uvm_fault(0xffffff003f12c840, 0x600011c, 0, 1) -> e kernel: page fault trap, code=0 Stopped at m_free+0x2a: movswq 0x1c(%r14),%rdx ddb> ddb> set $lines = 0 ddb> show panic kernel page fault uvm_fault(0xffffff003f12c840, 0x600011c, 0, 1) -> e m_free(6000100) at m_free+0x2a sys/kern/uipc_mbuf.c:423 end trace frame: 0xffff800014a28840, count: 0 ddb> trace m_free(6000100) at m_free+0x2a sys/kern/uipc_mbuf.c:423 mq_purge(ffff800001af8000) at mq_purge+0x6d m_freem sys/kern/uipc_mbuf.c:525 [inline] mq_purge(ffff800001af8000) at mq_purge+0x6d ml_purge sys/kern/uipc_mbuf.c:1591 [inline] mq_purge(ffff800001af8000) at mq_purge+0x6d sys/kern/uipc_mbuf.c:1695 switchclose(ffff8000ffffc260,ffff800014a288b8,ffffffff81524907,ffff800014a28860) at switchclose+0x77 sys/net/switchctl.c:323 spec_close(ffffffff81e38cc0) at spec_close+0x271 sys/kern/spec_vnops.c:553 VOP_CLOSE(ffffff002c51ceb8,ffff8000ffffc260,ffffff003f7c7960,3) at VOP_CLOSE+0x5f sys/kern/vfs_vops.c:174 vn_closefile(ffff8000ffffc260,ffffff00376903c0) at vn_closefile+0xfc vn_close sys/kern/vfs_vnops.c:289 [inline] vn_closefile(ffff8000ffffc260,ffffff00376903c0) at vn_closefile+0xfc sys/kern/vfs_vnops.c:575 fdrop(ffffff00376903c0,ffff8000ffffc260) at fdrop+0xa4 sys/kern/kern_descrip.c:1260 closef(ffff8000ffffc260,ffffff003f7c6350) at closef+0xd5 sys/kern/kern_descrip.c:1244 fdfree(ffff8000149cf008) at fdfree+0x98 sys/kern/kern_descrip.c:1176 exit1(ffff800014a28b80,ffff8000ffffc260,ffff8000149cf008) at exit1+0x22f sys/kern/kern_exit.c:194 sys_exit(ffffffff8137fb93,ffff800014a28aa0,ffff800014a28b80) at sys_exit+0x13 sys/kern/kern_exit.c:94 syscall(0) at syscall+0x3e4 Xsyscall(6,1,0,1,0,7f7ffffdfe30) at Xsyscall+0x128 end of kernel end trace frame: 0x7f7ffffdfde0, count: -13 ddb> show registers rdi 0x7 rsi 0xf0 rbp 0xffff800014a28810 rbx 0xffffffff81524890 switchclose rdx 0xffff800014a28720 rcx 0xffffffff81e62c80 mbstat_boot_boot_cpumem rax 0 r8 0 r9 0 r10 0 r11 0xffffffff817102f0 pool_lock_mtx_leave r12 0xffffff00354d8800 r13 0x236161bc r14 0x6000100 __kernel_end_phys+0x4000100 r15 0x6000100 __kernel_end_phys+0x4000100 rip 0xffffffff812802fa m_free+0x2a cs 0x8 rflags 0x10286 __ALIGN_SIZE+0xf286 rsp 0xffff800014a287f0 ss 0x10 m_free+0x2a: movswq 0x1c(%r14),%rdx ddb> show proc PROC (syz-executor0) pid=291387 stat=onproc flags process=1008 proc=2000 pri=86, usrpri=86, nice=20 forw=0xffffffffffffffff, list=0xffff8000ffffc4b8,0xffffffff81eaa310 process=0xffff8000149cf008 user=0xffff800014a23000, vmspace=0xffffff003f12c840 estcpu=36, cpticks=3, pctcpu=0.0 user=0, sys=1, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 99543 23299 1 0 3 0x100083 ttyin getty 80585 32806 0 0 3 0x14200 bored sosplice 57444 501905 87821 0 3 0x82 nanosleep syz-executor0 82250 312331 87821 0 3 0x2 biowait syz-executor1 87821 180984 96365 0 3 0x82 thrsleep syz-fuzzer 87821 176654 96365 0 3 0x4000082 nanosleep syz-fuzzer 87821 472331 96365 0 3 0x4000082 thrsleep syz-fuzzer 87821 68190 96365 0 3 0x4000082 thrsleep syz-fuzzer 87821 356916 96365 0 3 0x4000082 thrsleep syz-fuzzer 87821 295991 96365 0 3 0x4000082 thrsleep syz-fuzzer 87821 275227 96365 0 3 0x4000082 kqread syz-fuzzer 96365 469710 72843 0 3 0x10008a pause ksh 72843 84642 63305 0 3 0x92 select sshd 63305 192385 1 0 3 0x80 select sshd 1126 502807 47791 73 2 0x100090 syslogd 47791 338467 1 0 3 0x100082 netio syslogd 45021 404745 1 77 3 0x100090 poll dhclient 27178 311332 1 0 3 0x80 poll dhclient 79105 219805 0 0 2 0x14200 zerothread 39981 360629 0 0 3 0x14200 aiodoned aiodoned 76996 378627 0 0 3 0x14200 syncer update 60458 41607 0 0 3 0x14200 cleaner cleaner 34321 408316 0 0 3 0x14200 reaper reaper 69281 233595 0 0 3 0x14200 pgdaemon pagedaemon 47806 347339 0 0 3 0x14200 bored crynlk 71049 503022 0 0 3 0x14200 bored crypto 59358 383180 0 0 3 0x40014200 acpi0 acpi0 48947 238099 0 0 3 0x14200 bored softnet 81371 42480 0 0 3 0x14200 bored systqmp 92605 312111 0 0 3 0x14200 bored systq 5306 131941 0 0 3 0x40014200 bored softclock 7393 186193 0 0 3 0x40014200 idle0 1 268145 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper