login: uvm_fault(0xfffffd806e9755a8, 0x9f, 0, 2) -> e
kernel: page fault trap, code=0
Stopped at wsmux_do_ioctl+0x8c0: movq %rcx,0(%rax)
ddb{0}>
ddb{0}> set $lines = 0
ddb{0}> show panic
kernel page fault
uvm_fault(0xfffffd806e9755a8, 0x9f, 0, 2) -> e
wsmux_do_ioctl(ffff800000026d00,80085762,ffff800020bd3460,82,ffff800020b24e18) at wsmux_do_ioctl+0x8c0 wsmux_detach_sc sys/dev/wscons/wsmux.c:696 [inline]
wsmux_do_ioctl(ffff800000026d00,80085762,ffff800020bd3460,82,ffff800020b24e18) at wsmux_do_ioctl+0x8c0 sys/dev/wscons/wsmux.c:438
end trace frame: 0xffff800020bd3310, count: 0
ddb{0}> trace
wsmux_do_ioctl(ffff800000026d00,80085762,ffff800020bd3460,82,ffff800020b24e18) at wsmux_do_ioctl+0x8c0 wsmux_detach_sc sys/dev/wscons/wsmux.c:696 [inline]
wsmux_do_ioctl(ffff800000026d00,80085762,ffff800020bd3460,82,ffff800020b24e18) at wsmux_do_ioctl+0x8c0 sys/dev/wscons/wsmux.c:438
VOP_IOCTL(fffffd806dc80710,80085762,ffff800020bd3460,82,fffffd807f7c7d20,ffff800020b24e18) at VOP_IOCTL+0x9a sys/kern/vfs_vops.c:290
vn_ioctl(fffffd806fcad8e8,80085762,ffff800020bd3460,ffff800020b24e18) at vn_ioctl+0xc9 sys/kern/vfs_vnops.c:512
sys_ioctl(ffff800020b24e18,ffff800020bd35a8,ffff800020bd3590) at sys_ioctl+0x646
syscall(ffff800020bd3640) at syscall+0x5ac mi_syscall sys/sys/syscall_mi.h:99 [inline]
syscall(ffff800020bd3640) at syscall+0x5ac sys/arch/amd64/amd64/trap.c:574
Xsyscall(6,0,5e098d7e0c8,0,5e098d7e0a8,5e098d7e0a0) at Xsyscall+0x128
end of kernel
end trace frame: 0x5e33b6894d0, count: -6
ddb{0}> show registers
rdi 0
rsi 0
rbp 0xffff800020bd3260
rbx 0xffff800000026db8
rdx 0xffffffff81f7106c cy_pio_rec+0x1f720
rcx 0xffffffffffffffff
rax 0x9f
r8 0
r9 0
r10 0xffff800020bc6f30
r11 0xe63cd31056fa6a2f
r12 0xffff80000064dc00
r13 0x1
r14 0xffffffff8215ac18 wsmouse_srcops
r15 0
rip 0xffffffff810eb9b0 wsmux_do_ioctl+0x8c0
cs 0x8
rflags 0x10286 __ALIGN_SIZE+0xf286
rsp 0xffff800020bd31e0
ss 0x10
wsmux_do_ioctl+0x8c0: movq %rcx,0(%rax)
ddb{0}> show proc
PROC (syz-executor1711) pid=494600 stat=onproc
flags process=0 proc=4000000<THREAD>
pri=0, usrpri=50, nice=20
forw=0xffffffffffffffff, list=0xffff800020b25070,0xffff800020b244c8
process=0xffff800020b7b710 user=0xffff800020bce000, vmspace=0xfffffd806e9755a8
estcpu=10, cpticks=0, pctcpu=0.0
user=0, sys=0, intr=0
ddb{0}> ps
PID TID PPID UID S FLAGS WAIT COMMAND
12206 119486 52040 0 2 0 syz-executor1711
*12206 494600 52040 0 7 0x4000000 syz-executor1711
92464 428390 27978 0 2 0 syz-executor1711
92464 57200 27978 0 7 0x4000000 syz-executor1711
92464 231975 27978 0 3 0x4000080 fsleep syz-executor1711
52040 305521 88034 0 3 0x80 nanosleep syz-executor1711
27978 301694 88034 0 3 0x80 nanosleep syz-executor1711
88034 4391 87220 0 3 0x82 nanosleep syz-executor1711
87220 264480 76864 0 3 0x10008a pause ksh
76864 126320 930 0 3 0x92 select sshd
35767 508318 1 0 3 0x100083 ttyin getty
930 188034 1 0 3 0x80 select sshd
44830 195838 45399 73 2 0x100090 syslogd
45399 369862 1 0 3 0x100082 netio syslogd
