panic: uvm_fault_unwire_locked: address not in map Stopped at db_enter+0x25: addq $0x8,%rsp TID PID UID PRFLAGS PFLAGS CPU COMMAND *286330 70140 0 0x1000 0x4080000 0 syz-executor db_enter() at db_enter+0x25 sys/arch/amd64/amd64/db_interface.c:437 panic(ffffffff8308d27a) at panic+0x1cf sys/kern/subr_prf.c:198 uvm_fault_unwire_locked(fffffd80647e8018,20000000,20001000) at uvm_fault_unwire_locked+0x487 sys/uvm/uvm_fault.c:1663 uvm_fault_unwire(fffffd80647e8018,20000000,20001000) at uvm_fault_unwire+0x55 sys/uvm/uvm_fault.c:1623 kern_sysctl(ffff800037623394,2,20000100,ffff8000376233c8,0,37,7cadf0208be26528) at kern_sysctl+0xc4c sys_sysctl(ffff80002a4d1478,ffff800037623500,ffff800037623450) at sys_sysctl+0x425 syscall(ffff800037623500) at syscall+0x97e sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xc178c1a1a00, count: 7 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic *cpu0: uvm_fault_unwire_locked: address not in map ddb> trace db_enter() at db_enter+0x25 sys/arch/amd64/amd64/db_interface.c:437 panic(ffffffff8308d27a) at panic+0x1cf sys/kern/subr_prf.c:198 uvm_fault_unwire_locked(fffffd80647e8018,20000000,20001000) at uvm_fault_unwire_locked+0x487 sys/uvm/uvm_fault.c:1663 uvm_fault_unwire(fffffd80647e8018,20000000,20001000) at uvm_fault_unwire+0x55 sys/uvm/uvm_fault.c:1623 kern_sysctl(ffff800037623394,2,20000100,ffff8000376233c8,0,37,7cadf0208be26528) at kern_sysctl+0xc4c sys_sysctl(ffff80002a4d1478,ffff800037623500,ffff800037623450) at sys_sysctl+0x425 syscall(ffff800037623500) at syscall+0x97e sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xc178c1a1a00, count: -8 ddb> show registers rdi 0 rsi 0x1 rbp 0xffff800037623050 rbx 0x7f7fffffc000 rdx 0xffff800001279c40 rcx 0 rax 0xffff80002a4d1478 r8 0 r9 0x8080808080808080 r10 0x17f73f316c7ad191 r11 0x12eeb1f8dffe536d r12 0 r13 0 r14 0 r15 0x1 rip 0xffffffff813b2725 db_enter+0x25 cs 0x8 rflags 0x246 rsp 0xffff800037623040 ss 0 db_enter+0x25: addq $0x8,%rsp ddb> show proc PROC (syz-executor) tid=286330 pid=70140 tcnt=2 stat=onproc flags process=1000 proc=4080000 runpri=32, usrpri=82, slppri=32, nice=20 wchan=0x0, wmesg=, ps_single=0xffff80002a4d07d0 scnt=1 ecnt=0 forw=0xffffffffffffffff, list=0xffff80002a456cb0,0xffff80002a48cf58 process=0xffff8000327f5138 user=0xffff80003761e000, vmspace=0xfffffd80647e8018 estcpu=32, cpticks=0, pctcpu=0.0, user=0, sys=0, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 5698 465825 86922 0 3 0x80 nanoslp syz-executor 5698 372714 86922 0 3 0x4000080 sysctllk syz-executor 5698 254160 86922 0 3 0x4000080 fsleep syz-executor 89375 388063 91140 0 2 0 syz-executor 89375 147014 91140 0 3 0x4000080 sysctllk syz-executor 47704 39559 98646 0 2 0x480 syz-executor 47704 378568 98646 0 3 0x4000080 sysctllk syz-executor 47704 490639 98646 0 3 0x4000080 fsleep syz-executor 79166 413956 71665 0 