uvm_fault(0xfffffd807f00c730, 0x8200813e, 0, 1) -> e kernel: page fault trap, code=0 Stopped at pfi_kif_update+0xf6: movq 0x40(%rax),%rbx ddb{0}> ddb{0}> set $lines = 0 ddb{0}> set $maxwidth = 0 ddb{0}> show panic kernel page fault uvm_fault(0xfffffd807f00c730, 0x8200813e, 0, 1) -> e pfi_kif_update(ffff800000af7600) at pfi_kif_update+0xf6 end trace frame: 0xffff800022d75050, count: 0 ddb{0}> trace pfi_kif_update(ffff800000af7600) at pfi_kif_update+0xf6 pfi_kif_update(ffff800000ae4700) at pfi_kif_update+0x121 dohooks(ffff80000005bc70,0) at dohooks+0x68 sys/kern/kern_subr.c:254 in_ifdetach(ffff800000af1800) at in_ifdetach+0x7f sys/netinet/in.c:891 if_detach(ffff800000af1800) at if_detach+0x14d sys/net/if.c:1107 tun_clone_destroy(ffff800000af1800) at tun_clone_destroy+0x1c7 sys/net/if_tun.c:278 spec_close(ffff800022d75220) at spec_close+0x3b0 sys/kern/spec_vnops.c:553 VOP_CLOSE(fffffd806e13b008,7,fffffd807f7c6ae0,ffff800020ab1b40) at VOP_CLOSE+0xc0 sys/kern/vfs_vops.c:175 vn_closefile(fffffd80667f1b68,ffff800020ab1b40) at vn_closefile+0xd8 vn_close sys/kern/vfs_vnops.c:289 [inline] vn_closefile(fffffd80667f1b68,ffff800020ab1b40) at vn_closefile+0xd8 sys/kern/vfs_vnops.c:601 fdrop(fffffd80667f1b68,ffff800020ab1b40) at fdrop+0xc2 sys/kern/kern_descrip.c:1273 closef(fffffd80667f1b68,ffff800020ab1b40) at closef+0x11d sys/kern/kern_descrip.c:1257 fdfree(ffff800020ab1b40) at fdfree+0x101 sys/kern/kern_descrip.c:1189 exit1(ffff800020ab1b40,19,1) at exit1+0x32f sys/kern/kern_exit.c:196 postsig(ffff800020ab1b40,19) at postsig+0x4e3 sigexit sys/kern/kern_sig.c:1499 [inline] postsig(ffff800020ab1b40,19) at postsig+0x4e3 sys/kern/kern_sig.c:1431 userret(ffff800020ab1b40) at userret+0x199 sys/kern/kern_sig.c:1887 syscall(ffff800022d756a0) at syscall+0x55f mi_syscall_return sys/sys/syscall_mi.h:115 [inline] syscall(ffff800022d756a0) at syscall+0x55f sys/arch/amd64/amd64/trap.c:577 Xsyscall(6,0,0,57,8d80a,7f7ffffd7cc4) at Xsyscall+0x128 end of kernel end trace frame: 0x7f7ffffd7d10, count: -17 ddb{0}> show registers rdi 0xffff800000af7600 rsi 0 rbp 0xffff800022d74ff0 rbx 0xffff800000af7600 rdx 0 rcx 0 rax 0x820080fe __kernel_virt_to_phys+0x20080fe r8 0xffffffff811e7e23 rt_ifa_purge+0x153 r9 0x5 r10 0x2f r11 0x98d793ef16771c40 r12 0 r13 0 r14 0 r15 0 rip 0xffffffff81d55526 pfi_kif_update+0xf6 cs 0x8 rflags 0x10202 __ALIGN_SIZE+0xf202 rsp 0xffff800022d74fa0 ss 0x10 pfi_kif_update+0xf6: movq 0x40(%rax),%rbx ddb{0}> show proc PROC (syz-executor.0) pid=442667 stat=onproc flags process=a proc=2000 pri=73, usrpri=73, nice=20 