uvm_fault(0xffffffff838860e0, 0xffff80000161f00a, 0, 1) -> e kernel: page fault trap, code=0 Stopped at arp_rtrequest+0x6a4: movzwl 0xc(%rcx,%rbx,1),%ecx TID PID UID PRFLAGS PFLAGS CPU COMMAND *159839 94783 0 0 0x4000000 0 syz-executor arp_rtrequest(ffff800000039058,1,fffffd8075848e58) at arp_rtrequest+0x6a4 arprequest sys/netinet/if_ether.c:325 [inline] arp_rtrequest(ffff800000039058,1,fffffd8075848e58) at arp_rtrequest+0x6a4 sys/netinet/if_ether.c:226 rtm_output(ffff800001422300,ffff80003c93b208,ffff80003c93b160,40,16) at rtm_output+0xda5 sys/net/rtsock.c:1173 route_output(fffffd8067083300,ffff800001520d40) at route_output+0xa2b sys/net/rtsock.c:858 route_send(ffff800001520d40,fffffd8067083300,0,0) at route_send+0xd7 sys/net/rtsock.c:322 sosend(ffff800001520d40,0,ffff80003c93b3b8,0,0,80a) at sosend+0x804 sys/kern/uipc_socket.c:-1 sendit(ffff80002a85efc8,3,ffff80003c93b4b0,80a,ffff80003c93b550) at sendit+0x5a5 sys/kern/uipc_syscalls.c:785 sys_sendto(ffff80002a85efc8,ffff80003c93b600,ffff80003c93b550) at sys_sendto+0x8d sys/kern/uipc_syscalls.c:563 syscall(ffff80003c93b600) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80003c93b600) at syscall+0x962 sys/arch/amd64/amd64/trap.c:748 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x6acd23071d0, count: 6 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic *cpu0: uvm_fault(0xffffffff838860e0, 0xffff80000161f00a, 0, 1) -> e ddb> trace arp_rtrequest(ffff800000039058,1,fffffd8075848e58) at arp_rtrequest+0x6a4 arprequest sys/netinet/if_ether.c:325 [inline] arp_rtrequest(ffff800000039058,1,fffffd8075848e58) at arp_rtrequest+0x6a4 sys/netinet/if_ether.c:226 rtm_output(ffff800001422300,ffff80003c93b208,ffff80003c93b160,40,16) at rtm_output+0xda5 sys/net/rtsock.c:1173 route_output(fffffd8067083300,ffff800001520d40) at route_output+0xa2b sys/net/rtsock.c:858 route_send(ffff800001520d40,fffffd8067083300,0,0) at route_send+0xd7 sys/net/rtsock.c:322 sosend(ffff800001520d40,0,ffff80003c93b3b8,0,0,80a) at sosend+0x804 sys/kern/uipc_socket.c:-1 sendit(ffff80002a85efc8,3,ffff80003c93b4b0,80a,ffff80003c93b550) at sendit+0x5a5 sys/kern/uipc_syscalls.c:785 sys_sendto(ffff80002a85efc8,ffff80003c93b600,ffff80003c93b550) at sys_sendto+0x8d sys/kern/uipc_syscalls.c:563 syscall(ffff80003c93b600) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80003c93b600) at syscall+0x962 sys/arch/amd64/amd64/trap.c:748 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x6acd23071d0, count: -9 ddb> show registers rdi 0xffff80002f902000 rsi 0x2a9 rbp 0xffff80003c93b0b0 rbx 0xde rdx 0xffff80002f902000 rcx 0xffff80000161ef20 rax 0xfffffd8067083be0 r8 0x20 r9 0x80a r10 0x2e41ce5f79e62bd5 r11 0xd911e27a99a2a004 r12 0x8f r13 0xfffffd8067083b00 r14 0xfffffd8075848e58 r15 0xffff800000039058 rip 0xffffffff823c68a4 arp_rtrequest+0x6a4 cs 0x8 rflags 0x10246 __ALIGN_SIZE+0xf246 rsp 0xffff80003c93b030 ss 0x10 arp_rtrequest+0x6a4: movzwl 0xc(%rcx,%rbx,1),%ecx ddb> show proc PROC (syz-executor) tid=159839 pid=94783 tcnt=2 stat=onproc flags process=0 proc=4000000 runpri=50, usrpri=50, slppri=17, nice=20 wchan=0x0, wmesg=, ps_single=0x0 scnt=0 ecnt=0 forw=0xffffffffffffffff, list=0xffff80002a85fcc0,0xffffffff8384f700 process=0xffff8000ffff8498 user=0xffff80003c936000, vmspace=0xfffffd806ee3e008 estcpu=36, cpticks=1, pctcpu=0.0, user=0, sys=1, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 94783 253144 55795 0 3 0x80 fsleep syz-executor *94783 159839 55795 0 7 0x4000000 syz-executor 40123 440973 12237 0 3 0x80 fsleep syz-executor 40123 194634 12237 0 3 0x4000080 sbwait syz-executor 65522 385999 24060 0 3 0x80 fsleep syz-executor 65522 453426 24060 0 3 0x4000080 kqpoll syz-executor 30371 5805 10314 0 3 0x80 fsleep syz-executor 30371 178096 10314 0 3 0x4000080 ttyout syz-executor 43616 201614 18945 0 3 0x80 fsleep syz-executor 43616 459142 18945 0 3 0x4000080 piperd syz-executor 72259 162686 45491 0 3 0x80 fsleep syz-executor 72259 248887 45491 0 3 0x4000080 fifor syz-executor 68254 237271 78280 0 3 0x80 fsleep syz-executor 68254 507881 78280 0 3 0x4000080 kqsel syz-executor 90268 305604 0 0 3 0x14280 nfsidl nfsio 93454 113127 0 0 3 0x14280 nfsidl nfsio 61798 471224 0 0 3 0x14280 nfsidl nfsio 30267 503100 0 0 3 0x14280 nfsidl nfsio 49981 197129 0 0 3 0x14280 nfsidl nfsio 97604 298527 0 0 3 0x14280 nfsidl nfsio 72503 264309 0 0 3 0x14280 nfsidl nfsio 19377 12414 0 0 3 0x14280 nfsidl nfsio 17088 397344 0 0 3 0x14280 nfsidl nfsio 71980 138232 0 0 3 0x14280 nfsidl nfsio 98257 241839 0 0 3 0x14280 nfsidl nfsio 96579 514109 0 0 3 0x14280 nfsidl nfsio 89126 363968 0 0 3 0x14280 nfsidl nfsio 17005 272003 0 0 3 0x14280 nfsidl nfsio 96307 196421 0 0 3 0x14280 nfsidl nfsio 63741 91773 0 0 3 0x14280 nfsidl nfsio 60882 472981 0 0 3 0x14280 nfsidl nfsio 71054 238345 0 0 3 0x14280 nfsidl nfsio 49728 391222 0 0 3 0x14280 nfsidl nfsio 84015 242054 0 0 3 0x14280 nfsidl nfsio 18945 499077 99651 0 2 0xc82 syz-executor 8874 26645 1 0 3 0x100083 ttyin getty 78280 428230 99651 0 2 0xc82 syz-executor 24060 65606 99651 0 2 0xc82 syz-executor 55795 344468 99651 0 3 0x82 nanoslp syz-executor 10314 356677 99651 0 3 0x82 nanoslp syz-executor 52579 511 0 0 3 0x14200 bored sosplice 58796 171361 99651 0 2 0xc82 syz-executor 12237 414416 99651 0 2 0xc82 syz-executor 45491 380817 99651 0 2 0xc82 syz-executor 99651 150220 1651 0 3 0x82 kqread syz-executor 1651 390181 38903 0 3 0x10008a sigsusp ksh 38903 46294 65666 0 3 0x98 kqread sshd-session 65666 499363 10096 0 3 0x92 kqread sshd-session 10096 84830 1 0 3 0x88 kqread sshd 45320 381915 57615 73 3 0x1100090 kqread syslogd 57615 497610 1 0 3 0x100082 sbwait syslogd 20209 364046 1 0 3 0x100080 kqread resolvd 48341 119287 36625 77 3 0x100092 kqread