uvm_fault(0xffffffff8383f770, 0xffff8000014ae02a, 0, 1) -> e kernel: page fault trap, code=0 Stopped at arp_rtrequest+0x657: movzwl 0xc(%rcx,%rbx,1),%ecx TID PID UID PRFLAGS PFLAGS CPU COMMAND *520054 73012 0 0 0x4000000 0 syz-executor arp_rtrequest(ffff800000039058,1,fffffd8062e8e898) at arp_rtrequest+0x657 arprequest sys/netinet/if_ether.c:279 [inline] arp_rtrequest(ffff800000039058,1,fffffd8062e8e898) at arp_rtrequest+0x657 sys/netinet/if_ether.c:182 rtrequest(1,ffff800038159630,0,ffff8000381595a0,16) at rtrequest+0xf08 sys/net/route.c:1115 rtm_output(ffff8000015a5c00,ffff8000381596d8,ffff800038159630,0,16) at rtm_output+0x91a sys/net/rtsock.c:953 route_output(fffffd805fb33700,ffff80000147cad8) at route_output+0xa2b sys/net/rtsock.c:858 route_send(ffff80000147cad8,fffffd805fb33700,0,0) at route_send+0xd7 sys/net/rtsock.c:322 sosend(ffff80000147cad8,0,ffff800038159888,0,0,808) at sosend+0x804 sys/kern/uipc_socket.c:-1 sendit(ffff80003a566fc8,3,ffff800038159980,808,ffff800038159a20) at sendit+0x5a5 sys/kern/uipc_syscalls.c:785 sys_sendto(ffff80003a566fc8,ffff800038159ad0,ffff800038159a20) at sys_sendto+0x8d sys/kern/uipc_syscalls.c:563 syscall(ffff800038159ad0) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff800038159ad0) at syscall+0x962 sys/arch/amd64/amd64/trap.c:746 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xd17e9bada20, count: 5 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic *cpu0: uvm_fault(0xffffffff8383f770, 0xffff8000014ae02a, 0, 1) -> e ddb> trace arp_rtrequest(ffff800000039058,1,fffffd8062e8e898) at arp_rtrequest+0x657 arprequest sys/netinet/if_ether.c:279 [inline] arp_rtrequest(ffff800000039058,1,fffffd8062e8e898) at arp_rtrequest+0x657 sys/netinet/if_ether.c:182 rtrequest(1,ffff800038159630,0,ffff8000381595a0,16) at rtrequest+0xf08 sys/net/route.c:1115 rtm_output(ffff8000015a5c00,ffff8000381596d8,ffff800038159630,0,16) at rtm_output+0x91a sys/net/rtsock.c:953 route_output(fffffd805fb33700,ffff80000147cad8) at route_output+0xa2b sys/net/rtsock.c:858 route_send(ffff80000147cad8,fffffd805fb33700,0,0) at route_send+0xd7 sys/net/rtsock.c:322 sosend(ffff80000147cad8,0,ffff800038159888,0,0,808) at sosend+0x804 sys/kern/uipc_socket.c:-1 sendit(ffff80003a566fc8,3,ffff800038159980,808,ffff800038159a20) at sendit+0x5a5 sys/kern/uipc_syscalls.c:785 sys_sendto(ffff80003a566fc8,ffff800038159ad0,ffff800038159a20) at sys_sendto+0x8d sys/kern/uipc_syscalls.c:563 syscall(ffff800038159ad0) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff800038159ad0) at syscall+0x962 sys/arch/amd64/amd64/trap.c:746 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xd17e9bada20, count: -10 ddb> show registers rdi 0xffff800035d48000 rsi 0x610 rbp 0xffff800038159480 rbx 0xde rdx 0xffff800035d48000 rcx 0xffff8000014adf40 rax 0xfffffd806fd301e0 r8 0x20 r9 0xfffffd8062e8e898 r10 0x8501372964a991f1 r11 