kern.securelevel: 0 -> 1 creating runtime link editor directory cache. preserving editor files. starting network daemons: sshd. starting local daemons:. Mon Oct 21 16:51:15 PDT 2019 OpenBSD/amd64 (ci-openbsd-main-5.c.syzkaller.internal) (tty00) Warning: Permanently added '10.128.15.218' (ECDSA) to the list of known hosts. 2019/10/21 16:52:39 parsed 1 programs 2019/10/21 16:52:45 executed programs: 0 login: panic: ifa_update_broadaddr does not support dynamic length Stopped at db_enter+0x18: addq $0x8,%rsp TID PID UID PRFLAGS PFLAGS CPU COMMAND * 21726 76524 0 0 0 0 syz-executor.0 db_enter() at db_enter+0x18 panic() at panic+0x15c ifa_update_broadaddr(ffff800000a63800,ffff8000006a0300,ffff80001491a2a0) at ifa_update_broadaddr+0x61 in_ioctl_change_ifaddr(8040691a,ffff80001491a280,ffff800000a63800,1) at in_ioctl_change_ifaddr+0x5a3 in_ioctl(8040691a,ffff80001491a280,ffff800000a63800,1) at in_ioctl+0x205 ifioctl(fffffd80363d6908,8040691a,ffff80001491a280,ffff8000ffff8770) at ifioctl+0xb34 sys_ioctl(ffff8000ffff8770,ffff80001491a398,ffff80001491a3e0) at sys_ioctl+0x5b9 syscall(ffff80001491a460) at syscall+0x507 Xsyscall(6,0,ffffffffffffff36,0,3,5e2e60bd010) at Xsyscall+0x128 end of kernel end trace frame: 0x7f7ffffe95b0, count: 6 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic ifa_update_broadaddr does not support dynamic length ddb> trace db_enter() at db_enter+0x18 panic() at panic+0x15c ifa_update_broadaddr(ffff800000a63800,ffff8000006a0300,ffff80001491a2a0) at ifa_update_broadaddr+0x61 in_ioctl_change_ifaddr(8040691a,ffff80001491a280,ffff800000a63800,1) at in_ioctl_change_ifaddr+0x5a3 in_ioctl(8040691a,ffff80001491a280,ffff800000a63800,1) at in_ioctl+0x205 ifioctl(fffffd80363d6908,8040691a,ffff80001491a280,ffff8000ffff8770) at ifioctl+0xb34 sys_ioctl(ffff8000ffff8770,ffff80001491a398,ffff80001491a3e0) at sys_ioctl+0x5b9 syscall(ffff80001491a460) at syscall+0x507 Xsyscall(6,0,ffffffffffffff36,0,3,5e2e60bd010) at Xsyscall+0x128 end of kernel end trace frame: 0x7f7ffffe95b0, count: -9 ddb> show registers rdi 0 rsi 0x1 rbp 0xffff800014919f90 rbx 0xffff80001491a040 rdx 0x2 rcx 0x1 rax 0x1 r8 0xffff800014919f50 r9 0x1 r10 0xdd45d307f9d4a2e5 r11 0xb1849bc52d5b5aed r12 0x3000000008 r13 0xffff800014919fa0 r14 0x100 r15 0x1 rip 0xffffffff81939468 db_enter+0x18 cs 0x8 rflags 0x246 rsp 0xffff800014919f80 ss 0x10 db_enter+0x18: addq $0x8,%rsp ddb> show proc PROC (syz-executor.0) pid=21726 stat=onproc flags process=0 proc=0 pri=69, usrpri=69, nice=20 forw=0xffffffffffffffff, list=0xffff8000ffff8280,0xffffffff82561488 process=0xffff8000148a2018 user=0xffff800014915000, vmspace=0xfffffd803f013aa0 estcpu=36, cpticks=1, pctcpu=0.0 