login: panic: uvm_fault_unwire_locked: address not in map Stopped at db_enter+0x25: addq $0x8,%rsp TID PID UID PRFLAGS PFLAGS CPU COMMAND *167157 12117 0 0 0x4000000 0 syz-executor 115706 10771 0 0x2 0 1 syz-executor db_enter() at db_enter+0x25 sys/arch/amd64/amd64/db_interface.c:437 panic(ffffffff8340b83d) at panic+0x1e5 sys/kern/subr_prf.c:198 uvm_fault_unwire_locked(fffffd806b9a71e8,400000000000,400000001000) at uvm_fault_unwire_locked+0x48d sys/uvm/uvm_fault.c:1739 uvm_fault_wire(fffffd806b9a71e8,400000000000,400000002000,3) at uvm_fault_wire+0x12d uvm_fault_unwire sys/uvm/uvm_fault.c:1702 [inline] uvm_fault_wire(fffffd806b9a71e8,400000000000,400000002000,3) at uvm_fault_wire+0x12d sys/uvm/uvm_fault.c:1684 sysctl_vslock(400000000100,1935) at sysctl_vslock+0x109 sys/kern/kern_sysctl.c:195 kern_sysctl_dirs(2c,ffff80003c4f25c8,1,400000000100,ffff80003c4f25f8,0,118c2e07de644bf2,1) at kern_sysctl_dirs+0x247 sys/kern/kern_sysctl.c:426 kern_sysctl(ffff80003c4f25c4,2,400000000100,ffff80003c4f25f8,0,fffffffffffffdb2,1a2f2e7da6cb9fb8) at kern_sysctl+0x12d sys/kern/kern_sysctl.c:524 sys_sysctl(ffff80002a38d210,ffff80003c4f2730,ffff80003c4f2680) at sys_sysctl+0x425 syscall(ffff80003c4f2730) at syscall+0xbc6 mi_syscall sys/sys/syscall_mi.h:176 [inline] syscall(ffff80003c4f2730) at syscall+0xbc6 sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x74cd2a9e490, count: 5 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb{0}> ddb{0}> set $lines = 0 ddb{0}> set $maxwidth = 0 ddb{0}> show panic *cpu0: uvm_fault_unwire_locked: address not in map ddb{0}> trace db_enter() at db_enter+0x25 sys/arch/amd64/amd64/db_interface.c:437 panic(ffffffff8340b83d) at panic+0x1e5 sys/kern/subr_prf.c:198 uvm_fault_unwire_locked(fffffd806b9a71e8,400000000000,400000001000) at uvm_fault_unwire_locked+0x48d sys/uvm/uvm_fault.c:1739 uvm_fault_wire(fffffd806b9a71e8,400000000000,400000002000,3) at uvm_fault_wire+0x12d uvm_fault_unwire sys/uvm/uvm_fault.c:1702 [inline] uvm_fault_wire(fffffd806b9a71e8,400000000000,400000002000,3) at uvm_fault_wire+0x12d sys/uvm/uvm_fault.c:1684 sysctl_vslock(400000000100,1935) at sysctl_vslock+0x109 sys/kern/kern_sysctl.c:195 kern_sysctl_dirs(2c,ffff80003c4f25c8,1,400000000100,ffff80003c4f25f8,0,118c2e07de644bf2,1) at kern_sysctl_dirs+0x247 sys/kern/kern_sysctl.c:426 kern_sysctl(ffff80003c4f25c4,2,400000000100,ffff80003c4f25f8,0,fffffffffffffdb2,1a2f2e7da6cb9fb8) at kern_sysctl+0x12d sys/kern/kern_sysctl.c:524 sys_sysctl(ffff80002a38d210,ffff80003c4f2730,ffff80003c4f2680) at sys_sysctl+0x425 syscall(ffff80003c4f2730) at syscall+0xbc6 mi_syscall sys/sys/syscall_mi.h:176 [inline] syscall(ffff80003c4f2730) at syscall+0xbc6 sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x74cd2a9e490, count: -10 ddb{0}> show registers rdi 0 rsi 0x1 rbp 0xffff80003c4f2160 rbx 0xffffffff837a7dc7 cpu_info_full_primary+0x2dc7 rdx 0 rcx 0xffff80002a38d210 rax 0xffffffff837a6ff0 cpu_info_full_primary+0x1ff0 r8 0x101010101010101 r9 0x8080808080808080 r10 0xfea3de8812c6025a r11 0x5af7e4bcdc0d30ba r12 0xffffffff837a7bc8 cpu_info_full_primary+0x2bc8 r13 0 r14 0 r15 0x1 rip 0xffffffff82606ac5 db_enter+0x25 cs 0x8 rflags 0x246 rsp 0xffff80003c4f2150 ss 0 db_enter+0x25: addq $0x8,%rsp ddb{0}> show proc PROC (syz-executor) tid=167157 pid=12117 tcnt=4 stat=onproc flags process=0 proc=4000000 runpri=36, usrpri=50, slppri=36, nice=20 wchan=0x0, wmesg=, ps_single=0x0 scnt=0 ecnt=0 forw=0xffffffffffffffff, list=0xffff80002a38ca60,0xffff80002a38cf90 process=0xffff80002f0aab68 user=0xffff80003c4ed000, vmspace=0xfffffd806b9a71e8 estcpu=36, cpticks=0, pctcpu=0.0, user=0, sys=0, intr=0 ddb{0}> ps PID TID PPID UID S FLAGS WAIT COMMAND 30565 62857 55980 0 2 0 syz-executor 12117 421421 62525 0 2 0 syz-executor 12117 354138 62525 0 3 0x4000080 fsleep syz-executor *12117 167157 62525 0 7 0x4000000 syz-executor 12117 155849 62525 0 3 0x4000080 fsleep syz-executor 10099 104652 91509 0 2 0 syz-executor 10099 409973 91509 0 3 0x4000080 bell syz-executor 20815 183375 10771 0 2 0x10 syz-executor 20815 211237 10771 0 3 0x4000090 sbwait syz-executor 20815 160160 10771 0 3 0x4000090 fsleep syz-executor 20815 275563 10771 0 3 0x4000090 fsleep syz-executor 34044 300772 94769 0 3 0x80 nanoslp syz-executor 34044 222158 94769 0 3 0x4000080 wsevent_read syz-executor 10771 115706 31797 0 7 0x2 syz-executor 18659 964 1 0 3 0x100083 ttyin getty 68745 407016 31797 0 3 0x82 wait syz-executor 55980 79815 31797 0 3 0x82 nanoslp syz-executor 58674 398429 0 0 3 0x14200 bored sosplice 53770 188806 31797 0 3 0x82 wait syz-executor 94769 78431 31797 0 3 0x82 nanoslp syz-executor 62525 382815 31797 0 3 0x82 nanoslp syz-executor 4250 358866 31797 0 2 0x2 syz-executor 91509 108879 31797 0 3 0x82 nanoslp syz-executor 31797 416553 84431 0 3 0x82 kqread syz-executor 84431 162821 2182 0 3 0x10008a sigsusp ksh 2182 522467 42436 0 3 0x98 kqread sshd-session 42436 291703 15894 0 3 0x92 kqread sshd-session 15894 329928 1 0 3 0x88 kqread sshd 38575 478352 8649 74 3 0x1100092 bpf pflogd 8649 410912 1 0 3 0x80 sbwait pflogd 3935 355240 43920 73 3 0x1100090 kqread syslogd 43920 505227 1 0 3 0x100082 sbwait syslogd 85886 479938 1 0 3 0x100080 kqread resolvd 62074 165267 19413 77 3 0x100092 kqread dhcpleased 26057 43587 19413 77 3 0x100092 kqread dhcpleased 19413 203117 1 0 3 0x80 kqread dhcpleased 25313 455534 0 0 3 0x14200 bored smr 83134 287965 0 0 3 0x14200 pgzero zerothread 16560 422698 0 0 3 0x14200 aiodoned aiodoned 71543 488952 0 0 3 0x14200 syncer update 77019 229096 0 0 3 0x14200 cleaner cleaner 16105 124098 0 0 3 0x14200 reaper reaper 43427 142742 0 0 3 0x14200 pgdaemon pagedaemon 39997 50942 0 0 3 0x14200 bored viomb 28444 405421 0 0 3 0x40014200 acpi0 acpi0 9309 179017 0 0 3 0x40014200 idle1 17053 24885 0 0 3 0x14200 bored softnet3 23320 110656 0 0 3 0x14200 bored softnet2 28196 292232 0 0 3 0x14200 bored softnet1 65579 69606 0 0 3 0x14200 bored softnet0 49788 452816 0 0 3 0x14200 bored systqmp 80921 328274 0 0 3 0x14200 bored systq 82837 53288 0 0 3 0x14200 tmoslp softclockmp 11328 331221 0 0 3 0x40014200 tmoslp softclock 56842 436568 0 0 3 0x40014200 idle0 1 22422 0 0 3 0x80082 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb{0}> show all locks Process 12117 (syz-executor) thread 0xffff80002a38d210 (167157) Process 34044 (syz-executor) thread 0xffff80003c4f5220 (222158) ddb{0}> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10238 11188K 11750K 166960K 13530 0 pcb 17 16K 18K 166960K 327 0 rtable 216 9K 9K 166960K 672 0 pf 38 18K 20K 166960K 145 0 ifaddr 41 7K 8K 166960K 103 0 ifgroup 59 2K 2K 166960K 176 0 sysctl 4 1K 1K 166960K 4 0 counters 66 36K 37K 166960K 152 0 ioctlops 0 0K 4K 166960K 1698 0 iov 1 0K 24K 166960K 146 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1392 88K 88K 166960K 2647 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 16K 20K 166960K 32 0 VM map 2 1K 1K 166960K 2 0 sem 20 3K 3K 166960K 45 0 dirhash 12 2K 3K 166960K 45 0 ACPI 1692 195K 286K 166960K 12470 0 file desc 18 65K 93K 166960K 1630 0 sigio 0 0K 0K 166960K 25 0 proc 72 91K 140K 166960K 808 0 subproc 72 4K 4K 166960K 102 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 0 0K 0K 166960K 211 0 in_multi 88 6K 7K 166960K 163 0 ether_multi 1 0K 0K 166960K 5 0 mrt 0 0K 0K 166960K 3 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 247 1102K 1102K 166960K 247 0 exec 0 0K 1K 166960K 818 0 fusefs mount 1 32K 32K 166960K 1 0 pfkey data 0 0K 0K 166960K 4 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 237 73K 86K 166960K 16892 0 UVM aobj 67 5K 5K 166960K 73 0 pinsyscall 43 86K 104K 166960K 2864 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 0K 166960K 127 0 NDP 13 0K 2K 166960K 70 0 temp 79 8644K 8772K 166960K 65113 0 kqueue 13 20K 30K 166960K 289 0 SYN cache 2 16K 16K 166960K 2 0 