panic: pr_find_pagehead: mbufpl: page header missing Stopped at db_enter+0xa: popq %rbp TID PID UID PRFLAGS PFLAGS CPU COMMAND *342433 12571 0 0 0x4000000 0 syz-executor0 db_enter() at db_enter+0xa sys/arch/amd64/amd64/db_interface.c:399 panic() at panic+0x147 sys/kern/subr_prf.c:208 pool_do_put(ffffff0006000100,ffffffff81eb5878) at pool_do_put+0x339 pool_put(0,ffffff0006000100) at pool_put+0x37 sys/kern/subr_pool.c:808 m_free(ffffff0006000100) at m_free+0x12c sys/kern/uipc_mbuf.c:447 tun_dev_read(ffff800014acc608,ffffff003614cc28,ffffff003614cc28) at tun_dev_read+0x237 sys/net/if_tun.c:791 spec_read(10) at spec_read+0x9d sys/kern/spec_vnops.c:223 VOP_READ(ffff800014acc608,ffffff003614cc28,ffffff0030375448,0) at VOP_READ+0x5e sys/kern/vfs_vops.c:247 vn_read(ffffff0030375448,ffff800014aa6bd0,3e8) at vn_read+0x130 sys/kern/vfs_vnops.c:365 dofilereadv(ffff800014aa6bd0,ffff800014acc6b0,3e8,ffff800014acc6c0,78d55c8ae38) at dofilereadv+0x14f sys/kern/sys_generic.c:235 sys_read(ffff800014acc750,ffff800014aa6bd0,ffff800014a15988) at sys_read+0x6e sys/kern/sys_generic.c:155 syscall(0) at syscall+0x3e4 Xsyscall(6,3,0,3,1,78cb26d0000) at Xsyscall+0x128 end of kernel end trace frame: 0x78d55c8ae50, count: 2 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb> ddb> set $lines = 0 ddb> show panic pr_find_pagehead: mbufpl: page header missing ddb> trace db_enter() at db_enter+0xa sys/arch/amd64/amd64/db_interface.c:399 panic() at panic+0x147 sys/kern/subr_prf.c:208 pool_do_put(ffffff0006000100,ffffffff81eb5878) at pool_do_put+0x339 pool_put(0,ffffff0006000100) at pool_put+0x37 sys/kern/subr_pool.c:808 m_free(ffffff0006000100) at m_free+0x12c sys/kern/uipc_mbuf.c:447 tun_dev_read(ffff800014acc608,ffffff003614cc28,ffffff003614cc28) at tun_dev_read+0x237 sys/net/if_tun.c:791 spec_read(10) at spec_read+0x9d sys/kern/spec_vnops.c:223 VOP_READ(ffff800014acc608,ffffff003614cc28,ffffff0030375448,0) at VOP_READ+0x5e sys/kern/vfs_vops.c:247vn_read(ffffff0030375448,ffff800014aa6bd0,3e8) at vn_read+0x130 dofilereadv(ffff800014aa6bd0,ffff800014acc6b0,3e8,ffff800014acc6c0,78d55c8ae38) at dofilereadv+0x14f sys/kern/sys_generic.c:235 sys_read(ffff800014acc750,ffff800014aa6bd0,ffff800014a15988) at sys_read+0x6e sys/kern/sys_generic.c:155 syscall(0) at syscall+0x3e4 Xsyscall(6,3,0,3,1,78cb26d0000) at Xsyscall+0x128 end of kernel end trace frame: 0x78d55c8ae50, count: -13 ddb> show registers rdi 0xffffffff81e23fa0 kprintf_mutex rsi 0xffffffff810ca2b9 db_enter+0x9 rbp 0xffff800014acc230 rbx 0xffff800014acc2d0 rdx 0xffff8000020cd000 rcx 0x179f __ALIGN_SIZE+0x79f rax 0xffff8000020cd000 r8 0xffff800014acc200 r9 0x8080808080808080 r10 0 r11 0xffffffff81101be0 x86_bus_space_io_read_1 r12 0x3000000008 r13 0xffff800014acc240 r14 0x100 r15 0xffffffff81c166bb substchar+0x5741 rip 0xffffffff810ca2ba db_enter+0xa cs 0x8 rflags 0x206 rsp 0xffff800014acc230 ss 0x10 db_enter+0xa: popq %rbp ddb> show proc PROC (syz-executor0) pid=342433 stat=onproc flags process=0 proc=4000000 pri=76, usrpri=76, nice=20 forw=0xffffffffffffffff, list=0xffff800014aa6018,0xffff800014aa64d8 process=0xffff800014a15988 user=0xffff800014ac7000, vmspace=0xffffff003f12ce70 estcpu=36, cpticks=0, pctcpu=0.0 user=0, sys=0, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 22936 268886 74120 0 3 0x80 nanosleep syz-executor1 22936 319778 74120 0 3 0x4000080 netio syz-executor1 12571 416186 22642 0 2 0 syz-executor0 *12571 342433 22642 0 7 0x4000000 syz-executor0 12571 266183 22642 0 3 0x4000080 fsleep syz-executor0 41368 182590 0 0 3 0x14200 bored sosplice 22642 246613 84355 0 3 0x82 nanosleep syz-executor0 74120 495365 84355 0 3 0x82 nanosleep syz-executor1 84355 242982 61364 0 3 0x82 thrsleep syz-fuzzer 84355 522651 61364 0 3 0x4000082 thrsleep syz-fuzzer 84355 137028 61364 0 3 0x4000082 thrsleep syz-fuzzer 84355 464313 61364 0 3 0x4000082 thrsleep syz-fuzzer 84355 100354 61364 0 3 0x4000082 thrsleep syz-fuzzer 84355 142885 61364 0 3 0x4000082 thrsleep syz-fuzzer 84355 453434 61364 0 3 0x4000082 kqread syz-fuzzer 61364 471066 41450 0 3 0x10008a pause ksh 41450 179280 8503 0 3 0x92 select sshd 9202 101386 1 0 3 0x100083 ttyin getty 8503 182751 1 0 3 0x80 select sshd 34280 522418 17269 73 3 0x100090 kqread syslogd 17269 71023 1 0 3 0x100082 netio syslogd 57507 514251 1 77 3 0x100090 poll dhclient 12364 39660 1 0 3 0x80 poll dhclient 72533 510879 0 0 2 0x14200 zerothread 34534 82208 0 0 3 0x14200 aiodoned aiodoned 34900 465875 0 0 3 0x14200 syncer update 92338 439451 0 0 3 0x14200 cleaner cleaner 20616 334211 0 0 3 0x14200 reaper reaper 36564 139036 0 0 3 0x14200 pgdaemon pagedaemon 43461 436500 0 0 3 0x14200 bored crynlk 89919 182031 0 0 3 0x14200 bored crypto 72344 33871 0 0 3 0x40014200 acpi0 acpi0 3655 112453 0 0 3 0x14200 bored softnet 52287 301996 0 0 3 0x14200 bored systqmp 27368 409381 0 0 3 0x14200 bored systq 44375 272909 0 0 3 0x40014200 bored softclock 32453 138252 0 0 3 0x40014200 idle0 1 185571 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper