uvm_fault(0xfffffd807f00c870, 0x8f, 0, 1) -> e
kernel: page fault trap, code=0
Stopped at wsmux_mux_close+0x45: cmpq %r14,0x90(%r15)
ddb{0}>
ddb{0}> set $lines = 0
ddb{0}> show panic
kernel page fault
uvm_fault(0xfffffd807f00c870, 0x8f, 0, 1) -> e
wsmux_mux_close(bd988d9815ba200a) at wsmux_mux_close+0x45 wsmux_do_close sys/dev/wscons/wsmux.c:307 [inline]
wsmux_mux_close(bd988d9815ba200a) at wsmux_mux_close+0x45 sys/dev/wscons/wsmux.c:290
end trace frame: 0xffff800020c71a70, count: 0
ddb{0}> trace
wsmux_mux_close(bd988d9815ba200a) at wsmux_mux_close+0x45 wsmux_do_close sys/dev/wscons/wsmux.c:307 [inline]
wsmux_mux_close(bd988d9815ba200a) at wsmux_mux_close+0x45 sys/dev/wscons/wsmux.c:290
wsmuxclose(bf2487e1d04ec2a4,ffffffff81846250,ffff800020c71ad0,fffffd806e5a1300) at wsmuxclose+0xb5 wsmux_do_close sys/dev/wscons/wsmux.c:313 [inline]
wsmuxclose(bf2487e1d04ec2a4,ffffffff81846250,ffff800020c71ad0,fffffd806e5a1300) at wsmuxclose+0xb5 sys/dev/wscons/wsmux.c:277
spec_close(3bbfc151dc45468f) at spec_close+0x39a sys/kern/spec_vnops.c:553
VOP_CLOSE(dc26208365ca25f7,fffffd806e5a1300,ffff800020b92720,fffffd807f7c7960) at VOP_CLOSE+0x6c sys/kern/vfs_vops.c:174
vn_closefile(6979768d795981cf,ffff800020b92720) at vn_closefile+0x150 vn_close sys/kern/vfs_vnops.c:289 [inline]
vn_closefile(6979768d795981cf,ffff800020b92720) at vn_closefile+0x150 sys/kern/vfs_vnops.c:575
fdrop(9970d4a3bcbcc717,fffffd806ceb73a0) at fdrop+0xdf sys/kern/kern_descrip.c:1260
closef(6fd786d3fba43c3d,ffff800020b92720) at closef+0x128 sys/kern/kern_descrip.c:1244
fdfree(ae6dcc0103a67544) at fdfree+0xe8 sys/kern/kern_descrip.c:1176
exit1(0,ffff800020b92720,7f7fffff28c8) at exit1+0x2d7 sys/kern/kern_exit.c:194
sys_exit(ffffffff81df7f03,ffff800020c71cd0,0) at sys_exit+0x13 sys/kern/kern_exit.c:94
syscall(295d3876b9c045fa) at syscall+0x5a0 mi_syscall sys/sys/syscall_mi.h:99 [inline]
syscall(295d3876b9c045fa) at syscall+0x5a0 sys/arch/amd64/amd64/trap.c:583
Xsyscall(6,1,0,1,0,7f7fffff2920) at Xsyscall+0x128
end of kernel
end trace frame: 0x7f7fffff28d0, count: -12
ddb{0}> show registers
rdi 0
rsi 0
rbp 0xffff800020c71a40
rbx 0
rdx 0xffffffff81f31836 cy_pio_rec+0x3821
rcx 0
rax 0
r8 0xffffffff81d43064 kprintf+0x174
r9 0x1
r10 0xfc6ec119d86a4f02
r11 0x12433defc383ff1d
r12 0xffff800000026d00
r13 0
r14 0xffff800000026f00
r15 0xffffffffffffffff
rip 0xffffffff81844ce5 wsmux_mux_close+0x45
