panic: unhandled af 0 Stopped at db_enter+0x18: addq $0x8,%rsp TID PID UID PRFLAGS PFLAGS CPU COMMAND *125557 24244 0 0 0x4000000 0 syz-executor.0 db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:398 panic(ffffffff821b8c65) at panic+0x15c sys/kern/subr_prf.c:207 unhandled_af(0) at unhandled_af+0x16 pf_addrcpy(ffff800020732328,ffff800020732620,0) at pf_addrcpy+0x99 sys/net/pf.c:409 pfioctl(4900,c0504417,ffff800020732620,1,ffff8000ffff33d8) at pfioctl+0x43c0 sys/net/pf_ioctl.c:1827 VOP_IOCTL(fffffd80685ba270,c0504417,ffff800020732620,1,fffffd806c3beb40,ffff8000ffff33d8) at VOP_IOCTL+0x88 sys/kern/vfs_vops.c:291 vn_ioctl(fffffd805eafc8e8,c0504417,ffff800020732620,ffff8000ffff33d8) at vn_ioctl+0xb7 sys/kern/vfs_vnops.c:533 sys_ioctl(ffff8000ffff33d8,ffff800020732738,ffff800020732780) at sys_ioctl+0x5b9 syscall(ffff800020732800) at syscall+0x507 sys/arch/amd64/amd64/trap.c:555 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xb5e112cc040, count: 5 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic unhandled af 0 ddb> trace db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:398 panic(ffffffff821b8c65) at panic+0x15c sys/kern/subr_prf.c:207 unhandled_af(0) at unhandled_af+0x16 pf_addrcpy(ffff800020732328,ffff800020732620,0) at pf_addrcpy+0x99 sys/net/pf.c:409 pfioctl(4900,c0504417,ffff800020732620,1,ffff8000ffff33d8) at pfioctl+0x43c0 sys/net/pf_ioctl.c:1827 VOP_IOCTL(fffffd80685ba270,c0504417,ffff800020732620,1,fffffd806c3beb40,ffff8000ffff33d8) at VOP_IOCTL+0x88 sys/kern/vfs_vops.c:291 vn_ioctl(fffffd805eafc8e8,c0504417,ffff800020732620,ffff8000ffff33d8) at vn_ioctl+0xb7 sys/kern/vfs_vnops.c:533 sys_ioctl(ffff8000ffff33d8,ffff800020732738,ffff800020732780) at sys_ioctl+0x5b9 syscall(ffff800020732800) at syscall+0x507 sys/arch/amd64/amd64/trap.c:555 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xb5e112cc040, count: -10 ddb> show registers rdi 0xffffffff817e67d7 db_enter+0x17 rsi 0xb1c rbp 0xffff8000207321e0 rbx 0xffff800020732290 rdx 0xb1d rcx 0xffff80001e642000 rax 0xffff80001e642000 r8 0xffff8000207321a0 r9 0x1 r10 0xffff8000009fa940 r11 0xf661a3faf7450eef r12 0x3000000008 r13 0xffff8000207321f0 r14 0x100 r15 0x1 rip 0xffffffff817e67d8 db_enter+0x18 cs 0x8 rflags 0x246 rsp 0xffff8000207321d0 ss 0x10 db_enter+0x18: addq $0x8,%rsp ddb> show proc PROC (syz-executor.0) pid=125557 stat=onproc flags process=0 proc=4000000 pri=82, usrpri=82, nice=20 