uvm_fault(0xffffffff83882298, 0xffff80000156d04a, 0, 1) -> e kernel: page fault trap, code=0 Stopped at arp_rtrequest+0x6a4: movzwl 0xc(%rcx,%rbx,1),%ecx TID PID UID PRFLAGS PFLAGS CPU COMMAND * 2862 23999 0 0 0x4000000 0 syz-executor arp_rtrequest(ffff800000039058,1,fffffd806b1b0de8) at arp_rtrequest+0x6a4 arprequest sys/netinet/if_ether.c:325 [inline] arp_rtrequest(ffff800000039058,1,fffffd806b1b0de8) at arp_rtrequest+0x6a4 sys/netinet/if_ether.c:226 rtrequest(1,ffff80003c979070,0,ffff80003c978fe0,16) at rtrequest+0xdc1 sys/net/route.c:1114 rtm_output(ffff80000148a200,ffff80003c979118,ffff80003c979070,0,16) at rtm_output+0x91a sys/net/rtsock.c:953 route_output(fffffd806a1c3a00,ffff800001582038) at route_output+0xa2b sys/net/rtsock.c:858 route_send(ffff800001582038,fffffd806a1c3a00,0,0) at route_send+0xd7 sys/net/rtsock.c:322 sosend(ffff800001582038,0,ffff80003c9792c8,0,0,808) at sosend+0x804 sys/kern/uipc_socket.c:-1 sendit(ffff80003410b258,4,ffff80003c9793c0,808,ffff80003c979460) at sendit+0x5a5 sys/kern/uipc_syscalls.c:785 sys_sendto(ffff80003410b258,ffff80003c979510,ffff80003c979460) at sys_sendto+0x8d sys/kern/uipc_syscalls.c:563 syscall(ffff80003c979510) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80003c979510) at syscall+0x962 sys/arch/amd64/amd64/trap.c:765 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x4cdb19dd00, count: 5 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic *cpu0: uvm_fault(0xffffffff83882298, 0xffff80000156d04a, 0, 1) -> e ddb> trace arp_rtrequest(ffff800000039058,1,fffffd806b1b0de8) at arp_rtrequest+0x6a4 arprequest sys/netinet/if_ether.c:325 [inline] arp_rtrequest(ffff800000039058,1,fffffd806b1b0de8) at arp_rtrequest+0x6a4 sys/netinet/if_ether.c:226 rtrequest(1,ffff80003c979070,0,ffff80003c978fe0,16) at rtrequest+0xdc1 sys/net/route.c:1114 rtm_output(ffff80000148a200,ffff80003c979118,ffff80003c979070,0,16) at rtm_output+0x91a sys/net/rtsock.c:953 route_output(fffffd806a1c3a00,ffff800001582038) at route_output+0xa2b sys/net/rtsock.c:858 route_send(ffff800001582038,fffffd806a1c3a00,0,0) at route_send+0xd7 sys/net/rtsock.c:322 sosend(ffff800001582038,0,ffff80003c9792c8,0,0,808) at sosend+0x804 sys/kern/uipc_socket.c:-1 sendit(ffff80003410b258,4,ffff80003c9793c0,808,ffff80003c979460) at sendit+0x5a5 sys/kern/uipc_syscalls.c:785 sys_sendto(ffff80003410b258,ffff80003c979510,ffff80003c979460) at sys_sendto+0x8d sys/kern/uipc_syscalls.c:563 syscall(ffff80003c979510) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80003c979510) at syscall+0x962 sys/arch/amd64/amd64/trap.c:765 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x4cdb19dd00, count: -10 ddb> show registers rdi 0x20 rsi 0x90 rbp 0xffff80003c978ec0 rbx 0xde rdx 0 rcx 0xffff80000156cf60 