uvm_fault(0xffffffff838c7728, 0xffff80000149a08a, 0, 1) -> e kernel: page fault trap, code=0 Stopped at arp_rtrequest+0x6a4: movzwl 0xc(%rcx,%rbx,1),%ecx TID PID UID PRFLAGS PFLAGS CPU COMMAND *226834 18912 0 0x10 0x4000000 0 syz-executor arp_rtrequest(ffff800000039058,1,fffffd80691fd2c0) at arp_rtrequest+0x6a4 arprequest sys/netinet/if_ether.c:325 [inline] arp_rtrequest(ffff800000039058,1,fffffd80691fd2c0) at arp_rtrequest+0x6a4 sys/netinet/if_ether.c:226 rtrequest(1,ffff80003bd312e0,0,ffff80003bd31250,16) at rtrequest+0xf08 sys/net/route.c:1114 rtm_output(ffff800000b50900,ffff80003bd31388,ffff80003bd312e0,0,16) at rtm_output+0x91a sys/net/rtsock.c:953 route_output(fffffd8074db6100,ffff800010fd5390) at route_output+0xa2b sys/net/rtsock.c:858 route_send(ffff800010fd5390,fffffd8074db6100,0,0) at route_send+0xd7 sys/net/rtsock.c:322 sosend(ffff800010fd5390,0,ffff80003bd31538,0,0,808) at sosend+0x804 sys/kern/uipc_socket.c:-1 sendit(ffff800034508d20,9,ffff80003bd31630,808,ffff80003bd316d0) at sendit+0x5a5 sys/kern/uipc_syscalls.c:785 sys_sendto(ffff800034508d20,ffff80003bd31780,ffff80003bd316d0) at sys_sendto+0x8d sys/kern/uipc_syscalls.c:563 syscall(ffff80003bd31780) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80003bd31780) at syscall+0x962 sys/arch/amd64/amd64/trap.c:748 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x68aa736f210, count: 5 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic *cpu0: uvm_fault(0xffffffff838c7728, 0xffff80000149a08a, 0, 1) -> e ddb> trace arp_rtrequest(ffff800000039058,1,fffffd80691fd2c0) at arp_rtrequest+0x6a4 arprequest sys/netinet/if_ether.c:325 [inline] arp_rtrequest(ffff800000039058,1,fffffd80691fd2c0) at arp_rtrequest+0x6a4 sys/netinet/if_ether.c:226 rtrequest(1,ffff80003bd312e0,0,ffff80003bd31250,16) at rtrequest+0xf08 sys/net/route.c:1114 rtm_output(ffff800000b50900,ffff80003bd31388,ffff80003bd312e0,0,16) at rtm_output+0x91a sys/net/rtsock.c:953 route_output(fffffd8074db6100,ffff800010fd5390) at route_output+0xa2b sys/net/rtsock.c:858 route_send(ffff800010fd5390,fffffd8074db6100,0,0) at route_send+0xd7 sys/net/rtsock.c:322 sosend(ffff800010fd5390,0,ffff80003bd31538,0,0,808) at sosend+0x804 sys/kern/uipc_socket.c:-1 sendit(ffff800034508d20,9,ffff80003bd31630,808,ffff80003bd316d0) at sendit+0x5a5 sys/kern/uipc_syscalls.c:785 sys_sendto(ffff800034508d20,ffff80003bd31780,ffff80003bd316d0) at sys_sendto+0x8d sys/kern/uipc_syscalls.c:563 syscall(ffff80003bd31780) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80003bd31780) at syscall+0x962 sys/arch/amd64/amd64/trap.c:748 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x68aa736f210, count: -10 ddb> show registers rdi 0xffff800038520000 rsi 0xe7f rbp 0xffff80003bd31130 rbx 0xde rdx 0xffff800038520000 rcx 0xffff800001499fa0 rax 0xfffffd8074db6ee0 r8 0x1000 __ALIGN_SIZE