uvm_fault(0xffffffff82de8758, 0xffff800000e6b010, 0, 1) -> e kernel: page fault trap, code=0 Stopped at arp_rtrequest+0x4e3: movzwl 0xc(%r15,%rbx,1),%ecx TID PID UID PRFLAGS PFLAGS CPU COMMAND *376511 42789 0 0x8000000 0x4000000 0 syz-executor.5 arp_rtrequest(ffff800000dd9800,1,fffffd806aa1fa20) at arp_rtrequest+0x4e3 arprequest sys/netinet/if_ether.c:281 [inline] arp_rtrequest(ffff800000dd9800,1,fffffd806aa1fa20) at arp_rtrequest+0x4e3 sys/netinet/if_ether.c:184 rtrequest(1,ffff80002bf5f548,1,ffff80002bf5f618,0) at rtrequest+0x9dc sys/net/route.c:1103 rt_ifa_add(ffff800000e67800,240004,ffff800000e67858,0) at rt_ifa_add+0x2b3 sys/net/route.c:1273 rt_ifa_addlocal(ffff800000e67800) at rt_ifa_addlocal+0x141 sys/net/route.c:1381 in_ifinit(ffff800000dd9800,ffff800000e67800,ffff80002bf5f8c0,0) at in_ifinit+0x1c1 sys/netinet/in.c:669 in_ioctl_set_ifaddr(8020690c,ffff80002bf5f8b0,ffff800000dd9800) at in_ioctl_set_ifaddr+0x252 sys/netinet/in.c:386 ifioctl(fffffd806816fdd8,8020690c,ffff80002bf5f8b0,ffff80002a6b02a8) at ifioctl+0x104c pru_control sys/sys/protosw.h:378 [inline] ifioctl(fffffd806816fdd8,8020690c,ffff80002bf5f8b0,ffff80002a6b02a8) at ifioctl+0x104c sys/net/if.c:2449 sys_ioctl(ffff80002a6b02a8,ffff80002bf5fa90,ffff80002bf5f9e0) at sys_ioctl+0x4a5 syscall(ffff80002bf5fa90) at syscall+0x72a sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xb8806cbc120, count: 5 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic *cpu0: uvm_fault(0xffffffff82de8758, 0xffff800000e6b010, 0, 1) -> e ddb> trace arp_rtrequest(ffff800000dd9800,1,fffffd806aa1fa20) at arp_rtrequest+0x4e3 arprequest sys/netinet/if_ether.c:281 [inline] arp_rtrequest(ffff800000dd9800,1,fffffd806aa1fa20) at arp_rtrequest+0x4e3 sys/netinet/if_ether.c:184 rtrequest(1,ffff80002bf5f548,1,ffff80002bf5f618,0) at rtrequest+0x9dc sys/net/route.c:1103 rt_ifa_add(ffff800000e67800,240004,ffff800000e67858,0) at rt_ifa_add+0x2b3 sys/net/route.c:1273 rt_ifa_addlocal(ffff800000e67800) at rt_ifa_addlocal+0x141 sys/net/route.c:1381 in_ifinit(ffff800000dd9800,ffff800000e67800,ffff80002bf5f8c0,0) at in_ifinit+0x1c1 sys/netinet/in.c:669 in_ioctl_set_ifaddr(8020690c,ffff80002bf5f8b0,ffff800000dd9800) at in_ioctl_set_ifaddr+0x252 sys/netinet/in.c:386 ifioctl(fffffd806816fdd8,8020690c,ffff80002bf5f8b0,ffff80002a6b02a8) at ifioctl+0x104c pru_control sys/sys/protosw.h:378 [inline] ifioctl(fffffd806816fdd8,8020690c,ffff80002bf5f8b0,ffff80002a6b02a8) at ifioctl+0x104c sys/net/if.c:2449 sys_ioctl(ffff80002a6b02a8,ffff80002bf5fa90,ffff80002bf5f9e0) at sys_ioctl+0x4a5 syscall(ffff80002bf5fa90) at syscall+0x72a sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xb8806cbc120, count: -10 ddb> show registers rdi 0xffff80002f350000 rsi 0x2f0 rbp 