panic: uvm_fault_unwire_locked: address not in map Stopped at db_enter+0x25: addq $0x8,%rsp TID PID UID PRFLAGS PFLAGS CPU COMMAND *386837 15826 60929 0x10 0x4000000 0 syz-executor db_enter() at db_enter+0x25 sys/arch/amd64/amd64/db_interface.c:438 panic(ffffffff833cd76b) at panic+0x1cf sys/kern/subr_prf.c:198 uvm_fault_unwire_locked(fffffd806804f8b8,2000000a0000,2000000a1000) at uvm_fault_unwire_locked+0x4be uvm_fault_wire(fffffd806804f8b8,2000000a0000,2000000b1000,3) at uvm_fault_wire+0x12d uvm_fault_unwire sys/uvm/uvm_fault.c:1724 [inline] uvm_fault_wire(fffffd806804f8b8,2000000a0000,2000000b1000,3) at uvm_fault_wire+0x12d sys/uvm/uvm_fault.c:1706 uvm_vslock_device(ffff80002a86a2c8,2000000a0140,10000,3,ffff80002a7c8db8) at uvm_vslock_device+0x112 sys/uvm/uvm_glue.c:169 physio(ffffffff818fa9b0,d02,8000,ffffffff818fb200,ffff80002a7c9110) at physio+0x257 sys/kern/kern_physio.c:139 spec_read(ffff80002a7c8ef0) at spec_read+0x142 sys/kern/spec_vnops.c:215 VOP_READ(fffffd806dc3b8c0,ffff80002a7c9110,0,fffffd8007bfd548) at VOP_READ+0x101 sys/kern/vfs_vops.c:227 vn_read(fffffd806808bc48,ffff80002a7c9110,1) at vn_read+0x16d sys/kern/vfs_vnops.c:369 dofilereadv(ffff80002a86a2c8,4,ffff80002a7c9110,1,ffff80002a7c91c0) at dofilereadv+0x25a sys/kern/sys_generic.c:252 sys_preadv(ffff80002a86a2c8,ffff80002a7c9270,ffff80002a7c91c0) at sys_preadv+0xe3 sys/kern/vfs_syscalls.c:3336 syscall(ffff80002a7c9270) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80002a7c9270) at syscall+0x962 sys/arch/amd64/amd64/trap.c:775 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xdd218d2a4a0, count: 2 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic *cpu0: uvm_fault_unwire_locked: address not in map ddb> trace db_enter() at db_enter+0x25 sys/arch/amd64/amd64/db_interface.c:438 panic(ffffffff833cd76b) at panic+0x1cf sys/kern/subr_prf.c:198 uvm_fault_unwire_locked(fffffd806804f8b8,2000000a0000,2000000a1000) at uvm_fault_unwire_locked+0x4be uvm_fault_wire(fffffd806804f8b8,2000000a0000,2000000b1000,3) at uvm_fault_wire+0x12d uvm_fault_unwire sys/uvm/uvm_fault.c:1724 [inline] uvm_fault_wire(fffffd806804f8b8,2000000a0000,2000000b1000,3) at uvm_fault_wire+0x12d sys/uvm/uvm_fault.c:1706 uvm_vslock_device(ffff80002a86a2c8,2000000a0140,10000,3,ffff80002a7c8db8) at uvm_vslock_device+0x112 sys/uvm/uvm_glue.c:169 physio(ffffffff818fa9b0,d02,8000,ffffffff818fb200,ffff80002a7c9110) at physio+0x257 sys/kern/kern_physio.c:139 spec_read(ffff80002a7c8ef0) at spec_read+0x142 sys/kern/spec_vnops.c:215 VOP_READ(fffffd806dc3b8c0,ffff80002a7c9110,0,fffffd8007bfd548) at VOP_READ+0x101 sys/kern/vfs_vops.c:227 vn_read(fffffd806808bc48,ffff80002a7c9110,1) at vn_read+0x16d sys/kern/vfs_vnops.c:369 dofilereadv(ffff80002a86a2c8,4,ffff80002a7c9110,1,ffff80002a7c91c0) at dofilereadv+0x25a sys/kern/sys_generic.c:252 sys_preadv(ffff80002a86a2c8,ffff80002a7c9270,ffff80002a7c91c0) at sys_preadv+0xe3 sys/kern/vfs_syscalls.c:3336 syscall(ffff80002a7c9270) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80002a7c9270) at syscall+0x962 sys/arch/amd64/amd64/trap.c:775 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xdd218d2a4a0, count: -13 ddb> show registers rdi 0 rsi 0x1 rbp 0xffff80002a7c8b10 rbx 0x3 rdx 0xffff80000149d940 rcx 0 rax 0xffff80002a86a2c8 r8 0x101010101010101 r9 0x8080808080808080 r10 0x8f5d5de1919390ee r11 0x3a4d3197335b79c0 r12 0 r13 0x7f7fffffc000 r14 0 r15 0x1 rip 0xffffffff81744d05 db_enter+0x25 cs 0x8 rflags 0x246 rsp 0xffff80002a7c8b00 ss 0x10 db_enter+0x25: addq $0x8,%rsp ddb> show proc PROC (syz-executor) tid=386837 pid=15826 tcnt=4 stat=onproc flags process=10 proc=4000000 runpri=36, usrpri=82, slppri=36, nice=20 wchan=0x0, wmesg=, ps_single=0x0 scnt=0 ecnt=0 forw=0xffffffffffffffff, list=0xffff80002a86a560,0xffff8000310f0028 process=0xffff8000ffff8918 user=0xffff80002a7c4000, vmspace=0xfffffd806804f8b8 estcpu=32, cpticks=1, pctcpu=0.0, user=0, sys=1, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 30342 31075 41437 0 2 0 syz-executor 30342 216877 41437 0 3 0x4000080 fsleep syz-executor 30342 229409 41437 0 3 0x4000080 fsleep syz-executor 51170 56479 19898 0 2 0 syz-executor 51170 463387 19898 0 3 0x4000080 fsleep syz-executor 31563 428978 77887 0 2 0 syz-executor 31563 417748 77887 0 3 0x4000080 fsleep syz-executor 65322 304957 39871 0 2 0 syz-executor 65322 198186 39871 0 3 0x4000080 fsleep syz-executor 56548 145728 82140 0 2 0 syz-executor 56548 371875 82140 0 3 0x4000080 fsleep syz-executor 56548 473862 82140 0 3 0x4000080 fsleep syz-executor 56548 239259 82140 0 3 0x4000080 fsleep syz-executor 21928 140340 58717 0 2 0 syz-executor 21928 167213 58717 0 3 0x4000080 msgwait syz-executor 21928 369172 58717 0 3 0x4000080 fsleep syz-executor 15826 130884 74731 60929 2 0x10 syz-executor 15826 293385 74731 60929 2 0x4000010 syz-executor *15826 386837 74731 60929 7 0x4000010 syz-executor 15826 348993 74731 60929 2 0x4000010 syz-executor 90756 439042 1 0 3 0x100083 ttyin getty 74731 250079 64654 0 3 0x82 nanoslp syz-executor 82140 298579 64654 0 3 0x82 nanoslp syz-executor 81555 333167 64654 0 3 0x82 nanoslp syz-executor 41437 125869 64654 0 3 0x82 nanoslp syz-executor 77887 474042 64654 0 3 0x82 nanoslp syz-executor 39871 121216 64654 0 3 0x82 nanoslp syz-executor 58717 17050 64654 0 3 0x82 nanoslp syz-executor 19898 289149 64654 0 3 0x82 nanoslp syz-executor 64654 101995 76769 0 3 0x82 kqread syz-executor 76769 299085 52369 0 3 0x10008a sigsusp ksh 52369 421768 20572 0 3 0x98 kqread sshd-session 20572 301876 28982 0 3 0x92 kqread sshd-session 28982 179718 1 0 3 0x88 kqread sshd 71006 172540 1184 73 3 0x1100090 kqread syslogd 1184 487013 1 0 3 0x100082 sbwait syslogd 3528 304214 1 0 3 0x100080 kqread resolvd 39892 29378 70124 77 3 0x100092 kqread dhcpleased 61589 420421 70124 77 3 0x100092 kqread dhcpleased 70124 253240 1 0 3 0x80 kqread dhcpleased 93586 154078 0 0 3 0x14200 bored smr 