panic: ffs_valloc: dup alloc Stopped at db_enter+0x25: addq $0x8,%rsp TID PID UID PRFLAGS PFLAGS CPU COMMAND * 7860 240 0 0 0x4000000 0 syz-executor db_enter() at db_enter+0x25 sys/arch/amd64/amd64/db_interface.c:437 panic(ffffffff830a879e) at panic+0x1cf sys/kern/subr_prf.c:198 ffs_inode_alloc(fffffd8070369970,2000,fffffd807f7d7000,ffff80003772b450) at ffs_inode_alloc+0x96c sys/ufs/ffs/ffs_alloc.c:404 ufs_makeinode(2000,fffffd8074969478,ffff80003772b670,ffff80003772b6a0) at ufs_makeinode+0xcb sys/ufs/ufs/ufs_vnops.c:1728 ufs_mknod(ffff80003772b510) at ufs_mknod+0x5b sys/ufs/ufs/ufs_vnops.c:167 VOP_MKNOD(fffffd8074969478,ffff80003772b670,ffff80003772b6a0,ffff80003772b5a0) at VOP_MKNOD+0x102 sys/kern/vfs_vops.c:121 domknodat(ffff80002a4c27b8,ffffff9c,20000000,2000,6381) at domknodat+0x47e sys/kern/vfs_syscalls.c:1624 syscall(ffff80003772b840) at syscall+0x97e sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xdc1e1396360, count: 6 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic *cpu0: ffs_valloc: dup alloc ddb> trace db_enter() at db_enter+0x25 sys/arch/amd64/amd64/db_interface.c:437 panic(ffffffff830a879e) at panic+0x1cf sys/kern/subr_prf.c:198 ffs_inode_alloc(fffffd8070369970,2000,fffffd807f7d7000,ffff80003772b450) at ffs_inode_alloc+0x96c sys/ufs/ffs/ffs_alloc.c:404 ufs_makeinode(2000,fffffd8074969478,ffff80003772b670,ffff80003772b6a0) at ufs_makeinode+0xcb sys/ufs/ufs/ufs_vnops.c:1728 ufs_mknod(ffff80003772b510) at ufs_mknod+0x5b sys/ufs/ufs/ufs_vnops.c:167 VOP_MKNOD(fffffd8074969478,ffff80003772b670,ffff80003772b6a0,ffff80003772b5a0) at VOP_MKNOD+0x102 sys/kern/vfs_vops.c:121 domknodat(ffff80002a4c27b8,ffffff9c,20000000,2000,6381) at domknodat+0x47e sys/kern/vfs_syscalls.c:1624 syscall(ffff80003772b840) at syscall+0x97e sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xdc1e1396360, count: -9 ddb> show registers rdi 0 rsi 0x1 rbp 0xffff80003772b1f0 rbx 0xfffffd806c47b200 rdx 0xffff800001161b40 rcx 0 rax 0xffff80002a4c27b8 r8 0x101010101010101 r9 0x8080808080808080 r10 0xbc84bacbf4e22c14 r11 0x8e7cfd87df59c969 r12 0 r13 0xfffffd8070369f10 r14 0 r15 0x1 rip 0xffffffff82a5fe55 db_enter+0x25 cs 0x8 rflags 0x246 rsp 0xffff80003772b1e0 ss 0 db_enter+0x25: addq $0x8,%rsp ddb> show proc PROC (syz-executor) tid=7860 pid=240 tcnt=2 stat=onproc flags process=0 proc=4000000 runpri=17, usrpri=50, slppri=17, nice=20 wchan=0x0, wmesg=, ps_single=0x0 scnt=0 ecnt=0 forw=0xffffffffffffffff, list=0xffff80002a4c2cc8,0xffffffff83557190 process=0xffff80002a5b88b8 user=0xffff800037726000, vmspace=0xfffffd807098e160 