uvm_fault(0xfffffd8065b079a0, 0x8, 0, 2) -> e kernel: page fault trap, code=0 Stopped at ml_enlist+0x5c: movq %rbx,0x8(%rax) ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic kernel page fault uvm_fault(0xfffffd8065b079a0, 0x8, 0, 2) -> e ml_enlist(ffff80001f7c8f48,ffff800000b38f00) at ml_enlist+0x5c sys/kern/uipc_mbuf.c:1582 end trace frame: 0xffff80001f7c8f90, count: 0 ddb> trace ml_enlist(ffff80001f7c8f48,ffff800000b38f00) at ml_enlist+0x5c sys/kern/uipc_mbuf.c:1582 ifq_purge(ffff800000b42278) at ifq_purge+0x5d sys/net/ifq.c:453 tun_dev_close(5d01,7) at tun_dev_close+0xc8 sys/net/if_tun.c:460 spec_close(ffff80001f7c9070) at spec_close+0x311 sys/kern/spec_vnops.c:560 VOP_CLOSE(fffffd8058187750,7,fffffd806c3bfc60,ffff80001d6aa5f8) at VOP_CLOSE+0xc0 sys/kern/vfs_vops.c:174 vn_closefile(fffffd80576dc6a0,ffff80001d6aa5f8) at vn_closefile+0xd2 vn_close sys/kern/vfs_vnops.c:298 [inline] vn_closefile(fffffd80576dc6a0,ffff80001d6aa5f8) at vn_closefile+0xd2 sys/kern/vfs_vnops.c:614 fdrop(fffffd80576dc6a0,ffff80001d6aa5f8) at fdrop+0xc2 sys/kern/kern_descrip.c:1279 closef(fffffd80576dc6a0,ffff80001d6aa5f8) at closef+0x117 sys/kern/kern_descrip.c:1263 fdfree(ffff80001d6aa5f8) at fdfree+0x100 sys/kern/kern_descrip.c:1195 exit1(ffff80001d6aa5f8,0,0,1) at exit1+0x32c sys/kern/kern_exit.c:197 sys_exit(ffff80001d6aa5f8,ffff80001f7c9300,ffff80001f7c9350) at sys_exit+0x16 sys/kern/kern_exit.c:95 syscall(ffff80001f7c93d0) at syscall+0x507 sys/arch/amd64/amd64/trap.c:570 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x7f7fffffb050, count: -13 ddb> show registers rdi 0 rsi 0x7 rbp 0xffff80001f7c8f30 rbx 0xfffffd80663dfa00 rdx 0x2000 __ALIGN_SIZE+0x1000 rcx 0xffff80001d6aa5f8 rax 0 r8 0xffffffff81e4e0d2 spec_close+0x52 r9 0x5 r10 0x477e3a13ed388fe8 r11 0xa22d6904704afb2 r12 0x7 r13 0 r14 0xffff800000b38f00 r15 0xffff80001f7c8f48 rip 0xffffffff817fbfdc ml_enlist+0x5c cs 0x8 rflags 0x10246 __ALIGN_SIZE+0xf246 rsp 0xffff80001f7c8ef0 ss 0x10 ml_enlist+0x5c: movq %rbx,0x8(%rax) ddb> show proc PROC (syz-executor.1) pid=73598 stat=onproc flags process=1008 proc=2000 pri=32, usrpri=78, nice=20 forw=0xffffffffffffffff, list=0xffff80001d6a99c8,0xffffffff82817430 process=0xffff8000ffffb5a0 user=0xffff80001f7c4000, vmspace=0xfffffd8065b079a0 estcpu=28, cpticks=2, pctcpu=0.4 user=0, sys=1, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 94790 428606 0 0 3 0x14200 acct acct 81566 325903 1 0 3 0x100083 ttyin getty 77128 449288 0 0 3 0x14200 bored sosplice 7501 107200 41298 0 3 0x82 piperd syz-executor.0 41298 497172 41112 0 3 0x82 thrsleep syz-fuzzer 41298 154204 41112 0 3 0x4000082 nanosleep syz-fuzzer 41298 167367 41112 0 2 0x4000002 syz-fuzzer 41298 409115 41112 0 3 0x4000082 thrsleep syz-fuzzer 41298 139283 41112 0 3 0x4000082 thrsleep syz-fuzzer 41298 211100 41112 