panic: ifa_update_broadaddr does not support dynamic length Stopped at db_enter+0x1c: addq $0x8,%rsp TID PID UID PRFLAGS PFLAGS CPU COMMAND * 95178 17245 0 0x8000000 0x4000000 0 syz-executor.0 db_enter() at db_enter+0x1c sys/arch/amd64/amd64/db_interface.c:437 panic(ffffffff82837b4e) at panic+0x165 sys/kern/subr_prf.c:198 ifa_update_broadaddr(ffff800000ddd800,ffff800000e55900,ffff80002db0d6f0) at ifa_update_broadaddr+0x6a sys/net/if.c:3315 in_ioctl(80206913,ffff80002db0d6e0,ffff800000ddd800,1) at in_ioctl+0x5cf sys/netinet/in.c:313 ifioctl(fffffd8068382810,80206913,ffff80002db0d6e0,ffff80002a64a560) at ifioctl+0x104c pru_control sys/sys/protosw.h:378 [inline] ifioctl(fffffd8068382810,80206913,ffff80002db0d6e0,ffff80002a64a560) at ifioctl+0x104c sys/net/if.c:2449 sys_ioctl(ffff80002a64a560,ffff80002db0d8c0,ffff80002db0d810) at sys_ioctl+0x4a5 syscall(ffff80002db0d8c0) at syscall+0x72a sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x27ddc861220, count: 7 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic *cpu0: ifa_update_broadaddr does not support dynamic length ddb> trace db_enter() at db_enter+0x1c sys/arch/amd64/amd64/db_interface.c:437 panic(ffffffff82837b4e) at panic+0x165 sys/kern/subr_prf.c:198 ifa_update_broadaddr(ffff800000ddd800,ffff800000e55900,ffff80002db0d6f0) at ifa_update_broadaddr+0x6a sys/net/if.c:3315 in_ioctl(80206913,ffff80002db0d6e0,ffff800000ddd800,1) at in_ioctl+0x5cf sys/netinet/in.c:313 ifioctl(fffffd8068382810,80206913,ffff80002db0d6e0,ffff80002a64a560) at ifioctl+0x104c pru_control sys/sys/protosw.h:378 [inline] ifioctl(fffffd8068382810,80206913,ffff80002db0d6e0,ffff80002a64a560) at ifioctl+0x104c sys/net/if.c:2449 sys_ioctl(ffff80002a64a560,ffff80002db0d8c0,ffff80002db0d810) at sys_ioctl+0x4a5 syscall(ffff80002db0d8c0) at syscall+0x72a sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x27ddc861220, count: -8 ddb> show registers rdi 0 rsi 0x1 rbp 0xffff80002db0d490 rbx 0xaa0014ac rdx 0xffff800000de1f40 rcx 0 rax 0xffff80002a64a560 r8 0 r9 0x8080808080808080 r10 0x8984e70c3c625a4e r11 0x9077f2c7a182db97 r12 0 r13 0x10 r14 0 r15 0x1 rip 0xffffffff8148dc7c db_enter+0x1c cs 0x8 rflags 0x246 rsp 0xffff80002db0d480 ss 0x10 db_enter+0x1c: addq $0x8,%rsp ddb> show proc PROC (syz-executor.0) tid=95178 pid=17245 tcnt=2 stat=onproc flags process=8000000 proc=4000000 runpri=32, usrpri=83, slppri=32, nice=20 wchan=0x0, wmesg=, ps_single=0x0 forw=0xffffffffffffffff, list=0xffff80002a64b9e0,0xffff80002a64bc80 process=0xffff8000377e3258 user=0xffff80002db08000, vmspace=0xfffffd80692ae2c0 estcpu=36, cpticks=1, pctcpu=0.0, user=0, sys=1, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 