uvm_fault(0xfffffd806aea69a0, 0x4, 0, 1) -> e kernel: page fault trap, code=0 Stopped at igmp_leavegroup+0x80: movl 0x4(%rax),%r12d TID PID UID PRFLAGS PFLAGS CPU COMMAND igmp_leavegroup(ffff800000b57f80) at igmp_leavegroup+0x80 sys/netinet/igmp.c:521 in_delmulti(ffff800000b57f80) at in_delmulti+0xb7 sys/netinet/in.c:920 ip_freemoptions(ffff800000b569a0) at ip_freemoptions+0x4d sys/netinet/ip_output.c:1764 in_pcbdetach(fffffd8068237600) at in_pcbdetach+0xf3 sys/netinet/in_pcb.c:584 rip_detach(fffffd8061519030) at rip_detach+0x6a sys/netinet/raw_ip.c:616 soclose(fffffd8061519030,0) at soclose+0x245 sys/kern/uipc_socket.c:361 soo_close(fffffd80664dd7f8,ffff8000216e1ce0) at soo_close+0x40 fdrop(fffffd80664dd7f8,ffff8000216e1ce0) at fdrop+0xc7 sys/kern/kern_descrip.c:1279 closef(fffffd80664dd7f8,ffff8000216e1ce0) at closef+0x117 sys/kern/kern_descrip.c:1263 fdfree(ffff8000216e1ce0) at fdfree+0xf3 sys/kern/kern_descrip.c:1195 exit1(ffff8000216e1ce0,0,0,3) at exit1+0x35d sys/kern/kern_exit.c:202 single_thread_check_locked(ffff8000216e1ce0,0,0) at single_thread_check_locked+0x1f6 sys/kern/kern_sig.c:1979 userret(ffff8000216e1ce0) at userret+0x1f3 single_thread_check sys/kern/kern_sig.c:1999 [inline] userret(ffff8000216e1ce0) at userret+0x1f3 sys/kern/kern_sig.c:1946 syscall(ffff800023159010) at syscall+0x50f mi_syscall_return sys/sys/syscall_mi.h:129 [inline] syscall(ffff800023159010) at syscall+0x50f sys/arch/amd64/amd64/trap.c:607 end trace frame: 0xffff800023159090, count: 0 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic *cpu0: uvm_fault(0xfffffd806aea69a0, 0x4, 0, 1) -> e ddb> trace igmp_leavegroup(ffff800000b57f80) at igmp_leavegroup+0x80 sys/netinet/igmp.c:521 in_delmulti(ffff800000b57f80) at in_delmulti+0xb7 sys/netinet/in.c:920 ip_freemoptions(ffff800000b569a0) at ip_freemoptions+0x4d sys/netinet/ip_output.c:1764 in_pcbdetach(fffffd8068237600) at in_pcbdetach+0xf3 sys/netinet/in_pcb.c:584 rip_detach(fffffd8061519030) at rip_detach+0x6a sys/netinet/raw_ip.c:616 soclose(fffffd8061519030,0) at soclose+0x245 sys/kern/uipc_socket.c:361 soo_close(fffffd80664dd7f8,ffff8000216e1ce0) at soo_close+0x40 fdrop(fffffd80664dd7f8,ffff8000216e1ce0) at fdrop+0xc7 sys/kern/kern_descrip.c:1279 closef(fffffd80664dd7f8,ffff8000216e1ce0) at closef+0x117 sys/kern/kern_descrip.c:1263 fdfree(ffff8000216e1ce0) at fdfree+0xf3 sys/kern/kern_descrip.c:1195 exit1(ffff8000216e1ce0,0,0,3) at exit1+0x35d sys/kern/kern_exit.c:202 single_thread_check_locked(ffff8000216e1ce0,0,0) at single_thread_check_locked+0x1f6 sys/kern/kern_sig.c:1979 userret(ffff8000216e1ce0) at userret+0x1f3 single_thread_check sys/kern/kern_sig.c:1999 [inline] userret(ffff8000216e1ce0) at userret+0x1f3 sys/kern/kern_sig.c:1946 syscall(ffff800023159010) at syscall+0x50f mi_syscall_return sys/sys/syscall_mi.h:129 [inline] syscall(ffff800023159010) at syscall+0x50f sys/arch/amd64/amd64/trap.c:607 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x7f7ffffde5d0, count: -15 ddb> show registers rdi 0 rsi 0 rbp 0xffff800023158b30 rbx 0 rdx 0 rcx 0x1 rax 0 r8 0xffff800023158d50 r9 0x40 r10 0xfdb0c2383aa271a5 r11 0x4de916ae06c1636e r12 0 r13 0x3 r14 0xffff8000006b5000 r15 0xffff800000b57f80 rip 0xffffffff81bd25c0 igmp_leavegroup+0x80 cs 0x8 rflags 0x10246 __ALIGN_SIZE+0xf246 rsp 0xffff800023158b00 ss 0x10 igmp_leavegroup+0x80: movl 0x4(%rax),%r12d ddb> show proc PROC (syz-executor.0) pid=162807 stat=onproc flags process=1008 proc=82000 pri=32, usrpri=86, nice=20 forw=0xffffffffffffffff, list=0xffff8000216e02a0,0xffff8000216e0fd0 process=0xffff800021641b68 user=0xffff800023154000, vmspace=0xfffffd806aea69a0 estcpu=36, cpticks=6, pctcpu=0.0 user=0, sys=1, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 66168 339864 98305 0 3 0x80 nanoslp syz-executor.1 66168 450044 98305 0 3 0x4000080 fsleep syz-executor.1 20806 179548 47155 0 2 0 syz-executor.3 20806 279559 47155 0 3 0x4000080 fsleep syz-executor.3 47155 279799 46050 0 2 0x482 syz-executor.3 61532 50813 46050 0 2 0x2 syz-executor.2 98305 83864 46050 0 3 0x82 nanoslp syz-executor.1 30945 109312 0 0 3 0x14200 acct acct 56644 524274 0 0 3 0x14200 bored sosplice 82670 79885 46050 0 3 0x82 nanoslp syz-executor.0 46050 101069 17286 0 3 0x82 thrsleep syz-fuzzer 46050 43730 17286 0 3 0x4000082 nanoslp syz-fuzzer 46050 84919 17286 0 3 0x4000082 thrsleep syz-fuzzer 46050 68921 17286 0 3 0x4000082 thrsleep syz-fuzzer 46050 413028 17286 0 3 0x4000082 thrsleep syz-fuzzer 46050 213720 17286 0 3 0x4000082 thrsleep syz-fuzzer 46050 289439 17286 0 3 0x4000082 kqread syz-fuzzer 17286 167426 65449 0 3 0x10008a sigsusp ksh 65449 310499 55818 0 3 0x9a poll sshd 93363 180003 1 0 3 0x100083 ttyin getty 55818 437081 1 0 3 0x88 poll sshd 46223 262154 63806 73 3 0x100090 kqread syslogd 63806 270268 1 0 3 0x100082 netio syslogd 93495 429696 1 0 3 0x100080 kqread resolvd 32396 200079 99902 77 3 0x100092 kqread dhcpleased 86306 287264 99902 77 3 0x100092 kqread dhcpleased 99902 79914 1 0 3 0x80 kqread dhcpleased 18004 100591 0 0 3 0x14200 bored smr 76195 305340 0 0 2 0x14200 zerothread 79539 61937 0 0 3 0x14200 aiodoned aiodoned 12110 251699 0 0 3 0x14200 syncer update 36783 501283 0 0 3 0x14200 cleaner cleaner 39645 67136 0 0 3 0x14200 reaper reaper 94119 119094 0 0 3 0x14200 pgdaemon pagedaemon 91256 75815 0 0 3 0x14200 bored viomb 49636 216964 0 0 3 0x40014200 