panic: uvm_fault_unwire_locked: address not in map Stopped at db_enter+0x25: addq $0x8,%rsp TID PID UID PRFLAGS PFLAGS CPU COMMAND *497671 99889 0 0 0x4000000 0 syz-executor db_enter() at db_enter+0x25 sys/arch/amd64/amd64/db_interface.c:437 panic(ffffffff83092ae8) at panic+0x1cf sys/kern/subr_prf.c:198 uvm_fault_unwire_locked(fffffd806c20bb10,20000000,20011000) at uvm_fault_unwire_locked+0x487 sys/uvm/uvm_fault.c:1694 uvm_fault_unwire(fffffd806c20bb10,20000000,20011000) at uvm_fault_unwire+0x55 sys/uvm/uvm_fault.c:1657 kern_sysctl(ffff800037429ac4,5,20000100,ffff800037429af8,0,37,92702bbc584c48a9) at kern_sysctl+0xc4c sys_sysctl(ffff80002a4ff710,ffff800037429c30,ffff800037429b80) at sys_sysctl+0x425 syscall(ffff800037429c30) at syscall+0x97e sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x496da5165b0, count: 7 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic *cpu0: uvm_fault_unwire_locked: address not in map ddb> trace db_enter() at db_enter+0x25 sys/arch/amd64/amd64/db_interface.c:437 panic(ffffffff83092ae8) at panic+0x1cf sys/kern/subr_prf.c:198 uvm_fault_unwire_locked(fffffd806c20bb10,20000000,20011000) at uvm_fault_unwire_locked+0x487 sys/uvm/uvm_fault.c:1694 uvm_fault_unwire(fffffd806c20bb10,20000000,20011000) at uvm_fault_unwire+0x55 sys/uvm/uvm_fault.c:1657 kern_sysctl(ffff800037429ac4,5,20000100,ffff800037429af8,0,37,92702bbc584c48a9) at kern_sysctl+0xc4c sys_sysctl(ffff80002a4ff710,ffff800037429c30,ffff800037429b80) at sys_sysctl+0x425 syscall(ffff800037429c30) at syscall+0x97e sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x496da5165b0, count: -8 ddb> show registers rdi 0 rsi 0x1 rbp 0xffff800037429790 rbx 0xffff800037429ac8 rdx 0 rcx 0 rax 0xffff80002a4ff710 r8 0x101010101010101 r9 0x8080808080808080 r10 0x43221cfc19cc08b5 r11 0x71ac83fc28a32fda r12 0 r13 0x7f7fffffc000 r14 0 r15 0x1 rip 0xffffffff823e0415 db_enter+0x25 cs 0x8 rflags 0x246 rsp 0xffff800037429780 ss 0 db_enter+0x25: addq $0x8,%rsp ddb> show proc PROC (syz-executor) tid=497671 pid=99889 tcnt=4 stat=onproc flags process=0 proc=4000000 runpri=36, usrpri=50, slppri=36, nice=20 wchan=0x0, wmesg=, ps_single=0x0 scnt=0 ecnt=0 forw=0xffffffffffffffff, list=0xffff80002a4fe2d0,0xffff80002a4fe568 process=0xffff80002a465e00 user=0xffff800037424000, vmspace=0xfffffd806c20bb10 estcpu=36, cpticks=0, pctcpu=0.0, user=0, sys=0, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 6324 403231 52739 0 2 0 syz-executor 6324 31303 52739 0 3 0x4000080 fsleep syz-executor 99889 241751 82379 0 2 0 syz-executor 99889 356989 82379 0 2 0x4000000 syz-executor *99889 497671 82379 0 7 0x4000000 syz-executor 99889 410875 82379 0 2 0x4000000 syz-executor 64310 336641 88379 0 2 0 syz-executor 64310 21340 88379 0 3 0x4000080 sbwait syz-executor 25311 242296 49770 0 2 0 syz-executor 25311 345626 49770 0 3 0x4000080 fsleep syz-executor 25311 176471 49770 0 3 0x4000080 fsleep syz-executor 81081 89335 86720 0 2 0 syz-executor 81081 73660 86720 0 3 0x4000080 pipewr syz-executor 81081 65632 86720 0 3 0x4000080 fsleep syz-executor 48222 352053 0 0 3 0x14200 acct acct 29264 344793 