login: uvm_fault(0xfffffd806bc0e730, 0x0, 0, 1) -> e kernel: page fault trap, code=0 Stopped at rtrequest+0x8e1: movzbl 0(%r14),%r15d TID PID UID PRFLAGS PFLAGS CPU COMMAND *475684 7043 0 0 0x4000000 0 syz-executor.3 rtrequest(1,ffff80002e890d38,0,ffff80002e890ca8,0) at rtrequest+0x8e1 sys/net/route.c:941 rtm_output(ffff800000d47500,ffff80002e890de0,ffff80002e890d38,0,0) at rtm_output+0x5f7 sys/net/rtsock.c:958 route_output(fffffd8066600c00,fffffd806ae79cf8) at route_output+0x6bc sys/net/rtsock.c:863 route_send(fffffd806ae79cf8,fffffd8066600c00,0,0) at route_send+0x8f sys/net/rtsock.c:339 sosend(fffffd806ae79cf8,0,ffff80002e890fb0,0,0,0) at sosend+0x66d sendit(ffff80002314d2a8,3,ffff80002e8910b0,0,ffff80002e891190) at sendit+0x65d sys/kern/uipc_syscalls.c:786 sys_sendto(ffff80002314d2a8,ffff80002e891140,ffff80002e891190) at sys_sendto+0x84 sys/kern/uipc_syscalls.c:564 syscall(ffff80002e891210) at syscall+0x4a8 sys/arch/amd64/amd64/trap.c:623 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x97a5aefa830, count: 6 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic *cpu0: uvm_fault(0xfffffd806bc0e730, 0x0, 0, 1) -> e ddb> trace rtrequest(1,ffff80002e890d38,0,ffff80002e890ca8,0) at rtrequest+0x8e1 sys/net/route.c:941 rtm_output(ffff800000d47500,ffff80002e890de0,ffff80002e890d38,0,0) at rtm_output+0x5f7 sys/net/rtsock.c:958 route_output(fffffd8066600c00,fffffd806ae79cf8) at route_output+0x6bc sys/net/rtsock.c:863 route_send(fffffd806ae79cf8,fffffd8066600c00,0,0) at route_send+0x8f sys/net/rtsock.c:339 sosend(fffffd806ae79cf8,0,ffff80002e890fb0,0,0,0) at sosend+0x66d sendit(ffff80002314d2a8,3,ffff80002e8910b0,0,ffff80002e891190) at sendit+0x65d sys/kern/uipc_syscalls.c:786 sys_sendto(ffff80002314d2a8,ffff80002e891140,ffff80002e891190) at sys_sendto+0x84 sys/kern/uipc_syscalls.c:564 syscall(ffff80002e891210) at syscall+0x4a8 sys/arch/amd64/amd64/trap.c:623 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x97a5aefa830, count: -9 ddb> show registers rdi 0xffff800027fd9000 rsi 0x2e3 rbp 0xffff80002e890c80 rbx 0x33 rdx 0xffff800027fd9000 rcx 0x2e2 rax 0xffffffff81448f22 rt_putgwroute+0x112 r8 0x20 r9 0 r10 0x31dba7a72d7eb954 r11 0x6959c990d3093dcb r12 0xfffffd8069bab4e8 r13 0xffff80002e890d38 r14 0 r15 0xffff8000006c6c60 rip 0xffffffff81447e21 rtrequest+0x8e1 cs 0x8 rflags 0x10246 __ALIGN_SIZE+0xf246 rsp 0xffff80002e890b90 ss 0x10 rtrequest+0x8e1: movzbl 0(%r14),%r15d ddb> show proc PROC (syz-executor.3) tid=475684 pid=7043 tcnt=2 stat=onproc flags process=0 proc=4000000 runpri=32, usrpri=83, slppri=32, nice=20 wchan=0x0, wmesg=, ps_single=0x0 forw=0xffffffffffffffff, list=0xffff80002314e298,0xffff80002314e7f8 