uvm_fault(0xffffffff82851588, 0xfffffd0000000008, 0, 1) -> e
kernel: page fault trap, code=0
Stopped at ml_purge+0x38: movq 0x8(%r12),%r12
ddb{0}>
ddb{0}> set $lines = 0
ddb{0}> set $maxwidth = 0
ddb{0}> show panic
kernel page fault
uvm_fault(0xffffffff82851588, 0xfffffd0000000008, 0, 1) -> e
ml_purge(ffff800020ed5038) at ml_purge+0x38 sys/kern/uipc_mbuf.c:1627
end trace frame: 0xffff800020ed5080, count: 0
ddb{0}> trace
ml_purge(ffff800020ed5038) at ml_purge+0x38 sys/kern/uipc_mbuf.c:1627
ifq_purge(ffff800000ac6278) at ifq_purge+0x9a sys/net/ifq.c:462
tun_dev_close(5d00,7) at tun_dev_close+0xc8 sys/net/if_tun.c:460
spec_close(ffff800020ed5160) at spec_close+0x311 sys/kern/spec_vnops.c:560
VOP_CLOSE(fffffd8079117008,7,fffffd807f7bf8a0,ffff800020ddd868) at VOP_CLOSE+0xc0 sys/kern/vfs_vops.c:174
vn_closefile(fffffd80666fa570,ffff800020ddd868) at vn_closefile+0xd7 vn_close sys/kern/vfs_vnops.c:298 [inline]
vn_closefile(fffffd80666fa570,ffff800020ddd868) at vn_closefile+0xd7 sys/kern/vfs_vnops.c:614
fdrop(fffffd80666fa570,ffff800020ddd868) at fdrop+0xc2 sys/kern/kern_descrip.c:1279
closef(fffffd80666fa570,ffff800020ddd868) at closef+0x11c sys/kern/kern_descrip.c:1263
fdfree(ffff800020ddd868) at fdfree+0x101 sys/kern/kern_descrip.c:1195
exit1(ffff800020ddd868,0,19,1) at exit1+0x32c sys/kern/kern_exit.c:197
postsig(ffff800020ddd868,19) at postsig+0x4ed sigexit sys/kern/kern_sig.c:1483 [inline]
postsig(ffff800020ddd868,19) at postsig+0x4ed sys/kern/kern_sig.c:1415
userret(ffff800020ddd868) at userret+0x199 sys/kern/kern_sig.c:1872
syscall(ffff800020ed55e0) at syscall+0x55f mi_syscall_return sys/sys/syscall_mi.h:129 [inline]
syscall(ffff800020ed55e0) at syscall+0x55f sys/arch/amd64/amd64/trap.c:592
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x7f7ffffda3f0, count: -14
ddb{0}> show registers
rdi 0
rsi 0
rbp 0xffff800020ed5020
rbx 0
rdx 0x5f36c acpi_pdirpa+0x4b1d4
rcx 0
rax 0
r8 0xffffffff81637477 witness_assert+0x207
r9 0x5
r10 0xfdeb8ce41b257685
r11 0xb3fab237f86447bc
r12 0xfffffd0000000000
r13 0x2000 __ALIGN_SIZE+0x1000
r14 0xffff800020ed5038
r15 0xfffffd0000000000
rip 0xffffffff81354928 ml_purge+0x38
cs 0x8
rflags 0x10246 __ALIGN_SIZE+0xf246
rsp 0xffff800020ed4ff0
ss 0x10
ml_purge+0x38: movq 0x8(%r12),%r12
ddb{0}> show proc
PROC (syz-executor.0) pid=315661 stat=onproc
flags process=a<EXEC,EXITING,8ORPHAN> proc=2000<WEXIT>
pri=17, usrpri=75, nice=20
forw=0xffffffffffffffff, list=0xffff800020ddc008,0xffff800020e09138
process=0xffff800020e39b00 user=0xffff800020ed0000, vmspace=0xfffffd807f0008a0
