uvm_fault(0xfffffd803f014d68, 0x10, 0, 2) -> e kernel: page fault trap, code=0 Stopped at wsmux_do_ioctl+0x6ba: movq %rax,0x10(%rdx,%r15,8) ddb> ddb> set $lines = 0 ddb> show panic kernel page fault uvm_fault(0xfffffd803f014d68, 0x10, 0, 2) -> e wsmux_do_ioctl(e2c8db7ef618fd0e,80185760,fffffd802bcbeab8,3,fffffd803f7c7a20) at wsmux_do_ioctl+0x6ba sys/dev/wscons/wsmux.c:404 end trace frame: 0xffff800014a14bc0, count: 0 ddb> trace wsmux_do_ioctl(e2c8db7ef618fd0e,80185760,fffffd802bcbeab8,3,fffffd803f7c7a20) at wsmux_do_ioctl+0x6ba sys/dev/wscons/wsmux.c:404 VOP_IOCTL(5f33ffa23fbed8,80185760,fffffd80302638f8,ffff8000149c1108,fffffd802bcbeab8,ffff8000149c1108) at VOP_IOCTL+0x80 sys/kern/vfs_vops.c:290 vn_ioctl(23c385a4d5f776a6,fffffd80302638f8,ffff8000149c1108,18) at vn_ioctl+0xc5 sys/kern/vfs_vnops.c:512 sys_ioctl(e2c8db7ef607d036,0,ffff8000149c1108) at sys_ioctl+0x639 syscall(a7ecdaeccfdd9231) at syscall+0x528 Xsyscall(6,0,ffffffffffffff8b,0,3,5ca543f0010) at Xsyscall+0x128 end of kernel end trace frame: 0x5cc9d233b10, count: -6 ddb> show registers rdi 0xff rsi 0x1 rbp 0xffff800014a14b40 rbx 0x1 rdx 0 rcx 0 rax 0 r8 0xffffffff818805a0 wsmux_do_ioctl+0x1e0 r9 0x7 r10 0x274e8e9fab862709 r11 0x591a5366b130d7c7 r12 0xffff800000669150 r13 0 r14 0xffff800014a14cf0 r15 0 rip 0xffffffff81880a7a wsmux_do_ioctl+0x6ba cs 0x8 rflags 0x10293 __ALIGN_SIZE+0xf293 rsp 0xffff800014a14af0 ss 0x10 wsmux_do_ioctl+0x6ba: movq %rax,0x10(%rdx,%r15,8) ddb> show proc PROC (syz-executor1) pid=189155 stat=onproc flags process=0 proc=4000000 pri=86, usrpri=86, nice=20 forw=0xffffffffffffffff, list=0xffff8000149c1a68,0xffff8000149c1cd0 process=0xffff8000149b26b0 user=0xffff800014a0f000, vmspace=0xfffffd803f014d68 estcpu=36, cpticks=53, pctcpu=0.49 user=0, sys=1, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 60202 156708 16783 0 2 0 syz-executor1 *60202 189155 16783 0 7 0x4000000 syz-executor1 60202 257244 16783 0 3 0x4000080 fsleep syz-executor1 45752 354607 1 0 3 0x100083 ttyin getty 19460 385030 0 0 3 0x14200 bored sosplice 40760 306926 81945 0 3 0x2 biowait syz-executor0 16783 26212 81945 0 3 0x82 nanosleep syz-executor1 81945 40509 76273 0 3 0x82 thrsleep syz-fuzzer 81945 172467 76273 0 3 0x4000082 thrsleep syz-fuzzer 81945 45340 76273 0 3 0x4000082 thrsleep syz-fuzzer 81945 391171 76273 0 3 0x4000082 thrsleep syz-fuzzer 81945 44352 76273 0 3 0x4000082 kqread syz-fuzzer 81945 184737 76273 0 3 0x4000082 thrsleep syz-fuzzer 81945 282503 76273 0 3 0x4000082 thrsleep syz-fuzzer 81945 463496 76273 0 3 0x4000082 thrsleep syz-fuzzer 76273 213279 73528 0 3 0x10008a pause ksh 73528 118526 77417 0 3 0x92 select sshd 77417 318336 1 0 3 0x80 select sshd 3439 501946 96506 73 2 0x100090 syslogd 96506 230978 1 0 3 0x100082 netio syslogd 84924 310678 1 