uvm_fault(0xfffffd8063a93208, 0x0, 0, 1) -> e kernel: page fault trap, code=0 Stopped at dt_ioctl_record_stop+0xf0: movq 0(%r14),%r12 TID PID UID PRFLAGS PFLAGS CPU COMMAND 377726 37555 0 0 0 1 syz-executor dt_ioctl_record_stop(ffff80000148b000) at dt_ioctl_record_stop+0xf0 sys/dev/dt/dt_dev.c:580 dtclose(11e5f,1,2000,ffff8000ffffccd8) at dtclose+0x105 dt_pcb_purge sys/dev/dt/dt_dev.c:-1 [inline] dtclose(11e5f,1,2000,ffff8000ffffccd8) at dtclose+0x105 sys/dev/dt/dt_dev.c:232 spec_close(ffff80003c485030) at spec_close+0x45f sys/kern/spec_vnops.c:-1 VOP_CLOSE(fffffd8063a771f8,1,fffffd80097fb410,ffff8000ffffccd8) at VOP_CLOSE+0x133 sys/kern/vfs_vops.c:156 vn_closefile(fffffd806b99e350,ffff8000ffffccd8) at vn_closefile+0x12b vn_close sys/kern/vfs_vnops.c:292 [inline] vn_closefile(fffffd806b99e350,ffff8000ffffccd8) at vn_closefile+0x12b sys/kern/vfs_vnops.c:615 fdrop(fffffd806b99e350,ffff8000ffffccd8) at fdrop+0x126 sys/kern/kern_descrip.c:1267 closef(fffffd806b99e350,ffff8000ffffccd8) at closef+0x192 sys/kern/kern_descrip.c:1251 fdfree(ffff8000ffffccd8) at fdfree+0x116 sys/kern/kern_descrip.c:1182 exit1(ffff8000ffffccd8,0,0,1) at exit1+0x59c sys/kern/kern_exit.c:215 sys_exit(ffff8000ffffccd8,ffff80003c4853a0,ffff80003c4852f0) at sys_exit+0x1a sys/kern/kern_exit.c:-1 syscall(ffff80003c4853a0) at syscall+0xb08 mi_syscall sys/sys/syscall_mi.h:176 [inline] syscall(ffff80003c4853a0) at syscall+0xb08 sys/arch/amd64/amd64/trap.c:748 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x7900397d1d10, count: 3 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb{0}> ddb{0}> set $lines = 0 ddb{0}> set $maxwidth = 0 ddb{0}> show panic *cpu0: uvm_fault(0xfffffd8063a93208, 0x0, 0, 1) -> e ddb{0}> trace dt_ioctl_record_stop(ffff80000148b000) at dt_ioctl_record_stop+0xf0 sys/dev/dt/dt_dev.c:580 dtclose(11e5f,1,2000,ffff8000ffffccd8) at dtclose+0x105 dt_pcb_purge sys/dev/dt/dt_dev.c:-1 [inline] dtclose(11e5f,1,2000,ffff8000ffffccd8) at dtclose+0x105 sys/dev/dt/dt_dev.c:232 spec_close(ffff80003c485030) at spec_close+0x45f sys/kern/spec_vnops.c:-1 VOP_CLOSE(fffffd8063a771f8,1,fffffd80097fb410,ffff8000ffffccd8) at VOP_CLOSE+0x133 sys/kern/vfs_vops.c:156 vn_closefile(fffffd806b99e350,ffff8000ffffccd8) at vn_closefile+0x12b vn_close sys/kern/vfs_vnops.c:292 [inline] vn_closefile(fffffd806b99e350,ffff8000ffffccd8) at vn_closefile+0x12b sys/kern/vfs_vnops.c:615 fdrop(fffffd806b99e350,ffff8000ffffccd8) at fdrop+0x126 sys/kern/kern_descrip.c:1267 closef(fffffd806b99e350,ffff8000ffffccd8) at