44930 174105 1 77 3 0x100090 poll dhclient
17281 46976 1 0 3 0x80 poll dhclient
60511 338714 0 0 2 0x14200 zerothread
29634 138532 0 0 3 0x14200 aiodoned aiodoned
24116 338829 0 0 3 0x14200 syncer update
57975 472386 0 0 3 0x14200 cleaner cleaner
26226 113940 0 0 3 0x14200 reaper reaper
82938 61333 0 0 3 0x14200 pgdaemon pagedaemon
38300 396304 0 0 3 0x14200 bored crynlk
85918 155232 0 0 3 0x14200 bored crypto
12586 5021 0 0 3 0x40014200 acpi0 acpi0
34501 96372 0 0 3 0x40014200 idle1
41178 297444 0 0 3 0x14200 bored softnet
23596 299014 0 0 3 0x14200 bored systqmp
81782 317157 0 0 3 0x14200 bored systq
33495 379035 0 0 3 0x40014200 bored softclock
65022 81193 0 0 3 0x40014200 idle0
1 48844 0 0 3 0x82 wait init
0 0 -1 0 3 0x10200 scheduler swapper
ddb{0}> show all locks
Process 12206 (syz-executor1711) thread 0xffff800020b24e18 (494600)
exclusive kernel_lock &kernel_lock r = 1 (0xffffffff82348720) locked @ /syzkaller/managers/multicore/kernel/sys/arch/amd64/amd64/trap.c:161
#0 witness_lock+0x58a sys/kern/subr_witness.c:1205
#1 ___mp_acquire_count+0x67 sys/kern/kern_lock.c:231
#2 mi_switch+0x3b0 sys/kern/sched_bsd.c:436
#3 sleep_finish+0x110 sys/kern/kern_synch.c:312
#4 sleep_finish_all+0x34 sleep_finish_timeout sys/kern/kern_synch.c:336 [inline]
#4 sleep_finish_all+0x34 sys/kern/kern_synch.c:157
#5 tsleep+0x1bc
#6 pckbc_enqueue_cmd+0x29d sys/dev/ic/pckbc.c:923
#7 pms_change_state+0x1d3 sys/dev/pckbc/pms.c:839
#8 pms_disable+0x39 sys/dev/pckbc/pms.c:874
#9 wsmouse_mux_close+0x3f sys/dev/wscons/wsmouse.c:571
#10 wsmux_do_ioctl+0x853 wsmux_detach_sc sys/dev/wscons/wsmux.c:693 [inline]
#10 wsmux_do_ioctl+0x853 sys/dev/wscons/wsmux.c:438
#11 VOP_IOCTL+0x9a sys/kern/vfs_vops.c:290
#12 vn_ioctl+0xc9 sys/kern/vfs_vnops.c:512
#13 sys_ioctl+0x646
#14 syscall+0x5ac mi_syscall sys/sys/syscall_mi.h:99 [inline]
#14 syscall+0x5ac sys/arch/amd64/amd64/trap.c:574
#15 Xsyscall+0x128
ddb{0}> show malloc
Type InUse MemUse HighUse Limit Requests Type Lim Kern Lim
devbuf 9443 6323K 6323K 78643K 10642 0 0
pcb 23 9K 9K 78643K 55 0 0
rtable 61 2K 2K 78643K 115 0 0
ifaddr 21 7K 7K 78643K 21 0 0
counters 39 33K 33K 78643K 39 0 0
ioctlops 0 0K 2K 78643K 13 0 0
mount 1 1K 1K 78643K 1 0 0
vnodes 1166 73K 73K 78643K 1172 0 0
UFS quota 1 32K 32K 78643K 1 0 0
UFS mount 5 36K 36K 78643K 5 0 0
shm 2 1K 1K 78643K 2 0 0
VM map 2 1K 1K 78643K 2 0 0
sem 2 0K 0K 78643K 2 0 0
dirhash 12 2K 2K 78643K 12 0 0
ACPI 1792 194K 288K 78643K 12592 0 0
file desc 1 0K 0K 78643K 1 0 0
proc 40 38K 46K 78643K 207 0 0
NFS srvsock 1 0K 0K 78643K 1 0 0
NFS daemon 1 16K 16K 78643K 1 0 0
in_multi 11 0K 0K 78643K 11 0 0
ether_multi 1 0K 0K 78643K 1 0 0
ISOFS mount 1 32K 32K 78643K 1 0 0
MSDOSFS mount 1 16K 16K 78643K 1 0 0
ttys 18 79K 79K 78643K 18 0 0
exec 0 0K 1K 78643K 149 0 0
pagedep 1 8K 8K 78643K 1 0 0
inodedep 1 32K 32K 78643K 1 0 0
newblk 1 0K 0K 78643K 1 0 0
VM swap 7 26K 26K 78643K 7 0 0
UVM amap 56 3K 3K 78643K 1149 0 0
