panic: malloc: allocation too large, type = 2, size = 18446744073709550656 Stopped at db_enter+0x18: addq $0x8,%rsp TID PID UID PRFLAGS PFLAGS CPU COMMAND *288302 20909 0 0 0x4000000 0 syz-executor.1 db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:398 panic() at panic+0x15c sys/kern/subr_prf.c:207 malloc(fffffffffffffc40,2,a) at malloc+0x9c9 sys/kern/kern_malloc.c:344 vm_get_info(ffff8000149262b0) at vm_get_info+0x9a VOP_IOCTL(fffffd80381278f0,c0185603,ffff8000149262b0,1,fffffd803f7c6ae0,ffff8000ffff3b40) at VOP_IOCTL+0x88 sys/kern/vfs_vops.c:291 vn_ioctl(fffffd803dc8fad8,c0185603,ffff8000149262b0,ffff8000ffff3b40) at vn_ioctl+0xb7 sys/kern/vfs_vnops.c:524 sys_ioctl(ffff8000ffff3b40,ffff8000149263c8,ffff800014926410) at sys_ioctl+0x5b9 syscall(ffff800014926490) at syscall+0x507 sys/arch/amd64/amd64/trap.c:555 Xsyscall(6,0,ffffffffffffff53,0,3,78df87f2010) at Xsyscall+0x128 end of kernel end trace frame: 0x7901424a4c0, count: 6 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic malloc: allocation too large, type = 2, size = 18446744073709550656 ddb> trace db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:398 panic() at panic+0x15c sys/kern/subr_prf.c:207 malloc(fffffffffffffc40,2,a) at malloc+0x9c9 sys/kern/kern_malloc.c:344 vm_get_info(ffff8000149262b0) at vm_get_info+0x9a VOP_IOCTL(fffffd80381278f0,c0185603,ffff8000149262b0,1,fffffd803f7c6ae0,ffff8000ffff3b40) at VOP_IOCTL+0x88 sys/kern/vfs_vops.c:291 vn_ioctl(fffffd803dc8fad8,c0185603,ffff8000149262b0,ffff8000ffff3b40) at vn_ioctl+0xb7 sys/kern/vfs_vnops.c:524 sys_ioctl(ffff8000ffff3b40,ffff8000149263c8,ffff800014926410) at sys_ioctl+0x5b9 syscall(ffff800014926490) at syscall+0x507 sys/arch/amd64/amd64/trap.c:555 Xsyscall(6,0,ffffffffffffff53,0,3,78df87f2010) at Xsyscall+0x128 end of kernel end trace frame: 0x7901424a4c0, count: -9 ddb> show registers rdi 0xffffffff8118e297 db_enter+0x17 rsi 0x26f0 __ALIGN_SIZE+0x16f0 rbp 0xffff800014925ef0 rbx 0xffff800014925fa0 rdx 0x26f1 __ALIGN_SIZE+0x16f1 rcx 0xffff800017586000 rax 0xffff800017586000 r8 0xffff800014925eb0 r9 0x1 r10 0xffff800000aa7540 r11 0x62262ec45e2b84d5 r12 0x3000000008 r13 0xffff800014925f00 r14 0x100 r15 0x1 rip 0xffffffff8118e298 db_enter+0x18 cs 0x8 rflags 0x246 rsp 0xffff800014925ee0 ss 0x10 db_enter+0x18: addq $0x8,%rsp ddb> show proc PROC (syz-executor.1) pid=288302 