closef+0x192 sys/kern/kern_descrip.c:1251 fdfree(ffff8000ffffccd8) at fdfree+0x116 sys/kern/kern_descrip.c:1182 exit1(ffff8000ffffccd8,0,0,1) at exit1+0x59c sys/kern/kern_exit.c:215 sys_exit(ffff8000ffffccd8,ffff80003c4853a0,ffff80003c4852f0) at sys_exit+0x1a sys/kern/kern_exit.c:-1 syscall(ffff80003c4853a0) at syscall+0xb08 mi_syscall sys/sys/syscall_mi.h:176 [inline] syscall(ffff80003c4853a0) at syscall+0xb08 sys/arch/amd64/amd64/trap.c:748 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x7900397d1d10, count: -12 ddb{0}> show registers rdi 0 rsi 0 rbp 0xffff80003c484f60 rbx 0xffffffff811e2ba0 dtclose rdx 0 rcx 0xffff8000ffffccd8 rax 0xffffffff8388fa90 dt_prov_syscall r8 0xffffffffffffffff r9 0 r10 0x273a4a09c7312010 r11 0xe0631a345d007ed3 r12 0xffff80000006e200 r13 0 r14 0 r15 0xffff8000015c1600 rip 0xffffffff811e2f80 dt_ioctl_record_stop+0xf0 cs 0x8 rflags 0x10207 __ALIGN_SIZE+0xf207 rsp 0xffff80003c484f30 ss 0x10 dt_ioctl_record_stop+0xf0: movq 0(%r14),%r12 ddb{0}> show proc PROC (syz-executor) tid=315322 pid=64924 tcnt=0 stat=onproc flags process=1008 proc=2000 runpri=32, usrpri=84, slppri=32, nice=20 wchan=0x0, wmesg=, ps_single=0xffff8000ffffccd8 scnt=-1 ecnt=1 forw=0xffffffffffffffff, list=0xffff80003c43e7d8,0xffff8000ffffd498 process=0xffff80002a398018 user=0xffff80003c480000, vmspace=0xfffffd8063a93208 estcpu=34, cpticks=1, pctcpu=0.2, user=0, sys=1, intr=0 ddb{0}> ps PID TID PPID UID S FLAGS WAIT COMMAND 72217 377227 30114 0 2 0 syz-executor 12538 347845 37089 0 2 0 syz-executor 12538 337813 37089 0 2 0x4000000 syz-executor 37555 377726 59945 0 7 0 syz-executor 37555 404540 59945 0 2 0x4000000 syz-executor 99533 328249 97464 0 2 0 syz-executor 99533 198423 97464 0 3 0x4000080 fsleep syz-executor 66109 213296 34650 0 2 0 syz-executor 66109 285188 34650 0 3 0x4000080 fsleep syz-executor 8149 128823 88945 0 3 0x82 sbwait sshd-session 82452 40873 74437 0 2 0 syz-executor 82452 128430 74437 0 3 0x4000080 fsleep syz-executor 29531 209442 55442 0 3 0x80 nanoslp syz-executor 29531 182444 55442 0 3 0x4000080 fsleep syz-executor 29531 494109 55442 0 3 0x4000080 fifow syz-executor 29531 165430 55442 0 3 0x4000080 fsleep syz-executor 30114 239102 19362 0 2 0x2 syz-executor 79142 150699 0 0 3 0x14200 acct acct 15859 67902 1 0 3 0x100083 ttyin getty 97464 56284 19362 0 3 0x82 nanoslp syz-executor 43109 113724 19362 0 3 0x82 nanoslp syz-executor 55442 425781 19362 0 2 0x2 syz-executor 49391 478632 0 0 3 0x14200 bored