panic: Data modified on freelist: word 4 of object 0xffff800000dbfa00 size 0x130 previous type free (0x6563 != 0xdeaf4152) Stopped at db_enter+0x1c: addq $0x8,%rsp TID PID UID PRFLAGS PFLAGS CPU COMMAND *415440 40241 0 0x102004 0 0 sh db_enter() at db_enter+0x1c sys/arch/amd64/amd64/db_interface.c:437 panic(ffffffff82767468) at panic+0x165 sys/kern/subr_prf.c:198 malloc(130,7f,1) at malloc+0xa85 sys/kern/kern_malloc.c:362 exec_elf_makecmds(ffff8000fffe4048,ffff80002ce17f30) at exec_elf_makecmds+0xd7d sys/kern/exec_elf.c:592 check_exec(ffff8000fffe4048,ffff80002ce17f30) at check_exec+0x30f sys/kern/kern_exec.c:198 sys_execve(ffff8000fffe4048,ffff80002ce18310,ffff80002ce18360) at sys_execve+0x211 sys/kern/kern_exec.c:316 syscall(ffff80002ce183e0) at syscall+0x4a8 sys/arch/amd64/amd64/trap.c:623 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x7836da534820, count: 7 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic *cpu0: Data modified on freelist: word 4 of object 0xffff800000dbfa00 size 0x130 previous type free (0x6563 != 0xdeaf4152) ddb> trace db_enter() at db_enter+0x1c sys/arch/amd64/amd64/db_interface.c:437 panic(ffffffff82767468) at panic+0x165 sys/kern/subr_prf.c:198 malloc(130,7f,1) at malloc+0xa85 sys/kern/kern_malloc.c:362 exec_elf_makecmds(ffff8000fffe4048,ffff80002ce17f30) at exec_elf_makecmds+0xd7d sys/kern/exec_elf.c:592 check_exec(ffff8000fffe4048,ffff80002ce17f30) at check_exec+0x30f sys/kern/kern_exec.c:198 sys_execve(ffff8000fffe4048,ffff80002ce18310,ffff80002ce18360) at sys_execve+0x211 sys/kern/kern_exec.c:316 syscall(ffff80002ce183e0) at syscall+0x4a8 sys/arch/amd64/amd64/trap.c:623 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x7836da534820, count: -8 ddb> show registers rdi 0 rsi 0x1 rbp 0xffff80002ce17ae0 rbx 0xffff800000dbfa00 rdx 0 rcx 0 rax 0xffff8000fffe4048 r8 0x101010101010101 r9 0x8080808080808080 r10 0x96559c0395963945 r11 0xac464b9df9e25987 r12 0 r13 0x51 r14 0 r15 0x1 rip 0xffffffff81d0cd0c db_enter+0x1c cs 0x8 rflags 0x246 rsp 0xffff80002ce17ad0 ss 0x10 db_enter+0x1c: addq $0x8,%rsp ddb> show proc PROC (sh) pid=415440 stat=onproc flags process=102004 proc=0 pri=74, usrpri=74, nice=20 forw=0xffffffffffffffff, list=0xffff8000fffe4870,0xffffffff82c1c238 process=0xffff8000fffef3c0 user=0xffff80002ce13000, vmspace=0xfffffd8079cbbd08 estcpu=36, cpticks=3, pctcpu=0.0 user=0, sys=3, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND *40241 415440 58089 0 7 0x102004 sh 58089 267253 31302 0 3 0x10008a sigsusp sh 31302 464158 36653 0 3 0x82 wait syz-executor.1 13142 198875 36653 0 3 0x82 piperd syz-executor.5 41599 262091 0 0 3 0x14200 acct acct 25854 342029 36653 0 3 0x82 piperd syz-executor.0 48749 296042 36653 0 3 0x82 piperd syz-executor.6 15228 407617 36653 0 3 0x82 piperd syz-executor.7 64701 251201 36653 0 3 0x82 piperd syz-executor.3 64349 445067 36653 0 3 0x82 piperd syz-executor.2 