login: uvm_fault(0xfffffd807f00d9d8, 0x9f, 0, 2) -> e kernel: page fault trap, code=0 Stopped at wsmux_detach_sc+0xca: movq %rcx,0(%rax) ddb{1}> ddb{1}> set $lines = 0 ddb{1}> show panic kernel page fault uvm_fault(0xfffffd807f00d9d8, 0x9f, 0, 2) -> e wsmux_detach_sc(3f2a36016d71fe5) at wsmux_detach_sc+0xca sys/dev/wscons/wsmux.c:696 end trace frame: 0xffff800020ca2fb0, count: 0 ddb{1}> trace wsmux_detach_sc(3f2a36016d71fe5) at wsmux_detach_sc+0xca sys/dev/wscons/wsmux.c:696 wsmouseopen(6e873d895302cf10,ffff800020bbae28,ffff800020ca3020,1760) at wsmouseopen+0xe5 sys/dev/wscons/wsmouse.c:325 spec_open(b59153f4a0f4384c) at spec_open+0x215 sys/kern/spec_vnops.c:158 VOP_OPEN(65ea782ac68aaa9e,ffff800020ca31d0,1,fffffd80701e53d0) at VOP_OPEN+0x72 sys/kern/vfs_vops.c:153vn_open(704d6d45eaaabc49,1,1) at vn_open+0x4c2 doopenat(f525f95fd7dd27c3,0,ffff800020bbae28,49ff0310218,0,50) at doopenat+0x2b9 sys/kern/vfs_syscalls.c:1045 syscall(a6c67ce5500b32ed) at syscall+0x5a0 mi_syscall sys/sys/syscall_mi.h:99 [inline] syscall(a6c67ce5500b32ed) at syscall+0x5a0 sys/arch/amd64/amd64/trap.c:574 Xsyscall(6,0,ffffffffffffffa8,0,3,49dce636010) at Xsyscall+0x128 end of kernel end trace frame: 0x49ff03102a0, count: -8 ddb{1}> show registers rdi 0xffffffff8196b497 spllower+0x77 rsi 0x49a rbp 0xffff800020ca2f70 rbx 0 rdx 0x49b rcx 0xffffffffffffffff rax 0x9f r8 0xffffffff816da4a4 setrunnable+0x94 r9 0x5 r10 0x5939831ad1e193d9 r11 0x92fd97a6b86a473a r12 0xffff800000026db8 r13 0x1760 __ALIGN_SIZE+0x760 r14 0xffff80000064dc00 r15 0x1 rip 0xffffffff816175fa wsmux_detach_sc+0xca cs 0x8 rflags 0x10286 __ALIGN_SIZE+0xf286 rsp 0xffff800020ca2f50 ss 0x10 wsmux_detach_sc+0xca: movq %rcx,0(%rax) ddb{1}> show proc PROC (syz-executor0) pid=54542 stat=onproc flags process=0 proc=4000000 pri=0, usrpri=86, nice=20 forw=0xffffffffffffffff, list=0xffff800020bbb788,0xffff800020bba988 process=0xffff800020b949e8 user=0xffff800020c9e000, vmspace=0xfffffd807f00d9d8 estcpu=36, cpticks=1, pctcpu=0.0 user=0, sys=1, intr=0 ddb{1}> ps PID TID PPID UID S FLAGS WAIT COMMAND 11912 87841 39629 0 7 0 syz-executor0 *11912 54542 39629 0 7 0x4000000 syz-executor0 11912 466219 39629 0 2 0x4000000 syz-executor0 88892 492482 1 0 3 0x100083 ttyin getty 67701 289219 0 0 3 0x14200 bored sosplice 64309 319622 18461 0 3 0x82 nanosleep syz-executor1 39629 476468 18461 0 3 0x82 nanosleep syz-executor0 18461 239031 26372 0 3 0x82 thrsleep syz-fuzzer 18461 111322 26372 0 3 0x4000082 thrsleep syz-fuzzer 18461 495282 26372 0 3 0x4000082 thrsleep syz-fuzzer 18461 511133 26372 0 3 0x4000082 thrsleep syz-fuzzer 18461 168426 26372 0 3 0x4000082 thrsleep syz-fuzzer 18461 521906 26372 0 3 0x4000082 thrsleep syz-fuzzer 18461 233989 26372 0 3 0x4000082 thrsleep syz-fuzzer 18461 477529 26372 0 3 0x4000082 thrsleep syz-fuzzer 18461 266092 26372 0 3 0x4000082 thrsleep syz-fuzzer 18461 160738 26372 0 3 0x4000082 kqread syz-fuzzer 26372 303931 64221 0 3 0x10008a pause ksh 64221 416112 55158 0 3 0x92 