panic: tcp_output Stopped at db_enter+0x18: addq $0x8,%rsp TID PID UID PRFLAGS PFLAGS CPU COMMAND *453726 22978 0 0 0x4000000 0 syz-executor.3 db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:437 panic(ffffffff8254ebcf) at panic+0x161 sys/kern/subr_prf.c:198 tcp_output(ffff800000bbe600) at tcp_output+0x2a72 sys/netinet/tcp_output.c:727 tcp_send(fffffd8066854780,fffffd806841e500,0,fffffd806841e600) at tcp_send+0xc4 sys/netinet/tcp_usrreq.c:953 sosend(fffffd8066854780,0,ffff80002e90af10,0,fffffd806841e600,0) at sosend+0x62a pru_send sys/sys/protosw.h:331 [inline] sosend(fffffd8066854780,0,ffff80002e90af10,0,fffffd806841e600,0) at sosend+0x62a sys/kern/uipc_socket.c:646 sendit(ffff80002170a7e0,4,ffff80002e90b090,0,ffff80002e90b190) at sendit+0x64d sys/kern/uipc_syscalls.c:694 sys_sendmsg(ffff80002170a7e0,ffff80002e90b138,ffff80002e90b190) at sys_sendmsg+0x198 sys/kern/uipc_syscalls.c:601 syscall(ffff80002e90b200) at syscall+0x447 sys/arch/amd64/amd64/trap.c:585 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xa1843f42100, count: 6 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic *cpu0: tcp_output ddb> trace db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:437 panic(ffffffff8254ebcf) at panic+0x161 sys/kern/subr_prf.c:198 tcp_output(ffff800000bbe600) at tcp_output+0x2a72 sys/netinet/tcp_output.c:727 tcp_send(fffffd8066854780,fffffd806841e500,0,fffffd806841e600) at tcp_send+0xc4 sys/netinet/tcp_usrreq.c:953 sosend(fffffd8066854780,0,ffff80002e90af10,0,fffffd806841e600,0) at sosend+0x62a pru_send sys/sys/protosw.h:331 [inline] sosend(fffffd8066854780,0,ffff80002e90af10,0,fffffd806841e600,0) at sosend+0x62a sys/kern/uipc_socket.c:646 sendit(ffff80002170a7e0,4,ffff80002e90b090,0,ffff80002e90b190) at sendit+0x64d sys/kern/uipc_syscalls.c:694 sys_sendmsg(ffff80002170a7e0,ffff80002e90b138,ffff80002e90b190) at sys_sendmsg+0x198 sys/kern/uipc_syscalls.c:601 syscall(ffff80002e90b200) at syscall+0x447 sys/arch/amd64/amd64/trap.c:585 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xa1843f42100, count: -9 ddb> show registers rdi 0 rsi 0x1 rbp 0xffff80002e90ab80 rbx 0x7c rdx 0xffff800000cb59c0 rcx 0 rax 0xffff80002170a7e0 r8 0x101010101010101 r9 0x8080808080808080 r10 0x5158e80671f9546 r11 0x4ac7ae4b0183e4c6 r12 0 r13 0 r14 0 r15 0x1 rip 0xffffffff82298ac8 db_enter+0x18 cs 0x8 rflags 0x246 rsp 0xffff80002e90ab70 ss 0x10 db_enter+0x18: addq $0x8,%rsp ddb> show proc PROC (syz-executor.3) pid=453726 stat=onproc flags process=0 proc=4000000 pri=32, usrpri=81, nice=20 forw=0xffffffffffffffff, list=0xffff80002170a000,0xffff80002ceb62b0 process=0xffff80002e8ca430 user=0xffff80002e906000, vmspace=0xfffffd806c4eccd0 estcpu=36, cpticks=0, pctcpu=0.0 user=0, sys=0, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 11762 368739 57597 0 2 0 syz-executor.2 11762 82805 57597 0 3 0x4000080 fsleep syz-executor.2 22978 166267 53285 0 2 0 syz-executor.3 *22978 453726 53285 0 7 0x4000000 syz-executor.3 78261 511522 77325 0 2 0 syz-executor.6 78261 435001 77325 0 3 0x4000080 fsleep syz-executor.6 19548 471514 81720 0 2 0 syz-executor.5 19548 127632 81720 0 3 0x4000080 fsleep syz-executor.5 20260 53306 61507 0 2 0 syz-executor.1 20260 232425 61507 0 3 0x4000080 fsleep syz-executor.1 71976 312058 51527 0 2 0 syz-executor.4 71976 285720 51527 0 3 0x4000080 fsleep syz-executor.4 26749 358787 61518 0 2 0 syz-executor.7 26749 349728 61518 0 3 0x4000080 kqread syz-executor.7 26749 346232 61518 0 3 0x4000080 fsleep syz-executor.7 6525 404337 35651 0 3 0x80 nanoslp syz-executor.0 6525 68910 35651 0 3 0x4000080 kqread syz-executor.0 6525 255519 35651 0 3 0x4000080 fsleep syz-executor.0 61507 184182 34609 0 3 0x82 nanoslp syz-executor.1 40578 506233 1 0 3 0x100083 ttyin getty 53285 475279 34609 0 3 0x82 nanoslp syz-executor.3 10291 259322 0 0 3 0x14280 nfsidl nfsio 15941 499530 0 0 3 0x14280 nfsidl nfsio 21712 107321 0 0 3 0x14280 nfsidl nfsio 50314 82353 0 0 3 0x14280 nfsidl nfsio 80452 116791 0 0 3 0x14280 nfsidl nfsio 60053 321424 0 0 3 0x14280 nfsidl nfsio 84301 192707 0 0 3 0x14280 nfsidl nfsio 26108 15466 0 0 3 0x14280 nfsidl nfsio 36479 253450 0 0 3 0x14280 nfsidl nfsio 3678 485787 0 0 3 0x14280 nfsidl nfsio 16368 213460 0 0 3 0x14280 nfsidl nfsio 39554 35340 0 0 3 0x14280 nfsidl nfsio 26414 450251 0 0 3 0x14280 nfsidl nfsio 69678 257335 0 0 3 0x14280 nfsidl nfsio 28866 232811 0 0 3 0x14280 nfsidl nfsio 58933 202514 0 0 3 0x14280 nfsidl nfsio 89717 419472 0 0 3 0x14280 nfsidl nfsio 73563 312376 0 0 3 0x14280 nfsidl nfsio 14147 250348 0 0 3 0x14280 nfsidl nfsio 70919 336432 0 0 3 0x14280 nfsidl nfsio 54644 104366 0 0 3 0x14200 bored sosplice 75239 34991 0 0 3 0x14200 acct acct 77325 65456 34609 0 3 0x82 nanoslp syz-executor.6 81720 397745 34609 0 3 0x82 nanoslp syz-executor.5 61518 292764 34609 0 3 0x82 nanoslp syz-executor.7 57597 151201 34609 0 3 0x82 nanoslp syz-executor.2 35651 44793 34609 0 3 0x82 nanoslp syz-executor.0 51527 102663 34609 0 3 0x82 nanoslp syz-executor.4 34609 211618 34176 0 3 0x82 thrsleep syz-fuzzer 34609 437503 34176 0 3 0x4000082 thrsleep syz-fuzzer 34609 204080 34176 0 3 0x4000082 thrsleep syz-fuzzer 34609 129890 34176 0 3 0x4000082 wait syz-fuzzer 34609 345171 34176 0 3 0x4000082 wait syz-fuzzer 34609 25517 34176 0 3 0x4000082 thrsleep syz-fuzzer 34609 396697 34176 0 3 0x4000082 wait syz-fuzzer 34609 19553 34176 0 3 0x4000082 kqread syz-fuzzer 34609 133943 34176 0 3 0x4000082 thrsleep syz-fuzzer 34609 285906 34176 0 3 0x4000082 wait syz-fuzzer 34609 481431 34176 0 3 0x4000082 wait syz-fuzzer 34609 223421 34176 0 3 0x4000082 wait syz-fuzzer 34609 272940 34176 0 3 0x4000082 wait