panic: uvm_fault_unwire_locked: address not in map Stopped at db_enter+0x25: addq $0x8,%rsp TID PID UID PRFLAGS PFLAGS CPU COMMAND *198574 7497 0 0x1000 0x4080000 0 syz-executor db_enter() at db_enter+0x25 sys/arch/amd64/amd64/db_interface.c:438 panic(ffffffff833dc55f) at panic+0x1cf sys/kern/subr_prf.c:198 uvm_fault_unwire_locked(fffffd806c0c52e0,400000000000,400000001000) at uvm_fault_unwire_locked+0x487 sys/uvm/uvm_fault.c:1741 uvm_fault_unwire(fffffd806c0c52e0,400000000000,400000001000) at uvm_fault_unwire+0x55 sys/uvm/uvm_fault.c:1704 kern_sysctl_dirs(4e,ffff80003a52db48,1,400000000100,ffff80003a52db78,0,88f64f4d9f821895,1) at kern_sysctl_dirs+0x5d1 kern_sysctl(ffff80003a52db44,2,400000000100,ffff80003a52db78,0,27,5b851070bfa79a24) at kern_sysctl+0x12d sys/kern/kern_sysctl.c:526 sys_sysctl(ffff80002f10a030,ffff80003a52dcb0,ffff80003a52dc00) at sys_sysctl+0x425 syscall(ffff80003a52dcb0) at syscall+0x97e sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x93c843514d0, count: 6 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic *cpu0: uvm_fault_unwire_locked: address not in map ddb> trace db_enter() at db_enter+0x25 sys/arch/amd64/amd64/db_interface.c:438 panic(ffffffff833dc55f) at panic+0x1cf sys/kern/subr_prf.c:198 uvm_fault_unwire_locked(fffffd806c0c52e0,400000000000,400000001000) at uvm_fault_unwire_locked+0x487 sys/uvm/uvm_fault.c:1741 uvm_fault_unwire(fffffd806c0c52e0,400000000000,400000001000) at uvm_fault_unwire+0x55 sys/uvm/uvm_fault.c:1704 kern_sysctl_dirs(4e,ffff80003a52db48,1,400000000100,ffff80003a52db78,0,88f64f4d9f821895,1) at kern_sysctl_dirs+0x5d1 kern_sysctl(ffff80003a52db44,2,400000000100,ffff80003a52db78,0,27,5b851070bfa79a24) at kern_sysctl+0x12d sys/kern/kern_sysctl.c:526 sys_sysctl(ffff80002f10a030,ffff80003a52dcb0,ffff80003a52dc00) at sys_sysctl+0x425 syscall(ffff80003a52dcb0) at syscall+0x97e sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x93c843514d0, count: -9 ddb> show registers rdi 0 rsi 0x1 rbp 0xffff80003a52d750 rbx 0xe rdx 0xffff800001458cc0 rcx 0 rax 0xffff80002f10a030 r8 0x101010101010101 r9 0x8080808080808080 r10 0x4371e50def9f6391 r11 0xfbdc2246437d710b r12 0 r13 0x7f7fffffc000 r14 0 r15 0x1 rip 0xffffffff8175cf35 db_enter+0x25 cs 0x8 rflags 0x246 rsp 0xffff80003a52d740 ss 0x10 db_enter+0x25: addq $0x8,%rsp ddb> show proc PROC (syz-executor) tid=198574 pid=7497 tcnt=2 stat=onproc flags process=1000 proc=4080000 runpri=32, usrpri=85, slppri=32, nice=20 wchan=0x0, wmesg=, ps_single=0xffff80002f10aa70 scnt=1 ecnt=0 forw=0xffffffffffffffff, list=0xffff80002f10aa70,0xffff80003a946a70 