kernel: page fault trap, code=0 Stopped at arp_rtrequest+0x65e: movzwl 0xc(%r15,%rbx,1),%ecx TID PID UID PRFLAGS PFLAGS CPU COMMAND *406081 29088 0 0 0x4000000 0 syz-executor arp_rtrequest(ffff800000039058,1,fffffd80691d9678) at arp_rtrequest+0x65e arprequest sys/netinet/if_ether.c:279 [inline] arp_rtrequest(ffff800000039058,1,fffffd80691d9678) at arp_rtrequest+0x65e sys/netinet/if_ether.c:182 rtrequest(1,ffff80003a558c68,0,ffff80003a558be0,16) at rtrequest+0xd4c sys/net/route.c:1114 rtm_output(ffff80000149be00,ffff80003a558d10,ffff80003a558c68,0,16) at rtm_output+0x855 sys/net/rtsock.c:970 route_output(fffffd807e1b5100,ffff800010fdf9f0) at route_output+0x9ac sys/net/rtsock.c:875 route_send(ffff800010fdf9f0,fffffd807e1b5100,0,0) at route_send+0xd7 sys/net/rtsock.c:339 sosend(ffff800010fdf9f0,0,ffff80003a558eb8,0,0,e) at sosend+0x804 sys/kern/uipc_socket.c:-1 sendit(ffff80002a7efc50,5,ffff80003a558fb0,e,ffff80003a559060) at sendit+0x721 sys/kern/uipc_syscalls.c:779 sys_sendto(ffff80002a7efc50,ffff80003a559110,ffff80003a559060) at sys_sendto+0x8d sys/kern/uipc_syscalls.c:557 syscall(ffff80003a559110) at syscall+0x97e mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80003a559110) at syscall+0x97e sys/arch/amd64/amd64/trap.c:748 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xa1f184620a0, count: 5 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic *cpu0: uvm_fault(0xffffffff838bcbc8, 0xffff80000149e06a, 0, 1) -> e ddb> trace arp_rtrequest(ffff800000039058,1,fffffd80691d9678) at arp_rtrequest+0x65e arprequest sys/netinet/if_ether.c:279 [inline] arp_rtrequest(ffff800000039058,1,fffffd80691d9678) at arp_rtrequest+0x65e sys/netinet/if_ether.c:182 rtrequest(1,ffff80003a558c68,0,ffff80003a558be0,16) at rtrequest+0xd4c sys/net/route.c:1114 rtm_output(ffff80000149be00,ffff80003a558d10,ffff80003a558c68,0,16) at rtm_output+0x855 sys/net/rtsock.c:970 route_output(fffffd807e1b5100,ffff800010fdf9f0) at route_output+0x9ac sys/net/rtsock.c:875 route_send(ffff800010fdf9f0,fffffd807e1b5100,0,0) at route_send+0xd7 sys/net/rtsock.c:339 sosend(ffff800010fdf9f0,0,ffff80003a558eb8,0,0,e) at sosend+0x804 sys/kern/uipc_socket.c:-1 sendit(ffff80002a7efc50,5,ffff80003a558fb0,e,ffff80003a559060) at sendit+0x721 sys/kern/uipc_syscalls.c:779 sys_sendto(ffff80002a7efc50,ffff80003a559110,ffff80003a559060) at sys_sendto+0x8d sys/kern/uipc_syscalls.c:557 syscall(ffff80003a559110) at syscall+0x97e mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80003a559110) at syscall+0x97e sys/arch/amd64/amd64/trap.c:748 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xa1f184620a0, count: -10 ddb> show registers rdi 0x20 rsi 0x90 rbp 0xffff80003a558ab0 rbx 0xde rdx 0 rcx 0x100040600080100 rax 0xfffffd807e1b5ee0 r8 0x1000 __ALIGN_SIZE r9 0 r10 0xb7d7bcd2b35881f9 r11 0x121197652bf82748 r12 0x1c r13 0xfffffd807e1b5e00 r14 0xfffffd80691d9678 r15 0xffff80000149df80 rip 0xffffffff82f71e6e arp_rtrequest+0x65e cs 0x8 rflags 0x10246 __ALIGN_SIZE+0xf246 rsp 0xffff80003a558a30 ss 0x10 arp_rtrequest+0x65e: movzwl 0xc(%r15,%rbx,1),%ecx ddb> show proc PROC (syz-executor) tid=406081 pid=29088 tcnt=2 stat=onproc flags process=0 proc=4000000 