uvm_fault(0xffffffff82e15688, 0xffff800000e36000, 0, 1) -> e kernel: page fault trap, code=0 Stopped at arp_rtrequest+0x4e3: movzwl 0xc(%r15,%rbx,1),%ecx TID PID UID PRFLAGS PFLAGS CPU COMMAND *381704 76701 0 0x8000000 0x4000000 0 syz-executor.5 arp_rtrequest(ffff800000dd6800,1,fffffd806a2ec160) at arp_rtrequest+0x4e3 arprequest sys/netinet/if_ether.c:281 [inline] arp_rtrequest(ffff800000dd6800,1,fffffd806a2ec160) at arp_rtrequest+0x4e3 sys/netinet/if_ether.c:184 rtrequest(1,ffff800035be5688,1,ffff800035be5758,0) at rtrequest+0x9dc sys/net/route.c:1103 rt_ifa_add(ffff800000f2b700,240004,ffff800000f2b758,0) at rt_ifa_add+0x2b3 sys/net/route.c:1273 rt_ifa_addlocal(ffff800000f2b700) at rt_ifa_addlocal+0x141 sys/net/route.c:1381 in_ifinit(ffff800000dd6800,ffff800000f2b700,ffff800035be5a20,1) at in_ifinit+0x1c1 sys/netinet/in.c:669 in_ioctl_change_ifaddr(8040691a,ffff800035be5a10,ffff800000dd6800) at in_ioctl_change_ifaddr+0x67a sys/netinet/in.c:504 ifioctl(fffffd805d9a39d8,8040691a,ffff800035be5a10,ffff80002a6ae038) at ifioctl+0x104c pru_control sys/sys/protosw.h:378 [inline] ifioctl(fffffd805d9a39d8,8040691a,ffff800035be5a10,ffff80002a6ae038) at ifioctl+0x104c sys/net/if.c:2449 sys_ioctl(ffff80002a6ae038,ffff800035be5bf0,ffff800035be5b40) at sys_ioctl+0x4a5 syscall(ffff800035be5bf0) at syscall+0x72a sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xf27ee7f5f00, count: 5 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic *cpu0: uvm_fault(0xffffffff82e15688, 0xffff800000e36000, 0, 1) -> e ddb> trace arp_rtrequest(ffff800000dd6800,1,fffffd806a2ec160) at arp_rtrequest+0x4e3 arprequest sys/netinet/if_ether.c:281 [inline] arp_rtrequest(ffff800000dd6800,1,fffffd806a2ec160) at arp_rtrequest+0x4e3 sys/netinet/if_ether.c:184 rtrequest(1,ffff800035be5688,1,ffff800035be5758,0) at rtrequest+0x9dc sys/net/route.c:1103 rt_ifa_add(ffff800000f2b700,240004,ffff800000f2b758,0) at rt_ifa_add+0x2b3 sys/net/route.c:1273 rt_ifa_addlocal(ffff800000f2b700) at rt_ifa_addlocal+0x141 sys/net/route.c:1381 in_ifinit(ffff800000dd6800,ffff800000f2b700,ffff800035be5a20,1) at in_ifinit+0x1c1 sys/netinet/in.c:669 in_ioctl_change_ifaddr(8040691a,ffff800035be5a10,ffff800000dd6800) at in_ioctl_change_ifaddr+0x67a sys/netinet/in.c:504 ifioctl(fffffd805d9a39d8,8040691a,ffff800035be5a10,ffff80002a6ae038) at ifioctl+0x104c pru_control sys/sys/protosw.h:378 [inline] ifioctl(fffffd805d9a39d8,8040691a,ffff800035be5a10,ffff80002a6ae038) at ifioctl+0x104c sys/net/if.c:2449 sys_ioctl(ffff80002a6ae038,ffff800035be5bf0,ffff800035be5b40) at sys_ioctl+0x4a5 syscall(ffff800035be5bf0) at syscall+0x72a sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xf27ee7f5f00, count: -10 ddb> show registers rdi 0xffff80002cd5a000 rsi 0x2c6 rbp 0xffff800035be5570 rbx 0x14 rdx 0xffff80002cd5a000 rcx 0x100040600080100 rax 0xfffffd80758316e0 r8 0x10 r9 0xfffffd806a2ec160 r10 0xf3f14830a615520b r11 0xaf3fbcd611c5018a r12 0x6cc r13 0xfffffd8075831600 r14 