estcpu=36, cpticks=0, pctcpu=0.0, user=0, sys=0, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 240 425567 41723 0 2 0 syz-executor * 240 7860 41723 0 7 0x4000000 syz-executor 37766 197117 91279 0 2 0 syz-executor 37766 159470 91279 0 3 0x4000080 fsleep syz-executor 63991 409392 26480 0 3 0x80 nanoslp syz-executor 63991 491263 26480 0 2 0x4000000 syz-executor 63991 309551 26480 0 3 0x4000080 fsleep syz-executor 63991 269450 26480 0 3 0x4000080 fsleep syz-executor 71698 392882 62715 0 2 0 syz-executor 71698 341297 62715 0 3 0x4000080 fsleep syz-executor 84765 420344 75124 0 2 0 syz-executor 84765 102821 75124 0 3 0x4000080 fsleep syz-executor 84765 449126 75124 0 2 0x4000000 syz-executor 50956 318992 84936 0 3 0x3000 suspend syz-executor 50956 318872 84936 0 2 0x4081000 syz-executor 84936 21232 84666 0 3 0x82 nanoslp syz-executor 74495 67574 84666 0 3 0x82 piperd syz-executor 62715 249382 84666 0 3 0x82 nanoslp syz-executor 41723 269780 84666 0 3 0x82 nanoslp syz-executor 91279 340334 84666 0 3 0x82 nanoslp syz-executor 26480 142524 84666 0 3 0x82 nanoslp syz-executor 75124 166869 84666 0 3 0x82 nanoslp syz-executor 49198 55176 0 0 3 0x14280 nfsidl nfsio 10145 331871 0 0 3 0x14280 nfsidl nfsio 44153 35831 0 0 3 0x14280 nfsidl nfsio 74279 246959 0 0 3 0x14280 nfsidl nfsio 48057 182969 0 0 3 0x14280 nfsidl nfsio 12590 484966 0 0 3 0x14280 nfsidl nfsio 43340 72323 0 0 3 0x14280 nfsidl nfsio 65083 365717 0 0 3 0x14280 nfsidl nfsio 61828 195571 0 0 3 0x14280 nfsidl nfsio 64546 117458 0 0 3 0x14280 nfsidl nfsio 72172 2922 0 0 3 0x14280 nfsidl nfsio 29186 299710 0 0 3 0x14280 nfsidl nfsio 71536 243728 0 0 3 0x14280 nfsidl nfsio 77558 373689 0 0 3 0x14280 nfsidl nfsio 26869 189276 0 0 3 0x14280 nfsidl nfsio 67213 520259 0 0 3 0x14280 nfsidl nfsio 35020 404023 0 0 3 0x14280 nfsidl nfsio 2000 153633 0 0 3 0x14280 nfsidl nfsio 14066 73332 0 0 3 0x14280 nfsidl nfsio 30837 116723 0 0 3 0x14280 nfsidl nfsio 58307 389231 1 0 3 0x100083 ttyin getty 80987 253307 0 0 3 0x14200 bored sosplice 84666 235827 90887 0 2 0x2 syz-executor 90887 260926 45962 0 3 0x10008a sigsusp ksh 45962 377521 52377 0 3 0x98 kqread sshd-session 52377 83528 5031 0 3 0x92 kqread sshd-session 5031 126895 1 0 3 0x88 kqread sshd 32222 24584 10270 73 3 0x1100090 kqread syslogd 10270 303170 1 0 3 0x100082 sbwait syslogd 25126 152856 1 0 3 0x100080 kqread resolvd 11640 447988 43615 77 3 0x100092 kqread dhcpleased 30746 455272 43615 77 3 0x100092 kqread dhcpleased 43615 101635 1 0 3 0x80 kqread dhcpleased 26601 321920 0 0 3 0x14200 bored smr 6789 22423 0 0 2 0x14200 zerothread 49031 132426 0 0 3 0x14200 aiodoned