uvm_fault(0xffffffff838e1538, 0xffff80000151200a, 0, 1) -> e kernel: page fault trap, code=0 Stopped at arp_rtrequest+0x6a4: movzwl 0xc(%rcx,%rbx,1),%ecx TID PID UID PRFLAGS PFLAGS CPU COMMAND * 29846 79474 0 0 0x4000000 0 syz-executor arp_rtrequest(ffff800000039058,1,fffffd806ea697f8) at arp_rtrequest+0x6a4 arprequest sys/netinet/if_ether.c:325 [inline] arp_rtrequest(ffff800000039058,1,fffffd806ea697f8) at arp_rtrequest+0x6a4 sys/netinet/if_ether.c:226 rtrequest(1,ffff80003ca34dd0,0,ffff80003ca34d40,16) at rtrequest+0xf08 sys/net/route.c:1115 rtm_output(ffff80000150f100,ffff80003ca34e78,ffff80003ca34dd0,0,16) at rtm_output+0x91a sys/net/rtsock.c:953 route_output(fffffd806e9f4300,ffff8000014a2ae0) at route_output+0xa2b sys/net/rtsock.c:858 route_send(ffff8000014a2ae0,fffffd806e9f4300,0,0) at route_send+0xd7 sys/net/rtsock.c:322 sosend(ffff8000014a2ae0,0,ffff80003ca35028,0,0,808) at sosend+0x804 sys/kern/uipc_socket.c:-1 sendit(ffff800035d594f8,7,ffff80003ca35120,808,ffff80003ca351c0) at sendit+0x5a5 sys/kern/uipc_syscalls.c:785 sys_sendto(ffff800035d594f8,ffff80003ca35270,ffff80003ca351c0) at sys_sendto+0x8d sys/kern/uipc_syscalls.c:563 syscall(ffff80003ca35270) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80003ca35270) at syscall+0x962 sys/arch/amd64/amd64/trap.c:746 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xbe30a505ad0, count: 5 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic *cpu0: uvm_fault(0xffffffff838e1538, 0xffff80000151200a, 0, 1) -> e ddb> trace arp_rtrequest(ffff800000039058,1,fffffd806ea697f8) at arp_rtrequest+0x6a4 arprequest sys/netinet/if_ether.c:325 [inline] arp_rtrequest(ffff800000039058,1,fffffd806ea697f8) at arp_rtrequest+0x6a4 sys/netinet/if_ether.c:226 rtrequest(1,ffff80003ca34dd0,0,ffff80003ca34d40,16) at rtrequest+0xf08 sys/net/route.c:1115 rtm_output(ffff80000150f100,ffff80003ca34e78,ffff80003ca34dd0,0,16) at rtm_output+0x91a sys/net/rtsock.c:953 route_output(fffffd806e9f4300,ffff8000014a2ae0) at route_output+0xa2b sys/net/rtsock.c:858 route_send(ffff8000014a2ae0,fffffd806e9f4300,0,0) at route_send+0xd7 sys/net/rtsock.c:322 sosend(ffff8000014a2ae0,0,ffff80003ca35028,0,0,808) at sosend+0x804 sys/kern/uipc_socket.c:-1 sendit(ffff800035d594f8,7,ffff80003ca35120,808,ffff80003ca351c0) at sendit+0x5a5 sys/kern/uipc_syscalls.c:785 sys_sendto(ffff800035d594f8,ffff80003ca35270,ffff80003ca351c0) at sys_sendto+0x8d sys/kern/uipc_syscalls.c:563 syscall(ffff80003ca35270) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80003ca35270) at syscall+0x962 sys/arch/amd64/amd64/trap.c:746 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xbe30a505ad0, count: -10 ddb> show registers rdi 0xffff800038160000 rsi 0x59d rbp 0xffff80003ca34c20 rbx 0xde rdx 0xffff800038160000 rcx 0xffff800001511f20 rax 0xfffffd806e9f40e0 r8 0x20 r9 0xfffffd806ea697f8 r10 0x1fb4712196fb5fa2 r11 0xee6cd58715bf5c2c r12 0x30 r13 0xfffffd806e9f4000 r14 0xfffffd806ea697f8 r15 