stat=onproc flags process=0 proc=4000000 pri=77, usrpri=77, nice=20 forw=0xffffffffffffffff, list=0xffff8000ffff2c70,0xffff8000ffff2790 process=0xffff8000148a26d8 user=0xffff800014921000, vmspace=0xfffffd803f013550 estcpu=36, cpticks=0, pctcpu=0.0 user=0, sys=0, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 64999 212122 50259 0 2 0 syz-executor.0 64999 349229 50259 0 3 0x4000080 fsleep syz-executor.0 20909 491749 28273 0 2 0 syz-executor.1 *20909 288302 28273 0 7 0x4000000 syz-executor.1 28273 192382 68481 0 3 0x82 nanosleep syz-executor.1 50259 2042 68481 0 3 0x82 nanosleep syz-executor.0 65903 373944 1 0 3 0x100083 ttyin getty 56439 359645 0 0 3 0x14200 acct acct 93477 213216 0 0 3 0x14200 bored sosplice 68481 473422 24619 0 3 0x82 thrsleep syz-fuzzer 68481 151768 24619 0 3 0x4000082 thrsleep syz-fuzzer 68481 88759 24619 0 3 0x4000082 kqread syz-fuzzer 68481 293589 24619 0 3 0x4000082 thrsleep syz-fuzzer 68481 451730 24619 0 3 0x4000082 thrsleep syz-fuzzer 68481 332760 24619 0 3 0x4000082 thrsleep syz-fuzzer 68481 108583 24619 0 3 0x4000082 thrsleep syz-fuzzer 68481 512040 24619 0 3 0x4000082 thrsleep syz-fuzzer 24619 135206 91259 0 3 0x10008a pause ksh 91259 100 13700 0 3 0x92 select sshd 13700 515834 1 0 3 0x80 select sshd 64209 442090 15254 73 3 0x100090 kqread syslogd 15254 69710 1 0 3 0x100082 netio syslogd 86092 38325 1 77 3 0x100090 poll dhclient 43076 225990 1 0 3 0x80 poll dhclient 11292 349780 0 0 2 0x14200 zerothread 46455 400113 0 0 3 0x14200 aiodoned aiodoned 61810 377994 0 0 3 0x14200 syncer update 23121 173677 0 0 3 0x14200 cleaner cleaner 91664 61000 0 0 3 0x14200 reaper reaper 46916 112592 0 0 3 0x14200 pgdaemon pagedaemon 17823 156570 0 0 3 0x14200 bored crynlk 53391 289232 0 0 3 0x14200 bored crypto 50221 136928 0 0 3 0x40014200 acpi0 acpi0 40841 91103 0 0 3 0x14200 bored softnet 24814 196380 0 0 3 0x14200 bored systqmp 78864 91124 0 0 3 0x14200 bored systq 78042 411096 0 0 3 0x40014200 bored softclock 65643 417026 0 0 3 0x40014200 idle0 47738 66341 0 0 3 0x14200 bored smr 1 378380 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim Kern Lim devbuf 9545 6495K 14619K 78643K 17479 0 0 pcb 13 8K 8K 78643K 367 0 0 rtable 118 12K 12K 78643K 974 0 0 ifaddr 67 15K 16K 78643K 316 0 0 counters 19 16K 16K 78643K 19 0 0 ioctlops 0 0K 2K 78643K 111 0 0 iov 0 0K 24K 78643K 287 0 0 mount 1 1K 