panic: unhandled af 15 Stopped at db_enter+0x18: addq $0x8,%rsp TID PID UID PRFLAGS PFLAGS CPU COMMAND *212757 51443 0 0 0x4000000 0 syz-executor.1 db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:398 panic(ffffffff821b6e57) at panic+0x15c sys/kern/subr_prf.c:207 unhandled_af(f) at unhandled_af+0x16 pf_addrcpy(ffff80001f471b18,ffff80001f471e10,f) at pf_addrcpy+0x99 sys/net/pf.c:409 pfioctl(4900,c0504417,ffff80001f471e10,1,ffff80001d40c9f8) at pfioctl+0x43c0 sys/net/pf_ioctl.c:1827 VOP_IOCTL(fffffd806a0a44e0,c0504417,ffff80001f471e10,1,fffffd806c3beb40,ffff80001d40c9f8) at VOP_IOCTL+0x88 sys/kern/vfs_vops.c:291 vn_ioctl(fffffd805d729cb0,c0504417,ffff80001f471e10,ffff80001d40c9f8) at vn_ioctl+0xb7 sys/kern/vfs_vnops.c:533 sys_ioctl(ffff80001d40c9f8,ffff80001f471f28,ffff80001f471f70) at sys_ioctl+0x5b9 syscall(ffff80001f471ff0) at syscall+0x507 sys/arch/amd64/amd64/trap.c:555 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x5fdf1685ac0, count: 5 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic unhandled af 15 ddb> trace db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:398 panic(ffffffff821b6e57) at panic+0x15c sys/kern/subr_prf.c:207 unhandled_af(f) at unhandled_af+0x16 pf_addrcpy(ffff80001f471b18,ffff80001f471e10,f) at pf_addrcpy+0x99 sys/net/pf.c:409 pfioctl(4900,c0504417,ffff80001f471e10,1,ffff80001d40c9f8) at pfioctl+0x43c0 sys/net/pf_ioctl.c:1827 VOP_IOCTL(fffffd806a0a44e0,c0504417,ffff80001f471e10,1,fffffd806c3beb40,ffff80001d40c9f8) at VOP_IOCTL+0x88 sys/kern/vfs_vops.c:291 vn_ioctl(fffffd805d729cb0,c0504417,ffff80001f471e10,ffff80001d40c9f8) at vn_ioctl+0xb7 sys/kern/vfs_vnops.c:533 sys_ioctl(ffff80001d40c9f8,ffff80001f471f28,ffff80001f471f70) at sys_ioctl+0x5b9 syscall(ffff80001f471ff0) at syscall+0x507 sys/arch/amd64/amd64/trap.c:555 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x5fdf1685ac0, count: -10 ddb> show registers rdi 0xffffffff817dfeb7 db_enter+0x17 rsi 0xb97 rbp 0xffff80001f4719d0 rbx 0xffff80001f471a80 rdx 0xb98 rcx 0xffff80001f619000 rax 0xffff80001f619000 r8 0xffff80001f471990 r9 0x1 r10 0xffff80000002a340 r11 0x2d65e55e3ef2e87d r12 0x3000000008 r13 0xffff80001f4719e0 r14 0x100 r15 0x1 rip 0xffffffff817dfeb8 db_enter+0x18 cs 0x8 rflags 0x246 rsp 0xffff80001f4719c0 ss 0x10 db_enter+0x18: addq $0x8,%rsp ddb> show proc PROC (syz-executor.1) pid=212757 stat=onproc flags process=0 proc=4000000 pri=81, usrpri=81, nice=20 forw=0xffffffffffffffff, list=0xffff80001d40c508,0xffffffff8256b150 process=0xffff8000ffff6010 user=0xffff80001f46d000, vmspace=0xfffffd806bc09220 estcpu=36, cpticks=0, pctcpu=0.0 user=0, sys=0, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 51443 387259 65802 0 2 0 syz-executor.1 *51443 212757 65802 0 7 0x4000000 syz-executor.1 88864 431317 59095 0 3 0x82 nanosleep syz-executor.0 62910 411504 0 0 3 0x14200 bored sosplice 65802 5317 59095 0 3 0x82 nanosleep syz-executor.1 59095 137182 66549 0 3 0x82 thrsleep syz-fuzzer 59095 232319 66549 0 3 0x4000082 thrsleep syz-fuzzer 59095 213440 66549 0 3 