uvm_fault(0xffffffff8396b820, 0xffff800001669000, 0, 1) -> e kernel: page fault trap, code=0 Stopped at memcpy+0x19: repe movsq (%rsi),%es:(%rdi) TID PID UID PRFLAGS PFLAGS CPU COMMAND *214501 59533 0 0 0x4000000 0 syz-executor memcpy() at memcpy+0x19 rtm_msg1(14,ffff80003c96d2a8) at rtm_msg1+0x306 sys/net/rtsock.c:1627 rtm_addr(14,ffff800001668f00) at rtm_addr+0xb9 sys/net/rtsock.c:-1 in6_update_ifa(ffff800000b13800,ffff80003c96d6c0,ffff800001668f00) at in6_update_ifa+0x199a sys/netinet6/in6.c:741 in6_ioctl_change_ifaddr(8080691a,ffff80003c96d6c0,ffff800000b13800) at in6_ioctl_change_ifaddr+0x638 sys/netinet6/in6.c:352 ifioctl(ffff80000148b9f0,8080691a,ffff80003c96d6c0,ffff80003c94b248) at ifioctl+0x1515 pru_control sys/sys/protosw.h:352 [inline] ifioctl(ffff80000148b9f0,8080691a,ffff80003c96d6c0,ffff80003c94b248) at ifioctl+0x1515 sys/net/if.c:2480 sys_ioctl(ffff80003c94b248,ffff80003c96d890,ffff80003c96d7e0) at sys_ioctl+0x660 sys/kern/sys_generic.c:-1 syscall(ffff80003c96d890) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80003c96d890) at syscall+0x962 sys/arch/amd64/amd64/trap.c:748 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x8939095a2b0, count: 6 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic *cpu0: uvm_fault(0xffffffff8396b820, 0xffff800001669000, 0, 1) -> e ddb> trace memcpy() at memcpy+0x19 rtm_msg1(14,ffff80003c96d2a8) at rtm_msg1+0x306 sys/net/rtsock.c:1627 rtm_addr(14,ffff800001668f00) at rtm_addr+0xb9 sys/net/rtsock.c:-1 in6_update_ifa(ffff800000b13800,ffff80003c96d6c0,ffff800001668f00) at in6_update_ifa+0x199a sys/netinet6/in6.c:741 in6_ioctl_change_ifaddr(8080691a,ffff80003c96d6c0,ffff800000b13800) at in6_ioctl_change_ifaddr+0x638 sys/netinet6/in6.c:352 ifioctl(ffff80000148b9f0,8080691a,ffff80003c96d6c0,ffff80003c94b248) at ifioctl+0x1515 pru_control sys/sys/protosw.h:352 [inline] ifioctl(ffff80000148b9f0,8080691a,ffff80003c96d6c0,ffff80003c94b248) at ifioctl+0x1515 sys/net/if.c:2480 sys_ioctl(ffff80003c94b248,ffff80003c96d890,ffff80003c96d7e0) at sys_ioctl+0x660 sys/kern/sys_generic.c:-1 syscall(ffff80003c96d890) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80003c96d890) at syscall+0x962 sys/arch/amd64/amd64/trap.c:748 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x8939095a2b0, count: -9 ddb> show registers rdi 0xfffffd806eb7b148 rsi 0xffff800001669000 rbp 0xffff80003c96d220 rbx 0 rdx 0xea rcx 0xc rax 0x7d806d512148 r8 0x2 r9 0xfffffd80689d8128 r10 0xe8165d352c4503c9 r11 0xfffffd806eb7b0c0 r12 0xea r13 0xea r14 0xc0 r15 0xfffffd806b796500 rip 0xffffffff828bc069 memcpy+0x19 cs 0x8 rflags 0x10206 __ALIGN_SIZE+0xf206 rsp 0xffff80003c96d178 ss 0x10 