panic: ifa_update_broadaddr does not support dynamic length Stopped at db_enter+0x1c: addq $0x8,%rsp TID PID UID PRFLAGS PFLAGS CPU COMMAND *123844 16829 0 0x8000000 0x4000000 0 syz-executor.1 db_enter() at db_enter+0x1c sys/arch/amd64/amd64/db_interface.c:437 panic(ffffffff8282f7f1) at panic+0x165 sys/kern/subr_prf.c:198 ifa_update_broadaddr(ffff800000dda800,ffff800000e52200,ffff80002a69d6a0) at ifa_update_broadaddr+0x6a sys/net/if.c:3315 in_ioctl(80206913,ffff80002a69d690,ffff800000dda800,1) at in_ioctl+0x5cf sys/netinet/in.c:313 ifioctl(fffffd805ee03218,80206913,ffff80002a69d690,ffff80002a5d6cd8) at ifioctl+0x104c pru_control sys/sys/protosw.h:378 [inline] ifioctl(fffffd805ee03218,80206913,ffff80002a69d690,ffff80002a5d6cd8) at ifioctl+0x104c sys/net/if.c:2449 sys_ioctl(ffff80002a5d6cd8,ffff80002a69d870,ffff80002a69d7c0) at sys_ioctl+0x4a5 syscall(ffff80002a69d870) at syscall+0x72a sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x97b30ecd4c0, count: 7 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic *cpu0: ifa_update_broadaddr does not support dynamic length ddb> trace db_enter() at db_enter+0x1c sys/arch/amd64/amd64/db_interface.c:437 panic(ffffffff8282f7f1) at panic+0x165 sys/kern/subr_prf.c:198 ifa_update_broadaddr(ffff800000dda800,ffff800000e52200,ffff80002a69d6a0) at ifa_update_broadaddr+0x6a sys/net/if.c:3315 in_ioctl(80206913,ffff80002a69d690,ffff800000dda800,1) at in_ioctl+0x5cf sys/netinet/in.c:313 ifioctl(fffffd805ee03218,80206913,ffff80002a69d690,ffff80002a5d6cd8) at ifioctl+0x104c pru_control sys/sys/protosw.h:378 [inline] ifioctl(fffffd805ee03218,80206913,ffff80002a69d690,ffff80002a5d6cd8) at ifioctl+0x104c sys/net/if.c:2449 sys_ioctl(ffff80002a5d6cd8,ffff80002a69d870,ffff80002a69d7c0) at sys_ioctl+0x4a5 syscall(ffff80002a69d870) at syscall+0x72a sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x97b30ecd4c0, count: -8 ddb> show registers rdi 0 rsi 0x1 rbp 0xffff80002a69d440 rbx 0xff0114ac rdx 0 rcx 0 rax 0xffff80002a5d6cd8 r8 0x101010101010101 r9 0x8080808080808080 r10 0xf2c246041890225a r11 0x1bffedecf7bd8754 r12 0 r13 0x10 r14 0 r15 0x1 rip 0xffffffff820e829c db_enter+0x1c cs 0x8 rflags 0x246 rsp 0xffff80002a69d430 ss 0x10 db_enter+0x1c: addq $0x8,%rsp ddb> show proc PROC (syz-executor.1) tid=123844 pid=16829 tcnt=4 stat=onproc flags process=8000000 proc=4000000 runpri=32, usrpri=76, slppri=32, nice=20 wchan=0x0, wmesg=, ps_single=0x0 forw=0xffffffffffffffff, list=0xffff80002a678cf0,0xffff80002a6099c8 process=0xffff8000ffff3ab8 user=0xffff80002a698000, vmspace=0xfffffd806957dd80 estcpu=36, cpticks=0, pctcpu=0.0, user=0, sys=0, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 16829 1370 8683 0 2 0x8000000 syz-executor.1 *16829 123844 8683 0 7 0xc000000 syz-executor.1 16829 169108 8683 0 3 0xc000080 fsleep syz-executor.1 16829 380929 8683 0 3 0xc000080 fsleep syz-executor.1 44112 388858 10901 0 2 0x8000000 syz-executor.5 44112 489524 10901 0 3 0xc000080 ttyretype syz-executor.5 13137 271761 71803 0 2 0x8000000 syz-executor.2 13137 356435 71803 0 3 0xc000080 fsleep syz-executor.2 9423 