panic: ffs_valloc: dup alloc Stopped at db_enter+0x18: addq $0x8,%rsp TID PID UID PRFLAGS PFLAGS CPU COMMAND *411857 56283 0 0 0x4000000 0 syz-executor.0 db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:398 panic() at panic+0x15c sys/kern/subr_prf.c:207 ffs_inode_alloc() at ffs_inode_alloc+0x778 sys/ufs/ffs/ffs_alloc.c:403 ufs_makeinode(8000,fffffd803aada0f0,ffff800015723e88,ffff800015723ed8) at ufs_makeinode+0xaa sys/ufs/ufs/ufs_vnops.c:1832 ufs_create(ffff800015723c00) at ufs_create+0x41 sys/ufs/ufs/ufs_vnops.c:152 VOP_CREATE(fffffd803aada0f0,ffff800015723e88,ffff800015723ed8,ffff800015723c80) at VOP_CREATE+0xc0 sys/kern/vfs_vops.c:113 vn_open(ffff800015723e58,207,0) at vn_open+0x2b4 sys/kern/vfs_vnops.c:125 doopenat(ffff8000ffff3650,ffffff9c,20000480,206,0,ffff800015724050) at doopenat+0x28b sys/kern/vfs_syscalls.c:1157 syscall(ffff8000157240d0) at syscall+0x507 sys/arch/amd64/amd64/trap.c:555 Xsyscall(6,0,ffffffffffffff9f,0,3,9b1f58b4010) at Xsyscall+0x128 end of kernel end trace frame: 0x9b40e3fcae0, count: 5 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic ffs_valloc: dup alloc ddb> trace db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:398 panic() at panic+0x15c sys/kern/subr_prf.c:207 ffs_inode_alloc() at ffs_inode_alloc+0x778 sys/ufs/ffs/ffs_alloc.c:403 ufs_makeinode(8000,fffffd803aada0f0,ffff800015723e88,ffff800015723ed8) at ufs_makeinode+0xaa sys/ufs/ufs/ufs_vnops.c:1832 ufs_create(ffff800015723c00) at ufs_create+0x41 sys/ufs/ufs/ufs_vnops.c:152 VOP_CREATE(fffffd803aada0f0,ffff800015723e88,ffff800015723ed8,ffff800015723c80) at VOP_CREATE+0xc0 sys/kern/vfs_vops.c:113 vn_open(ffff800015723e58,207,0) at vn_open+0x2b4 sys/kern/vfs_vnops.c:125 doopenat(ffff8000ffff3650,ffffff9c,20000480,206,0,ffff800015724050) at doopenat+0x28b sys/kern/vfs_syscalls.c:1157 syscall(ffff8000157240d0) at syscall+0x507 sys/arch/amd64/amd64/trap.c:555 Xsyscall(6,0,ffffffffffffff9f,0,3,9b1f58b4010) at Xsyscall+0x128 end of kernel end trace frame: 0x9b40e3fcae0, count: -10 ddb> show registers rdi 0xffffffff81b0e927 db_enter+0x17 rsi 0x280e __ALIGN_SIZE+0x180e rbp 0xffff8000157238e0 rbx 0xffff800015723990 rdx 0x280f __ALIGN_SIZE+0x180f rcx 0xffff800015b78000 rax 0xffff800015b78000 r8 0xffff8000157238a0 r9 0x1 r10 0xffff800000b90a00 r11 0xde913bbf808ee358 r12 0x3000000008 r13 0xffff8000157238f0 r14 0x100 r15 0x1 rip 0xffffffff81b0e928 db_enter+0x18 cs 0x8 rflags 0x246 rsp 0xffff8000157238d0 ss 0 db_enter+0x18: addq $0x8,%rsp ddb> show proc PROC (syz-executor.0) pid=411857 stat=onproc flags process=0 