0x68c1db85a812cfef r12 0x28 r13 0xfffffd806fd30100 r14 0xfffffd8062e8e898 r15 0xffff800000039058 rip 0xffffffff82ebede7 arp_rtrequest+0x657 cs 0x8 rflags 0x10246 __ALIGN_SIZE+0xf246 rsp 0xffff800038159400 ss 0x10 arp_rtrequest+0x657: movzwl 0xc(%rcx,%rbx,1),%ecx ddb> show proc PROC (syz-executor) tid=520054 pid=73012 tcnt=2 stat=onproc flags process=0 proc=4000000 runpri=50, usrpri=50, slppri=32, nice=20 wchan=0x0, wmesg=, ps_single=0x0 scnt=0 ecnt=0 forw=0xffffffffffffffff, list=0xffff80003a566568,0xffff80003a566aa8 process=0xffff80003ca456a8 user=0xffff800038154000, vmspace=0xfffffd806bb8dd00 estcpu=36, cpticks=2, pctcpu=0.0, user=0, sys=2, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 34679 390772 99269 0 2 0x1 syz-executor 34679 66288 99269 0 3 0x4000080 fsleep syz-executor 11121 141900 85854 0 2 0x1 syz-executor 11121 286466 85854 0 3 0x4000080 fsleep syz-executor 73012 170813 90647 0 2 0 syz-executor *73012 520054 90647 0 7 0x4000000 syz-executor 83615 210421 3532 0 2 0x1 syz-executor 83615 53212 3532 0 3 0x4000080 fsleep syz-executor 83615 67148 3532 0 3 0x4000080 fsleep syz-executor 90629 7835 36299 0 2 0 syz-executor 90629 83751 36299 0 3 0x4000080 fsleep syz-executor 90629 342494 36299 0 3 0x4000080 fsleep syz-executor 32802 220906 67231 0 2 0 syz-executor 32802 109227 67231 0 3 0x4000080 fsleep syz-executor 8105 342804 56413 0 2 0x1 syz-executor 8105 242359 56413 0 3 0x4000080 fsleep syz-executor 8105 334896 56413 0 3 0x4000080 fsleep syz-executor 93026 256996 0 0 3 0x14200 acct acct 11931 326976 0 0 3 0x14280 nfsidl nfsio 31266 238724 0 0 3 0x14280 nfsidl nfsio 27020 315657 0 0 3 0x14280 nfsidl nfsio 83595 518812 0 0 3 0x14280 nfsidl nfsio 61552 470325 0 0 3 0x14280 nfsidl nfsio 33164 156346 0 0 3 0x14280 nfsidl nfsio 3344 201685 0 0 3 0x14280 nfsidl nfsio 43249 430804 0 0 3 0x14280 nfsidl nfsio 18232 114457 0 0 3 0x14280 nfsidl nfsio 89928 331867 0 0 3 0x14280 nfsidl nfsio 26404 503976 0 0 3 0x14280 nfsidl nfsio 20901 441550 0 0 3 0x14280 nfsidl nfsio 7595 119251 0 0 3 0x14280 nfsidl nfsio 34529 203125 0 0 3 0x14280 nfsidl nfsio 27623 369288 0 0 3 0x14280 nfsidl nfsio 84398 146114 0 0 3 0x14280 nfsidl nfsio 28378 258609 0 0 3 0x14280 nfsidl nfsio 21673 457726 0 0 3 0x14280 nfsidl nfsio 73013 124499 0 0 3 0x14280 nfsidl nfsio 64805 421798 0 0 3 0x14280 nfsidl nfsio 5197 473122 0 0 3 0x14200 bored sosplice 56413 472405 96230 0 2 0xc82 syz-executor 99269 133555 96230 0 2 0xc82 syz-executor 90647 503715 96230 0 2 0xc82 syz-executor 3532 120332 96230 0 2 0xc82 syz-executor 36299 158359 96230 0 2 0xc82 syz-executor 85854 135348 96230 0 2 0xc82 syz-executor 90243 411984 96230 0 3 0x82 wait syz-executor 67231 57946 96230 0 2 0xc82 syz-executor 96230 294265 80773 0 3 0x82 kqread syz-executor 80773 22429 97919 0 3 0x10008a sigsusp ksh 97919 26771 58547 0 3 0x98 kqread sshd-session 58547 72772 53776 0 3 0x92 kqread