syzbot

panic: uvm_fault_unwire_locked: address not in map
Stopped at      db_enter+0xa:   popq    %rbp
    TID    PID    UID     PRFLAGS     PFLAGS  CPU  COMMAND
*116599  56190      0           0  0x4000000    0K syz-executor8783
db_enter() at db_enter+0xa sys/arch/amd64/amd64/db_interface.c:399
panic() at panic+0x147 sys/kern/subr_prf.c:208
uvm_fault_unwire_locked(20001000,20003000,0) at uvm_fault_unwire_locked+0x270
uvm_fault_unwire(1000,ffffff006d062100,1000) at uvm_fault_unwire+0x3b sys/uvm/uvm_fault.c:1314
physio(ffff80002112b868,ffffff006d119ae0,ffffff006d119ae0,ffff80002112b868,ffff80002112b738) at physio+0x2ba sys/kern/kern_physio.c:183
spec_read(0) at spec_read+0xa5 sys/kern/spec_vnops.c:223
VOP_READ(ffff80002112b868,ffffff006d119ae0,ffffff006e4905a8,0) at VOP_READ+0x5e sys/kern/vfs_vops.c:247
vn_read(ffffff006e4905a8,ffff800021084710,1000) at vn_read+0x130 sys/kern/vfs_vnops.c:365
dofilereadv(0,1,ffff800021084710,ffff80002112b990,ffff80002112b9a8) at dofilereadv+0x14f sys/kern/sys_generic.c:235
sys_readv(780,ffff800021084710,0) at sys_readv+0xce sys/kern/sys_generic.c:182
syscall(0) at syscall+0x489 mi_syscall sys/sys/syscall_mi.h:99 [inline]
syscall(0) at syscall+0x489 sys/arch/amd64/amd64/trap.c:583
Xsyscall(6,0,c58629d2aa0,0,c55ff38c0a8,c55ff38c0a0) at Xsyscall+0x128
end of kernel
end trace frame: 0xc585d4b0a30, count: 3
https://www.openbsd.org/ddb.html describes the minimum info required in bug
reports.  Insufficient info makes it difficult to find and fix bugs.
ddb{0}> 
ddb{0}> set $lines = 0
ddb{0}> show panic
uvm_fault_unwire_locked: address not in map
ddb{0}> trace
db_enter() at db_enter+0xa sys/arch/amd64/amd64/db_interface.c:399
panic() at panic+0x147 sys/kern/subr_prf.c:208
uvm_fault_unwire_locked(20001000,20003000,0) at uvm_fault_unwire_locked+0x270
uvm_fault_unwire(1000,ffffff006d062100,1000) at uvm_fault_unwire+0x3b sys/uvm/uvm_fault.c:1314
physio(ffff80002112b868,ffffff006d119ae0,ffffff006d119ae0,ffff80002112b868,ffff80002112b738) at physio+0x2ba sys/kern/kern_physio.c:183
spec_read(0) at spec_read+0xa5 sys/kern/spec_vnops.c:223
VOP_READ(ffff80002112b868,ffffff006d119ae0,ffffff006e4905a8,0) at VOP_READ+0x5e sys/kern/vfs_vops.c:247vn_read(ffffff006e4905a8,ffff800021084710,1000) at vn_read+0x130
dofilereadv(0,1,ffff800021084710,ffff80002112b990,ffff80002112b9a8) at dofilereadv+0x14f sys/kern/sys_generic.c:235
sys_readv(780,ffff800021084710,0) at sys_readv+0xce sys/kern/sys_generic.c:182
syscall(0) at syscall+0x489 mi_syscall sys/sys/syscall_mi.h:99 [inline]
syscall(0) at syscall+0x489 sys/arch/amd64/amd64/trap.c:583
Xsyscall(6,0,c58629d2aa0,0,c55ff38c0a8,c55ff38c0a0) at Xsyscall+0x128
end of kernel
end trace frame: 0xc585d4b0a30, count: -12
ddb{0}> show registers
rdi               0xffffffff81e20110    kprintf_mutex
rsi                              0x5
rbp               0xffff80002112b4e0
rbx               0xffff80002112b580
rdx                            0x3fd
rcx                                0
rax                              0x1
r8                0xffff80002112b4b0
r9                                 0
r10                                0
r11               0xffffffff8197d380    x86_bus_space_io_read_1
r12                     0x3000000008
r13               0xffff80002112b4f0
r14                            0x100
r15               0xffffffff81c64515    cy_pio_rec+0x10dfa
rip               0xffffffff8182d81a    db_enter+0xa
cs                               0x8
rflags                         0x202
rsp               0xffff80002112b4e0
ss                              0x10
db_enter+0xa:   popq    %rbp
ddb{0}> show proc
PROC (syz-executor8783) pid=116599 stat=onproc
    flags process=0 proc=4000000<THREAD>
    pri=17, usrpri=72, nice=20
    forw=0xffffffffffffffff, list=0xffff800021084008,0xffff8000210852d8
    process=0xffff800021070ca8 user=0xffff800021126000, vmspace=0xffffff007f124420
    estcpu=36, cpticks=0, pctcpu=0.0
    user=0, sys=0, intr=0
ddb{0}> ps
   PID     TID   PPID    UID  S       FLAGS  WAIT          COMMAND
 56190   70238  89960      0  3        0x80  nanosleep     syz-executor8783
*56190  116599  89960      0  7   0x4000000                syz-executor8783
 56190    2668  89960      0  3   0x4000080  fsleep        syz-executor8783
 89960  233048  98433      0  3        0x80  nanosleep     syz-executor8783
 51302  400320  98433      0  3        0x80  nanosleep     syz-executor8783
 98433  448484  73670      0  3        0x82  nanosleep     syz-executor8783
 73670  391063  13489      0  3    0x10008a  pause         ksh
 13489  180989  69079      0  3        0x92  select        sshd
 34280  272430      1      0  3    0x100083  ttyin         getty
 69079  214264      1      0  3        0x80  select        sshd
 14516  401541  34680     73  3    0x100090  kqread        syslogd
 34680  129302      1      0  3    0x100082  netio         syslogd
 98833  220905      1     77  3    0x100090  poll          dhclient
 92523   53992      1      0  3        0x80  poll          dhclient
 19296   57917      0      0  3     0x14200  pgzero        zerothread
 55778   84655      0      0  3     0x14200  aiodoned      aiodoned
 56102  424379      0      0  3     0x14200  syncer        update
 57562  136865      0      0  3     0x14200  cleaner       cleaner
 91419  373635      0      0  3     0x14200  reaper        reaper
 48262  501715      0      0  3     0x14200  pgdaemon      pagedaemon
 21730  320485      0      0  3     0x14200  bored         crynlk
 65963  476355      0      0  3     0x14200  bored         crypto
 31733  400906      0      0  3  0x40014200  acpi0         acpi0
 41000   13681      0      0  7  0x40014200                idle1
 43578   74494      0      0  3     0x14200  bored         softnet
 32914   50734      0      0  3     0x14200  bored         systqmp
 19023   68977      0      0  3     0x14200  bored         systq
 66780  392577      0      0  3  0x40014200  bored         softclock
 70297  227767      0      0  3  0x40014200                idle0
     1  314882      0      0  3        0x82  wait          init
     0       0     -1      0  3     0x10200  scheduler     swapper