1 0 3 0x100083 ttyin getty 52031 512393 0 0 3 0x14280 nfsidl nfsio 67164 442397 0 0 3 0x14280 nfsidl nfsio 62428 327109 0 0 3 0x14280 nfsidl nfsio 63147 99801 0 0 3 0x14280 nfsidl nfsio 23067 55438 0 0 3 0x14280 nfsidl nfsio 81875 13246 0 0 3 0x14280 nfsidl nfsio 48859 87735 0 0 3 0x14280 nfsidl nfsio 25349 474994 0 0 3 0x14280 nfsidl nfsio 34128 39979 0 0 3 0x14280 nfsidl nfsio 53159 123368 0 0 3 0x14280 nfsidl nfsio 63764 386211 0 0 3 0x14280 nfsidl nfsio 16252 56933 0 0 3 0x14280 nfsidl nfsio 68201 72894 0 0 3 0x14280 nfsidl nfsio 53790 2325 0 0 3 0x14280 nfsidl nfsio 34284 377037 0 0 3 0x14280 nfsidl nfsio 70303 207081 0 0 3 0x14280 nfsidl nfsio 89460 313776 0 0 3 0x14280 nfsidl nfsio 42155 111957 0 0 3 0x14280 nfsidl nfsio 34007 449050 0 0 3 0x14280 nfsidl nfsio 19834 115544 0 0 3 0x14280 nfsidl nfsio 82379 260203 99871 0 3 0x82 nanoslp syz-executor 88379 521287 99871 0 3 0x82 nanoslp syz-executor 31757 359422 99871 0 2 0x2 syz-executor 49770 143232 99871 0 3 0x82 nanoslp syz-executor 52739 160494 99871 0 3 0x82 nanoslp syz-executor 47189 5241 0 0 3 0x14200 bored sosplice 86720 219593 99871 0 3 0x82 nanoslp syz-executor 23423 327298 99871 0 2 0x2 syz-executor 7064 346385 99871 0 2 0x2 syz-executor 99871 89062 27116 0 2 0x2 syz-executor 27116 401701 41198 0 3 0x10008a sigsusp ksh 41198 359760 54833 0 3 0x98 kqread sshd-session 54833 444469 23401 0 3 0x92 kqread sshd-session 23401 100834 1 0 3 0x88 kqread sshd 75454 437695 56269 73 3 0x1100090 kqread syslogd 56269 33485 1 0 3 0x100082 sbwait syslogd 35955 122310 1 0 3 0x100080 kqread resolvd 23124 75055 7751 77 3 0x100092 kqread dhcpleased 2072 361962 7751 77 3 0x100092 kqread dhcpleased 7751 119570 1 0 3 0x80 kqread dhcpleased 38726 412717 0 0 3 0x14200 bored smr 99648 474449 0 0 2 0x14200 zerothread 22892 379452 0 0 3 0x14200 aiodoned aiodoned 89385 401823 0 0 3 0x14200 syncer update 99575 186172 0 0 3 0x14200 cleaner cleaner 35682 173672 0 0 3 0x14200 reaper reaper 94757 307329 0 0 3 0x14200 pgdaemon pagedaemon 77232 81120 0 0 3 0x14200 bored viomb 33278 217376 0 0 3 0x40014200 acpi0 acpi0 98707 207572 0 0 3 0x14200 bored softnet3 20245 133368 0 0 3 0x14200 bored softnet2 11925 215126 0 0 3 0x14200 bored softnet1 33399 260652 0 0 3 0x14200 bored softnet0 69297 363953 0 0 3 0x14200 bored systqmp 71566 239895 0 0 3 0x14200 bored systq 96626 514963 0 0 3 0x40014200 tmoslp softclock 41807 440039 0 0 3 0x40014200 idle0 1 498541 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10195 11118K 15215K 166960K 14664 0 pcb 18 18K 20K 166960K 528 0 rtable 219 9K 9K 166960K 698 0 pf 32 13K 269K 166960K 96 0 ifaddr 39 6K 8K 166960K 91 0 ifgroup 50 2K 2K 166960K 121 0 sysctl 3 0K 0K 166960K 5 0 counters 30 17K 17K 166960K 50 0 ioctlops 0 0K 4K 166960K 203 0 iov 0 0K 32K 166960K 326 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1459 92K 92K 166960K 3056 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 1K 9K 166960K 40 0 VM map 2 1K 1K 166960K 2 0 sem 12 0K 0K 166960K 134 0 dirhash 15 2K 2K 166960K 42 0 ACPI 1690 195K 286K 166960K 12468 0 file desc 17 61K 97K 166960K 2014 0 sigio 0 0K 