panic: kernel diagnostic assertion "uvm_page_owner_locked_p(pg) " failed: file "/syzkaller/managers/main/kernel/sys/uvm/uvm_pag e.c", line 1248 Stopped at db_enter+0x25: addq $0x8,%rsp TID PID UID PRFLAGS PFLAGS CPU COMMAND *427122 89186 0 0x14000 0x200 0 reaper db_enter() at db_enter+0x25 sys/arch/amd64/amd64/db_interface.c:437 panic(ffffffff830b2cf8) at panic+0x1cf sys/kern/subr_prf.c:198 __assert(ffffffff83067aec,ffffffff82fb40cb,4e0,ffffffff830b7a91 ) at __assert+0x29 uvm_pageunwire(fffffd8005fa9280) at uvm_pageunwire+0x1dd sys/uvm/uvm_page.c:1248 uvm_fault_unwire_locked(fffffd807304f970,dc1d471c000,dc1d491b00 0) at uvm_fault_unwire_locked+0x33e sys/uvm/uvm_fault.c:1695 uvm_unmap_kill_entry_withlock(fffffd807304f970,fffffd8069feaaf8 ,0) at uvm_unmap_kill_entry_withlock+0x81 sys/uvm/uvm_map.c:1861 uvm_map_teardown(fffffd807304f970) at uvm_map_teardown+0x1c7 sys/uvm/uvm_map.c:2498 uvmspace_free(fffffd807304f970) at uvmspace_free+0xbd sys/uvm/uvm_map.c:3422 reaper(ffff80002a457be0) at reaper+0x225 sys/kern/kern_exit.c:478 end trace frame: 0x0, count: 6 https://www.openbsd.org/ddb.html describes the minimum info req uired in bug reports. Insufficient info makes it difficult to find and fix b ugs. ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic *cpu0: kernel diagnostic assertion "uvm_page_owner_locked_p(pg)" failed: file "/syzkaller/managers/main/kernel/sys/uvm/uvm_page.c", line 1248 ddb> trace db_enter() at db_enter+0x25 sys/arch/amd64/amd64/db_interface.c:437 panic(ffffffff830b2cf8) at panic+0x1cf sys/kern/subr_prf.c:198 __assert(ffffffff83067aec,ffffffff82fb40cb,4e0,ffffffff830b7a91) at __assert+0x29 uvm_pageunwire(fffffd8005fa9280) at uvm_pageunwire+0x1dd sys/uvm/uvm_page.c:1248 uvm_fault_unwire_locked(fffffd807304f970,dc1d471c000,dc1d491b000) at uvm_fault_unwire_locked+0x33e sys/uvm/uvm_fault.c:1695 uvm_unmap_kill_entry_withlock(fffffd807304f970,fffffd8069feaaf8,0) at uvm_unmap_kill_entry_withlock+0x81 sys/uvm/uvm_map.c:1861 uvm_map_teardown(fffffd807304f970) at uvm_map_teardown+0x1c7 sys/uvm/uvm_map.c:2498 uvmspace_free(fffffd807304f970) at uvmspace_free+0xbd sys/uvm/uvm_map.c:3422 reaper(ffff80002a457be0) at reaper+0x225 sys/kern/kern_exit.c:478 end trace frame: 0x0, count: -9 ddb> show registers rdi 0 rsi 0x1 rbp 0xffff80002a455370 rbx 0xfffffd8005fa9280 rdx 0 rcx 0 rax 0xffff80002a457be0 r8 0x101010101010101 r9 0x8080808080808080 r10 0xa7796cfc9507bd95 r11 0x20c182fd08bd67a1 r12 0 r13 0xffffffff8327a468 uvm_map_addr_RBT_INFO r14 0 r15 0x1 rip 0xffffffff8143fa95 db_enter+0x25 