uvm_fault(0xfffffd806bc0a000, 0x4, 0, 1) -> e kernel: page fault trap, code=0 Stopped at pfi_address_add+0x1eb: movl 0x4(%rax),%eax ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic kernel page fault uvm_fault(0xfffffd806bc0a000, 0x4, 0, 1) -> e pfi_address_add(0,2,0) at pfi_address_add+0x1eb sys/net/pf_if.c:585 end trace frame: 0xffff80001e7a92c0, count: 0 ddb> trace pfi_address_add(0,2,0) at pfi_address_add+0x1eb sys/net/pf_if.c:585 pfi_instance_add(ffff800000ac6000,0,c3) at pfi_instance_add+0x5e5 pfi_table_update(ffff800000afb488,ffff800000af7700,0,c3) at pfi_table_update+0x174 pfi_kif_update(ffff800000af7700) at pfi_kif_update+0xba pfi_dynaddr_update sys/net/pf_if.c:466 [inline] pfi_kif_update(ffff800000af7700) at pfi_kif_update+0xba sys/net/pf_if.c:442 pfi_dynaddr_setup(ffff800000af5880,0) at pfi_dynaddr_setup+0x3fa sys/net/pf_if.c:420 pfioctl(4900,cd604404,ffff800000ac9000,3,ffff80001d79b130) at pfioctl+0x51b2 pf_addr_setup sys/net/pf_ioctl.c:893 [inline] pfioctl(4900,cd604404,ffff800000ac9000,3,ffff80001d79b130) at pfioctl+0x51b2 sys/net/pf_ioctl.c:1265 VOP_IOCTL(fffffd805d7125b0,cd604404,ffff800000ac9000,3,fffffd806c3bf6c0,ffff80001d79b130) at VOP_IOCTL+0x88 sys/kern/vfs_vops.c:290 vn_ioctl(fffffd805747fe20,cd604404,ffff800000ac9000,ffff80001d79b130) at vn_ioctl+0xb5 sys/kern/vfs_vnops.c:531 sys_ioctl(ffff80001d79b130,ffff80001e7a9868,ffff80001e7a98b0) at sys_ioctl+0x4a1 syscall(ffff80001e7a9930) at syscall+0x507 sys/arch/amd64/amd64/trap.c:570 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xca936cce2c0, count: -11 ddb> show registers rdi 0xffffffff8112de67 pfi_address_add+0x1e7 rsi 0xc97 rbp 0xffff80001e7a9220 rbx 0 rdx 0xc98 rcx 0xffff80001d7a2000 rax 0 r8 0xffffffff8112d721 pfi_instance_add+0xf1 r9 0x1 r10 0x2 r11 0x4c18e3b3be6e51ba r12 0x34 r13 0x2 r14 0xffff800000654034 r15 0 rip 0xffffffff8112de6b pfi_address_add+0x1eb cs 0x8 rflags 0x10246 __ALIGN_SIZE+0xf246 rsp 0xffff80001e7a91b0 ss 0x10 pfi_address_add+0x1eb: movl 0x4(%rax),%eax ddb> show proc PROC (syz-executor.1) pid=313149 stat=onproc flags process=0 proc=4000000 pri=32, usrpri=51, nice=20 forw=0xffffffffffffffff, list=0xffff80001d79ac50,0xffffffff8284b308 process=0xffff80001e7a35f0 user=0xffff80001e7a4000, vmspace=0xfffffd806bc0a000 estcpu=5, cpticks=1, pctcpu=0.0 user=0, sys=1, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 