uvm_fault(0xfffffd8069d695d0, 0x4, 0, 1) -> e kernel: page fault trap, code=0 Stopped at igmp_leavegroup+0xaf: movl 0x4(%rax),%r12d TID PID UID PRFLAGS PFLAGS CPU COMMAND * 42905 68980 0 0 0x4000000 0 syz-executor.0 igmp_leavegroup(ffff800000e27c40,ffff8000006b7000) at igmp_leavegroup+0xaf sys/netinet/igmp.c:512 in_delmulti(ffff800000e27c40) at in_delmulti+0xd8 sys/netinet/in.c:908 ip_freemoptions(ffff8000006c6360) at ip_freemoptions+0x5d sys/netinet/ip_output.c:1770 in_pcbdetach(fffffd8073bcb410) at in_pcbdetach+0x97 sys/netinet/in_pcb.c:591 udp_detach(fffffd806f2971d0) at udp_detach+0x3f sys/netinet/udp_usrreq.c:1113 soclose(fffffd806f2971d0,0) at soclose+0x253 pru_detach sys/sys/protosw.h:281 [inline] soclose(fffffd806f2971d0,0) at soclose+0x253 sys/kern/uipc_socket.c:397 soo_close(fffffd807d3ce810,ffff800021703368) at soo_close+0x44 fdrop(fffffd807d3ce810,ffff800021703368) at fdrop+0xcb sys/kern/kern_descrip.c:1274 closef(fffffd807d3ce810,ffff800021703368) at closef+0x11b sys/kern/kern_descrip.c:1258 syscall(ffff8000265f1890) at syscall+0x4a8 sys/arch/amd64/amd64/trap.c:632 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xd44aae5750, count: 4 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic *cpu0: uvm_fault(0xfffffd8069d695d0, 0x4, 0, 1) -> e ddb> trace igmp_leavegroup(ffff800000e27c40,ffff8000006b7000) at igmp_leavegroup+0xaf sys/netinet/igmp.c:512 in_delmulti(ffff800000e27c40) at in_delmulti+0xd8 sys/netinet/in.c:908 ip_freemoptions(ffff8000006c6360) at ip_freemoptions+0x5d sys/netinet/ip_output.c:1770 in_pcbdetach(fffffd8073bcb410) at in_pcbdetach+0x97 sys/netinet/in_pcb.c:591 udp_detach(fffffd806f2971d0) at udp_detach+0x3f sys/netinet/udp_usrreq.c:1113 soclose(fffffd806f2971d0,0) at soclose+0x253 pru_detach sys/sys/protosw.h:281 [inline] soclose(fffffd806f2971d0,0) at soclose+0x253 sys/kern/uipc_socket.c:397 soo_close(fffffd807d3ce810,ffff800021703368) at soo_close+0x44 fdrop(fffffd807d3ce810,ffff800021703368) at fdrop+0xcb sys/kern/kern_descrip.c:1274 closef(fffffd807d3ce810,ffff800021703368) at closef+0x11b sys/kern/kern_descrip.c:1258 syscall(ffff8000265f1890) at syscall+0x4a8 sys/arch/amd64/amd64/trap.c:632 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xd44aae5750, count: -11 ddb> show registers rdi 0 rsi 0 rbp 0xffff8000265f1560 rbx 0 rdx 0xffff800000ce1080 rcx 0x7f rax 0 r8 0 r9 0xe r10 0xc6bb8db6ca45d0c5 r11 0x9927bc822a7c6f19 r12 0 r13 0x3 r14 0xffff800000e27c40 r15 0xffff8000006b7000 rip 0xffffffff8242c08f igmp_leavegroup+0xaf cs 0x8 rflags 0x10246 __ALIGN_SIZE+0xf246 rsp 0xffff8000265f1530 ss 0x10 igmp_leavegroup+0xaf: movl 0x4(%rax),%r12d ddb> show proc PROC (syz-executor.0) pid=42905 stat=onproc flags process=0 proc=4000000 pri=32, usrpri=81, nice=20 forw=0xffffffffffffffff, list=0xffff8000216d1b58,0xffffffff82c46158 