kernel: page fault trap, code=10 Stopped at 0 TID PID UID PRFLAGS PFLAGS CPU COMMAND * 75365 38588 0 0x8000000 0x4000000 0 syz-executor.3 0(ffff800000ea7000,b,fffffd8065ecc7f8,ffff800030d0f240,1220,0) at 0 rtrequest(b,ffff800030d0f2e8,83,ffff800030d0f388,0) at rtrequest+0x9dc sys/net/route.c:1103 rt_match(fffffd8056e9aeb0,0,1,0) at rt_match+0xc3 rt_clone sys/net/route.c:383 [inline] rt_match(fffffd8056e9aeb0,0,1,0) at rt_match+0xc3 sys/net/route.c:358 route_mpath(fffffd8056e9ae98,fffffd807f028b24,0,0) at route_mpath+0x8b sys/net/route.c:255 in_pcbselsrc(ffff800030d0f4d8,fffffd807f028b20,fffffd8056e9ae20) at in_pcbselsrc+0x1b7 sys/netinet/in_pcb.c:975 in_pcbconnect(fffffd8056e9ae20,fffffd807f028b00) at in_pcbconnect+0xe8 sys/netinet/in_pcb.c:523 tcp_connect(fffffd805de5aa08,fffffd807f028b00) at tcp_connect+0x29b sys/netinet/tcp_usrreq.c:654 sys_connect(ffff80002a668020,ffff800030d0f700,ffff800030d0f650) at sys_connect+0x238 sys/kern/uipc_syscalls.c:422 syscall(ffff800030d0f700) at syscall+0x72a sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x26f79078c30, count: 6 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic *cpu0: attempt to execute user address 0x0 in supervisor mode ddb> trace 0(ffff800000ea7000,b,fffffd8065ecc7f8,ffff800030d0f240,1220,0) at 0 rtrequest(b,ffff800030d0f2e8,83,ffff800030d0f388,0) at rtrequest+0x9dc sys/net/route.c:1103 rt_match(fffffd8056e9aeb0,0,1,0) at rt_match+0xc3 rt_clone sys/net/route.c:383 [inline] rt_match(fffffd8056e9aeb0,0,1,0) at rt_match+0xc3 sys/net/route.c:358 route_mpath(fffffd8056e9ae98,fffffd807f028b24,0,0) at route_mpath+0x8b sys/net/route.c:255 in_pcbselsrc(ffff800030d0f4d8,fffffd807f028b20,fffffd8056e9ae20) at in_pcbselsrc+0x1b7 sys/netinet/in_pcb.c:975 in_pcbconnect(fffffd8056e9ae20,fffffd807f028b00) at in_pcbconnect+0xe8 sys/netinet/in_pcb.c:523 tcp_connect(fffffd805de5aa08,fffffd807f028b00) at tcp_connect+0x29b sys/netinet/tcp_usrreq.c:654 sys_connect(ffff80002a668020,ffff800030d0f700,ffff800030d0f650) at sys_connect+0x238 sys/kern/uipc_syscalls.c:422 syscall(ffff800030d0f700) at syscall+0x72a sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x26f79078c30, count: -9 ddb> show registers rdi 0xffff800000ea7000 rsi 0xb rbp 0xffff800030d0f2d0 rbx 0xffff8000006ba550 rdx 0xfffffd8065ecc7f8 rcx 0x282 rax 0xffffffff81473b55 rtrequest+0x9b5 r8 0x100 r9 0xfffffd8065ecc7f8 r10 0x16bb078222f4a339 r11 0 r12 0xffff800030d0f388 r13 0 r14 0xfffffd8065ecc7f8 r15 0xffff800030d0f2e8 rip 0 cs 0x8 rflags 0x10246 __ALIGN_SIZE+0xf246 rsp 0xffff800030d0f1d8 ss 0x10 0 ddb> show proc PROC (syz-executor.3) tid=75365 pid=38588 tcnt=2 stat=onproc flags process=8000000 proc=4000000 runpri=32, usrpri=84, slppri=32, nice=20 wchan=0x0, wmesg=, ps_single=0x0 scnt=0 ecnt=0 forw=0xffffffffffffffff, list=0xffff80002a6682b0,0xffffffff82e60b80 process=0xffff8000ffff21d8 user=0xffff800030d0a000, vmspace=0xfffffd80784119a8 estcpu=36, cpticks=1, pctcpu=0.0, user=0, sys=1, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 38588 173948 88623 0 2 0x8000000 syz-executor.3 *38588 75365 88623 0 7 0xc000000 syz-executor.3 53685 457742 76004 0 2 0x8000480 syz-executor.6 53685 385346 76004 0 3 0xc000080 kqsel syz-executor.6 53685 296701 76004 0 3 0xc000080 fsleep syz-executor.6 76004 199668 47776 0 2 0x8000482 syz-executor.6 88623 58015 47776 0 2 0x8000482 syz-executor.3 10915 340406 47776 0 2 0x8000482 syz-executor.1 80336 268803 47776 0 2 0x8000482 syz-executor.2 23144 348984 47776 0 2 0x8000482 syz-executor.4 95625 363027 47776 0 2 0x8000482 syz-executor.7 27801 373385 47776 0 2 0x8000002 syz-executor.0 17952 84588 47776 0 3 0x8000082 nanoslp syz-executor.5 7620 443481 1 0 3 0x18100083 ttyin getty 57198 50967 1 0 3 0x8000080 fsleep syz-executor.5 57198 311294 1 0 3 0xc000080 sbwait syz-executor.5 61121 5799 1 0 3 0x8000080 fsleep syz-executor.7 61121 90398 1 0 3 0xc000080 sbwait syz-executor.7 42668 142248 0 0 3 0x14200 bored sosplice 47776 283010 27128 0 3 0x1a000082 wait syz-fuzzer 47776 76135 27128 0 2 0x1e000482 syz-fuzzer 47776 111342 27128 0 3 0x1e000082 wait syz-fuzzer 47776 106513 27128 0 3 0x1e000082 thrsleep syz-fuzzer 47776 322767 27128 0 3 0x1e000082 thrsleep syz-fuzzer 47776 294420 27128 0 3 0x1e000082 wait syz-fuzzer 47776 340353 27128 0 3 0x1e000082 wait syz-fuzzer 47776 134909 27128 0 3 0x1e000082 wait syz-fuzzer 47776 34934 27128 0 3 0x1e000082 wait syz-fuzzer 47776 27761 27128 0 3 0x1e000082 wait syz-fuzzer 47776 206703 27128 0 3 0x1e000082 thrsleep syz-fuzzer 47776 328897 27128 0 3 0x1e000082 thrsleep syz-fuzzer 47776 504014 27128 0 3 0x1e000082 kqread syz-fuzzer 47776 328554 27128 0 3 0x1e000082 wait syz-fuzzer 47776 385365 27128 0 3 0x1e000082 thrsleep syz-fuzzer 27128 506641 76974 0 3 0x810008a sigsusp ksh 76974 203907 12398 0 3 0x1800009a kqread sshd 12398 104396 1 0 3 0x18000088 kqread sshd 61858 228048 27748 73 3 0x19100090 kqread syslogd 27748 241149 1 0 3 0x18100082 sbwait syslogd 6126 358816 1 0 3 0x18100080 kqread resolvd 66682 5568 0 0 3 0x14200 bored smr 8760 53595 0 0 2 0x14200 zerothread 83853 409673 0 0 3 0x14200 aiodoned aiodoned 16340 455484 0 0 3 0x14200 syncer update 41723 519670 0 0 3 