uvm_fault(0xffffffff83601c40, 0xffff800001240010, 0, 1) -> e kernel: page fault trap, code=0 Stopped at arp_rtrequest+0x660: movzwl 0xc(%r15,%rbx,1),%ecx TID PID UID PRFLAGS PFLAGS CPU COMMAND *421011 34175 0 0x8000000 0x4000000 0 syz-executor 258312 43930 0 0x8000002 0 1 syz-executor arp_rtrequest(ffff8000011cf000,1,fffffd80675e59a8) at arp_rtrequest+0x660 arprequest sys/netinet/if_ether.c:281 [inline] arp_rtrequest(ffff8000011cf000,1,fffffd80675e59a8) at arp_rtrequest+0x660 sys/netinet/if_ether.c:184 rtrequest(1,ffff800037274c08,1,ffff800037274cb0,0) at rtrequest+0xbdc sys/net/route.c:1103 rt_ifa_add(ffff80000122da00,240004,ffff80000122da58,0) at rt_ifa_add+0x22e sys/net/route.c:1273 rt_ifa_addlocal(ffff80000122da00) at rt_ifa_addlocal+0x1d2 sys/net/route.c:1381 in_ifinit(ffff8000011cf000,ffff80000122da00,ffff800037274f70,1) at in_ifinit+0x26c sys/netinet/in.c:669 in_ioctl_change_ifaddr(8040691a,ffff800037274f60,ffff8000011cf000) at in_ioctl_change_ifaddr+0x92c sys/netinet/in.c:504 ifioctl(ffff800001190540,8040691a,ffff800037274f60,ffff800031783c20) at ifioctl+0x1571 pru_control sys/sys/protosw.h:354 [inline] ifioctl(ffff800001190540,8040691a,ffff800037274f60,ffff800031783c20) at ifioctl+0x1571 sys/net/if.c:2449 sys_ioctl(ffff800031783c20,ffff800037275140,ffff800037275090) at sys_ioctl+0x67c syscall(ffff800037275140) at syscall+0xbb6 mi_syscall sys/sys/syscall_mi.h:179 [inline] syscall(ffff800037275140) at syscall+0xbb6 sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xe5d738d6330, count: 5 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb{0}> ddb{0}> set $lines = 0 ddb{0}> set $maxwidth = 0 ddb{0}> show panic *cpu0: uvm_fault(0xffffffff83601c40, 0xffff800001240010, 0, 1) -> e ddb{0}> trace arp_rtrequest(ffff8000011cf000,1,fffffd80675e59a8) at arp_rtrequest+0x660 arprequest sys/netinet/if_ether.c:281 [inline] arp_rtrequest(ffff8000011cf000,1,fffffd80675e59a8) at arp_rtrequest+0x660 sys/netinet/if_ether.c:184 rtrequest(1,ffff800037274c08,1,ffff800037274cb0,0) at rtrequest+0xbdc sys/net/route.c:1103 rt_ifa_add(ffff80000122da00,240004,ffff80000122da58,0) at rt_ifa_add+0x22e sys/net/route.c:1273 rt_ifa_addlocal(ffff80000122da00) at rt_ifa_addlocal+0x1d2 sys/net/route.c:1381 in_ifinit(ffff8000011cf000,ffff80000122da00,ffff800037274f70,1) at in_ifinit+0x26c sys/netinet/in.c:669 in_ioctl_change_ifaddr(8040691a,ffff800037274f60,ffff8000011cf000) at in_ioctl_change_ifaddr+0x92c sys/netinet/in.c:504 ifioctl(ffff800001190540,8040691a,ffff800037274f60,ffff800031783c20) at ifioctl+0x1571 pru_control sys/sys/protosw.h:354 [inline] ifioctl(ffff800001190540,8040691a,ffff800037274f60,ffff800031783c20) at ifioctl+0x1571 sys/net/if.c:2449 