forw=0xffffffffffffffff, list=0xffff800020ab18c8,0xffff800020ab1170 process=0xffff800020adc700 user=0xffff800022d70000, vmspace=0xfffffd807f00c730 estcpu=36, cpticks=2, pctcpu=0.19 user=0, sys=1, intr=0 ddb{0}> ps PID TID PPID UID S FLAGS WAIT COMMAND 8418 59939 16994 0 2 0x480 syz-executor.1 8418 422606 16994 0 3 0x4000080 fsleep syz-executor.1 8418 265348 16994 0 3 0x4000080 fsleep syz-executor.1 16994 344424 67559 0 7 0x2 syz-executor.1 74660 285914 0 0 3 0x14200 acct acct 32650 412765 0 0 3 0x14200 bored sosplice 67559 160027 98175 0 3 0x82 thrsleep syz-fuzzer 67559 26755 98175 0 3 0x4000082 thrsleep syz-fuzzer 67559 152576 98175 0 3 0x4000082 thrsleep syz-fuzzer 67559 483792 98175 0 3 0x4000082 thrsleep syz-fuzzer 67559 8796 98175 0 3 0x4000082 thrsleep syz-fuzzer 67559 295623 98175 0 3 0x4000082 thrsleep syz-fuzzer 67559 495371 98175 0 3 0x4000082 thrsleep syz-fuzzer 67559 355292 98175 0 3 0x4000082 thrsleep syz-fuzzer 67559 241750 98175 0 3 0x4000082 thrsleep syz-fuzzer 67559 414724 98175 0 2 0x4000082 syz-fuzzer 98175 353110 40603 0 3 0x10008a pause ksh 40603 445999 52753 0 3 0x92 select sshd 69399 507956 1 0 3 0x100083 ttyin getty 52753 274412 1 0 3 0x80 select sshd 48984 140529 30397 74 3 0x100092 bpf pflogd 30397 298666 1 0 3 0x80 netio pflogd 95331 130593 63652 73 3 0x100090 kqread syslogd 63652 459532 1 0 3 0x100082 netio syslogd 17666 384898 1 77 2 0x100090 dhclient 61413 341047 1 0 3 0x80 poll dhclient 49420 151423 0 0 2 0x14200 zerothread 64755 89988 0 0 3 0x14200 aiodoned aiodoned 13048 42315 0 0 3 0x14200 syncer update 38673 460140 0 0 3 0x14200 cleaner cleaner 67580 176620 0 0 3 0x14200 reaper reaper 84512 429301 0 0 3 0x14200 pgdaemon pagedaemon 18138 142192 0 0 3 0x14200 bored crynlk 85974 186938 0 0 3 0x14200 bored crypto 62607 301014 0 0 3 0x40014200 acpi0 acpi0 44073 42659 0 0 3 0x40014200 idle1 83351 25916 0 0 2 0x14200 softnet 78162 481009 0 0 2 0x14200 systqmp 29104 417984 0 0 3 0x14200 bored systq 52490 88439 0 0 3 0x40014200 bored softclock 51106 40256 0 0 3 0x40014200 idle0 35776 397812 0 0 3 0x14200 bored smr 1 106260 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb{0}> show all locks ddb{0}> show malloc Type InUse MemUse HighUse Limit Requests Type Lim Kern Lim devbuf 9578 6460K 7834K 78643K 23904 0 0 pcb 13 11K 13K 78643K 597 0 0 rtable 102 8K 9K 78643K 1720 0 0 ifaddr 79 19K 21K 78643K 554 0 0 counters 39 33K 33K 78643K 39 0 0 ioctlops 0 0K 4K 78643K 1620 0 0 iov 0 0K 16K 78643K 380 0 0 mount 1 1K 1K 78643K 1 0 0 vnodes 1228 77K 78K 