uvm_fault(0xfffffd807733f8b0, 0x0, 0, 1) -> e kernel: page fault trap, code=0 Stopped at dt_ioctl_record_stop+0x108: movq 0(%r14),%r14 TID PID UID PRFLAGS PFLAGS CPU COMMAND dt_ioctl_record_stop(ffff800001490180) at dt_ioctl_record_stop+0x108 sys/dev/dt/dt_dev.c:586 dtclose(11e5f,81,2000,ffff80002a821778) at dtclose+0xd9 dt_pcb_purge sys/dev/dt/dt_dev.c:-1 [inline] dtclose(11e5f,81,2000,ffff80002a821778) at dtclose+0xd9 sys/dev/dt/dt_dev.c:232 spec_close(ffff80003895b640) at spec_close+0x466 sys/kern/spec_vnops.c:-1 VOP_CLOSE(fffffd80771f0be8,81,fffffd8007bfb4e0,ffff80002a821778) at VOP_CLOSE+0x129 sys/kern/vfs_vops.c:156 vn_closefile(fffffd806a387000,ffff80002a821778) at vn_closefile+0x11d vn_close sys/kern/vfs_vnops.c:292 [inline] vn_closefile(fffffd806a387000,ffff80002a821778) at vn_closefile+0x11d sys/kern/vfs_vnops.c:615 fdrop(fffffd806a387000,ffff80002a821778) at fdrop+0x121 sys/kern/kern_descrip.c:1280 closef(fffffd806a387000,ffff80002a821778) at closef+0x190 sys/kern/kern_descrip.c:1264 fdfree(ffff80002a821778) at fdfree+0x115 sys/kern/kern_descrip.c:1195 exit1(ffff80002a821778,0,0,1) at exit1+0x576 sys/kern/kern_exit.c:215 sys_exit(ffff80002a821778,ffff80003895b9a0,ffff80003895b8f0) at sys_exit+0x1a sys/kern/kern_exit.c:-1 syscall(ffff80003895b9a0) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80003895b9a0) at syscall+0x962 sys/arch/amd64/amd64/trap.c:748 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x758990cdc370, count: 3 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic *cpu0: uvm_fault(0xfffffd807733f8b0, 0x0, 0, 1) -> e ddb> trace dt_ioctl_record_stop(ffff800001490180) at dt_ioctl_record_stop+0x108 sys/dev/dt/dt_dev.c:586 dtclose(11e5f,81,2000,ffff80002a821778) at dtclose+0xd9 dt_pcb_purge sys/dev/dt/dt_dev.c:-1 [inline] dtclose(11e5f,81,2000,ffff80002a821778) at dtclose+0xd9 sys/dev/dt/dt_dev.c:232 spec_close(ffff80003895b640) at spec_close+0x466 sys/kern/spec_vnops.c:-1 VOP_CLOSE(fffffd80771f0be8,81,fffffd8007bfb4e0,ffff80002a821778) at VOP_CLOSE+0x129 sys/kern/vfs_vops.c:156 vn_closefile(fffffd806a387000,ffff80002a821778) at vn_closefile+0x11d vn_close sys/kern/vfs_vnops.c:292 [inline] vn_closefile(fffffd806a387000,ffff80002a821778) at vn_closefile+0x11d sys/kern/vfs_vnops.c:615 fdrop(fffffd806a387000,ffff80002a821778) at fdrop+0x121 sys/kern/kern_descrip.c:1280 closef(fffffd806a387000,ffff80002a821778) at closef+0x190 sys/kern/kern_descrip.c:1264 fdfree(ffff80002a821778) at fdfree+0x115 sys/kern/kern_descrip.c:1195 exit1(ffff80002a821778,0,0,1) at exit1+0x576 sys/kern/kern_exit.c:215 sys_exit(ffff80002a821778,ffff80003895b9a0,ffff80003895b8f0) at sys_exit+0x1a sys/kern/kern_exit.c:-1 syscall(ffff80003895b9a0) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80003895b9a0) at syscall+0x962 sys/arch/amd64/amd64/trap.c:748 