uvm_fault(0xfffffd806bc0a550, 0x4, 0, 1) -> e kernel: page fault trap, code=0 Stopped at pfi_address_add+0x1eb: movl 0x4(%rax),%eax ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic kernel page fault uvm_fault(0xfffffd806bc0a550, 0x4, 0, 1) -> e pfi_address_add(0,2,0) at pfi_address_add+0x1eb sys/net/pf_if.c:585 end trace frame: 0xffff80001d77d290, count: 0 ddb> trace pfi_address_add(0,2,0) at pfi_address_add+0x1eb sys/net/pf_if.c:585 pfi_instance_add(ffff800000ac6800,0,c3) at pfi_instance_add+0x5e5 pfi_table_update(ffff800000af5a40,ffff800000ae0600,0,c3) at pfi_table_update+0x174 pfi_kif_update(ffff800000ae0600) at pfi_kif_update+0xba pfi_dynaddr_update sys/net/pf_if.c:466 [inline] pfi_kif_update(ffff800000ae0600) at pfi_kif_update+0xba sys/net/pf_if.c:442 pfi_dynaddr_setup(ffff800000ad98a8,0) at pfi_dynaddr_setup+0x3fa sys/net/pf_if.c:420 pfioctl(4900,cd604404,ffff800000ad0000,3,ffff80001d6c2c48) at pfioctl+0x51b2 pf_addr_setup sys/net/pf_ioctl.c:893 [inline] pfioctl(4900,cd604404,ffff800000ad0000,3,ffff80001d6c2c48) at pfioctl+0x51b2 sys/net/pf_ioctl.c:1265 VOP_IOCTL(fffffd805d704340,cd604404,ffff800000ad0000,3,fffffd806c3bfae0,ffff80001d6c2c48) at VOP_IOCTL+0x88 sys/kern/vfs_vops.c:290 vn_ioctl(fffffd8057428e98,cd604404,ffff800000ad0000,ffff80001d6c2c48) at vn_ioctl+0xb5 sys/kern/vfs_vnops.c:531 sys_ioctl(ffff80001d6c2c48,ffff80001d77d838,ffff80001d77d880) at sys_ioctl+0x4a1 syscall(ffff80001d77d900) at syscall+0x507 sys/arch/amd64/amd64/trap.c:570 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xceb0a8f7a60, count: -11 ddb> show registers rdi 0xffffffff8112de67 pfi_address_add+0x1e7 rsi 0x442 rbp 0xffff80001d77d1f0 rbx 0 rdx 0x443 rcx 0xffff80001d7ac000 rax 0 r8 0xffffffff8112d721 pfi_instance_add+0xf1 r9 0x1 r10 0x2 r11 0xd5c703af508ea9b9 r12 0x34 r13 0x2 r14 0xffff800000654034 r15 0 rip 0xffffffff8112de6b pfi_address_add+0x1eb cs 0x8 rflags 0x10246 __ALIGN_SIZE+0xf246 rsp 0xffff80001d77d180 ss 0x10 pfi_address_add+0x1eb: movl 0x4(%rax),%eax ddb> show proc PROC (syz-executor.0) pid=74957 stat=onproc flags process=0 proc=4000000 pri=32, usrpri=51, nice=20 forw=0xffffffffffffffff, list=0xffff80001d6c2eb8,0xffffffff8284b308 process=0xffff80001d6c55d0 user=0xffff80001d778000, vmspace=0xfffffd806bc0a550 estcpu=36, cpticks=0, pctcpu=0.0 user=0, sys=0, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 95561 98281 85880 0 2 0 syz-executor.0 *95561 74957 85880 0 7 0x4000000 syz-executor.0 51138 106984 0 0 3 0x14200 acct acct 712 342345 0 0 3 0x14200 bored sosplice 85880 444976 2451 0 3 0x82 nanosleep syz-executor.0 44445 381217 2451 0 2 0x2 syz-executor.1 2451 422232 31027 0 3 0x82 thrsleep syz-fuzzer 2451 518314 31027 0 3 0x4000082 nanosleep syz-fuzzer 2451 375175 