panic: unhandled af 66 Stopped at db_enter+0x18: addq $0x8,%rsp TID PID UID PRFLAGS PFLAGS CPU COMMAND *314964 24964 0 0 0x4000000 0 syz-executor.1 db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:398 panic(ffffffff821b7e70) at panic+0x15c sys/kern/subr_prf.c:207 unhandled_af(42) at unhandled_af+0x16 pf_addrcpy(ffff80002065e1a8,ffff80002065e4a0,42) at pf_addrcpy+0x99 sys/net/pf.c:409 pfioctl(4900,c0504417,ffff80002065e4a0,1,ffff80001d42ac70) at pfioctl+0x43c0 sys/net/pf_ioctl.c:1827 VOP_IOCTL(fffffd805daf94e0,c0504417,ffff80002065e4a0,1,fffffd806c3be8a0,ffff80001d42ac70) at VOP_IOCTL+0x88 sys/kern/vfs_vops.c:291 vn_ioctl(fffffd8057952d38,c0504417,ffff80002065e4a0,ffff80001d42ac70) at vn_ioctl+0xb7 sys/kern/vfs_vnops.c:533 sys_ioctl(ffff80001d42ac70,ffff80002065e5b8,ffff80002065e600) at sys_ioctl+0x5b9 syscall(ffff80002065e680) at syscall+0x507 sys/arch/amd64/amd64/trap.c:555 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x935014630f0, count: 5 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic unhandled af 66 ddb> trace db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:398 panic(ffffffff821b7e70) at panic+0x15c sys/kern/subr_prf.c:207 unhandled_af(42) at unhandled_af+0x16 pf_addrcpy(ffff80002065e1a8,ffff80002065e4a0,42) at pf_addrcpy+0x99 sys/net/pf.c:409 pfioctl(4900,c0504417,ffff80002065e4a0,1,ffff80001d42ac70) at pfioctl+0x43c0 sys/net/pf_ioctl.c:1827 VOP_IOCTL(fffffd805daf94e0,c0504417,ffff80002065e4a0,1,fffffd806c3be8a0,ffff80001d42ac70) at VOP_IOCTL+0x88 sys/kern/vfs_vops.c:291 vn_ioctl(fffffd8057952d38,c0504417,ffff80002065e4a0,ffff80001d42ac70) at vn_ioctl+0xb7 sys/kern/vfs_vnops.c:533 sys_ioctl(ffff80001d42ac70,ffff80002065e5b8,ffff80002065e600) at sys_ioctl+0x5b9 syscall(ffff80002065e680) at syscall+0x507 sys/arch/amd64/amd64/trap.c:555 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x935014630f0, count: -10 ddb> show registers rdi 0xffffffff81ae0657 db_enter+0x17 rsi 0xbb5 rbp 0xffff80002065e060 rbx 0xffff80002065e110 rdx 0xbb6 rcx 0xffff800020259000 rax 0xffff800020259000 r8 0xffff80002065e020 r9 0x1 r10 0xffff800000a33940 r11 0x99f4497e93775106 r12 0x3000000008 r13 0xffff80002065e070 r14 0x100 r15 0x1 rip 0xffffffff81ae0658 db_enter+0x18 cs 0x8 rflags 0x246 rsp 0xffff80002065e050 ss 0x10 db_enter+0x18: addq $0x8,%rsp ddb> show proc PROC (syz-executor.1) pid=314964 stat=onproc flags process=0 proc=4000000 pri=82, usrpri=82, nice=20 forw=0xffffffffffffffff, list=0xffff80001d42bb40,0xffffffff8254b668 process=0xffff8000ffff6378 user=0xffff800020659000, vmspace=0xfffffd806bc09bb0 estcpu=36, cpticks=1, pctcpu=0.0 user=0, sys=1, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 24964 287000 32620 0 2 0 syz-executor.1 *24964 314964 32620 0 7 0x4000000 syz-executor.1 32620 28726 48548 0 3 0x82 nanosleep syz-executor.1 42673 106889 48548 0 2 0x2 syz-executor.0 58868 394321 1 0 3 0x100083 ttyin getty 842 277902 0 0 3 0x14200 bored sosplice 48548 107674 27111 0 3 0x82 thrsleep syz-fuzzer 48548 349003 27111 0 3 0x4000082 nanosleep syz-fuzzer 48548 28226 27111 0 3 0x4000082 kqread syz-fuzzer 48548 303534 27111 0 3 