panic: pmap_san_enter_alloc_4k: no memory to grow shadow map cpuid = 1 time = 1671864349 KDB: stack backtrace: db_trace_self_wrapper() at db_trace_self_wrapper+0xc7/frame 0xfffffe00998c2830 kdb_backtrace() at kdb_backtrace+0xd3/frame 0xfffffe00998c2990 vpanic() at vpanic+0x254/frame 0xfffffe00998c2a70 panic() at panic+0xb5/frame 0xfffffe00998c2b30 pmap_san_enter_alloc_4k() at pmap_san_enter_alloc_4k+0x4b/frame 0xfffffe00998c2b50 pmap_san_enter() at pmap_san_enter+0x351/frame 0xfffffe00998c2ba0 kasan_shadow_map() at kasan_shadow_map+0x98/frame 0xfffffe00998c2bc0 pmap_growkernel() at pmap_growkernel+0xca/frame 0xfffffe00998c2c10 vm_map_insert() at vm_map_insert+0x678/frame 0xfffffe00998c2d70 vm_map_find() at vm_map_find+0x92d/frame 0xfffffe00998c2e50 kva_import() at kva_import+0xd4/frame 0xfffffe00998c2f30 vmem_try_fetch() at vmem_try_fetch+0x21f/frame 0xfffffe00998c3020 vmem_xalloc() at vmem_xalloc+0x52f/frame 0xfffffe00998c30e0 kva_import_domain() at kva_import_domain+0x5f/frame 0xfffffe00998c3130 vmem_try_fetch() at vmem_try_fetch+0x21f/frame 0xfffffe00998c3210 vmem_xalloc() at vmem_xalloc+0x52f/frame 0xfffffe00998c32d0 vmem_alloc() at vmem_alloc+0x106/frame 0xfffffe00998c3330 kmem_malloc_domainset() at kmem_malloc_domainset+0x175/frame 0xfffffe00998c3450 keg_alloc_slab() at keg_alloc_slab+0x1d3/frame 0xfffffe00998c3570 zone_import() at zone_import+0x2d7/frame 0xfffffe00998c3730 cache_alloc() at cache_alloc+0x869/frame 0xfffffe00998c37f0 cache_alloc_retry() at cache_alloc_retry+0x33/frame 0xfffffe00998c3840 bucket_alloc() at bucket_alloc+0x1b9/frame 0xfffffe00998c3890 cache_alloc() at cache_alloc+0x7ec/frame 0xfffffe00998c3950 cache_alloc_retry() at cache_alloc_retry+0x33/frame 0xfffffe00998c39a0 malloc() at malloc+0xeb/frame 0xfffffe00998c39e0 pdinit() at pdinit+0x2f/frame 0xfffffe00998c3a20 pdcopy() at pdcopy+0x29/frame 0xfffffe00998c3a50 do_fork() at do_fork+0x917/frame 0xfffffe00998c3b30 fork1() at fork1+0xb3a/frame 0xfffffe00998c3c30 sys_fork() at sys_fork+0xe3/frame 0xfffffe00998c3d30 amd64_syscall() at amd64_syscall+0x410/frame 0xfffffe00998c3f30 fast_syscall_common() at fast_syscall_common+0xf8/frame 0xfffffe00998c3f30 --- syscall (198, FreeBSD ELF64, __syscall), rip = 0x28e66a, rsp = 0x82acc0f08, rbp = 0x82acc0f70 --- KDB: enter: panic [ thread pid 2043 tid 102162 ] Stopped at kdb_enter+0x6b: movq $0,0x276533a(%rip) db> db> set $lines = 0 db> set $maxwidth = 0 db> show registers cs 0x20 ds 0x3b es 0x3b fs 0x13 gs 0x1b ss 0 rax 0x12 rcx 0xfffffe00033eee30 rdx 0xdffff7c000000000 rbx 0 rsp 0xfffffe00998c2970 rbp 0xfffffe00998c2990 rsi 0x1 rdi 0 r8 0x3 r9 0xffffffff r10 0 r11 0x246 r12 0 r13 0xfffffe009972a000 r14 0xffffffff82b7d320 .str.26 r15 0xffffffff82b7d320 .str.26 rip 0xffffffff81722edb kdb_enter+0x6b rflags 0x46 kdb_enter+0x6b: movq $0,0x276533a(%rip) db> show proc Process 2043 (syz-executor.3) at 0xfffffe0099748568: state: NORMAL uid: 0 gids: 0, 0, 5 parent: pid 1968 at 0xfffffe0098e12558 ABI: FreeBSD ELF64 flag: 0x10000000 flag2: 0 arguments: /root/syz-executor.3 exec reaper: 0xfffffe00541d0010 reapsubtree: 1 sigparent: 20 vmspace: 0xfffffe0099662000 (map 0xfffffe0099662000) (map.pmap 0xfffffe00996620c0) (pmap 0xfffffe0099662130) threads: 1 102162 Run CPU 1 syz-executor.3 db> ps pid ppid pgrp uid state wmesg wchan cmd 7132 2224 782 0 N syz-executor.3 7131 2014 782 0 N syz-executor.3 7130 7130 0 0 NW syz-executor.3 7123 4796 782 0 N syz-executor.3 7122 4748 782 0 N syz-executor.3 7121 3961 782 0 N syz-executor.3 7120 5047 782 0 N syz-executor.3 7119 3876 782 0 N syz-executor.3 7118 3691 782 0 N syz-executor.3 7117 2373 782 0 N syz-executor.3 7116 2167 782 0 N syz-executor.3 7115 2108 782 0 N syz-executor.3 7114 1878 782 0 N syz-executor.3 7113 2122 782 0 N syz-executor.3 7112 4110 782 0 N syz-executor.3 7111 4979 782 0 N syz-executor.3 7110 7110 0 0 NW syz-executor.3 7109 1721 782 0 N syz-executor.3 7108 5199 782 0 N syz-executor.3 7107 4933 782 0 N syz-executor.3 7106 4852 782 0 N syz-executor.3 7105 7105 0 0 NW syz-executor.3 7104 4504 782 0 N syz-executor.3 7103 4547 782 0 N syz-executor.3 7102 1734 782 0 N syz-executor.3 7101 1715 782 0 N syz-executor.3 7100 1930 782 0 N syz-executor.3 7099 1950 782 0 N syz-executor.3 7098 2410 782 0 N syz-executor.3 7097 2342 782 0 N syz-executor.3 7096 2247 782 0 N syz-executor.3 7095 2097 782 0 N syz-executor.3 7094 1966 782 0 N syz-executor.3 7093 1877 782 0 N syz-executor.3 7092 2271 782 0 N syz-executor.3 7091 4259 782 0 N syz-executor.3 7090 3660 782 0 N syz-executor.3 7089 2439 782 0 N syz-executor.3 7072 1822 782 0 N syz-executor.3 7070 3706 782 0 N syz-executor.3 7069 4214 782 0 N syz-executor.3 7068 1956 782 0 N syz-executor.3 7066 2015 782 0 N syz-executor.3 7064 2469 782 0 N syz-executor.3 7063 2425 782 0 N syz-executor.3 7062 2448 782 0 N syz-executor.3 7058 4448 782 0 N syz-executor.3 7056 2364 782 0 N syz-executor.3 7055