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x758990cdc370, count: -12 ddb> show registers rdi 0 rsi 0 rbp 0xffff80003895b570 rbx 0x1 rdx 0 rcx 0xffff80002a821778 rax 0xffffffff83748c10 dt_prov_static r8 0xffffffff r9 0 r10 0x94dd20519a1afef6 r11 0x74235aa3286ec27e r12 0 r13 0 r14 0 r15 0xffff800001487c00 rip 0xffffffff81ba4bc8 dt_ioctl_record_stop+0x108 cs 0x8 rflags 0x10207 __ALIGN_SIZE+0xf207 rsp 0xffff80003895b540 ss 0x10 dt_ioctl_record_stop+0x108: movq 0(%r14),%r14 ddb> show proc PROC (syz-executor) tid=394698 pid=47858 tcnt=0 stat=onproc flags process=1008 proc=2000 runpri=32, usrpri=50, slppri=32, nice=20 wchan=0x0, wmesg=, ps_single=0xffff80002a821778 scnt=-1 ecnt=1 forw=0xffffffffffffffff, list=0xffff80002a821ca8,0xffff80002a8202c8 process=0xffff80002cd29218 user=0xffff800038956000, vmspace=0xfffffd807733f8b0 estcpu=36, cpticks=0, pctcpu=0.0, user=0, sys=0, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 6527 205419 18630 0 2 0 syz-executor 6527 159209 18630 0 3 0x4000080 fsleep syz-executor 51137 65028 75083 0 2 0 syz-executor 51137 84844 75083 0 3 0x4000080 ttyout syz-executor 51137 196228 75083 0 3 0x4000080 ttyout syz-executor 51900 5384 34301 -1 2 0xc90 syz-executor 51900 67039 34301 -1 3 0x4000090 kqsel syz-executor 51900 515005 34301 -1 3 0x4000090 fsleep syz-executor 77244 283289 25955 0 2 0xc80 syz-executor 77244 397690 25955 0 3 0x4000080 lockf syz-executor 77244 310448 25955 0 3 0x4000080 fsleep syz-executor 18175 131783 61798 0 2 0xc80 syz-executor 18175 120021 61798 0 3 0x4000080 sbwait syz-executor 18175 273162 61798 0 3 0x4000080 fsleep syz-executor 85337 77827 68119 0 2 0xc82 syz-executor 34301 106219 68119 0 2 0xc82 syz-executor 69599 382431 0 0 3 0x14200 acct acct 47812 334745 1 0 3 0x100083 ttyin getty 80036 413858 68119 0 2 0xc82 syz-executor 18630 377651 68119 0 2 0xc82 syz-executor 25955 397821 68119 0 2 0xc82 syz-executor 92251 8218 0 0 3 0x14200 bored sosplice 86305 10762 68119 0 3 0x82 wait syz-executor 61798 129098 68119 0 2 0xc82 syz-executor 75083 66352 68119 0 3 0x82 nanoslp syz-executor 68119 8136 19533 0 3 0x82 kqread syz-executor 19533 386335 66963 0 3 0x10008a sigsusp ksh 66963 514622 11444 0 3 0x98 kqread sshd-session 11444 61679 77093 0 3 0x92 kqread sshd-session 77093 397797 1 0 3 0x88 kqread sshd 71463 458508 76152 73 3 0x1100090 kqread syslogd 76152 313 1 0 3 0x100082 sbwait syslogd 94025 289964 1 0 3 0x100080 kqread resolvd 20932 381845 0 0 3 0x14200 bored smr 20471 194614 0 0 2 0x14200 zerothread 25994 386647 0 0 3 0x14200 aiodoned aiodoned 29812 92635 0 0 3 0x14200 syncer update 81581 365351 0 0 3 0x14200 cleaner cleaner 93436 28555 0 0 3 0x14200 reaper reaper 76818 61180 0 0 3 0x14200 pgdaemon pagedaemon 84748 171637 0 0 3 0x14200 bored viomb 55036 51792 0 0 3 0x40014200 acpi0 acpi0 17822 351976 0 0 3 0x14200 bored softnet7 81183 