sosplice 37089 506848 19362 0 3 0x82 nanoslp syz-executor 74437 436965 19362 0 2 0x2 syz-executor 34650 505505 19362 0 3 0x82 nanoslp syz-executor 59945 274572 19362 0 3 0x82 nanoslp syz-executor 19362 483743 32623 0 3 0x82 kqread syz-executor 32623 466982 16364 0 3 0x10008a sigsusp ksh 16364 115182 89590 0 3 0x98 kqread sshd-session 89590 518429 88945 0 3 0x92 kqread sshd-session 88945 368027 1 0 3 0x88 kqread sshd 77691 210454 4498 74 3 0x1100092 bpf pflogd 4498 271249 1 0 3 0x80 sbwait pflogd 27453 458959 14016 73 3 0x1100090 kqread syslogd 14016 400004 1 0 3 0x100082 sbwait syslogd 10088 76098 1 0 3 0x100080 kqread resolvd 96988 47879 1788 77 3 0x100092 kqread dhcpleased 18087 239829 1788 77 3 0x100092 kqread dhcpleased 1788 274933 1 0 3 0x80 kqread dhcpleased 89486 309534 0 0 3 0x14200 bored smr 86226 490103 0 0 2 0x14200 zerothread 49073 375591 0 0 3 0x14200 aiodoned aiodoned 7488 68576 0 0 3 0x14200 syncer update 29009 94650 0 0 3 0x14200 cleaner cleaner 19919 177672 0 0 3 0x14200 reaper reaper 53634 513096 0 0 3 0x14200 pgdaemon pagedaemon 41858 280994 0 0 3 0x14200 bored viomb 24775 251811 0 0 3 0x40014200 acpi0 acpi0 14707 331855 0 0 3 0x40014200 idle1 82846 431047 0 0 3 0x14200 bored softnet3 8067 317479 0 0 3 0x14200 bored softnet2 68542 168090 0 0 3 0x14200 bored softnet1 91414 476213 0 0 3 0x14200 bored softnet0 89397 254784 0 0 3 0x14200 bored systqmp 85685 33115 0 0 3 0x14200 bored systq 68653 170362 0 0 3 0x14200 tmoslp softclockmp 13190 243284 0 0 3 0x40014200 tmoslp softclock 12549 318042 0 0 3 0x40014200 idle0 1 152954 0 0 3 0x82 wait init 0 0 -1 0 3 0x10010200 scheduler swapper ddb{0}> show all locks ddb{0}> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10278 11132K 11495K 166960K 15810 0 pcb 19 16K 16K 166960K 504 0 rtable 220 21K 21K 166960K 700 0 pf 38 18K 82K 166960K 467 0 ifaddr 38 7K 9K 166960K 173 0 ifgroup 55 2K 2K 166960K 326 0 sysctl 4 1K 9K 166960K 21 0 counters 68 36K 37K 166960K 356 0 ioctlops 0 0K 4K 166960K 1974 0 iov 0 0K 17K 166960K 200 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1460 92K 92K 166960K 4128 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 10K 18K 166960K 34 0 VM map 2 1K 1K 166960K 2 0 sem 12 0K 0K 166960K 90 0 dirhash 12 2K 2K 166960K 45 0 ACPI 1692 195K 286K 166960K 12470 0 file desc 18 65K 110K 166960K 2577 0 sigio 0 0K 0K 166960K 59 0 proc 73 91K 140K 166960K 965 0 subproc 72 4K 4K 166960K 117 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 0 0K 0K 166960K 389 0 