0x4000082 thrsleep syz-fuzzer 48548 327812 27111 0 3 0x4000082 thrsleep syz-fuzzer 48548 201100 27111 0 3 0x4000082 thrsleep syz-fuzzer 48548 87424 27111 0 3 0x4000082 thrsleep syz-fuzzer 48548 507712 27111 0 3 0x4000082 thrsleep syz-fuzzer 27111 7584 86088 0 3 0x10008a pause ksh 86088 113162 21344 0 3 0x92 select sshd 21344 415853 1 0 3 0x80 select sshd 73890 113987 84228 73 3 0x100090 kqread syslogd 84228 184972 1 0 3 0x100082 netio syslogd 79251 455397 1 77 3 0x100090 poll dhclient 13639 344035 1 0 3 0x80 poll dhclient 69121 302548 0 0 2 0x14200 zerothread 33689 66073 0 0 3 0x14200 aiodoned aiodoned 89900 221343 0 0 3 0x14200 syncer update 23583 159655 0 0 3 0x14200 cleaner cleaner 58110 421784 0 0 3 0x14200 reaper reaper 18749 375430 0 0 3 0x14200 pgdaemon pagedaemon 4034 297889 0 0 3 0x14200 bored crynlk 47543 79502 0 0 3 0x14200 bored crypto 41520 489099 0 0 3 0x40014200 acpi0 acpi0 52145 258271 0 0 3 0x14200 bored softnet 55919 119675 0 0 3 0x14200 bored systqmp 67434 171361 0 0 3 0x14200 bored systq 58046 155750 0 0 3 0x40014200 bored softclock 39916 331403 0 0 3 0x40014200 idle0 3025 384577 0 0 3 0x14200 bored smr 1 516369 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 9486 6675K 15251K 78643K 197488 0 pcb 13 8K 8K 78643K 3148 0 rtable 108 3K 3K 78643K 1283 0 ifaddr 46 13K 14K 78643K 786 0 counters 19 16K 16K 78643K 19 0 ioctlops 0 0K 4K 78643K 2407 0 iov 0 0K 24K 78643K 3782 0 mount 1 1K 1K 78643K 1 0 vnodes 1255 79K 79K 78643K 65565 0 UFS quota 1 32K 32K 78643K 1 0 UFS mount 5 36K 36K 78643K 5 0 shm 2 1K 9K 78643K 444 0 VM map 2 0K 0K 78643K 2 0 sem 12 0K 1K 78643K 6342 0 dirhash 12 2K 2K 78643K 12 0 ACPI 1794 195K 288K 78643K 12646 0 file desc 5 13K 25K 78643K 69357 0 sigio 0 0K 0K 78643K 451 0 proc 2399 185K 195K 78643K 3510 0 subproc 32 2K 2K 78643K 153 0 NFS srvsock 1 0K 0K 78643K 1 0 NFS daemon 1 16K 16K 78643K 1 0 ip_moptions 0 0K 0K 78643K 23673 0 in_multi 33 2K 2K 78643K 120 0 ether_multi 1 0K 0K 78643K 1 0 ISOFS mount 1 32K 32K 78643K 1 0 MSDOSFS mount 1 16K 16K 78643K 1 0 ttys 67 307K 307K 78643K 67 0 exec 0 0K 1K 78643K 1050 0 pagedep 1 8K 8K 78643K 1 0 inodedep 1 32K 32K 78643K 1 0 newblk 1 0K 0K 78643K 1 0 VM swap 7 26K 26K 78643K 7 0 UVM amap 197 25K 161K 78643K 142110 0 UVM aobj 130 4K 4K 78643K 130 0 memdesc 1 4K 4K 78643K 1 0 crypto data 1 1K 1K 78643K 1 0 ip6_options 0 0K 0K 78643K 1646 0 NDP 6 0K 0K 78643K 111 0 temp 112 3030K 3094K 78643K 573951 0 kqueue 0 0K 0K 78643K 8 0 SYN cache 2 16K 16K 78643K 2 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle arp 64 26 0 19 1 0 1 1 0 8 0 rtpcb 80 439 0 437 1 0 1 1 0 8 0 rtentry 112 121 0 76 2 0 2 2 0 8 0 unpcb 120 103797 0 103789 66 65 1 3 0 8 0 syncache 264 4 0 4 1 1 0 1 0 8 0 sackhl 24 42 0 42 29 29 0 1 0 8 0 tcpqe 32 1 0 1 1 1 0 1 0 8 0 tcpcb 544 36386 0 36382 21 20 1 2 0 8 0 inpcb 280 54444 0 54435 58 56 2 3 0 8 1 nd6 48 18 0 14 1 0 1 1 0 8 0 pkpcb 40 15 0 15 3 3 0 1 0 8 0 pffrag 232 220 0 220 4 4 0 1 0 482 0 pffrnode 88 220 0 220 4 4 0 1 0 8 0 pffrent 40 592 0 592 4 4 0 1 0 8 0 pfosfp 40 2 0 1 1 0 1 1 0 8 0 pfosfpen 112 2 0 1 1 0 1 1 0 8 0 pfrktable 1344 115 0 115 