panic: malloc: allocation too large, type W=A RN2,IN sG:i zeS P=L N1O84T 4L6O7W4ER4E0D 7ON3 7S0Y9S5C5A1L29L6 3
4
E
XSItTo p0 p9e
d
at db_enter+0x18: addq $0x8,%rsp
TID PID UID PRFLAGS PFLAGS CPU COMMAND
*330203 95732 0 0 0x4000000 0 syz-executor.0
412276 18328 74 0x100012 0 1 pflogd
db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:398
panic() at panic+0x15c sys/kern/subr_prf.c:207
malloc(fffffffffffffec0,2,a) at malloc+0x9c9 sys/kern/kern_malloc.c:344
vm_get_info(ffff800021f774c0) at vm_get_info+0x9d
VOP_IOCTL(fffffd807c21fa90,c0185603,ffff800021f774c0,1,fffffd807f7c6900,ffff800020ab18c8) at VOP_IOCTL+0x88 sys/kern/vfs_vops.c:291
vn_ioctl(fffffd80637ed7c0,c0185603,ffff800021f774c0,ffff800020ab18c8) at vn_ioctl+0xb7 sys/kern/vfs_vnops.c:524
sys_ioctl(ffff800020ab18c8,ffff800021f775d8,ffff800021f77620) at sys_ioctl+0x5b9
syscall(ffff800021f776a0) at syscall+0x4a4 mi_syscall sys/sys/syscall_mi.h:92 [inline]
syscall(ffff800021f776a0) at syscall+0x4a4 sys/arch/amd64/amd64/trap.c:555
Xsyscall(0,0,ffffffffffffff53,0,3,218651ba010) at Xsyscall+0x128
end of kernel
end trace frame: 0x21b4112be20, count: 6
https://www.openbsd.org/ddb.html describes the minimum info required in bug
reports. Insufficient info makes it difficult to find and fix bugs.
ddb{0}>
ddb{0}> set $lines = 0
ddb{0}> set $maxwidth = 0
ddb{0}> show panic
malloc: allocation too large, type = 2, size = 18446744073709551296
ddb{0}> trace
db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:398
panic() at panic+0x15c sys/kern/subr_prf.c:207
malloc(fffffffffffffec0,2,a) at malloc+0x9c9 sys/kern/kern_malloc.c:344
vm_get_info(ffff800021f774c0) at vm_get_info+0x9d
VOP_IOCTL(fffffd807c21fa90,c0185603,ffff800021f774c0,1,fffffd807f7c6900,ffff800020ab18c8) at VOP_IOCTL+0x88 sys/kern/vfs_vops.c:291
vn_ioctl(fffffd80637ed7c0,c0185603,ffff800021f774c0,ffff800020ab18c8) at vn_ioctl+0xb7 sys/kern/vfs_vnops.c:524
sys_ioctl(ffff800020ab18c8,ffff800021f775d8,ffff800021f77620) at sys_ioctl+0x5b9
syscall(ffff800021f776a0) at syscall+0x4a4 mi_syscall sys/sys/syscall_mi.h:92 [inline]
syscall(ffff800021f776a0) at syscall+0x4a4 sys/arch/amd64/amd64/trap.c:555
Xsyscall(0,0,ffffffffffffff53,0,3,218651ba010) at Xsyscall+0x128
end of kernel
end trace frame: 0x21b4112be20, count: -9
ddb{0}> show registers
rdi 0xffffffff81833a97 db_enter+0x17
rsi 0x2ced __ALIGN_SIZE+0x1ced
rbp 0xffff800021f77100
rbx 0xffff800021f771b0
rdx 0x2cee __ALIGN_SIZE+0x1cee
rcx 0xffff800021164000
rax 0xffff800021164000
r8 0xffffffff81f4f38f kprintf+0x16f
r9 0x1
r10 0x25
r11 0xf9e2a3cd27c41ce8
r12 0x3000000008
r13 0xffff800021f77110
r14 0x100
r15 0x1
rip 0xffffffff81833a98 db_enter+0x18
cs 0x8
rflags 0x246
rsp 0xffff800021f770f0
ss 0x10
db_enter+0x18: addq $0x8,%rsp
ddb{0}> show proc
PROC (syz-executor.0) pid=330203 stat=onproc
flags process=0 proc=4000000<THREAD>
pri=81, usrpri=81, nice=20
forw=0xffffffffffffffff, list=0xffff800020ab0018,0xffff800020ab0518
process=0xffff800020adc380 user=0xffff800021f72000, vmspace=0xfffffd807f00c8a0
estcpu=36, cpticks=2, pctcpu=0.0
user=0, sys=1, intr=0
ddb{0}> ps
PID TID PPID UID S FLAGS WAIT COMMAND
95732 515434 55013 0 2 0 syz-executor.0
*95732 330203 55013 0 7 0x4000000 syz-executor.0
95732 265306 55013 0 2 0x4000000 syz-executor.0
5870 379528 56083 0 2 0x2 syz-executor.1
58396 201191 0 0 3 0x14200 acct acct
55013 90991 56083 0 2 0x482 syz-executor.0
30261 479112 0 0 3 0x14200 bored sosplice
56083 523004 92695 0 3 0x82 thrsleep syz-fuzzer
56083 187375 92695 0 3 0x4000082 nanosleep syz-fuzzer
56083 180796 92695 0 3 0x4000082 thrsleep syz-fuzzer
56083 224237 92695 0 3 0x4000082 thrsleep syz-fuzzer
56083 220517 92695 0 3 0x4000082 thrsleep syz-fuzzer
56083 145662 92695 0 3 0x4000082 kqread syz-fuzzer
56083 128930 92695 0 3 0x4000082 thrsleep syz-fuzzer
56083 351247 92695 0 3 0x4000082 thrsleep syz-fuzzer
56083 304718 92695 0 3 0x4000082 thrsleep syz-fuzzer
56083 435583 92695 0 3 0x4000082 thrsleep syz-fuzzer
92695 113097 72358 0 3 0x10008a pause ksh
72358 356101 93835 0 3 0x92 select sshd
41048 125286 1 0 3 0x100083 ttyin getty
93835 369719 1 0 3 0x80 select sshd
18328 412276 98662 74 7 0x100012 pflogd
98662 4372 1 0 3 0x80 netio pflogd
37117 391490 23110 73 3 0x100090 kqread syslogd
23110 176909 1 0 3 0x100082 netio syslogd
99734 209080 1 77 3 0x100090 poll dhclient
67369 176951 1 0 3 0x80 poll dhclient
7135 443230 0 0 3 0x14200 pgzero zerothread
8314 399562 0 0 3 0x14200 aiodoned aiodoned
28460 306293 0 0 3 0x14200 syncer update
65191 378430 0 0 3 0x14200 cleaner cleaner
32058 287408 0 0 3 0x14200 reaper reaper
88463 172664 0 0 3 0x14200 pgdaemon pagedaemon
9262 329295 0 0 3 0x14200 bored crynlk
54310 123270 0 0 3 0x14200 bored crypto
90745 313140 0 0 3 0x40014200 acpi0 acpi0
21573 379085 0 0 3 0x40014200 idle1
95215 304073 0 0 3 0x14200 bored softnet
85369 406715 0 0 3 0x14200 bored systqmp
27706 349943 0 0 3 0x14200 bored systq
89931 359595 0 0 2 0x40014200 softclock