cs 0x8 rflags 0x246 rsp 0xffff80002a455360 ss 0x10 db_enter+0x25: addq $0x8,%rsp ddb> show proc PROC (reaper) tid=427122 pid=89186 tcnt=1 stat=onproc flags process=14000 proc=200 runpri=86, usrpri=86, slppri=4, nice=20 wchan=0x0, wmesg=, ps_single=0x0 scnt=0 ecnt=0 forw=0xffffffffffffffff, list=0xffff80002a40d440,0xffff80002a4576e0 process=0xffff8000fffff360 user=0xffff80002a450000, vmspace=0xffffffff83563358 estcpu=36, cpticks=72, pctcpu=20.16, user=0, sys=138321, intr=77 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 15748 461729 72953 0 2 0x2 syz-executor 89273 314340 72953 0 2 0x2 syz-executor 39345 316622 72953 0 2 0x2 syz-executor 10797 442116 72953 0 2 0x2 syz-executor 14968 63788 72953 0 2 0x2 syz-executor 8751 166954 72953 0 2 0x2 syz-executor 10871 347542 72953 0 2 0x2 syz-executor 80331 456397 72953 0 2 0x2 syz-executor 58827 340813 1 0 3 0x100083 ttyin getty 80861 227415 0 0 3 0x14200 acct acct 15535 184311 0 0 3 0x14280 nfsidl nfsio 16000 122907 0 0 3 0x14280 nfsidl nfsio 30256 89037 0 0 3 0x14280 nfsidl nfsio 80300 174051 0 0 3 0x14280 nfsidl nfsio 9805 311903 0 0 3 0x14280 nfsidl nfsio 8862 438669 0 0 3 0x14280 nfsidl nfsio 3834 235778 0 0 3 0x14280 nfsidl nfsio 41678 96935 0 0 3 0x14280 nfsidl nfsio 18089 352202 0 0 3 0x14280 nfsidl nfsio 8168 234848 0 0 3 0x14280 nfsidl nfsio 52234 103870 0 0 3 0x14280 nfsidl nfsio 26749 277049 0 0 3 0x14280 nfsidl nfsio 54363 235011 0 0 3 0x14280 nfsidl nfsio 97324 322482 0 0 3 0x14280 nfsidl nfsio 86522 188858 0 0 3 0x14280 nfsidl nfsio 68360 490741 0 0 3 0x14280 nfsidl nfsio 28993 185134 0 0 3 0x14280 nfsidl nfsio 68173 2096 0 0 3 0x14280 nfsidl nfsio 43953 272745 0 0 3 0x14280 nfsidl nfsio 26786 390253 0 0 3 0x14280 nfsidl nfsio 73823 248842 0 0 3 0x14200 bored sosplice 72953 67720 67227 0 3 0x82 wait syz-executor 67227 57875 53267 0 3 0x10008a sigsusp ksh 53267 300535 75417 0 3 0x98 kqread sshd-session 75417 62291 1 0 3 0x92 kqread sshd-session 45167 131951 22543 73 2 0x1100010 syslogd 22543 109509 1 0 3 0x100082 sbwait syslogd 58402 55249 1 0 3 0x100080 kqread resolvd 7352 199013 33325 77 3 0x100092 kqread dhcpleased 96558 213544 33325 77 3 0x100092 kqread dhcpleased 33325 159690 1 0 3 0x80 kqread dhcpleased 13654 89915 0 0 3 0x14200 bored smr 95103 34594 0 0 2 0x14200 zerothread 40371 266228 0 0 3 0x14200 aiodoned aiodoned 11470 321788 0 0 2 0x14600 update 19684 391958 0 0 3 0x14200 cleaner cleaner *89186 427122 0 0 7 0x14200 reaper 70863 263549 0 0 3 0x14200 pgdaemon pagedaemon 99970 116496 0 0 3 0x14200 bored viomb 