panic: unhandled af 255
Stopped at db_enter+0x18: addq $0x8,%rsp
TID PID UID PRFLAGS PFLAGS CPU COMMAND
*406059 39598 0 0x2 0x4000000 0 syz-executor3488
db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:398
panic(ffffffff821b892c) at panic+0x15c sys/kern/subr_prf.c:207
unhandled_af(ff) at unhandled_af+0x16
pf_addrcpy(ffff80001d3d85b8,ffff80001d3d88b0,ff) at pf_addrcpy+0x99 sys/net/pf.c:409
pfioctl(4900,c0504417,ffff80001d3d88b0,1,ffff8000ffff4500) at pfioctl+0x43c0 sys/net/pf_ioctl.c:1827
VOP_IOCTL(fffffd80654d1680,c0504417,ffff80001d3d88b0,1,fffffd806c3becc0,ffff8000ffff4500) at VOP_IOCTL+0x88 sys/kern/vfs_vops.c:291
vn_ioctl(fffffd805d732878,c0504417,ffff80001d3d88b0,ffff8000ffff4500) at vn_ioctl+0xb7 sys/kern/vfs_vnops.c:533
sys_ioctl(ffff8000ffff4500,ffff80001d3d89c8,ffff80001d3d8a10) at sys_ioctl+0x5b9
syscall(ffff80001d3d8a90) at syscall+0x507 sys/arch/amd64/amd64/trap.c:555
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0xbd0694bd500, count: 5
https://www.openbsd.org/ddb.html describes the minimum info required in bug
reports. Insufficient info makes it difficult to find and fix bugs.
ddb>
ddb> set $lines = 0
ddb> set $maxwidth = 0
ddb> show panic
unhandled af 255
ddb> trace
db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:398
panic(ffffffff821b892c) at panic+0x15c sys/kern/subr_prf.c:207
unhandled_af(ff) at unhandled_af+0x16
pf_addrcpy(ffff80001d3d85b8,ffff80001d3d88b0,ff) at pf_addrcpy+0x99 sys/net/pf.c:409
pfioctl(4900,c0504417,ffff80001d3d88b0,1,ffff8000ffff4500) at pfioctl+0x43c0 sys/net/pf_ioctl.c:1827
VOP_IOCTL(fffffd80654d1680,c0504417,ffff80001d3d88b0,1,fffffd806c3becc0,ffff8000ffff4500) at VOP_IOCTL+0x88 sys/kern/vfs_vops.c:291
vn_ioctl(fffffd805d732878,c0504417,ffff80001d3d88b0,ffff8000ffff4500) at vn_ioctl+0xb7 sys/kern/vfs_vnops.c:533
sys_ioctl(ffff8000ffff4500,ffff80001d3d89c8,ffff80001d3d8a10) at sys_ioctl+0x5b9
syscall(ffff80001d3d8a90) at syscall+0x507 sys/arch/amd64/amd64/trap.c:555
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0xbd0694bd500, count: -10
ddb> show registers
rdi 0
rsi 0x1
rbp 0xffff80001d3d8470
rbx 0xffff80001d3d8520
rdx 0x2
rcx 0x1
rax 0x1
r8 0xffff80001d3d8430
r9 0x1
r10 0xbc86db9f440fd1ed
r11 0x6307e698f4be06e1
r12 0x3000000008
r13 0xffff80001d3d8480
r14 0x100
r15 0x1
rip 0xffffffff81da8678 db_enter+0x18
cs 0x8
rflags 0x246
rsp 0xffff80001d3d8460
ss 0x10
db_enter+0x18: addq $0x8,%rsp
ddb> show proc
PROC (syz-executor3488) pid=406059 stat=onproc
flags process=2<EXEC> proc=4000000<THREAD>
pri=50, usrpri=50, nice=20
forw=0xffffffffffffffff, list=0xffff8000ffff5648,0xffff8000ffff4020