process=0xffff8000ffff3898 user=0xffff80003a528000, vmspace=0xfffffd806c0c52e0 estcpu=35, cpticks=1, pctcpu=0.0, user=0, sys=1, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 31693 404038 28307 0 2 0 syz-executor 31693 42235 28307 0 3 0x4000080 fsleep syz-executor 97325 268872 95224 0 2 0 syz-executor 97325 205238 95224 0 3 0x4000080 sbwait syz-executor 97325 117729 95224 0 2 0x4000000 syz-executor 12544 399451 80128 0 3 0x80 nanoslp syz-executor 12544 24858 80128 0 3 0x4000080 sysctllk syz-executor 12544 423173 80128 0 3 0x4000080 sysctllk syz-executor 75489 253976 99318 0 3 0x80 nanoslp syz-executor 75489 76529 99318 0 3 0x4000080 kqsel syz-executor 75489 34123 99318 0 3 0x4000080 kqread syz-executor 75489 315001 99318 0 3 0x4000080 fsleep syz-executor 47436 491277 36917 -1 3 0x90 nanoslp syz-executor 47436 74390 36917 -1 3 0x4000090 kqsel syz-executor 47436 327137 36917 -1 3 0x4000090 fsleep syz-executor 7497 121448 89626 0 3 0x3000 suspend syz-executor * 7497 198574 89626 0 7 0x4081000 syz-executor 92738 457735 0 0 3 0x14200 acct acct 89532 174296 0 0 3 0x14280 nfsidl nfsio 92840 190140 0 0 3 0x14280 nfsidl nfsio 89566 178965 0 0 3 0x14280 nfsidl nfsio 35034 21389 0 0 3 0x14280 nfsidl nfsio 87838 361578 0 0 3 0x14280 nfsidl nfsio 35248 152756 0 0 3 0x14280 nfsidl nfsio 87690 241472 0 0 3 0x14280 nfsidl nfsio 67508 413700 0 0 3 0x14280 nfsidl nfsio 18273 483794 0 0 3 0x14280 nfsidl nfsio 29067 134888 0 0 3 0x14280 nfsidl nfsio 46051 394093 0 0 3 0x14280 nfsidl nfsio 22766 334170 0 0 3 0x14280 nfsidl nfsio 73041 12992 0 0 3 0x14280 nfsidl nfsio 16349 183422 0 0 3 0x14280 nfsidl nfsio 51225 277459 0 0 3 0x14280 nfsidl nfsio 77923 105482 0 0 3 0x14280 nfsidl nfsio 69922 216894 0 0 3 0x14280 nfsidl nfsio 95036 89429 0 0 3 0x14280 nfsidl nfsio 71523 467873 0 0 3 0x14280 nfsidl nfsio 59623 195093 0 0 3 0x14280 nfsidl nfsio 78260 352333 0 0 3 0x14200 bored sosplice 36917 173795 33413 0 3 0x82 nanoslp syz-executor 89626 201607 33413 0 3 0x82 nanoslp syz-executor 52489 260153 33413 0 2 0x2 syz-executor 95224 70797 33413 0 3 0x82 nanoslp syz-executor 99318 130965 33413 0 3 0x82 nanoslp syz-executor 36357 331274 33413 0 2 0x2 syz-executor 28307 507755 33413 0 3 0x82 nanoslp syz-executor 80128 52055 33413 0 3 0x82 nanoslp syz-executor 33413 363829 20355 0 3 0x82 kqread syz-executor 20355 378870 98324 0 3 0x10008a sigsusp ksh 98324 106583 42238 0 3 0x98 kqread sshd-session 42238 424368 2890 0 3 0x92 kqread sshd-session 88162 104082 1 0 3 0x100083 ttyopn getty 2890 481584 1 0 3 0x88 kqread sshd 3944 398585 31155 73 3 0x1100090 kqread