uvm_fault(0xffffffff83928720, 0xffff800001558000, 0, 1) -> e kernel: page fault trap, code=0 Stopped at memcpy+0x19: repe movsq (%rsi),%es:(%rdi) TID PID UID PRFLAGS PFLAGS CPU COMMAND *206581 47834 0 0 0x4000000 0 syz-executor memcpy() at memcpy+0x19 rtm_msg1(14,ffff80003c963048) at rtm_msg1+0x306 sys/net/rtsock.c:1644 rtm_addr(14,ffff800001557f00) at rtm_addr+0xb9 sys/net/rtsock.c:-1 in6_update_ifa(ffff800000b12800,ffff80003c963460,ffff800001557f00) at in6_update_ifa+0x1752 sys/netinet6/in6.c:741 in6_ioctl_change_ifaddr(8080691a,ffff80003c963460,ffff800000b12800) at in6_ioctl_change_ifaddr+0x644 sys/netinet6/in6.c:352 ifioctl(ffff80000140dce0,8080691a,ffff80003c963460,ffff80002a7e22b0) at ifioctl+0x1519 pru_control sys/sys/protosw.h:352 [inline] ifioctl(ffff80000140dce0,8080691a,ffff80003c963460,ffff80002a7e22b0) at ifioctl+0x1519 sys/net/if.c:2455 sys_ioctl(ffff80002a7e22b0,ffff80003c963640,ffff80003c963590) at sys_ioctl+0x5bf sys/kern/sys_generic.c:-1 syscall(ffff80003c963640) at syscall+0x97e mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80003c963640) at syscall+0x97e sys/arch/amd64/amd64/trap.c:748 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x444df1a250, count: 6 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic *cpu0: uvm_fault(0xffffffff83928720, 0xffff800001558000, 0, 1) -> e ddb> trace memcpy() at memcpy+0x19 rtm_msg1(14,ffff80003c963048) at rtm_msg1+0x306 sys/net/rtsock.c:1644 rtm_addr(14,ffff800001557f00) at rtm_addr+0xb9 sys/net/rtsock.c:-1 in6_update_ifa(ffff800000b12800,ffff80003c963460,ffff800001557f00) at in6_update_ifa+0x1752 sys/netinet6/in6.c:741 in6_ioctl_change_ifaddr(8080691a,ffff80003c963460,ffff800000b12800) at in6_ioctl_change_ifaddr+0x644 sys/netinet6/in6.c:352 ifioctl(ffff80000140dce0,8080691a,ffff80003c963460,ffff80002a7e22b0) at ifioctl+0x1519 pru_control sys/sys/protosw.h:352 [inline] ifioctl(ffff80000140dce0,8080691a,ffff80003c963460,ffff80002a7e22b0) at ifioctl+0x1519 sys/net/if.c:2455 sys_ioctl(ffff80002a7e22b0,ffff80003c963640,ffff80003c963590) at sys_ioctl+0x5bf sys/kern/sys_generic.c:-1 syscall(ffff80003c963640) at syscall+0x97e mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80003c963640) at syscall+0x97e sys/arch/amd64/amd64/trap.c:748 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x444df1a250, count: -9 ddb> show registers rdi 0xfffffd806eb31948 rsi 0xffff800001558000 rbp 0xffff80003c962fc0 rbx 0xfffffd807c7b5c00 rdx 0xf9 rcx 0xe rax 0x7d806d5d9948 r8 0x2 r9 0x8080808080808080 r10 0x6ebb174e4b3c077 r11 0xfffffd806eb318c0 r12 0 r13 0xf9 r14 0xf9 r15 0xc0 rip 0xffffffff821ceae9 memcpy+0x19 cs 0x8 rflags 0x10202 __ALIGN_SIZE+0xf202 rsp 0xffff80003c962f18 ss 0x10 memcpy+0x19: repe movsq (%rsi),%es:(%rdi) ddb> show proc PROC (syz-executor) tid=206581 pid=47834 tcnt=3 stat=onproc flags process=0 proc=4000000 runpri=32, usrpri=86, slppri=32, nice=20 wchan=0x0, wmesg=, ps_single=0x0 scnt=0 ecnt=0 forw=0xffffffffffffffff, list=0xffff80002a7e3730,0xffff80002a7e3c60 process=0xffff8000ffff6458 user=0xffff80003c95e000, vmspace=0xfffffd807e107cb0 estcpu=36, cpticks=1, pctcpu=0.0, user=0, sys=1, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 14296 259849 16759 0 2 0 syz-executor 14296 14182 16759 0 3 0x4000080 fsleep syz-executor 3613 160620 50232 0 2 0 syz-executor 3613 307358 50232 0 3 0x4000080 fsleep syz-executor 4744 400151 54809 0 2 0 syz-executor 4744 200455 54809 0 3 0x4000080 fsleep syz-executor 4744 231139 54809 0 3 0x4000080 fsleep syz-executor 47834 510130 65372 0 2 0 syz-executor *47834 206581 65372 0 7 0x4000000 syz-executor 47834 509396 65372 0 3 0x4000080 fsleep syz-executor 83543 87349 99075 0 2 0 syz-executor 87023 254368 81148 0 2 0 syz-executor 87023 218970 81148 0 3 0x4000080 fsleep syz-executor 87023 54825 81148 0 3 0x4000080 fsleep syz-executor 86783 467813 98117 0 2 0 syz-executor 86783 319857 98117 0 3 0x4000080 fsleep syz-executor 86783 316309 98117 0 2 0x4000000 syz-executor 7980 24297 28645 0 2 0 syz-executor 7980 29208 28645 0 3 0x4000080 fsleep syz-executor 49264 127595 0 0 3 0x14200 acct acct 28645 421657 53625 0 3 0x82 nanoslp syz-executor 54809 400076 53625 0 3 0x82 nanoslp syz-executor 65372 44897 53625 0 3 0x82 nanoslp syz-executor 16759 196783 53625 0 3 0x82 nanoslp syz-executor 50232 494775 53625 0 3 0x82 nanoslp syz-executor 99075 431966 53625 0 3 0x82 nanoslp syz-executor 48044 340442 1 0 3 0x100083 ttyopn getty 89307 377761 0 0 3 0x14280 nfsidl nfsio 19295 435094 0 0 3 0x14280 nfsidl nfsio 43563 46207 0 0 3 0x14280 nfsidl nfsio 74357 520974 0 0 3 0x14280 nfsidl nfsio 12542 306115 0 0 3 0x14280 nfsidl nfsio 64284 175840 0 0 3 0x14280 nfsidl nfsio 11601 157614 0 0 3 0x14280 nfsidl nfsio 17846 148606 0 0 3 0x14280 nfsidl nfsio 45421 247338 0 0 3 0x14280 nfsidl nfsio 44174 93017 0 0 3 0x14280 nfsidl nfsio 4458 176376 0 0 3 0x14280 nfsidl nfsio 65983 150729 0 0 3 0x14280 nfsidl nfsio 94334 339185 0 0 3 0x14280 nfsidl nfsio 76492 186523 0 0 3 0x14280 nfsidl nfsio 57617 161549 0 0 3 0x14280 nfsidl nfsio 88761 431326 0 0 3 0x14280 nfsidl nfsio 60486 265946 0 0 3 0x14280 nfsidl nfsio 2597 430732 0 0 3 0x14280 nfsidl nfsio 88515 315474 0 0 3 0x14280 nfsidl nfsio 89030 34669 0 0 3 0x14280 nfsidl nfsio 60995 226382 0 0 3 0x14200 bored sosplice 98117 341574 53625 0 3 0x82 nanoslp syz-executor 81148 498594 53625 0 3 0x82 nanoslp syz-executor 53625 392223 82702 0 3 0x82 kqread syz-executor 82702 53681 96733 0 3 0x10008a sigsusp ksh 96733 150105 41246 0 3 0x98 kqread sshd-session 41246 173736 17857 0 3 0x92 kqread sshd-session 17857 60792 1 0 3 0x88 kqread sshd 54076 523914 2817 73 3 0x1100090 kqread syslogd 2817 41245 1 0 3 0x100082 sbwait syslogd 96352 