panic: uvm_fault_unwire_locked: address not in map Stopped at db_enter+0x25: addq $0x8,%rsp TID PID UID PRFLAGS PFLAGS CPU COMMAND *308853 49619 0 0x1000 0x4080000 0 syz-executor db_enter() at db_enter+0x25 sys/arch/amd64/amd64/db_interface.c:438 panic(ffffffff833dd626) at panic+0x1cf sys/kern/subr_prf.c:198 uvm_fault_unwire_locked(fffffd806c0aeb50,400000000000,400000001000) at uvm_fault_unwire_locked+0x487 sys/uvm/uvm_fault.c:1741 uvm_fault_unwire(fffffd806c0aeb50,400000000000,400000001000) at uvm_fault_unwire+0x55 sys/uvm/uvm_fault.c:1704 kern_sysctl_dirs(4e,ffff80003c9adb48,1,400000000100,ffff80003c9adb78,0,3ace6e12f998a00,1) at kern_sysctl_dirs+0x5d1 kern_sysctl(ffff80003c9adb44,2,400000000100,ffff80003c9adb78,0,27,cd6cf60d2cb5622c) at kern_sysctl+0x12d sys/kern/kern_sysctl.c:526 sys_sysctl(ffff80002a81e2d0,ffff80003c9adcb0,ffff80003c9adc00) at sys_sysctl+0x425 syscall(ffff80003c9adcb0) at syscall+0x97e sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xed4fc835160, count: 6 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic *cpu0: uvm_fault_unwire_locked: address not in map ddb> trace db_enter() at db_enter+0x25 sys/arch/amd64/amd64/db_interface.c:438 panic(ffffffff833dd626) at panic+0x1cf sys/kern/subr_prf.c:198 uvm_fault_unwire_locked(fffffd806c0aeb50,400000000000,400000001000) at uvm_fault_unwire_locked+0x487 sys/uvm/uvm_fault.c:1741 uvm_fault_unwire(fffffd806c0aeb50,400000000000,400000001000) at uvm_fault_unwire+0x55 sys/uvm/uvm_fault.c:1704 kern_sysctl_dirs(4e,ffff80003c9adb48,1,400000000100,ffff80003c9adb78,0,3ace6e12f998a00,1) at kern_sysctl_dirs+0x5d1 kern_sysctl(ffff80003c9adb44,2,400000000100,ffff80003c9adb78,0,27,cd6cf60d2cb5622c) at kern_sysctl+0x12d sys/kern/kern_sysctl.c:526 sys_sysctl(ffff80002a81e2d0,ffff80003c9adcb0,ffff80003c9adc00) at sys_sysctl+0x425 syscall(ffff80003c9adcb0) at syscall+0x97e sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xed4fc835160, count: -9 ddb> show registers rdi 0 rsi 0x1 rbp 0xffff80003c9ad750 rbx 0xe rdx 0xffff8000014ce380 rcx 0 rax 0xffff80002a81e2d0 r8 0x101010101010101 r9 0x8080808080808080 r10 0x1eb661e23952020e r11 0x722a1b6bdc86f956 r12 0 r13 0x7f7fffffc000 r14 0 r15 0x1 rip 0xffffffff81029295 db_enter+0x25 cs 0x8 rflags 0x246 rsp 0xffff80003c9ad740 ss 0x10 db_enter+0x25: addq $0x8,%rsp ddb> show proc PROC (syz-executor) tid=308853 pid=49619 tcnt=2 stat=onproc flags process=1000 proc=4080000 runpri=32, usrpri=83, slppri=32, nice=20 wchan=0x0, wmesg=, ps_single=0xffff80003c9fb4b0 scnt=1 ecnt=0 forw=0xffffffffffffffff, list=0xffff80003c9fb4b0,0xffff80002a81e800 process=0xffff800035d26fe0 user=0xffff80003c9a8000, vmspace=0xfffffd806c0aeb50 estcpu=33, cpticks=1, pctcpu=0.0, user=0, sys=1, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 64777 243403 56861 0 2 0 syz-executor 64777 181969 56861 0 3 0x4000080 fsleep syz-executor 20293 388287 10062 0 2 0 syz-executor 20293 429998 10062 0 3 0x4000080 sysctllk syz-executor 20293 86382 10062 0 2 0x4000000 syz-executor 42282 85928 26696 0 3 0x80 nanoslp syz-executor 42282 284318 26696 0 3 0x4000080 sysctllk syz-executor 42282 75624 26696 0 3 0x4000080 sysctllk syz-executor 99950 193150 12644 0 3 0x82 sysctllk syz-executor 49619 135421 42868 0 3 0x3000 suspend syz-executor *49619 308853 42868 0 7 0x4081000 syz-executor 26696 154165 12644 0 3 0x82 nanoslp syz-executor 44648 239865 12644 0 2 0x2 syz-executor 56861 79265 12644 0 3 0x82 nanoslp syz-executor 97365 348864 12644 0 3 0x82 nanoslp syz-executor 10062 519125 12644 0 3 0x82 nanoslp syz-executor 42868 140721 12644 0 3 0x82 nanoslp syz-executor 91464 65658 12644 0 2 0x2 syz-executor 40662 203158 0 0 3 0x14200 bored sosplice 12644 157603 39412 0 2 0x2 syz-executor 39412 379414 2473 0 3 0x10008a sigsusp ksh 2473 286461 78834 0 3 0x98 kqread sshd-session 78834 115390 62292 0 3 0x92 kqread sshd-session 19829 473860 1 0 3 0x100083 ttyin getty 62292 263041 1 0 3 0x88 kqread sshd 49328 193795 12146 73 3 0x1100090 kqread syslogd 12146 29629 1 0 3 0x100082 sbwait syslogd 37737 457500 1 0 3 0x100080 kqread resolvd 2238 40767 49932 77 3 0x100092 kqread dhcpleased 67282 415437 49932 77 3 0x100092 kqread dhcpleased 49932 273771 1 0 3 0x80 kqread dhcpleased 77230 251331 0 0 3 0x14200 bored smr 68809 4494 0 0 2 0x14200 zerothread 50293 165217 0 0 3 0x14200 aiodoned aiodoned 9326 366202 0 0 3 0x14200 syncer update 26933 134239 0 0 3 0x14200 cleaner cleaner 11343 203254 0 0 3 0x14200 reaper reaper 97366 245693 0 0 3 0x14200 pgdaemon pagedaemon 29031 58380 0 0 3 0x14200 bored viomb 76508 431491 0 0 3 0x40014200 acpi0 acpi0 35634 368496 0 0 3 0x14200 bored softnet3 14392 385472 0 0 3 0x14200 bored softnet2 12308 307208 0 0 3 0x14200 bored softnet1 68367 53751 0 0 3 0x14200 bored softnet0 23434 282469 0 0 3 0x14200 bored systqmp 61430 31510 0 0 3 0x14200 bored systq 30214 99208 0 0 3 0x40014200 tmoslp softclock 67756 440025 0 0 3 0x40014200 idle0 1 332418 0 0 3 0x82 wait init 0 0 -1 0 3 0x10010200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10230 11273K 13244K 166960K 28846 0 pcb 17 18K 20K 166960K 2343 0 rtable 225 21K 22K 166960K 2506 0 pf 34 14K 23K 166960K 831 0 ifaddr 32 9K 10K 166960K 472 0 ifgroup 47 2K 2K 166960K 825 0 sysctl 4 1K 1K 166960K 18 0 counters 29 17K 18K 166960K 614 0 ioctlops 0 0K 4K 166960K 1512 0 iov 0 0K 20K 166960K 1225 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1682 106K 106K 166960K 11762 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 2K 14K 166960K 197 0 VM map 2 1K 1K 166960K 2 0 sem 24 433K 793K 166960K 45 0 dirhash 12 2K 3K 166960K 141 0 ACPI 1692 195K 286K 166960K 12470 0 file desc 15 50K 236K 166960K 9126 0 sigio 0 0K 0K 166960K 383 0 proc 62 59K 124K 166960K 2180 0 subproc 63 3K 4K 166960K 364 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 0 0K 0K 166960K 1436 0 in_multi 58 4K 7K 166960K 747 0 ether_multi 1 0K 0K 166960K 101 0 mrt 1 0K 0K 166960K 24 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 271 1208K 1208K 166960K 271 0 exec 0 0K 1K 166960K 2620 0 fusefs mount 1 32K 32K 166960K 1 0 pfkey data 0 0K 0K 166960K 14 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 220 65K 90K 166960K 84864 0 UVM aobj 203 9K 9K 166960K 227 0 pinsyscall 36 72K 96K 166960K 10962 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 1 0K 0K 166960K 538 0 NDP 10 0K 2K 166960K 353 0 temp 76 8683K 15852K 166960K 295415 0 kqueue 13 20K 36K 166960K 1634 0 SYN cache 2 16K 16K 166960K 2 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle rtpcb 120 1371 0 1368 13 10 3 5 0 8 2 rtentry 128 722 0 645 4 0 4 4 0 8 0 unpcb 144 8741 0 8722 39 33 6 10 0 8 5 syncache 336 3 0 3 1 1 0 1 0 8 0 tcpcb 808 3305 0 3300 48 40 8 8 0 8 7 arp 88 122 0 103 1 0 1 1 0 8 0 ipq 40 33 0 32 4 3 1 1 0 8 0 ipqe 40 225 0 224 4 3 1 1 0 8 0 inpcb 344 12088 0 12077 94 86 8 16 0 8 5 nd6 104 177 0 159 1 0 1 1 0 8 0 pkpcb 40 68 0 68 10 9 1 1 0 8 1 kcovpl 48 40 0 33 1 0 1 1 0 8 0 mppekey 1024 6 0 6 5 5 0 1 0 8 0 ppxss 1072 481 0 481 8 7 1 1 0 8 1 pppxif 1384 124 0 124 8 7 1 1 0 8 1 pfrktable 1344 5 0 2 1 0 1 1 0 8 0 pfanchor 1288 6 0 0 1 0 1 1 0 8 0 pftag 88 2 0 0 1 0 1 1 0 8 0 pfqueue 320 3 0 2 2 1 1 1 0 8 0 pfstitem 24 2 0 0 1 0 1 1 0 8 0 pfstkey 128 4 0 2 2 1 1 1 0 8 0 pfstate 344 2 0 1 2 1 1 1 0 8 0 pfrule 1344 41 0 7 4 1 3 3 0 8 0 art_heap8 4096 5 0 0 5 0 5 5 0 8 0 art_heap4 256 2487 0 2203 33 11 22 29 0 8 1 art_table 32 2492 0 2203 4 0 4 4 0 8 1 art_node 16 647 0 584 1 0 1 1 0 8 0 sysvmsgpl 40 14 0 0 1 0 1 1 0 8 0 semupl 112 12 0 12 7 6 1 1 0 8 1 semapl 112 30 0 8 1 0 1 1 0 8 0 shmpl 