process=0xffff80002e9013b0 user=0xffff80002e88c000, vmspace=0xfffffd806bc0e730 estcpu=36, cpticks=1, pctcpu=0.0, user=0, sys=1, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 68006 315562 65386 0 2 0 syz-executor.1 68006 357021 65386 0 2 0x4000000 syz-executor.1 69819 158118 67931 0 2 0 syz-executor.7 57744 222994 53078 0 2 0 syz-executor.0 57744 500781 53078 0 2 0x4000000 syz-executor.0 7043 407371 92905 0 2 0 syz-executor.3 * 7043 475684 92905 0 7 0x4000000 syz-executor.3 40924 96170 53489 0 2 0 syz-executor.2 40924 274655 53489 0 3 0x4000080 fsleep syz-executor.2 37353 261808 40055 0 2 0 syz-executor.4 37353 464395 40055 0 3 0x4000080 fsleep syz-executor.4 73151 448049 0 0 3 0x14280 nfsidl nfsio 79592 408420 0 0 3 0x14280 nfsidl nfsio 10536 318594 0 0 3 0x14280 nfsidl nfsio 76513 186650 0 0 3 0x14280 nfsidl nfsio 28519 118788 0 0 3 0x14280 nfsidl nfsio 61495 83293 0 0 3 0x14280 nfsidl nfsio 33586 321614 0 0 3 0x14280 nfsidl nfsio 84546 142903 0 0 3 0x14280 nfsidl nfsio 47894 490413 0 0 3 0x14280 nfsidl nfsio 69847 497773 0 0 3 0x14280 nfsidl nfsio 78111 171306 0 0 3 0x14280 nfsidl nfsio 49338 63138 0 0 3 0x14280 nfsidl nfsio 79577 170787 0 0 3 0x14280 nfsidl nfsio 20886 39684 0 0 3 0x14280 nfsidl nfsio 22929 498282 0 0 3 0x14280 nfsidl nfsio 53206 151069 0 0 3 0x14280 nfsidl nfsio 47295 95537 0 0 3 0x14280 nfsidl nfsio 93573 475136 0 0 3 0x14280 nfsidl nfsio 49561 496380 0 0 3 0x14280 nfsidl nfsio 49917 277813 0 0 3 0x14280 nfsidl nfsio 64235 481537 1 0 3 0x100083 ttyin getty 41844 492754 0 0 3 0x14200 bored sosplice 758 280823 33696 0 2 0x2 syz-executor.6 40055 59593 33696 0 3 0x82 nanoslp syz-executor.4 92905 324355 33696 0 3 0x82 nanoslp syz-executor.3 53489 38557 33696 0 3 0x82 nanoslp syz-executor.2 67931 16401 33696 0 3 0x82 nanoslp syz-executor.7 15605 404132 33696 0 2 0x2 syz-executor.5 65386 95058 33696 0 3 0x82 nanoslp syz-executor.1 53078 121268 33696 0 3 0x82 nanoslp syz-executor.0 33696 195206 68156 0 3 0x2000082 wait syz-fuzzer 33696 403918 68156 0 3 0x6000082 nanoslp syz-fuzzer 33696 201703 68156 0 3 0x6000082 thrsleep syz-fuzzer 33696 346850 68156 0 3 0x6000082 wait syz-fuzzer 33696 504671 68156 0 3 0x6000082 thrsleep syz-fuzzer 33696 20310 68156 0 3 0x6000082 wait syz-fuzzer 33696 103943 68156 0 3 0x6000082 wait syz-fuzzer 33696 192343 68156 0 3 0x6000082 wait syz-fuzzer 33696 92751 68156 0 3 0x6000082 wait syz-fuzzer 33696 451869 68156 0 3 0x6000082 wait syz-fuzzer 33696 275456 68156 0 3 0x6000082 thrsleep syz-fuzzer 33696 96708 68156 0 3 0x6000082 wait syz-fuzzer 33696 49331 68156 0 3 0x6000082 kqread syz-fuzzer 33696 