78643K 5709 0 0 UFS quota 1 32K 32K 78643K 1 0 0 UFS mount 5 36K 36K 78643K 5 0 0 shm 2 1K 5K 78643K 74 0 0 VM map 2 1K 1K 78643K 8 0 0 sem 12 0K 1K 78643K 625 0 0 dirhash 12 2K 2K 78643K 12 0 0 ACPI 1808 196K 290K 78643K 12765 0 0 file desc 5 13K 25K 78643K 4190 0 0 sigio 0 0K 0K 78643K 78 0 0 proc 62 63K 83K 78643K 1404 0 0 subproc 23 1K 2K 78643K 306 0 0 NFS srvsock 1 0K 0K 78643K 1 0 0 NFS daemon 1 16K 16K 78643K 1 0 0 ip_moptions 0 0K 0K 78643K 398 0 0 in_multi 32 2K 2K 78643K 330 0 0 ether_multi 1 0K 0K 78643K 22 0 0 mrt 0 0K 0K 78643K 24 0 0 ISOFS mount 1 32K 32K 78643K 1 0 0 MSDOSFS mount 1 16K 16K 78643K 1 0 0 ttys 108 477K 477K 78643K 108 0 0 exec 0 0K 1K 78643K 719 0 0 pagedep 1 8K 8K 78643K 1 0 0 inodedep 1 32K 32K 78643K 1 0 0 newblk 1 0K 0K 78643K 1 0 0 VM swap 7 26K 26K 78643K 7 0 0 UVM amap 119 22K 31K 78643K 14983 0 0 UVM aobj 130 8K 8K 78643K 150 0 0 memdesc 1 4K 4K 78643K 1 0 0 crypto data 1 1K 1K 78643K 1 0 0 ip6_options 0 0K 0K 78643K 601 0 0 NDP 18 0K 0K 78643K 171 0 0 temp 217 3556K 4195K 78643K 51549 0 0 kqueue 0 0K 0K 78643K 39 0 0 SYN cache 2 16K 16K 78643K 2 0 0 ddb{0}> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle arp 64 57 0 53 1 0 1 1 0 8 0 plcache 128 20 0 0 1 0 1 1 0 8 0 rtpcb 80 220 0 218 1 0 1 1 0 8 0 rtentry 112 245 0 207 2 0 2 2 0 8 0 unpcb 120 1661 0 1648 2 1 1 2 0 8 0 syncache 264 11 0 11 5 5 0 1 0 8 0 tcpqe 32 6729 0 6729 3 3 0 2 0 8 0 tcpcb 544 1156 0 1151 3 2 1 3 0 8 0 inpcb 280 8326 0 8318 29 27 2 13 0 8 1 rttmr 72 4 0 4 4 4 0 1 0 8 0 nd6 48 36 0 32 1 0 1 1 0 8 0 pkpcb 40 27 0 27 8 8 0 1 0 8 0 ppxss 1128 84 0 84 17 16 1 1 0 8 1 pffrag 232 5 0 5 3 3 0 1 0 482 0 pffrnode 88 5 0 5 3 3 0 1 0 8 0 pffrent 40 11 0 11 3 3 0 1 0 8 0 pfosfp 40 846 0 423 5 0 5 5 0 8 0 pfosfpen 112 1428 0 714 21 0 21 21 0 8 0 pfstitem 24 144 0 130 1 0 1 1 0 8 0 pfstkey 112 144 0 130 2 1 1 2 0 8 0 pfstate 328 144 0 130 4 2 2 3 0 8 0 pfrule 1360 21 0 16 2 1 1 2 0 8 0 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 1010 0 794 24 10 14 15 0 8 0 art_table 32 1011 0 794 2 0 2 2 0 8 0 art_node 16 244 0 208 1 0 1 1 0 8 0 sysvmsgpl 40 4 0 4 2 2 0 1 0 8 0 semupl 112 1 0 1 1 1 0 1 0 8 0 semapl 112 623 0 613 1 0 1 1 0 8 0 shmpl 112 148 0 20 4 0 4 4 0 8 0 dirhash 1024 17 0 0 3 0 3 3 0 8 0 dino1pl 128 7610 0 6190 46 0 46 46 0 8 0 ffsino 272 7610 0 6190 95 0 95 95 0 8 0 nchpl 144 14496 0 12864 61 0 61 61 0 8 0 uvmvnodes 72 5926 0 0 108 0 108 108 0 8 0 vnodes 208 5926 0 0 312 0 312 312 0 8 0 namei 1024 49633 0 49633 4 3 1 1 0 8 1 percpumem 16 30 0 0 1 0 1 1 0 8 0 vmpool 552 6 0 