0 3 0x4000082 thrsleep syz-fuzzer 41298 516605 41112 0 3 0x4000082 thrsleep syz-fuzzer 41298 288326 41112 0 3 0x4000082 thrsleep syz-fuzzer 41112 187651 36880 0 3 0x10008a pause ksh 36880 330922 53195 0 3 0x92 select sshd 53195 520634 1 0 3 0x80 select sshd 90767 118508 77447 73 3 0x100090 kqread syslogd 77447 190491 1 0 3 0x100082 netio syslogd 31502 433584 1 77 3 0x100090 poll dhclient 20047 480251 1 0 3 0x80 poll dhclient 51385 26435 0 0 3 0x14200 bored smr 77818 29738 0 0 2 0x14200 zerothread 85472 40761 0 0 3 0x14200 aiodoned aiodoned 18806 57508 0 0 3 0x14200 syncer update 12643 264642 0 0 3 0x14200 cleaner cleaner 621 3389 0 0 3 0x14200 reaper reaper 54389 390899 0 0 3 0x14200 pgdaemon pagedaemon 35661 333503 0 0 3 0x14200 bored crynlk 30306 210751 0 0 3 0x14200 bored crypto 86149 293292 0 0 3 0x40014200 acpi0 acpi0 48488 2555 0 0 3 0x14200 bored softnet 71397 511306 0 0 3 0x14200 bored systqmp 44478 413892 0 0 2 0x14200 systq 23623 479149 0 0 3 0x40014200 bored softclock 69078 444991 0 0 3 0x40014200 idle0 1 61073 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 9514 6357K 7122K 78643K 12444 0 pcb 13 8K 8K 78643K 117 0 rtable 130 9K 11K 78643K 485 0 ifaddr 95 19K 19K 78643K 424 0 counters 21 16K 16K 78643K 28 0 ioctlops 0 0K 4K 78643K 109 0 iov 0 0K 12K 78643K 85 0 mount 1 1K 1K 78643K 1 0 vnodes 1225 77K 77K 78643K 1710 0 UFS quota 1 32K 32K 78643K 1 0 UFS mount 5 36K 36K 78643K 5 0 shm 2 1K 5K 78643K 5 0 VM map 2 0K 0K 78643K 2 0 sem 12 0K 1K 78643K 106 0 dirhash 12 2K 2K 78643K 12 0 ACPI 1809 195K 288K 78643K 12938 0 file desc 4 9K 25K 78643K 773 0 sigio 0 0K 0K 78643K 17 0 proc 49 38K 54K 78643K 444 0 subproc 23 1K 2K 78643K 51 0 NFS srvsock 1 0K 0K 78643K 1 0 NFS daemon 1 16K 16K 78643K 1 0 ip_moptions 0 0K 0K 78643K 304 0 in_multi 72 3K 3K 78643K 274 0 ether_multi 1 0K 0K 78643K 14 0 mrt 0 0K 0K 78643K 4 0 ISOFS mount 1 32K 32K 78643K 1 0 MSDOSFS mount 1 16K 16K 78643K 1 0 ttys 49 228K 228K 78643K 49 0 exec 0 0K 1K 78643K 245 0 pagedep 1 8K 8K 78643K 1 0 inodedep 1 32K 32K 78643K 1 0 newblk 1 0K 0K 78643K 1 0 VM swap 7 26K 26K 78643K 7 0 UVM amap 132 55K 58K 78643K 2611 0 UVM aobj 13 2K 4K 78643K 17 0 memdesc 1 4K 4K 78643K 1 0 crypto data 1 1K 1K 78643K 1 0 ip6_options 0 0K 0K 78643K 76 0 NDP 13 0K 0K 78643K 36 0 temp 107 3857K 3921K 78643K 16769 0 kqueue 3 4K 8K 78643K 23 0 SYN cache 2 16K 16K 78643K 2 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle arp 64 9 0 4 1 0 1 1 0 8 0 rtpcb 80 49 0 47 1 0 1 1 0 8 0 rtentry 112 80 0 39 2 0 2 2 0 8 0 unpcb 120 275 0 267 1 0 1 1 0 8 0 syncache 264 12 0 12 3 2 1 1 0 8 1 tcpcb 544 218 0 214 1 0 1 1 0 8 0 inpcb 296 1434 0 1427 5 3 2 2 0 8 1 rttmr 72 1 0 1 1 1 0 1 0 8 0 nd6 48 22 0 17 1 0 1 1 0 8 0 pkpcb 40 2 0 2 1 1 0 1 0 8 0 ppxss 1128 3 0 3 2 1 1 1 0 8 1 pfstscr 40 1 0 1 1 1 0 1 0 8 