uvm_fault(0xfffffd806cb515d0, 0x0, 0, 1) -> e kernel: page fault trap, code=0 Stopped at dt_ioctl_record_stop+0x108: movq 0(%r14),%r14 TID PID UID PRFLAGS PFLAGS CPU COMMAND dt_ioctl_record_stop(ffff800001583e00) at dt_ioctl_record_stop+0x108 sys/dev/dt/dt_dev.c:593 dtclose(11e5f,1,2000,ffff80003c93b248) at dtclose+0xd9 dt_pcb_purge sys/dev/dt/dt_dev.c:-1 [inline] dtclose(11e5f,1,2000,ffff80003c93b248) at dtclose+0xd9 sys/dev/dt/dt_dev.c:239 spec_close(ffff80003c95cc90) at spec_close+0x466 sys/kern/spec_vnops.c:-1 VOP_CLOSE(fffffd8079942138,1,fffffd8007bfd958,ffff80003c93b248) at VOP_CLOSE+0x129 sys/kern/vfs_vops.c:156 vn_closefile(fffffd806ce166a8,ffff80003c93b248) at vn_closefile+0x11d vn_close sys/kern/vfs_vnops.c:292 [inline] vn_closefile(fffffd806ce166a8,ffff80003c93b248) at vn_closefile+0x11d sys/kern/vfs_vnops.c:615 fdrop(fffffd806ce166a8,ffff80003c93b248) at fdrop+0x121 sys/kern/kern_descrip.c:1280 closef(fffffd806ce166a8,ffff80003c93b248) at closef+0x190 sys/kern/kern_descrip.c:1264 fdfree(ffff80003c93b248) at fdfree+0x115 sys/kern/kern_descrip.c:1195 exit1(ffff80003c93b248,0,0,1) at exit1+0x576 sys/kern/kern_exit.c:215 sys_exit(ffff80003c93b248,ffff80003c95cff0,ffff80003c95cf40) at sys_exit+0x1a sys/kern/kern_exit.c:-1 syscall(ffff80003c95cff0) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80003c95cff0) at syscall+0x962 sys/arch/amd64/amd64/trap.c:765 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x7b97e6bbfdc0, count: 3 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic *cpu0: uvm_fault(0xfffffd806cb515d0, 0x0, 0, 1) -> e ddb> trace dt_ioctl_record_stop(ffff800001583e00) at dt_ioctl_record_stop+0x108 sys/dev/dt/dt_dev.c:593 dtclose(11e5f,1,2000,ffff80003c93b248) at dtclose+0xd9 dt_pcb_purge sys/dev/dt/dt_dev.c:-1 [inline] dtclose(11e5f,1,2000,ffff80003c93b248) at dtclose+0xd9 sys/dev/dt/dt_dev.c:239 spec_close(ffff80003c95cc90) at spec_close+0x466 sys/kern/spec_vnops.c:-1 VOP_CLOSE(fffffd8079942138,1,fffffd8007bfd958,ffff80003c93b248) at VOP_CLOSE+0x129 sys/kern/vfs_vops.c:156 vn_closefile(fffffd806ce166a8,ffff80003c93b248) at vn_closefile+0x11d vn_close sys/kern/vfs_vnops.c:292 [inline] vn_closefile(fffffd806ce166a8,ffff80003c93b248) at vn_closefile+0x11d sys/kern/vfs_vnops.c:615 fdrop(fffffd806ce166a8,ffff80003c93b248) at fdrop+0x121 sys/kern/kern_descrip.c:1280 closef(fffffd806ce166a8,ffff80003c93b248) at closef+0x190 sys/kern/kern_descrip.c:1264 fdfree(ffff80003c93b248) at fdfree+0x115 sys/kern/kern_descrip.c:1195 exit1(ffff80003c93b248,0,0,1) at exit1+0x576 sys/kern/kern_exit.c:215 sys_exit(ffff80003c93b248,ffff80003c95cff0,ffff80003c95cf40) at sys_exit+0x1a sys/kern/kern_exit.c:-1 syscall(ffff80003c95cff0) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80003c95cff0) at syscall+0x962 sys/arch/amd64/amd64/trap.c:765 