0x14200 cleaner cleaner 32618 432078 0 0 3 0x14200 reaper reaper 9166 474673 0 0 3 0x14200 pgdaemon pagedaemon 46594 397675 0 0 3 0x14200 bored viomb 68373 499899 0 0 3 0x40014200 acpi0 acpi0 19247 189650 0 0 3 0x14200 bored softnet3 76845 512421 0 0 3 0x14200 bored softnet2 73354 248818 0 0 3 0x14200 bored softnet1 51985 17099 0 0 3 0x14200 bored softnet0 57470 86506 0 0 3 0x14200 bored systqmp 34757 436536 0 0 3 0x14200 bored systq 97605 435740 0 0 2 0x40014200 softclock 89857 255396 0 0 3 0x40014200 idle0 1 90261 0 0 3 0x8080082 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10205 6447K 7136K 166960K 15068 0 pcb 17 17K 19K 166960K 2196 0 rtable 177 17K 19K 166960K 10396 0 pf 51 12K 14K 166960K 1256 0 ifaddr 60 21K 27K 166960K 1551 0 ifgroup 94 3K 4K 166960K 2195 0 sysctl 4 1K 2K 166960K 37 0 counters 41 18K 19K 166960K 572 0 ioctlops 0 0K 2K 166960K 1022 0 iov 1 2K 22K 166960K 706 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1392 87K 88K 166960K 9553 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 1K 9K 166960K 252 0 VM map 2 1K 1K 166960K 2 0 sem 16 281K 557K 166960K 444 0 dirhash 12 2K 3K 166960K 378 0 ACPI 1697 195K 286K 166960K 12548 0 file desc 14 49K 109K 166960K 13772 0 sigio 0 0K 0K 166960K 265 0 proc 52 42K 124K 166960K 9439 0 subproc 130 8K 8K 166960K 4228 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 0 0K 0K 166960K 1925 0 in_multi 46 3K 7K 166960K 3746 0 ether_multi 1 0K 0K 166960K 154 0 mrt 1 0K 0K 166960K 33 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 103 466K 466K 166960K 103 0 exec 0 0K 1K 166960K 5520 0 pfkey data 0 0K 0K 166960K 22 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 319 295K 312K 166960K 107655 0 UVM aobj 70 7K 7K 166960K 82 0 pinsyscall 28 56K 100K 166960K 22759 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 1K 166960K 726 0 NDP 22 0K 2K 166960K 1162 0 temp 92 6800K 14736K 166960K 504907 0 kqueue 6 10K 29K 166960K 1570 0 SYN cache 2 16K 16K 166960K 2 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle rtpcb 120 1756 0 1755 1 0 1 1 0 8 0 rtentry 112 3737 0 3679 4 1 3 4 0 8 0 unpcb 144 9019 0 9008 3 1 2 2 0 8 1 syncache 336 5 0 5 1 1 0 1 0 8 0 sackhl 24 1 0 1 1 1 0 1 0 8 0 tcpqe 32 27 0 27 1 1 0 1 0 8 0 tcpcb 808 3384 0 3376 13 5 8 8 0 8 7 arp 88 690 0 676 1 0 1 1 0 8 0 ipq 40 39 0 37 1 0 1 1 0 8 0 ipqe 40 618 0 616 1 0 1 1 0 8 0 inpcb 352 13729 0 13720 32 24 8 20 0 8 6 nd6 104 962 0 952 1 0 1 1 0 8 0 pkpcb 40 114 0 114 2 1 1 1 0 8 1 kcovpl 48 325 0 315 1 0 1 1 0 8 0 ppxss 1072 93 0 93 2 1 1 1 0 8 1 art_heap8 4096 9 0 8 3 1 2 3 0 8 1 