panic: Data modified on freelist: word 5 of object 0xffff800000a8bd00 size 0xc0 previous type devbuf (0xd != 0xdeaf4152)
Stopped at db_enter+0x18: addq $0x8,%rsp
TID PID UID PRFLAGS PFLAGS CPU COMMAND
* 39811 37138 0 0 0 0 dhclient
db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:398
panic() at panic+0x15c sys/kern/subr_prf.c:207
malloc(c0,5,9) at malloc+0xa23 sys/kern/kern_malloc.c:331
rtm_report(fffffd8036d71070,4,d886e631,0) at rtm_report+0x2d9 sys/net/rtsock.c:654
route_output(fffffd802f594d00,fffffd803a01b180,0,0) at route_output+0x6b7 sys/net/rtsock.c:824
route_usrreq(fffffd803a01b180,9,fffffd802f594d00,0,0,ffff8000ffff8ed8) at route_usrreq+0x363 sys/net/rtsock.c:275
sosend(fffffd803a01b180,0,ffff800014886440,0,0,0) at sosend+0x63d sys/kern/uipc_socket.c:524
dofilewritev(ffff8000ffff8ed8,6,ffff800014886440,0,ffff800014886530) at dofilewritev+0x1ac sys/kern/sys_generic.c:364
sys_writev(ffff8000ffff8ed8,ffff8000148864e0,ffff800014886530) at sys_writev+0xa7 sys/kern/sys_generic.c:311
syscall(ffff8000148865b0) at syscall+0x507 sys/arch/amd64/amd64/trap.c:555
Xsyscall(6,79,0,79,d886e631,77ed60ba000) at Xsyscall+0x128
end of kernel
end trace frame: 0x7f7ffffdaef0, count: 4
https://www.openbsd.org/ddb.html describes the minimum info required in bug
reports. Insufficient info makes it difficult to find and fix bugs.
ddb>
ddb> set $lines = 0
ddb> set $maxwidth = 0
ddb> show panic
Data modified on freelist: word 5 of object 0xffff800000a8bd00 size 0xc0 previous type devbuf (0xd != 0xdeaf4152)
ddb> trace
db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:398
panic() at panic+0x15c sys/kern/subr_prf.c:207
malloc(c0,5,9) at malloc+0xa23 sys/kern/kern_malloc.c:331
rtm_report(fffffd8036d71070,4,d886e631,0) at rtm_report+0x2d9 sys/net/rtsock.c:654
route_output(fffffd802f594d00,fffffd803a01b180,0,0) at route_output+0x6b7 sys/net/rtsock.c:824
route_usrreq(fffffd803a01b180,9,fffffd802f594d00,0,0,ffff8000ffff8ed8) at route_usrreq+0x363 sys/net/rtsock.c:275
sosend(fffffd803a01b180,0,ffff800014886440,0,0,0) at sosend+0x63d sys/kern/uipc_socket.c:524
dofilewritev(ffff8000ffff8ed8,6,ffff800014886440,0,ffff800014886530) at dofilewritev+0x1ac sys/kern/sys_generic.c:364
sys_writev(ffff8000ffff8ed8,ffff8000148864e0,ffff800014886530) at sys_writev+0xa7 sys/kern/sys_generic.c:311
syscall(ffff8000148865b0) at syscall+0x507 sys/arch/amd64/amd64/trap.c:555
