uvm_fault(0xfffffd807f0005c0, 0x40010054, 0, 1) -> e kernel: page fault trap, code=0 Stopped at pfi_dynaddr_remove+0x4a: movq 0x58(%r15),%r12 ddb{1}> ddb{1}> set $lines = 0 ddb{1}> set $maxwidth = 0 ddb{1}> show panic kernel page fault uvm_fault(0xfffffd807f0005c0, 0x40010054, 0, 1) -> e pfi_dynaddr_remove(ffff800000a70ab8) at pfi_dynaddr_remove+0x4a sys/net/pf_if.c:602 end trace frame: 0xffff8000249bf3d0, count: 0 ddb{1}> trace pfi_dynaddr_remove(ffff800000a70ab8) at pfi_dynaddr_remove+0x4a sys/net/pf_if.c:602 pf_rm_rule(0,ffff800000a70a80) at pf_rm_rule+0x3ae sys/net/pf_ioctl.c:303 pfioctl(4900,cd60441a,ffff8000009d3000,2,ffff800020ac8780) at pfioctl+0x4f8c VOP_IOCTL(fffffd806f6cf0f0,cd60441a,ffff8000009d3000,2,fffffd807f7bea20,ffff800020ac8780) at VOP_IOCTL+0x88 sys/kern/vfs_vops.c:291 vn_ioctl(fffffd8078dfbe40,cd60441a,ffff8000009d3000,ffff800020ac8780) at vn_ioctl+0xb7 sys/kern/vfs_vnops.c:533 sys_ioctl(ffff800020ac8780,ffff8000249bf818,ffff8000249bf860) at sys_ioctl+0x5b9 syscall(ffff8000249bf8e0) at syscall+0x4a4 mi_syscall sys/sys/syscall_mi.h:92 [inline] syscall(ffff8000249bf8e0) at syscall+0x4a4 sys/arch/amd64/amd64/trap.c:555 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x16e5e085f20, count: -8 ddb{1}> show registers rdi 0x2 rsi 0x2 rbp 0xffff8000249bf370 rbx 0x2 rdx 0x2cb rcx 0xffff800000a5c3c0 rax 0xffffffff814fee03 pfi_dynaddr_remove+0x33 r8 0xffffffff81acf895 pfioctl+0x4205 r9 0x1 r10 0x18 r11 0x35cdcaf7682d441d r12 0xffff800000a70ab8 r13 0xffff800000a70a80 r14 0xffff800000a70ab8 r15 0x4000fffc rip 0xffffffff814fee1a pfi_dynaddr_remove+0x4a cs 0x8 rflags 0x10206 __ALIGN_SIZE+0xf206 rsp 0xffff8000249bf340 ss 0x10 pfi_dynaddr_remove+0x4a: movq 0x58(%r15),%r12 ddb{1}> show proc PROC (syz-executor.0) pid=198787 stat=onproc flags process=0 proc=4000000 pri=73, usrpri=73, nice=20 forw=0xffffffffffffffff, list=0xffff800020ac8ee8,0xffff800020ac9170 process=0xffff800020af43a0 user=0xffff8000249ba000, vmspace=0xfffffd807f0005c0 estcpu=23, cpticks=1, pctcpu=0.0 user=0, sys=1, intr=0 ddb{1}> ps PID TID PPID UID S FLAGS WAIT COMMAND 99877 365964 39135 0 7 0 syz-executor.0 99877 386084 39135 0 3 0x4000080 fsleep syz-executor.0 *99877 198787 39135 0 7 0x4000000 syz-executor.0 99877 122619 39135 0 3 0x4000080 fsleep syz-executor.0 99877 166710 39135 0 3 0x4000080 fsleep syz-executor.0 24904 515000 65975 0 3 0x2 biowait syz-executor.1 39135 151593 65975 0 3 0x82 nanosleep syz-executor.0 48803 218105 0 0 3 0x14200 bored sosplice 65975 239634 2464 0 3 0x82 thrsleep syz-fuzzer 65975 404736 2464 0 3 0x4000082 nanosleep syz-fuzzer 65975 31084 2464 0 3 0x4000082 thrsleep syz-fuzzer 65975 104261 2464 0 3 0x4000082 thrsleep syz-fuzzer 65975 18001 2464 0 3 0x4000082 thrsleep syz-fuzzer 65975 169725 2464 0 3 0x4000082 kqread