rax 0xfffffd806a1c30e0 r8 0x1000 __ALIGN_SIZE r9 0 r10 0x73bf025ed2b6314a r11 0xfc45c795b0515fc9 r12 0x34 r13 0xfffffd806a1c3000 r14 0xfffffd806b1b0de8 r15 0xffff800000039058 rip 0xffffffff81796284 arp_rtrequest+0x6a4 cs 0x8 rflags 0x10246 __ALIGN_SIZE+0xf246 rsp 0xffff80003c978e40 ss 0x10 arp_rtrequest+0x6a4: movzwl 0xc(%rcx,%rbx,1),%ecx ddb> show proc PROC (syz-executor) tid=2862 pid=23999 tcnt=2 stat=onproc flags process=0 proc=4000000 runpri=50, usrpri=50, slppri=32, nice=20 wchan=0x0, wmesg=, ps_single=0x0 scnt=0 ecnt=0 forw=0xffffffffffffffff, list=0xffff80003410bcb8,0xffffffff83953748 process=0xffff80003c9bd6a0 user=0xffff80003c974000, vmspace=0xfffffd806c40de78 estcpu=36, cpticks=1, pctcpu=0.0, user=0, sys=1, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 23999 196817 96225 0 2 0 syz-executor *23999 2862 96225 0 7 0x4000000 syz-executor 13781 176149 83240 0 2 0 syz-executor 13781 509776 83240 0 3 0x4000080 fsleep syz-executor 35247 195006 47256 0 2 0 syz-executor 35247 372360 47256 0 3 0x4000080 kqsel syz-executor 15227 102900 49769 0 2 0x1 syz-executor 15227 471340 49769 0 3 0x4000080 fsleep syz-executor 16156 224379 37802 0 2 0x1 syz-executor 16156 284317 37802 0 3 0x4000080 fsleep syz-executor 70483 160567 46235 0 3 0x80 nanoslp syz-executor 70483 483302 46235 0 3 0x4000080 sbwait syz-executor 21647 208713 0 0 3 0x14200 acct acct 26883 311745 0 0 3 0x14280 nfsidl nfsio 17897 297886 0 0 3 0x14280 nfsidl nfsio 6226 292558 0 0 3 0x14280 nfsidl nfsio 66977 290266 0 0 3 0x14280 nfsidl nfsio 24490 431880 0 0 3 0x14280 nfsidl nfsio 79892 82035 0 0 3 0x14280 nfsidl nfsio 70244 385579 0 0 3 0x14280 nfsidl nfsio 31911 112861 0 0 3 0x14280 nfsidl nfsio 4466 311571 0 0 3 0x14280 nfsidl nfsio 61784 358614 0 0 3 0x14280 nfsidl nfsio 12520 251249 0 0 3 0x14280 nfsidl nfsio 8136 138840 0 0 3 0x14280 nfsidl nfsio 84634 33125 0 0 3 0x14280 nfsidl nfsio 6140 215814 0 0 3 0x14280 nfsidl nfsio 86277 392426 0 0 3 0x14280 nfsidl nfsio 40133 158306 0 0 3 0x14280 nfsidl nfsio 86511 363039 0 0 3 0x14280 nfsidl nfsio 89397 440013 0 0 3 0x14280 nfsidl nfsio 34868 225576 0 0 3 0x14280 nfsidl nfsio 60936 488224 0 0 3 0x14280 nfsidl nfsio 83240 27650 92292 0 3 0x82 nanoslp syz-executor 96225 219800 92292 0 3 0x82 nanoslp syz-executor 49769 327492 92292 0 3 0x82 nanoslp syz-executor 46235 252998 92292 0 3 0x82 nanoslp syz-executor 47256 398517 92292 0 3 0x82 nanoslp syz-executor 37802 513095 92292 0 3 0x82 nanoslp syz-executor 38843 211081 92292 0 3 0x82 wait syz-executor 71114 360964 92292 0 2 0x2 syz-executor 92292 18533 32199 0 3 0x82 kqread syz-executor 32199 324204 46760 0 3 0x10008a sigsusp ksh 46760 45151 80522 0 3 0x98 kqread sshd-session 80522 97402 61679 0 3 0x92 kqread sshd-session 72531 138361 1 0 3 0x100083 ttyopn getty 61679 457711 1 0 3 0x88 kqread sshd 15175 241823 87456 73 3 0x1100090 kqread syslogd 87456 505027 1 0 3 0x100082 sbwait syslogd 95532 145192 1 0 3 0x100080 kqread resolvd 43734 464707 2299 77 3 0x100092 kqread dhcpleased 60536 275209 2299 77 3 0x100092 kqread dhcpleased 2299 339394 1 0 3 0x80 kqread dhcpleased 45953 118314 0 0 3 0x14200 bored smr 21835 88853 0 0 2 0x14200 zerothread 80757 290848 0 0 3 0x14200 aiodoned aiodoned 70675 152950 0 0 3 0x14200 syncer update 70975 46543 0 0 3 0x14200 cleaner cleaner 95682 277001 0 0 3 0x14200 reaper reaper 3514 34314 0 0 3 0x14200 pgdaemon pagedaemon 7920 316972 0 0 3 0x14200 bored viomb 79749 117842 0 0 3 0x40014200 acpi0 acpi0 7842 239987 0 0 3 0x14200 bored softnet0 22152 248553 0 0 3 0x14200 bored systqmp 33096 10552 0 0 3 0x14200 bored systq 1190 23936 0 0 3 0x40014200 tmoslp softclock 60859 70701 0 0 3 0x40014200 idle0 1 149962 0 0 3 0x82 wait init 0 0 -1 0 3 0x10010200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10183 11105K 11740K 166960K 12146 0 pcb 18 13K 14K 166960K 114 0 rtable 180 8K 8K 166960K 419 0 pf 30 12K 14K 166960K 76 0 ifaddr 32 5K 7K 166960K 67 0 ifgroup 50 2K 2K 166960K 110 0 sysctl 1 1K 9K 166960K 7 0 counters 32 17K 18K 166960K 125 0 ioctlops 0 0K 4K 166960K 206 0 iov 0 0K 16K 166960K 20 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1490 94K 94K 166960K 1827 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 3 5K 5K 166960K 7 0 VM map 2 1K 1K 166960K 2 0 sem 12 0K 0K 166960K 47 0 dirhash 12 2K 2K 166960K 15 0 ACPI 1692 195K 286K 166960K 12470 0 file desc 17 61K 236K 166960K 453 0 sigio 0 0K 0K 166960K 4 0 proc 60 59K 83K 166960K 502 0 subproc 72 4K 4K 166960K 72 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 4 0K 0K 166960K 24 0 in_multi 66 5K 6K 166960K 106 0 ether_multi 2 0K 0K 166960K 5 0 mrt 0 0K 0K 166960K 4 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 91 413K 413K 166960K 91 0 exec 0 0K 1K 166960K 412 0 fusefs mount 1 32K 32K 166960K 1 0 pfkey data 0 0K 0K 166960K 3 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 223 151K 166K 166960K 5691 0 UVM aobj 7 6K 6K 166960K 9 0 pinsyscall 38 76K 92K 166960K 1494 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 0K 166960K 13 0 NDP 11 0K 1K 166960K 48 0 temp 42 8651K 8906K 166960K 16060 0 kqueue 13 20K 28K 166960K 94 0 SYN cache 2 16K 16K 166960K 2 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle rtpcb 120 53 0 47 1 0 1 1 0 8 0 rtentry 136 116 0 48 4 0 4 4 0 8 0 unpcb 144 343 0 327 6 0 6 6 0 8 5 syncache 336 4 0 4 2 1 1 1 0 8 1 tcpqe 32 2 0 2 1 0 1 1 0 8 1 tcpcb 736 137 0 129 8 0 8 8 0 8 6 arp 96 19 0 6 1 0 1 1 0 8 0 inpcb 328 371 0 356 7 0 7 7 0 8 5 ip6q 72 2 0 1 1 0 1 1 0 8 0 ip6af 40 3 0 2 1 0 1 1 0 