0xffff80002bf5f430 rbx 0x14 rdx 0xffff80002f350000 rcx 0x100040600080100 rax 0xfffffd805cb52de0 r8 0x10 r9 0xfffffd806aa1fa20 r10 0xcef0f5be96b0e882 r11 0xd6b4a1271883e2ab r12 0x232 r13 0xfffffd805cb52d00 r14 0xfffffd806aa1fa20 r15 0xffff800000e6aff0 rip 0xffffffff825a7163 arp_rtrequest+0x4e3 cs 0x8 rflags 0x10246 __ALIGN_SIZE+0xf246 rsp 0xffff80002bf5f3b0 ss 0x10 arp_rtrequest+0x4e3: movzwl 0xc(%r15,%rbx,1),%ecx ddb> show proc PROC (syz-executor.5) tid=376511 pid=42789 tcnt=2 stat=onproc flags process=8000000 proc=4000000 runpri=32, usrpri=85, slppri=32, nice=20 wchan=0x0, wmesg=, ps_single=0x0 forw=0xffffffffffffffff, list=0xffff80002a69e2b8,0xffffffff82d44f28 process=0xffff8000ffff7ab0 user=0xffff80002bf5a000, vmspace=0xfffffd807836f970 estcpu=35, cpticks=1, pctcpu=0.0, user=0, sys=1, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 42789 224193 38108 0 2 0x8000000 syz-executor.5 *42789 376511 38108 0 7 0xc000000 syz-executor.5 56273 339922 47302 60928 2 0x8000010 syz-executor.4 56273 299960 47302 60928 3 0xc000090 fsleep syz-executor.4 81478 58377 24039 0 3 0x8000082 nanoslp syz-executor.0 38108 300192 24039 0 3 0x8000082 nanoslp syz-executor.5 34376 95102 24039 0 3 0x8000082 nanoslp syz-executor.7 40494 469477 0 0 3 0x14200 acct acct 47302 490483 24039 0 3 0x8000082 nanoslp syz-executor.4 47305 460639 24039 0 2 0x8000002 syz-executor.1 41456 249670 24039 0 2 0x8000002 syz-executor.2 13235 265289 24039 0 2 0x8000002 syz-executor.6 38090 78627 24039 0 2 0x8000002 syz-executor.3 88809 494453 0 0 3 0x14200 bored sosplice 24039 388717 9908 0 3 0x1a000082 wait syz-fuzzer 24039 400390 9908 0 3 0x1e000082 nanoslp syz-fuzzer 24039 133806 9908 0 3 0x1e000082 thrsleep syz-fuzzer 24039 199049 9908 0 3 0x1e000082 wait syz-fuzzer 24039 381083 9908 0 3 0x1e000082 wait syz-fuzzer 24039 53116 9908 0 3 0x1e000082 wait syz-fuzzer 24039 393501 9908 0 3 0x1e000082 thrsleep syz-fuzzer 24039 289792 9908 0 3 0x1e000082 thrsleep syz-fuzzer 24039 217736 9908 0 3 0x1e000082 wait syz-fuzzer 24039 124616 9908 0 3 0x1e000082 thrsleep syz-fuzzer 24039 226523 9908 0 3 0x1e000082 kqread syz-fuzzer 24039 388234 9908 0 3 0x1e000082 wait syz-fuzzer 24039 481005 9908 0 3 0x1e000082 wait syz-fuzzer 24039 292256 9908 0 3 0x1e000082 wait syz-fuzzer 9908 299187 2325 0 3 0x810008a sigsusp ksh 2325 32748 10971 0 3 0x1800009a kqread sshd 65282 32453 1 0 3 0x18100083 ttyin getty 10971 147852 1 0 3 0x18000088 kqread sshd 75519 196486 85772 73 3 0x19100090 kqread syslogd 85772 412374 1 0 3 0x18100082 sbwait syslogd 68453 128890 1 0 3 0x18100080 kqread resolvd 12103 433903 4139 77 3 0x18100092 kqread dhcpleased 8735 89099 4139 77 3 0x18100092 kqread dhcpleased 4139 123257 1 0 3 0x18000080 kqread dhcpleased 56200 