uvm_fault(0xfffffd80700d75a8, 0x18, 0, 1) -> e kernel: page fault trap, code=0 Stopped at mtx_enter+0x59: movq 0(%r14),%rax TID PID UID PRFLAGS PFLAGS CPU COMMAND *511526 46979 0 0 0x4000000 0 syz-executor mtx_enter(18) at mtx_enter+0x59 sys/kern/kern_lock.c:335 clockintr_unbind(ffff8000014cc130,1) at clockintr_unbind+0x56 sys/kern/kern_clockintr.c:375 dt_ioctl_record_stop(ffff800001480300) at dt_ioctl_record_stop+0xbc sys/dev/dt/dt_dev.c:576 dtclose(11e5f,81,2000,ffff80003c986028) at dtclose+0xd5 dt_pcb_purge sys/dev/dt/dt_dev.c:-1 [inline] dtclose(11e5f,81,2000,ffff80003c986028) at dtclose+0xd5 sys/dev/dt/dt_dev.c:232 spec_close(ffff80003993b2c0) at spec_close+0x45f sys/kern/spec_vnops.c:-1 VOP_CLOSE(fffffd806e19bc18,81,fffffd8007bfb820,ffff80003c986028) at VOP_CLOSE+0x12a sys/kern/vfs_vops.c:156 vn_closefile(fffffd806c6dfe20,ffff80003c986028) at vn_closefile+0x11d vn_close sys/kern/vfs_vnops.c:292 [inline] vn_closefile(fffffd806c6dfe20,ffff80003c986028) at vn_closefile+0x11d sys/kern/vfs_vnops.c:615 fdrop(fffffd806c6dfe20,ffff80003c986028) at fdrop+0x126 sys/kern/kern_descrip.c:1267 sys_ioctl(ffff80003c986028,ffff80003993b5d0,ffff80003993b520) at sys_ioctl+0x6b7 sys/kern/sys_generic.c:516 syscall(ffff80003993b5d0) at syscall+0x97e mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80003993b5d0) at syscall+0x97e sys/arch/amd64/amd64/trap.c:637 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x42b41b73620, count: 4 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic *cpu0: uvm_fault(0xfffffd80700d75a8, 0x18, 0, 1) -> e ddb> trace mtx_enter(18) at mtx_enter+0x59 sys/kern/kern_lock.c:335 clockintr_unbind(ffff8000014cc130,1) at clockintr_unbind+0x56 sys/kern/kern_clockintr.c:375 dt_ioctl_record_stop(ffff800001480300) at dt_ioctl_record_stop+0xbc sys/dev/dt/dt_dev.c:576 dtclose(11e5f,81,2000,ffff80003c986028) at dtclose+0xd5 dt_pcb_purge sys/dev/dt/dt_dev.c:-1 [inline] dtclose(11e5f,81,2000,ffff80003c986028) at dtclose+0xd5 sys/dev/dt/dt_dev.c:232 spec_close(ffff80003993b2c0) at spec_close+0x45f sys/kern/spec_vnops.c:-1 VOP_CLOSE(fffffd806e19bc18,81,fffffd8007bfb820,ffff80003c986028) at VOP_CLOSE+0x12a sys/kern/vfs_vops.c:156 vn_closefile(fffffd806c6dfe20,ffff80003c986028) at vn_closefile+0x11d vn_close sys/kern/vfs_vnops.c:292 [inline] vn_closefile(fffffd806c6dfe20,ffff80003c986028) at vn_closefile+0x11d sys/kern/vfs_vnops.c:615 fdrop(fffffd806c6dfe20,ffff80003c986028) at fdrop+0x126 sys/kern/kern_descrip.c:1267 sys_ioctl(ffff80003c986028,ffff80003993b5d0,ffff80003993b520) at sys_ioctl+0x6b7 sys/kern/sys_generic.c:516 syscall(ffff80003993b5d0) at syscall+0x97e mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80003993b5d0) at syscall+0x97e sys/arch/amd64/amd64/trap.c:637 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x42b41b73620, count: -11 ddb> show registers