estcpu=25, cpticks=2, pctcpu=0.17
user=0, sys=2, intr=0
ddb{0}> ps
PID TID PPID UID S FLAGS WAIT COMMAND
64537 102191 98268 0 7 0 syz-executor.1
98268 50764 78522 0 2 0x482 syz-executor.1
23451 257217 0 0 3 0x14200 bored sosplice
51220 27816 0 0 3 0x14280 nfsidl nfsio
34479 340607 0 0 3 0x14280 nfsidl nfsio
3196 358730 0 0 3 0x14280 nfsidl nfsio
61532 179706 0 0 3 0x14280 nfsidl nfsio
3145 441798 0 0 3 0x14280 nfsidl nfsio
17472 312993 0 0 3 0x14280 nfsidl nfsio
43676 143793 0 0 3 0x14280 nfsidl nfsio
19418 86287 0 0 3 0x14280 nfsidl nfsio
57395 71900 0 0 3 0x14280 nfsidl nfsio
92651 510295 0 0 3 0x14280 nfsidl nfsio
42167 318038 0 0 3 0x14280 nfsidl nfsio
80177 259699 0 0 3 0x14280 nfsidl nfsio
73111 476984 0 0 3 0x14280 nfsidl nfsio
5463 71585 0 0 3 0x14280 nfsidl nfsio
41382 105804 0 0 3 0x14280 nfsidl nfsio
24111 390231 0 0 3 0x14280 nfsidl nfsio
91884 221496 0 0 3 0x14280 nfsidl nfsio
9079 430152 0 0 3 0x14280 nfsidl nfsio
25244 280957 0 0 3 0x14280 nfsidl nfsio
41698 185260 0 0 3 0x14280 nfsidl nfsio
78522 56230 20414 0 2 0x482 syz-fuzzer
78522 244807 20414 0 2 0x4000482 syz-fuzzer
78522 32378 20414 0 3 0x4000082 thrsleep syz-fuzzer
78522 505232 20414 0 3 0x4000082 thrsleep syz-fuzzer
78522 341642 20414 0 3 0x4000082 thrsleep syz-fuzzer
78522 145088 20414 0 3 0x4000082 thrsleep syz-fuzzer
78522 181416 20414 0 3 0x4000082 thrsleep syz-fuzzer
78522 77759 20414 0 3 0x4000082 thrsleep syz-fuzzer
78522 231276 20414 0 3 0x4000082 thrsleep syz-fuzzer
78522 372615 20414 0 2 0x4000082 syz-fuzzer
20414 321212 91878 0 3 0x10008a pause ksh
91878 342000 53130 0 3 0x92 select sshd
72650 429611 1 0 3 0x100083 ttyin getty
53130 128389 1 0 3 0x80 select sshd
20338 122107 74794 74 3 0x100092 bpf pflogd
74794 433529 1 0 3 0x80 netio pflogd
92396 53684 97523 73 3 0x100090 kqread syslogd
97523 384993 1 0 3 0x100082 netio syslogd
23850 118864 1 77 3 0x100090 poll dhclient
1391 248603 1 0 3 0x80 poll dhclient
35834 303316 0 0 3 0x14200 bored smr
58399 59078 0 0 2 0x14200 zerothread
56277 138126 0 0 3 0x14200 aiodoned aiodoned
56847 380289 0 0 3 0x14200 syncer update
58743 418588 0 0 3 0x14200 cleaner cleaner
93159 524011 0 0 3 0x14200 reaper reaper
85067 322369 0 0 3 0x14200 pgdaemon pagedaemon
30348 392535 0 0 3 0x14200 bored crynlk
66112 242301 0 0 3 0x14200 bored crypto
67457 101062 0 0 3 0x40014200 acpi0 acpi0
13629 176871 0 0 3 0x40014200 idle1
92014 73548 0 0 3 0x14200 bored softnet
71544 405232 0 0 3 0x14200 bored systqmp
97908 191854 0 0 3 0x14200 bored systq
61381 24432 0 0 3 0x40014200 bored softclock
