uvm_fault(0xffffffff83953040, 0xffff80000150904a, 0, 1) -> e kernel: page fault trap, code=0 Stopped at arp_rtrequest+0x6a4: movzwl 0xc(%rcx,%rbx,1),%ecx TID PID UID PRFLAGS PFLAGS CPU COMMAND *303346 42724 0 0 0x4000000 0 syz-executor arp_rtrequest(ffff80000019f058,1,fffffd806ffd5c38) at arp_rtrequest+0x6a4 arprequest sys/netinet/if_ether.c:325 [inline] arp_rtrequest(ffff80000019f058,1,fffffd806ffd5c38) at arp_rtrequest+0x6a4 sys/netinet/if_ether.c:226 rtrequest(1,ffff800034d08e20,0,ffff800034d08d90,16) at rtrequest+0xf08 sys/net/route.c:1114 rtm_output(ffff8000014e1b00,ffff800034d08ec8,ffff800034d08e20,0,16) at rtm_output+0x91a sys/net/rtsock.c:953 route_output(fffffd807a5d6a00,ffff8000014f8f38) at route_output+0xa2b sys/net/rtsock.c:858 route_send(ffff8000014f8f38,fffffd807a5d6a00,0,0) at route_send+0xd7 sys/net/rtsock.c:322 sosend(ffff8000014f8f38,0,ffff800034d09078,0,0,808) at sosend+0x804 sys/kern/uipc_socket.c:-1 sendit(ffff80003c9387f8,4,ffff800034d09170,808,ffff800034d09210) at sendit+0x5a5 sys/kern/uipc_syscalls.c:785 sys_sendto(ffff80003c9387f8,ffff800034d092c0,ffff800034d09210) at sys_sendto+0x8d sys/kern/uipc_syscalls.c:563 syscall(ffff800034d092c0) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff800034d092c0) at syscall+0x962 sys/arch/amd64/amd64/trap.c:765 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x7598ad2d840, count: 5 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic *cpu0: uvm_fault(0xffffffff83953040, 0xffff80000150904a, 0, 1) -> e ddb> trace arp_rtrequest(ffff80000019f058,1,fffffd806ffd5c38) at arp_rtrequest+0x6a4 arprequest sys/netinet/if_ether.c:325 [inline] arp_rtrequest(ffff80000019f058,1,fffffd806ffd5c38) at arp_rtrequest+0x6a4 sys/netinet/if_ether.c:226 rtrequest(1,ffff800034d08e20,0,ffff800034d08d90,16) at rtrequest+0xf08 sys/net/route.c:1114 rtm_output(ffff8000014e1b00,ffff800034d08ec8,ffff800034d08e20,0,16) at rtm_output+0x91a sys/net/rtsock.c:953 route_output(fffffd807a5d6a00,ffff8000014f8f38) at route_output+0xa2b sys/net/rtsock.c:858 route_send(ffff8000014f8f38,fffffd807a5d6a00,0,0) at route_send+0xd7 sys/net/rtsock.c:322 sosend(ffff8000014f8f38,0,ffff800034d09078,0,0,808) at sosend+0x804 sys/kern/uipc_socket.c:-1 sendit(ffff80003c9387f8,4,ffff800034d09170,808,ffff800034d09210) at sendit+0x5a5 sys/kern/uipc_syscalls.c:785 sys_sendto(ffff80003c9387f8,ffff800034d092c0,ffff800034d09210) at sys_sendto+0x8d sys/kern/uipc_syscalls.c:563 syscall(ffff800034d092c0) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff800034d092c0) at syscall+0x962 sys/arch/amd64/amd64/trap.c:765 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x7598ad2d840, count: -10 ddb> show registers rdi 0xffff80002a8e6000 rsi 0x38d rbp 0xffff800034d08c70 rbx 0xde rdx 0xffff80002a8e6000 rcx 0xffff800001508f60 rax 0xfffffd807a5d6be0 r8 0x20 r9 0xfffffd806ffd5c38 r10 0xc47420ed014d595c r11 