panic: kernel diagnostic assertion "next != NULL && next->start <= entry->end" failed: file "/syzkaller/managers/multicore/kernel/sys/uvm/uvm_fault.c", line 1354 Stopped at db_enter+0xa: popq %rbp TID PID UID PRFLAGS PFLAGS CPU COMMAND * 10269 83986 0 0 0x4000000 1K syz-executor8120 db_enter() at db_enter+0xa sys/arch/amd64/amd64/db_interface.c:399 panic() at panic+0x147 sys/kern/subr_prf.c:208 __assert(ffffffff8132b5f4,ffff80002111b350,20008000,20011000) at __assert+0x24 sys/kern/subr_prf.c:155 uvm_fault_unwire_locked(20000000,20011000,0) at uvm_fault_unwire_locked+0x1f9 sys/uvm/uvm_fault.c:1351 uvm_fault_unwire(10000,ffffff006d2bf800,10000) at uvm_fault_unwire+0x3b sys/uvm/uvm_fault.c:1314 physio(ffff80002111b648,ffffff006d8ca968,ffffff006d8ca968,ffff80002111b648,ffff80002111b518) at physio+0x2ba sys/kern/kern_physio.c:183 spec_read(0) at spec_read+0xa5 sys/kern/spec_vnops.c:223 VOP_READ(ffff80002111b648,ffffff006d8ca968,ffffff006e4a42d8,0) at VOP_READ+0x5e sys/kern/vfs_vops.c:247 vn_read(ffffff006e4a42d8,ffff8000210f4010,fffffe73) at vn_read+0x130 sys/kern/vfs_vnops.c:365 dofilereadv(ffff8000210f4010,ffff80002111b6f0,fffffe73,ffff80002111b708,b53815ff038) at dofilereadv+0x14f sys/kern/sys_generic.c:235 sys_read(30,ffff8000210f4010,0) at sys_read+0x6e sys/kern/sys_generic.c:155 syscall(0) at syscall+0x489 mi_syscall sys/sys/syscall_mi.h:99 [inline] syscall(0) at syscall+0x489 sys/arch/amd64/amd64/trap.c:583 Xsyscall(6,0,b53975ed0a0,0,b50d7474098,b50d7474090) at Xsyscall+0x128 end of kernel end trace frame: 0xb53815ff060, count: 2 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb{1}> ddb{1}> set $lines = 0 ddb{1}> show panic kernel diagnostic assertion "next != NULL && next->start <= entry->end" failed: file "/syzkaller/managers/multicore/kernel/sys/uvm/uvm_fault.c", line 1354 ddb{1}> trace db_enter() at db_enter+0xa sys/arch/amd64/amd64/db_interface.c:399 panic() at panic+0x147 sys/kern/subr_prf.c:208 __assert(ffffffff8132b5f4,ffff80002111b350,20008000,20011000) at __assert+0x24 sys/kern/subr_prf.c:155 uvm_fault_unwire_locked(20000000,20011000,0) at uvm_fault_unwire_locked+0x1f9 sys/uvm/uvm_fault.c:1351 uvm_fault_unwire(10000,ffffff006d2bf800,10000) at uvm_fault_unwire+0x3b sys/uvm/uvm_fault.c:1314 physio(ffff80002111b648,ffffff006d8ca968,ffffff006d8ca968,ffff80002111b648,ffff80002111b518) at physio+0x2ba sys/kern/kern_physio.c:183 spec_read(0) at spec_read+0xa5 sys/kern/spec_vnops.c:223 VOP_READ(ffff80002111b648,ffffff006d8ca968,ffffff006e4a42d8,0) at VOP_READ+0x5e sys/kern/vfs_vops.c:247vn_read(ffffff006e4a42d8,ffff8000210f4010,fffffe73) at vn_read+0x130 dofilereadv(ffff8000210f4010,ffff80002111b6f0,fffffe73,ffff80002111b708,b53815ff038) at dofilereadv+0x14f sys/kern/sys_generic.c:235 sys_read(30,ffff8000210f4010,0) at sys_read+0x6e sys/kern/sys_generic.c:155 syscall(0) at syscall+0x489 mi_syscall sys/sys/syscall_mi.h:99 [inline] syscall(0) at syscall+0x489 sys/arch/amd64/amd64/trap.c:583 Xsyscall(6,0,b53975ed0a0,0,b50d7474098,b50d7474090) at Xsyscall+0x128 end of kernel end trace frame: 0xb53815ff060, count: -13 ddb{1}> show registers rdi 0xffffffff81e27170 kprintf_mutex rsi 0x5 rbp 0xffff80002111b2b0 rbx 0xffff80002111b350 rdx 0x3fd rcx 0 rax 0x1 r8 0xffff80002111b280 r9 0x8080808080808080 r10 0 r11 0xffffffff812f8ba0 x86_bus_space_io_read_1 r12 0x3000000008 r13 0xffff80002111b2c0 r14 0x100 r15 0xffffffff81bf514e cmd0646_9_tim_udma+0x1eab3 rip 0xffffffff818e4fea db_enter+0xa cs 0x8 rflags 0x202 rsp 0xffff80002111b2b0 ss 0x10 db_enter+0xa: popq %rbp ddb{1}> show proc PROC (syz-executor8120) pid=10269 stat=onproc flags process=0 proc=4000000 pri=17, usrpri=86, nice=20 forw=0xffffffffffffffff, list=0xffff8000210f4bc8,0xffff8000210f44d0 process=0xffff800021070fd0 user=0xffff800021116000, vmspace=0xffffff007f125c60 estcpu=36, cpticks=2, pctcpu=0.0 user=0, sys=2, intr=0 ddb{1}> ps PID TID PPID UID S FLAGS WAIT COMMAND 83986 12042 6606 0 3 0x80 nanosleep syz-executor8120 *83986 10269 6606 0 7 0x4000000 syz-executor8120 83986 110087 6606 0 3 0x4000080 fsleep syz-executor8120 6606 9747 92253 0 3 0x82 nanosleep syz-executor8120 92253 305578 74197 0 3 0x10008a pause ksh 74197 266486 46347 0 3 0x92 select sshd 19217 329309 1 0 3 0x100083 ttyin getty 46347 395782 1 0 3 0x80 select sshd 36461 389446 40994 73 3 0x100090 kqread syslogd 40994 370430 1 0 3 0x100082 netio syslogd 891 46690 1 77 3 0x100090 poll dhclient 26508 42021 1 0 3 0x80 poll dhclient 77262 10265 0 0 3 0x14200 pgzero zerothread 95597 17271 0 0 3 0x14200 aiodoned aiodoned 77622 160427 0 0 3 0x14200 syncer update 376 159265 0 0 3 0x14200 cleaner cleaner 55143 500485 0 0 3 0x14200 reaper reaper 26165 61597 0 0 3 0x14200 pgdaemon pagedaemon 95905 217790 0 0 3 0x14200 bored crynlk 49743 436122 0 0 3 0x14200 bored crypto 1655 477308 0 0 3 0x40014200 acpi0 acpi0 79504 274047 0 0 3 0x40014200 idle1 19847 84012 0 0 3 0x14200 bored softnet 38359 168216 0 0 3 0x14200 bored systqmp 21912 331360 0 0 3 0x14200 bored systq 25658 142620 0 0 3 0x40014200 bored softclock 23784 325256 0 0 7 0x40014200 idle0 1 341806 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper