panic: uvm_fault_unwire_locked: address not in map Stopped at db_enter+0x25: addq $0x8,%rsp TID PID UID PRFLAGS PFLAGS CPU COMMAND *288672 67674 0 0x1000 0x4080000 0 syz-executor db_enter() at db_enter+0x25 sys/arch/amd64/amd64/db_interface.c:438 panic(ffffffff833d8fa0) at panic+0x1cf sys/kern/subr_prf.c:198 uvm_fault_unwire_locked(fffffd806c0cdb50,400000000000,400000001000) at uvm_fault_unwire_locked+0x48d sys/uvm/uvm_fault.c:1739 uvm_fault_unwire(fffffd806c0cdb50,400000000000,400000001000) at uvm_fault_unwire+0x55 sys/uvm/uvm_fault.c:1702 kern_sysctl_dirs(4e,ffff8000389393b8,1,400000000100,ffff8000389393e8,0,36b8411ac3de6523,1) at kern_sysctl_dirs+0x5d1 kern_sysctl(ffff8000389393b4,2,400000000100,ffff8000389393e8,0,27,d41f3f40974c9d2a) at kern_sysctl+0x12d sys/kern/kern_sysctl.c:526 sys_sysctl(ffff80003c9ec550,ffff800038939520,ffff800038939470) at sys_sysctl+0x425 syscall(ffff800038939520) at syscall+0x97e sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xc9b4c8560c0, count: 6 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic *cpu0: uvm_fault_unwire_locked: address not in map ddb> trace db_enter() at db_enter+0x25 sys/arch/amd64/amd64/db_interface.c:438 panic(ffffffff833d8fa0) at panic+0x1cf sys/kern/subr_prf.c:198 uvm_fault_unwire_locked(fffffd806c0cdb50,400000000000,400000001000) at uvm_fault_unwire_locked+0x48d sys/uvm/uvm_fault.c:1739 uvm_fault_unwire(fffffd806c0cdb50,400000000000,400000001000) at uvm_fault_unwire+0x55 sys/uvm/uvm_fault.c:1702 kern_sysctl_dirs(4e,ffff8000389393b8,1,400000000100,ffff8000389393e8,0,36b8411ac3de6523,1) at kern_sysctl_dirs+0x5d1 kern_sysctl(ffff8000389393b4,2,400000000100,ffff8000389393e8,0,27,d41f3f40974c9d2a) at kern_sysctl+0x12d sys/kern/kern_sysctl.c:526 sys_sysctl(ffff80003c9ec550,ffff800038939520,ffff800038939470) at sys_sysctl+0x425 syscall(ffff800038939520) at syscall+0x97e sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xc9b4c8560c0, count: -9 ddb> show registers rdi 0 rsi 0x1 rbp 0xffff800038938fc0 rbx 0xe rdx 0xffff80000144efc0 rcx 0 rax 0xffff80003c9ec550 r8 0x101010101010101 r9 0x8080808080808080 r10 0x8d29250007a96522 r11 0x9ccd8751cf3379c0 r12 0 r13 0x7f7fffffc000 r14 0 r15 0x1 rip 0xffffffff82131625 db_enter+0x25 cs 0x8 rflags 0x246 rsp 0xffff800038938fb0 ss 0x10 db_enter+0x25: addq $0x8,%rsp ddb> show proc PROC (syz-executor) tid=288672 pid=67674 tcnt=3 stat=onproc flags process=1000 proc=4080000 runpri=32, usrpri=78, slppri=32, nice=20 wchan=0x0, wmesg=, ps_single=0xffff800031516038 scnt=2 ecnt=0 forw=0xffffffffffffffff, list=0xffff800031517228,0xffff800031517758 process=0xffff80003c9c6fe8 user=0xffff800038934000, vmspace=0xfffffd806c0cdb50 estcpu=28, cpticks=0, pctcpu=0.0, user=0, sys=0, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 84920 210399 22691 0 3 0x80 nanoslp syz-executor 84920 125980 22691 0 3 0x4000080 fsleep syz-executor 84920 344685 22691 0 3 0x4000080 sysctllk syz-executor 84920 30347 22691 0 3 0x4000080 fsleep syz-executor 83593 176643 94768 0 3 0x90 nanoslp syz-executor 83593 118804 94768 0 3 0x4000090 piperd syz-executor 65282 218335 6349 0 3 0x90 nanoslp syz-executor 65282 372342 6349 0 3 0x4000090 sysctllk syz-executor 65282 508407 6349 0 3 0x4000090 fsleep syz-executor 54010 641 20048 0 3 0x80 nanoslp syz-executor 54010 492027 20048 0 3 0x4000080 sysctllk syz-executor 54010 54592 20048 0 3 0x4000080 fsleep syz-executor 54010 48121 20048 0 3 0x4000080 fsleep syz-executor 72664 466323 50458 0 4 0x82000 syz-executor 72664 196511 50458 0 4 0x4082000 syz-executor 72664 467426 50458 0 4 0x4082000 syz-executor 72664 487857 50458 0 4 0x4082000 syz-executor 72664 99986 50458 0 4 0x4082000 syz-executor 72664 511358 50458 0 2 0x4082000 syz-executor 72664 338991 50458 0 3 0x4002000 suspend syz-executor 67674 207476 4027 0 3 0x3000 suspend syz-executor *67674 288672 4027 0 7 0x4081000 syz-executor 67674 522093 4027 0 2 0x4081000 syz-executor 38011 96987 0 0 3 0x14280 nfsidl nfsio 52009 330790 0 0 3 0x14280 nfsidl nfsio 65448 246444 0 0 3 0x14280 nfsidl nfsio 13575 252431 0 0 3 0x14280 nfsidl nfsio 45931 322033 0 0 3 0x14280 nfsidl nfsio 37831 369862 0 0 3 0x14280 nfsidl nfsio 52004 306016 0 0 3 0x14280 nfsidl nfsio 65458 43098 0 0 3 0x14280 nfsidl nfsio 9736 519794 0 0 3 0x14280 nfsidl nfsio 78235 194702 0 0 3 0x14280 nfsidl nfsio 77979 180843 0 0 3 0x14280 nfsidl nfsio 30661 69392 0 0 3 0x14280 nfsidl nfsio 56870 263575 0 0 3 0x14280 nfsidl nfsio 89280 276101 0 0 3 0x14280 nfsidl nfsio 59752 1878 0 0 3 0x14280 nfsidl nfsio 2766 108891 0 0 3 0x14280 nfsidl nfsio 81847 352270 0 0 3 0x14280 nfsidl nfsio 71779 49744 0 0 3 0x14280 nfsidl nfsio 20411 366499 0 0 3 0x14280 nfsidl nfsio 98389 146662 0 0 3 0x14280 nfsidl nfsio 67353 254576 0 0 3 0x14200 bored sosplice 38461 452237 37615 0 3 0x82 nanoslp syz-executor 29887 205172 37615 0 3 0x82 wait syz-executor 4027 237515 37615 0 3 0x82 nanoslp syz-executor 50458 374676 37615 0 3 0x82 nanoslp syz-executor 22691 262684 37615 0 3 0x82 nanoslp syz-executor 94768 335551 37615 0 3 0x82 nanoslp syz-executor 6349 431563 37615 0 3 0x82 nanoslp syz-executor 20048 138207 37615 0 3 0x82 nanoslp syz-executor 37615 325085 61940 0 3 0x82 kqread syz-executor 61940 191883 43553 0 3 0x10008a sigsusp ksh 43553 42189 4013 0 3 0x98 kqread sshd-session 4013 72455 13474 0 3 0x92 kqread sshd-session 75880 410560 1 0 3 0x100083 ttyin getty 13474 209992 1 0 3 0x88 kqread sshd 23755 237432 30314 73 3 0x1100090 kqread syslogd 30314 488404 1 0 3 0x100082 sbwait syslogd 12288 272716 1 0 3 0x100080 kqread resolvd 93461 159173 70945 77 3 0x100092 kqread dhcpleased 54341 389391 70945 77 3 0x100092 kqread dhcpleased 70945 305175 1 0 3 0x80 kqread dhcpleased 81174 186083 0 0 3 0x14200 bored smr 52421 516303 0 0 3 0x14200 pgzero zerothread 68738 140247 0 0 3 0x14200 aiodoned aiodoned 28348 31294 0 0 3 0x14200 syncer update 19150 356186 0 0 3 0x14200 cleaner cleaner 35174 410847 0 0 3 0x14200 reaper reaper 19208 55870 0 0 3 0x14200 pgdaemon pagedaemon 16946 509225 0 0 3 0x14200 bored viomb 88901 283206 0 0 3 0x40014200 acpi0 acpi0 53354 313297 0 0 3 0x14200 bored softnet3 92117 277060 0 0 3 0x14200 bored softnet2 29942 401829 0 0 3 0x14200 bored softnet1 62237 216142 0 0 3 0x14200 bored softnet0 68648 286490 0 0 3 0x14200 bored systqmp 4477 423307 0 0 3 0x14200 bored systq 27488 138814 0 0 3 0x40014200 tmoslp softclock 38738 364749 0 0 3 0x40014200 idle0 1 145970 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10204 11117K 11505K 166960K 11685 0 pcb 20 12K 12K 166960K 60 0 rtable 244 9K 10K 166960K 404 0 pf 31 13K 21K 166960K 56 0 ifaddr 40 7K 8K 166960K 59 0 ifgroup 50 2K 2K 166960K 81 0 sysctl 3 1K 1K 166960K 3 0 counters 30 17K 17K 166960K 45 0 ioctlops 0 0K 4K 166960K 130 0 iov 1 0K 16K 166960K 86 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1338 84K 85K 166960K 1643 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 1K 5K 166960K 8 0 VM map 2 1K 1K 166960K 2 0 sem 12 3K 3K 166960K 20 0 dirhash 12 2K 2K 166960K 18 0 ACPI 1692 195K 286K 166960K 12470 0 file desc 18 65K 97K 166960K 412 0 sigio 0 0K 0K 166960K 8 0 proc 60 59K 116K 166960K 497 0 subproc 72 4K 4K 166960K 72 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 0 0K 0K 166960K 49 0 in_multi 89 6K 7K 166960K 124 0 ether_multi 1 0K 0K 166960K 2 0 mrt 1 0K 0K 166960K 1 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 223 996K 996K 166960K 223 0 exec 0 0K 1K 166960K 383 0 fusefs mount 1 32K 32K 166960K 1 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 252 73K 88K 166960K 5182 0 UVM aobj 11 2K 2K 166960K 13 0 pinsyscall 39 78K 96K 166960K 1439 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 0K 166960K 18 0 NDP 11 0K 2K 166960K 35 0 temp 52 8677K 8741K 166960K 8633 0 kqueue 17 24K 28K 166960K 73 0 SYN cache 2 16K 16K 166960K 2 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle rtpcb 120 93 0 90 2 0 2 2 0 8 1 rtentry 128 121 0 14 4 0 4 4 0 8 0 unpcb 144 437 0 419 6 0 6 6 0 8 5 syncache 336 4 0 4 1 0 1 1 0 8 1 tcpcb 808 