ddb{0}> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle plcache 128 24 0 0 1 0 1 1 0 8 0 rtpcb 120 264 0 258 3 2 1 3 0 8 0 rtentry 112 220 0 127 4 0 4 4 0 8 0 unpcb 144 1134 0 1117 9 3 6 6 0 8 5 syncache 336 9 0 9 4 3 1 1 0 8 1 tcpqe 32 2 0 2 2 2 0 1 0 8 0 tcpcb 808 461 0 455 14 11 3 8 0 8 2 arp 120 32 0 15 1 0 1 1 0 8 0 inpcb 376 1996 0 1987 17 9 8 9 0 8 6 nd6 136 38 0 15 1 0 1 1 0 8 0 pkpcb 40 9 0 9 1 0 1 1 0 8 1 kcovpl 48 11 0 3 1 0 1 1 0 8 0 ppxss 1168 26 0 26 1 0 1 1 0 8 1 pppxif 1472 5 0 5 1 0 1 1 0 8 1 pffrag 232 6 0 4 1 0 1 1 0 482 0 pffrnode 88 6 0 4 1 0 1 1 0 8 0 pffrent 40 15 0 13 1 0 1 1 0 8 0 pfosfp 40 1428 0 1005 5 0 5 5 0 8 0 pfosfpen 112 1428 0 714 21 0 21 21 0 8 0 pftag 88 3 0 1 1 0 1 1 0 8 0 pfstitem 24 100 0 23 1 0 1 1 0 8 0 pfstkey 128 100 0 21 3 0 3 3 0 8 0 pfstate 376 98 0 22 8 0 8 8 0 8 0 pfrule 1344 27 0 20 2 0 2 2 0 8 0 art_heap8 4096 3 0 0 3 0 3 3 0 8 0 art_heap4 256 698 0 310 32 4 28 29 0 8 2 art_table 32 701 0 310 4 0 4 4 0 8 0 art_node 16 182 0 100 1 0 1 1 0 8 0 sysvmsgpl 40 19 0 16 2 1 1 1 0 8 0 semapl 112 41 0 23 1 0 1 1 0 8 0 shmpl 112 70 0 6 2 0 2 2 0 8 0 dirhash 1024 40 0 23 3 0 3 3 0 8 0 dino2pl 256 4371 0 2866 95 0 95 95 0 8 0 ffsino 280 4371 0 2866 109 0 109 109 0 8 0 nchpl 144 6655 0 4956 65 1 64 64 0 8 0 uvmvnodes 80 5205 0 0 107 0 107 107 0 8 0 vnodes 216 5205 0 0 290 0 290 290 0 8 0 namei 1024 23991 0 23991 4 3 1 2 0 8 1 percpumem 16 90 0 43 1 0 1 1 0 8 0 kstatmem 264 96 0 70 2 0 2 2 0 8 0 scsiplug 72 5 0 5 2 1 1 1 0 8 1 scxspl 216 20325 0 20325 12 9 3 8 1 8 3 plimitpl 152 382 0 365 1 0 1 1 0 8 0 sigapl 424 1945 0 1894 7 1 6 7 0 8 0 futexpl 64 22973 0 22969 1 0 1 1 0 8 0 knotepl 120 563 0 0 18 0 18 18 0 8 0 kqueuepl 216 712 0 703 11 6 5 5 0 8 4 pipepl 328 366 0 339 8 5 3 8 0 8 0 fdescpl 504 1924 0 1892 6 1 5 5 0 8 0 filepl 152 13253 0 13030 20 6 14 17 0 8 3 lockfpl 104 727 0 723 2 0 2 2 0 8 1 lockfspl 48 253 0 250 1 0 1 1 0 8 0 sessionpl 144 33 0 24 1 0 1 1 0 8 0 pgrppl 48 65 0 48 1 0 1 1 0 8 0 ucredpl 104 2060 0 2045 1 0 1 1 0 8 0 zombiepl 144 1897 0 1894 2 1 1 1 0 8 0 processpl 1168 1945 0 1894 5 1 4 5 0 8 0 procpl 656 4439 0 4380 7 1 6 6 0 8 0 srpgc 96 9 0 9 3 2 1 1 0 8 1 sosppl 168 7 0 7 2 1 1 1 0 8 1 sockpl 688 3426 0 3394 22 10 12 16 0 8 8 mcl64k 65536 5 0 0 1 0 1 1 0 8 0 mcl16k 16384 3 0 0 1 0 1 1 0 8 0 mcl12k 12288 2 0 0 1 0 1 1 0 8 0 mcl9k 9216 1 0 0 1 0 1 1 0 8 0 mcl8k 8192 3 0 0 1 0 1 1 0 8 0 mcl4k 4096 115 0 0 15 0 15 15 0 8 0 mcl2k 2048 61 0 0 6 0 6 6 0 8 0 mtagpl 96 43 0 0 2 0 2 2 0 8 0 mbufpl 256 1201 0 0 75 0 75 75 0 8 0 bufpl 280 6749 0 594 440 0 440 440 0 8 0 anonpl 24 245353 0 241783 53 9 44 47 0 184 16 