login: uvm_fault(0xfffffd8065c67bc0, 0x7b8, 0, 1) -> e kernel: page fault trap, code=0 Stopped at pfsync_state_import+0x10f: movq 0(%r15,%rbx,8),%r15 ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic kernel page fault uvm_fault(0xfffffd8065c67bc0, 0x7b8, 0, 1) -> e pfsync_state_import(ffff800000af0000,1) at pfsync_state_import+0x10f sys/net/if_pfsync.c:518 end trace frame: 0xffff8000219a6c10, count: 0 ddb> trace pfsync_state_import(ffff800000af0000,1) at pfsync_state_import+0x10f sys/net/if_pfsync.c:518 pfioctl(4900,c1084425,ffff800000af0000,3,ffff80001e7a6ec0) at pfioctl+0x284a sys/net/pf_ioctl.c:1686 VOP_IOCTL(fffffd8064d155b0,c1084425,ffff800000af0000,3,fffffd806c3bfba0,ffff80001e7a6ec0) at VOP_IOCTL+0x88 sys/kern/vfs_vops.c:290 vn_ioctl(fffffd80649f82d0,c1084425,ffff800000af0000,ffff80001e7a6ec0) at vn_ioctl+0xb5 sys/kern/vfs_vnops.c:531 sys_ioctl(ffff80001e7a6ec0,ffff8000219a6ef8,ffff8000219a6f40) at sys_ioctl+0x4a1 syscall(ffff8000219a6fc0) at syscall+0x507 sys/arch/amd64/amd64/trap.c:570 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x419d1c10880, count: -7 ddb> show registers rdi 0xffffffff810dc03f pfsync_state_import+0x10f rsi 0x46a rbp 0xffff8000219a6ab0 rbx 0xf7 rdx 0x46b rcx 0xffff80001e7d0000 rax 0xffff80001e7d0000 r8 0x101010101010101 r9 0x8080808080808080 r10 0x5bcc897c4433b513 r11 0xf9393d5c3136aa09 r12 0xffff800000bf1e00 r13 0xffff800000af0000 r14 0x1 r15 0 rip 0xffffffff810dc03f pfsync_state_import+0x10f cs 0x8 rflags 0x10246 __ALIGN_SIZE+0xf246 rsp 0xffff8000219a6a30 ss 0x10 pfsync_state_import+0x10f: movq 0(%r15,%rbx,8),%r15 ddb> show proc PROC (syz-executor.1) pid=68883 stat=onproc flags process=0 proc=4000000 pri=32, usrpri=81, nice=20 forw=0xffffffffffffffff, list=0xffff80001e7a73a0,0xffffffff82828da8 process=0xffff80001e7ac030 user=0xffff8000219a2000, vmspace=0xfffffd8065c67bc0 estcpu=36, cpticks=1, pctcpu=0.0 user=0, sys=1, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 10701 413384 11486 0 2 0 syz-executor.1 *10701 68883 11486 0 7 0x4000000 syz-executor.1 47435 326885 60098 0 2 0 syz-executor.0 87993 217099 1 0 3 0x100083 ttyin getty 11486 427760 47477 0 2 0x482 syz-executor.1 63267 257740 0 0 3 0x14200 acct acct 25918 439515 0 0 3 0x14200 bored sosplice 95372 175399 0 0 3 0x14280 nfsidl nfsio 9099 497167 0 0 3 0x14280 nfsidl nfsio 82630 376799 0 0 3 0x14280 nfsidl nfsio 93823 499336 0 0 3 0x14280 nfsidl nfsio 59713 97448 0 0 3 0x14280 nfsidl nfsio 60501 234955 0 0 3 0x14280 nfsidl nfsio 72745 350941 0 0 3 0x14280 nfsidl nfsio 90345 325827 0 0 3 0x14280 nfsidl nfsio 12189 147689 0 0 3 0x14280 nfsidl nfsio 8834 234798 0 0 3 0x14280 nfsidl nfsio 90372 342338 0 0 3 0x14280 nfsidl nfsio 19688 469723 0 0 3 0x14280 nfsidl nfsio 70294 368457 0 0 3 0x14280 nfsidl nfsio 40966 237258 0 0 3 0x14280 nfsidl