syz-fuzzer 34609 39508 34176 0 3 0x4000082 wait syz-fuzzer 34176 239429 87441 0 3 0x10008a sigsusp ksh 87441 218310 95815 0 3 0x9a kqread sshd 95815 263281 1 0 3 0x88 kqread sshd 86495 172502 48580 73 3 0x1100090 kqread syslogd 48580 217631 1 0 3 0x100082 netio syslogd 46687 131311 1 0 3 0x100080 kqread resolvd 65807 442069 486 77 3 0x100092 kqread dhcpleased 80162 76131 486 77 3 0x100092 kqread dhcpleased 486 521382 1 0 3 0x80 kqread dhcpleased 10019 508356 0 0 3 0x14200 bored smr 34104 170183 0 0 2 0x14200 zerothread 59698 392755 0 0 3 0x14200 aiodoned aiodoned 77900 56822 0 0 3 0x14200 syncer update 23763 55949 0 0 3 0x14200 cleaner cleaner 7595 497320 0 0 3 0x14200 reaper reaper 12865 368059 0 0 3 0x14200 pgdaemon pagedaemon 60777 84366 0 0 3 0x14200 bored viomb 72034 455305 0 0 3 0x40014200 acpi0 acpi0 2237 260343 0 0 3 0x14200 bored softnet 25359 308907 0 0 3 0x14200 bored softnet 5008 401076 0 0 3 0x14200 bored softnet 11619 407239 0 0 3 0x14200 bored softnet 79134 355971 0 0 3 0x14200 bored systqmp 55722 46319 0 0 3 0x14200 bored systq 23025 46806 0 0 3 0x40014200 bored softclock 53198 282953 0 0 3 0x40014200 idle0 1 503166 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10208 6496K 7308K 78643K 16809 0 pcb 14 10K 12K 78643K 307 0 rtable 221 15K 16K 78643K 644 0 ifaddr 92 19K 19K 78643K 292 0 sysctl 2 0K 1K 78643K 5 0 counters 26 17K 17K 78643K 37 0 ioctlops 0 0K 4K 78643K 651 0 iov 0 0K 24K 78643K 354 0 mount 1 1K 1K 78643K 1 0 log 0 0K 0K 78643K 4 0 vnodes 1436 90K 90K 78643K 2807 0 UFS quota 1 32K 32K 78643K 1 0 UFS mount 5 36K 36K 78643K 5 0 shm 2 1K 5K 78643K 11 0 VM map 2 0K 0K 78643K 2 0 sem 11 1K 1K 78643K 13 0 dirhash 12 2K 2K 78643K 12 0 ACPI 1697 195K 286K 78643K 12548 0 file desc 18 65K 69K 78643K 1850 0 sigio 0 0K 0K 78643K 156 0 proc 62 59K 75K 78643K 582 0 subproc 104 6K 6K 78643K 130 0 NFS srvsock 1 0K 0K 78643K 1 0 NFS daemon 1 16K 16K 78643K 1 0 ip_moptions 0 0K 0K 78643K 347 0 in_multi 85 5K 6K 78643K 160 0 ether_multi 1 0K 0K 78643K 6 0 mrt 0 0K 0K 78643K 9 0 ISOFS mount 1 32K 32K 78643K 1 0 MSDOSFS mount 1 16K 16K 78643K 1 0 ttys 241 1076K 1076K 78643K 241 0 exec 0 0K 2K 78643K 846 0 pfkey data 0 0K 0K 78643K 11 0 tdb 3 0K 0K 78643K 3 0 pagedep 1 8K 8K 78643K 1 0 inodedep 1 32K 32K 78643K 1 0 newblk 1 0K 0K 78643K 1 0 VM swap 8 62K 62K 78643K 8 0 UVM amap 275 227K 241K 78643K 11714 0 UVM aobj 28 2K 2K 78643K 31 0 memdesc 1 4K 4K 78643K 1 0 crypto data 1 1K 1K 78643K 1 0 ip6_options 0 0K 0K 78643K 74 0 NDP 12 0K 2K 78643K 47 0 temp 128 4718K 5737K 78643K 17833 0 kqueue 13 20K 24K 78643K 165 0 SYN cache 2 16K 16K 78643K 2 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle rtpcb 120 99 0 95 1 0 1 1 0 8 0 rtentry 112 160 0 72 4 0 4 4 0 8 0 unpcb 144 1142 0 1129 12 9 3 6 0 8 2 syncache 296 7 0 7 2 2 0 1 0 8 0 tcpqe 32 