UVM aobj 2 2K 2K 78643K 2 0 0
memdesc 1 4K 4K 78643K 1 0 0
crypto data 1 1K 1K 78643K 1 0 0
NDP 3 0K 0K 78643K 3 0 0
temp 30 2347K 2411K 78643K 1688 0 0
SYN cache 2 16K 16K 78643K 2 0 0
ddb{0}> show all pools
Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle
arp 64 2 0 0 1 0 1 1 0 8 0
inpcbpl 280 22 0 16 1 0 1 1 0 8 0
plimitpl 152 13 0 8 1 0 1 1 0 8 0
plcache 128 20 0 0 1 0 1 1 0 8 0
rtentry 112 23 0 1 1 0 1 1 0 8 0
syncache 264 5 0 5 2 1 1 1 0 8 1
tcpcb 544 8 0 5 1 0 1 1 0 8 0
art_heap8 4096 1 0 0 1 0 1 1 0 8 0
art_heap4 256 96 0 0 6 0 6 6 0 8 0
art_table 32 97 0 0 1 0 1 1 0 8 0
art_node 16 22 0 2 1 0 1 1 0 8 0
dirhash 1024 17 0 0 3 0 3 3 0 8 0
dino1pl 128 1383 0 18 45 0 45 45 0 8 0
ffsino 272 1383 0 18 92 0 92 92 0 8 0
nchpl 144 1555 0 30 57 0 57 57 0 8 0
uvmvnodes 72 1392 0 0 26 0 26 26 0 8 0
vnodes 200 1392 0 0 74 0 74 74 0 8 0
namei 1024 3993 0 3993 3 2 1 1 0 8 1
percpumem 16 30 0 0 1 0 1 1 0 8 0
scxspl 192 2366 0 2366 11 10 1 6 0 8 1
sigapl 432 298 0 284 2 0 2 2 0 8 0
futexpl 56 490 0 489 1 0 1 1 0 8 0
knotepl 112 5 0 0 1 0 1 1 0 8 0
kqueuepl 104 1 0 0 1 0 1 1 0 8 0
pipepl 112 114 0 107 3 2 1 1 0 8 0
fdescpl 488 299 0 284 2 0 2 2 0 8 0
filepl 152 1297 0 1251 2 0 2 2 0 8 0
lockfpl 104 493 0 490 2 1 1 1 0 8 0
lockfspl 32 116 0 115 2 1 1 1 0 8 0
sessionpl 112 17 0 9 1 0 1 1 0 8 0
pgrppl 48 17 0 9 1 0 1 1 0 8 0
ucredpl 96 47 0 40 1 0 1 1 0 8 0
zombiepl 144 284 0 284 3 2 1 1 0 8 1
processpl 840 313 0 284 4 0 4 4 0 8 0
procpl 600 558 0 526 3 0 3 3 0 8 0
sockpl 384 64 0 48 2 0 2 2 0 8 0
mcl4k 4096 2 0 0 1 0 1 1 0 8 0
mcl2k 2048 64 0 0 8 0 8 8 0 8 0
mtagpl 80 1 0 0 1 0 1 1 0 8 0
mbufpl 256 89 0 0 5 0 5 5 0 8 0
bufpl 256 2010 0 254 110 0 110 110 0 8 0
anonpl 16 22962 0 21783 7 2 5 6 0 125 0
amapchunkpl 152 1120 0 1075 2 0 2 2 0 158 0
amappl16 192 197 0 191 1 0 1 1 0 8 0
amappl15 184 1 0 1 1 1 0 1 0 8 0
amappl14 176 1 0 1 1 1 0 1 0 8 0
amappl13 168 16 0 13 1 0 1 1 0 8 0
amappl12 160 7 0 7 2 2 0 1 0 8 0
amappl11 152 172 0 163 1 0 1 1 0 8 0
amappl10 144 43 0 43 3 2 1 1 0 8 1
amappl9 136 200 0 198 1 0 1 1 0 8 0
amappl8 128 227 0 216 1 0 1 1 0 8 0
amappl7 120 30 0 25 1 0 1 1 0 8 0
amappl6 112 40 0 36 1 0 1 1 0 8 0
amappl5 104 167 0 157 1 0 1 1 0 8 0
amappl4 96 257 0 240 1 0 1 1 0 8 0
amappl3 88 114 0 107 1 0 1 1 0 8 0
amappl2 80 1670 0 1618 2 0 2 2 0 8 0
amappl1 72 14234 0 13805 15 5 10 15 0 8 0
amappl 72 741 0 715 1 0 1 1 0 75 0
dma4096 4096 1 0 1 1 1 0 1 0 8 0
dma256 256 6 0 6 1 1 0 1 0 8 0
dma64 64 259 0 259 1 1 0 1 0 8 0
dma32 32 7 0 7 1 1 0 1 0 8 0
dma16 16 17 0 17 1 1 0 1 0 8 0
aobjpl 64 1 0 0 1 0 1 1 0 8 0
uaddrrnd 24 299 0 284 1 0 1 1 0 8 0
uaddrbest 32 2 0 0 1 0 1 1 0 8 0
uaddr 24 299 0 284 1 0 1 1 0 8 0
vmmpekpl 168 5975 0 5955 2 0 2 2 0 8 0
vmmpepl 168 32206 0 31357 52 14 38 43 0 357 1
vmsppl 360 298 0 284 2 0 2 2 0 8 0
pdppl 4096 605 0 568 5 0 5 5 0 8 0
pvpl 32 81468 0 78569 35 9 26 26 0 265 1
pmappl 224 298 0 284 1 0 1 1 0 8 0
extentpl 40 39 0 25 1 0 1 1 0 8 0
phpool 112 237 0 4 7 0 7 7 0 8 0