71978 0 0 3 0x14200 bored smr 17680 212587 0 0 2 0x14200 zerothread 6300 367917 0 0 3 0x14200 aiodoned aiodoned 28109 484024 0 0 2 0x14600 update 7767 244781 0 0 3 0x14200 cleaner cleaner 3929 124807 0 0 3 0x14200 reaper reaper 195 346527 0 0 3 0x14200 pgdaemon pagedaemon 46212 303444 0 0 3 0x14200 bored viomb 24063 238595 0 0 3 0x40014200 acpi0 acpi0 18404 76146 0 0 3 0x14200 bored softnet3 23496 490888 0 0 3 0x14200 bored softnet2 56708 75413 0 0 3 0x14200 bored softnet1 602 208555 0 0 2 0x14200 softnet0 173 515517 0 0 2 0x14200 systqmp 48359 510743 0 0 3 0x14200 bored systq 38363 298414 0 0 3 0x40014200 tmoslp softclock 7001 293779 0 0 3 0x40014200 idle0 1 35542 0 0 3 0x8000082 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10173 6416K 6987K 166960K 13053 0 pcb 17 12K 12K 166960K 218 0 rtable 228 10K 11K 166960K 2148 0 pf 29 8K 9K 166960K 188 0 ifaddr 41 11K 12K 166960K 290 0 ifgroup 50 2K 2K 166960K 355 0 sysctl 4 1K 2K 166960K 8 0 counters 30 17K 17K 166960K 103 0 ioctlops 0 0K 2K 166960K 172 0 iov 0 0K 18K 166960K 95 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1432 90K 90K 166960K 2998 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 1K 9K 166960K 49 0 VM map 2 1K 1K 166960K 2 0 sem 12 0K 1K 166960K 156 0 dirhash 12 2K 2K 166960K 36 0 ACPI 1697 195K 286K 166960K 12548 0 file desc 13 45K 109K 166960K 2312 0 sigio 0 0K 0K 166960K 34 0 proc 63 67K 124K 166960K 2150 0 subproc 104 6K 8K 166960K 911 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 1 0K 0K 166960K 232 0 in_multi 88 6K 7K 166960K 750 0 ether_multi 1 0K 0K 166960K 11 0 mrt 0 0K 0K 166960K 3 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 97 440K 440K 166960K 97 0 exec 0 0K 1K 166960K 1229 0 pfkey data 0 0K 4K 166960K 2 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 251 97K 114K 166960K 19273 0 UVM aobj 65 3K 3K 166960K 73 0 pinsyscall 33 66K 100K 166960K 4936 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 0K 166960K 95 0 NDP 11 0K 1K 166960K 208 0 temp 74 6812K 6938K 166960K 51576 0 kqueue 12 18K 28K 166960K 276 0 SYN cache 2 16K 16K 166960K 2 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle rtpcb 120 277 0 273 1 0 1 1 0 8 0 rtentry 112 752 0 648 4 0 4 4 0 8 1 unpcb 144 1231 0 1214 6 0 6 6 0 8 5 syncache 336 5 0 5 1 0 1 1 0 8 1 tcpcb 808 425 0 420 2 0 2 2 0 8 1 arp 88 135 0 119 1 0 1 1 0 8 0 ipq 40 1 0 1 1 0 1 1 0 8 1 ipqe 40 3 0 3 1 0 1 1 0 8 1 inpcb 352 1668 0 1657 3 0 3 3 0 8 1 nd6 104 194 0 173 1 0 1 1 0 8 0 pkpcb 40 8 0 8 1 0 1 1 0 8 1 kcovpl 48 70 0 62 1 0 1 1 0 8 0 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 3000 0 2586 59 30 29 30 0 8 2 art_table 32 3001 0 2586 4 0 4 4 0 8 0 art_node 16 746 0 655 1 0 1 1 0 8 0 sysvmsgpl 40 8 0 2 1 0 1 1 0 8 0 semupl 