191828 56304 0 2 0x8000000 syz-executor.3 9423 310134 56304 0 3 0xc000080 fsleep syz-executor.3 9423 117553 56304 0 3 0xc000080 fsleep syz-executor.3 9423 148289 56304 0 3 0xc000080 fsleep syz-executor.3 71803 185014 87246 0 3 0x8000082 nanoslp syz-executor.2 99699 161683 1 0 3 0x18100083 ttyin getty 8683 355154 87246 0 3 0x8000082 nanoslp syz-executor.1 48386 142066 87246 0 2 0x8000002 syz-executor.4 46883 290071 87246 0 2 0x8000002 syz-executor.6 82441 254655 0 0 3 0x14200 bored sosplice 10901 320454 87246 0 3 0x8000082 nanoslp syz-executor.5 56304 271831 87246 0 3 0x8000082 nanoslp syz-executor.3 75128 90915 87246 0 2 0x8000002 syz-executor.7 19786 266332 87246 0 2 0x8000002 syz-executor.0 87246 508283 8704 0 3 0x1a000082 thrsleep syz-fuzzer 87246 180865 8704 0 3 0x1e000082 thrsleep syz-fuzzer 87246 128292 8704 0 3 0x1e000082 kqread syz-fuzzer 87246 165197 8704 0 3 0x1e000082 wait syz-fuzzer 87246 258291 8704 0 3 0x1e000082 thrsleep syz-fuzzer 87246 88136 8704 0 3 0x1e000082 wait syz-fuzzer 87246 177603 8704 0 3 0x1e000082 wait syz-fuzzer 87246 298487 8704 0 3 0x1e000082 thrsleep syz-fuzzer 87246 126389 8704 0 3 0x1e000082 wait syz-fuzzer 87246 312310 8704 0 3 0x1e000082 wait syz-fuzzer 87246 276626 8704 0 3 0x1e000082 thrsleep syz-fuzzer 87246 342914 8704 0 3 0x1e000082 wait syz-fuzzer 87246 457742 8704 0 3 0x1e000082 wait syz-fuzzer 87246 253110 8704 0 3 0x1e000082 wait syz-fuzzer 8704 330923 66517 0 3 0x810008a sigsusp ksh 66517 59389 5624 0 3 0x1800009a kqread sshd 5624 86970 1 0 3 0x18000088 kqread sshd 16661 71032 70707 73 2 0x19100010 syslogd 70707 462110 1 0 3 0x18100082 sbwait syslogd 65482 32814 1 0 3 0x18100080 kqread resolvd 75445 258845 14859 77 3 0x18100092 kqread dhcpleased 75898 387380 14859 77 3 0x18100092 kqread dhcpleased 14859 358369 1 0 3 0x18000080 kqread dhcpleased 89527 127162 0 0 3 0x14200 bored smr 76662 71238 0 0 2 0x14200 zerothread 81770 324114 0 0 3 0x14200 aiodoned aiodoned 9614 289052 0 0 3 0x14200 syncer update 16119 471958 0 0 3 0x14200 cleaner cleaner 81753 83330 0 0 3 0x14200 reaper reaper 5823 139382 0 0 3 0x14200 pgdaemon pagedaemon 19740 282048 0 0 3 0x14200 bored viomb 46397 200150 0 0 3 0x40014200 acpi0 acpi0 72963 172591 0 0 3 0x14200 bored softnet3 21528 301168 0 0 3 0x14200 bored softnet2 64735 178148 0 0 3 0x14200 bored softnet1 85349 111201 0 0 3 0x14200 bored softnet0 24549 324764 0 0 3 0x14200 bored systqmp 26351 519004 0 0 3 0x14200 bored systq 85641 212375 0 0 3 0x40014200 tmoslp softclock 96002 427369 0 0 3 0x40014200 idle0 1 510699 0 0 3 0x8000082 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10207 6545K 7191K 166960K 12918 0 pcb 17 14K 16K 166960K 216 0 rtable 233 7K 7K 166960K 649 0 pf 29 8K 9K 166960K 59 0 ifaddr 43 11K 11K 166960K 82 0 ifgroup 50 2K 2K 166960K 108 0 sysctl 4 1K 1K 166960K 10 0 counters 30 17K 17K 166960K 42 0 ioctlops 0 0K 2K 166960K 75 0 iov 0 0K 16K 166960K 86 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1443 91K 91K 166960K 2348 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 1K 9K 166960K 24 0 VM map 2 1K 1K 166960K 2 0 