kernel: page fault trap, code=10 Stopped at 0 TID PID UID PRFLAGS PFLAGS CPU COMMAND *288434 72700 0 0x8000000 0x4000000 0 syz-executor.1 0(ffff800000dd6800,b,fffffd806b496158,ffff800034269540,1220,0) at 0 rtrequest(b,ffff8000342695e8,3,ffff800034269688,0) at rtrequest+0x9dc sys/net/route.c:1103 rt_match(fffffd806c413098,0,1,0) at rt_match+0xc3 rt_clone sys/net/route.c:383 [inline] rt_match(fffffd806c413098,0,1,0) at rt_match+0xc3 sys/net/route.c:358 route_mpath(fffffd806c413080,ffff80003426983c,0,0) at route_mpath+0x8b sys/net/route.c:255 in_pcbselsrc(fffffd806d5cd9f8,ffff800034269838,fffffd806c413008) at in_pcbselsrc+0x1b7 sys/netinet/in_pcb.c:980 rip_output(fffffd806d5cd900,fffffd806b4ae3f8,ffff800034269838,a6) at rip_output+0x1fc sys/netinet/raw_ip.c:304 rip_send(fffffd806b4ae3f8,fffffd806d5cd900,0,0) at rip_send+0xe3 sys/netinet/raw_ip.c:648 sosend(fffffd806b4ae3f8,0,ffff800034269a38,0,0,0) at sosend+0x663 dofilewritev(ffff80002db3c558,5,ffff800034269a38,0,ffff800034269af0) at dofilewritev+0x1a9 sys/kern/sys_generic.c:375 sys_write(ffff80002db3c558,ffff800034269ba0,ffff800034269af0) at sys_write+0x87 sys/kern/sys_generic.c:295 syscall(ffff800034269ba0) at syscall+0x72a sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xb085ad55300, count: 4 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic *cpu0: attempt to execute user address 0x0 in supervisor mode ddb> trace 0(ffff800000dd6800,b,fffffd806b496158,ffff800034269540,1220,0) at 0 rtrequest(b,ffff8000342695e8,3,ffff800034269688,0) at rtrequest+0x9dc sys/net/route.c:1103 rt_match(fffffd806c413098,0,1,0) at rt_match+0xc3 rt_clone sys/net/route.c:383 [inline] rt_match(fffffd806c413098,0,1,0) at rt_match+0xc3 sys/net/route.c:358 route_mpath(fffffd806c413080,ffff80003426983c,0,0) at route_mpath+0x8b sys/net/route.c:255 in_pcbselsrc(fffffd806d5cd9f8,ffff800034269838,fffffd806c413008) at in_pcbselsrc+0x1b7 sys/netinet/in_pcb.c:980 rip_output(fffffd806d5cd900,fffffd806b4ae3f8,ffff800034269838,a6) at rip_output+0x1fc sys/netinet/raw_ip.c:304 rip_send(fffffd806b4ae3f8,fffffd806d5cd900,0,0) at rip_send+0xe3 sys/netinet/raw_ip.c:648 sosend(fffffd806b4ae3f8,0,ffff800034269a38,0,0,0) at sosend+0x663 dofilewritev(ffff80002db3c558,5,ffff800034269a38,0,ffff800034269af0) at dofilewritev+0x1a9 sys/kern/sys_generic.c:375 sys_write(ffff80002db3c558,ffff800034269ba0,ffff800034269af0) at sys_write+0x87 sys/kern/sys_generic.c:295 syscall(ffff800034269ba0) at syscall+0x72a sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xb085ad55300, count: -11 ddb> show registers rdi 0xffff800000dd6800 rsi 0xb rbp 0xffff8000342695d0 rbx 0xffff800000e13380 rdx 0xfffffd806b496158 rcx 0x2cb rax 0xffffffff81858f35 rtrequest+0x9b5 r8 0x100 r9 0xfffffd806b496158 r10 0x24f6202ffcaafef3 r11 0 r12 0xffff800034269688 r13 0 r14 0xfffffd806b496158 r15 0xffff8000342695e8 rip 0 cs 0x8 rflags 0x10246 __ALIGN_SIZE+0xf246 rsp 