user=0, sys=1, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND *76524 21726 99748 0 7 0 syz-executor.0 99748 138827 54001 0 3 0x82 nanosleep syz-executor.0 54001 492811 82061 0 3 0x82 thrsleep syz-execprog 54001 85436 82061 0 2 0x4000482 syz-execprog 54001 109337 82061 0 3 0x4000082 thrsleep syz-execprog 54001 467795 82061 0 3 0x4000082 thrsleep syz-execprog 54001 287684 82061 0 3 0x4000082 kqread syz-execprog 54001 508347 82061 0 3 0x4000082 thrsleep syz-execprog 54001 3680 82061 0 3 0x4000082 thrsleep syz-execprog 82061 6409 10603 0 3 0x10008a pause ksh 10603 371845 47896 0 3 0x92 select sshd 90154 403931 1 0 3 0x100083 ttyin getty 47896 95578 1 0 3 0x80 select sshd 21732 110775 57670 73 3 0x100090 kqread syslogd 57670 56852 1 0 3 0x100082 netio syslogd 52938 397185 1 77 3 0x100090 poll dhclient 6016 451495 1 0 3 0x80 poll dhclient 15045 290227 0 0 2 0x14200 zerothread 31625 298280 0 0 3 0x14200 aiodoned aiodoned 52907 346707 0 0 3 0x14200 syncer update 66030 94953 0 0 3 0x14200 cleaner cleaner 66945 267648 0 0 3 0x14200 reaper reaper 30498 230381 0 0 3 0x14200 pgdaemon pagedaemon 23710 46178 0 0 3 0x14200 bored crynlk 41947 146088 0 0 3 0x14200 bored crypto 46760 47974 0 0 3 0x40014200 acpi0 acpi0 59090 291641 0 0 3 0x14200 bored softnet 13816 374319 0 0 2 0x14200 systqmp 16847 214103 0 0 3 0x14200 bored systq 38176 293789 0 0 2 0x40014200 softclock 79893 173376 0 0 3 0x40014200 idle0 76568 444389 0 0 3 0x14200 bored smr 1 295975 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim Kern Lim devbuf 9433 6310K 6310K 78643K 10526 0 0 pcb 13 8K 8K 78643K 15 0 0 rtable 79 2K 2K 78643K 153 0 0 ifaddr 28 8K 8K 78643K 28 0 0 counters 19 16K 16K 78643K 19 0 0 ioctlops 0 0K 2K 78643K 14 0 0 mount 1 1K 1K 78643K 1 0 0 vnodes 1180 74K 74K 78643K 1185 0 0 UFS quota 1 32K 32K 78643K 1 0 0 UFS mount 5 36K 36K 78643K 5 0 0 shm 2 1K 1K 78643K 2 0 0 VM map 2 0K 0K 78643K 2 0 0 sem 2 0K 0K 78643K 2 0 0 dirhash 12 2K 2K 78643K 12 0 0 ACPI 1793 195K 288K 78643K 12645 0 0 file desc 3 8K 12K 78643K 18 0 0 proc 47 38K 54K 78643K 307 0 0 NFS srvsock 1 0K 0K 78643K 1 0 0 NFS daemon 1 16K 16K 78643K 1 0 0 in_multi 22 1K 1K 78643K 22 0 0 ether_multi 1 0K 0K 78643K 1 0 0 ISOFS mount 1 32K 32K 78643K 1 0 0 MSDOSFS mount 1 16K 16K 78643K 1 0 0 ttys 18 79K 79K 78643K 18 0 0 exec 0 0K 1K 78643K 172 0 0 pagedep 1 8K 8K 78643K 1 0 0 inodedep 1 32K 32K 78643K 1 0 0 newblk 1 0K 0K 78643K 1 0 0 VM swap 7 26K 26K 78643K 7 0 0 UVM amap 67 11K 12K 78643K 877 0 0 UVM aobj 2 2K 2K 78643K 2 0 0 memdesc 1 4K 4K 78643K 1 0 0 crypto data 1 1K 1K 78643K 1 0 0 NDP 6 0K 0K 78643K 6 0 0 temp 39 3525K 3589K 78643K 3057 0 0 SYN cache 