sys_ioctl(ffff800031783c20,ffff800037275140,ffff800037275090) at sys_ioctl+0x67c syscall(ffff800037275140) at syscall+0xbb6 mi_syscall sys/sys/syscall_mi.h:179 [inline] syscall(ffff800037275140) at syscall+0xbb6 sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xe5d738d6330, count: -10 ddb{0}> show registers rdi 0xffff80002ad6d000 rsi 0x68d rbp 0xffff800037274ad0 rbx 0x14 rdx 0xffff80002ad6d000 rcx 0x100040600080100 rax 0xfffffd806c98aae0 r8 0x10 r9 0xfffffd80675e59a8 r10 0x274e6988a380f0ec r11 0xc5ab99e13cf13ca7 r12 0x66 r13 0xfffffd806c98aa00 r14 0xfffffd80675e59a8 r15 0xffff80000123fff0 rip 0xffffffff827b3cd0 arp_rtrequest+0x660 cs 0x8 rflags 0x10246 __ALIGN_SIZE+0xf246 rsp 0xffff800037274a50 ss 0x10 arp_rtrequest+0x660: movzwl 0xc(%r15,%rbx,1),%ecx ddb{0}> show proc PROC (syz-executor) tid=421011 pid=34175 tcnt=2 stat=onproc flags process=8000000 proc=4000000 runpri=32, usrpri=86, slppri=32, nice=20 wchan=0x0, wmesg=, ps_single=0x0 scnt=0 ecnt=0 forw=0xffffffffffffffff, list=0xffff800031782a68,0xffff8000317822e0 process=0xffff8000371dd6a8 user=0xffff800037270000, vmspace=0xfffffd80675838a0 estcpu=36, cpticks=1, pctcpu=0.0, user=0, sys=1, intr=0 ddb{0}> ps PID TID PPID UID S FLAGS WAIT COMMAND 19334 235115 58126 0 2 0x8000000 syz-executor 19334 342089 58126 0 2 0xc000000 syz-executor 97180 347644 51432 0 2 0x8000000 syz-executor 97180 323117 51432 0 3 0xc000080 rest syz-executor 97180 96875 51432 0 3 0xc000080 fsleep syz-executor 97180 396293 51432 0 3 0xc000080 fsleep syz-executor 62645 80089 2116 0 2 0xc081000 syz-executor 62645 358770 2116 0 3 0xc003000 suspend syz-executor 65787 461025 43930 0 2 0x8000480 syz-executor 65787 27015 43930 0 3 0xc000080 fsleep syz-executor 34175 449087 62742 0 2 0x8000000 syz-executor *34175 421011 62742 0 7 0xc000000 syz-executor 37170 329465 31741 0 3 0x8000080 nanoslp syz-executor 37170 315361 31741 0 3 0xc000080 kqpoll syz-executor 37170 383321 31741 0 3 0xc000080 fsleep syz-executor 75851 124185 54861 0 3 0x8000080 nanoslp syz-executor 75851 166161 54861 0 3 0xc000080 kqread syz-executor 75851 291901 54861 0 3 0xc000080 fsleep syz-executor 2116 513652 43218 0 3 0x8000082 nanoslp syz-executor 58126 443335 43218 0 3 0x8000082 nanoslp syz-executor 54861 162133 43218 0 2 0x8000482 syz-executor 31741 155122 43218 0 2 0x8000482 syz-executor 62742 365931 43218 0 2 0x8000482 syz-executor 26912 508810 43218 0 3 0x8000082 wait syz-executor 51432 341959 43218 0 3 0x8000082 nanoslp syz-executor 43930 258312 43218 0 7 0x8000002 syz-executor 45051 504070 1 0 3 0x18100083 ttyin getty 92361 101358 0 0 3 0x14200 acct acct 30735 453067 0 0 3 0x14200 bored sosplice 43218 521674 90400 0 3 0x8000082 kqread syz-executor 90400 44365 71051 0 3 