panic: malloc: allocation too large, type = 2, size = 18446744073709549856 Stopped at db_enter+0x18: addq $0x8,%rsp TID PID UID PRFLAGS PFLAGS CPU COMMAND 492712 26494 0 0 0 0 syz-executor.1 *482550 26494 0 0 0x4000000 1K syz-executor.1 db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:398 panic() at panic+0x15c sys/kern/subr_prf.c:207 malloc(fffffffffffff920,2,a) at malloc+0x9c9 sys/kern/kern_malloc.c:344 vm_get_info(ffff800021b932f0) at vm_get_info+0x9d VOP_IOCTL(fffffd806e4039c0,c0185603,ffff800021b932f0,1,fffffd807f7c66c0,ffff800020ace788) at VOP_IOCTL+0x88 sys/kern/vfs_vops.c:291 vn_ioctl(fffffd8067798e60,c0185603,ffff800021b932f0,ffff800020ace788) at vn_ioctl+0xb7 sys/kern/vfs_vnops.c:524 sys_ioctl(ffff800020ace788,ffff800021b93408,ffff800021b93450) at sys_ioctl+0x5b9 syscall(ffff800021b934d0) at syscall+0x4a4 mi_syscall sys/sys/syscall_mi.h:92 [inline] syscall(ffff800021b934d0) at syscall+0x4a4 sys/arch/amd64/amd64/trap.c:555 Xsyscall(6,0,ffffffffffffff53,0,3,fac8f8971b0) at Xsyscall+0x128 end of kernel end trace frame: 0xfaedb4fd760, count: 6 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb{1}> ddb{1}> set $lines = 0 ddb{1}> set $maxwidth = 0 ddb{1}> show panic malloc: allocation too large, type = 2, size = 18446744073709549856 ddb{1}> trace db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:398 panic() at panic+0x15c sys/kern/subr_prf.c:207 malloc(fffffffffffff920,2,a) at malloc+0x9c9 sys/kern/kern_malloc.c:344 vm_get_info(ffff800021b932f0) at vm_get_info+0x9d VOP_IOCTL(fffffd806e4039c0,c0185603,ffff800021b932f0,1,fffffd807f7c66c0,ffff800020ace788) at VOP_IOCTL+0x88 sys/kern/vfs_vops.c:291 vn_ioctl(fffffd8067798e60,c0185603,ffff800021b932f0,ffff800020ace788) at vn_ioctl+0xb7 sys/kern/vfs_vnops.c:524 sys_ioctl(ffff800020ace788,ffff800021b93408,ffff800021b93450) at sys_ioctl+0x5b9 syscall(ffff800021b934d0) at syscall+0x4a4 mi_syscall sys/sys/syscall_mi.h:92 [inline] syscall(ffff800021b934d0) at syscall+0x4a4 sys/arch/amd64/amd64/trap.c:555 Xsyscall(6,0,ffffffffffffff53,0,3,fac8f8971b0) at Xsyscall+0x128 end of kernel end trace frame: 0xfaedb4fd760, count: -9 ddb{1}> show registers rdi 0xffffffff81bdfd17 db_enter+0x17 rsi 0x24dc __ALIGN_SIZE+0x14dc rbp 0xffff800021b92f30 rbx 0xffff800021b92fe0 rdx 0x24dd __ALIGN_SIZE+0x14dd rcx 0xffff800021da2000 rax 0xffff800021da2000 r8 0xffffffff816bf1ff kprintf+0x16f r9 0x1 r10 0x25 r11 0x4c337ef843d9e2c8 r12 0x3000000008 r13 0xffff800021b92f40 r14 0x100 r15 0x1 