memcpy+0x19: repe movsq (%rsi),%es:(%rdi) ddb> show proc PROC (syz-executor) tid=214501 pid=59533 tcnt=3 stat=onproc flags process=0 proc=4000000 runpri=32, usrpri=83, slppri=32, nice=20 wchan=0x0, wmesg=, ps_single=0x0 scnt=0 ecnt=0 forw=0xffffffffffffffff, list=0xffff80002a7cda08,0xffff80002a7c3a10 process=0xffff80002a7edb10 user=0xffff80003c968000, vmspace=0xfffffd806ba0b460 estcpu=33, cpticks=1, pctcpu=0.0, user=0, sys=1, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 9916 124273 89298 0 2 0 syz-executor 9916 217869 89298 0 2 0x4000000 syz-executor 63583 372271 33993 0 2 0xc80 syz-executor 63583 456577 33993 0 3 0x4000080 rest syz-executor 63583 453855 33993 0 3 0x4000080 fsleep syz-executor 59533 190026 4621 0 2 0 syz-executor *59533 214501 4621 0 7 0x4000000 syz-executor 59533 56856 4621 0 3 0x4000080 fsleep syz-executor 18276 418554 51208 0 2 0 syz-executor 18276 392748 51208 0 2 0x4000000 syz-executor 16991 373073 0 0 3 0x14200 acct acct 34036 517989 1 0 3 0x100083 ttyin getty 33993 137191 47898 0 3 0x82 nanoslp syz-executor 51208 391697 47898 0 3 0x82 nanoslp syz-executor 91844 205714 47898 0 3 0x82 wait syz-executor 73349 442110 47898 0 2 0x2 syz-executor 65849 214102 47898 0 2 0x2 syz-executor 33137 435414 0 0 3 0x14280 nfsidl nfsio 95976 285351 0 0 3 0x14280 nfsidl nfsio 58231 126405 0 0 3 0x14280 nfsidl nfsio 72665 263519 0 0 3 0x14280 nfsidl nfsio 25066 31761 0 0 3 0x14280 nfsidl nfsio 5283 100843 0 0 3 0x14280 nfsidl nfsio 66675 515728 0 0 3 0x14280 nfsidl nfsio 64623 154139 0 0 3 0x14280 nfsidl nfsio 966 427377 0 0 3 0x14280 nfsidl nfsio 37712 155511 0 0 3 0x14280 nfsidl nfsio 55983 54494 0 0 3 0x14280 nfsidl nfsio 78255 162815 0 0 3 0x14280 nfsidl nfsio 32064 446239 0 0 3 0x14280 nfsidl nfsio 63064 62611 0 0 3 0x14280 nfsidl nfsio 24666 169196 0 0 3 0x14280 nfsidl nfsio 54427 462199 0 0 3 0x14280 nfsidl nfsio 29995 355745 0 0 3 0x14280 nfsidl nfsio 99921 235500 0 0 3 0x14280 nfsidl nfsio 61318 493353 0 0 3 0x14280 nfsidl nfsio 25042 334627 0 0 3 0x14280 nfsidl nfsio 23316 276611 0 0 3 0x14200 bored sosplice 89298 124763 47898 0 2 0xc82 syz-executor 4621 141286 47898 0 3 0x82 nanoslp syz-executor 26537 250524 47898 0 3 0x82 wait syz-executor 47898 394680 98687 0 3 0x82 kqread syz-executor 98687 35165 57985 0 3 0x10008a sigsusp ksh 57985 478361 40063 0 3 0x98 kqread sshd-session 40063 105191 24298 0 3 0x92 kqread sshd-session 24298 152920 1 0 3 0x88 kqread sshd 10679 337450 84576 73 3 0x1100090 kqread syslogd 84576 415875 1 0 3 0x100082 sbwait syslogd 45704 44863 1 0 3 0x100080 kqread resolvd 97692 459020 15322 77 2 0x100092 dhcpleased 89754 338292 15322 77 3 0x100092 kqread