uvm_fault(0xffffffff838ed458, 0xffff80000149f06a, 0, 1) -> e kernel: page fault trap, code=0 Stopped at arp_rtrequest+0x65e: movzwl 0xc(%r15,%rbx,1),%ecx TID PID UID PRFLAGS PFLAGS CPU COMMAND *158133 28980 0 0 0x4000000 0 syz-executor arp_rtrequest(ffff800000039058,1,fffffd806c001788) at arp_rtrequest+0x65e arprequest sys/netinet/if_ether.c:281 [inline] arp_rtrequest(ffff800000039058,1,fffffd806c001788) at arp_rtrequest+0x65e sys/netinet/if_ether.c:184 rtrequest(1,ffff800036d25348,0,ffff800036d252c0,0) at rtrequest+0xd4c sys/net/route.c:1117 rtm_output(ffff80000149c400,ffff800036d253f0,ffff800036d25348,0,0) at rtm_output+0x855 sys/net/rtsock.c:973 route_output(fffffd80682a7c00,ffff800010fdd6b8) at route_output+0x9ac sys/net/rtsock.c:878 route_send(ffff800010fdd6b8,fffffd80682a7c00,0,0) at route_send+0xd7 sys/net/rtsock.c:342 sosend(ffff800010fdd6b8,0,ffff800036d25598,0,0,0) at sosend+0x824 sys/kern/uipc_socket.c:-1 sendit(ffff80002a7f0a60,3,ffff800036d25690,0,ffff800036d25740) at sendit+0x721 sys/kern/uipc_syscalls.c:779 sys_sendto(ffff80002a7f0a60,ffff800036d257f0,ffff800036d25740) at sys_sendto+0x8d sys/kern/uipc_syscalls.c:557 syscall(ffff800036d257f0) at syscall+0x97e mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff800036d257f0) at syscall+0x97e sys/arch/amd64/amd64/trap.c:579 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xf209185300, count: 5 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic *cpu0: uvm_fault(0xffffffff838ed458, 0xffff80000149f06a, 0, 1) -> e ddb> trace arp_rtrequest(ffff800000039058,1,fffffd806c001788) at arp_rtrequest+0x65e arprequest sys/netinet/if_ether.c:281 [inline] arp_rtrequest(ffff800000039058,1,fffffd806c001788) at arp_rtrequest+0x65e sys/netinet/if_ether.c:184 rtrequest(1,ffff800036d25348,0,ffff800036d252c0,0) at rtrequest+0xd4c sys/net/route.c:1117 rtm_output(ffff80000149c400,ffff800036d253f0,ffff800036d25348,0,0) at rtm_output+0x855 sys/net/rtsock.c:973 route_output(fffffd80682a7c00,ffff800010fdd6b8) at route_output+0x9ac sys/net/rtsock.c:878 route_send(ffff800010fdd6b8,fffffd80682a7c00,0,0) at route_send+0xd7 sys/net/rtsock.c:342 sosend(ffff800010fdd6b8,0,ffff800036d25598,0,0,0) at sosend+0x824 sys/kern/uipc_socket.c:-1 sendit(ffff80002a7f0a60,3,ffff800036d25690,0,ffff800036d25740) at sendit+0x721 sys/kern/uipc_syscalls.c:779 sys_sendto(ffff80002a7f0a60,ffff800036d257f0,ffff800036d25740) at sys_sendto+0x8d sys/kern/uipc_syscalls.c:557 syscall(ffff800036d257f0) at syscall+0x97e mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff800036d257f0) at syscall+0x97e sys/arch/amd64/amd64/trap.c:579 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xf209185300, count: -10 ddb> show registers rdi 0xffff800036118000 rsi 0x3c2 rbp 0xffff800036d25190 rbx 0xde rdx 0xffff800036118000 rcx 0x100040600080100 rax 0xfffffd80682a7ae0 r8 0x10 r9 0xfffffd806c001788 r10 0xc4459a37e7f26315 r11 0xcd3fdf9aeb48a9f0 r12 0x1a r13 0xfffffd80682a7a00 r14 0xfffffd806c001788 r15 0xffff80000149ef80 rip 0xffffffff818e1d5e arp_rtrequest+0x65e cs 0x8 rflags 0x10246 __ALIGN_SIZE+0xf246 rsp 0xffff800036d25110 ss 0x10 arp_rtrequest+0x65e: movzwl 