art_heap4 256 14893 0 14641 130 100 30 30 0 8 4 art_table 32 14902 0 14649 4 0 4 4 0 8 0 art_node 16 3700 0 3648 1 0 1 1 0 8 0 sysvmsgpl 40 20 0 15 1 0 1 1 0 8 0 semapl 112 433 0 419 1 0 1 1 0 8 0 shmpl 112 79 0 12 2 0 2 2 0 8 0 dirhash 1024 263 0 246 3 0 3 3 0 8 0 dino2pl 256 20963 0 19385 100 0 100 100 0 8 0 ffsino 240 20963 0 19385 94 0 94 94 0 8 0 nchpl 144 38523 0 37932 66 41 25 66 0 8 0 uvmvnodes 80 12296 0 0 251 0 251 251 0 8 0 vnodes 216 12296 0 0 684 0 684 684 0 8 0 namei 1024 159626 0 159625 3 2 1 3 0 8 0 vcpupl 3904 67 0 3 8 0 8 8 0 8 0 vmpool 664 126 0 62 6 0 6 6 0 8 0 kstatmem 264 1106 0 1062 4 0 4 4 0 8 0 scsiplug 72 25 0 25 2 1 1 1 0 8 1 scxspl 216 208185 0 208185 15 7 8 8 1 8 8 plimitpl 152 2368 0 2352 1 0 1 1 0 8 0 sigapl 424 13467 0 13423 9 2 7 9 0 8 0 futexpl 64 218645 0 218642 1 0 1 1 0 8 0 knotepl 120 45930 0 45864 35 21 14 18 0 8 8 kqueuepl 184 3545 0 3539 4 0 4 4 0 8 3 pipepl 288 2892 0 2862 3 0 3 3 0 8 0 fdescpl 432 13411 0 13389 5 1 4 5 0 8 0 filepl 120 90776 0 90512 19 5 14 15 0 8 4 lockfpl 104 2953 0 2951 1 0 1 1 0 8 0 lockfspl 48 1256 0 1254 1 0 1 1 0 8 0 sessionpl 144 320 0 303 1 0 1 1 0 8 0 pgrppl 48 582 0 565 1 0 1 1 0 8 0 ucredpl 104 14072 0 14056 1 0 1 1 0 8 0 zombiepl 144 13428 0 13423 1 0 1 1 0 8 0 processpl 1080 13467 0 13423 6 2 4 6 0 8 0 procpl 656 25039 0 24976 9 2 7 9 0 8 0 sosppl 168 50 0 50 2 1 1 1 0 8 1 sockpl 504 24809 0 24788 58 46 12 29 0 8 8 mcl64k 65536 728 0 728 2 1 1 1 0 8 1 mcl16k 16384 171 0 171 2 1 1 1 0 8 1 mcl12k 12288 93 0 93 2 1 1 1 0 8 1 mcl9k 9216 44 0 44 2 1 1 1 0 8 1 mcl8k 8192 457 0 456 1 0 1 1 0 8 0 mcl4k 4096 126 0 126 2 1 1 1 0 8 1 mcl2k2 2112 9 0 9 2 1 1 1 0 8 1 mcl2k 2048 63814 0 63718 38 22 16 37 0 8 2 mtagpl 96 44 0 44 2 1 1 1 0 8 1 mbufpl 256 197044 0 196880 201 181 20 64 0 8 8 bufpl 280 45211 0 32824 885 0 885 885 0 8 0 anonpl 24 1541465 0 1535544 97 29 68 97 0 188 0 amapchunkpl 152 343691 0 343099 60 18 42 47 0 158 13 amappl16 200 29829 0 29642 159 136 23 35 0 8 8 amappl15 192 14 0 13 1 0 1 1 0 8 0 amappl14 184 1062 0 1054 2 1 1 2 0 8 0 amappl13 176 15 0 15 1 1 0 1 0 8 0 amappl12 168 18509 0 18485 3 1 2 3 0 8 0 amappl11 160 387 0 373 1 0 1 1 0 8 0 amappl10 152 416 0 411 1 0 1 1 0 8 0 amappl9 144 225 0 224 1 0 1 1 0 8 0 amappl8 136 947 0 914 2 0 2 2 0 8 0 amappl7 128 79 0 64 1 0 1 1 0 8 0 amappl6 120 3798 0 3789 2 1 1 2 0 8 0 amappl5 112 1330 0 1320 1 0 1 1 0 8 0 amappl4 104 3149 0 3123 2 1 1 2 0 8 0 amappl3 96 62973 0 62899 3 0 3 3 0 8 0 amappl2 88 14850 0 14798 4 2 2 4 0 8 0 amappl1 80 69708 0 69317 22 11 11 22 0 8 0 amappl 88 104176 0 103991 6 0 6 6 0 