265785 0 0 3 0x14200 bored softnet6 9548 10596 0 0 3 0x14200 bored softnet5 78009 54991 0 0 3 0x14200 bored softnet4 46231 320559 0 0 3 0x14200 bored softnet3 20672 312450 0 0 3 0x14200 bored softnet2 88633 245565 0 0 3 0x14200 bored softnet1 51824 457190 0 0 3 0x14200 bored softnet0 47908 117892 0 0 3 0x14200 bored systqmp 52283 71605 0 0 3 0x14200 bored systq 64002 336766 0 0 2 0x40014200 softclock 59092 505970 0 0 3 0x40014200 idle0 1 252862 0 0 3 0x82 wait init 0 0 -1 0 3 0x10010200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10219 11104K 12160K 166960K 12716 0 pcb 17 16K 18K 166960K 599 0 rtable 199 11K 11K 166960K 959 0 pf 31 13K 19K 166960K 243 0 ifaddr 36 6K 8K 166960K 168 0 ifgroup 46 2K 2K 166960K 286 0 sysctl 4 1K 9K 166960K 18 0 counters 32 17K 18K 166960K 163 0 ioctlops 0 0K 4K 166960K 299 0 iov 0 0K 28K 166960K 135 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1422 89K 90K 166960K 2409 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 2K 6K 166960K 27 0 VM map 2 1K 1K 166960K 2 0 sem 12 0K 0K 166960K 45 0 dirhash 12 2K 3K 166960K 45 0 ACPI 1692 195K 286K 166960K 12470 0 file desc 20 179K 240K 166960K 1584 0 sigio 0 0K 0K 166960K 75 0 proc 55 43K 91K 166960K 772 0 subproc 72 4K 4K 166960K 126 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 0 0K 0K 166960K 312 0 in_multi 76 5K 7K 166960K 205 0 ether_multi 1 0K 0K 166960K 10 0 mrt 1 0K 0K 166960K 6 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 247 1102K 1102K 166960K 247 0 exec 0 0K 2K 166960K 883 0 fusefs mount 1 32K 32K 166960K 1 0 pfkey data 0 0K 0K 166960K 1 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 213 138K 175K 166960K 14870 0 UVM aobj 35 5K 5K 166960K 38 0 pinsyscall 33 66K 96K 166960K 2737 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 0K 166960K 99 0 NDP 11 0K 2K 166960K 126 0 temp 79 8644K 8728K 166960K 58496 0 kqueue 7 12K 32K 166960K 312 0 SYN cache 2 8K 16K 166960K 3 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle rtpcb 120 240 0 237 2 1 1 2 0 8 0 rtentry 136 389 0 317 4 0 4 4 0 8 1 unpcb 144 1295 0 1279 14 8 6 6 0 8 5 syncache 336 5 0 5 3 2 1 1 0 8 1 tcpqe 32 1 0 1 1 0 1 1 0 8 1 tcpcb 736 475 0 469 11 4 7 7 0 8 6 arp 88 89 0 77 1 0 1 1 0 8 0 ipq 40 3 0 1 1 0 1 1 0 8 0 ipqe 40 5 0 3 1 0 1 1 0 8 0 inpcb 328 1755 0 1746 16 9 7 7 0 8 5 ip6q 72 8 0 2 1 0 1 1 0 8 0 ip6af 40 10 0 5 1 0 1 1 0 8 0 nd6 104 39 0 24 1 0 1 1 0 8 0 pkpcb 40 17 0 17 3 2 1 1 0 8 1 kcovpl 48 14 0 6 1 0 1 1 0 8 0 mppekey 1024 1 0 1 1 0 1 1 0 8 1 ppxss 1072 107 0 105 2 1 1 1 0 8 0 pppxif 1384 9 0 9 3 2 1 1 0 8 1 pfrktable 1344 2 0 2 1 0 1 1 0 8 1 pfanchor 1288 3 0 0 1 0 1 1 0 8 0 art_heap8 4096 4 0 0 4 0 4 4 0 8 0 art_heap4 256 984 0 645 33 7 26 31 0 8 4 art_table 40 988 0 645 5 0 5 5 0 8 0 art_node 32 386 0 325 3 0 3 3 0 8 1 sysvmsgpl 40 5 0 4 1 0 1 1 0 8 0 semapl 112 43 0 33 1 0 