acpi0 acpi0 42835 63541 0 0 3 0x14200 bored softnet 13875 497688 0 0 3 0x14200 bored systqmp 34707 1826 0 0 3 0x14200 bored systq 39753 68267 0 0 3 0x40014200 bored softclock 32215 203498 0 0 3 0x40014200 idle0 1 283277 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10149 6409K 6733K 78643K 13688 0 pcb 13 12K 14K 78643K 265 0 rtable 133 16K 17K 78643K 768 0 ifaddr 64 14K 14K 78643K 247 0 counters 23 16K 17K 78643K 45 0 ioctlops 0 0K 4K 78643K 427 0 iov 0 0K 24K 78643K 327 0 mount 1 1K 1K 78643K 1 0 log 0 0K 0K 78643K 4 0 vnodes 1303 82K 82K 78643K 2100 0 UFS quota 1 32K 32K 78643K 1 0 UFS mount 5 36K 36K 78643K 5 0 shm 2 1K 9K 78643K 21 0 VM map 2 0K 0K 78643K 2 0 sem 12 0K 0K 78643K 582 0 dirhash 12 2K 2K 78643K 12 0 ACPI 1697 195K 286K 78643K 12598 0 file desc 9 29K 49K 78643K 1605 0 sigio 0 0K 0K 78643K 36 0 proc 62 55K 79K 78643K 689 0 subproc 52 3K 3K 78643K 195 0 NFS srvsock 1 0K 0K 78643K 1 0 NFS daemon 1 16K 16K 78643K 1 0 ip_moptions 4 0K 0K 78643K 1081 0 in_multi 36 2K 3K 78643K 390 0 ether_multi 1 0K 0K 78643K 18 0 mrt 0 0K 0K 78643K 9 0 ISOFS mount 1 32K 32K 78643K 1 0 MSDOSFS mount 1 16K 16K 78643K 1 0 ttys 61 281K 281K 78643K 61 0 exec 0 0K 2K 78643K 1004 0 pfkey data 0 0K 2K 78643K 4 0 tdb 3 0K 0K 78643K 3 0 pagedep 1 8K 8K 78643K 1 0 inodedep 1 32K 32K 78643K 1 0 newblk 1 0K 0K 78643K 1 0 VM swap 7 26K 26K 78643K 7 0 UVM amap 253 124K 125K 78643K 20063 0 UVM aobj 109 8K 8K 78643K 109 0 memdesc 1 4K 4K 78643K 1 0 crypto data 1 1K 1K 78643K 1 0 ip6_options 0 0K 0K 78643K 99 0 NDP 8 0K 1K 78643K 60 0 temp 102 4197K 4268K 78643K 14600 0 kqueue 10 14K 18K 78643K 67 0 SYN cache 2 16K 16K 78643K 2 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle rtpcb 120 296 0 293 7 6 1 5 0 8 0 rtentry 112 207 0 162 2 0 2 2 0 8 0 unpcb 136 1394 0 1381 19 17 2 10 0 8 1 syncache 296 14 0 14 3 3 0 1 0 8 0 tcpqe 32 39 0 39 2 2 0 1 0 8 0 tcpcb 736 808 0 791 26 21 5 17 0 8 3 arp 88 39 0 31 1 0 1 1 0 8 0 inpcb 304 2832 0 2810 15 9 6 11 0 8 4 nd6 48 45 0 36 1 0 1 1 0 8 0 pkpcb 40 40 0 40 2 1 1 1 0 8 1 kcovpl 48 15 0 11 1 0 1 1 0 8 0 ppxss 1152 5 0 5 2 1 1 1 0 8 1 pfrktable 1344 44 0 35 3 2 1 2 0 8 0 pftag 88 9 0 4 1 0 1 1 0 8 0 pfrule 1360 170 0 140 3 0 3 3 0 8 0 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 795 0 616 21 9 12 18 0 8 0 art_table 32 796 0 616 3 1 2 3 0 8 0 art_node 16 206 0 168 1 0 1 1 0 8 0 semapl 112 580 0 570 1 0 1 1 0 8 0 shmpl 112 106 0 0 4 0 4 4 0 8 0 dirhash 1024 17 0 0 3 0 3 3 0 8 0 dino2pl 256 3641 0 2224 89 0 89 89 0 8 0 ffsino 240 3641 0 2224 84 0 84 84 0 8 0 nchpl 144 5884 0 4293 61 0 61 61 0 8 0 uvmvnodes 80 4184 0 0 86 0 86 86 0 8 0 vnodes 224 4184 0 0 247 0 247 247 0 8 0 namei 1024 