Warning: Permanently added '10.128.1.132' (ED25519) to the list of known hosts. executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program panic: uvm_fault_unwire_locked: address not in map Stopped at db_enter+0x18: addq $0x8,%rsp TID PID UID PRFLAGS PFLAGS CPU COMMAND 277404 6617 0 0 0 0 syz-executor2212203737 *128774 6617 0 0 0x4000000 1K syz-executor2212203737 db_enter() at db_enter+0x18 panic(ffffffff82652636) at panic+0x177 uvm_fault_unwire_locked(fffffd806ee10cf8,20000000,20001000) at uvm_fault_unwire_locked+0x321 uvm_fault_unwire(fffffd806ee10cf8,20000000,20001000) at uvm_fault_unwire+0x3f sys_sysctl(ffff8000ffff7cf0,ffff8000212e02b8,ffff8000212e0300) at sys_sysctl+0x229 syscall(ffff8000212e0380) at syscall+0x438 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xb35c1ad7b60, count: 8 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb{1}> ddb{1}> set $lines = 0 ddb{1}> set $maxwidth = 0 ddb{1}> show panic *cpu1: uvm_fault_unwire_locked: address not in map ddb{1}> trace db_enter() at db_enter+0x18 panic(ffffffff82652636) at panic+0x177 uvm_fault_unwire_locked(fffffd806ee10cf8,20000000,20001000) at uvm_fault_unwire_locked+0x321 uvm_fault_unwire(fffffd806ee10cf8,20000000,20001000) at uvm_fault_unwire+0x3f sys_sysctl(ffff8000ffff7cf0,ffff8000212e02b8,ffff8000212e0300) at sys_sysctl+0x229 syscall(ffff8000212e0380) at syscall+0x438 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xb35c1ad7b60, count: -7 ddb{1}> show registers rdi 0 rsi 0x1 rbp 0xffff8000212e0080 rbx 0xffff800020dd9b8f rdx 0x3fd rcx 0 rax 0x33 r8 0x101010101010101 r9 0x8080808080808080 r10 0xb0ec740d277be223 r11 0x74d2e4037f818fc9 r12 0xffff800020dd9990 r13 0 r14 0 r15 0x1 rip 0xffffffff81370d48 db_enter+0x18 cs 0x8 rflags 0x246 rsp 0xffff8000212e0070 ss 0x10 db_enter+0x18: addq $0x8,%rsp ddb{1}> show proc PROC (syz-executor2212203737) pid=128774 stat=onproc flags process=0 proc=4000000 pri=36, usrpri=50, nice=20 forw=0xffffffffffffffff, list=0xffff8000ffff6d30,0xffff8000ffff6020 process=0xffff80002129ae20 user=0xffff8000212db000, vmspace=0xfffffd806ee10cf8 estcpu=0, cpticks=1, pctcpu=0.0 user=0, sys=1, intr=0 ddb{1}> ps PID TID PPID UID S FLAGS WAIT COMMAND 6617 277404 35312 0 7 0 syz-executor2212203737 6617 308699 35312 0 3 0x4000080 fsleep syz-executor2212203737 * 6617 128774 35312 0 7 0x4000000 syz-executor2212203737 6617 138538 35312 0 2 0x4000000 syz-executor2212203737 6617 390277 35312 0 2 0x4000000 syz-executor2212203737 35312 155137 30911 0 3 0x82 nanoslp syz-executor2212203737 30911 330721 65617 0 3 0x10008a sigsusp ksh 65617 279835 7137 0 3 0x9a kqread sshd 40650 272341 1 0 3 0x100083 ttyin getty 7137 195784 1 0 3 0x88 kqread