panic: tcp_output Stopped at db_enter+0x18: addq $0x8,%rsp TID PID UID PRFLAGS PFLAGS CPU COMMAND * 66211 25371 0 0 0x4000000 0 syz-executor.0 92335 9712 0 0x14000 0x200 1 reaper db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:437 panic(ffffffff8257e141) at panic+0x177 sys/kern/subr_prf.c:198 tcp_output(ffff800000bd6300) at tcp_output+0x2cd2 sys/netinet/tcp_output.c:727 tcp_send(fffffd806fb317b8,fffffd8071221c00,0,fffffd806d400000) at tcp_send+0xc4 sys/netinet/tcp_usrreq.c:944 sosend(fffffd806fb317b8,0,ffff80002feab430,0,fffffd806d400000,0) at sosend+0x62a pru_send sys/sys/protosw.h:331 [inline] sosend(fffffd806fb317b8,0,ffff80002feab430,0,fffffd806d400000,0) at sosend+0x62a sys/kern/uipc_socket.c:646 sendit(ffff80002fe9ea88,4,ffff80002feab5b0,0,ffff80002feab6a0) at sendit+0x65d sys/kern/uipc_syscalls.c:694 sys_sendmsg(ffff80002fe9ea88,ffff80002feab658,ffff80002feab6a0) at sys_sendmsg+0x198 sys/kern/uipc_syscalls.c:601 syscall(ffff80002feab720) at syscall+0x4c3 mi_syscall sys/sys/syscall_mi.h:101 [inline] syscall(ffff80002feab720) at syscall+0x4c3 sys/arch/amd64/amd64/trap.c:585 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x47c8dfe2cd0, count: 6 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb{0}> ddb{0}> set $lines = 0 ddb{0}> set $maxwidth = 0 ddb{0}> show panic *cpu0: tcp_output ddb{0}> trace db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:437 panic(ffffffff8257e141) at panic+0x177 sys/kern/subr_prf.c:198 tcp_output(ffff800000bd6300) at tcp_output+0x2cd2 sys/netinet/tcp_output.c:727 tcp_send(fffffd806fb317b8,fffffd8071221c00,0,fffffd806d400000) at tcp_send+0xc4 sys/netinet/tcp_usrreq.c:944 sosend(fffffd806fb317b8,0,ffff80002feab430,0,fffffd806d400000,0) at sosend+0x62a pru_send sys/sys/protosw.h:331 [inline] sosend(fffffd806fb317b8,0,ffff80002feab430,0,fffffd806d400000,0) at sosend+0x62a sys/kern/uipc_socket.c:646 sendit(ffff80002fe9ea88,4,ffff80002feab5b0,0,ffff80002feab6a0) at sendit+0x65d sys/kern/uipc_syscalls.c:694 sys_sendmsg(ffff80002fe9ea88,ffff80002feab658,ffff80002feab6a0) at sys_sendmsg+0x198 sys/kern/uipc_syscalls.c:601 syscall(ffff80002feab720) at syscall+0x4c3 mi_syscall sys/sys/syscall_mi.h:101 [inline] syscall(ffff80002feab720) at syscall+0x4c3 sys/arch/amd64/amd64/trap.c:585 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x47c8dfe2cd0, count: -9 ddb{0}> show registers rdi 0 rsi 0x1 rbp 0xffff80002feab090 rbx 0xffffffff82941b8f cpu_info_full_primary+0x2b8f rdx 0xffff800000bedcc0 rcx 0 rax 0xffff80002fe9ea88 r8 0x101010101010101 r9 0x8080808080808080 r10 0x5ba8171a9b4cf16a r11 0xe176d4ff6b609b9e r12 