rdi 0 rsi 0 rbp 0xffff80003993b170 rbx 0xffffffff82610d90 dtclose rdx 0 rcx 0xffff80003c986028 rax 0xffff80003c986028 r8 0x88 r9 0 r10 0xf95713a100752a23 r11 0xedb4088560426536 r12 0 r13 0 r14 0x18 r15 0 rip 0xffffffff81ee8129 mtx_enter+0x59 cs 0x8 rflags 0x10246 __ALIGN_SIZE+0xf246 rsp 0xffff80003993b140 ss 0x10 mtx_enter+0x59: movq 0(%r14),%rax ddb> show proc PROC (syz-executor) tid=511526 pid=46979 tcnt=3 stat=onproc flags process=0 proc=4000000 runpri=50, usrpri=50, slppri=32, nice=20 wchan=0x0, wmesg=, ps_single=0x0 scnt=0 ecnt=0 forw=0xffffffffffffffff, list=0xffff80003c986cf8,0xffff80003c986f98 process=0xffff800036914018 user=0xffff800039936000, vmspace=0xfffffd80700d75a8 estcpu=36, cpticks=0, pctcpu=0.0, user=0, sys=0, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 46979 221444 4909 0 2 0 syz-executor *46979 511526 4909 0 7 0x4000000 syz-executor 46979 370805 4909 0 3 0x4000080 fsleep syz-executor 83608 332392 57923 0 3 0x80 fsleep syz-executor 83608 303020 57923 0 3 0x4000080 ttyin syz-executor 21049 252302 22960 0 3 0x80 fsleep syz-executor 21049 506909 22960 0 3 0x4000080 fsleep syz-executor 21049 378883 22960 0 3 0x4000080 fsleep syz-executor 21049 406511 22960 0 3 0x4000080 fifor syz-executor 35687 361438 2647 0 3 0x80 fsleep syz-executor 35687 461431 2647 0 3 0x4000080 sbwait syz-executor 76799 490375 54168 0 3 0x80 fsleep syz-executor 76799 336330 54168 0 3 0x4000080 tunread syz-executor 83364 315300 67724 0 3 0x80 fsleep syz-executor 83364 387553 67724 0 3 0x4000080 ttyin syz-executor 7216 162291 45926 0 3 0x80 fsleep syz-executor 7216 188401 45926 0 3 0x4000080 kqread syz-executor 62607 107359 0 0 3 0x14200 acct acct 4909 328394 56910 0 3 0x82 nanoslp syz-executor 2647 156011 56910 0 2 0xc82 syz-executor 72848 249864 1 0 3 0x100083 ttyin getty 77571 263641 0 0 3 0x14200 bored sosplice 22960 172520 56910 0 3 0x82 nanoslp syz-executor 54168 519965 56910 0 3 0x82 nanoslp syz-executor 14326 400055 56910 0 2 0x2 syz-executor 57923 67550 56910 0 3 0x82 nanoslp syz-executor 45926 112379 56910 0 2 0xc82 syz-executor 67724 73241 56910 0 2 0xc82 syz-executor 56910 56350 23618 0 3 0x82 kqread syz-executor 23618 262132 19503 0 3 0x10008a sigsusp ksh 19503 8614 90615 0 3 0x98 kqread sshd-session 90615 433009 47406 0 3 0x92 kqread sshd-session 47406 62722 1 0 3 0x88 kqread sshd 86053 493952 88545 73 3 0x1100090 kqread syslogd 88545 489691 1 0 3 0x100082 sbwait syslogd 25439 244190 1 0 3 0x100080 kqread resolvd 10676 432768 53877 77 3 0x100092 kqread dhcpleased 709 511956 53877 77 3 0x100092 kqread dhcpleased 53877 99967 1 0 3 0x80 kqread dhcpleased 37868 2092 0 0 3 0x14200 bored smr 9009 97469 0 0 2 0x14200 zerothread 19279 289705 0 0 3 0x14200 aiodoned aiodoned 58355 508110 0 0 3 0x14200 syncer update 24666 67806 0 0 3 0x14200 cleaner cleaner 72904 521702 0 0 3 0x14200 reaper