0xfffffd806a2ec160 r15 0xffff800000e35fe0 rip 0xffffffff822790b3 arp_rtrequest+0x4e3 cs 0x8 rflags 0x10246 __ALIGN_SIZE+0xf246 rsp 0xffff800035be54f0 ss 0x10 arp_rtrequest+0x4e3: movzwl 0xc(%r15,%rbx,1),%ecx ddb> show proc PROC (syz-executor.5) tid=381704 pid=76701 tcnt=2 stat=onproc flags process=8000000 proc=4000000 runpri=32, usrpri=50, slppri=32, nice=20 wchan=0x0, wmesg=, ps_single=0x0 forw=0xffffffffffffffff, list=0xffff80002a6afc68,0xffff80002a6af758 process=0xffff8000377d9518 user=0xffff800035be0000, vmspace=0xfffffd80561b3438 estcpu=36, cpticks=1, pctcpu=0.0, user=0, sys=1, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 29488 345171 44708 0 2 0x8000000 syz-executor.1 31837 147758 18796 0 2 0x8000002 ndp 56620 121940 13575 0 2 0x8000000 syz-executor.6 56620 521052 13575 0 2 0xc000000 syz-executor.6 18796 462612 25701 0 3 0x810008a sigsusp sh 76701 499146 78778 0 2 0x8000000 syz-executor.5 *76701 381704 78778 0 7 0xc000000 syz-executor.5 911 320095 57849 0 2 0x8100002 sh 11966 141896 7930 0 2 0x8100002 sh 7930 203930 27026 0 3 0x8000082 wait syz-executor.0 13575 327426 27026 0 2 0x8000482 syz-executor.6 25701 362134 27026 0 3 0x8000082 wait syz-executor.3 44708 120905 27026 0 2 0x8000482 syz-executor.1 90633 459658 27026 0 2 0x8000002 syz-executor.7 78778 164386 27026 0 3 0x8000082 nanoslp syz-executor.5 57849 343040 27026 0 3 0x8000082 wait syz-executor.2 34547 243407 1 0 3 0x18100083 ttyin getty 63020 62747 0 0 3 0x14200 acct acct 85821 173062 0 0 3 0x14280 nfsidl nfsio 58055 94483 0 0 3 0x14280 nfsidl nfsio 29218 146832 0 0 3 0x14280 nfsidl nfsio 1561 396258 0 0 3 0x14280 nfsidl nfsio 45520 184612 0 0 3 0x14280 nfsidl nfsio 21532 360514 0 0 3 0x14280 nfsidl nfsio 48220 249680 0 0 3 0x14280 nfsidl nfsio 49017 200790 0 0 3 0x14280 nfsidl nfsio 7479 203018 0 0 3 0x14280 nfsidl nfsio 67810 483281 0 0 3 0x14280 nfsidl nfsio 72190 405283 0 0 3 0x14280 nfsidl nfsio 55406 259091 0 0 3 0x14280 nfsidl nfsio 36718 124939 0 0 3 0x14280 nfsidl nfsio 33201 124108 0 0 3 0x14280 nfsidl nfsio 51322 54077 0 0 3 0x14280 nfsidl nfsio 52828 371132 0 0 3 0x14280 nfsidl nfsio 60237 504192 0 0 3 0x14280 nfsidl nfsio 73867 312648 0 0 3 0x14280 nfsidl nfsio 13668 227547 0 0 3 0x14280 nfsidl nfsio 12373 250124 0 0 3 0x14280 nfsidl nfsio 69349 246402 0 0 3 0x14200 bored sosplice 27026 182030 75680 0 3 0x1a000082 thrsleep syz-fuzzer 27026 181825 75680 0 2 0x1e000002 syz-fuzzer 27026 439050 75680 0 3 0x1e000082 wait syz-fuzzer 27026 83485 75680 0 3 0x1e000082 thrsleep syz-fuzzer 27026 169037 75680 0 3 0x1e000082 wait syz-fuzzer 27026 410055 75680 0 3 0x1e000082 wait syz-fuzzer 27026 515524 75680 0 3 0x1e000082 wait syz-fuzzer 27026 232915 75680 0 3 0x1e000082 wait syz-fuzzer 27026 198382 75680 0 2 0x1e000002 syz-fuzzer 27026 330113 75680 0 3 0x1e000082 wait syz-fuzzer 27026 55554 75680 0 3 0x1e000082 thrsleep syz-fuzzer 27026 493072 75680 0 3 0x1e000082 thrsleep syz-fuzzer 27026 192515 75680 0 3 0x1e000082 thrsleep