0x4000082 kqread syz-fuzzer 59095 44743 66549 0 3 0x4000082 thrsleep syz-fuzzer 59095 462374 66549 0 3 0x4000082 thrsleep syz-fuzzer 59095 19355 66549 0 3 0x4000082 thrsleep syz-fuzzer 59095 502035 66549 0 3 0x4000082 thrsleep syz-fuzzer 59095 427809 66549 0 3 0x4000082 thrsleep syz-fuzzer 66549 137974 71057 0 3 0x10008a pause ksh 71057 418175 99269 0 3 0x92 select sshd 24657 250356 1 0 3 0x100083 ttyin getty 99269 341294 1 0 3 0x80 select sshd 40199 286241 91833 73 3 0x100090 kqread syslogd 91833 98329 1 0 3 0x100082 netio syslogd 97348 488477 1 77 3 0x100090 poll dhclient 24358 322245 1 0 3 0x80 poll dhclient 25065 367948 0 0 2 0x14200 zerothread 41728 459930 0 0 3 0x14200 aiodoned aiodoned 64340 521469 0 0 3 0x14200 syncer update 446 216649 0 0 3 0x14200 cleaner cleaner 50669 364690 0 0 3 0x14200 reaper reaper 41157 432404 0 0 3 0x14200 pgdaemon pagedaemon 87731 215524 0 0 3 0x14200 bored crynlk 36747 51883 0 0 3 0x14200 bored crypto 49707 148554 0 0 3 0x40014200 acpi0 acpi0 33143 427165 0 0 3 0x14200 bored softnet 89332 252442 0 0 3 0x14200 bored systqmp 46393 159553 0 0 3 0x14200 bored systq 49003 190699 0 0 3 0x40014200 bored softclock 21876 339923 0 0 3 0x40014200 idle0 75326 20939 0 0 3 0x14200 bored smr 1 293878 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 9456 6348K 6711K 78643K 17659 0 pcb 13 8K 8K 78643K 316 0 rtable 106 3K 4K 78643K 14299 0 ifaddr 39 10K 10K 78643K 54 0 counters 19 16K 16K 78643K 19 0 ioctlops 0 0K 4K 78643K 456 0 iov 0 0K 24K 78643K 615 0 mount 1 1K 1K 78643K 1 0 vnodes 1219 77K 77K 78643K 4569 0 UFS quota 1 32K 32K 78643K 1 0 UFS mount 5 36K 36K 78643K 5 0 shm 2 1K 5K 78643K 408 0 VM map 2 0K 0K 78643K 2 0 sem 12 0K 0K 78643K 1658 0 dirhash 12 2K 2K 78643K 12 0 ACPI 1794 195K 288K 78643K 12646 0 file desc 5 13K 21K 78643K 25774 0 sigio 0 0K 0K 78643K 741 0 proc 101 42K 58K 78643K 877 0 subproc 32 2K 2K 78643K 68 0 NFS srvsock 1 0K 0K 78643K 1 0 NFS daemon 1 16K 16K 78643K 1 0 ip_moptions 0 0K 0K 78643K 110 0 in_multi 33 2K 2K 78643K 61 0 ether_multi 1 0K 0K 78643K 1 0 ISOFS mount 1 32K 32K 78643K 1 0 MSDOSFS mount 1 16K 16K 78643K 1 0 ttys 55 254K 254K 78643K 55 0 exec 0 0K 1K 78643K 274 0 pfkey data 0 0K 0K 78643K 4 0 pagedep 1 8K 8K 78643K 1 0 inodedep 1 32K 32K 78643K 1 0 newblk 1 0K 0K 78643K 1 0 VM swap 7 26K 26K 78643K 7 0 UVM amap 136 23K 30K 78643K 54176 0 UVM aobj 130 4K 4K 78643K 130 0 memdesc 1 4K 4K 78643K 1 0 crypto data 1 1K 1K 78643K 1 0 ip6_options 0 0K 0K 78643K 88 0 NDP 5 0K 0K 78643K 15 0 temp 104 3021K 3091K 78643K 68357 0 kqueue 0 0K 0K 78643K 8 0 SYN cache 2 16K 16K 78643K 2 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle arp 64 10 0 4 1 0 1 1 0 8 0 rtpcb 80 20224 0 20222 1 0 1 1 0 8 0 rtentry 112 65 0 21 2 0 2 2 0 8 0 unpcb 120 34874 0 34866 25 24 1 3 0 8 0 syncache 264 6 0 6 2 2 0 1 0 8 0 sackhl 24 34 0 34 16 16 0 1 0 8 0 tcpcb 544 5090 0 5086 1 0 1 1 0 8 0 inpcb 280 8272 0 8265 11 10 1 2 0 8 0 nd6 48 8 0 4 1 0 1 1 0 8 0 pkpcb 40 20 0 20 4 4 0 1 0 8 0 pfosfp 40 2 0 0 1 0 1 1 0 8 0 pfosfpen 112 4 0 0 