95 0 91 4 0 4 4 0 8 3 arp 88 19 0 0 1 0 1 1 0 8 0 ipq 40 1 0 0 1 0 1 1 0 8 0 ipqe 40 65 0 64 1 0 1 1 0 8 0 inpcb 344 452 0 440 7 0 7 7 0 8 5 nd6 104 26 0 4 1 0 1 1 0 8 0 pkpcb 40 3 0 3 1 0 1 1 0 8 1 kcovpl 48 8 0 0 1 0 1 1 0 8 0 ppxss 1072 9 0 9 1 0 1 1 0 8 1 pppxif 1384 5 0 5 1 0 1 1 0 8 1 pfrktable 1344 4 0 1 1 0 1 1 0 8 0 pfanchor 1288 1 0 0 1 0 1 1 0 8 0 pftag 88 2 0 0 1 0 1 1 0 8 0 pfqueue 320 1 0 1 1 0 1 1 0 8 1 pfrule 1344 2 0 1 1 0 1 1 0 8 0 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 482 0 66 29 0 29 29 0 8 1 art_table 32 483 0 66 4 0 4 4 0 8 0 art_node 16 118 0 21 1 0 1 1 0 8 0 sysvmsgpl 40 4 0 3 1 0 1 1 0 8 0 semupl 112 1 0 0 1 0 1 1 0 8 0 semapl 112 14 0 4 1 0 1 1 0 8 0 shmpl 112 10 0 2 1 0 1 1 0 8 0 dirhash 1024 21 0 4 3 0 3 3 0 8 0 dino2pl 256 2168 0 674 95 0 95 95 0 8 0 ffsino 248 2168 0 674 95 0 95 95 0 8 0 nchpl 144 2786 0 1108 63 0 63 63 0 8 0 rtmask 32 2 0 2 1 0 1 1 0 8 1 uvmvnodes 80 2366 0 0 49 0 49 49 0 8 0 vnodes 216 2366 0 0 132 0 132 132 0 8 0 namei 1024 9749 0 9747 2 0 2 2 0 8 1 pfiaddrpl 120 1 0 0 1 0 1 1 0 8 0 kstatmem 264 38 0 16 2 0 2 2 0 8 0 scsiplug 72 2 0 2 1 0 1 1 0 8 1 scxspl 216 8536 0 8536 8 0 8 8 1 8 8 plimitpl 152 218 0 200 1 0 1 1 0 8 0 sigapl 424 711 0 644 8 0 8 8 0 8 0 futexpl 64 4854 0 4849 1 0 1 1 0 8 0 knotepl 120 12870 0 12815 5 0 5 5 0 8 3 kqueuepl 184 133 0 89 3 0 3 3 0 8 0 pipepl 296 133 0 103 3 0 3 3 0 8 0 fdescpl 440 674 0 644 5 0 5 5 0 8 1 filepl 120 4629 0 4240 18 0 18 18 0 8 6 lockfpl 104 205 0 203 1 0 1 1 0 8 0 lockfspl 48 50 0 48 1 0 1 1 0 8 0 sessionpl 144 22 0 14 1 0 1 1 0 8 0 pgrppl 48 31 0 15 1 0 1 1 0 8 0 ucredpl 104 1070 0 1057 1 0 1 1 0 8 0 zombiepl 144 647 0 644 1 0 1 1 0 8 0 processpl 1112 711 0 644 5 0 5 5 0 8 0 procpl 656 1153 0 1069 8 0 8 8 0 8 0 sosppl 168 2 0 2 1 0 1 1 0 8 1 sockpl 528 993 0 961 15 4 11 15 0 8 8 mcl64k 65536 7 0 6 1 0 1 1 0 8 0 mcl16k 16384 1 0 1 1 0 1 1 0 8 1 mcl8k 8192 9 0 9 1 0 1 1 0 8 1 mcl4k 4096 2757 0 2706 13 0 13 13 0 8 6 mcl2k 2048 470 0 467 2 0 2 2 0 8 1 mtagpl 96 52 0 4 2 0 2 2 0 8 0 mbufpl 256 7211 0 6980 19 0 19 19 0 8 2 bufpl 280 2856 0 122 196 0 196 196 0 8 0 anonpl 24 114189 0 110834 44 0 44 44 0 187 23 amapchunkpl 152 16805 0 16205 34 0 34 34 0 158 10 amappl16 200 2132 0 2097 14 3 11 14 0 8 8 amappl15 192 8 0 8 1 0 1 1 0 8 1 amappl14 184 103 0 93 1 0 1 1 0 8 0 amappl13 176 7 0 7 1 0 1 1 0 8 1 amappl12 168 1279 0 1249 3 0 3 3 0 8 1 amappl11 160 54 0 44 1 0 1 1 0 8 0 amappl10 152 5 0 4 1 0 1 1 0 8 0 amappl9 144 250 0 250 1 0 1 1 0 8 1 amappl8 136 24 0 23 1 0 1 1 0 8 0 amappl7 128 99 0 89 1 0 1 1 0 8 0 amappl6 120 170 0 166 1 0 1 1 0 8 0 amappl5 112 114 0 107 1 0 1 1 0 8 0 amappl4 104 282 0 267 