Xsyscall(6,79,0,79,d886e631,77ed60ba000) at Xsyscall+0x128
end of kernel
end trace frame: 0x7f7ffffdaef0, count: -11
ddb> show registers
rdi 0
rsi 0x1
rbp 0xffff800014885d50
rbx 0xffff800014885e00
rdx 0x2
rcx 0
rax 0
r8 0xffff800014885d10
r9 0x1
r10 0
r11 0xc0495391444d3ba1
r12 0x3000000008
r13 0xffff800014885d60
r14 0x100
r15 0x1
rip 0xffffffff820d0728 db_enter+0x18
cs 0x8
rflags 0x246
rsp 0xffff800014885d40
ss 0x10
db_enter+0x18: addq $0x8,%rsp
ddb> show proc
PROC (dhclient) pid=39811 stat=onproc
flags process=0 proc=0
pri=50, usrpri=50, nice=20
forw=0xffffffffffffffff, list=0xffff8000ffff8280,0xffff8000ffff93d8
process=0xffff8000ffff6d90 user=0xffff800014881000, vmspace=0xfffffd803f013000
estcpu=0, cpticks=1, pctcpu=0.0
user=0, sys=1, intr=0
ddb> ps
PID TID PPID UID S FLAGS WAIT COMMAND
41464 244764 98424 0 3 0x80 nanosleep syz-executor.1
41464 498126 98424 0 3 0x4000080 kqread syz-executor.1
41464 438878 98424 0 3 0x4000080 fsleep syz-executor.1
98424 61734 82163 0 3 0x82 nanosleep syz-executor.1
45786 135627 0 0 3 0x14200 bored sosplice
78259 5544 82163 0 3 0x82 nanosleep syz-executor.0
82163 202603 66700 0 3 0x82 thrsleep syz-fuzzer
82163 271375 66700 0 3 0x4000082 thrsleep syz-fuzzer
82163 339356 66700 0 3 0x4000082 kqread syz-fuzzer
82163 266355 66700 0 3 0x4000082 thrsleep syz-fuzzer
82163 16261 66700 0 3 0x4000082 thrsleep syz-fuzzer
82163 269192 66700 0 3 0x4000082 thrsleep syz-fuzzer
82163 427554 66700 0 3 0x4000082 thrsleep syz-fuzzer
82163 483811 66700 0 3 0x4000082 thrsleep syz-fuzzer
66700 216092 81294 0 3 0x10008a pause ksh
81294 13600 67671 0 3 0x92 select sshd
91131 183036 1 0 3 0x100083 ttyin getty
67671 489448 1 0 3 0x80 select sshd
11740 177326 91732 73 3 0x100090 kqread syslogd
91732 404402 1 0 3 0x100082 netio syslogd
48998 134819 1 77 2 0x100010 dhclient
*37138 39811 1 0 7 0 dhclient
64871 438537 0 0 2 0x14200 zerothread
69314 183950 0 0 3 0x14200 aiodoned aiodoned
6069 170668 0 0 3 0x14200 syncer update
28694 150033 0 0 3 0x14200 cleaner cleaner
18176 344907 0 0 3 0x14200 reaper reaper
66716 87118 0 0 3 0x14200 pgdaemon pagedaemon
83111 168862 0 0 3 0x14200 bored crynlk
46055 112251 0 0 3 0x14200 bored crypto
68628 357077 0 0 3 0x40014200 acpi0 acpi0
5901 363800 0 0 2 0x14200 softnet
78990 87533 0 0 3 0x14200 bored systqmp
75668 86757 0 0 3 0x14200 bored systq
44110 271302 0 0 3 0x40014200 bored softclock
