uvm_fault(0xfffffd80627d4a28, 0x0, 0, 1) -> e kernel: page fault trap, code=0 Stopped at dt_ioctl_record_stop+0x108: movq 0(%r14),%r14 TID PID UID PRFLAGS PFLAGS CPU COMMAND dt_ioctl_record_stop(ffff800001498880) at dt_ioctl_record_stop+0x108 sys/dev/dt/dt_dev.c:586 dtclose(11e5f,1,2000,ffff800031534558) at dtclose+0xd9 dt_pcb_purge sys/dev/dt/dt_dev.c:-1 [inline] dtclose(11e5f,1,2000,ffff800031534558) at dtclose+0xd9 sys/dev/dt/dt_dev.c:232 spec_close(ffff80003c9c16c0) at spec_close+0x466 sys/kern/spec_vnops.c:-1 VOP_CLOSE(fffffd806bef9cc8,1,fffffd8007bfb548,ffff800031534558) at VOP_CLOSE+0x129 sys/kern/vfs_vops.c:156 vn_closefile(fffffd806bd1d090,ffff800031534558) at vn_closefile+0x11d vn_close sys/kern/vfs_vnops.c:292 [inline] vn_closefile(fffffd806bd1d090,ffff800031534558) at vn_closefile+0x11d sys/kern/vfs_vnops.c:615 fdrop(fffffd806bd1d090,ffff800031534558) at fdrop+0x121 sys/kern/kern_descrip.c:1280 closef(fffffd806bd1d090,ffff800031534558) at closef+0x190 sys/kern/kern_descrip.c:1264 fdfree(ffff800031534558) at fdfree+0x115 sys/kern/kern_descrip.c:1195 exit1(ffff800031534558,0,0,1) at exit1+0x576 sys/kern/kern_exit.c:215 sys_exit(ffff800031534558,ffff80003c9c1a20,ffff80003c9c1970) at sys_exit+0x1a sys/kern/kern_exit.c:-1 syscall(ffff80003c9c1a20) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80003c9c1a20) at syscall+0x962 sys/arch/amd64/amd64/trap.c:746 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x7e24ce59aa90, count: 3 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic *cpu0: uvm_fault(0xfffffd80627d4a28, 0x0, 0, 1) -> e ddb> trace dt_ioctl_record_stop(ffff800001498880) at dt_ioctl_record_stop+0x108 sys/dev/dt/dt_dev.c:586 dtclose(11e5f,1,2000,ffff800031534558) at dtclose+0xd9 dt_pcb_purge sys/dev/dt/dt_dev.c:-1 [inline] dtclose(11e5f,1,2000,ffff800031534558) at dtclose+0xd9 sys/dev/dt/dt_dev.c:232 spec_close(ffff80003c9c16c0) at spec_close+0x466 sys/kern/spec_vnops.c:-1 VOP_CLOSE(fffffd806bef9cc8,1,fffffd8007bfb548,ffff800031534558) at VOP_CLOSE+0x129 sys/kern/vfs_vops.c:156 vn_closefile(fffffd806bd1d090,ffff800031534558) at vn_closefile+0x11d vn_close sys/kern/vfs_vnops.c:292 [inline] vn_closefile(fffffd806bd1d090,ffff800031534558) at vn_closefile+0x11d sys/kern/vfs_vnops.c:615 fdrop(fffffd806bd1d090,ffff800031534558) at fdrop+0x121 sys/kern/kern_descrip.c:1280 closef(fffffd806bd1d090,ffff800031534558) at closef+0x190 sys/kern/kern_descrip.c:1264 fdfree(ffff800031534558) at fdfree+0x115 sys/kern/kern_descrip.c:1195 exit1(ffff800031534558,0,0,1) at exit1+0x576 sys/kern/kern_exit.c:215 sys_exit(ffff800031534558,ffff80003c9c1a20,ffff80003c9c1970) at sys_exit+0x1a sys/kern/kern_exit.c:-1 syscall(ffff80003c9c1a20) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80003c9c1a20) at syscall+0x962 sys/arch/amd64/amd64/trap.c:746 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x7e24ce59aa90, count: -12 ddb> show registers rdi 0 rsi 0 rbp 0xffff80003c9c15f0 rbx 0x1 rdx 0 rcx 0xffff800031534558 rax 0xffffffff8381f2b8 dt_prov_syscall r8 0 r9 0 r10 0xe5f7c2609966b944 r11 0xd51047e14c212227 r12 0 r13 0 r14 0 r15 0xffff800001601300 rip 0xffffffff8113bad8 dt_ioctl_record_stop+0x108 cs 0x8 rflags 0x10207 __ALIGN_SIZE+0xf207 rsp 0xffff80003c9c15c0 ss 0x10 dt_ioctl_record_stop+0x108: movq 0(%r14),%r14 ddb> show proc PROC (syz-executor) tid=67680 pid=28160 tcnt=0 stat=onproc flags process=1008 proc=2000 runpri=32, usrpri=84, slppri=32, nice=20 wchan=0x0, wmesg=, ps_single=0xffff800031534558 scnt=-1 ecnt=1 forw=0xffffffffffffffff, list=0xffff8000315354e8,0xffff800031534a98 process=0xffff8000ffff4020 user=0xffff80003c9bc000, vmspace=0xfffffd80627d4a28 estcpu=34, cpticks=10, pctcpu=0.5, user=0, sys=1, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 77312 54829 74178 0 2 0 syz-executor 77312 121034 74178 0 3 0x4000080 fsleep syz-executor 77312 242029 74178 0 3 0x4000080 fsleep syz-executor 77312 162445 74178 0 3 0x4000080 fsleep syz-executor 65194 495381 32261 0 2 0 syz-executor 65194 135431 32261 0 3 0x4000080 ttyin syz-executor 65194 224124 32261 0 3 0x4000080 fsleep syz-executor 71126 331928 95791 -1 2 0x10 syz-executor 71126 90672 95791 -1 3 0x4000090 fsleep syz-executor 71126 349357 95791 -1 3 0x4000090 fsleep syz-executor 71126 64728 95791 -1 3 0x4000090 fsleep syz-executor 34724 132898 44236 0 2 0x2 syz-executor 11333 365099 44236 0 3 0x82 piperd syz-executor 18871 120686 1 0 3 0x100083 ttyin getty 3190 46114 0 0 3 0x14200 bored sosplice 74178 367613 44236 0 3 0x82 nanoslp syz-executor 9575 186438 44236 0 3 0x82 nanoslp syz-executor 63282 76075 44236 0 3 0x82 piperd syz-executor 32261 234131 44236 0 3 0x82 nanoslp syz-executor 95791 400690 44236 0 3 0x82 nanoslp syz-executor 44236 455189 77713 0 3 0x82 nanoslp syz-executor 77713 78422 63960 0 3 0x10008a sigsusp ksh 63960 161432 97663 0 3 0x98 kqread sshd-session 97663 408869 61798 0 3 0x92 kqread sshd-session 61798 149558 1 0 3 0x88 kqread sshd 23609 462851 5370 73 3 0x1100090 kqread syslogd 5370 206447 1 0 3 0x100082 sbwait syslogd 99308 521532 1 0 3 0x100080 kqread resolvd 18786 292670 72569 77 3 0x100092 kqread dhcpleased 63951 104976 72569 77 3 0x100092 kqread dhcpleased 72569 53847 1 0 3 0x80 kqread dhcpleased 18708 88150 0 0 3 0x14200 bored smr 75038 16685 0 0 2 0x14200 zerothread 6227 440669 0 0 3 0x14200 aiodoned aiodoned 36055 188127 0 0 3 0x14200 syncer update 24072 196708 0 0 3 0x14200 cleaner cleaner 73037 167731 0 0 2 0x14200 reaper 40396 6175 0 0 3 0x14200 pgdaemon pagedaemon 21237 373911 0 0 3 0x14200 bored viomb 21523 89876 0 0 3 0x40014200 acpi0 acpi0 5430 411731 0 0 3 0x14200 bored softnet7 79312 518818 0 0 3 0x14200 bored softnet6 4668 111157 0 0 3 0x14200 bored softnet5 36173 346611 0 0 