2 0 syz-executor 79166 165194 71665 0 3 0x4000080 fsleep syz-executor 79166 144868 71665 0 3 0x4000080 sysctllk syz-executor 70140 108887 34639 0 3 0x3000 suspend syz-executor *70140 286330 34639 0 7 0x4081000 syz-executor 10320 319110 0 0 3 0x14200 acct acct 52976 468837 1 0 3 0x80 nanoslp init 71665 75902 83204 0 3 0x82 nanoslp syz-executor 67812 196663 0 0 3 0x14200 bored sosplice 98646 142458 83204 0 3 0x82 nanoslp syz-executor 24320 243949 83204 0 3 0x82 wait syz-executor 86922 168766 83204 0 3 0x82 nanoslp syz-executor 58851 278648 83204 0 3 0x82 nanoslp syz-executor 34639 164658 83204 0 3 0x82 nanoslp syz-executor 91140 136682 83204 0 2 0x482 syz-executor 38015 210927 83204 0 3 0x82 wait syz-executor 83204 33441 92420 0 3 0x82 kqread syz-executor 92420 34392 23879 0 3 0x10008a sigsusp ksh 23879 78989 32320 0 3 0x98 kqread sshd-session 32320 410489 20922 0 3 0x92 kqread sshd-session 20922 220444 1 0 3 0x88 kqread sshd 41686 5762 63819 73 3 0x1100090 kqread syslogd 63819 290195 1 0 3 0x100082 sbwait syslogd 76885 99782 1 0 3 0x100080 kqread resolvd 39660 100970 29025 77 3 0x100092 kqread dhcpleased 76507 157529 29025 77 3 0x100092 kqread dhcpleased 29025 284849 1 0 3 0x80 kqread dhcpleased 52718 163510 0 0 3 0x14200 bored smr 92350 504350 0 0 2 0x14200 zerothread 40193 431969 0 0 3 0x14200 aiodoned aiodoned 44851 10464 0 0 3 0x14200 syncer update 40304 407953 0 0 3 0x14200 cleaner cleaner 17016 237822 0 0 3 0x14200 reaper reaper 43059 372791 0 0 3 0x14200 pgdaemon pagedaemon 10915 493823 0 0 3 0x14200 bored viomb 96951 504060 0 0 3 0x40014200 acpi0 acpi0 44141 491064 0 0 3 0x14200 bored softnet3 26725 76771 0 0 3 0x14200 bored softnet2 7418 350806 0 0 3 0x14200 bored softnet1 53307 481762 0 0 3 0x14200 bored softnet0 93974 167390 0 0 3 0x14200 bored systqmp 32369 138697 0 0 3 0x14200 bored systq 48695 523449 0 0 2 0x40014200 softclock 73623 112030 0 0 3 0x40014200 idle0 1 138296 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10211 11265K 11656K 166960K 12906 0 pcb 18 19K 21K 166960K 395 0 rtable 191 7K 7K 166960K 518 0 pf 33 13K 268K 166960K 82 0 ifaddr 37 6K 7K 166960K 71 0 ifgroup 53 2K 2K 166960K 108 0 sysctl 4 1K 1K 166960K 4 0 counters 30 17K 17K 166960K 48 0 ioctlops 0 0K 4K 166960K 298 0 iov 0 0K 24K 166960K 166 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1530 96K 97K 166960K 2591 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 2K 13K 166960K 31 0 VM map 2 1K 1K 166960K 2 0 sem 17 16K 16K 166960K 54 0 dirhash 12 2K 3K 166960K 63 0 ACPI 1690 195K 286K 166960K 12468 0 file desc 18 65K 97K 166960K 1330 0 sigio 0 0K 0K 166960K 96 0 proc 51 50K 124K 166960K 628 0 subproc 104 6K 6K 166960K 118 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 2 0K 0K 166960K 179 0 in_multi 73 5K 7K 166960K 156 0 ether_multi 1 0K 0K 166960K 10 0 mrt 1 0K 0K 166960K 