uvm_fault(0xfffffd806bc09bb0, 0x4, 0, 1) -> e kernel: page fault trap, code=0 Stopped at pfi_address_add+0x1eb: movl 0x4(%rax),%eax ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic kernel page fault uvm_fault(0xfffffd806bc09bb0, 0x4, 0, 1) -> e pfi_address_add(0,2,0) at pfi_address_add+0x1eb sys/net/pf_if.c:585 end trace frame: 0xffff80001ee2c4e0, count: 0 ddb> trace pfi_address_add(0,2,0) at pfi_address_add+0x1eb sys/net/pf_if.c:585 pfi_instance_add(ffff8000009f7800,0,2) at pfi_instance_add+0x5e5 pfi_table_update(ffff800000a11a40,ffff800000a09800,0,2) at pfi_table_update+0x174 pfi_kif_update(ffff800000a09800) at pfi_kif_update+0xba pfi_dynaddr_update sys/net/pf_if.c:466 [inline] pfi_kif_update(ffff800000a09800) at pfi_kif_update+0xba sys/net/pf_if.c:442 if_addgroup(ffff8000009f7800,ffff80001ee2c6f8) at if_addgroup+0x280 sys/net/if.c:2742 ifioctl(fffffd8057e4fb18,80286987,ffff80001ee2c6e0,ffff80001d7a7c40) at ifioctl+0x13e7 sys/net/if.c:2154 sys_ioctl(ffff80001d7a7c40,ffff80001ee2c7f8,ffff80001ee2c840) at sys_ioctl+0x4a1 syscall(ffff80001ee2c8c0) at syscall+0x507 sys/arch/amd64/amd64/trap.c:570 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xf1f713c9cc0, count: -9 ddb> show registers rdi 0xffffffff813ee597 pfi_address_add+0x1e7 rsi 0x1e22 __ALIGN_SIZE+0xe22 rbp 0xffff80001ee2c440 rbx 0 rdx 0x1e23 __ALIGN_SIZE+0xe23 rcx 0xffff80001de27000 rax 0 r8 0xffffffff813ede51 pfi_instance_add+0xf1 r9 0x1 r10 0x2 r11 0xa8ee8e6fa4eeb99 r12 0x34 r13 0x2 r14 0xffff800000654034 r15 0 rip 0xffffffff813ee59b pfi_address_add+0x1eb cs 0x8 rflags 0x10246 __ALIGN_SIZE+0xf246 rsp 0xffff80001ee2c3d0 ss 0x10 pfi_address_add+0x1eb: movl 0x4(%rax),%eax ddb> show proc PROC (syz-executor.0) pid=395986 stat=onproc flags process=0 proc=4000000 pri=32, usrpri=78, nice=20 forw=0xffffffffffffffff, list=0xffff80001d7394e8,0xffffffff825ec610 process=0xffff8000ffff8e78 user=0xffff80001ee27000, vmspace=0xfffffd806bc09bb0 estcpu=36, cpticks=0, pctcpu=0.0 user=0, sys=0, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 28567 116947 41986 0 2 0 syz-executor.0 *28567 395986 41986 0 7 0x4000000 syz-executor.0 8240 449170 5441 0 3 0x82 piperd syz-executor.1 89005 312139 0 0 3 0x14200 bored sosplice 12664 494066 1 0 3 0x100083 ttyin getty 13344 300140 0 0 3 0x14200 acct acct 41986 27255 5441 0 3 0x82 nanosleep syz-executor.0 5441 194776 3503 0 3 0x82 thrsleep syz-fuzzer 5441 167804 3503 0 3 0x4000082 nanosleep syz-fuzzer 5441 96638 3503 0 3 0x4000082 thrsleep syz-fuzzer 5441 11271 3503 0 3 0x4000082 thrsleep syz-fuzzer 5441 95997 3503 0 3 0x4000082 thrsleep syz-fuzzer 5441 396191 3503 0 3 0x4000082 thrsleep syz-fuzzer 5441 420994 3503 0 3 0x4000082 thrsleep syz-fuzzer 5441 338682 3503 0 2 0x4000002 syz-fuzzer 3503 53086 88141 0 3 0x10008a pause ksh 88141 452507 78570 0 3 0x92 select sshd 78570 292773 1 0 3 0x80 select sshd 52174 392093 51983 73 3 0x100090 kqread syslogd 51983 55980 1 0 3 0x100082 netio syslogd 76356 329338 1 77 3 0x100090 poll dhclient 29981 439835 1 0 3 0x80 poll dhclient 52526 394328 0 0 3 0x14200 bored smr 92657 235619 0 0 2 0x14200 zerothread 51773 377044 0 0 3 0x14200 aiodoned aiodoned 3803 197729 0 0 3 0x14200 syncer update 26388 260491 0 0 3 0x14200 cleaner cleaner 97376 402209 0 0 3 0x14200 reaper reaper 74103 184317 0 0 3 0x14200 pgdaemon pagedaemon 6552 488604 0 0 3 0x14200 bored crynlk 84079 228812 0 0 3 0x14200 bored crypto 6568 13223 0 0 3 0x40014200 acpi0 acpi0 32360 492780 0 0 3 0x14200 bored softnet 23583 361261 0 0 3 0x14200 bored systqmp 55421 340294 0 0 3 0x14200 bored systq 38397 207390 0 0 3 0x40014200 bored softclock 14115 121157 0 0 3 0x40014200 idle0 1 149379 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 9503 6350K 7632K 78643K 13249 0 pcb 13 8K 8K 78643K 111 0 rtable 128 17K 18K 78643K 434 0 ifaddr 74 15K 16K 78643K 165 0 counters 21 16K 16K 78643K 32 0 ioctlops 0 0K 4K 78643K 88 0 iov 0 0K 16K 78643K 65 0 mount 1 1K 1K 78643K 1 0 vnodes 1220 77K 77K 78643K 1916 0 UFS quota 1 32K 32K 78643K 1 0 UFS mount 5 36K 36K 78643K 5 0 shm 2 1K 5K 78643K 5 0 VM map 2 0K 0K 78643K 2 0 sem 12 0K 1K 78643K 52 0 dirhash 12 2K 2K 78643K 12 0 ACPI 1809 195K 288K 78643K 12938 0 file desc 5 13K 25K 78643K 570 0 sigio 0 0K 0K 78643K 4 0 proc 51 38K 55K 78643K 480 0 subproc 32 2K 2K 78643K 51 0 NFS srvsock 1 0K 0K 78643K 1 0 NFS daemon 1 16K 16K 78643K 1 0 ip_moptions 0 0K 0K 78643K 46 0 in_multi 64 3K 3K 78643K 141 0 ether_multi 1 0K 0K 78643K 22 0 mrt 0 0K 0K 78643K 8 0 ISOFS mount 1 32K 32K 78643K 1 0 MSDOSFS mount 1 16K 16K 78643K 1 0 ttys 49 228K 228K 78643K 49 0 exec 0 0K 1K 78643K 257 0 pagedep 1 8K 8K 78643K 1 0 inodedep 1 32K 32K 78643K 1 0 newblk 1 0K 0K 78643K 1 0 VM swap 7 26K 26K 78643K 7 0 UVM amap 123 23K 25K 78643K 2212 0 UVM aobj 16 2K 2K 78643K 19 0 memdesc 1 4K 4K 78643K 1 0 crypto data 1 1K 1K 78643K 1 0 ip6_options 0 0K 0K 78643K 88 0 NDP 11 0K 0K 78643K 30 0 temp 110 3039K 3110K 78643K 8462 0 kqueue 3 4K 9K 78643K 32 0 SYN cache 2 16K 16K 78643K 2 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle arp 64 8 0 2 1 0 1 1 0 8 0 rtpcb 80 59 0 57 1 0 1 1 0 8 0 rtentry 112 67 0 25 2 0 2 2 0 8 0 unpcb 120 385 0 376 1 0 1 1 0 8 0 syncache 264 7 0 7 3 3 0 1 0 8 0 tcpqe 32 445 0 445 1 1 0 1 0 8 0 tcpcb 544 242 0 237 2 1 1 2 0 8 