3 0x14200 bored softnet4 19706 94286 0 0 3 0x14200 bored softnet3 31016 241609 0 0 3 0x14200 bored softnet2 31204 465670 0 0 3 0x14200 bored softnet1 22079 141741 0 0 3 0x14200 bored softnet0 59653 377560 0 0 3 0x14200 bored systqmp 87170 345038 0 0 3 0x14200 bored systq 67615 33665 0 0 3 0x40014200 tmoslp softclock 18221 223474 0 0 3 0x40014200 idle0 1 427066 0 0 3 0x82 wait init 0 0 -1 0 3 0x10010200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10190 11083K 12140K 166960K 13248 0 pcb 17 16K 17K 166960K 424 0 rtable 150 8K 9K 166960K 748 0 pf 26 12K 16K 166960K 182 0 ifaddr 27 5K 7K 166960K 173 0 ifgroup 36 1K 2K 166960K 244 0 sysctl 4 1K 9K 166960K 27 0 counters 30 17K 18K 166960K 119 0 ioctlops 0 0K 4K 166960K 431 0 iov 0 0K 16K 166960K 180 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1463 92K 92K 166960K 2794 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 1K 9K 166960K 21 0 VM map 2 1K 1K 166960K 2 0 sem 12 0K 0K 166960K 92 0 dirhash 12 2K 2K 166960K 36 0 ACPI 1692 195K 286K 166960K 12470 0 file desc 14 49K 228K 166960K 1605 0 sigio 0 0K 0K 166960K 26 0 proc 61 67K 124K 166960K 1062 0 subproc 63 3K 4K 166960K 229 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 0 0K 0K 166960K 139 0 in_multi 55 4K 7K 166960K 329 0 ether_multi 1 0K 0K 166960K 11 0 mrt 1 0K 0K 166960K 7 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 97 440K 440K 166960K 97 0 exec 0 0K 1K 166960K 786 0 fusefs mount 1 32K 32K 166960K 1 0 pfkey data 0 0K 0K 166960K 3 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 208 143K 168K 166960K 15595 0 UVM aobj 39 4K 4K 166960K 41 0 pinsyscall 35 70K 96K 166960K 3059 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 0K 166960K 78 0 NDP 8 0K 2K 166960K 124 0 temp 72 8643K 8712K 166960K 69792 0 kqueue 14 22K 30K 166960K 267 0 SYN cache 2 16K 16K 166960K 2 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle rtpcb 120 195 0 192 2 0 2 2 0 8 1 rtentry 136 266 0 215 4 0 4 4 0 8 0 unpcb 144 1114 0 1090 7 1 6 6 0 8 5 syncache 336 8 0 8 3 2 1 1 0 8 1 tcpqe 32 5 0 5 2 1 1 1 0 8 1 tcpcb 736 677 0 672 13 6 7 7 0 8 6 arp 88 30 0 22 1 0 1 1 0 8 0 ipq 40 7 0 7 1 0 1 1 0 8 1 ipqe 40 7 0 7 1 0 1 1 0 8 1 inpcb 328 1822 0 1814 27 18 9 13 0 8 8 ip6q 72 7 0 7 1 0 1 1 0 8 1 ip6af 40 11 0 11 1 0 1 1 0 8 1 nd6 104 56 0 46 1 0 1 1 0 8 0 pkpcb 40 11 0 11 2 1 1 1 0 8 1 kcovpl 48 25 0 18 1 0 1 1 0 8 0 mppekey 1024 1 0 1 1 0 1 1 0 8 1 ppxss 1072 59 0 57 2 1 1 1 0 8 0 pppxif 1384 4 0 4 2 1 1 1 0 8 1 pfstscr 40 2 0 2 1 0 1 1 0 8 1 pfrktable 1344 1 0 1 1 0 1 1 0 8 1 pftag 88 1 0 0 1 0 1 1 0 8 0 pfstkey 128 6 0 6 2 1 1 1 0 8 1 pfstate 384 3 0 3 2 1 1 1 0 8 1 pfrule 1344 1 0 1 1 1 0 1 0 8 0 rttmr 136 2 0 2 1 0 1 1 0 8 1 art_heap8 4096 4 0 0 4 0 4 4 0 8 0 art_heap4 256 1333 0 1085 28 3 25 28 0 8 6 art_table 40 1337 0 1085 5 0 5 5 0 8 0 art_node 32 265 0 220 1 0 1 1 0 8 0 