sem 12 0K 1K 166960K 81 0 dirhash 15 2K 2K 166960K 42 0 ACPI 1697 195K 286K 166960K 12548 0 file desc 14 49K 85K 166960K 926 0 sigio 1 0K 0K 166960K 21 0 proc 58 59K 91K 166960K 732 0 subproc 104 6K 7K 166960K 195 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 0 0K 0K 166960K 116 0 in_multi 95 7K 7K 166960K 205 0 ether_multi 1 0K 0K 166960K 7 0 mrt 1 0K 0K 166960K 3 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 235 1049K 1049K 166960K 235 0 exec 0 0K 1K 166960K 633 0 pfkey data 0 0K 0K 166960K 1 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 270 92K 108K 166960K 10075 0 UVM aobj 40 2K 2K 166960K 41 0 pinsyscall 34 68K 100K 166960K 2240 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 0K 166960K 79 0 NDP 11 0K 2K 166960K 53 0 temp 75 6812K 14744K 166960K 32859 0 kqueue 18 27K 27K 166960K 124 0 SYN cache 2 16K 16K 166960K 2 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle rtpcb 120 183 0 180 3 0 3 3 0 8 2 rtentry 112 212 0 104 4 0 4 4 0 8 0 unpcb 144 619 0 606 2 0 2 2 0 8 1 syncache 336 22 0 22 1 0 1 1 0 8 1 tcpqe 32 41 0 41 1 0 1 1 0 8 1 tcpcb 808 309 0 303 2 0 2 2 0 8 1 arp 88 38 0 20 1 0 1 1 0 8 0 ipq 40 4 0 3 1 0 1 1 0 8 0 ipqe 40 135 0 134 1 0 1 1 0 8 0 inpcb 352 1007 0 995 8 0 8 8 0 8 6 nd6 104 53 0 29 1 0 1 1 0 8 0 pkpcb 40 4 0 4 1 0 1 1 0 8 1 kcovpl 48 15 0 7 1 0 1 1 0 8 0 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 792 0 345 30 0 30 30 0 8 1 art_table 32 793 0 345 4 0 4 4 0 8 0 art_node 16 210 0 112 1 0 1 1 0 8 0 sysvmsgpl 40 20 0 4 1 0 1 1 0 8 0 semupl 112 1 0 1 1 0 1 1 0 8 1 semapl 112 75 0 65 1 0 1 1 0 8 0 shmpl 112 38 0 1 2 0 2 2 0 8 0 dirhash 1024 37 0 18 3 0 3 3 0 8 0 dino2pl 256 2946 0 1433 96 0 96 96 0 8 0 ffsino 240 2946 0 1433 90 0 90 90 0 8 0 nchpl 144 4340 0 2616 66 0 66 66 0 8 0 uvmvnodes 80 3711 0 0 76 0 76 76 0 8 0 vnodes 216 3711 0 0 207 0 207 207 0 8 0 namei 1024 15828 0 15828 3 0 3 3 0 8 3 vcpupl 3904 2 0 0 1 0 1 1 0 8 0 vmpool 664 4 0 2 1 0 1 1 0 8 0 kstatmem 264 46 0 24 2 0 2 2 0 8 0 scsiplug 72 3 0 3 1 0 1 1 0 8 1 scxspl 216 25054 0 25054 8 0 8 8 1 8 8 plimitpl 152 162 0 146 1 0 1 1 0 8 0 sigapl 424 1212 0 1170 6 0 6 6 0 8 0 futexpl 64 15084 0 15078 1 0 1 1 0 8 0 knotepl 120 7135 0 7048 22 11 11 17 0 8 8 kqueuepl 184 291 0 274 4 0 4 4 0 8 3 pipepl 288 310 0 282 3 0 3 3 0 8 0 fdescpl 432 1195 0 1170 4 0 4 4 0 8 0 filepl 120 8051 0 7791 14 0 14 14 0 8 5 lockfpl 104 274 0 271 1 0 1 1 0 8 0 lockfspl 48 125 0 122 1 0 1 1 0 8 0 sessionpl 144 31 0 15 1 0 1 1 0 8 0 pgrppl 48 62 0 46 1 0 1 1 0 8 0 ucredpl 104 1621 0 1609 1 0 1 1 0 8 0 zombiepl 144 1170 0 1170 1 0 1 1 0 8 1 processpl 1072 1212 0 1170 4 0 4 4 0 8 0 procpl 656 2213 0 2150 7 0 7 7 0 8 0 sosppl 168 11 0 11 1 0 1 1 0 8 1 sockpl 504 1826 0 1798 14 3 11 13 0 8 7 mcl64k 65536 22 0 22 1 0 1 1 0 8 1 mcl12k 12288 5 0 5 1 0 1 1 0 8 1 mcl8k 8192 25 0 25 1 0 1 1 0 8 1 mcl4k 4096 9 0 9 1 0 1 1 0 8 1 mcl2k 2048 20980 0 20883 40 20 20 40 0 8 6 mtagpl 96 39 0 13 1 0 1 1 0 8 0 mbufpl 256 45706 0 45465 106 78 28 64 0 8 7 bufpl 280 7293 0 964 453 0 453 453 0 8 0 anonpl 24 309427 0 303810 97 0 97 97 0 188 55 amapchunkpl 