sshd 12009 57619 20863 74 3 0x1100092 bpf pflogd 20863 509557 1 0 3 0x80 netio pflogd 13081 215 83618 73 3 0x1100090 kqread syslogd 83618 53011 1 0 3 0x100082 netio syslogd 8584 200953 1 0 3 0x100080 kqread resolvd 29111 228088 43977 77 3 0x100092 kqread dhcpleased 48140 476816 43977 77 3 0x100092 kqread dhcpleased 43977 258876 1 0 3 0x80 kqread dhcpleased 12250 270716 0 0 3 0x14200 bored smr 91633 55798 0 0 2 0x14200 zerothread 15008 103967 0 0 3 0x14200 aiodoned aiodoned 50323 130357 0 0 3 0x14200 syncer update 60161 211192 0 0 3 0x14200 cleaner cleaner 87726 69353 0 0 3 0x14200 reaper reaper 16914 19339 0 0 3 0x14200 pgdaemon pagedaemon 62372 297010 0 0 3 0x14200 bored viomb 19373 65878 0 0 3 0x40014200 acpi0 acpi0 96810 354702 0 0 3 0x40014200 idle1 68954 137908 0 0 3 0x14200 bored softnet 81391 115090 0 0 3 0x14200 bored softnet 72961 200723 0 0 3 0x14200 bored softnet 25801 133795 0 0 3 0x14200 bored softnet 84436 166322 0 0 3 0x14200 bored systqmp 81255 376015 0 0 3 0x14200 bored systq 41011 260208 0 0 3 0x40014200 bored softclock 54901 515608 0 0 3 0x40014200 idle0 1 244734 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb{1}> show all locks Process 6617 (syz-executor2212203737) thread 0xffff8000ffff6550 (277404) exclusive rwlock futex r = 0 (0xffffffff8298b290) #0 witness_lock+0x44d #1 sys_futex+0x5c #2 syscall+0x4c2 #3 Xsyscall+0x128 Process 6617 (syz-executor2212203737) thread 0xffff8000ffff7cf0 (128774) shared rwlock vmmaplk r = 0 (0xfffffd806ee10da0) #0 witness_lock+0x44d #1 rw_enter+0x3e1 #2 uvm_fault_unwire+0x31 #3 sys_sysctl+0x229 #4 syscall+0x438 #5 Xsyscall+0x128 exclusive kernel_lock &kernel_lock r = 0 (0xffffffff82b51240) #0 witness_lock+0x44d #1 __mp_acquire_count+0x48 #2 mi_switch+0x3bb #3 sleep_finish+0x180 #4 rw_enter+0x35a #5 uvm_fault_unwire+0x31 #6 sys_sysctl+0x229 #7 syscall+0x438 #8 Xsyscall+0x128 exclusive rwlock sysctllk r = 0 (0xffffffff82994410) #0 witness_lock+0x44d #1 rw_enter+0x3e1 #2 sys_sysctl+0x1b3 #3 syscall+0x438 #4 Xsyscall+0x128 ddb{1}> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10167 6456K 6457K 78643K 11257 0 pcb 13 8K 8K 78643K 13 0 rtable 58 1K 2K 78643K 113 0 ifaddr 26 8K 8K 78643K 29 0 counters 44 33K 33K 78643K 44 0 ioctlops 0 0K 4K 78643K 1473 0 mount 1 1K 1K 78643K 1 0 log 0 0K 0K 78643K 4 0 vnodes 1169 73K 73K 78643K 1185 0 UFS quota 1 32K 32K 78643K 1 0 UFS mount 5 36K 36K 78643K 5 0 shm 2 1K 1K 78643K 2 0 VM map 2 1K 1K 78643K 2 0 sem 2 0K 0K 78643K 2 0 dirhash 12 2K 2K 78643K 12 0 ACPI 1697 195K 286K 78643K 12548 0 file desc 1 0K 0K 78643K 1 0 proc 67 91K 91K 78643K 295 0 NFS srvsock 1 0K 0K 78643K 1 0 NFS daemon 1 16K 16K 78643K 1 0 in_multi 11 0K 0K 