0xffffffff82941990 cpu_info_full_primary+0x2990 r13 0 r14 0 r15 0x1 rip 0xffffffff81927ac8 db_enter+0x18 cs 0x8 rflags 0x246 rsp 0xffff80002feab080 ss 0x10 db_enter+0x18: addq $0x8,%rsp ddb{0}> show proc PROC (syz-executor.0) pid=66211 stat=onproc flags process=0 proc=4000000 pri=32, usrpri=84, nice=20 forw=0xffffffffffffffff, list=0xffff80002fe9e2a8,0xffff800021297518 process=0xffff800027c24c90 user=0xffff80002fea6000, vmspace=0xfffffd806aa41180 estcpu=36, cpticks=1, pctcpu=0.0 user=0, sys=0, intr=0 ddb{0}> ps PID TID PPID UID S FLAGS WAIT COMMAND 14058 228200 71131 0 2 0 syz-executor.1 14058 167375 71131 0 2 0x4000000 syz-executor.1 14058 58473 71131 0 3 0x4000080 fsleep syz-executor.1 65914 105445 67938 0 2 0 syz-executor.6 65914 446070 67938 0 3 0x4000080 fsleep syz-executor.6 93393 235834 78526 0 2 0 syz-executor.4 93393 374960 78526 0 3 0x4000080 fsleep syz-executor.4 50949 108459 30424 0 2 0 syz-executor.2 50949 389136 30424 0 2 0x4000000 syz-executor.2 50874 183353 86 0 2 0 syz-executor.7 50874 8349 86 0 3 0x4000080 fsleep syz-executor.7 25371 62982 76032 0 2 0 syz-executor.0 *25371 66211 76032 0 7 0x4000000 syz-executor.0 35987 373411 13649 0 2 0 syz-executor.5 35987 433848 13649 0 3 0x4000080 fsleep syz-executor.5 79962 369943 12234 0 3 0x82 nanoslp syz-executor.3 78526 441415 12234 0 3 0x82 nanoslp syz-executor.4 67938 82634 12234 0 3 0x82 nanoslp syz-executor.6 29825 206349 92845 0 3 0x100082 netio arp 30424 263918 12234 0 3 0x82 nanoslp syz-executor.2 86 435023 12234 0 3 0x82 nanoslp syz-executor.7 92845 376530 1 0 3 0x10008a sigsusp sh 13649 423108 12234 0 2 0x2 syz-executor.5 71131 128122 12234 0 3 0x82 nanoslp syz-executor.1 76032 286102 12234 0 3 0x82 nanoslp syz-executor.0 12234 233558 75934 0 3 0x82 thrsleep syz-fuzzer 12234 79828 75934 0 3 0x4000082 thrsleep syz-fuzzer 12234 333172 75934 0 3 0x4000082 wait syz-fuzzer 12234 48255 75934 0 3 0x4000082 wait syz-fuzzer 12234 147349 75934 0 3 0x4000082 thrsleep syz-fuzzer 12234 385560 75934 0 3 0x4000082 wait syz-fuzzer 12234 267254 75934 0 3 0x4000082 thrsleep syz-fuzzer 12234 400049 75934 0 3 0x4000082 thrsleep syz-fuzzer 12234 415468 75934 0 3 0x4000082 wait syz-fuzzer 12234 68617 75934 0 3 0x4000082 wait syz-fuzzer 12234 169913 75934 0 3 0x4000082 thrsleep syz-fuzzer 12234 419161 75934 0 3 0x4000082 wait syz-fuzzer 12234 295867 75934 0 3 0x4000082 wait syz-fuzzer 12234 206473 75934 0 3 0x4000082 thrsleep syz-fuzzer 12234 361073 75934 0 3 0x4000082 kqread syz-fuzzer 12234 391366 75934 0 3 0x4000082 wait syz-fuzzer 75934 447035 1187 0 3 0x10008a sigsusp ksh 1187 289754 51041 0 3 0x9a kqread sshd 5898 437625 1 0 3 0x100083 ttyin getty 51041 513933 1 0 3 0x88 kqread sshd 93840 213511 82184 74 3 0x1100092 bpf pflogd 82184 168363 1 0 3 0x80 netio pflogd 31968 175002 50086 73 3 0x1100090 kqread syslogd 50086 489296 1 0 3 0x100082 netio syslogd 60834 105462 1 0 3 0x100080 kqread resolvd 31068 400534 54413 77 3 0x100092 kqread dhcpleased 2569 332878 54413 77 3 0x100092 kqread dhcpleased 54413 453954 1 0 3 0x80 kqread dhcpleased 43531 432055 0 0 3 0x14200 bored smr 47607 483514 0 0 2 0x14200 zerothread 49037 296623 0 0 3 0x14200 aiodoned aiodoned 89069 93717 0 0 3 0x14200 syncer update 15195 234097 0 0 3 0x14200 cleaner cleaner 9712 92335 0 0 7 0x14200 reaper 75935 463167 0 0 3 0x14200 pgdaemon pagedaemon 67359 351483 0 0 3 0x14200 bored viomb 6435 304492 0 0 3 0x40014200 acpi0 acpi0 22265 417789 0 0 3 0x40014200 idle1 47763 431436 0 0 3 0x14200 bored softnet 98932 288639 0 0 3 0x14200 bored softnet 98434 147231 0 0 3 0x14200 bored softnet 505 434838 0 0 3 0x14200 bored softnet 8491 50300 0 0 3 0x14200 bored systqmp 85980 53535 0 0 3 0x14200 bored systq 85136 206410 0 0 3 0x40014200 bored softclock 26190 19999 0 0 3 0x40014200 idle0 1 501825 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb{0}> show all locks Process 25371 (syz-executor.0) thread 0xffff80002fe9ea88 (66211) exclusive rwlock netlock r = 0 (0xffffffff829d5f30) #0 witness_lock+0x44d #1 sosend+0x500 sys/kern/uipc_socket.c:632 #2 sendit+0x65d sys/kern/uipc_syscalls.c:694 #3 sys_sendmsg+0x198 sys/kern/uipc_syscalls.c:601 #4 syscall+0x4c3 mi_syscall sys/sys/syscall_mi.h:101 [inline] #4 syscall+0x4c3 sys/arch/amd64/amd64/trap.c:585 #5 Xsyscall+0x128 ddb{0}> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10182 6498K 6566K 78643K 50238 0 pcb 13 14K 16K 78643K 1369 0 rtable 234 6K 6K 78643K 361 0 ifaddr 87 17K 17K 78643K 97 0 counters 56 35K 35K 78643K 58 0 ioctlops 0 0K 4K 78643K 7450 0 iov 0 0K 16K 78643K 4617 0 mount 1 1K 1K 78643K 1 0 log 0 0K 0K 78643K 4 0 vnodes 1417 89K 89K 78643K 23210 0 UFS quota 1 32K 32K 78643K 1 0 UFS mount 5 36K 36K 78643K 5 0 shm 2 1K 17K 78643K 2288 0 VM map 2 1K 1K 78643K 2 0 sem 12 0K 0K 78643K 2261 0 dirhash 12 2K 2K 78643K 12 0 ACPI 1697 195K 286K 78643K 12548 0 file desc 19 69K 93K 78643K 89557 0 sigio 0 0K 0K 78643K 10729 0 proc 68 91K 128K 78643K 528 0 subproc 117 7K 7K 78643K 117 0 NFS srvsock 1 0K 0K 78643K 1 0 NFS daemon 1 16K 16K 78643K 1 0 in_multi 99 6K 6K 78643K 100 0 ether_multi 1 0K 0K 78643K 1 0 ISOFS mount 1 32K 32K 78643K 1 0 MSDOSFS mount 1 16K 16K 78643K 1 0 ttys 25 122K 122K 78643K 25 0 exec 0 0K 2K 78643K 675 0 tdb 3 0K 0K 78643K 3 0 pagedep 1 8K 