31914 151239 0 0 3 0x40014200 idle0
47852 146826 0 0 3 0x14200 bored smr
1 308989 0 0 3 0x82 wait init
0 0 -1 0 3 0x10200 scheduler swapper
ddb> show all locks
No such command
ddb> show malloc
Type InUse MemUse HighUse Limit Requests Type Lim Kern Lim
devbuf 9490 6390K 6974K 78643K 11011 0 0
pcb 13 8K 8K 78643K 54 0 0
rtable 91 7K 8K 78643K 316 0 0
ifaddr 48 11K 12K 78643K 76 0 0
counters 19 16K 16K 78643K 19 0 0
ioctlops 0 0K 2K 78643K 21 0 0
iov 0 0K 16K 78643K 37 0 0
mount 1 1K 1K 78643K 1 0 0
vnodes 1219 77K 77K 78643K 1414 0 0
UFS quota 1 32K 32K 78643K 1 0 0
UFS mount 5 36K 36K 78643K 5 0 0
shm 2 1K 1K 78643K 2 0 0
VM map 2 0K 0K 78643K 2 0 0
sem 12 0K 1K 78643K 25 0 0
dirhash 12 2K 2K 78643K 12 0 0
ACPI 1793 195K 288K 78643K 12645 0 0
file desc 6 17K 25K 78643K 188 0 0
sigio 0 0K 0K 78643K 4 0 0
proc 48 38K 63K 78643K 393 0 0
subproc 32 2K 2K 78643K 51 0 0
NFS srvsock 1 0K 0K 78643K 1 0 0
NFS daemon 1 16K 16K 78643K 1 0 0
ip_moptions 0 0K 0K 78643K 16 0 0
in_multi 22 1K 2K 78643K 45 0 0
ether_multi 1 0K 0K 78643K 1 0 0
ISOFS mount 1 32K 32K 78643K 1 0 0
MSDOSFS mount 1 16K 16K 78643K 1 0 0
ttys 48 212K 212K 78643K 48 0 0
exec 0 0K 1K 78643K 219 0 0
pagedep 1 8K 8K 78643K 1 0 0
inodedep 1 32K 32K 78643K 1 0 0
newblk 1 0K 0K 78643K 1 0 0
VM swap 7 26K 26K 78643K 7 0 0
UVM amap 97 21K 22K 78643K 1386 0 0
UVM aobj 8 2K 2K 78643K 8 0 0
memdesc 1 4K 4K 78643K 1 0 0
crypto data 1 1K 1K 78643K 1 0 0
ip6_options 0 0K 0K 78643K 22 0 0
NDP 10 0K 0K 78643K 22 0 0
temp 154 3536K 3608K 78643K 3967 0 0
kqueue 0 0K 0K 78643K 2 0 0
SYN cache 2 16K 16K 78643K 2 0 0
ddb> show all pools
Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle
arp 64 11 0 7 1 0 1 1 0 8 0
rtpcb 80 28 0 26 1 0 1 1 0 8 0
rtentry 112 62 0 28 2 0 2 2 0 8 0
unpcb 120 102 0 94 1 0 1 1 0 8 0
syncache 264 4 0 4 1 1 0 1 0 8 0
tcpqe 32 3220 0 3220 1 1 0 1 0 8 0
tcpcb 544 68 0 64 2 1 1 2 0 8 0
inpcb 280 172 0 165 3 2 1 3 0 8 0
nd6 48 6 0 4 1 0 1 1 0 8 0
ppxss 1128 2 0 2 1 1 0 1 0 8 0
art_heap8 4096 1 0 0 1 0 1 1 0 8 0
art_heap4 256 265 0 93 14 0 14 14 0 8 2
art_table 32 266 0 93 2 0 2 2 0 8 0
art_node 16 61 0 30 1 0 1 1 0 8 0
semupl 112 1 0 1 1 1 0 1 0 8 0
semapl 112 20 0 10 1 0 1 1 0 8 0
shmpl 112 6 0 0 1 0 1 1 0 8 0
dirhash 1024 17 0 0 3 0 3 3 0 8 0
dino1pl 128 1658 0 263 46 0 46 46 0 8 0
ffsino 240 1658 0 263 83 0 83 83 0 8 0
nchpl 144 2114 0 512 60 0 60 60 0 8 0