8 0 nd6 112 26 0 11 1 0 1 1 0 8 0 pkpcb 40 5 0 5 2 1 1 1 0 8 1 kcovpl 48 8 0 0 1 0 1 1 0 8 0 ppxss 1072 86 0 86 1 0 1 1 0 8 1 pppxif 1384 1 0 1 1 0 1 1 0 8 1 art_heap8 4096 2 0 0 2 0 2 2 0 8 0 art_heap4 256 477 0 196 27 0 27 27 0 8 5 art_table 40 479 0 196 5 0 5 5 0 8 0 art_node 32 116 0 55 1 0 1 1 0 8 0 sysvmsgpl 40 2 0 1 1 0 1 1 0 8 0 semupl 112 1 0 1 1 0 1 1 0 8 1 semapl 112 45 0 35 1 0 1 1 0 8 0 shmpl 112 3 0 1 1 0 1 1 0 8 0 dirhash 1024 19 0 2 3 0 3 3 0 8 0 dino2pl 256 2134 0 641 95 0 95 95 0 8 0 ffsino 256 2134 0 641 95 0 95 95 0 8 0 nchpl 144 2727 0 1040 64 0 64 64 0 8 0 rtmask 32 3 0 3 1 0 1 1 0 8 1 vnodes 216 2551 0 0 142 0 142 142 0 8 0 namei 1024 9280 0 9279 3 2 1 2 0 8 0 vcpupl 3904 2 0 0 1 0 1 1 0 8 0 vmpool 800 3 0 1 1 0 1 1 0 8 0 kstatmem 264 62 0 40 3 0 3 3 0 8 1 scsiplug 72 2 0 2 1 0 1 1 0 8 1 scxspl 216 9981 0 9981 10 2 8 8 1 8 8 plimitpl 152 286 0 268 1 0 1 1 0 8 0 sigapl 424 734 0 671 8 0 8 8 0 8 0 knotepl 120 13975 0 13928 11 2 9 9 0 8 6 kqueuepl 184 219 0 209 4 0 4 4 0 8 3 pipepl 304 137 0 110 3 0 3 3 0 8 0 fdescpl 448 699 0 670 4 0 4 4 0 8 0 filepl 120 4197 0 3974 13 0 13 13 0 8 2 lockfpl 104 256 0 253 2 0 2 2 0 8 1 lockfspl 48 59 0 56 1 0 1 1 0 8 0 sessionpl 144 21 0 13 1 0 1 1 0 8 0 pgrppl 48 36 0 20 1 0 1 1 0 8 0 ucredpl 104 493 0 482 1 0 1 1 0 8 0 zombiepl 144 892 0 891 1 0 1 1 0 8 0 processpl 1152 734 0 671 5 0 5 5 0 8 0 procpl 664 1302 0 1233 7 0 7 7 0 8 0 sosppl 176 3 0 3 1 0 1 1 0 8 1 sockpl 552 779 0 742 13 0 13 13 0 8 7 mcl64k 65536 89 0 89 2 1 1 1 0 8 1 mcl12k 12288 1 0 1 1 0 1 1 0 8 1 mcl8k 8192 9 0 9 2 1 1 1 0 8 1 mcl4k 4096 2862 0 2805 15 6 9 14 0 8 0 mcl2k 2048 653 0 648 4 1 3 3 0 8 2 mtagpl 96 4 0 4 1 1 0 1 0 8 0 mbufpl 256 7618 0 7467 17 1 16 16 0 8 3 bufpl 280 4267 0 127 296 0 296 296 0 8 0 anonpl 24 121295 0 118189 55 11 44 44 0 187 14 amapchunkpl 152 18022 0 17563 32 3 29 29 0 158 8 amappl16 200 2072 0 2039 17 4 13 15 0 8 8 amappl15 192 11 0 11 1 1 0 1 0 8 0 amappl14 184 16 0 16 1 1 0 1 0 8 0 amappl13 176 404 0 403 1 0 1 1 0 8 0 amappl12 168 1036 0 998 2 0 2 2 0 8 0 amappl11 160 1 0 1 1 1 0 1 0 8 0 amappl10 152 40 0 30 1 0 1 1 0 8 0 amappl9 144 253 0 253 1 1 0 1 0 8 0 amappl8 136 22 0 21 1 0 1 1 0 8 0 amappl7 128 77 0 76 1 0 1 1 0 8 0 amappl6 120 271 0 258 1 0 1 1 0 8 0 amappl5 112 66 0 59 1 0 1 1 0 8 0 amappl4 104 373 0 349 1 0 1 1 0 8 0 amappl3 96 3088 0 3002 3 0 3 3 0 8 0 amappl2 88 809 0 739 2 0 2 2 0 8 0 amappl1 80 9989 0 9458 13 0 13 13 0 8 1 amappl 88 4948 0 4795 5 0 5 5 0 92 0 uvmvnodes 80 107 0 0 3 0 3 3 0 8 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 254 0 254 2 1 1 1 0 8 1 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 8 0 2 1 0 1 1 0 8 0 uaddrrnd 24 699 0 670 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 699 0 670 