uvm_fault(0xfffffd8052578cd0, 0x4, 0, 1) -> e kernel: page fault trap, code=0 Stopped at pfi_address_add+0x1eb: movl 0x4(%rax),%eax ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic kernel page fault uvm_fault(0xfffffd8052578cd0, 0x4, 0, 1) -> e pfi_address_add(0,2,0) at pfi_address_add+0x1eb sys/net/pf_if.c:585 end trace frame: 0xffff80001e7a8cc0, count: 0 ddb> trace pfi_address_add(0,2,0) at pfi_address_add+0x1eb sys/net/pf_if.c:585 pfi_instance_add(ffff800000ac6800,0,c3) at pfi_instance_add+0x5e5 pfi_table_update(ffff800000af9a40,ffff800000ad6500,0,c3) at pfi_table_update+0x174 pfi_kif_update(ffff800000ad6500) at pfi_kif_update+0xba pfi_dynaddr_update sys/net/pf_if.c:466 [inline] pfi_kif_update(ffff800000ad6500) at pfi_kif_update+0xba sys/net/pf_if.c:442 pfi_dynaddr_setup(ffff800000af5338,0) at pfi_dynaddr_setup+0x3fa sys/net/pf_if.c:420 pfioctl(4900,cd604404,ffff800000ad2000,3,ffff80001e7bd880) at pfioctl+0x51b2 pf_addr_setup sys/net/pf_ioctl.c:895 [inline] pfioctl(4900,cd604404,ffff800000ad2000,3,ffff80001e7bd880) at pfioctl+0x51b2 sys/net/pf_ioctl.c:1267 VOP_IOCTL(fffffd806b5fd000,cd604404,ffff800000ad2000,3,fffffd806c3bf9c0,ffff80001e7bd880) at VOP_IOCTL+0x88 sys/kern/vfs_vops.c:290 vn_ioctl(fffffd805d888b48,cd604404,ffff800000ad2000,ffff80001e7bd880) at vn_ioctl+0xb5 sys/kern/vfs_vnops.c:531 sys_ioctl(ffff80001e7bd880,ffff80001e7a9268,ffff80001e7a92b0) at sys_ioctl+0x4a1 syscall(ffff80001e7a9330) at syscall+0x507 sys/arch/amd64/amd64/trap.c:570 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xd92659eaf0, count: -11 ddb> show registers rdi 0xffffffff81ab1737 pfi_address_add+0x1e7 rsi 0x51a rbp 0xffff80001e7a8c20 rbx 0 rdx 0x51b rcx 0xffff80001d7a4000 rax 0 r8 0xffffffff81ab0ff1 pfi_instance_add+0xf1 r9 0x1 r10 0x2 r11 0x8b5d9e8bcf63773 r12 0x34 r13 0x2 r14 0xffff800000654034 r15 0 rip 0xffffffff81ab173b pfi_address_add+0x1eb cs 0x8 rflags 0x10246 __ALIGN_SIZE+0xf246 rsp 0xffff80001e7a8bb0 ss 0x10 pfi_address_add+0x1eb: movl 0x4(%rax),%eax ddb> show proc PROC (syz-executor.1) pid=216979 stat=onproc flags process=0 proc=4000000 pri=32, usrpri=60, nice=20 forw=0xffffffffffffffff, list=0xffff80001e7bcc50,0xffffffff827f75e0 process=0xffff80001d6ef250 user=0xffff80001e7a4000, vmspace=0xfffffd8052578cd0 estcpu=36, cpticks=0, pctcpu=0.0 user=0, sys=0, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 45335 294181 52325 0 2 0 syz-executor.1 *45335 216979 52325 0 7 0x4000000 syz-executor.1 79454 164474 