43715 90929 36653 0 3 0x82 piperd syz-executor.4 27996 108689 1 0 3 0x100083 ttyin getty 74106 363566 0 0 3 0x14200 bored sosplice 89929 208586 89218 0 3 0x100082 netio arp 89218 158719 1 0 3 0x10008a sigsusp sh 36653 192730 49801 0 3 0x82 wait syz-fuzzer 36653 188378 49801 0 3 0x4000082 nanoslp syz-fuzzer 36653 155608 49801 0 3 0x4000082 thrsleep syz-fuzzer 36653 45433 49801 0 3 0x4000082 wait syz-fuzzer 36653 219528 49801 0 3 0x4000082 wait syz-fuzzer 36653 334024 49801 0 3 0x4000082 wait syz-fuzzer 36653 316455 49801 0 3 0x4000082 thrsleep syz-fuzzer 36653 490522 49801 0 3 0x4000082 wait syz-fuzzer 36653 217981 49801 0 3 0x4000082 wait syz-fuzzer 36653 328802 49801 0 3 0x4000082 thrsleep syz-fuzzer 36653 371894 49801 0 3 0x4000082 thrsleep syz-fuzzer 36653 25875 49801 0 3 0x4000082 kqread syz-fuzzer 36653 251285 49801 0 3 0x4000082 thrsleep syz-fuzzer 36653 503673 49801 0 3 0x4000082 wait syz-fuzzer 36653 34907 49801 0 3 0x4000082 wait syz-fuzzer 49801 353989 58686 0 3 0x10008a sigsusp ksh 58686 276716 31870 0 3 0x9a kqread sshd 31870 502235 1 0 3 0x88 kqread sshd 63249 401862 35214 73 3 0x1100090 kqread syslogd 35214 122207 1 0 3 0x100082 netio syslogd 66332 116611 1 0 3 0x100080 kqread resolvd 67846 114924 79540 77 3 0x100092 kqread dhcpleased 45407 190760 79540 77 3 0x100092 kqread dhcpleased 79540 398380 1 0 3 0x80 kqread dhcpleased 48534 117483 0 0 3 0x14200 bored smr 47756 512857 0 0 2 0x14200 zerothread 18202 463947 0 0 3 0x14200 aiodoned aiodoned 64048 131285 0 0 3 0x14200 syncer update 75077 418475 0 0 3 0x14200 cleaner cleaner 62387 93504 0 0 3 0x14200 reaper reaper 30391 239242 0 0 3 0x14200 pgdaemon pagedaemon 93698 134801 0 0 3 0x14200 bored viomb 41579 182886 0 0 3 0x40014200 acpi0 acpi0 63194 68068 0 0 3 0x14200 bored softnet3 54118 485113 0 0 3 0x14200 bored softnet2 76926 160561 0 0 3 0x14200 bored softnet1 45266 262153 0 0 3 0x14200 bored softnet0 15344 411387 0 0 3 0x14200 bored systqmp 7345 416005 0 0 3 0x14200 bored systq 40554 429349 0 0 3 0x40014200 bored softclock 83461 180259 0 0 3 0x40014200 idle0 1 249502 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10213 6436K 7514K 78643K 32342 0 pcb 13 15K 17K 78643K 370 0 rtable 223 6K 7K 78643K 2157 0 pf 34 9K 10K 78643K 319 0 ifaddr 43 13K 14K 78643K 337 0 ifgroup 59 2K 2K 78643K 546 0 sysctl 3 1K 1K 78643K 11 0 counters 30 17K 17K 78643K 160 0 ioctlops 0 0K 2K 78643K 435 0 iov 0 0K 24K 78643K 843 0 mount 1 1K 1K 78643K 1 0 log 0 0K 0K 78643K 4 0 vnodes 1469 92K 92K 78643K 8392 0 UFS quota 1 32K 32K 78643K 1 0 UFS mount 5 36K 36K 78643K 5 0 shm 2 1K 9K 78643K 219 0 VM map 2 1K 1K 78643K 2 0 sem 12 0K 0K 78643K 2027 0 dirhash 6 1K 2K 78643K 12 0 ACPI 1697 195K 286K 78643K 12548 0 file desc 14 49K 85K 78643K 14390 0 sigio 0 0K 0K 78643K 514 0 proc 58 59K 108K 78643K 2340 0 subproc 117 7K 7K 78643K 780 0 NFS srvsock 1 0K 0K 78643K 1 0 NFS daemon 1 16K 16K 