77 3 0x100090 poll dhclient 53031 406722 1 0 3 0x80 poll dhclient 99373 342696 0 0 3 0x14200 pgzero zerothread 64806 55753 0 0 3 0x14200 aiodoned aiodoned 9056 33201 0 0 3 0x14200 syncer update 54841 10683 0 0 3 0x14200 cleaner cleaner 59515 18681 0 0 3 0x14200 reaper reaper 64573 89672 0 0 3 0x14200 pgdaemon pagedaemon 63616 141468 0 0 3 0x14200 bored crynlk 16789 144106 0 0 3 0x14200 bored crypto 15987 299696 0 0 3 0x40014200 acpi0 acpi0 22759 51552 0 0 3 0x14200 bored softnet 81132 306009 0 0 3 0x14200 bored systqmp 91477 354842 0 0 3 0x14200 bored systq 20164 114942 0 0 3 0x40014200 bored softclock 85108 420290 0 0 3 0x40014200 idle0 1 90123 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim Kern Lim devbuf 9539 8922K 8930K 78643K 12370 0 0 pcb 23 9K 11K 78643K 4413 0 0 rtable 100 3K 3K 78643K 1002 0 0 ifaddr 64 17K 19K 78643K 549 0 0 counters 19 16K 16K 78643K 19 0 0 ioctlops 0 0K 2K 78643K 61 0 0 iov 0 0K 28K 78643K 910 0 0 mount 1 1K 1K 78643K 1 0 0 vnodes 1185 74K 75K 78643K 6056 0 0 UFS quota 1 32K 32K 78643K 1 0 0 UFS mount 5 36K 36K 78643K 5 0 0 shm 2 1K 5K 78643K 142 0 0 VM map 2 0K 0K 78643K 2 0 0 sem 12 0K 1K 78643K 839 0 0 dirhash 12 2K 2K 78643K 12 0 0 ACPI 1777 193K 286K 78643K 12501 0 0 file desc 5 13K 25K 78643K 8830 0 0 sigio 0 0K 0K 78643K 128 0 0 proc 42 30K 54K 78643K 1588 0 0 subproc 64 65538K 69634K 78643K 106 0 0 NFS srvsock 1 0K 0K 78643K 1 0 0 NFS daemon 1 16K 16K 78643K 1 0 0 ip_moptions 0 0K 0K 78643K 1209 0 0 in_multi 33 2K 2K 78643K 413 0 0 ether_multi 1 0K 0K 78643K 59 0 0 ISOFS mount 1 32K 32K 78643K 1 0 0 MSDOSFS mount 1 16K 16K 78643K 1 0 0 ttys 126 556K 556K 78643K 126 0 0 exec 0 0K 1K 78643K 778 0 0 pfkey data 0 0K 4K 78643K 5 0 0 pagedep 1 8K 8K 78643K 1 0 0 inodedep 1 32K 32K 78643K 1 0 0 newblk 1 0K 0K 78643K 1 0 0 VM swap 7 26K 26K 78643K 7 0 0 UVM amap 113 22K 41K 78643K 23065 0 0 UVM aobj 130 4K 4K 78643K 151 0 0 memdesc 1 4K 4K 78643K 1 0 0 crypto data 1 1K 1K 78643K 1 0 0 ip6_options 0 0K 1K 78643K 231 0 0 NDP 14 0K 0K 78643K 155 0 0 temp 185 2347K 2419K 78643K 25690 0 0 kqueue 0 0K 0K 78643K 91 0 0 SYN cache 2 16K 16K 78643K 2 0 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle arp 64 4 0 0 1 0 1 1 0 8 0 inpcbpl 280 3866 0 3859 1 0 1 1 0 8 0 plimitpl 152 103 0 96 1 0 1 1 0 8 0 rtentry 112 41 0 1 2 0 2 2 0 8 0 syncache 264 4 0 4 1 1 0 1 0 8 0 tcpcb 544 1386 0 1382 1 0 1 1 0 8 0 nd6 48 4 0 0 1 0 1 1 0 8 0 swfcl 56 2 0 0 1 0 1 1 0 8 0 ppxss 1128 89 0 89 41 40 1 1 0 8 1 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 186 0 0 12 0 12 12 0 8 0 art_table 32 187 0 0 2 0 2 2 0 8 0 art_node 16 40 0 6 1 0 1 1 0 8 0 sysvmsgpl 40 38 0 25 1 0 1 1 0 8 0 semupl 112 1 0 1 1 1 0 1 0 8 0 semapl 112 835 0 825 1 0 1 1 0 8 0 shmpl 112 149 0 21 4 0 4 4 0 8 0 dirhash 1024 17 0 