362481 68156 0 3 0x6000082 thrsleep syz-fuzzer 68156 302598 71013 0 3 0x10008a sigsusp ksh 71013 255541 1616 0 3 0x9a kqread sshd 1616 183019 1 0 3 0x88 kqread sshd 91654 447058 39026 73 3 0x1100090 kqread syslogd 39026 116060 1 0 3 0x100082 netio syslogd 49138 70897 1 0 3 0x100080 kqread resolvd 48709 511625 8055 77 3 0x100092 kqread dhcpleased 180 53405 8055 77 3 0x100092 kqread dhcpleased 8055 172862 1 0 3 0x80 kqread dhcpleased 34639 378970 0 0 3 0x14200 bored smr 39077 226826 0 0 2 0x14200 zerothread 11568 112947 0 0 3 0x14200 aiodoned aiodoned 91500 326442 0 0 3 0x14200 syncer update 21983 104202 0 0 3 0x14200 cleaner cleaner 21821 477693 0 0 3 0x14200 reaper reaper 6221 168614 0 0 3 0x14200 pgdaemon pagedaemon 8875 245927 0 0 3 0x14200 bored viomb 45114 306756 0 0 3 0x40014200 acpi0 acpi0 1638 164721 0 0 3 0x14200 bored softnet3 22479 134535 0 0 3 0x14200 bored softnet2 17514 114721 0 0 3 0x14200 bored softnet1 29968 112401 0 0 3 0x14200 bored softnet0 59550 369396 0 0 3 0x14200 bored systqmp 29627 402093 0 0 3 0x14200 bored systq 40263 34338 0 0 3 0x40014200 tmoslp softclock 74869 420903 0 0 3 0x40014200 idle0 1 190813 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10177 6531K 8339K 78643K 13336 0 pcb 14 8K 8K 78643K 169 0 rtable 238 6K 7K 78643K 379 0 pf 29 8K 9K 78643K 55 0 ifaddr 43 11K 11K 78643K 57 0 ifgroup 50 2K 2K 78643K 88 0 sysctl 3 0K 0K 78643K 3 0 counters 28 17K 17K 78643K 38 0 ioctlops 0 0K 2K 78643K 94 0 iov 0 0K 16K 78643K 109 0 mount 1 1K 1K 78643K 1 0 log 0 0K 0K 78643K 4 0 vnodes 1301 81K 82K 78643K 2061 0 UFS quota 1 32K 32K 78643K 1 0 UFS mount 5 36K 36K 78643K 5 0 shm 2 1K 25K 78643K 59 0 VM map 2 1K 1K 78643K 2 0 sem 12 1K 1K 78643K 12 0 dirhash 12 2K 2K 78643K 12 0 ACPI 1697 195K 286K 78643K 12548 0 file desc 16 57K 69K 78643K 2429 0 sigio 0 0K 0K 78643K 69 0 proc 58 59K 82K 78643K 504 0 subproc 104 6K 6K 78643K 104 0 NFS srvsock 1 0K 0K 78643K 1 0 NFS daemon 1 16K 16K 78643K 1 0 ip_moptions 0 0K 0K 78643K 72 0 in_multi 99 7K 7K 78643K 144 0 ether_multi 1 0K 0K 78643K 9 0 mrt 0 0K 0K 78643K 8 0 ISOFS mount 1 32K 32K 78643K 1 0 MSDOSFS mount 1 16K 16K 78643K 1 0 ttys 61 281K 281K 78643K 61 0 exec 0 0K 1K 78643K 519 0 tdb 3 0K 0K 78643K 3 0 pagedep 1 8K 8K 78643K 1 0 inodedep 1 32K 32K 78643K 1 0 newblk 1 0K 0K 78643K 1 0 VM swap 8 62K 64K 78643K 10 0 UVM amap 318 80K 91K 78643K 23119 0 UVM aobj 131 4K 4K 78643K 131 0 memdesc 1 4K 4K 78643K 1 0 crypto data 1 1K 1K 78643K 1 0 ip6_options 0 0K 1K 78643K 121 0 NDP 11 0K 2K 78643K 37 0 temp 74 5916K 5980K 78643K 11751 0 kqueue 12 18K 24K 78643K 105 0 SYN cache 2 16K 16K 78643K 2 