8K 78643K 1 0 inodedep 1 32K 32K 78643K 1 0 newblk 1 0K 0K 78643K 1 0 VM swap 8 62K 62K 78643K 8 0 UVM amap 333 86K 87K 78643K 464032 0 UVM aobj 131 4K 4K 78643K 131 0 memdesc 1 4K 4K 78643K 1 0 crypto data 1 1K 1K 78643K 1 0 NDP 12 0K 2K 78643K 29 0 temp 129 4726K 4854K 78643K 209260 0 kqueue 12 18K 32K 78643K 9416 0 SYN cache 2 16K 16K 78643K 2 0 ddb{0}> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle plcache 128 22 0 0 1 0 1 1 0 8 0 rtpcb 120 37 0 33 1 0 1 1 0 8 0 rtentry 112 114 0 4 4 0 4 4 0 8 0 unpcb 144 57854 0 57839 336 335 1 10 0 8 0 syncache 296 4 0 4 1 1 0 1 0 8 0 tcpcb 768 1951 0 1941 66 63 3 16 0 8 2 arp 120 19 0 1 1 0 1 1 0 8 0 inpcb 368 7932 0 7922 111 104 7 10 0 8 6 nd6 48 24 0 0 1 0 1 1 0 8 0 kcovpl 48 9 0 0 1 0 1 1 0 8 0 pffrag 232 51 0 51 4 4 0 2 0 482 0 pffrnode 88 39 0 39 3 3 0 1 0 8 0 pffrent 40 1267 0 1267 3 3 0 1 0 8 0 pfosfp 40 1428 0 1005 5 0 5 5 0 8 0 pfosfpen 112 1428 0 714 21 0 21 21 0 8 0 pfstitem 24 148 0 146 1 0 1 1 0 8 0 pfstkey 120 148 0 146 1 0 1 1 0 8 0 pfstate 336 148 0 146 5 4 1 3 0 8 0 pfrule 1360 21 0 16 2 1 1 2 0 8 0 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 455 0 3 29 0 29 29 0 8 0 art_table 32 456 0 3 4 0 4 4 0 8 0 art_node 16 113 0 13 1 0 1 1 0 8 0 semapl 112 2259 0 2249 1 0 1 1 0 8 0 shmpl 112 128 0 0 4 0 4 4 0 8 0 dirhash 1024 17 0 0 3 0 3 3 0 8 0 dino2pl 256 96611 0 95174 91 0 91 91 0 8 0 ffsino 272 96611 0 95174 97 0 97 97 0 8 0 nchpl 144 206451 0 204804 63 0 63 63 0 8 0 uvmvnodes 80 5926 0 0 121 0 121 121 0 8 0 vnodes 216 5926 0 0 330 0 330 330 0 8 0 namei 1024 601308 0 601308 3 2 1 2 0 8 1 percpumem 16 41 0 1 1 0 1 1 0 8 0 kstatmem 264 26 0 2 2 0 2 2 0 8 0 scxspl 216 561089 0 561089 12 11 1 8 0 8 1 plimitpl 152 24 0 8 1 0 1 1 0 8 0 sigapl 424 89870 0 89820 8 2 6 7 0 8 0 futexpl 64 480966 0 480961 2 1 1 1 0 8 0 knotepl 120 1320 0 0 18 13 5 10 0 8 0 kqueuepl 216 16376 0 16367 68 67 1 8 0 8 0 pipepl 320 21836 0 21805 396 393 3 16 0 8 0 fdescpl 496 89853 0 89821 6 1 5 5 0 8 0 filepl 152 413665 0 413401 637 624 13 25 0 8 2 lockfpl 104 19787 0 19785 23 22 1 2 0 8 0 lockfspl 48 6579 0 6577 1 0 1 1 0 8 0 sessionpl 144 25 0 7 1 0 1 1 0 8 0 pgrppl 48 812 0 794 1 0 1 1 0 8 0 ucredpl 104 940 0 928 1 0 1 1 0 8 0 zombiepl 144 89821 0 89820 2 1 1 1 0 8 0 processpl 1064 89870 0 89820 4 0 4 4 0 8 0 procpl 672 214895 0 214822 57 50 7 9 0 8 0 sockpl 488 65823 0 65794 1216 1204 12 35 0 8 8 mcl64k 65536 33 0 0 3 0 3 3 0 8 0 mcl16k 16384 66 0 0 5 3 2 3 0 8 0 mcl12k 12288 89 0 0 2 0 2 2 0 8 0 mcl9k 9216 57 0 0 2 0 2 2 0 8 0 mcl8k 8192 105 0 0 7 4 3 4 0 8 0 mcl4k 4096 98 0 0 8 5 3 3 0 8 0 mcl2k2 2112 22 0 0 2 0 2 2 