0x796558072c6ae6fb r12 0x31 r13 0xfffffd807a5d6b00 r14 0xfffffd806ffd5c38 r15 0xffff80000019f058 rip 0xffffffff82b4f444 arp_rtrequest+0x6a4 cs 0x8 rflags 0x10246 __ALIGN_SIZE+0xf246 rsp 0xffff800034d08bf0 ss 0x10 arp_rtrequest+0x6a4: movzwl 0xc(%rcx,%rbx,1),%ecx ddb> show proc PROC (syz-executor) tid=303346 pid=42724 tcnt=2 stat=onproc flags process=0 proc=4000000 runpri=32, usrpri=50, slppri=32, nice=20 wchan=0x0, wmesg=, ps_single=0x0 scnt=0 ecnt=0 forw=0xffffffffffffffff, list=0xffff80003c939a20,0xffffffff838bb7e8 process=0xffff80003c962420 user=0xffff800034d04000, vmspace=0xfffffd806cb1be70 estcpu=36, cpticks=0, pctcpu=0.0, user=0, sys=0, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 42724 125028 86031 0 2 0 syz-executor *42724 303346 86031 0 7 0x4000000 syz-executor 87465 374998 14517 0 2 0 syz-executor 93209 356019 31932 0 2 0 syz-executor 93209 119813 31932 0 3 0x4000080 fsleep syz-executor 93209 412104 31932 0 2 0x4000000 syz-executor 80491 54934 99541 0 2 0 syz-executor 80491 445657 99541 0 3 0x4000080 piperd syz-executor 80491 480477 99541 0 3 0x4000080 fsleep syz-executor 58470 497580 55277 0 2 0xc80 syz-executor 58470 378699 55277 0 3 0x4000080 kqsel syz-executor 58470 321298 55277 0 3 0x4000080 fsleep syz-executor 14140 183801 89048 0 3 0x80 nanoslp syz-executor 14140 357287 89048 0 3 0x4000080 fsleep syz-executor 14140 383764 89048 0 3 0x4000080 bell syz-executor 87313 423988 96477 0 2 0xc80 syz-executor 87313 409856 96477 0 3 0x4000080 kqsel syz-executor 87313 426508 96477 0 3 0x4000080 fsleep syz-executor 96477 155690 22040 0 3 0x82 nanoslp syz-executor 65504 331835 0 0 3 0x14280 nfsidl nfsio 93444 31062 0 0 3 0x14280 nfsidl nfsio 20161 258098 0 0 3 0x14280 nfsidl nfsio 1738 266275 0 0 3 0x14280 nfsidl nfsio 49310 379667 0 0 3 0x14280 nfsidl nfsio 32181 80017 0 0 3 0x14280 nfsidl nfsio 33139 156806 0 0 3 0x14280 nfsidl nfsio 89603 368725 0 0 3 0x14280 nfsidl nfsio 81614 258758 0 0 3 0x14280 nfsidl nfsio 17526 374701 0 0 3 0x14280 nfsidl nfsio 7530 194287 0 0 3 0x14280 nfsidl nfsio 34539 511934 0 0 3 0x14280 nfsidl nfsio 50420 487956 0 0 3 0x14280 nfsidl nfsio 59761 266647 0 0 3 0x14280 nfsidl nfsio 36272 279784 0 0 3 0x14280 nfsidl nfsio 50402 4675 0 0 3 0x14280 nfsidl nfsio 12895 102039 0 0 3 0x14280 nfsidl nfsio 43287 446100 0 0 3 0x14280 nfsidl nfsio 35833 223505 0 0 3 0x14280 nfsidl nfsio 66007 438182 0 0 3 0x14280 nfsidl nfsio 68947 408247 0 0 3 0x14200 acct acct 57492 344791 1 0 3 0x100083 ttyin getty 14517 263189 22040 0 3 0x82 nanoslp syz-executor 99541 68159 22040 0 3 0x82 nanoslp syz-executor 31932 406157 22040 0 3 0x82 nanoslp syz-executor 67874 213106 22040 0 2 0x2 syz-executor 89048 6145 22040 0 3 0x82 nanoslp syz-executor 55277 290341 22040 0 3 0x82 nanoslp syz-executor 86031 155953 22040 0 3 0x82 nanoslp syz-executor 22040 234999 50695 0 2 0x2 syz-executor 50695 67943 