proc=4000000 pri=17, usrpri=80, nice=20 forw=0xffffffffffffffff, list=0xffff8000ffff33d8,0xffff8000ffff3b50 process=0xffff8000ffff66d0 user=0xffff80001571f000, vmspace=0xfffffd803f014220 estcpu=30, cpticks=1, pctcpu=0.0 user=0, sys=1, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 56283 297653 37999 0 2 0 syz-executor.0 *56283 411857 37999 0 7 0x4000000 syz-executor.0 56283 129316 37999 0 3 0x4000000 inode syz-executor.0 50248 315669 82465 0 3 0x3000 suspend syz-executor.1 50248 45707 82465 0 2 0x4081000 syz-executor.1 37999 317272 94329 0 3 0x82 nanosleep syz-executor.0 82465 275692 94329 0 2 0x482 syz-executor.1 78944 385635 0 0 3 0x14200 acct acct 72719 512765 1 0 3 0x100083 ttyin getty 34611 65864 0 0 3 0x14200 bored sosplice 94329 508245 61789 0 3 0x82 thrsleep syz-fuzzer 94329 119664 61789 0 3 0x4000082 thrsleep syz-fuzzer 94329 510633 61789 0 3 0x4000082 thrsleep syz-fuzzer 94329 482700 61789 0 3 0x4000082 thrsleep syz-fuzzer 94329 338898 61789 0 3 0x4000082 kqread syz-fuzzer 94329 135853 61789 0 3 0x4000082 thrsleep syz-fuzzer 94329 452416 61789 0 3 0x4000082 thrsleep syz-fuzzer 94329 481476 61789 0 3 0x4000082 thrsleep syz-fuzzer 61789 283140 28379 0 3 0x10008a pause ksh 28379 189437 3606 0 3 0x92 select sshd 3606 332231 1 0 3 0x80 select sshd 83814 495200 81261 73 3 0x100090 kqread syslogd 81261 217398 1 0 3 0x100082 netio syslogd 99084 158858 0 0 2 0x14200 zerothread 95023 497054 0 0 3 0x14200 aiodoned aiodoned 35210 437205 0 0 3 0x14200 syncer update 25713 291570 0 0 3 0x14200 cleaner cleaner 61933 358487 0 0 3 0x14200 reaper reaper 11536 330623 0 0 3 0x14200 pgdaemon pagedaemon 30322 96820 0 0 3 0x14200 bored crynlk 89576 313622 0 0 3 0x14200 bored crypto 36344 436548 0 0 3 0x40014200 acpi0 acpi0 23098 252397 0 0 3 0x14200 bored softnet 46829 117132 0 0 3 0x14200 bored systqmp 32385 395643 0 0 3 0x14200 bored systq 36086 467833 0 0 3 0x40014200 bored softclock 42654 32607 0 0 3 0x40014200 idle0 51549 508484 0 0 3 0x14200 bored smr 1 203155 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim Kern Lim devbuf 9647 6358K 14870K 78643K 175644 0 0 pcb 13 13K 14K 78643K 7492 0 0 rtable 224 19K 19K 78643K 17480 0 0 ifaddr 149 48K 55K 78643K 6473 0 0 counters 19 16K 16K 78643K 19 0 0 ioctlops 0 0K 2K 78643K 3164 0 0 iov 0 0K 44K 78643K 11463 0 0 mount 1 1K 1K 78643K 1 0 0 vnodes 1218 76K 78K 78643K 60182 0 0 UFS quota 1 32K 32K 78643K 1 0 0 UFS mount 5 36K 36K 78643K 5 0 0 shm 2 1K 9K 78643K 521 0 0 VM map 281 70K 70K 78643K 438 0 0 sem 12 1K 1K 78643K 18 0 0 dirhash 12 2K 2K 