66757 515133 18033 0 2 0x8000000 syz-executor.3 66757 332540 18033 0 2 0xc000000 syz-executor.3 4538 226276 20207 0 2 0x8000000 syz-executor.2 54896 395709 92835 0 2 0x8000000 syz-executor.7 54896 232814 92835 0 2 0xc000000 syz-executor.7 17245 144101 72488 0 2 0x8000000 syz-executor.0 *17245 95178 72488 0 7 0xc000000 syz-executor.0 65964 328599 23747 0 2 0x8000000 syz-executor.6 65964 415321 23747 0 3 0xc000080 fsleep syz-executor.6 48561 352711 29596 0 2 0x8000480 syz-executor.1 48561 148785 29596 0 3 0xc000080 lockf syz-executor.1 48561 403474 29596 0 3 0xc000080 fsleep syz-executor.1 36563 480311 77087 0 2 0x8000002 syz-executor.4 23747 269380 77087 0 2 0x8000482 syz-executor.6 18033 52372 77087 0 3 0x8000082 nanoslp syz-executor.3 92835 91624 77087 0 2 0x8000482 syz-executor.7 29596 407101 77087 0 3 0x8000082 nanoslp syz-executor.1 20207 73899 77087 0 3 0x8000082 nanoslp syz-executor.2 74654 309735 0 0 3 0x14200 bored sosplice 12039 467682 0 0 3 0x14280 nfsidl nfsio 72743 131608 0 0 3 0x14280 nfsidl nfsio 82799 378002 0 0 3 0x14280 nfsidl nfsio 98235 44584 0 0 3 0x14280 nfsidl nfsio 1464 423997 0 0 3 0x14280 nfsidl nfsio 49313 426357 0 0 3 0x14280 nfsidl nfsio 67871 60613 0 0 3 0x14280 nfsidl nfsio 57769 444415 0 0 3 0x14280 nfsidl nfsio 16845 65188 0 0 3 0x14280 nfsidl nfsio 43188 5635 0 0 3 0x14280 nfsidl nfsio 57949 345342 0 0 3 0x14280 nfsidl nfsio 37686 35175 0 0 3 0x14280 nfsidl nfsio 95822 155226 0 0 3 0x14280 nfsidl nfsio 77010 4924 0 0 3 0x14280 nfsidl nfsio 45608 221283 0 0 3 0x14280 nfsidl nfsio 68894 255520 0 0 3 0x14280 nfsidl nfsio 39030 165522 0 0 3 0x14280 nfsidl nfsio 71538 217374 0 0 3 0x14280 nfsidl nfsio 42252 26397 0 0 3 0x14280 nfsidl nfsio 48313 207308 0 0 3 0x14280 nfsidl nfsio 21565 64725 1 0 3 0x18100083 ttyin getty 95534 232764 77087 0 2 0x8000482 syz-executor.5 72488 480807 77087 0 2 0x8000482 syz-executor.0 77087 524022 49012 0 3 0x1a000082 wait syz-fuzzer 77087 521579 49012 0 2 0x1e000482 syz-fuzzer 77087 253226 49012 0 3 0x1e000082 kqread syz-fuzzer 77087 37277 49012 0 3 0x1e000082 wait syz-fuzzer 77087 482530 49012 0 3 0x1e000082 wait syz-fuzzer 77087 419421 49012 0 3 0x1e000082 thrsleep syz-fuzzer 77087 111005 49012 0 3 0x1e000082 wait syz-fuzzer 77087 342655 49012 0 3 0x1e000082 thrsleep syz-fuzzer 77087 231834 49012 0 3 0x1e000082 wait syz-fuzzer 77087 12068 49012 0 3 0x1e000082 thrsleep syz-fuzzer 77087 181814 49012 0 3 0x1e000082 thrsleep syz-fuzzer 77087 427685 49012 0 3 0x1e000082 wait syz-fuzzer 77087 269623 49012 0 3 0x1e000082 wait syz-fuzzer 77087 434700 49012 0 3 0x1e000082 wait syz-fuzzer 49012 251819 