uvm_fault(0xffffffff82dfc3a8, 0xffff800000e40010, 0, 1) -> e kernel: page fault trap, code=0 Stopped at arp_rtrequest+0x4e3: movzwl 0xc(%r15,%rbx,1),%ecx TID PID UID PRFLAGS PFLAGS CPU COMMAND *157360 21779 0 0x8000000 0x4000000 0 syz-executor.6 arp_rtrequest(ffff800000dd5000,1,fffffd806b442e80) at arp_rtrequest+0x4e3 arprequest sys/netinet/if_ether.c:281 [inline] arp_rtrequest(ffff800000dd5000,1,fffffd806b442e80) at arp_rtrequest+0x4e3 sys/netinet/if_ether.c:184 rtrequest(1,ffff80002daece08,1,ffff80002daeced8,0) at rtrequest+0x9dc sys/net/route.c:1103 rt_ifa_add(ffff800000e47100,240004,ffff800000e47158,0) at rt_ifa_add+0x2b3 sys/net/route.c:1273 rt_ifa_addlocal(ffff800000e47100) at rt_ifa_addlocal+0x141 sys/net/route.c:1381 in_ifinit(ffff800000dd5000,ffff800000e47100,ffff80002daed180,1) at in_ifinit+0x1c1 sys/netinet/in.c:669 in_ioctl_set_ifaddr(8020690c,ffff80002daed170,ffff800000dd5000) at in_ioctl_set_ifaddr+0x252 sys/netinet/in.c:386 ifioctl(fffffd806b6e3be8,8020690c,ffff80002daed170,ffff80002a64a2c8) at ifioctl+0x104c pru_control sys/sys/protosw.h:378 [inline] ifioctl(fffffd806b6e3be8,8020690c,ffff80002daed170,ffff80002a64a2c8) at ifioctl+0x104c sys/net/if.c:2449 sys_ioctl(ffff80002a64a2c8,ffff80002daed350,ffff80002daed2a0) at sys_ioctl+0x4a5 syscall(ffff80002daed350) at syscall+0x72a sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xaed62727f40, count: 5 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic *cpu0: uvm_fault(0xffffffff82dfc3a8, 0xffff800000e40010, 0, 1) -> e ddb> trace arp_rtrequest(ffff800000dd5000,1,fffffd806b442e80) at arp_rtrequest+0x4e3 arprequest sys/netinet/if_ether.c:281 [inline] arp_rtrequest(ffff800000dd5000,1,fffffd806b442e80) at arp_rtrequest+0x4e3 sys/netinet/if_ether.c:184 rtrequest(1,ffff80002daece08,1,ffff80002daeced8,0) at rtrequest+0x9dc sys/net/route.c:1103 rt_ifa_add(ffff800000e47100,240004,ffff800000e47158,0) at rt_ifa_add+0x2b3 sys/net/route.c:1273 rt_ifa_addlocal(ffff800000e47100) at rt_ifa_addlocal+0x141 sys/net/route.c:1381 in_ifinit(ffff800000dd5000,ffff800000e47100,ffff80002daed180,1) at in_ifinit+0x1c1 sys/netinet/in.c:669 in_ioctl_set_ifaddr(8020690c,ffff80002daed170,ffff800000dd5000) at in_ioctl_set_ifaddr+0x252 sys/netinet/in.c:386 ifioctl(fffffd806b6e3be8,8020690c,ffff80002daed170,ffff80002a64a2c8) at ifioctl+0x104c pru_control sys/sys/protosw.h:378 [inline] ifioctl(fffffd806b6e3be8,8020690c,ffff80002daed170,ffff80002a64a2c8) at ifioctl+0x104c sys/net/if.c:2449 sys_ioctl(ffff80002a64a2c8,ffff80002daed350,ffff80002daed2a0) at sys_ioctl+0x4a5 syscall(ffff80002daed350) at syscall+0x72a sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xaed62727f40, count: -10 ddb> show registers rdi 0xffff80002cce2000 rsi 0x437 rbp 0xffff80002daeccf0 rbx 0x14 rdx 0xffff80002cce2000 rcx 0x100040600080100 rax 0xfffffd805bc824e0 r8 0x100 r9 0xfffffd806b442e80 r10 0x1623308cae7c84fe r11 0xad8ea50ff9b500b3 r12 0x25e r13 0xfffffd805bc82400 r14 0xfffffd806b442e80 r15 0xffff800000e3fff0 rip 