0K 166960K 50 0 proc 60 59K 124K 166960K 800 0 subproc 104 6K 6K 166960K 170 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 0 0K 0K 166960K 342 0 in_multi 88 6K 7K 166960K 228 0 ether_multi 1 0K 0K 166960K 13 0 mrt 1 0K 0K 166960K 9 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 163 731K 731K 166960K 163 0 exec 0 0K 1K 166960K 1092 0 fusefs mount 1 32K 32K 166960K 1 0 pfkey data 0 0K 0K 166960K 3 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 211 72K 96K 166960K 19663 0 UVM aobj 86 3K 3K 166960K 91 0 pinsyscall 38 76K 98K 166960K 3175 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 0K 166960K 121 0 NDP 11 0K 2K 166960K 61 0 temp 75 6820K 6900K 166960K 69245 0 kqueue 13 20K 32K 166960K 362 0 SYN cache 2 16K 16K 166960K 2 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle rtpcb 120 400 0 397 8 7 1 3 0 8 0 rtentry 112 218 0 122 4 0 4 4 0 8 0 unpcb 144 1826 0 1811 15 14 1 6 0 8 0 syncache 336 8 0 8 5 5 0 1 0 8 0 sackhl 24 1 0 1 1 1 0 1 0 8 0 tcpqe 32 10 0 10 2 2 0 1 0 8 0 tcpcb 808 690 0 685 11 9 2 5 0 8 0 arp 88 40 0 21 1 0 1 1 0 8 0 ipq 40 9 0 6 1 0 1 1 0 8 0 ipqe 40 64 0 61 1 0 1 1 0 8 0 inpcb 336 2718 0 2708 32 27 5 12 0 8 2 nd6 104 47 0 24 1 0 1 1 0 8 0 pkpcb 40 14 0 14 5 4 1 1 0 8 1 kcovpl 48 13 0 5 1 0 1 1 0 8 0 ppxss 1072 7 0 7 4 4 0 1 0 8 0 pfqueue 264 2 0 2 2 2 0 1 0 8 0 pfstitem 24 4 0 0 1 0 1 1 0 8 0 pfstkey 128 8 0 4 1 0 1 1 0 8 0 pfstate 344 4 0 2 1 0 1 1 0 8 0 pfrule 1344 5 0 5 2 2 0 1 0 8 0 art_heap8 4096 2 0 0 2 0 2 2 0 8 0 art_heap4 256 894 0 479 37 10 27 29 0 8 0 art_table 32 896 0 479 4 0 4 4 0 8 0 art_node 16 211 0 125 1 0 1 1 0 8 0 sysvmsgpl 40 41 0 39 2 1 1 1 0 8 0 semupl 112 1 0 1 1 1 0 1 0 8 0 semapl 112 130 0 120 1 0 1 1 0 8 0 shmpl 112 88 0 5 3 0 3 3 0 8 0 dirhash 1024 37 0 18 3 0 3 3 0 8 0 dino2pl 256 4977 0 3475 95 0 95 95 0 8 0 ffsino 240 4977 0 3475 90 0 90 90 0 8 0 nchpl 144 7849 0 6161 64 0 64 64 0 8 0 uvmvnodes 80 5926 0 0 121 0 121 121 0 8 0 vnodes 216 5926 0 0 330 0 330 330 0 8 0 namei 1024 28031 0 28030 8 7 1 2 0 8 0 kstatmem 264 62 0 40 2 0 2 2 0 8 0 scsiplug 72 12 0 12 5 5 0 1 0 8 0 scxspl 216 26990 0 26990 12 11 1 8 1 8 1 plimitpl 152 679 0 663 1 0 1 1 0 8 0 sigapl 424 2336 0 2269 9 1 8 8 0 8 0 futexpl 64 29540 0 29535 1 0 1 1 0 8 0 knotepl 120 97642 0 97594 69 66 3 17 0 8 0 kqueuepl 184 776 0 767 6 5 1 4 0 8 0 pipepl 288 312 0 284 6 3 3 5 0 8 0 fdescpl 432 2269 0 2240 5 1 4 5 0 8 0 filepl 120 16358 0 16117 25 14 11 16 0 8 0 lockfpl 104 620 0 617 1 0 1 1 0 8 0 lockfspl 48 256 0 253 1 0 1 1 0 8 0 sessionpl 144 30 0 22 1 0 1 1 0 8 0 pgrppl 48 75 0 59 1 0 1 1 0 8 0 ucredpl 104 3068 0 3057 1 0 1 1 0 8 0 zombiepl 144 2291 0 2291 2 1 1 1 0 8 1 processpl 1096 2336 0 2269 5 0 5 5 0 8 0 procpl 648 5001 0 4925 10 2 8 8 0 8 0 sosppl 168 19 0 19 6 5 1 1 0 8 1 sockpl 504 5075 0 5048 76 66 10 22 0 8 4 mcl64k 65536 98 0 97 6 5 1 1 0 8 0 mcl16k 16384 7 0 7 4 4 0 1 0 8 0 mcl12k 12288 1 0 1 1 1 0 1 0 8 0 mcl9k 9216 2 0 2 1 1 0 1 0 8 0 mcl8k 8192 90 0 90 6 6 0 1 0 8 0 mcl4k 4096 5169 0 5118 22 15 7 18 0 8 0 mcl2k2 2112 3 0 3 2 2 0 1 0 8 0 mcl2k 2048 2317 0 2316 6 5 1 4 0 8 0 mtagpl 96 57 0 