22124 0 3 0x810008a sigsusp ksh 22124 170687 55130 0 3 0x1800009a kqread sshd 55130 96498 1 0 3 0x18000088 kqread sshd 17519 400761 50828 73 3 0x19100090 kqread syslogd 50828 500451 1 0 3 0x18100082 sbwait syslogd 57732 291329 1 0 3 0x18100080 kqread resolvd 74492 511905 92965 77 3 0x18100092 kqread dhcpleased 34745 91767 92965 77 3 0x18100092 kqread dhcpleased 92965 134579 1 0 3 0x18000080 kqread dhcpleased 43295 13567 0 0 3 0x14200 bored smr 18563 14652 0 0 2 0x14200 zerothread 73739 22427 0 0 3 0x14200 aiodoned aiodoned 61188 240882 0 0 3 0x14200 syncer update 95296 37891 0 0 3 0x14200 cleaner cleaner 52257 65327 0 0 3 0x14200 reaper reaper 85303 333230 0 0 3 0x14200 pgdaemon pagedaemon 65570 309168 0 0 3 0x14200 bored viomb 71980 379957 0 0 3 0x40014200 acpi0 acpi0 9703 353291 0 0 3 0x14200 bored softnet3 52929 168382 0 0 3 0x14200 bored softnet2 52300 196639 0 0 3 0x14200 bored softnet1 45383 179156 0 0 3 0x14200 bored softnet0 98342 154173 0 0 3 0x14200 bored systqmp 64429 201284 0 0 3 0x14200 bored systq 282 151058 0 0 3 0x40014200 tmoslp softclock 14971 230421 0 0 3 0x40014200 idle0 1 80817 0 0 3 0x8000082 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10188 6676K 7137K 166960K 14052 0 pcb 17 12K 12K 166960K 309 0 rtable 119 6K 8K 166960K 1012 0 pf 28 8K 10K 166960K 131 0 ifaddr 27 8K 12K 166960K 153 0 ifgroup 47 2K 2K 166960K 208 0 sysctl 4 1K 2K 166960K 16 0 counters 29 17K 18K 166960K 78 0 ioctlops 0 0K 2K 166960K 120 0 iov 0 0K 18K 166960K 90 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1356 85K 86K 166960K 2861 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 10K 18K 166960K 45 0 VM map 2 1K 1K 166960K 2 0 sem 12 0K 0K 166960K 174 0 dirhash 12 2K 3K 166960K 78 0 ACPI 1697 195K 286K 166960K 12548 0 file desc 16 57K 69K 166960K 2548 0 sigio 0 0K 0K 166960K 23 0 proc 58 59K 83K 166960K 913 0 subproc 104 6K 6K 166960K 251 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 0 0K 0K 166960K 305 0 in_multi 33 2K 7K 166960K 360 0 ether_multi 1 0K 0K 166960K 28 0 mrt 1 0K 0K 166960K 14 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 85 387K 387K 166960K 85 0 exec 0 0K 1K 166960K 640 0 pfkey data 0 0K 0K 166960K 1 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 284 100K 108K 166960K 23455 0 UVM aobj 79 7K 7K 166960K 82 0 pinsyscall 36 72K 100K 166960K 3971 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 1K 166960K 136 0 NDP 12 0K 2K 166960K 104 0 temp 74 6812K 14748K 166960K 66003 0 kqueue 12 18K 28K 166960K 261 0 SYN cache 2 16K 16K 166960K 2 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle rtpcb 120 199 0 196 1 0 1 1 0 8 0 rtentry 