runpri=32, usrpri=51, slppri=32, nice=20 wchan=0x0, wmesg=, ps_single=0x0 scnt=0 ecnt=0 forw=0xffffffffffffffff, list=0xffff80002a7ee020,0xffff80002a7ee2c0 process=0xffff80002cd21b78 user=0xffff80003a554000, vmspace=0xfffffd806bbb8740 estcpu=1, cpticks=1, pctcpu=0.0, user=0, sys=1, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 25860 445429 74108 0 2 0 syz-executor 25860 289985 74108 0 2 0x4000000 syz-executor 28324 409756 53393 0 2 0 syz-executor 28324 408737 53393 0 3 0x4000080 fsleep syz-executor 28324 481575 53393 0 3 0x4000080 fsleep syz-executor 21840 119622 95990 0 2 0 syz-executor 21840 372128 95990 0 2 0x4000000 syz-executor 52918 225070 25691 0 2 0 syz-executor 52918 483834 25691 0 3 0x4000080 fsleep syz-executor 84407 337621 56906 0 2 0 syz-executor 84407 103260 56906 0 3 0x4000080 fsleep syz-executor 29088 210876 5030 0 2 0 syz-executor *29088 406081 5030 0 7 0x4000000 syz-executor 87274 370107 86453 0 2 0 syz-executor 87274 135501 86453 0 3 0x4000080 fsleep syz-executor 64100 25236 53876 0 2 0x100000 sh 53876 322079 97575 0 3 0x10008a sigsusp sh 86453 344232 46170 0 3 0x82 nanoslp syz-executor 25691 470726 46170 0 3 0x82 nanoslp syz-executor 56906 183442 46170 0 3 0x82 nanoslp syz-executor 5030 235417 46170 0 3 0x82 nanoslp syz-executor 95990 197159 46170 0 2 0xc82 syz-executor 53393 335165 46170 0 2 0xc82 syz-executor 97575 415904 46170 0 3 0x82 wait syz-executor 74108 423036 46170 0 3 0x82 nanoslp syz-executor 46170 465182 31613 0 3 0x82 kqread syz-executor 31613 441955 85437 0 3 0x10008a sigsusp ksh 85437 54554 36286 0 3 0x98 kqread sshd-session 36286 224254 10960 0 3 0x92 kqread sshd-session 40763 482593 1 0 3 0x100083 ttyin getty 10960 434145 1 0 3 0x88 kqread sshd 16352 125209 7793 73 3 0x1100090 kqread syslogd 7793 487993 1 0 3 0x100082 sbwait syslogd 49152 358300 1 0 3 0x100080 kqread resolvd 53516 347689 82331 77 3 0x100092 kqread dhcpleased 25248 241588 82331 77 3 0x100092 kqread dhcpleased 82331 191956 1 0 3 0x80 kqread dhcpleased 82473 297323 0 0 2 0x14200 smr 43660 381502 0 0 2 0x14200 zerothread 80188 464073 0 0 3 0x14200 aiodoned aiodoned 96478 483001 0 0 3 0x14200 syncer update 92376 251114 0 0 3 0x14200 cleaner cleaner 79611 431615 0 0 3 0x14200 reaper reaper 88296 269437 0 0 3 0x14200 pgdaemon pagedaemon 13720 136724 0 0 3 0x14200 bored viomb 5228 375026 0 0 3 0x40014200 acpi0 acpi0 21637 254103 0 0 3 0x14200 bored softnet7 7681 470250 0 0 3 0x14200 bored softnet6 7185 253552 0 0 3 0x14200 bored softnet5 95246 236416 0 0 3 0x14200 bored softnet4 46668 58729 0 0 3 0x14200 bored softnet3 2638 266039 0 0 3 0x14200 bored softnet2 24134 41388 0 0 3 0x14200 bored softnet1 82480 379500 0 0 3 0x14200 bored softnet0 51842 84352 0 0 3 0x14200 smrbar systqmp 11128 52511 0 0 3 0x14200 bored systq 45017 203016 0 0 2 0x40014200 softclock 5755 140326 0 0 3 0x40014200 idle0 1 353240 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10174 11057K 11057K 166960K 11251 0 pcb 18 12K 12K 166960K 18 0 rtable 216 7K 7K 166960K 278 0 pf 30 12K 12K 166960K 30 0 ifaddr 42 7K 7K 166960K 44 0 ifgroup 50 2K 2K 166960K 50 0 sysctl 1 1K 9K 166960K 5 0 counters 32 17K 17K 166960K 32 0 ioctlops 0 0K 2K 166960K 29 