login: panic: rw_enter: pf_state_lock locking against myself
Stopped at db_enter+0x18: addq $0x8,%rsp
TID PID UID PRFLAGS PFLAGS CPU COMMAND
* 50330 76539 0 0x2 0 0 syz-executor6837
db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:398
panic(ffffffff823e4940) at panic+0x15e sys/kern/subr_prf.c:218
rw_enter(ffffffff826fc3e0,1) at rw_enter+0x36f sys/kern/kern_rwlock.c:174
pf_state_insert(ffff8000006af800,ffff8000216c4e18,ffff8000216c4e20,fffffd806d1bbb40) at pf_state_insert+0xa0 sys/net/pf.c:951
pfsync_state_import(ffff800000acda00,1) at pfsync_state_import+0xcbe sys/net/if_pfsync.c:699
pfioctl(4900,c1084425,ffff800000acda00,3,ffff800021696010) at pfioctl+0x50ac sys/net/pf_ioctl.c:1729
VOP_IOCTL(fffffd807305dda0,c1084425,ffff800000acda00,3,fffffd807f7b7a20,ffff800021696010) at VOP_IOCTL+0x91 sys/kern/vfs_vops.c:297
vn_ioctl(fffffd806e6bf008,c1084425,ffff800000acda00,ffff800021696010) at vn_ioctl+0xb5 sys/kern/vfs_vnops.c:531
sys_ioctl(ffff800021696010,ffff8000216c52c8,ffff8000216c5310) at sys_ioctl+0x4ac
syscall(ffff8000216c5390) at syscall+0x507 sys/arch/amd64/amd64/trap.c:590
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x7f7fffff77e0, count: 4
https://www.openbsd.org/ddb.html describes the minimum info required in bug
reports. Insufficient info makes it difficult to find and fix bugs.
ddb>
ddb> set $lines = 0
ddb> set $maxwidth = 0
ddb> show panic
rw_enter: pf_state_lock locking against myself
ddb> trace
db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:398
panic(ffffffff823e4940) at panic+0x15e sys/kern/subr_prf.c:218
rw_enter(ffffffff826fc3e0,1) at rw_enter+0x36f sys/kern/kern_rwlock.c:174
pf_state_insert(ffff8000006af800,ffff8000216c4e18,ffff8000216c4e20,fffffd806d1bbb40) at pf_state_insert+0xa0 sys/net/pf.c:951
pfsync_state_import(ffff800000acda00,1) at pfsync_state_import+0xcbe sys/net/if_pfsync.c:699
pfioctl(4900,c1084425,ffff800000acda00,3,ffff800021696010) at pfioctl+0x50ac sys/net/pf_ioctl.c:1729
VOP_IOCTL(fffffd807305dda0,c1084425,ffff800000acda00,3,fffffd807f7b7a20,ffff800021696010) at VOP_IOCTL+0x91 sys/kern/vfs_vops.c:297
vn_ioctl(fffffd806e6bf008,c1084425,ffff800000acda00,ffff800021696010) at vn_ioctl+0xb5 sys/kern/vfs_vnops.c:531
sys_ioctl(ffff800021696010,ffff8000216c52c8,ffff8000216c5310) at sys_ioctl+0x4ac
syscall(ffff8000216c5390) at syscall+0x507 sys/arch/amd64/amd64/trap.c:590
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x7f7fffff77e0, count: -11
ddb> show registers
rdi 0
rsi 0x1
rbp 0xffff8000216c4c40
rbx 0xffff8000216c4c50
rdx 0x8b
rcx 0x2
rax 0x1
r8 0xffffffff81034bd5 kprintf+0x155
r9 0x1
r10 0xa4734d6a10230b83
