uvm_fault(0xfffffd803f014000, 0x10, 0, 2) -> e kernel: page fault trap, code=0 Stopped at wsmux_do_ioctl+0x6ba: movq %rax,0x10(%rdx,%r15,8) ddb> ddb> set $lines = 0 ddb> show panic kernel page fault uvm_fault(0xfffffd803f014000, 0x10, 0, 2) -> e wsmux_do_ioctl(219dab99b3887fa1,80185760,fffffd802d3d1238,3,fffffd803f7c7780) at wsmux_do_ioctl+0x6ba sys/dev/wscons/wsmux.c:404 end trace frame: 0xffff800014a644d0, count: 0 ddb> trace wsmux_do_ioctl(219dab99b3887fa1,80185760,fffffd802d3d1238,3,fffffd803f7c7780) at wsmux_do_ioctl+0x6ba sys/dev/wscons/wsmux.c:404 VOP_IOCTL(219dab99b385e4b4,80185760,fffffd80305f16a0,ffff8000ffff84b8,fffffd802d3d1238,ffff8000ffff84b8) at VOP_IOCTL+0x80 sys/kern/vfs_vops.c:290 vn_ioctl(d2afe1eda5031410,fffffd80305f16a0,ffff8000ffff84b8,18) at vn_ioctl+0xc5 sys/kern/vfs_vnops.c:512 sys_ioctl(efd7a55a04993976,0,ffff8000ffff84b8) at sys_ioctl+0x639 syscall(548d983c897b514f) at syscall+0x528 Xsyscall(6,0,ffffffffffffff89,0,3,d9a7e84d1a0) at Xsyscall+0x128 end of kernel end trace frame: 0xd9cb4f7ace0, count: -6 ddb> show registers rdi 0xff rsi 0x1 rbp 0xffff800014a64450 rbx 0x1 rdx 0 rcx 0 rax 0 r8 0xffffffff8105d280 wsmux_do_ioctl+0x1e0 r9 0x7 r10 0x6ee335374e6a1668 r11 0x3cf63a0e5a591dcf r12 0xffff800000669150 r13 0 r14 0xffff800014a64600 r15 0 rip 0xffffffff8105d75a wsmux_do_ioctl+0x6ba cs 0x8 rflags 0x10293 __ALIGN_SIZE+0xf293 rsp 0xffff800014a64400 ss 0x10 wsmux_do_ioctl+0x6ba: movq %rax,0x10(%rdx,%r15,8) ddb> show proc PROC (syz-executor0) pid=342676 stat=onproc flags process=0 proc=4000000 pri=82, usrpri=82, nice=20 forw=0xffffffffffffffff, list=0xffff80001496c268,0xffffffff822302b0 process=0xffff8000149b9a60 user=0xffff800014a5f000, vmspace=0xfffffd803f014000 estcpu=32, cpticks=0, pctcpu=0.0 user=0, sys=0, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 68594 116551 81667 0 2 0 syz-executor1 28934 414831 37990 0 2 0 syz-executor0 28934 388152 37990 0 3 0x4000080 wsevent_read syz-executor0 28934 271700 37990 0 3 0x4000080 wsevent_read syz-executor0 *28934 342676 37990 0 7 0x4000000 syz-executor0 37990 349867 71387 0 3 0x82 nanosleep syz-executor0 81667 429268 71387 0 3 0x82 nanosleep syz-executor1 87100 145486 0 0 3 0x14200 bored sosplice 71387 98110 10859 0 3 0x82 thrsleep syz-fuzzer 71387 443270 10859 0 3 0x4000082 thrsleep syz-fuzzer 71387 200512 10859 0 3 0x4000082 thrsleep syz-fuzzer 71387 453395 10859 0 3 0x4000082 thrsleep syz-fuzzer 71387 81452 10859 0 3 0x4000082 kqread syz-fuzzer 71387 456691 10859 0 3 0x4000082 thrsleep syz-fuzzer 71387 12149 10859 0 3 0x4000082 thrsleep syz-fuzzer 10859 106654 92316 0 3 0x10008a pause ksh 92316 505242 93686 0 3 0x92 select sshd 48820 75148 1 0 3 0x100083 ttyin getty 93686 287011 1 0 3 0x80 select sshd 40049 288250 70910 73 2 0x100090 syslogd 70910 504921 1 0 3 0x100082 netio