0 pfosfp 40 1 0 0 1 0 1 1 0 8 0 pfosfpen 112 2 0 0 1 0 1 1 0 8 0 pfrktable 1344 55 0 44 3 2 1 2 0 8 0 pftag 88 14 0 10 2 1 1 1 0 8 0 pfstkey 112 2 0 2 1 1 0 1 0 8 0 pfstate 328 1 0 1 1 1 0 1 0 8 0 pfrule 1360 20 0 12 2 1 1 1 0 8 0 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 440 0 227 17 3 14 15 0 8 0 art_table 32 441 0 227 2 0 2 2 0 8 0 art_node 16 79 0 41 1 0 1 1 0 8 0 sysvmsgpl 40 2 0 0 1 0 1 1 0 8 0 semupl 112 5 0 5 1 1 0 1 0 8 0 semapl 112 102 0 92 1 0 1 1 0 8 0 shmpl 112 15 0 4 1 0 1 1 0 8 0 dirhash 1024 17 0 0 3 0 3 3 0 8 0 dino2pl 256 2366 0 966 88 0 88 88 0 8 0 ffsino 240 2366 0 966 83 0 83 83 0 8 0 nchpl 144 3512 0 1920 60 0 60 60 0 8 0 uvmvnodes 72 2812 0 0 52 0 52 52 0 8 0 vnodes 208 2812 0 0 148 0 148 148 0 8 0 namei 1024 9641 0 9641 3 2 1 1 0 8 1 vcpupl 1984 4 0 0 1 0 1 1 0 8 0 vmpool 528 13 0 9 2 1 1 1 0 8 0 pfiaddrpl 120 22 0 14 1 0 1 1 0 8 0 scxspl 192 11446 0 11446 2 1 1 1 0 8 1 plimitpl 152 67 0 60 1 0 1 1 0 8 0 sigapl 424 959 0 930 4 0 4 4 0 8 0 futexpl 56 14669 0 14669 3 2 1 1 0 8 1 knotepl 112 103 0 84 1 0 1 1 0 8 0 kqueuepl 144 70 0 67 1 0 1 1 0 8 0 pipepl 272 146 0 136 3 2 1 2 0 8 0 fdescpl 432 943 0 930 2 0 2 2 0 8 0 filepl 120 5303 0 5220 6 2 4 5 0 8 1 lockfpl 104 101 0 100 1 0 1 1 0 8 0 lockfspl 48 38 0 37 1 0 1 1 0 8 0 sessionpl 112 19 0 9 1 0 1 1 0 8 0 pgrppl 48 25 0 15 1 0 1 1 0 8 0 ucredpl 96 452 0 444 1 0 1 1 0 8 0 zombiepl 144 931 0 929 3 2 1 1 0 8 0 processpl 920 959 0 929 4 0 4 4 0 8 0 procpl 624 1839 0 1802 4 0 4 4 0 8 1 sosppl 128 7 0 7 3 2 1 1 0 8 1 sockpl 400 1763 0 1746 6 3 3 4 0 8 1 mcl64k 65536 293 0 293 35 34 1 33 0 8 1 mcl16k 16384 2 0 2 2 2 0 1 0 8 0 mcl12k 12288 15 0 15 3 3 0 1 0 8 0 mcl9k 9216 6 0 6 4 3 1 1 0 8 1 mcl8k 8192 17 0 17 3 2 1 1 0 8 1 mcl4k 4096 43 0 43 4 3 1 1 0 8 1 mcl2k2 2112 4 0 4 3 2 1 1 0 8 1 mcl2k 2048 75927 0 75882 16 9 7 13 0 8 0 mtagpl 96 51 0 30 2 1 1 1 0 8 0 mbufpl 256 124688 0 124536 31 20 11 22 0 8 0 bufpl 280 5197 0 136 362 0 362 362 0 8 0 anonpl 16 94311 0 77433 85 17 68 75 0 107 0 amapchunkpl 152 3816 0 3691 21 14 7 13 0 158 1 amappl16 192 4099 0 3166 58 11 47 52 0 8 0 amappl15 184 267 0 264 1 0 1 1 0 8 0 amappl14 176 229 0 225 1 0 1 1 0 8 0 amappl13 168 287 0 283 1 0 1 1 0 8 0 amappl12 160 265 0 261 1 0 1 1 0 8 0 amappl11 152 46 0 36 1 0 1 1 0 8 0 amappl10 144 276 0 273 1 0 1 1 0 8 0 amappl9 136 367 0 366 1 0 1 1 0 8 0 amappl8 128 350 0 309 2 0 2 2 0 8 0 amappl7 120 115 0 102 1 0 1 1 0 8 0 amappl6 112 24 0 18 1 0 1 1 0 8 0 amappl5 104 911 0 898 1 0 1 1 0 8 0 amappl4 96 445 0 417 1 0 1 1 0 8 0 amappl3 88 325 0 320 1 0 1 1 0 8 0 amappl2 80 7192 0 7127 2 0 2 2 0 8 0 amappl1 72 25323 0 24906 24 15 9 17 0 8 0 amappl 80 2086 0 2045 1 0 1 1 0 84 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 64 16 0 4 1 0 1 1 0 8 0 uaddrrnd 24 956 0 939 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 