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x7b97e6bbfdc0, count: -12 ddb> show registers rdi 0 rsi 0 rbp 0xffff80003c95cbc0 rbx 0x1 rdx 0 rcx 0xffff80003c93b248 rax 0xffff80003c93b248 r8 0xffffffffffffffff r9 0 r10 0xf5a858e2c89393f5 r11 0xcac148d2640425a8 r12 0 r13 0 r14 0 r15 0xffff8000014f0e00 rip 0xffffffff8189a858 dt_ioctl_record_stop+0x108 cs 0x8 rflags 0x10246 __ALIGN_SIZE+0xf246 rsp 0xffff80003c95cb90 ss 0x10 dt_ioctl_record_stop+0x108: movq 0(%r14),%r14 ddb> show proc PROC (syz-executor) tid=415579 pid=69958 tcnt=0 stat=onproc flags process=1008 proc=2000 runpri=32, usrpri=50, slppri=32, nice=20 wchan=0x0, wmesg=, ps_single=0xffff80003c93b248 scnt=-1 ecnt=1 forw=0xffffffffffffffff, list=0xffff80003c93a550,0xffff80002a8a9cd0 process=0xffff80002a784908 user=0xffff80003c958000, vmspace=0xfffffd806cb515d0 estcpu=36, cpticks=0, pctcpu=0.0, user=0, sys=0, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 28456 252940 44619 0 2 0 syz-executor 54621 469042 30667 0 2 0 syz-executor 54621 66204 30667 0 3 0x4000080 netacc syz-executor 94033 455666 59576 0 2 0 syz-executor 94033 459345 59576 0 3 0x4000080 fsleep syz-executor 94033 427469 59576 0 3 0x4000080 fsleep syz-executor 23162 385209 97723 0 2 0 syz-executor 23162 485679 97723 0 3 0x4000080 fsleep syz-executor 29004 176752 38288 0 2 0 syz-executor 80297 241614 0 0 3 0x14200 acct acct 57728 152746 1 0 3 0x100083 ttyin getty 91272 96563 17501 0 2 0x2 syz-executor 38288 68446 17501 0 3 0x82 nanoslp syz-executor 97723 501412 17501 0 3 0x82 nanoslp syz-executor 44619 234046 17501 0 2 0x2 syz-executor 55970 112380 17501 0 2 0x2 syz-executor 59576 101512 17501 0 3 0x82 nanoslp syz-executor 30667 65691 17501 0 3 0x82 nanoslp syz-executor 42345 311603 17501 0 3 0x82 nanoslp syz-executor 17501 367004 6021 0 3 0x82 kqread syz-executor 6021 319568 69154 0 3 0x10008a sigsusp ksh 69154 348943 7682 0 3 0x98 kqread sshd-session 7682 36183 48137 0 3 0x92 kqread sshd-session 48137 294037 1 0 3 0x88 kqread sshd 50739 514583 21963 73 3 0x1100090 kqread syslogd 21963 80458 1 0 3 0x100082 sbwait syslogd 74990 286619 1 0 3 0x100080 kqread resolvd 54313 401211 89814 77 3 0x100092 kqread dhcpleased 27666 302626 89814 77 3 0x100092 kqread dhcpleased 89814 107001 1 0 3 0x80 kqread dhcpleased 21595 92961 0 0 3 0x14200 bored smr 53015 100048 0 0 2 0x14200 zerothread 29272 201495 0 0 3 0x14200 aiodoned aiodoned 91113 116785 0 0 3 0x14200 syncer update 22338 231129 0 0 3 0x14200 cleaner cleaner 44045 455861 0 0 3 0x14200 reaper reaper 40936 57963 0 0 3 0x14200 pgdaemon pagedaemon 80823 425790 0 0 3 0x14200 bored viomb 72628 34138 0 0 3 0x40014200 acpi0 acpi0 27766 512321 0 0 3 0x14200 bored softnet0 53983 461547 0 0 3 0x14200 bored systqmp 4791 325115 0 0 3 0x14200 bored systq 33477 16265 0 