in_multi 78 5K 7K 166960K 226 0 ether_multi 1 0K 0K 166960K 21 0 mrt 1 0K 0K 166960K 16 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 247 1102K 1102K 166960K 247 0 exec 0 0K 1K 166960K 1057 0 fusefs mount 1 32K 32K 166960K 1 0 pfkey data 0 0K 0K 166960K 6 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 250 177K 186K 166960K 24874 0 UVM aobj 25 4K 4K 166960K 29 0 pinsyscall 45 90K 104K 166960K 3846 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 0K 166960K 127 0 NDP 12 0K 2K 166960K 128 0 temp 79 8684K 8780K 166960K 136637 0 kqueue 14 22K 35K 166960K 584 0 SYN cache 2 16K 16K 166960K 2 0 ddb{0}> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle plcache 128 26 0 0 1 0 1 1 0 8 0 rtpcb 120 267 0 264 3 2 1 2 0 8 0 rtentry 176 205 0 129 5 0 5 5 0 8 0 unpcb 144 1771 0 1747 14 12 2 6 0 8 1 syncache 336 19 0 19 4 3 1 1 0 8 1 tcpqe 32 2 0 2 1 1 0 1 0 8 0 tcpcb 736 936 0 927 29 28 1 13 0 8 0 arp 128 24 0 14 1 0 1 1 0 8 0 inpcb 328 2791 0 2776 31 27 4 13 0 8 2 nd6 144 36 0 22 1 0 1 1 0 8 0 pkpcb 40 58 0 58 5 4 1 1 0 8 1 kcovpl 48 13 0 5 1 0 1 1 0 8 0 mppekey 1024 4 0 4 3 2 1 1 0 8 1 ppxss 1192 108 0 108 3 2 1 1 0 8 1 pppxif 1504 13 0 13 5 4 1 1 0 8 1 pffrag 232 81 0 72 1 0 1 1 0 482 0 pffrnode 88 79 0 72 1 0 1 1 0 8 0 pffrent 40 155 0 146 1 0 1 1 0 8 0 pfosfp 40 1428 0 1005 5 0 5 5 0 8 0 pfosfpen 112 1428 0 714 21 0 21 21 0 8 0 pfrktable 1344 33 0 33 1 1 0 1 0 8 0 pftag 88 66 0 66 1 1 0 1 0 8 0 pfstitem 24 117 0 51 1 0 1 1 0 8 0 pfstkey 128 117 0 51 3 0 3 3 0 8 0 pfstate 384 114 0 51 7 0 7 7 0 8 0 pfrule 1344 60 0 54 2 1 1 2 0 8 0 rttmr 136 2 0 2 2 2 0 1 0 8 0 art_heap8 4096 4 0 0 4 0 4 4 0 8 0 art_heap4 256 947 0 601 32 7 25 30 0 8 2 art_table 40 951 0 601 5 0 5 5 0 8 0 art_node 32 204 0 141 1 0 1 1 0 8 0 sysvmsgpl 40 17 0 13 1 0 1 1 0 8 0 semupl 112 4 0 4 4 4 0 1 0 8 0 semapl 112 82 0 72 1 0 1 1 0 8 0 shmpl 112 26 0 4 1 0 1 1 0 8 0 dirhash 1024 39 0 22 3 0 3 3 0 8 0 dino2pl 256 6253 0 4733 97 1 96 96 0 8 0 ffsino 288 6253 0 4733 109 0 109 109 0 8 0 nchpl 144 9780 0 8073 64 0 64 64 0 8 0 rtmask 32 23 0 23 3 2 1 1 0 8 1 uvmvnodes 80 5926 0 0 121 0 121 121 0 8 0 vnodes 216 5926 0 0 330 0 330 330 0 8 0 namei 1024 34787 0 34787 3 2 1 2 0 8 1 percpumem 16 193 0 144 1 0 1 1 0 8 0 kstatmem 264 206 0 178 5 2 3 3 0 8 0 scsiplug 72 9 0 9 5 4 1 1 0 8 1 scxspl 216 67282 0 67282 15 14 1 8 1 8 1 plimitpl 152 594 0 577 1 0 1 1 0 8 0 sigapl 424 2872 0 2819 8 1 7 7 0 8 1 knotepl 120 814 0 0 24 0 24 24 0 8 0 kqueuepl 224 1253 0 1241 11 9 2 5 0 8 1 