dhcpleased 9055 294543 36625 77 3 0x100092 kqread dhcpleased 36625 450930 1 0 3 0x80 kqread dhcpleased 82221 278434 0 0 3 0x14200 bored smr 29884 126279 0 0 3 0x14200 pgzero zerothread 33259 113481 0 0 3 0x14200 aiodoned aiodoned 64683 388242 0 0 3 0x14200 syncer update 10209 173739 0 0 3 0x14200 cleaner cleaner 63945 521354 0 0 3 0x14200 reaper reaper 74191 100654 0 0 3 0x14200 pgdaemon pagedaemon 71255 514236 0 0 3 0x14200 bored viomb 26738 509383 0 0 3 0x40014200 acpi0 acpi0 71459 180609 0 0 3 0x14200 bored softnet0 7767 460979 0 0 3 0x14200 bored systqmp 28748 354055 0 0 3 0x14200 bored systq 59411 315068 0 0 3 0x40014200 tmoslp softclock 55767 29452 0 0 3 0x40014200 idle0 1 258519 0 0 3 0x80082 wait init 0 0 -1 0 3 0x10010200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10222 11088K 12297K 166960K 16409 0 pcb 18 18K 22K 166960K 838 0 rtable 179 11K 12K 166960K 829 0 pf 36 14K 21K 166960K 256 0 ifaddr 30 5K 7K 166960K 168 0 ifgroup 55 2K 2K 166960K 259 0 sysctl 4 1K 9K 166960K 39 0 counters 33 17K 18K 166960K 181 0 ioctlops 0 0K 8K 166960K 715 0 iov 1 0K 36K 166960K 146 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1522 96K 96K 166960K 3808 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 1K 5K 166960K 43 0 VM map 2 1K 1K 166960K 2 0 sem 27 17K 17K 166960K 93 0 dirhash 12 2K 2K 166960K 39 0 ACPI 1692 195K 286K 166960K 12470 0 file desc 18 65K 240K 166960K 2501 0 sigio 0 0K 0K 166960K 46 0 proc 60 59K 83K 166960K 928 0 subproc 72 4K 4K 166960K 117 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 0 0K 0K 166960K 310 0 in_multi 59 4K 7K 166960K 316 0 ether_multi 1 0K 0K 166960K 44 0 mrt 2 0K 0K 166960K 35 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 277 1235K 1235K 166960K 277 0 exec 0 0K 1K 166960K 665 0 fusefs mount 1 32K 32K 166960K 1 0 pfkey data 0 0K 0K 166960K 8 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 232 155K 170K 166960K 23454 0 UVM aobj 131 4K 5K 166960K 144 0 pinsyscall 39 78K 90K 166960K 3695 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 0K 166960K 127 0 NDP 12 0K 2K 166960K 111 0 temp 85 8652K 8925K 166960K 94348 0 kqueue 15 24K 34K 166960K 517 0 SYN cache 2 8K 16K 166960K 3 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle rtpcb 120 223 0 219 1 0 1 1 0 8 0 rtentry 136 249 0 192 4 0 4 4 0 8 0 unpcb 144 2270 0 2251 11 10 1 6 0 8 0 syncache 336 11 0 11 2 2 0 1 0 8 0 tcpqe 32 2 0 2 1 1 0 1 0 8 0 tcpcb 736 1202 0 1198 13 12 1 7 0 8 0 arp 96 39 0 29 1 0 1 1 0 8 0 ipq 40 4 0 4 1 1 0 1 0 8 0 ipqe 40 5 0 5 1 1 0 1 0 8 0 inpcb 328 3113 0 3102 25 23 2 12 0 8 0 ip6q 72 58 0 56 2 1 1 1 0 8 0 ip6af 40 116 0 114 2 1 1 1 0 8 0 nd6 112 50 0 36 1 0 1 1 0 8 0 pkpcb 40 18 0 18 2 2 0 1 0 8 0 kcovpl 48 13 0 5 1 0 1 1 0 8 0 ppxss 1072 125 0 125 2 2 0 1 0 8 0 pppxif 1384 9 0 9 3 3 0 2 0 8 0 pfrktable 1344 2 0 2 1 1 0 1 0 8 0 pfanchor 1288 2 0 0 