0xffff8000342694d8 ss 0x10 0 ddb> show proc PROC (syz-executor.1) tid=288434 pid=72700 tcnt=2 stat=onproc flags process=8000000 proc=4000000 runpri=32, usrpri=85, slppri=32, nice=20 wchan=0x0, wmesg=, ps_single=0x0 forw=0xffffffffffffffff, list=0xffff80002db3d228,0xffff80002a62ccf0 process=0xffff80003439a1a0 user=0xffff800034264000, vmspace=0xfffffd806edfa160 estcpu=35, cpticks=1, pctcpu=0.2, user=0, sys=1, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 72700 199526 74360 0 2 0x8000000 syz-executor.1 *72700 288434 74360 0 7 0xc000000 syz-executor.1 96673 327424 86010 0 2 0x8000000 syz-executor.3 96673 290159 86010 0 3 0xc000080 sbwait syz-executor.3 96673 439885 86010 0 3 0xc000080 sbwait syz-executor.3 96673 431080 86010 0 3 0xc000080 sbwait syz-executor.3 96673 374501 86010 0 2 0xc000000 syz-executor.3 74360 261203 70005 0 3 0x8000082 nanoslp syz-executor.1 20748 340324 1 0 3 0x18100083 ttyin getty 11789 345437 70005 0 2 0x8000482 syz-executor.5 46683 82258 70005 0 2 0x8000002 syz-executor.6 83553 482673 70005 0 2 0x8000002 syz-executor.2 76674 230955 70005 0 2 0x8000482 syz-executor.7 84563 298110 70005 0 2 0x8000002 syz-executor.0 59445 484747 70005 0 2 0x8000002 syz-executor.4 86010 347265 70005 0 3 0x8000082 nanoslp syz-executor.3 13654 113631 0 0 3 0x14200 acct acct 87689 426041 0 0 3 0x14280 nfsidl nfsio 90519 487023 0 0 3 0x14280 nfsidl nfsio 17091 424517 0 0 3 0x14280 nfsidl nfsio 3380 219092 0 0 3 0x14280 nfsidl nfsio 16301 488415 0 0 3 0x14280 nfsidl nfsio 13881 444760 0 0 3 0x14280 nfsidl nfsio 30252 17173 0 0 3 0x14280 nfsidl nfsio 24920 166003 0 0 3 0x14280 nfsidl nfsio 65097 62851 0 0 3 0x14280 nfsidl nfsio 22116 228873 0 0 3 0x14280 nfsidl nfsio 36998 75342 0 0 3 0x14280 nfsidl nfsio 43775 178976 0 0 3 0x14280 nfsidl nfsio 94078 65055 0 0 3 0x14280 nfsidl nfsio 70513 182841 0 0 3 0x14280 nfsidl nfsio 45010 371435 0 0 3 0x14280 nfsidl nfsio 70025 206619 0 0 3 0x14280 nfsidl nfsio 40942 90376 0 0 3 0x14280 nfsidl nfsio 92914 89723 0 0 3 0x14280 nfsidl nfsio 34210 506877 0 0 3 0x14280 nfsidl nfsio 20433 196038 0 0 3 0x14280 nfsidl nfsio 89926 68505 0 0 3 0x14200 bored sosplice 70005 125732 28877 0 3 0x1a000082 thrsleep syz-fuzzer 70005 185712 28877 0 3 0x1e000082 nanoslp syz-fuzzer 70005 140790 28877 0 3 0x1e000082 kqread syz-fuzzer 70005 308865 28877 0 3 0x1e000082 thrsleep syz-fuzzer 70005 163671 28877 0 3 0x1e000082 thrsleep syz-fuzzer 70005 186708 28877 0 3 0x1e000082 wait syz-fuzzer 70005 74815 28877 0 3 0x1e000082 wait syz-fuzzer 70005 329902 28877 0 3 0x1e000082 wait syz-fuzzer 70005 90823 28877 0 3 0x1e000082 wait syz-fuzzer 70005 288436 28877 0 3 0x1e000082 wait syz-fuzzer 70005 434339 28877 0 3 0x1e000082 thrsleep syz-fuzzer 70005 472231 28877 0 3 0x1e000082 wait syz-fuzzer 70005 218463 28877 0 3 0x1e000082 wait syz-fuzzer 70005 470453 28877 0 3 0x1e000082 thrsleep syz-fuzzer 70005 351496 28877 0 3 0x1e000082 wait syz-fuzzer 