112 2 0 2 1 0 1 1 0 8 1 semapl 112 152 0 142 1 0 1 1 0 8 0 shmpl 112 70 0 8 2 0 2 2 0 8 0 dirhash 1024 33 0 16 3 0 3 3 0 8 0 dino2pl 256 4027 0 2512 96 0 96 96 0 8 0 ffsino 240 4027 0 2512 90 0 90 90 0 8 0 nchpl 144 6857 0 5126 66 0 66 66 0 8 0 uvmvnodes 80 5456 0 0 112 0 112 112 0 8 0 vnodes 216 5456 0 0 304 0 304 304 0 8 0 namei 1024 27922 0 27920 3 0 3 3 0 8 2 vcpupl 3904 4 0 0 1 0 1 1 0 8 0 vmpool 664 19 0 15 1 0 1 1 0 8 0 kstatmem 264 168 0 146 2 0 2 2 0 8 0 scsiplug 72 4 0 4 1 0 1 1 0 8 1 scxspl 216 45918 0 45918 8 0 8 8 1 8 8 plimitpl 152 284 0 268 1 0 1 1 0 8 0 sigapl 424 2512 0 2469 8 0 8 8 0 8 2 futexpl 64 26210 0 26209 1 0 1 1 0 8 0 knotepl 120 10217 0 10135 11 0 11 11 0 8 7 kqueuepl 184 458 0 449 1 0 1 1 0 8 0 pipepl 288 509 0 481 3 0 3 3 0 8 0 fdescpl 432 2471 0 2447 5 0 5 5 0 8 1 filepl 120 12953 0 12700 13 0 13 13 0 8 4 lockfpl 104 424 0 421 1 0 1 1 0 8 0 lockfspl 48 193 0 190 1 0 1 1 0 8 0 sessionpl 144 80 0 64 1 0 1 1 0 8 0 pgrppl 48 100 0 84 1 0 1 1 0 8 0 ucredpl 104 1588 0 1577 1 0 1 1 0 8 0 zombiepl 144 2471 0 2469 1 0 1 1 0 8 0 processpl 1072 2512 0 2469 5 0 5 5 0 8 1 procpl 656 4153 0 4095 8 0 8 8 0 8 2 sosppl 168 38 0 38 1 0 1 1 0 8 1 sockpl 504 3196 0 3164 21 10 11 21 0 8 6 mcl64k 65536 4 0 4 1 0 1 1 0 8 1 mcl12k 12288 8 0 8 1 0 1 1 0 8 1 mcl9k 9216 1 0 1 1 0 1 1 0 8 1 mcl8k 8192 38 0 38 1 0 1 1 0 8 1 mcl4k 4096 11 0 11 1 0 1 1 0 8 1 mcl2k2 2112 3 0 3 1 0 1 1 0 8 1 mcl2k 2048 29498 0 29397 39 19 20 37 0 8 5 mtagpl 96 34 0 34 1 0 1 1 0 8 1 mbufpl 256 87988 0 87783 394 333 61 109 0 8 44 bufpl 280 9817 0 2755 505 0 505 505 0 8 0 anonpl 24 432401 0 426492 70 0 70 70 0 188 16 amapchunkpl 152 62664 0 62093 50 0 50 50 0 158 22 amappl16 200 9598 0 9479 33 13 20 20 0 8 11 amappl15 192 89 0 88 1 0 1 1 0 8 0 amappl14 184 345 0 334 2 0 2 2 0 8 1 amappl13 176 20 0 20 1 0 1 1 0 8 1 amappl12 168 3935 0 3909 3 0 3 3 0 8 1 amappl11 160 46 0 36 1 0 1 1 0 8 0 amappl10 152 148 0 138 1 0 1 1 0 8 0 amappl9 144 168 0 166 1 0 1 1 0 8 0 amappl8 136 240 0 208 2 0 2 2 0 8 0 amappl7 128 55 0 41 1 0 1 1 0 8 0 amappl6 120 1069 0 1055 2 0 2 2 0 8 1 amappl5 112 383 0 370 1 0 1 1 0 8 0 amappl4 104 825 0 791 2 0 2 2 0 8 0 amappl3 96 11956 0 11897 3 0 3 3 0 8 0 amappl2 88 3027 0 2959 4 0 4 4 0 8 2 amappl1 80 19763 0 19275 22 3 19 22 0 8 7 amappl 88 18253 0 18087 5 0 5 5 0 92 0 dma4096 4096 1 0 1 1 0 1 1 0 8 1 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 6 0 6 1 0 1 1 0 8 1 dma128 128 253 0 253 1 0 1 1 0 8 1 dma64 64 6 0 6 1 0 1 1 0 8 1 dma32 32 7 0 7 1 0 1 1 0 8 1 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 72 0 8 2 0 2 2 0 8 0 uaddrrnd 24 2490 0 2462 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 2490 0 2462 1 0 1 1 0 8 0 vmmpekpl 168 21989 0 21931 3 0 3 3 0 