uvm_fault(0xfffffd803f014948, 0x10, 0, 2) -> e kernel: page fault trap, code=0 Stopped at wsmux_do_ioctl+0x6ba: movq %rax,0x10(%rdx,%r15,8) ddb> ddb> set $lines = 0 ddb> show panic kernel page fault uvm_fault(0xfffffd803f014948, 0x10, 0, 2) -> e wsmux_do_ioctl(3a7aff04106b7b62,80185760,fffffd802abf4170,3,fffffd803f7c7780) at wsmux_do_ioctl+0x6ba sys/dev/wscons/wsmux.c:404 end trace frame: 0xffff800014a3bf40, count: 0 ddb> trace wsmux_do_ioctl(3a7aff04106b7b62,80185760,fffffd802abf4170,3,fffffd803f7c7780) at wsmux_do_ioctl+0x6ba sys/dev/wscons/wsmux.c:404 VOP_IOCTL(8aff5e175489008f,80185760,fffffd80375f4348,ffff80001495c4d0,fffffd802abf4170,ffff80001495c4d0) at VOP_IOCTL+0x80 sys/kern/vfs_vops.c:290 vn_ioctl(41c497af87e0dd77,fffffd80375f4348,ffff80001495c4d0,18) at vn_ioctl+0xc5 sys/kern/vfs_vnops.c:512 sys_ioctl(3a7aff041074565a,0,ffff80001495c4d0) at sys_ioctl+0x639 syscall(ab19cd0591bcabb9) at syscall+0x528 Xsyscall(6,0,ffffffffffffff89,0,3,5fbadba40d8) at Xsyscall+0x128 end of kernel end trace frame: 0x5fe9638b610, count: -6 ddb> show registers rdi 0xff rsi 0x1 rbp 0xffff800014a3bec0 rbx 0x1 rdx 0 rcx 0 rax 0 r8 0xffffffff818805a0 wsmux_do_ioctl+0x1e0 r9 0x7 r10 0x165827bc8f56ac4a r11 0xee8e522c1582a2a5 r12 0xffff800000669150 r13 0 r14 0xffff800014a3c070 r15 0 rip 0xffffffff81880a7a wsmux_do_ioctl+0x6ba cs 0x8 rflags 0x10293 __ALIGN_SIZE+0xf293 rsp 0xffff800014a3be70 ss 0x10 wsmux_do_ioctl+0x6ba: movq %rax,0x10(%rdx,%r15,8) ddb> show proc PROC (syz-executor1) pid=425670 stat=onproc flags process=0 proc=4000000 pri=79, usrpri=79, nice=20 forw=0xffffffffffffffff, list=0xffff80001495d538,0xffffffff821f4560 process=0xffff8000149b3a60 user=0xffff800014a37000, vmspace=0xfffffd803f014948 estcpu=29, cpticks=1, pctcpu=0.0 user=0, sys=1, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 22040 346805 36887 0 2 0 syz-executor1 22040 505191 36887 0 3 0x4000080 wsevent_read syz-executor1 *22040 425670 36887 0 7 0x4000000 syz-executor1 61693 152624 1 0 3 0x100083 ttyin getty 64665 60214 0 0 3 0x14200 bored sosplice 2844 154443 67134 0 3 0x82 nanosleep syz-executor0 36887 423565 67134 0 3 0x82 nanosleep syz-executor1 67134 187276 44872 0 3 0x82 thrsleep syz-fuzzer 67134 182484 44872 0 3 0x4000082 thrsleep syz-fuzzer 67134 473237 44872 0 3 0x4000082 thrsleep syz-fuzzer 67134 221740 44872 0 3 0x4000082 kqread syz-fuzzer 67134 416226 44872 0 3 0x4000082 thrsleep syz-fuzzer 67134 115024 44872 0 3 0x4000082 thrsleep syz-fuzzer 67134 275504 44872 0 3 0x4000082 thrsleep syz-fuzzer 67134 429672 44872 0 3 0x4000082 thrsleep syz-fuzzer 44872 214295 6046 0 3 0x10008a pause ksh 6046 171090 6321 0 3 0x92 select sshd 6321 465278 1 0 3 0x80 select sshd 22379 355436 67993 73 2 0x100090 syslogd 67993 300726 1 0 3 0x100082 