84785 113908 0 0 3 0x40014200 idle0
17401 142648 0 0 3 0x14200 bored smr
1 284292 0 0 3 0x82 wait init
0 0 -1 0 3 0x10200 scheduler swapper
ddb{0}> show all locks
Process 95732 (syz-executor.0) thread 0xffff800020ab18c8 (330203)
shared rwlock vmlistlock r = 0 (0xffff80000066f478)
#0 witness_lock+0x52e sys/kern/subr_witness.c:1163
#1 vm_get_info+0x39 sys/arch/amd64/amd64/vmm.c:3712
#2 VOP_IOCTL+0x88 sys/kern/vfs_vops.c:291
#3 vn_ioctl+0xb7 sys/kern/vfs_vnops.c:524
#4 sys_ioctl+0x5b9
#5 syscall+0x4a4 mi_syscall sys/sys/syscall_mi.h:92 [inline]
#5 syscall+0x4a4 sys/arch/amd64/amd64/trap.c:555
#6 Xsyscall+0x128
exclusive kernel_lock &kernel_lock r = 0 (0xffffffff8261d8a0)
#0 witness_lock+0x52e sys/kern/subr_witness.c:1163
#1 syscall+0x400 mi_syscall sys/sys/syscall_mi.h:83 [inline]
#1 syscall+0x400 sys/arch/amd64/amd64/trap.c:555
#2 Xsyscall+0x128
Process 5870 (syz-executor.1) thread 0xffff800020ab1160 (379528)
exclusive rrwlock inode r = 0 (0xfffffd807c0a7c58)
#0 witness_lock+0x52e sys/kern/subr_witness.c:1163
#1 rw_enter+0x447 sys/kern/kern_rwlock.c:306
#2 rrw_enter+0x4f sys/kern/kern_rwlock.c:435
#3 ufs_ihashins+0x45 sys/ufs/ufs/ufs_ihash.c:140
#4 ffs_vget+0x13e sys/ufs/ffs/ffs_vfsops.c:1352
#5 ffs_inode_alloc+0x1cf sys/ufs/ffs/ffs_alloc.c:392
#6 ufs_mkdir+0xf4 sys/ufs/ufs/ufs_vnops.c:1164
#7 VOP_MKDIR+0xc6 sys/kern/vfs_vops.c:450
#8 domkdirat+0x121 sys/kern/vfs_syscalls.c:2983
#9 syscall+0x4a4 mi_syscall sys/sys/syscall_mi.h:92 [inline]
#9 syscall+0x4a4 sys/arch/amd64/amd64/trap.c:555
#10 Xsyscall+0x128
exclusive rrwlock inode r = 0 (0xfffffd806d86ff88)
#0 witness_lock+0x52e sys/kern/subr_witness.c:1163
#1 rw_enter+0x447 sys/kern/kern_rwlock.c:306
#2 rrw_enter+0x4f sys/kern/kern_rwlock.c:435
#3 VOP_LOCK+0xf0 sys/kern/vfs_vops.c:615
#4 vn_lock+0x81 sys/kern/vfs_vnops.c:562
#5 vfs_lookup+0xe6 sys/kern/vfs_lookup.c:418
#6 namei+0x62c sys/kern/vfs_lookup.c:248
#7 domkdirat+0x75 sys/kern/vfs_syscalls.c:2968
#8 syscall+0x4a4 mi_syscall sys/sys/syscall_mi.h:92 [inline]
#8 syscall+0x4a4 sys/arch/amd64/amd64/trap.c:555
#9 Xsyscall+0x128
ddb{0}> show malloc
Type InUse MemUse HighUse Limit Requests Type Lim Kern Lim
devbuf 9532 6751K 7056K 78643K 12880 0 0
pcb 13 8K 8K 78643K 120 0 0
rtable 108 4K 4K 78643K 559 0 0
ifaddr 56 13K 14K 78643K 199 0 0
counters 39 33K 33K 78643K 39 0 0
ioctlops 0 0K 4K 78643K 1520 0 0
iov 0 0K 16K 78643K 71 0 0
mount 1 1K 1K 78643K 1 0 0
vnodes 1206 76K 77K 78643K 1965 0 0
UFS quota 1 32K 32K 78643K 1 0 0