0xffffffff812d87a3 arp_rtrequest+0x4e3 cs 0x8 rflags 0x10246 __ALIGN_SIZE+0xf246 rsp 0xffff80002daecc70 ss 0x10 arp_rtrequest+0x4e3: movzwl 0xc(%r15,%rbx,1),%ecx ddb> show proc PROC (syz-executor.6) tid=157360 pid=21779 tcnt=2 stat=onproc flags process=8000000 proc=4000000 runpri=32, usrpri=84, slppri=32, nice=20 wchan=0x0, wmesg=, ps_single=0x0 forw=0xffffffffffffffff, list=0xffff80002a64aa78,0xffff80002a64b4c8 process=0xffff8000ffff5500 user=0xffff80002dae8000, vmspace=0xfffffd806fb08d88 estcpu=34, cpticks=1, pctcpu=0.0, user=0, sys=1, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 77485 7812 86422 0 2 0x8000000 syz-executor.2 77485 269853 86422 0 2 0xc000000 syz-executor.2 14523 161008 79251 0 2 0x8000000 syz-executor.5 14523 198339 79251 0 3 0xc000080 fsleep syz-executor.5 82028 230658 47442 0 2 0x8000000 syz-executor.3 82028 460571 47442 0 3 0xc000080 fsleep syz-executor.3 93201 293519 39563 0 2 0x8000000 syz-executor.7 93201 109409 39563 0 3 0xc000080 fsleep syz-executor.7 21779 254223 34281 0 2 0x8000000 syz-executor.6 *21779 157360 34281 0 7 0xc000000 syz-executor.6 49736 439634 39933 0 2 0x8000480 syz-executor.1 49736 287482 39933 0 3 0xc000080 sbwait syz-executor.1 1855 30623 15361 0 2 0x8000482 syz-executor.0 86422 518519 15361 0 3 0x8000082 nanoslp syz-executor.2 66653 313910 15361 0 2 0x8000482 syz-executor.4 39933 520095 15361 0 2 0x8000482 syz-executor.1 34281 79807 15361 0 2 0x8000482 syz-executor.6 79251 174757 15361 0 3 0x8000082 nanoslp syz-executor.5 47442 445351 15361 0 2 0x8000482 syz-executor.3 39563 322508 15361 0 2 0x8000482 syz-executor.7 95548 410870 1 0 3 0x18100083 ttyin getty 95222 272746 0 0 3 0x14280 nfsidl nfsio 28319 375878 0 0 3 0x14280 nfsidl nfsio 52795 136709 0 0 3 0x14280 nfsidl nfsio 22136 198140 0 0 3 0x14280 nfsidl nfsio 12686 316901 0 0 3 0x14280 nfsidl nfsio 21094 403542 0 0 3 0x14280 nfsidl nfsio 29643 135375 0 0 3 0x14280 nfsidl nfsio 44871 186919 0 0 3 0x14280 nfsidl nfsio 58151 387308 0 0 3 0x14280 nfsidl nfsio 87573 325231 0 0 3 0x14280 nfsidl nfsio 27324 275971 0 0 3 0x14280 nfsidl nfsio 88761 109846 0 0 3 0x14280 nfsidl nfsio 66736 334912 0 0 3 0x14280 nfsidl nfsio 33781 515807 0 0 3 0x14280 nfsidl nfsio 89579 278636 0 0 3 0x14280 nfsidl nfsio 95568 373219 0 0 3 0x14280 nfsidl nfsio 73811 1827 0 0 3 0x14280 nfsidl nfsio 4196 482141 0 0 3 0x14280 nfsidl nfsio 8031 89044 0 0 3 0x14280 nfsidl nfsio 90632 67449 0 0 3 0x14280 nfsidl nfsio 97141 355775 0 0 3 0x14200 bored sosplice 15361 455610 92664 0 3 0x1a000082 thrsleep syz-fuzzer 15361 326860 92664 0 2 0x1e000482 syz-fuzzer 15361 378057 92664 0 3 0x1e000082 kqread syz-fuzzer 15361 349482 92664 0 3 0x1e000082 wait syz-fuzzer 15361 468999 92664 0 3 0x1e000082 thrsleep syz-fuzzer 15361 399723 92664 0 3 0x1e000082 wait syz-fuzzer 15361 268524 92664 0 3 0x1e000082 wait syz-fuzzer 15361 252702 92664 0 3 0x1e000082 wait syz-fuzzer 15361 398282 92664 0 3 0x1e000082 thrsleep syz-fuzzer 15361 267424 92664 0 3 0x1e000082 thrsleep