0 amappl1 72 123971 0 123568 28 19 9 20 0 8 0 amappl 80 14608 0 14572 1 0 1 1 0 84 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma64 64 259 0 259 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 17 0 17 1 1 0 1 0 8 0 aobjpl 64 163 0 34 3 0 3 3 0 8 0 uaddrrnd 24 6416 0 6387 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 6416 0 6387 1 0 1 1 0 8 0 vmmpekpl 168 43707 0 43679 2 0 2 2 0 8 0 vmmpepl 168 754236 0 752387 381 269 112 116 0 357 24 vmsppl 272 6400 0 6387 3 2 1 2 0 8 0 pdppl 4096 12838 0 12802 6 1 5 6 0 8 0 pvpl 32 1649973 0 1633488 490 345 145 259 0 265 4 pmappl 200 6415 0 6401 1 0 1 1 0 8 0 extentpl 40 41 0 26 1 0 1 1 0 8 0 phpool 112 690 0 110 17 0 17 17 0 8 0