0 ipq 40 6 0 6 2 1 1 1 0 8 1 ipqe 40 14 0 14 2 1 1 1 0 8 1 inpcb 280 1033 0 1025 5 4 1 2 0 8 0 rttmr 72 2 0 2 1 1 0 1 0 8 0 nd6 48 11 0 7 1 0 1 1 0 8 0 pkpcb 40 4 0 4 2 1 1 1 0 8 1 ppxss 1128 2 0 2 2 2 0 1 0 8 0 pfstscr 40 2 0 0 1 0 1 1 0 8 0 pfosfp 40 1 0 0 1 0 1 1 0 8 0 pfosfpen 112 2 0 0 1 0 1 1 0 8 0 pfrke_plain 160 7 0 2 1 0 1 1 0 8 0 pfrktable 1344 33 0 23 2 1 1 2 0 8 0 pftag 88 8 0 6 2 1 1 1 0 8 0 pfstitem 24 1 0 0 1 0 1 1 0 8 0 pfstkey 112 2 0 1 1 0 1 1 0 8 0 pfstate 328 2 0 1 1 0 1 1 0 8 0 pfrule 1360 31 0 14 2 0 2 2 0 8 0 art_heap8 4096 2 0 0 2 0 2 2 0 8 0 art_heap4 256 292 0 111 13 1 12 13 0 8 0 art_table 32 294 0 111 2 0 2 2 0 8 0 art_node 16 66 0 27 1 0 1 1 0 8 0 sysvmsgpl 40 10 0 8 1 0 1 1 0 8 0 semupl 112 2 0 2 1 1 0 1 0 8 0 semapl 112 48 0 38 1 0 1 1 0 8 0 shmpl 112 17 0 3 1 0 1 1 0 8 0 dirhash 1024 17 0 0 3 0 3 3 0 8 0 dino2pl 256 2171 0 774 88 0 88 88 0 8 0 ffsino 240 2171 0 774 83 0 83 83 0 8 0 nchpl 144 3165 0 1582 60 0 60 60 0 8 0 rtmask 32 4 0 2 1 0 1 1 0 8 0 uvmvnodes 72 2826 0 0 52 0 52 52 0 8 0 vnodes 208 2826 0 0 149 0 149 149 0 8 0 namei 1024 9223 0 9223 2 1 1 1 0 8 1 vmpool 528 4 0 4 1 1 0 1 0 8 0 pfiaddrpl 120 13 0 4 1 0 1 1 0 8 0 scsiplug 64 1 0 1 1 1 0 1 0 8 0 scxspl 192 8936 0 8936 1 0 1 1 0 8 1 plimitpl 152 74 0 67 1 0 1 1 0 8 0 sigapl 424 756 0 726 4 0 4 4 0 8 0 futexpl 56 12020 0 12020 2 1 1 1 0 8 1 knotepl 112 99 0 80 1 0 1 1 0 8 0 kqueuepl 144 71 0 69 1 0 1 1 0 8 0 pipelkpl 16 144 0 134 1 0 1 1 0 8 0 pipepl 120 288 0 269 1 0 1 1 0 8 0 fdescpl 432 740 0 726 2 0 2 2 0 8 0 filepl 120 5093 0 4997 4 0 4 4 0 8 0 lockfpl 104 120 0 119 1 0 1 1 0 8 0 lockfspl 48 50 0 49 1 0 1 1 0 8 0 sessionpl 112 19 0 9 1 0 1 1 0 8 0 pgrppl 48 19 0 9 1 0 1 1 0 8 0 ucredpl 96 559 0 552 1 0 1 1 0 8 0 zombiepl 144 726 0 726 1 0 1 1 0 8 1 processpl 920 756 0 726 5 1 4 5 0 8 0 procpl 624 1430 0 1392 5 1 4 4 0 8 1 sosppl 128 2 0 2 1 1 0 1 0 8 0 sockpl 400 1483 0 1464 8 5 3 5 0 8 0 mcl64k 65536 43 0 43 3 2 1 1 0 8 1 mcl16k 16384 3 0 3 2 1 1 1 0 8 1 mcl12k 12288 25 0 25 3 2 1 1 0 8 1 mcl9k 9216 4 0 4 3 2 1 1 0 8 1 mcl8k 8192 18 0 18 3 3 0 1 0 8 0 mcl4k 4096 52 0 52 5 4 1 1 0 8 1 mcl2k2 2112 7 0 7 3 3 0 1 0 8 0 mcl2k 2048 72561 0 72506 26 17 9 19 0 8 0 mtagpl 80 93 0 61 3 1 2 2 0 8 0 mbufpl 256 118863 0 118713 21 5 16 17 0 8 0 bufpl 280 4506 0 143 312 0 312 312 0 8 0 anonpl 16 91789 0 76959 93 16 77 79 0 107 13 amapchunkpl 152 3689 0 3551 21 11 10 13 0 158 3 amappl16 192 3890 0 3044 63 12 51 55 0 8 8 amappl15 184 1 0 0 1 0 1 1 0 8 0 amappl14 176 27 0 21 1 0 1 1 0 8 0 amappl13 168 50 0 46 1 0 1 1 0 8 0 amappl12 160 10 0 7 1 0 1 1 0 8 0 amappl11 152 50 0 41 1 0 1 1 0 8 0 