syslogd 31155 77412 1 0 3 0x100082 sbwait syslogd 44258 32995 1 0 3 0x100080 kqread resolvd 23433 355184 77946 77 3 0x100092 kqread dhcpleased 4648 418781 77946 77 3 0x100092 kqread dhcpleased 77946 419018 1 0 3 0x80 kqread dhcpleased 49354 165345 0 0 3 0x14200 bored smr 99828 510825 0 0 2 0x14200 zerothread 82047 473720 0 0 3 0x14200 aiodoned aiodoned 18475 370146 0 0 3 0x14200 syncer update 22786 482256 0 0 3 0x14200 cleaner cleaner 42716 209370 0 0 3 0x14200 reaper reaper 57413 423120 0 0 3 0x14200 pgdaemon pagedaemon 30921 282704 0 0 3 0x14200 bored viomb 71859 258281 0 0 3 0x40014200 acpi0 acpi0 67178 305749 0 0 3 0x14200 bored softnet3 42517 211876 0 0 3 0x14200 bored softnet2 31785 320817 0 0 3 0x14200 bored softnet1 10168 374507 0 0 3 0x14200 bored softnet0 47548 345919 0 0 3 0x14200 bored systqmp 16541 357714 0 0 3 0x14200 bored systq 36935 354332 0 0 3 0x40014200 tmoslp softclock 50350 352616 0 0 3 0x40014200 idle0 1 502327 0 0 3 0x80082 wait init 0 0 -1 0 3 0x10010200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10213 11130K 11568K 166960K 13611 0 pcb 17 16K 18K 166960K 547 0 rtable 200 8K 9K 166960K 529 0 pf 33 13K 15K 166960K 143 0 ifaddr 38 6K 8K 166960K 103 0 ifgroup 57 2K 2K 166960K 189 0 sysctl 4 1K 3K 166960K 11 0 counters 31 17K 18K 166960K 90 0 ioctlops 0 0K 4K 166960K 287 0 iov 0 0K 16K 166960K 227 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1418 89K 90K 166960K 2815 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 1K 9K 166960K 27 0 VM map 2 1K 1K 166960K 2 0 sem 12 0K 0K 166960K 198 0 dirhash 12 2K 2K 166960K 24 0 ACPI 1692 195K 286K 166960K 12470 0 file desc 16 57K 106K 166960K 1465 0 sigio 0 0K 0K 166960K 48 0 proc 62 67K 124K 166960K 592 0 subproc 72 4K 4K 166960K 74 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 0 0K 0K 166960K 230 0 in_multi 73 5K 7K 166960K 139 0 ether_multi 1 0K 0K 166960K 7 0 mrt 1 0K 0K 166960K 6 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 247 1102K 1102K 166960K 247 0 exec 0 0K 1K 166960K 863 0 fusefs mount 1 32K 32K 166960K 1 0 pfkey data 0 0K 0K 166960K 2 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 217 72K 87K 166960K 15777 0 UVM aobj 101 5K 5K 166960K 108 0 pinsyscall 37 74K 96K 166960K 2500 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 0K 166960K 82 0 NDP 12 0K 1K 166960K 71 0 temp 78 8684K 8780K 166960K 47835 0 kqueue 15 24K 30K 166960K 260 0 SYN cache 2 16K 16K 166960K 2 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle rtpcb 120 232 0 228 2 1 1 2 0 8 0 rtentry 112 156 0 70 4 0 4 4 0 8 0 unpcb 144 1026 0 1003 8 6 2 6 0 8 1 syncache 336 5 0 5 2 2 0 1 0 8 0 tcpqe 32 2 0 2 1 1 0 1 0 8 0 tcpcb 808 595 0 591 17 13 4 8 0 8 3 arp 88 26 0 8 1 0 1 1 0 8 0 ipq 40 2 0 1 1 0 1 1 0 8 0 ipqe 40 3 0 1 1 0 1 1 0 8 0 inpcb 344 2265 0 2257 25 12 13 14 0 8 11 nd6 104 36 0 14 1 0 1 1 0 8 0 pkpcb 40 5 0 5 2 1 1 1 0 8 1 kcovpl 48 8 0 0 1 0 1 1 0 8 0 mppekey 1024 1 0 1 1 1 0 1 0 8 0 ppxss 1072 43 0 43 2 1 1 1 0 8 1 pppxif 1384 8 0 8 3 2 1 1 0 8 1 art_heap8 4096 2 0 0 2 0 2 2 0 8 0 art_heap4 256 611 0 252 30 5 25 30 0 8 0 art_table 32 613 0 252 4 0 4 4 0 8 0 art_node 16 151 0 78 1 0 1 1 0 8 0 sysvmsgpl 40 8 0 5 1 0 1 1 0 8 0 semapl 112 195 0 185 1 0 1 1 0 8 0 shmpl 112 105 0 7 3 0 3 3 0 8 0 dirhash 1024 25 0 8 3 0 3 3 0 8 0 dino2pl 256 4282 0 2793 95 0 95 95 0 8 0 ffsino 248 4282 0 2793 95 0 95 95 0 8 0 nchpl 144 6501 0 5970 63 42 21 63 0 8 0 rtmask 32 5 0 5 2 2 0 1 0 8 0 uvmvnodes 80 5129 0 0 105 0 105 105 0 8 0 vnodes 216 5129 0 0 285 0 285 285 0 8 0 namei 1024 23848 0 23848 3 2 1 2 0 8 1 kstatmem 264 110 0 86 3 1 2 3 0 8 0 scsiplug 72 2 0 2 1 1 0 1 0 8 0 scxspl 216 18416 0 18416 9 8 1 8 1 8 1 plimitpl 152 552 0 534 1 0 1 1 0 8 0 sigapl 424 1765 0 1699 9 1 8 8 0 8 0 futexpl 64 20524 0 20521 1 0 1 1 0 8 0 knotepl 120 155160 0 155109 25 15 10 10 0 8 8 kqueuepl 184 596 0 583 7 3 4 4 0 8 3 pipepl 296 448 0 421 8 5 3 8 0 8 0 fdescpl 440 1724 0 1696 5 1 4 5 0 8 0 filepl 120 13610 0 13393 17 6 11 14 0 8 2 lockfpl 104 372 0 370 1 0 1 1 0 8 0 lockfspl 48 166 0 164 1 0 1 1 0 8 0 sessionpl 144 23 0 15 1 0 1 1 0 8 0 pgrppl 48 143 0 127 1 0 1 1 0 8 0 ucredpl 104 2593 0 2581 1 0 1 1 0 8 0 zombiepl 144 2458 0 2457 1 0 1 1 0 8 0 processpl 1112 1765 0 1699 5 0 5 5 0 8 0 procpl 656 4212 0 4135 9 1 8 8 0 8 0 sosppl 168 9 0 9 3 2 1 1 0 8 1 sockpl 528 3559 0 3524 23 11 12 12 0 8 8 mcl64k 65536 36 0 36 3 2 1 1 0 8 1 mcl8k 8192 21 0 21 3 2 1 1 0 8 1 mcl4k 4096 4493 0 4444 17 10 7 16 0 8 0 mcl2k 2048 1735 0 1730 5 3 2 3 0 8 1 mtagpl 96 158 0 42 4 0 4 4 0 8 0 mbufpl 256 21306 0 21089 47 24 23 40 0 8 7 bufpl 280 5968 0 129 418 0 418 418 0 8 0 anonpl 24 208265 0 202783 90 43 47 69 0 187 0 amapchunkpl 152 52023 0 51484 41 11 30 32 0 158 7 amappl16 200 2951 0 2846 39 29 10 23 0 8 0 amappl15 192 3 0 3 1 1 0 1 0 8 0 amappl14 184 107 0 97 1 0 1 1 0 8 0 amappl13 176 35 0 34 1 0 1 1 0 8 0 amappl12 168 2334 0 2305 3 0 3 3 0 8 0 amappl11 160 44 0 33 1 0 1 1 0 8 0 amappl10 152 1 0 1 1 1 0 1 0 8 0 amappl9 144 253 0 253 1 1 0 1 0 8 0 amappl8 136 18 0 16 1 0 1 1 0 8 0 amappl7 128 102 0 91 1 0 1 1 0 8 0 amappl6 120 167 0 163 1 0 1 1 0 8 0 amappl5 112 130 0 123 1 0 1 1 0 8 0 amappl4 104 359 0 343 1 0 1 1 