112 224 0 24 6 0 6 6 0 8 0 dirhash 1024 103 0 86 3 0 3 3 0 8 0 dino2pl 256 18773 0 17210 98 0 98 98 0 8 0 ffsino 248 18773 0 17210 98 0 98 98 0 8 0 nchpl 144 31807 0 31201 65 39 26 65 0 8 0 rtmask 32 67 0 67 9 8 1 1 0 8 1 uvmvnodes 80 5926 0 0 121 0 121 121 0 8 0 vnodes 216 5926 0 0 330 0 330 330 0 8 0 namei 1024 124553 0 124553 12 10 2 2 0 8 2 pfiaddrpl 120 34 0 1 2 1 1 2 0 8 0 kstatmem 264 538 0 518 3 1 2 3 0 8 0 acpiwqpl 32 1 0 1 1 0 1 1 1 8 1 scsiplug 72 35 0 35 6 5 1 1 0 8 1 scxspl 216 94972 0 94972 25 23 2 8 1 8 2 plimitpl 152 3090 0 3074 1 0 1 1 0 8 0 sigapl 424 9382 0 9338 9 1 8 8 0 8 1 futexpl 64 138506 0 138505 1 0 1 1 0 8 0 knotepl 120 1170165 0 1170118 97 87 10 17 0 8 5 kqueuepl 184 4121 0 4112 28 24 4 10 0 8 3 pipepl 296 1402 0 1375 19 14 5 8 0 8 2 fdescpl 440 9303 0 9276 5 1 4 5 0 8 0 filepl 120 79524 0 79315 44 32 12 17 0 8 3 lockfpl 104 3664 0 3662 6 5 1 2 0 8 0 lockfspl 48 1297 0 1295 1 0 1 1 0 8 0 sessionpl 144 53 0 45 1 0 1 1 0 8 0 pgrppl 48 234 0 218 1 0 1 1 0 8 0 ucredpl 104 16789 0 16777 1 0 1 1 0 8 0 zombiepl 144 10736 0 10734 6 5 1 1 0 8 0 processpl 1112 9382 0 9338 5 0 5 5 0 8 0 procpl 656 23192 0 23142 9 2 7 8 0 8 1 sosppl 168 39 0 39 8 7 1 1 0 8 1 sockpl 528 22511 0 22478 101 91 10 19 0 8 7 mcl64k 65536 380 0 380 9 8 1 1 0 8 1 mcl16k 16384 21 0 21 8 7 1 1 0 8 1 mcl12k 12288 11 0 11 5 4 1 1 0 8 1 mcl9k 9216 6 0 6 4 4 0 1 0 8 0 mcl8k 8192 303 0 303 10 9 1 1 0 8 1 mcl4k 4096 15164 0 15112 23 14 9 15 0 8 2 mcl2k2 2112 6 0 6 3 3 0 1 0 8 0 mcl2k 2048 9994 0 9983 27 24 3 10 0 8 1 mtagpl 96 1393 0 1187 11 2 9 9 0 8 0 mbufpl 256 117980 0 117636 190 151 39 87 0 8 6 bufpl 280 24650 0 18422 446 0 446 446 0 8 0 anonpl 24 1101994 0 1088977 295 170 125 127 0 187 31 amapchunkpl 152 294117 0 293423 140 98 42 44 0 158 11 amappl16 200 21649 0 21205 145 106 39 48 0 8 8 amappl15 192 5 0 5 1 1 0 1 0 8 0 amappl14 184 172 0 162 1 0 1 1 0 8 0 amappl13 176 17 0 17 6 5 1 1 0 8 1 amappl12 168 10399 0 10373 3 1 2 3 0 8 0 amappl11 160 47 0 37 1 0 1 1 0 8 0 amappl10 152 12 0 11 3 2 1 1 0 8 0 amappl9 144 250 0 249 2 1 1 1 0 8 0 amappl8 136 24 0 22 1 0 1 1 0 8 0 amappl7 128 165 0 154 1 0 1 1 0 8 0 amappl6 120 491 0 487 1 0 1 1 0 8 0 amappl5 112 240 0 233 1 0 1 1 0 8 0 amappl4 104 408 0 390 1 0 1 1 0 8 0 amappl3 96 59666 0 59563 4 0 4 4 0 8 0 amappl2 88 1125 0 1066 2 0 2 2 0 8 0 amappl1 80 36381 0 35871 13 1 12 13 0 8 0 amappl 88 83626 0 83454 5 0 5 5 0 92 0 dma32768 32768 1 0 1 1 1 0 1 0 8 0 dma8192 8192 1 0 1 1 1 0 1 0 8 0 dma4096 4096 2 0 2 2 2 0 1 0 8 0 dma2048 