login: uvm_fault(0xfffffd807f00c9d8, 0x8f, 0, 1) -> e kernel: page fault trap, code=0 Stopped at wsmuxclose+0x75: cmpq %r12,0x90(%r15) ddb{0}> ddb{0}> set $lines = 0 ddb{0}> set $maxwidth = 0 ddb{0}> show panic kernel page fault uvm_fault(0xfffffd807f00c9d8, 0x8f, 0, 1) -> e wsmuxclose(4500,1,2000,ffff800020b6a270) at wsmuxclose+0x75 wsmux_do_close sys/dev/wscons/wsmux.c:307 [inline] wsmuxclose(4500,1,2000,ffff800020b6a270) at wsmuxclose+0x75 sys/dev/wscons/wsmux.c:277 end trace frame: 0xffff800020c5d9c0, count: 0 ddb{0}> trace wsmuxclose(4500,1,2000,ffff800020b6a270) at wsmuxclose+0x75 wsmux_do_close sys/dev/wscons/wsmux.c:307 [inline] wsmuxclose(4500,1,2000,ffff800020b6a270) at wsmuxclose+0x75 sys/dev/wscons/wsmux.c:277 spec_close(ffff800020c5d9d0) at spec_close+0x3a0 sys/kern/spec_vnops.c:553 VOP_CLOSE(fffffd807600dbf8,1,fffffd807f7c7ae0,ffff800020b6a270) at VOP_CLOSE+0x70 sys/kern/vfs_vops.c:174 vn_closefile(fffffd8069192ef0,ffff800020b6a270) at vn_closefile+0x160 vn_close sys/kern/vfs_vnops.c:289 [inline] vn_closefile(fffffd8069192ef0,ffff800020b6a270) at vn_closefile+0x160 sys/kern/vfs_vnops.c:575 fdrop(fffffd8069192ef0,ffff800020b6a270) at fdrop+0xe1 sys/kern/kern_descrip.c:1260 closef(fffffd8069192ef0,ffff800020b6a270) at closef+0x129 sys/kern/kern_descrip.c:1244 fdfree(ffff800020b6a270) at fdfree+0xe8 sys/kern/kern_descrip.c:1176 exit1(ffff800020b6a270,0,1) at exit1+0x2ee sys/kern/kern_exit.c:194 sys_exit(ffff800020b6a270,ffff800020c5dcd0,ffff800020c5dcc0) at sys_exit+0x17 sys/kern/kern_exit.c:94 syscall(ffff800020c5dd70) at syscall+0x5ac mi_syscall sys/sys/syscall_mi.h:99 [inline] syscall(ffff800020c5dd70) at syscall+0x5ac sys/arch/amd64/amd64/trap.c:574 Xsyscall(6,1,0,1,0,7f7ffffbdad4) at Xsyscall+0x128 end of kernel end trace frame: 0x7f7ffffbdaa0, count: -11 ddb{0}> show registers rdi 0 rsi 0 rbp 0xffff800020c5d950 rbx 0 rdx 0xffffffff81f3d638 substchar+0x12a98 rcx 0 rax 0 r8 0xffffffff81a0e415 setrunnable+0x95 r9 0x5 r10 0xdbf147a2466dc663 r11 0x430a902409ba246e r12 0xffff800000026d00 r13 0 r14 0xffff800000026d50 r15 0xffffffffffffffff rip 0xffffffff81e364d5 wsmuxclose+0x75 cs 0x8 rflags 0x10246 __ALIGN_SIZE+0xf246 rsp 0xffff800020c5d910 ss 0x10 wsmuxclose+0x75: cmpq %r12,0x90(%r15) ddb{0}> show proc PROC (syz-executor.0) pid=428436 stat=onproc flags process=1008 proc=2000 pri=0, usrpri=53, nice=20 forw=0xffffffffffffffff, list=0xffff800020b95c30,0xffff800020b6abe0 process=0xffff800020b45708 user=0xffff800020c58000, vmspace=0xfffffd807f00c9d8 estcpu=3, cpticks=9, pctcpu=0.10 user=0, sys=1, intr=0 ddb{0}> ps PID TID PPID UID S FLAGS WAIT COMMAND 49568 196607 61591 0 2 0 syz-executor.1 49568 114140 61591 0 2 0x4000000 syz-executor.1 49568 158581 61591 0 7 0x4000000 syz-executor.1 61591 160962 56733 0 2 0x482 syz-executor.1 73449 245397 56733 0 2 0x482 syz-executor.0 56733 476161 46347 0 3 0x82 thrsleep syz-fuzzer 56733 451104 46347 0 3 0x4000082 thrsleep syz-fuzzer 56733 