r11 0x7ef2d22de7b6c997
r12 0x3000000008
r13 0xffff8000216c4cf0
r14 0x100
r15 0x1
rip 0xffffffff81116418 db_enter+0x18
cs 0x8
rflags 0x246
rsp 0xffff8000216c4c30
ss 0x10
db_enter+0x18: addq $0x8,%rsp
ddb> show proc
PROC (syz-executor6837) pid=50330 stat=onproc
flags process=2<EXEC,8ORPHAN> proc=0
pri=51, usrpri=51, nice=20
forw=0xffffffffffffffff, list=0xffff8000216967f0,0xffffffff827feb10
process=0xffff800021698808 user=0xffff8000216c0000, vmspace=0xfffffd807effd110
estcpu=1, cpticks=1, pctcpu=0.0
user=0, sys=1, intr=0
ddb> ps
PID TID PPID UID S FLAGS WAIT COMMAND
*76539 50330 12842 0 7 0x2 syz-executor6837
12842 429229 88143 0 3 0x10008a sigsusp ksh
88143 428083 46894 0 2 0x12 sshd
52681 46528 1 0 3 0x100083 ttyin getty
46894 134037 1 0 3 0x80 select sshd
14924 205020 88583 73 3 0x100090 kqread syslogd
88583 348207 1 0 3 0x100082 netio syslogd
78983 340581 1 77 3 0x100090 poll dhclient
64712 55116 1 0 3 0x80 poll dhclient
89093 514895 0 0 3 0x14200 bored smr
71304 422615 0 0 2 0x14200 zerothread
74800 470955 0 0 3 0x14200 aiodoned aiodoned
35148 292066 0 0 3 0x14200 syncer update
58856 492020 0 0 3 0x14200 cleaner cleaner
29535 93131 0 0 3 0x14200 reaper reaper
6392 105221 0 0 3 0x14200 pgdaemon pagedaemon
86054 177923 0 0 3 0x14200 bored crynlk
92003 290599 0 0 3 0x14200 bored crypto
66733 367052 0 0 3 0x14200 bored viomb
49240 152916 0 0 3 0x40014200 acpi0 acpi0
60390 128459 0 0 3 0x14200 bored softnet
1917 492575 0 0 3 0x14200 bored systqmp
3411 312592 0 0 3 0x14200 bored systq
46185 499736 0 0 3 0x40014200 bored softclock
57684 181070 0 0 3 0x40014200 idle0
1 152872 0 0 3 0x82 wait init
0 0 -1 0 3 0x10200 scheduler swapper
ddb> show all locks
No such command
ddb> show malloc
Type InUse MemUse HighUse Limit Requests Type Lim
devbuf 9457 6337K 6338K 78643K 10547 0
pcb 13 8K 8K 78643K 13 0
rtable 61 2K 2K 78643K 117 0
ifaddr 25 7K 7K 78643K 25 0
counters 19 16K 16K 78643K 19 0
ioctlops 1 0K 2K 78643K 14 0
mount 1 1K 1K 78643K 1 0
vnodes 1182 74K 74K 78643K 1187 0
UFS quota 1 32K 32K 78643K 1 0
UFS mount 5 36K 36K 78643K 5 0
shm 2 1K 1K 78643K 2 0
VM map 2 0K 0K 78643K 2 0
sem 2 0K 0K 78643K 2 0
dirhash 12 2K 2K 78643K 12 0
ACPI 1697 195K 286K 78643K 12598 0
file desc 1 0K 0K 78643K 1 0
proc 47 38K 46K 78643K 284 0
NFS srvsock 1 0K 0K 78643K 1 0
NFS daemon 1 16K 16K 78643K 1 0
in_multi 11 0K 0K 78643K 11 0
ether_multi 1 0K 0K 78643K 1 0
ISOFS mount 1 32K 32K 78643K 1 0
MSDOSFS mount 1 16K 16K 78643K 1 0
ttys 19 95K 95K 78643K 19 0
exec 0 0K 2K 78643K 261 0
pagedep 1 8K 8K 78643K 1 0
inodedep 1 32K 32K 78643K 1 0
newblk 1 0K 0K 78643K 1 0
VM swap 7 26K 26K 78643K 7 0