syslogd 91772 379181 1 77 3 0x100090 poll dhclient 18656 154987 1 0 3 0x80 poll dhclient 88457 184877 0 0 2 0x14200 zerothread 56484 414249 0 0 3 0x14200 aiodoned aiodoned 26964 264209 0 0 3 0x14200 syncer update 27937 62810 0 0 3 0x14200 cleaner cleaner 50211 137534 0 0 3 0x14200 reaper reaper 98545 373690 0 0 3 0x14200 pgdaemon pagedaemon 78739 429540 0 0 3 0x14200 bored crynlk 85042 433257 0 0 3 0x14200 bored crypto 58650 352617 0 0 3 0x40014200 acpi0 acpi0 45869 212365 0 0 3 0x14200 bored softnet 98526 29915 0 0 3 0x14200 bored systqmp 4811 96143 0 0 3 0x14200 bored systq 45452 293245 0 0 3 0x40014200 bored softclock 36605 32817 0 0 3 0x40014200 idle0 1 262696 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim Kern Lim devbuf 9545 8922K 8930K 78643K 12607 0 0 pcb 23 9K 11K 78643K 4838 0 0 rtable 100 3K 3K 78643K 1040 0 0 ifaddr 65 17K 19K 78643K 543 0 0 counters 19 16K 16K 78643K 19 0 0 ioctlops 0 0K 2K 78643K 86 0 0 iov 0 0K 32K 78643K 1024 0 0 mount 1 1K 1K 78643K 1 0 0 vnodes 1193 75K 76K 78643K 7005 0 0 UFS quota 1 32K 32K 78643K 1 0 0 UFS mount 5 36K 36K 78643K 5 0 0 shm 2 1K 9K 78643K 138 0 0 VM map 2 0K 0K 78643K 2 0 0 sem 12 0K 0K 78643K 867 0 0 dirhash 12 2K 2K 78643K 12 0 0 ACPI 1777 193K 286K 78643K 12501 0 0 file desc 6 17K 25K 78643K 9198 0 0 sigio 0 0K 0K 78643K 212 0 0 proc 42 30K 54K 78643K 1725 0 0 subproc 64 65538K 67586K 78643K 212 0 0 NFS srvsock 1 0K 0K 78643K 1 0 0 NFS daemon 1 16K 16K 78643K 1 0 0 ip_moptions 0 0K 0K 78643K 1288 0 0 in_multi 33 2K 2K 78643K 416 0 0 ether_multi 1 0K 0K 78643K 49 0 0 ISOFS mount 1 32K 32K 78643K 1 0 0 MSDOSFS mount 1 16K 16K 78643K 1 0 0 ttys 150 662K 662K 78643K 150 0 0 exec 0 0K 1K 78643K 941 0 0 pfkey data 0 0K 4K 78643K 4 0 0 pagedep 1 8K 8K 78643K 1 0 0 inodedep 1 32K 32K 78643K 1 0 0 newblk 1 0K 0K 78643K 1 0 0 VM swap 7 26K 26K 78643K 7 0 0 UVM amap 121 22K 42K 78643K 23154 0 0 UVM aobj 130 4K 4K 78643K 143 0 0 memdesc 1 4K 4K 78643K 1 0 0 crypto data 1 1K 1K 78643K 1 0 0 ip6_options 0 0K 1K 78643K 251 0 0 NDP 14 0K 0K 78643K 153 0 0 temp 184 2347K 2427K 78643K 26926 0 0 kqueue 0 0K 0K 78643K 91 0 0 SYN cache 2 16K 16K 78643K 2 0 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle arp 64 7 0 3 1 0 1 1 0 8 0 inpcbpl 280 3998 0 3991 1 0 1 1 0 8 0 plimitpl 152 121 0 114 1 0 1 1 0 8 0 rtentry 112 68 0 28 2 0 2 2 0 8 0 syncache 264 4 0 4 1 1 0 1 0 8 0 tcpqe 32 2 0 2 1 1 0 1 0 8 0 tcpcb 544 1457 0 1453 1 0 1 1 0 8 0 nd6 48 10 0 6 1 0 1 1 0 8 0 swfcl 56 1 0 0 1 0 1 1 0 8 0 ppxss 1128 91 0 91 36 35 1 1 0 8 1 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 321 0 133 12 0 12 12 0 8 0 art_table 32 322 0 133 2 0 2 2 0 8 0 art_node 16 67 0 33 1 0 1 1 0 8 0 sysvmsgpl 40 14 0 4 1 0 1 1 0 8 0 semupl 112 3 0 3 1 1 0 1 0 8 0 semapl 112 865 0 855 1 0 1 1 0 8 0 shmpl 112 141 0 13 5 1 4 4 0 