0x810008a sigsusp ksh 71051 276726 93482 0 3 0x18000098 kqread sshd-session 93482 39524 8490 0 3 0x18000092 kqread sshd-session 8490 221719 1 0 3 0x18000088 kqread sshd 66726 125485 9863 74 3 0x19100092 bpf pflogd 9863 308230 1 0 3 0x18000080 sbwait pflogd 23714 304846 19257 73 3 0x19100090 kqread syslogd 19257 303992 1 0 3 0x18100082 sbwait syslogd 52612 432680 1 0 3 0x18100080 kqread resolvd 16441 487730 70442 77 3 0x18100092 kqread dhcpleased 93619 4554 70442 77 3 0x18100092 kqread dhcpleased 70442 128374 1 0 3 0x18000080 kqread dhcpleased 7588 353110 0 0 3 0x14200 bored smr 36497 186383 0 0 2 0x14200 zerothread 76650 142718 0 0 3 0x14200 aiodoned aiodoned 18809 734 0 0 3 0x14200 syncer update 21052 462901 0 0 3 0x14200 cleaner cleaner 80841 501975 0 0 3 0x14200 reaper reaper 58274 21342 0 0 3 0x14200 pgdaemon pagedaemon 76679 288140 0 0 3 0x14200 bored viomb 6000 393175 0 0 3 0x40014200 acpi0 acpi0 92854 474272 0 0 3 0x40014200 idle1 11722 74311 0 0 3 0x14200 bored softnet3 77962 109075 0 0 3 0x14200 bored softnet2 69796 222264 0 0 3 0x14200 bored softnet1 6108 120496 0 0 3 0x14200 bored softnet0 20398 66665 0 0 2 0x14200 systqmp 11532 125277 0 0 3 0x14200 bored systq 31799 229775 0 0 3 0x14200 tmoslp softclockmp 65810 432764 0 0 2 0x40014200 softclock 60106 154691 0 0 3 0x40014200 idle0 1 140494 0 0 3 0x8000082 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb{0}> show all locks Process 34175 (syz-executor) thread 0xffff800031783c20 (421011) ddb{0}> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10223 10242K 10696K 166960K 12560 0 pcb 18 12K 12K 166960K 111 0 rtable 201 14K 17K 166960K 1162 0 pf 35 17K 22K 166960K 165 0 ifaddr 40 7K 8K 166960K 156 0 ifgroup 55 2K 2K 166960K 186 0 sysctl 3 0K 0K 166960K 5 0 counters 64 36K 36K 166960K 132 0 ioctlops 0 0K 4K 166960K 1613 0 iov 0 0K 14K 166960K 32 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1421 89K 90K 166960K 2410 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 1K 5K 166960K 15 0 VM map 2 1K 1K 166960K 2 0 sem 12 0K 0K 166960K 50 0 dirhash 12 2K 3K 166960K 33 0 ACPI 1697 195K 286K 166960K 12548 0 file desc 18 65K 93K 166960K 1035 0 sigio 0 0K 0K 166960K 12 0 proc 70 91K 128K 166960K 1220 0 subproc 104 6K 6K 166960K 403 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 1 0K 0K 166960K 74 0 in_multi 84 6K 7K 166960K 360 0 ether_multi 1 0K 0K 166960K 4 0 mrt 1 0K 0K 166960K 1 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 235 1049K 1049K 166960K 235 0 exec 0 0K 1K 166960K 734 0 pfkey data 0 0K 0K 166960K 3 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 267 82K 101K 166960K 10180 0 UVM aobj 112 5K 5K 166960K 113 0 pinsyscall 43 86K 104K 166960K 2710 