0 3 0x40014200 tmoslp softclock 33682 501635 0 0 3 0x40014200 idle0 1 140900 0 0 3 0x82 wait init 0 0 -1 0 3 0x10010200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10240 11188K 12182K 166960K 15014 0 pcb 18 18K 20K 166960K 749 0 rtable 263 12K 12K 166960K 914 0 pf 34 13K 15K 166960K 264 0 ifaddr 44 8K 9K 166960K 206 0 ifgroup 54 2K 2K 166960K 350 0 sysctl 4 1K 9K 166960K 56 0 counters 33 17K 18K 166960K 213 0 ioctlops 0 0K 4K 166960K 525 0 iov 0 0K 32K 166960K 156 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1456 92K 92K 166960K 3410 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 2K 10K 166960K 34 0 VM map 2 1K 1K 166960K 2 0 sem 19 48K 48K 166960K 409 0 dirhash 12 2K 2K 166960K 30 0 ACPI 1692 195K 286K 166960K 12470 0 file desc 16 57K 106K 166960K 2369 0 sigio 0 0K 0K 166960K 91 0 proc 61 59K 100K 166960K 840 0 subproc 72 4K 4K 166960K 110 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 0 0K 0K 166960K 383 0 in_multi 82 6K 7K 166960K 289 0 ether_multi 1 0K 0K 166960K 35 0 mrt 1 0K 0K 166960K 30 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 259 1155K 1155K 166960K 259 0 exec 0 0K 1K 166960K 764 0 fusefs mount 1 32K 32K 166960K 1 0 pfkey data 0 0K 0K 166960K 5 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 207 162K 176K 166960K 22002 0 UVM aobj 135 17K 17K 166960K 141 0 pinsyscall 37 74K 92K 166960K 3581 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 0K 166960K 177 0 NDP 12 0K 2K 166960K 128 0 temp 80 8656K 8912K 166960K 45132 0 kqueue 13 20K 30K 166960K 428 0 SYN cache 2 16K 16K 166960K 2 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle rtpcb 120 550 0 547 5 2 3 3 0 8 2 rtentry 136 273 0 176 6 1 5 5 0 8 0 unpcb 144 1622 0 1606 5 1 4 4 0 8 3 syncache 336 9 0 9 3 2 1 1 0 8 1 tcpqe 32 6 0 6 3 2 1 1 0 8 1 tcpcb 736 991 0 982 15 11 4 13 0 8 3 arp 96 41 0 24 1 0 1 1 0 8 0 ipq 40 9 0 7 1 0 1 1 0 8 0 ipqe 40 15 0 12 1 0 1 1 0 8 0 inpcb 328 2606 0 2592 17 10 7 12 0 8 5 ip6q 72 7 0 5 2 1 1 1 0 8 0 ip6af 40 12 0 10 2 1 1 1 0 8 0 nd6 112 47 0 24 1 0 1 1 0 8 0 pkpcb 40 20 0 20 4 3 1 1 0 8 1 kcovpl 48 12 0 4 1 0 1 1 0 8 0 mppekey 1024 2 0 2 1 1 0 1 0 8 0 ppxss 1072 139 0 139 4 3 1 1 0 8 1 pppxif 1384 28 0 28 4 3 1 1 0 8 1 pfstscr 40 1 0 1 1 1 0 1 0 8 0 pfrktable 1344 2 0 2 1 1 0 1 0 8 0 pfstitem 24 3 0 0 1 0 1 1 0 8 0 pfstkey 128 7 0 4 1 0 1 1 0 8 0 pfstate 384 4 0 2 1 0 1 1 0 8 0 pfrule 1344 3 0 3 1 1 0 1 0 8 0 rttmr 136 7 0 7 3 2 1 1 0 8 1 art_heap8 4096 5 0 0 5 0 5 5 0 8 0 art_heap4 256 1255 0 829 35 6 29 31 0 8 0 art_table 40 1260 0 829 5 0 5 5 0 8 0 art_node 32 270 0 190 1 0 1 1 0 8 0 sysvmsgpl 40 4 0 3 1 0 1 1 0 8 0 semupl 112 4 0 4 1 0 1 1 0 8 1 semapl 112 366 0 349 2 1 1 1 0 8 0 shmpl 112 133 0 6 4 0 4 4 0 8 0 dirhash 1024 29 0 12 3 0 3 3 0 8 0 dino2pl 256 5735 0 4233 95 0 95 95 0 8 0 ffsino 