6 3 3 0 1 0 8 0 scsiplug 64 9 0 9 6 6 0 1 0 8 0 scxspl 192 38746 0 38746 25 24 1 7 0 8 1 plimitpl 152 366 0 358 1 0 1 1 0 8 0 sigapl 432 4342 0 4327 3 1 2 3 0 8 0 futexpl 56 87993 0 87991 1 0 1 1 0 8 0 knotepl 112 1036 0 1017 1 0 1 1 0 8 0 kqueuepl 104 1026 0 1024 1 0 1 1 0 8 0 pipepl 112 2324 0 2306 8 7 1 2 0 8 0 fdescpl 488 4343 0 4327 3 0 3 3 0 8 0 filepl 152 35812 0 35721 27 22 5 14 0 8 1 lockfpl 104 1430 0 1429 1 0 1 1 0 8 0 lockfspl 48 504 0 503 1 0 1 1 0 8 0 sessionpl 112 34 0 23 1 0 1 1 0 8 0 pgrppl 48 108 0 97 1 0 1 1 0 8 0 ucredpl 96 5022 0 5012 1 0 1 1 0 8 0 zombiepl 144 4330 0 4328 3 2 1 1 0 8 0 processpl 896 4362 0 4328 4 0 4 4 0 8 0 procpl 632 13443 0 13398 13 8 5 5 0 8 0 srpgc 64 36 0 34 14 13 1 1 0 8 0 sosppl 128 60 0 60 12 11 1 1 0 8 1 sockpl 384 10496 0 10473 38 34 4 22 0 8 0 mcl64k 65536 16 0 0 2 0 2 2 0 8 0 mcl16k 16384 16 0 0 2 0 2 2 0 8 0 mcl12k 12288 25 0 0 2 0 2 2 0 8 0 mcl9k 9216 11 0 0 1 0 1 1 0 8 0 mcl8k 8192 17 0 0 3 0 3 3 0 8 0 mcl4k 4096 24 0 0 3 0 3 3 0 8 0 mcl2k2 2112 8 0 0 1 0 1 1 0 8 0 mcl2k 2048 259 0 0 29 11 18 29 0 8 0 mtagpl 80 92 0 0 2 0 2 2 0 8 0 mbufpl 256 462 0 0 18 2 16 17 0 8 0 bufpl 256 14296 0 7248 441 0 441 441 0 8 0 anonpl 16 399456 0 384788 134 59 75 77 0 124 10 amapchunkpl 152 27447 0 27338 35 29 6 10 0 158 0 amappl16 192 19261 0 18413 99 49 50 55 0 8 7 amappl15 184 620 0 617 3 2 1 1 0 8 0 amappl14 176 184 0 182 2 1 1 1 0 8 0 amappl13 168 132 0 132 1 1 0 1 0 8 0 amappl12 160 673 0 672 1 0 1 1 0 8 0 amappl11 152 618 0 603 1 0 1 1 0 8 0 amappl10 144 1769 0 1763 1 0 1 1 0 8 0 amappl9 136 1172 0 1164 1 0 1 1 0 8 0 amappl8 128 736 0 697 2 0 2 2 0 8 0 amappl7 120 1864 0 1853 1 0 1 1 0 8 0 amappl6 112 600 0 590 1 0 1 1 0 8 0 amappl5 104 912 0 898 1 0 1 1 0 8 0 amappl4 96 4469 0 4434 2 1 1 2 0 8 0 amappl3 88 452 0 447 1 0 1 1 0 8 0 amappl2 80 33520 0 33445 4 2 2 3 0 8 0 amappl1 72 104330 0 103887 26 16 10 20 0 8 0 amappl 80 13943 0 13905 1 0 1 1 0 84 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma64 64 259 0 259 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 17 0 17 1 1 0 1 0 8 0 aobjpl 64 149 0 20 3 0 3 3 0 8 0 uaddrrnd 24 4349 0 4327 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 4349 0 4327 1 0 1 1 0 8 0 vmmpekpl 168 37202 0 37161 2 0 2 2 0 8 0 vmmpepl 168 537461 0 535456 319 216 103 129 0 357 9 vmsppl 368 4342 0 4327 2 0 2 2 0 8 0 pdppl 4096 8705 0 8666 8 2 6 6 0 8 1 pvpl 32 1129913 0 1112016 366 182 184 185 0 265 35 pmappl 232 4348 0 4333 5 4 1 2 0 8 0 extentpl 40 41 0 26 1 0 1 1 0 8 0 phpool 112 642 0 33 18 0 18 18 0 8 0