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 0K 166960K 27 0 NDP 12 0K 1K 166960K 108 0 temp 78 6812K 6948K 166960K 28782 0 kqueue 14 22K 27K 166960K 158 0 SYN cache 2 16K 16K 166960K 2 0 ddb{0}> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle plcache 128 24 0 0 1 0 1 1 0 8 0 rtpcb 120 137 0 133 1 0 1 1 0 8 0 rtentry 112 388 0 298 4 0 4 4 0 8 0 unpcb 144 880 0 862 11 10 1 6 0 8 0 syncache 336 3 0 3 1 1 0 1 0 8 0 tcpcb 808 326 0 322 13 11 2 8 0 8 1 arp 120 70 0 53 1 0 1 1 0 8 0 inpcb 336 1238 0 1223 20 18 2 7 0 8 0 nd6 136 100 0 78 2 1 1 2 0 8 0 pkpcb 40 3 0 3 2 2 0 1 0 8 0 kcovpl 48 31 0 23 1 0 1 1 0 8 0 ppxss 1168 5 0 5 3 2 1 1 0 8 1 pfstscr 40 1 0 0 1 0 1 1 0 8 0 pffrag 232 8 0 2 1 0 1 1 0 482 0 pffrnode 88 8 0 2 1 0 1 1 0 8 0 pffrent 40 10 0 4 1 0 1 1 0 8 0 pfosfp 40 1429 0 1005 5 0 5 5 0 8 0 pfosfpen 112 1429 0 714 21 0 21 21 0 8 0 pfrktable 1344 16 0 16 2 2 0 1 0 8 0 pfanchor 1288 7 0 6 1 0 1 1 0 8 0 pfstitem 24 107 0 48 1 0 1 1 0 8 0 pfstkey 128 107 0 48 2 0 2 2 0 8 0 pfstate 376 105 0 47 6 0 6 6 0 8 0 pfrule 1344 34 0 27 2 0 2 2 0 8 1 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 1490 0 1123 30 2 28 29 0 8 0 art_table 32 1491 0 1123 4 0 4 4 0 8 0 art_node 16 384 0 305 1 0 1 1 0 8 0 sysvmsgpl 40 5 0 3 1 0 1 1 0 8 0 semapl 112 48 0 38 1 0 1 1 0 8 0 shmpl 112 110 0 1 4 0 4 4 0 8 0 dirhash 1024 31 0 14 3 0 3 3 0 8 0 dino2pl 256 2796 0 1246 98 0 98 98 0 8 0 ffsino 272 2796 0 1246 104 0 104 104 0 8 0 nchpl 144 3852 0 2128 65 0 65 65 0 8 0 uvmvnodes 80 3661 0 0 75 0 75 75 0 8 0 vnodes 216 3661 0 0 204 0 204 204 0 8 0 namei 1024 16516 0 16516 3 2 1 1 0 8 1 percpumem 16 80 0 34 1 0 1 1 0 8 0 vcpupl 3904 2 0 0 1 0 1 1 0 8 0 vmpool 696 2 0 0 1 0 1 1 0 8 0 pfiaddrpl 120 5 0 5 2 2 0 1 0 8 0 kstatmem 264 92 0 68 2 0 2 2 0 8 0 scsiplug 72 3 0 3 2 2 0 1 0 8 0 scxspl 216 21765 0 21765 12 11 1 8 1 8 1 plimitpl 152 242 0 225 1 0 1 1 0 8 0 sigapl 424 1311 0 1259 10 1 9 9 0 8 1 futexpl 64 10614 0 10609 3 2 1 1 0 8 0 knotepl 120 559 0 0 17 0 17 17 0 8 0 kqueuepl 216 308 0 297 5 4 1 3 0 8 0 pipepl 320 253 0 226 4 1 3 4 0 8 0 fdescpl 496 1271 0 1239 6 1 5 5 0 8 0 filepl 152 8637 0 8364 24 13 11 16 0 8 0 lockfpl 104 379 0 375 2 1 1 2 0 8 0 lockfspl 48 110 0 106 1 0 1 1 0 8 0 sessionpl 144 47 0 38 1 0 1 1 0 8 0 pgrppl 48 89 0 72 1 0 1 1 0 8 0 ucredpl 104 1310 0 1296 1 0 1 1 0 8 0 zombiepl 144 1261 0 1259 1 0 1 1 0 8 0 processpl 1152 1311 0 1259 6 0 6 6 0 8 2 procpl 648 2406 0 2342 10 1 9 9 0 8 1 srpgc 96 6 0 6 3 2 1 1 0 8 1 sosppl 168 4 0 4 3 3 0 1 0 8 0 sockpl 664 2268 0 2231 27 23 4 15 0 8 0 mcl64k 65536 2 0 0 1 0 1 1 0 8 0 mcl8k 8192 5 0 0 1 0 1 1 0 8 0 mcl4k 4096 2 0 0 1 0 1 1 0 8 0 mcl2k 2048 218 0 0 28 0 28 28 0 8 0 mtagpl 96 6 0 0 1 0 1 1 0 8 0 mbufpl 