256 5735 0 4233 95 0 95 95 0 8 0 nchpl 144 9004 0 7299 64 0 64 64 0 8 0 rtmask 32 12 0 12 3 2 1 1 0 8 1 vnodes 216 3280 0 0 183 0 183 183 0 8 0 namei 1024 31287 0 31287 5 4 1 2 0 8 1 vcpupl 3904 5 0 0 1 0 1 1 0 8 0 vmpool 800 5 0 0 1 0 1 1 0 8 0 kstatmem 264 204 0 180 5 2 3 3 0 8 1 scsiplug 72 14 0 14 4 3 1 1 0 8 1 scxspl 216 28828 0 28828 16 8 8 8 1 8 8 plimitpl 152 707 0 691 1 0 1 1 0 8 0 sigapl 424 2674 0 2632 9 1 8 8 0 8 2 knotepl 120 96558 0 96510 50 38 12 20 0 8 8 kqueuepl 184 1140 0 1131 8 5 3 6 0 8 2 pipepl 304 487 0 460 10 2 8 8 0 8 5 fdescpl 448 2638 0 2610 5 1 4 5 0 8 0 filepl 120 18197 0 17984 22 9 13 18 0 8 5 lockfpl 104 891 0 889 2 0 2 2 0 8 1 lockfspl 48 331 0 329 1 0 1 1 0 8 0 sessionpl 144 33 0 25 1 0 1 1 0 8 0 pgrppl 48 66 0 50 1 0 1 1 0 8 0 ucredpl 104 2834 0 2823 1 0 1 1 0 8 0 zombiepl 144 2775 0 2774 1 0 1 1 0 8 0 processpl 1152 2674 0 2632 5 0 5 5 0 8 1 procpl 664 5795 0 5749 8 1 7 7 0 8 2 sosppl 176 13 0 13 2 1 1 1 0 8 1 sockpl 552 4859 0 4826 21 10 11 12 0 8 8 mcl64k 65536 301 0 300 5 4 1 1 0 8 0 mcl16k 16384 69 0 69 4 3 1 1 0 8 1 mcl12k 12288 32 0 32 4 3 1 1 0 8 1 mcl9k 9216 5 0 5 2 2 0 1 0 8 0 mcl8k 8192 87 0 87 4 3 1 1 0 8 1 mcl4k 4096 5811 0 5753 18 9 9 15 0 8 1 mcl2k2 2112 4 0 4 3 2 1 1 0 8 1 mcl2k 2048 3513 0 3505 6 4 2 4 0 8 0 mtagpl 96 104 0 36 2 0 2 2 0 8 0 mbufpl 256 31762 0 31535 103 70 33 91 0 8 11 bufpl 280 10527 0 4306 445 0 445 445 0 8 0 anonpl 24 372746 0 369772 97 53 44 57 0 187 12 amapchunkpl 152 78669 0 78278 56 27 29 39 0 158 9 amappl16 200 5604 0 5571 50 39 11 16 0 8 8 amappl15 192 4 0 4 1 1 0 1 0 8 0 amappl14 184 8 0 8 2 2 0 1 0 8 0 amappl13 176 456 0 455 1 0 1 1 0 8 0 amappl12 168 3035 0 2999 2 0 2 2 0 8 0 amappl11 160 2 0 2 1 1 0 1 0 8 0 amappl10 152 46 0 36 1 0 1 1 0 8 0 amappl9 144 256 0 255 1 0 1 1 0 8 0 amappl8 136 34 0 33 1 0 1 1 0 8 0 amappl7 128 103 0 101 1 0 1 1 0 8 0 amappl6 120 321 0 308 1 0 1 1 0 8 0 amappl5 112 72 0 64 1 0 1 1 0 8 0 amappl4 104 449 0 426 1 0 1 1 0 8 0 amappl3 96 13440 0 13367 3 0 3 3 0 8 0 amappl2 88 2792 0 2722 2 0 2 2 0 8 0 amappl1 80 19840 0 19311 14 1 13 13 0 8 0 amappl 88 20840 0 20704 5 0 5 5 0 92 0 uvmvnodes 80 148 0 0 4 0 4 4 0 8 0 dma4096 4096 2 0 2 1 1 0 1 0 8 0 dma1024 1024 2 0 1 1 0 1 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 258 0 258 4 3 1 1 0 8 1 dma64 64 7 0 7 2 2 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 19 0 18 1 0 1 1 0 8 0 aobjpl 72 140 0 6 3 0 3 3 0 8 0 uaddrrnd 24 2638 0 2610 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 2638 0 2610 1 0 1 1 0 8 0 vmmpekpl 168 21084 0 21046 3 0 3 3 0 8 0 vmmpepl 168 166311 0 164589 116 25 91 92 0 357 9 vmsppl 368 2637 0 2610 4 1 3 4 0 8 0 rwobjpl 40 40090 0 38993 15 1 14 14 0 8 0 pdppl 4096 5292 0 5225 138 67 71 78 0 8 4 pvpl 32 1159268 0 1150840 224 94 130 130 0 265 35 pmappl 