0xc(%r15,%rbx,1),%ecx ddb> show proc PROC (syz-executor) tid=158133 pid=28980 tcnt=2 stat=onproc flags process=0 proc=4000000 runpri=32, usrpri=50, slppri=32, nice=20 wchan=0x0, wmesg=, ps_single=0x0 scnt=0 ecnt=0 forw=0xffffffffffffffff, list=0xffff80002a7f19c0,0xffff80002a7f1c60 process=0xffff800036116d68 user=0xffff800036d20000, vmspace=0xfffffd80684202e8 estcpu=0, cpticks=1, pctcpu=0.0, user=0, sys=1, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 14671 92468 23461 0 2 0 syz-executor 32526 172598 43525 0 2 0x2 ndp 97502 481848 97669 0 2 0 syz-executor 97502 433210 97669 0 2 0x4000000 syz-executor 97502 368502 97669 0 2 0x4000000 syz-executor 28980 140858 21867 0 2 0 syz-executor *28980 158133 21867 0 7 0x4000000 syz-executor 43525 445139 56949 0 3 0x10008a sigsusp sh 69916 23846 85145 0 2 0 syz-executor 69916 173001 85145 0 3 0x4000080 fsleep syz-executor 30004 376396 38807 0 2 0 syz-executor 30004 335846 38807 0 3 0x4000080 fsleep syz-executor 11707 465146 27257 0 2 0 syz-executor 11707 245425 27257 0 3 0x4000080 fsleep syz-executor 28852 79031 50475 0 2 0x100002 sh 97669 501599 298 0 3 0x82 nanoslp syz-executor 23461 502061 298 0 2 0x2 syz-executor 21867 462403 298 0 3 0x82 nanoslp syz-executor 50475 363603 298 0 3 0x82 wait syz-executor 27257 237361 298 0 3 0x82 nanoslp syz-executor 56949 275821 298 0 3 0x82 wait syz-executor 38807 494712 298 0 3 0x82 nanoslp syz-executor 85145 135232 298 0 3 0x82 nanoslp syz-executor 298 34367 4843 0 2 0x2 syz-executor 4843 154552 69026 0 3 0x10008a sigsusp ksh 69026 37463 77076 0 3 0x98 kqread sshd-session 77076 184791 54000 0 3 0x92 kqread sshd-session 82920 458465 1 0 3 0x100083 ttyin getty 54000 521934 1 0 3 0x88 kqread sshd 18032 447682 73380 73 3 0x1100090 kqread syslogd 73380 219175 1 0 3 0x100082 sbwait syslogd 22719 332523 1 0 3 0x100080 kqread resolvd 37275 409525 95412 77 3 0x100092 kqread dhcpleased 39104 217521 95412 77 3 0x100092 kqread dhcpleased 95412 221709 1 0 3 0x80 kqread dhcpleased 66240 508535 0 0 3 0x14200 bored smr 35063 341319 0 0 2 0x14200 zerothread 80768 506394 0 0 3 0x14200 aiodoned aiodoned 58833 325177 0 0 3 0x14200 syncer update 69702 358470 0 0 3 0x14200 cleaner cleaner 65916 253717 0 0 3 0x14200 reaper reaper 69057 133079 0 0 3 0x14200 pgdaemon pagedaemon 74899 341720 0 0 3 0x14200 bored viomb 96009 144633 0 0 3 0x40014200 acpi0 acpi0 77492 468632 0 0 3 0x14200 bored softnet3 9384 266170 0 0 3 0x14200 bored softnet2 28527 55852 0 0 3 0x14200 bored softnet1 9234 49973 0 0 3 0x14200 bored softnet0 79836 150464 0 0 2 0x14200 systqmp 61719 258319 0 0 3 0x14200 bored systq 44058 20382 0 0 3 0x40014200 tmoslp softclock 85260 324768 0 0 3 0x40014200 idle0 1 279505 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10165 11040K 11052K 166960K 11242 0 pcb 17 12K 12K 166960K 17 0 rtable 233 6K 6K 166960K 343 0 pf 30 12K 12K 166960K 30 0 ifaddr 42 7K 7K 166960K 44 0 ifgroup 50 2K 2K 166960K 50 0 sysctl 1 1K 9K 166960K 5 0 counters 32 17K 17K 166960K 32 0 ioctlops 0 0K 2K 166960K 29 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1334 84K 84K 166960K 1350 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 