78643K 12 0 0 ACPI 1793 195K 288K 78643K 12645 0 0 file desc 6 17K 25K 78643K 42265 0 0 sigio 0 0K 0K 78643K 600 0 0 proc 45 30K 63K 78643K 10907 0 0 subproc 32 2K 2K 78643K 3280 0 0 NFS srvsock 1 0K 0K 78643K 1 0 0 NFS daemon 1 16K 16K 78643K 1 0 0 ip_moptions 0 0K 4K 78643K 78883 0 0 in_multi 64 4K 4K 78643K 11852 0 0 ether_multi 1 0K 0K 78643K 277 0 0 mrt 3 0K 0K 78643K 195 0 0 ISOFS mount 1 32K 32K 78643K 1 0 0 MSDOSFS mount 1 16K 16K 78643K 1 0 0 ttys 168 742K 742K 78643K 168 0 0 exec 0 0K 1K 78643K 6726 0 0 pfkey data 0 0K 4K 78643K 14 0 0 pagedep 1 8K 8K 78643K 1 0 0 inodedep 1 32K 32K 78643K 1 0 0 newblk 1 0K 0K 78643K 1 0 0 VM swap 7 26K 26K 78643K 7 0 0 UVM amap 579 2291K 2291K 78643K 103593 0 0 UVM aobj 130 4K 4K 78643K 140 0 0 memdesc 1 4K 4K 78643K 1 0 0 crypto data 1 1K 1K 78643K 1 0 0 ip6_options 0 0K 1K 78643K 8893 0 0 NDP 28 0K 1K 78643K 2108 0 0 temp 282 3546K 4191K 78643K 1148862 0 0 kqueue 0 0K 0K 78643K 3556 0 0 SYN cache 2 16K 16K 78643K 2 0 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle arp 64 559 0 553 1 0 1 1 0 8 0 rtpcb 80 7206 0 7204 24 23 1 1 0 8 0 rtentry 112 3900 0 3807 3 0 3 3 0 8 0 unpcb 120 72040 0 72012 68 66 2 3 0 8 1 syncache 264 170 0 170 66 66 0 1 0 8 0 sackhl 24 14 0 14 11 11 0 1 0 8 0 tcpqe 32 136 0 136 29 29 0 1 0 8 0 tcpcb 544 24568 0 24564 245 244 1 16 0 8 0 ipq 40 446 0 446 94 93 1 1 0 8 1 ipqe 40 14378 0 14378 94 93 1 1 0 8 1 inpcb 280 95121 0 95117 275 273 2 13 0 8 1 rttmr 72 58 0 57 31 30 1 1 0 8 0 ip6q 72 23 0 23 13 13 0 1 0 8 0 ip6af 40 61 0 61 13 13 0 1 0 8 0 nd6 48 672 0 669 21 20 1 1 0 8 0 pkpcb 40 96 0 96 38 38 0 1 0 8 0 swfcl 56 19 0 0 1 0 1 1 0 8 0 ppxss 1128 982 0 982 124 123 1 1 0 8 1 art_heap8 4096 89 0 83 47 41 6 7 0 8 0 art_heap4 256 18372 0 17912 150 121 29 35 0 8 0 art_table 32 18461 0 17995 11 7 4 5 0 8 0 art_node 16 3897 0 3828 1 0 1 1 0 8 0 sysvmsgpl 40 121 0 82 1 0 1 1 0 8 0 semupl 112 5 0 5 2 2 0 1 0 8 0 semapl 112 12 0 2 1 0 1 1 0 8 0 shmpl 112 138 0 10 4 0 4 4 0 8 0 dirhash 1024 17 0 0 3 0 3 3 0 8 0 dino1pl 128 70871 0 69292 52 1 51 51 0 8 0 ffsino 240 70871 0 69292 96 3 93 93 0 8 0 nchpl 144 135297 0 134825 62 42 20 61 0 8 0 uvmvnodes 72 12372 0 0 225 0 225 225 0 8 0 vnodes 208 12372 0 0 652 0 652 652 0 8 0 namei 1024 509526 0 509524 17 16 1 1 0 8 0 vcpupl 1984 285 0 6 36 0 36 36 0 8 0 vmpool 520 436 0 157 26 7 19 19 0 8 0 scsiplug 64 22 0 22 15 15 0 1 0 8 0 scxspl 192 436959 0 436959 148 147 1 7 0 8 1 plimitpl 152 3495 0 3489 1 0 1 1 0 8 0 sigapl 432 41867 0 41855 2 0 2 2 0 8 0 futexpl 56 1620323 0 1620323 18 17 1 1 0 8 1 