1 1 0 8 0 shmpl 112 35 0 3 1 0 1 1 0 8 0 dirhash 1024 39 0 22 3 0 3 3 0 8 0 dino2pl 256 4238 0 2726 95 0 95 95 0 8 0 ffsino 256 4238 0 2726 95 0 95 95 0 8 0 nchpl 144 6279 0 4577 64 0 64 64 0 8 0 rtmask 32 13 0 13 2 1 1 1 0 8 1 uvmvnodes 80 4740 0 0 97 0 97 97 0 8 0 vnodes 216 4740 0 0 264 0 264 264 0 8 0 namei 1024 22468 0 22468 4 3 1 2 0 8 1 kstatmem 264 196 0 174 2 0 2 2 0 8 0 acpiwqpl 32 1 0 1 1 0 1 1 1 8 1 scsiplug 72 5 0 5 2 1 1 1 0 8 1 scxspl 216 21839 0 21839 16 14 2 8 1 8 2 plimitpl 152 439 0 422 1 0 1 1 0 8 0 sigapl 424 1816 0 1767 7 1 6 7 0 8 0 knotepl 120 56653 0 56622 58 46 12 23 0 8 8 kqueuepl 184 594 0 585 3 2 1 3 0 8 0 pipepl 304 432 0 405 8 5 3 8 0 8 0 fdescpl 448 1787 0 1760 5 1 4 5 0 8 0 filepl 120 12511 0 12294 17 6 11 12 0 8 2 lockfpl 104 530 0 525 2 0 2 2 0 8 1 lockfspl 48 219 0 215 1 0 1 1 0 8 0 sessionpl 144 31 0 24 1 0 1 1 0 8 0 pgrppl 48 138 0 123 1 0 1 1 0 8 0 ucredpl 104 2321 0 2312 1 0 1 1 0 8 0 zombiepl 144 1770 0 1767 1 0 1 1 0 8 0 processpl 1152 1816 0 1767 5 1 4 5 0 8 0 procpl 664 3827 0 3769 6 0 6 6 0 8 0 sosppl 168 8 0 8 3 2 1 1 0 8 1 sockpl 552 3356 0 3328 29 18 11 13 0 8 7 mcl64k 65536 138 0 138 4 3 1 2 0 8 1 mcl9k 9216 1 0 1 1 1 0 1 0 8 0 mcl8k 8192 60 0 60 3 2 1 1 0 8 1 mcl4k 4096 4244 0 4193 16 8 8 14 0 8 0 mcl2k2 2112 1 0 1 1 0 1 1 0 8 1 mcl2k 2048 2549 0 2538 7 2 5 5 0 8 3 mtagpl 96 9 0 8 1 0 1 1 0 8 0 mbufpl 256 20577 0 20428 39 19 20 33 0 8 3 bufpl 280 7872 0 1644 446 0 446 446 0 8 0 anonpl 24 279547 0 276644 93 36 57 57 0 187 21 amapchunkpl 152 51469 0 50987 55 20 35 36 0 158 11 amappl16 200 5500 0 5473 45 30 15 27 0 8 9 amappl15 192 8 0 8 1 1 0 1 0 8 0 amappl14 184 124 0 117 1 0 1 1 0 8 0 amappl13 176 3 0 3 1 1 0 1 0 8 0 amappl12 168 2506 0 2479 3 1 2 3 0 8 0 amappl11 160 46 0 41 1 0 1 1 0 8 0 amappl10 152 32 0 32 1 1 0 1 0 8 0 amappl9 144 268 0 267 2 1 1 1 0 8 0 amappl8 136 20 0 19 1 0 1 1 0 8 0 amappl7 128 110 0 103 1 0 1 1 0 8 0 amappl6 120 251 0 247 1 0 1 1 0 8 0 amappl5 112 137 0 133 1 0 1 1 0 8 0 amappl4 104 282 0 268 1 0 1 1 0 8 0 amappl3 96 10134 0 10029 4 0 4 4 0 8 0 amappl2 88 720 0 681 2 0 2 2 0 8 0 amappl1 80 14280 0 13828 14 1 13 13 0 8 1 amappl 88 13853 0 13689 5 0 5 5 0 92 0 dma16384 16384 1 0 1 1 1 0 1 0 8 0 dma4096 4096 2 0 2 2 1 1 1 0 8 1 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 7 0 7 2 2 0 1 0 8 0 dma128 128 255 0 255 2 1 1 1 0 8 1 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 8 0 8 2 2 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 37 0 3 1 0 1 1 0 8 0 uaddrrnd 24 1787 0 1760 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 1787 0 1760 1 0 1 1 0 8 0 vmmpekpl 168 14026 0 13978 3 0 3 3 0 8 0 vmmpepl 168 114873 0 113267 108 16 92 105 0 357 11 vmsppl 368 1786 0 1760 4 1 3 4 0 8 0 rwobjpl 40 34930 0 29450 58 0 58 58 0 8 2 pdppl 4096 3580 0 3520 116 54 62 82 0 8 2 pvpl 32 772932 0 764226 