216 2642 0 2610 2 0 2 2 0 8 0 extentpl 40 45 0 27 1 0 1 1 0 8 0 phpool 112 547 0 188 12 0 12 12 0 8 0 ddb> machine ddbcpu 0 No such command ddb> trace dt_ioctl_record_stop(ffff800001583e00) at dt_ioctl_record_stop+0x108 sys/dev/dt/dt_dev.c:593 dtclose(11e5f,1,2000,ffff80003c93b248) at dtclose+0xd9 dt_pcb_purge sys/dev/dt/dt_dev.c:-1 [inline] dtclose(11e5f,1,2000,ffff80003c93b248) at dtclose+0xd9 sys/dev/dt/dt_dev.c:239 spec_close(ffff80003c95cc90) at spec_close+0x466 sys/kern/spec_vnops.c:-1 VOP_CLOSE(fffffd8079942138,1,fffffd8007bfd958,ffff80003c93b248) at VOP_CLOSE+0x129 sys/kern/vfs_vops.c:156 vn_closefile(fffffd806ce166a8,ffff80003c93b248) at vn_closefile+0x11d vn_close sys/kern/vfs_vnops.c:292 [inline] vn_closefile(fffffd806ce166a8,ffff80003c93b248) at vn_closefile+0x11d sys/kern/vfs_vnops.c:615 fdrop(fffffd806ce166a8,ffff80003c93b248) at fdrop+0x121 sys/kern/kern_descrip.c:1280 closef(fffffd806ce166a8,ffff80003c93b248) at closef+0x190 sys/kern/kern_descrip.c:1264 fdfree(ffff80003c93b248) at fdfree+0x115 sys/kern/kern_descrip.c:1195 exit1(ffff80003c93b248,0,0,1) at exit1+0x576 sys/kern/kern_exit.c:215 sys_exit(ffff80003c93b248,ffff80003c95cff0,ffff80003c95cf40) at sys_exit+0x1a sys/kern/kern_exit.c:-1 syscall(ffff80003c95cff0) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80003c95cff0) at syscall+0x962 sys/arch/amd64/amd64/trap.c:765 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x7b97e6bbfdc0, count: -12 ddb> machine ddbcpu 1 No such command ddb> trace dt_ioctl_record_stop(ffff800001583e00) at dt_ioctl_record_stop+0x108 sys/dev/dt/dt_dev.c:593 dtclose(11e5f,1,2000,ffff80003c93b248) at dtclose+0xd9 dt_pcb_purge sys/dev/dt/dt_dev.c:-1 [inline] dtclose(11e5f,1,2000,ffff80003c93b248) at dtclose+0xd9 sys/dev/dt/dt_dev.c:239 spec_close(ffff80003c95cc90) at spec_close+0x466 sys/kern/spec_vnops.c:-1 VOP_CLOSE(fffffd8079942138,1,fffffd8007bfd958,ffff80003c93b248) at VOP_CLOSE+0x129 sys/kern/vfs_vops.c:156 vn_closefile(fffffd806ce166a8,ffff80003c93b248) at vn_closefile+0x11d vn_close sys/kern/vfs_vnops.c:292 [inline] vn_closefile(fffffd806ce166a8,ffff80003c93b248) at vn_closefile+0x11d sys/kern/vfs_vnops.c:615 fdrop(fffffd806ce166a8,ffff80003c93b248) at fdrop+0x121 sys/kern/kern_descrip.c:1280 closef(fffffd806ce166a8,ffff80003c93b248) at closef+0x190 sys/kern/kern_descrip.c:1264 fdfree(ffff80003c93b248) at fdfree+0x115 sys/kern/kern_descrip.c:1195 exit1(ffff80003c93b248,0,0,1) at exit1+0x576 sys/kern/kern_exit.c:215 sys_exit(ffff80003c93b248,ffff80003c95cff0,ffff80003c95cf40) at sys_exit+0x1a sys/kern/kern_exit.c:-1 syscall(ffff80003c95cff0) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80003c95cff0) at syscall+0x962 sys/arch/amd64/amd64/trap.c:765 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x7b97e6bbfdc0, count: -12