1K 78643K 1 0 0 vnodes 1209 76K 77K 78643K 3820 0 0 UFS quota 1 32K 32K 78643K 1 0 0 UFS mount 5 36K 36K 78643K 5 0 0 shm 2 1K 5K 78643K 51 0 0 VM map 2 0K 0K 78643K 8 0 0 sem 12 0K 1K 78643K 358 0 0 dirhash 12 2K 2K 78643K 12 0 0 ACPI 1793 195K 288K 78643K 12645 0 0 file desc 6 17K 25K 78643K 3661 0 0 sigio 0 0K 0K 78643K 34 0 0 proc 49 38K 63K 78643K 945 0 0 subproc 32 2K 2K 78643K 191 0 0 NFS srvsock 1 0K 0K 78643K 1 0 0 NFS daemon 1 16K 16K 78643K 1 0 0 ip_moptions 0 0K 0K 78643K 340 0 0 in_multi 33 2K 2K 78643K 216 0 0 ether_multi 1 0K 0K 78643K 19 0 0 mrt 1 0K 0K 78643K 8 0 0 ISOFS mount 1 32K 32K 78643K 1 0 0 MSDOSFS mount 1 16K 16K 78643K 1 0 0 ttys 84 371K 371K 78643K 84 0 0 exec 0 0K 1K 78643K 598 0 0 pagedep 1 8K 8K 78643K 1 0 0 inodedep 1 32K 32K 78643K 1 0 0 newblk 1 0K 0K 78643K 1 0 0 VM swap 7 26K 26K 78643K 7 0 0 UVM amap 102 21K 30K 78643K 9365 0 0 UVM aobj 130 4K 4K 78643K 140 0 0 memdesc 1 4K 4K 78643K 1 0 0 crypto data 1 1K 1K 78643K 1 0 0 ip6_options 0 0K 1K 78643K 371 0 0 NDP 15 0K 0K 78643K 99 0 0 temp 191 3536K 4175K 78643K 26856 0 0 kqueue 0 0K 0K 78643K 15 0 0 SYN cache 2 16K 16K 78643K 2 0 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle arp 64 24 0 18 1 0 1 1 0 8 0 rtpcb 80 175 0 173 1 0 1 1 0 8 0 rtentry 112 141 0 96 2 0 2 2 0 8 0 unpcb 120 1073 0 1063 1 0 1 1 0 8 0 syncache 264 4 0 4 1 1 0 1 0 8 0 tcpqe 32 4802 0 4802 1 1 0 1 0 8 0 tcpcb 544 1857 0 1853 18 16 2 3 0 8 1 ipq 40 4 0 4 2 2 0 1 0 8 0 ipqe 40 10 0 10 2 2 0 1 0 8 0 inpcb 280 8318 0 8311 14 12 2 3 0 8 1 nd6 48 22 0 18 1 0 1 1 0 8 0 pkpcb 40 12 0 12 3 3 0 1 0 8 0 ppxss 1128 35 0 35 13 13 0 1 0 8 0 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 612 0 396 14 0 14 14 0 8 0 art_table 32 613 0 396 2 0 2 2 0 8 0 art_node 16 135 0 95 1 0 1 1 0 8 0 sysvmsgpl 40 32 0 16 1 0 1 1 0 8 0 semapl 112 356 0 346 1 0 1 1 0 8 0 shmpl 112 138 0 10 4 0 4 4 0 8 0 dirhash 1024 17 0 0 3 0 3 3 0 8 0 dino1pl 128 6532 0 5151 46 0 46 46 0 8 0 ffsino 240 6532 0 5151 83 0 83 83 0 8 0 nchpl 144 14118 0 12496 61 0 61 61 0 8 0 uvmvnodes 72 6161 0 0 113 0 113 113 0 8 0 vnodes 208 6161 0 0 325 0 325 325 0 8 0 namei 1024 45658 0 45658 2 1 1 1 0 8 1 vmpool 520 6 0 6 3 3 0 1 0 8 0 scsiplug 64 3 0 3 2 2 0 1 0 8 0 scxspl 192 33141 0 33141 10 9 1 7 0 8 1 plimitpl 152 257 0 250 1 0 1 1 0 8 0 sigapl 432 3808 0 3794 2 0 2 2 0 8 0 futexpl 56 100147 0 