956 0 939 1 0 1 1 0 8 0 vmmpekpl 168 8830 0 8801 2 0 2 2 0 8 0 vmmpepl 168 115562 0 113601 147 57 90 120 0 357 0 vmsppl 272 955 0 939 3 1 2 2 0 8 0 pdppl 4096 1918 0 1882 9 4 5 6 0 8 0 pvpl 32 282233 0 262437 199 34 165 177 0 265 4 pmappl 200 955 0 939 2 1 1 2 0 8 0 extentpl 40 53 0 36 1 0 1 1 0 8 0 phpool 112 316 0 88 8 0 8 8 0 8 0 ddb> machine ddbcpu 0 No such command ddb> trace ml_enlist(ffff80001f7c8f48,ffff800000b38f00) at ml_enlist+0x5c sys/kern/uipc_mbuf.c:1582 ifq_purge(ffff800000b42278) at ifq_purge+0x5d sys/net/ifq.c:453 tun_dev_close(5d01,7) at tun_dev_close+0xc8 sys/net/if_tun.c:460 spec_close(ffff80001f7c9070) at spec_close+0x311 sys/kern/spec_vnops.c:560 VOP_CLOSE(fffffd8058187750,7,fffffd806c3bfc60,ffff80001d6aa5f8) at VOP_CLOSE+0xc0 sys/kern/vfs_vops.c:174 vn_closefile(fffffd80576dc6a0,ffff80001d6aa5f8) at vn_closefile+0xd2 vn_close sys/kern/vfs_vnops.c:298 [inline] vn_closefile(fffffd80576dc6a0,ffff80001d6aa5f8) at vn_closefile+0xd2 sys/kern/vfs_vnops.c:614 fdrop(fffffd80576dc6a0,ffff80001d6aa5f8) at fdrop+0xc2 sys/kern/kern_descrip.c:1279 closef(fffffd80576dc6a0,ffff80001d6aa5f8) at closef+0x117 sys/kern/kern_descrip.c:1263 fdfree(ffff80001d6aa5f8) at fdfree+0x100 sys/kern/kern_descrip.c:1195 exit1(ffff80001d6aa5f8,0,0,1) at exit1+0x32c sys/kern/kern_exit.c:197 sys_exit(ffff80001d6aa5f8,ffff80001f7c9300,ffff80001f7c9350) at sys_exit+0x16 sys/kern/kern_exit.c:95 syscall(ffff80001f7c93d0) at syscall+0x507 sys/arch/amd64/amd64/trap.c:570 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x7f7fffffb050, count: -13 ddb> machine ddbcpu 1 No such command ddb> trace ml_enlist(ffff80001f7c8f48,ffff800000b38f00) at ml_enlist+0x5c sys/kern/uipc_mbuf.c:1582 ifq_purge(ffff800000b42278) at ifq_purge+0x5d sys/net/ifq.c:453 tun_dev_close(5d01,7) at tun_dev_close+0xc8 sys/net/if_tun.c:460 spec_close(ffff80001f7c9070) at spec_close+0x311 sys/kern/spec_vnops.c:560 VOP_CLOSE(fffffd8058187750,7,fffffd806c3bfc60,ffff80001d6aa5f8) at VOP_CLOSE+0xc0 sys/kern/vfs_vops.c:174 vn_closefile(fffffd80576dc6a0,ffff80001d6aa5f8) at vn_closefile+0xd2 vn_close sys/kern/vfs_vnops.c:298 [inline] vn_closefile(fffffd80576dc6a0,ffff80001d6aa5f8) at vn_closefile+0xd2 sys/kern/vfs_vnops.c:614 fdrop(fffffd80576dc6a0,ffff80001d6aa5f8) at fdrop+0xc2 sys/kern/kern_descrip.c:1279 closef(fffffd80576dc6a0,ffff80001d6aa5f8) at closef+0x117 sys/kern/kern_descrip.c:1263 fdfree(ffff80001d6aa5f8) at fdfree+0x100 sys/kern/kern_descrip.c:1195 exit1(ffff80001d6aa5f8,0,0,1) at exit1+0x32c sys/kern/kern_exit.c:197 sys_exit(ffff80001d6aa5f8,ffff80001f7c9300,ffff80001f7c9350) at sys_exit+0x16 sys/kern/kern_exit.c:95 syscall(ffff80001f7c93d0) at syscall+0x507 sys/arch/amd64/amd64/trap.c:570 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x7f7fffffb050, count: -13