66335 398372 0 0 3 0x40014200 acpi0 acpi0 61254 253067 0 0 3 0x14200 bored softnet3 1172 467788 0 0 3 0x14200 bored softnet2 90607 302255 0 0 3 0x14200 bored softnet1 1215 132810 0 0 2 0x14200 softnet0 27547 341244 0 0 3 0x14200 bored systqmp 75783 85513 0 0 3 0x14200 bored systq 79416 395863 0 0 2 0x40014200 softclock 97243 474363 0 0 3 0x40014200 idle0 1 424332 0 0 3 0x80082 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10187 11137K 15152K 166960K 16112 0 pcb 17 22K 27K 166960K 1149 0 rtable 223 16K 17K 166960K 6523 0 pf 37 14K 269K 166960K 613 0 ifaddr 43 9K 10K 166960K 892 0 ifgroup 58 2K 2K 166960K 953 0 sysctl 4 1K 1K 166960K 15 0 counters 32 17K 18K 166960K 264 0 ioctlops 0 0K 4K 166960K 878 0 iov 0 0K 24K 166960K 429 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1531 96K 97K 166960K 6731 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 68K 72K 166960K 64 0 VM map 2 1K 1K 166960K 2 0 sem 30 52K 53K 166960K 421 0 dirhash 15 2K 3K 166960K 81 0 ACPI 1690 195K 286K 166960K 12468 0 file desc 10 30K 97K 166960K 6429 0 sigio 0 0K 0K 166960K 292 0 proc 60 59K 124K 166960K 6026 0 subproc 91 5K 7K 166960K 2511 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 0 0K 0K 166960K 856 0 in_multi 89 6K 7K 166960K 2260 0 ether_multi 1 0K 0K 166960K 24 0 mrt 1 0K 0K 166960K 15 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 73 334K 334K 166960K 73 0 exec 0 0K 1K 166960K 3743 0 pfkey data 0 0K 0K 166960K 5 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 164 72K 94K 166960K 48687 0 UVM aobj 215 5K 5K 166960K 218 0 pinsyscall 29 58K 98K 166960K 12263 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 1K 166960K 307 0 NDP 13 0K 2K 166960K 641 0 temp 77 6816K 6956K 166960K 278803 0 kqueue 12 18K 29K 166960K 643 0 SYN cache 2 16K 16K 166960K 2 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle rtpcb 120 850 0 847 3 1 2 2 0 8 1 rtentry 112 2296 0 2202 4 0 4 4 0 8 0 unpcb 144 3515 0 3500 6 0 6 6 0 8 5 syncache 336 15 0 15 2 1 1 1 0 8 1 tcpqe 32 11 0 11 1 0 1 1 0 8 1 tcpcb 808 1807 0 1805 22 13 9 14 0 8 8 arp 88 406 0 388 1 0 1 1 0 8 0 ipq 40 20 0 20 2 1 1 1 0 8 1 ipqe 40 313 0 313 2 1 1 1 0 8 1 inpcb 336 6462 0 6457 31 22 9 15 0 8 8 nd6 104 613 0 592 1 0 1 1 0 8 0 pkpcb 40 19 0 19 1 0 1 1 0 8 1 kcovpl 48 193 0 186 1 0 1 1 0 8 0 ppxss 1072 26 0 26 1 0 1 1 0 8 1 pfrktable 1344 1 0 1 1 0 1 1 0 8 1 pftag 88 1 0 0 1 0 1 1 0 8 0 pfstitem 24 1 0 0 1 0 1 1 0 8 0 pfstkey 128 1 0 0 1 0 1 1 0 8 0 pfstate 344 1 0 0 1 0 1 1 0 8 0 pfrule 1344 3 0 3 1 0 1 1 0 8 1 art_heap8 4096 