20051 0 20050 1 0 1 1 0 8 0 vcpupl 1984 6 0 0 1 0 1 1 0 8 0 vmpool 528 11 0 5 1 0 1 1 0 8 0 pfiaddrpl 120 18 0 8 1 0 1 1 0 8 0 scxspl 216 17522 0 17522 10 9 1 8 0 8 1 plimitpl 152 161 0 151 1 0 1 1 0 8 0 sigapl 424 1789 0 1754 6 1 5 5 0 8 1 futexpl 64 16128 0 16126 1 0 1 1 0 8 0 knotepl 112 793 0 743 2 0 2 2 0 8 0 kqueuepl 184 441 0 435 9 5 4 4 0 8 3 pipepl 304 258 0 242 4 2 2 4 0 8 0 fdescpl 432 1774 0 1754 3 0 3 3 0 8 0 filepl 120 13446 0 13281 21 11 10 15 0 8 4 lockfpl 104 548 0 546 2 1 1 2 0 8 0 lockfspl 48 115 0 113 1 0 1 1 0 8 0 sessionpl 144 30 0 18 1 0 1 1 0 8 0 pgrppl 48 93 0 81 1 0 1 1 0 8 0 ucredpl 96 1636 0 1626 1 0 1 1 0 8 0 zombiepl 144 1755 0 1754 1 0 1 1 0 8 0 processpl 1000 1789 0 1754 5 0 5 5 0 8 0 procpl 672 4284 0 4241 8 3 5 6 0 8 0 sosppl 168 15 0 15 3 3 0 1 0 8 0 sockpl 448 4562 0 4524 74 63 11 40 0 8 6 mcl64k 65536 65 0 65 1 0 1 1 0 8 1 mcl16k 16384 13 0 13 3 2 1 1 0 8 1 mcl12k 12288 47 0 47 3 2 1 1 0 8 1 mcl9k 9216 37 0 37 4 3 1 1 0 8 1 mcl8k 8192 212 0 212 2 1 1 1 0 8 1 mcl4k 4096 211 0 211 2 1 1 1 0 8 1 mcl2k2 2112 14 0 14 4 3 1 1 0 8 1 mcl2k 2048 80076 0 80032 15 8 7 10 0 8 1 mtagpl 96 235 0 178 5 2 3 3 0 8 0 mbufpl 256 142671 0 142390 60 38 22 39 0 8 1 bufpl 288 6426 0 176 447 0 447 447 0 8 0 anonpl 24 493062 0 474428 142 14 128 135 0 188 2 amapchunkpl 152 55710 0 55013 48 19 29 39 0 158 1 amappl16 200 6068 0 5393 59 17 42 48 0 8 5 amappl15 192 192 0 190 1 0 1 1 0 8 0 amappl14 184 505 0 500 1 0 1 1 0 8 0 amappl13 176 443 0 439 1 0 1 1 0 8 0 amappl12 168 59 0 57 1 0 1 1 0 8 0 amappl11 160 246 0 235 1 0 1 1 0 8 0 amappl10 152 82 0 75 1 0 1 1 0 8 0 amappl9 144 563 0 561 1 0 1 1 0 8 0 amappl8 136 599 0 562 2 0 2 2 0 8 0 amappl7 128 197 0 188 1 0 1 1 0 8 0 amappl6 120 306 0 291 1 0 1 1 0 8 0 amappl5 112 1134 0 1120 1 0 1 1 0 8 0 amappl4 104 1152 0 1128 1 0 1 1 0 8 0 amappl3 96 655 0 635 1 0 1 1 0 8 0 amappl2 88 829 0 782 2 0 2 2 0 8 0 amappl1 80 35216 0 34744 12 1 11 12 0 8 0 amappl 88 19515 0 19331 5 0 5 5 0 92 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 108 0 0 2 0 2 2 0 8 0 uaddrrnd 24 1785 0 1759 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 1785 0 1759 1 0 1 1 0 8 0 vmmpekpl 168 16187 0 16155 2 0 2 2 0 8 0 vmmpepl 168 173329 0 171209 155 29 126 136 0 357 29 vmsppl 272 1784 0 1759 3 1 2 2 0 8 0 rwobjpl 24 46260 0 40502 35 0 35 35 0 8 0 pdppl 4096 3576 0 3524 87 33 54 56 0 8 2 pvpl 32 903037 0 881578 224 28 196 206 0 265 18 pmappl 216 1784 0 1759 2 0 2 2 0 8 0 extentpl 40 57 0 38 1 0 1 1 0 8 0 phpool 112 925 0 179 22 0 22 22 0 8 0 ddb> machine ddbcpu 0 No such command ddb> trace igmp_leavegroup(ffff800000b57f80) at igmp_leavegroup+0x80 sys/netinet/igmp.c:521 in_delmulti(ffff800000b57f80) at