441028 46347 0 3 0x4000082 thrsleep syz-fuzzer 56733 75485 46347 0 3 0x4000082 thrsleep syz-fuzzer 56733 348939 46347 0 3 0x4000082 thrsleep syz-fuzzer 56733 17773 46347 0 3 0x4000082 thrsleep syz-fuzzer 56733 52116 46347 0 3 0x4000082 thrsleep syz-fuzzer 56733 454000 46347 0 3 0x4000082 thrsleep syz-fuzzer 56733 61910 46347 0 3 0x4000082 kqread syz-fuzzer 56733 355169 46347 0 3 0x4000082 thrsleep syz-fuzzer 56733 196354 46347 0 3 0x4000082 thrsleep syz-fuzzer 56733 369989 46347 0 3 0x4000082 thrsleep syz-fuzzer 46347 122653 41748 0 3 0x10008a pause ksh 41748 514768 59826 0 3 0x92 select sshd 8629 509748 1 0 3 0x100083 ttyin getty 59826 238123 1 0 3 0x80 select sshd 81050 265183 51409 73 2 0x100090 syslogd 51409 168325 1 0 3 0x100082 netio syslogd 21261 330423 1 77 3 0x100090 poll dhclient 66195 479110 1 0 3 0x80 poll dhclient 94257 252109 0 0 2 0x14200 zerothread 54178 50122 0 0 3 0x14200 aiodoned aiodoned 36500 403530 0 0 3 0x14200 syncer update 26441 36656 0 0 3 0x14200 cleaner cleaner 54268 135829 0 0 3 0x14200 reaper reaper 57375 520672 0 0 3 0x14200 pgdaemon pagedaemon 26019 302784 0 0 3 0x14200 bored crynlk 96238 42259 0 0 3 0x14200 bored crypto 24161 437309 0 0 3 0x40014200 acpi0 acpi0 42026 379686 0 0 3 0x40014200 idle1 78901 296697 0 0 3 0x14200 bored softnet 31068 445164 0 0 3 0x14200 bored systqmp 67084 174679 0 0 3 0x14200 bored systq 64898 344727 0 0 3 0x40014200 bored softclock 61972 230611 0 0 3 0x40014200 idle0 1 161835 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb{0}> show all locks ddb{0}> show malloc Type InUse MemUse HighUse Limit Requests Type Lim Kern Lim devbuf 9469 6340K 6340K 78643K 10574 0 0 pcb 23 9K 9K 78643K 85 0 0 rtable 100 3K 4K 78643K 184 0 0 ifaddr 39 10K 10K 78643K 47 0 0 counters 39 33K 33K 78643K 39 0 0 ioctlops 0 0K 2K 78643K 15 0 0 iov 0 0K 16K 78643K 4 0 0 mount 1 1K 1K 78643K 1 0 0 vnodes 1197 75K 75K 78643K 1217 0 0 UFS quota 1 32K 32K 78643K 1 0 0 UFS mount 5 36K 36K 78643K 5 0 0 shm 2 1K 1K 78643K 2 0 0 VM map 2 1K 1K 78643K 2 0 0 sem 4 0K 0K 78643K 4 0 0 dirhash 12 2K 2K 78643K 12 0 0 ACPI 1792 194K 288K 78643K 12592 0 0 file desc 5 16K 20K 78643K 49 0 0 proc 40 38K 58K 78643K 247 0 0 subproc 64 65538K 67586K 78643K 68 0 0 NFS srvsock 1 0K 0K 78643K 1 0 0 NFS daemon 1 16K 16K 78643K 1 0 0 ip_moptions 0 0K 0K 78643K 10 0 0 in_multi 33 2K 2K 78643K 33 0 0 ether_multi 1 0K 0K 78643K 1 0 0 ISOFS mount 1 32K 32K 78643K 1 0 0 MSDOSFS mount 1 16K 16K 78643K 1 0 0 ttys 54 238K 238K 78643K 54 0 0 exec 0 0K 1K 78643K 165 0 0 pagedep 1 8K 8K 78643K 1 0 0 inodedep 1 32K 32K 78643K 1 0 0 newblk 1 0K 0K 78643K 1 0 0 VM swap 7 26K 26K 78643K 7 0 0 UVM amap 82 20K 20K 78643K 880 0 0 UVM aobj 4 2K 2K 78643K 4 0 0 memdesc 1 4K 4K 78643K 1 0 0 crypto data 1 1K 1K 78643K 1 0 0 NDP 6 0K 0K 78643K 12 0 0 temp 90 2353K 2417K 78643K 2876 0 0 SYN cache 2 16K 16K 78643K 2 0 0 ddb{0}> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle arp 64 4 0 0 1 0 