92 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 81 0 12 2 0 2 2 0 8 0 uaddrrnd 24 13537 0 13451 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 13537 0 13451 1 0 1 1 0 8 0 vmmpekpl 168 96697 0 96626 4 0 4 4 0 8 0 vmmpepl 168 882360 0 880774 125 25 100 115 0 357 9 vmsppl 344 13536 0 13451 9 0 9 9 0 8 0 rwobjpl 24 202954 0 189570 84 1 83 83 0 8 0 pdppl 4096 27080 0 26966 989 861 128 128 0 8 14 pvpl 32 4810920 0 4799656 398 256 142 397 0 265 1 pmappl 216 13536 0 13451 6 0 6 6 0 8 0 extentpl 40 56 0 38 1 0 1 1 0 8 0 phpool 112 1646 0 1224 13 0 13 13 0 8 0 ddb> machine ddbcpu 0 No such command ddb> trace 0(ffff800000ea7000,b,fffffd8065ecc7f8,ffff800030d0f240,1220,0) at 0 rtrequest(b,ffff800030d0f2e8,83,ffff800030d0f388,0) at rtrequest+0x9dc sys/net/route.c:1103 rt_match(fffffd8056e9aeb0,0,1,0) at rt_match+0xc3 rt_clone sys/net/route.c:383 [inline] rt_match(fffffd8056e9aeb0,0,1,0) at rt_match+0xc3 sys/net/route.c:358 route_mpath(fffffd8056e9ae98,fffffd807f028b24,0,0) at route_mpath+0x8b sys/net/route.c:255 in_pcbselsrc(ffff800030d0f4d8,fffffd807f028b20,fffffd8056e9ae20) at in_pcbselsrc+0x1b7 sys/netinet/in_pcb.c:975 in_pcbconnect(fffffd8056e9ae20,fffffd807f028b00) at in_pcbconnect+0xe8 sys/netinet/in_pcb.c:523 tcp_connect(fffffd805de5aa08,fffffd807f028b00) at tcp_connect+0x29b sys/netinet/tcp_usrreq.c:654 sys_connect(ffff80002a668020,ffff800030d0f700,ffff800030d0f650) at sys_connect+0x238 sys/kern/uipc_syscalls.c:422 syscall(ffff800030d0f700) at syscall+0x72a sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x26f79078c30, count: -9 ddb> machine ddbcpu 1 No such command ddb> trace 0(ffff800000ea7000,b,fffffd8065ecc7f8,ffff800030d0f240,1220,0) at 0 rtrequest(b,ffff800030d0f2e8,83,ffff800030d0f388,0) at rtrequest+0x9dc sys/net/route.c:1103 rt_match(fffffd8056e9aeb0,0,1,0) at rt_match+0xc3 rt_clone sys/net/route.c:383 [inline] rt_match(fffffd8056e9aeb0,0,1,0) at rt_match+0xc3 sys/net/route.c:358 route_mpath(fffffd8056e9ae98,fffffd807f028b24,0,0) at route_mpath+0x8b sys/net/route.c:255 in_pcbselsrc(ffff800030d0f4d8,fffffd807f028b20,fffffd8056e9ae20) at in_pcbselsrc+0x1b7 sys/netinet/in_pcb.c:975 in_pcbconnect(fffffd8056e9ae20,fffffd807f028b00) at in_pcbconnect+0xe8 sys/netinet/in_pcb.c:523 tcp_connect(fffffd805de5aa08,fffffd807f028b00) at tcp_connect+0x29b sys/netinet/tcp_usrreq.c:654 sys_connect(ffff80002a668020,ffff800030d0f700,ffff800030d0f650) at sys_connect+0x238 sys/kern/uipc_syscalls.c:422 syscall(ffff800030d0f700) at syscall+0x72a sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x26f79078c30, count: -9