65814 234715 7744 0 2 0 syz-executor.1 *65814 313149 7744 0 7 0x4000000 syz-executor.1 9205 99183 0 0 3 0x14280 nfsidl nfsio 88935 419280 0 0 3 0x14280 nfsidl nfsio 71503 255078 0 0 3 0x14280 nfsidl nfsio 34922 91779 0 0 3 0x14280 nfsidl nfsio 95588 156134 0 0 3 0x14280 nfsidl nfsio 35661 442541 0 0 3 0x14280 nfsidl nfsio 68738 490209 0 0 3 0x14280 nfsidl nfsio 42786 91362 0 0 3 0x14280 nfsidl nfsio 72456 324567 0 0 3 0x14280 nfsidl nfsio 49202 161503 0 0 3 0x14280 nfsidl nfsio 30480 240684 0 0 3 0x14280 nfsidl nfsio 10726 474339 0 0 3 0x14280 nfsidl nfsio 20844 282142 0 0 3 0x14280 nfsidl nfsio 88019 268984 0 0 3 0x14280 nfsidl nfsio 62020 310461 0 0 3 0x14280 nfsidl nfsio 3691 360356 0 0 3 0x14280 nfsidl nfsio 36672 311309 0 0 3 0x14280 nfsidl nfsio 11065 111504 0 0 3 0x14280 nfsidl nfsio 73099 462296 0 0 3 0x14280 nfsidl nfsio 67564 182608 0 0 3 0x14280 nfsidl nfsio 23633 88 0 0 3 0x14200 bored sosplice 42700 30630 58052 0 2 0x2 syz-executor.0 7744 242472 58052 0 3 0x82 nanosleep syz-executor.1 58052 114945 93966 0 3 0x82 thrsleep syz-fuzzer 58052 391530 93966 0 3 0x4000082 nanosleep syz-fuzzer 58052 294189 93966 0 3 0x4000082 thrsleep syz-fuzzer 58052 280997 93966 0 3 0x4000082 thrsleep syz-fuzzer 58052 92151 93966 0 3 0x4000082 thrsleep syz-fuzzer 58052 184623 93966 0 3 0x4000082 kqread syz-fuzzer 58052 134090 93966 0 3 0x4000082 thrsleep syz-fuzzer 93966 302131 21913 0 3 0x10008a pause ksh 21913 128045 91177 0 3 0x92 select sshd 43168 103901 1 0 3 0x100083 ttyin getty 91177 85751 1 0 3 0x80 select sshd 14353 474256 98671 73 3 0x100090 kqread syslogd 98671 371927 1 0 3 0x100082 netio syslogd 45965 247888 1 77 3 0x100090 poll dhclient 18984 71094 1 0 3 0x80 poll dhclient 3839 386930 0 0 3 0x14200 bored smr 77365 445812 0 0 2 0x14200 zerothread 62532 292262 0 0 3 0x14200 aiodoned aiodoned 70084 322084 0 0 3 0x14200 syncer update 16373 510782 0 0 3 0x14200 cleaner cleaner 15613 281221 0 0 3 0x14200 reaper reaper 69586 423166 0 0 3 0x14200 pgdaemon pagedaemon 70290 314246 0 0 3 0x14200 bored crynlk 72132 48471 0 0 3 0x14200 bored crypto 75693 342054 0 0 3 0x40014200 acpi0 acpi0 17474 202037 0 0 3 0x14200 bored softnet 5373 376918 0 0 3 0x14200 bored systqmp 69661 984 0 0 3 0x14200 bored systq 16402 498591 0 0 3 0x40014200 bored softclock 92466 352176 0 0 3 0x40014200 idle0 1 142675 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 