46123 0 3 0x10008a sigsusp ksh 46123 307972 52502 0 3 0x98 kqread sshd-session 52502 421197 90078 0 3 0x92 kqread sshd-session 90078 265466 1 0 3 0x88 kqread sshd 2459 300925 16088 73 3 0x1100090 kqread syslogd 16088 480244 1 0 3 0x100082 sbwait syslogd 74545 477910 1 0 3 0x100080 kqread resolvd 41404 359364 25798 77 3 0x100092 kqread dhcpleased 21382 270925 25798 77 3 0x100092 kqread dhcpleased 25798 64527 1 0 3 0x80 kqread dhcpleased 83383 63833 0 0 3 0x14200 bored smr 31978 461553 0 0 2 0x14200 zerothread 82788 375403 0 0 3 0x14200 aiodoned aiodoned 61982 250075 0 0 3 0x14200 syncer update 97121 57588 0 0 3 0x14200 cleaner cleaner 11692 70412 0 0 3 0x14200 reaper reaper 43329 353425 0 0 3 0x14200 pgdaemon pagedaemon 68295 298646 0 0 3 0x14200 bored viomb 43619 151981 0 0 3 0x40014200 acpi0 acpi0 48023 384967 0 0 2 0x14200 softnet0 97171 508795 0 0 2 0x14200 systqmp 97312 114283 0 0 3 0x14200 bored systq 9519 522732 0 0 3 0x40014200 tmoslp softclock 45852 346638 0 0 3 0x40014200 idle0 1 425538 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10195 11206K 11538K 166960K 12491 0 pcb 18 15K 16K 166960K 235 0 rtable 244 10K 10K 166960K 580 0 pf 35 13K 16K 166960K 99 0 ifaddr 47 8K 8K 166960K 86 0 ifgroup 54 2K 2K 166960K 109 0 sysctl 4 1K 9K 166960K 16 0 counters 37 18K 18K 166960K 70 0 ioctlops 0 0K 4K 166960K 131 0 iov 1 1K 16K 166960K 65 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1402 88K 88K 166960K 2079 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 2K 6K 166960K 11 0 VM map 2 1K 1K 166960K 2 0 sem 12 0K 0K 166960K 96 0 dirhash 9 1K 2K 166960K 18 0 ACPI 1692 195K 286K 166960K 12470 0 file desc 17 61K 240K 166960K 823 0 sigio 0 0K 0K 166960K 16 0 proc 61 67K 100K 166960K 571 0 subproc 72 4K 4K 166960K 81 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 0 0K 0K 166960K 104 0 in_multi 95 7K 7K 166960K 157 0 ether_multi 1 0K 0K 166960K 18 0 mrt 3 0K 0K 166960K 8 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 79 360K 360K 166960K 79 0 exec 0 0K 1K 166960K 476 0 fusefs mount 1 32K 32K 166960K 1 0 pfkey data 0 0K 0K 166960K 2 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 225 151K 167K 166960K 8862 0 UVM aobj 30 4K 4K 166960K 30 0 pinsyscall 38 76K 94K 166960K 1938 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 0K 166960K 61 0 NDP 13 0K 2K 166960K 52 0 temp 59 8664K 8731K 166960K 20760 0 kqueue 16 26K 33K 166960K 154 0 SYN cache 2 16K 16K 166960K 2 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle rtpcb 120 94 0 89 1 0 1 1 0 8 0 rtentry 136 155 0 54 4 0 4 4 0 8 0 unpcb 144 534 0 519 6 0 6 6 0 8 5 syncache 336 7 0 7 2 1 1 1 0 8 1 tcpqe 32 3 0 3 1 0 1 1 0 8 1 tcpcb 736 367 0 359 7 0 7 7 0 8 6 arp 96 26 0 8 1 0 1 1 0 8 0 ipq 40 6 0 0 1 0 1 1 0 8 0 ipqe 40 7 0 1 1 0 1 1 0 8 0 inpcb 328 883 0 868 8 1 7 7 0 8 5 ip6q 72 5 0 2 1 0 1 1 0 8 0 ip6af 40 9 0 6 1 0 1 1 0 8 