3 0 3 1 1 0 1 0 8 0 tcpcb 768 853 0 845 25 21 4 15 0 8 1 arp 88 23 0 7 1 0 1 1 0 8 0 inpcb 336 1808 0 1796 22 20 2 15 0 8 0 nd6 48 34 0 15 1 0 1 1 0 8 0 pkpcb 40 21 0 21 4 3 1 1 0 8 1 kcovpl 48 10 0 2 1 0 1 1 0 8 0 pfstscr 40 70 0 70 1 1 0 1 0 8 0 pfosfp 40 3 0 2 1 0 1 1 0 8 0 pfosfpen 112 3 0 2 1 0 1 1 0 8 0 pfrktable 1344 18 0 9 1 0 1 1 0 8 0 pfanchor 1280 265 0 49 18 0 18 18 0 8 0 pftag 88 4 0 0 1 0 1 1 0 8 0 pfqueue 264 1 0 1 1 0 1 1 0 8 1 pfstkey 120 70 0 70 1 1 0 1 0 8 0 pfstate 336 35 0 35 1 1 0 1 0 8 0 pfrule 1360 71 0 46 3 0 3 3 0 8 0 rttmr 136 3 0 3 1 1 0 1 0 8 0 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 702 0 347 31 6 25 30 0 8 1 art_table 32 703 0 347 4 0 4 4 0 8 0 art_node 16 159 0 82 1 0 1 1 0 8 0 sysvmsgpl 40 56 0 16 1 0 1 1 0 8 0 semupl 112 2 0 2 1 1 0 1 0 8 0 semapl 112 9 0 0 1 0 1 1 0 8 0 shmpl 112 28 0 3 1 0 1 1 0 8 0 dirhash 1024 17 0 0 3 0 3 3 0 8 0 dino2pl 256 3936 0 2511 90 0 90 90 0 8 0 ffsino 240 3936 0 2511 85 0 85 85 0 8 0 nchpl 144 6531 0 4894 63 0 63 63 0 8 0 uvmvnodes 80 5300 0 0 109 0 109 109 0 8 0 vnodes 216 5300 0 0 295 0 295 295 0 8 0 namei 1024 23688 0 23688 3 2 1 2 0 8 1 vcpupl 2048 10 0 0 2 0 2 2 0 8 0 vmpool 536 16 0 6 1 0 1 1 0 8 0 pfiaddrpl 120 16 0 0 1 0 1 1 0 8 0 kstatmem 264 46 0 22 2 0 2 2 0 8 0 scxspl 216 19662 0 19662 14 10 4 8 0 8 4 plimitpl 152 261 0 246 1 0 1 1 0 8 0 sigapl 424 2156 0 2089 8 0 8 8 0 8 0 futexpl 64 19485 0 19478 2 1 1 1 0 8 0 knotepl 120 23452 0 23371 10 6 4 7 0 8 0 kqueuepl 184 448 0 438 4 3 1 4 0 8 0 pipepl 288 516 0 488 13 10 3 7 0 8 0 fdescpl 432 2118 0 2089 4 0 4 4 0 8 0 filepl 120 14106 0 13862 25 13 12 14 0 8 4 lockfpl 104 736 0 734 2 1 1 2 0 8 0 lockfspl 48 220 0 218 1 0 1 1 0 8 0 sessionpl 144 26 0 10 1 0 1 1 0 8 0 pgrppl 48 93 0 77 1 0 1 1 0 8 0 ucredpl 104 1853 0 1842 1 0 1 1 0 8 0 zombiepl 144 2089 0 2089 1 0 1 1 0 8 1 processpl 1000 2156 0 2089 10 1 9 9 0 8 0 procpl 672 5076 0 4986 10 1 9 9 0 8 0 sosppl 168 26 0 26 3 2 1 1 0 8 1 sockpl 456 3070 0 3041 62 49 13 29 0 8 9 mcl64k 65536 27 0 27 3 2 1 1 0 8 1 mcl16k 16384 13 0 13 3 3 0 1 0 8 0 mcl12k 12288 83 0 83 2 1 1 1 0 8 1 mcl9k 9216 22 0 22 2 1 1 1 0 8 1 mcl8k 8192 90 0 90 3 2 1 1 0 8 1 mcl4k 4096 256 0 256 2 1 1 1 0 8 1 mcl2k2 2112 15 0 15 4 3 1 1 0 8 1 mcl2k 2048 72375 0 72090 42 6 36 36 0 8 0 mtagpl 96 1484 0 482 26 1 25 25 0 8 0 mbufpl 256 126688 0 125406 83 2 81 81 0 8 0 bufpl 288 6947 0 543 458 0 458 458 0 8 0 anonpl 24 398793 0 383721 132 15 117 128 0 188 10 amapchunkpl 152 46457 0 45789 52 18 34 40 0 158 7 amappl16 200 6153 0 5565 50 18 32 44 0 8 0 amappl15 192 96 0 90 1 0 1 1 0 8 0 amappl14 184 12 0 9 1 0 1 1 0 8 0 amappl13 176 185 0 182 1 0 1 1 0 8 0 amappl12 168 229 0 221 1 0 1 1 0 8 0 amappl11 160 83 0 67 1 0 1 1 0 8 0 amappl10 152 893 0 884 1 0 1 1 0 8 0 amappl9 144 616 0 611 1 0 1 1 0 8 0 amappl8 