28 1 0 1 1 0 8 0 mbufpl 256 34214 0 34047 95 79 16 74 0 8 0 bufpl 280 9850 0 3602 447 0 447 447 0 8 0 anonpl 24 368478 0 365094 131 95 36 98 0 187 0 amapchunkpl 152 72114 0 71671 115 92 23 51 0 158 1 amappl16 200 8635 0 8602 53 49 4 15 0 8 0 amappl15 192 30 0 29 2 1 1 1 0 8 0 amappl14 184 121 0 111 1 0 1 1 0 8 0 amappl13 176 9 0 9 2 1 1 1 0 8 1 amappl12 168 2965 0 2937 3 1 2 3 0 8 0 amappl11 160 52 0 42 1 0 1 1 0 8 0 amappl10 152 9 0 9 3 3 0 1 0 8 0 amappl9 144 106 0 105 1 0 1 1 0 8 0 amappl8 136 53 0 51 1 0 1 1 0 8 0 amappl7 128 114 0 103 1 0 1 1 0 8 0 amappl6 120 212 0 210 1 0 1 1 0 8 0 amappl5 112 150 0 141 1 0 1 1 0 8 0 amappl4 104 313 0 296 1 0 1 1 0 8 0 amappl3 96 12159 0 12077 3 0 3 3 0 8 0 amappl2 88 2571 0 2494 2 0 2 2 0 8 0 amappl1 80 13627 0 13115 14 2 12 13 0 8 0 amappl 88 19057 0 18902 5 0 5 5 0 92 0 dma65536 65536 1 0 1 1 1 0 1 0 8 0 dma32768 32768 1 0 1 1 0 1 1 0 8 1 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma2048 2048 2 0 2 2 2 0 1 0 8 0 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 8 0 8 3 3 0 1 0 8 0 dma128 128 254 0 254 2 2 0 1 0 8 0 dma64 64 7 0 7 2 2 0 1 0 8 0 dma32 32 8 0 8 2 2 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 90 0 5 2 0 2 2 0 8 0 uaddrrnd 24 2269 0 2240 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 2269 0 2240 1 0 1 1 0 8 0 vmmpekpl 168 16545 0 16476 4 0 4 4 0 8 0 vmmpepl 168 142030 0 140366 118 37 81 91 0 357 0 vmsppl 352 2268 0 2240 4 1 3 4 0 8 0 rwobjpl 24 44027 0 37170 42 0 42 42 0 8 0 pdppl 4096 4544 0 4480 120 54 66 82 0 8 2 pvpl 32 1001937 0 993284 354 259 95 279 0 265 1 pmappl 216 2268 0 2240 3 1 2 3 0 8 0 extentpl 40 55 0 38 1 0 1 1 0 8 0 phpool 112 633 0 302 12 0 12 12 0 8 0 ddb> machine ddbcpu 0 No such command ddb> trace db_enter() at db_enter+0x25 sys/arch/amd64/amd64/db_interface.c:437 panic(ffffffff83092ae8) at panic+0x1cf sys/kern/subr_prf.c:198 uvm_fault_unwire_locked(fffffd806c20bb10,20000000,20011000) at uvm_fault_unwire_locked+0x487 sys/uvm/uvm_fault.c:1694 uvm_fault_unwire(fffffd806c20bb10,20000000,20011000) at uvm_fault_unwire+0x55 sys/uvm/uvm_fault.c:1657 kern_sysctl(ffff800037429ac4,5,20000100,ffff800037429af8,0,37,92702bbc584c48a9) at kern_sysctl+0xc4c sys_sysctl(ffff80002a4ff710,ffff800037429c30,ffff800037429b80) at sys_sysctl+0x425 syscall(ffff800037429c30) at syscall+0x97e sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x496da5165b0, count: -8 ddb> machine ddbcpu 1 No such command ddb> trace db_enter() at db_enter+0x25 sys/arch/amd64/amd64/db_interface.c:437 panic(ffffffff83092ae8) at panic+0x1cf sys/kern/subr_prf.c:198 uvm_fault_unwire_locked(fffffd806c20bb10,20000000,20011000) at uvm_fault_unwire_locked+0x487 sys/uvm/uvm_fault.c:1694 uvm_fault_unwire(fffffd806c20bb10,20000000,20011000) at uvm_fault_unwire+0x55 sys/uvm/uvm_fault.c:1657 kern_sysctl(ffff800037429ac4,5,20000100,ffff800037429af8,0,37,92702bbc584c48a9) at kern_sysctl+0xc4c sys_sysctl(ffff80002a4ff710,ffff800037429c30,ffff800037429b80) at sys_sysctl+0x425 syscall(ffff800037429c30) at syscall+0x97e sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x496da5165b0, count: -8