28877 420712 7476 0 3 0x810008a sigsusp ksh 7476 20741 74245 0 3 0x1800009a kqread sshd 74245 260965 1 0 3 0x18000088 kqread sshd 87894 348222 22117 73 2 0x19100010 syslogd 22117 424936 1 0 3 0x18100082 sbwait syslogd 41924 286684 1 0 3 0x18100080 kqread resolvd 69959 65229 72678 77 3 0x18100092 kqread dhcpleased 23851 299922 72678 77 3 0x18100092 kqread dhcpleased 72678 92671 1 0 3 0x18000080 kqread dhcpleased 32009 420232 0 0 3 0x14200 bored smr 59009 138439 0 0 2 0x14200 zerothread 27807 210353 0 0 3 0x14200 aiodoned aiodoned 62863 27161 0 0 3 0x14200 syncer update 29955 419423 0 0 3 0x14200 cleaner cleaner 20328 203804 0 0 3 0x14200 reaper reaper 465 445086 0 0 3 0x14200 pgdaemon pagedaemon 34557 294144 0 0 3 0x14200 bored viomb 13122 55732 0 0 3 0x40014200 acpi0 acpi0 23280 19086 0 0 3 0x14200 bored softnet3 91692 117069 0 0 3 0x14200 bored softnet2 59892 493777 0 0 3 0x14200 bored softnet1 42719 506099 0 0 3 0x14200 bored softnet0 18925 11825 0 0 3 0x14200 bored systqmp 75525 201201 0 0 3 0x14200 bored systq 79879 23030 0 0 2 0x40014200 softclock 10009 480914 0 0 3 0x40014200 idle0 1 183924 0 0 3 0x8080082 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10178 6487K 7002K 166960K 16217 0 pcb 15 16K 18K 166960K 471 0 rtable 228 11K 12K 166960K 2469 0 pf 31 9K 10K 166960K 192 0 ifaddr 44 12K 13K 166960K 300 0 ifgroup 54 2K 2K 166960K 349 0 sysctl 4 1K 1K 166960K 5 0 counters 31 17K 17K 166960K 105 0 ioctlops 0 0K 2K 166960K 229 0 iov 0 0K 28K 166960K 164 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1448 91K 91K 166960K 4007 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 1K 9K 166960K 92 0 VM map 2 1K 1K 166960K 2 0 sem 12 0K 0K 166960K 397 0 dirhash 12 2K 2K 166960K 66 0 ACPI 1697 195K 286K 166960K 12548 0 file desc 12 41K 81K 166960K 3836 0 sigio 0 0K 0K 166960K 43 0 proc 62 59K 83K 166960K 2032 0 subproc 104 6K 7K 166960K 765 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 0 0K 0K 166960K 420 0 in_multi 89 6K 7K 166960K 782 0 ether_multi 1 0K 0K 166960K 19 0 mrt 1 0K 0K 166960K 12 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 73 334K 334K 166960K 73 0 exec 0 0K 1K 166960K 1447 0 pfkey data 0 0K 0K 166960K 2 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 305 130K 138K 166960K 33748 0 UVM aobj 131 4K 4K 166960K 142 0 pinsyscall 32 64K 100K 166960K 6309 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 0K 166960K 156 0 NDP 12 0K 2K 166960K 203 0 temp 78 6804K 7072K 166960K 77869 0 kqueue 14 18K 28K 166960K 389 0 SYN cache 2 16K 16K 166960K 2 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle rtpcb 120 590 0 587 3 0 3 3 0 8 2 rtentry 112 834 0 733 4 0 4 4 0 8 0 unpcb 144 2657 0 2644 8 0 8 8 0 8 7 syncache 336 66 0 66 1 0 1 1 0 8 1 tcpqe 32 200 0 200 1 0 1 1 0 8 1 tcpcb 808 1406 0 1393 13 4 9 13 0 8 7 arp 88 160 0 144 1 0 1 1 0 8 0 ipq 40 4 0 4 1 0 1 1 0 8 1 ipqe 40 8 0 8 1 0 1 1 0 8 1 inpcb 