0 0 3 0x14200 bored sosplice 10764 444220 0 0 3 0x14280 nfsidl nfsio 16544 464479 0 0 3 0x14280 nfsidl nfsio 26659 234624 0 0 3 0x14280 nfsidl nfsio 48411 303739 0 0 3 0x14280 nfsidl nfsio 45329 372349 0 0 3 0x14280 nfsidl nfsio 65179 470809 0 0 3 0x14280 nfsidl nfsio 89707 228078 0 0 3 0x14280 nfsidl nfsio 19183 176541 0 0 3 0x14280 nfsidl nfsio 80778 211217 0 0 3 0x14280 nfsidl nfsio 65362 366809 0 0 3 0x14280 nfsidl nfsio 46788 256056 0 0 3 0x14280 nfsidl nfsio 80276 254279 0 0 3 0x14280 nfsidl nfsio 14127 465350 0 0 3 0x14280 nfsidl nfsio 9647 395394 0 0 3 0x14280 nfsidl nfsio 66280 234976 0 0 3 0x14280 nfsidl nfsio 98254 200508 0 0 3 0x14280 nfsidl nfsio 85448 312318 0 0 3 0x14280 nfsidl nfsio 78069 164497 0 0 3 0x14280 nfsidl nfsio 23009 422989 0 0 3 0x14280 nfsidl nfsio 57398 420210 0 0 3 0x14280 nfsidl nfsio 37223 385138 0 0 3 0x14200 acct acct 71016 396265 63518 0 2 0x2 syz-executor.0 52325 507266 63518 0 3 0x82 nanosleep syz-executor.1 63518 339646 63606 0 3 0x82 thrsleep syz-fuzzer 63518 64442 63606 0 3 0x4000082 nanosleep syz-fuzzer 63518 31302 63606 0 3 0x4000082 thrsleep syz-fuzzer 63518 340953 63606 0 3 0x4000082 thrsleep syz-fuzzer 63518 109815 63606 0 3 0x4000082 thrsleep syz-fuzzer 63518 256729 63606 0 3 0x4000082 kqread syz-fuzzer 63518 114112 63606 0 3 0x4000082 thrsleep syz-fuzzer 63518 222446 63606 0 3 0x4000082 thrsleep syz-fuzzer 63606 447012 15938 0 3 0x10008a pause ksh 15938 427361 95852 0 3 0x92 select sshd 81358 353902 1 0 3 0x100083 ttyin getty 95852 406649 1 0 3 0x80 select sshd 24055 449043 70735 73 3 0x100090 kqread syslogd 70735 274949 1 0 3 0x100082 netio syslogd 18513 487020 1 77 3 0x100090 poll dhclient 13762 171069 1 0 3 0x80 poll dhclient 51648 230162 0 0 3 0x14200 bored smr 51570 51027 0 0 2 0x14200 zerothread 82788 162915 0 0 3 0x14200 aiodoned aiodoned 12429 294077 0 0 3 0x14200 syncer update 8901 285316 0 0 3 0x14200 cleaner cleaner 8243 521030 0 0 3 0x14200 reaper reaper 68936 332263 0 0 3 0x14200 pgdaemon pagedaemon 1955 479701 0 0 3 0x14200 bored crynlk 90342 452836 0 0 3 0x14200 bored crypto 23926 134689 0 0 3 0x40014200 acpi0 acpi0 91732 453102 0 0 3 0x14200 bored softnet 64969 486511 0 0 3 0x14200 bored systqmp 36895 388031 0 0 3 0x14200 bored systq 90733 383361 0 0 3 0x40014200 bored softclock 37871 89645 0 0 3 0x40014200 idle0 1 339635 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 9504 6612K 6728K 78643K 11366 0 pcb 13 8K 8K 78643K 90 0 rtable 109 5K 8K 