Warning: Permanently added '10.128.0.246' (ED25519) to the list of known hosts. executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program executing program panic: uvm_fault_unwire_locked: address not in map Stopped at db_enter+0x1c: addq $0x8,%rsp TID PID UID PRFLAGS PFLAGS CPU COMMAND *384449 81810 0 0 0x4000000 0 syz-executor2166540877 522634 92539 0 0x2 0 1 syz-executor2166540877 db_enter() at db_enter+0x1c panic(ffffffff82845706) at panic+0x17b uvm_fault_unwire_locked(fffffd806e37e010,20000000,20a0a000) at uvm_fault_unwire_locked+0x321 uvm_fault_unwire(fffffd806e37e010,20000000,20a0a000) at uvm_fault_unwire+0x43 sys_sysctl(ffff800021230588,ffff800021267a50,ffff800021267aa0) at sys_sysctl+0x304 syscall(ffff800021267b20) at syscall+0x606 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x86c36cdb0b0, count: 8 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb{0}> ddb{0}> set $lines = 0 ddb{0}> set $maxwidth = 0 ddb{0}> show panic *cpu0: uvm_fault_unwire_locked: address not in map ddb{0}> trace db_enter() at db_enter+0x1c panic(ffffffff82845706) at panic+0x17b uvm_fault_unwire_locked(fffffd806e37e010,20000000,20a0a000) at uvm_fault_unwire_locked+0x321 uvm_fault_unwire(fffffd806e37e010,20000000,20a0a000) at uvm_fault_unwire+0x43 sys_sysctl(ffff800021230588,ffff800021267a50,ffff800021267aa0) at sys_sysctl+0x304 syscall(ffff800021267b20) at syscall+0x606 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x86c36cdb0b0, count: -7 ddb{0}> show registers rdi 0 rsi 0x1 rbp 0xffff800021267810 rbx 0xffffffff82c1ab8f cpu_info_full_primary+0x2b8f rdx 0x3fd rcx 0 rax 0x33 r8 0x101010101010101 r9 0x8080808080808080 r10 0x33abe3da81a3089e r11 0x2aa3bfa24a3025fb r12 0xffffffff82c1a990 cpu_info_full_primary+0x2990 r13 0 r14 0 r15 0x1 rip 0xffffffff826c416c db_enter+0x1c cs 0x8 rflags 0x246 rsp 0xffff800021267800 ss 0x10 db_enter+0x1c: addq $0x8,%rsp ddb{0}> show proc PROC (syz-executor2166540877) pid=384449 stat=onproc flags process=0 proc=4000000 pri=58, usrpri=86, nice=20 forw=0xffffffffffffffff, list=0xffff800021230018,0xffffffff82ce1458 process=0xffff80002121e9f0 user=0xffff800021262000, vmspace=0xfffffd806e37e010 estcpu=36, cpticks=5, pctcpu=0.0 user=0, sys=5, intr=0 ddb{0}> ps PID TID PPID UID S FLAGS WAIT COMMAND 81810 389463 92539 0 3 0x80 nanoslp syz-executor2166540877 81810 284510 92539 0 3 0x4000080 fsleep syz-executor2166540877 *81810 384449 92539 0 7 0x4000000 syz-executor2166540877 92539 522634 46274 0 7 0x2 syz-executor2166540877 46274 355841 55769 0 3 0x10008a sigsusp ksh 55769 203857 22960 0 3 0x9a kqread sshd 52030 251270 1 0 3 0x100083 ttyin getty 22960 165744 1 0 3 0x88 kqread sshd 34708 418917 9465 74 3 0x1100092 bpf pflogd 9465 299466 1 0 3 0x80 netio pflogd 67273 519162 22594 73 3 0x1100090 kqread syslogd 22594 339188 1 0 3 0x100082 netio syslogd 38265 242653 1 0 3 0x100080 kqread resolvd 59662 396868 14352 77 3 0x100092 kqread dhcpleased 89853 455192 14352 77 3 0x100092 kqread dhcpleased 14352 263265 1 0 3 0x80 kqread dhcpleased 9095 274686 0 0 3 0x14200 bored smr 21797 431054 0 0 3 0x14200 pgzero zerothread 23763 99155 0 0 3 0x14200 aiodoned aiodoned 7523 191370 0 0 3 0x14200 syncer update 3408 207344 0 0 3 0x14200 cleaner cleaner 48341 