nfsio 74010 214985 0 0 3 0x14280 nfsidl nfsio 1685 219146 0 0 3 0x14280 nfsidl nfsio 40012 272278 0 0 3 0x14280 nfsidl nfsio 40889 170732 0 0 3 0x14280 nfsidl nfsio 79153 358334 0 0 3 0x14280 nfsidl nfsio 22040 480704 0 0 3 0x14280 nfsidl nfsio 60098 338939 47477 0 3 0x82 nanosleep syz-executor.0 47477 404369 14880 0 3 0x82 thrsleep syz-fuzzer 47477 382916 14880 0 3 0x4000082 thrsleep syz-fuzzer 47477 459696 14880 0 3 0x4000082 thrsleep syz-fuzzer 47477 376351 14880 0 3 0x4000082 thrsleep syz-fuzzer 47477 489882 14880 0 3 0x4000082 thrsleep syz-fuzzer 47477 383566 14880 0 3 0x4000082 kqread syz-fuzzer 47477 429737 14880 0 3 0x4000082 thrsleep syz-fuzzer 47477 175543 14880 0 3 0x4000082 thrsleep syz-fuzzer 14880 9116 47954 0 3 0x10008a pause ksh 47954 303371 55888 0 3 0x92 select sshd 55888 485221 1 0 3 0x80 select sshd 70302 424995 34001 73 3 0x100090 kqread syslogd 34001 13425 1 0 3 0x100082 netio syslogd 35737 52736 1 77 3 0x100090 poll dhclient 34104 265608 1 0 3 0x80 poll dhclient 30998 475182 0 0 3 0x14200 bored smr 90435 273485 0 0 2 0x14200 zerothread 54186 420046 0 0 3 0x14200 aiodoned aiodoned 46623 463139 0 0 3 0x14200 syncer update 77731 324973 0 0 3 0x14200 cleaner cleaner 20405 439290 0 0 3 0x14200 reaper reaper 12376 88847 0 0 3 0x14200 pgdaemon pagedaemon 54717 323272 0 0 3 0x14200 bored crynlk 12320 518118 0 0 3 0x14200 bored crypto 71188 342753 0 0 3 0x40014200 acpi0 acpi0 73299 255212 0 0 3 0x14200 bored softnet 89604 472720 0 0 3 0x14200 bored systqmp 44632 15430 0 0 3 0x14200 bored systq 76422 249098 0 0 3 0x40014200 bored softclock 28076 422287 0 0 3 0x40014200 idle0 1 278456 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 9532 6367K 7460K 78643K 25683 0 pcb 13 8K 8K 78643K 294 0 rtable 169 29K 29K 78643K 6532 0 ifaddr 130 27K 27K 78643K 2159 0 sysctl 2 0K 0K 78643K 4 0 counters 21 16K 17K 78643K 64 0 ioctlops 1 0K 4K 78643K 6176 0 iov 0 0K 16K 78643K 772 0 mount 1 1K 1K 78643K 1 0 vnodes 1220 77K 78K 78643K 5514 0 UFS quota 1 32K 32K 78643K 1 0 UFS mount 5 36K 36K 78643K 5 0 shm 2 1K 5K 78643K 24 0 VM map 2 0K 0K 78643K 2 0 sem 12 0K 0K 78643K 338 0 dirhash 12 2K 2K 78643K 12 0 ACPI 1809 195K 288K 78643K 12938 0 file desc 6 17K 25K 78643K 5650 0 sigio 0 0K 0K 78643K 49 0 proc 51 38K 55K 78643K 675 0 subproc 32 2K 2K 78643K 85 0 NFS srvsock 1 0K 0K 78643K 1 0 NFS daemon 1 16K 16K 78643K 1 0 ip_moptions 0 0K 0K 78643K 143 0 in_multi 127 5K 5K 78643K 364 0 ether_multi 1 0K 0K 78643K 48 0 mrt 0 0K 0K 78643K 17 0 ISOFS mount 1 32K 32K 78643K 1 0 MSDOSFS mount 1 16K 16K 78643K 1 0 ttys 73 334K 334K 78643K 73 0 exec 0 0K 1K 78643K 384 0 pagedep 1 8K 8K 78643K 1 0 inodedep 1 32K 32K 78643K 1 0 newblk 1 0K 0K 78643K 1 0 VM swap 7 26K 26K 78643K 7 0 UVM amap 170 171K 175K 78643K 13164 0 UVM aobj 110 5K 5K 78643K 121 0 memdesc 