78643K 11 0 ether_multi 1 0K 0K 78643K 1 0 ISOFS mount 1 32K 32K 78643K 1 0 MSDOSFS mount 1 16K 16K 78643K 1 0 ttys 25 122K 122K 78643K 25 0 exec 0 0K 1K 78643K 267 0 tdb 3 0K 0K 78643K 3 0 pagedep 1 8K 8K 78643K 1 0 inodedep 1 32K 32K 78643K 1 0 newblk 1 0K 0K 78643K 1 0 VM swap 8 62K 64K 78643K 10 0 UVM amap 108 12K 12K 78643K 2813 0 UVM aobj 131 4K 4K 78643K 131 0 memdesc 1 4K 4K 78643K 1 0 crypto data 1 1K 1K 78643K 1 0 NDP 4 0K 0K 78643K 4 0 temp 23 4677K 4741K 78643K 3431 0 kqueue 11 16K 18K 78643K 24 0 SYN cache 2 16K 16K 78643K 2 0 ddb{1}> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle plcache 128 22 0 0 1 0 1 1 0 8 0 rtpcb 120 20 0 17 1 0 1 1 0 8 0 rtentry 112 23 0 1 1 0 1 1 0 8 0 unpcb 144 35 0 20 1 0 1 1 0 8 0 syncache 296 5 0 5 1 0 1 1 0 8 1 tcpqe 32 44 0 44 1 1 0 1 0 8 0 tcpcb 776 8 0 5 1 0 1 1 0 8 0 arp 120 2 0 0 1 0 1 1 0 8 0 inpcb 368 32 0 26 1 0 1 1 0 8 0 pfosfp 40 1428 0 1005 5 0 5 5 0 8 0 pfosfpen 112 1428 0 714 21 0 21 21 0 8 0 pfstitem 24 9 0 0 1 0 1 1 0 8 0 pfstkey 120 9 0 0 1 0 1 1 0 8 0 pfstate 384 9 0 0 1 0 1 1 0 8 0 pfrule 1344 21 0 15 2 0 2 2 0 8 0 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 97 0 0 7 0 7 7 0 8 0 art_table 32 98 0 0 1 0 1 1 0 8 0 art_node 16 22 0 2 1 0 1 1 0 8 0 shmpl 112 128 0 0 4 0 4 4 0 8 0 dirhash 1024 17 0 0 3 0 3 3 0 8 0 dino2pl 256 1583 0 194 87 0 87 87 0 8 0 ffsino 272 1583 0 194 93 0 93 93 0 8 0 nchpl 144 1924 0 362 58 0 58 58 0 8 0 uvmvnodes 80 1597 0 0 33 0 33 33 0 8 0 vnodes 216 1597 0 0 89 0 89 89 0 8 0 namei 1024 5159 0 5159 1 0 1 1 0 8 1 percpumem 16 34 0 0 1 0 1 1 0 8 0 kstatmem 264 8 0 0 1 0 1 1 0 8 0 scxspl 216 5212 0 5212 2 1 1 2 0 8 1 plimitpl 152 18 0 10 1 0 1 1 0 8 0 sigapl 424 491 0 458 5 1 4 5 0 8 0 futexpl 64 952 0 951 1 0 1 1 0 8 0 knotepl 120 46 0 0 2 0 2 2 0 8 0 kqueuepl 216 20 0 13 1 0 1 1 0 8 0 pipepl 320 90 0 87 1 0 1 1 0 8 0 fdescpl 496 474 0 458 3 0 3 3 0 8 0 filepl 152 1418 0 1360 3 0 3 3 0 8 0 lockfpl 104 6 0 4 1 0 1 1 0 8 0 lockfspl 48 4 0 2 1 0 1 1 0 8 0 sessionpl 144 18 0 9 1 0 1 1 0 8 0 pgrppl 48 18 0 9 1 0 1 1 0 8 0 ucredpl 104 71 0 59 1 0 1 1 0 8 0 zombiepl 144 458 0 458 1 0 1 1 0 8 1 processpl 1072 491 0 458 3 0 3 3 0 8 0 procpl 672 964 0 927 5 1 4 4 0 8 0 sockpl 488 87 0 63 4 0 4 4 0 8 0 mcl8k 8192 3 0 0 1 0 1 1 0 8 0 mcl4k 4096 5 0 0 1 0 1 1 0 8 0 mcl2k 2048 292 0 0 37 0 37 37 0 8 0 mtagpl 96 2 0 0 1 0 1 1 0 8 0 mbufpl 256 363 0 0 23 0 23 23 0 8 0 bufpl 288 2605 0 94 180 0 180 180 0 8 0 anonpl 24 126136 0 123718 26 4 22 26 0 186 7 amapchunkpl 152 7430 0 7313 6 1 5 6 0 158 0 amappl16 200 1987 0 1986 5 4 1 5 0 8 0 amappl15 192 9 0 9 1 1 0 1 0 8 0 amappl14 184 104 0 93 1 0 1 1 0 8 0 amappl13 176 3 0 3 1 1 0 1 0 8 0 amappl12 