31027 0 3 0x4000082 kqread syz-fuzzer 2451 398400 31027 0 3 0x4000082 thrsleep syz-fuzzer 2451 395910 31027 0 3 0x4000082 thrsleep syz-fuzzer 2451 504697 31027 0 3 0x4000082 thrsleep syz-fuzzer 2451 5792 31027 0 3 0x4000082 thrsleep syz-fuzzer 2451 351518 31027 0 3 0x4000082 thrsleep syz-fuzzer 31027 350016 228 0 3 0x10008a pause ksh 228 172713 53688 0 3 0x92 select sshd 87825 3346 1 0 3 0x100083 ttyin getty 53688 209787 1 0 3 0x80 select sshd 18638 454750 45946 73 3 0x100090 kqread syslogd 45946 48443 1 0 3 0x100082 netio syslogd 25092 479748 1 77 3 0x100090 poll dhclient 65356 117023 1 0 3 0x80 poll dhclient 75603 335883 0 0 3 0x14200 bored smr 24148 258649 0 0 2 0x14200 zerothread 21500 380152 0 0 3 0x14200 aiodoned aiodoned 42971 518591 0 0 3 0x14200 syncer update 75725 487813 0 0 3 0x14200 cleaner cleaner 7688 279081 0 0 3 0x14200 reaper reaper 30254 502411 0 0 3 0x14200 pgdaemon pagedaemon 39419 347949 0 0 3 0x14200 bored crynlk 78163 291732 0 0 3 0x14200 bored crypto 70942 432831 0 0 3 0x40014200 acpi0 acpi0 92264 368204 0 0 3 0x14200 bored softnet 60739 413575 0 0 3 0x14200 bored systqmp 5239 209962 0 0 3 0x14200 bored systq 54297 386096 0 0 3 0x40014200 bored softclock 83455 101444 0 0 3 0x40014200 idle0 1 127545 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 9466 6329K 6912K 78643K 10729 0 pcb 13 8K 8K 78643K 43 0 rtable 122 6K 7K 78643K 263 0 ifaddr 58 13K 13K 78643K 81 0 counters 21 16K 16K 78643K 24 0 ioctlops 1 4K 4K 78643K 30 0 iov 0 0K 12K 78643K 14 0 mount 1 1K 1K 78643K 1 0 vnodes 1223 77K 77K 78643K 1271 0 UFS quota 1 32K 32K 78643K 1 0 UFS mount 5 36K 36K 78643K 5 0 shm 2 1K 5K 78643K 3 0 VM map 2 0K 0K 78643K 2 0 sem 12 0K 0K 78643K 42 0 dirhash 12 2K 2K 78643K 12 0 ACPI 1809 195K 288K 78643K 12938 0 file desc 5 13K 25K 78643K 162 0 proc 48 38K 63K 78643K 366 0 subproc 32 2K 2K 78643K 34 0 NFS srvsock 1 0K 0K 78643K 1 0 NFS daemon 1 16K 16K 78643K 1 0 ip_moptions 0 0K 0K 78643K 27 0 in_multi 50 2K 3K 78643K 76 0 ether_multi 1 0K 0K 78643K 8 0 ISOFS mount 1 32K 32K 78643K 1 0 MSDOSFS mount 1 16K 16K 78643K 1 0 ttys 37 175K 175K 78643K 37 0 exec 0 0K 1K 78643K 191 0 pagedep 1 8K 8K 78643K 1 0 inodedep 1 32K 32K 78643K 1 0 newblk 1 0K 0K 78643K 1 0 VM swap 7 26K 26K 78643K 7 0 UVM amap 127 23K 23K 78643K 1268 0 UVM aobj 3 2K 2K 78643K 5 0 memdesc 1 4K 4K 78643K 1 0 crypto data 1 1K 1K 78643K 1 0 ip6_options 0 0K 0K 78643K 28 0 NDP 7 0K 0K 78643K 15 0 temp 92 3861K 3925K 78643K 2147 0 kqueue 3 4K 10K 78643K 7 0 SYN cache 2 16K 16K 78643K 2 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle arp 64 6 0 0 1 0 1 1 0 8 0 rtpcb 80 25 0 23 1 0 1 1 0 8 0 rtentry 112 48 0 1 2 0 2 2 0 8 0 unpcb 120 139 0 131 1 0 1 1 0 8 0 syncache 264 4 0 4 1 1 0 1 0 8 0 tcpqe 