102336 0 0 3 0x14200 reaper reaper 63016 255326 0 0 3 0x14200 pgdaemon pagedaemon 76246 197905 0 0 3 0x14200 bored viomb 8774 346548 0 0 3 0x40014200 acpi0 acpi0 76220 343721 0 0 3 0x40014200 idle1 50281 474961 0 0 3 0x14200 bored softnet3 41509 337161 0 0 3 0x14200 bored softnet2 68610 211890 0 0 3 0x14200 bored softnet1 16333 428953 0 0 3 0x14200 bored softnet0 66076 223482 0 0 3 0x14200 bored systqmp 37062 436433 0 0 3 0x14200 bored systq 34535 379042 0 0 3 0x40014200 bored softclock 89044 73052 0 0 3 0x40014200 idle0 1 313187 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb{0}> show all locks Process 81810 (syz-executor2166540877) thread 0xffff800021230588 (384449) shared rwlock vmmaplk r = 0 (0xfffffd806e37e100) #0 witness_lock+0x44d #1 uvm_fault_unwire+0x35 #2 sys_sysctl+0x304 #3 syscall+0x606 #4 Xsyscall+0x128 exclusive rwlock sysctllk r = 0 (0xffffffff82b67770) #0 witness_lock+0x44d #1 rw_enter+0x3e5 #2 sys_sysctl+0x296 #3 syscall+0x606 #4 Xsyscall+0x128 ddb{0}> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10153 6455K 6456K 78643K 11243 0 pcb 13 8K 8K 78643K 13 0 rtable 58 1K 2K 78643K 114 0 ifaddr 28 16K 16K 78643K 31 0 counters 44 33K 33K 78643K 44 0 ioctlops 0 0K 4K 78643K 1475 0 mount 1 1K 1K 78643K 1 0 log 0 0K 0K 78643K 4 0 vnodes 1176 74K 74K 78643K 1192 0 UFS quota 1 32K 32K 78643K 1 0 UFS mount 5 36K 36K 78643K 5 0 shm 2 1K 1K 78643K 2 0 VM map 2 1K 1K 78643K 2 0 sem 2 0K 0K 78643K 2 0 dirhash 12 2K 2K 78643K 12 0 ACPI 1697 195K 286K 78643K 12548 0 file desc 1 0K 0K 78643K 1 0 proc 67 91K 91K 78643K 302 0 NFS srvsock 1 0K 0K 78643K 1 0 NFS daemon 1 16K 16K 78643K 1 0 in_multi 11 0K 0K 78643K 11 0 ether_multi 1 0K 0K 78643K 1 0 ISOFS mount 1 32K 32K 78643K 1 0 MSDOSFS mount 1 16K 16K 78643K 1 0 ttys 25 122K 122K 78643K 25 0 exec 0 0K 1K 78643K 270 0 tdb 3 0K 0K 78643K 3 0 pagedep 1 8K 8K 78643K 1 0 inodedep 1 32K 32K 78643K 1 0 newblk 1 0K 0K 78643K 1 0 VM swap 8 62K 64K 78643K 10 0 UVM amap 110 13K 13K 78643K 2763 0 UVM aobj 3 2K 2K 78643K 3 0 memdesc 1 4K 4K 78643K 1 0 crypto data 1 1K 1K 78643K 1 0 NDP 4 0K 0K 78643K 4 0 temp 23 5845K 5909K 78643K 3100 0 kqueue 11 16K 18K 78643K 24 0 SYN cache 2 16K 16K 78643K 2 0 ddb{0}> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle plcache 128 22 0 0 1 0 1 1 0 8 0 rtpcb 120 20 0 17 1 0 1 1 0 8 0 rtentry 112 23 0 1 1 0 1 1 0 8 0 unpcb 144 35 0 20 1 0 1 1 0 8 0 syncache 296 5 0 5 2 1 1 1 0 8 1 tcpqe 32 143 0 143 1 1 0 1 0 8 0 tcpcb 776 8 0 5 1 0 1 1 0 8 0 arp 120 2 0 0 1 0 1 1 0 8 0 inpcb 368 33 0 27 1 0 1 1 0 8 0 pfosfp 40 1428 0 1005 5 0 5 5 0 8 0 pfosfpen 112 1428 0 714 21 0 21 21 0 8 0 pfstitem 24 9 0 2 1 0 1 1 0 8 0 pfstkey 128 9 0 2 1 0 1 1 0 8 0 pfstate 384 9 0 2 1 0 1 1 0 8 0 pfrule 1344 21 0 16 2 1 1 2 0 8 0 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 96 0 0 6 0 6 6 0 8 0 art_table 32 97 0 0 1 0 1 1 0 8 0 art_node 16 22 0 2 1 0 1 1 0 8 0 dirhash 1024 17 0 0 3 0 3 3 0 8 0 dino2pl 256 1432 0 38 88 0 88 88 0 8 0 ffsino 272 1432 0 38 93 0 93 93 0 8 0 nchpl 144 1617 0 49 59 0 59 59 0 8 0 uvmvnodes 80 1446 0 0 30 0 30 30 0 8 0 vnodes 216 1446 0 0 81 0 81 81 0 8 0 namei 1024 4562 0 4562 2 1 1 1 0 8 1 percpumem 16 35 0 0 1 0 1 1 0 8 0 kstatmem 264 8 0 0 1 0 1 1 0 8 0 scxspl 216 5061 0 5061 11 10 1 8 0 8 1 plimitpl 152 18 0 10 1 0 1 1 0 8 0 sigapl 424 360 0 327 5 1 4 5 0 8 0 futexpl 64 68 0 67 1 0 1 1 0 8 0 knotepl 120 44 0 0 2 0 2 2 0 8 0 kqueuepl 216 20 0 13 1 0 1 1 0 8 0 pipepl 320 94 0 91 2 1 1 1 0 8 0 fdescpl 496 343 0 327 3 0 3 3 0 8 0 filepl 152 1274 0 1216 3 0 3 3 0 8 0 lockfpl 104 6 0 4 1 0 1 1 0 8 0 lockfspl 48 4 0 2 1 0 1 1 0 8 0 sessionpl 144 18 0 9 1 0 1 1 0 8 0 pgrppl 48 18 0 9 1 0 1 1 0 8 0 ucredpl 104 71 0 59 1 0 1 1 0 8 0 zombiepl 144 327 0 327 2 1 1 1 0 8 1 processpl 1072 360 0 327 3 0 3 3 0 8 0 procpl 696 404 0 369 4 0 4 4 0 8 0 sockpl 488 88 0 64 5 1 4 4 0 8 0 mcl8k 8192 5 0 0 1 0 1 1 0 8 0 mcl4k 4096 2 0 0 1 0 1 1 0 8 0 mcl2k 2048 278 0 0 35 0 35 35 0 8 0 mtagpl 96 2 0 0 1 0 1 1 0 8 0 mbufpl 256 288 0 0 18 0 18 18 0 8 0 bufpl 288 2473 0 100 170 0 170 170 0 8 0 anonpl 24 226334 0 221692 41 13 28 28 0 186 0 amapchunkpl 152 9428 0 9243 9 1 8 8 0 158 0 amappl16 200 7856 0 7711 13 5 8 8 0 8 0 amappl15 192 45 0 45 1 1 0 1 0 8 0 amappl14 184 111 0 99 1 0 1 1 0 8 0 amappl13 176 10 0 10 1 1 0 1 0 8 0 amappl12 168 881 0 866 2 1 1 2 0 8 0 amappl11 160 58 0 44 1 0 1 1 0 8 0 amappl10 152 9 0 9 2 1 1 1 0 8 1 amappl9 144 147 0 147 2 1 1 1 0 8 1 amappl8 136 41 0 39 1 0 1 1 0 8 0 amappl7 128 56 0 49 1 0 1 1 0 8 0 amappl6 120 171 0 158 1 0 1 1 0 8 0 amappl5 112 97 0 88 1 0 1 1 0 8 0 amappl4 104 478 0 443 3 1 2 2 0 8 1 amappl3 96 2290 0 2252 2 1 1 2 0 8 0 amappl2 88 533 0 485 3 1 2 2 0 8 0 amappl1 80 9539 0 9064 16 4 12 12 0 8 1 amappl 88 2438 0 2376 2 0 2 2 0 92 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 2 0 0 1 0 1 1 0 8 0 uaddrrnd 24 343 0 327 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 343 0 327 1 0 1 1 0 8 0 vmmpekpl 168 7336 0 7315 3 1 2 2 0 8 0 vmmpepl 168 38899 0 37675 61 7 54 54 0 357 0 vmsppl 456 342 0 327 3 0 3 3 0 8 0 rwobjpl 56 22081 0 19777 35 2 33 33 0 8 0 pdppl 4096 694 0 654 68 28 40 46 0 8 0 pvpl 32 330359 0 322974 80 20 60 60 0 265 0 pmappl 248 342 0 327 2 0 2 2 0 8 0 extentpl 40 56 0 38 1 0 1 1 0 8 0 phpool 112 490 0 31 14 0 14 14 0 8 0 ddb{0}> machine ddbcpu 0 Invalid cpu 0 ddb{0}> trace db_enter() at db_enter+0x1c panic(ffffffff82845706) at panic+0x17b uvm_fault_unwire_locked(fffffd806e37e010,20000000,20a0a000) at uvm_fault_unwire_locked+0x321 uvm_fault_unwire(fffffd806e37e010,20000000,20a0a000) at uvm_fault_unwire+0x43 sys_sysctl(ffff800021230588,ffff800021267a50,ffff800021267aa0) at sys_sysctl+0x304 syscall(ffff800021267b20) at syscall+0x606 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x86c36cdb0b0, count: -7 ddb{0}> machine ddbcpu 1 Stopped at x86_ipi_db+0x1e: addq $0x8,%rsp x86_ipi_db(ffff800020d58ff0) at x86_ipi_db+0x1e x86_ipi_handler() at x86_ipi_handler+0xb7 Xresume_lapic_ipi() at Xresume_lapic_ipi+0x23 __mp_lock(ffffffff82c48800) at __mp_lock+0x122 syscall(ffff8000212073b0) at syscall+0x5cd Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x70e119388350, count: 9 ddb{1}> trace x86_ipi_db(ffff800020d58ff0) at x86_ipi_db+0x1e x86_ipi_handler() at x86_ipi_handler+0xb7 Xresume_lapic_ipi() at Xresume_lapic_ipi+0x23 __mp_lock(ffffffff82c48800) at __mp_lock+0x122 syscall(ffff8000212073b0) at syscall+0x5cd Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x70e119388350, count: -6 ddb{1}>