amappl10 144 537 0 530 1 0 1 1 0 8 0 amappl9 136 363 0 362 1 0 1 1 0 8 0 amappl8 128 344 0 306 2 0 2 2 0 8 0 amappl7 120 635 0 620 1 0 1 1 0 8 0 amappl6 112 24 0 20 1 0 1 1 0 8 0 amappl5 104 689 0 675 1 0 1 1 0 8 0 amappl4 96 441 0 413 1 0 1 1 0 8 0 amappl3 88 125 0 119 1 0 1 1 0 8 0 amappl2 80 5023 0 4958 2 0 2 2 0 8 0 amappl1 72 22799 0 22392 23 14 9 17 0 8 0 amappl 80 1695 0 1655 1 0 1 1 0 84 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 64 18 0 3 1 0 1 1 0 8 0 uaddrrnd 24 744 0 730 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 744 0 730 1 0 1 1 0 8 0 vmmpekpl 168 8707 0 8681 2 0 2 2 0 8 0 vmmpepl 168 93943 0 92016 150 44 106 123 0 357 17 vmsppl 272 743 0 730 3 2 1 2 0 8 0 pdppl 4096 1494 0 1460 6 1 5 6 0 8 0 pvpl 32 259564 0 241725 209 28 181 195 0 265 29 pmappl 200 743 0 730 1 0 1 1 0 8 0 extentpl 40 53 0 36 1 0 1 1 0 8 0 phpool 112 279 0 46 7 0 7 7 0 8 0 ddb> machine ddbcpu 0 No such command ddb> trace pfi_address_add(0,2,0) at pfi_address_add+0x1eb sys/net/pf_if.c:585 pfi_instance_add(ffff8000009f7800,0,2) at pfi_instance_add+0x5e5 pfi_table_update(ffff800000a11a40,ffff800000a09800,0,2) at pfi_table_update+0x174 pfi_kif_update(ffff800000a09800) at pfi_kif_update+0xba pfi_dynaddr_update sys/net/pf_if.c:466 [inline] pfi_kif_update(ffff800000a09800) at pfi_kif_update+0xba sys/net/pf_if.c:442 if_addgroup(ffff8000009f7800,ffff80001ee2c6f8) at if_addgroup+0x280 sys/net/if.c:2742 ifioctl(fffffd8057e4fb18,80286987,ffff80001ee2c6e0,ffff80001d7a7c40) at ifioctl+0x13e7 sys/net/if.c:2154 sys_ioctl(ffff80001d7a7c40,ffff80001ee2c7f8,ffff80001ee2c840) at sys_ioctl+0x4a1 syscall(ffff80001ee2c8c0) at syscall+0x507 sys/arch/amd64/amd64/trap.c:570 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xf1f713c9cc0, count: -9 ddb> machine ddbcpu 1 No such command ddb> trace pfi_address_add(0,2,0) at pfi_address_add+0x1eb sys/net/pf_if.c:585 pfi_instance_add(ffff8000009f7800,0,2) at pfi_instance_add+0x5e5 pfi_table_update(ffff800000a11a40,ffff800000a09800,0,2) at pfi_table_update+0x174 pfi_kif_update(ffff800000a09800) at pfi_kif_update+0xba pfi_dynaddr_update sys/net/pf_if.c:466 [inline] pfi_kif_update(ffff800000a09800) at pfi_kif_update+0xba sys/net/pf_if.c:442 if_addgroup(ffff8000009f7800,ffff80001ee2c6f8) at if_addgroup+0x280 sys/net/if.c:2742 ifioctl(fffffd8057e4fb18,80286987,ffff80001ee2c6e0,ffff80001d7a7c40) at ifioctl+0x13e7 sys/net/if.c:2154 sys_ioctl(ffff80001d7a7c40,ffff80001ee2c7f8,ffff80001ee2c840) at sys_ioctl+0x4a1 syscall(ffff80001ee2c8c0) at syscall+0x507 sys/arch/amd64/amd64/trap.c:570 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xf1f713c9cc0, count: -9