panic: malloc: allocation too large, type = 2, size = 1844674407370p9a5n484: ke
neStopped at db_enter+0x18: addq $0x8,%rsp
TID PID UID PRFLAGS PFLAGS CPU COMMAND
* 25233 31923 0 0 0x4000000 0 syz-executor.0
436785 31923 0 0 0x4000000 1 syz-executor.0
db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:398
panic() at panic+0x15c sys/kern/subr_prf.c:207
malloc(fffffffffffff380,2,a) at malloc+0x9c9 sys/kern/kern_malloc.c:344
vm_get_info(ffff8000219a5080) at vm_get_info+0x9d
VOP_IOCTL(fffffd806e175c30,c0185603,ffff8000219a5080,3,fffffd807f7c65a0,ffff800020ab0780) at VOP_IOCTL+0x88 sys/kern/vfs_vops.c:291
vn_ioctl(fffffd806ca590a8,c0185603,ffff8000219a5080,ffff800020ab0780) at vn_ioctl+0xb7 sys/kern/vfs_vnops.c:524
sys_ioctl(ffff800020ab0780,ffff8000219a5198,ffff8000219a51e0) at sys_ioctl+0x5b9
syscall(ffff8000219a5260) at syscall+0x4a4 mi_syscall sys/sys/syscall_mi.h:92 [inline]
syscall(ffff8000219a5260) at syscall+0x4a4 sys/arch/amd64/amd64/trap.c:555
Xsyscall(6,0,ffffffffffffff53,0,3,cdf6062010) at Xsyscall+0x128
end of kernel
end trace frame: 0xd03c5fca00, count: 6
https://www.openbsd.org/ddb.html describes the minimum info required in bug
reports. Insufficient info makes it difficult to find and fix bugs.
ddb{0}>
ddb{0}> set $lines = 0
ddb{0}> set $maxwidth = 0
ddb{0}> show panic
malloc: allocation too large, type = 2, size = 18446744073709548416
ddb{0}> trace
db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:398
panic() at panic+0x15c sys/kern/subr_prf.c:207
malloc(fffffffffffff380,2,a) at malloc+0x9c9 sys/kern/kern_malloc.c:344
vm_get_info(ffff8000219a5080) at vm_get_info+0x9d
VOP_IOCTL(fffffd806e175c30,c0185603,ffff8000219a5080,3,fffffd807f7c65a0,ffff800020ab0780) at VOP_IOCTL+0x88 sys/kern/vfs_vops.c:291
vn_ioctl(fffffd806ca590a8,c0185603,ffff8000219a5080,ffff800020ab0780) at vn_ioctl+0xb7 sys/kern/vfs_vnops.c:524
sys_ioctl(ffff800020ab0780,ffff8000219a5198,ffff8000219a51e0) at sys_ioctl+0x5b9
syscall(ffff8000219a5260) at syscall+0x4a4 mi_syscall sys/sys/syscall_mi.h:92 [inline]
syscall(ffff8000219a5260) at syscall+0x4a4 sys/arch/amd64/amd64/trap.c:555
Xsyscall(6,0,ffffffffffffff53,0,3,cdf6062010) at Xsyscall+0x128
end of kernel
end trace frame: 0xd03c5fca00, count: -9
ddb{0}> show registers
rdi 0xffffffff81280be7 db_enter+0x17
rsi 0x1dbb __ALIGN_SIZE+0xdbb