0xffff800000039058 rip 0xffffffff82c6e904 arp_rtrequest+0x6a4 cs 0x8 rflags 0x10246 __ALIGN_SIZE+0xf246 rsp 0xffff80003ca34ba0 ss 0x10 arp_rtrequest+0x6a4: movzwl 0xc(%rcx,%rbx,1),%ecx ddb> show proc PROC (syz-executor) tid=29846 pid=79474 tcnt=2 stat=onproc flags process=0 proc=4000000 runpri=62, usrpri=76, slppri=32, nice=20 wchan=0x0, wmesg=, ps_single=0x0 scnt=0 ecnt=0 forw=0xffffffffffffffff, list=0xffff800035d58d30,0xffff800035d582e0 process=0xffff80003b5604a8 user=0xffff80003ca30000, vmspace=0xfffffd8078ce6188 estcpu=26, cpticks=1, pctcpu=0.0, user=0, sys=1, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 36915 323120 2226 -1 2 0xc90 syz-executor 36915 288929 2226 -1 3 0x4000090 fsleep syz-executor 36915 394777 2226 -1 3 0x4000090 fsleep syz-executor 36915 207317 2226 -1 3 0x4000090 fsleep syz-executor 79474 15773 64194 0 2 0 syz-executor *79474 29846 64194 0 7 0x4000000 syz-executor 8545 350652 43083 0 2 0 syz-executor 8545 81674 43083 0 3 0x4000080 fsleep syz-executor 8545 267481 43083 0 3 0x4000080 fsleep syz-executor 30263 462633 51955 0 2 0 syz-executor 30263 392009 51955 0 3 0x4000080 kqsel syz-executor 30263 180028 51955 0 2 0x4000000 syz-executor 31445 485694 74541 0 3 0x82 piperd syz-executor 18765 422692 22584 60929 2 0xc90 syz-executor 18765 59325 22584 60929 3 0x4000090 ttyretype syz-executor 18765 507806 22584 60929 3 0x4000090 fsleep syz-executor 18765 182645 22584 60929 3 0x4000090 fsleep syz-executor 19523 106044 0 0 3 0x14200 bored sosplice 29770 75817 0 0 3 0x14280 nfsidl nfsio 42512 499213 0 0 3 0x14280 nfsidl nfsio 51556 240418 0 0 3 0x14280 nfsidl nfsio 77269 484615 0 0 3 0x14280 nfsidl nfsio 58691 142391 0 0 3 0x14280 nfsidl nfsio 52569 309092 0 0 3 0x14280 nfsidl nfsio 17220 411357 0 0 3 0x14280 nfsidl nfsio 9921 380983 0 0 3 0x14280 nfsidl nfsio 15222 519128 0 0 3 0x14280 nfsidl nfsio 57202 69922 0 0 3 0x14280 nfsidl nfsio 60502 11123 0 0 3 0x14280 nfsidl nfsio 36465 147651 0 0 3 0x14280 nfsidl nfsio 32180 125899 0 0 3 0x14280 nfsidl nfsio 82797 492841 0 0 3 0x14280 nfsidl nfsio 50875 518730 0 0 3 0x14280 nfsidl nfsio 48827 271352 0 0 3 0x14280 nfsidl nfsio 80345 46898 0 0 3 0x14280 nfsidl nfsio 35366 175705 0 0 3 0x14280 nfsidl nfsio 73894 284215 0 0 3 0x14280 nfsidl nfsio 15122 109973 0 0 3 0x14280 nfsidl nfsio 64194 337081 74541 0 2 0xc82 syz-executor 43083 221499 74541 0 2 0xc82 syz-executor 2226 104376 74541 0 2 0xc82 syz-executor 51955 2967 74541 0 2 0xc82 syz-executor 84313 417396 74541 0 2 0x2 syz-executor 99020 39893 74541 0 2 0x2 syz-executor 22584 279048 74541 0 2 0xc82 syz-executor 74541 292506 36012 0 2 0x2 syz-executor 36012 139032 38681 0 3 0x10008a sigsusp ksh 38681 291209 25897 0 3 0x98 kqread sshd-session 25897 458164 1904 0 3 0x92 kqread sshd-session 15297 379043 1 0 3 0x100083 ttyopn getty 1904 47289 1 0 3 0x88 kqread sshd 72413 99742 33906 73 3 0x1100090 kqread syslogd 33906 400465 1 0 3 0x100082 sbwait syslogd 49366 470328 1 0 3 0x100080 