2 1 1 1 0 8 1 pftag 88 2 0 0 1 0 1 1 0 8 0 pfqueue 264 5 0 3 3 2 1 1 0 8 0 pfrule 1360 421 0 130 26 1 25 25 0 8 0 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 531 0 315 14 0 14 14 0 8 0 art_table 32 532 0 315 2 0 2 2 0 8 0 art_node 16 120 0 79 1 0 1 1 0 8 0 semapl 112 6340 0 6330 1 0 1 1 0 8 0 shmpl 112 128 0 0 4 0 4 4 0 8 0 dirhash 1024 17 0 0 3 0 3 3 0 8 0 dino1pl 128 78028 0 76599 47 0 47 47 0 8 0 ffsino 240 78028 0 76599 85 0 85 85 0 8 0 nchpl 144 168591 0 166734 72 3 69 69 0 8 0 uvmvnodes 72 5926 0 0 108 0 108 108 0 8 0 vnodes 208 5926 0 0 312 0 312 312 0 8 0 namei 1024 496104 0 496103 1 0 1 1 0 8 0 scxspl 192 447640 0 447640 1 0 1 1 0 8 1 plimitpl 152 241 0 234 1 0 1 1 0 8 0 sigapl 432 69508 0 69495 2 0 2 2 0 8 0 futexpl 56 847934 0 847934 2 1 1 1 0 8 1 knotepl 112 856 0 837 1 0 1 1 0 8 0 kqueuepl 104 4576 0 4574 1 0 1 1 0 8 0 pipepl 112 43600 0 43577 42 41 1 2 0 8 0 fdescpl 424 69509 0 69495 2 0 2 2 0 8 0 filepl 120 449791 0 449689 88 84 4 7 0 8 0 lockfpl 104 11847 0 11846 1 0 1 1 0 8 0 lockfspl 48 3597 0 3596 1 0 1 1 0 8 0 sessionpl 112 25 0 15 1 0 1 1 0 8 0 pgrppl 48 1733 0 1723 1 0 1 1 0 8 0 ucredpl 96 41660 0 41653 1 0 1 1 0 8 0 zombiepl 144 69495 0 69495 1 0 1 1 0 8 1 processpl 872 69524 0 69495 4 0 4 4 0 8 0 procpl 632 140247 0 140210 4 0 4 4 0 8 0 sosppl 128 607 0 607 2 2 0 1 0 8 0 sockpl 384 159093 0 159076 232 228 4 10 0 8 2 mcl64k 65536 727 0 727 61 60 1 1 0 8 1 mcl16k 16384 1531 0 1531 60 59 1 1 0 8 1 mcl12k 12288 1065 0 1065 59 58 1 1 0 8 1 mcl9k 9216 368 0 368 68 67 1 1 0 8 1 mcl8k 8192 1515 0 1513 50 49 1 1 0 8 0 mcl4k 4096 4303 0 4303 43 42 1 1 0 8 1 mcl2k2 2112 451 0 451 61 61 0 1 0 8 0 mcl2k 2048 129187 0 129145 84 77 7 14 0 8 1 mtagpl 80 2 0 2 1 1 0 1 0 8 0 mbufpl 256 608013 0 607918 37 29 8 11 0 8 0 bufpl 280 82321 0 76137 442 0 442 442 0 8 0 anonpl 16 4855976 0 4849033 74 38 36 46 0 107 0 amapchunkpl 152 271915 0 271821 694 581 113 654 0 158 108 amappl16 192 322547 0 322109 92 69 23 34 0 8 1 amappl15 184 66 0 62 1 0 1 1 0 8 0 amappl14 176 22636 0 22635 1 0 1 1 0 8 0 amappl13 168 11038 0 11037 1 0 1 1 0 8 0 amappl12 160 32076 0 32074 1 0 1 1 0 8 0 amappl11 152 79 0 66 1 0 1 1 0 8 0 amappl10 144 3336 0 3332 1 0 1 1 0 8 0 amappl9 136 662 0 658 1 0 1 1 0 8 0 amappl8 128 1509 0 1387 6 2 4 4 0 8 0 amappl7 120 3437 0 3422 1 0 1 1 0 8 0 amappl6 112 66 0 55 1 0 1 1 0 8 0 amappl5 104 32850 0 32840 1 0 1 1 0 8 0 amappl4 96 52269 0 52236 1 0 1 1 0 8 0 amappl3 88 35648 0 35640 1 0 1 1 0 8 0 amappl2 80 544874 0 544801 3 1 2 3 0 8 0 amappl1 72 1145477 0 1145052 26 17 9 20 0 8 0 amappl 80 140841 0 140803 1 0 1 1 0 84 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 64 129 0 0 3 0 3 3 0 8 0 uaddrrnd 24 69509 0 69495 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 69509 0 69495 1 0 1 1 0 8 0 vmmpekpl 168 336091 0 336067 2 0 2 2 0 8 0 vmmpepl 168 7683875 0 7682230 230 153 77 89 0 357 0 vmsppl 272 69508 0 69495 2 1 1 2 0 8 0 pdppl 4096 139024 0 138990 6 1 5 6 0 8 0 pvpl 32 12082830 0 12072782 242 147 95 121 0 265 0 pmappl 200 69508 0 69495 1 0 1 1 0 8 0 extentpl 40 46 0 29 1 0 1 1 0 8 0 phpool 112 496 0 341 5 0 5 5 0 8 0