process=0xffff80001d39a6e8 user=0xffff80001d3d3000, vmspace=0xfffffd806bc09cc0
estcpu=0, cpticks=0, pctcpu=0.0
user=0, sys=0, intr=0
ddb> ps
PID TID PPID UID S FLAGS WAIT COMMAND
39598 346764 11503 0 2 0x2 syz-executor3488
*39598 406059 11503 0 7 0x4000002 syz-executor3488
39598 217301 11503 0 3 0x4000082 fsleep syz-executor3488
11503 394070 48440 0 3 0x10008a pause ksh
48440 445987 20156 0 3 0x92 select sshd
75143 170402 1 0 3 0x100083 ttyin getty
20156 226850 1 0 3 0x80 select sshd
95015 343341 3977 73 3 0x100090 kqread syslogd
3977 280504 1 0 3 0x100082 netio syslogd
45260 347306 1 77 3 0x100090 poll dhclient
26962 496896 1 0 3 0x80 poll dhclient
32759 194515 0 0 2 0x14200 zerothread
83062 305694 0 0 3 0x14200 aiodoned aiodoned
40861 207263 0 0 3 0x14200 syncer update
37208 409447 0 0 3 0x14200 cleaner cleaner
17909 244875 0 0 3 0x14200 reaper reaper
58598 295468 0 0 3 0x14200 pgdaemon pagedaemon
19102 379405 0 0 3 0x14200 bored crynlk
78064 417923 0 0 3 0x14200 bored crypto
57115 287641 0 0 3 0x40014200 acpi0 acpi0
38072 248904 0 0 3 0x14200 bored softnet
28484 46663 0 0 3 0x14200 bored systqmp
65129 413003 0 0 3 0x14200 bored systq
21090 110291 0 0 3 0x40014200 bored softclock
75049 51961 0 0 3 0x40014200 idle0
70314 296062 0 0 3 0x14200 bored smr
1 476788 0 0 3 0x82 wait init
0 0 -1 0 3 0x10200 scheduler swapper
ddb> show all locks
No such command
ddb> show malloc
Type InUse MemUse HighUse Limit Requests Type Lim
devbuf 9438 6319K 6320K 78643K 10535 0
pcb 13 8K 8K 78643K 13 0
rtable 61 1K 2K 78643K 117 0
ifaddr 24 7K 7K 78643K 24 0
counters 19 16K 16K 78643K 19 0
ioctlops 0 0K 2K 78643K 13 0
mount 1 1K 1K 78643K 1 0
vnodes 1180 74K 74K 78643K 1185 0
UFS quota 1 32K 32K 78643K 1 0
UFS mount 5 36K 36K 78643K 5 0
shm 2 1K 1K 78643K 2 0
VM map 2 0K 0K 78643K 2 0
sem 2 0K 0K 78643K 2 0
dirhash 12 2K 2K 78643K 12 0
ACPI 1794 195K 288K 78643K 12646 0
file desc 1 0K 0K 78643K 1 0
proc 47 38K 46K 78643K 278 0
NFS srvsock 1 0K 0K 78643K 1 0
NFS daemon 1 16K 16K 78643K 1 0
in_multi 11 0K 0K 78643K 11 0
ether_multi 1 0K 0K 78643K 1 0
ISOFS mount 1 32K 32K 78643K 1 0
MSDOSFS mount 1 16K 16K 78643K 1 0
ttys 19 95K 95K 78643K 19 0
exec 0 0K 1K 78643K 151 0
pagedep 1 8K 8K 78643K 1 0
inodedep 1 32K 32K 78643K 1 0
newblk 1 0K 0K 78643K 1 0
VM swap 7 26K 26K 78643K 7 0
UVM amap 64 3K 3K 78643K 711 0
UVM aobj 2 2K 2K 78643K 2 0
memdesc 1 4K 4K 78643K 1 0
crypto data 1 1K 1K 78643K 1 0
NDP 3 0K 0K 78643K 3 0
temp 20 3003K 3067K 78643K 1712 0
SYN cache 2 16K 16K 78643K 2 0
ddb> show all pools
Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle
arp 64 2 0 0 1 0 1 1 0 8 0
rtpcb 80 15 0 13 1 0 1 1 0 8 0
rtentry 112 23 0 1 1 0 1 1 0 8 0
unpcb 120 27 0 19 1 0 1 1 0 8 0
syncache 264 5 0 5 2 1 1 1 0 8 1
tcpcb 544 8 0 5 1 0 1 1 0 8 0
inpcb 280 22 0 16 1 0 1 1 0 8 0
art_heap8 4096 1 0 0 1 0 1 1 0 8 0
art_heap4 256 96 0 0 6 0 6 6 0 8 0
art_table 32 97 0 0 1 0 1 1 0 8 0
art_node 16 22 0 2 1 0 1 1 0 8 0
dirhash 1024 17 0 0 3 0 3 3 0 8 0
dino1pl 128 1392 0 15 45 0 45 45 0 8 0
ffsino 240 1392 0 15 81 0 81 81 0 8 0
nchpl 144 1567 0 31 57 0 57 57 0 8 0
uvmvnodes 72 1401 0 0 26 0 26 26 0 8 0
vnodes 208 1401 0 0 74 0 74 74 0 8 0
namei 1024 3480 0 3480 2 1 1 1 0 8 1
scxspl 192 2591 0 2591 2 1 1 1 0 8 1
plimitpl 152 13 0 8 1 0 1 1 0 8 0
sigapl 432 176 0 166 2 0 2 2 0 8 0
futexpl 56 4 0 3 1 0 1 1 0 8 0
knotepl 112 5 0 0 1 0 1 1 0 8 0
kqueuepl 104 1 0 0 1 0 1 1 0 8 0
pipepl 112 114 0 107 2 1 1 1 0 8 0
fdescpl 424 177 0 166 2 0 2 2 0 8 0
filepl 120 859 0 814 2 0 2 2 0 8 0
lockfpl 104 5 0 4 1 0 1 1 0 8 0
lockfspl 48 3 0 2 1 0 1 1 0 8 0
sessionpl 112 17 0 9 1 0 1 1 0 8 0
pgrppl 48 17 0 9 1 0 1 1 0 8 0
ucredpl 96 47 0 40 1 0 1 1 0 8 0
zombiepl 144 166 0 166 2 1 1 1 0 8 1
processpl 872 191 0 166 4 0 4 4 0 8 0
procpl 632 193 0 166 3 0 3 3 0 8 0
sockpl 384 64 0 48 2 0 2 2 0 8 0
mcl4k 4096 10 0 10 2 1 1 1 0 8 1
mcl2k 2048 5915 0 5887 7 1 6 6 0 8 2
mtagpl 80 2 0 2 1 1 0 1 0 8 0
mbufpl 256 10193 0 10153 4 0 4 4 0 8 1
bufpl 280 2107 0 258 133 0 133 133 0 8 0
anonpl 16 17386 0 16199 7 2 5 7 0 107 0
amapchunkpl 152 470 0 430 2 0 2 2 0 158 0
amappl16 192 30 0 28 1 0 1 1 0 8 0
amappl15 184 42 0 38 1 0 1 1 0 8 0
amappl14 176 13 0 12 2 1 1 1 0 8 0
amappl12 160 5 0 5 1 1 0 1 0 8 0
amappl11 152 39 0 28 1 0 1 1 0 8 0
amappl10 144 4 0 4 1 1 0 1 0 8 0
amappl9 136 348 0 347 1 0 1 1 0 8 0
amappl8 128 65 0 60 1 0 1 1 0 8 0
amappl7 120 62 0 54 1 0 1 1 0 8 0
amappl6 112 44 0 42 1 0 1 1 0 8 0
amappl5 104 208 0 199 1 0 1 1 0 8 0
amappl4 96 399 0 373 1 0 1 1 0 8 0
amappl3 88 112 0 103 1 0 1 1 0 8 0
amappl2 80 695 0 636 3 1 2 2 0 8 0
amappl1 72 12046 0 11633 16 6 10 16 0 8 0
amappl 80 355 0 334 1 0 1 1 0 84 0
dma4096 4096 1 0 1 1 1 0 1 0 8 0
dma256 256 6 0 6 1 1 0 1 0 8 0
dma128 128 253 0 253 1 1 0 1 0 8 0
dma64 64 6 0 6 1 1 0 1 0 8 0
dma32 32 7 0 7 1 1 0 1 0 8 0
dma16 16 18 0 17 1 0 1 1 0 8 0
aobjpl 64 1 0 0 1 0 1 1 0 8 0
uaddrrnd 24 177 0 166 1 0 1 1 0 8 0
uaddrbest 32 2 0 0 1 0 1 1 0 8 0
uaddr 24 177 0 166 1 0 1 1 0 8 0
vmmpekpl 168 5229 0 5215 1 0 1 1 0 8 0
vmmpepl 168 26050 0 25212 57 19 38 48 0 357 1
vmsppl 272 176 0 166 1 0 1 1 0 8 0
pdppl 4096 360 0 332 5 0 5 5 0 8 0
pvpl 32 70497 0 67671 33 6 27 27 0 265 4
pmappl 200 176 0 166 1 0 1 1 0 8 0
extentpl 40 46 0 29 1 0 1 1 0 8 0
phpool 112 115 0 5 4 0 4 4 0 8 0