kqread resolvd 84512 296338 2632 77 3 0x100092 kqread dhcpleased 69559 355557 2632 77 3 0x100092 kqread dhcpleased 2632 400451 1 0 3 0x80 kqread dhcpleased 42610 491990 0 0 3 0x14200 bored smr 44095 30320 0 0 2 0x14200 zerothread 45741 472343 0 0 3 0x14200 aiodoned aiodoned 43450 345260 0 0 3 0x14200 syncer update 72204 168042 0 0 3 0x14200 cleaner cleaner 68899 122989 0 0 3 0x14200 reaper reaper 56132 72024 0 0 3 0x14200 pgdaemon pagedaemon 46726 407409 0 0 3 0x14200 bored viomb 82783 518214 0 0 3 0x40014200 acpi0 acpi0 36247 151316 0 0 3 0x14200 bored softnet7 15148 186351 0 0 3 0x14200 bored softnet6 47107 174687 0 0 3 0x14200 bored softnet5 30748 11627 0 0 3 0x14200 bored softnet4 34908 274359 0 0 3 0x14200 bored softnet3 44526 318221 0 0 3 0x14200 bored softnet2 29789 440786 0 0 3 0x14200 bored softnet1 63992 72755 0 0 2 0x14200 softnet0 5877 432251 0 0 2 0x14200 systqmp 70548 342688 0 0 3 0x14200 bored systq 48783 339011 0 0 2 0x40014200 softclock 5914 283346 0 0 3 0x40014200 idle0 1 25280 0 0 3 0x80082 wait init 0 0 -1 0 3 0x10010200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10187 11117K 11204K 166960K 11932 0 pcb 18 16K 21K 166960K 468 0 rtable 236 9K 9K 166960K 430 0 pf 32 13K 17K 166960K 166 0 ifaddr 42 7K 8K 166960K 88 0 ifgroup 50 2K 2K 166960K 136 0 sysctl 3 1K 9K 166960K 11 0 counters 32 17K 18K 166960K 76 0 ioctlops 0 0K 4K 166960K 273 0 iov 0 0K 24K 166960K 53 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1342 84K 85K 166960K 1847 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 1K 5K 166960K 15 0 VM map 2 1K 1K 166960K 2 0 sem 12 0K 0K 166960K 100 0 dirhash 12 2K 3K 166960K 51 0 ACPI 1692 195K 286K 166960K 12470 0 file desc 15 53K 97K 166960K 824 0 sigio 0 0K 0K 166960K 21 0 proc 60 59K 108K 166960K 569 0 subproc 72 4K 4K 166960K 82 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 0 0K 0K 166960K 169 0 in_multi 96 7K 7K 166960K 165 0 ether_multi 1 0K 0K 166960K 16 0 mrt 1 0K 0K 166960K 5 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 109 493K 493K 166960K 109 0 exec 0 0K 1K 166960K 488 0 fusefs mount 1 32K 32K 166960K 1 0 pfkey data 0 0K 0K 166960K 3 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 220 160K 178K 166960K 8822 0 UVM aobj 23 2K 4K 166960K 26 0 pinsyscall 36 72K 96K 166960K 1882 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 0K 166960K 45 0 NDP 13 0K 1K 166960K 57 0 temp 56 8638K 8890K 166960K 18077 0 kqueue 14 22K 30K 166960K 166 0 SYN cache 2 16K 16K 166960K 2 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle rtpcb 120 92 0 88 1 0 1 1 0 8 0 rtentry 136 138 0 42 4 0 4 4 0 8 0 unpcb 144 694 0 677 4 0 4 4 0 8 3 syncache 336 5 0 5 1 0 1 1 0 8 1 tcpqe 32 2 0 2 1 0 1 1 0 8 1 tcpcb 736 395 0 386 7 0 7 7 0 8 6 arp 96 20 0 4 1 0 1 1 0 8 0 ipq 40 3 0 0 1 0 1 1 0 8 0 ipqe 40 67 0 64 1 0 1 1 0 8 0 inpcb 328 1283 0 1268 13 0 13 13 0 8 10 ip6q 72 37 0 36 1 0 1 1 0 8 0 ip6af 40 75 0 74 1 0 1 1 0 8 0 nd6 104 24 0 4 1 0 