83498 116966 0 0 3 0x40014200 idle0
1 445570 0 0 3 0x82 wait init
0 0 -1 0 3 0x10200 scheduler swapper
ddb{0}> show all locks
ddb{0}> show malloc
Type InUse MemUse HighUse Limit Requests Type Lim
devbuf 9513 6422K 7580K 78643K 12576 0
pcb 13 8K 8K 78643K 115 0
rtable 109 5K 8K 78643K 493 0
ifaddr 71 14K 14K 78643K 182 0
sysctl 2 0K 0K 78643K 2 0
counters 43 33K 34K 78643K 75 0
ioctlops 0 0K 4K 78643K 1550 0
iov 0 0K 16K 78643K 343 0
mount 1 1K 1K 78643K 1 0
vnodes 1221 77K 77K 78643K 1796 0
UFS quota 1 32K 32K 78643K 1 0
UFS mount 5 36K 36K 78643K 5 0
shm 2 1K 5K 78643K 8 0
VM map 2 1K 1K 78643K 2 0
sem 12 0K 0K 78643K 451 0
dirhash 12 2K 2K 78643K 12 0
ACPI 1824 197K 290K 78643K 13058 0
file desc 5 13K 25K 78643K 594 0
sigio 0 0K 0K 78643K 4 0
proc 63 63K 95K 78643K 588 0
subproc 23 1K 2K 78643K 68 0
NFS srvsock 1 0K 0K 78643K 1 0
NFS daemon 1 16K 16K 78643K 1 0
ip_moptions 0 0K 0K 78643K 44 0
in_multi 48 2K 3K 78643K 175 0
ether_multi 1 0K 0K 78643K 17 0
mrt 0 0K 0K 78643K 7 0
ISOFS mount 1 32K 32K 78643K 1 0
MSDOSFS mount 1 16K 16K 78643K 1 0
ttys 43 201K 201K 78643K 43 0
exec 0 0K 1K 78643K 270 0
pagedep 1 8K 8K 78643K 1 0
inodedep 1 32K 32K 78643K 1 0
newblk 1 0K 0K 78643K 1 0
VM swap 7 26K 26K 78643K 7 0
UVM amap 145 73K 77K 78643K 3040 0
UVM aobj 17 4K 4K 78643K 17 0
memdesc 1 4K 4K 78643K 1 0
crypto data 1 1K 1K 78643K 1 0
ip6_options 0 0K 1K 78643K 92 0
NDP 11 0K 0K 78643K 44 0
temp 107 3863K 3927K 78643K 9803 0
kqueue 3 4K 18K 78643K 27 0
SYN cache 2 16K 16K 78643K 2 0
ddb{0}> show all pools
Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle
arp 64 10 0 4 1 0 1 1 0 8 0
plcache 128 20 0 0 1 0 1 1 0 8 0
rtpcb 80 41 0 39 1 0 1 1 0 8 0
rtentry 112 98 0 57 3 1 2 2 0 8 0
unpcb 120 437 0 427 1 0 1 1 0 8 0
syncache 264 9 0 9 3 3 0 1 0 8 0
tcpqe 32 477 0 477 1 1 0 1 0 8 0
tcpcb 544 226 0 222 2 1 1 2 0 8 0
inpcb 296 683 0 676 4 3 1 3 0 8 0
rttmr 72 3 0 3 2 2 0 1 0 8 0
nd6 48 28 0 24 1 0 1 1 0 8 0
ppxss 1128 4 0 4 4 4 0 1 0 8 0
pffrag 232 2 0 1 2 1 1 1 0 482 0
pffrnode 88 2 0 1 2 1 1 1 0 8 0
pffrent 40 47 0 46 2 1 1 1 0 8 0
pfosfp 40 846 0 423 5 0 5 5 0 8 0
pfosfpen 112 1428 0 714 21 0 21 21 0 8 0
pfrktable 1344 17 0 15 2 1 1 1 0 8 0
pftag 88 1 0 0 1 0 1 1 0 8 0
pfqueue 264 2 0 2 1 1 0 1 0 8 0
pfstitem 24 40 0 25 1 0 1 1 0 8 0
pfstkey 112 40 0 25 1 0 1 1 0 8 0
pfstate 328 40 0 25 3 0 3 3 0 8 1
pfrule 1360 33 0 19 3 1 2 2 0 8 0
art_heap8 4096 1 0 0 1 0 1 1 0 8 0
art_heap4 256 340 0 164 15 4 11 13 0 8 0
art_table 32 341 0 164 2 0 2 2 0 8 0
art_node 16 97 0 59 1 0 1 1 0 8 0
sysvmsgpl 40 35 0 21 1 0 1 1 0 8 0