syz-fuzzer 27026 282006 75680 0 3 0x1e000082 wait syz-fuzzer 27026 96050 75680 0 2 0x1e000002 syz-fuzzer 75680 492631 58270 0 3 0x810008a sigsusp ksh 58270 706 70906 0 3 0x1800009a kqread sshd 70906 401862 1 0 3 0x18000088 kqread sshd 33723 138798 3533 73 2 0x19100010 syslogd 3533 155904 1 0 3 0x18100082 sbwait syslogd 24571 13375 1 0 3 0x18100080 kqread resolvd 74704 44969 29453 77 3 0x18100092 kqread dhcpleased 26658 349214 29453 77 3 0x18100092 kqread dhcpleased 29453 351207 1 0 3 0x18000080 kqread dhcpleased 57638 241759 0 0 3 0x14200 bored smr 94201 406836 0 0 2 0x14200 zerothread 37822 113650 0 0 3 0x14200 aiodoned aiodoned 75188 255292 0 0 3 0x14200 syncer update 63519 475239 0 0 3 0x14200 cleaner cleaner 88887 276098 0 0 3 0x14200 reaper reaper 23787 389391 0 0 3 0x14200 pgdaemon pagedaemon 15331 354139 0 0 3 0x14200 bored viomb 23536 177535 0 0 3 0x40014200 acpi0 acpi0 46288 309624 0 0 3 0x14200 bored softnet3 19720 451460 0 0 3 0x14200 bored softnet2 66618 507582 0 0 3 0x14200 bored softnet1 30247 490444 0 0 2 0x14200 softnet0 80600 449509 0 0 2 0x14200 systqmp 23740 251700 0 0 3 0x14200 bored systq 30118 204510 0 0 3 0x40014200 tmoslp softclock 13644 35524 0 0 3 0x40014200 idle0 1 91262 0 0 3 0x8000082 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10198 6422K 10918K 166960K 18466 0 pcb 17 15K 17K 166960K 499 0 rtable 216 11K 12K 166960K 6331 0 pf 31 9K 10K 166960K 510 0 ifaddr 43 13K 14K 166960K 812 0 ifgroup 54 2K 2K 166960K 955 0 sysctl 4 1K 1K 166960K 12 0 counters 31 17K 17K 166960K 253 0 ioctlops 0 0K 2K 166960K 450 0 iov 0 0K 38K 166960K 158 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1463 92K 93K 166960K 6501 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 68K 76K 166960K 77 0 VM map 2 1K 1K 166960K 2 0 sem 12 0K 1K 166960K 354 0 dirhash 12 2K 3K 166960K 159 0 ACPI 1697 195K 286K 166960K 12548 0 file desc 16 57K 113K 166960K 5966 0 sigio 0 0K 0K 166960K 110 0 proc 58 59K 124K 166960K 5612 0 subproc 91 5K 8K 166960K 2522 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 0 0K 0K 166960K 598 0 in_multi 89 6K 7K 166960K 2107 0 ether_multi 1 0K 0K 166960K 29 0 mrt 1 0K 0K 166960K 20 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 223 996K 996K 166960K 223 0 exec 0 0K 1K 166960K 3044 0 pfkey data 0 0K 4K 166960K 9 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 270 138K 167K 166960K 45479 0 UVM aobj 47 2K 4K 166960K 51 0 pinsyscall 36 72K 113K 166960K 11828 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 0K 166960K 230 0 NDP 26 1K 2K 166960K 594 0 temp 70 6811K 6939K 166960K 171116 0 kqueue 12 18K 28K 166960K 562 0 SYN cache 2 16K 16K 166960K 2 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle rtpcb 120 634 0 631 1 0 1 1 0 8 0 rtentry 112 2334 0 2239 4 0 4 4 0 8 1 unpcb 144 2567 0 2554 4 0 4 4 0 8 3 syncache 336 5 0 5 1 0 1 1 0 8 1 tcpqe 32 107 0 107 1 0 1 1 0 8 1 tcpcb 808 1303 0 1298 11 2 9 11 0 8 8 arp 88 465 0 448 1 0 1 1 0 8 