1 4K 4K 78643K 1 0 crypto data 1 1K 1K 78643K 1 0 ip6_options 0 0K 0K 78643K 217 0 NDP 15 0K 0K 78643K 80 0 temp 157 3892K 3956K 78643K 68999 0 kqueue 6 6K 25K 78643K 503 0 SYN cache 2 16K 16K 78643K 2 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle arp 64 16 0 8 1 0 1 1 0 8 0 rtpcb 80 182 0 180 1 0 1 1 0 8 0 rtentry 112 152 0 116 2 0 2 2 0 8 0 unpcb 120 2102 0 2094 1 0 1 1 0 8 0 syncache 264 21 0 21 10 10 0 1 0 8 0 tcpqe 32 53 0 53 1 1 0 1 0 8 0 tcpcb 544 496 0 492 1 0 1 1 0 8 0 ipq 40 1 0 1 1 1 0 1 0 8 0 ipqe 40 45 0 45 1 1 0 1 0 8 0 inpcb 296 3919 0 3912 17 15 2 2 0 8 1 rttmr 72 8 0 8 5 5 0 1 0 8 0 nd6 48 32 0 28 1 0 1 1 0 8 0 pkpcb 40 6 0 6 3 3 0 1 0 8 0 swfcl 56 2 0 0 1 0 1 1 0 8 0 ppxss 1128 8 0 8 6 6 0 1 0 8 0 pfstscr 40 2 0 2 1 1 0 1 0 8 0 pfosfp 40 4 0 3 1 0 1 1 0 8 0 pfosfpen 112 4 0 3 1 0 1 1 0 8 0 pfrktable 1344 2848 0 2813 6 3 3 4 0 8 0 pftag 88 37 0 31 1 0 1 1 0 8 0 pfstitem 24 2 0 2 1 1 0 1 0 8 0 pfstkey 112 10 0 10 3 3 0 1 0 8 0 pfstate 328 5 0 5 3 3 0 1 0 8 0 pfrule 1360 1602 0 1112 42 1 41 41 0 8 0 art_heap8 4096 2 0 0 2 0 2 2 0 8 0 art_heap4 256 597 0 415 16 2 14 14 0 8 0 art_table 32 599 0 415 2 0 2 2 0 8 0 art_node 16 135 0 105 1 0 1 1 0 8 0 sysvmsgpl 40 24 0 21 1 0 1 1 0 8 0 semupl 112 4 0 4 1 1 0 1 0 8 0 semapl 112 336 0 326 1 0 1 1 0 8 0 shmpl 112 118 0 12 4 0 4 4 0 8 0 dirhash 1024 17 0 0 3 0 3 3 0 8 0 dino2pl 256 9923 0 8532 88 0 88 88 0 8 0 ffsino 240 9923 0 8532 83 0 83 83 0 8 0 nchpl 144 20662 0 19080 60 0 60 60 0 8 0 uvmvnodes 72 5926 0 0 108 0 108 108 0 8 0 vnodes 208 5926 0 0 312 0 312 312 0 8 0 namei 1024 56220 0 56220 6 5 1 1 0 8 1 vcpupl 1984 23 0 1 3 0 3 3 0 8 0 vmpool 528 25 0 3 2 0 2 2 0 8 0 pfiaddrpl 120 3239 0 3154 4 1 3 3 0 8 0 scsiplug 64 279 0 279 4 3 1 1 0 8 1 scxspl 192 67432 0 67432 3 2 1 1 0 8 1 plimitpl 152 118 0 111 1 0 1 1 0 8 0 sigapl 424 5850 0 5799 6 0 6 6 0 8 0 futexpl 56 102153 0 102153 5 4 1 1 0 8 1 knotepl 112 780 0 761 2 1 1 2 0 8 0 kqueuepl 144 1078 0 1073 1 0 1 1 0 8 0 pipepl 272 524 0 514 2 1 1 2 0 8 0 fdescpl 432 5814 0 5799 2 0 2 2 0 8 0 filepl 120 35776 0 35679 7 3 4 5 0 8 1 lockfpl 104 1793 0 1792 1 0 1 1 0 8 0 lockfspl 48 570 0 569 1 0 1 1 0 8 0 sessionpl 112 21 0 11 1 0 1 1 0 8 0 pgrppl 48 31 0 21 1 0 1 1 0 8 0 ucredpl 96 1440 0 1433 1 0 1 1 0 8 0 zombiepl 144 5799 0 5799 3 2 1 1 0 8 1 processpl 928 5850 0 5799 7 0 7 7 0 8 0 procpl 624 12182 0 12123 5 0 5 5 0 8 0 sosppl 128 35 0 35 8 8 0 1 0 8 0 sockpl 400 6238 0 6221 10 7 3 4 0 8 1 mcl64k 65536 416 0 416 48 48 0 33 0 8 0 mcl16k 16384 11 0 11 8 8 0 1 0 8 0 mcl12k 12288 71 0 71 17 16 1 1 0 8 1 mcl9k 9216 41 0 41 11 10 1 1 0 8 1 mcl8k 8192 1115 0 1115 15 14 1 1 0 8 1 mcl4k 4096 392 0 392 11 10 1 1 0 8 1 mcl2k2 2112 22 0 22 12 12 0 1 0 8 0 mcl2k 2048 80658 0 80597 23 13 10 15 0 8 0 mtagpl 96 2111 0 1628 16 4 12 12 0 