rbp 0xffff8000219a4cc0
rbx 0xffff8000219a4d70
rdx 0x1dbc __ALIGN_SIZE+0xdbc
rcx 0xffff800021b80000
rax 0xffff800021b80000
r8 0xffffffff820f41df kprintf+0x16f
r9 0x1
r10 0x25
r11 0x7e18e37e22f4bfc4
r12 0x3000000008
r13 0xffff8000219a4cd0
r14 0x100
r15 0x1
rip 0xffffffff81280be8 db_enter+0x18
cs 0x8
rflags 0x246
rsp 0xffff8000219a4cb0
ss 0x10
db_enter+0x18: addq $0x8,%rsp
ddb{0}> show proc
PROC (syz-executor.0) pid=25233 stat=onproc
flags process=0 proc=4000000<THREAD>
pri=77, usrpri=77, nice=20
forw=0xffffffffffffffff, list=0xffff800020ab13d8,0xffff800020a5e290
process=0xffff800020adc380 user=0xffff8000219a0000, vmspace=0xfffffd807f00c730
estcpu=27, cpticks=0, pctcpu=0.0
user=0, sys=0, intr=0
ddb{0}> ps
PID TID PPID UID S FLAGS WAIT COMMAND
31923 140822 61507 0 2 0 syz-executor.0
*31923 25233 61507 0 7 0x4000000 syz-executor.0
31923 383263 61507 0 3 0x4000080 fsleep syz-executor.0
31923 436785 61507 0 7 0x4000000 syz-executor.0
49473 42935 32826 0 2 0x400000 syz-executor.1
49473 316228 32826 0 3 0x4400080 fsleep syz-executor.1
49473 170566 32826 0 3 0x4400080 fsleep syz-executor.1
32826 323911 15422 0 3 0x82 nanosleep syz-executor.1
61507 106164 15422 0 3 0x82 nanosleep syz-executor.0
24355 473491 1 0 3 0x100083 ttyin getty
60491 157197 0 0 3 0x14200 acct acct
3027 237528 0 0 3 0x14200 bored sosplice
15422 433661 30790 0 3 0x82 thrsleep syz-fuzzer
15422 262055 30790 0 3 0x4000082 nanosleep syz-fuzzer
15422 522750 30790 0 3 0x4000082 thrsleep syz-fuzzer
15422 119414 30790 0 3 0x4000082 thrsleep syz-fuzzer
15422 511329 30790 0 3 0x4000082 thrsleep syz-fuzzer
15422 105425 30790 0 3 0x4000082 thrsleep syz-fuzzer
15422 300950 30790 0 3 0x4000082 thrsleep syz-fuzzer
15422 81115 30790 0 3 0x4000082 thrsleep syz-fuzzer
15422 515653 30790 0 3 0x4000082 kqread syz-fuzzer
15422 91865 30790 0 3 0x4000082 thrsleep syz-fuzzer
30790 514233 95857 0 3 0x10008a pause ksh
95857 257697 96832 0 3 0x92 select sshd
96832 315229 1 0 3 0x80 select sshd
28106 507454 77729 74 3 0x100092 bpf pflogd
77729 319754 1 0 3 0x80 netio pflogd
4047 487203 91732 73 3 0x100090 kqread syslogd
91732 466645 1 0 3 0x100082 netio syslogd
20698 426929 0 0 2 0x14200 zerothread
2163 162841 0 0 3 0x14200 aiodoned aiodoned
71198 451266 0 0 3 0x14200 syncer update
80005 19423 0 0 3 0x14200 cleaner cleaner
4242 121094 0 0 3 0x14200 reaper reaper
71818 416972 0 0 3 0x14200 pgdaemon pagedaemon
94538 401291 0 0 3 0x14200 bored crynlk
49896 418065 0 0 3 0x14200 bored crypto
78783 415979 0 0 3 0x40014200 acpi0 acpi0
1951 61988 0 0 3 0x40014200 idle1
25066 32089 0 0 3 0x14200 bored softnet
62054 372191 0 0 3 0x14200 bored systqmp
39798 122366 0 0 3 0x14200 bored systq
59747 374205 0 0 3 0x40014200 bored softclock
33728 330647 0 0 3 0x40014200 idle0
77953 6796 0 0 3 0x14200 bored smr
1 111662 0 0 3 0x82 wait init
0 0 -1 0 3 0x10200 scheduler swapper
ddb{0}> show all locks
Process 31923 (syz-executor.0) thread 0xffff800020ab0780 (25233)
shared rwlock vmlistlock r = 0 (0xffff80000066f478)
#0 witness_lock+0x52e sys/kern/subr_witness.c:1163
#1 vm_get_info+0x39 sys/arch/amd64/amd64/vmm.c:3712
#2 VOP_IOCTL+0x88 sys/kern/vfs_vops.c:291
#3 vn_ioctl+0xb7 sys/kern/vfs_vnops.c:524
#4 sys_ioctl+0x5b9
#5 syscall+0x4a4 mi_syscall sys/sys/syscall_mi.h:92 [inline]
#5 syscall+0x4a4 sys/arch/amd64/amd64/trap.c:555
#6 Xsyscall+0x128
exclusive kernel_lock &kernel_lock r = 0 (0xffffffff826286c0)
#0 witness_lock+0x52e sys/kern/subr_witness.c:1163
#1 syscall+0x400 mi_syscall sys/sys/syscall_mi.h:83 [inline]
#1 syscall+0x400 sys/arch/amd64/amd64/trap.c:555
#2 Xsyscall+0x128
ddb{0}> show malloc
Type InUse MemUse HighUse Limit Requests Type Lim Kern Lim
devbuf 9603 7045K 8210K 78643K 48594 0 0
pcb 15 8K 9K 78643K 7456 0 0
rtable 120 12K 13K 78643K 2347 0 0
ifaddr 87 23K 27K 78643K 1447 0 0
counters 39 33K 33K 78643K 39 0 0
ioctlops 0 0K 4K 78643K 2106 0 0
iov 0 0K 32K 78643K 1620 0 0
mount 1 1K 1K 78643K 1 0 0
vnodes 1201 75K 77K 78643K 14591 0 0
UFS quota 1 32K 32K 78643K 1 0 0
UFS mount 5 36K 36K 78643K 5 0 0
shm 2 1K 5K 78643K 134 0 0
VM map 2 1K 1K 78643K 22 0 0
sem 12 1K 1K 78643K 1798 0 0
dirhash 12 2K 2K 78643K 12 0 0
ACPI 1809 196K 290K 78643K 12843 0 0
file desc 6 17K 25K 78643K 13269 0 0
sigio 0 0K 0K 78643K 143 0 0
proc 57 51K 95K 78643K 3301 0 0
subproc 32 2K 2K 78643K 824 0 0
NFS srvsock 1 0K 0K 78643K 1 0 0
NFS daemon 1 16K 16K 78643K 1 0 0
ip_moptions 0 0K 0K 78643K 1108 0 0
in_multi 33 2K 2K 78643K 873 0 0
ether_multi 1 0K 0K 78643K 54 0 0
mrt 1 0K 0K 78643K 48 0 0
ISOFS mount 1 32K 32K 78643K 1 0 0
MSDOSFS mount 1 16K 16K 78643K 1 0 0
ttys 114 503K 503K 78643K 114 0 0