32 135 0 135 1 1 0 1 0 8 0 tcpcb 544 66 0 62 1 0 1 1 0 8 0 inpcb 296 430 0 423 2 0 2 2 0 8 1 nd6 48 8 0 0 1 0 1 1 0 8 0 pkpcb 40 2 0 2 1 0 1 1 0 8 1 pfrktable 1344 19 0 14 1 0 1 1 0 8 0 pftag 88 1 0 0 1 0 1 1 0 8 0 pfrule 1360 7 0 4 1 0 1 1 0 8 0 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 203 0 0 13 0 13 13 0 8 0 art_table 32 204 0 0 2 0 2 2 0 8 0 art_node 16 47 0 5 1 0 1 1 0 8 0 sysvmsgpl 40 8 0 4 1 0 1 1 0 8 0 semupl 112 3 0 3 1 1 0 1 0 8 0 semapl 112 38 0 28 1 0 1 1 0 8 0 shmpl 112 2 0 2 1 0 1 1 0 8 1 dirhash 1024 17 0 0 3 0 3 3 0 8 0 dino2pl 256 1586 0 187 88 0 88 88 0 8 0 ffsino 240 1586 0 187 83 0 83 83 0 8 0 nchpl 144 1984 0 379 60 0 60 60 0 8 0 uvmvnodes 72 1662 0 0 31 0 31 31 0 8 0 vnodes 208 1662 0 0 88 0 88 88 0 8 0 namei 1024 4959 0 4959 1 0 1 1 0 8 1 pfiaddrpl 120 9 0 6 1 0 1 1 0 8 0 scxspl 192 5705 0 5705 1 0 1 1 0 8 1 plimitpl 152 18 0 11 1 0 1 1 0 8 0 sigapl 424 350 0 320 4 0 4 4 0 8 0 futexpl 56 3120 0 3120 1 0 1 1 0 8 1 knotepl 112 71 0 52 1 0 1 1 0 8 0 kqueuepl 144 24 0 22 1 0 1 1 0 8 0 pipepl 272 82 0 72 1 0 1 1 0 8 0 fdescpl 432 334 0 320 2 0 2 2 0 8 0 filepl 120 1984 0 1888 4 0 4 4 0 8 1 lockfpl 104 32 0 31 1 0 1 1 0 8 0 lockfspl 48 15 0 14 1 0 1 1 0 8 0 sessionpl 112 17 0 7 1 0 1 1 0 8 0 pgrppl 48 21 0 11 1 0 1 1 0 8 0 ucredpl 96 102 0 95 1 0 1 1 0 8 0 zombiepl 144 320 0 320 1 0 1 1 0 8 1 processpl 928 350 0 320 4 0 4 4 0 8 0 procpl 624 514 0 476 4 0 4 4 0 8 0 sosppl 128 3 0 3 1 0 1 1 0 8 1 sockpl 400 598 0 581 5 0 5 5 0 8 3 mcl64k 65536 5 0 5 1 0 1 1 0 8 1 mcl12k 12288 4 0 4 1 0 1 1 0 8 1 mcl9k 9216 1 0 1 1 1 0 1 0 8 0 mcl8k 8192 6 0 6 1 0 1 1 0 8 1 mcl4k 4096 21 0 21 2 1 1 1 0 8 1 mcl2k 2048 89685 0 89639 20 13 7 18 0 8 0 mtagpl 96 10 0 2 2 1 1 1 0 8 0 mbufpl 256 142518 0 142401 11 1 10 10 0 8 1 bufpl 280 3423 0 126 236 0 236 236 0 8 0 anonpl 16 54677 0 38663 80 5 75 79 0 107 2 amapchunkpl 152 1662 0 1525 8 1 7 8 0 158 0 amappl16 192 1765 0 773 54 4 50 54 0 8 0 amappl15 184 59 0 57 1 0 1 1 0 8 0 amappl14 176 23 0 18 1 0 1 1 0 8 0 amappl13 168 98 0 93 1 0 1 1 0 8 0 amappl12 160 86 0 80 1 0 1 1 0 8 0 amappl11 152 43 0 35 1 0 1 1 0 8 0 amappl10 144 68 0 63 1 0 1 1 0 8 0 amappl9 136 374 0 372 1 0 1 1 0 8 0 amappl8 128 336 0 291 2 0 2 2 0 8 0 amappl7 120 166 0 151 1 0 1 1 0 8 0 amappl6 112 24 0 19 1 0 1 1 0 8 0 amappl5 104 274 0 262 1 0 1 1 0 8 0 amappl4 96 419 0 393 1 0 1 1 0 8 0 amappl3 88 104 0 99 1 0 1 1 0 8 0 amappl2 80 1919 0 1851 2 0 2 2 0 8 0 amappl1 72 16608 0 16190 23 14 9 17 0 8 0 amappl 80 789 0 746 2 0 2 2 0 84 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 64 4 0 2 1 0 1 1 0 8 0 uaddrrnd 24 334 0 320 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 334 0 320 1 0 1 1 0 8 0 vmmpekpl 168 6259 0 6230 2 0 2 2 0 8 0 vmmpepl 