dhcpleased 15322 374416 1 0 3 0x80 kqread dhcpleased 78901 205277 0 0 3 0x14200 bored smr 17006 201958 0 0 2 0x14200 zerothread 56426 403002 0 0 3 0x14200 aiodoned aiodoned 39824 391308 0 0 3 0x14200 syncer update 71387 249006 0 0 3 0x14200 cleaner cleaner 27474 357217 0 0 3 0x14200 reaper reaper 67207 336487 0 0 3 0x14200 pgdaemon pagedaemon 44934 292644 0 0 3 0x14200 bored viomb 50283 152284 0 0 3 0x40014200 acpi0 acpi0 57367 437142 0 0 3 0x14200 bored softnet0 59557 41086 0 0 3 0x14200 bored systqmp 20343 196551 0 0 3 0x14200 bored systq 85328 1857 0 0 3 0x40014200 tmoslp softclock 1554 315202 0 0 3 0x40014200 idle0 1 78819 0 0 3 0x82 wait init 0 0 -1 0 3 0x10010200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10222 11080K 11732K 166960K 12899 0 pcb 20 15K 17K 166960K 457 0 rtable 247 11K 11K 166960K 609 0 pf 33 13K 67482K 166960K 128 0 ifaddr 44 8K 8K 166960K 115 0 ifgroup 54 2K 2K 166960K 170 0 sysctl 4 1K 9K 166960K 22 0 counters 33 17K 18K 166960K 93 0 ioctlops 0 0K 4K 166960K 388 0 iov 0 0K 24K 166960K 90 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1454 91K 92K 166960K 2649 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 1K 9K 166960K 32 0 VM map 2 1K 1K 166960K 2 0 sem 12 0K 1K 166960K 87 0 dirhash 12 2K 2K 166960K 42 0 ACPI 1732 201K 291K 166960K 11958 0 file desc 16 57K 240K 166960K 1512 0 sigio 0 0K 0K 166960K 30 0 proc 60 59K 124K 166960K 782 0 subproc 72 4K 4K 166960K 126 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 0 0K 0K 166960K 107 0 in_multi 98 7K 7K 166960K 202 0 ether_multi 1 0K 0K 166960K 12 0 mrt 1 0K 0K 166960K 9 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 253 1129K 1129K 166960K 253 0 exec 0 0K 2K 166960K 897 0 fusefs mount 1 32K 32K 166960K 1 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 220 160K 174K 166960K 13788 0 UVM aobj 79 3K 3K 166960K 88 0 pinsyscall 37 74K 96K 166960K 2643 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 0K 166960K 78 0 NDP 12 0K 2K 166960K 76 0 temp 80 8648K 8896K 166960K 51804 0 kqueue 14 22K 38K 166960K 279 0 SYN cache 2 16K 16K 166960K 2 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle rtpcb 120 371 0 368 3 2 1 3 0 8 0 rtentry 136 187 0 93 4 0 4 4 0 8 0 unpcb 144 1391 0 1372 11 9 2 10 0 8 1 syncache 336 4 0 4 1 1 0 1 0 8 0 tcpqe 32 1 0 1 1 1 0 1 0 8 0 tcpcb 736 578 0 573 7 5 2 7 0 8 1 arp 96 22 0 9 1 0 1 1 0 8 0 ipq 40 6 0 2 1 0 1 1 0 8 0 ipqe 40 9 0 5 1 0 1 1 0 8 0 inpcb 328 1701 0 1688 13 9 4 12 0 8 2 ip6q 72 7 0 2 1 0 1 1 0 8 0 ip6af 40 9 0 4 1 0 1 1 0 8 0 nd6 112 36 0 16 1 0 1 1 0 8 0 pkpcb 40 7 0 7 2 1 1 1 0 8 1 kcovpl 48 14 0 6 1 0 1 1 0 8 0 mppekey 1024 2 0 2 2 1 1 1 0 8 1 ppxss 