360 4154 0 4136 19 10 9 18 0 8 6 nd6 104 183 0 161 1 0 1 1 0 8 0 pkpcb 40 25 0 25 1 0 1 1 0 8 1 kcovpl 48 58 0 50 1 0 1 1 0 8 0 ppxss 1072 8 0 8 1 0 1 1 0 8 1 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 2784 0 2367 56 27 29 29 0 8 2 art_table 32 2785 0 2367 4 0 4 4 0 8 0 art_node 16 783 0 693 1 0 1 1 0 8 0 sysvmsgpl 40 30 0 25 1 0 1 1 0 8 0 semapl 112 391 0 381 1 0 1 1 0 8 0 shmpl 112 139 0 11 4 0 4 4 0 8 0 dirhash 1024 53 0 36 3 0 3 3 0 8 0 dino2pl 256 6576 0 5050 96 0 96 96 0 8 0 ffsino 240 6576 0 5050 91 0 91 91 0 8 0 nchpl 144 11507 0 9771 66 0 66 66 0 8 0 uvmvnodes 80 7451 0 0 153 0 153 153 0 8 0 vnodes 216 7451 0 0 414 0 414 414 0 8 0 namei 1024 41568 0 41568 2 0 2 2 0 8 2 vcpupl 2048 9 0 1 1 0 1 1 0 8 0 vmpool 664 24 0 16 1 0 1 1 0 8 0 kstatmem 264 172 0 148 2 0 2 2 0 8 0 scxspl 216 60675 0 60675 8 0 8 8 1 8 8 plimitpl 152 481 0 466 1 0 1 1 0 8 0 sigapl 424 4186 0 4123 8 0 8 8 0 8 0 futexpl 64 48371 0 48371 1 0 1 1 0 8 1 knotepl 120 42508 0 42425 15 3 12 13 0 8 8 kqueuepl 184 752 0 743 4 0 4 4 0 8 3 pipepl 288 719 0 691 9 0 9 9 0 8 7 fdescpl 432 4007 0 3984 4 0 4 4 0 8 0 filepl 120 23874 0 23626 18 2 16 18 0 8 7 lockfpl 104 1211 0 1209 2 0 2 2 0 8 1 lockfspl 48 539 0 537 1 0 1 1 0 8 0 sessionpl 144 75 0 59 1 0 1 1 0 8 0 pgrppl 48 154 0 138 1 0 1 1 0 8 0 ucredpl 104 2879 0 2868 1 0 1 1 0 8 0 zombiepl 144 4125 0 4123 1 0 1 1 0 8 0 processpl 1072 4186 0 4123 5 0 5 5 0 8 0 procpl 656 8252 0 8170 9 0 9 9 0 8 1 sosppl 168 89 0 89 1 0 1 1 0 8 1 sockpl 488 7449 0 7415 86 74 12 41 0 8 6 mcl64k 65536 189 0 189 1 0 1 1 0 8 1 mcl16k 16384 87 0 87 1 0 1 1 0 8 1 mcl12k 12288 106 0 106 1 0 1 1 0 8 1 mcl9k 9216 22 0 22 1 0 1 1 0 8 1 mcl8k 8192 370 0 370 1 0 1 1 0 8 1 mcl4k 4096 515 0 514 2 0 2 2 0 8 1 mcl2k2 2112 42 0 42 1 0 1 1 0 8 1 mcl2k 2048 45139 0 45087 29 15 14 29 0 8 5 mtagpl 96 250 0 243 3 0 3 3 0 8 2 mbufpl 256 132911 0 132758 428 406 22 279 0 8 8 bufpl 280 13852 0 6398 533 0 533 533 0 8 0 anonpl 24 549285 0 543166 122 0 122 122 0 188 63 amapchunkpl 152 109118 0 108551 52 0 52 52 0 158 24 amappl16 200 10630 0 10515 41 24 17 20 0 8 8 amappl15 192 12 0 12 1 0 1 1 0 8 1 amappl14 184 316 0 302 2 0 2 2 0 8 1 amappl13 176 32 0 32 1 0 1 1 0 8 1 amappl12 168 5403 0 5378 2 0 2 2 0 8 0 amappl11 160 51 0 41 1 0 1 1 0 8 0 amappl10 152 100 0 89 1 0 1 1 0 8 0 amappl9 144 167 0 166 1 0 1 1 0 8 0 amappl8 136 453 0 359 4 0 4 4 0 8 0 amappl7 128 167 0 151 1 0 1 1 0 8 0 amappl6 120 975 0 960 2 0 2 2 0 8 1 amappl5 112 536 0 524 1 0 1 1 0 8 0 amappl4 104 965 0 931 2 0 2 2 0 8 0 amappl3 96 21109 0 21047 3 0 3 3 0 8 0 amappl2 88 4754 0 4683 3 0 3 3 0 8 1 amappl1 80 25871 0 25386 22 2 20 22 0 8 8 amappl 88 32607 0 32436 6 0 6 6 0 92 0 dma4096 4096 1 0 1 1 0 1 1 0 8 1 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 6 0 6 1 0 1 1 0 8 1 dma128 128 253 0 253 1 0 1 1 0 8 1 dma64 64 6 0 6 1 0 1 1 0 8 1 dma32 32 7 0 7 1 0 1 1 0 8 1 