sysvmsgpl 40 7 0 3 1 0 1 1 0 8 0 semapl 112 87 0 77 1 0 1 1 0 8 0 shmpl 112 38 0 2 2 0 2 2 0 8 0 dirhash 1024 33 0 16 3 0 3 3 0 8 0 dino2pl 256 4259 0 2728 96 0 96 96 0 8 0 ffsino 256 4259 0 2728 96 0 96 96 0 8 0 nchpl 144 6225 0 4490 65 0 65 65 0 8 0 rtmask 32 14 0 14 2 1 1 1 0 8 1 uvmvnodes 80 5012 0 0 103 0 103 103 0 8 0 vnodes 216 5012 0 0 279 0 279 279 0 8 0 namei 1024 22954 0 22954 3 1 2 2 0 8 2 kstatmem 264 150 0 134 2 0 2 2 0 8 0 scsiplug 72 7 0 7 2 1 1 1 0 8 1 scxspl 216 23274 0 23274 12 8 4 8 1 8 4 plimitpl 152 387 0 371 1 0 1 1 0 8 0 sigapl 424 1868 0 1821 11 2 9 9 0 8 3 knotepl 120 336695 0 336644 20 10 10 11 0 8 7 kqueuepl 184 521 0 510 3 0 3 3 0 8 2 pipepl 304 358 0 328 7 0 7 7 0 8 4 fdescpl 448 1825 0 1799 5 1 4 5 0 8 0 filepl 120 12442 0 12222 21 6 15 15 0 8 8 lockfpl 104 837 0 834 2 0 2 2 0 8 1 lockfspl 48 187 0 184 1 0 1 1 0 8 0 sessionpl 144 44 0 36 1 0 1 1 0 8 0 pgrppl 48 85 0 70 1 0 1 1 0 8 0 ucredpl 104 2337 0 2324 1 0 1 1 0 8 0 zombiepl 144 2601 0 2600 2 1 1 1 0 8 0 processpl 1152 1868 0 1821 7 1 6 6 0 8 2 procpl 664 4096 0 4040 8 0 8 8 0 8 2 sosppl 168 6 0 6 1 0 1 1 0 8 1 sockpl 552 3186 0 3151 24 14 10 12 0 8 7 mcl64k 65536 76 0 76 4 3 1 2 0 8 1 mcl16k 16384 8 0 8 1 0 1 1 0 8 1 mcl9k 9216 4 0 4 2 1 1 1 0 8 1 mcl8k 8192 24 0 24 3 2 1 1 0 8 1 mcl4k 4096 4204 0 4150 13 5 8 12 0 8 1 mcl2k2 2112 3 0 3 2 1 1 1 0 8 1 mcl2k 2048 2215 0 2214 5 1 4 4 0 8 3 mtagpl 96 8 0 7 2 1 1 1 0 8 0 mbufpl 256 18732 0 18651 28 11 17 24 0 8 8 bufpl 280 6767 0 539 446 0 446 446 0 8 0 anonpl 24 275413 0 267401 96 17 79 86 0 187 0 amapchunkpl 152 50594 0 50107 42 9 33 33 0 158 10 amappl16 200 5132 0 4878 32 4 28 28 0 8 1 amappl15 192 3 0 3 1 1 0 1 0 8 0 amappl14 184 167 0 157 1 0 1 1 0 8 0 amappl13 176 14 0 14 1 1 0 1 0 8 0 amappl12 168 2690 0 2665 3 1 2 3 0 8 0 amappl11 160 48 0 38 1 0 1 1 0 8 0 amappl10 152 6 0 6 1 1 0 1 0 8 0 amappl9 144 254 0 254 1 1 0 1 0 8 0 amappl8 136 62 0 60 1 0 1 1 0 8 0 amappl7 128 149 0 138 1 0 1 1 0 8 0 amappl6 120 343 0 340 1 0 1 1 0 8 0 amappl5 112 177 0 169 1 0 1 1 0 8 0 amappl4 104 305 0 288 1 0 1 1 0 8 0 amappl3 96 8926 0 8850 3 0 3 3 0 8 0 amappl2 88 2125 0 2056 2 0 2 2 0 8 0 amappl1 80 16014 0 15486 16 2 14 15 0 8 0 amappl 88 14420 0 14274 5 0 5 5 0 92 0 dma65536 65536 1 0 1 1 1 0 1 0 8 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma2048 2048 1 0 1 1 1 0 1 0 8 0 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 256 0 256 3 2 1 1 0 8 1 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 19 0 18 1 0 1 1 0 8 0 aobjpl 72 40 0 2 1 0 1 1 0 8 0 uaddrrnd 24 1824 0 1799 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 1824 0 1799 1 0 1 1 0 8 0 vmmpekpl 168 16320 0 16275 3 0 3 3 0 8 0 vmmpepl 168 124710 0 122801 115 9 106 114 0 357 3 vmsppl 368 1824 0 1799 4 1 3 4 0 8 0 rwobjpl 40 37909 0 31814 64 0 64 64 0 8 0 pdppl 4096 3656 0 3598 153 89 64 82 0 8 6 