process=0xffff8000216f5ba0 user=0xffff8000265ec000, vmspace=0xfffffd8069d695d0 estcpu=36, cpticks=2, pctcpu=0.0 user=0, sys=1, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 68980 159840 14130 0 2 0 syz-executor.0 *68980 42905 14130 0 7 0x4000000 syz-executor.0 21089 170265 92492 0 2 0 syz-executor.5 21089 87971 92492 0 2 0x4000000 syz-executor.5 77025 303306 16307 0 2 0 syz-executor.1 77025 147985 16307 0 3 0x4000080 fsleep syz-executor.1 77025 403762 16307 0 3 0x4000080 fsleep syz-executor.1 12177 15456 87912 0 2 0 syz-executor.3 12177 138219 87912 0 3 0x4000080 fsleep syz-executor.3 12177 22674 87912 0 3 0x4000080 fsleep syz-executor.3 12177 29042 87912 0 3 0x4000080 fsleep syz-executor.3 3899 196121 54832 0 2 0x480 syz-executor.4 3899 264169 54832 0 3 0x4000080 fsleep syz-executor.4 3899 374448 54832 0 2 0x4000000 syz-executor.4 3899 456861 54832 0 3 0x4000080 fsleep syz-executor.4 54832 28153 34618 0 3 0x82 nanoslp syz-executor.4 35821 91656 34618 0 2 0x2 syz-executor.6 26421 322069 34618 0 2 0x482 syz-executor.2 92492 360507 34618 0 2 0x482 syz-executor.5 81866 137204 0 0 3 0x14200 acct acct 98905 433132 0 0 3 0x14280 nfsidl nfsio 16649 156609 0 0 3 0x14280 nfsidl nfsio 9987 507824 0 0 3 0x14280 nfsidl nfsio 15420 55402 0 0 3 0x14280 nfsidl nfsio 71349 496593 0 0 3 0x14280 nfsidl nfsio 70946 66576 0 0 3 0x14280 nfsidl nfsio 87365 162578 0 0 3 0x14280 nfsidl nfsio 37365 96930 0 0 3 0x14280 nfsidl nfsio 56563 221631 0 0 3 0x14280 nfsidl nfsio 43277 158751 0 0 3 0x14280 nfsidl nfsio 99865 135392 0 0 3 0x14280 nfsidl nfsio 78542 447040 0 0 3 0x14280 nfsidl nfsio 19924 362140 0 0 3 0x14280 nfsidl nfsio 15003 473343 0 0 3 0x14280 nfsidl nfsio 15423 332778 0 0 3 0x14280 nfsidl nfsio 15084 119642 0 0 3 0x14280 nfsidl nfsio 50399 246491 0 0 3 0x14280 nfsidl nfsio 2649 382687 0 0 3 0x14280 nfsidl nfsio 3746 47455 0 0 3 0x14280 nfsidl nfsio 52952 275806 0 0 3 0x14280 nfsidl nfsio 5734 33253 0 0 3 0x14200 bored sosplice 69343 249917 34618 0 2 0x482 syz-executor.7 87912 297736 34618 0 3 0x82 nanoslp syz-executor.3 16307 424517 34618 0 3 0x82 nanoslp syz-executor.1 14130 256639 34618 0 3 0x82 nanoslp syz-executor.0 34618 104166 68866 0 3 0x82 thrsleep syz-fuzzer 34618 410210 68866 0 3 0x4000082 thrsleep syz-fuzzer 34618 95081 68866 0 3 0x4000082 thrsleep syz-fuzzer 34618 168132 68866 0 3 0x4000082 thrsleep syz-fuzzer 34618 206098 68866 0 3 0x4000082 wait syz-fuzzer 34618 369523 68866 0 3 0x4000082 wait syz-fuzzer 34618 407303 68866 0 3 0x4000082 wait syz-fuzzer 34618 179721 68866 0 3 0x4000082 wait syz-fuzzer 34618 186729 68866 0 3 0x4000082 wait syz-fuzzer 34618 8017 68866 0 3 0x4000082 thrsleep syz-fuzzer 34618 516442 68866 0 3 0x4000082 wait syz-fuzzer 34618 443404 68866 0 3 0x4000082 wait syz-fuzzer 34618 345464 68866 0 3 0x4000082 wait syz-fuzzer 34618 