112 344 0 296 4 0 4 4 0 8 1 unpcb 144 1049 0 1036 2 0 2 2 0 8 1 syncache 336 7 0 7 1 0 1 1 0 8 1 tcpcb 808 554 0 549 2 0 2 2 0 8 1 arp 88 67 0 60 1 0 1 1 0 8 0 ipq 40 5 0 4 1 0 1 1 0 8 0 ipqe 40 53 0 52 1 0 1 1 0 8 0 inpcb 352 1959 0 1949 3 0 3 3 0 8 2 nd6 104 72 0 66 1 0 1 1 0 8 0 pkpcb 40 13 0 13 1 0 1 1 0 8 1 kcovpl 48 19 0 11 1 0 1 1 0 8 0 ppxss 1072 25 0 25 1 0 1 1 0 8 1 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 1208 0 1015 29 7 22 29 0 8 8 art_table 32 1209 0 1015 4 0 4 4 0 8 1 art_node 16 336 0 295 1 0 1 1 0 8 0 sysvmsgpl 40 24 0 19 1 0 1 1 0 8 0 semupl 112 3 0 3 1 0 1 1 0 8 1 semapl 112 169 0 159 1 0 1 1 0 8 0 shmpl 112 79 0 3 3 0 3 3 0 8 0 dirhash 1024 61 0 44 3 0 3 3 0 8 0 dino2pl 256 5344 0 3840 96 0 96 96 0 8 0 ffsino 240 5344 0 3840 90 0 90 90 0 8 0 nchpl 144 8669 0 6938 66 0 66 66 0 8 0 uvmvnodes 80 5926 0 0 121 0 121 121 0 8 0 vnodes 216 5926 0 0 330 0 330 330 0 8 0 namei 1024 26929 0 26929 2 0 2 2 0 8 2 vcpupl 3904 6 0 0 1 0 1 1 0 8 0 vmpool 664 18 0 12 1 0 1 1 0 8 0 kstatmem 264 118 0 98 3 0 3 3 0 8 0 scsiplug 72 1 0 1 1 0 1 1 0 8 1 scxspl 216 31210 0 31210 8 0 8 8 1 8 8 plimitpl 152 240 0 225 1 0 1 1 0 8 0 sigapl 424 2848 0 2783 8 0 8 8 0 8 0 futexpl 64 29001 0 28999 1 0 1 1 0 8 0 knotepl 120 7429 0 7347 18 5 13 18 0 8 8 kqueuepl 184 429 0 421 1 0 1 1 0 8 0 pipepl 288 296 0 268 3 0 3 3 0 8 0 fdescpl 432 2810 0 2783 4 0 4 4 0 8 0 filepl 120 13001 0 12759 9 0 9 9 0 8 0 lockfpl 104 524 0 520 1 0 1 1 0 8 0 lockfspl 48 212 0 209 1 0 1 1 0 8 0 sessionpl 144 35 0 19 1 0 1 1 0 8 0 pgrppl 48 54 0 38 1 0 1 1 0 8 0 ucredpl 104 2400 0 2390 1 0 1 1 0 8 0 zombiepl 144 2784 0 2783 1 0 1 1 0 8 0 processpl 1072 2848 0 2783 5 0 5 5 0 8 0 procpl 656 5397 0 5313 9 0 9 9 0 8 0 sosppl 168 7 0 7 1 0 1 1 0 8 1 sockpl 504 3223 0 3197 7 0 7 7 0 8 3 mcl64k 65536 21 0 21 1 0 1 1 0 8 1 mcl12k 12288 5 0 5 1 0 1 1 0 8 1 mcl8k 8192 36 0 36 1 0 1 1 0 8 1 mcl4k 4096 21 0 21 1 0 1 1 0 8 1 mcl2k2 2112 2 0 2 1 0 1 1 0 8 1 mcl2k 2048 50920 0 50830 38 18 20 38 0 8 8 mtagpl 96 95 0 76 2 0 2 2 0 8 0 mbufpl 256 305490 0 305339 44 15 29 39 0 8 8 bufpl 280 8998 0 2671 453 0 453 453 0 8 0 anonpl 24 409915 0 403579 68 0 68 68 0 188 20 amapchunkpl 152 74917 0 74299 38 0 38 38 0 158 11 amappl16 200 10369 0 10218 31 12 19 21 0 8 8 amappl15 192 12 0 12 1 0 1 1 0 8 1 amappl14 184 187 0 175 2 0 2 2 0 8 1 amappl13 176 24 0 23 1 0 1 1 0 8 0 amappl12 168 3588 0 3560 2 0 2 2 0 8 0 amappl11 160 51 0 41 1 0 1 1 0 8 0 amappl10 152 65 0 55 1 0 1 1 0 8 0 amappl9 144 153 0 153 1 0 1 1 0 8 1 amappl8 136 147 0 119 2 0 2 2 0 8 0 amappl7 128 49 0 37 1 0 1 1 0 8 0 amappl6 120 464 0 451 2 0 2 2 0 8 1 amappl5 112 