1072 43 0 43 2 1 1 1 0 8 1 pppxif 1384 7 0 7 1 1 0 1 0 8 0 pfrktable 1344 1 0 1 1 1 0 1 0 8 0 pftag 88 1 0 0 1 0 1 1 0 8 0 pfstkey 128 2 0 2 1 1 0 1 0 8 0 pfstate 384 1 0 1 1 1 0 1 0 8 0 pfrule 1344 1 0 1 1 1 0 1 0 8 0 rttmr 136 1 0 1 1 1 0 1 0 8 0 art_heap8 4096 4 0 0 4 0 4 4 0 8 0 art_heap4 256 862 0 415 31 1 30 31 0 8 1 art_table 40 866 0 415 5 0 5 5 0 8 0 art_node 32 184 0 102 1 0 1 1 0 8 0 sysvmsgpl 40 22 0 18 1 0 1 1 0 8 0 semupl 112 2 0 2 2 1 1 1 0 8 1 semapl 112 82 0 72 1 0 1 1 0 8 0 shmpl 112 85 0 9 3 0 3 3 0 8 0 dirhash 1024 39 0 22 3 0 3 3 0 8 0 dino2pl 256 4031 0 2526 95 0 95 95 0 8 0 ffsino 256 4031 0 2526 95 0 95 95 0 8 0 nchpl 144 5994 0 4302 64 0 64 64 0 8 0 rtmask 32 12 0 12 2 1 1 1 0 8 1 vnodes 216 4850 0 0 270 0 270 270 0 8 0 namei 1024 20910 0 20908 2 1 1 2 0 8 0 kstatmem 264 96 0 72 3 0 3 3 0 8 1 scsiplug 72 6 0 6 1 1 0 1 0 8 0 scxspl 216 25348 0 25348 15 7 8 8 1 8 8 plimitpl 152 552 0 536 1 0 1 1 0 8 0 sigapl 424 1742 0 1679 8 0 8 8 0 8 0 knotepl 120 78917 0 78863 44 31 13 18 0 8 8 kqueuepl 184 672 0 661 6 2 4 4 0 8 3 pipepl 304 342 0 314 6 3 3 6 0 8 0 fdescpl 448 1700 0 1672 5 1 4 5 0 8 0 filepl 120 11658 0 11438 16 6 10 15 0 8 1 lockfpl 104 395 0 393 1 0 1 1 0 8 0 lockfspl 48 169 0 167 1 0 1 1 0 8 0 sessionpl 144 29 0 21 1 0 1 1 0 8 0 pgrppl 48 55 0 39 1 0 1 1 0 8 0 ucredpl 104 1863 0 1851 1 0 1 1 0 8 0 zombiepl 144 1681 0 1679 1 0 1 1 0 8 0 processpl 1152 1742 0 1679 5 0 5 5 0 8 0 procpl 664 3623 0 3554 7 0 7 7 0 8 0 sosppl 168 15 0 15 1 0 1 1 0 8 1 sockpl 552 3528 0 3493 24 19 5 20 0 8 1 mcl64k 65536 116 0 116 2 1 1 1 0 8 1 mcl16k 16384 3 0 3 1 1 0 1 0 8 0 mcl8k 8192 26 0 26 2 1 1 1 0 8 1 mcl4k 4096 4112 0 4060 13 5 8 13 0 8 0 mcl2k 2048 1953 0 1938 5 2 3 4 0 8 1 mtagpl 96 14 0 8 1 0 1 1 0 8 0 mbufpl 256 103684 0 103529 114 99 15 114 0 8 0 bufpl 280 9790 0 3562 446 0 446 446 0 8 0 anonpl 24 253228 0 249560 90 42 48 73 0 187 16 amapchunkpl 152 46445 0 45976 40 6 34 34 0 158 12 amappl16 200 5241 0 5205 50 37 13 28 0 8 8 amappl15 192 7 0 7 1 1 0 1 0 8 0 amappl14 184 123 0 113 1 0 1 1 0 8 0 amappl13 176 27 0 27 1 1 0 1 0 8 0 amappl12 168 2416 0 2387 3 1 2 3 0 8 0 amappl11 160 45 0 35 1 0 1 1 0 8 0 amappl10 152 3 0 3 1 1 0 1 0 8 0 amappl9 144 248 0 248 1 1 0 1 0 8 0 amappl8 136 25 0 23 1 0 1 1 0 8 0 amappl7 128 122 0 111 1 0 1 1 0 8 0 amappl6 120 234 0 230 1 0 1 1 0 8 0 amappl5 112 140 0 133 1 0 1 1 0 8 0 amappl4 104 283 0 266 1 0 1 1 0 8 0 amappl3 96 9494 0 9393 4 1 3 4 0 8 0 amappl2 88 723 0 665 2 0 2 2 0 8 0 amappl1 80 14213 0 13662 14 1 13 14 0 8 0 amappl 88 12796 0 12641 5 0 5 5 0 92 0 uvmvnodes 80 4850 0 0 99 0 99 99 0 8 0 dma4096 4096 3 0 3 1 1 0 1 0 8 0 dma2048 2048 