select sshd 55158 368058 1 0 3 0x80 select sshd 43769 71476 94456 73 2 0x100090 syslogd 94456 229086 1 0 3 0x100082 netio syslogd 11447 342876 1 77 3 0x100090 poll dhclient 27864 182249 1 0 3 0x80 poll dhclient 76302 35595 0 0 3 0x14200 pgzero zerothread 41768 42713 0 0 3 0x14200 aiodoned aiodoned 82146 440932 0 0 3 0x14200 syncer update 1446 103967 0 0 3 0x14200 cleaner cleaner 20092 76442 0 0 3 0x14200 reaper reaper 95173 227554 0 0 3 0x14200 pgdaemon pagedaemon 82630 332778 0 0 3 0x14200 bored crynlk 9656 239682 0 0 3 0x14200 bored crypto 77813 193064 0 0 3 0x40014200 acpi0 acpi0 93193 449702 0 0 3 0x40014200 idle1 47110 463150 0 0 3 0x14200 bored softnet 78680 27569 0 0 3 0x14200 bored systqmp 55030 221962 0 0 3 0x14200 bored systq 82454 403128 0 0 3 0x40014200 bored softclock 26311 510566 0 0 3 0x40014200 idle0 1 396845 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb{1}> show all locks Process 11912 (syz-executor0) thread 0xffff800020bbae28 (54542) exclusive kernel_lock &kernel_lock r = 1 (0xffffffff822d6828) locked @ /syzkaller/managers/multicore/kernel/sys/arch/amd64/amd64/trap.c:161 ddb{1}> show malloc Type InUse MemUse HighUse Limit Requests Type Lim Kern Lim devbuf 9524 6373K 6375K 78643K 11250 0 0 pcb 23 9K 10K 78643K 1112 0 0 rtable 100 3K 4K 78643K 372 0 0 ifaddr 54 13K 13K 78643K 175 0 0 counters 39 33K 33K 78643K 39 0 0 ioctlops 0 0K 2K 78643K 34 0 0 iov 0 0K 32K 78643K 240 0 0 mount 1 1K 1K 78643K 1 0 0 vnodes 1196 75K 76K 78643K 2616 0 0 UFS quota 1 32K 32K 78643K 1 0 0 UFS mount 5 36K 36K 78643K 5 0 0 shm 2 1K 5K 78643K 29 0 0 VM map 2 1K 1K 78643K 2 0 0 sem 12 0K 0K 78643K 262 0 0 dirhash 12 2K 2K 78643K 12 0 0 ACPI 1792 194K 288K 78643K 12592 0 0 file desc 5 13K 25K 78643K 2223 0 0 sigio 0 0K 0K 78643K 48 0 0 proc 42 38K 58K 78643K 634 0 0 subproc 64 65538K 67586K 78643K 85 0 0 NFS srvsock 1 0K 0K 78643K 1 0 0 NFS daemon 1 16K 16K 78643K 1 0 0 ip_moptions 0 0K 0K 78643K 301 0 0 in_multi 33 2K 2K 78643K 153 0 0 ether_multi 1 0K 0K 78643K 18 0 0 ISOFS mount 1 32K 32K 78643K 1 0 0 MSDOSFS mount 1 16K 16K 78643K 1 0 0 ttys 90 397K 397K 78643K 90 0 0 exec 0 0K 1K 78643K 351 0 0 pfkey data 0 0K 4K 78643K 3 0 0 pagedep 1 8K 8K 78643K 1 0 0 inodedep 1 32K 32K 78643K 1 0 0 newblk 1 0K 0K 78643K 1 0 0 VM swap 7 26K 26K 78643K 7 0 0 UVM amap 100 21K 30K 78643K 7913 0 0 UVM aobj 101 3K 3K 78643K 118 0 0 memdesc 1 4K 4K 78643K 1 0 0 crypto data 1 1K 1K 78643K 1 0 0 ip6_options 0 0K 0K 78643K 54 0 0 NDP 11 0K 0K 78643K 47 0 0 temp 163 2367K 2435K 78643K 8593 0 0 kqueue 0 0K 0K 78643K 27 0 0 SYN cache 2 16K 16K 78643K 2 0 0 ddb{1}> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle arp 64 4 0 0 1 0 1 1 0 8 0 inpcbpl 280 959 0 952 1 0 1 1 0 8 0 plimitpl 152 47 0 40 1 0 1 1 0 8 0 plcache 128 20 0 0 1 0 1 1 0 8 0 rtentry 112 41 0 1 2 0 2 2 0 8 0 syncache 264 4 0 4 1 1 0 1 0 8 0 tcpcb 544 359 0 355 1 0 1 1 0 8 0 nd6 48 4 0 0 1 0 1 1 0 8 0 ppxss 1128 27 0 27 8 7 1 1 0 8 1 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 