78643K 528 0 ifaddr 72 15K 17K 78643K 213 0 sysctl 2 0K 0K 78643K 2 0 counters 21 16K 17K 78643K 30 0 ioctlops 1 4K 4K 78643K 90 0 iov 0 0K 16K 78643K 48 0 mount 1 1K 1K 78643K 1 0 vnodes 1224 77K 77K 78643K 1448 0 UFS quota 1 32K 32K 78643K 1 0 UFS mount 5 36K 36K 78643K 5 0 shm 2 1K 5K 78643K 11 0 VM map 2 0K 0K 78643K 2 0 sem 12 0K 0K 78643K 127 0 dirhash 12 2K 2K 78643K 12 0 ACPI 1809 195K 288K 78643K 12938 0 file desc 5 13K 25K 78643K 594 0 sigio 0 0K 0K 78643K 12 0 proc 49 38K 63K 78643K 405 0 subproc 32 2K 2K 78643K 34 0 NFS srvsock 1 0K 0K 78643K 1 0 NFS daemon 1 16K 16K 78643K 1 0 ip_moptions 0 0K 0K 78643K 50 0 in_multi 62 3K 3K 78643K 103 0 ether_multi 1 0K 0K 78643K 10 0 mrt 1 0K 0K 78643K 1 0 ISOFS mount 1 32K 32K 78643K 1 0 MSDOSFS mount 1 16K 16K 78643K 1 0 ttys 49 228K 228K 78643K 49 0 exec 0 0K 1K 78643K 220 0 pagedep 1 8K 8K 78643K 1 0 inodedep 1 32K 32K 78643K 1 0 newblk 1 0K 0K 78643K 1 0 VM swap 7 26K 26K 78643K 7 0 UVM amap 127 23K 38K 78643K 2158 0 UVM aobj 41 7K 7K 78643K 44 0 memdesc 1 4K 4K 78643K 1 0 crypto data 1 1K 1K 78643K 1 0 ip6_options 0 0K 0K 78643K 59 0 NDP 10 0K 0K 78643K 25 0 temp 113 3857K 3919K 78643K 8672 0 kqueue 6 10K 16K 78643K 19 0 SYN cache 2 16K 16K 78643K 2 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle arp 64 8 0 1 1 0 1 1 0 8 0 rtpcb 80 43 0 41 1 0 1 1 0 8 0 rtentry 112 71 0 30 2 0 2 2 0 8 0 unpcb 120 1801 0 1793 1 0 1 1 0 8 0 syncache 264 7 0 7 3 3 0 1 0 8 0 tcpqe 32 277 0 277 1 1 0 1 0 8 0 tcpcb 544 175 0 171 1 0 1 1 0 8 0 ipq 40 5 0 4 2 1 1 1 0 8 0 ipqe 40 98 0 97 2 1 1 1 0 8 0 inpcb 296 1260 0 1253 2 0 2 2 0 8 1 nd6 48 20 0 8 1 0 1 1 0 8 0 pkpcb 40 6 0 6 1 1 0 1 0 8 0 ppxss 1136 1 0 1 1 1 0 1 0 8 0 pfstscr 40 6 0 5 1 0 1 1 0 8 0 pfrke_plain 160 4 0 4 1 0 1 1 0 8 1 pfrktable 1344 103 0 100 1 0 1 1 0 8 0 pftag 88 20 0 20 2 1 1 1 0 8 1 pfstitem 24 6 0 4 1 0 1 1 0 8 0 pfstkey 112 8 0 6 1 0 1 1 0 8 0 pfstate 328 4 0 3 1 0 1 1 0 8 0 pfrule 1360 20 0 17 1 0 1 1 0 8 0 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 398 0 137 18 1 17 17 0 8 0 art_table 32 399 0 137 3 0 3 3 0 8 0 art_node 16 70 0 34 1 0 1 1 0 8 0 sysvmsgpl 40 5 0 3 1 0 1 1 0 8 0 semupl 112 4 0 4 1 1 0 1 0 8 0 semapl 112 125 0 115 1 0 1 1 0 8 0 shmpl 112 41 0 3 2 0 2 2 0 8 0 dirhash 1024 17 0 0 3 0 3 3 0 8 0 dino2pl 256 2127 0 731 88 0 88 88 0 8 0 ffsino 240 2127 0 731 83 0 83 83 0 8 0 nchpl 144 3096 0 1493 60 0 60 60 0 8 0 rtmask 32 8 0 8 1 0 1 1 0 8 1 uvmvnodes 72 2350 0 0 43 0 43 43 0 