1K 1K 166960K 2 0 VM map 2 1K 1K 166960K 2 0 sem 2 0K 0K 166960K 2 0 dirhash 12 2K 2K 166960K 12 0 ACPI 1692 195K 286K 166960K 12470 0 file desc 19 69K 97K 166960K 135 0 proc 57 58K 124K 166960K 472 0 subproc 72 4K 4K 166960K 72 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 in_multi 99 7K 7K 166960K 99 0 ether_multi 1 0K 0K 166960K 1 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 25 122K 122K 166960K 25 0 exec 0 0K 1K 166960K 346 0 fusefs mount 1 32K 32K 166960K 1 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 209 152K 162K 166960K 2798 0 UVM aobj 3 2K 2K 166960K 3 0 pinsyscall 40 80K 96K 166960K 1163 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 NDP 27 2K 2K 166960K 27 0 temp 33 8674K 8736K 166960K 3648 0 kqueue 13 20K 20K 166960K 22 0 SYN cache 2 16K 16K 166960K 2 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle rtpcb 120 36 0 32 1 0 1 1 0 8 0 rtentry 136 110 0 1 4 0 4 4 0 8 0 unpcb 144 31 0 16 1 0 1 1 0 8 0 syncache 336 3 0 3 1 0 1 1 0 8 1 tcpcb 736 7 0 3 1 0 1 1 0 8 0 arp 88 18 0 0 1 0 1 1 0 8 0 inpcb 328 58 0 50 2 0 2 2 0 8 1 nd6 104 22 0 0 1 0 1 1 0 8 0 pkpcb 40 1 0 0 1 0 1 1 0 8 0 kcovpl 48 8 0 0 1 0 1 1 0 8 0 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 451 0 0 29 0 29 29 0 8 0 art_table 32 452 0 0 4 0 4 4 0 8 0 art_node 16 109 0 10 1 0 1 1 0 8 0 dirhash 1024 17 0 0 3 0 3 3 0 8 0 dino2pl 256 1542 0 41 94 0 94 94 0 8 0 ffsino 248 1542 0 41 94 0 94 94 0 8 0 nchpl 144 1723 0 45 63 0 63 63 0 8 0 uvmvnodes 80 1623 0 0 34 0 34 34 0 8 0 vnodes 216 1623 0 0 91 0 91 91 0 8 0 namei 1024 5047 0 5047 2 0 2 2 0 8 2 kstatmem 264 22 0 0 2 0 2 2 0 8 0 scxspl 216 5553 0 5553 2 0 2 2 1 8 2 plimitpl 152 26 0 10 1 0 1 1 0 8 0 sigapl 424 415 0 368 7 0 7 7 0 8 1 knotepl 120 2950 0 2903 2 0 2 2 0 8 0 kqueuepl 184 18 0 9 1 0 1 1 0 8 0 pipepl 296 99 0 72 3 0 3 3 0 8 0 fdescpl 440 399 0 368 5 0 5 5 0 8 1 filepl 120 1286 0 1080 7 0 7 7 0 8 0 lockfpl 104 6 0 4 1 0 1 1 0 8 0 lockfspl 48 4 0 2 1 0 1 1 0 8 0 sessionpl 144 21 0 13 1 0 1 1 0 8 0 pgrppl 48 29 0 13 1 0 1 1 0 8 0 ucredpl 104 63 0 52 1 0 1 1 0 8 0 zombiepl 144 368 0 368 1 0 1 1 0 8 1 processpl 1160 415 0 368 4 0 4 4 0 8 0 procpl 656 421 0 368 5 0 5 5 0 8 0 sockpl 528 126 0 98 3 0 3 3 0 8 1 mcl8k 8192 4 0 4 1 0 1 1 0 8 1 mcl4k 4096 2396 0 2342 14 0 14 14 0 8 5 mcl2k 2048 107 0 107 1 0 1 1 0 8 1 mtagpl 96 4 0 4 1 0 1 1 0 8 1 mbufpl 256 3870 0 3736 9 0 9 9 0 8 0 bufpl 280 2220 0 117 151 0 151 151 0 8 0 anonpl 24 83870 0 80878 22 0 22 22 0 187 2 amapchunkpl 152 7639 0 7221 17 0 17 17 0 158 0 amappl16 200 1361 0 1349 5 0 5 5 0 8 4 amappl15 192 2 0 2 1 0 1 1 0 8 1 amappl14 184 100 0 90 1 0 1 1 0 8 0 amappl13 176 5 0 5 1 0 1 1 0 8 1 amappl12 168 1032 0 1001 3 0 3 3 0 8 1 amappl11 160 47 0 36 1 0 1 1 0 8 0 amappl10 152 6 0 6 1 0 1 1 0 8 1 amappl9 144 261 0 261 1 0 1 1 0 8 1 amappl8 136 20 0 19 1 0 1 1 0 8 0 amappl7 128 96 0 86 1 0 1 1 0 8 0 amappl6 120 165 0 160 1 0 1 1 0 8 0 amappl5 112 115 0 109 1 0 1 1 0 8 0 amappl4 104 287 0 269 1 0 1 1 0 8 0 amappl3 96 1233 0 1138 3 0 3 3 0 8 0 amappl2 88 597 0 541 2 0 2 2 0 8 0 amappl1 80 7816 0 7260 13 0 13 13 0 8 0 amappl 88 2172 0 2028 4 0 4 4 