3 0 0 3 0 3 3 0 8 0 art_heap4 256 9077 0 8668 34 4 30 32 0 8 0 art_table 32 9080 0 8668 5 0 5 5 0 8 1 art_node 16 2253 0 2171 1 0 1 1 0 8 0 sysvmsgpl 40 3 0 0 1 0 1 1 0 8 0 semupl 112 1 0 1 1 0 1 1 0 8 1 semapl 112 414 0 386 1 0 1 1 0 8 0 shmpl 112 215 0 3 7 0 7 7 0 8 0 dirhash 1024 65 0 45 3 0 3 3 0 8 0 dino2pl 256 8211 0 6342 117 0 117 117 0 8 0 ffsino 240 8211 0 6342 110 0 110 110 0 8 0 nchpl 144 13670 0 11743 72 0 72 72 0 8 0 uvmvnodes 80 9642 0 0 197 0 197 197 0 8 0 vnodes 216 9642 0 0 536 0 536 536 0 8 0 namei 1024 68272 0 68271 3 1 2 2 0 8 1 kstatmem 264 490 0 464 3 0 3 3 0 8 1 acpiwqpl 32 2 0 2 1 0 1 1 1 8 1 scsiplug 72 12 0 12 2 1 1 1 0 8 1 scxspl 216 111532 0 111532 11 3 8 8 1 8 8 plimitpl 152 1282 0 1265 1 0 1 1 0 8 0 sigapl 424 6399 0 6339 9 1 8 8 0 8 0 futexpl 64 56958 0 56958 1 0 1 1 0 8 1 knotepl 120 139995 0 139952 57 46 11 17 0 8 7 kqueuepl 184 1254 0 1246 4 0 4 4 0 8 3 pipepl 288 1329 0 1302 8 1 7 7 0 8 4 fdescpl 432 6329 0 6308 5 1 4 5 0 8 1 filepl 120 37515 0 37292 18 3 15 15 0 8 6 lockfpl 104 1423 0 1421 2 0 2 2 0 8 1 lockfspl 48 554 0 552 1 0 1 1 0 8 0 sessionpl 144 211 0 204 1 0 1 1 0 8 0 pgrppl 48 583 0 567 1 0 1 1 0 8 0 ucredpl 104 5547 0 5535 1 0 1 1 0 8 0 zombiepl 144 6340 0 6339 1 0 1 1 0 8 0 processpl 1096 6399 0 6339 5 0 5 5 0 8 0 procpl 648 11663 0 11600 8 0 8 8 0 8 1 sosppl 168 30 0 30 2 1 1 1 0 8 1 sockpl 504 10923 0 10900 139 127 12 34 0 8 8 mcl64k 65536 76 0 76 2 1 1 1 0 8 1 mcl16k 16384 10 0 10 1 0 1 1 0 8 1 mcl12k 12288 1 0 1 1 0 1 1 0 8 1 mcl9k 9216 3 0 3 1 0 1 1 0 8 1 mcl8k 8192 110 0 110 2 1 1 1 0 8 1 mcl4k 4096 8094 0 8040 17 8 9 15 0 8 1 mcl2k2 2112 6 0 6 1 0 1 1 0 8 1 mcl2k 2048 7792 0 7791 6 1 5 5 0 8 4 mtagpl 96 150 0 149 2 0 2 2 0 8 1 mbufpl 256 71219 0 71058 444 423 21 294 0 8 8 bufpl 280 19610 0 9963 690 0 690 690 0 8 0 anonpl 24 808889 0 801101 153 73 80 96 0 187 8 amapchunkpl 152 159545 0 158964 67 26 41 47 0 158 9 amappl16 200 10912 0 10900 54 44 10 15 0 8 8 amappl15 192 8 0 8 1 1 0 1 0 8 0 amappl14 184 488 0 479 1 0 1 1 0 8 0 amappl13 176 9 0 9 1 1 0 1 0 8 0 amappl12 168 9866 0 9845 3 1 2 3 0 8 0 amappl11 160 50 0 39 1 0 1 1 0 8 0 amappl10 152 12 0 12 1 1 0 1 0 8 0 amappl9 144 124 0 124 1 1 0 1 0 8 0 amappl8 136 24 0 22 1 0 1 1 0 8 0 amappl7 128 473 0 463 1 0 1 1 0 8 0 amappl6 120 2004 0 2002 1 0 1 1 0 8 0 amappl5 112 872 0 862 1 0 1 1 0 8 0 amappl4 104 846 0 833 1 0 1 1 0 8 0 amappl3 96 30992 0 30923 4 0 4 4 0 8 1 amappl2 88 3262 0 3205 2 0 2 2 0 8 0 amappl1 80 37528 0 37113 13 1 12 13 0 8 1 amappl 88 46644 0 46530 5 0 5 5 0 92 0 dma65536 