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle rtpcb 120 77 0 73 1 0 1 1 0 8 0 rtentry 112 113 0 1 4 0 4 4 0 8 0 unpcb 144 700 0 685 3 2 1 2 0 8 0 syncache 304 75 0 75 5 4 1 1 0 8 1 tcpqe 32 240 0 240 4 4 0 1 0 8 0 tcpcb 808 477 0 443 11 4 7 9 0 8 1 arp 88 19 0 0 1 0 1 1 0 8 0 ipq 40 1 0 1 1 1 0 1 0 8 0 ipqe 40 4 0 4 1 1 0 1 0 8 0 inpcb 336 1091 0 1046 9 1 8 8 0 8 2 nd6 104 24 0 0 1 0 1 1 0 8 0 pkpcb 40 10 0 10 1 1 0 1 0 8 0 kcovpl 48 8 0 0 1 0 1 1 0 8 0 ppxss 1160 4 0 4 1 1 0 1 0 8 0 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 453 0 0 29 0 29 29 0 8 0 art_table 32 454 0 0 4 0 4 4 0 8 0 art_node 16 111 0 10 1 0 1 1 0 8 0 sysvmsgpl 40 45 0 45 1 1 0 1 0 8 0 semupl 112 8 0 8 1 1 0 1 0 8 0 semapl 112 10 0 0 1 0 1 1 0 8 0 shmpl 112 128 0 0 4 0 4 4 0 8 0 dirhash 1024 17 0 0 3 0 3 3 0 8 0 dino2pl 256 4570 0 3123 92 0 92 92 0 8 0 ffsino 240 4570 0 3123 86 0 86 86 0 8 0 nchpl 144 7635 0 7114 63 41 22 63 0 8 0 uvmvnodes 80 5185 0 0 106 0 106 106 0 8 0 vnodes 216 5185 0 0 289 0 289 289 0 8 0 namei 1024 20557 0 20557 3 2 1 2 0 8 1 vcpupl 2048 53 0 0 7 0 7 7 0 8 0 vmpool 664 53 0 0 5 0 5 5 0 8 0 kstatmem 264 42 0 20 2 0 2 2 0 8 0 scxspl 216 23063 0 23063 9 8 1 8 1 8 1 plimitpl 152 136 0 120 1 0 1 1 0 8 0 sigapl 424 2750 0 2686 8 0 8 8 0 8 0 futexpl 64 17674 0 17672 1 0 1 1 0 8 0 knotepl 120 21342 0 21262 4 0 4 4 0 8 0 kqueuepl 184 182 0 174 1 0 1 1 0 8 0 pipepl 288 172 0 144 3 0 3 3 0 8 0 fdescpl 432 2713 0 2686 4 0 4 4 0 8 0 filepl 120 8767 0 8527 10 1 9 9 0 8 0 lockfpl 104 672 0 670 1 0 1 1 0 8 0 lockfspl 48 237 0 235 1 0 1 1 0 8 0 sessionpl 144 25 0 9 1 0 1 1 0 8 0 pgrppl 48 57 0 41 1 0 1 1 0 8 0 ucredpl 104 1561 0 1551 1 0 1 1 0 8 0 zombiepl 144 2686 0 2686 1 0 1 1 0 8 1 processpl 1008 2750 0 2686 10 1 9 9 0 8 0 procpl 680 5424 0 5342 10 1 9 9 0 8 1 sosppl 168 80 0 76 1 0 1 1 0 8 0 sockpl 456 1886 0 1829 17 2 15 16 0 8 3 mcl64k 65536 29 0 29 1 0 1 1 0 8 1 mcl16k 16384 99 0 99 4 3 1 1 0 8 1 mcl12k 12288 25 0 25 1 1 0 1 0 8 0 mcl9k 9216 4 0 4 1 1 0 1 0 8 0 mcl8k 8192 77 0 77 5 4 1 1 0 8 1 mcl4k 4096 169 0 169 5 4 1 3 0 8 1 mcl2k2 2112 16 0 16 1 0 1 1 0 8 1 mcl2k 2048 21292 0 21244 35 25 10 27 0 8 2 mtagpl 96 219 0 8 7 1 6 6 0 8 0 mbufpl 256 78507 0 78068 180 144 36 173 0 8 6 bufpl 288 7109 0 715 457 0 457 457 0 8 0 anonpl 24 448443 0 441791 97 40 57 84 0 188 0 amapchunkpl 152 73907 0 73289 43 13 30 37 0 158 2 amappl16 200 12876 0 12670 55 41 14 34 0 8 0 amappl15 192 9 0 9 1 1 0 1 0 8 0 amappl14 184 160 0 148 2 1 1 2 0 8 0 amappl13 176 16 0 16 2 2 0 1 0 8 0 amappl12 168 3337 0 3309 2 0 2 2 0 8 0 amappl11 160 53 0 42 1 0 1 1 0 8 0 amappl10 152 34 0 23 1 0 1 1 0 8 0 amappl9 144 157 0 157 1 1 0 1 