UVM amap 31 1K 2K 78643K 513 0
UVM aobj 3 2K 2K 78643K 3 0
memdesc 1 4K 4K 78643K 1 0
crypto data 1 1K 1K 78643K 1 0
NDP 3 0K 0K 78643K 3 0
temp 18 3953K 4017K 78643K 1442 0
kqueue 2 2K 2K 78643K 2 0
SYN cache 2 16K 16K 78643K 2 0
ddb> show all pools
Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle
arp 64 2 0 0 1 0 1 1 0 8 0
rtpcb 120 15 0 13 1 0 1 1 0 8 0
rtentry 112 23 0 1 1 0 1 1 0 8 0
unpcb 120 27 0 19 1 0 1 1 0 8 0
syncache 296 5 0 5 2 1 1 1 0 8 1
tcpcb 736 8 0 5 1 0 1 1 0 8 0
inpcb 304 22 0 16 1 0 1 1 0 8 0
pfstscr 40 2 0 0 1 0 1 1 0 8 0
pfstkey 112 2 0 0 1 0 1 1 0 8 0
pfstate 320 1 0 0 1 0 1 1 0 8 0
art_heap8 4096 1 0 0 1 0 1 1 0 8 0
art_heap4 256 96 0 0 6 0 6 6 0 8 0
art_table 32 97 0 0 1 0 1 1 0 8 0
art_node 16 22 0 2 1 0 1 1 0 8 0
dirhash 1024 17 0 0 3 0 3 3 0 8 0
dino2pl 256 1389 0 15 86 0 86 86 0 8 0
ffsino 240 1389 0 15 81 0 81 81 0 8 0
nchpl 144 1563 0 31 57 0 57 57 0 8 0
uvmvnodes 72 1398 0 0 26 0 26 26 0 8 0
vnodes 224 1398 0 0 83 0 83 83 0 8 0
namei 1024 3490 0 3490 2 1 1 1 0 8 1
scxspl 216 3214 0 3214 1 0 1 1 0 8 1
plimitpl 152 13 0 8 1 0 1 1 0 8 0
sigapl 424 192 0 166 4 0 4 4 0 8 0
knotepl 112 5 0 0 1 0 1 1 0 8 0
kqueuepl 168 1 0 0 1 0 1 1 0 8 0
pipepl 304 57 0 53 2 1 1 1 0 8 0
fdescpl 432 177 0 166 2 0 2 2 0 8 0
filepl 120 823 0 779 2 0 2 2 0 8 0
lockfpl 104 5 0 4 1 0 1 1 0 8 0
lockfspl 48 3 0 2 1 0 1 1 0 8 0
sessionpl 144 17 0 9 1 0 1 1 0 8 0
pgrppl 48 17 0 9 1 0 1 1 0 8 0
ucredpl 96 57 0 50 1 0 1 1 0 8 0
zombiepl 144 166 0 166 2 1 1 1 0 8 1
processpl 1016 192 0 166 4 0 4 4 0 8 0
procpl 672 192 0 166 3 0 3 3 0 8 0
sockpl 432 64 0 48 2 0 2 2 0 8 0
mcl4k 4096 10 0 10 2 1 1 1 0 8 1
mcl2k 2048 6116 0 6082 9 3 6 8 0 8 1
mtagpl 96 2 0 2 1 1 0 1 0 8 0
mbufpl 256 7788 0 7741 6 2 4 5 0 8 0
bufpl 280 1902 0 100 129 0 129 129 0 8 0
anonpl 24 18063 0 16937 11 3 8 10 0 188 1
amapchunkpl 152 474 0 439 3 1 2 3 0 158 0
amappl16 200 70 0 65 1 0 1 1 0 8 0
amappl15 192 1 0 0 1 0 1 1 0 8 0
amappl14 184 23 0 20 1 0 1 1 0 8 0
amappl13 176 12 0 11 2 1 1 1 0 8 0
amappl12 168 11 0 11 1 1 0 1 0 8 0
amappl11 160 42 0 33 1 0 1 1 0 8 0
amappl10 152 6 0 4 1 0 1 1 0 8 0
amappl9 144 215 0 215 2 1 1 1 0 8 1
amappl8 136 56 0 55 1 0 1 1 0 8 0
amappl7 128 181 0 180 1 0 1 1 0 8 0
amappl6 120 52 0 45 1 0 1 1 0 8 0
amappl5 112 337 0 323 1 0 1 1 0 8 0
amappl4 104 238 0 218 1 0 1 1 0 8 0
amappl3 96 91 0 84 1 0 1 1 0 8 0
amappl2 88 745 0 700 2 0 2 2 0 8 0
amappl1 80 12564 0 12171 18 7 11 18 0 8 0
amappl 88 351 0 333 1 0 1 1 0 92 0
dma4096 4096 1 0 1 1 1 0 1 0 8 0
dma1024 1024 1 0 0 1 0 1 1 0 8 0
dma256 256 6 0 6 1 1 0 1 0 8 0
dma128 128 253 0 253 1 1 0 1 0 8 0
dma64 64 6 0 6 1 1 0 1 0 8 0