netio syslogd 27504 345228 0 0 2 0x14200 zerothread 86825 523572 0 0 3 0x14200 aiodoned aiodoned 14745 463203 0 0 3 0x14200 syncer update 80968 345708 0 0 3 0x14200 cleaner cleaner 67385 164107 0 0 3 0x14200 reaper reaper 53222 64010 0 0 3 0x14200 pgdaemon pagedaemon 17722 224777 0 0 3 0x14200 bored crynlk 59250 71584 0 0 3 0x14200 bored crypto 99949 453898 0 0 3 0x40014200 acpi0 acpi0 82378 219762 0 0 3 0x14200 bored softnet 33588 24148 0 0 3 0x14200 bored systqmp 29717 366969 0 0 3 0x14200 bored systq 37919 517882 0 0 3 0x40014200 bored softclock 50848 484946 0 0 3 0x40014200 idle0 1 116346 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim Kern Lim devbuf 9548 8864K 8872K 78643K 14305 0 0 pcb 19 8K 11K 78643K 5823 0 0 rtable 100 3K 3K 78643K 527 0 0 ifaddr 74 22K 26K 78643K 1252 0 0 counters 19 16K 16K 78643K 19 0 0 ioctlops 0 0K 2K 78643K 59 0 0 iov 0 0K 32K 78643K 953 0 0 mount 1 1K 1K 78643K 1 0 0 vnodes 1181 74K 76K 78643K 9451 0 0 UFS quota 1 32K 32K 78643K 1 0 0 UFS mount 5 36K 36K 78643K 5 0 0 shm 2 1K 5K 78643K 118 0 0 VM map 2 0K 0K 78643K 2 0 0 sem 12 0K 1K 78643K 1504 0 0 dirhash 12 2K 2K 78643K 12 0 0 ACPI 1777 193K 286K 78643K 12501 0 0 file desc 5 13K 25K 78643K 11301 0 0 sigio 0 0K 0K 78643K 134 0 0 proc 42 30K 54K 78643K 1588 0 0 subproc 64 65538K 69634K 78643K 96 0 0 NFS srvsock 1 0K 0K 78643K 1 0 0 NFS daemon 1 16K 16K 78643K 1 0 0 ip_moptions 0 0K 0K 78643K 1099 0 0 in_multi 33 2K 2K 78643K 440 0 0 ether_multi 1 0K 0K 78643K 63 0 0 ISOFS mount 1 32K 32K 78643K 1 0 0 MSDOSFS mount 1 16K 16K 78643K 1 0 0 ttys 126 556K 556K 78643K 126 0 0 exec 0 0K 1K 78643K 791 0 0 pfkey data 0 0K 4K 78643K 8 0 0 pagedep 1 8K 8K 78643K 1 0 0 inodedep 1 32K 32K 78643K 1 0 0 newblk 1 0K 0K 78643K 1 0 0 VM swap 7 26K 26K 78643K 7 0 0 UVM amap 106 22K 41K 78643K 27199 0 0 UVM aobj 130 9K 9K 78643K 139 0 0 memdesc 1 4K 4K 78643K 1 0 0 crypto data 1 1K 1K 78643K 1 0 0 ip6_options 0 0K 1K 78643K 217 0 0 NDP 17 0K 0K 78643K 387 0 0 temp 207 2348K 2425K 78643K 32983 0 0 kqueue 0 0K 0K 78643K 118 0 0 SYN cache 2 16K 16K 78643K 2 0 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle arp 64 4 0 0 1 0 1 1 0 8 0 inpcbpl 280 4645 0 4641 1 0 1 1 0 8 0 plimitpl 152 100 0 94 1 0 1 1 0 8 0 rtentry 112 41 0 1 2 0 2 2 0 8 0 syncache 264 4 0 4 1 1 0 1 0 8 0 tcpcb 544 1261 0 1257 1 0 1 1 0 8 0 nd6 48 4 0 0 1 0 1 1 0 8 0 swfcl 56 3 0 0 1 0 1 1 0 8 0 ppxss 1128 115 0 114 15 14 1 1 0 8 0 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 185 0 0 12 0 12 12 0 8 0 art_table 32 186 0 0 2 0 2 2 0 8 0 art_node 16 40 0 6 1 0 1 1 0 8 0 sysvmsgpl 40 19 0 17 2 1 1 1 0 8 0 semapl 112 1496 0 1486 1 0 1 1 0 8 0 shmpl 112 137 0 9 4 0 4 4 0 8 0 dirhash 1024 17 0 0 3 0 3 3 0 8 0 dino1pl 128 24343 0 22764 51 0 51 51 