rip 0xffffffff81bdfd18 db_enter+0x18 cs 0x8 rflags 0x246 rsp 0xffff800021b92f20 ss 0x10 db_enter+0x18: addq $0x8,%rsp ddb{1}> show proc PROC (syz-executor.1) pid=482550 stat=onproc flags process=0 proc=4000000 pri=81, usrpri=81, nice=20 forw=0xffffffffffffffff, list=0xffff800020acec78,0xffffffff8265d288 process=0xffff800020addc00 user=0xffff800021b8e000, vmspace=0xfffffd807f00b450 estcpu=36, cpticks=1, pctcpu=0.0 user=0, sys=1, intr=0 ddb{1}> ps PID TID PPID UID S FLAGS WAIT COMMAND 26494 492712 20164 0 7 0 syz-executor.1 26494 386304 20164 0 3 0x4000080 lockf syz-executor.1 26494 243465 20164 0 2 0x4000000 syz-executor.1 *26494 482550 20164 0 7 0x4000000 syz-executor.1 68668 458734 52616 0 3 0x2 biowait syz-executor.0 98857 151249 1 0 3 0x100083 ttyin getty 20164 316709 52616 0 3 0x82 nanosleep syz-executor.1 41574 420501 0 0 3 0x14200 acct acct 4492 235350 0 0 3 0x14200 bored sosplice 52616 476640 80312 0 3 0x82 thrsleep syz-fuzzer 52616 343545 80312 0 3 0x4000082 nanosleep syz-fuzzer 52616 337271 80312 0 3 0x4000082 thrsleep syz-fuzzer 52616 461024 80312 0 3 0x4000082 thrsleep syz-fuzzer 52616 483361 80312 0 3 0x4000082 thrsleep syz-fuzzer 52616 492960 80312 0 3 0x4000082 nanosleep syz-fuzzer 52616 507957 80312 0 3 0x4000082 kqread syz-fuzzer 52616 233357 80312 0 3 0x4000082 thrsleep syz-fuzzer 52616 116191 80312 0 3 0x4000082 thrsleep syz-fuzzer 52616 58056 80312 0 3 0x4000082 thrsleep syz-fuzzer 80312 234436 71373 0 3 0x10008a pause ksh 71373 487385 61527 0 3 0x92 select sshd 61527 249509 1 0 3 0x80 select sshd 68532 343991 82668 74 3 0x100092 bpf pflogd 82668 424809 1 0 3 0x80 netio pflogd 89880 462176 82807 73 3 0x100090 kqread syslogd 82807 306035 1 0 3 0x100082 netio syslogd 63500 188473 1 77 3 0x100090 poll dhclient 69115 4817 1 0 3 0x80 poll dhclient 26626 323918 0 0 2 0x14200 zerothread 43047 405442 0 0 3 0x14200 aiodoned aiodoned 35474 397774 0 0 3 0x14200 syncer update 41693 245044 0 0 3 0x14200 cleaner cleaner 98686 383653 0 0 3 0x14200 reaper reaper 10273 260700 0 0 3 0x14200 pgdaemon pagedaemon 90821 438590 0 0 3 0x14200 bored crynlk 38119 516642 0 0 3 0x14200 bored crypto 83001 250588 0 0 3 0x40014200 acpi0 acpi0 22115 127244 0 0 3 0x40014200 idle1 4611 287826 0 0 3 0x14200 bored softnet 15653 174733 0 0 3 0x14200 bored systqmp 83317 356163 0 0 3 0x14200 bored systq 69468 161007 0 0 3 0x40014200 bored softclock 12986 485604 0 0 3 0x40014200 idle0 27639 425780 0 0 3 0x14200 bored smr 1 316593 