136 1030 0 965 3 0 3 3 0 8 0 amappl7 128 545 0 526 1 0 1 1 0 8 0 amappl6 120 351 0 335 2 1 1 2 0 8 0 amappl5 112 2390 0 2368 1 0 1 1 0 8 0 amappl4 104 853 0 829 2 1 1 2 0 8 0 amappl3 96 5965 0 5906 2 0 2 2 0 8 0 amappl2 88 804 0 768 2 0 2 2 0 8 0 amappl1 80 53254 0 52557 19 4 15 19 0 8 0 amappl 88 11161 0 10984 6 1 5 5 0 92 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 30 0 3 1 0 1 1 0 8 0 uaddrrnd 24 2134 0 2095 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 2134 0 2095 1 0 1 1 0 8 0 vmmpekpl 168 20204 0 20150 3 0 3 3 0 8 0 vmmpepl 168 208203 0 205461 160 33 127 143 0 357 7 vmsppl 272 2133 0 2095 4 1 3 3 0 8 0 rwobjpl 24 56673 0 49735 42 0 42 42 0 8 0 pdppl 4096 4274 0 4200 127 53 74 75 0 8 0 pvpl 32 838190 0 818516 293 96 197 254 0 265 24 pmappl 216 2133 0 2095 3 0 3 3 0 8 0 extentpl 40 56 0 38 1 0 1 1 0 8 0 phpool 112 982 0 111 25 0 25 25 0 8 0 ddb> machine ddbcpu 0 No such command ddb> trace db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:437 panic(ffffffff8254ebcf) at panic+0x161 sys/kern/subr_prf.c:198 tcp_output(ffff800000bbe600) at tcp_output+0x2a72 sys/netinet/tcp_output.c:727 tcp_send(fffffd8066854780,fffffd806841e500,0,fffffd806841e600) at tcp_send+0xc4 sys/netinet/tcp_usrreq.c:953 sosend(fffffd8066854780,0,ffff80002e90af10,0,fffffd806841e600,0) at sosend+0x62a pru_send sys/sys/protosw.h:331 [inline] sosend(fffffd8066854780,0,ffff80002e90af10,0,fffffd806841e600,0) at sosend+0x62a sys/kern/uipc_socket.c:646 sendit(ffff80002170a7e0,4,ffff80002e90b090,0,ffff80002e90b190) at sendit+0x64d sys/kern/uipc_syscalls.c:694 sys_sendmsg(ffff80002170a7e0,ffff80002e90b138,ffff80002e90b190) at sys_sendmsg+0x198 sys/kern/uipc_syscalls.c:601 syscall(ffff80002e90b200) at syscall+0x447 sys/arch/amd64/amd64/trap.c:585 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xa1843f42100, count: -9 ddb> machine ddbcpu 1 No such command ddb> trace db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:437 panic(ffffffff8254ebcf) at panic+0x161 sys/kern/subr_prf.c:198 tcp_output(ffff800000bbe600) at tcp_output+0x2a72 sys/netinet/tcp_output.c:727 tcp_send(fffffd8066854780,fffffd806841e500,0,fffffd806841e600) at tcp_send+0xc4 sys/netinet/tcp_usrreq.c:953 sosend(fffffd8066854780,0,ffff80002e90af10,0,fffffd806841e600,0) at sosend+0x62a pru_send sys/sys/protosw.h:331 [inline] sosend(fffffd8066854780,0,ffff80002e90af10,0,fffffd806841e600,0) at sosend+0x62a sys/kern/uipc_socket.c:646 sendit(ffff80002170a7e0,4,ffff80002e90b090,0,ffff80002e90b190) at sendit+0x64d sys/kern/uipc_syscalls.c:694 sys_sendmsg(ffff80002170a7e0,ffff80002e90b138,ffff80002e90b190) at sys_sendmsg+0x198 sys/kern/uipc_syscalls.c:601 syscall(ffff80002e90b200) at syscall+0x447 sys/arch/amd64/amd64/trap.c:585 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xa1843f42100, count: -9