reaper 38496 66603 0 0 3 0x14200 pgdaemon pagedaemon 36791 43682 0 0 3 0x14200 bored viomb 33998 267912 0 0 3 0x40014200 acpi0 acpi0 153 129849 0 0 3 0x14200 bored softnet3 37363 306934 0 0 3 0x14200 bored softnet2 75993 442696 0 0 3 0x14200 bored softnet1 82594 82211 0 0 2 0x14200 softnet0 74772 416452 0 0 3 0x14200 bored systqmp 32207 204663 0 0 3 0x14200 bored systq 49147 253679 0 0 2 0x40014200 softclock 37495 453186 0 0 3 0x40014200 idle0 1 500568 0 0 3 0x82 wait init 0 0 -1 0 3 0x10010200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10190 11122K 11582K 166960K 14332 0 pcb 17 15K 17K 166960K 387 0 rtable 218 10K 11K 166960K 660 0 pf 34 13K 17K 166960K 189 0 ifaddr 39 7K 8K 166960K 113 0 ifgroup 51 2K 2K 166960K 195 0 sysctl 4 1K 9K 166960K 18 0 counters 32 17K 18K 166960K 98 0 ioctlops 0 0K 4K 166960K 441 0 iov 1 2K 36K 166960K 160 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1399 88K 88K 166960K 3238 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 3 5K 9K 166960K 31 0 VM map 2 1K 1K 166960K 2 0 sem 31 10K 11K 166960K 72 0 dirhash 12 2K 2K 166960K 39 0 ACPI 1692 195K 286K 166960K 12470 0 file desc 17 61K 85K 166960K 1873 0 sigio 0 0K 0K 166960K 45 0 proc 60 59K 83K 166960K 717 0 subproc 72 4K 4K 166960K 90 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 2 0K 0K 166960K 222 0 in_multi 89 6K 7K 166960K 189 0 ether_multi 1 0K 0K 166960K 18 0 mrt 1 0K 0K 166960K 22 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 97 440K 440K 166960K 97 0 exec 0 0K 1K 166960K 650 0 fusefs mount 1 32K 32K 166960K 1 0 pfkey data 0 0K 0K 166960K 1 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 231 152K 168K 166960K 18066 0 UVM aobj 95 3K 4K 166960K 100 0 pinsyscall 38 76K 91K 166960K 2969 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 0K 166960K 81 0 NDP 11 0K 2K 166960K 75 0 temp 81 8689K 8766K 166960K 84396 0 kqueue 14 22K 31K 166960K 316 0 SYN cache 2 16K 16K 166960K 2 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle rtpcb 120 141 0 138 1 0 1 1 0 8 0 rtentry 136 187 0 95 4 0 4 4 0 8 0 unpcb 144 1406 0 1387 9 3 6 6 0 8 5 syncache 336 4 0 4 2 1 1 1 0 8 1 tcpcb 736 794 0 790 10 3 7 7 0 8 6 arp 88 30 0 13 1 0 1 1 0 8 0 ipq 40 6 0 4 1 0 1 1 0 8 0 ipqe 40 6 0 4 1 0 1 1 0 8 0 inpcb 328 2186 0 2178 16 7 9 12 0 8 8 ip6q 72 43 0 40 1 0 1 1 0 8 0 ip6af 40 83 0 80 1 0 1 1 0 8 0 nd6 104 40 0 14 1 0 1 1 0 8 0 pkpcb 40 6 0 6 2 1 1 1 0 8 1 kcovpl 48 10 0 2 1 0 1 1 0 8 0 ppxss 1072 46 0 46 2 1 1 1 0 8 1 pppxif 1384 9 0 9 2 1 1 1 0 8 1 pfosfp 40 1 0 0 1 0 1 1 0 8 0 pfosfpen 112 1 0 0 1 0 1 1 0 8 0 pfrktable 1344 2 0 2 2 1 1 1 0 8 1 pfanchor 1288 2 0 0 1 0 1 1 0 8 0 pftag 88 2 0 1 1 0 1 1 0 8 0 pfqueue 320 1 0 0 1 0 1 1 0 8 0 pfrule 1344 8 0 7 1 0 1 1 0 8 0 rttmr 136 6 0 6 2 1 1 1 0 8 1 art_heap8 4096 4 0 0 4 0 4 4 0 8 0 art_heap4 256 944 0 522 35 4 31 31 0 8 4 