0 8 0 ffsino 240 24343 0 22764 94 1 93 93 0 8 0 nchpl 144 39981 0 38392 60 0 60 60 0 8 0 uvmvnodes 72 6445 0 0 118 0 118 118 0 8 0 vnodes 200 6445 0 0 340 0 340 340 0 8 0 namei 1024 116875 0 116875 2 1 1 1 0 8 1 scsiplug 64 20 0 20 17 17 0 1 0 8 0 scxspl 192 108729 0 108729 24 23 1 6 0 8 1 sigapl 432 11470 0 11459 2 0 2 2 0 8 0 futexpl 56 160740 0 160740 1 0 1 1 0 8 1 knotepl 112 2312 0 2285 2 0 2 2 0 8 0 kqueuepl 104 2891 0 2889 1 0 1 1 0 8 0 pipepl 112 6194 0 6175 17 16 1 2 0 8 0 fdescpl 424 11471 0 11459 2 0 2 2 0 8 0 filepl 120 64279 0 64194 27 23 4 5 0 8 1 lockfpl 96 2571 0 2571 19 18 1 1 0 8 1 lockfspl 24 4163 0 4163 16 15 1 1 0 8 1 sessionpl 112 19 0 11 1 0 1 1 0 8 0 pgrppl 48 100 0 92 1 0 1 1 0 8 0 ucredpl 96 18037 0 18030 1 0 1 1 0 8 0 zombiepl 144 11459 0 11458 2 1 1 1 0 8 0 processpl 840 11485 0 11458 5 1 4 4 0 8 0 procpl 600 26262 0 26226 5 1 4 4 0 8 0 sosppl 128 171 0 171 42 41 1 1 0 8 1 sockpl 384 10305 0 10295 17 14 3 4 0 8 1 mcl64k 65536 2945 0 2945 258 257 1 64 0 8 1 mcl16k 16384 27 0 27 20 19 1 1 0 8 1 mcl12k 12288 187 0 187 34 33 1 1 0 8 1 mcl9k 9216 194 0 194 32 32 0 1 0 8 0 mcl8k 8192 180 0 180 40 39 1 1 0 8 1 mcl4k 4096 829 0 829 19 18 1 1 0 8 1 mcl2k2 2112 102 0 102 31 30 1 1 0 8 1 mcl2k 2048 54769 0 54736 12 7 5 8 0 8 0 mtagpl 80 2 0 2 1 1 0 1 0 8 0 mbufpl 256 144349 0 144308 138 134 4 36 0 8 0 bufpl 256 22554 0 16107 404 0 404 404 0 8 0 anonpl 16 970819 0 963220 395 360 35 48 0 62 2 amapchunkpl 152 60383 0 60308 331 327 4 96 0 158 0 amappl16 192 59342 0 58931 388 364 24 33 0 8 3 amappl15 184 1 0 1 1 1 0 1 0 8 0 amappl14 176 9 0 7 2 1 1 1 0 8 0 amappl13 168 5644 0 5642 1 0 1 1 0 8 0 amappl12 160 5668 0 5666 1 0 1 1 0 8 0 amappl11 152 194 0 189 1 0 1 1 0 8 0 amappl10 144 62 0 62 3 3 0 1 0 8 0 amappl9 136 345 0 344 1 0 1 1 0 8 0 amappl8 128 5911 0 5863 2 0 2 2 0 8 0 amappl7 120 5661 0 5655 1 0 1 1 0 8 0 amappl6 112 45 0 40 1 0 1 1 0 8 0 amappl5 104 204 0 195 1 0 1 1 0 8 0 amappl4 96 343 0 321 2 1 1 2 0 8 0 amappl3 88 1151 0 1146 1 0 1 1 0 8 0 amappl2 80 114155 0 114108 2 0 2 2 0 8 0 amappl1 72 208732 0 208350 25 16 9 18 0 8 0 amappl 72 26574 0 26546 1 0 1 1 0 75 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma64 64 259 0 259 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 17 0 17 1 1 0 1 0 8 0 aobjpl 64 138 0 9 3 0 3 3 0 8 0 uaddrrnd 24 11471 0 11459 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 11471 0 11459 1 0 1 1 0 8 0 vmmpekpl 168 80637 0 80611 2 0 2 2 0 8 0 vmmpepl 168 1156223 0 1154923 286 223 63 77 0 357 0 vmsppl 264 11470 0 11459 2 1 1 2 0 8 0 pdppl 4096 22948 0 22918 6 1 5 6 0 8 0 pvpl 32 2988586 0 2977516 835 707 128 225 0 265 37 pmappl 192 11470 0 11459 1 0 1 1 0 8 0 extentpl 40 39 0 25 1 0 1 1 0 8 0 phpool 112 1012 0 479 19 2 17 17 0 8 0