aiodoned 37921 420041 0 0 3 0x14200 syncer update 88882 284957 0 0 3 0x14200 cleaner cleaner 91697 209156 0 0 3 0x14200 reaper reaper 56827 515691 0 0 3 0x14200 pgdaemon pagedaemon 53661 444520 0 0 3 0x14200 bored viomb 85280 487648 0 0 3 0x40014200 acpi0 acpi0 16588 187022 0 0 3 0x14200 bored softnet3 42942 400510 0 0 3 0x14200 bored softnet2 20126 255548 0 0 3 0x14200 bored softnet1 69814 247209 0 0 3 0x14200 bored softnet0 46557 168087 0 0 3 0x14200 bored systqmp 98713 209636 0 0 3 0x14200 bored systq 93761 95690 0 0 3 0x40014200 tmoslp softclock 47917 422963 0 0 3 0x40014200 idle0 1 352213 0 0 3 0x80082 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10184 10149K 10410K 166960K 12262 0 pcb 18 13K 13K 166960K 144 0 rtable 202 7K 8K 166960K 1414 0 pf 34 13K 17K 166960K 143 0 ifaddr 39 6K 7K 166960K 191 0 ifgroup 54 2K 2K 166960K 224 0 sysctl 3 0K 1K 166960K 4 0 counters 31 17K 17K 166960K 77 0 ioctlops 0 0K 4K 166960K 147 0 iov 0 0K 16K 166960K 39 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1481 93K 93K 166960K 2364 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 1K 9K 166960K 29 0 VM map 2 1K 1K 166960K 2 0 sem 12 0K 0K 166960K 73 0 dirhash 12 2K 2K 166960K 15 0 ACPI 1697 195K 286K 166960K 12548 0 file desc 16 57K 97K 166960K 1270 0 sigio 0 0K 0K 166960K 43 0 proc 58 59K 124K 166960K 1418 0 subproc 104 6K 8K 166960K 533 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 2 0K 0K 166960K 222 0 in_multi 87 6K 7K 166960K 486 0 ether_multi 2 0K 0K 166960K 12 0 mrt 1 0K 0K 166960K 4 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 91 413K 413K 166960K 91 0 exec 0 0K 1K 166960K 926 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 226 78K 93K 166960K 11357 0 UVM aobj 42 2K 2K 166960K 44 0 pinsyscall 37 74K 96K 166960K 3119 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 0K 166960K 57 0 NDP 12 0K 2K 166960K 138 0 temp 57 6811K 6919K 166960K 1459255 0 kqueue 13 20K 28K 166960K 100 0 SYN cache 2 16K 16K 166960K 2 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle rtpcb 120 173 0 170 1 0 1 1 0 8 0 rtentry 112 474 0 384 4 0 4 4 0 8 1 unpcb 144 970 0 954 7 0 7 7 0 8 6 syncache 336 4 0 4 1 0 1 1 0 8 1 tcpqe 32 1 0 1 1 0 1 1 0 8 1 tcpcb 808 334 0 330 7 0 7 7 0 8 6 arp 88 85 0 69 1 0 1 1 0 8 0 ipq 40 6 0 5 1 0 1 1 0 8 0 ipqe 40 11 0 10 1 0 1 1 0 8 0 inpcb 336 1245 0 1234 12 3 9 12 0 8 8 nd6 104 124 0 102 1 0 1 1 0 8 0 pkpcb 40 2 0 2 1 0 1 1 0 8 1 kcovpl 48 41 0 33 1 0 1 1 0 8 0 ppxss 1072 9 0 9 1 0 1 1 0 8 1 pfstscr 40 1 0 1 1 0 1 1 0 8 1 pfrktable 1344 5 0 3 1 0 1 1 0 8 0 pfanchor 1288 1 0 0 1 0 1 1 0 8 0 pftag 