0 nd6 112 33 0 7 1 0 1 1 0 8 0 pkpcb 40 6 0 6 1 0 1 1 0 8 1 kcovpl 48 9 0 1 1 0 1 1 0 8 0 ppxss 1072 33 0 28 1 0 1 1 0 8 0 pppxif 1384 4 0 4 1 0 1 1 0 8 1 pfstscr 40 1 0 1 1 0 1 1 0 8 1 pfrktable 1344 1 0 1 1 0 1 1 0 8 1 pfstlim 224 1 0 1 1 0 1 1 0 8 1 pfstkey 128 2 0 2 1 0 1 1 0 8 1 pfstate 384 1 0 1 1 0 1 1 0 8 1 pfrule 1344 1 0 1 1 0 1 1 0 8 1 rttmr 136 2 0 2 1 0 1 1 0 8 1 art_heap8 4096 2 0 0 2 0 2 2 0 8 0 art_heap4 256 635 0 194 31 0 31 31 0 8 3 art_table 40 637 0 194 5 0 5 5 0 8 0 art_node 32 154 0 67 1 0 1 1 0 8 0 sysvmsgpl 40 10 0 5 1 0 1 1 0 8 0 semupl 112 1 0 1 1 0 1 1 0 8 1 semapl 112 92 0 82 1 0 1 1 0 8 0 shmpl 112 26 0 0 1 0 1 1 0 8 0 dirhash 1024 21 0 14 3 0 3 3 0 8 1 dino2pl 256 2832 0 1326 95 0 95 95 0 8 0 ffsino 256 2832 0 1326 95 0 95 95 0 8 0 nchpl 144 3968 0 2283 64 0 64 64 0 8 0 rtmask 32 10 0 7 1 0 1 1 0 8 0 vnodes 216 3350 0 0 187 0 187 187 0 8 0 namei 1024 13730 0 13729 4 2 2 2 0 8 1 vcpupl 3904 1 0 0 1 0 1 1 0 8 0 vmpool 800 1 0 0 1 0 1 1 0 8 0 kstatmem 264 68 0 42 2 0 2 2 0 8 0 scsiplug 72 2 0 2 1 0 1 1 0 8 1 scxspl 216 15883 0 15883 9 1 8 8 1 8 8 plimitpl 152 270 0 252 1 0 1 1 0 8 0 sigapl 424 1123 0 1060 8 0 8 8 0 8 0 knotepl 120 30104 0 30042 18 8 10 18 0 8 7 kqueuepl 184 549 0 534 4 0 4 4 0 8 2 pipepl 304 246 0 218 8 0 8 8 0 8 5 fdescpl 448 1089 0 1060 5 1 4 5 0 8 0 filepl 120 7442 0 7211 13 0 13 13 0 8 4 lockfpl 104 332 0 329 1 0 1 1 0 8 0 lockfspl 48 151 0 148 1 0 1 1 0 8 0 sessionpl 144 27 0 19 1 0 1 1 0 8 0 pgrppl 48 42 0 26 1 0 1 1 0 8 0 ucredpl 104 961 0 950 1 0 1 1 0 8 0 zombiepl 144 1060 0 1060 2 1 1 1 0 8 1 processpl 1152 1123 0 1060 5 0 5 5 0 8 0 procpl 664 2151 0 2077 7 0 7 7 0 8 0 sosppl 176 8 0 7 1 0 1 1 0 8 0 sockpl 552 1536 0 1500 16 4 12 16 0 8 8 mcl64k 65536 108 0 107 1 0 1 1 0 8 0 mcl16k 16384 3 0 3 1 0 1 1 0 8 1 mcl12k 12288 3 0 3 1 0 1 1 0 8 1 mcl8k 8192 9 0 9 2 1 1 1 0 8 1 mcl4k 4096 3409 0 3353 15 6 9 15 0 8 1 mcl2k 2048 1399 0 1385 3 0 3 3 0 8 1 mtagpl 96 167 0 7 5 1 4 4 0 8 0 mbufpl 256 97375 0 96999 127 93 34 127 0 8 8 bufpl 280 7575 0 1354 445 0 445 445 0 8 0 anonpl 24 189261 0 186121 55 4 51 51 0 187 25 amapchunkpl 152 29357 0 28894 33 0 33 33 0 158 12 amappl16 200 3799 0 3769 24 12 12 15 0 8 8 amappl15 192 9 0 9 2 1 1 1 0 8 1 amappl14 184 18 0 18 1 1 0 1 0 8 0 amappl13 176 439 0 437 1 0 1 1 0 8 0 amappl12 168 1477 0 1439 2 0 2 2 0 8 0 amappl11 160 8 0 8 1 1 0 1 0 8 0 amappl10 152 67 0 57 1 0 1 1 0 8 0 amappl9 144 241 0 241 1 1 0 1 0 8 0 amappl8 136 22 0 21 1 0 1 1 0 8 0 amappl7 128 107 0 105 1 0 1 1 0 8 0 amappl6 120 285 0 272 1 0 1 1 0 8 0 amappl5 112 81 0 73 1 0 1 1 0 8 0 amappl4 104 408 0 385 1 0 1 1 0 8 0 amappl3 96 5006 0 4919 3 0 3 3 0 8 0 amappl2 88 1255 0 1184 2 0 2 2 0 8 0 amappl1 80 12735 0 12195 13 0 13 13 0 8 0 amappl 88 8007 0 7850 5 0 5 5 0 92 0 uvmvnodes 80 119 0 0 3 0 3 3 0 8 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 29 0 0 