47065 51488 0 0 2 0x14200 zerothread 54889 174727 0 0 3 0x14200 aiodoned aiodoned 37090 211607 0 0 3 0x14200 syncer update 13471 276372 0 0 3 0x14200 cleaner cleaner 39760 144034 0 0 3 0x14200 reaper reaper 40325 33172 0 0 3 0x14200 pgdaemon pagedaemon 35851 186040 0 0 3 0x14200 bored viomb 78009 291033 0 0 3 0x40014200 acpi0 acpi0 83676 269254 0 0 3 0x14200 bored softnet0 28811 337406 0 0 3 0x14200 bored systqmp 91853 169197 0 0 3 0x14200 bored systq 88371 385917 0 0 3 0x40014200 tmoslp softclock 29480 236638 0 0 3 0x40014200 idle0 1 117422 0 0 3 0x82 wait init 0 0 -1 0 3 0x10010200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10184 11174K 12227K 166960K 13304 0 pcb 18 16K 17K 166960K 264 0 rtable 223 8K 9K 166960K 499 0 pf 33 13K 16K 166960K 103 0 ifaddr 42 7K 9K 166960K 86 0 ifgroup 51 2K 2K 166960K 130 0 sysctl 4 1K 9K 166960K 11 0 counters 33 17K 18K 166960K 73 0 ioctlops 0 0K 4K 166960K 302 0 iov 1 12K 24K 166960K 132 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1445 91K 91K 166960K 2412 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 2K 5K 166960K 6 0 VM map 2 1K 1K 166960K 2 0 sem 12 1K 1K 166960K 26 0 dirhash 12 2K 2K 166960K 21 0 ACPI 1692 195K 286K 166960K 12470 0 file desc 18 65K 240K 166960K 1007 0 sigio 0 0K 0K 166960K 9 0 proc 60 59K 91K 166960K 595 0 subproc 72 4K 4K 166960K 81 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 0 0K 0K 166960K 227 0 in_multi 88 6K 7K 166960K 162 0 ether_multi 1 0K 0K 166960K 17 0 mrt 2 0K 0K 166960K 8 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 109 493K 493K 166960K 109 0 exec 0 0K 1K 166960K 505 0 fusefs mount 1 32K 32K 166960K 1 0 pfkey data 0 0K 0K 166960K 3 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 244 159K 175K 166960K 10687 0 UVM aobj 30 8K 10K 166960K 34 0 pinsyscall 39 78K 94K 166960K 2118 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 0K 166960K 50 0 NDP 11 0K 2K 166960K 53 0 temp 57 8667K 8915K 166960K 35774 0 kqueue 13 20K 28K 166960K 179 0 SYN cache 2 16K 16K 166960K 2 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle rtpcb 120 131 0 128 2 0 2 2 0 8 1 rtentry 136 144 0 53 4 0 4 4 0 8 0 unpcb 144 645 0 630 4 0 4 4 0 8 3 syncache 336 7 0 7 2 1 1 1 0 8 1 tcpqe 32 5 0 5 1 1 0 1 0 8 0 tcpcb 736 291 0 283 7 3 4 4 0 8 3 arp 96 21 0 4 1 0 1 1 0 8 0 ipq 40 5 0 3 1 0 1 1 0 8 0 ipqe 40 73 0 71 1 0 1 1 0 8 0 inpcb 328 1047 0 1034 12 5 7 7 0 8 5 ip6q 72 3 0 1 1 0 1 1 0 8 0 ip6af 40 4 0 2 1 0 1 1 0 8 0 nd6 112 32 0 10 1 0 1 1 0 8 0 pkpcb 40 8 0 8 2 1 1 1 0 8 1 kcovpl 48 9 0 1 1 0 1 1 0 8 0 ppxss 1072 28 0 28 2 1 1 1 0 8 1 pppxif 1384 7 0 7 2 1 1 1 0 8 1 pfstscr 40 65 0 65 1 1 0 1 0 8 0 pfrktable 1344 1 0 1 1 1 0 1 0 8 0 pfstitem 24 2 0 0 1 0 1 1 0 8 0 pfstkey 128 67 0 65 1 0 1 1 0 8 0 pfstate 384 66 0 65 1 0 1 1 0 8 0 rttmr 136 1 0 1 1 0 1 1 0 8 1 art_heap8 4096 2 0 0 2 0 2 2 0 8 0 art_heap4 256 645 0 273 30 0 30 30 0 8 4 art_table 40 647 0 273 5 0 5 5 0 8 0 art_node 32 144 0 64 