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb{1}> show all locks Process 26494 (syz-executor.1) thread 0xffff800020ace788 (482550) shared rwlock vmlistlock r = 0 (0xffff80000066e478) #0 witness_lock+0x52e sys/kern/subr_witness.c:1163 #1 vm_get_info+0x39 sys/arch/amd64/amd64/vmm.c:3712 #2 VOP_IOCTL+0x88 sys/kern/vfs_vops.c:291 #3 vn_ioctl+0xb7 sys/kern/vfs_vnops.c:524 #4 sys_ioctl+0x5b9 #5 syscall+0x4a4 mi_syscall sys/sys/syscall_mi.h:92 [inline] #5 syscall+0x4a4 sys/arch/amd64/amd64/trap.c:555 #6 Xsyscall+0x128 exclusive kernel_lock &kernel_lock r = 0 (0xffffffff82662188) #0 witness_lock+0x52e sys/kern/subr_witness.c:1163 #1 syscall+0x400 mi_syscall sys/sys/syscall_mi.h:83 [inline] #1 syscall+0x400 sys/arch/amd64/amd64/trap.c:555 #2 Xsyscall+0x128 Process 68668 (syz-executor.0) thread 0xffff800020acf658 (458734) exclusive rrwlock inode r = 0 (0xfffffd806e6a9098) #0 witness_lock+0x52e sys/kern/subr_witness.c:1163 #1 rw_enter+0x447 sys/kern/kern_rwlock.c:306 #2 rrw_enter+0x4f sys/kern/kern_rwlock.c:435 #3 ufs_ihashins+0x45 sys/ufs/ufs/ufs_ihash.c:140 #4 ffs_vget+0x13e sys/ufs/ffs/ffs_vfsops.c:1352 #5 ffs_inode_alloc+0x1cf sys/ufs/ffs/ffs_alloc.c:392 #6 ufs_mkdir+0xf4 sys/ufs/ufs/ufs_vnops.c:1164 #7 VOP_MKDIR+0xc6 sys/kern/vfs_vops.c:450 #8 domkdirat+0x121 sys/kern/vfs_syscalls.c:2983 #9 syscall+0x4a4 mi_syscall sys/sys/syscall_mi.h:92 [inline] #9 syscall+0x4a4 sys/arch/amd64/amd64/trap.c:555 #10 Xsyscall+0x128 exclusive rrwlock inode r = 0 (0xfffffd807e862d58) #0 witness_lock+0x52e sys/kern/subr_witness.c:1163 #1 rw_enter+0x447 sys/kern/kern_rwlock.c:306 #2 rrw_enter+0x4f sys/kern/kern_rwlock.c:435 #3 VOP_LOCK+0xf0 sys/kern/vfs_vops.c:615 #4 vn_lock+0x81 sys/kern/vfs_vnops.c:562 #5 vfs_lookup+0xe6 sys/kern/vfs_lookup.c:418 #6 namei+0x62c sys/kern/vfs_lookup.c:248 #7 domkdirat+0x75 sys/kern/vfs_syscalls.c:2968 #8 syscall+0x4a4 mi_syscall sys/sys/syscall_mi.h:92 [inline] #8 syscall+0x4a4 sys/arch/amd64/amd64/trap.c:555 #9 Xsyscall+0x128 ddb{1}> show malloc Type InUse MemUse HighUse Limit Requests Type Lim Kern Lim devbuf 9599 6703K 8124K 78643K 22811 0 0 pcb 13 8K 8K 78643K 467 0 0 rtable 119 13K 13K 78643K 1397 0 0 ifaddr 78 16K 18K 78643K 496 0 0 counters 39 33K 33K 78643K 39 0 0 ioctlops 0 0K 4K 78643K 1618 0 0 iov 0 0K 32K 78643K 348 0 0 mount 1 1K 1K 78643K 1 0 0 vnodes 1230 77K 78K 78643K 5519 0 0 UFS quota 1 32K 32K 78643K 1 0 0 UFS mount 5 36K 36K 78643K 5 0 0 shm 2 1K 5K 78643K 65 0 0 VM map 2 1K 1K 78643K 13 0 0 sem 12 0K 