cs 0x8
rflags 0x10246 __ALIGN_SIZE+0xf246
rsp 0xffff800020c71a20
ss 0x10
wsmux_mux_close+0x45: cmpq %r14,0x90(%r15)
ddb{0}> show proc
PROC (syz-executor0) pid=94198 stat=onproc
flags process=1008<EXITING,SINGLEEXIT> proc=2000<WEXIT>
pri=0, usrpri=79, nice=20
forw=0xffffffffffffffff, list=0xffff800020b92978,0xffff800020b924d8
process=0xffff800020b95708 user=0xffff800020c6c000, vmspace=0xfffffd807f00c870
estcpu=29, cpticks=2, pctcpu=0.98
user=0, sys=2, intr=0
ddb{0}> ps
PID TID PPID UID S FLAGS WAIT COMMAND
37254 274864 43014 0 2 0 syz-executor1
37254 204967 43014 0 3 0x4000080 fsleep syz-executor1
46570 518843 1 0 3 0x100083 ttyin getty
47275 257356 0 0 3 0x14200 bored sosplice
43014 243465 75998 0 2 0x482 syz-executor1
5650 308633 75998 0 7 0x482 syz-executor0
75998 29364 37827 0 3 0x82 thrsleep syz-fuzzer
75998 257253 37827 0 2 0x4000482 syz-fuzzer
75998 94842 37827 0 3 0x4000082 thrsleep syz-fuzzer
75998 250418 37827 0 3 0x4000082 thrsleep syz-fuzzer
75998 297968 37827 0 3 0x4000082 kqread syz-fuzzer
75998 40651 37827 0 3 0x4000082 thrsleep syz-fuzzer
75998 34022 37827 0 2 0x4000482 syz-fuzzer
75998 390889 37827 0 3 0x4000082 thrsleep syz-fuzzer
75998 125607 37827 0 3 0x4000082 thrsleep syz-fuzzer
75998 104839 37827 0 3 0x4000082 thrsleep syz-fuzzer
37827 254294 36627 0 3 0x10008a pause ksh
36627 57410 61471 0 3 0x92 select sshd
61471 411282 1 0 3 0x80 select sshd
85627 5391 51019 73 2 0x100090 syslogd
51019 131310 1 0 3 0x100082 netio syslogd
16002 446764 1 77 3 0x100090 poll dhclient
232 131305 1 0 3 0x80 poll dhclient
3220 448890 0 0 2 0x14200 zerothread
18611 90760 0 0 3 0x14200 aiodoned aiodoned
21665 471248 0 0 2 0x14200 update
48626 431277 0 0 3 0x14200 cleaner cleaner
33803 503665 0 0 3 0x14200 reaper reaper
11560 152675 0 0 3 0x14200 pgdaemon pagedaemon
46949 287780 0 0 3 0x14200 bored crynlk
63453 91805 0 0 3 0x14200 bored crypto
43977 501191 0 0 3 0x40014200 acpi0 acpi0
17760 465464 0 0 3 0x40014200 idle1
90613 432360 0 0 3 0x14200 bored softnet
81834 516649 0 0 2 0x14200 systqmp
75727 483856 0 0 3 0x14200 bored systq
43959 43598 0 0 2 0x40014200 softclock
89641 180406 0 0 3 0x40014200 idle0
1 269448 0 0 3 0x82 wait init
0 0 -1 0 3 0x10200 scheduler swapper
ddb{0}> show all locks
ddb{0}> show malloc
Type InUse MemUse HighUse Limit Requests Type Lim Kern Lim
devbuf 9513 6872K 6995K 78643K 13174 0 0
pcb 23 9K 11K 78643K 3079 0 0