r9 0 r10 0xeeca762a25ea026e r11 0xc9dd3a07426f9102 r12 0x2d r13 0xfffffd8074db6e00 r14 0xfffffd80691fd2c0 r15 0xffff800000039058 rip 0xffffffff81bef154 arp_rtrequest+0x6a4 cs 0x8 rflags 0x10246 __ALIGN_SIZE+0xf246 rsp 0xffff80003bd310b0 ss 0x10 arp_rtrequest+0x6a4: movzwl 0xc(%rcx,%rbx,1),%ecx ddb> show proc PROC (syz-executor) tid=226834 pid=18912 tcnt=4 stat=onproc flags process=10 proc=4000000 runpri=80, usrpri=80, slppri=32, nice=20 wchan=0x0, wmesg=, ps_single=0x0 scnt=0 ecnt=0 forw=0xffffffffffffffff, list=0xffff80003450b4f0,0xffff800034508038 process=0xffff8000ffff9b18 user=0xffff80003bd2c000, vmspace=0xfffffd806b9f9180 estcpu=30, cpticks=2, pctcpu=0.0, user=0, sys=2, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 12823 73292 49369 0 2 0 syz-executor 12823 189984 49369 0 3 0x4000080 fsleep syz-executor 12823 411981 49369 0 3 0x4000080 fsleep syz-executor 52336 501350 72994 0 2 0 syz-executor 52336 402630 72994 0 3 0x4000080 fsleep syz-executor 98873 49404 58169 0 2 0 syz-executor 98873 132086 58169 0 3 0x4000080 fsleep syz-executor 18912 137873 4536 0 2 0x10 syz-executor *18912 226834 4536 0 7 0x4000010 syz-executor 18912 428731 4536 0 3 0x4000090 fsleep syz-executor 18912 171045 4536 0 3 0x4000090 fsleep syz-executor 6664 138850 74076 0 2 0 syz-executor 6664 467607 74076 0 3 0x4000080 fsleep syz-executor 6664 164053 74076 0 3 0x4000080 fsleep syz-executor 6664 374537 74076 0 3 0x4000080 fsleep syz-executor 6664 488031 74076 0 3 0x4000080 fsleep syz-executor 87290 281733 35599 0 2 0 syz-executor 87290 361376 35599 0 3 0x4000080 ttyout syz-executor 87290 416100 35599 0 3 0x4000080 fsleep syz-executor 87290 320026 35599 0 3 0x4000080 fsleep syz-executor 38240 36564 0 0 3 0x14200 acct acct 38921 117916 0 0 3 0x14280 nfsidl nfsio 17179 320430 0 0 3 0x14280 nfsidl nfsio 10594 399802 0 0 3 0x14280 nfsidl nfsio 84626 200781 0 0 3 0x14280 nfsidl nfsio 39274 66822 0 0 3 0x14280 nfsidl nfsio 1771 398997 0 0 3 0x14280 nfsidl nfsio 55224 4346 0 0 3 0x14280 nfsidl nfsio 20142 213075 0 0 3 0x14280 nfsidl nfsio 94130 66799 0 0 3 0x14280 nfsidl nfsio 29385 59816 0 0 3 0x14280 nfsidl nfsio 40972 218138 0 0 3 0x14280 nfsidl nfsio 13835 50568 0 0 3 0x14280 nfsidl nfsio 37358 422296 0 0 3 0x14280 nfsidl nfsio 77623 117946 0 0 3 0x14280 nfsidl nfsio 10162 230775 0 0 3 0x14280 nfsidl nfsio 69031 474962 0 0 3 0x14280 nfsidl nfsio 5853 324317 0 0 3 0x14280 nfsidl nfsio 57244 405321 0 0 3 0x14280 nfsidl nfsio 92545 11609 0 0 3 0x14280 nfsidl nfsio 96305 290326 0 0 3 0x14280 nfsidl nfsio 92952 118682 0 0 3 0x14200 bored sosplice 4536 131222 64337 0 3 0x82 nanoslp syz-executor 58169 507321 64337 0 2 0xc82 syz-executor 35599 148950 64337 0 3 0x82 nanoslp syz-executor 62920 139110 64337 0 3 0x82 wait syz-executor 72994 380253 64337 0 2 0xc82 syz-executor 96420 384087 64337 0 2 0xc82 