sshd-session 95935 512626 1 0 3 0x100083 ttyin getty 53776 325071 1 0 3 0x88 kqread sshd 89993 56406 3900 73 3 0x1100090 kqread syslogd 3900 198735 1 0 3 0x100082 sbwait syslogd 66626 277014 1 0 3 0x100080 kqread resolvd 26663 331931 8263 77 3 0x100092 kqread dhcpleased 5759 472343 8263 77 3 0x100092 kqread dhcpleased 8263 247852 1 0 3 0x80 kqread dhcpleased 70383 500827 0 0 3 0x14200 bored smr 23033 17479 0 0 2 0x14200 zerothread 72047 120740 0 0 3 0x14200 aiodoned aiodoned 61412 138626 0 0 3 0x14200 syncer update 54242 379124 0 0 3 0x14200 cleaner cleaner 46101 386912 0 0 3 0x14200 reaper reaper 28192 380386 0 0 3 0x14200 pgdaemon pagedaemon 25397 385919 0 0 3 0x14200 bored viomb 20262 56739 0 0 3 0x40014200 acpi0 acpi0 29046 412020 0 0 3 0x14200 bored softnet7 56353 470335 0 0 3 0x14200 bored softnet6 83381 14596 0 0 3 0x14200 bored softnet5 83892 518133 0 0 3 0x14200 bored softnet4 9956 179495 0 0 3 0x14200 bored softnet3 38966 49647 0 0 3 0x14200 bored softnet2 76533 106432 0 0 3 0x14200 bored softnet1 69146 516669 0 0 3 0x14200 bored softnet0 85365 63685 0 0 2 0x14200 systqmp 49308 167235 0 0 3 0x14200 bored systq 2927 67691 0 0 2 0x40014200 softclock 35726 514287 0 0 3 0x40014200 idle0 1 116572 0 0 3 0x82 wait init 0 0 -1 0 3 0x10010200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10229 11195K 11290K 166960K 11820 0 pcb 19 16K 21K 166960K 234 0 rtable 203 8K 9K 166960K 369 0 pf 35 13K 17K 166960K 60 0 ifaddr 41 7K 7K 166960K 62 0 ifgroup 56 2K 2K 166960K 83 0 sysctl 4 1K 9K 166960K 10 0 counters 34 18K 18K 166960K 46 0 ioctlops 0 0K 4K 166960K 105 0 iov 0 0K 16K 166960K 22 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1343 85K 85K 166960K 1664 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 1K 9K 166960K 16 0 VM map 2 1K 1K 166960K 2 0 sem 11 5K 5K 166960K 27 0 dirhash 12 2K 2K 166960K 27 0 ACPI 1692 195K 286K 166960K 12470 0 file desc 18 65K 89K 166960K 563 0 sigio 0 0K 0K 166960K 7 0 proc 60 59K 108K 166960K 520 0 subproc 72 4K 4K 166960K 72 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 0 0K 0K 166960K 67 0 in_multi 88 6K 7K 166960K 134 0 ether_multi 1 0K 0K 166960K 6 0 mrt 1 0K 0K 166960K 3 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 235 1049K 1049K 166960K 235 0 exec 0 0K 1K 166960K 408 0 fusefs mount 1 32K 32K 166960K 1 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 236 143K 153K 166960K 6656 0 UVM aobj 24 3K 3K 166960K 26 0 pinsyscall 39 78K 92K 166960K 1610 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 0K 166960K 16 0 NDP 13 0K 2K 166960K 39 0 temp 48 8636K 8716K 166960K 25355 0 kqueue 13 20K 30K 166960K 100 0 SYN cache 2 16K 16K 166960K 2 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle rtpcb 120 74 0 70 1 0 1 1 0 8 0 rtentry 136 119 0 38 4 0 4 4 0 8 0 unpcb 144 317 0 297 2 1 1 2 0 8 0 syncache 336 6 0 6 1 1 0 1 0 8 0 tcpcb 736 214 0 203 7 6 1 7 