rtable 100 3K 4K 78643K 1848 0 0
ifaddr 49 19K 23K 78643K 904 0 0
counters 39 33K 33K 78643K 39 0 0
ioctlops 0 0K 2K 78643K 4237 0 0
iov 0 0K 32K 78643K 249 0 0
mount 1 1K 1K 78643K 1 0 0
vnodes 1191 75K 75K 78643K 6416 0 0
UFS quota 1 32K 32K 78643K 1 0 0
UFS mount 5 36K 36K 78643K 5 0 0
shm 2 1K 5K 78643K 43 0 0
VM map 2 1K 1K 78643K 2 0 0
sem 12 1K 1K 78643K 12 0 0
dirhash 12 2K 2K 78643K 12 0 0
ACPI 1792 194K 288K 78643K 12592 0 0
file desc 6 17K 25K 78643K 11623 0 0
sigio 0 0K 0K 78643K 79 0 0
proc 42 38K 70K 78643K 1526 0 0
subproc 64 65538K 67586K 78643K 87 0 0
NFS srvsock 1 0K 0K 78643K 1 0 0
NFS daemon 1 16K 16K 78643K 1 0 0
ip_moptions 0 0K 0K 78643K 404 0 0
in_multi 33 2K 2K 78643K 237 0 0
ether_multi 1 0K 0K 78643K 34 0 0
ISOFS mount 1 32K 32K 78643K 1 0 0
MSDOSFS mount 1 16K 16K 78643K 1 0 0
ttys 102 450K 450K 78643K 102 0 0
exec 0 0K 1K 78643K 1325 0 0
pagedep 1 8K 8K 78643K 1 0 0
inodedep 1 32K 32K 78643K 1 0 0
newblk 1 0K 0K 78643K 1 0 0
VM swap 7 26K 26K 78643K 7 0 0
UVM amap 113 22K 40K 78643K 32906 0 0
UVM aobj 130 4K 4K 78643K 138 0 0
memdesc 1 4K 4K 78643K 1 0 0
crypto data 1 1K 1K 78643K 1 0 0
ip6_options 0 0K 0K 78643K 68 0 0
NDP 9 0K 0K 78643K 291 0 0
temp 148 2358K 2426K 78643K 30041 0 0
kqueue 0 0K 0K 78643K 8 0 0
SYN cache 2 16K 16K 78643K 2 0 0
ddb{0}> show all pools
Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle
arp 64 4 0 0 1 0 1 1 0 8 0
inpcbpl 280 1510 0 1503 1 0 1 1 0 8 0
plimitpl 152 60 0 53 1 0 1 1 0 8 0
plcache 128 20 0 0 1 0 1 1 0 8 0
rtentry 112 41 0 1 2 0 2 2 0 8 0
syncache 264 4 0 4 1 1 0 1 0 8 0
tcpqe 32 12 0 12 2 2 0 1 0 8 0
tcpcb 544 402 0 398 1 0 1 1 0 8 0
nd6 48 4 0 0 1 0 1 1 0 8 0
ppxss 1128 18 0 18 8 8 0 1 0 8 0
art_heap8 4096 1 0 0 1 0 1 1 0 8 0
art_heap4 256 185 0 0 12 0 12 12 0 8 0
art_table 32 186 0 0 2 0 2 2 0 8 0
art_node 16 40 0 6 1 0 1 1 0 8 0
sysvmsgpl 40 44 0 35 1 0 1 1 0 8 0
semupl 112 8 0 8 1 1 0 1 0 8 0
semapl 112 10 0 0 1 0 1 1 0 8 0
shmpl 112 136 0 8 4 0 4 4 0 8 0
dirhash 1024 17 0 0 3 0 3 3 0 8 0
dino1pl 128 21871 0 20418 48 1 47 47 0 8 0
ffsino 272 21871 0 20418 98 1 97 97 0 8 0
nchpl 144 35998 0 34419 61 1 60 60 0 8 0
uvmvnodes 72 5926 0 0 108 0 108 108 0 8 0
vnodes 200 5926 0 0 312 0 312 312 0 8 0
namei 1024 130141 0 130141 3 2 1 1 0 8 1
percpumem 16 30 0 0 1 0 1 1 0 8 0
scsiplug 64 21 0 21 4 4 0 1 0 8 0
scxspl 192 98025 0 98025 12 11 1 6 0 8 1
sigapl 432 11796 0 11782 2 0 2 2 0 8 0