pipepl 336 417 0 389 5 2 3 5 0 8 0 fdescpl 520 2844 0 2811 3 0 3 3 0 8 0 filepl 160 19270 0 19042 33 19 14 21 0 8 2 lockfpl 104 1985 0 1982 4 2 2 2 0 8 1 lockfspl 48 893 0 890 1 0 1 1 0 8 0 sessionpl 144 42 0 32 1 0 1 1 0 8 0 pgrppl 48 151 0 133 1 0 1 1 0 8 0 ucredpl 104 3037 0 3024 1 0 1 1 0 8 0 zombiepl 144 2820 0 2819 1 0 1 1 0 8 0 processpl 1240 2872 0 2819 5 0 5 5 0 8 0 procpl 656 6927 0 6866 7 1 6 7 0 8 0 sosppl 168 12 0 12 3 3 0 1 0 8 0 sockpl 728 5024 0 4982 41 33 8 16 0 8 3 mcl64k 65536 9 0 0 2 0 2 2 0 8 0 mcl16k 16384 3 0 0 1 0 1 1 0 8 0 mcl12k 12288 2 0 0 1 0 1 1 0 8 0 mcl9k 9216 3 0 0 1 0 1 1 0 8 0 mcl8k 8192 6 0 0 1 0 1 1 0 8 0 mcl4k 4096 120 0 0 15 0 15 15 0 8 0 mcl2k2 2112 1 0 0 1 0 1 1 0 8 0 mcl2k 2048 50 0 0 6 1 5 6 0 8 0 mtagpl 96 50 0 0 2 0 2 2 0 8 0 mbufpl 256 1422 0 0 89 0 89 89 0 8 0 bufpl 280 30300 0 24158 440 0 440 440 0 8 0 anonpl 32 13933 0 0 113 0 113 113 0 246 0 amapchunkpl 152 88596 0 88089 58 26 32 34 0 158 7 amappl16 200 11082 0 11048 97 78 19 31 0 8 6 amappl15 192 9 0 9 2 2 0 1 0 8 0 amappl14 184 152 0 139 1 0 1 1 0 8 0 amappl13 176 7 0 7 1 1 0 1 0 8 0 amappl12 168 3587 0 3555 3 1 2 2 0 8 0 amappl11 160 52 0 38 1 0 1 1 0 8 0 amappl10 152 7 0 6 2 1 1 1 0 8 0 amappl9 144 246 0 246 1 1 0 1 0 8 0 amappl8 136 22 0 19 1 0 1 1 0 8 0 amappl7 128 147 0 133 1 0 1 1 0 8 0 amappl6 120 263 0 258 1 0 1 1 0 8 0 amappl5 112 149 0 138 1 0 1 1 0 8 0 amappl4 104 361 0 340 1 0 1 1 0 8 0 amappl3 96 17595 0 17475 4 0 4 4 0 8 0 amappl2 88 817 0 746 2 0 2 2 0 8 0 amappl1 80 21535 0 20842 17 2 15 15 0 8 0 amappl 88 23557 0 23386 5 0 5 5 0 92 0 dma16384 16384 1 0 1 1 1 0 1 0 8 0 dma4096 4096 2 0 2 2 2 0 1 0 8 0 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 10 0 10 3 3 0 1 0 8 0 dma128 128 255 0 255 3 3 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 28 0 4 1 0 1 1 0 8 0 uaddrrnd 24 2844 0 2811 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 2844 0 2811 1 0 1 1 0 8 0 vmmpekpl 168 24033 0 23978 3 0 3 3 0 8 0 vmmpepl 168 186169 0 183952 157 49 108 115 0 357 9 vmsppl 480 2843 0 2811 6 1 5 5 0 8 0 rwobjpl 72 55893 0 48888 135 2 133 133 0 8 2 pdppl 4096 5696 0 5622 140 66 74 86 0 8 0 pvpl 32 22408 0 0 181 0 181 181 0 265 0 pmappl 256 2843 0 2811 3 0 3 3 0 8 0 extentpl 40 45 0 27 1 0 1 1 0 8 0 phpool 112 553 0 118 13 0 13 13 0 8 0 ddb{0}> machine ddbcpu 0 Invalid cpu 0 ddb{0}> trace dt_ioctl_record_stop(ffff80000148b000) at dt_ioctl_record_stop+0xf0 sys/dev/dt/dt_dev.c:580 dtclose(11e5f,1,2000,ffff8000ffffccd8) at dtclose+0x105 