9502 6349K 6802K 78643K 10809 0 pcb 13 8K 8K 78643K 35 0 rtable 116 4K 4K 78643K 262 0 ifaddr 70 14K 14K 78643K 88 0 sysctl 2 0K 0K 78643K 2 0 counters 21 16K 16K 78643K 23 0 ioctlops 1 4K 4K 78643K 26 0 iov 0 0K 16K 78643K 35 0 mount 1 1K 1K 78643K 1 0 vnodes 1219 77K 77K 78643K 1306 0 UFS quota 1 32K 32K 78643K 1 0 UFS mount 5 36K 36K 78643K 5 0 shm 2 1K 5K 78643K 4 0 VM map 2 0K 0K 78643K 2 0 sem 12 0K 0K 78643K 62 0 dirhash 12 2K 2K 78643K 12 0 ACPI 1809 195K 288K 78643K 12938 0 file desc 5 13K 25K 78643K 194 0 sigio 0 0K 0K 78643K 2 0 proc 49 38K 54K 78643K 386 0 subproc 32 2K 2K 78643K 34 0 NFS srvsock 1 0K 0K 78643K 1 0 NFS daemon 1 16K 16K 78643K 1 0 ip_moptions 0 0K 0K 78643K 12 0 in_multi 51 3K 3K 78643K 60 0 ether_multi 1 0K 0K 78643K 4 0 ISOFS mount 1 32K 32K 78643K 1 0 MSDOSFS mount 1 16K 16K 78643K 1 0 ttys 67 307K 307K 78643K 67 0 exec 0 0K 1K 78643K 195 0 pagedep 1 8K 8K 78643K 1 0 inodedep 1 32K 32K 78643K 1 0 newblk 1 0K 0K 78643K 1 0 VM swap 7 26K 26K 78643K 7 0 UVM amap 114 22K 31K 78643K 1274 0 UVM aobj 17 4K 4K 78643K 19 0 memdesc 1 4K 4K 78643K 1 0 crypto data 1 1K 1K 78643K 1 0 ip6_options 0 0K 0K 78643K 20 0 NDP 11 0K 0K 78643K 18 0 temp 93 3851K 3916K 78643K 4597 0 kqueue 3 4K 8K 78643K 12 0 SYN cache 2 16K 16K 78643K 2 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle arp 64 7 0 1 1 0 1 1 0 8 0 rtpcb 80 21 0 19 1 0 1 1 0 8 0 rtentry 112 56 0 10 2 0 2 2 0 8 0 unpcb 120 111 0 103 1 0 1 1 0 8 0 syncache 264 6 0 6 3 2 1 1 0 8 1 tcpqe 32 84 0 84 1 1 0 1 0 8 0 tcpcb 544 124 0 120 1 0 1 1 0 8 0 inpcb 296 225 0 218 2 0 2 2 0 8 1 ip6q 72 1 0 0 1 0 1 1 0 8 0 nd6 48 7 0 0 1 0 1 1 0 8 0 ppxss 1128 1 0 1 1 1 0 1 0 8 0 pfrktable 1344 10 0 8 2 1 1 1 0 8 0 pfrule 1360 3 0 2 2 1 1 1 0 8 0 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 199 0 5 13 0 13 13 0 8 0 art_table 32 200 0 5 2 0 2 2 0 8 0 art_node 16 55 0 14 1 0 1 1 0 8 0 sysvmsgpl 40 4 0 2 1 0 1 1 0 8 0 semupl 112 4 0 4 1 1 0 1 0 8 0 semapl 112 58 0 48 1 0 1 1 0 8 0 shmpl 112 16 0 2 1 0 1 1 0 8 0 dirhash 1024 17 0 0 3 0 3 3 0 8 0 dino2pl 256 1649 0 252 88 0 88 88 0 8 0 ffsino 240 1649 0 252 83 0 83 83 0 8 0 nchpl 144 2121 0 519 60 0 60 60 0 8 0 uvmvnodes 72 1734 0 0 32 0 32 32 0 8 0 vnodes 208 1734 0 0 92 0 92 92 0 8 0 namei 1024 5750 0 5750 2 1 1 1 0 8 1 pfiaddrpl 120 3 0 2 2 1 1 1 0 8 0 scsiplug 64 1 0 1 1 0 1 1 0 8 