0 8 0 arp 88 14 0 3 1 0 1 1 0 8 0 ipq 40 3 0 1 1 0 1 1 0 8 0 ipqe 40 75 0 7 1 0 1 1 0 8 0 inpcb 328 609 0 590 12 10 2 12 0 8 0 ip6q 72 1 0 1 1 0 1 1 0 8 1 ip6af 40 2 0 2 1 0 1 1 0 8 1 nd6 104 20 0 5 1 0 1 1 0 8 0 pkpcb 40 4 0 4 2 1 1 1 0 8 1 kcovpl 48 8 0 0 1 0 1 1 0 8 0 ppxss 1072 11 0 10 1 0 1 1 0 8 0 pppxif 1384 1 0 1 1 1 0 1 0 8 0 pfrktable 1344 1 0 1 1 1 0 1 0 8 0 art_heap8 4096 4 0 0 4 0 4 4 0 8 0 art_heap4 256 561 0 203 28 1 27 28 0 8 2 art_table 40 565 0 203 5 0 5 5 0 8 0 art_node 32 117 0 47 1 0 1 1 0 8 0 sysvmsgpl 40 8 0 4 1 0 1 1 0 8 0 semupl 112 1 0 1 1 1 0 1 0 8 0 semapl 112 20 0 11 1 0 1 1 0 8 0 shmpl 112 23 0 2 1 0 1 1 0 8 0 dirhash 1024 27 0 10 3 0 3 3 0 8 0 dino2pl 256 2411 0 908 95 0 95 95 0 8 0 ffsino 256 2411 0 908 95 0 95 95 0 8 0 nchpl 144 3230 0 1546 63 0 63 63 0 8 0 rtmask 32 2 0 2 1 1 0 1 0 8 0 uvmvnodes 80 2632 0 0 54 0 54 54 0 8 0 vnodes 216 2632 0 0 147 0 147 147 0 8 0 namei 1024 10437 0 10437 2 1 1 2 0 8 1 kstatmem 264 44 0 18 2 0 2 2 0 8 0 scsiplug 72 1 0 1 1 1 0 1 0 8 0 scxspl 216 11318 0 11318 9 7 2 8 1 8 2 plimitpl 152 121 0 105 1 0 1 1 0 8 0 sigapl 424 873 0 801 9 0 9 9 0 8 0 knotepl 120 21764 0 21717 22 13 9 17 0 8 7 kqueuepl 184 204 0 195 4 3 1 4 0 8 0 pipepl 304 177 0 150 5 2 3 5 0 8 0 fdescpl 448 830 0 800 5 1 4 5 0 8 0 filepl 120 4511 0 4276 13 5 8 13 0 8 0 lockfpl 104 146 0 144 1 0 1 1 0 8 0 lockfspl 48 62 0 60 1 0 1 1 0 8 0 sessionpl 144 24 0 16 1 0 1 1 0 8 0 pgrppl 48 38 0 22 1 0 1 1 0 8 0 ucredpl 104 746 0 733 1 0 1 1 0 8 0 zombiepl 144 828 0 827 1 0 1 1 0 8 0 processpl 1152 873 0 801 6 0 6 6 0 8 0 procpl 664 1493 0 1411 8 0 8 8 0 8 0 sosppl 168 2 0 2 1 1 0 1 0 8 0 sockpl 552 1020 0 976 13 9 4 12 0 8 0 mcl64k 65536 25 0 25 2 1 1 1 0 8 1 mcl16k 16384 8 0 8 2 1 1 1 0 8 1 mcl12k 12288 2 0 2 1 1 0 1 0 8 0 mcl9k 9216 1 0 1 1 1 0 1 0 8 0 mcl8k 8192 13 0 13 1 1 0 1 0 8 0 mcl4k 4096 3051 0 2997 15 7 8 15 0 8 0 mcl2k2 2112 2 0 2 1 1 0 1 0 8 0 mcl2k 2048 755 0 750 6 4 2 5 0 8 1 mtagpl 96 10 0 5 1 0 1 1 0 8 0 mbufpl 256 8800 0 8574 19 4 15 19 0 8 0 bufpl 280 4140 0 121 288 0 288 288 0 8 0 anonpl 24 144869 0 141607 45 0 45 45 0 187 20 amapchunkpl 152 21306 0 20791 30 1 29 30 0 158 9 amappl16 200 2404 0 2370 6 3 3 6 0 8 0 amappl15 192 7 0 7 1 1 0 1 0 8 0 amappl14 184 112 0 102 1 0 1 1 0 8 0 amappl13 176 6 0 6 1 1 0 1 0 8 0 amappl12 168 1450 0 1420 3 1 2 3 0 8 0 amappl11 160 65 0 55 1 0 1 1 0 8 0 amappl10 152 9 0 9 1 1 0 1 0 8 0 amappl9 144 272 0 272 1 1 0 1 0 8 0 amappl8 136 27 0 26 1 0 1 1 0 8 0 amappl7 128 98 0 88 1 0 1 1 0 8 0 amappl6 120 179 0 174 1 0 1 1 0 8 0 amappl5 112 111 0 104 1 0 1 1 0 8 0 amappl4 104 273 0 257 1 0 1 1 0 8 0 amappl3 96 3577 0 3476 3 0 3 3 0 8 0 amappl2 88 1078 0 1006 2 0 2 2 0 8 0 amappl1 80 10244 0 9690 14 0 14 14 0 8 0 amappl 88 5901 0 5728 5 0 5 5 0 92 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 254 0 254 1 1 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 