78643K 1 0 ip_moptions 0 0K 0K 78643K 194 0 in_multi 89 6K 7K 78643K 689 0 ether_multi 1 0K 0K 78643K 4 0 mrt 1 0K 0K 78643K 1 0 ISOFS mount 1 32K 32K 78643K 1 0 MSDOSFS mount 1 16K 16K 78643K 1 0 ttys 295 1314K 1314K 78643K 295 0 exec 1 0K 1K 78643K 5400 0 pfkey data 0 0K 0K 78643K 37 0 tdb 3 0K 0K 78643K 3 0 pagedep 1 8K 8K 78643K 1 0 inodedep 1 32K 32K 78643K 1 0 newblk 1 0K 0K 78643K 1 0 VM swap 8 62K 64K 78643K 10 0 UVM amap 336 90K 108K 78643K 131673 0 UVM aobj 131 4K 4K 78643K 134 0 memdesc 1 4K 4K 78643K 1 0 crypto data 1 1K 1K 78643K 1 0 ip6_options 0 0K 0K 78643K 155 0 NDP 13 0K 1K 78643K 259 0 temp 75 5857K 5984K 78643K 88774 0 kqueue 12 18K 30K 78643K 649 0 SYN cache 2 16K 16K 78643K 2 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle rtpcb 120 225 0 221 1 0 1 1 0 8 0 rtentry 112 675 0 572 4 0 4 4 0 8 0 unpcb 144 7065 0 7052 106 105 1 8 0 8 0 syncache 296 151 0 151 16 16 0 1 0 8 0 sackhl 24 4 0 4 4 4 0 1 0 8 0 tcpqe 32 114 0 114 7 7 0 1 0 8 0 tcpcb 808 3248 0 3244 97 96 1 11 0 8 0 arp 88 121 0 103 1 0 1 1 0 8 0 ipq 40 9 0 9 5 5 0 1 0 8 0 ipqe 40 156 0 156 5 5 0 1 0 8 0 inpcb 336 5512 0 5505 134 133 1 12 0 8 0 nd6 104 181 0 160 1 0 1 1 0 8 0 pkpcb 40 94 0 94 8 8 0 1 0 8 0 kcovpl 48 60 0 51 1 0 1 1 0 8 0 ppxss 1160 29 0 29 9 9 0 1 0 8 0 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 2703 0 2288 36 7 29 29 0 8 3 art_table 32 2704 0 2288 5 1 4 4 0 8 0 art_node 16 674 0 580 1 0 1 1 0 8 0 sysvmsgpl 40 3 0 3 1 1 0 1 0 8 0 semapl 112 2025 0 2015 1 0 1 1 0 8 0 shmpl 112 131 0 3 4 0 4 4 0 8 0 dirhash 1024 17 0 13 3 1 2 3 0 8 0 dino2pl 256 18820 0 17341 93 0 93 93 0 8 0 ffsino 240 18820 0 17341 88 0 88 88 0 8 0 nchpl 144 37594 0 37025 64 41 23 63 0 8 0 uvmvnodes 80 7400 0 0 152 0 152 152 0 8 0 vnodes 216 7400 0 0 412 0 412 412 0 8 0 namei 1024 138248 0 138247 22 21 1 3 0 8 0 kstatmem 264 286 0 260 3 1 2 3 0 8 0 scxspl 216 142161 0 142161 37 35 2 8 0 8 2 plimitpl 152 351 0 335 1 0 1 1 0 8 0 sigapl 424 14617 0 14574 10 3 7 8 0 8 0 futexpl 64 136864 0 136864 15 14 1 1 0 8 1 knotepl 120 115787 0 115705 14 11 3 8 0 8 0 kqueuepl 184 1373 0 1365 19 18 1 4 0 8 0 pipepl 288 2211 0 2180 60 57 3 10 0 8 0 fdescpl 432 14557 0 14532 4 0 4 4 0 8 0 filepl 120 80183 0 79932 178 169 9 19 0 8 1 lockfpl 104 5238 0 5236 7 6 1 3 0 8 0 lockfspl 48 2062 0 2060 1 0 1 1 0 8 0 sessionpl 144 78 0 61 1 0 1 1 0 8 0 pgrppl 48 190 0 173 1 0 1 1 0 8 0 ucredpl 104 6774 0 6761 1 0 1 1 0 8 0 zombiepl 144 14574 0 14574 2 1 1 1 0 8 1 processpl 1008 14617 0 14574 13 6 7 9 0 8 0 procpl 696 34998 0 34941 17 8 9 10 0 8 0 sosppl 168 114 0 114 21 20 1 1 0 8 1 sockpl 456 13002 0 12978 449 445 4 29 0 8 1 mcl64k 65536 412 0 412 44 44 0 1 0 8 0 mcl16k 16384 185 0 185 39 38 1 1 0 8 1 mcl12k 12288 405 0 405 42 42 0 1 0 8 0 mcl9k 9216 231 0 231 45 44 1 1 0 8 1 mcl8k 8192 813 0 813 36 35 1 1 0 8 1 mcl4k 4096 1582 0 1582 32 31 1 1 0 8 1 mcl2k2 2112 77 0 77 35 35 0 1 0 