semupl 112 3 0 3 1 1 0 1 0 8 0
semapl 112 449 0 439 1 0 1 1 0 8 0
shmpl 112 15 0 0 1 0 1 1 0 8 0
dirhash 1024 17 0 0 3 0 3 3 0 8 0
dino2pl 256 2171 0 767 90 1 89 89 0 8 0
ffsino 272 2171 0 767 96 2 94 95 0 8 0
nchpl 144 3167 0 1570 60 0 60 60 0 8 0
uvmvnodes 72 2711 0 0 50 0 50 50 0 8 0
vnodes 208 2711 0 0 143 0 143 143 0 8 0
namei 1024 9168 0 9168 4 3 1 1 0 8 1
percpumem 16 48 0 16 1 0 1 1 0 8 0
vcpupl 1984 5 0 0 1 0 1 1 0 8 0
vmpool 560 7 0 2 1 0 1 1 0 8 0
pfiaddrpl 120 5 0 3 2 1 1 1 0 8 0
scxspl 192 9689 0 9689 12 11 1 7 0 8 1
plimitpl 152 62 0 54 1 0 1 1 0 8 0
sigapl 424 824 0 772 6 0 6 6 0 8 0
futexpl 56 10622 0 10622 4 3 1 1 0 8 1
knotepl 112 108 0 89 1 0 1 1 0 8 0
kqueuepl 144 83 0 79 1 0 1 1 0 8 0
pipelkpl 48 133 0 123 1 0 1 1 0 8 0
pipepl 120 266 0 248 1 0 1 1 0 8 0
fdescpl 496 788 0 772 3 0 3 3 0 8 0
filepl 152 4483 0 4393 6 1 5 6 0 8 1
lockfpl 104 148 0 147 1 0 1 1 0 8 0
lockfspl 48 50 0 49 1 0 1 1 0 8 0
sessionpl 112 20 0 9 1 0 1 1 0 8 0
pgrppl 48 24 0 13 1 0 1 1 0 8 0
ucredpl 96 399 0 390 1 0 1 1 0 8 0
zombiepl 144 773 0 772 2 1 1 1 0 8 0
processpl 984 824 0 772 8 1 7 7 0 8 0
procpl 624 2146 0 2085 8 2 6 6 0 8 1
srpgc 64 2 0 2 1 1 0 1 0 8 0
sosppl 128 3 0 3 2 2 0 1 0 8 0
sockpl 400 1166 0 1147 8 4 4 4 0 8 2
mcl64k 65536 14 0 0 2 0 2 2 0 8 0
mcl16k 16384 4 0 0 1 0 1 1 0 8 0
mcl12k 12288 10 0 0 1 0 1 1 0 8 0
mcl9k 9216 6 0 0 1 0 1 1 0 8 0
mcl8k 8192 17 0 0 3 0 3 3 0 8 0
mcl4k 4096 5 0 0 1 0 1 1 0 8 0
mcl2k2 2112 2 0 0 1 0 1 1 0 8 0
mcl2k 2048 197 0 0 24 0 24 24 0 8 0
mtagpl 96 146 0 0 4 0 4 4 0 8 0
mbufpl 256 561 0 0 34 1 33 33 0 8 0
bufpl 280 4468 0 136 310 0 310 310 0 8 0
anonpl 16 95218 0 81543 85 6 79 84 0 124 10
amapchunkpl 152 4800 0 4639 10 2 8 9 0 158 0
amappl16 192 4025 0 3152 64 17 47 56 0 8 3
amappl15 184 1 0 1 1 1 0 1 0 8 0
amappl14 176 164 0 156 1 0 1 1 0 8 0
amappl13 168 48 0 44 1 0 1 1 0 8 0
amappl12 160 19 0 13 1 0 1 1 0 8 0
amappl11 152 63 0 48 1 0 1 1 0 8 0
amappl10 144 288 0 281 1 0 1 1 0 8 0
amappl9 136 532 0 531 1 0 1 1 0 8 0
amappl8 128 564 0 520 2 0 2 2 0 8 0
amappl7 120 399 0 383 1 0 1 1 0 8 0
amappl6 112 26 0 22 1 0 1 1 0 8 0
amappl5 104 667 0 652 1 0 1 1 0 8 0
amappl4 96 533 0 498 1 0 1 1 0 8 0
amappl3 88 261 0 254 1 0 1 1 0 8 0
amappl2 80 5366 0 5304 2 0 2 2 0 8 0
amappl1 72 26872 0 26433 23 13 10 18 0 8 0
amappl 80 2435 0 2385 2 0 2 2 0 84 0
dma4096 4096 1 0 1 1 1 0 1 0 8 0
dma256 256 6 0 6 1 1 0 1 0 8 0
dma128 128 253 0 253 1 1 0 1 0 8 0
dma64 64 6 0 6 1 1 0 1 0 8 0
dma32 32 7 0 7 1 1 0 1 0 8 0
dma16 16 18 0 17 1 0 1 1 0 8 0
aobjpl 64 16 0 0 1 0 1 1 0 8 0
uaddrrnd 24 795 0 774 1 0 1 1 0 8 0
uaddrbest 32 2 0 0 1 0 1 1 0 8 0
uaddr 24 795 0 774 1 0 1 1 0 8 0
vmmpekpl 168 9911 0 9874 2 0 2 2 0 8 0
vmmpepl 168 104573 0 102538 164 43 121 125 0 357 26
vmsppl 368 794 0 774 2 0 2 2 0 8 0
pdppl 4096 1597 0 1553 7 1 6 6 0 8 0
pvpl 32 284502 0 267612 203 10 193 198 0 265 28
pmappl 232 794 0 774 2 0 2 2 0 8 0
extentpl 40 53 0 36 1 0 1 1 0 8 0
phpool 112 306 0 22 9 0 9 9 0 8 0
ddb{0}> machine ddbcpu 0
Invalid cpu 0
ddb{0}> trace
ml_purge(ffff800020ed5038) at ml_purge+0x38 sys/kern/uipc_mbuf.c:1627
ifq_purge(ffff800000ac6278) at ifq_purge+0x9a sys/net/ifq.c:462
tun_dev_close(5d00,7) at tun_dev_close+0xc8 sys/net/if_tun.c:460
spec_close(ffff800020ed5160) at spec_close+0x311 sys/kern/spec_vnops.c:560
VOP_CLOSE(fffffd8079117008,7,fffffd807f7bf8a0,ffff800020ddd868) at VOP_CLOSE+0xc0 sys/kern/vfs_vops.c:174
vn_closefile(fffffd80666fa570,ffff800020ddd868) at vn_closefile+0xd7 vn_close sys/kern/vfs_vnops.c:298 [inline]
vn_closefile(fffffd80666fa570,ffff800020ddd868) at vn_closefile+0xd7 sys/kern/vfs_vnops.c:614
fdrop(fffffd80666fa570,ffff800020ddd868) at fdrop+0xc2 sys/kern/kern_descrip.c:1279
closef(fffffd80666fa570,ffff800020ddd868) at closef+0x11c sys/kern/kern_descrip.c:1263
fdfree(ffff800020ddd868) at fdfree+0x101 sys/kern/kern_descrip.c:1195
exit1(ffff800020ddd868,0,19,1) at exit1+0x32c sys/kern/kern_exit.c:197
postsig(ffff800020ddd868,19) at postsig+0x4ed sigexit sys/kern/kern_sig.c:1483 [inline]
postsig(ffff800020ddd868,19) at postsig+0x4ed sys/kern/kern_sig.c:1415
userret(ffff800020ddd868) at userret+0x199 sys/kern/kern_sig.c:1872
syscall(ffff800020ed55e0) at syscall+0x55f mi_syscall_return sys/sys/syscall_mi.h:129 [inline]
syscall(ffff800020ed55e0) at syscall+0x55f sys/arch/amd64/amd64/trap.c:592
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x7f7ffffda3f0, count: -14
ddb{0}> machine ddbcpu 1
Stopped at x86_ipi_db+0x1a: addq $0x8,%rsp
ddb{1}> trace
x86_ipi_db(ffff800020d70ff0) at x86_ipi_db+0x1a sys/arch/amd64/amd64/db_interface.c:352
x86_ipi_handler() at x86_ipi_handler+0xc6 sys/arch/amd64/amd64/ipi.c:106
Xresume_lapic_ipi() at Xresume_lapic_ipi+0x23
__mp_lock(ffffffff828c2938) at __mp_lock+0x127 __mp_lock_spin sys/kern/kern_lock.c:116 [inline]
__mp_lock(ffffffff828c2938) at __mp_lock+0x127 sys/kern/kern_lock.c:147
pageflttrap(ffff8000230e1450,1) at pageflttrap+0x7f sys/arch/amd64/amd64/trap.c:180
usertrap(ffff8000230e1450) at usertrap+0x21a sys/arch/amd64/amd64/trap.c:384
recall_trap() at recall_trap+0x8
end of kernel
end trace frame: 0x7f7ffffddb30, count: -7