forw=0xffffffffffffffff, list=0xffff8000ffff2018,0xffffffff82560d28 process=0xffff8000ffffb7e0 user=0xffff80002072d000, vmspace=0xfffffd806bc09220 estcpu=36, cpticks=0, pctcpu=0.0 user=0, sys=0, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 24244 426322 75542 0 2 0 syz-executor.0 *24244 125557 75542 0 7 0x4000000 syz-executor.0 49490 310304 90122 0 3 0x80 nanosleep syz-executor.1 49490 244714 90122 0 3 0x4000080 wsevent_read syz-executor.1 49490 302576 90122 0 3 0x4000080 fsleep syz-executor.1 90122 346289 72750 0 3 0x82 nanosleep syz-executor.1 75542 445681 72750 0 3 0x82 nanosleep syz-executor.0 88239 265885 0 0 3 0x14200 bored sosplice 54868 308492 1 0 3 0x100083 ttyin getty 72750 154057 85955 0 3 0x82 thrsleep syz-fuzzer 72750 477538 85955 0 3 0x4000082 thrsleep syz-fuzzer 72750 393032 85955 0 3 0x4000082 thrsleep syz-fuzzer 72750 301910 85955 0 3 0x4000082 thrsleep syz-fuzzer 72750 472558 85955 0 3 0x4000082 kqread syz-fuzzer 72750 284120 85955 0 3 0x4000082 thrsleep syz-fuzzer 72750 98585 85955 0 3 0x4000082 thrsleep syz-fuzzer 72750 4871 85955 0 3 0x4000082 thrsleep syz-fuzzer 72750 17070 85955 0 3 0x4000082 thrsleep syz-fuzzer 85955 273813 50794 0 3 0x10008a pause ksh 50794 239150 36974 0 3 0x92 select sshd 36974 84692 1 0 3 0x80 select sshd 55071 19640 75722 73 3 0x100090 kqread syslogd 75722 298239 1 0 3 0x100082 netio syslogd 13986 379153 1 77 3 0x100090 poll dhclient 86645 16489 1 0 3 0x80 poll dhclient 34683 65863 0 0 2 0x14200 zerothread 40256 453614 0 0 3 0x14200 aiodoned aiodoned 66391 361954 0 0 3 0x14200 syncer update 74908 80083 0 0 3 0x14200 cleaner cleaner 64970 451785 0 0 3 0x14200 reaper reaper 27487 441956 0 0 3 0x14200 pgdaemon pagedaemon 17971 265822 0 0 3 0x14200 bored crynlk 50672 243825 0 0 3 0x14200 bored crypto 50830 119086 0 0 3 0x40014200 acpi0 acpi0 45645 121066 0 0 3 0x14200 bored softnet 61900 48154 0 0 3 0x14200 bored systqmp 98089 210106 0 0 3 0x14200 bored systq 55459 116508 0 0 3 0x40014200 bored softclock 51575 213972 0 0 3 0x40014200 idle0 31421 148215 0 0 3 0x14200 bored smr 1 11499 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 9478 6346K 6657K 78643K 21819 0 pcb 13 8K 8K 78643K 442 0 rtable 126 7K 8K 78643K 1691 0 ifaddr 50 14K 14K 78643K 546 0 counters 19 16K 16K 78643K 19 0 ioctlops 0 0K 4K 78643K 4102 0 iov 0 0K 16K 78643K 686 0 mount 1 1K 1K 78643K 1 0 vnodes 1289 81K 81K 78643K 14150 0 UFS quota 1 32K 32K 78643K 1 0 UFS mount 5 36K 36K 78643K 5 0 