panic: malloc: allocation too large, type = 2, size = 18446744073709550016 Stopped at db_enter+0x18: addq $0x8,%rsp TID PID UID PRFLAGS PFLAGS CPU COMMAND *330697 35222 0 0 0x4000000 0 syz-executor.1 db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:398 panic() at panic+0x15c sys/kern/subr_prf.c:207 malloc(fffffffffffff9c0,2,a) at malloc+0x9c9 sys/kern/kern_malloc.c:344 vm_get_info(ffff800016b39430) at vm_get_info+0x9a VOP_IOCTL(fffffd80365b2680,c0185603,ffff800016b39430,1,fffffd803f7c69c0,ffff8000ffff3160) at VOP_IOCTL+0x88 sys/kern/vfs_vops.c:291 vn_ioctl(fffffd803afba0f8,c0185603,ffff800016b39430,ffff8000ffff3160) at vn_ioctl+0xb7 sys/kern/vfs_vnops.c:524 sys_ioctl(ffff8000ffff3160,ffff800016b39548,ffff800016b39590) at sys_ioctl+0x5b9 syscall(ffff800016b39610) at syscall+0x507 sys/arch/amd64/amd64/trap.c:555 Xsyscall(6,0,ffffffffffffff53,0,3,17240900010) at Xsyscall+0x128 end of kernel end trace frame: 0x174d0296df0, count: 6 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic malloc: allocation too large, type = 2, size = 18446744073709550016 ddb> trace db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:398 panic() at panic+0x15c sys/kern/subr_prf.c:207 malloc(fffffffffffff9c0,2,a) at malloc+0x9c9 sys/kern/kern_malloc.c:344 vm_get_info(ffff800016b39430) at vm_get_info+0x9a VOP_IOCTL(fffffd80365b2680,c0185603,ffff800016b39430,1,fffffd803f7c69c0,ffff8000ffff3160) at VOP_IOCTL+0x88 sys/kern/vfs_vops.c:291 vn_ioctl(fffffd803afba0f8,c0185603,ffff800016b39430,ffff8000ffff3160) at vn_ioctl+0xb7 sys/kern/vfs_vnops.c:524 sys_ioctl(ffff8000ffff3160,ffff800016b39548,ffff800016b39590) at sys_ioctl+0x5b9 syscall(ffff800016b39610) at syscall+0x507 sys/arch/amd64/amd64/trap.c:555 Xsyscall(6,0,ffffffffffffff53,0,3,17240900010) at Xsyscall+0x128 end of kernel end trace frame: 0x174d0296df0, count: -9 ddb> show registers rdi 0xffffffff8118e297 db_enter+0x17 rsi 0x2a6a __ALIGN_SIZE+0x1a6a rbp 0xffff800016b39070 rbx 0xffff800016b39120 rdx 0x2a6b __ALIGN_SIZE+0x1a6b rcx 0xffff800018963000 rax 0xffff800018963000 r8 0xffff800016b39030 r9 0x1 r10 0xffff800000b168c0 r11 0xb1f305f05dfbee35 r12 0x3000000008 r13 0xffff800016b39080 r14 0x100 r15 0x1 rip 0xffffffff8118e298 db_enter+0x18 cs 0x8 rflags 0x246 rsp 0xffff800016b39060 ss 0x10 db_enter+0x18: addq $0x8,%rsp ddb> show proc PROC (syz-executor.1) pid=330697 stat=onproc flags process=0 proc=4000000 pri=81, usrpri=81, nice=20 forw=0xffffffffffffffff, list=0xffff8000ffff3650,0xffffffff825545b0 process=0xffff8000ffff6010 user=0xffff800016b34000, vmspace=0xfffffd803f013dd0 estcpu=36, cpticks=0, pctcpu=0.0 user=0, sys=0, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 35222 411799 36369 0 2 0 syz-executor.1 *35222 330697 36369 0 7 0x4000000 syz-executor.1 36369 320159 56690 0 3 0x82 nanosleep syz-executor.1 62505 295486 56690 0 2 0x2 syz-executor.0 11735 131983 0 0 3 0x14200 acct acct 21439 37003 1 0 3 0x100083 ttyin getty 25889 21508 0 0 3 0x14200 bored sosplice 56690 6824 55718 0 3 0x82 thrsleep syz-fuzzer 56690 1834 55718 0 3 0x4000082 nanosleep syz-fuzzer 56690 160734 55718 0 3 0x4000082 kqread syz-fuzzer 56690 29234 