futexpl 56 87281 0 87280 1 0 1 1 0 8 0
knotepl 112 672 0 645 4 3 1 2 0 8 0
kqueuepl 104 805 0 803 1 0 1 1 0 8 0
pipepl 112 3242 0 3223 4 3 1 2 0 8 0
fdescpl 488 11797 0 11782 3 1 2 3 0 8 0
filepl 152 69563 0 69464 35 30 5 7 0 8 1
lockfpl 96 3781 0 3781 28 27 1 1 0 8 1
lockfspl 24 2707 0 2707 29 28 1 1 0 8 1
sessionpl 112 23 0 13 1 0 1 1 0 8 0
pgrppl 48 232 0 222 1 0 1 1 0 8 0
ucredpl 96 39881 0 39874 1 0 1 1 0 8 0
zombiepl 144 11783 0 11782 3 2 1 1 0 8 0
processpl 840 11812 0 11782 4 0 4 4 0 8 0
procpl 600 32114 0 32074 4 0 4 4 0 8 0
sosppl 128 104 0 104 15 15 0 1 0 8 0
sockpl 384 4518 0 4501 27 25 2 4 0 8 0
mcl64k 65536 519 0 0 58 25 33 34 0 8 0
mcl16k 16384 1 0 0 1 0 1 1 0 8 0
mcl12k 12288 21 0 0 2 0 2 2 0 8 0
mcl9k 9216 22 0 0 2 0 2 2 0 8 0
mcl8k 8192 9 0 0 2 0 2 2 0 8 0
mcl4k 4096 19 0 0 3 1 2 3 0 8 0
mcl2k2 2112 6 0 0 1 0 1 1 0 8 0
mcl2k 2048 455 0 0 15 6 9 13 0 8 0
mtagpl 80 1 0 0 1 0 1 1 0 8 0
mbufpl 256 859 0 0 25 6 19 19 0 8 0
bufpl 256 18441 0 11472 436 0 436 436 0 8 0
anonpl 16 942675 0 936119 213 180 33 45 0 125 6
amapchunkpl 152 65045 0 64954 113 108 5 96 0 158 0
amappl16 192 57606 0 57274 154 137 17 30 0 8 0
amappl15 184 5 0 3 1 0 1 1 0 8 0
amappl14 176 5601 0 5596 2 1 1 1 0 8 0
amappl13 168 19 0 15 1 0 1 1 0 8 0
amappl12 160 6027 0 6024 1 0 1 1 0 8 0
amappl11 152 181 0 172 1 0 1 1 0 8 0
amappl10 144 70 0 64 1 0 1 1 0 8 0
amappl9 136 318 0 317 1 0 1 1 0 8 0
amappl8 128 6216 0 6170 3 1 2 2 0 8 0
amappl7 120 35 0 30 1 0 1 1 0 8 0
amappl6 112 5643 0 5633 1 0 1 1 0 8 0
amappl5 104 179 0 168 1 0 1 1 0 8 0
amappl4 96 341 0 317 2 1 1 2 0 8 0
amappl3 88 272 0 266 1 0 1 1 0 8 0
amappl2 80 111820 0 111760 2 0 2 2 0 8 0
amappl1 72 253040 0 252608 25 16 9 18 0 8 0
amappl 72 32392 0 32356 1 0 1 1 0 75 0
dma4096 4096 1 0 1 1 1 0 1 0 8 0
dma256 256 6 0 6 1 1 0 1 0 8 0
dma64 64 259 0 259 1 1 0 1 0 8 0
dma32 32 7 0 7 1 1 0 1 0 8 0
dma16 16 17 0 17 1 1 0 1 0 8 0
aobjpl 64 137 0 8 3 0 3 3 0 8 0
uaddrrnd 24 11797 0 11782 1 0 1 1 0 8 0
uaddrbest 32 2 0 0 1 0 1 1 0 8 0
uaddr 24 11797 0 11782 1 0 1 1 0 8 0
vmmpekpl 168 77168 0 77144 2 0 2 2 0 8 0
vmmpepl 168 1216947 0 1215553 220 158 62 73 0 357 1
vmsppl 360 11796 0 11782 2 0 2 2 0 8 0
pdppl 4096 23601 0 23564 6 1 5 6 0 8 0
pvpl 32 2926861 0 2916580 497 389 108 129 0 265 25
pmappl 224 11796 0 11782 1 0 1 1 0 8 0
extentpl 40 39 0 25 1 0 1 1 0 8 0
phpool 112 666 0 44 18 0 18 18 0 8 0