syz-executor 74076 236703 64337 0 3 0x82 nanoslp syz-executor 49369 294064 64337 0 3 0x82 nanoslp syz-executor 64337 101885 49898 0 3 0x82 kqread syz-executor 49898 304148 96841 0 3 0x10008a sigsusp ksh 96841 23793 10552 0 3 0x98 kqread sshd-session 10552 236362 28038 0 3 0x92 kqread sshd-session 85252 102387 1 0 3 0x100083 ttyin getty 28038 93127 1 0 3 0x88 kqread sshd 53316 108460 59458 73 3 0x1100090 kqread syslogd 59458 71115 1 0 3 0x100082 sbwait syslogd 97299 116622 1 0 3 0x100080 kqread resolvd 33653 145042 63714 77 3 0x100092 kqread dhcpleased 51299 240569 63714 77 3 0x100092 kqread dhcpleased 63714 494296 1 0 3 0x80 kqread dhcpleased 94426 488236 0 0 3 0x14200 bored smr 6237 301778 0 0 2 0x14200 zerothread 25583 285484 0 0 3 0x14200 aiodoned aiodoned 49672 375381 0 0 3 0x14200 syncer update 80409 164715 0 0 3 0x14200 cleaner cleaner 24390 434571 0 0 3 0x14200 reaper reaper 39270 104387 0 0 3 0x14200 pgdaemon pagedaemon 90022 49952 0 0 3 0x14200 bored viomb 23630 246495 0 0 3 0x40014200 acpi0 acpi0 86592 322288 0 0 3 0x14200 bored softnet0 16249 369144 0 0 3 0x14200 bored systqmp 70353 387050 0 0 3 0x14200 bored systq 19251 27301 0 0 3 0x40014200 tmoslp softclock 40312 29346 0 0 3 0x40014200 idle0 1 361474 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10177 11067K 11382K 166960K 11977 0 pcb 18 18K 21K 166960K 193 0 rtable 208 8K 8K 166960K 336 0 pf 30 12K 16K 166960K 61 0 ifaddr 41 7K 7K 166960K 61 0 ifgroup 50 2K 2K 166960K 80 0 sysctl 2 1K 9K 166960K 8 0 counters 32 17K 18K 166960K 53 0 ioctlops 0 0K 4K 166960K 145 0 iov 0 0K 16K 166960K 18 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1408 89K 89K 166960K 1700 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 1K 5K 166960K 5 0 VM map 2 1K 1K 166960K 2 0 sem 12 0K 0K 166960K 85 0 dirhash 12 2K 2K 166960K 18 0 ACPI 1692 195K 286K 166960K 12470 0 file desc 18 65K 97K 166960K 430 0 sigio 0 0K 0K 166960K 7 0 proc 63 67K 124K 166960K 516 0 subproc 72 4K 4K 166960K 72 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 0 0K 0K 166960K 39 0 in_multi 95 7K 7K 166960K 114 0 ether_multi 1 0K 0K 166960K 2 0 mrt 2 0K 0K 166960K 3 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 73 334K 334K 166960K 73 0 exec 0 0K 1K 166960K 390 0 fusefs mount 1 32K 32K 166960K 1 0 pfkey data 0 0K 0K 166960K 1 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 250 160K 175K 166960K 5365 0 UVM aobj 74 3K 3K 166960K 76 0 pinsyscall 39 78K 96K 166960K 1452 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 0K 166960K 17 0 NDP 11 0K 2K 166960K 38 0 temp 51 8641K 8708K 166960K 15964 0 kqueue 15 24K 30K 166960K 76 0 SYN cache 2 16K 16K 166960K 2 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle rtpcb 120 222 0 218 3 2 1 3 0 8 0 rtentry 136 110 0 25 4 0 4 4 0 8 0 unpcb 144 358 0 340 3 1 2 2 0 8 1 syncache 336 3 