shm 2 1K 9K 78643K 406 0 VM map 2 0K 0K 78643K 2 0 sem 12 0K 0K 78643K 261 0 dirhash 12 2K 2K 78643K 12 0 ACPI 1794 195K 288K 78643K 12646 0 file desc 6 17K 25K 78643K 44319 0 sigio 0 0K 0K 78643K 1107 0 proc 61 39K 63K 78643K 1163 0 subproc 32 2K 2K 78643K 119 0 NFS srvsock 1 0K 0K 78643K 1 0 NFS daemon 1 16K 16K 78643K 1 0 ip_moptions 0 0K 0K 78643K 33 0 in_multi 33 2K 2K 78643K 88 0 ether_multi 1 0K 0K 78643K 1 0 ISOFS mount 1 32K 32K 78643K 1 0 MSDOSFS mount 1 16K 16K 78643K 1 0 ttys 151 678K 678K 78643K 151 0 exec 0 0K 1K 78643K 723 0 pagedep 1 8K 8K 78643K 1 0 inodedep 1 32K 32K 78643K 1 0 newblk 1 0K 0K 78643K 1 0 VM swap 7 26K 26K 78643K 7 0 UVM amap 784 4916K 4916K 78643K 91307 0 UVM aobj 130 4K 4K 78643K 214 0 memdesc 1 4K 4K 78643K 1 0 crypto data 1 1K 1K 78643K 1 0 ip6_options 0 0K 0K 78643K 5 0 NDP 6 0K 0K 78643K 91 0 temp 119 3042K 3106K 78643K 422357 0 kqueue 0 0K 0K 78643K 103 0 SYN cache 2 16K 16K 78643K 2 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle arp 64 16 0 10 1 0 1 1 0 8 0 rtpcb 80 1127 0 1125 1 0 1 1 0 8 0 rtentry 112 95 0 51 2 0 2 2 0 8 0 unpcb 120 47475 0 47467 13 12 1 2 0 8 0 syncache 264 4 0 4 1 1 0 1 0 8 0 sackhl 24 28 0 28 16 16 0 1 0 8 0 tcpqe 32 36 0 36 1 1 0 1 0 8 0 tcpcb 544 1851 0 1847 2 1 1 2 0 8 0 inpcb 280 6509 0 6502 3 2 1 3 0 8 0 nd6 48 14 0 10 1 0 1 1 0 8 0 pkpcb 40 8 0 8 1 1 0 1 0 8 0 ppxss 1128 64 0 64 4 4 0 1 0 8 0 pfosfp 40 5 0 4 1 0 1 1 0 8 0 pfosfpen 112 6 0 4 1 0 1 1 0 8 0 pfrktable 1344 404 0 397 1 0 1 1 0 8 0 pftag 88 29 0 24 1 0 1 1 0 8 0 pfqueue 264 52 0 12 3 0 3 3 0 8 0 pfstitem 24 1 0 1 1 1 0 1 0 8 0 pfstkey 112 2 0 2 1 1 0 1 0 8 0 pfstate 328 2 0 2 1 1 0 1 0 8 0 pfrule 1360 868 0 522 29 0 29 29 0 8 0 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 436 0 221 14 0 14 14 0 8 0 art_table 32 437 0 221 2 0 2 2 0 8 0 art_node 16 94 0 54 1 0 1 1 0 8 0 sysvmsgpl 40 27 0 6 1 0 1 1 0 8 0 semapl 112 259 0 249 1 0 1 1 0 8 0 shmpl 112 212 0 84 4 0 4 4 0 8 0 dirhash 1024 17 0 0 3 0 3 3 0 8 0 dino1pl 128 56632 0 55217 46 0 46 46 0 8 0 ffsino 240 56632 0 55217 84 0 84 84 0 8 0 nchpl 144 131133 0 129334 68 1 67 67 0 8 0 uvmvnodes 72 5926 0 0 108 0 108 108 0 8 0 vnodes 208 5926 0 0 312 0 312 312 0 8 0 namei 1024 362366 0 362366 1 0 1 1 0 8 1 vcpupl 1984 464 0 0 58 0 58 58 0 8 0 vmpool 528 464 0 0 31 0 31 31 0 8 0 pfiaddrpl 120 490 0 342 6 1 5 5 0 8 0 scsiplug 64 2 0 2 2 2 0 1 0 8 0 scxspl 192 298074 0 298074 1 0 1 1 0 8 1 plimitpl 152 