100146 1 0 1 1 0 8 0 knotepl 112 673 0 654 1 0 1 1 0 8 0 kqueuepl 104 713 0 711 1 0 1 1 0 8 0 pipepl 112 1724 0 1705 6 5 1 2 0 8 0 fdescpl 424 3809 0 3794 2 0 2 2 0 8 0 filepl 120 35849 0 35749 10 6 4 6 0 8 0 lockfpl 104 2584 0 2583 1 0 1 1 0 8 0 lockfspl 48 1092 0 1091 1 0 1 1 0 8 0 sessionpl 112 29 0 19 1 0 1 1 0 8 0 pgrppl 48 45 0 35 1 0 1 1 0 8 0 ucredpl 96 4771 0 4763 1 0 1 1 0 8 0 zombiepl 144 3795 0 3795 2 1 1 1 0 8 1 processpl 864 3826 0 3795 4 0 4 4 0 8 0 procpl 632 8230 0 8190 4 0 4 4 0 8 0 sosppl 128 40 0 40 11 11 0 1 0 8 0 sockpl 384 9631 0 9612 21 17 4 6 0 8 1 mcl64k 65536 584 0 584 73 72 1 33 0 8 1 mcl16k 16384 15 0 15 9 8 1 1 0 8 1 mcl12k 12288 72 0 72 8 7 1 1 0 8 1 mcl9k 9216 35 0 35 13 13 0 1 0 8 0 mcl8k 8192 76 0 76 10 9 1 1 0 8 1 mcl4k 4096 972 0 972 4 3 1 1 0 8 1 mcl2k2 2112 24 0 24 8 7 1 1 0 8 1 mcl2k 2048 54832 0 54794 18 12 6 17 0 8 0 mtagpl 80 89 0 88 4 3 1 1 0 8 0 mbufpl 256 114669 0 114542 42 32 10 23 0 8 0 bufpl 256 13482 0 7321 386 0 386 386 0 8 0 anonpl 16 338387 0 325167 171 101 70 90 0 62 12 amapchunkpl 152 15762 0 15655 28 20 8 14 0 158 2 amappl16 192 18753 0 17976 143 96 47 63 0 8 8 amappl15 184 184 0 182 1 0 1 1 0 8 0 amappl14 176 504 0 499 1 0 1 1 0 8 0 amappl13 168 658 0 656 2 1 1 1 0 8 0 amappl12 160 759 0 757 1 0 1 1 0 8 0 amappl11 152 1514 0 1503 1 0 1 1 0 8 0 amappl10 144 154 0 153 2 1 1 1 0 8 0 amappl9 136 709 0 702 1 0 1 1 0 8 0 amappl8 128 277 0 249 1 0 1 1 0 8 0 amappl7 120 210 0 204 1 0 1 1 0 8 0 amappl6 112 1500 0 1492 1 0 1 1 0 8 0 amappl5 104 977 0 966 1 0 1 1 0 8 0 amappl4 96 4569 0 4538 1 0 1 1 0 8 0 amappl3 88 665 0 659 1 0 1 1 0 8 0 amappl2 80 29247 0 29171 3 1 2 3 0 8 0 amappl1 72 77916 0 77507 26 16 10 20 0 8 0 amappl 80 8591 0 8554 1 0 1 1 0 84 0 dma4096 4096 1 0 1 1 1 0 1 0 8 0 dma256 256 6 0 6 1 1 0 1 0 8 0 dma64 64 259 0 259 1 1 0 1 0 8 0 dma32 32 7 0 7 1 1 0 1 0 8 0 dma16 16 17 0 17 1 1 0 1 0 8 0 aobjpl 64 139 0 10 3 0 3 3 0 8 0 uaddrrnd 24 3815 0 3794 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 3815 0 3794 1 0 1 1 0 8 0 vmmpekpl 168 26271 0 26243 2 0 2 2 0 8 0 vmmpepl 168 448348 0 446430 257 149 108 108 0 357 24 vmsppl 272 3808 0 3794 2 1 1 2 0 8 0 pdppl 4096 7636 0 7600 6 1 5 6 0 8 0 pvpl 32 988491 0 972065 409 201 208 305 0 265 70 pmappl 200 3814 0 3800 1 0 1 1 0 8 0 extentpl 40 41 0 26 1 0 1 1 0 8 0 phpool 112 673 0 157 16 0 16 16 0 8 0