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1340 84K 84K 166960K 1356 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 1K 1K 166960K 2 0 VM map 2 1K 1K 166960K 2 0 sem 2 0K 0K 166960K 2 0 dirhash 12 2K 2K 166960K 12 0 ACPI 1692 195K 286K 166960K 12470 0 file desc 19 69K 97K 166960K 138 0 proc 57 58K 116K 166960K 472 0 subproc 72 4K 4K 166960K 72 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 0 0K 0K 166960K 1 0 in_multi 99 7K 7K 166960K 99 0 ether_multi 1 0K 0K 166960K 1 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 25 122K 122K 166960K 25 0 exec 0 0K 1K 166960K 346 0 fusefs mount 1 32K 32K 166960K 1 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 222 152K 159K 166960K 2810 0 UVM aobj 3 2K 2K 166960K 3 0 pinsyscall 40 80K 96K 166960K 1167 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 NDP 27 2K 2K 166960K 27 0 temp 34 8662K 8726K 166960K 3659 0 kqueue 13 20K 20K 166960K 21 0 SYN cache 2 16K 16K 166960K 2 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle rtpcb 120 37 0 33 1 0 1 1 0 8 0 rtentry 136 97 0 1 4 0 4 4 0 8 0 unpcb 144 31 0 16 1 0 1 1 0 8 0 syncache 336 3 0 3 1 0 1 1 0 8 1 tcpcb 736 8 0 2 1 0 1 1 0 8 0 arp 88 10 0 0 1 0 1 1 0 8 0 inpcb 328 58 0 47 2 0 2 2 0 8 1 nd6 104 17 0 0 1 0 1 1 0 8 0 kcovpl 48 8 0 0 1 0 1 1 0 8 0 art_heap8 4096 2 0 0 2 0 2 2 0 8 0 art_heap4 256 452 0 0 29 0 29 29 0 8 0 art_table 40 454 0 0 5 0 5 5 0 8 0 art_node 32 97 0 3 1 0 1 1 0 8 0 dirhash 1024 17 0 0 3 0 3 3 0 8 0 dino2pl 256 1549 0 44 95 0 95 95 0 8 0 ffsino 256 1549 0 44 95 0 95 95 0 8 0 nchpl 144 1733 0 48 63 0 63 63 0 8 0 uvmvnodes 80 1633 0 0 34 0 34 34 0 8 0 vnodes 216 1633 0 0 91 0 91 91 0 8 0 namei 1024 5050 0 5049 2 0 2 2 0 8 1 kstatmem 264 22 0 0 2 0 2 2 0 8 0 scxspl 216 6161 0 6161 8 0 8 8 1 8 8 plimitpl 152 26 0 10 1 0 1 1 0 8 0 sigapl 424 422 0 371 7 0 7 7 0 8 0 knotepl 120 3013 0 2966 2 0 2 2 0 8 0 kqueuepl 184 18 0 8 1 0 1 1 0 8 0 pipepl 304 99 0 72 3 0 3 3 0 8 0 fdescpl 448 402 0 371 5 0 5 5 0 8 0 filepl 120 1277 0 1063 7 0 7 7 0 8 0 lockfpl 104 6 0 4 1 0 1 1 0 8 0 lockfspl 48 4 0 2 1 0 1 1 0 8 0 sessionpl 144 21 0 13 1 0 1 1 0 8 0 pgrppl 48 29 0 13 1 0 1 1 0 8 0 ucredpl 104 64 0 53 1 0 1 1 0 8 0 zombiepl 144 371 0 371 1 0 1 1 0 8 1 processpl 1168 422 0 371 5 0 5 5 0 8 0 procpl 656 434 0 375 6 0 6 6 0 8 0 sockpl 552 126 0 96 3 0 3 3 0 8 0 mcl8k 8192 4 0 4 1 0 1 1 0 8 1 mcl4k 4096 2397 0 2347 13 0 13 13 0 8 6 mcl2k 2048 150 0 147 1 0 1 1 0 8 0 mtagpl 96 4 0 4 1 0 1 1 0 8 1 mbufpl 256 3689 0 3556 9 0 9 9 0 8 0 bufpl 280 2803 0 117 192 0 192 192 0 8 0 anonpl 24 89683 0 86655 23 0 23 23 0 187 3 amapchunkpl 152 7854 0 7377 19 0 19 19 0 158 0 amappl16 200 1503 0 1489 5 0 5 5 0 8 4 amappl15 192 6 0 6 1 0 1 1 0 8 1 amappl14 184 135 0 125 1 0 1 1 0 8 0 amappl13 176 7 0 7 1 0 1 1 0 8 1 amappl12 168 1008 0 977 3 0 3 3 0 8 1 amappl11 160 47 0 37 1 0 1 1 0 8 0 amappl10 152 7 0 7 1 0 1 1 0 8 1 amappl9 144 271 0 271 1 0 1 1 0 8 1 amappl8 136 20 0 19 1 0 1 1 0 8 0 amappl7 128 96 0 86 1 0 1 1 0 8 0 amappl6 120 184 0 179 1 0 1 1 0 8 0 amappl5 112 110 0 104 1 0 1 1 0 8 0 amappl4 104 269 0 253 1 0 1 1 0 8 0 amappl3 96 1179 0 1072 3 0 3 3 0 8 0 amappl2 88 608 0 556 2 0 2 2 0 8 0 amappl1 80 7875 0 7321 13 0 