uvm_fault(0xfffffd807187d020, 0x0, 0, 1) -> e kernel: page fault trap, code=0 Stopped at rtrequest+0x8e1: movzbl 0(%r14),%r15d TID PID UID PRFLAGS PFLAGS CPU COMMAND *236216 51153 0 0 0x4000000 0 syz-executor.5 rtrequest(1,ffff80002e868198,0,ffff80002e868108,0) at rtrequest+0x8e1 sys/net/route.c:941 rtm_output(ffff800000d3d900,ffff80002e868240,ffff80002e868198,0,0) at rtm_output+0x5f7 sys/net/rtsock.c:958 route_output(fffffd807182c700,fffffd805d5e3af8) at route_output+0x6bc sys/net/rtsock.c:863 route_send(fffffd805d5e3af8,fffffd807182c700,0,0) at route_send+0x8f sys/net/rtsock.c:339 sosend(fffffd805d5e3af8,0,ffff80002e868410,0,0,0) at sosend+0x66d sendit(ffff80002173c800,3,ffff80002e868510,0,ffff80002e8685f0) at sendit+0x65d sys/kern/uipc_syscalls.c:786 sys_sendto(ffff80002173c800,ffff80002e8685a0,ffff80002e8685f0) at sys_sendto+0x84 sys/kern/uipc_syscalls.c:564 syscall(ffff80002e868670) at syscall+0x4a8 sys/arch/amd64/amd64/trap.c:623 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x21e1cad5da0, count: 6 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic *cpu0: uvm_fault(0xfffffd807187d020, 0x0, 0, 1) -> e ddb> trace rtrequest(1,ffff80002e868198,0,ffff80002e868108,0) at rtrequest+0x8e1 sys/net/route.c:941 rtm_output(ffff800000d3d900,ffff80002e868240,ffff80002e868198,0,0) at rtm_output+0x5f7 sys/net/rtsock.c:958 route_output(fffffd807182c700,fffffd805d5e3af8) at route_output+0x6bc sys/net/rtsock.c:863 route_send(fffffd805d5e3af8,fffffd807182c700,0,0) at route_send+0x8f sys/net/rtsock.c:339 sosend(fffffd805d5e3af8,0,ffff80002e868410,0,0,0) at sosend+0x66d sendit(ffff80002173c800,3,ffff80002e868510,0,ffff80002e8685f0) at sendit+0x65d sys/kern/uipc_syscalls.c:786 sys_sendto(ffff80002173c800,ffff80002e8685a0,ffff80002e8685f0) at sys_sendto+0x84 sys/kern/uipc_syscalls.c:564 syscall(ffff80002e868670) at syscall+0x4a8 sys/arch/amd64/amd64/trap.c:623 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x21e1cad5da0, count: -9 ddb> show registers rdi 0xffff80002b419000 rsi 0x2e8 rbp 0xffff80002e8680e0 rbx 0x33 rdx 0xffff80002b419000 rcx 0x2e7 rax 0xffffffff81448f22 rt_putgwroute+0x112 r8 0x20 r9 0 r10 0xfe59e6c659f1f5a1 r11 0x7308a513495df6ea r12 0xfffffd806b440a28 r13 0xffff80002e868198 r14 0 r15 0xffff800000d79b90 rip 0xffffffff81447e21 rtrequest+0x8e1 cs 0x8 rflags 0x10246 __ALIGN_SIZE+0xf246 rsp 0xffff80002e867ff0 ss 0x10 rtrequest+0x8e1: movzbl 0(%r14),%r15d ddb> show proc PROC (syz-executor.5) tid=236216 pid=51153 tcnt=2 stat=onproc flags process=0 proc=4000000 runpri=32, usrpri=83, slppri=32, nice=20 wchan=0x0, wmesg=, ps_single=0x0 forw=0xffffffffffffffff, list=0xffff80002173cd50,0xffffffff82c978b0 