0 8 0 amappl3 96 10571 0 10465 5 1 4 4 0 8 0 amappl2 88 631 0 574 2 0 2 2 0 8 0 amappl1 80 11713 0 11207 14 2 12 13 0 8 0 amappl 88 15339 0 15171 5 0 5 5 0 92 0 dma32768 32768 1 0 1 1 1 0 1 0 8 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 7 0 7 2 2 0 1 0 8 0 dma128 128 255 0 255 2 2 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 107 0 7 2 0 2 2 0 8 0 uaddrrnd 24 1724 0 1696 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 1724 0 1696 1 0 1 1 0 8 0 vmmpekpl 168 16081 0 16045 3 0 3 3 0 8 0 vmmpepl 168 106979 0 105202 105 20 85 96 0 357 0 vmsppl 360 1723 0 1696 4 1 3 4 0 8 0 rwobjpl 32 33123 0 26968 50 0 50 50 0 8 0 pdppl 4096 3455 0 3392 117 50 67 83 0 8 4 pvpl 32 680021 0 669155 182 67 115 144 0 265 17 pmappl 216 1723 0 1696 3 0 3 3 0 8 0 extentpl 40 55 0 38 1 0 1 1 0 8 0 phpool 112 350 0 118 8 0 8 8 0 8 0 ddb> machine ddbcpu 0 No such command ddb> trace db_enter() at db_enter+0x25 sys/arch/amd64/amd64/db_interface.c:438 panic(ffffffff833dc55f) at panic+0x1cf sys/kern/subr_prf.c:198 uvm_fault_unwire_locked(fffffd806c0c52e0,400000000000,400000001000) at uvm_fault_unwire_locked+0x487 sys/uvm/uvm_fault.c:1741 uvm_fault_unwire(fffffd806c0c52e0,400000000000,400000001000) at uvm_fault_unwire+0x55 sys/uvm/uvm_fault.c:1704 kern_sysctl_dirs(4e,ffff80003a52db48,1,400000000100,ffff80003a52db78,0,88f64f4d9f821895,1) at kern_sysctl_dirs+0x5d1 kern_sysctl(ffff80003a52db44,2,400000000100,ffff80003a52db78,0,27,5b851070bfa79a24) at kern_sysctl+0x12d sys/kern/kern_sysctl.c:526 sys_sysctl(ffff80002f10a030,ffff80003a52dcb0,ffff80003a52dc00) at sys_sysctl+0x425 syscall(ffff80003a52dcb0) at syscall+0x97e sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x93c843514d0, count: -9 ddb> machine ddbcpu 1 No such command ddb> trace db_enter() at db_enter+0x25 sys/arch/amd64/amd64/db_interface.c:438 panic(ffffffff833dc55f) at panic+0x1cf sys/kern/subr_prf.c:198 uvm_fault_unwire_locked(fffffd806c0c52e0,400000000000,400000001000) at uvm_fault_unwire_locked+0x487 sys/uvm/uvm_fault.c:1741 uvm_fault_unwire(fffffd806c0c52e0,400000000000,400000001000) at uvm_fault_unwire+0x55 sys/uvm/uvm_fault.c:1704 kern_sysctl_dirs(4e,ffff80003a52db48,1,400000000100,ffff80003a52db78,0,88f64f4d9f821895,1) at kern_sysctl_dirs+0x5d1 kern_sysctl(ffff80003a52db44,2,400000000100,ffff80003a52db78,0,27,5b851070bfa79a24) at kern_sysctl+0x12d sys/kern/kern_sysctl.c:526 sys_sysctl(ffff80002f10a030,ffff80003a52dcb0,ffff80003a52dc00) at sys_sysctl+0x425 syscall(ffff80003a52dcb0) at syscall+0x97e sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x93c843514d0, count: -9