kern.securelevel: 0 -> 1 creating runtime link editor directory cache. preserving editor files. starting network daemons: sshd. starting local daemons:. Thu Dec 13 15:55:53 PST 2018 OpenBSD/amd64 (ci-openbsd-setuid-6.c.syzkaller.internal) (tty00) Warning: Permanently added '10.128.0.52' (ECDSA) to the list of known hosts. executing program login: panic: receive 3: so 0xffffff006e712a88, so_type 1, m 0xffffff006d9d2400, m_type 6 Stopped at db_enter+0xa: popq %rbp TID PID UID PRFLAGS PFLAGS CPU COMMAND 73615 44778 0 0x2 0 0 syz-executor7360 *222691 44778 0 0x2 0x4000000 1K syz-executor7360 db_enter() at db_enter+0xa panic() at panic+0x147 soreceive(0,ffffff006e712a88,0,9,ffff800021115ac8,ffffff006e712a88) at soreceiv e+0x12d8 recvit(ffff8000210f44c0,ffff800021115b60,0,ffff800021115b78,ae7c960f268) at rec vit+0x28d sys_recvfrom(1d0,ffff8000210f44c0,1) at sys_recvfrom+0xbc syscall(0) at syscall+0x489 Xsyscall(6,0,ae7dc87d0a0,0,ae4dd3a1098,ae4dd3a1090) at Xsyscall+0x128 end of kernel end trace frame: 0xae7c960f280, count: 8 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb{1}> ddb{1}> set $lines = 0 ddb{1}> show panic receive 3: so 0xffffff006e712a88, so_type 1, m 0xffffff006d9d2400, m_type 6 ddb{1}> trace db_enter() at db_enter+0xa panic() at panic+0x147 soreceive(0,ffffff006e712a88,0,9,ffff800021115ac8,ffffff006e712a88) at soreceive+0x12d8 recvit(ffff8000210f44c0,ffff800021115b60,0,ffff800021115b78,ae7c960f268) at recvit+0x28d sys_recvfrom(1d0,ffff8000210f44c0,1) at sys_recvfrom+0xbc syscall(0) at syscall+0x489 Xsyscall(6,0,ae7dc87d0a0,0,ae4dd3a1098,ae4dd3a1090) at Xsyscall+0x128 end of kernel end trace frame: 0xae7c960f280, count: -7 ddb{1}> show registers rdi 0xffffffff81e24a88 kprintf_mutex rsi 0x5 rbp 0xffff800021115880 rbx 0xffff800021115920 rdx 0x3fd rcx 0 rax 0x1 r8 0xffff800021115850 r9 0x1 r10 0 r11 0xffffffff8181ffb0 x86_bus_space_io_read_1 r12 0x3000000008 r13 0xffff800021115890 r14 0x100 r15 0xffffffff81bdb731 cmd0646_9_tim_udma+0x5099 rip 0xffffffff81572dea db_enter+0xa cs 0x8 rflags 0x202 rsp 0xffff800021115880 ss 0x10 db_enter+0xa: popq %rbp ddb{1}> show proc PROC (syz-executor7360) pid=222691 stat=onproc flags process=2 proc=4000000 pri=24, usrpri=50, nice=20 forw=0xffffffffffffffff, list=0xffff8000210f5078,0xffff8000210f4980 process=0xffff8000210be660 user=0xffff800021110000, vmspace=0xffffff007f125528 estcpu=0, cpticks=1, pctcpu=0.0 user=0, sys=1, intr=0 ddb{1}> ps PID TID PPID UID S FLAGS WAIT COMMAND 44778 73615 32262 0 7 0x2 syz-executor7360 *44778 222691 32262 0 7 0x4000002 syz-executor7360 44778 482528 32262 0 3 0x4000082 fsleep syz-executor7360 44778 61637 32262 0 2 0x4000002 syz-executor7360 32262 280502 47567 0 3 0x10008a pause ksh 47567 255622 26380 0 3 0x92 select sshd 64220 288868 1 0 3 0x100083 ttyin getty 26380 290595 1 0 3 0x80 select sshd 2320 257292 99985 73 3 0x100090 kqread syslogd 99985 402626 1 0 3 0x100082 netio syslogd 85652 158266 1 77 3 0x100090 poll dhclient 45156 360504 1 0 3 0x80 poll dhclient 59167 43889 0 0 3 0x14200 pgzero zerothread 67162 292654 0 0 3 0x14200 aiodoned aiodoned 79224 491365 0 0 3 0x14200 syncer update 22387 437433 0 0 3 0x14200 cleaner cleaner 54262 288353 0 0 3 0x14200 reaper reaper 56367 487157 0 0 3 0x14200 pgdaemon pagedaemon 42123 457304 0 0 3 0x14200 bored crynlk 61013 487984 0 0 3 0x14200 bored crypto 12148 288726 0 0 3 0x40014200 acpi0 acpi0 11228 25460 0 0 3 0x40014200 idle1 2114 128692 0 0 3 0x14200 bored softnet 4125 307921 0 0 3 0x14200 bored systqmp 52595 108251 0 0 3 0x14200 bored systq 50144 473570 0 0 3 0x40014200 bored softclock 26918 149941 0 0 3 0x40014200 idle0 1 455980 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb{1}>