152 33877 0 33259 55 0 55 55 0 158 27 amappl16 200 8448 0 8338 30 14 16 19 0 8 8 amappl15 192 10 0 9 1 0 1 1 0 8 0 amappl14 184 176 0 164 2 0 2 2 0 8 1 amappl13 176 21 0 21 1 0 1 1 0 8 1 amappl12 168 1945 0 1919 2 0 2 2 0 8 0 amappl11 160 97 0 87 1 0 1 1 0 8 0 amappl10 152 53 0 43 1 0 1 1 0 8 0 amappl9 144 149 0 149 1 0 1 1 0 8 1 amappl8 136 108 0 80 2 0 2 2 0 8 0 amappl7 128 48 0 37 1 0 1 1 0 8 0 amappl6 120 426 0 410 2 0 2 2 0 8 0 amappl5 112 197 0 185 1 0 1 1 0 8 0 amappl4 104 550 0 521 2 0 2 2 0 8 1 amappl3 96 7070 0 7000 3 0 3 3 0 8 0 amappl2 88 1646 0 1579 3 0 3 3 0 8 1 amappl1 80 12382 0 11895 22 3 19 22 0 8 8 amappl 88 9436 0 9255 6 0 6 6 0 92 0 dma4096 4096 1 0 1 1 0 1 1 0 8 1 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 6 0 6 1 0 1 1 0 8 1 dma128 128 253 0 253 1 0 1 1 0 8 1 dma64 64 6 0 6 1 0 1 1 0 8 1 dma32 32 7 0 7 1 0 1 1 0 8 1 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 40 0 1 1 0 1 1 0 8 0 uaddrrnd 24 1199 0 1172 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 1199 0 1172 1 0 1 1 0 8 0 vmmpekpl 168 13518 0 13469 3 0 3 3 0 8 0 vmmpepl 168 95073 0 93360 111 0 111 111 0 357 28 vmsppl 344 1198 0 1172 4 0 4 4 0 8 1 rwobjpl 24 34794 0 30013 31 0 31 31 0 8 1 pdppl 4096 2404 0 2346 122 62 60 74 0 8 2 pvpl 32 701882 0 690595 363 15 348 363 0 265 243 pmappl 216 1198 0 1172 2 0 2 2 0 8 0 extentpl 40 56 0 38 1 0 1 1 0 8 0 phpool 112 517 0 163 12 0 12 12 0 8 0 ddb> machine ddbcpu 0 No such command ddb> trace db_enter() at db_enter+0x1c sys/arch/amd64/amd64/db_interface.c:437 panic(ffffffff8282f7f1) at panic+0x165 sys/kern/subr_prf.c:198 ifa_update_broadaddr(ffff800000dda800,ffff800000e52200,ffff80002a69d6a0) at ifa_update_broadaddr+0x6a sys/net/if.c:3315 in_ioctl(80206913,ffff80002a69d690,ffff800000dda800,1) at in_ioctl+0x5cf sys/netinet/in.c:313 ifioctl(fffffd805ee03218,80206913,ffff80002a69d690,ffff80002a5d6cd8) at ifioctl+0x104c pru_control sys/sys/protosw.h:378 [inline] ifioctl(fffffd805ee03218,80206913,ffff80002a69d690,ffff80002a5d6cd8) at ifioctl+0x104c sys/net/if.c:2449 sys_ioctl(ffff80002a5d6cd8,ffff80002a69d870,ffff80002a69d7c0) at sys_ioctl+0x4a5 syscall(ffff80002a69d870) at syscall+0x72a sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x97b30ecd4c0, count: -8 ddb> machine ddbcpu 1 No such command ddb> trace db_enter() at db_enter+0x1c sys/arch/amd64/amd64/db_interface.c:437 panic(ffffffff8282f7f1) at panic+0x165 sys/kern/subr_prf.c:198 ifa_update_broadaddr(ffff800000dda800,ffff800000e52200,ffff80002a69d6a0) at ifa_update_broadaddr+0x6a sys/net/if.c:3315 in_ioctl(80206913,ffff80002a69d690,ffff800000dda800,1) at in_ioctl+0x5cf sys/netinet/in.c:313 ifioctl(fffffd805ee03218,80206913,ffff80002a69d690,ffff80002a5d6cd8) at ifioctl+0x104c pru_control sys/sys/protosw.h:378 [inline] ifioctl(fffffd805ee03218,80206913,ffff80002a69d690,ffff80002a5d6cd8) at ifioctl+0x104c sys/net/if.c:2449 sys_ioctl(ffff80002a5d6cd8,ffff80002a69d870,ffff80002a69d7c0) at sys_ioctl+0x4a5 syscall(ffff80002a69d870) at syscall+0x72a sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x97b30ecd4c0, count: -8