in_delmulti+0xb7 sys/netinet/in.c:920 ip_freemoptions(ffff800000b569a0) at ip_freemoptions+0x4d sys/netinet/ip_output.c:1764 in_pcbdetach(fffffd8068237600) at in_pcbdetach+0xf3 sys/netinet/in_pcb.c:584 rip_detach(fffffd8061519030) at rip_detach+0x6a sys/netinet/raw_ip.c:616 soclose(fffffd8061519030,0) at soclose+0x245 sys/kern/uipc_socket.c:361 soo_close(fffffd80664dd7f8,ffff8000216e1ce0) at soo_close+0x40 fdrop(fffffd80664dd7f8,ffff8000216e1ce0) at fdrop+0xc7 sys/kern/kern_descrip.c:1279 closef(fffffd80664dd7f8,ffff8000216e1ce0) at closef+0x117 sys/kern/kern_descrip.c:1263 fdfree(ffff8000216e1ce0) at fdfree+0xf3 sys/kern/kern_descrip.c:1195 exit1(ffff8000216e1ce0,0,0,3) at exit1+0x35d sys/kern/kern_exit.c:202 single_thread_check_locked(ffff8000216e1ce0,0,0) at single_thread_check_locked+0x1f6 sys/kern/kern_sig.c:1979 userret(ffff8000216e1ce0) at userret+0x1f3 single_thread_check sys/kern/kern_sig.c:1999 [inline] userret(ffff8000216e1ce0) at userret+0x1f3 sys/kern/kern_sig.c:1946 syscall(ffff800023159010) at syscall+0x50f mi_syscall_return sys/sys/syscall_mi.h:129 [inline] syscall(ffff800023159010) at syscall+0x50f sys/arch/amd64/amd64/trap.c:607 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x7f7ffffde5d0, count: -15 ddb> machine ddbcpu 1 No such command ddb> trace igmp_leavegroup(ffff800000b57f80) at igmp_leavegroup+0x80 sys/netinet/igmp.c:521 in_delmulti(ffff800000b57f80) at in_delmulti+0xb7 sys/netinet/in.c:920 ip_freemoptions(ffff800000b569a0) at ip_freemoptions+0x4d sys/netinet/ip_output.c:1764 in_pcbdetach(fffffd8068237600) at in_pcbdetach+0xf3 sys/netinet/in_pcb.c:584 rip_detach(fffffd8061519030) at rip_detach+0x6a sys/netinet/raw_ip.c:616 soclose(fffffd8061519030,0) at soclose+0x245 sys/kern/uipc_socket.c:361 soo_close(fffffd80664dd7f8,ffff8000216e1ce0) at soo_close+0x40 fdrop(fffffd80664dd7f8,ffff8000216e1ce0) at fdrop+0xc7 sys/kern/kern_descrip.c:1279 closef(fffffd80664dd7f8,ffff8000216e1ce0) at closef+0x117 sys/kern/kern_descrip.c:1263 fdfree(ffff8000216e1ce0) at fdfree+0xf3 sys/kern/kern_descrip.c:1195 exit1(ffff8000216e1ce0,0,0,3) at exit1+0x35d sys/kern/kern_exit.c:202 single_thread_check_locked(ffff8000216e1ce0,0,0) at single_thread_check_locked+0x1f6 sys/kern/kern_sig.c:1979 userret(ffff8000216e1ce0) at userret+0x1f3 single_thread_check sys/kern/kern_sig.c:1999 [inline] userret(ffff8000216e1ce0) at userret+0x1f3 sys/kern/kern_sig.c:1946 syscall(ffff800023159010) at syscall+0x50f mi_syscall_return sys/sys/syscall_mi.h:129 [inline] syscall(ffff800023159010) at syscall+0x50f sys/arch/amd64/amd64/trap.c:607 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x7f7ffffde5d0, count: -15