UFS mount 5 36K 36K 78643K 5 0 0
shm 2 1K 5K 78643K 12 0 0
VM map 2 1K 1K 78643K 4 0 0
sem 12 0K 0K 78643K 81 0 0
dirhash 12 2K 2K 78643K 12 0 0
ACPI 1809 196K 290K 78643K 12843 0 0
file desc 5 13K 25K 78643K 923 0 0
sigio 0 0K 0K 78643K 6 0 0
proc 61 63K 95K 78643K 613 0 0
subproc 32 2K 2K 78643K 85 0 0
NFS srvsock 1 0K 0K 78643K 1 0 0
NFS daemon 1 16K 16K 78643K 1 0 0
ip_moptions 0 0K 0K 78643K 111 0 0
in_multi 33 2K 2K 78643K 108 0 0
ether_multi 1 0K 0K 78643K 6 0 0
mrt 0 0K 0K 78643K 8 0 0
ISOFS mount 1 32K 32K 78643K 1 0 0
MSDOSFS mount 1 16K 16K 78643K 1 0 0
ttys 66 291K 291K 78643K 66 0 0
exec 0 0K 1K 78643K 307 0 0
pagedep 1 8K 8K 78643K 1 0 0
inodedep 1 32K 32K 78643K 1 0 0
newblk 1 0K 0K 78643K 1 0 0
VM swap 7 26K 26K 78643K 7 0 0
UVM amap 101 21K 30K 78643K 3909 0 0
UVM aobj 43 2K 2K 78643K 44 0 0
memdesc 1 4K 4K 78643K 1 0 0
crypto data 1 1K 1K 78643K 1 0 0
ip6_options 0 0K 0K 78643K 100 0 0
NDP 11 0K 0K 78643K 57 0 0
temp 164 3555K 3621K 78643K 34741 0 0
kqueue 0 0K 0K 78643K 4 0 0
SYN cache 2 16K 16K 78643K 2 0 0
ddb{0}> show all pools
Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle
arp 64 13 0 7 1 0 1 1 0 8 0
plcache 128 20 0 0 1 0 1 1 0 8 0
rtpcb 80 57 0 55 1 0 1 1 0 8 0
rtentry 112 78 0 34 2 0 2 2 0 8 0
unpcb 120 338 0 328 1 0 1 1 0 8 0
syncache 264 4 0 4 1 1 0 1 0 8 0
sackhl 24 1 0 1 1 1 0 1 0 8 0
tcpqe 32 6004 0 6004 3 3 0 2 0 8 0
tcpcb 544 200 0 196 1 0 1 1 0 8 0
inpcb 280 602 0 595 4 2 2 2 0 8 1
rttmr 72 2 0 2 1 1 0 1 0 8 0
nd6 48 10 0 6 1 0 1 1 0 8 0
pkpcb 40 4 0 4 1 1 0 1 0 8 0
ppxss 1128 25 0 25 5 4 1 1 0 8 1
pffrag 232 4 0 4 1 1 0 1 0 482 0
pffrnode 88 4 0 4 1 1 0 1 0 8 0
pffrent 40 8 0 8 1 1 0 1 0 8 0
pfosfp 40 846 0 846 5 5 0 5 0 8 0
pfosfpen 112 1428 0 1428 21 21 0 21 0 8 0
pfstitem 24 43 0 18 1 0 1 1 0 8 0
pfstkey 112 43 0 18 1 0 1 1 0 8 0
pfstate 328 43 0 18 3 0 3 3 0 8 0
pfrule 1360 21 0 16 2 1 1 2 0 8 0
art_heap8 4096 1 0 0 1 0 1 1 0 8 0
art_heap4 256 349 0 133 14 0 14 14 0 8 0
art_table 32 350 0 133 2 0 2 2 0 8 0
art_node 16 77 0 37 1 0 1 1 0 8 0
sysvmsgpl 40 18 0 5 1 0 1 1 0 8 0
semapl 112 79 0 69 1 0 1 1 0 8 0
shmpl 112 42 0 1 2 0 2 2 0 8 0
dirhash 1024 17 0 0 3 0 3 3 0 8 0
dino1pl 128 2714 0 1322 46 0 46 46 0 8 0
ffsino 272 2714 0 1322 94 0 94 94 0 8 0
nchpl 144 4150 0 2546 61 0 61 61 0 8 0
uvmvnodes 72 3303 0 0 61 0 61 61 0 8 0
vnodes 208 3303 0 0 174 0 174 174 0 8 0
namei 1024 12356 0 12355 2 1 1 1 0 8 0
percpumem 16 30 0 0 1 0 1 1 0 8 0
vmpool 552 2 0 2 1 1 0 1 0 8 0
scsiplug 64 2 0 2 1 1 0 1 0 8 0
scxspl 192 11960 0 11960 13 12 1 7 0 8 1
plimitpl 152 100 0 92 1 0 1 1 0 8 0
sigapl 432 1114 0 1099 3 1 2 3 0 8 0
futexpl 56 11426 0 11426 2 1 1 1 0 8 1
knotepl 112 221 0 202 1 0 1 1 0 8 0
kqueuepl 104 165 0 163 1 0 1 1 0 8 0
pipepl 112 658 0 639 1 0 1 1 0 8 0
fdescpl 488 1115 0 1099 3 0 3 3 0 8 0
filepl 152 6276 0 6168 7 2 5 5 0 8 0
lockfpl 104 327 0 326 1 0 1 1 0 8 0
lockfspl 48 98 0 97 1 0 1 1 0 8 0
sessionpl 112 21 0 10 1 0 1 1 0 8 0
pgrppl 48 23 0 12 1 0 1 1 0 8 0
ucredpl 96 934 0 924 1 0 1 1 0 8 0
zombiepl 144 1101 0 1101 2 1 1 1 0 8 1
processpl 896 1134 0 1101 4 0 4 4 0 8 0
procpl 632 3011 0 2967 6 1 5 5 0 8 1
srpgc 64 8 0 8 3 3 0 1 0 8 0
sosppl 128 9 0 9 3 3 0 1 0 8 0
sockpl 384 1011 0 992 5 2 3 3 0 8 1
mcl64k 65536 257 0 0 33 3 30 33 0 8 1
mcl16k 16384 3 0 0 1 0 1 1 0 8 0
mcl12k 12288 7 0 0 1 0 1 1 0 8 0
mcl9k 9216 4 0 0 1 0 1 1 0 8 0
mcl8k 8192 4 0 0 1 0 1 1 0 8 0
mcl4k 4096 9 0 0 2 0 2 2 0 8 0
mcl2k2 2112 4 0 0 1 0 1 1 0 8 0
mcl2k 2048 198 0 0 24 0 24 24 0 8 0
mtagpl 80 22 0 0 1 0 1 1 0 8 0
mbufpl 256 405 0 0 22 0 22 22 0 8 0
bufpl 256 7926 0 1315 414 0 414 414 0 8 0
anonpl 16 124798 0 113359 90 29 61 68 0 124 5
amapchunkpl 152 6315 0 6206 16 8 8 10 0 158 3
amappl16 192 5733 0 5044 73 29 44 47 0 8 8
amappl15 184 212 0 209 1 0 1 1 0 8 0
amappl14 176 48 0 44 1 0 1 1 0 8 0
amappl13 168 391 0 390 1 0 1 1 0 8 0
amappl12 160 153 0 152 1 0 1 1 0 8 0
amappl11 152 207 0 190 1 0 1 1 0 8 0
amappl10 144 12 0 7 1 0 1 1 0 8 0
amappl9 136 655 0 648 1 0 1 1 0 8 0
amappl8 128 201 0 173 2 0 2 2 0 8 0
amappl7 120 61 0 55 1 0 1 1 0 8 0
amappl6 112 220 0 208 1 0 1 1 0 8 0
amappl5 104 302 0 288 1 0 1 1 0 8 0
amappl4 96 1238 0 1205 1 0 1 1 0 8 0
amappl3 88 273 0 268 1 0 1 1 0 8 0
amappl2 80 8363 0 8287 3 1 2 3 0 8 0
amappl1 72 34062 0 33615 26 16 10 20 0 8 0
amappl 80 3304 0 3266 1 0 1 1 0 84 0
dma4096 4096 1 0 1 1 1 0 1 0 8 0
dma256 256 6 0 6 1 1 0 1 0 8 0
dma64 64 259 0 259 1 1 0 1 0 8 0
dma32 32 7 0 7 1 1 0 1 0 8 0
dma16 16 17 0 17 1 1 0 1 0 8 0
aobjpl 64 43 0 1 1 0 1 1 0 8 0
uaddrrnd 24 1117 0 1099 1 0 1 1 0 8 0
uaddrbest 32 2 0 0 1 0 1 1 0 8 0
uaddr 24 1117 0 1099 1 0 1 1 0 8 0
vmmpekpl 168 12169 0 12127 2 0 2 2 0 8 0
vmmpepl 168 142568 0 140731 163 58 105 105 0 357 21
vmsppl 368 1114 0 1099 2 0 2 2 0 8 0
pdppl 4096 2241 0 2202 8 2 6 6 0 8 0
pvpl 32 347629 0 333021 209 53 156 168 0 265 23
pmappl 232 1116 0 1101 3 2 1 2 0 8 0
extentpl 40 38 0 22 1 0 1 1 0 8 0
phpool 112 626 0 9 18 0 18 18 0 8 0