amapchunkpl 152 56159 0 55631 33 5 28 28 0 158 7 amappl16 200 4654 0 4615 23 15 8 15 0 8 4 amappl15 192 7 0 7 1 1 0 1 0 8 0 amappl14 184 136 0 124 1 0 1 1 0 8 0 amappl13 176 5 0 5 1 1 0 1 0 8 0 amappl12 168 2641 0 2608 3 1 2 3 0 8 0 amappl11 160 94 0 80 1 0 1 1 0 8 0 amappl10 152 6 0 6 3 3 0 1 0 8 0 amappl9 144 243 0 243 1 1 0 1 0 8 0 amappl8 136 48 0 45 1 0 1 1 0 8 0 amappl7 128 124 0 110 1 0 1 1 0 8 0 amappl6 120 225 0 221 1 0 1 1 0 8 0 amappl5 112 141 0 132 1 0 1 1 0 8 0 amappl4 104 370 0 349 1 0 1 1 0 8 0 amappl3 96 11259 0 11139 4 0 4 4 0 8 0 amappl2 88 763 0 701 2 0 2 2 0 8 0 amappl1 80 14133 0 13554 16 2 14 14 0 8 0 amappl 88 16352 0 16172 5 0 5 5 0 92 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 254 0 254 2 2 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 8 0 8 2 1 1 1 0 8 1 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 72 0 6 2 0 2 2 0 8 0 uaddrrnd 24 1924 0 1892 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 1924 0 1892 1 0 1 1 0 8 0 vmmpekpl 168 17449 0 17407 3 0 3 3 0 8 0 vmmpepl 168 121859 0 119924 99 6 93 96 0 357 5 vmsppl 456 1923 0 1892 6 1 5 5 0 8 0 rwobjpl 64 37754 0 31524 101 0 101 101 0 8 0 pdppl 4096 3856 0 3784 112 38 74 86 0 8 2 pvpl 32 15644 0 0 127 0 127 127 0 265 0 pmappl 248 1923 0 1892 3 0 3 3 0 8 0 extentpl 40 55 0 38 1 0 1 1 0 8 0 phpool 112 381 0 63 10 0 10 10 0 8 0 ddb{0}> machine ddbcpu 0 Invalid cpu 0 ddb{0}> trace db_enter() at db_enter+0x25 sys/arch/amd64/amd64/db_interface.c:437 panic(ffffffff8340b83d) at panic+0x1e5 sys/kern/subr_prf.c:198 uvm_fault_unwire_locked(fffffd806b9a71e8,400000000000,400000001000) at uvm_fault_unwire_locked+0x48d sys/uvm/uvm_fault.c:1739 uvm_fault_wire(fffffd806b9a71e8,400000000000,400000002000,3) at uvm_fault_wire+0x12d uvm_fault_unwire sys/uvm/uvm_fault.c:1702 [inline] uvm_fault_wire(fffffd806b9a71e8,400000000000,400000002000,3) at uvm_fault_wire+0x12d sys/uvm/uvm_fault.c:1684 sysctl_vslock(400000000100,1935) at sysctl_vslock+0x109 sys/kern/kern_sysctl.c:195 kern_sysctl_dirs(2c,ffff80003c4f25c8,1,400000000100,ffff80003c4f25f8,0,118c2e07de644bf2,1) at kern_sysctl_dirs+0x247 sys/kern/kern_sysctl.c:426 kern_sysctl(ffff80003c4f25c4,2,400000000100,ffff80003c4f25f8,0,fffffffffffffdb2,1a2f2e7da6cb9fb8) at kern_sysctl+0x12d sys/kern/kern_sysctl.c:524 sys_sysctl(ffff80002a38d210,ffff80003c4f2730,ffff80003c4f2680) at sys_sysctl+0x425 syscall(ffff80003c4f2730) at syscall+0xbc6 mi_syscall sys/sys/syscall_mi.h:176 [inline] syscall(ffff80003c4f2730) at syscall+0xbc6 sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x74cd2a9e490, count: -10 ddb{0}> machine ddbcpu 1