55718 0 3 0x4000082 thrsleep syz-fuzzer 56690 316399 55718 0 3 0x4000082 thrsleep syz-fuzzer 56690 395815 55718 0 3 0x4000082 thrsleep syz-fuzzer 56690 89106 55718 0 3 0x4000082 thrsleep syz-fuzzer 55718 402054 46002 0 3 0x10008a pause ksh 46002 332779 45601 0 3 0x92 select sshd 45601 33140 1 0 3 0x80 select sshd 7654 327973 17801 73 3 0x100090 kqread syslogd 17801 386342 1 0 3 0x100082 netio syslogd 51723 350581 1 77 3 0x100090 poll dhclient 58543 112137 1 0 3 0x80 poll dhclient 84096 266450 0 0 2 0x14200 zerothread 39766 221611 0 0 3 0x14200 aiodoned aiodoned 90321 491028 0 0 3 0x14200 syncer update 16942 509912 0 0 3 0x14200 cleaner cleaner 2512 221671 0 0 3 0x14200 reaper reaper 41821 186601 0 0 3 0x14200 pgdaemon pagedaemon 96076 314484 0 0 3 0x14200 bored crynlk 16021 321970 0 0 3 0x14200 bored crypto 68296 459318 0 0 3 0x40014200 acpi0 acpi0 52502 45170 0 0 3 0x14200 bored softnet 63450 51496 0 0 3 0x14200 bored systqmp 47516 461999 0 0 3 0x14200 bored systq 38117 57118 0 0 3 0x40014200 bored softclock 90539 103490 0 0 3 0x40014200 idle0 21506 308543 0 0 3 0x14200 bored smr 1 255588 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim Kern Lim devbuf 9571 7257K 7450K 78643K 20699 0 0 pcb 13 8K 8K 78643K 799 0 0 rtable 117 4K 5K 78643K 1394 0 0 ifaddr 71 16K 16K 78643K 461 0 0 counters 19 16K 16K 78643K 19 0 0 ioctlops 0 0K 2K 78643K 203 0 0 iov 0 0K 24K 78643K 443 0 0 mount 1 1K 1K 78643K 1 0 0 vnodes 1208 76K 77K 78643K 5314 0 0 UFS quota 1 32K 32K 78643K 1 0 0 UFS mount 5 36K 36K 78643K 5 0 0 shm 2 1K 5K 78643K 55 0 0 VM map 2 0K 0K 78643K 12 0 0 sem 12 0K 1K 78643K 554 0 0 dirhash 12 2K 2K 78643K 12 0 0 ACPI 1793 195K 288K 78643K 12645 0 0 file desc 5 13K 25K 78643K 4245 0 0 sigio 0 0K 0K 78643K 47 0 0 proc 50 38K 63K 78643K 1237 0 0 subproc 32 2K 2K 78643K 255 0 0 NFS srvsock 1 0K 0K 78643K 1 0 0 NFS daemon 1 16K 16K 78643K 1 0 0 ip_moptions 0 0K 0K 78643K 399 0 0 in_multi 33 2K 2K 78643K 269 0 0 ether_multi 1 0K 0K 78643K 20 0 0 mrt 0 0K 0K 78643K 20 0 0 ISOFS mount 1 32K 32K 78643K 1 0 0 MSDOSFS mount 1 16K 16K 78643K 1 0 0 ttys 144 636K 636K 78643K 144 0 0 exec 0 0K 1K 78643K 730 0 0 pfkey data 0 0K 4K 78643K 6 0 0 pagedep 1 8K 8K 78643K 1 0 0 inodedep 1 32K 32K 78643K 1 0 0 newblk 1 0K 0K 78643K 1 0 0 VM swap 7 26K 26K 78643K 7 0 0 UVM amap 114 22K 31K 78643K 10890 0 0 UVM aobj 130 4K 4K 78643K 172 0 0 memdesc 1 4K 4K 78643K 1 0 0 crypto data 1 1K 1K 78643K 1 0 0 ip6_options 0 0K 1K 78643K 595 0 0 NDP 16 0K 0K 78643K 141 0 0 temp 198 3536K 4176K 78643K 81143 0 0 kqueue 0 0K 0K 78643K 39 0 0 SYN cache 2 16K 16K 78643K 2 0 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle arp 64 32 0 26 1 0 1 1 0 8 0 rtpcb 80 292 0 290 1 0 1 1 0 8 0 rtentry 112 178 0 133 2 0 2 2 0 8 0 unpcb 120 1720 0 1703 3 2 1 2 0 8 0 syncache 264 4 0 4 1 1 0 1 0 8 0 tcpqe 32 5496 0 5496 1 1 0 1 0 8 0 tcpcb 544 1622 0 1618 2 1 1 2 0 8 0 ipq 40 13 0 13 4 3 1 1 0 8 1 ipqe 40 26 0 26 4 3 1 1 0 8 1 inpcb 280 4188 0 4181 13 12 1 2 0 8 0 rttmr 72 3 0 3 2 2 0 1 0 8 0 nd6 48 26 0 22 1 0 1 1 0 8 0 pkpcb 40 24 0 24 8 8 0 1 0 8 0 swfcl 56 4 0 0 1 0 1 1 0 8 0 ppxss 1128 64 0 64 14 14 0 