8 0 vmmpepl 168 181677 0 180000 114 0 114 114 0 357 22 vmsppl 344 2489 0 2462 4 0 4 4 0 8 0 rwobjpl 24 53129 0 46576 42 0 42 42 0 8 0 pdppl 4096 4986 0 4928 254 186 68 87 0 8 10 pvpl 32 1130843 0 1119275 391 41 350 391 0 265 220 pmappl 216 2489 0 2462 3 0 3 3 0 8 0 extentpl 40 56 0 38 1 0 1 1 0 8 0 phpool 112 972 0 578 13 0 13 13 0 8 0 ddb> machine ddbcpu 0 No such command ddb> trace arp_rtrequest(ffff800000dd9800,1,fffffd806aa1fa20) at arp_rtrequest+0x4e3 arprequest sys/netinet/if_ether.c:281 [inline] arp_rtrequest(ffff800000dd9800,1,fffffd806aa1fa20) at arp_rtrequest+0x4e3 sys/netinet/if_ether.c:184 rtrequest(1,ffff80002bf5f548,1,ffff80002bf5f618,0) at rtrequest+0x9dc sys/net/route.c:1103 rt_ifa_add(ffff800000e67800,240004,ffff800000e67858,0) at rt_ifa_add+0x2b3 sys/net/route.c:1273 rt_ifa_addlocal(ffff800000e67800) at rt_ifa_addlocal+0x141 sys/net/route.c:1381 in_ifinit(ffff800000dd9800,ffff800000e67800,ffff80002bf5f8c0,0) at in_ifinit+0x1c1 sys/netinet/in.c:669 in_ioctl_set_ifaddr(8020690c,ffff80002bf5f8b0,ffff800000dd9800) at in_ioctl_set_ifaddr+0x252 sys/netinet/in.c:386 ifioctl(fffffd806816fdd8,8020690c,ffff80002bf5f8b0,ffff80002a6b02a8) at ifioctl+0x104c pru_control sys/sys/protosw.h:378 [inline] ifioctl(fffffd806816fdd8,8020690c,ffff80002bf5f8b0,ffff80002a6b02a8) at ifioctl+0x104c sys/net/if.c:2449 sys_ioctl(ffff80002a6b02a8,ffff80002bf5fa90,ffff80002bf5f9e0) at sys_ioctl+0x4a5 syscall(ffff80002bf5fa90) at syscall+0x72a sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xb8806cbc120, count: -10 ddb> machine ddbcpu 1 No such command ddb> trace arp_rtrequest(ffff800000dd9800,1,fffffd806aa1fa20) at arp_rtrequest+0x4e3 arprequest sys/netinet/if_ether.c:281 [inline] arp_rtrequest(ffff800000dd9800,1,fffffd806aa1fa20) at arp_rtrequest+0x4e3 sys/netinet/if_ether.c:184 rtrequest(1,ffff80002bf5f548,1,ffff80002bf5f618,0) at rtrequest+0x9dc sys/net/route.c:1103 rt_ifa_add(ffff800000e67800,240004,ffff800000e67858,0) at rt_ifa_add+0x2b3 sys/net/route.c:1273 rt_ifa_addlocal(ffff800000e67800) at rt_ifa_addlocal+0x141 sys/net/route.c:1381 in_ifinit(ffff800000dd9800,ffff800000e67800,ffff80002bf5f8c0,0) at in_ifinit+0x1c1 sys/netinet/in.c:669 in_ioctl_set_ifaddr(8020690c,ffff80002bf5f8b0,ffff800000dd9800) at in_ioctl_set_ifaddr+0x252 sys/netinet/in.c:386 ifioctl(fffffd806816fdd8,8020690c,ffff80002bf5f8b0,ffff80002a6b02a8) at ifioctl+0x104c pru_control sys/sys/protosw.h:378 [inline] ifioctl(fffffd806816fdd8,8020690c,ffff80002bf5f8b0,ffff80002a6b02a8) at ifioctl+0x104c sys/net/if.c:2449 sys_ioctl(ffff80002a6b02a8,ffff80002bf5fa90,ffff80002bf5f9e0) at sys_ioctl+0x4a5 syscall(ffff80002bf5fa90) at syscall+0x72a sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xb8806cbc120, count: -10