2048 1 0 1 1 1 0 1 0 8 0 dma1024 1024 2 0 1 1 0 1 1 0 8 0 dma512 512 1 0 1 1 1 0 1 0 8 0 dma256 256 7 0 7 2 2 0 1 0 8 0 dma128 128 267 0 267 7 6 1 1 0 8 1 dma64 64 7 0 7 2 1 1 1 0 8 1 dma32 32 10 0 10 4 4 0 1 0 8 0 dma16 16 22 0 21 1 0 1 1 0 8 0 aobjpl 72 226 0 24 4 0 4 4 0 8 0 uaddrrnd 24 9303 0 9276 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 9303 0 9276 1 0 1 1 0 8 0 vmmpekpl 168 57115 0 57059 4 0 4 4 0 8 0 vmmpepl 168 561380 0 559302 193 68 125 125 0 357 16 vmsppl 360 9302 0 9276 4 1 3 4 0 8 0 rwobjpl 32 130825 0 123419 66 2 64 64 0 8 0 pdppl 4096 18612 0 18552 268 202 66 82 0 8 6 pvpl 32 3640390 0 3622105 550 326 224 232 0 265 40 pmappl 216 9302 0 9276 3 1 2 3 0 8 0 extentpl 40 55 0 38 1 0 1 1 0 8 0 phpool 112 749 0 490 9 0 9 9 0 8 0 ddb> machine ddbcpu 0 No such command ddb> trace db_enter() at db_enter+0x25 sys/arch/amd64/amd64/db_interface.c:438 panic(ffffffff833dd626) at panic+0x1cf sys/kern/subr_prf.c:198 uvm_fault_unwire_locked(fffffd806c0aeb50,400000000000,400000001000) at uvm_fault_unwire_locked+0x487 sys/uvm/uvm_fault.c:1741 uvm_fault_unwire(fffffd806c0aeb50,400000000000,400000001000) at uvm_fault_unwire+0x55 sys/uvm/uvm_fault.c:1704 kern_sysctl_dirs(4e,ffff80003c9adb48,1,400000000100,ffff80003c9adb78,0,3ace6e12f998a00,1) at kern_sysctl_dirs+0x5d1 kern_sysctl(ffff80003c9adb44,2,400000000100,ffff80003c9adb78,0,27,cd6cf60d2cb5622c) at kern_sysctl+0x12d sys/kern/kern_sysctl.c:526 sys_sysctl(ffff80002a81e2d0,ffff80003c9adcb0,ffff80003c9adc00) at sys_sysctl+0x425 syscall(ffff80003c9adcb0) at syscall+0x97e sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xed4fc835160, count: -9 ddb> machine ddbcpu 1 No such command ddb> trace db_enter() at db_enter+0x25 sys/arch/amd64/amd64/db_interface.c:438 panic(ffffffff833dd626) at panic+0x1cf sys/kern/subr_prf.c:198 uvm_fault_unwire_locked(fffffd806c0aeb50,400000000000,400000001000) at uvm_fault_unwire_locked+0x487 sys/uvm/uvm_fault.c:1741 uvm_fault_unwire(fffffd806c0aeb50,400000000000,400000001000) at uvm_fault_unwire+0x55 sys/uvm/uvm_fault.c:1704 kern_sysctl_dirs(4e,ffff80003c9adb48,1,400000000100,ffff80003c9adb78,0,3ace6e12f998a00,1) at kern_sysctl_dirs+0x5d1 kern_sysctl(ffff80003c9adb44,2,400000000100,ffff80003c9adb78,0,27,cd6cf60d2cb5622c) at kern_sysctl+0x12d sys/kern/kern_sysctl.c:526 sys_sysctl(ffff80002a81e2d0,ffff80003c9adcb0,ffff80003c9adc00) at sys_sysctl+0x425 syscall(ffff80003c9adcb0) at syscall+0x97e sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xed4fc835160, count: -9