1 scxspl 192 6164 0 6164 1 0 1 1 0 8 1 plimitpl 152 26 0 19 1 0 1 1 0 8 0 sigapl 424 401 0 352 6 0 6 6 0 8 0 futexpl 56 3686 0 3686 1 0 1 1 0 8 1 knotepl 112 70 0 51 1 0 1 1 0 8 0 kqueuepl 144 24 0 22 1 0 1 1 0 8 0 pipepl 272 86 0 76 2 1 1 1 0 8 0 fdescpl 432 366 0 352 2 0 2 2 0 8 0 filepl 120 2244 0 2147 4 0 4 4 0 8 1 lockfpl 104 32 0 31 1 0 1 1 0 8 0 lockfspl 48 12 0 11 1 0 1 1 0 8 0 sessionpl 112 17 0 7 1 0 1 1 0 8 0 pgrppl 48 29 0 19 1 0 1 1 0 8 0 ucredpl 96 512 0 505 1 0 1 1 0 8 0 zombiepl 144 352 0 352 2 1 1 1 0 8 1 processpl 928 401 0 352 7 0 7 7 0 8 0 procpl 624 604 0 548 5 0 5 5 0 8 0 sosppl 128 4 0 4 1 1 0 1 0 8 0 sockpl 400 358 0 341 4 1 3 4 0 8 1 mcl64k 65536 272 0 272 33 16 17 33 0 8 17 mcl16k 16384 1 0 1 1 1 0 1 0 8 0 mcl12k 12288 3 0 3 1 1 0 1 0 8 0 mcl9k 9216 6 0 6 1 0 1 1 0 8 1 mcl8k 8192 5 0 5 1 1 0 1 0 8 0 mcl4k 4096 27 0 27 3 2 1 1 0 8 1 mcl2k2 2112 2 0 2 1 0 1 1 0 8 1 mcl2k 2048 91271 0 91228 17 9 8 15 0 8 2 mtagpl 96 22 0 2 2 1 1 1 0 8 0 mbufpl 256 145620 0 145485 23 12 11 21 0 8 2 bufpl 280 3625 0 125 250 0 250 250 0 8 0 anonpl 16 54894 0 38332 79 7 72 77 0 107 4 amapchunkpl 152 1868 0 1737 11 1 10 11 0 158 3 amappl16 192 1916 0 982 53 5 48 53 0 8 1 amappl15 184 2 0 0 1 0 1 1 0 8 0 amappl14 176 105 0 100 1 0 1 1 0 8 0 amappl13 168 108 0 103 2 1 1 1 0 8 0 amappl12 160 89 0 85 2 1 1 1 0 8 0 amappl11 152 43 0 33 1 0 1 1 0 8 0 amappl10 144 12 0 8 1 0 1 1 0 8 0 amappl9 136 381 0 379 1 0 1 1 0 8 0 amappl8 128 324 0 285 2 0 2 2 0 8 0 amappl7 120 108 0 95 1 0 1 1 0 8 0 amappl6 112 21 0 18 2 1 1 1 0 8 0 amappl5 104 225 0 216 1 0 1 1 0 8 0 amappl4 96 506 0 475 1 0 1 1 0 8 0 amappl3 88 272 0 264 1 0 1 1 0 8 0 amappl2 80 2110 0 2046 2 0 2 2 0 8 0 amappl1 72 17078 0 16661 24 15 9 17 0 8 0 amappl 80 809 0 768 1 0 1 1 0 84 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 64 18 0 2 1 0 1 1 0 8 0 uaddrrnd 24 366 0 352 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 366 0 352 1 0 1 1 0 8 0 vmmpekpl 168 6398 0 6369 2 0 2 2 0 8 0 vmmpepl 168 52073 0 50038 126 19 107 112 0 357 17 vmsppl 272 365 0 352 2 1 1 2 0 8 0 pdppl 4096 738 0 704 6 1 5 6 0 8 0 pvpl 32 166061 0 146429 185 11 174 179 0 265 11 pmappl 200 365 0 352 1 0 1 1 0 8 0 extentpl 40 53 0 36 1 0 1 1 0 8 0 phpool 112 292 0 49 8 0 8 8 0 8 0 ddb> machine ddbcpu 0 No such command ddb> trace pfi_address_add(0,2,0) at pfi_address_add+0x1eb sys/net/pf_if.c:585 