1 0 1 1 0 8 0 sysvmsgpl 40 54 0 50 1 0 1 1 0 8 0 semapl 112 23 0 13 1 0 1 1 0 8 0 shmpl 112 27 0 2 1 0 1 1 0 8 0 dirhash 1024 23 0 6 3 0 3 3 0 8 0 dino2pl 256 3354 0 1859 95 0 95 95 0 8 0 ffsino 256 3354 0 1859 95 0 95 95 0 8 0 nchpl 144 4759 0 3063 65 1 64 64 0 8 0 rtmask 32 4 0 4 2 1 1 1 0 8 1 vnodes 216 2310 0 0 129 0 129 129 0 8 0 namei 1024 16032 0 16032 4 2 2 2 0 8 2 vcpupl 3904 2 0 0 1 0 1 1 0 8 0 vmpool 808 4 0 2 1 0 1 1 0 8 0 kstatmem 264 70 0 48 2 0 2 2 0 8 0 scsiplug 72 2 0 2 1 0 1 1 0 8 1 scxspl 216 14645 0 14645 9 7 2 8 1 8 2 plimitpl 152 477 0 459 1 0 1 1 0 8 0 sigapl 424 1285 0 1242 7 1 6 6 0 8 1 knotepl 120 67226 0 67179 17 7 10 10 0 8 8 kqueuepl 184 426 0 417 4 3 1 4 0 8 0 pipepl 304 207 0 179 5 2 3 5 0 8 0 fdescpl 448 1267 0 1237 5 1 4 5 0 8 0 filepl 120 8044 0 7827 12 2 10 10 0 8 0 lockfpl 104 467 0 465 3 1 2 2 0 8 1 lockfspl 48 123 0 121 1 0 1 1 0 8 0 sessionpl 144 28 0 20 1 0 1 1 0 8 0 pgrppl 48 43 0 27 1 0 1 1 0 8 0 ucredpl 104 1580 0 1568 1 0 1 1 0 8 0 zombiepl 144 1552 0 1551 2 1 1 1 0 8 0 processpl 1152 1285 0 1242 4 0 4 4 0 8 0 procpl 664 2716 0 2660 7 1 6 6 0 8 0 sosppl 176 1 0 1 1 0 1 1 0 8 1 sockpl 552 1858 0 1827 11 3 8 8 0 8 4 mcl64k 65536 200 0 200 2 1 1 1 0 8 1 mcl16k 16384 1 0 1 1 0 1 1 0 8 1 mcl9k 9216 4 0 4 2 1 1 1 0 8 1 mcl8k 8192 13 0 13 2 1 1 1 0 8 1 mcl4k 4096 3582 0 3530 15 7 8 15 0 8 0 mcl2k 2048 1517 0 1511 3 1 2 2 0 8 0 mtagpl 96 125 0 7 3 0 3 3 0 8 0 mbufpl 256 14572 0 14276 92 62 30 84 0 8 8 bufpl 280 5392 0 120 377 0 377 377 0 8 0 anonpl 24 179428 0 176109 70 25 45 46 0 187 18 amapchunkpl 152 36548 0 36033 47 15 32 34 0 158 9 amappl16 200 2484 0 2443 24 12 12 15 0 8 8 amappl15 192 47 0 47 1 1 0 1 0 8 0 amappl14 184 32 0 32 1 1 0 1 0 8 0 amappl13 176 417 0 416 1 0 1 1 0 8 0 amappl12 168 1626 0 1587 2 0 2 2 0 8 0 amappl11 160 3 0 3 1 1 0 1 0 8 0 amappl10 152 88 0 78 1 0 1 1 0 8 0 amappl9 144 254 0 254 1 1 0 1 0 8 0 amappl8 136 38 0 37 1 0 1 1 0 8 0 amappl7 128 79 0 77 1 0 1 1 0 8 0 amappl6 120 297 0 285 1 0 1 1 0 8 0 amappl5 112 68 0 60 1 0 1 1 0 8 0 amappl4 104 411 0 384 1 0 1 1 0 8 0 amappl3 96 7125 0 7010 4 0 4 4 0 8 0 amappl2 88 559 0 504 2 0 2 2 0 8 0 amappl1 80 13144 0 12596 14 1 13 14 0 8 0 amappl 88 9769 0 9596 6 1 5 5 0 92 0 uvmvnodes 80 121 0 0 3 0 3 3 0 8 0 dma65536 65536 1 0 1 1 0 1 1 0 8 1 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 254 0 254 2 1 1 1 0 8 1 dma64 64 7 0 7 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 33 0 4 1 0 1 1 0 8 0 uaddrrnd 24 1267 0 1237 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 1267 0 1237 1 0 1 1 0 8 0 vmmpekpl 168 11707 0 11665 3 0 3 3 0 8 0 vmmpepl 168 85714 0 83840 100 8 92 92 0 357 7 vmsppl 368 1266 0 1237 4 1 3 4 0 8 0 rwobjpl 40 23595 0 22570 14 1 13 13 0 8 1 pdppl 4096 2548 0 2480 106 38 68 82 0 8 0 pvpl 32 538711 0 529616 154 33 121 121 0 265 29 pmappl 216 1270 0 1239 3 0 3 3 0 8 0 extentpl 40 45 0 27 1 0 1 1 0 8 0 phpool 112 473 0 120 12 0 12 12 0 8 0 ddb> machine ddbcpu 0 No such command ddb> trace db_enter() at db_enter+0x25 sys/arch/amd64/amd64/db_interface.c:438 panic(ffffffff833cd76b) at panic+0x1cf sys/kern/subr_prf.c:198 uvm_fault_unwire_locked(fffffd806804f8b8,2000000a0000,2000000a1000) at uvm_fault_unwire_locked+0x4be uvm_fault_wire(fffffd806804f8b8,2000000a0000,2000000b1000,3) at uvm_fault_wire+0x12d uvm_fault_unwire sys/uvm/uvm_fault.c:1724 [inline] uvm_fault_wire(fffffd806804f8b8,2000000a0000,2000000b1000,3) at uvm_fault_wire+0x12d sys/uvm/uvm_fault.c:1706 uvm_vslock_device(ffff80002a86a2c8,2000000a0140,10000,3,ffff80002a7c8db8) at uvm_vslock_device+0x112 sys/uvm/uvm_glue.c:169 physio(ffffffff818fa9b0,d02,8000,ffffffff818fb200,ffff80002a7c9110) at physio+0x257 sys/kern/kern_physio.c:139 spec_read(ffff80002a7c8ef0) at spec_read+0x142 sys/kern/spec_vnops.c:215 VOP_READ(fffffd806dc3b8c0,ffff80002a7c9110,0,fffffd8007bfd548) at VOP_READ+0x101 sys/kern/vfs_vops.c:227 vn_read(fffffd806808bc48,ffff80002a7c9110,1) at vn_read+0x16d sys/kern/vfs_vnops.c:369 dofilereadv(ffff80002a86a2c8,4,ffff80002a7c9110,1,ffff80002a7c91c0) at dofilereadv+0x25a sys/kern/sys_generic.c:252 sys_preadv(ffff80002a86a2c8,ffff80002a7c9270,ffff80002a7c91c0) at sys_preadv+0xe3 sys/kern/vfs_syscalls.c:3336 syscall(ffff80002a7c9270) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80002a7c9270) at syscall+0x962 sys/arch/amd64/amd64/trap.c:775 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xdd218d2a4a0, count: -13 ddb> machine ddbcpu 1 No such command ddb> trace db_enter() at db_enter+0x25 sys/arch/amd64/amd64/db_interface.c:438 panic(ffffffff833cd76b) at panic+0x1cf sys/kern/subr_prf.c:198 uvm_fault_unwire_locked(fffffd806804f8b8,2000000a0000,2000000a1000) at uvm_fault_unwire_locked+0x4be uvm_fault_wire(fffffd806804f8b8,2000000a0000,2000000b1000,3) at uvm_fault_wire+0x12d uvm_fault_unwire sys/uvm/uvm_fault.c:1724 [inline] uvm_fault_wire(fffffd806804f8b8,2000000a0000,2000000b1000,3) at uvm_fault_wire+0x12d sys/uvm/uvm_fault.c:1706 uvm_vslock_device(ffff80002a86a2c8,2000000a0140,10000,3,ffff80002a7c8db8) at uvm_vslock_device+0x112 sys/uvm/uvm_glue.c:169 physio(ffffffff818fa9b0,d02,8000,ffffffff818fb200,ffff80002a7c9110) at physio+0x257 sys/kern/kern_physio.c:139 spec_read(ffff80002a7c8ef0) at spec_read+0x142 sys/kern/spec_vnops.c:215 VOP_READ(fffffd806dc3b8c0,ffff80002a7c9110,0,fffffd8007bfd548) at VOP_READ+0x101 sys/kern/vfs_vops.c:227 vn_read(fffffd806808bc48,ffff80002a7c9110,1) at vn_read+0x16d sys/kern/vfs_vnops.c:369 dofilereadv(ffff80002a86a2c8,4,ffff80002a7c9110,1,ffff80002a7c91c0) at dofilereadv+0x25a sys/kern/sys_generic.c:252 sys_preadv(ffff80002a86a2c8,ffff80002a7c9270,ffff80002a7c91c0) at sys_preadv+0xe3 sys/kern/vfs_syscalls.c:3336 syscall(ffff80002a7c9270) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80002a7c9270) at syscall+0x962 sys/arch/amd64/amd64/trap.c:775 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xdd218d2a4a0, count: -13