0 ipq 40 13 0 12 1 0 1 1 0 8 0 ipqe 40 196 0 195 1 0 1 1 0 8 0 inpcb 352 5075 0 5064 13 4 9 11 0 8 8 nd6 104 578 0 560 1 0 1 1 0 8 0 pkpcb 40 21 0 21 1 0 1 1 0 8 1 kcovpl 48 194 0 187 1 0 1 1 0 8 0 ppxss 1072 11 0 11 1 0 1 1 0 8 1 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 8332 0 7929 110 84 26 31 0 8 0 art_table 32 8333 0 7929 4 0 4 4 0 8 0 art_node 16 2322 0 2237 1 0 1 1 0 8 0 sysvmsgpl 40 21 0 7 1 0 1 1 0 8 0 semupl 112 4 0 4 1 0 1 1 0 8 1 semapl 112 349 0 339 1 0 1 1 0 8 0 shmpl 112 48 0 4 2 0 2 2 0 8 0 dirhash 1024 115 0 98 3 0 3 3 0 8 0 dino2pl 256 7642 0 6123 96 0 96 96 0 8 0 ffsino 240 7642 0 6123 91 0 91 91 0 8 0 nchpl 144 14057 0 12321 67 0 67 67 0 8 1 uvmvnodes 80 10018 0 0 205 0 205 205 0 8 0 vnodes 216 10018 0 0 557 0 557 557 0 8 0 namei 1024 65156 0 65155 2 0 2 2 0 8 1 vcpupl 3904 40 0 0 5 0 5 5 0 8 0 vmpool 664 59 0 19 4 0 4 4 0 8 0 kstatmem 264 468 0 444 2 0 2 2 0 8 0 scsiplug 72 7 0 7 1 0 1 1 0 8 1 scxspl 216 113487 0 113487 8 0 8 8 1 8 8 plimitpl 152 744 0 729 1 0 1 1 0 8 0 sigapl 424 5920 0 5855 9 0 9 9 0 8 0 futexpl 64 61209 0 61209 1 0 1 1 0 8 1 knotepl 120 16834 0 16748 11 0 11 11 0 8 7 kqueuepl 184 1079 0 1071 4 0 4 4 0 8 3 pipepl 288 1217 0 1190 3 0 3 3 0 8 0 fdescpl 432 5881 0 5854 5 0 5 5 0 8 1 filepl 120 32446 0 32224 13 0 13 13 0 8 6 lockfpl 104 1023 0 1020 1 0 1 1 0 8 0 lockfspl 48 409 0 406 1 0 1 1 0 8 0 sessionpl 144 207 0 192 1 0 1 1 0 8 0 pgrppl 48 287 0 272 1 0 1 1 0 8 0 ucredpl 104 4592 0 4578 1 0 1 1 0 8 0 zombiepl 144 5855 0 5855 1 0 1 1 0 8 1 processpl 1072 5920 0 5855 6 0 6 6 0 8 0 procpl 656 9972 0 9891 9 0 9 9 0 8 0 sosppl 168 30 0 30 1 0 1 1 0 8 1 sockpl 504 8401 0 8374 34 23 11 17 0 8 7 mcl64k 65536 19 0 19 1 0 1 1 0 8 1 mcl16k 16384 1 0 1 1 0 1 1 0 8 1 mcl12k 12288 42 0 42 1 0 1 1 0 8 1 mcl8k 8192 99 0 99 1 0 1 1 0 8 1 mcl4k 4096 22 0 22 1 0 1 1 0 8 1 mcl2k 2048 51024 0 50918 40 19 21 37 0 8 7 mtagpl 96 192 0 192 2 0 2 2 0 8 2 mbufpl 256 166611 0 166414 89 68 21 69 0 8 4 bufpl 280 16770 0 6751 717 0 717 717 0 8 0 anonpl 24 767057 0 760743 98 0 98 98 0 188 37 amapchunkpl 152 145495 0 144900 50 0 50 50 0 158 18 amappl16 200 13376 0 13250 51 34 17 21 0 8 8 amappl15 192 223 0 222 1 0 1 1 0 8 0 amappl14 184 695 0 683 2 0 2 2 0 8 1 amappl13 176 14 0 14 1 0 1 1 0 8 1 amappl12 168 9203 0 9172 3 0 3 3 0 8 1 amappl11 160 50 0 40 1 0 1 1 0 8 0 amappl10 152 228 0 220 1 0 1 1 0 8 0 amappl9 144 172 0 172 1 0 1 1 0 8 1 amappl8 136 484 0 452 2 0 2 2 0 8 0 amappl7 128 83 0 68 1 0 1 1 0 8 0 amappl6 120 2603 0 2582 2 0 2 2 0 8 0 amappl5 112 899 0 886 1 0 1 1 0 8 0 amappl4 104 1758 0 1727 2 0 2 2 0 8 0 amappl3 96 26094 0 26026 3 0 3 3 0 8 0 amappl2 88 7046 0 6968 3 0 3 3 0 8 0 amappl1 80 38773 0 38265 22 2 20 22 0 8 7 amappl 88 43451 0 43282 6 0 6 6 0 92 0 dma4096 4096 1 0 1 1 0 1 1 0 8 1 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 6 0 6 1 0 1 1 0 8 1 dma128 128 253 0 253 1 0 1 1 0 8 1 dma64 64 6 0 6 1 0 1 1 0 8 1 dma32 32 7 0 7 1 0 1 1 0 8 1 