88 2 0 2 1 0 1 1 0 8 1 pfqueue 264 1 0 1 1 0 1 1 0 8 1 pfstitem 24 2 0 0 1 0 1 1 0 8 0 pfstkey 128 4 0 2 1 0 1 1 0 8 0 pfstate 344 2 0 1 1 0 1 1 0 8 0 pfrule 1344 9 0 6 1 0 1 1 0 8 0 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 1896 0 1518 29 2 27 29 0 8 0 art_table 32 1897 0 1518 4 0 4 4 0 8 0 art_node 16 473 0 392 1 0 1 1 0 8 0 sysvmsgpl 40 8 0 4 1 0 1 1 0 8 0 semupl 112 1 0 1 1 0 1 1 0 8 1 semapl 112 71 0 61 1 0 1 1 0 8 0 shmpl 112 41 0 2 2 0 2 2 0 8 0 dirhash 1024 19 0 2 3 0 3 3 0 8 0 dino2pl 256 2773 0 1213 98 0 98 98 0 8 0 ffsino 240 2775 0 1215 93 0 93 93 0 8 0 nchpl 144 3907 0 2183 65 0 65 65 0 8 0 uvmvnodes 80 3667 0 0 75 0 75 75 0 8 0 vnodes 216 3667 0 0 204 0 204 204 0 8 0 namei 1024 16156 0 16155 2 0 2 2 0 8 1 vcpupl 3904 37 0 0 5 0 5 5 0 8 0 vmpool 664 37 0 0 4 0 4 4 0 8 0 pfiaddrpl 120 2 0 0 1 0 1 1 0 8 0 kstatmem 264 116 0 92 2 0 2 2 0 8 0 scsiplug 72 3 0 3 1 0 1 1 0 8 1 scxspl 216 22714 0 22714 8 0 8 8 1 8 8 plimitpl 152 337 0 320 1 0 1 1 0 8 0 sigapl 424 1503 0 1438 9 0 9 9 0 8 0 futexpl 64 10818 0 10813 1 0 1 1 0 8 0 knotepl 120 22354 0 22307 10 0 10 10 0 8 8 kqueuepl 184 159 0 150 1 0 1 1 0 8 0 pipepl 288 304 0 277 6 0 6 6 0 8 4 fdescpl 432 1466 0 1438 5 0 5 5 0 8 1 filepl 120 8221 0 7972 16 1 15 16 0 8 6 lockfpl 104 219 0 217 1 0 1 1 0 8 0 lockfspl 48 91 0 89 1 0 1 1 0 8 0 sessionpl 144 54 0 46 1 0 1 1 0 8 0 pgrppl 48 105 0 89 1 0 1 1 0 8 0 ucredpl 104 1122 0 1111 1 0 1 1 0 8 0 zombiepl 144 1440 0 1438 1 0 1 1 0 8 0 processpl 1096 1503 0 1438 6 0 6 6 0 8 0 procpl 648 2540 0 2466 8 0 8 8 0 8 1 sosppl 168 3 0 3 1 0 1 1 0 8 1 sockpl 504 2399 0 2369 49 25 24 27 0 8 20 mcl64k 65536 27 0 27 1 0 1 1 0 8 1 mcl16k 16384 13 0 13 1 0 1 1 0 8 1 mcl12k 12288 1 0 1 1 0 1 1 0 8 1 mcl9k 9216 1 0 1 1 0 1 1 0 8 1 mcl8k 8192 26 0 26 1 0 1 1 0 8 1 mcl4k 4096 9 0 9 1 0 1 1 0 8 1 mcl2k2 2112 3 0 3 1 0 1 1 0 8 1 mcl2k 2048 7422 0 7326 28 8 20 28 0 8 7 mtagpl 96 82 0 82 2 0 2 2 0 8 2 mbufpl 256 17861 0 17666 24 3 21 24 0 8 5 bufpl 280 7925 0 1680 447 0 447 447 0 8 0 anonpl 24 316551 0 313294 78 0 78 78 0 187 50 amapchunkpl 152 38479 0 38002 42 0 42 42 0 158 21 amappl16 200 7750 0 7731 15 5 10 15 0 8 8 amappl15 192 6 0 6 1 0 1 1 0 8 1 amappl14 184 198 0 188 1 0 1 1 0 8 0 amappl13 176 15 0 15 1 0 1 1 0 8 1 amappl12 168 2593 0 2565 3 0 3 3 0 8 1 amappl11 160 58 0 48 1 0 1 1 0 8 0 amappl10 152 18 0 18 1 0 1 1 0 8 1 amappl9 144 108 0 108 1 0 1 1 0 8 1 amappl8 136 39 0 37 1 0 1 1 0 8 0 amappl7 128 161 0 151 1 0 1 1 0 8 0 amappl6 120 483 0 482 1 0 1 1 0 8 0 amappl5 112 270 0 262 1 0 1 1 0 8 0 amappl4 104 391 0 374 1 0 1 1 0 8 0 amappl3 96 