30635 1 0 3 0x100080 kqread resolvd 60370 47126 84175 77 2 0x100092 dhcpleased 9144 202604 84175 77 3 0x100092 kqread dhcpleased 84175 415550 1 0 3 0x80 kqread dhcpleased 67396 519686 0 0 3 0x14200 bored smr 30556 356783 0 0 2 0x14200 zerothread 77635 394894 0 0 3 0x14200 aiodoned aiodoned 20010 21942 0 0 3 0x14200 syncer update 84202 216908 0 0 3 0x14200 cleaner cleaner 54493 243750 0 0 3 0x14200 reaper reaper 8741 408069 0 0 3 0x14200 pgdaemon pagedaemon 87929 441616 0 0 3 0x14200 bored viomb 79794 371755 0 0 3 0x40014200 acpi0 acpi0 11666 366891 0 0 3 0x14200 bored softnet3 75978 431096 0 0 3 0x14200 bored softnet2 74611 304908 0 0 3 0x14200 bored softnet1 84183 196159 0 0 3 0x14200 bored softnet0 3070 223049 0 0 3 0x14200 bored systqmp 51333 158566 0 0 3 0x14200 bored systq 72938 66163 0 0 3 0x40014200 tmoslp softclock 62699 384515 0 0 3 0x40014200 idle0 1 24041 0 0 3 0x82 wait init 0 0 -1 0 3 0x10010200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10187 11125K 11658K 166960K 13549 0 pcb 18 18K 20K 166960K 833 0 rtable 186 10K 11K 166960K 786 0 pf 31 13K 131085K 166960K 194 0 ifaddr 33 6K 8K 166960K 152 0 ifgroup 50 2K 2K 166960K 247 0 sysctl 4 1K 9K 166960K 28 0 counters 32 17K 18K 166960K 139 0 ioctlops 0 0K 4K 166960K 428 0 iov 0 0K 32K 166960K 159 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1581 99K 100K 166960K 3303 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 1K 9K 166960K 39 0 VM map 2 1K 1K 166960K 2 0 sem 12 0K 0K 166960K 91 0 dirhash 12 2K 3K 166960K 39 0 ACPI 1692 195K 286K 166960K 12470 0 file desc 18 65K 236K 166960K 2284 0 sigio 0 0K 0K 166960K 61 0 proc 61 59K 124K 166960K 925 0 subproc 72 4K 4K 166960K 144 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 0 0K 0K 166960K 384 0 in_multi 63 4K 7K 166960K 251 0 ether_multi 1 0K 0K 166960K 10 0 mrt 1 0K 0K 166960K 17 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 97 440K 440K 166960K 97 0 exec 0 0K 2K 166960K 851 0 fusefs mount 1 32K 32K 166960K 1 0 pfkey data 0 0K 0K 166960K 3 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 234 159K 175K 166960K 21606 0 UVM aobj 52 3K 3K 166960K 58 0 pinsyscall 39 78K 96K 166960K 3536 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 0K 166960K 147 0 NDP 11 0K 2K 166960K 109 0 temp 113 8676K 8752K 166960K 59699 0 kqueue 13 20K 35K 166960K 436 0 SYN cache 2 16K 16K 166960K 2 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle rtpcb 120 276 0 273 3 2 1 3 0 8 0 rtentry 136 274 0 211 4 0 4 4 0 8 0 unpcb 144 1784 0 1767 7 5 2 6 0 8 1 syncache 336 9 0 9 2 2 0 1 0 8 0 tcpqe 32 6 0 6 1 1 0 1 0 8 0 tcpcb 736 875 0 869 13 9 4 11 0 8 3 arp 88 31 0 21 1 0 1 1 0 8 0 ipq 40 3 0 3 1 0 1 1 0 8 1 ipqe 40 3 0 3 1 0 1 1 0 8 1 inpcb 328 2725 0 2715 19 12 7 13 0 8 6 ip6q 72 12 0 11 2 1 1 1 0 8 0 ip6af 40 22 0 21 2 1 1 1 0 8 0 nd6 104 50 0 37 1 