25 0 2 1 0 1 1 0 8 0 uaddrrnd 24 830 0 800 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 830 0 800 1 0 1 1 0 8 0 vmmpekpl 168 8112 0 8084 2 0 2 2 0 8 0 vmmpepl 168 57939 0 56027 89 5 84 89 0 357 0 vmsppl 368 829 0 800 4 1 3 4 0 8 0 rwobjpl 40 19928 0 16405 36 0 36 36 0 8 0 pdppl 4096 1667 0 1600 105 38 67 79 0 8 0 pvpl 32 383805 0 374745 127 7 120 126 0 265 36 pmappl 216 829 0 800 2 0 2 2 0 8 0 extentpl 40 45 0 27 1 0 1 1 0 8 0 phpool 112 397 0 69 11 0 11 11 0 8 0 ddb> machine ddbcpu 0 No such command ddb> trace arp_rtrequest(ffff800000039058,1,fffffd8062e8e898) at arp_rtrequest+0x657 arprequest sys/netinet/if_ether.c:279 [inline] arp_rtrequest(ffff800000039058,1,fffffd8062e8e898) at arp_rtrequest+0x657 sys/netinet/if_ether.c:182 rtrequest(1,ffff800038159630,0,ffff8000381595a0,16) at rtrequest+0xf08 sys/net/route.c:1115 rtm_output(ffff8000015a5c00,ffff8000381596d8,ffff800038159630,0,16) at rtm_output+0x91a sys/net/rtsock.c:953 route_output(fffffd805fb33700,ffff80000147cad8) at route_output+0xa2b sys/net/rtsock.c:858 route_send(ffff80000147cad8,fffffd805fb33700,0,0) at route_send+0xd7 sys/net/rtsock.c:322 sosend(ffff80000147cad8,0,ffff800038159888,0,0,808) at sosend+0x804 sys/kern/uipc_socket.c:-1 sendit(ffff80003a566fc8,3,ffff800038159980,808,ffff800038159a20) at sendit+0x5a5 sys/kern/uipc_syscalls.c:785 sys_sendto(ffff80003a566fc8,ffff800038159ad0,ffff800038159a20) at sys_sendto+0x8d sys/kern/uipc_syscalls.c:563 syscall(ffff800038159ad0) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff800038159ad0) at syscall+0x962 sys/arch/amd64/amd64/trap.c:746 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xd17e9bada20, count: -10 ddb> machine ddbcpu 1 No such command ddb> trace arp_rtrequest(ffff800000039058,1,fffffd8062e8e898) at arp_rtrequest+0x657 arprequest sys/netinet/if_ether.c:279 [inline] arp_rtrequest(ffff800000039058,1,fffffd8062e8e898) at arp_rtrequest+0x657 sys/netinet/if_ether.c:182 rtrequest(1,ffff800038159630,0,ffff8000381595a0,16) at rtrequest+0xf08 sys/net/route.c:1115 rtm_output(ffff8000015a5c00,ffff8000381596d8,ffff800038159630,0,16) at rtm_output+0x91a sys/net/rtsock.c:953 route_output(fffffd805fb33700,ffff80000147cad8) at route_output+0xa2b sys/net/rtsock.c:858 route_send(ffff80000147cad8,fffffd805fb33700,0,0) at route_send+0xd7 sys/net/rtsock.c:322 sosend(ffff80000147cad8,0,ffff800038159888,0,0,808) at sosend+0x804 sys/kern/uipc_socket.c:-1 sendit(ffff80003a566fc8,3,ffff800038159980,808,ffff800038159a20) at sendit+0x5a5 sys/kern/uipc_syscalls.c:785 sys_sendto(ffff80003a566fc8,ffff800038159ad0,ffff800038159a20) at sys_sendto+0x8d sys/kern/uipc_syscalls.c:563 syscall(ffff800038159ad0) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff800038159ad0) at syscall+0x962 sys/arch/amd64/amd64/trap.c:746 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xd17e9bada20, count: -10