0 92 0 dma4096 4096 1 0 1 1 0 1 1 0 8 1 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 6 0 6 1 0 1 1 0 8 1 dma128 128 253 0 253 1 0 1 1 0 8 1 dma64 64 6 0 6 1 0 1 1 0 8 1 dma32 32 7 0 7 1 0 1 1 0 8 1 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 2 0 0 1 0 1 1 0 8 0 uaddrrnd 24 399 0 368 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 399 0 368 1 0 1 1 0 8 0 vmmpekpl 168 4811 0 4782 2 0 2 2 0 8 0 vmmpepl 168 31712 0 29918 80 0 80 80 0 357 2 vmsppl 360 398 0 368 4 0 4 4 0 8 0 rwobjpl 32 12987 0 10530 21 0 21 21 0 8 0 pdppl 4096 804 0 736 96 14 82 82 0 8 14 pvpl 32 193199 0 185141 67 0 67 67 0 265 0 pmappl 216 398 0 368 3 0 3 3 0 8 0 extentpl 40 45 0 27 1 0 1 1 0 8 0 phpool 112 255 0 14 7 0 7 7 0 8 0 ddb> machine ddbcpu 0 No such command ddb> trace arp_rtrequest(ffff800000039058,1,fffffd806c001788) at arp_rtrequest+0x65e arprequest sys/netinet/if_ether.c:281 [inline] arp_rtrequest(ffff800000039058,1,fffffd806c001788) at arp_rtrequest+0x65e sys/netinet/if_ether.c:184 rtrequest(1,ffff800036d25348,0,ffff800036d252c0,0) at rtrequest+0xd4c sys/net/route.c:1117 rtm_output(ffff80000149c400,ffff800036d253f0,ffff800036d25348,0,0) at rtm_output+0x855 sys/net/rtsock.c:973 route_output(fffffd80682a7c00,ffff800010fdd6b8) at route_output+0x9ac sys/net/rtsock.c:878 route_send(ffff800010fdd6b8,fffffd80682a7c00,0,0) at route_send+0xd7 sys/net/rtsock.c:342 sosend(ffff800010fdd6b8,0,ffff800036d25598,0,0,0) at sosend+0x824 sys/kern/uipc_socket.c:-1 sendit(ffff80002a7f0a60,3,ffff800036d25690,0,ffff800036d25740) at sendit+0x721 sys/kern/uipc_syscalls.c:779 sys_sendto(ffff80002a7f0a60,ffff800036d257f0,ffff800036d25740) at sys_sendto+0x8d sys/kern/uipc_syscalls.c:557 syscall(ffff800036d257f0) at syscall+0x97e mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff800036d257f0) at syscall+0x97e sys/arch/amd64/amd64/trap.c:579 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xf209185300, count: -10 ddb> machine ddbcpu 1 No such command ddb> trace arp_rtrequest(ffff800000039058,1,fffffd806c001788) at arp_rtrequest+0x65e arprequest sys/netinet/if_ether.c:281 [inline] arp_rtrequest(ffff800000039058,1,fffffd806c001788) at arp_rtrequest+0x65e sys/netinet/if_ether.c:184 rtrequest(1,ffff800036d25348,0,ffff800036d252c0,0) at rtrequest+0xd4c sys/net/route.c:1117 rtm_output(ffff80000149c400,ffff800036d253f0,ffff800036d25348,0,0) at rtm_output+0x855 sys/net/rtsock.c:973 route_output(fffffd80682a7c00,ffff800010fdd6b8) at route_output+0x9ac sys/net/rtsock.c:878 route_send(ffff800010fdd6b8,fffffd80682a7c00,0,0) at route_send+0xd7 sys/net/rtsock.c:342 sosend(ffff800010fdd6b8,0,ffff800036d25598,0,0,0) at sosend+0x824 sys/kern/uipc_socket.c:-1 sendit(ffff80002a7f0a60,3,ffff800036d25690,0,ffff800036d25740) at sendit+0x721 sys/kern/uipc_syscalls.c:779 sys_sendto(ffff80002a7f0a60,ffff800036d257f0,ffff800036d25740) at sys_sendto+0x8d sys/kern/uipc_syscalls.c:557 syscall(ffff800036d257f0) at syscall+0x97e mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff800036d257f0) at syscall+0x97e sys/arch/amd64/amd64/trap.c:579 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xf209185300, count: -10