0 3 1 1 0 1 0 8 0 tcpcb 736 135 0 131 7 6 1 7 0 8 0 arp 96 11 0 0 1 0 1 1 0 8 0 ipq 40 4 0 0 1 0 1 1 0 8 0 ipqe 40 6 0 1 1 0 1 1 0 8 0 inpcb 328 484 0 475 10 8 2 10 0 8 0 ip6q 72 4 0 2 1 0 1 1 0 8 0 ip6af 40 8 0 5 1 0 1 1 0 8 0 nd6 112 22 0 3 1 0 1 1 0 8 0 pkpcb 40 2 0 2 1 1 0 1 0 8 0 kcovpl 48 8 0 0 1 0 1 1 0 8 0 ppxss 1072 18 0 18 2 1 1 1 0 8 1 pppxif 1384 2 0 2 1 1 0 1 0 8 0 art_heap8 4096 3 0 0 3 0 3 3 0 8 0 art_heap4 256 518 0 84 30 2 28 30 0 8 0 art_table 40 521 0 84 5 0 5 5 0 8 0 art_node 32 109 0 33 1 0 1 1 0 8 0 sysvmsgpl 40 3 0 2 1 0 1 1 0 8 0 semupl 112 2 0 2 1 1 0 1 0 8 0 semapl 112 81 0 71 1 0 1 1 0 8 0 shmpl 112 73 0 2 3 0 3 3 0 8 0 dirhash 1024 21 0 4 3 0 3 3 0 8 0 dino2pl 256 2163 0 661 95 0 95 95 0 8 0 ffsino 256 2163 0 661 95 0 95 95 0 8 0 nchpl 144 2794 0 1110 63 0 63 63 0 8 0 rtmask 32 5 0 5 1 1 0 1 0 8 0 uvmvnodes 80 2426 0 0 50 0 50 50 0 8 0 vnodes 216 2426 0 0 135 0 135 135 0 8 0 namei 1024 9523 0 9523 3 2 1 2 0 8 1 kstatmem 264 44 0 22 2 0 2 2 0 8 0 scxspl 216 9199 0 9199 9 7 2 8 1 8 2 plimitpl 152 94 0 77 1 0 1 1 0 8 0 sigapl 424 726 0 661 8 0 8 8 0 8 0 knotepl 120 31889 0 31701 23 13 10 16 0 8 4 kqueuepl 184 124 0 112 1 0 1 1 0 8 0 pipepl 304 127 0 100 3 0 3 3 0 8 0 fdescpl 448 691 0 661 5 1 4 5 0 8 0 filepl 120 4327 0 4100 14 4 10 12 0 8 2 lockfpl 104 276 0 273 2 1 1 2 0 8 0 lockfspl 48 70 0 67 1 0 1 1 0 8 0 sessionpl 144 21 0 13 1 0 1 1 0 8 0 pgrppl 48 33 0 17 1 0 1 1 0 8 0 ucredpl 104 599 0 587 1 0 1 1 0 8 0 zombiepl 144 714 0 712 1 0 1 1 0 8 0 processpl 1152 726 0 661 5 0 5 5 0 8 0 procpl 664 1210 0 1131 7 0 7 7 0 8 0 sosppl 168 3 0 3 1 1 0 1 0 8 0 sockpl 552 1137 0 1106 12 7 5 10 0 8 2 mcl64k 65536 21 0 20 1 0 1 1 0 8 0 mcl16k 16384 1 0 1 1 1 0 1 0 8 0 mcl12k 12288 1 0 1 1 1 0 1 0 8 0 mcl9k 9216 1 0 1 1 1 0 1 0 8 0 mcl8k 8192 13 0 13 2 1 1 1 0 8 1 mcl4k 4096 2849 0 2793 15 7 8 14 0 8 0 mcl2k 2048 630 0 624 3 0 3 3 0 8 1 mtagpl 96 5 0 4 2 1 1 1 0 8 0 mbufpl 256 7266 0 7065 29 15 14 28 0 8 0 bufpl 280 3630 0 121 251 0 251 251 0 8 0 anonpl 24 123952 0 120555 54 22 32 45 0 187 8 amapchunkpl 152 17196 0 16641 36 13 23 32 0 158 1 amappl16 200 2101 0 2068 15 12 3 15 0 8 0 amappl15 192 5 0 5 1 1 0 1 0 8 0 amappl14 184 103 0 93 1 0 1 1 0 8 0 amappl13 176 3 0 2 1 0 1 1 0 8 0 amappl12 168 1296 0 1266 3 1 2 3 0 8 0 amappl11 160 128 0 118 1 0 1 1 0 8 0 amappl10 152 7 0 7 1 1 0 1 0 8 0 amappl9 144 281 0 281 1 1 0 1 0 8 0 amappl8 136 47 0 46 1 0 1 1 0 8 0 amappl7 128 94 0 83 1 0 1 1 0 8 0 amappl6 120 172 0 168 1 0 1 1 0 8 0 amappl5 112 112 0 105 1 0 1 1 0 8 0 amappl4 104 273 0 259 1 0 1 1 0 8 0 amappl3 96 2869 0 2763 3 0 3 3 0 8 0 amappl2 88 913 0 841 2 0 2 2 0 8 0 amappl1 80 9092 0 8541 13 0 13 13 0 8 0 amappl 88 4678 0 4492 5 0 5 5 0 92 0 dma16384 16384 1 0 1 1 1 0 1 0 8 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 75 0 2 2 0 2 2 0 8 0 uaddrrnd 