1K 78643K 671 0 0 dirhash 12 2K 2K 78643K 12 0 0 ACPI 1808 196K 290K 78643K 12765 0 0 file desc 5 13K 25K 78643K 3669 0 0 sigio 0 0K 0K 78643K 44 0 0 proc 62 63K 95K 78643K 1311 0 0 subproc 32 2K 2K 78643K 259 0 0 NFS srvsock 1 0K 0K 78643K 1 0 0 NFS daemon 1 16K 16K 78643K 1 0 0 ip_moptions 0 0K 0K 78643K 378 0 0 in_multi 33 2K 2K 78643K 307 0 0 ether_multi 1 0K 0K 78643K 25 0 0 mrt 0 0K 0K 78643K 18 0 0 ISOFS mount 1 32K 32K 78643K 1 0 0 MSDOSFS mount 1 16K 16K 78643K 1 0 0 ttys 108 477K 477K 78643K 108 0 0 exec 0 0K 1K 78643K 679 0 0 pagedep 1 8K 8K 78643K 1 0 0 inodedep 1 32K 32K 78643K 1 0 0 newblk 1 0K 0K 78643K 1 0 0 VM swap 7 26K 26K 78643K 7 0 0 UVM amap 111 22K 31K 78643K 13594 0 0 UVM aobj 130 9K 9K 78643K 143 0 0 memdesc 1 4K 4K 78643K 1 0 0 crypto data 1 1K 1K 78643K 1 0 0 ip6_options 0 0K 1K 78643K 455 0 0 NDP 18 0K 1K 78643K 151 0 0 temp 214 3556K 3634K 78643K 75302 0 0 kqueue 0 0K 0K 78643K 37 0 0 SYN cache 2 16K 16K 78643K 2 0 0 ddb{1}> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle arp 64 35 0 29 1 0 1 1 0 8 0 plcache 128 20 0 0 1 0 1 1 0 8 0 rtpcb 80 223 0 221 1 0 1 1 0 8 0 rtentry 112 188 0 144 2 0 2 2 0 8 0 unpcb 120 1446 0 1428 2 1 1 2 0 8 0 syncache 264 4 0 4 1 1 0 1 0 8 0 tcpqe 32 5365 0 5365 2 2 0 2 0 8 0 tcpcb 544 4400 0 4396 20 18 2 3 0 8 1 inpcb 280 5964 0 5953 12 10 2 3 0 8 1 rttmr 72 4 0 4 4 4 0 1 0 8 0 nd6 48 30 0 26 1 0 1 1 0 8 0 pkpcb 40 3 0 3 2 2 0 1 0 8 0 swfcl 56 2 0 0 1 0 1 1 0 8 0 ppxss 1128 78 0 78 15 14 1 1 0 8 1 pffrag 232 8 0 8 5 4 1 1 0 482 1 pffrnode 88 8 0 8 5 4 1 1 0 8 1 pffrent 40 22 0 22 6 5 1 1 0 8 1 pfosfp 40 846 0 846 5 5 0 5 0 8 0 pfosfpen 112 1428 0 1428 21 21 0 21 0 8 0 pfstitem 24 113 0 101 1 0 1 1 0 8 0 pfstkey 112 113 0 101 1 0 1 1 0 8 0 pfstate 328 113 0 101 3 0 3 3 0 8 0 pfrule 1360 21 0 16 2 1 1 2 0 8 0 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 823 0 605 15 1 14 15 0 8 0 art_table 32 824 0 605 2 0 2 2 0 8 0 art_node 16 181 0 141 1 0 1 1 0 8 0 sysvmsgpl 40 24 0 16 1 0 1 1 0 8 0 semupl 112 1 0 1 1 1 0 1 0 8 0 semapl 112 667 0 657 1 0 1 1 0 8 0 shmpl 112 141 0 13 4 0 4 4 0 8 0 dirhash 1024 17 0 0 3 0 3 3 0 8 0 dino1pl 128 7024 0 5620 46 0 46 46 0 8 0 ffsino 272 7024 0 5620 95 0 95 95 0 8 0 nchpl 144 12292 0 10678 61 0 61 61 0 8 0 uvmvnodes 72 6272 0 0 115 0 115 115 0 8 0 vnodes 208 6272 0 0 331 0 331 331 0 8 0 namei 1024 44025 0 44024 3 2 1 1 0 8 0 percpumem 16 30 0 0 1 0 1 1 0 8 0 vmpool 552 11 0 11 5 5 0 1 0 8 0 scsiplug 64 2 0 2 2 2 0 1 0 8 0 