1 0 1 1 1 0 1 0 8 0 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 8 0 8 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 87 0 9 2 0 2 2 0 8 0 uaddrrnd 24 1700 0 1672 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 1700 0 1672 1 0 1 1 0 8 0 vmmpekpl 168 13189 0 13130 3 0 3 3 0 8 0 vmmpepl 168 109839 0 108009 114 18 96 104 0 357 8 vmsppl 368 1699 0 1672 4 1 3 4 0 8 0 rwobjpl 40 33776 0 27998 60 0 60 60 0 8 0 pdppl 4096 3407 0 3344 117 50 67 83 0 8 4 pvpl 32 715471 0 706451 182 64 118 159 0 265 23 pmappl 216 1699 0 1672 3 0 3 3 0 8 0 extentpl 40 46 0 28 1 0 1 1 0 8 0 phpool 112 507 0 173 13 1 12 13 0 8 0 ddb> machine ddbcpu 0 No such command ddb> trace memcpy() at memcpy+0x19 rtm_msg1(14,ffff80003c96d2a8) at rtm_msg1+0x306 sys/net/rtsock.c:1627 rtm_addr(14,ffff800001668f00) at rtm_addr+0xb9 sys/net/rtsock.c:-1 in6_update_ifa(ffff800000b13800,ffff80003c96d6c0,ffff800001668f00) at in6_update_ifa+0x199a sys/netinet6/in6.c:741 in6_ioctl_change_ifaddr(8080691a,ffff80003c96d6c0,ffff800000b13800) at in6_ioctl_change_ifaddr+0x638 sys/netinet6/in6.c:352 ifioctl(ffff80000148b9f0,8080691a,ffff80003c96d6c0,ffff80003c94b248) at ifioctl+0x1515 pru_control sys/sys/protosw.h:352 [inline] ifioctl(ffff80000148b9f0,8080691a,ffff80003c96d6c0,ffff80003c94b248) at ifioctl+0x1515 sys/net/if.c:2480 sys_ioctl(ffff80003c94b248,ffff80003c96d890,ffff80003c96d7e0) at sys_ioctl+0x660 sys/kern/sys_generic.c:-1 syscall(ffff80003c96d890) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80003c96d890) at syscall+0x962 sys/arch/amd64/amd64/trap.c:748 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x8939095a2b0, count: -9 ddb> machine ddbcpu 1 No such command ddb> trace memcpy() at memcpy+0x19 rtm_msg1(14,ffff80003c96d2a8) at rtm_msg1+0x306 sys/net/rtsock.c:1627 rtm_addr(14,ffff800001668f00) at rtm_addr+0xb9 sys/net/rtsock.c:-1 in6_update_ifa(ffff800000b13800,ffff80003c96d6c0,ffff800001668f00) at in6_update_ifa+0x199a sys/netinet6/in6.c:741 in6_ioctl_change_ifaddr(8080691a,ffff80003c96d6c0,ffff800000b13800) at in6_ioctl_change_ifaddr+0x638 sys/netinet6/in6.c:352 ifioctl(ffff80000148b9f0,8080691a,ffff80003c96d6c0,ffff80003c94b248) at ifioctl+0x1515 pru_control sys/sys/protosw.h:352 [inline] ifioctl(ffff80000148b9f0,8080691a,ffff80003c96d6c0,ffff80003c94b248) at ifioctl+0x1515 sys/net/if.c:2480 sys_ioctl(ffff80003c94b248,ffff80003c96d890,ffff80003c96d7e0) at sys_ioctl+0x660 sys/kern/sys_generic.c:-1 syscall(ffff80003c96d890) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80003c96d890) at syscall+0x962 sys/arch/amd64/amd64/trap.c:748 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x8939095a2b0, count: -9