13 13 0 8 1 amappl 88 2176 0 2017 4 0 4 4 0 92 0 dma4096 4096 1 0 1 1 0 1 1 0 8 1 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 6 0 6 1 0 1 1 0 8 1 dma128 128 253 0 253 1 0 1 1 0 8 1 dma64 64 6 0 6 1 0 1 1 0 8 1 dma32 32 7 0 7 1 0 1 1 0 8 1 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 2 0 0 1 0 1 1 0 8 0 uaddrrnd 24 402 0 371 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 402 0 371 1 0 1 1 0 8 0 vmmpekpl 168 4727 0 4702 2 0 2 2 0 8 0 vmmpepl 168 32081 0 30251 80 0 80 80 0 357 0 vmsppl 368 401 0 371 4 0 4 4 0 8 0 rwobjpl 40 13212 0 10752 26 0 26 26 0 8 0 pdppl 4096 811 0 742 97 14 83 83 0 8 14 pvpl 32 199090 0 190907 69 0 69 69 0 265 0 pmappl 216 401 0 371 3 0 3 3 0 8 0 extentpl 40 45 0 27 1 0 1 1 0 8 0 phpool 112 366 0 14 11 0 11 11 0 8 0 ddb> machine ddbcpu 0 No such command ddb> trace arp_rtrequest(ffff800000039058,1,fffffd80691d9678) at arp_rtrequest+0x65e arprequest sys/netinet/if_ether.c:279 [inline] arp_rtrequest(ffff800000039058,1,fffffd80691d9678) at arp_rtrequest+0x65e sys/netinet/if_ether.c:182 rtrequest(1,ffff80003a558c68,0,ffff80003a558be0,16) at rtrequest+0xd4c sys/net/route.c:1114 rtm_output(ffff80000149be00,ffff80003a558d10,ffff80003a558c68,0,16) at rtm_output+0x855 sys/net/rtsock.c:970 route_output(fffffd807e1b5100,ffff800010fdf9f0) at route_output+0x9ac sys/net/rtsock.c:875 route_send(ffff800010fdf9f0,fffffd807e1b5100,0,0) at route_send+0xd7 sys/net/rtsock.c:339 sosend(ffff800010fdf9f0,0,ffff80003a558eb8,0,0,e) at sosend+0x804 sys/kern/uipc_socket.c:-1 sendit(ffff80002a7efc50,5,ffff80003a558fb0,e,ffff80003a559060) at sendit+0x721 sys/kern/uipc_syscalls.c:779 sys_sendto(ffff80002a7efc50,ffff80003a559110,ffff80003a559060) at sys_sendto+0x8d sys/kern/uipc_syscalls.c:557 syscall(ffff80003a559110) at syscall+0x97e mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80003a559110) at syscall+0x97e sys/arch/amd64/amd64/trap.c:748 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xa1f184620a0, count: -10 ddb> machine ddbcpu 1 No such command ddb> trace arp_rtrequest(ffff800000039058,1,fffffd80691d9678) at arp_rtrequest+0x65e arprequest sys/netinet/if_ether.c:279 [inline] arp_rtrequest(ffff800000039058,1,fffffd80691d9678) at arp_rtrequest+0x65e sys/netinet/if_ether.c:182 rtrequest(1,ffff80003a558c68,0,ffff80003a558be0,16) at rtrequest+0xd4c sys/net/route.c:1114 rtm_output(ffff80000149be00,ffff80003a558d10,ffff80003a558c68,0,16) at rtm_output+0x855 sys/net/rtsock.c:970 route_output(fffffd807e1b5100,ffff800010fdf9f0) at route_output+0x9ac sys/net/rtsock.c:875 route_send(ffff800010fdf9f0,fffffd807e1b5100,0,0) at route_send+0xd7 sys/net/rtsock.c:339 sosend(ffff800010fdf9f0,0,ffff80003a558eb8,0,0,e) at sosend+0x804 sys/kern/uipc_socket.c:-1 sendit(ffff80002a7efc50,5,ffff80003a558fb0,e,ffff80003a559060) at sendit+0x721 sys/kern/uipc_syscalls.c:779 sys_sendto(ffff80002a7efc50,ffff80003a559110,ffff80003a559060) at sys_sendto+0x8d sys/kern/uipc_syscalls.c:557 syscall(ffff80003a559110) at syscall+0x97e mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80003a559110) at syscall+0x97e sys/arch/amd64/amd64/trap.c:748 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xa1f184620a0, count: -10