exec 0 0K 1K 78643K 1666 0 0
pfkey data 0 0K 4K 78643K 3 0 0
pagedep 1 8K 8K 78643K 1 0 0
inodedep 1 32K 32K 78643K 1 0 0
newblk 1 0K 0K 78643K 1 0 0
VM swap 7 26K 26K 78643K 7 0 0
UVM amap 139 23K 31K 78643K 45540 0 0
UVM aobj 130 4K 4K 78643K 143 0 0
memdesc 1 4K 4K 78643K 1 0 0
crypto data 1 1K 1K 78643K 1 0 0
ip6_options 0 0K 1K 78643K 1511 0 0
NDP 21 0K 1K 78643K 451 0 0
temp 236 3559K 4197K 78643K 204522 0 0
kqueue 0 0K 0K 78643K 110 0 0
SYN cache 2 16K 16K 78643K 2 0 0
ddb{0}> show all pools
Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle
arp 64 107 0 101 1 0 1 1 0 8 0
plcache 128 20 0 0 1 0 1 1 0 8 0
rtpcb 80 576 0 576 21 20 1 1 0 8 1
rtentry 112 516 0 470 2 0 2 2 0 8 0
unpcb 120 4256 0 4244 1 0 1 1 0 8 0
syncache 264 4 0 4 1 1 0 1 0 8 0
sackhl 24 1 0 1 1 1 0 1 0 8 0
tcpqe 32 5272 0 5272 2 2 0 2 0 8 0
tcpcb 544 8793 0 8789 10 9 1 2 0 8 0
inpcb 280 23211 0 23205 38 36 2 3 0 8 1
rttmr 72 9 0 9 9 9 0 1 0 8 0
nd6 48 90 0 86 1 0 1 1 0 8 0
pkpcb 40 79 0 79 23 23 0 1 0 8 0
ppxss 1128 243 0 243 34 33 1 1 0 8 1
pffrag 232 21 0 21 13 13 0 1 0 482 0
pffrnode 88 21 0 21 13 13 0 1 0 8 0
pffrent 40 46 0 46 14 14 0 1 0 8 0
pfosfp 40 846 0 846 5 5 0 5 0 8 0
pfosfpen 112 1428 0 1428 21 21 0 21 0 8 0
pfstitem 24 320 0 294 1 0 1 1 0 8 0
pfstkey 112 320 0 294 2 0 2 2 0 8 0
pfstate 328 320 0 294 6 3 3 4 0 8 0
pfrule 1360 21 0 16 2 1 1 2 0 8 0
art_heap8 4096 1 0 0 1 0 1 1 0 8 0
art_heap4 256 2261 0 2013 24 8 16 16 0 8 0
art_table 32 2262 0 2013 4 1 3 3 0 8 0
art_node 16 506 0 464 1 0 1 1 0 8 0
sysvmsgpl 40 12 0 12 5 5 0 1 0 8 0
semupl 112 14 0 14 1 1 0 1 0 8 0
semapl 112 1794 0 1784 1 0 1 1 0 8 0
shmpl 112 141 0 13 4 0 4 4 0 8 0
dirhash 1024 17 0 0 3 0 3 3 0 8 0
dino1pl 128 21459 0 20006 49 1 48 48 0 8 0
ffsino 272 21459 0 20006 99 1 98 98 0 8 0
nchpl 144 40194 0 38531 62 0 62 62 0 8 0
uvmvnodes 72 7271 0 0 133 0 133 133 0 8 0
vnodes 208 7271 0 0 383 0 383 383 0 8 0
namei 1024 139929 0 139929 3 2 1 1 0 8 1
percpumem 16 30 0 0 1 0 1 1 0 8 0
vmpool 552 20 0 20 11 11 0 1 0 8 0
scsiplug 64 18 0 18 12 12 0 1 0 8 0
scxspl 192 116121 0 116121 62 61 1 7 0 8 1
plimitpl 152 1117 0 1110 1 0 1 1 0 8 0
sigapl 432 13341 0 13327 3 1 2 3 0 8 0
futexpl 56 234148 0 234145 1 0 1 1 0 8 0
knotepl 112 2942 0 2922 1 0 1 1 0 8 0
kqueuepl 104 2788 0 2785 1 0 1 1 0 8 0
pipepl 112 9470 0 9447 37 36 1 3 0 8 0