215643 68866 0 3 0x4000082 kqread syz-fuzzer 68866 120861 38061 0 3 0x10008a sigsusp ksh 38061 2290 54 0 3 0x9a kqread sshd 63221 75413 1 0 3 0x100083 ttyin getty 54 133035 1 0 3 0x88 kqread sshd 12494 97805 77442 73 3 0x1100090 kqread syslogd 77442 287643 1 0 3 0x100082 netio syslogd 7697 59752 1 0 3 0x100080 kqread resolvd 645 264118 87312 77 3 0x100092 kqread dhcpleased 2393 436347 87312 77 3 0x100092 kqread dhcpleased 87312 299944 1 0 3 0x80 kqread dhcpleased 42662 472715 0 0 3 0x14200 bored smr 90772 301022 0 0 2 0x14200 zerothread 19552 457524 0 0 3 0x14200 aiodoned aiodoned 627 30772 0 0 3 0x14200 syncer update 83513 258416 0 0 3 0x14200 cleaner cleaner 35247 493339 0 0 3 0x14200 reaper reaper 72449 249176 0 0 3 0x14200 pgdaemon pagedaemon 3631 285924 0 0 3 0x14200 bored viomb 77937 416872 0 0 3 0x40014200 acpi0 acpi0 7476 274465 0 0 3 0x14200 bored softnet3 27754 387872 0 0 3 0x14200 bored softnet2 36382 217025 0 0 3 0x14200 bored softnet1 59561 90043 0 0 3 0x14200 bored softnet0 60965 260650 0 0 3 0x14200 bored systqmp 51529 450152 0 0 3 0x14200 bored systq 13946 335363 0 0 2 0x40014200 softclock 96713 397340 0 0 3 0x40014200 idle0 1 473584 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10191 6412K 6833K 78643K 14001 0 pcb 13 13K 14K 78643K 261 0 rtable 152 10K 10K 78643K 684 0 ifaddr 63 18K 22K 78643K 272 0 sysctl 2 0K 0K 78643K 2 0 counters 26 17K 17K 78643K 89 0 ioctlops 0 0K 2K 78643K 282 0 iov 0 0K 24K 78643K 164 0 mount 1 1K 1K 78643K 1 0 log 0 0K 0K 78643K 4 0 vnodes 1699 106K 106K 78643K 3124 0 UFS quota 1 32K 32K 78643K 1 0 UFS mount 5 36K 36K 78643K 5 0 shm 2 1K 9K 78643K 37 0 VM map 2 1K 1K 78643K 2 0 sem 12 0K 0K 78643K 544 0 dirhash 12 2K 2K 78643K 12 0 ACPI 1697 195K 286K 78643K 12548 0 file desc 15 53K 77K 78643K 1986 0 sigio 0 0K 0K 78643K 101 0 proc 60 67K 75K 78643K 755 0 subproc 104 6K 6K 78643K 195 0 NFS srvsock 1 0K 0K 78643K 1 0 NFS daemon 1 16K 16K 78643K 1 0 ip_moptions 2 0K 1K 78643K 1028 0 in_multi 63 4K 6K 78643K 448 0 ether_multi 1 0K 0K 78643K 16 0 mrt 1 0K 0K 78643K 1 0 ISOFS mount 1 32K 32K 78643K 1 0 MSDOSFS mount 1 16K 16K 78643K 1 0 ttys 217 970K 970K 78643K 217 0 exec 0 0K 1K 78643K 711 0 tdb 3 0K 0K 78643K 3 0 pagedep 1 8K 8K 78643K 1 0 inodedep 1 32K 32K 78643K 1 0 newblk 1 0K 0K 78643K 1 0 VM swap 8 62K 64K 78643K 10 0 UVM amap 337 86K 91K 78643K 21226 0 UVM aobj 131 4K 4K 78643K 134 0 memdesc 1 4K 4K 78643K 1 0 crypto data 1 1K 1K 78643K 1 0 ip6_options 0 0K 0K 78643K 59 0 NDP 13 0K 1K 78643K 94 0 temp 124 5858K 14054K 78643K 22116 0 kqueue 13 20K 24K 78643K 219 0 SYN cache 2 16K 16K 78643K 2 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle rtpcb 120 166 0 163 3 2 1 3 0 8 0 rtentry 112 216 0 154 4 1 3 4 0 8 0 unpcb 144 2166 0 2153 27 20 7 10 0 8 6 syncache 296 10 0 10 2 1 1 1 0 8 1 tcpqe 32 45 0 45 