2 16K 16K 78643K 2 0 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle arp 64 4 0 0 1 0 1 1 0 8 0 rtpcb 80 17 0 15 1 0 1 1 0 8 0 rtentry 112 34 0 3 1 0 1 1 0 8 0 unpcb 120 27 0 19 1 0 1 1 0 8 0 syncache 264 5 0 5 2 1 1 1 0 8 1 tcpcb 544 8 0 5 1 0 1 1 0 8 0 inpcb 280 27 0 20 1 0 1 1 0 8 0 nd6 48 2 0 0 1 0 1 1 0 8 0 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 168 0 0 11 0 11 11 0 8 0 art_table 32 169 0 0 2 0 2 2 0 8 0 art_node 16 33 0 3 1 0 1 1 0 8 0 dirhash 1024 17 0 0 3 0 3 3 0 8 0 dino1pl 128 1413 0 19 45 0 45 45 0 8 0 ffsino 240 1413 0 19 82 0 82 82 0 8 0 nchpl 144 1653 0 48 60 0 60 60 0 8 0 uvmvnodes 72 1422 0 0 26 0 26 26 0 8 0 vnodes 208 1422 0 0 75 0 75 75 0 8 0 namei 1024 3839 0 3839 2 1 1 1 0 8 1 scxspl 192 4123 0 4123 11 10 1 7 0 8 1 plimitpl 152 14 0 8 1 0 1 1 0 8 0 sigapl 432 197 0 185 2 0 2 2 0 8 0 knotepl 112 39 0 28 1 0 1 1 0 8 0 kqueuepl 104 2 0 0 1 0 1 1 0 8 0 pipepl 112 138 0 125 2 1 1 1 0 8 0 fdescpl 424 198 0 185 2 0 2 2 0 8 0 filepl 120 977 0 923 2 0 2 2 0 8 0 lockfpl 104 5 0 4 1 0 1 1 0 8 0 lockfspl 48 3 0 2 1 0 1 1 0 8 0 sessionpl 112 18 0 9 1 0 1 1 0 8 0 pgrppl 48 18 0 9 1 0 1 1 0 8 0 ucredpl 96 47 0 40 1 0 1 1 0 8 0 zombiepl 144 185 0 185 2 1 1 1 0 8 1 processpl 864 212 0 185 4 0 4 4 0 8 0 procpl 632 218 0 185 3 0 3 3 0 8 0 sockpl 384 71 0 54 2 0 2 2 0 8 0 mcl4k 4096 10 0 10 2 1 1 1 0 8 1 mcl2k 2048 5481 0 5453 6 2 4 6 0 8 0 mtagpl 80 2 0 2 1 1 0 1 0 8 0 mbufpl 256 9507 0 9431 5 0 5 5 0 8 0 bufpl 256 5787 0 1327 279 0 279 279 0 8 0 anonpl 16 21626 0 20153 15 2 13 13 0 62 6 amapchunkpl 152 913 0 853 5 0 5 5 0 158 2 amappl16 192 127 0 97 2 0 2 2 0 8 0 amappl15 184 2 0 1 1 0 1 1 0 8 0 amappl14 176 19 0 18 2 1 1 1 0 8 0 amappl12 160 9 0 7 2 1 1 1 0 8 0 amappl11 152 42 0 31 1 0 1 1 0 8 0 amappl10 144 15 0 12 1 0 1 1 0 8 0 amappl9 136 416 0 410 1 0 1 1 0 8 0 amappl8 128 109 0 98 1 0 1 1 0 8 0 amappl7 120 29 0 27 1 0 1 1 0 8 0 amappl6 112 72 0 63 1 0 1 1 0 8 0 amappl5 104 132 0 123 1 0 1 1 0 8 0 amappl4 96 427 0 404 1 0 1 1 0 8 0 amappl3 88 119 0 110 1 0 1 1 0 8 0 amappl2 80 840 0 785 3 0 3 3 0 8 1 amappl1 72 13399 0 13001 26 8 18 20 0 8 8 amappl 80 450 0 424 1 0 1 1 0 84 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 17 0 17 1 1 0 1 0 8 0 aobjpl 64 1 0 0 1 0 1 1 0 8 0 uaddrrnd 24 198 0 185 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 198 0 185 1 0 1 1 0 8 0 vmmpekpl 168 6178 0 6162 1 0 1 1 0 8 0 vmmpepl 168 28794 0 27926 95 18 77 77 0 357 38 vmsppl 272 197 0 185 1 0 1 1 0 8 0 pdppl 4096 402 0 370 5 0 5 5 0 8 0 pvpl 32 104937 0 101196 119 6 113 113 0 265 81 pmappl 200 197 0 185 1 0 1 1 0 8 0 extentpl 40 41 0 26 1 0 1 1 0 8 0 phpool 112 400 0 6 12 0 12 12 0 8 0