Looks to me like lock(&mmukmaplock) should really be an ilock since
mmukmapsync() gets called by trap (i.e. in an interrupt) and by mmukmap()
called in upamalloc() (not necessarily in an interrupt).  I'll change it
and update.  Thanks for the report.