dma32 32 7 0 7 1 1 0 1 0 8 0
dma16 16 18 0 17 1 0 1 1 0 8 0
aobjpl 64 2 0 0 1 0 1 1 0 8 0
uaddrrnd 24 177 0 166 1 0 1 1 0 8 0
uaddrbest 32 2 0 0 1 0 1 1 0 8 0
uaddr 24 177 0 166 1 0 1 1 0 8 0
vmmpekpl 168 5289 0 5274 1 0 1 1 0 8 0
vmmpepl 168 26383 0 25637 48 12 36 48 0 357 2
vmsppl 272 176 0 166 1 0 1 1 0 8 0
rwobjpl 24 6925 0 6424 6 2 4 6 0 8 0
pdppl 4096 360 0 332 40 12 28 34 0 8 0
pvpl 32 72207 0 69458 28 2 26 26 0 265 3
pmappl 200 176 0 166 1 0 1 1 0 8 0
extentpl 40 58 0 40 1 0 1 1 0 8 0
phpool 112 245 0 21 7 0 7 7 0 8 0
ddb> machine ddbcpu 0
No such command
ddb> trace
db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:398
panic(ffffffff823e4940) at panic+0x15e sys/kern/subr_prf.c:218
rw_enter(ffffffff826fc3e0,1) at rw_enter+0x36f sys/kern/kern_rwlock.c:174
pf_state_insert(ffff8000006af800,ffff8000216c4e18,ffff8000216c4e20,fffffd806d1bbb40) at pf_state_insert+0xa0 sys/net/pf.c:951
pfsync_state_import(ffff800000acda00,1) at pfsync_state_import+0xcbe sys/net/if_pfsync.c:699
pfioctl(4900,c1084425,ffff800000acda00,3,ffff800021696010) at pfioctl+0x50ac sys/net/pf_ioctl.c:1729
VOP_IOCTL(fffffd807305dda0,c1084425,ffff800000acda00,3,fffffd807f7b7a20,ffff800021696010) at VOP_IOCTL+0x91 sys/kern/vfs_vops.c:297
vn_ioctl(fffffd806e6bf008,c1084425,ffff800000acda00,ffff800021696010) at vn_ioctl+0xb5 sys/kern/vfs_vnops.c:531
sys_ioctl(ffff800021696010,ffff8000216c52c8,ffff8000216c5310) at sys_ioctl+0x4ac
syscall(ffff8000216c5390) at syscall+0x507 sys/arch/amd64/amd64/trap.c:590
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x7f7fffff77e0, count: -11
ddb> machine ddbcpu 1
No such command
ddb> trace
db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:398
panic(ffffffff823e4940) at panic+0x15e sys/kern/subr_prf.c:218
rw_enter(ffffffff826fc3e0,1) at rw_enter+0x36f sys/kern/kern_rwlock.c:174
pf_state_insert(ffff8000006af800,ffff8000216c4e18,ffff8000216c4e20,fffffd806d1bbb40) at pf_state_insert+0xa0 sys/net/pf.c:951
pfsync_state_import(ffff800000acda00,1) at pfsync_state_import+0xcbe sys/net/if_pfsync.c:699
pfioctl(4900,c1084425,ffff800000acda00,3,ffff800021696010) at pfioctl+0x50ac sys/net/pf_ioctl.c:1729
VOP_IOCTL(fffffd807305dda0,c1084425,ffff800000acda00,3,fffffd807f7b7a20,ffff800021696010) at VOP_IOCTL+0x91 sys/kern/vfs_vops.c:297
vn_ioctl(fffffd806e6bf008,c1084425,ffff800000acda00,ffff800021696010) at vn_ioctl+0xb5 sys/kern/vfs_vnops.c:531
sys_ioctl(ffff800021696010,ffff8000216c52c8,ffff8000216c5310) at sys_ioctl+0x4ac
syscall(ffff8000216c5390) at syscall+0x507 sys/arch/amd64/amd64/trap.c:590
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x7f7fffff77e0, count: -11
ddb>