knotepl 112 19387 0 19368 28 27 1 3 0 8 0 kqueuepl 104 26254 0 26252 52 51 1 4 0 8 0 pipepl 112 20992 0 20973 63 62 1 2 0 8 0 fdescpl 424 41868 0 41855 2 0 2 2 0 8 0 filepl 120 498964 0 498873 249 245 4 11 0 8 1 lockfpl 104 14577 0 14577 11 10 1 1 0 8 1 lockfspl 48 5139 0 5139 11 10 1 1 0 8 1 sessionpl 112 208 0 200 1 0 1 1 0 8 0 pgrppl 48 605 0 597 1 0 1 1 0 8 0 ucredpl 96 73584 0 73568 1 0 1 1 0 8 0 zombiepl 144 41888 0 41887 1 0 1 1 0 8 0 processpl 864 41916 0 41887 4 0 4 4 0 8 0 procpl 632 91872 0 91833 11 7 4 5 0 8 0 sosppl 128 638 0 638 114 114 0 1 0 8 0 sockpl 384 175226 0 175192 436 430 6 23 0 8 1 mcl64k 65536 13319 0 13319 943 942 1 64 0 8 1 mcl16k 16384 540 0 540 121 121 0 1 0 8 0 mcl12k 12288 1182 0 1182 81 80 1 1 0 8 1 mcl9k 9216 867 0 867 115 114 1 1 0 8 1 mcl8k 8192 6917 0 6917 54 53 1 1 0 8 1 mcl4k 4096 6183 0 6183 27 26 1 1 0 8 1 mcl2k2 2112 322 0 322 128 128 0 1 0 8 0 mcl2k 2048 159929 0 159886 132 126 6 14 0 8 0 mtagpl 80 4993 0 4976 59 58 1 6 0 8 0 mbufpl 256 784529 0 784342 1191 1170 21 56 0 8 8 bufpl 256 129292 0 116921 775 1 774 774 0 8 0 anonpl 16 4201547 0 4174359 931 818 113 140 0 62 0 amapchunkpl 152 195069 0 194882 385 376 9 21 0 158 0 amappl16 192 233621 0 231958 1207 1123 84 105 0 8 0 amappl15 184 5895 0 5895 22 22 0 1 0 8 0 amappl14 176 6879 0 6875 1 0 1 1 0 8 0 amappl13 168 6304 0 6300 1 0 1 1 0 8 0 amappl12 160 4586 0 4583 2 1 1 1 0 8 0 amappl11 152 8437 0 8433 1 0 1 1 0 8 0 amappl10 144 4642 0 4640 1 0 1 1 0 8 0 amappl9 136 8264 0 8257 1 0 1 1 0 8 0 amappl8 128 7597 0 7473 9 4 5 5 0 8 0 amappl7 120 5368 0 5361 1 0 1 1 0 8 0 amappl6 112 8039 0 8015 1 0 1 1 0 8 0 amappl5 104 6308 0 6301 1 0 1 1 0 8 0 amappl4 96 41533 0 41498 1 0 1 1 0 8 0 amappl3 88 8533 0 8508 1 0 1 1 0 8 0 amappl2 80 334816 0 334701 4 1 3 3 0 8 0 amappl1 72 756071 0 755661 27 18 9 20 0 8 0 amappl 80 95441 0 95249 6 2 4 5 0 84 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma128 128 253 0 253 1 1 0 1 0 8 0 dma64 64 6 0 6 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 17 0 17 1 1 0 1 0 8 0 aobjpl 64 139 0 10 3 0 3 3 0 8 0 uaddrrnd 24 42304 0 41855 3 0 3 3 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 42304 0 41855 3 0 3 3 0 8 0 vmmpekpl 168 193632 0 193571 5 1 4 4 0 8 0 vmmpepl 168 5032567 0 5028735 1946 1740 206 216 0 357 36 vmsppl 272 41867 0 41855 16 15 1 2 0 8 0 pdppl 4096 84614 0 84303 50 10 40 40 0 8 0 pvpl 32 12489685 0 12466114 2228 2024 204 366 0 265 9 pmappl 200 42303 0 42012 18 2 16 16 0 8 0 extentpl 40 41 0 26 1 0 1 1 0 8 0 phpool 112 3869 0 2891 32 2 30 31 0 8 0 ddb>