168 326 0 325 1 0 1 1 0 8 0 amappl11 160 50 0 36 1 0 1 1 0 8 0 amappl10 152 7 0 7 1 1 0 1 0 8 0 amappl9 144 960 0 960 1 1 0 1 0 8 0 amappl8 136 25 0 24 1 0 1 1 0 8 0 amappl7 128 255 0 241 1 0 1 1 0 8 0 amappl6 120 88 0 81 1 0 1 1 0 8 0 amappl5 112 80 0 71 1 0 1 1 0 8 0 amappl4 104 391 0 367 1 0 1 1 0 8 0 amappl3 96 910 0 879 1 0 1 1 0 8 0 amappl2 88 688 0 630 2 0 2 2 0 8 0 amappl1 80 13329 0 12768 13 1 12 13 0 8 0 amappl 88 2471 0 2422 2 0 2 2 0 92 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 130 0 0 3 0 3 3 0 8 0 uaddrrnd 24 474 0 458 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 474 0 458 1 0 1 1 0 8 0 vmmpekpl 168 8463 0 8447 1 0 1 1 0 8 0 vmmpepl 168 43918 0 42677 58 3 55 58 0 357 0 vmsppl 368 473 0 458 2 0 2 2 0 8 0 rwobjpl 56 16940 0 14464 36 1 35 35 0 8 0 pdppl 4096 955 0 916 53 14 39 45 0 8 0 pvpl 32 237154 0 231995 57 5 52 57 0 265 10 pmappl 248 473 0 458 2 0 2 2 0 8 0 extentpl 40 56 0 38 1 0 1 1 0 8 0 phpool 112 493 0 16 14 0 14 14 0 8 0 ddb{1}> machine ddbcpu 0 Stopped at x86_ipi_db+0x1a: addq $0x8,%rsp x86_ipi_db(ffffffff829bcff0) at x86_ipi_db+0x1a x86_ipi_handler() at x86_ipi_handler+0xb7 Xresume_lapic_ipi() at Xresume_lapic_ipi+0x23 __mp_lock(ffffffff82b51038) at __mp_lock+0x122 softintr_dispatch(0) at softintr_dispatch+0x4e Xsoftclock() at Xsoftclock+0x1f end of kernel end trace frame: 0x7f7ffffbc990, count: 9 ddb{0}> trace x86_ipi_db(ffffffff829bcff0) at x86_ipi_db+0x1a x86_ipi_handler() at x86_ipi_handler+0xb7 Xresume_lapic_ipi() at Xresume_lapic_ipi+0x23 __mp_lock(ffffffff82b51038) at __mp_lock+0x122 softintr_dispatch(0) at softintr_dispatch+0x4e Xsoftclock() at Xsoftclock+0x1f end of kernel end trace frame: 0x7f7ffffbc990, count: -6 ddb{0}> machine ddbcpu 1 Stopped at db_enter+0x18: addq $0x8,%rsp db_enter() at db_enter+0x18 panic(ffffffff82652636) at panic+0x177 uvm_fault_unwire_locked(fffffd806ee10cf8,20000000,20001000) at uvm_fault_unwire_locked+0x321 uvm_fault_unwire(fffffd806ee10cf8,20000000,20001000) at uvm_fault_unwire+0x3f sys_sysctl(ffff8000ffff7cf0,ffff8000212e02b8,ffff8000212e0300) at sys_sysctl+0x229 syscall(ffff8000212e0380) at syscall+0x438 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xb35c1ad7b60, count: 8 ddb{1}> trace db_enter() at db_enter+0x18 panic(ffffffff82652636) at panic+0x177 uvm_fault_unwire_locked(fffffd806ee10cf8,20000000,20001000) at uvm_fault_unwire_locked+0x321 uvm_fault_unwire(fffffd806ee10cf8,20000000,20001000) at uvm_fault_unwire+0x3f sys_sysctl(ffff8000ffff7cf0,ffff8000212e02b8,ffff8000212e0300) at sys_sysctl+0x229 syscall(ffff8000212e0380) at syscall+0x438 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xb35c1ad7b60, count: -7 ddb{1}>