1 0 1 1 0 8 0 pftag 88 4 0 0 1 0 1 1 0 8 0 pfstitem 24 11 0 4 1 0 1 1 0 8 0 pfstkey 128 11 0 0 1 0 1 1 0 8 0 pfstate 384 6 0 2 1 0 1 1 0 8 0 pfrule 1344 16 0 15 1 0 1 1 0 8 0 rttmr 136 9 0 9 3 3 0 1 0 8 0 art_heap8 4096 5 0 0 5 0 5 5 0 8 0 art_heap4 256 1345 0 1056 36 16 20 31 0 8 0 art_table 40 1350 0 1056 6 1 5 6 0 8 0 art_node 32 244 0 197 1 0 1 1 0 8 0 sysvmsgpl 40 20 0 13 1 0 1 1 0 8 0 semupl 112 3 0 3 2 2 0 1 0 8 0 semapl 112 87 0 62 1 0 1 1 0 8 0 shmpl 112 141 0 13 4 0 4 4 0 8 0 dirhash 1024 36 0 19 3 0 3 3 0 8 0 dino2pl 256 6012 0 4504 95 0 95 95 0 8 0 ffsino 256 6012 0 4504 95 0 95 95 0 8 0 nchpl 144 9546 0 7837 64 0 64 64 0 8 0 rtmask 32 25 0 25 2 2 0 1 0 8 0 vnodes 216 5926 0 0 330 0 330 330 0 8 0 namei 1024 36689 0 36689 5 4 1 2 0 8 1 kstatmem 264 168 0 144 3 1 2 3 0 8 0 acpiwqpl 32 1 0 1 1 0 1 1 1 8 1 scsiplug 72 9 0 9 3 3 0 1 0 8 0 scxspl 216 28969 0 28969 15 14 1 8 1 8 1 plimitpl 152 891 0 873 1 0 1 1 0 8 0 sigapl 424 2805 0 2741 10 2 8 8 0 8 0 knotepl 120 90549 0 90495 60 51 9 17 0 8 6 kqueuepl 184 1247 0 1235 8 7 1 4 0 8 0 pipepl 304 595 0 565 14 11 3 12 0 8 0 fdescpl 448 2744 0 2714 5 1 4 5 0 8 0 filepl 120 20449 0 20224 23 13 10 15 0 8 0 lockfpl 104 973 0 971 2 1 1 2 0 8 0 lockfspl 48 357 0 355 1 0 1 1 0 8 0 sessionpl 144 29 0 21 1 0 1 1 0 8 0 pgrppl 48 119 0 103 1 0 1 1 0 8 0 ucredpl 104 3350 0 3338 1 0 1 1 0 8 0 zombiepl 144 3111 0 3110 2 1 1 1 0 8 0 processpl 1152 2805 0 2741 5 0 5 5 0 8 0 procpl 664 6278 0 6207 8 1 7 7 0 8 0 sosppl 168 18 0 18 2 2 0 1 0 8 0 sockpl 552 5713 0 5679 32 28 4 15 0 8 0 mcl64k 65536 811 0 811 6 5 1 3 0 8 1 mcl16k 16384 2 0 2 1 1 0 1 0 8 0 mcl9k 9216 2 0 2 1 1 0 1 0 8 0 mcl8k 8192 23 0 23 3 3 0 1 0 8 0 mcl4k 4096 5539 0 5487 16 8 8 14 0 8 0 mcl2k2 2112 4 0 4 2 2 0 1 0 8 0 mcl2k 2048 3805 0 3798 6 4 2 4 0 8 0 mtagpl 96 14 0 12 2 1 1 1 0 8 0 mbufpl 256 34703 0 34609 247 236 11 74 0 8 0 bufpl 280 8479 0 2257 445 0 445 445 0 8 0 anonpl 24 361770 0 358520 73 40 33 45 0 187 0 amapchunkpl 152 82088 0 81607 58 37 21 38 0 158 1 amappl16 200 6322 0 6285 43 38 5 15 0 8 0 amappl15 192 7 0 7 1 1 0 1 0 8 0 amappl14 184 19 0 19 2 2 0 1 0 8 0 amappl13 176 466 0 465 1 0 1 1 0 8 0 amappl12 168 3123 0 3084 2 0 2 2 0 8 0 amappl11 160 9 0 9 1 1 0 1 0 8 0 amappl10 152 40 0 30 1 0 1 1 0 8 0 amappl9 144 251 0 251 1 1 0 1 0 8 0 amappl8 136 24 0 22 1 0 1 1 0 8 0 amappl7 128 99 0 98 1 0 1 1 0 8 0 amappl6 120 330 0 318 1 0 1 1 0 8 0 amappl5 112 89 0 81 1 0 1 1 0 8 0 amappl4 104 414 0 389 1 0 1 1 0 8 0 amappl3 96 14273 0 14182 3 0 3 3 0 8 0 amappl2 88 2856 0 2785 2 0 2 2 0 8 0 amappl1 80 18637 0 18098 13 1 12 13 0 8 0 amappl 88 22275 0 22112 5 0 5 5 0 92 0 uvmvnodes 80 5926 0 0 121 0 121 121 0 8 0 dma65536 65536 65 0 65 1 1 0 1 0 8 0 dma16384 16384 1 0 1 1 1 0 1 0 8 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma2048 2048 5 0 5 2 2 0 1 0 8 0 