0 8 0 amappl8 136 219 0 162 3 0 3 3 0 8 0 amappl7 128 169 0 151 2 0 2 2 0 8 0 amappl6 120 235 0 229 1 0 1 1 0 8 0 amappl5 112 133 0 124 1 0 1 1 0 8 0 amappl4 104 482 0 459 2 1 1 2 0 8 0 amappl3 96 14895 0 14824 3 0 3 3 0 8 0 amappl2 88 3213 0 3142 3 1 2 3 0 8 0 amappl1 80 17105 0 16598 22 10 12 22 0 8 0 amappl 88 22470 0 22299 5 0 5 5 0 92 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 130 0 0 3 0 3 3 0 8 0 uaddrrnd 24 2766 0 2686 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 2766 0 2686 1 0 1 1 0 8 0 vmmpekpl 168 19379 0 19320 3 0 3 3 0 8 0 vmmpepl 168 173965 0 172030 126 34 92 113 0 357 3 vmsppl 368 2765 0 2686 8 0 8 8 0 8 0 rwobjpl 24 53305 0 46843 40 0 40 40 0 8 0 pdppl 4096 5538 0 5425 196 79 117 117 0 8 4 pvpl 32 1140295 0 1128303 361 96 265 361 0 265 146 pmappl 216 2765 0 2686 5 0 5 5 0 8 0 extentpl 40 56 0 38 1 0 1 1 0 8 0 phpool 112 1148 0 269 30 1 29 30 0 8 0 ddb> machine ddbcpu 0 No such command ddb> trace rtrequest(1,ffff80002e890d38,0,ffff80002e890ca8,0) at rtrequest+0x8e1 sys/net/route.c:941 rtm_output(ffff800000d47500,ffff80002e890de0,ffff80002e890d38,0,0) at rtm_output+0x5f7 sys/net/rtsock.c:958 route_output(fffffd8066600c00,fffffd806ae79cf8) at route_output+0x6bc sys/net/rtsock.c:863 route_send(fffffd806ae79cf8,fffffd8066600c00,0,0) at route_send+0x8f sys/net/rtsock.c:339 sosend(fffffd806ae79cf8,0,ffff80002e890fb0,0,0,0) at sosend+0x66d sendit(ffff80002314d2a8,3,ffff80002e8910b0,0,ffff80002e891190) at sendit+0x65d sys/kern/uipc_syscalls.c:786 sys_sendto(ffff80002314d2a8,ffff80002e891140,ffff80002e891190) at sys_sendto+0x84 sys/kern/uipc_syscalls.c:564 syscall(ffff80002e891210) at syscall+0x4a8 sys/arch/amd64/amd64/trap.c:623 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x97a5aefa830, count: -9 ddb> machine ddbcpu 1 No such command ddb> trace rtrequest(1,ffff80002e890d38,0,ffff80002e890ca8,0) at rtrequest+0x8e1 sys/net/route.c:941 rtm_output(ffff800000d47500,ffff80002e890de0,ffff80002e890d38,0,0) at rtm_output+0x5f7 sys/net/rtsock.c:958 route_output(fffffd8066600c00,fffffd806ae79cf8) at route_output+0x6bc sys/net/rtsock.c:863 route_send(fffffd806ae79cf8,fffffd8066600c00,0,0) at route_send+0x8f sys/net/rtsock.c:339 sosend(fffffd806ae79cf8,0,ffff80002e890fb0,0,0,0) at sosend+0x66d sendit(ffff80002314d2a8,3,ffff80002e8910b0,0,ffff80002e891190) at sendit+0x65d sys/kern/uipc_syscalls.c:786 sys_sendto(ffff80002314d2a8,ffff80002e891140,ffff80002e891190) at sys_sendto+0x84 sys/kern/uipc_syscalls.c:564 syscall(ffff80002e891210) at syscall+0x4a8 sys/arch/amd64/amd64/trap.c:623 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x97a5aefa830, count: -9