8 0 dirhash 1024 17 0 0 3 0 3 3 0 8 0 dino1pl 128 19362 0 17792 51 0 51 51 0 8 0 ffsino 240 19362 0 17792 96 3 93 93 0 8 0 nchpl 144 32761 0 31178 59 0 59 59 0 8 0 uvmvnodes 72 6453 0 0 118 0 118 118 0 8 0 vnodes 200 6453 0 0 340 0 340 340 0 8 0 namei 1024 104923 0 104923 5 4 1 1 0 8 1 scsiplug 64 34 0 34 21 20 1 1 0 8 1 scxspl 192 92675 0 92675 33 32 1 6 0 8 1 sigapl 432 9356 0 9342 2 0 2 2 0 8 0 futexpl 56 148448 0 148448 6 5 1 1 0 8 1 knotepl 112 2516 0 2489 16 15 1 2 0 8 0 kqueuepl 104 3180 0 3178 1 0 1 1 0 8 0 pipepl 112 6454 0 6435 24 23 1 2 0 8 0 fdescpl 424 9357 0 9342 2 0 2 2 0 8 0 filepl 120 61055 0 60960 11 7 4 6 0 8 1 lockfpl 96 3006 0 3006 16 15 1 1 0 8 1 lockfspl 24 4902 0 4902 13 12 1 1 0 8 1 sessionpl 112 20 0 10 1 0 1 1 0 8 0 pgrppl 48 106 0 96 1 0 1 1 0 8 0 ucredpl 96 20935 0 20928 1 0 1 1 0 8 0 zombiepl 144 9342 0 9342 5 4 1 1 0 8 1 processpl 840 9371 0 9342 5 1 4 4 0 8 0 procpl 600 22243 0 22205 12 8 4 4 0 8 1 sosppl 128 163 0 163 46 45 1 1 0 8 1 sockpl 384 8532 0 8515 16 13 3 4 0 8 1 mcl64k 65536 4052 0 4052 422 408 14 65 0 8 14 mcl16k 16384 30 0 30 24 23 1 1 0 8 1 mcl12k 12288 190 0 190 44 43 1 1 0 8 1 mcl9k 9216 210 0 210 36 36 0 1 0 8 0 mcl8k 8192 154 0 154 52 52 0 1 0 8 0 mcl4k 4096 432 0 432 25 25 0 1 0 8 0 mcl2k2 2112 66 0 66 34 34 0 1 0 8 0 mcl2k 2048 53671 0 53638 11 6 5 10 0 8 0 mtagpl 80 2 0 2 1 1 0 1 0 8 0 mbufpl 256 133446 0 133397 207 201 6 37 0 8 0 bufpl 256 21275 0 14820 404 0 404 404 0 8 0 anonpl 16 845856 0 837918 330 281 49 55 0 62 13 amapchunkpl 152 49239 0 49155 223 219 4 96 0 158 0 amappl16 192 55885 0 55465 394 365 29 38 0 8 7 amappl15 184 5 0 4 1 0 1 1 0 8 0 amappl14 176 5 0 3 2 1 1 1 0 8 0 amappl13 168 2621 0 2616 1 0 1 1 0 8 0 amappl12 160 2254 0 2253 1 0 1 1 0 8 0 amappl11 152 196 0 187 1 0 1 1 0 8 0 amappl10 144 60 0 59 2 1 1 1 0 8 0 amappl9 136 320 0 319 1 0 1 1 0 8 0 amappl8 128 2500 0 2448 2 0 2 2 0 8 0 amappl7 120 2638 0 2628 1 0 1 1 0 8 0 amappl6 112 49 0 42 1 0 1 1 0 8 0 amappl5 104 229 0 218 1 0 1 1 0 8 0 amappl4 96 2299 0 2272 2 1 1 2 0 8 0 amappl3 88 2928 0 2921 1 0 1 1 0 8 0 amappl2 80 92548 0 92486 2 0 2 2 0 8 0 amappl1 72 174714 0 174275 26 17 9 18 0 8 0 amappl 72 22530 0 22496 1 0 1 1 0 75 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma64 64 259 0 259 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 17 0 17 1 1 0 1 0 8 0 aobjpl 64 142 0 13 3 0 3 3 0 8 0 uaddrrnd 24 9357 0 9342 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 9357 0 9342 1 0 1 1 0 8 0 vmmpekpl 168 64588 0 64565 2 0 2 2 0 8 0 vmmpepl 168 952965 0 951479 322 246 76 79 0 357 10 vmsppl 264 9356 0 9342 3 2 1 2 0 8 0 pdppl 4096 18720 0 18684 6 1 5 6 0 8 0 pvpl 32 2564307 0 2552688 817 691 126 232 0 265 32 pmappl 192 9356 0 9342 1 0 1 1 0 8 0 extentpl 40 39 0 25 1 0 1 1 0 8 0 phpool 112 1271 0 725 21 3 18 18 0 8 0