212 0 199 1 0 1 1 0 8 0 amappl4 104 553 0 521 2 0 2 2 0 8 1 amappl3 96 15417 0 15344 3 0 3 3 0 8 0 amappl2 88 3266 0 3194 4 0 4 4 0 8 2 amappl1 80 17676 0 17189 22 3 19 22 0 8 8 amappl 88 22742 0 22556 6 0 6 6 0 92 0 dma4096 4096 1 0 1 1 0 1 1 0 8 1 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 6 0 6 1 0 1 1 0 8 1 dma128 128 253 0 253 1 0 1 1 0 8 1 dma64 64 6 0 6 1 0 1 1 0 8 1 dma32 32 7 0 7 1 0 1 1 0 8 1 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 81 0 3 2 0 2 2 0 8 0 uaddrrnd 24 2828 0 2795 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 2828 0 2795 1 0 1 1 0 8 0 vmmpekpl 168 20784 0 20721 4 0 4 4 0 8 0 vmmpepl 168 183465 0 181629 115 0 115 115 0 357 26 vmsppl 344 2827 0 2795 4 0 4 4 0 8 0 rwobjpl 24 53212 0 46142 44 0 44 44 0 8 1 pdppl 4096 5662 0 5596 109 39 70 72 0 8 4 pvpl 32 1158886 0 1146390 398 47 351 398 0 265 234 pmappl 216 2827 0 2795 2 0 2 2 0 8 0 extentpl 40 56 0 38 1 0 1 1 0 8 0 phpool 112 431 0 79 11 0 11 11 0 8 0 ddb> machine ddbcpu 0 No such command ddb> trace db_enter() at db_enter+0x1c sys/arch/amd64/amd64/db_interface.c:437 panic(ffffffff82837b4e) at panic+0x165 sys/kern/subr_prf.c:198 ifa_update_broadaddr(ffff800000ddd800,ffff800000e55900,ffff80002db0d6f0) at ifa_update_broadaddr+0x6a sys/net/if.c:3315 in_ioctl(80206913,ffff80002db0d6e0,ffff800000ddd800,1) at in_ioctl+0x5cf sys/netinet/in.c:313 ifioctl(fffffd8068382810,80206913,ffff80002db0d6e0,ffff80002a64a560) at ifioctl+0x104c pru_control sys/sys/protosw.h:378 [inline] ifioctl(fffffd8068382810,80206913,ffff80002db0d6e0,ffff80002a64a560) at ifioctl+0x104c sys/net/if.c:2449 sys_ioctl(ffff80002a64a560,ffff80002db0d8c0,ffff80002db0d810) at sys_ioctl+0x4a5 syscall(ffff80002db0d8c0) at syscall+0x72a sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x27ddc861220, count: -8 ddb> machine ddbcpu 1 No such command ddb> trace db_enter() at db_enter+0x1c sys/arch/amd64/amd64/db_interface.c:437 panic(ffffffff82837b4e) at panic+0x165 sys/kern/subr_prf.c:198 ifa_update_broadaddr(ffff800000ddd800,ffff800000e55900,ffff80002db0d6f0) at ifa_update_broadaddr+0x6a sys/net/if.c:3315 in_ioctl(80206913,ffff80002db0d6e0,ffff800000ddd800,1) at in_ioctl+0x5cf sys/netinet/in.c:313 ifioctl(fffffd8068382810,80206913,ffff80002db0d6e0,ffff80002a64a560) at ifioctl+0x104c pru_control sys/sys/protosw.h:378 [inline] ifioctl(fffffd8068382810,80206913,ffff80002db0d6e0,ffff80002a64a560) at ifioctl+0x104c sys/net/if.c:2449 sys_ioctl(ffff80002a64a560,ffff80002db0d8c0,ffff80002db0d810) at sys_ioctl+0x4a5 syscall(ffff80002db0d8c0) at syscall+0x72a sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x27ddc861220, count: -8