process=0xffff80002b3ee000 user=0xffff80002e863000, vmspace=0xfffffd807187d020 estcpu=36, cpticks=1, pctcpu=0.0, user=0, sys=1, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 51153 160994 88125 0 2 0 syz-executor.5 *51153 236216 88125 0 7 0x4000000 syz-executor.5 53341 62367 62280 0 2 0 syz-executor.4 53341 315005 62280 0 3 0x4000080 fsleep syz-executor.4 66303 143315 79172 0 2 0 syz-executor.1 66303 148550 79172 0 3 0x4000080 fsleep syz-executor.1 63891 158971 37212 0 2 0 syz-executor.7 63891 415810 37212 0 3 0x4000080 netcon syz-executor.7 19014 487281 22783 0 2 0 syz-executor.2 19014 467899 22783 0 3 0x4000080 fsleep syz-executor.2 36755 170365 92110 0 2 0 syz-executor.0 36755 65234 92110 0 3 0x4000080 fsleep syz-executor.0 67055 296359 30479 0 2 0 syz-executor.3 67055 303578 30479 0 3 0x4000080 fsleep syz-executor.3 94060 341003 0 0 3 0x14280 nfsidl nfsio 28491 48709 0 0 3 0x14280 nfsidl nfsio 78779 325299 0 0 3 0x14280 nfsidl nfsio 51765 32401 0 0 3 0x14280 nfsidl nfsio 54223 33412 0 0 3 0x14280 nfsidl nfsio 73919 226060 0 0 3 0x14280 nfsidl nfsio 91613 267299 0 0 3 0x14280 nfsidl nfsio 46529 501080 0 0 3 0x14280 nfsidl nfsio 33960 433117 0 0 3 0x14280 nfsidl nfsio 37327 271594 0 0 3 0x14280 nfsidl nfsio 56099 446086 0 0 3 0x14280 nfsidl nfsio 81163 438768 0 0 3 0x14280 nfsidl nfsio 73183 379580 0 0 3 0x14280 nfsidl nfsio 41973 140192 0 0 3 0x14280 nfsidl nfsio 4263 298769 0 0 3 0x14280 nfsidl nfsio 45920 514724 0 0 3 0x14280 nfsidl nfsio 94019 95433 0 0 3 0x14280 nfsidl nfsio 20843 453786 0 0 3 0x14280 nfsidl nfsio 89488 381981 0 0 3 0x14280 nfsidl nfsio 3556 507897 0 0 3 0x14280 nfsidl nfsio 90381 308406 1 0 3 0x100083 ttyin getty 3866 419077 0 0 3 0x14200 acct acct 73173 228465 0 0 3 0x14200 bored sosplice 42447 6301 80272 0 2 0x2 syz-executor.6 88125 17142 80272 0 3 0x82 nanoslp syz-executor.5 62280 399328 80272 0 3 0x82 nanoslp syz-executor.4 37212 321057 80272 0 2 0x482 syz-executor.7 22783 372660 80272 0 3 0x82 nanoslp syz-executor.2 79172 383005 80272 0 3 0x82 nanoslp syz-executor.1 92110 446616 80272 0 3 0x82 nanoslp syz-executor.0 30479 64764 80272 0 3 0x82 nanoslp syz-executor.3 80272 217999 69012 0 3 0x2000082 wait syz-fuzzer 80272 63247 69012 0 3 0x6000082 nanoslp syz-fuzzer 80272 250684 69012 0 3 0x6000082 thrsleep syz-fuzzer 80272 26244 69012 0 3 0x6000082 wait syz-fuzzer 80272 194062 69012 0 3 0x6000082 wait syz-fuzzer 80272 116430 69012 0 3 0x6000082 wait syz-fuzzer 80272 298941 69012 0 3 0x6000082 wait syz-fuzzer 80272 502989 69012 0 3 0x6000082 thrsleep syz-fuzzer 80272 465536 69012 0 3 0x6000082 wait syz-fuzzer 80272 13643 69012 0 3 0x6000082 wait syz-fuzzer 80272 428343 69012 0 3 0x6000082 