syz-fuzzer 65975 101948 2464 0 3 0x4000082 thrsleep syz-fuzzer 65975 58788 2464 0 3 0x4000082 thrsleep syz-fuzzer 65975 244583 2464 0 3 0x4000082 thrsleep syz-fuzzer 65975 72235 2464 0 3 0x4000082 thrsleep syz-fuzzer 2464 369220 47187 0 3 0x10008a pause ksh 47187 506012 49384 0 3 0x92 select sshd 80153 351233 1 0 3 0x100083 ttyin getty 49384 444630 1 0 3 0x80 select sshd 33876 47785 80634 74 3 0x100092 bpf pflogd 80634 416581 1 0 3 0x80 netio pflogd 57270 505346 25959 73 3 0x100090 kqread syslogd 25959 49306 1 0 3 0x100082 netio syslogd 37975 462371 1 77 3 0x100090 poll dhclient 71660 213495 1 0 3 0x80 poll dhclient 18533 270487 0 0 3 0x14200 pgzero zerothread 71580 67698 0 0 3 0x14200 aiodoned aiodoned 27823 146 0 0 3 0x14200 syncer update 69583 300815 0 0 3 0x14200 cleaner cleaner 82435 146384 0 0 3 0x14200 reaper reaper 49423 33179 0 0 3 0x14200 pgdaemon pagedaemon 30358 201748 0 0 3 0x14200 bored crynlk 54326 352947 0 0 3 0x14200 bored crypto 22108 270243 0 0 3 0x40014200 acpi0 acpi0 79446 347460 0 0 3 0x40014200 idle1 25854 87547 0 0 3 0x14200 bored softnet 15020 336715 0 0 3 0x14200 bored systqmp 40883 261692 0 0 3 0x14200 bored systq 66189 103316 0 0 3 0x40014200 bored softclock 65976 349689 0 0 3 0x40014200 idle0 3124 106770 0 0 3 0x14200 bored smr 1 68282 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb{1}> show all locks Process 99877 (syz-executor.0) thread 0xffff800020ac8780 (198787) exclusive rwlock netlock r = 0 (0xffffffff8246c508) #0 witness_lock+0x52e sys/kern/subr_witness.c:1163 #1 pfioctl+0x15f sys/net/pf_ioctl.c:1028 #2 VOP_IOCTL+0x88 sys/kern/vfs_vops.c:291 #3 vn_ioctl+0xb7 sys/kern/vfs_vnops.c:533 #4 sys_ioctl+0x5b9 #5 syscall+0x4a4 mi_syscall sys/sys/syscall_mi.h:92 [inline] #5 syscall+0x4a4 sys/arch/amd64/amd64/trap.c:555 #6 Xsyscall+0x128 exclusive kernel_lock &kernel_lock r = 1 (0xffffffff8265f6c0) #0 witness_lock+0x52e sys/kern/subr_witness.c:1163 #1 syscall+0x400 mi_syscall sys/sys/syscall_mi.h:83 [inline] #1 syscall+0x400 sys/arch/amd64/amd64/trap.c:555 #2 Xsyscall+0x128 Process 24904 (syz-executor.1) thread 0xffff800020ac8018 (515000) exclusive rrwlock inode r = 0 (0xfffffd80673904e0) #0 witness_lock+0x52e sys/kern/subr_witness.c:1163 #1 rw_enter+0x453 sys/kern/kern_rwlock.c:309 #2 rrw_enter+0x88 sys/kern/kern_rwlock.c:453 #3 ufs_ihashins+0x45 sys/ufs/ufs/ufs_ihash.c:140 #4 ffs_vget+0x13e sys/ufs/ffs/ffs_vfsops.c:1352 #5 ffs_inode_alloc+0x1cf sys/ufs/ffs/ffs_alloc.c:392 #6 ufs_mkdir+0xf4 sys/ufs/ufs/ufs_vnops.c:1164 #7 VOP_MKDIR+0xc6 sys/kern/vfs_vops.c:450 #8 domkdirat+0x121 sys/kern/vfs_syscalls.c:2974 #9 syscall+0x4a4 mi_syscall sys/sys/syscall_mi.h:92 [inline] #9 syscall+0x4a4 sys/arch/amd64/amd64/trap.c:555 #10 Xsyscall+0x128 exclusive rrwlock inode r = 0 (0xfffffd807ba30f78) #0 