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 50 0 4 1 0 1 1 0 8 0 uaddrrnd 24 5940 0 5873 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 5940 0 5873 1 0 1 1 0 8 0 vmmpekpl 168 46379 0 46315 4 0 4 4 0 8 0 vmmpepl 168 415310 0 413541 112 0 112 112 0 357 20 vmsppl 344 5939 0 5873 7 0 7 7 0 8 0 rwobjpl 24 103868 0 92720 68 0 68 68 0 8 0 pdppl 4096 11886 0 11786 589 473 116 116 0 8 16 pvpl 32 2335080 0 2322728 362 22 340 362 0 265 192 pmappl 216 5939 0 5873 5 0 5 5 0 8 0 extentpl 40 56 0 38 1 0 1 1 0 8 0 phpool 112 1077 0 669 13 0 13 13 0 8 0 ddb> machine ddbcpu 0 No such command ddb> trace arp_rtrequest(ffff800000dd6800,1,fffffd806a2ec160) at arp_rtrequest+0x4e3 arprequest sys/netinet/if_ether.c:281 [inline] arp_rtrequest(ffff800000dd6800,1,fffffd806a2ec160) at arp_rtrequest+0x4e3 sys/netinet/if_ether.c:184 rtrequest(1,ffff800035be5688,1,ffff800035be5758,0) at rtrequest+0x9dc sys/net/route.c:1103 rt_ifa_add(ffff800000f2b700,240004,ffff800000f2b758,0) at rt_ifa_add+0x2b3 sys/net/route.c:1273 rt_ifa_addlocal(ffff800000f2b700) at rt_ifa_addlocal+0x141 sys/net/route.c:1381 in_ifinit(ffff800000dd6800,ffff800000f2b700,ffff800035be5a20,1) at in_ifinit+0x1c1 sys/netinet/in.c:669 in_ioctl_change_ifaddr(8040691a,ffff800035be5a10,ffff800000dd6800) at in_ioctl_change_ifaddr+0x67a sys/netinet/in.c:504 ifioctl(fffffd805d9a39d8,8040691a,ffff800035be5a10,ffff80002a6ae038) at ifioctl+0x104c pru_control sys/sys/protosw.h:378 [inline] ifioctl(fffffd805d9a39d8,8040691a,ffff800035be5a10,ffff80002a6ae038) at ifioctl+0x104c sys/net/if.c:2449 sys_ioctl(ffff80002a6ae038,ffff800035be5bf0,ffff800035be5b40) at sys_ioctl+0x4a5 syscall(ffff800035be5bf0) at syscall+0x72a sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xf27ee7f5f00, count: -10 ddb> machine ddbcpu 1 No such command ddb> trace arp_rtrequest(ffff800000dd6800,1,fffffd806a2ec160) at arp_rtrequest+0x4e3 arprequest sys/netinet/if_ether.c:281 [inline] arp_rtrequest(ffff800000dd6800,1,fffffd806a2ec160) at arp_rtrequest+0x4e3 sys/netinet/if_ether.c:184 rtrequest(1,ffff800035be5688,1,ffff800035be5758,0) at rtrequest+0x9dc sys/net/route.c:1103 rt_ifa_add(ffff800000f2b700,240004,ffff800000f2b758,0) at rt_ifa_add+0x2b3 sys/net/route.c:1273 rt_ifa_addlocal(ffff800000f2b700) at rt_ifa_addlocal+0x141 sys/net/route.c:1381 in_ifinit(ffff800000dd6800,ffff800000f2b700,ffff800035be5a20,1) at in_ifinit+0x1c1 sys/netinet/in.c:669 in_ioctl_change_ifaddr(8040691a,ffff800035be5a10,ffff800000dd6800) at in_ioctl_change_ifaddr+0x67a sys/netinet/in.c:504 ifioctl(fffffd805d9a39d8,8040691a,ffff800035be5a10,ffff80002a6ae038) at ifioctl+0x104c pru_control sys/sys/protosw.h:378 [inline] ifioctl(fffffd805d9a39d8,8040691a,ffff800035be5a10,ffff80002a6ae038) at ifioctl+0x104c sys/net/if.c:2449 sys_ioctl(ffff80002a6ae038,ffff800035be5bf0,ffff800035be5b40) at sys_ioctl+0x4a5 syscall(ffff800035be5bf0) at syscall+0x72a sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xf27ee7f5f00, count: -10