0 3 0 3 3 0 8 0 dino1pl 128 18086 0 16519 54 3 51 51 0 8 0 ffsino 240 18086 0 16519 94 1 93 93 0 8 0 nchpl 144 31054 0 29476 60 0 60 60 0 8 0 uvmvnodes 72 6441 0 0 118 0 118 118 0 8 0 vnodes 200 6441 0 0 339 0 339 339 0 8 0 namei 1024 96675 0 96674 2 1 1 1 0 8 0 scsiplug 64 24 0 24 16 16 0 1 0 8 0 scxspl 192 90884 0 90883 43 42 1 6 0 8 0 sigapl 432 9003 0 8990 2 0 2 2 0 8 0 futexpl 56 146376 0 146375 2 1 1 1 0 8 0 knotepl 112 2325 0 2298 25 24 1 2 0 8 0 kqueuepl 104 2936 0 2933 1 0 1 1 0 8 0 pipepl 112 6002 0 5983 22 21 1 3 0 8 0 fdescpl 424 9004 0 8990 2 0 2 2 0 8 0 filepl 120 55278 0 55182 20 16 4 6 0 8 0 lockfpl 96 2759 0 2759 40 39 1 1 0 8 1 lockfspl 24 4828 0 4828 38 37 1 1 0 8 1 sessionpl 112 23 0 13 1 0 1 1 0 8 0 pgrppl 48 149 0 139 1 0 1 1 0 8 0 ucredpl 96 17228 0 17221 1 0 1 1 0 8 0 zombiepl 144 8990 0 8990 1 0 1 1 0 8 1 processpl 840 9018 0 8990 5 1 4 4 0 8 0 procpl 600 22017 0 21980 21 17 4 4 0 8 0 sosppl 128 163 0 163 41 41 0 1 0 8 0 sockpl 384 8039 0 8022 46 43 3 4 0 8 1 mcl64k 65536 5143 0 5143 533 532 1 64 0 8 1 mcl16k 16384 24 0 24 19 18 1 1 0 8 1 mcl12k 12288 163 0 163 56 55 1 1 0 8 1 mcl9k 9216 195 0 195 48 47 1 1 0 8 1 mcl8k 8192 178 0 178 50 49 1 1 0 8 1 mcl4k 4096 469 0 469 47 46 1 1 0 8 1 mcl2k2 2112 60 0 60 29 29 0 1 0 8 0 mcl2k 2048 53093 0 53059 14 9 5 11 0 8 0 mtagpl 80 2 0 2 1 1 0 1 0 8 0 mbufpl 256 132037 0 131978 240 231 9 37 0 8 0 bufpl 256 21897 0 15455 404 1 403 403 0 8 0 anonpl 16 885382 0 877814 403 357 46 48 0 62 11 amapchunkpl 152 49643 0 49562 281 277 4 96 0 158 0 amappl16 192 56819 0 56420 454 426 28 33 0 8 7 amappl15 184 1 0 0 1 0 1 1 0 8 0 amappl14 176 4 0 2 2 1 1 1 0 8 0 amappl13 168 25 0 22 1 0 1 1 0 8 0 amappl12 160 4425 0 4424 1 0 1 1 0 8 0 amappl11 152 187 0 177 1 0 1 1 0 8 0 amappl10 144 66 0 66 8 8 0 1 0 8 0 amappl9 136 340 0 338 1 0 1 1 0 8 0 amappl8 128 4659 0 4602 2 0 2 2 0 8 0 amappl7 120 39 0 31 1 0 1 1 0 8 0 amappl6 112 44 0 38 1 0 1 1 0 8 0 amappl5 104 220 0 209 1 0 1 1 0 8 0 amappl4 96 4782 0 4758 2 1 1 2 0 8 0 amappl3 88 583 0 578 1 0 1 1 0 8 0 amappl2 80 88961 0 88910 2 0 2 2 0 8 0 amappl1 72 173926 0 173500 25 15 10 19 0 8 0 amappl 72 22358 0 22326 1 0 1 1 0 75 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma64 64 259 0 259 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 17 0 17 1 1 0 1 0 8 0 aobjpl 64 150 0 21 3 0 3 3 0 8 0 uaddrrnd 24 9004 0 8990 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 9004 0 8990 1 0 1 1 0 8 0 vmmpekpl 168 66364 0 66340 2 0 2 2 0 8 0 vmmpepl 168 934722 0 933340 365 295 70 76 0 357 4 vmsppl 264 9003 0 8990 2 1 1 2 0 8 0 pdppl 4096 18014 0 17980 6 1 5 6 0 8 0 pvpl 32 2672173 0 2661053 957 812 145 221 0 265 54 pmappl 192 9003 0 8990 1 0 1 1 0 8 0 extentpl 40 39 0 25 1 0 1 1 0 8 0 phpool 112 1428 0 891 24 6 18 18 0 8 0