syz-fuzzer 15361 165189 92664 0 3 0x1e000082 wait syz-fuzzer 15361 44128 92664 0 3 0x1e000082 wait syz-fuzzer 15361 506319 92664 0 3 0x1e000082 wait syz-fuzzer 15361 66858 92664 0 3 0x1e000082 wait syz-fuzzer 92664 103343 86750 0 3 0x810008a sigsusp ksh 86750 144504 5181 0 3 0x1800009a kqread sshd 5181 165830 1 0 3 0x18000088 kqread sshd 66359 55815 79957 73 2 0x19100010 syslogd 79957 195229 1 0 3 0x18100082 sbwait syslogd 9721 473352 1 0 3 0x18100080 kqread resolvd 65423 273978 72760 77 3 0x18100092 kqread dhcpleased 42088 468867 72760 77 3 0x18100092 kqread dhcpleased 72760 82555 1 0 3 0x18000080 kqread dhcpleased 89464 445656 0 0 3 0x14200 bored smr 2718 146604 0 0 2 0x14200 zerothread 28432 428696 0 0 3 0x14200 aiodoned aiodoned 77951 516652 0 0 3 0x14200 syncer update 65961 236708 0 0 3 0x14200 cleaner cleaner 87145 241915 0 0 3 0x14200 reaper reaper 61083 277330 0 0 3 0x14200 pgdaemon pagedaemon 42138 111738 0 0 3 0x14200 bored viomb 87019 26464 0 0 3 0x40014200 acpi0 acpi0 1159 23563 0 0 3 0x14200 bored softnet3 74969 362422 0 0 3 0x14200 bored softnet2 52797 485312 0 0 3 0x14200 bored softnet1 27972 354767 0 0 3 0x14200 bored softnet0 11544 269410 0 0 3 0x14200 bored systqmp 1639 116607 0 0 3 0x14200 bored systq 73591 24723 0 0 3 0x40014200 tmoslp softclock 75627 465845 0 0 3 0x40014200 idle0 1 174401 0 0 3 0x8000082 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10191 6569K 7212K 166960K 15429 0 pcb 17 14K 16K 166960K 281 0 rtable 216 7K 8K 166960K 2385 0 pf 31 9K 9K 166960K 215 0 ifaddr 41 11K 12K 166960K 328 0 ifgroup 54 2K 2K 166960K 396 0 sysctl 3 0K 1K 166960K 4 0 counters 31 17K 17K 166960K 118 0 ioctlops 0 0K 2K 166960K 195 0 iov 0 0K 24K 166960K 208 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1455 92K 92K 166960K 3902 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 1K 5K 166960K 50 0 VM map 2 1K 1K 166960K 2 0 sem 12 1K 1K 166960K 103 0 dirhash 12 2K 2K 166960K 48 0 ACPI 1697 195K 286K 166960K 12548 0 file desc 16 57K 93K 166960K 2926 0 sigio 0 0K 0K 166960K 64 0 proc 61 67K 116K 166960K 2390 0 subproc 104 6K 8K 166960K 964 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 0 0K 0K 166960K 219 0 in_multi 87 6K 7K 166960K 815 0 ether_multi 1 0K 0K 166960K 5 0 mrt 1 0K 0K 166960K 7 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 97 440K 440K 166960K 97 0 exec 0 0K 1K 166960K 1393 0 pfkey data 0 0K 0K 166960K 5 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 334 148K 167K 166960K 24660 0 UVM aobj 61 5K 5K 166960K 71 0 pinsyscall 36 72K 101K 166960K 5762 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 0K 166960K 137 0 NDP 12 0K 2K 166960K 239 0 temp 78 6808K 6936K 166960K 61948 0 kqueue 13 20K 28K 166960K 266 0 SYN cache 2 16K 16K 166960K 2 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle rtpcb 120 319 0 316 1 0 1 1 0 8 0 rtentry 112 836 0 739 4 0 4 4 0 8 0 unpcb 144 1258 0 1245 2 0 2 2 0 8 1 syncache 336 4 0 4 1 0 1 1 0 8 1 sackhl 24 1 1 1 1 0 1 1 0 8 1 tcpcb 808 464 0 