7295 0 7186 4 0 4 4 0 8 0 amappl2 88 1066 0 1008 2 0 2 2 0 8 0 amappl1 80 12856 0 12328 13 0 13 13 0 8 1 amappl 88 10737 0 10569 5 0 5 5 0 92 0 dma4096 4096 1 0 1 1 0 1 1 0 8 1 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 6 0 6 1 0 1 1 0 8 1 dma128 128 254 0 254 1 0 1 1 0 8 1 dma64 64 7 0 7 1 0 1 1 0 8 1 dma32 32 7 0 7 1 0 1 1 0 8 1 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 43 0 2 1 0 1 1 0 8 0 uaddrrnd 24 1503 0 1438 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 1503 0 1438 1 0 1 1 0 8 0 vmmpekpl 168 12778 0 12721 3 0 3 3 0 8 0 vmmpepl 168 99008 0 97276 91 0 91 91 0 357 14 vmsppl 344 1502 0 1438 7 0 7 7 0 8 0 rwobjpl 24 35693 0 31129 28 0 28 28 0 8 0 pdppl 4096 3013 0 2913 189 85 104 113 0 8 4 pvpl 32 769082 0 759852 357 11 346 357 0 265 258 pmappl 216 1502 0 1438 4 0 4 4 0 8 0 extentpl 40 56 0 38 1 0 1 1 0 8 0 phpool 112 549 0 126 13 0 13 13 0 8 0 ddb> machine ddbcpu 0 No such command ddb> trace db_enter() at db_enter+0x25 sys/arch/amd64/amd64/db_interface.c:437 panic(ffffffff830a879e) at panic+0x1cf sys/kern/subr_prf.c:198 ffs_inode_alloc(fffffd8070369970,2000,fffffd807f7d7000,ffff80003772b450) at ffs_inode_alloc+0x96c sys/ufs/ffs/ffs_alloc.c:404 ufs_makeinode(2000,fffffd8074969478,ffff80003772b670,ffff80003772b6a0) at ufs_makeinode+0xcb sys/ufs/ufs/ufs_vnops.c:1728 ufs_mknod(ffff80003772b510) at ufs_mknod+0x5b sys/ufs/ufs/ufs_vnops.c:167 VOP_MKNOD(fffffd8074969478,ffff80003772b670,ffff80003772b6a0,ffff80003772b5a0) at VOP_MKNOD+0x102 sys/kern/vfs_vops.c:121 domknodat(ffff80002a4c27b8,ffffff9c,20000000,2000,6381) at domknodat+0x47e sys/kern/vfs_syscalls.c:1624 syscall(ffff80003772b840) at syscall+0x97e sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xdc1e1396360, count: -9 ddb> machine ddbcpu 1 No such command ddb> trace db_enter() at db_enter+0x25 sys/arch/amd64/amd64/db_interface.c:437 panic(ffffffff830a879e) at panic+0x1cf sys/kern/subr_prf.c:198 ffs_inode_alloc(fffffd8070369970,2000,fffffd807f7d7000,ffff80003772b450) at ffs_inode_alloc+0x96c sys/ufs/ffs/ffs_alloc.c:404 ufs_makeinode(2000,fffffd8074969478,ffff80003772b670,ffff80003772b6a0) at ufs_makeinode+0xcb sys/ufs/ufs/ufs_vnops.c:1728 ufs_mknod(ffff80003772b510) at ufs_mknod+0x5b sys/ufs/ufs/ufs_vnops.c:167 VOP_MKNOD(fffffd8074969478,ffff80003772b670,ffff80003772b6a0,ffff80003772b5a0) at VOP_MKNOD+0x102 sys/kern/vfs_vops.c:121 domknodat(ffff80002a4c27b8,ffffff9c,20000000,2000,6381) at domknodat+0x47e sys/kern/vfs_syscalls.c:1624 syscall(ffff80003772b840) at syscall+0x97e sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xdc1e1396360, count: -9