168 48486 0 46381 156 13 143 151 0 357 51 vmsppl 272 333 0 320 2 1 1 2 0 8 0 pdppl 4096 674 0 640 6 1 5 6 0 8 0 pvpl 32 163766 0 144767 185 4 181 185 0 265 10 pmappl 200 333 0 320 1 0 1 1 0 8 0 extentpl 40 53 0 36 1 0 1 1 0 8 0 phpool 112 246 0 19 7 0 7 7 0 8 0 ddb> machine ddbcpu 0 No such command ddb> trace pfi_address_add(0,2,0) at pfi_address_add+0x1eb sys/net/pf_if.c:585 pfi_instance_add(ffff800000ac6800,0,c3) at pfi_instance_add+0x5e5 pfi_table_update(ffff800000af5a40,ffff800000ae0600,0,c3) at pfi_table_update+0x174 pfi_kif_update(ffff800000ae0600) at pfi_kif_update+0xba pfi_dynaddr_update sys/net/pf_if.c:466 [inline] pfi_kif_update(ffff800000ae0600) at pfi_kif_update+0xba sys/net/pf_if.c:442 pfi_dynaddr_setup(ffff800000ad98a8,0) at pfi_dynaddr_setup+0x3fa sys/net/pf_if.c:420 pfioctl(4900,cd604404,ffff800000ad0000,3,ffff80001d6c2c48) at pfioctl+0x51b2 pf_addr_setup sys/net/pf_ioctl.c:893 [inline] pfioctl(4900,cd604404,ffff800000ad0000,3,ffff80001d6c2c48) at pfioctl+0x51b2 sys/net/pf_ioctl.c:1265 VOP_IOCTL(fffffd805d704340,cd604404,ffff800000ad0000,3,fffffd806c3bfae0,ffff80001d6c2c48) at VOP_IOCTL+0x88 sys/kern/vfs_vops.c:290 vn_ioctl(fffffd8057428e98,cd604404,ffff800000ad0000,ffff80001d6c2c48) at vn_ioctl+0xb5 sys/kern/vfs_vnops.c:531 sys_ioctl(ffff80001d6c2c48,ffff80001d77d838,ffff80001d77d880) at sys_ioctl+0x4a1 syscall(ffff80001d77d900) at syscall+0x507 sys/arch/amd64/amd64/trap.c:570 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xceb0a8f7a60, count: -11 ddb> machine ddbcpu 1 No such command ddb> trace pfi_address_add(0,2,0) at pfi_address_add+0x1eb sys/net/pf_if.c:585 pfi_instance_add(ffff800000ac6800,0,c3) at pfi_instance_add+0x5e5 pfi_table_update(ffff800000af5a40,ffff800000ae0600,0,c3) at pfi_table_update+0x174 pfi_kif_update(ffff800000ae0600) at pfi_kif_update+0xba pfi_dynaddr_update sys/net/pf_if.c:466 [inline] pfi_kif_update(ffff800000ae0600) at pfi_kif_update+0xba sys/net/pf_if.c:442 pfi_dynaddr_setup(ffff800000ad98a8,0) at pfi_dynaddr_setup+0x3fa sys/net/pf_if.c:420 pfioctl(4900,cd604404,ffff800000ad0000,3,ffff80001d6c2c48) at pfioctl+0x51b2 pf_addr_setup sys/net/pf_ioctl.c:893 [inline] pfioctl(4900,cd604404,ffff800000ad0000,3,ffff80001d6c2c48) at pfioctl+0x51b2 sys/net/pf_ioctl.c:1265 VOP_IOCTL(fffffd805d704340,cd604404,ffff800000ad0000,3,fffffd806c3bfae0,ffff80001d6c2c48) at VOP_IOCTL+0x88 sys/kern/vfs_vops.c:290 vn_ioctl(fffffd8057428e98,cd604404,ffff800000ad0000,ffff80001d6c2c48) at vn_ioctl+0xb5 sys/kern/vfs_vnops.c:531 sys_ioctl(ffff80001d6c2c48,ffff80001d77d838,ffff80001d77d880) at sys_ioctl+0x4a1 syscall(ffff80001d77d900) at syscall+0x507 sys/arch/amd64/amd64/trap.c:570 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xceb0a8f7a60, count: -11