uvm_fault(0xfffffd806bc0acc0, 0x7b8, 0, 1) -> e kernel: page fault trap, code=0 Stopped at pfsync_state_import+0x108: movq 0(%rax,%rbx,8),%r15 ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic kernel page fault uvm_fault(0xfffffd806bc0acc0, 0x7b8, 0, 1) -> e pfsync_state_import(ffff800000b40c00,1) at pfsync_state_import+0x108 sys/net/if_pfsync.c:529 end trace frame: 0xffff8000205cfa40, count: 0 ddb> trace pfsync_state_import(ffff800000b40c00,1) at pfsync_state_import+0x108 sys/net/if_pfsync.c:529 pfioctl(4900,c1084425,ffff800000b40c00,3,ffff80001d78eef0) at pfioctl+0x2764 sys/net/pf_ioctl.c:1688 VOP_IOCTL(fffffd8060b17270,c1084425,ffff800000b40c00,3,fffffd806c3bfae0,ffff80001d78eef0) at VOP_IOCTL+0x88 sys/kern/vfs_vops.c:290 vn_ioctl(fffffd805ea8ec30,c1084425,ffff800000b40c00,ffff80001d78eef0) at vn_ioctl+0xb5 sys/kern/vfs_vnops.c:531 sys_ioctl(ffff80001d78eef0,ffff8000205cfd28,ffff8000205cfd70) at sys_ioctl+0x4ac syscall(ffff8000205cfdf0) at syscall+0x507 sys/arch/amd64/amd64/trap.c:570 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x686ca818a60, count: -7 ddb> show registers rdi 0xffff8000207a8000 rsi 0x3e3 rbp 0xffff8000205cf8e0 rbx 0xf7 rdx 0xffff8000207a8000 rcx 0x3e2 rax 0 r8 0xffff80001d78eef0 r9 0xffffffff81ab320d pfioctl+0x16d r10 0x7 r11 0xbecceccb03fc2787 r12 0xffff800000b47400 r13 0xffff800000b40c00 r14 0x1 r15 0x212 rip 0xffffffff81b58e18 pfsync_state_import+0x108 cs 0x8 rflags 0x10246 __ALIGN_SIZE+0xf246 rsp 0xffff8000205cf860 ss 0x10 pfsync_state_import+0x108: movq 0(%rax,%rbx,8),%r15 ddb> show proc PROC (syz-executor.0) pid=212396 stat=onproc flags process=0 proc=4000000 pri=32, usrpri=76, nice=20 forw=0xffffffffffffffff, list=0xffff80001d78ec78,0xffffffff827c9ee8 process=0xffff80001d780030 user=0xffff8000205ca000, vmspace=0xfffffd806bc0acc0 estcpu=36, cpticks=0, pctcpu=0.0 user=0, sys=0, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 25636 113667 6403 0 2 0 syz-executor.0 *25636 212396 6403 0 7 0x4000000 syz-executor.0 7935 117616 0 0 3 0x14280 nfsidl nfsio 98590 414976 0 0 3 0x14280 nfsidl nfsio 46232 93887 0 0 3 0x14280 nfsidl nfsio 80040 19976 0 0 3 0x14280 nfsidl nfsio 95602 120939 0 0 3 0x14280 nfsidl nfsio 71013 343247 0 0 3 0x14280 nfsidl nfsio 57987 251008 0 0 3 0x14280 nfsidl nfsio 66840 114345 0 0 3 0x14280 nfsidl nfsio 81724 124920 0 0 3 0x14280 nfsidl nfsio 41107 125376 0 0 3 0x14280 nfsidl nfsio 66192 256618 0 0 3 0x14280 nfsidl nfsio 80353 228892 0 0 3 0x14280 nfsidl nfsio 50850 482791 0 0 3 0x14280 nfsidl nfsio 10533 330701 0 0 3 0x14280 nfsidl nfsio 81266 310109 0 0 3 0x14280 nfsidl nfsio 47241 283416 0 0 3 0x14280 nfsidl nfsio 1373 317111 0 0 3 0x14280 nfsidl nfsio 80416 101775 0 0 3 0x14280 nfsidl nfsio 64935 493483 0 0 3 0x14280 nfsidl nfsio 84469 352834 0 0 3 0x14280 nfsidl nfsio 59429 143111 0 0 3 0x14200 acct acct 6403 279984 39526 0 3 0x82 nanosleep syz-executor.0 37508 356894 39526 0 2 0x2 syz-executor.1 79774 424889 1 0 3 0x100083 ttyin getty 69791 379185 0 0 3 0x14200 bored sosplice 39526 70707 42795 0 3 0x82 thrsleep syz-fuzzer 39526 162947 42795 0 3 0x4000082 nanosleep syz-fuzzer 39526 357528 42795 0 3 0x4000082 thrsleep syz-fuzzer 39526 161822 42795 0 3 0x4000082 thrsleep syz-fuzzer 39526 382587 42795 0 3 0x4000082 thrsleep syz-fuzzer 39526 279932 42795 0 3 0x4000082 thrsleep syz-fuzzer 39526 85346 42795 0 3 0x4000082 kqread syz-fuzzer 42795 268027 76850 0 3 0x10008a pause ksh 76850 101730 55320 0 3 0x92 select sshd 55320 307835 1 0 3 0x80 select sshd 11553 435464 88121 73 3 0x100090 kqread syslogd 88121 516624 1 0 3 0x100082 netio syslogd 38464 242817 1 77 3 0x100090 poll dhclient 11436 19681 1 0 3 0x80 poll dhclient 93885 397927 0 0 3 0x14200 bored smr 4118 373593 0 0 2 0x14200 zerothread 84747 488199 0 0 3 0x14200 aiodoned aiodoned 529 233376 0 0 3 0x14200 syncer update 51905 189585 0 0 3 0x14200 cleaner cleaner 97281 441173 0 0 3 0x14200 reaper reaper 15369 461159 0 0 3 0x14200 pgdaemon pagedaemon 81584 342958 0 0 3 0x14200 bored crynlk 46561 457201 0 0 3 0x14200 bored crypto 63548 473121 0 0 3 0x40014200 acpi0 acpi0 38069 362035 0 0 3 0x14200 bored softnet 71876 379519 0 0 3 0x14200 bored systqmp 10066 350629 0 0 3 0x14200 bored systq 23682 124733 0 0 3 0x40014200 bored softclock 70784 252448 0 0 3 0x40014200 idle0 1 203863 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 9536 6395K 7128K 78643K 14533 0 pcb 13 8K 8K 78643K 918 0 rtable 172 26K 27K 78643K 2868 0 ifaddr 111 23K 23K 78643K 1316 0 sysctl 3 1K 1K 78643K 3 0 counters 22 16K 17K 78643K 88 0 ioctlops 1 0K 4K 78643K 4288 0 iov 0 0K 24K 78643K 1190 0 mount 1 1K 1K 78643K 1 0 vnodes 1218 77K 77K 78643K 4455 0 UFS quota 1 32K 32K 78643K 1 0 UFS mount 5 36K 36K 78643K 5 0 shm 2 1K 5K 78643K 38 0 VM map 2 0K 0K 78643K 2 0 sem 12 0K 0K 78643K 757 0 dirhash 12 2K 2K 78643K 12 0 ACPI 1809 195K 288K 78643K 12938 0 file desc 5 13K 25K 78643K 9063 0 sigio 0 0K 0K 78643K 52 0 proc 55 39K 55K 78643K 1034 0 subproc 32 2K 2K 78643K 191 0 NFS srvsock 1 0K 0K 78643K 1 0 NFS daemon 1 16K 16K 78643K 1 0 ip_moptions 0 0K 0K 78643K 579 0 in_multi 22 1K 2K 78643K 900 0 ether_multi 1 0K 0K 78643K 226 0 mrt 0 0K 0K 78643K 63 0 ISOFS mount 1 32K 32K 78643K 1 0 MSDOSFS mount 1 16K 16K 78643K 1 0 ttys 91 413K 413K 78643K 91 0 exec 0 0K 2K 78643K 855 0 pagedep 1 8K 8K 78643K 1 0 inodedep 1 32K 32K 78643K 1 0 newblk 1 0K 0K 78643K 1 0 VM swap 7 26K 26K 78643K 7 0 UVM amap 221 336K 336K 78643K 20618 0 UVM aobj 89 8K 8K 78643K 129 0 memdesc 1 4K 4K 78643K 1 0 crypto data 1 1K 1K 78643K 1 0 ip6_options 0 0K 1K 78643K 1085 0 NDP 16 0K 0K 78643K 146 0 temp 163 3983K 4047K 78643K 63261 0 kqueue 4 