8 0 vnodes 208 2350 0 0 124 0 124 124 0 8 0 namei 1024 8150 0 8150 2 1 1 1 0 8 1 vcpupl 1984 2 0 0 1 0 1 1 0 8 0 vmpool 528 4 0 2 2 1 1 1 0 8 0 pfiaddrpl 120 29 0 28 3 2 1 1 0 8 0 scxspl 192 8872 0 8872 1 0 1 1 0 8 1 plimitpl 152 62 0 55 1 0 1 1 0 8 0 sigapl 424 802 0 752 6 0 6 6 0 8 0 futexpl 56 14068 0 14068 1 0 1 1 0 8 1 knotepl 112 84 0 65 1 0 1 1 0 8 0 kqueuepl 144 76 0 68 1 0 1 1 0 8 0 pipepl 272 102 0 92 1 0 1 1 0 8 0 fdescpl 432 766 0 752 2 0 2 2 0 8 0 filepl 120 5868 0 5772 4 0 4 4 0 8 1 lockfpl 104 127 0 126 1 0 1 1 0 8 0 lockfspl 48 54 0 53 1 0 1 1 0 8 0 sessionpl 112 17 0 7 1 0 1 1 0 8 0 pgrppl 48 21 0 11 1 0 1 1 0 8 0 ucredpl 96 388 0 381 1 0 1 1 0 8 0 zombiepl 144 752 0 752 2 1 1 1 0 8 1 processpl 928 802 0 752 7 0 7 7 0 8 0 procpl 624 1462 0 1404 5 0 5 5 0 8 0 sosppl 128 9 0 9 2 1 1 1 0 8 1 sockpl 400 3110 0 3093 4 0 4 4 0 8 2 mcl64k 65536 297 0 295 1 0 1 1 0 8 0 mcl16k 16384 10 0 10 2 1 1 1 0 8 1 mcl12k 12288 18 0 18 1 0 1 1 0 8 1 mcl9k 9216 14 0 14 1 0 1 1 0 8 1 mcl8k 8192 24 0 24 1 0 1 1 0 8 1 mcl4k 4096 88 0 88 2 1 1 1 0 8 1 mcl2k2 2112 6 0 6 1 0 1 1 0 8 1 mcl2k 2048 93934 0 93880 21 13 8 17 0 8 0 mtagpl 96 74 0 7 3 1 2 2 0 8 0 mbufpl 256 154619 0 154150 45 6 39 40 0 8 8 bufpl 280 4162 0 128 289 0 289 289 0 8 0 anonpl 16 98378 0 81179 92 7 85 86 0 107 12 amapchunkpl 152 3808 0 3679 21 15 6 19 0 158 0 amappl16 192 4221 0 3244 71 13 58 62 0 8 7 amappl15 184 4 0 2 1 0 1 1 0 8 0 amappl14 176 28 0 24 1 0 1 1 0 8 0 amappl13 168 307 0 301 1 0 1 1 0 8 0 amappl12 160 286 0 279 2 1 1 1 0 8 0 amappl11 152 43 0 34 1 0 1 1 0 8 0 amappl10 144 300 0 295 1 0 1 1 0 8 0 amappl9 136 375 0 374 1 0 1 1 0 8 0 amappl8 128 347 0 301 2 0 2 2 0 8 0 amappl7 120 395 0 382 1 0 1 1 0 8 0 amappl6 112 25 0 18 1 0 1 1 0 8 0 amappl5 104 432 0 422 1 0 1 1 0 8 0 amappl4 96 708 0 676 1 0 1 1 0 8 0 amappl3 88 422 0 415 1 0 1 1 0 8 0 amappl2 80 5305 0 5241 2 0 2 2 0 8 0 amappl1 72 25653 0 25236 23 14 9 17 0 8 0 amappl 80 1669 0 1629 1 0 1 1 0 84 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 64 43 0 3 1 0 1 1 0 8 0 uaddrrnd 24 770 0 754 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 770 0 754 1 0 1 1 0 8 0 vmmpekpl 168 8184 0 8150 2 0 2 2 0 8 0 vmmpepl 168 99716 0 97594 131 23 108 115 0 357 12 vmsppl 272 769 0 754 3 1 2 2 0 8 0 pdppl 4096 1546 0 1510 6 1 5 6 0 8 0 pvpl 32 261462 0 241685 201 5 196 197 0 265 33 pmappl 200 769 0 754 1 0 1 1 0 8 0 extentpl 40 53 0 36 1 0 1 1 0 8 0 phpool 112 290 0 27 8 0 8 8 0 8 0 ddb> machine