art_table 32 948 0 522 5 0 5 5 0 8 0 art_node 16 182 0 101 1 0 1 1 0 8 0 sysvmsgpl 40 9 0 5 1 0 1 1 0 8 0 semupl 112 4 0 4 2 1 1 1 0 8 1 semapl 112 67 0 38 1 0 1 1 0 8 0 shmpl 112 97 0 5 3 0 3 3 0 8 0 dirhash 1024 35 0 18 3 0 3 3 0 8 0 dino2pl 256 4921 0 3424 95 0 95 95 0 8 0 ffsino 248 4921 0 3424 95 0 95 95 0 8 0 nchpl 144 7498 0 5810 63 0 63 63 0 8 0 rtmask 32 4 0 4 1 0 1 1 0 8 1 uvmvnodes 80 3446 0 0 71 0 71 71 0 8 0 vnodes 216 3446 0 0 192 0 192 192 0 8 0 namei 1024 25089 0 25088 3 2 1 2 0 8 0 kstatmem 264 110 0 88 2 0 2 2 0 8 0 acpiwqpl 32 3 0 3 1 0 1 1 1 8 1 scsiplug 72 14 0 14 2 1 1 1 0 8 1 scxspl 216 24250 0 24250 9 7 2 8 1 8 2 plimitpl 152 362 0 345 1 0 1 1 0 8 0 sigapl 424 2177 0 2130 8 0 8 8 0 8 1 knotepl 120 268349 0 268222 29 17 12 16 0 8 7 kqueuepl 184 641 0 631 4 0 4 4 0 8 3 pipepl 296 391 0 364 13 5 8 8 0 8 5 fdescpl 440 2136 0 2107 4 0 4 4 0 8 0 filepl 120 13962 0 13744 20 6 14 15 0 8 6 lockfpl 104 785 0 782 1 0 1 1 0 8 0 lockfspl 48 343 0 340 1 0 1 1 0 8 0 sessionpl 144 26 0 18 1 0 1 1 0 8 0 pgrppl 48 91 0 75 1 0 1 1 0 8 0 ucredpl 104 2418 0 2407 1 0 1 1 0 8 0 zombiepl 144 2688 0 2688 1 0 1 1 0 8 1 processpl 1160 2177 0 2130 5 0 5 5 0 8 1 procpl 656 4791 0 4734 7 0 7 7 0 8 0 sosppl 168 7 0 7 2 1 1 1 0 8 1 sockpl 528 3802 0 3771 17 7 10 11 0 8 7 mcl64k 65536 53 0 52 2 1 1 1 0 8 0 mcl16k 16384 2 0 2 1 0 1 1 0 8 1 mcl12k 12288 3 0 3 2 1 1 1 0 8 1 mcl9k 9216 2 0 2 1 0 1 1 0 8 1 mcl8k 8192 19 0 19 2 1 1 1 0 8 1 mcl4k 4096 4805 0 4750 15 7 8 14 0 8 1 mcl2k2 2112 8 0 8 2 1 1 1 0 8 1 mcl2k 2048 1816 0 1808 8 0 8 8 0 8 6 mtagpl 96 65 0 22 2 0 2 2 0 8 0 mbufpl 256 21901 0 21725 37 16 21 26 0 8 8 bufpl 280 7033 0 806 445 0 445 445 0 8 0 anonpl 24 304950 0 297860 100 7 93 93 0 187 32 amapchunkpl 152 62208 0 61660 49 11 38 38 0 158 15 amappl16 200 5834 0 5629 42 14 28 37 0 8 8 amappl15 192 10 0 10 2 1 1 1 0 8 1 amappl14 184 116 0 106 1 0 1 1 0 8 0 amappl13 176 6 0 6 2 1 1 1 0 8 1 amappl12 168 2789 0 2760 2 0 2 2 0 8 0 amappl11 160 48 0 38 1 0 1 1 0 8 0 amappl10 152 7 0 7 1 1 0 1 0 8 0 amappl9 144 243 0 243 1 1 0 1 0 8 0 amappl8 136 30 0 28 1 0 1 1 0 8 0 amappl7 128 107 0 96 1 0 1 1 0 8 0 amappl6 120 223 0 219 1 0 1 1 0 8 0 amappl5 112 137 0 130 1 0 1 1 0 8 0 amappl4 104 327 0 308 1 0 1 1 0 8 0 amappl3 96 12696 0 12588 5 1 4 4 0 8 1 amappl2 88 654 0 598 2 0 2 2 0 8 0 amappl1 80 15104 0 14547 13 0 13 13 0 8 0 amappl 88 17027 0 16860 5 0 5 5 0 92 0 dma4096 4096 2 0 2 2 1 1 1 0 8 1 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 7 0 7 2 1 1 1 0 8 1 dma128 128 258 0 258 2 1 1 1 0 8 1 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 99 0 5 2 0 2 2 0 8 0 uaddrrnd 24 2136 0 2107 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 2136 0 2107 1 0 1 1 0 8 0 vmmpekpl 168 16991 0 16951 3 0 3 3 0 8 0 vmmpepl 168 135305 0 133241 121 7 114 114 0 357 18 vmsppl 360 2135 0 2107 4 