457 2 0 2 2 0 8 1 arp 88 152 0 138 1 0 1 1 0 8 0 ipq 40 3 0 2 1 0 1 1 0 8 0 ipqe 40 6 0 5 1 0 1 1 0 8 0 inpcb 360 1956 0 1943 10 1 9 10 0 8 7 nd6 104 219 0 198 1 0 1 1 0 8 0 pkpcb 40 31 0 31 1 0 1 1 0 8 1 kcovpl 48 74 0 66 1 0 1 1 0 8 0 ppxss 1072 8 0 8 1 0 1 1 0 8 1 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 3288 0 2876 50 21 29 29 0 8 3 art_table 32 3289 0 2876 4 0 4 4 0 8 0 art_node 16 830 0 743 1 0 1 1 0 8 0 sysvmsgpl 40 55 0 36 1 0 1 1 0 8 0 semupl 112 2 0 2 1 0 1 1 0 8 1 semapl 112 100 0 90 1 0 1 1 0 8 0 shmpl 112 68 0 10 2 0 2 2 0 8 0 dirhash 1024 41 0 24 3 0 3 3 0 8 0 dino2pl 256 5069 0 3546 96 0 96 96 0 8 0 ffsino 240 5069 0 3546 90 0 90 90 0 8 0 nchpl 144 8693 0 6957 66 0 66 66 0 8 0 uvmvnodes 80 6926 0 0 142 0 142 142 0 8 0 vnodes 216 6926 0 0 385 0 385 385 0 8 0 namei 1024 35846 0 35846 3 0 3 3 0 8 3 vcpupl 3904 13 0 0 2 0 2 2 0 8 0 vmpool 664 18 0 5 2 0 2 2 0 8 0 kstatmem 264 198 0 174 2 0 2 2 0 8 0 scsiplug 72 6 0 6 1 0 1 1 0 8 1 scxspl 216 56650 0 56650 8 0 8 8 1 8 8 plimitpl 152 587 0 572 1 0 1 1 0 8 0 sigapl 424 3116 0 3050 9 0 9 9 0 8 0 futexpl 64 33044 0 33041 1 0 1 1 0 8 0 knotepl 120 24594 0 24510 20 9 11 19 0 8 8 kqueuepl 184 618 0 609 4 0 4 4 0 8 3 pipepl 288 591 0 563 3 0 3 3 0 8 0 fdescpl 432 3076 0 3049 5 0 5 5 0 8 1 filepl 120 17264 0 17016 14 0 14 14 0 8 6 lockfpl 104 748 0 745 1 0 1 1 0 8 0 lockfspl 48 287 0 284 1 0 1 1 0 8 0 sessionpl 144 91 0 75 1 0 1 1 0 8 0 pgrppl 48 160 0 144 1 0 1 1 0 8 0 ucredpl 104 3019 0 3007 1 0 1 1 0 8 0 zombiepl 144 3052 0 3050 1 0 1 1 0 8 0 processpl 1072 3116 0 3050 5 0 5 5 0 8 0 procpl 656 5490 0 5405 9 0 9 9 0 8 1 sosppl 168 45 0 45 1 0 1 1 0 8 1 sockpl 504 3592 0 3563 17 6 11 17 0 8 6 mcl64k 65536 52 0 52 1 0 1 1 0 8 1 mcl16k 16384 32 0 32 1 0 1 1 0 8 1 mcl12k 12288 77 0 77 1 0 1 1 0 8 1 mcl9k 9216 12 0 12 1 0 1 1 0 8 1 mcl8k 8192 130 0 130 1 0 1 1 0 8 1 mcl4k 4096 376 0 376 1 0 1 1 0 8 1 mcl2k2 2112 38 0 38 1 0 1 1 0 8 1 mcl2k 2048 32616 0 32515 48 28 20 48 0 8 6 mtagpl 96 162 0 154 1 0 1 1 0 8 0 mbufpl 256 83522 0 83295 74 48 26 62 0 8 8 bufpl 280 10696 0 3770 496 0 496 496 0 8 0 anonpl 24 492564 0 486479 93 0 93 93 0 188 39 amapchunkpl 152 80087 0 79453 42 0 42 42 0 158 11 amappl16 200 10436 0 10310 33 14 19 20 0 8 11 amappl15 192 14 0 14 1 0 1 1 0 8 1 amappl14 184 352 0 337 2 0 2 2 0 8 1 amappl13 176 11 0 11 1 0 1 1 0 8 1 amappl12 168 4671 0 4643 2 0 2 2 0 8 0 amappl11 160 54 0 44 1 0 1 1 0 8 0 amappl10 152 122 0 111 1 0 1 1 0 8 0 amappl9 144 159 0 157 1 0 1 1 0 8 0 amappl8 136 511 0 437 3 0 3 3 0 8 0 amappl7 128 70 0 54 1 0 1 1 0 8 0 amappl6 120 1166 0 1152 2 0 2 2 0 8 1 amappl5 112 479 0 467 1 0 1 1 0 8 0 amappl4 104 1019 0 983 2 0 2 2 0 8 0 amappl3 96 15154 0 15075 3 0 3 3 0 8 0 amappl2 88 3758 0 3686 4 0 4 4 0 8 2 amappl1 80 23447 0 22955 22 3 19 22 0 8 6 amappl 88 23491 0 23291 6 0 6 6 0 92 0 dma4096 4096 1 0 1 1 0 1 1 0 8 1 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 6 0 6 1 0 1 1 0 8 1 dma128 128 253 0 253 1 0 1 1 0 8 1 dma64 64 6 0 6 1 