witness_lock+0x52e sys/kern/subr_witness.c:1163 #1 rw_enter+0x453 sys/kern/kern_rwlock.c:309 #2 rrw_enter+0x88 sys/kern/kern_rwlock.c:453 #3 VOP_LOCK+0xf9 sys/kern/vfs_vops.c:615 #4 vn_lock+0x81 sys/kern/vfs_vnops.c:571 #5 vfs_lookup+0xe6 sys/kern/vfs_lookup.c:419 #6 namei+0x63c sys/kern/vfs_lookup.c:249 #7 domkdirat+0x75 sys/kern/vfs_syscalls.c:2959 #8 syscall+0x4a4 mi_syscall sys/sys/syscall_mi.h:92 [inline] #8 syscall+0x4a4 sys/arch/amd64/amd64/trap.c:555 #9 Xsyscall+0x128 ddb{1}> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 9485 6410K 6427K 78643K 15921 0 pcb 13 8K 8K 78643K 8866 0 rtable 118 6K 6K 78643K 388 0 ifaddr 56 13K 13K 78643K 92 0 counters 39 33K 33K 78643K 39 0 ioctlops 1 4K 4K 78643K 6350 0 iov 0 0K 16K 78643K 698 0 mount 1 1K 1K 78643K 1 0 vnodes 1222 77K 77K 78643K 6314 0 UFS quota 1 32K 32K 78643K 1 0 UFS mount 5 36K 36K 78643K 5 0 shm 2 1K 5K 78643K 396 0 VM map 2 1K 1K 78643K 2 0 sem 12 0K 0K 78643K 135 0 dirhash 12 2K 2K 78643K 12 0 ACPI 1809 196K 290K 78643K 12766 0 file desc 5 13K 25K 78643K 29253 0 sigio 0 0K 0K 78643K 46 0 proc 112 66K 95K 78643K 840 0 subproc 32 2K 2K 78643K 102 0 NFS srvsock 1 0K 0K 78643K 1 0 NFS daemon 1 16K 16K 78643K 1 0 ip_moptions 0 0K 0K 78643K 367 0 in_multi 33 2K 2K 78643K 136 0 ether_multi 1 0K 0K 78643K 14 0 ISOFS mount 1 32K 32K 78643K 1 0 MSDOSFS mount 1 16K 16K 78643K 1 0 ttys 61 281K 281K 78643K 61 0 exec 0 0K 1K 78643K 266 0 pagedep 1 8K 8K 78643K 1 0 inodedep 1 32K 32K 78643K 1 0 newblk 1 0K 0K 78643K 1 0 VM swap 7 26K 26K 78643K 7 0 UVM amap 133 39K 40K 78643K 68903 0 UVM aobj 130 4K 4K 78643K 130 0 memdesc 1 4K 4K 78643K 1 0 crypto data 1 1K 1K 78643K 1 0 ip6_options 0 0K 0K 78643K 3 0 NDP 7 0K 0K 78643K 24 0 temp 116 3028K 3098K 78643K 191917 0 kqueue 0 0K 0K 78643K 435 0 SYN cache 2 16K 16K 78643K 2 0 ddb{1}> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle arp 64 14 0 8 1 0 1 1 0 8 0 plcache 128 20 0 0 1 0 1 1 0 8 0 rtpcb 80 1928 0 1926 1 0 1 1 0 8 0 rtentry 112 85 0 41 2 0 2 2 0 8 0 unpcb 120 20998 0 20980 18 16 2 2 0 8 1 syncache 264 4 0 4 1 1 0 1 0 8 0 sackhl 24 7 0 7 5 5 0 1 0 8 0 tcpcb 544 785 0 781 1 0 1 1 0 8 0 inpcb 280 18660 0 18651 13 12 1 2 0 8 0 nd6 48 12 0 8 1 0 1 1 0 8 0 pkpcb 40 32 0 32 2 2 0 1 0 8 0 ppxss 1128 1 0 1 1 1 0 1 0 8 0 pfosfp 40 846 0 423 5 0 5 5 0 8 0 pfosfpen 112 1428 0 714 21 0 21 21 0 8 0 pfrktable 1344 7 0 2 1 0 1 1 0 8 0 pfstitem 24 17 0 15 1 0 1 1 0 8 0 pfstkey 112 17 0 15 1 0 1 1 0 8 0 pfstate 328 17 0 15 1 0 1 1 0 8 0 pfrule 1360 30 0 17 3 1 2 2 0 8 0 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 384 0 172 14 0 14 14 0 8 0 art_table 32 385 0 172 2 0 2 2 0 8 0 art_node 16 84 0 44 1 0 1 1 0 8 0 sysvmsgpl 40 20 0 20 2 2 0 1 0 8 0 semapl 112 133 0 123 1 0 1 1 0 8 0 shmpl 112 128 0 0 4 0 4 4 0 8 0 dirhash 1024 17 0 0 3 0 3 3 0 8 0 dino1pl 128 35383 0 33938 47 0 47 47 0 8 0 ffsino 272 35383 0 33938 97 0 97 97 0 8 0 nchpl 144 71883 0 70204 63 0 63 63 0 8 0 uvmvnodes 72 5926 0 0 108 0 108 108 0 8 0 vnodes 208 5926 0 0 312 0 312 312 0 8 0 namei 1024 174487 0 174486 1 0 1 1 0 8 0 percpumem 16 30 0 0 1 0 1 1 0 8 0 vcpupl 1984 2 0 0 1 0 1 1 0 8 0 vmpool 560 5 0 3 2 1 1 1 0 8 0 pfiaddrpl 120 10 0 0 1 0 1 1 0 8 0 scxspl 192 194047 0 194046 10 9 1 7 0 8 0 plimitpl 152 108 0 100 1 0 1 1 0 8 0 sigapl 432 29440 0 29425 3 1 2 3 0 8 0 futexpl 56 165160 0 165157 1 0 1 1 0 8 0 knotepl 112 1983 0 1964 1 0 1 1 0 8 0 kqueuepl 104 13510 0 13502 3 2 1 2 0 8 0 pipepl 112 9432 0 9413 6 4 2 2 0 8 1 fdescpl 488 29441 0 29425 3 0 3 3 0 8 0 filepl 152 126564 0 126442 36 30 6 8 0 8 1 lockfpl 104 1863 0 1862 1 0 1 1 0 8 0 lockfspl 48 823 0 822 1 0 1 1 0 8 0 sessionpl 112 22 0 11 1 0 1 1 0 8 0 pgrppl 48 205 0 194 1 0 1 1 0 8 0 ucredpl 96 10749 0 10740 1 0 1 1 0 8 0 zombiepl 144 29425 0 29425 1 0 1 1 0 8 1 processpl 904 29457 0 29425 4 0 4 4 0 8 0 procpl 632 67660 0 67615 19 14 5 5 0 8 1 srpgc 64 8 0 8 4 4 0 1 0 8 0 sockpl 384 41876 0 41847 51 45 6 8 0 8 3 mcl64k 65536 22 0 0 3 1 2 3 0 8 0 mcl16k 16384 15 0 0 2 0 2 2 0 8 0 mcl12k 12288 42 0 0 2 0 2 2 0 8 0 mcl9k 9216 22 0 0 2 0 2 2 0 8 0 mcl8k 8192 17 0 0 3 0 3 3 0 8 0 mcl4k 4096 25 0 0 4 1 3 3 0 8 0 mcl2k2 2112 11 0 0 1 0 1 1 0 8 0 mcl2k 2048 179 0 0 14 2 12 14 0 8 0 mtagpl 80 1 0 0 1 0 1 1 0 8 0 mbufpl 256 604 0 0 15 6 9 14 0 8 0 bufpl 280 38543 0 31473 506 0 506 506 0 8 0 anonpl 16 1669075 0 1664463 40 20 20 34 0 125 0 amapchunkpl 152 107421 0 107331 7 2 5 6 0 158 0 amappl16 192 121158 0 120942 39 27 12 23 0 8 1 amappl15 184 701 0 697 1 0 1 1 0 8 0 amappl14 176 499 0 496 1 0 1 1 0 8 0 amappl13 168 6483 0 6480 2 1 1 1 0 8 0 amappl12 160 8676 0 8676 2 2 0 1 0 8 0 amappl11 152 72 0 56 1 0 1 1 0 8 0 amappl10 144 15 0 8 1 0 1 1 0 8 0 amappl9 136 8312 0 8308 1 0 1 1 0 8 0 amappl8 128 7914 0 7863 2 0 2 2 0 8 0 amappl7 120 130 0 116 1 0 1 1 0 8 0 amappl6 112 71 0 61 1 0 1 1 0 8 0 amappl5 104 8911 0 8898 1 0 1 1 0 8 0 amappl4 96 20555 0 20519 1 0 1 1 0 8 0 amappl3 88 10532 0 10524 1 0 1 1 0 8 0 amappl2 80 238629 0 238550 3 1 2 3 0 8 0 amappl1 72 532507 0 532051 25 15 10 20 0 8 0 amappl 80 67968 0 67930 1 0 1 1 0 84 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 64 129 0 0 3 0 3 3 0 8 0 uaddrrnd 24 29446 0 29428 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 29446 0 29428 1 0 1 1 0 8 0 vmmpekpl 168 127814 0 127775 2 0 2 2 0 8 0 vmmpepl 168 3316111 0 3314681 129 61 68 82 0 357 2 vmsppl 368 29445 0 29428 2 0 2 2 0 8 0 pdppl 4096 58899 0 58858 6 0 6 6 0 8 0 pvpl 32 4835267 0 4827381 210 143 67 118 0 265 1 pmappl 232 29445 0 29428 3 1 2 2 0 8 1 extentpl 40 46 0 29 1 0 1 1 0 8 0 phpool 112 175 0 13 5 0 5 5 0 8 0