ddbcpu 0 No such command ddb> trace pfi_address_add(0,2,0) at pfi_address_add+0x1eb sys/net/pf_if.c:585 pfi_instance_add(ffff800000ac6800,0,c3) at pfi_instance_add+0x5e5 pfi_table_update(ffff800000af9a40,ffff800000ad6500,0,c3) at pfi_table_update+0x174 pfi_kif_update(ffff800000ad6500) at pfi_kif_update+0xba pfi_dynaddr_update sys/net/pf_if.c:466 [inline] pfi_kif_update(ffff800000ad6500) at pfi_kif_update+0xba sys/net/pf_if.c:442 pfi_dynaddr_setup(ffff800000af5338,0) at pfi_dynaddr_setup+0x3fa sys/net/pf_if.c:420 pfioctl(4900,cd604404,ffff800000ad2000,3,ffff80001e7bd880) at pfioctl+0x51b2 pf_addr_setup sys/net/pf_ioctl.c:895 [inline] pfioctl(4900,cd604404,ffff800000ad2000,3,ffff80001e7bd880) at pfioctl+0x51b2 sys/net/pf_ioctl.c:1267 VOP_IOCTL(fffffd806b5fd000,cd604404,ffff800000ad2000,3,fffffd806c3bf9c0,ffff80001e7bd880) at VOP_IOCTL+0x88 sys/kern/vfs_vops.c:290 vn_ioctl(fffffd805d888b48,cd604404,ffff800000ad2000,ffff80001e7bd880) at vn_ioctl+0xb5 sys/kern/vfs_vnops.c:531 sys_ioctl(ffff80001e7bd880,ffff80001e7a9268,ffff80001e7a92b0) at sys_ioctl+0x4a1 syscall(ffff80001e7a9330) at syscall+0x507 sys/arch/amd64/amd64/trap.c:570 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xd92659eaf0, count: -11 ddb> machine ddbcpu 1 No such command ddb> trace pfi_address_add(0,2,0) at pfi_address_add+0x1eb sys/net/pf_if.c:585 pfi_instance_add(ffff800000ac6800,0,c3) at pfi_instance_add+0x5e5 pfi_table_update(ffff800000af9a40,ffff800000ad6500,0,c3) at pfi_table_update+0x174 pfi_kif_update(ffff800000ad6500) at pfi_kif_update+0xba pfi_dynaddr_update sys/net/pf_if.c:466 [inline] pfi_kif_update(ffff800000ad6500) at pfi_kif_update+0xba sys/net/pf_if.c:442 pfi_dynaddr_setup(ffff800000af5338,0) at pfi_dynaddr_setup+0x3fa sys/net/pf_if.c:420 pfioctl(4900,cd604404,ffff800000ad2000,3,ffff80001e7bd880) at pfioctl+0x51b2 pf_addr_setup sys/net/pf_ioctl.c:895 [inline] pfioctl(4900,cd604404,ffff800000ad2000,3,ffff80001e7bd880) at pfioctl+0x51b2 sys/net/pf_ioctl.c:1267 VOP_IOCTL(fffffd806b5fd000,cd604404,ffff800000ad2000,3,fffffd806c3bf9c0,ffff80001e7bd880) at VOP_IOCTL+0x88 sys/kern/vfs_vops.c:290 vn_ioctl(fffffd805d888b48,cd604404,ffff800000ad2000,ffff80001e7bd880) at vn_ioctl+0xb5 sys/kern/vfs_vnops.c:531 sys_ioctl(ffff80001e7bd880,ffff80001e7a9268,ffff80001e7a92b0) at sys_ioctl+0x4a1 syscall(ffff80001e7a9330) at syscall+0x507 sys/arch/amd64/amd64/trap.c:570 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xd92659eaf0, count: -11