5K 23K 78643K 400 0 SYN cache 2 16K 16K 78643K 2 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle arp 64 35 0 29 1 0 1 1 0 8 0 rtpcb 88 334 0 332 1 0 1 1 0 8 0 rtentry 112 302 0 275 2 0 2 2 0 8 0 unpcb 120 2306 0 2281 13 11 2 2 0 8 1 syncache 272 113 0 113 12 12 0 1 0 8 0 sackhl 24 1 0 1 1 1 0 1 0 8 0 tcpqe 32 23 0 23 8 8 0 1 0 8 0 tcpcb 592 2109 0 2105 32 31 1 10 0 8 0 ipq 40 413 0 413 4 4 0 1 0 8 0 ipqe 40 1150 0 1150 4 4 0 1 0 8 0 inpcb 296 7821 0 7814 13 11 2 2 0 8 1 rttmr 72 10 0 10 3 3 0 1 0 8 0 ip6q 72 6 0 6 2 2 0 1 0 8 0 ip6af 40 26 0 26 2 2 0 1 0 8 0 nd6 48 78 0 76 1 0 1 1 0 8 0 pkpcb 40 20 0 20 4 4 0 1 0 8 0 ppxss 1136 5 0 5 2 2 0 1 0 8 0 pfstscr 40 51 0 50 2 1 1 1 0 8 0 pfosfp 40 4 0 0 1 0 1 1 0 8 0 pfosfpen 112 8 0 0 1 0 1 1 0 8 0 pfrke_plain 160 26 0 12 1 0 1 1 0 8 0 pfrktable 1344 581 0 538 9 5 4 4 0 8 0 pftag 88 54 0 47 4 3 1 1 0 8 0 pfqueue 264 4 0 2 1 0 1 1 0 8 0 pfstitem 24 38 0 34 1 0 1 1 0 8 0 pfstkey 112 122 0 118 2 1 1 1 0 8 0 pfstate 328 61 0 59 2 1 1 1 0 8 0 pfrule 1360 1713 0 1090 53 0 53 53 0 8 1 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 1282 0 1159 17 6 11 13 0 8 0 art_table 32 1283 0 1159 2 0 2 2 0 8 0 art_node 16 301 0 280 1 0 1 1 0 8 0 sysvmsgpl 40 16 0 8 1 0 1 1 0 8 0 semapl 112 755 0 745 1 0 1 1 0 8 0 shmpl 112 126 0 40 4 1 3 3 0 8 0 dirhash 1024 17 0 0 3 0 3 3 0 8 0 dino2pl 256 14948 0 13531 89 0 89 89 0 8 0 ffsino 240 14948 0 13531 84 0 84 84 0 8 0 nchpl 144 28461 0 26870 60 0 60 60 0 8 0 rtmask 32 4 0 2 1 0 1 1 0 8 0 uvmvnodes 72 12250 0 0 223 0 223 223 0 8 0 vnodes 208 12250 0 0 645 0 645 645 0 8 0 namei 1024 78945 0 78945 3 2 1 1 0 8 1 vcpupl 1984 29 0 0 4 0 4 4 0 8 0 vmpool 528 38 0 9 2 0 2 2 0 8 0 pfiaddrpl 120 3037 0 2218 26 1 25 25 0 8 0 scsiplug 72 6 0 6 3 3 0 1 0 8 0 scxspl 200 81288 0 81288 3 2 1 1 0 8 1 plimitpl 152 383 0 376 1 0 1 1 0 8 0 sigapl 424 9249 0 9199 6 0 6 6 0 8 0 futexpl 56 106921 0 106921 3 2 1 1 0 8 1 knotepl 112 638 0 618 2 1 1 2 0 8 0 kqueuepl 152 711 0 705 1 0 1 1 0 8 0 pipepl 272 575 0 564 6 4 2 2 0 8 0 fdescpl 432 9211 0 9197 2 0 2 2 0 8 0 filepl 120 46349 0 46250 7 3 4 5 0 8 1 lockfpl 104 1517 0 1516 1 0 1 1 0 8 0 lockfspl 48 536 0 535 1 0 1 1 0 8 0 sessionpl 120 28 0 18 1 0 1 1 0 8 0 pgrppl 48 83 0 73 1 0 1 1 0 8 0 ucredpl 96 10240 0 10233 1 0 1 1 0 8 0 zombiepl 144 9199 0 9199 1 0 1 1 0 8 1 processpl 944 9249 0 9199 7 0 7 7 0 8 0 procpl 632 19357 0 19300 8 2 6 6 0 8 1 sosppl 144 37 0 37 9 9 0 1 0 8 0 sockpl 400 10496 0 10457 23 17 6 7 0 8 1 mcl64k 65536 1355 0 1355 44 44 0 29 0 8 0 mcl16k 16384 11 0 11 8 7 1 1 0 8 1 mcl12k 12288 122 0 122 14 13 1 1 0 8 1 mcl9k 9216 67 0 67 12 11 1 1 0 8 1 mcl8k 8192 909 0 909 18 17 1 1 0 8 1 mcl4k 4096 488 0 488 20 19 1 1 0 8 1 mcl2k2 2112 29 0 29 8 8 0 1 0 8 0 mcl2k 2048 39431 0 39390 49 42 7 12 0 8 1 mtagpl 96 383 0 383 7 7 0 5 