thrsleep syz-fuzzer 80272 505502 69012 0 3 0x6000082 wait syz-fuzzer 80272 204656 69012 0 3 0x6000082 thrsleep syz-fuzzer 80272 300636 69012 0 3 0x6000082 kqread syz-fuzzer 69012 236370 60256 0 3 0x10008a sigsusp ksh 60256 442989 17210 0 3 0x9a kqread sshd 17210 52657 1 0 3 0x88 kqread sshd 82110 60162 20377 73 3 0x1100090 kqread syslogd 20377 361947 1 0 3 0x100082 netio syslogd 19581 105490 1 0 3 0x100080 kqread resolvd 70946 295615 30967 77 3 0x100092 kqread dhcpleased 69279 176178 30967 77 3 0x100092 kqread dhcpleased 30967 521589 1 0 3 0x80 kqread dhcpleased 43170 99909 0 0 3 0x14200 bored smr 24546 460849 0 0 2 0x14200 zerothread 35650 232169 0 0 3 0x14200 aiodoned aiodoned 33894 160599 0 0 3 0x14200 syncer update 22813 518522 0 0 3 0x14200 cleaner cleaner 39246 512851 0 0 3 0x14200 reaper reaper 68865 153686 0 0 3 0x14200 pgdaemon pagedaemon 57316 437267 0 0 3 0x14200 bored viomb 28763 313131 0 0 3 0x40014200 acpi0 acpi0 88745 339827 0 0 3 0x14200 bored softnet3 11099 263455 0 0 3 0x14200 bored softnet2 38325 73655 0 0 3 0x14200 bored softnet1 6963 43361 0 0 3 0x14200 bored softnet0 59084 387170 0 0 3 0x14200 bored systqmp 2606 361114 0 0 3 0x14200 bored systq 56180 58813 0 0 3 0x40014200 tmoslp softclock 68771 124440 0 0 3 0x40014200 idle0 1 275516 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10184 6477K 7307K 78643K 13306 0 pcb 13 8K 8K 78643K 107 0 rtable 239 7K 7K 78643K 386 0 pf 32 9K 9K 78643K 52 0 ifaddr 44 11K 11K 78643K 56 0 ifgroup 55 2K 2K 78643K 91 0 sysctl 2 0K 0K 78643K 2 0 counters 29 17K 17K 78643K 37 0 ioctlops 0 0K 2K 78643K 73 0 iov 0 0K 12K 78643K 83 0 mount 1 1K 1K 78643K 1 0 log 0 0K 0K 78643K 4 0 vnodes 1292 81K 81K 78643K 2380 0 UFS quota 1 32K 32K 78643K 1 0 UFS mount 5 36K 36K 78643K 5 0 shm 2 1K 21K 78643K 26 0 VM map 2 1K 1K 78643K 2 0 sem 12 0K 1K 78643K 102 0 dirhash 12 2K 2K 78643K 12 0 ACPI 1697 195K 286K 78643K 12548 0 file desc 17 61K 69K 78643K 2657 0 sigio 0 0K 0K 78643K 53 0 proc 58 59K 83K 78643K 574 0 subproc 104 6K 6K 78643K 111 0 NFS srvsock 1 0K 0K 78643K 1 0 NFS daemon 1 16K 16K 78643K 1 0 ip_moptions 0 0K 0K 78643K 223 0 in_multi 99 7K 7K 78643K 222 0 ether_multi 1 0K 0K 78643K 22 0 mrt 1 0K 0K 78643K 5 0 ISOFS mount 1 32K 32K 78643K 1 0 MSDOSFS mount 1 16K 16K 78643K 1 0 ttys 85 387K 387K 78643K 85 0 exec 0 0K 1K 78643K 547 0 pfkey data 0 0K 0K 78643K 8 0 tdb 3 0K 0K 78643K 3 0 pagedep 1 8K 8K 78643K 1 0 inodedep 1 32K 32K 78643K 1 0 newblk 1 0K 0K 78643K 1 0 VM swap 8 62K 64K 78643K 10 0 UVM amap 337 160K 160K 78643K 24603 0 UVM aobj 117 3K 6K 78643K 147 0 memdesc 1 4K 4K 78643K 1 0 crypto data 1 1K 1K 78643K 1 0 ip6_options 0 0K 0K 78643K 75 0 NDP 