256 360 0 0 19 0 19 19 0 8 0 bufpl 280 7074 0 902 442 1 441 442 0 8 0 anonpl 24 234496 0 228966 53 10 43 50 0 185 0 amapchunkpl 152 32843 0 32197 42 14 28 40 0 158 1 amappl16 200 5063 0 4996 14 5 9 11 0 8 0 amappl15 192 9 0 9 1 1 0 1 0 8 0 amappl14 184 160 0 148 1 0 1 1 0 8 0 amappl13 176 118 0 118 1 1 0 1 0 8 0 amappl12 168 2284 0 2252 4 2 2 3 0 8 0 amappl11 160 60 0 46 1 0 1 1 0 8 0 amappl10 152 7 0 7 1 1 0 1 0 8 0 amappl9 144 153 0 153 1 1 0 1 0 8 0 amappl8 136 19 0 16 1 0 1 1 0 8 0 amappl7 128 155 0 143 1 0 1 1 0 8 0 amappl6 120 421 0 420 1 0 1 1 0 8 0 amappl5 112 235 0 223 1 0 1 1 0 8 0 amappl4 104 387 0 367 1 0 1 1 0 8 0 amappl3 96 6440 0 6313 4 0 4 4 0 8 0 amappl2 88 946 0 882 2 0 2 2 0 8 0 amappl1 80 11918 0 11328 15 2 13 14 0 8 0 amappl 88 9604 0 9402 5 0 5 5 0 92 0 dma4096 4096 2 0 2 2 2 0 1 0 8 0 dma1024 1024 2 0 1 1 0 1 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 112 0 1 3 0 3 3 0 8 0 uaddrrnd 24 1273 0 1239 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 1273 0 1239 1 0 1 1 0 8 0 vmmpekpl 168 12358 0 12304 5 2 3 4 0 8 0 vmmpepl 168 85678 0 83654 96 5 91 92 0 357 0 vmsppl 440 1272 0 1239 6 2 4 5 0 8 0 rwobjpl 56 30739 0 25945 68 0 68 68 0 8 0 pdppl 4096 2553 0 2480 126 53 73 85 0 8 0 pvpl 32 27976 0 0 227 1 226 226 0 265 0 pmappl 248 1272 0 1239 3 0 3 3 0 8 0 extentpl 40 56 0 38 1 0 1 1 0 8 0 phpool 112 456 0 92 11 0 11 11 0 8 0 ddb{0}> machine ddbcpu 0 Invalid cpu 0 ddb{0}> trace arp_rtrequest(ffff8000011cf000,1,fffffd80675e59a8) at arp_rtrequest+0x660 arprequest sys/netinet/if_ether.c:281 [inline] arp_rtrequest(ffff8000011cf000,1,fffffd80675e59a8) at arp_rtrequest+0x660 sys/netinet/if_ether.c:184 rtrequest(1,ffff800037274c08,1,ffff800037274cb0,0) at rtrequest+0xbdc sys/net/route.c:1103 rt_ifa_add(ffff80000122da00,240004,ffff80000122da58,0) at rt_ifa_add+0x22e sys/net/route.c:1273 rt_ifa_addlocal(ffff80000122da00) at rt_ifa_addlocal+0x1d2 sys/net/route.c:1381 in_ifinit(ffff8000011cf000,ffff80000122da00,ffff800037274f70,1) at in_ifinit+0x26c sys/netinet/in.c:669 in_ioctl_change_ifaddr(8040691a,ffff800037274f60,ffff8000011cf000) at in_ioctl_change_ifaddr+0x92c sys/netinet/in.c:504 ifioctl(ffff800001190540,8040691a,ffff800037274f60,ffff800031783c20) at ifioctl+0x1571 pru_control sys/sys/protosw.h:354 [inline] ifioctl(ffff800001190540,8040691a,ffff800037274f60,ffff800031783c20) at ifioctl+0x1571 sys/net/if.c:2449 sys_ioctl(ffff800031783c20,ffff800037275140,ffff800037275090) at sys_ioctl+0x67c syscall(ffff800037275140) at syscall+0xbb6 mi_syscall sys/sys/syscall_mi.h:179 [inline] syscall(ffff800037275140) at syscall+0xbb6 sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xe5d738d6330, count: -10 ddb{0}> machine ddbcpu 1