scxspl 192 35047 0 35046 18 17 1 7 0 8 0 plimitpl 152 351 0 343 1 0 1 1 0 8 0 sigapl 432 3832 0 3817 4 2 2 3 0 8 0 futexpl 56 72471 0 72471 1 0 1 1 0 8 1 knotepl 112 1005 0 986 8 7 1 3 0 8 0 kqueuepl 104 816 0 814 1 0 1 1 0 8 0 pipepl 112 2662 0 2643 11 9 2 2 0 8 1 fdescpl 488 3833 0 3817 3 0 3 3 0 8 0 filepl 152 31173 0 31067 35 29 6 7 0 8 1 lockfpl 104 1133 0 1130 1 0 1 1 0 8 0 lockfspl 48 382 0 380 1 0 1 1 0 8 0 sessionpl 112 33 0 22 1 0 1 1 0 8 0 pgrppl 48 66 0 55 1 0 1 1 0 8 0 ucredpl 96 5631 0 5621 1 0 1 1 0 8 0 zombiepl 144 3817 0 3817 3 2 1 1 0 8 1 processpl 896 3850 0 3817 5 1 4 5 0 8 0 procpl 632 12198 0 12153 5 0 5 5 0 8 0 srpgc 64 26 0 26 11 11 0 1 0 8 0 sosppl 128 48 0 48 14 14 0 1 0 8 0 sockpl 384 7703 0 7674 26 21 5 7 0 8 1 mcl64k 65536 22 0 0 3 0 3 3 0 8 0 mcl16k 16384 9 0 0 2 0 2 2 0 8 0 mcl12k 12288 17 0 0 2 0 2 2 0 8 0 mcl9k 9216 14 0 0 1 0 1 1 0 8 0 mcl8k 8192 19 0 0 3 1 2 3 0 8 0 mcl4k 4096 17 0 0 3 0 3 3 0 8 0 mcl2k2 2112 6 0 0 1 0 1 1 0 8 0 mcl2k 2048 233 0 0 26 3 23 26 0 8 0 mtagpl 80 52 0 0 1 0 1 1 0 8 0 mbufpl 256 526 0 0 29 0 29 29 0 8 0 bufpl 256 16525 0 9477 441 0 441 441 0 8 0 anonpl 16 363290 0 349032 147 86 61 75 0 124 0 amapchunkpl 152 24314 0 24196 35 29 6 12 0 158 0 amappl16 192 19063 0 18263 141 100 41 53 0 8 0 amappl15 184 9 0 8 2 1 1 1 0 8 0 amappl14 176 639 0 638 2 1 1 1 0 8 0 amappl13 168 185 0 184 1 0 1 1 0 8 0 amappl12 160 91 0 88 1 0 1 1 0 8 0 amappl11 152 540 0 525 1 0 1 1 0 8 0 amappl10 144 223 0 217 1 0 1 1 0 8 0 amappl9 136 2048 0 2040 1 0 1 1 0 8 0 amappl8 128 1572 0 1542 3 1 2 2 0 8 0 amappl7 120 301 0 292 1 0 1 1 0 8 0 amappl6 112 569 0 557 1 0 1 1 0 8 0 amappl5 104 312 0 297 1 0 1 1 0 8 0 amappl4 96 3915 0 3885 1 0 1 1 0 8 0 amappl3 88 889 0 882 1 0 1 1 0 8 0 amappl2 80 29009 0 28937 3 1 2 3 0 8 0 amappl1 72 94675 0 94225 26 16 10 20 0 8 0 amappl 80 12658 0 12616 2 0 2 2 0 84 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma64 64 259 0 259 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 17 0 17 1 1 0 1 0 8 0 aobjpl 64 142 0 13 3 0 3 3 0 8 0 uaddrrnd 24 3844 0 3817 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 3844 0 3817 1 0 1 1 0 8 0 vmmpekpl 168 33740 0 33704 3 1 2 3 0 8 0 vmmpepl 168 476093 0 474140 315 205 110 118 0 357 20 vmsppl 368 3832 0 3817 2 0 2 2 0 8 0 pdppl 4096 7695 0 7656 7 1 6 6 0 8 0 pvpl 32 1004511 0 987022 355 198 157 183 0 265 12 pmappl 232 3843 0 3828 7 6 1 2 0 8 0 extentpl 40 41 0 26 1 0 1 1 0 8 0 phpool 112 657 0 29 18 0 18 18 0 8 0