1 0 1 1 0 8 0 vmmpekpl 168 7586 0 7557 2 0 2 2 0 8 0 vmmpepl 168 51188 0 49417 91 0 91 91 0 357 5 vmsppl 368 698 0 670 4 1 3 4 0 8 0 rwobjpl 40 16479 0 15536 14 1 13 13 0 8 0 pdppl 4096 1410 0 1344 99 31 68 76 0 8 2 pvpl 32 318400 0 309709 131 20 111 111 0 265 20 pmappl 216 701 0 671 2 0 2 2 0 8 0 extentpl 40 45 0 27 1 0 1 1 0 8 0 phpool 112 385 0 47 10 0 10 10 0 8 0 ddb> machine ddbcpu 0 No such command ddb> trace arp_rtrequest(ffff800000039058,1,fffffd806b1b0de8) at arp_rtrequest+0x6a4 arprequest sys/netinet/if_ether.c:325 [inline] arp_rtrequest(ffff800000039058,1,fffffd806b1b0de8) at arp_rtrequest+0x6a4 sys/netinet/if_ether.c:226 rtrequest(1,ffff80003c979070,0,ffff80003c978fe0,16) at rtrequest+0xdc1 sys/net/route.c:1114 rtm_output(ffff80000148a200,ffff80003c979118,ffff80003c979070,0,16) at rtm_output+0x91a sys/net/rtsock.c:953 route_output(fffffd806a1c3a00,ffff800001582038) at route_output+0xa2b sys/net/rtsock.c:858 route_send(ffff800001582038,fffffd806a1c3a00,0,0) at route_send+0xd7 sys/net/rtsock.c:322 sosend(ffff800001582038,0,ffff80003c9792c8,0,0,808) at sosend+0x804 sys/kern/uipc_socket.c:-1 sendit(ffff80003410b258,4,ffff80003c9793c0,808,ffff80003c979460) at sendit+0x5a5 sys/kern/uipc_syscalls.c:785 sys_sendto(ffff80003410b258,ffff80003c979510,ffff80003c979460) at sys_sendto+0x8d sys/kern/uipc_syscalls.c:563 syscall(ffff80003c979510) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80003c979510) at syscall+0x962 sys/arch/amd64/amd64/trap.c:765 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x4cdb19dd00, count: -10 ddb> machine ddbcpu 1 No such command ddb> trace arp_rtrequest(ffff800000039058,1,fffffd806b1b0de8) at arp_rtrequest+0x6a4 arprequest sys/netinet/if_ether.c:325 [inline] arp_rtrequest(ffff800000039058,1,fffffd806b1b0de8) at arp_rtrequest+0x6a4 sys/netinet/if_ether.c:226 rtrequest(1,ffff80003c979070,0,ffff80003c978fe0,16) at rtrequest+0xdc1 sys/net/route.c:1114 rtm_output(ffff80000148a200,ffff80003c979118,ffff80003c979070,0,16) at rtm_output+0x91a sys/net/rtsock.c:953 route_output(fffffd806a1c3a00,ffff800001582038) at route_output+0xa2b sys/net/rtsock.c:858 route_send(ffff800001582038,fffffd806a1c3a00,0,0) at route_send+0xd7 sys/net/rtsock.c:322 sosend(ffff800001582038,0,ffff80003c9792c8,0,0,808) at sosend+0x804 sys/kern/uipc_socket.c:-1 sendit(ffff80003410b258,4,ffff80003c9793c0,808,ffff80003c979460) at sendit+0x5a5 sys/kern/uipc_syscalls.c:785 sys_sendto(ffff80003410b258,ffff80003c979510,ffff80003c979460) at sys_sendto+0x8d sys/kern/uipc_syscalls.c:563 syscall(ffff80003c979510) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80003c979510) at syscall+0x962 sys/arch/amd64/amd64/trap.c:765 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x4cdb19dd00, count: -10