8 0 mbufpl 256 165295 0 164202 112 40 72 83 0 8 1 bufpl 280 28245 0 22893 383 0 383 383 0 8 0 anonpl 16 607997 0 590636 144 67 77 87 0 107 0 amapchunkpl 152 20335 0 20187 24 16 8 14 0 158 0 amappl16 192 34555 0 33480 140 86 54 67 0 8 0 amappl15 184 31 0 30 1 0 1 1 0 8 0 amappl14 176 4712 0 4707 1 0 1 1 0 8 0 amappl13 168 220 0 216 1 0 1 1 0 8 0 amappl12 160 177 0 176 1 0 1 1 0 8 0 amappl11 152 2823 0 2812 1 0 1 1 0 8 0 amappl10 144 732 0 726 1 0 1 1 0 8 0 amappl9 136 381 0 379 1 0 1 1 0 8 0 amappl8 128 469 0 416 2 0 2 2 0 8 0 amappl7 120 845 0 830 1 0 1 1 0 8 0 amappl6 112 2790 0 2780 1 0 1 1 0 8 0 amappl5 104 2838 0 2825 1 0 1 1 0 8 0 amappl4 96 3415 0 3385 1 0 1 1 0 8 0 amappl3 88 2296 0 2291 1 0 1 1 0 8 0 amappl2 80 46870 0 46796 2 0 2 2 0 8 0 amappl1 72 103675 0 103260 23 14 9 17 0 8 0 amappl 80 12482 0 12429 2 0 2 2 0 84 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 64 120 0 11 2 0 2 2 0 8 0 uaddrrnd 24 5839 0 5802 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 5839 0 5802 1 0 1 1 0 8 0 vmmpekpl 168 34448 0 34409 2 0 2 2 0 8 0 vmmpepl 168 676594 0 674246 244 139 105 136 0 357 1 vmsppl 272 5838 0 5802 3 0 3 3 0 8 0 pdppl 4096 11684 0 11626 9 1 8 8 0 8 0 pvpl 32 1536893 0 1517101 320 147 173 200 0 265 0 pmappl 200 5838 0 5802 2 0 2 2 0 8 0 extentpl 40 53 0 36 1 0 1 1 0 8 0 phpool 112 489 0 152 11 0 11 11 0 8 0 ddb> machine ddbcpu 0 No such command ddb> trace pfsync_state_import(ffff800000af0000,1) at pfsync_state_import+0x10f sys/net/if_pfsync.c:518 pfioctl(4900,c1084425,ffff800000af0000,3,ffff80001e7a6ec0) at pfioctl+0x284a sys/net/pf_ioctl.c:1686 VOP_IOCTL(fffffd8064d155b0,c1084425,ffff800000af0000,3,fffffd806c3bfba0,ffff80001e7a6ec0) at VOP_IOCTL+0x88 sys/kern/vfs_vops.c:290 vn_ioctl(fffffd80649f82d0,c1084425,ffff800000af0000,ffff80001e7a6ec0) at vn_ioctl+0xb5 sys/kern/vfs_vnops.c:531 sys_ioctl(ffff80001e7a6ec0,ffff8000219a6ef8,ffff8000219a6f40) at sys_ioctl+0x4a1 syscall(ffff8000219a6fc0) at syscall+0x507 sys/arch/amd64/amd64/trap.c:570 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x419d1c10880, count: -7 ddb> machine ddbcpu 1 No such command ddb> trace pfsync_state_import(ffff800000af0000,1) at pfsync_state_import+0x10f sys/net/if_pfsync.c:518 pfioctl(4900,c1084425,ffff800000af0000,3,ffff80001e7a6ec0) at pfioctl+0x284a sys/net/pf_ioctl.c:1686 VOP_IOCTL(fffffd8064d155b0,c1084425,ffff800000af0000,3,fffffd806c3bfba0,ffff80001e7a6ec0) at VOP_IOCTL+0x88 sys/kern/vfs_vops.c:290 vn_ioctl(fffffd80649f82d0,c1084425,ffff800000af0000,ffff80001e7a6ec0) at vn_ioctl+0xb5 sys/kern/vfs_vnops.c:531 sys_ioctl(ffff80001e7a6ec0,ffff8000219a6ef8,ffff8000219a6f40) at sys_ioctl+0x4a1 syscall(ffff8000219a6fc0) at syscall+0x507 sys/arch/amd64/amd64/trap.c:570 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x419d1c10880, count: -7