dt_pcb_purge sys/dev/dt/dt_dev.c:-1 [inline] dtclose(11e5f,1,2000,ffff8000ffffccd8) at dtclose+0x105 sys/dev/dt/dt_dev.c:232 spec_close(ffff80003c485030) at spec_close+0x45f sys/kern/spec_vnops.c:-1 VOP_CLOSE(fffffd8063a771f8,1,fffffd80097fb410,ffff8000ffffccd8) at VOP_CLOSE+0x133 sys/kern/vfs_vops.c:156 vn_closefile(fffffd806b99e350,ffff8000ffffccd8) at vn_closefile+0x12b vn_close sys/kern/vfs_vnops.c:292 [inline] vn_closefile(fffffd806b99e350,ffff8000ffffccd8) at vn_closefile+0x12b sys/kern/vfs_vnops.c:615 fdrop(fffffd806b99e350,ffff8000ffffccd8) at fdrop+0x126 sys/kern/kern_descrip.c:1267 closef(fffffd806b99e350,ffff8000ffffccd8) at closef+0x192 sys/kern/kern_descrip.c:1251 fdfree(ffff8000ffffccd8) at fdfree+0x116 sys/kern/kern_descrip.c:1182 exit1(ffff8000ffffccd8,0,0,1) at exit1+0x59c sys/kern/kern_exit.c:215 sys_exit(ffff8000ffffccd8,ffff80003c4853a0,ffff80003c4852f0) at sys_exit+0x1a sys/kern/kern_exit.c:-1 syscall(ffff80003c4853a0) at syscall+0xb08 mi_syscall sys/sys/syscall_mi.h:176 [inline] syscall(ffff80003c4853a0) at syscall+0xb08 sys/arch/amd64/amd64/trap.c:748 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x7900397d1d10, count: -12 ddb{0}> machine ddbcpu 1 Stopped at x86_ipi_db+0x27: addq $0x8,%rsp x86_ipi_db(ffff8000299ddff0) at x86_ipi_db+0x27 sys/arch/amd64/amd64/db_interface.c:394 x86_ipi_handler() at x86_ipi_handler+0xd9 sys/arch/amd64/amd64/ipi.c:106 Xresume_lapic_ipi() at Xresume_lapic_ipi+0x27 __mp_lock(ffffffff838f4ed8) at __mp_lock+0x192 __mp_lock_spin sys/kern/kern_lock.c:134 [inline] __mp_lock(ffffffff838f4ed8) at __mp_lock+0x192 sys/kern/kern_lock.c:165 syscall(ffff80003c453f00) at syscall+0xae6 mi_syscall sys/sys/syscall_mi.h:176 [inline] syscall(ffff80003c453f00) at syscall+0xae6 sys/arch/amd64/amd64/trap.c:748 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x7a914765cbd0, count: 9 ddb{1}> trace x86_ipi_db(ffff8000299ddff0) at x86_ipi_db+0x27 sys/arch/amd64/amd64/db_interface.c:394 x86_ipi_handler() at x86_ipi_handler+0xd9 sys/arch/amd64/amd64/ipi.c:106 Xresume_lapic_ipi() at Xresume_lapic_ipi+0x27 __mp_lock(ffffffff838f4ed8) at __mp_lock+0x192 __mp_lock_spin sys/kern/kern_lock.c:134 [inline] __mp_lock(ffffffff838f4ed8) at __mp_lock+0x192 sys/kern/kern_lock.c:165 syscall(ffff80003c453f00) at syscall+0xae6 mi_syscall sys/sys/syscall_mi.h:176 [inline] syscall(ffff80003c453f00) at syscall+0xae6 sys/arch/amd64/amd64/trap.c:748 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x7a914765cbd0, count: -6