1 1 0 8 0 pkpcb 40 9 0 9 1 0 1 1 0 8 1 kcovpl 48 9 0 1 1 0 1 1 0 8 0 ppxss 1072 32 0 32 1 0 1 1 0 8 1 pppxif 1384 5 0 5 1 0 1 1 0 8 1 pfstscr 40 3 0 2 1 0 1 1 0 8 0 pfrktable 1344 1 0 1 1 0 1 1 0 8 1 pfstitem 24 2 0 0 1 0 1 1 0 8 0 pfstkey 128 3 0 1 1 0 1 1 0 8 0 pfstate 384 2 0 1 1 0 1 1 0 8 0 pfrule 1344 2 0 2 1 0 1 1 0 8 1 rttmr 136 1 0 1 1 0 1 1 0 8 1 art_heap8 4096 3 0 0 3 0 3 3 0 8 0 art_heap4 256 620 0 200 30 0 30 30 0 8 3 art_table 40 623 0 200 5 0 5 5 0 8 0 art_node 32 138 0 57 1 0 1 1 0 8 0 sysvmsgpl 40 42 0 2 1 0 1 1 0 8 0 semupl 112 2 0 2 1 0 1 1 0 8 1 semapl 112 98 0 88 1 0 1 1 0 8 0 shmpl 112 23 0 3 1 0 1 1 0 8 0 dirhash 1024 45 0 28 3 0 3 3 0 8 0 dino2pl 256 2974 0 1473 95 0 95 95 0 8 0 ffsino 256 2974 0 1473 95 0 95 95 0 8 0 nchpl 144 4113 0 2431 63 0 63 63 0 8 0 rtmask 32 9 0 9 1 0 1 1 0 8 1 uvmvnodes 80 3226 0 0 66 0 66 66 0 8 0 vnodes 216 3226 0 0 180 0 180 180 0 8 0 namei 1024 14665 0 14664 2 0 2 2 0 8 1 kstatmem 264 78 0 56 2 0 2 2 0 8 0 scsiplug 72 6 0 6 1 0 1 1 0 8 1 scxspl 216 15748 0 15748 8 0 8 8 1 8 8 plimitpl 152 249 0 231 1 0 1 1 0 8 0 sigapl 424 1130 0 1062 9 0 9 9 0 8 0 knotepl 120 47354 0 47305 11 1 10 11 0 8 8 kqueuepl 184 431 0 419 4 0 4 4 0 8 3 pipepl 304 271 0 244 4 0 4 4 0 8 1 fdescpl 448 1086 0 1059 5 0 5 5 0 8 1 filepl 120 7651 0 7360 15 0 15 15 0 8 4 lockfpl 104 351 0 347 1 0 1 1 0 8 0 lockfspl 48 116 0 112 1 0 1 1 0 8 0 sessionpl 144 22 0 14 1 0 1 1 0 8 0 pgrppl 48 42 0 26 1 0 1 1 0 8 0 ucredpl 104 1070 0 1056 1 0 1 1 0 8 0 zombiepl 144 1062 0 1062 1 0 1 1 0 8 1 processpl 1152 1130 0 1062 6 0 6 6 0 8 0 procpl 664 2181 0 2102 8 0 8 8 0 8 0 sosppl 168 5 0 5 1 0 1 1 0 8 1 sockpl 552 2140 0 2104 12 0 12 12 0 8 7 mcl64k 65536 175 0 175 1 0 1 1 0 8 1 mcl16k 16384 6 0 6 1 0 1 1 0 8 1 mcl9k 9216 1 0 1 1 0 1 1 0 8 1 mcl8k 8192 14 0 14 1 0 1 1 0 8 1 mcl4k 4096 3370 0 3311 14 0 14 14 0 8 6 mcl2k 2048 1257 0 1252 2 0 2 2 0 8 0 mtagpl 96 4 0 4 1 0 1 1 0 8 1 mbufpl 256 14917 0 14729 27 7 20 27 0 8 7 bufpl 280 5521 0 121 386 0 386 386 0 8 0 anonpl 24 149041 0 145442 50 0 50 50 0 187 20 amapchunkpl 152 28739 0 28273 30 0 30 30 0 158 8 amappl16 200 2143 0 2108 15 2 13 15 0 8 8 amappl15 192 3 0 3 1 0 1 1 0 8 1 amappl14 184 104 0 94 1 0 1 1 0 8 0 amappl13 176 81 0 81 1 0 1 1 0 8 1 amappl12 168 1714 0 1686 3 0 3 3 0 8 1 amappl11 160 45 0 34 1 0 1 1 0 8 0 amappl10 152 71 0 70 1 0 1 1 0 8 0 amappl9 144 262 0 262 1 0 1 1 0 8 1 amappl8 136 18 0 16 1 0 1 1 0 8 0 amappl7 128 96 0 86 1 0 1 1 0 8 0 amappl6 120 179 0 175 1 0 1 1 0 8 0 amappl5 112 111 0 104 1 0 1 1 0 8 0 amappl4 104 269 0 254 1 0 1 1 0 8 0 amappl3 96 5047 0 4962 3 0 3 3 0 8 0 amappl2 88 1318 0 1248 2 0 2 2 0 8 0 amappl1 80 10693 0 10156 13 0 13 13 0 8 1 amappl 88 8036 0 7881 5 0 5 5 0 92 0 dma65536 65536 1 0 1 1 0 1 1 0 8 1 dma4096 4096 1 0 1 1 0 1 1 0 8 1 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 6 0 6 1 0 1 1 0 8 1 dma128 128 254 0 254 1 0 1 1 0 8 1 dma64 64 6 0 6 1 0 1 1 0 8 1 dma32 32 7 0 7 1 0 