12 0K 2K 78643K 36 0 temp 74 5916K 5992K 78643K 15789 0 kqueue 12 18K 26K 78643K 194 0 SYN cache 2 16K 16K 78643K 2 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle rtpcb 120 75 0 71 1 0 1 1 0 8 0 rtentry 112 116 0 5 4 0 4 4 0 8 0 unpcb 144 805 0 792 3 2 1 2 0 8 0 syncache 304 53 0 53 5 4 1 1 0 8 1 tcpqe 32 127 0 127 4 3 1 1 0 8 1 tcpcb 808 530 0 516 4 1 3 3 0 8 1 arp 88 18 0 0 1 0 1 1 0 8 0 ipq 40 1 0 1 1 1 0 1 0 8 0 ipqe 40 1 0 1 1 1 0 1 0 8 0 inpcb 336 1172 0 1155 5 2 3 3 0 8 1 nd6 104 24 0 0 1 0 1 1 0 8 0 pkpcb 40 22 0 22 2 2 0 1 0 8 0 kcovpl 48 8 0 0 1 0 1 1 0 8 0 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 453 0 0 29 0 29 29 0 8 0 art_table 32 454 0 0 4 0 4 4 0 8 0 art_node 16 110 0 10 1 0 1 1 0 8 0 sysvmsgpl 40 15 0 8 1 0 1 1 0 8 0 semapl 112 94 0 84 1 0 1 1 0 8 0 shmpl 112 144 0 30 4 0 4 4 0 8 0 dirhash 1024 17 0 0 3 0 3 3 0 8 0 dino2pl 256 5064 0 3610 92 0 92 92 0 8 0 ffsino 240 5064 0 3610 86 0 86 86 0 8 0 nchpl 144 8417 0 7885 63 41 22 63 0 8 0 uvmvnodes 80 5715 0 0 117 0 117 117 0 8 0 vnodes 216 5715 0 0 318 0 318 318 0 8 0 namei 1024 21892 0 21891 3 2 1 2 0 8 0 vcpupl 2048 22 0 0 3 0 3 3 0 8 0 vmpool 664 22 0 0 2 0 2 2 0 8 0 kstatmem 264 40 0 16 2 0 2 2 0 8 0 scxspl 216 24214 0 24214 10 8 2 8 1 8 2 plimitpl 152 116 0 101 1 0 1 1 0 8 0 sigapl 424 3099 0 3033 8 0 8 8 0 8 0 futexpl 64 17187 0 17182 1 0 1 1 0 8 0 knotepl 120 22885 0 22805 3 0 3 3 0 8 0 kqueuepl 184 227 0 218 2 1 1 2 0 8 0 pipepl 288 240 0 212 6 3 3 3 0 8 1 fdescpl 432 2941 0 2913 4 0 4 4 0 8 0 filepl 120 9685 0 9446 11 3 8 9 0 8 0 lockfpl 104 691 0 689 1 0 1 1 0 8 0 lockfspl 48 291 0 289 1 0 1 1 0 8 0 sessionpl 144 24 0 8 1 0 1 1 0 8 0 pgrppl 48 39 0 23 1 0 1 1 0 8 0 ucredpl 104 1409 0 1397 1 0 1 1 0 8 0 zombiepl 144 3033 0 3033 1 0 1 1 0 8 1 processpl 1008 3099 0 3033 10 1 9 9 0 8 0 procpl 680 5944 0 5858 9 1 8 8 0 8 0 sosppl 168 34 0 34 3 2 1 1 0 8 1 sockpl 456 2074 0 2040 14 7 7 8 0 8 2 mcl64k 65536 45 0 45 4 3 1 1 0 8 1 mcl16k 16384 7 0 7 1 1 0 1 0 8 0 mcl12k 12288 53 0 53 3 2 1 1 0 8 1 mcl9k 9216 9 0 9 2 2 0 1 0 8 0 mcl8k 8192 37 0 37 4 4 0 1 0 8 0 mcl4k 4096 106 0 106 4 3 1 1 0 8 1 mcl2k2 2112 41 0 41 1 1 0 1 0 8 0 mcl2k 2048 28242 0 28192 33 24 9 29 0 8 2 mtagpl 96 243 0 4 7 1 6 6 0 8 0 mbufpl 256 86400 0 85970 117 77 40 75 0 8 8 bufpl 288 7059 0 662 458 0 458 458 0 8 0 anonpl 24 411278 0 403807 80 23 57 69 0 188 11 amapchunkpl 152 78565 0 77844 32 2 30 30 0 158 2 amappl16 200 9873 0 9665 25 13 12 23 0 8 1 amappl15 192 15 0 15 1 1 0 1 0 8 0 amappl14 184 149 0 137 2 1 1 2 0 8 0 amappl13 176 23 0 22 1 0 1 1 0 8 0 amappl12 168 3567 0 3537 2 0 2 2 0 8 0 amappl11 160 54 0 43 1 0 1 1 0 8 0 amappl10 152 29 0 19 1 0 1 1 0 