1 1 0 8 0 inpcbpl 280 34 0 27 1 0 1 1 0 8 0 plimitpl 152 14 0 7 1 0 1 1 0 8 0 plcache 128 20 0 0 1 0 1 1 0 8 0 rtentry 112 41 0 1 2 0 2 2 0 8 0 syncache 264 4 0 4 1 1 0 1 0 8 0 tcpcb 544 14 0 10 1 0 1 1 0 8 0 nd6 48 4 0 0 1 0 1 1 0 8 0 ppxss 1128 1 0 1 1 0 1 1 0 8 1 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 185 0 0 12 0 12 12 0 8 0 art_table 32 186 0 0 2 0 2 2 0 8 0 art_node 16 40 0 6 1 0 1 1 0 8 0 sysvmsgpl 40 5 0 1 1 0 1 1 0 8 0 semapl 112 2 0 0 1 0 1 1 0 8 0 shmpl 112 2 0 0 1 0 1 1 0 8 0 dirhash 1024 17 0 0 3 0 3 3 0 8 0 dino1pl 128 1482 0 77 46 0 46 46 0 8 0 ffsino 272 1482 0 77 95 0 95 95 0 8 1 nchpl 144 1749 0 127 61 0 61 61 0 8 0 uvmvnodes 72 1526 0 0 28 0 28 28 0 8 0 vnodes 200 1526 0 0 81 0 81 81 0 8 0 namei 1024 4156 0 4156 1 0 1 1 0 8 1 percpumem 16 30 0 0 1 0 1 1 0 8 0 scxspl 192 4140 0 4140 7 1 6 6 0 8 6 sigapl 432 218 0 204 2 0 2 2 0 8 0 futexpl 56 412 0 412 1 0 1 1 0 8 1 knotepl 112 70 0 43 2 0 2 2 0 8 1 kqueuepl 104 11 0 8 1 0 1 1 0 8 0 pipepl 112 144 0 123 2 1 1 1 0 8 0 fdescpl 488 219 0 204 3 0 3 3 0 8 1 filepl 152 1104 0 1005 5 0 5 5 0 8 1 lockfpl 104 9 0 9 2 1 1 1 0 8 1 lockfspl 32 4 0 4 2 1 1 1 0 8 1 sessionpl 112 17 0 7 1 0 1 1 0 8 0 pgrppl 48 17 0 7 1 0 1 1 0 8 0 ucredpl 96 70 0 63 1 0 1 1 0 8 0 zombiepl 144 205 0 204 2 1 1 1 0 8 0 processpl 840 233 0 204 4 0 4 4 0 8 0 procpl 600 319 0 277 4 0 4 4 0 8 0 sockpl 384 106 0 89 3 0 3 3 0 8 1 mcl64k 65536 1 0 0 1 0 1 1 0 8 0 mcl16k 16384 1 0 0 1 0 1 1 0 8 0 mcl12k 12288 1 0 0 1 0 1 1 0 8 0 mcl4k 4096 3 0 0 1 0 1 1 0 8 0 mcl2k 2048 117 0 0 14 0 14 14 0 8 0 mtagpl 80 1 0 0 1 0 1 1 0 8 0 mbufpl 256 137 0 0 9 0 9 9 0 8 0 bufpl 256 5240 0 1013 265 0 265 265 0 8 0 anonpl 16 32040 0 22033 48 1 47 47 0 125 4 amapchunkpl 152 888 0 775 5 0 5 5 0 158 0 amappl16 192 837 0 213 32 0 32 32 0 8 0 amappl15 184 1 0 0 1 0 1 1 0 8 0 amappl14 176 12 0 10 2 1 1 1 0 8 0 amappl13 168 44 0 38 1 0 1 1 0 8 0 amappl12 160 4 0 4 1 1 0 1 0 8 0 amappl11 152 200 0 188 1 0 1 1 0 8 0 amappl10 144 58 0 55 2 1 1 1 0 8 0 amappl9 136 356 0 353 1 0 1 1 0 8 0 amappl8 128 130 0 114 1 0 1 1 0 8 0 amappl7 120 59 0 52 1 0 1 1 0 8 0 amappl6 112 51 0 45 1 0 1 1 0 8 0 amappl5 104 116 0 102 1 0 1 1 0 8 0 amappl4 96 268 0 244 2 1 1 2 0 8 0 amappl3 88 125 0 120 1 0 1 1 0 8 0 amappl2 80 976 0 913 2 0 2 2 0 8 0 amappl1 72 13145 0 12698 24 7 17 19 0 8 7 amappl 72 526 0 485 1 0 1 1 0 75 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma64 64 259 0 259 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 17 0 17 1 1 0 1 0 8 0 aobjpl 64 3 0 0 1 0 1 1 0 8 0 uaddrrnd 24 219 0 204 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 219 0 204 1 0 1 1 0 8 0 vmmpekpl 168 5541 0 5516 2 0 2 2 0 8 0 vmmpepl 168 30181 0 28513 82 9 73 73 0 357 0 vmsppl 360 218 0 204 2 0 2 2 0 8 0 pdppl 4096 445 0 408 5 0 5 5 0 8 0 pvpl 32 113097 0 99585 125 3 122 122 0 265 12 pmappl 224 218 0 204 1 0 1 1 0 8 0 extentpl 40 39 0 25 1 0 1 1 0 8 0 phpool 112 411 0 2 12 0 12 12 0 8 0