2 1 1 1 0 8 1 tcpcb 776 429 0 422 15 11 4 7 0 8 2 arp 88 32 0 22 1 0 1 1 0 8 0 ipq 40 4 0 4 1 1 0 1 0 8 0 ipqe 40 10 0 10 1 1 0 1 0 8 0 inpcb 336 3046 0 3030 44 37 7 12 0 8 5 nd6 104 49 0 34 1 0 1 1 0 8 0 pkpcb 40 6 0 6 1 1 0 1 0 8 0 kcovpl 48 15 0 7 1 0 1 1 0 8 0 mppekey 1024 3 0 3 1 1 0 1 0 8 0 ppxss 1160 34 0 34 5 5 0 1 0 8 0 pppxif 1360 9 0 9 2 2 0 1 0 8 0 pfstscr 40 3 0 2 1 0 1 1 0 8 0 pfanchor 1288 132 0 0 11 0 11 11 0 8 0 pfstitem 24 2 0 0 1 0 1 1 0 8 0 pfstkey 128 6 0 4 1 0 1 1 0 8 0 pfstate 352 3 0 2 1 0 1 1 0 8 0 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 1026 0 741 34 12 22 30 0 8 4 art_table 32 1027 0 741 4 0 4 4 0 8 0 art_node 16 212 0 159 1 0 1 1 0 8 0 sysvmsgpl 40 14 0 6 1 0 1 1 0 8 0 semupl 112 1 0 1 1 1 0 1 0 8 0 semapl 112 540 0 530 1 0 1 1 0 8 0 shmpl 112 131 0 3 4 0 4 4 0 8 0 dirhash 1024 17 0 0 3 0 3 3 0 8 0 dino2pl 256 4047 0 2606 91 0 91 91 0 8 0 ffsino 240 4047 0 2606 85 0 85 85 0 8 0 nchpl 144 6940 0 5286 63 0 63 63 0 8 0 rtmask 32 2 0 2 1 1 0 1 0 8 0 uvmvnodes 80 5602 0 0 115 0 115 115 0 8 0 vnodes 216 5602 0 0 312 0 312 312 0 8 0 namei 1024 25866 0 25865 6 5 1 3 0 8 0 kstatmem 264 118 0 96 2 0 2 2 0 8 0 scsiplug 72 4 0 4 2 1 1 1 0 8 1 scxspl 216 19946 0 19946 12 10 2 8 0 8 2 plimitpl 152 468 0 453 1 0 1 1 0 8 0 sigapl 424 2296 0 2230 8 0 8 8 0 8 0 futexpl 64 21200 0 21193 1 0 1 1 0 8 0 knotepl 120 62984 0 62904 39 34 5 17 0 8 0 kqueuepl 184 452 0 443 7 4 3 4 0 8 2 pipepl 288 547 0 519 13 10 3 7 0 8 0 fdescpl 432 2256 0 2230 5 1 4 4 0 8 0 filepl 120 17429 0 17182 46 32 14 17 0 8 6 lockfpl 104 627 0 624 2 1 1 2 0 8 0 lockfspl 48 300 0 297 1 0 1 1 0 8 0 sessionpl 144 30 0 14 1 0 1 1 0 8 0 pgrppl 48 40 0 24 1 0 1 1 0 8 0 ucredpl 104 1946 0 1936 1 0 1 1 0 8 0 zombiepl 144 2232 0 2230 2 1 1 1 0 8 0 processpl 1008 2296 0 2230 10 1 9 9 0 8 0 procpl 696 5589 0 5500 15 6 9 10 0 8 0 sosppl 168 40 0 38 8 7 1 1 0 8 0 sockpl 456 5384 0 5351 158 147 11 34 0 8 6 mcl64k 65536 80 0 80 9 8 1 1 0 8 1 mcl16k 16384 42 0 42 10 9 1 1 0 8 1 mcl12k 12288 75 0 75 6 5 1 1 0 8 1 mcl9k 9216 30 0 30 8 7 1 1 0 8 1 mcl8k 8192 94 0 94 9 8 1 1 0 8 1 mcl4k 4096 276 0 276 4 3 1 1 0 8 1 mcl2k2 2112 82 0 82 5 4 1 1 0 8 1 mcl2k 2048 74457 0 74417 33 27 6 28 0 8 0 mtagpl 96 128 0 111 4 2 2 3 0 8 0 mbufpl 256 141243 0 141121 212 196 16 112 0 8 1 bufpl 288 7114 0 726 457 0 457 457 0 8 0 anonpl 24 377695 0 363428 137 26 111 119 0 188 1 amapchunkpl 152 68740 0 67856 61 18 43 43 0 158 5 amappl16 200 9437 0 8961 59 20 39 39 0 8 13 amappl15 192 61 0 61 1 1 0 1 0 8 0 amappl14 184 176 0 164 2 1 1 2 0 8 0 amappl13 176 14 0 13 1 0 1 1 0 8 0 amappl12 168 2982 0 2955 3 1 2 2 0 8 0 amappl11 160 65 0 54 1 0 1 1 0 8 0 amappl10 152 41 0 31 1 0 1 1 0 8 0 amappl9 144 170 0 169 3 2 1 2 0 8 0 amappl8 136 241 0 184 3 0 3 3 0 8 0 amappl7 128 64 0 49 1 0 1 1 0 8 0 amappl6 120 325 0 