login: panic: pool_p_free: semupl free list modified: page 0xffffff006d4e6000; item addr 0xffffff006d4e6ee0; offset 0x0=0xdead4111 Stopped at db_enter+0xa: popq %rbp TID PID UID PRFLAGS PFLAGS CPU COMMAND 362715 55485 0 0x2 0x480 0 syz-executor5779 * 73677 94006 0 0x14000 0x200 1 systqmp db_enter() at db_enter+0xa sys/arch/amd64/amd64/db_interface.c:399 panic() at panic+0x147 sys/kern/subr_prf.c:208 pool_p_free(ffffffff81ed80f8,0) at pool_p_free+0x18e sys/kern/subr_pool.c:1004 pool_gc_pages(ffffffff815c7770) at pool_gc_pages+0x1f5 sys/kern/subr_pool.c:1586 taskq_thread(0) at taskq_thread+0xa2 sys/kern/kern_task.c:309 end trace frame: 0x0, count: 10 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb{1}> ddb{1}> set $lines = 0 ddb{1}> show panic pool_p_free: semupl free list modified: page 0xffffff006d4e6000; item addr 0xffffff006d4e6ee0; offset 0x0=0xdead4111 ddb{1}> trace db_enter() at db_enter+0xa sys/arch/amd64/amd64/db_interface.c:399 panic() at panic+0x147 sys/kern/subr_prf.c:208 pool_p_free(ffffffff81ed80f8,0) at pool_p_free+0x18e sys/kern/subr_pool.c:1004 pool_gc_pages(ffffffff815c7770) at pool_gc_pages+0x1f5 sys/kern/subr_pool.c:1586 taskq_thread(0) at taskq_thread+0xa2 sys/kern/kern_task.c:309 end trace frame: 0x0, count: -5 ddb{1}> show registers rdi 0xffffffff81e208b8 kprintf_mutex rsi 0x5 rbp 0xffff80002104bbb0 rbx 0xffff80002104bc50 rdx 0x3fd rcx 0 rax 0x1 r8 0xffff80002104bb80 r9 0x8080808080808080 r10 0 r11 0xffffffff816da490 x86_bus_space_io_read_1 r12 0x3000000008 r13 0xffff80002104bbc0 r14 0x100 r15 0xffffffff81c3b433 apollo_udma100_tim+0xe293 rip 0xffffffff8125fcba db_enter+0xa cs 0x8 rflags 0x202 rsp 0xffff80002104bbb0 ss 0x10 db_enter+0xa: popq %rbp ddb{1}> show proc PROC (systqmp) pid=73677 stat=onproc flags process=14000 proc=200 pri=32, usrpri=51, nice=20 forw=0xffffffffffffffff, list=0xffff800021030bb8,0xffff800021030010 process=0xffff800021032978 user=0xffff800021046000, vmspace=0xffffffff81efbef0 estcpu=1, cpticks=1, pctcpu=0.0 user=0, sys=1, intr=0 ddb{1}> ps PID TID PPID UID S FLAGS WAIT COMMAND 55485 362715 53640 0 7 0x482 syz-executor5779 53640 3444 65332 0 3 0x10008a pause ksh 65332 518487 56204 0 3 0x92 select sshd 87935 104325 1 0 3 0x100083 ttyin getty 56204 406125 1 0 3 0x80 select sshd 91478 135306 25187 73 3 0x100090 kqread syslogd 25187 477137 1 0 3 0x100082 netio syslogd 78702 457850 1 77 3 0x100090 poll dhclient 67694 402241 1 0 3 0x80 poll dhclient 56049 126278 0 0 3 0x14200 pgzero zerothread 67622 327451 0 0 3 0x14200 aiodoned aiodoned 58186 172580 0 0 3 0x14200 syncer update 93712 246055 0 0 3 0x14200 cleaner cleaner 63610 66195 0 0 3 0x14200 reaper reaper 86908 489372 0 0 3 0x14200 pgdaemon pagedaemon 49789 263503 0 0 3 0x14200 bored crynlk 19364 132853 0 0 3 0x14200 bored crypto 56354 232881 0 0 3 0x40014200 acpi0 acpi0 92359 143245 0 0 3 0x40014200 idle1 32475 53911 0 0 3 0x14200 bored softnet *94006 73677 0 0 7 0x14200 systqmp 2203 378251 0 0 3 0x14200 bored systq 71596 437611 0 0 3 0x40014200 bored softclock 99976 350407 0 0 3 0x40014200 idle0 1 196263 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb{1}>