uvmvnodes 72 1854 0 0 34 0 34 34 0 8 0
vnodes 208 1854 0 0 98 0 98 98 0 8 0
namei 1024 5665 0 5665 3 2 1 1 0 8 1
scxspl 192 5826 0 5826 12 11 1 7 0 8 1
plimitpl 152 24 0 16 1 0 1 1 0 8 0
sigapl 432 356 0 342 2 0 2 2 0 8 0
futexpl 56 4115 0 4114 1 0 1 1 0 8 0
knotepl 112 180 0 160 1 0 1 1 0 8 0
kqueuepl 104 197 0 193 1 0 1 1 0 8 0
pipepl 112 212 0 191 3 2 1 2 0 8 0
fdescpl 424 357 0 342 2 0 2 2 0 8 0
filepl 120 2422 0 2318 5 1 4 5 0 8 0
lockfpl 104 41 0 40 1 0 1 1 0 8 0
lockfspl 48 17 0 16 1 0 1 1 0 8 0
sessionpl 112 18 0 8 1 0 1 1 0 8 0
pgrppl 48 18 0 8 1 0 1 1 0 8 0
ucredpl 96 268 0 261 1 0 1 1 0 8 0
zombiepl 144 343 0 342 3 2 1 1 0 8 0
processpl 864 372 0 342 4 0 4 4 0 8 0
procpl 632 648 0 609 5 1 4 5 0 8 0
sosppl 128 3 0 3 1 1 0 1 0 8 0
sockpl 384 306 0 289 6 3 3 6 0 8 1
mcl64k 65536 20 0 20 2 1 1 1 0 8 1
mcl12k 12288 9 0 9 1 0 1 1 0 8 1
mcl9k 9216 1 0 1 1 1 0 1 0 8 0
mcl8k 8192 5 0 5 2 1 1 1 0 8 1
mcl4k 4096 23 0 23 2 1 1 1 0 8 1
mcl2k2 2112 3 0 3 2 1 1 1 0 8 1
mcl2k 2048 64906 0 64863 15 9 6 13 0 8 0
mtagpl 80 8 0 4 3 2 1 1 0 8 0
mbufpl 256 105102 0 105029 14 6 8 10 0 8 1
bufpl 256 6420 0 1580 303 0 303 303 0 8 0
anonpl 16 58776 0 42604 83 9 74 80 0 62 9
amapchunkpl 152 2019 0 1907 10 5 5 8 0 158 0
amappl16 192 2057 0 1124 53 6 47 53 0 8 0
amappl14 176 102 0 97 2 1 1 1 0 8 0
amappl12 160 81 0 76 1 0 1 1 0 8 0
amappl11 152 51 0 40 1 0 1 1 0 8 0
amappl10 144 22 0 18 1 0 1 1 0 8 0
amappl9 136 585 0 579 1 0 1 1 0 8 0
amappl8 128 155 0 131 1 0 1 1 0 8 0
amappl7 120 39 0 35 1 0 1 1 0 8 0
amappl6 112 67 0 58 1 0 1 1 0 8 0
amappl5 104 228 0 215 1 0 1 1 0 8 0
amappl4 96 538 0 510 1 0 1 1 0 8 0
amappl3 88 157 0 151 1 0 1 1 0 8 0
amappl2 80 1965 0 1891 4 2 2 3 0 8 0
amappl1 72 16632 0 16217 28 19 9 20 0 8 0
amappl 80 903 0 864 2 1 1 2 0 84 0
dma4096 4096 1 0 1 1 1 0 1 0 8 0
dma256 256 6 0 6 1 1 0 1 0 8 0
dma128 128 253 0 253 1 1 0 1 0 8 0
dma64 64 6 0 6 1 1 0 1 0 8 0
dma32 32 7 0 7 1 1 0 1 0 8 0
dma16 16 17 0 17 1 1 0 1 0 8 0
aobjpl 64 7 0 0 1 0 1 1 0 8 0
uaddrrnd 24 357 0 342 1 0 1 1 0 8 0
uaddrbest 32 2 0 0 1 0 1 1 0 8 0
uaddr 24 357 0 342 1 0 1 1 0 8 0
vmmpekpl 168 6881 0 6857 2 0 2 2 0 8 0
vmmpepl 168 51046 0 48972 158 40 118 123 0 357 26
vmsppl 272 356 0 342 3 2 1 2 0 8 0
pdppl 4096 720 0 684 6 1 5 6 0 8 0
pvpl 32 177618 0 158374 199 17 182 188 0 265 26
pmappl 200 356 0 342 1 0 1 1 0 8 0
extentpl 40 41 0 26 1 0 1 1 0 8 0
phpool 112 455 0 26 13 0 13 13 0 8 0