I had another panic on out (6.1/amd64) gateway during ipfilter restart:
fatal page fault in supervisor mode
trap type 6 code 0 rip ffffffff8023e461 cs 8 rflags 10212 cr2 da8 cpl 4 rsp
fffffe80010057b0
kernel: page fault trap, code=0
Stopped in pid 0.3 (system) at netbsd:nat_outlookup+0x95: movq
0(%rax,%rdx,r),%rbx
db{0}> bt
nat_outlookup() at netbsd:nat_outlookup+0x95
fr_checknatout() at netbsd:fr_checknatout+0x125
fr_check() at netbsd:fr_check+0x94c
fr_check_wrapper() at netbsd:fr_check_wrapper+0x84
pfil_run_hooks() at netbsd:pfil_run_hooks+0x9d
ip_output() at netbsd:ip_output+0x3fb
ip_forward() at netbsd:ip_forward+0x122
ip_input() at netbsd:ip_input+0x7a5
ipintr() at netbsd:ipintr+0x107
softint_dispatch() at netbsd:softint_dispatch+0x7b
DDB lost frame for netbsd:Xsoftintr+0x7f, trying 0xfffffe8001005d70
Xsoftintr() at netbsd:Xsoftintr+0x4f
--- interrupt ---
0:
db{0}> show reg
ds 0
es 0
fs 0
gs 7420
rdi fffffe8001005900
rsi 11
rbp fffffe8001005810
rbx 44f9dea6
rdx 1b5
rcx 1
rax 0
r8 50b7dc83
r9 11
r10 fffffe8001005900
r11 79d0
r12 fffffe8107d4a008
r13 44fd458
r14 50b7dc83
r15 6
rip ffffffff8023e461 nat_outlookup+0x95
cs 8
rflags 10212
rsp fffffe80010057b0
ss 10
netbsd:nat_outlookup+0x95: movq 0(%rax,%rdx,8),%rbx
This looks like NULL pointer dereference to me.