0 8 0 mcl2k 2048 310 0 0 12 0 12 12 0 8 0 mtagpl 96 2 0 0 1 0 1 1 0 8 0 mbufpl 256 2242 0 0 28 15 13 19 0 8 0 bufpl 288 93279 0 86947 453 0 453 453 0 8 0 anonpl 24 14647259 0 14638326 93 33 60 64 0 186 0 amapchunkpl 152 1338281 0 1337710 131 107 24 26 0 158 0 amappl16 200 172755 0 172566 31 20 11 11 0 8 0 amappl15 192 34036 0 34027 1 0 1 1 0 8 0 amappl14 184 11407 0 11399 1 0 1 1 0 8 0 amappl13 176 121 0 116 1 0 1 1 0 8 0 amappl12 168 163 0 160 1 0 1 1 0 8 0 amappl11 160 11171 0 11151 1 0 1 1 0 8 0 amappl10 152 33 0 29 1 0 1 1 0 8 0 amappl9 144 11934 0 11931 1 0 1 1 0 8 0 amappl8 136 23896 0 23719 7 0 7 7 0 8 0 amappl7 128 22100 0 22077 1 0 1 1 0 8 0 amappl6 120 11792 0 11778 2 1 1 2 0 8 0 amappl5 112 92049 0 92030 1 0 1 1 0 8 0 amappl4 104 12914 0 12884 2 0 2 2 0 8 0 amappl3 96 255306 0 255248 2 0 2 2 0 8 0 amappl2 88 3602 0 3563 2 0 2 2 0 8 0 amappl1 80 2133347 0 2132596 79 62 17 20 0 8 1 amappl 88 463028 0 462871 6 1 5 5 0 92 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 130 0 0 3 0 3 3 0 8 0 uaddrrnd 24 89853 0 89821 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 89853 0 89821 1 0 1 1 0 8 0 vmmpekpl 168 540964 0 540902 4 0 4 4 0 8 0 vmmpepl 168 8198344 0 8195803 421 305 116 116 0 357 1 vmsppl 368 89852 0 89821 4 1 3 4 0 8 0 rwobjpl 56 1877665 0 1870208 116 10 106 107 0 8 0 pdppl 4096 179713 0 179642 2339 2266 73 83 0 8 2 pvpl 32 28395910 0 28382350 430 315 115 253 0 265 0 pmappl 248 89852 0 89821 4 1 3 3 0 8 0 extentpl 40 56 0 38 1 0 1 1 0 8 0 phpool 112 3204 0 2407 23 0 23 23 0 8 0 ddb{0}> machine ddbcpu 0 Invalid cpu 0 ddb{0}> trace db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:437 panic(ffffffff8257e141) at panic+0x177 sys/kern/subr_prf.c:198 tcp_output(ffff800000bd6300) at tcp_output+0x2cd2 sys/netinet/tcp_output.c:727 tcp_send(fffffd806fb317b8,fffffd8071221c00,0,fffffd806d400000) at tcp_send+0xc4 sys/netinet/tcp_usrreq.c:944 sosend(fffffd806fb317b8,0,ffff80002feab430,0,fffffd806d400000,0) at sosend+0x62a pru_send sys/sys/protosw.h:331 [inline] sosend(fffffd806fb317b8,0,ffff80002feab430,0,fffffd806d400000,0) at sosend+0x62a sys/kern/uipc_socket.c:646 sendit(ffff80002fe9ea88,4,ffff80002feab5b0,0,ffff80002feab6a0) at sendit+0x65d sys/kern/uipc_syscalls.c:694 sys_sendmsg(ffff80002fe9ea88,ffff80002feab658,ffff80002feab6a0) at sys_sendmsg+0x198 sys/kern/uipc_syscalls.c:601 syscall(ffff80002feab720) at syscall+0x4c3 mi_syscall sys/sys/syscall_mi.h:101 [inline] syscall(ffff80002feab720) at syscall+0x4c3 sys/arch/amd64/amd64/trap.c:585 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x47c8dfe2cd0, count: -9 ddb{0}> machine ddbcpu 1