160 0 153 1 0 1 1 0 8 0 sigapl 432 44477 0 44463 2 0 2 2 0 8 0 futexpl 56 399394 0 399393 1 0 1 1 0 8 0 knotepl 112 763 0 744 1 0 1 1 0 8 0 kqueuepl 104 4544 0 4542 1 0 1 1 0 8 0 pipepl 112 5832 0 5813 3 2 1 2 0 8 0 fdescpl 424 44478 0 44463 2 0 2 2 0 8 0 filepl 120 234535 0 234437 33 29 4 7 0 8 1 lockfpl 104 6098 0 6097 1 0 1 1 0 8 0 lockfspl 48 2001 0 2000 1 0 1 1 0 8 0 sessionpl 112 24 0 14 1 0 1 1 0 8 0 pgrppl 48 390 0 380 1 0 1 1 0 8 0 ucredpl 96 34939 0 34932 1 0 1 1 0 8 0 zombiepl 144 44476 0 44476 1 0 1 1 0 8 1 processpl 872 44506 0 44476 4 0 4 4 0 8 0 procpl 632 88694 0 88653 5 1 4 5 0 8 0 sosppl 128 20 0 20 2 2 0 1 0 8 0 sockpl 384 55120 0 55103 100 97 3 8 0 8 1 mcl64k 65536 2881 0 2881 24 23 1 1 0 8 1 mcl16k 16384 1422 0 1422 23 22 1 1 0 8 1 mcl12k 12288 1032 0 1032 37 36 1 1 0 8 1 mcl9k 9216 2700 0 2700 24 23 1 1 0 8 1 mcl8k 8192 6631 0 6631 14 13 1 1 0 8 1 mcl4k 4096 1984 0 1984 52 52 0 1 0 8 0 mcl2k2 2112 307 0 307 13 13 0 1 0 8 0 mcl2k 2048 124509 0 124470 41 35 6 11 0 8 0 mtagpl 80 18 0 18 2 2 0 1 0 8 0 mbufpl 256 529617 0 529478 35 24 11 16 0 8 1 bufpl 280 56374 0 50190 442 0 442 442 0 8 0 anonpl 16 2498671 0 2492942 70 45 25 40 0 107 0 amapchunkpl 152 136060 0 135961 20 15 5 8 0 158 0 amappl16 192 176010 0 175448 63 34 29 41 0 8 0 amappl15 184 73 0 68 1 0 1 1 0 8 0 amappl14 176 2322 0 2318 1 0 1 1 0 8 0 amappl13 168 13639 0 13639 1 1 0 1 0 8 0 amappl12 160 2735 0 2733 7 6 1 1 0 8 0 amappl11 152 1512 0 1501 1 0 1 1 0 8 0 amappl10 144 4593 0 4590 1 0 1 1 0 8 0 amappl9 136 20156 0 20152 1 0 1 1 0 8 0 amappl8 128 20122 0 20023 5 1 4 4 0 8 0 amappl7 120 4701 0 4689 1 0 1 1 0 8 0 amappl6 112 1508 0 1497 1 0 1 1 0 8 0 amappl5 104 5813 0 5802 1 0 1 1 0 8 0 amappl4 96 41522 0 41490 1 0 1 1 0 8 0 amappl3 88 10422 0 10410 1 0 1 1 0 8 0 amappl2 80 362894 0 362813 3 1 2 3 0 8 0 amappl1 72 668841 0 668401 26 16 10 20 0 8 0 amappl 80 89383 0 89043 8 0 8 8 0 84 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 64 213 0 84 3 0 3 3 0 8 0 uaddrrnd 24 44942 0 44463 3 0 3 3 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 44942 0 44463 3 0 3 3 0 8 0 vmmpekpl 168 160510 0 160472 3 1 2 2 0 8 0 vmmpepl 168 4881458 0 4878981 187 79 108 118 0 357 0 vmsppl 272 44941 0 44463 33 1 32 32 0 8 0 pdppl 4096 89890 0 89390 64 1 63 63 0 8 0 pvpl 32 7070015 0 7061424 383 311 72 115 0 265 2 pmappl 200 44941 0 44463 26 0 26 26 0 8 0 extentpl 40 46 0 29 1 0 1 1 0 8 0 phpool 112 422 0 174 8 0 8 8 0 8 0