0 8 0 mbufpl 256 213271 0 213159 490 476 14 191 0 8 0 bufpl 280 22150 0 16778 385 1 384 385 0 8 0 anonpl 16 750566 0 737693 133 79 54 68 0 107 0 amapchunkpl 152 33833 0 33437 52 36 16 22 0 158 0 amappl16 192 36563 0 36122 110 87 23 34 0 8 0 amappl15 184 18 0 17 1 0 1 1 0 8 0 amappl14 176 1491 0 1486 1 0 1 1 0 8 0 amappl13 168 3721 0 3717 1 0 1 1 0 8 0 amappl12 160 1756 0 1752 2 1 1 1 0 8 0 amappl11 152 72 0 62 1 0 1 1 0 8 0 amappl10 144 1312 0 1307 1 0 1 1 0 8 0 amappl9 136 1147 0 1147 2 2 0 1 0 8 0 amappl8 128 1158 0 1060 5 1 4 4 0 8 0 amappl7 120 1602 0 1595 1 0 1 1 0 8 0 amappl6 112 167 0 150 1 0 1 1 0 8 0 amappl5 104 9174 0 9162 1 0 1 1 0 8 0 amappl4 96 4009 0 3973 1 0 1 1 0 8 0 amappl3 88 1911 0 1904 1 0 1 1 0 8 0 amappl2 80 66413 0 66320 5 2 3 3 0 8 1 amappl1 72 222821 0 222396 24 14 10 18 0 8 0 amappl 80 19804 0 19733 2 0 2 2 0 84 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 64 128 0 40 2 0 2 2 0 8 0 uaddrrnd 24 9249 0 9206 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 9249 0 9206 1 0 1 1 0 8 0 vmmpekpl 168 40886 0 40849 2 0 2 2 0 8 0 vmmpepl 168 1097400 0 1095666 162 80 82 88 0 357 2 vmsppl 272 9248 0 9206 4 1 3 3 0 8 0 pdppl 4096 18504 0 18441 12 3 9 9 0 8 1 pvpl 32 2207117 0 2197731 308 224 84 130 0 265 2 pmappl 200 9248 0 9206 3 0 3 3 0 8 0 extentpl 40 53 0 36 1 0 1 1 0 8 0 phpool 112 938 0 652 14 4 10 13 0 8 0 ddb> machine ddbcpu 0 No such command ddb> trace pfsync_state_import(ffff800000b40c00,1) at pfsync_state_import+0x108 sys/net/if_pfsync.c:529 pfioctl(4900,c1084425,ffff800000b40c00,3,ffff80001d78eef0) at pfioctl+0x2764 sys/net/pf_ioctl.c:1688 VOP_IOCTL(fffffd8060b17270,c1084425,ffff800000b40c00,3,fffffd806c3bfae0,ffff80001d78eef0) at VOP_IOCTL+0x88 sys/kern/vfs_vops.c:290 vn_ioctl(fffffd805ea8ec30,c1084425,ffff800000b40c00,ffff80001d78eef0) at vn_ioctl+0xb5 sys/kern/vfs_vnops.c:531 sys_ioctl(ffff80001d78eef0,ffff8000205cfd28,ffff8000205cfd70) at sys_ioctl+0x4ac syscall(ffff8000205cfdf0) at syscall+0x507 sys/arch/amd64/amd64/trap.c:570 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x686ca818a60, count: -7 ddb> machine ddbcpu 1 No such command ddb> trace pfsync_state_import(ffff800000b40c00,1) at pfsync_state_import+0x108 sys/net/if_pfsync.c:529 pfioctl(4900,c1084425,ffff800000b40c00,3,ffff80001d78eef0) at pfioctl+0x2764 sys/net/pf_ioctl.c:1688 VOP_IOCTL(fffffd8060b17270,c1084425,ffff800000b40c00,3,fffffd806c3bfae0,ffff80001d78eef0) at VOP_IOCTL+0x88 sys/kern/vfs_vops.c:290 vn_ioctl(fffffd805ea8ec30,c1084425,ffff800000b40c00,ffff80001d78eef0) at vn_ioctl+0xb5 sys/kern/vfs_vnops.c:531 sys_ioctl(ffff80001d78eef0,ffff8000205cfd28,ffff8000205cfd70) at sys_ioctl+0x4ac syscall(ffff8000205cfdf0) at syscall+0x507 sys/arch/amd64/amd64/trap.c:570 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x686ca818a60, count: -7