65536 1 0 1 1 0 1 1 0 8 1 dma16384 16384 1 0 1 1 0 1 1 0 8 1 dma4096 4096 2 0 2 2 1 1 1 0 8 1 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 7 0 7 2 1 1 1 0 8 1 dma128 128 255 0 255 2 1 1 1 0 8 1 dma64 64 7 0 7 1 1 0 1 0 8 0 dma32 32 10 0 10 2 1 1 1 0 8 1 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 217 0 3 4 0 4 4 0 8 0 uaddrrnd 24 6329 0 6308 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 6329 0 6308 1 0 1 1 0 8 0 vmmpekpl 168 45970 0 45910 3 0 3 3 0 8 0 vmmpepl 168 377929 0 376681 87 3 84 84 0 357 12 vmsppl 344 6328 0 6307 4 1 3 4 0 8 0 rwobjpl 24 104096 0 93542 66 0 66 66 0 8 0 pdppl 4096 12664 0 12614 380 316 64 82 0 8 14 pvpl 32 3063158 0 3052686 553 198 355 358 0 265 222 pmappl 216 6328 0 6307 3 1 2 3 0 8 0 extentpl 40 55 0 38 1 0 1 1 0 8 0 phpool 112 1331 0 921 19 0 19 19 0 8 4 ddb> machine ddbcpu 0 No such command ddb> trace db_enter() at db_enter+0x25 sys/arch/amd64/amd64/db_interface.c:437 panic(ffffffff830b2cf8) at panic+0x1cf sys/kern/subr_prf.c:198 __assert(ffffffff83067aec,ffffffff82fb40cb,4e0,ffffffff830b7a91) at __assert+0x29 uvm_pageunwire(fffffd8005fa9280) at uvm_pageunwire+0x1dd sys/uvm/uvm_page.c:1248 uvm_fault_unwire_locked(fffffd807304f970,dc1d471c000,dc1d491b000) at uvm_fault_unwire_locked+0x33e sys/uvm/uvm_fault.c:1695 uvm_unmap_kill_entry_withlock(fffffd807304f970,fffffd8069feaaf8,0) at uvm_unmap_kill_entry_withlock+0x81 sys/uvm/uvm_map.c:1861 uvm_map_teardown(fffffd807304f970) at uvm_map_teardown+0x1c7 sys/uvm/uvm_map.c:2498 uvmspace_free(fffffd807304f970) at uvmspace_free+0xbd sys/uvm/uvm_map.c:3422 reaper(ffff80002a457be0) at reaper+0x225 sys/kern/kern_exit.c:478 end trace frame: 0x0, count: -9 ddb> machine ddbcpu 1 No such command ddb> trace db_enter() at db_enter+0x25 sys/arch/amd64/amd64/db_interface.c:437 panic(ffffffff830b2cf8) at panic+0x1cf sys/kern/subr_prf.c:198 __assert(ffffffff83067aec,ffffffff82fb40cb,4e0,ffffffff830b7a91) at __assert+0x29 uvm_pageunwire(fffffd8005fa9280) at uvm_pageunwire+0x1dd sys/uvm/uvm_page.c:1248 uvm_fault_unwire_locked(fffffd807304f970,dc1d471c000,dc1d491b000) at uvm_fault_unwire_locked+0x33e sys/uvm/uvm_fault.c:1695 uvm_unmap_kill_entry_withlock(fffffd807304f970,fffffd8069feaaf8,0) at uvm_unmap_kill_entry_withlock+0x81 sys/uvm/uvm_map.c:1861 uvm_map_teardown(fffffd807304f970) at uvm_map_teardown+0x1c7 sys/uvm/uvm_map.c:2498 uvmspace_free(fffffd807304f970) at uvmspace_free+0xbd sys/uvm/uvm_map.c:3422 reaper(ffff80002a457be0) at reaper+0x225 sys/kern/kern_exit.c:478 end trace frame: 0x0, count: -9