pfi_instance_add(ffff800000ac6000,0,c3) at pfi_instance_add+0x5e5 pfi_table_update(ffff800000afb488,ffff800000af7700,0,c3) at pfi_table_update+0x174 pfi_kif_update(ffff800000af7700) at pfi_kif_update+0xba pfi_dynaddr_update sys/net/pf_if.c:466 [inline] pfi_kif_update(ffff800000af7700) at pfi_kif_update+0xba sys/net/pf_if.c:442 pfi_dynaddr_setup(ffff800000af5880,0) at pfi_dynaddr_setup+0x3fa sys/net/pf_if.c:420 pfioctl(4900,cd604404,ffff800000ac9000,3,ffff80001d79b130) at pfioctl+0x51b2 pf_addr_setup sys/net/pf_ioctl.c:893 [inline] pfioctl(4900,cd604404,ffff800000ac9000,3,ffff80001d79b130) at pfioctl+0x51b2 sys/net/pf_ioctl.c:1265 VOP_IOCTL(fffffd805d7125b0,cd604404,ffff800000ac9000,3,fffffd806c3bf6c0,ffff80001d79b130) at VOP_IOCTL+0x88 sys/kern/vfs_vops.c:290 vn_ioctl(fffffd805747fe20,cd604404,ffff800000ac9000,ffff80001d79b130) at vn_ioctl+0xb5 sys/kern/vfs_vnops.c:531 sys_ioctl(ffff80001d79b130,ffff80001e7a9868,ffff80001e7a98b0) at sys_ioctl+0x4a1 syscall(ffff80001e7a9930) at syscall+0x507 sys/arch/amd64/amd64/trap.c:570 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xca936cce2c0, count: -11 ddb> machine ddbcpu 1 No such command ddb> trace pfi_address_add(0,2,0) at pfi_address_add+0x1eb sys/net/pf_if.c:585 pfi_instance_add(ffff800000ac6000,0,c3) at pfi_instance_add+0x5e5 pfi_table_update(ffff800000afb488,ffff800000af7700,0,c3) at pfi_table_update+0x174 pfi_kif_update(ffff800000af7700) at pfi_kif_update+0xba pfi_dynaddr_update sys/net/pf_if.c:466 [inline] pfi_kif_update(ffff800000af7700) at pfi_kif_update+0xba sys/net/pf_if.c:442 pfi_dynaddr_setup(ffff800000af5880,0) at pfi_dynaddr_setup+0x3fa sys/net/pf_if.c:420 pfioctl(4900,cd604404,ffff800000ac9000,3,ffff80001d79b130) at pfioctl+0x51b2 pf_addr_setup sys/net/pf_ioctl.c:893 [inline] pfioctl(4900,cd604404,ffff800000ac9000,3,ffff80001d79b130) at pfioctl+0x51b2 sys/net/pf_ioctl.c:1265 VOP_IOCTL(fffffd805d7125b0,cd604404,ffff800000ac9000,3,fffffd806c3bf6c0,ffff80001d79b130) at VOP_IOCTL+0x88 sys/kern/vfs_vops.c:290 vn_ioctl(fffffd805747fe20,cd604404,ffff800000ac9000,ffff80001d79b130) at vn_ioctl+0xb5 sys/kern/vfs_vnops.c:531 sys_ioctl(ffff80001d79b130,ffff80001e7a9868,ffff80001e7a98b0) at sys_ioctl+0x4a1 syscall(ffff80001e7a9930) at syscall+0x507 sys/arch/amd64/amd64/trap.c:570 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xca936cce2c0, count: -11