185 0 0 12 0 12 12 0 8 0 art_table 32 186 0 0 2 0 2 2 0 8 0 art_node 16 40 0 6 1 0 1 1 0 8 0 sysvmsgpl 40 26 0 10 1 0 1 1 0 8 0 semupl 112 1 0 1 1 1 0 1 0 8 0 semapl 112 260 0 250 1 0 1 1 0 8 0 shmpl 112 116 0 17 3 0 3 3 0 8 0 dirhash 1024 17 0 0 3 0 3 3 0 8 0 dino1pl 128 5739 0 4320 46 0 46 46 0 8 0 ffsino 272 5739 0 4320 95 0 95 95 0 8 0 nchpl 144 9143 0 7567 60 1 59 60 0 8 0 uvmvnodes 72 5926 0 0 108 0 108 108 0 8 0 vnodes 200 5926 0 0 312 0 312 312 0 8 0 namei 1024 27745 0 27745 1 0 1 1 0 8 1 percpumem 16 30 0 0 1 0 1 1 0 8 0 scsiplug 64 8 0 8 5 5 0 1 0 8 0 scxspl 192 25229 0 25229 14 11 3 6 0 8 3 sigapl 432 2395 0 2382 2 0 2 2 0 8 0 futexpl 56 26822 0 26822 1 0 1 1 0 8 1 knotepl 112 658 0 631 6 5 1 2 0 8 0 kqueuepl 104 720 0 718 1 0 1 1 0 8 0 pipepl 112 1570 0 1551 5 4 1 2 0 8 0 fdescpl 488 2396 0 2382 3 1 2 3 0 8 0 filepl 152 14974 0 14877 5 0 5 5 0 8 1 lockfpl 104 738 0 738 3 2 1 1 0 8 1 lockfspl 32 1039 0 1039 3 2 1 1 0 8 1 sessionpl 112 22 0 12 1 0 1 1 0 8 0 pgrppl 48 46 0 36 1 0 1 1 0 8 0 ucredpl 96 4592 0 4585 1 0 1 1 0 8 0 zombiepl 144 2382 0 2381 2 1 1 1 0 8 0 processpl 840 2411 0 2381 4 0 4 4 0 8 0 procpl 600 7216 0 7175 4 0 4 4 0 8 0 sosppl 128 45 0 45 10 9 1 1 0 8 1 sockpl 384 2013 0 1996 4 1 3 3 0 8 1 mcl64k 65536 525 0 0 65 17 48 65 0 8 0 mcl16k 16384 2 0 0 1 0 1 1 0 8 0 mcl12k 12288 17 0 0 2 0 2 2 0 8 0 mcl9k 9216 8 0 0 1 0 1 1 0 8 0 mcl8k 8192 11 0 0 2 0 2 2 0 8 0 mcl4k 4096 17 0 0 3 0 3 3 0 8 0 mcl2k2 2112 3 0 0 1 0 1 1 0 8 0 mcl2k 2048 127 0 0 15 2 13 15 0 8 0 mtagpl 80 1 0 0 1 0 1 1 0 8 0 mbufpl 256 644 0 0 37 0 37 37 0 8 0 bufpl 256 8510 0 1541 436 0 436 436 0 8 0 anonpl 16 249336 0 241619 107 59 48 48 0 125 12 amapchunkpl 152 14129 0 14041 28 17 11 11 0 158 6 amappl16 192 13146 0 12737 116 87 29 33 0 8 8 amappl15 184 1 0 0 1 0 1 1 0 8 0 amappl14 176 1106 0 1103 2 1 1 1 0 8 0 amappl13 168 24 0 20 1 0 1 1 0 8 0 amappl12 160 19 0 17 1 0 1 1 0 8 0 amappl11 152 186 0 176 1 0 1 1 0 8 0 amappl10 144 2275 0 2271 2 1 1 1 0 8 0 amappl9 136 349 0 347 1 0 1 1 0 8 0 amappl8 128 164 0 134 1 0 1 1 0 8 0 amappl7 120 32 0 27 1 0 1 1 0 8 0 amappl6 112 1139 0 1134 1 0 1 1 0 8 0 amappl5 104 142 0 130 1 0 1 1 0 8 0 amappl4 96 321 0 298 2 1 1 2 0 8 0 amappl3 88 223 0 218 1 0 1 1 0 8 0 amappl2 80 22729 0 22672 2 0 2 2 0 8 0 amappl1 72 59738 0 59320 22 12 10 18 0 8 0 amappl 72 7463 0 7429 1 0 1 1 0 75 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma64 64 259 0 259 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 17 0 17 1 1 0 1 0 8 0 aobjpl 64 117 0 17 2 0 2 2 0 8 0 uaddrrnd 24 2396 0 2382 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 2396 0 2382 1 0 1 1 0 8 0 vmmpekpl 168 25442 0 25420 2 0 2 2 0 8 0 vmmpepl 168 261109 0 259740 139 65 74 75 0 357 10 vmsppl 360 2395 0 2382 2 0 2 2 0 8 0 pdppl 4096 4799 0 4764 6 1 5 6 0 8 0 pvpl 32 689218 0 678501 218 92 126 132 0 265 34 pmappl 224 2395 0 2382 1 0 1 1 0 8 0 extentpl 40 39 0 25 1 0 1 1 0 8 0 phpool 112 680 0 22 19 0 19 19 0 8 0