1 0 8 0 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 762 0 543 18 3 15 16 0 8 0 art_table 32 763 0 543 2 0 2 2 0 8 0 art_node 16 166 0 126 1 0 1 1 0 8 0 sysvmsgpl 40 39 0 31 2 1 1 1 0 8 0 semupl 112 1 0 1 1 1 0 1 0 8 0 semapl 112 552 0 542 1 0 1 1 0 8 0 shmpl 112 170 0 42 4 0 4 4 0 8 0 dirhash 1024 17 0 0 3 0 3 3 0 8 0 dino1pl 128 8192 0 6801 46 0 46 46 0 8 0 ffsino 240 8192 0 6801 83 0 83 83 0 8 0 nchpl 144 14495 0 12870 61 0 61 61 0 8 0 uvmvnodes 72 6319 0 0 115 0 115 115 0 8 0 vnodes 208 6319 0 0 333 0 333 333 0 8 0 namei 1024 60849 0 60849 5 4 1 1 0 8 1 vmpool 520 10 0 10 4 3 1 1 0 8 1 scsiplug 64 9 0 9 8 8 0 1 0 8 0 scxspl 192 43421 0 43421 17 15 2 7 0 8 2 plimitpl 152 368 0 361 1 0 1 1 0 8 0 sigapl 432 4378 0 4365 2 0 2 2 0 8 0 futexpl 56 103182 0 103182 5 4 1 1 0 8 1 knotepl 112 1730 0 1711 2 1 1 2 0 8 0 kqueuepl 104 2332 0 2330 1 0 1 1 0 8 0 pipepl 112 4996 0 4977 7 6 1 2 0 8 0 fdescpl 424 4379 0 4365 2 0 2 2 0 8 0 filepl 120 44095 0 43994 10 6 4 5 0 8 0 lockfpl 104 1392 0 1391 1 0 1 1 0 8 0 lockfspl 48 495 0 494 1 0 1 1 0 8 0 sessionpl 112 31 0 21 1 0 1 1 0 8 0 pgrppl 48 67 0 57 1 0 1 1 0 8 0 ucredpl 96 15712 0 15705 1 0 1 1 0 8 0 zombiepl 144 4367 0 4367 3 2 1 1 0 8 1 processpl 864 4397 0 4367 4 0 4 4 0 8 0 procpl 632 9534 0 9497 4 0 4 4 0 8 0 sosppl 128 52 0 52 16 16 0 1 0 8 0 sockpl 384 6260 0 6234 22 18 4 5 0 8 1 mcl64k 65536 654 0 654 75 74 1 64 0 8 1 mcl16k 16384 31 0 31 15 14 1 1 0 8 1 mcl12k 12288 82 0 82 16 15 1 1 0 8 1 mcl9k 9216 39 0 39 12 12 0 1 0 8 0 mcl8k 8192 102 0 102 12 11 1 1 0 8 1 mcl4k 4096 368 0 368 7 6 1 1 0 8 1 mcl2k2 2112 29 0 29 16 15 1 1 0 8 1 mcl2k 2048 62243 0 62199 26 19 7 19 0 8 1 mtagpl 80 117 0 105 3 2 1 1 0 8 0 mbufpl 256 125042 0 124908 56 46 10 39 0 8 0 bufpl 256 16123 0 9803 396 0 396 396 0 8 0 anonpl 16 411954 0 398172 161 90 71 81 0 62 11 amapchunkpl 152 19135 0 19031 48 38 10 12 0 158 5 amappl16 192 23185 0 22393 161 112 49 60 0 8 8 amappl15 184 757 0 755 1 0 1 1 0 8 0 amappl14 176 621 0 616 2 1 1 1 0 8 0 amappl13 168 325 0 325 2 2 0 1 0 8 0 amappl12 160 5 0 3 1 0 1 1 0 8 0 amappl11 152 453 0 442 1 0 1 1 0 8 0 amappl10 144 1034 0 1033 2 1 1 1 0 8 0 amappl9 136 1077 0 1071 1 0 1 1 0 8 0 amappl8 128 669 0 629 3 1 2 2 0 8 0 amappl7 120 1113 0 1107 1 0 1 1 0 8 0 amappl6 112 452 0 441 1 0 1 1 0 8 0 amappl5 104 259 0 249 1 0 1 1 0 8 0 amappl4 96 4650 0 4619 1 0 1 1 0 8 0 amappl3 88 749 0 744 1 0 1 1 0 8 0 amappl2 80 34188 0 34121 4 2 2 3 0 8 0 amappl1 72 87675 0 87250 28 19 9 20 0 8 0 amappl 80 9965 0 9930 1 0 1 1 0 84 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma64 64 259 0 259 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 17 0 17 1 1 0 1 0 8 0 aobjpl 64 171 0 42 3 0 3 3 0 8 0 uaddrrnd 24 4389 0 4365 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 4389 0 4365 1 0 1 1 0 8 0 vmmpekpl 168 33187 0 33160 2 0 2 2 0 8 0 vmmpepl 168 513832 0 511964 317 222 95 111 0 357 5 vmsppl 272 4378 0 4365 2 1 1 2 0 8 0 pdppl 4096 8784 0 8750 6 1 5 6 0 8 0 pvpl 32 1167494 0 1150624 412 245 167 277 0 265 26 pmappl 200 4388 0 4375 1 0 1 1 0 8 0 extentpl 40 41 0 26 1 0 1 1 0 8 0 phpool 112 709 0 182 18 1 17 18 0 8 0