1 0 1 1 0 8 0 amappl3 96 3041 0 2908 4 0 4 4 0 8 0 amappl2 88 618 0 565 2 0 2 2 0 8 0 amappl1 80 8489 0 7974 13 0 13 13 0 8 1 amappl 88 4820 0 4617 5 0 5 5 0 92 0 dma65536 65536 1 0 1 1 0 1 1 0 8 1 dma4096 4096 1 0 1 1 0 1 1 0 8 1 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 6 0 6 1 0 1 1 0 8 1 dma128 128 254 0 254 1 0 1 1 0 8 1 dma64 64 6 0 6 1 0 1 1 0 8 1 dma32 32 7 0 7 1 0 1 1 0 8 1 dma16 16 20 0 19 1 0 1 1 0 8 0 aobjpl 72 12 0 2 1 0 1 1 0 8 0 uaddrrnd 24 674 0 644 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 674 0 644 1 0 1 1 0 8 0 vmmpekpl 168 6916 0 6872 2 0 2 2 0 8 0 vmmpepl 168 46637 0 44790 87 0 87 87 0 357 5 vmsppl 360 673 0 644 4 0 4 4 0 8 1 rwobjpl 32 17651 0 14371 27 0 27 27 0 8 0 pdppl 4096 1354 0 1288 108 40 68 82 0 8 2 pvpl 32 296042 0 287214 112 0 112 112 0 265 31 pmappl 216 673 0 644 3 0 3 3 0 8 1 extentpl 40 55 0 38 1 0 1 1 0 8 0 phpool 112 284 0 40 8 0 8 8 0 8 0 ddb> machine ddbcpu 0 No such command ddb> trace db_enter() at db_enter+0x25 sys/arch/amd64/amd64/db_interface.c:438 panic(ffffffff833d8fa0) at panic+0x1cf sys/kern/subr_prf.c:198 uvm_fault_unwire_locked(fffffd806c0cdb50,400000000000,400000001000) at uvm_fault_unwire_locked+0x48d sys/uvm/uvm_fault.c:1739 uvm_fault_unwire(fffffd806c0cdb50,400000000000,400000001000) at uvm_fault_unwire+0x55 sys/uvm/uvm_fault.c:1702 kern_sysctl_dirs(4e,ffff8000389393b8,1,400000000100,ffff8000389393e8,0,36b8411ac3de6523,1) at kern_sysctl_dirs+0x5d1 kern_sysctl(ffff8000389393b4,2,400000000100,ffff8000389393e8,0,27,d41f3f40974c9d2a) at kern_sysctl+0x12d sys/kern/kern_sysctl.c:526 sys_sysctl(ffff80003c9ec550,ffff800038939520,ffff800038939470) at sys_sysctl+0x425 syscall(ffff800038939520) at syscall+0x97e sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xc9b4c8560c0, count: -9 ddb> machine ddbcpu 1 No such command ddb> trace db_enter() at db_enter+0x25 sys/arch/amd64/amd64/db_interface.c:438 panic(ffffffff833d8fa0) at panic+0x1cf sys/kern/subr_prf.c:198 uvm_fault_unwire_locked(fffffd806c0cdb50,400000000000,400000001000) at uvm_fault_unwire_locked+0x48d sys/uvm/uvm_fault.c:1739 uvm_fault_unwire(fffffd806c0cdb50,400000000000,400000001000) at uvm_fault_unwire+0x55 sys/uvm/uvm_fault.c:1702 kern_sysctl_dirs(4e,ffff8000389393b8,1,400000000100,ffff8000389393e8,0,36b8411ac3de6523,1) at kern_sysctl_dirs+0x5d1 kern_sysctl(ffff8000389393b4,2,400000000100,ffff8000389393e8,0,27,d41f3f40974c9d2a) at kern_sysctl+0x12d sys/kern/kern_sysctl.c:526 sys_sysctl(ffff80003c9ec550,ffff800038939520,ffff800038939470) at sys_sysctl+0x425 syscall(ffff800038939520) at syscall+0x97e sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xc9b4c8560c0, count: -9