0 1 1 0 8 1 dma32 32 7 0 7 1 0 1 1 0 8 1 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 70 0 10 2 0 2 2 0 8 0 uaddrrnd 24 3094 0 3054 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 3094 0 3054 1 0 1 1 0 8 0 vmmpekpl 168 25734 0 25673 4 0 4 4 0 8 0 vmmpepl 168 222703 0 220808 113 0 113 113 0 357 16 vmsppl 344 3093 0 3054 5 0 5 5 0 8 1 rwobjpl 24 64080 0 55981 51 0 51 51 0 8 0 pdppl 4096 6194 0 6121 257 180 77 86 0 8 4 pvpl 32 1367369 0 1355174 391 43 348 391 0 265 222 pmappl 216 3093 0 3054 3 0 3 3 0 8 0 extentpl 40 56 0 38 1 0 1 1 0 8 0 phpool 112 652 0 283 12 0 12 12 0 8 0 ddb> machine ddbcpu 0 No such command ddb> trace arp_rtrequest(ffff800000dd5000,1,fffffd806b442e80) at arp_rtrequest+0x4e3 arprequest sys/netinet/if_ether.c:281 [inline] arp_rtrequest(ffff800000dd5000,1,fffffd806b442e80) at arp_rtrequest+0x4e3 sys/netinet/if_ether.c:184 rtrequest(1,ffff80002daece08,1,ffff80002daeced8,0) at rtrequest+0x9dc sys/net/route.c:1103 rt_ifa_add(ffff800000e47100,240004,ffff800000e47158,0) at rt_ifa_add+0x2b3 sys/net/route.c:1273 rt_ifa_addlocal(ffff800000e47100) at rt_ifa_addlocal+0x141 sys/net/route.c:1381 in_ifinit(ffff800000dd5000,ffff800000e47100,ffff80002daed180,1) at in_ifinit+0x1c1 sys/netinet/in.c:669 in_ioctl_set_ifaddr(8020690c,ffff80002daed170,ffff800000dd5000) at in_ioctl_set_ifaddr+0x252 sys/netinet/in.c:386 ifioctl(fffffd806b6e3be8,8020690c,ffff80002daed170,ffff80002a64a2c8) at ifioctl+0x104c pru_control sys/sys/protosw.h:378 [inline] ifioctl(fffffd806b6e3be8,8020690c,ffff80002daed170,ffff80002a64a2c8) at ifioctl+0x104c sys/net/if.c:2449 sys_ioctl(ffff80002a64a2c8,ffff80002daed350,ffff80002daed2a0) at sys_ioctl+0x4a5 syscall(ffff80002daed350) at syscall+0x72a sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xaed62727f40, count: -10 ddb> machine ddbcpu 1 No such command ddb> trace arp_rtrequest(ffff800000dd5000,1,fffffd806b442e80) at arp_rtrequest+0x4e3 arprequest sys/netinet/if_ether.c:281 [inline] arp_rtrequest(ffff800000dd5000,1,fffffd806b442e80) at arp_rtrequest+0x4e3 sys/netinet/if_ether.c:184 rtrequest(1,ffff80002daece08,1,ffff80002daeced8,0) at rtrequest+0x9dc sys/net/route.c:1103 rt_ifa_add(ffff800000e47100,240004,ffff800000e47158,0) at rt_ifa_add+0x2b3 sys/net/route.c:1273 rt_ifa_addlocal(ffff800000e47100) at rt_ifa_addlocal+0x141 sys/net/route.c:1381 in_ifinit(ffff800000dd5000,ffff800000e47100,ffff80002daed180,1) at in_ifinit+0x1c1 sys/netinet/in.c:669 in_ioctl_set_ifaddr(8020690c,ffff80002daed170,ffff800000dd5000) at in_ioctl_set_ifaddr+0x252 sys/netinet/in.c:386 ifioctl(fffffd806b6e3be8,8020690c,ffff80002daed170,ffff80002a64a2c8) at ifioctl+0x104c pru_control sys/sys/protosw.h:378 [inline] ifioctl(fffffd806b6e3be8,8020690c,ffff80002daed170,ffff80002a64a2c8) at ifioctl+0x104c sys/net/if.c:2449 sys_ioctl(ffff80002a64a2c8,ffff80002daed350,ffff80002daed2a0) at sys_ioctl+0x4a5 syscall(ffff80002daed350) at syscall+0x72a sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xaed62727f40, count: -10