pvpl 32 771379 0 758727 179 22 157 176 0 265 2 pmappl 216 1824 0 1799 3 0 3 3 0 8 1 extentpl 40 45 0 27 1 0 1 1 0 8 0 phpool 112 468 0 129 11 1 10 11 0 8 0 ddb> machine ddbcpu 0 No such command ddb> trace dt_ioctl_record_stop(ffff800001498880) at dt_ioctl_record_stop+0x108 sys/dev/dt/dt_dev.c:586 dtclose(11e5f,1,2000,ffff800031534558) at dtclose+0xd9 dt_pcb_purge sys/dev/dt/dt_dev.c:-1 [inline] dtclose(11e5f,1,2000,ffff800031534558) at dtclose+0xd9 sys/dev/dt/dt_dev.c:232 spec_close(ffff80003c9c16c0) at spec_close+0x466 sys/kern/spec_vnops.c:-1 VOP_CLOSE(fffffd806bef9cc8,1,fffffd8007bfb548,ffff800031534558) at VOP_CLOSE+0x129 sys/kern/vfs_vops.c:156 vn_closefile(fffffd806bd1d090,ffff800031534558) at vn_closefile+0x11d vn_close sys/kern/vfs_vnops.c:292 [inline] vn_closefile(fffffd806bd1d090,ffff800031534558) at vn_closefile+0x11d sys/kern/vfs_vnops.c:615 fdrop(fffffd806bd1d090,ffff800031534558) at fdrop+0x121 sys/kern/kern_descrip.c:1280 closef(fffffd806bd1d090,ffff800031534558) at closef+0x190 sys/kern/kern_descrip.c:1264 fdfree(ffff800031534558) at fdfree+0x115 sys/kern/kern_descrip.c:1195 exit1(ffff800031534558,0,0,1) at exit1+0x576 sys/kern/kern_exit.c:215 sys_exit(ffff800031534558,ffff80003c9c1a20,ffff80003c9c1970) at sys_exit+0x1a sys/kern/kern_exit.c:-1 syscall(ffff80003c9c1a20) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80003c9c1a20) at syscall+0x962 sys/arch/amd64/amd64/trap.c:746 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x7e24ce59aa90, count: -12 ddb> machine ddbcpu 1 No such command ddb> trace dt_ioctl_record_stop(ffff800001498880) at dt_ioctl_record_stop+0x108 sys/dev/dt/dt_dev.c:586 dtclose(11e5f,1,2000,ffff800031534558) at dtclose+0xd9 dt_pcb_purge sys/dev/dt/dt_dev.c:-1 [inline] dtclose(11e5f,1,2000,ffff800031534558) at dtclose+0xd9 sys/dev/dt/dt_dev.c:232 spec_close(ffff80003c9c16c0) at spec_close+0x466 sys/kern/spec_vnops.c:-1 VOP_CLOSE(fffffd806bef9cc8,1,fffffd8007bfb548,ffff800031534558) at VOP_CLOSE+0x129 sys/kern/vfs_vops.c:156 vn_closefile(fffffd806bd1d090,ffff800031534558) at vn_closefile+0x11d vn_close sys/kern/vfs_vnops.c:292 [inline] vn_closefile(fffffd806bd1d090,ffff800031534558) at vn_closefile+0x11d sys/kern/vfs_vnops.c:615 fdrop(fffffd806bd1d090,ffff800031534558) at fdrop+0x121 sys/kern/kern_descrip.c:1280 closef(fffffd806bd1d090,ffff800031534558) at closef+0x190 sys/kern/kern_descrip.c:1264 fdfree(ffff800031534558) at fdfree+0x115 sys/kern/kern_descrip.c:1195 exit1(ffff800031534558,0,0,1) at exit1+0x576 sys/kern/kern_exit.c:215 sys_exit(ffff800031534558,ffff80003c9c1a20,ffff80003c9c1970) at sys_exit+0x1a sys/kern/kern_exit.c:-1 syscall(ffff80003c9c1a20) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80003c9c1a20) at syscall+0x962 sys/arch/amd64/amd64/trap.c:746 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x7e24ce59aa90, count: -12