179 58 121 129 0 265 29 pmappl 216 1786 0 1760 3 0 3 3 0 8 0 extentpl 40 45 0 27 1 0 1 1 0 8 0 phpool 112 449 0 110 11 0 11 11 0 8 0 ddb> machine ddbcpu 0 No such command ddb> trace dt_ioctl_record_stop(ffff800001490180) at dt_ioctl_record_stop+0x108 sys/dev/dt/dt_dev.c:586 dtclose(11e5f,81,2000,ffff80002a821778) at dtclose+0xd9 dt_pcb_purge sys/dev/dt/dt_dev.c:-1 [inline] dtclose(11e5f,81,2000,ffff80002a821778) at dtclose+0xd9 sys/dev/dt/dt_dev.c:232 spec_close(ffff80003895b640) at spec_close+0x466 sys/kern/spec_vnops.c:-1 VOP_CLOSE(fffffd80771f0be8,81,fffffd8007bfb4e0,ffff80002a821778) at VOP_CLOSE+0x129 sys/kern/vfs_vops.c:156 vn_closefile(fffffd806a387000,ffff80002a821778) at vn_closefile+0x11d vn_close sys/kern/vfs_vnops.c:292 [inline] vn_closefile(fffffd806a387000,ffff80002a821778) at vn_closefile+0x11d sys/kern/vfs_vnops.c:615 fdrop(fffffd806a387000,ffff80002a821778) at fdrop+0x121 sys/kern/kern_descrip.c:1280 closef(fffffd806a387000,ffff80002a821778) at closef+0x190 sys/kern/kern_descrip.c:1264 fdfree(ffff80002a821778) at fdfree+0x115 sys/kern/kern_descrip.c:1195 exit1(ffff80002a821778,0,0,1) at exit1+0x576 sys/kern/kern_exit.c:215 sys_exit(ffff80002a821778,ffff80003895b9a0,ffff80003895b8f0) at sys_exit+0x1a sys/kern/kern_exit.c:-1 syscall(ffff80003895b9a0) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80003895b9a0) at syscall+0x962 sys/arch/amd64/amd64/trap.c:748 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x758990cdc370, count: -12 ddb> machine ddbcpu 1 No such command ddb> trace dt_ioctl_record_stop(ffff800001490180) at dt_ioctl_record_stop+0x108 sys/dev/dt/dt_dev.c:586 dtclose(11e5f,81,2000,ffff80002a821778) at dtclose+0xd9 dt_pcb_purge sys/dev/dt/dt_dev.c:-1 [inline] dtclose(11e5f,81,2000,ffff80002a821778) at dtclose+0xd9 sys/dev/dt/dt_dev.c:232 spec_close(ffff80003895b640) at spec_close+0x466 sys/kern/spec_vnops.c:-1 VOP_CLOSE(fffffd80771f0be8,81,fffffd8007bfb4e0,ffff80002a821778) at VOP_CLOSE+0x129 sys/kern/vfs_vops.c:156 vn_closefile(fffffd806a387000,ffff80002a821778) at vn_closefile+0x11d vn_close sys/kern/vfs_vnops.c:292 [inline] vn_closefile(fffffd806a387000,ffff80002a821778) at vn_closefile+0x11d sys/kern/vfs_vnops.c:615 fdrop(fffffd806a387000,ffff80002a821778) at fdrop+0x121 sys/kern/kern_descrip.c:1280 closef(fffffd806a387000,ffff80002a821778) at closef+0x190 sys/kern/kern_descrip.c:1264 fdfree(ffff80002a821778) at fdfree+0x115 sys/kern/kern_descrip.c:1195 exit1(ffff80002a821778,0,0,1) at exit1+0x576 sys/kern/kern_exit.c:215 sys_exit(ffff80002a821778,ffff80003895b9a0,ffff80003895b8f0) at sys_exit+0x1a sys/kern/kern_exit.c:-1 syscall(ffff80003895b9a0) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80003895b9a0) at syscall+0x962 sys/arch/amd64/amd64/trap.c:748 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x758990cdc370, count: -12