8 0 amappl9 144 113 0 113 1 1 0 1 0 8 0 amappl8 136 214 0 155 3 0 3 3 0 8 0 amappl7 128 188 0 171 2 0 2 2 0 8 0 amappl6 120 268 0 260 1 0 1 1 0 8 0 amappl5 112 134 0 125 1 0 1 1 0 8 0 amappl4 104 409 0 388 2 1 1 2 0 8 0 amappl3 96 16084 0 15991 3 0 3 3 0 8 0 amappl2 88 3437 0 3368 3 1 2 3 0 8 0 amappl1 80 17788 0 17283 22 11 11 22 0 8 0 amappl 88 24043 0 23836 5 0 5 5 0 92 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 146 0 30 3 0 3 3 0 8 0 uaddrrnd 24 2963 0 2913 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 2963 0 2913 1 0 1 1 0 8 0 vmmpekpl 168 22135 0 22070 4 0 4 4 0 8 0 vmmpepl 168 181412 0 179392 122 32 90 109 0 357 1 vmsppl 368 2962 0 2913 5 0 5 5 0 8 0 rwobjpl 24 52593 0 45571 43 0 43 43 0 8 0 pdppl 4096 5932 0 5848 158 72 86 86 0 8 2 pvpl 32 1032133 0 1019206 333 66 267 333 0 265 160 pmappl 216 2962 0 2913 3 0 3 3 0 8 0 extentpl 40 56 0 38 1 0 1 1 0 8 0 phpool 112 1028 0 195 25 0 25 25 0 8 0 ddb> machine ddbcpu 0 No such command ddb> trace rtrequest(1,ffff80002e868198,0,ffff80002e868108,0) at rtrequest+0x8e1 sys/net/route.c:941 rtm_output(ffff800000d3d900,ffff80002e868240,ffff80002e868198,0,0) at rtm_output+0x5f7 sys/net/rtsock.c:958 route_output(fffffd807182c700,fffffd805d5e3af8) at route_output+0x6bc sys/net/rtsock.c:863 route_send(fffffd805d5e3af8,fffffd807182c700,0,0) at route_send+0x8f sys/net/rtsock.c:339 sosend(fffffd805d5e3af8,0,ffff80002e868410,0,0,0) at sosend+0x66d sendit(ffff80002173c800,3,ffff80002e868510,0,ffff80002e8685f0) at sendit+0x65d sys/kern/uipc_syscalls.c:786 sys_sendto(ffff80002173c800,ffff80002e8685a0,ffff80002e8685f0) at sys_sendto+0x84 sys/kern/uipc_syscalls.c:564 syscall(ffff80002e868670) at syscall+0x4a8 sys/arch/amd64/amd64/trap.c:623 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x21e1cad5da0, count: -9 ddb> machine ddbcpu 1 No such command ddb> trace rtrequest(1,ffff80002e868198,0,ffff80002e868108,0) at rtrequest+0x8e1 sys/net/route.c:941 rtm_output(ffff800000d3d900,ffff80002e868240,ffff80002e868198,0,0) at rtm_output+0x5f7 sys/net/rtsock.c:958 route_output(fffffd807182c700,fffffd805d5e3af8) at route_output+0x6bc sys/net/rtsock.c:863 route_send(fffffd805d5e3af8,fffffd807182c700,0,0) at route_send+0x8f sys/net/rtsock.c:339 sosend(fffffd805d5e3af8,0,ffff80002e868410,0,0,0) at sosend+0x66d sendit(ffff80002173c800,3,ffff80002e868510,0,ffff80002e8685f0) at sendit+0x65d sys/kern/uipc_syscalls.c:786 sys_sendto(ffff80002173c800,ffff80002e8685a0,ffff80002e8685f0) at sys_sendto+0x84 sys/kern/uipc_syscalls.c:564 syscall(ffff80002e868670) at syscall+0x4a8 sys/arch/amd64/amd64/trap.c:623 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x21e1cad5da0, count: -9