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 141 0 11 3 0 3 3 0 8 0 uaddrrnd 24 4031 0 4000 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 4031 0 4000 1 0 1 1 0 8 0 vmmpekpl 168 32043 0 31981 4 0 4 4 0 8 1 vmmpepl 168 267825 0 266100 111 0 111 111 0 357 16 vmsppl 344 4030 0 4000 4 0 4 4 0 8 0 rwobjpl 24 73924 0 65240 53 0 53 53 0 8 0 pdppl 4096 8068 0 8008 371 300 71 77 0 8 11 pvpl 32 1605259 0 1593067 361 25 336 361 0 265 208 pmappl 216 4030 0 4000 3 0 3 3 0 8 1 extentpl 40 56 0 38 1 0 1 1 0 8 0 phpool 112 1109 0 752 18 0 18 18 0 8 5 ddb> machine ddbcpu 0 No such command ddb> trace 0(ffff800000dd6800,b,fffffd806b496158,ffff800034269540,1220,0) at 0 rtrequest(b,ffff8000342695e8,3,ffff800034269688,0) at rtrequest+0x9dc sys/net/route.c:1103 rt_match(fffffd806c413098,0,1,0) at rt_match+0xc3 rt_clone sys/net/route.c:383 [inline] rt_match(fffffd806c413098,0,1,0) at rt_match+0xc3 sys/net/route.c:358 route_mpath(fffffd806c413080,ffff80003426983c,0,0) at route_mpath+0x8b sys/net/route.c:255 in_pcbselsrc(fffffd806d5cd9f8,ffff800034269838,fffffd806c413008) at in_pcbselsrc+0x1b7 sys/netinet/in_pcb.c:980 rip_output(fffffd806d5cd900,fffffd806b4ae3f8,ffff800034269838,a6) at rip_output+0x1fc sys/netinet/raw_ip.c:304 rip_send(fffffd806b4ae3f8,fffffd806d5cd900,0,0) at rip_send+0xe3 sys/netinet/raw_ip.c:648 sosend(fffffd806b4ae3f8,0,ffff800034269a38,0,0,0) at sosend+0x663 dofilewritev(ffff80002db3c558,5,ffff800034269a38,0,ffff800034269af0) at dofilewritev+0x1a9 sys/kern/sys_generic.c:375 sys_write(ffff80002db3c558,ffff800034269ba0,ffff800034269af0) at sys_write+0x87 sys/kern/sys_generic.c:295 syscall(ffff800034269ba0) at syscall+0x72a sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xb085ad55300, count: -11 ddb> machine ddbcpu 1 No such command ddb> trace 0(ffff800000dd6800,b,fffffd806b496158,ffff800034269540,1220,0) at 0 rtrequest(b,ffff8000342695e8,3,ffff800034269688,0) at rtrequest+0x9dc sys/net/route.c:1103 rt_match(fffffd806c413098,0,1,0) at rt_match+0xc3 rt_clone sys/net/route.c:383 [inline] rt_match(fffffd806c413098,0,1,0) at rt_match+0xc3 sys/net/route.c:358 route_mpath(fffffd806c413080,ffff80003426983c,0,0) at route_mpath+0x8b sys/net/route.c:255 in_pcbselsrc(fffffd806d5cd9f8,ffff800034269838,fffffd806c413008) at in_pcbselsrc+0x1b7 sys/netinet/in_pcb.c:980 rip_output(fffffd806d5cd900,fffffd806b4ae3f8,ffff800034269838,a6) at rip_output+0x1fc sys/netinet/raw_ip.c:304 rip_send(fffffd806b4ae3f8,fffffd806d5cd900,0,0) at rip_send+0xe3 sys/netinet/raw_ip.c:648 sosend(fffffd806b4ae3f8,0,ffff800034269a38,0,0,0) at sosend+0x663 dofilewritev(ffff80002db3c558,5,ffff800034269a38,0,ffff800034269af0) at dofilewritev+0x1a9 sys/kern/sys_generic.c:375 sys_write(ffff80002db3c558,ffff800034269ba0,ffff800034269af0) at sys_write+0x87 sys/kern/sys_generic.c:295 syscall(ffff800034269ba0) at syscall+0x72a sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xb085ad55300, count: -11