305 2 1 1 2 0 8 0 amappl5 112 209 0 202 1 0 1 1 0 8 0 amappl4 104 727 0 695 2 1 1 2 0 8 0 amappl3 96 13477 0 13396 5 2 3 3 0 8 0 amappl2 88 2505 0 2450 4 2 2 3 0 8 0 amappl1 80 16930 0 16427 22 11 11 22 0 8 0 amappl 88 20632 0 20402 6 0 6 6 0 92 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 133 0 3 3 0 3 3 0 8 0 uaddrrnd 24 2256 0 2230 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 2256 0 2230 1 0 1 1 0 8 0 vmmpekpl 168 23105 0 23056 3 0 3 3 0 8 0 vmmpepl 168 158481 0 156262 190 73 117 128 0 357 13 vmsppl 368 2255 0 2230 3 0 3 3 0 8 0 rwobjpl 24 50775 0 43563 47 1 46 46 0 8 0 pdppl 4096 4519 0 4460 249 184 65 71 0 8 6 pvpl 32 877057 0 857532 423 230 193 360 0 265 6 pmappl 216 2255 0 2230 3 1 2 2 0 8 0 extentpl 40 56 0 38 1 0 1 1 0 8 0 phpool 112 1269 0 504 23 1 22 22 0 8 0 ddb> machine ddbcpu 0 No such command ddb> trace igmp_leavegroup(ffff800000e27c40,ffff8000006b7000) at igmp_leavegroup+0xaf sys/netinet/igmp.c:512 in_delmulti(ffff800000e27c40) at in_delmulti+0xd8 sys/netinet/in.c:908 ip_freemoptions(ffff8000006c6360) at ip_freemoptions+0x5d sys/netinet/ip_output.c:1770 in_pcbdetach(fffffd8073bcb410) at in_pcbdetach+0x97 sys/netinet/in_pcb.c:591 udp_detach(fffffd806f2971d0) at udp_detach+0x3f sys/netinet/udp_usrreq.c:1113 soclose(fffffd806f2971d0,0) at soclose+0x253 pru_detach sys/sys/protosw.h:281 [inline] soclose(fffffd806f2971d0,0) at soclose+0x253 sys/kern/uipc_socket.c:397 soo_close(fffffd807d3ce810,ffff800021703368) at soo_close+0x44 fdrop(fffffd807d3ce810,ffff800021703368) at fdrop+0xcb sys/kern/kern_descrip.c:1274 closef(fffffd807d3ce810,ffff800021703368) at closef+0x11b sys/kern/kern_descrip.c:1258 syscall(ffff8000265f1890) at syscall+0x4a8 sys/arch/amd64/amd64/trap.c:632 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xd44aae5750, count: -11 ddb> machine ddbcpu 1 No such command ddb> trace igmp_leavegroup(ffff800000e27c40,ffff8000006b7000) at igmp_leavegroup+0xaf sys/netinet/igmp.c:512 in_delmulti(ffff800000e27c40) at in_delmulti+0xd8 sys/netinet/in.c:908 ip_freemoptions(ffff8000006c6360) at ip_freemoptions+0x5d sys/netinet/ip_output.c:1770 in_pcbdetach(fffffd8073bcb410) at in_pcbdetach+0x97 sys/netinet/in_pcb.c:591 udp_detach(fffffd806f2971d0) at udp_detach+0x3f sys/netinet/udp_usrreq.c:1113 soclose(fffffd806f2971d0,0) at soclose+0x253 pru_detach sys/sys/protosw.h:281 [inline] soclose(fffffd806f2971d0,0) at soclose+0x253 sys/kern/uipc_socket.c:397 soo_close(fffffd807d3ce810,ffff800021703368) at soo_close+0x44 fdrop(fffffd807d3ce810,ffff800021703368) at fdrop+0xcb sys/kern/kern_descrip.c:1274 closef(fffffd807d3ce810,ffff800021703368) at closef+0x11b sys/kern/kern_descrip.c:1258 syscall(ffff8000265f1890) at syscall+0x4a8 sys/arch/amd64/amd64/trap.c:632 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xd44aae5750, count: -11