5 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 175 784K 784K 166960K 175 0 exec 0 0K 1K 166960K 595 0 fusefs mount 1 32K 32K 166960K 1 0 pfkey data 0 0K 0K 166960K 2 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 247 73K 86K 166960K 13597 0 UVM aobj 47 2K 4K 166960K 48 0 pinsyscall 38 76K 106K 166960K 2397 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 1K 166960K 78 0 NDP 11 0K 2K 166960K 49 0 temp 81 6816K 6956K 166960K 32644 0 kqueue 16 26K 30K 166960K 234 0 SYN cache 2 16K 16K 166960K 2 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle rtpcb 120 231 0 228 2 1 1 2 0 8 0 rtentry 112 153 0 68 4 0 4 4 0 8 0 unpcb 144 1397 0 1377 7 6 1 6 0 8 0 syncache 336 6 0 6 2 2 0 1 0 8 0 tcpqe 32 2 0 2 2 2 0 1 0 8 0 tcpcb 808 668 0 660 18 16 2 14 0 8 1 arp 88 25 0 8 1 0 1 1 0 8 0 ipq 40 5 0 0 1 0 1 1 0 8 0 ipqe 40 10 0 4 1 0 1 1 0 8 0 inpcb 336 1901 0 1883 28 17 11 13 0 8 8 nd6 104 39 0 15 1 0 1 1 0 8 0 pkpcb 40 12 0 12 3 2 1 1 0 8 1 kcovpl 48 9 0 1 1 0 1 1 0 8 0 ppxss 1072 11 0 11 2 1 1 1 0 8 1 pfstscr 40 2 0 2 1 1 0 1 0 8 0 pfstkey 128 1 0 1 1 1 0 1 0 8 0 pfstate 344 1 0 1 1 1 0 1 0 8 0 pfrule 1344 6 0 6 3 2 1 1 0 8 1 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 588 0 234 29 3 26 29 0 8 2 art_table 32 589 0 234 4 0 4 4 0 8 0 art_node 16 148 0 75 1 0 1 1 0 8 0 sysvmsgpl 40 8 0 5 1 0 1 1 0 8 0 semapl 112 46 0 31 1 0 1 1 0 8 0 shmpl 112 45 0 1 2 0 2 2 0 8 0 dirhash 1024 52 0 35 3 0 3 3 0 8 0 dino2pl 256 3937 0 2451 95 0 95 95 0 8 0 ffsino 240 3937 0 2451 89 0 89 89 0 8 0 nchpl 144 5866 0 4189 63 0 63 63 0 8 0 uvmvnodes 80 4715 0 0 97 0 97 97 0 8 0 vnodes 216 4715 0 0 262 0 262 262 0 8 0 namei 1024 20562 0 20562 6 4 2 2 0 8 2 kstatmem 264 58 0 36 2 0 2 2 0 8 0 acpiwqpl 32 1 0 1 1 0 1 1 1 8 1 scsiplug 72 5 0 5 2 1 1 1 0 8 1 scxspl 216 16393 0 16393 10 8 2 8 1 8 2 plimitpl 152 355 0 339 1 0 1 1 0 8 0 sigapl 424 1640 0 1592 8 2 6 8 0 8 0 futexpl 64 19933 0 19930 1 0 1 1 0 8 0 knotepl 120 55704 0 55656 25 16 9 10 0 8 7 kqueuepl 184 437 0 422 6 3 3 4 0 8 2 pipepl 288 281 0 253 8 3 5 5 0 8 2 fdescpl 432 1597 0 1567 5 1 4 5 0 8 0 filepl 120 11470 0 11198 21 8 13 15 0 8 2 lockfpl 104 367 0 364 1 0 1 1 0 8 0 lockfspl 48 129 0 126 1 0 1 1 0 8 0 sessionpl 144 26 0 19 1 0 1 1 0 8 0 pgrppl 48 42 0 27 1 0 1 1 0 8 0 ucredpl 104 2148 0 2137 1 0 1 1 0 8 0 zombiepl 144 1596 0 1592 2 1 1 1 0 8 0 processpl 1096 1640 0 1592 5 1 4 5 0 8 0 procpl 648 3404 0 3348 8 2 6 7 0 8 0 sosppl 168 8 0 8 2 1 1 1 0 8 1 sockpl 504 3565 0 3524 59 45 14 25 0 8 8 mcl64k 65536 13 0 13 3 2 1 1 0 8 1 mcl16k 16384 3 0 3 1 1 0 1 0 8 0 mcl9k 9216 1 0 1 1 1 0 1 0 8 0 mcl8k 8192 89 0 89 3 2 1 1 0 8 1 mcl4k 4096 4246 0 4195 19 11 8 18 0 8 1 mcl2k2 2112 2 0 2 1 1 0 1 0 8 0 mcl2k 2048 1409 0 1404 6 2 4 4 0 8 3 mtagpl 96 86 0 18 2 0 2 2 0 8 0 mbufpl 256 18379 0 18147 19 2 17 17 0 8 1 bufpl 280 4211 0 98 