8 0 mcl2k 2048 80258 0 80218 69 62 7 34 0 8 1 mtagpl 96 2523 0 2523 37 37 0 35 0 8 0 mbufpl 256 230591 0 230429 392 379 13 143 0 8 0 bufpl 288 28805 0 21399 530 0 530 530 0 8 0 anonpl 24 1851988 0 1842301 209 121 88 133 0 188 0 amapchunkpl 152 450061 0 449396 122 84 38 49 0 158 1 amappl16 200 23164 0 22856 81 62 19 31 0 8 0 amappl15 192 24 0 23 1 0 1 1 0 8 0 amappl14 184 326 0 313 2 1 1 2 0 8 0 amappl13 176 21 0 21 4 4 0 1 0 8 0 amappl12 168 15946 0 15913 2 0 2 2 0 8 0 amappl11 160 56 0 44 1 0 1 1 0 8 0 amappl10 152 108 0 97 2 1 1 1 0 8 0 amappl9 144 293 0 293 15 15 0 2 0 8 0 amappl8 136 621 0 501 7 2 5 5 0 8 0 amappl7 128 107 0 88 1 0 1 1 0 8 0 amappl6 120 641 0 619 2 1 1 2 0 8 0 amappl5 112 528 0 522 1 0 1 1 0 8 0 amappl4 104 1443 0 1403 8 6 2 2 0 8 0 amappl3 96 81890 0 81830 5 2 3 3 0 8 0 amappl2 88 15096 0 15037 4 2 2 3 0 8 0 amappl1 80 63924 0 63400 25 13 12 22 0 8 0 amappl 88 130318 0 130134 6 0 6 6 0 92 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 133 0 3 3 0 3 3 0 8 0 uaddrrnd 24 14557 0 14532 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 14557 0 14532 1 0 1 1 0 8 0 vmmpekpl 168 94735 0 94683 3 0 3 3 0 8 0 vmmpepl 168 854424 0 852449 312 196 116 166 0 357 1 vmsppl 368 14556 0 14532 4 0 4 4 0 8 0 rwobjpl 24 198054 0 189146 61 6 55 55 0 8 0 pdppl 4096 29120 0 29064 830 770 60 74 0 8 4 pvpl 32 4766786 0 4751682 685 520 165 319 0 265 0 pmappl 216 14556 0 14532 2 0 2 2 0 8 0 extentpl 40 56 0 38 1 0 1 1 0 8 0 phpool 112 2513 0 1676 28 2 26 27 0 8 0 ddb> machine ddbcpu 0 No such command ddb> trace db_enter() at db_enter+0x1c sys/arch/amd64/amd64/db_interface.c:437 panic(ffffffff82767468) at panic+0x165 sys/kern/subr_prf.c:198 malloc(130,7f,1) at malloc+0xa85 sys/kern/kern_malloc.c:362 exec_elf_makecmds(ffff8000fffe4048,ffff80002ce17f30) at exec_elf_makecmds+0xd7d sys/kern/exec_elf.c:592 check_exec(ffff8000fffe4048,ffff80002ce17f30) at check_exec+0x30f sys/kern/kern_exec.c:198 sys_execve(ffff8000fffe4048,ffff80002ce18310,ffff80002ce18360) at sys_execve+0x211 sys/kern/kern_exec.c:316 syscall(ffff80002ce183e0) at syscall+0x4a8 sys/arch/amd64/amd64/trap.c:623 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x7836da534820, count: -8 ddb> machine ddbcpu 1 No such command ddb> trace db_enter() at db_enter+0x1c sys/arch/amd64/amd64/db_interface.c:437 panic(ffffffff82767468) at panic+0x165 sys/kern/subr_prf.c:198 malloc(130,7f,1) at malloc+0xa85 sys/kern/kern_malloc.c:362 exec_elf_makecmds(ffff8000fffe4048,ffff80002ce17f30) at exec_elf_makecmds+0xd7d sys/kern/exec_elf.c:592 check_exec(ffff8000fffe4048,ffff80002ce17f30) at check_exec+0x30f sys/kern/kern_exec.c:198 sys_execve(ffff8000fffe4048,ffff80002ce18310,ffff80002ce18360) at sys_execve+0x211 sys/kern/kern_exec.c:316 syscall(ffff80002ce183e0) at syscall+0x4a8 sys/arch/amd64/amd64/trap.c:623 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0x7836da534820, count: -8