1 1 0 8 1 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 25 0 3 1 0 1 1 0 8 0 uaddrrnd 24 1086 0 1059 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 1086 0 1059 1 0 1 1 0 8 0 vmmpekpl 168 9823 0 9787 2 0 2 2 0 8 0 vmmpepl 168 71480 0 69708 96 0 96 96 0 357 9 vmsppl 368 1085 0 1059 4 0 4 4 0 8 1 rwobjpl 40 22410 0 18314 42 0 42 42 0 8 0 pdppl 4096 2179 0 2118 101 32 69 83 0 8 8 pvpl 32 446250 0 437238 126 0 126 126 0 265 37 pmappl 216 1085 0 1059 3 0 3 3 0 8 0 extentpl 40 45 0 27 1 0 1 1 0 8 0 phpool 112 396 0 39 11 0 11 11 0 8 0 ddb> machine ddbcpu 0 No such command ddb> trace arp_rtrequest(ffff800000039058,1,fffffd806ea697f8) at arp_rtrequest+0x6a4 arprequest sys/netinet/if_ether.c:325 [inline] arp_rtrequest(ffff800000039058,1,fffffd806ea697f8) at arp_rtrequest+0x6a4 sys/netinet/if_ether.c:226 rtrequest(1,ffff80003ca34dd0,0,ffff80003ca34d40,16) at rtrequest+0xf08 sys/net/route.c:1115 rtm_output(ffff80000150f100,ffff80003ca34e78,ffff80003ca34dd0,0,16) at rtm_output+0x91a sys/net/rtsock.c:953 route_output(fffffd806e9f4300,ffff8000014a2ae0) at route_output+0xa2b sys/net/rtsock.c:858 route_send(ffff8000014a2ae0,fffffd806e9f4300,0,0) at route_send+0xd7 sys/net/rtsock.c:322 sosend(ffff8000014a2ae0,0,ffff80003ca35028,0,0,808) at sosend+0x804 sys/kern/uipc_socket.c:-1 sendit(ffff800035d594f8,7,ffff80003ca35120,808,ffff80003ca351c0) at sendit+0x5a5 sys/kern/uipc_syscalls.c:785 sys_sendto(ffff800035d594f8,ffff80003ca35270,ffff80003ca351c0) at sys_sendto+0x8d sys/kern/uipc_syscalls.c:563 syscall(ffff80003ca35270) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80003ca35270) at syscall+0x962 sys/arch/amd64/amd64/trap.c:746 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xbe30a505ad0, count: -10 ddb> machine ddbcpu 1 No such command ddb> trace arp_rtrequest(ffff800000039058,1,fffffd806ea697f8) at arp_rtrequest+0x6a4 arprequest sys/netinet/if_ether.c:325 [inline] arp_rtrequest(ffff800000039058,1,fffffd806ea697f8) at arp_rtrequest+0x6a4 sys/netinet/if_ether.c:226 rtrequest(1,ffff80003ca34dd0,0,ffff80003ca34d40,16) at rtrequest+0xf08 sys/net/route.c:1115 rtm_output(ffff80000150f100,ffff80003ca34e78,ffff80003ca34dd0,0,16) at rtm_output+0x91a sys/net/rtsock.c:953 route_output(fffffd806e9f4300,ffff8000014a2ae0) at route_output+0xa2b sys/net/rtsock.c:858 route_send(ffff8000014a2ae0,fffffd806e9f4300,0,0) at route_send+0xd7 sys/net/rtsock.c:322 sosend(ffff8000014a2ae0,0,ffff80003ca35028,0,0,808) at sosend+0x804 sys/kern/uipc_socket.c:-1 sendit(ffff800035d594f8,7,ffff80003ca35120,808,ffff80003ca351c0) at sendit+0x5a5 sys/kern/uipc_syscalls.c:785 sys_sendto(ffff800035d594f8,ffff80003ca35270,ffff80003ca351c0) at sys_sendto+0x8d sys/kern/uipc_syscalls.c:563 syscall(ffff80003ca35270) at syscall+0x962 mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80003ca35270) at syscall+0x962 sys/arch/amd64/amd64/trap.c:746 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xbe30a505ad0, count: -10