294 0 294 294 0 8 0 anonpl 24 296394 0 293004 83 38 45 58 0 187 19 amapchunkpl 152 45766 0 45200 38 10 28 28 0 158 4 amappl16 200 7598 0 7565 42 30 12 15 0 8 8 amappl15 192 14 0 14 1 1 0 1 0 8 0 amappl14 184 116 0 107 1 0 1 1 0 8 0 amappl13 176 9 0 9 3 2 1 1 0 8 1 amappl12 168 2236 0 2207 3 1 2 3 0 8 0 amappl11 160 48 0 38 1 0 1 1 0 8 0 amappl10 152 13 0 13 2 1 1 1 0 8 1 amappl9 144 119 0 119 1 1 0 1 0 8 0 amappl8 136 23 0 22 1 0 1 1 0 8 0 amappl7 128 103 0 94 1 0 1 1 0 8 0 amappl6 120 175 0 172 1 0 1 1 0 8 0 amappl5 112 141 0 131 1 0 1 1 0 8 0 amappl4 104 299 0 284 1 0 1 1 0 8 0 amappl3 96 8404 0 8299 3 0 3 3 0 8 0 amappl2 88 1879 0 1801 2 0 2 2 0 8 0 amappl1 80 11204 0 10715 15 3 12 15 0 8 0 amappl 88 13085 0 12889 5 0 5 5 0 92 0 dma16384 16384 1 0 1 1 1 0 1 0 8 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 7 0 7 2 2 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 19 0 18 1 0 1 1 0 8 0 aobjpl 72 47 0 1 1 0 1 1 0 8 0 uaddrrnd 24 1597 0 1567 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 1597 0 1567 1 0 1 1 0 8 0 vmmpekpl 168 13439 0 13396 3 0 3 3 0 8 0 vmmpepl 168 103362 0 101558 103 15 88 89 0 357 9 vmsppl 352 1596 0 1567 4 1 3 4 0 8 0 rwobjpl 24 34693 0 29075 34 0 34 34 0 8 0 pdppl 4096 3200 0 3134 114 48 66 82 0 8 0 pvpl 32 711443 0 702201 168 60 108 129 0 265 26 pmappl 216 1596 0 1567 3 1 2 3 0 8 0 extentpl 40 55 0 38 1 0 1 1 0 8 0 phpool 112 507 0 161 11 0 11 11 0 8 0 ddb> machine ddbcpu 0 No such command ddb> trace db_enter() at db_enter+0x25 sys/arch/amd64/amd64/db_interface.c:437 panic(ffffffff8308d27a) at panic+0x1cf sys/kern/subr_prf.c:198 uvm_fault_unwire_locked(fffffd80647e8018,20000000,20001000) at uvm_fault_unwire_locked+0x487 sys/uvm/uvm_fault.c:1663 uvm_fault_unwire(fffffd80647e8018,20000000,20001000) at uvm_fault_unwire+0x55 sys/uvm/uvm_fault.c:1623 kern_sysctl(ffff800037623394,2,20000100,ffff8000376233c8,0,37,7cadf0208be26528) at kern_sysctl+0xc4c sys_sysctl(ffff80002a4d1478,ffff800037623500,ffff800037623450) at sys_sysctl+0x425 syscall(ffff800037623500) at syscall+0x97e sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xc178c1a1a00, count: -8 ddb> machine ddbcpu 1 No such command ddb> trace db_enter() at db_enter+0x25 sys/arch/amd64/amd64/db_interface.c:437 panic(ffffffff8308d27a) at panic+0x1cf sys/kern/subr_prf.c:198 uvm_fault_unwire_locked(fffffd80647e8018,20000000,20001000) at uvm_fault_unwire_locked+0x487 sys/uvm/uvm_fault.c:1663 uvm_fault_unwire(fffffd80647e8018,20000000,20001000) at uvm_fault_unwire+0x55 sys/uvm/uvm_fault.c:1623 kern_sysctl(ffff800037623394,2,20000100,ffff8000376233c8,0,37,7cadf0208be26528) at kern_sysctl+0xc4c sys_sysctl(ffff80002a4d1478,ffff800037623500,ffff800037623450) at sys_sysctl+0x425 syscall(ffff800037623500) at syscall+0x97e sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xc178c1a1a00, count: -8