0 1 1 0 8 0 pkpcb 40 10 0 10 3 2 1 1 0 8 1 kcovpl 48 16 0 8 1 0 1 1 0 8 0 mppekey 1024 1 0 1 1 1 0 1 0 8 0 ppxss 1072 81 0 81 3 2 1 1 0 8 1 pppxif 1384 6 0 6 3 2 1 1 0 8 1 pfrktable 1344 3 0 3 1 1 0 1 0 8 0 pfstitem 24 1 0 0 1 0 1 1 0 8 0 pfstkey 128 1 0 0 1 0 1 1 0 8 0 pfstate 384 1 0 0 1 0 1 1 0 8 0 rttmr 136 3 0 3 2 2 0 1 0 8 0 art_heap8 4096 5 0 0 5 0 5 5 0 8 0 art_heap4 256 1099 0 789 30 7 23 29 0 8 0 art_table 40 1104 0 789 5 0 5 5 0 8 0 art_node 32 268 0 211 1 0 1 1 0 8 0 sysvmsgpl 40 7 0 4 1 0 1 1 0 8 0 semupl 112 4 0 4 2 2 0 1 0 8 0 semapl 112 86 0 76 1 0 1 1 0 8 0 shmpl 112 55 0 6 2 0 2 2 0 8 0 dirhash 1024 35 0 18 3 0 3 3 0 8 0 dino2pl 256 5426 0 3911 96 0 96 96 0 8 0 ffsino 248 5426 0 3911 96 0 96 96 0 8 0 nchpl 144 8574 0 6866 64 0 64 64 0 8 0 rtmask 32 17 0 17 2 1 1 1 0 8 1 uvmvnodes 80 5926 0 0 121 0 121 121 0 8 0 vnodes 216 5926 0 0 330 0 330 330 0 8 0 namei 1024 31803 0 31803 3 2 1 2 0 8 1 kstatmem 264 150 0 128 2 0 2 2 0 8 0 acpiwqpl 32 1 0 1 1 0 1 1 1 8 1 scsiplug 72 19 0 19 3 2 1 1 0 8 1 scxspl 216 27435 0 27435 16 8 8 8 1 8 8 plimitpl 152 754 0 737 1 0 1 1 0 8 0 sigapl 424 2558 0 2490 8 0 8 8 0 8 0 knotepl 120 102661 0 102614 39 27 12 16 0 8 8 kqueuepl 184 924 0 915 4 3 1 4 0 8 0 pipepl 296 501 0 474 8 5 3 8 0 8 0 fdescpl 440 2514 0 2484 5 1 4 5 0 8 0 filepl 120 18388 0 18167 20 10 10 18 0 8 1 lockfpl 104 1385 0 1381 2 0 2 2 0 8 1 lockfspl 48 425 0 421 1 0 1 1 0 8 0 sessionpl 144 37 0 29 1 0 1 1 0 8 0 pgrppl 48 88 0 72 1 0 1 1 0 8 0 ucredpl 104 3807 0 3795 1 0 1 1 0 8 0 zombiepl 144 2886 0 2886 2 1 1 1 0 8 1 processpl 1160 2558 0 2490 5 0 5 5 0 8 0 procpl 656 5759 0 5680 9 1 8 8 0 8 0 sosppl 168 14 0 14 2 1 1 1 0 8 1 sockpl 528 4876 0 4846 16 9 7 12 0 8 5 mcl64k 65536 97 0 97 2 1 1 1 0 8 1 mcl12k 12288 65 0 65 1 1 0 1 0 8 0 mcl9k 9216 36 0 36 1 1 0 1 0 8 0 mcl8k 8192 28 0 28 2 1 1 1 0 8 1 mcl4k 4096 5284 0 5232 16 8 8 14 0 8 0 mcl2k2 2112 1 0 1 1 1 0 1 0 8 0 mcl2k 2048 3201 0 3198 5 3 2 5 0 8 1 mtagpl 96 70 0 70 2 0 2 2 0 8 2 mbufpl 256 37645 0 37530 534 517 17 534 0 8 1 bufpl 280 8314 0 2087 446 0 446 446 0 8 1 anonpl 24 327480 0 323825 64 17 47 47 0 187 16 amapchunkpl 152 73996 0 73482 49 14 35 35 0 158 13 amappl16 200 4628 0 4591 13 5 8 8 0 8 4 amappl15 192 11 0 10 1 0 1 1 0 8 0 amappl14 184 137 0 127 1 0 1 1 0 8 0 amappl13 176 11 0 11 1 1 0 1 0 8 0 amappl12 168 3263 0 3232 3 1 2 3 0 8 0 amappl11 160 48 0 38 1 0 1 1 0 8 0 amappl10 152 4 0 4 1 1 0 1 0 8 0 amappl9 144 246 0 246 1 1 0 1 0 8 0 amappl8 136 25 0 23 1 0 1 1 0 8 0 amappl7 128 123 0 113 1 0 1 1 0 8 0 amappl6 120 252 0 249 1 0 1 1 0 8 0 amappl5 112 161 0 153 1 0 1 1 0 8 0 amappl4 104 310 0 293 1 0 1 1 0 8 0 amappl3 96 15017 0 14904 4 0 4 4 0 8 0 amappl2 88 786 0 728 2 0 2 2 0 8 0 amappl1 80 18227 0 17663 15 2 13 14 0 8 0 amappl 88 20350 0 20181 5 0 5 5 0 92 0 dma32768 32768 1 0 1 1 1 0 1 0 8 0 