1 0 1 1 0 8 0 uaddrrnd 24 1089 0 1060 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 1089 0 1060 1 0 1 1 0 8 0 vmmpekpl 168 10520 0 10493 2 0 2 2 0 8 0 vmmpepl 168 76339 0 74562 97 1 96 96 0 357 15 vmsppl 368 1088 0 1060 4 1 3 4 0 8 0 rwobjpl 40 22823 0 21835 14 0 14 14 0 8 0 pdppl 4096 2187 0 2121 105 37 68 83 0 8 2 pvpl 32 493751 0 485025 139 1 138 138 0 265 51 pmappl 216 1089 0 1060 3 0 3 3 0 8 0 extentpl 40 45 0 27 1 0 1 1 0 8 0 phpool 112 505 0 144 13 0 13 13 0 8 0 ddb> machine ddbcpu 0 No such command ddb> trace arp_rtrequest(ffff80000019f058,1,fffffd806ffd5c38) at arp_rtrequest+0x6a4 arprequest sys/netinet/if_ether.c:325 [inline] arp_rtrequest(ffff80000019f058,1,fffffd806ffd5c38) at arp_rtrequest+0x6a4 sys/netinet/if_ether.c:226 rtrequest(1,ffff800034d08e20,0,ffff800034d08d90,16) at rtrequest+0xf08 sys/net/route.c:1114 rtm_output(ffff8000014e1b00,ffff800034d08ec8,ffff800034d08e20,0,16) at rtm_output+0x91a sys/net/rtsock.c:953 route_output(fffffd807a5d6a00,ffff8000014f8f38) at route_output+0xa2b sys/net/rtsock.c:858 route_send(ffff8000014f8f38,fffffd807a5d6a00,0,0) at route_send+0xd7 sys/net/rtsock.c:322 sosend(ffff8000014f8f38,0,ffff800034d09078,0,0,808) at sosend+0x804 sys/kern/uipc_socket.c:-1 sendit(ffff80003c9387f8,4,ffff800034d09170,808,ffff800034d09210) at sendit+0x5a5 sys/kern/uipc_syscalls.c:785 sys_sendto(ffff80003c9387f8,ffff800034d092c0,ffff800034d09210) at sys_sendto+0x8d sys/kern/uipc_syscalls.c:563 syscall(ffff800034d092c0) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff800034d092c0) at syscall+0x962 sys/arch/amd64/amd64/trap.c:765 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x7598ad2d840, count: -10 ddb> machine ddbcpu 1 No such command ddb> trace arp_rtrequest(ffff80000019f058,1,fffffd806ffd5c38) at arp_rtrequest+0x6a4 arprequest sys/netinet/if_ether.c:325 [inline] arp_rtrequest(ffff80000019f058,1,fffffd806ffd5c38) at arp_rtrequest+0x6a4 sys/netinet/if_ether.c:226 rtrequest(1,ffff800034d08e20,0,ffff800034d08d90,16) at rtrequest+0xf08 sys/net/route.c:1114 rtm_output(ffff8000014e1b00,ffff800034d08ec8,ffff800034d08e20,0,16) at rtm_output+0x91a sys/net/rtsock.c:953 route_output(fffffd807a5d6a00,ffff8000014f8f38) at route_output+0xa2b sys/net/rtsock.c:858 route_send(ffff8000014f8f38,fffffd807a5d6a00,0,0) at route_send+0xd7 sys/net/rtsock.c:322 sosend(ffff8000014f8f38,0,ffff800034d09078,0,0,808) at sosend+0x804 sys/kern/uipc_socket.c:-1 sendit(ffff80003c9387f8,4,ffff800034d09170,808,ffff800034d09210) at sendit+0x5a5 sys/kern/uipc_syscalls.c:785 sys_sendto(ffff80003c9387f8,ffff800034d092c0,ffff800034d09210) at sys_sendto+0x8d sys/kern/uipc_syscalls.c:563 syscall(ffff800034d092c0) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff800034d092c0) at syscall+0x962 sys/arch/amd64/amd64/trap.c:765 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x7598ad2d840, count: -10