1 0 1 1 0 8 0 pfrktable 1344 3 0 3 1 1 0 1 0 8 0 pfrule 1360 3 0 3 2 2 0 1 0 8 0 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 298 0 86 14 0 14 14 0 8 0 art_table 32 299 0 86 2 0 2 2 0 8 0 art_node 16 64 0 24 1 0 1 1 0 8 0 semapl 112 1656 0 1646 1 0 1 1 0 8 0 shmpl 112 128 0 0 4 0 4 4 0 8 0 dirhash 1024 17 0 0 3 0 3 3 0 8 0 dino1pl 128 29562 0 28154 46 0 46 46 0 8 0 ffsino 240 29562 0 28154 83 0 83 83 0 8 0 nchpl 144 62295 0 60592 65 1 64 64 0 8 0 uvmvnodes 72 5926 0 0 108 0 108 108 0 8 0 vnodes 208 5926 0 0 312 0 312 312 0 8 0 namei 1024 149309 0 149309 1 0 1 1 0 8 1 pfiaddrpl 120 1 0 1 1 1 0 1 0 8 0 scxspl 192 167165 0 167165 1 0 1 1 0 8 1 plimitpl 152 591 0 584 1 0 1 1 0 8 0 sigapl 432 25939 0 25926 2 0 2 2 0 8 0 futexpl 56 253818 0 253818 1 0 1 1 0 8 1 knotepl 112 1023 0 1004 2 1 1 2 0 8 0 kqueuepl 104 3838 0 3836 1 0 1 1 0 8 0 pipepl 112 592 0 573 1 0 1 1 0 8 0 fdescpl 424 25940 0 25926 2 0 2 2 0 8 0 filepl 120 125356 0 125260 44 39 5 6 0 8 2 lockfpl 104 4126 0 4125 1 0 1 1 0 8 0 lockfspl 48 1950 0 1949 1 0 1 1 0 8 0 sessionpl 112 19 0 9 1 0 1 1 0 8 0 pgrppl 48 19 0 9 1 0 1 1 0 8 0 ucredpl 96 15907 0 15900 1 0 1 1 0 8 0 zombiepl 144 25926 0 25925 1 0 1 1 0 8 0 processpl 872 25955 0 25925 4 0 4 4 0 8 0 procpl 632 52873 0 52835 4 0 4 4 0 8 0 sosppl 128 5 0 5 2 2 0 1 0 8 0 sockpl 384 63450 0 63433 115 109 6 11 0 8 4 mcl64k 65536 55 0 55 18 17 1 1 0 8 1 mcl16k 16384 35 0 35 17 16 1 1 0 8 1 mcl12k 12288 184 0 184 27 26 1 1 0 8 1 mcl9k 9216 186 0 186 21 21 0 1 0 8 0 mcl8k 8192 584 0 584 27 26 1 1 0 8 1 mcl4k 4096 1721 0 1721 23 22 1 1 0 8 1 mcl2k2 2112 108 0 108 32 31 1 1 0 8 1 mcl2k 2048 56353 0 56317 58 52 6 11 0 8 1 mtagpl 80 55 0 54 7 6 1 1 0 8 0 mbufpl 256 246692 0 246611 23 16 7 11 0 8 0 bufpl 280 32787 0 26603 442 0 442 442 0 8 0 anonpl 16 1483832 0 1477177 40 3 37 37 0 107 0 amapchunkpl 152 81471 0 81377 24 19 5 18 0 158 0 amappl16 192 118680 0 118206 30 5 25 25 0 8 1 amappl15 184 70 0 65 1 0 1 1 0 8 0 amappl14 176 41 0 39 1 0 1 1 0 8 0 amappl13 168 2 0 2 1 1 0 1 0 8 0 amappl12 160 603 0 603 2 2 0 1 0 8 0 amappl11 152 55 0 44 1 0 1 1 0 8 0 amappl10 144 9846 0 9843 1 0 1 1 0 8 0 amappl9 136 576 0 572 1 0 1 1 0 8 0 amappl8 128 432 0 377 2 0 2 2 0 8 0 amappl7 120 9843 0 9830 1 0 1 1 0 8 0 amappl6 112 81 0 68 1 0 1 1 0 8 0 amappl5 104 541 0 531 1 0 1 1 0 8 0 amappl4 96 26048 0 26020 1 0 1 1 0 8 0 amappl3 88 517 0 510 1 0 1 1 0 8 0 amappl2 80 205314 0 205244 3 1 2 3 0 8 0 amappl1 72 433569 0 433149 26 16 10 20 0 8 0 amappl 80 53148 0 53112 1 0 1 1 0 84 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 64 129 0 0 3 0 3 3 0 8 0 uaddrrnd 24 25940 0 25926 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 25940 0 25926 1 0 1 1 0 8 0 vmmpekpl 168 117839 0 117819 2 0 2 2 0 8 0 vmmpepl 168 2865766 0 2864171 136 61 75 85 0 357 1 vmsppl 272 25939 0 25926 2 1 1 2 0 8 0 pdppl 4096 51886 0 51852 5 0 5 5 0 8 0 pvpl 32 4167829 0 4158135 170 73 97 116 0 265 0 pmappl 200 25939 0 25926 1 0 1 1 0 8 0 extentpl 40 46 0 29 1 0 1 1 0 8 0 phpool 112 280 0 154 4 0 4 4 0 8 0