dma16384 16384 1 0 1 1 1 0 1 0 8 0 dma8192 8192 1 0 1 1 0 1 1 0 8 1 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 8 0 8 2 2 0 1 0 8 0 dma128 128 261 0 261 3 2 1 1 0 8 1 dma64 64 11 0 11 3 2 1 1 0 8 1 dma32 32 8 0 8 1 1 0 1 0 8 0 dma16 16 20 0 19 1 0 1 1 0 8 0 aobjpl 72 57 0 6 1 0 1 1 0 8 0 uaddrrnd 24 2514 0 2484 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 2514 0 2484 1 0 1 1 0 8 0 vmmpekpl 168 18783 0 18735 3 0 3 3 0 8 0 vmmpepl 168 156675 0 154716 92 2 90 90 0 357 3 vmsppl 360 2513 0 2484 4 1 3 4 0 8 0 rwobjpl 32 43467 0 36613 57 0 57 57 0 8 0 pdppl 4096 5034 0 4968 130 64 66 82 0 8 0 pvpl 32 1016730 0 1007611 158 40 118 118 0 265 28 pmappl 216 2513 0 2484 3 0 3 3 0 8 1 extentpl 40 45 0 27 1 0 1 1 0 8 0 phpool 112 849 0 620 22 14 8 22 0 8 0 ddb> machine ddbcpu 0 No such command ddb> trace memcpy() at memcpy+0x19 rtm_msg1(14,ffff80003c963048) at rtm_msg1+0x306 sys/net/rtsock.c:1644 rtm_addr(14,ffff800001557f00) at rtm_addr+0xb9 sys/net/rtsock.c:-1 in6_update_ifa(ffff800000b12800,ffff80003c963460,ffff800001557f00) at in6_update_ifa+0x1752 sys/netinet6/in6.c:741 in6_ioctl_change_ifaddr(8080691a,ffff80003c963460,ffff800000b12800) at in6_ioctl_change_ifaddr+0x644 sys/netinet6/in6.c:352 ifioctl(ffff80000140dce0,8080691a,ffff80003c963460,ffff80002a7e22b0) at ifioctl+0x1519 pru_control sys/sys/protosw.h:352 [inline] ifioctl(ffff80000140dce0,8080691a,ffff80003c963460,ffff80002a7e22b0) at ifioctl+0x1519 sys/net/if.c:2455 sys_ioctl(ffff80002a7e22b0,ffff80003c963640,ffff80003c963590) at sys_ioctl+0x5bf sys/kern/sys_generic.c:-1 syscall(ffff80003c963640) at syscall+0x97e mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80003c963640) at syscall+0x97e sys/arch/amd64/amd64/trap.c:748 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x444df1a250, count: -9 ddb> machine ddbcpu 1 No such command ddb> trace memcpy() at memcpy+0x19 rtm_msg1(14,ffff80003c963048) at rtm_msg1+0x306 sys/net/rtsock.c:1644 rtm_addr(14,ffff800001557f00) at rtm_addr+0xb9 sys/net/rtsock.c:-1 in6_update_ifa(ffff800000b12800,ffff80003c963460,ffff800001557f00) at in6_update_ifa+0x1752 sys/netinet6/in6.c:741 in6_ioctl_change_ifaddr(8080691a,ffff80003c963460,ffff800000b12800) at in6_ioctl_change_ifaddr+0x644 sys/netinet6/in6.c:352 ifioctl(ffff80000140dce0,8080691a,ffff80003c963460,ffff80002a7e22b0) at ifioctl+0x1519 pru_control sys/sys/protosw.h:352 [inline] ifioctl(ffff80000140dce0,8080691a,ffff80003c963460,ffff80002a7e22b0) at ifioctl+0x1519 sys/net/if.c:2455 sys_ioctl(ffff80002a7e22b0,ffff80003c963640,ffff80003c963590) at sys_ioctl+0x5bf sys/kern/sys_generic.c:-1 syscall(ffff80003c963640) at syscall+0x97e mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80003c963640) at syscall+0x97e sys/arch/amd64/amd64/trap.c:748 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x444df1a250, count: -9