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 259 0 259 3 3 0 1 0 8 0 dma64 64 7 0 7 1 1 0 1 0 8 0 dma32 32 8 0 8 2 2 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 143 0 13 3 0 3 3 0 8 0 uaddrrnd 24 2744 0 2714 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 2744 0 2714 1 0 1 1 0 8 0 vmmpekpl 168 20826 0 20762 4 0 4 4 0 8 0 vmmpepl 168 170713 0 168868 110 29 81 91 0 357 0 vmsppl 368 2743 0 2714 4 1 3 4 0 8 0 rwobjpl 40 47007 0 40105 73 0 73 73 0 8 0 pdppl 4096 5494 0 5428 108 42 66 78 0 8 0 pvpl 32 1123122 0 1113895 154 63 91 120 0 265 0 pmappl 216 2743 0 2714 2 0 2 2 0 8 0 extentpl 40 45 0 27 1 0 1 1 0 8 0 phpool 112 657 0 341 13 1 12 12 0 8 0 ddb> machine ddbcpu 0 No such command ddb> trace arp_rtrequest(ffff800000039058,1,fffffd8075848e58) at arp_rtrequest+0x6a4 arprequest sys/netinet/if_ether.c:325 [inline] arp_rtrequest(ffff800000039058,1,fffffd8075848e58) at arp_rtrequest+0x6a4 sys/netinet/if_ether.c:226 rtm_output(ffff800001422300,ffff80003c93b208,ffff80003c93b160,40,16) at rtm_output+0xda5 sys/net/rtsock.c:1173 route_output(fffffd8067083300,ffff800001520d40) at route_output+0xa2b sys/net/rtsock.c:858 route_send(ffff800001520d40,fffffd8067083300,0,0) at route_send+0xd7 sys/net/rtsock.c:322 sosend(ffff800001520d40,0,ffff80003c93b3b8,0,0,80a) at sosend+0x804 sys/kern/uipc_socket.c:-1 sendit(ffff80002a85efc8,3,ffff80003c93b4b0,80a,ffff80003c93b550) at sendit+0x5a5 sys/kern/uipc_syscalls.c:785 sys_sendto(ffff80002a85efc8,ffff80003c93b600,ffff80003c93b550) at sys_sendto+0x8d sys/kern/uipc_syscalls.c:563 syscall(ffff80003c93b600) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80003c93b600) at syscall+0x962 sys/arch/amd64/amd64/trap.c:748 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x6acd23071d0, count: -9 ddb> machine ddbcpu 1 No such command ddb> trace arp_rtrequest(ffff800000039058,1,fffffd8075848e58) at arp_rtrequest+0x6a4 arprequest sys/netinet/if_ether.c:325 [inline] arp_rtrequest(ffff800000039058,1,fffffd8075848e58) at arp_rtrequest+0x6a4 sys/netinet/if_ether.c:226 rtm_output(ffff800001422300,ffff80003c93b208,ffff80003c93b160,40,16) at rtm_output+0xda5 sys/net/rtsock.c:1173 route_output(fffffd8067083300,ffff800001520d40) at route_output+0xa2b sys/net/rtsock.c:858 route_send(ffff800001520d40,fffffd8067083300,0,0) at route_send+0xd7 sys/net/rtsock.c:322 sosend(ffff800001520d40,0,ffff80003c93b3b8,0,0,80a) at sosend+0x804 sys/kern/uipc_socket.c:-1 sendit(ffff80002a85efc8,3,ffff80003c93b4b0,80a,ffff80003c93b550) at sendit+0x5a5 sys/kern/uipc_syscalls.c:785 sys_sendto(ffff80002a85efc8,ffff80003c93b600,ffff80003c93b550) at sys_sendto+0x8d sys/kern/uipc_syscalls.c:563 syscall(ffff80003c93b600) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80003c93b600) at syscall+0x962 sys/arch/amd64/amd64/trap.c:748 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x6acd23071d0, count: -9