24 691 0 661 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 691 0 661 1 0 1 1 0 8 0 vmmpekpl 168 6916 0 6887 2 0 2 2 0 8 0 vmmpepl 168 48905 0 46987 94 10 84 93 0 357 0 vmsppl 368 690 0 661 4 1 3 4 0 8 0 rwobjpl 40 17586 0 14211 35 0 35 35 0 8 0 pdppl 4096 1388 0 1322 98 32 66 82 0 8 0 pvpl 32 312091 0 302412 113 21 92 106 0 265 11 pmappl 216 690 0 661 3 0 3 3 0 8 0 extentpl 40 45 0 27 1 0 1 1 0 8 0 phpool 112 399 0 72 11 0 11 11 0 8 0 ddb> machine ddbcpu 0 No such command ddb> trace arp_rtrequest(ffff800000039058,1,fffffd80691fd2c0) at arp_rtrequest+0x6a4 arprequest sys/netinet/if_ether.c:325 [inline] arp_rtrequest(ffff800000039058,1,fffffd80691fd2c0) at arp_rtrequest+0x6a4 sys/netinet/if_ether.c:226 rtrequest(1,ffff80003bd312e0,0,ffff80003bd31250,16) at rtrequest+0xf08 sys/net/route.c:1114 rtm_output(ffff800000b50900,ffff80003bd31388,ffff80003bd312e0,0,16) at rtm_output+0x91a sys/net/rtsock.c:953 route_output(fffffd8074db6100,ffff800010fd5390) at route_output+0xa2b sys/net/rtsock.c:858 route_send(ffff800010fd5390,fffffd8074db6100,0,0) at route_send+0xd7 sys/net/rtsock.c:322 sosend(ffff800010fd5390,0,ffff80003bd31538,0,0,808) at sosend+0x804 sys/kern/uipc_socket.c:-1 sendit(ffff800034508d20,9,ffff80003bd31630,808,ffff80003bd316d0) at sendit+0x5a5 sys/kern/uipc_syscalls.c:785 sys_sendto(ffff800034508d20,ffff80003bd31780,ffff80003bd316d0) at sys_sendto+0x8d sys/kern/uipc_syscalls.c:563 syscall(ffff80003bd31780) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80003bd31780) at syscall+0x962 sys/arch/amd64/amd64/trap.c:748 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x68aa736f210, count: -10 ddb> machine ddbcpu 1 No such command ddb> trace arp_rtrequest(ffff800000039058,1,fffffd80691fd2c0) at arp_rtrequest+0x6a4 arprequest sys/netinet/if_ether.c:325 [inline] arp_rtrequest(ffff800000039058,1,fffffd80691fd2c0) at arp_rtrequest+0x6a4 sys/netinet/if_ether.c:226 rtrequest(1,ffff80003bd312e0,0,ffff80003bd31250,16) at rtrequest+0xf08 sys/net/route.c:1114 rtm_output(ffff800000b50900,ffff80003bd31388,ffff80003bd312e0,0,16) at rtm_output+0x91a sys/net/rtsock.c:953 route_output(fffffd8074db6100,ffff800010fd5390) at route_output+0xa2b sys/net/rtsock.c:858 route_send(ffff800010fd5390,fffffd8074db6100,0,0) at route_send+0xd7 sys/net/rtsock.c:322 sosend(ffff800010fd5390,0,ffff80003bd31538,0,0,808) at sosend+0x804 sys/kern/uipc_socket.c:-1 sendit(ffff800034508d20,9,ffff80003bd31630,808,ffff80003bd316d0) at sendit+0x5a5 sys/kern/uipc_syscalls.c:785 sys_sendto(ffff800034508d20,ffff80003bd31780,ffff80003bd316d0) at sys_sendto+0x8d sys/kern/uipc_syscalls.c:563 syscall(ffff80003bd31780) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80003bd31780) at syscall+0x962 sys/arch/amd64/amd64/trap.c:748 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x68aa736f210, count: -10