1 3 4 0 8 0 rwobjpl 32 36892 0 32312 41 0 41 41 0 8 3 pdppl 4096 4278 0 4214 102 36 66 76 0 8 2 pvpl 32 906233 0 893582 198 20 178 178 0 265 48 pmappl 216 2135 0 2107 2 0 2 2 0 8 0 extentpl 40 45 0 27 1 0 1 1 0 8 0 phpool 112 324 0 73 9 1 8 8 0 8 0 ddb> machine ddbcpu 0 No such command ddb> trace mtx_enter(18) at mtx_enter+0x59 sys/kern/kern_lock.c:335 clockintr_unbind(ffff8000014cc130,1) at clockintr_unbind+0x56 sys/kern/kern_clockintr.c:375 dt_ioctl_record_stop(ffff800001480300) at dt_ioctl_record_stop+0xbc sys/dev/dt/dt_dev.c:576 dtclose(11e5f,81,2000,ffff80003c986028) at dtclose+0xd5 dt_pcb_purge sys/dev/dt/dt_dev.c:-1 [inline] dtclose(11e5f,81,2000,ffff80003c986028) at dtclose+0xd5 sys/dev/dt/dt_dev.c:232 spec_close(ffff80003993b2c0) at spec_close+0x45f sys/kern/spec_vnops.c:-1 VOP_CLOSE(fffffd806e19bc18,81,fffffd8007bfb820,ffff80003c986028) at VOP_CLOSE+0x12a sys/kern/vfs_vops.c:156 vn_closefile(fffffd806c6dfe20,ffff80003c986028) at vn_closefile+0x11d vn_close sys/kern/vfs_vnops.c:292 [inline] vn_closefile(fffffd806c6dfe20,ffff80003c986028) at vn_closefile+0x11d sys/kern/vfs_vnops.c:615 fdrop(fffffd806c6dfe20,ffff80003c986028) at fdrop+0x126 sys/kern/kern_descrip.c:1267 sys_ioctl(ffff80003c986028,ffff80003993b5d0,ffff80003993b520) at sys_ioctl+0x6b7 sys/kern/sys_generic.c:516 syscall(ffff80003993b5d0) at syscall+0x97e mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80003993b5d0) at syscall+0x97e sys/arch/amd64/amd64/trap.c:637 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x42b41b73620, count: -11 ddb> machine ddbcpu 1 No such command ddb> trace mtx_enter(18) at mtx_enter+0x59 sys/kern/kern_lock.c:335 clockintr_unbind(ffff8000014cc130,1) at clockintr_unbind+0x56 sys/kern/kern_clockintr.c:375 dt_ioctl_record_stop(ffff800001480300) at dt_ioctl_record_stop+0xbc sys/dev/dt/dt_dev.c:576 dtclose(11e5f,81,2000,ffff80003c986028) at dtclose+0xd5 dt_pcb_purge sys/dev/dt/dt_dev.c:-1 [inline] dtclose(11e5f,81,2000,ffff80003c986028) at dtclose+0xd5 sys/dev/dt/dt_dev.c:232 spec_close(ffff80003993b2c0) at spec_close+0x45f sys/kern/spec_vnops.c:-1 VOP_CLOSE(fffffd806e19bc18,81,fffffd8007bfb820,ffff80003c986028) at VOP_CLOSE+0x12a sys/kern/vfs_vops.c:156 vn_closefile(fffffd806c6dfe20,ffff80003c986028) at vn_closefile+0x11d vn_close sys/kern/vfs_vnops.c:292 [inline] vn_closefile(fffffd806c6dfe20,ffff80003c986028) at vn_closefile+0x11d sys/kern/vfs_vnops.c:615 fdrop(fffffd806c6dfe20,ffff80003c986028) at fdrop+0x126 sys/kern/kern_descrip.c:1267 sys_ioctl(ffff80003c986028,ffff80003993b5d0,ffff80003993b520) at sys_ioctl+0x6b7 sys/kern/sys_generic.c:516 syscall(ffff80003993b5d0) at syscall+0x97e mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80003993b5d0) at syscall+0x97e sys/arch/amd64/amd64/trap.c:637 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x42b41b73620, count: -11