fdescpl 488 13342 0 13327 3 0 3 3 0 8 0
filepl 152 103738 0 103634 31 26 5 7 0 8 1
lockfpl 104 4001 0 3999 1 0 1 1 0 8 0
lockfspl 48 1322 0 1320 1 0 1 1 0 8 0
sessionpl 112 74 0 65 1 0 1 1 0 8 0
pgrppl 48 168 0 159 1 0 1 1 0 8 0
ucredpl 96 18958 0 18950 1 0 1 1 0 8 0
zombiepl 144 13328 0 13328 2 1 1 1 0 8 1
processpl 896 13360 0 13328 4 0 4 4 0 8 0
procpl 632 42451 0 42405 33 28 5 5 0 8 1
srpgc 64 101 0 101 37 37 0 1 0 8 0
sosppl 128 168 0 168 36 36 0 1 0 8 0
sockpl 384 28480 0 28462 35 32 3 5 0 8 1
mcl64k 65536 529 0 0 66 49 17 65 0 8 1
mcl16k 16384 33 0 0 5 2 3 3 0 8 0
mcl12k 12288 57 0 0 2 0 2 2 0 8 0
mcl9k 9216 45 0 0 3 1 2 2 0 8 0
mcl8k 8192 17 0 0 3 0 3 3 0 8 0
mcl4k 4096 31 0 0 3 0 3 3 0 8 0
mcl2k2 2112 13 0 0 1 0 1 1 0 8 0
mcl2k 2048 247 0 0 25 10 15 25 0 8 0
mtagpl 80 58 0 0 1 0 1 1 0 8 0
mbufpl 256 877 0 0 36 1 35 36 0 8 0
bufpl 256 41758 0 34487 455 0 455 455 0 8 0
anonpl 16 1289066 0 1275762 305 235 70 85 0 124 10
amapchunkpl 152 82547 0 82438 71 63 8 12 0 158 2
amappl16 192 69448 0 68672 336 288 48 59 0 8 8
amappl15 184 1601 0 1600 1 0 1 1 0 8 0
amappl14 176 1735 0 1730 1 0 1 1 0 8 0
amappl13 168 1879 0 1877 7 6 1 1 0 8 0
amappl12 160 2033 0 2033 7 7 0 1 0 8 0
amappl11 152 1267 0 1258 1 0 1 1 0 8 0
amappl10 144 1540 0 1535 1 0 1 1 0 8 0
amappl9 136 3815 0 3809 1 0 1 1 0 8 0
amappl8 128 3427 0 3373 3 1 2 2 0 8 0
amappl7 120 1730 0 1721 1 0 1 1 0 8 0
amappl6 112 1177 0 1160 1 0 1 1 0 8 0
amappl5 104 2538 0 2527 1 0 1 1 0 8 0
amappl4 96 13775 0 13737 1 0 1 1 0 8 0
amappl3 88 2921 0 2913 1 0 1 1 0 8 0
amappl2 80 103753 0 103680 3 1 2 3 0 8 0
amappl1 72 299001 0 298560 27 17 10 20 0 8 0
amappl 80 43457 0 43420 1 0 1 1 0 84 0
dma4096 4096 1 0 1 1 1 0 1 0 8 0
dma256 256 6 0 6 1 1 0 1 0 8 0
dma64 64 259 0 259 1 1 0 1 0 8 0
dma32 32 7 0 7 1 1 0 1 0 8 0
dma16 16 17 0 17 1 1 0 1 0 8 0
aobjpl 64 142 0 13 3 0 3 3 0 8 0
uaddrrnd 24 13362 0 13327 1 0 1 1 0 8 0
uaddrbest 32 2 0 0 1 0 1 1 0 8 0
uaddr 24 13362 0 13327 1 0 1 1 0 8 0
vmmpekpl 168 112984 0 112950 2 0 2 2 0 8 0
vmmpepl 168 1638805 0 1636808 555 449 106 114 0 357 15
vmsppl 368 13341 0 13327 2 0 2 2 0 8 0
pdppl 4096 26731 0 26694 7 1 6 6 0 8 0
pvpl 32 3373685 0 3357152 576 403 173 177 0 265 28
pmappl 232 13361 0 13347 3 2 1 2 0 8 0
extentpl 40 38 0 22 1 0 1 1 0 8 0
phpool 112 746 0 86 20 0 20 20 0 8 0