login: panic: Data modified on freelist: word 5 of object 0xffff8000006a0c00 size 0x100 previous type devbuf (0xd != 0xdeadbeef) Stopped at db_enter+0x18: addq $0x8,%rsp TID PID UID PRFLAGS PFLAGS CPU COMMAND *107129 2768 0 0 0x4000000 0 syz-executor.0 db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:398 panic() at panic+0x15c sys/kern/subr_prf.c:207 malloc(100,2,a) at malloc+0xa23 sys/kern/kern_malloc.c:331 bpfopen(21700,1,2000,ffff8000ffff9b30) at bpfopen+0xb5 sys/net/bpf.c:360 spec_open_clone(ffff800014926308) at spec_open_clone+0x241 sys/kern/spec_vnops.c:737 spec_open(ffff800014926308) at spec_open+0x40e VOP_OPEN(fffffd803e61d8f0,1,fffffd803f7c6cc0,ffff8000ffff9b30) at VOP_OPEN+0x6a sys/kern/vfs_vops.c:154 vn_open(ffff800014926548,1,0) at vn_open+0x494 sys/kern/vfs_vnops.c:174 doopenat(ffff8000ffff9b30,ffffff9c,20000040,0,0,ffff800014926740) at doopenat+0x28e sys/kern/vfs_syscalls.c:1157 syscall(ffff8000149267c0) at syscall+0x507 sys/arch/amd64/amd64/trap.c:555 Xsyscall(6,0,ffffffffffffffa2,0,4,28928fa010) at Xsyscall+0x128 end of kernel end trace frame: 0x2ad7b08450, count: 4 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic Data modified on freelist: word 5 of object 0xffff8000006a0c00 size 0x100 previous type devbuf (0xd != 0xdeadbeef) ddb> trace db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:398 panic() at panic+0x15c sys/kern/subr_prf.c:207 malloc(100,2,a) at malloc+0xa23 sys/kern/kern_malloc.c:331 bpfopen(21700,1,2000,ffff8000ffff9b30) at bpfopen+0xb5 sys/net/bpf.c:360 spec_open_clone(ffff800014926308) at spec_open_clone+0x241 sys/kern/spec_vnops.c:737 spec_open(ffff800014926308) at spec_open+0x40e VOP_OPEN(fffffd803e61d8f0,1,fffffd803f7c6cc0,ffff8000ffff9b30) at VOP_OPEN+0x6a sys/kern/vfs_vops.c:154 vn_open(ffff800014926548,1,0) at vn_open+0x494 sys/kern/vfs_vnops.c:174 doopenat(ffff8000ffff9b30,ffffff9c,20000040,0,0,ffff800014926740) at doopenat+0x28e sys/kern/vfs_syscalls.c:1157 syscall(ffff8000149267c0) at syscall+0x507 sys/arch/amd64/amd64/trap.c:555 Xsyscall(6,0,ffffffffffffffa2,0,4,28928fa010) at Xsyscall+0x128 end of kernel end trace frame: 0x2ad7b08450, count: -11 ddb> show registers rdi 0 rsi 0x1 rbp 0xffff800014926010 rbx 0xffff8000149260c0 rdx 0x2 rcx 0x1 rax 0x1 r8 0xffff800014925fd0 r9 0x1 r10 0xd945bb5a25d36d5e r11 0x2958bab94060d31c r12 0x3000000008 r13 0xffff800014926020 r14 0x100 r15 0x1 rip 0xffffffff820d0728 db_enter+0x18 cs 0x8 rflags 0x246 rsp 0xffff800014926000 ss 0x10 db_enter+0x18: addq $0x8,%rsp ddb>