panic: malloc: allocation too large, type = 31, size = 4294968258 Stopped at db_enter+0x25: addq $0x8,%rsp TID PID UID PRFLAGS PFLAGS CPU COMMAND * 17227 47443 0 0 0x4000000 0 syz-executor db_enter() at db_enter+0x25 sys/arch/amd64/amd64/db_interface.c:438 panic(ffffffff83355977) at panic+0x1cf sys/kern/subr_prf.c:198 malloc(1000003c2,1f,1) at malloc+0xcf4 sys/kern/kern_malloc.c:334 sys_semop(ffff80002a7e27c8,ffff80003c987e80,ffff80003c987dd0) at sys_semop+0x234 sys/kern/sysv_sem.c:564 syscall(ffff80003c987e80) at syscall+0x97e mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80003c987e80) at syscall+0x97e sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xe67ef931310, count: 9 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic *cpu0: malloc: allocation too large, type = 31, size = 4294968258 ddb> trace db_enter() at db_enter+0x25 sys/arch/amd64/amd64/db_interface.c:438 panic(ffffffff83355977) at panic+0x1cf sys/kern/subr_prf.c:198 malloc(1000003c2,1f,1) at malloc+0xcf4 sys/kern/kern_malloc.c:334 sys_semop(ffff80002a7e27c8,ffff80003c987e80,ffff80003c987dd0) at sys_semop+0x234 sys/kern/sysv_sem.c:564 syscall(ffff80003c987e80) at syscall+0x97e mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80003c987e80) at syscall+0x97e sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xe67ef931310, count: -6 ddb> show registers rdi 0 rsi 0x1 rbp 0xffff80003c987b00 rbx 0 rdx 0 rcx 0 rax 0xffff80002a7e27c8 r8 0 r9 0x8080808080808080 r10 0xca6be6c0cb6a9a57 r11 0xef902591ce82f87e r12 0 r13 0 r14 0 r15 0x1 rip 0xffffffff816bd4f5 db_enter+0x25 cs 0x8 rflags 0x246 rsp 0xffff80003c987af0 ss 0x10 db_enter+0x25: addq $0x8,%rsp ddb> show proc PROC (syz-executor) tid=17227 pid=47443 tcnt=2 stat=onproc flags process=0 proc=4000000 runpri=32, usrpri=50, slppri=32, nice=20 wchan=0x0, wmesg=, ps_single=0x0 scnt=0 ecnt=0 forw=0xffffffffffffffff, list=0xffff80002a7e2538,0xffffffff83879e90 process=0xffff800035d162d8 user=0xffff80003c982000, vmspace=0xfffffd806c063178 estcpu=36, cpticks=0, pctcpu=0.0, user=0, sys=0, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 47443 133029 41560 0 2 0 syz-executor *47443 17227 41560 0 7 0x4000000 syz-executor 68588 447325 80542 0 2 0 syz-executor 68588 183551 80542 0 3 0x4000080 fsleep syz-executor 44887 73993 53027 0 2 0x480 syz-executor 44887 117203 53027 0 3 0x4000080 lockf syz-executor 44887 165623 53027 0 3 0x4000080 fsleep syz-executor 45432 407761 90657 0 2 0x480 syz-executor 45432 455590 90657 0 3 0x4000080 lockf syz-executor 45432 400775 90657 0 3 0x4000080 fsleep syz-executor 63779 257324 0 0 3 0x14200 acct acct 90657 37069 91927 0 2 0x482 syz-executor 86359 113183 0 0 3 0x14200 bored sosplice 95697 376486 0 0 3 0x14280 nfsidl nfsio 63061 139340 0 0 3 0x14280 nfsidl nfsio 53474 472145 0 0 3 0x14280 nfsidl nfsio 35415 4159 0 0 3 0x14280 nfsidl nfsio 2192 185936 0 0 3 0x14280 nfsidl nfsio 13642 9692 0 0 3 0x14280 nfsidl nfsio 80706 506178 0 0 3 0x14280 nfsidl nfsio 58912 204576 0 0 3 0x14280 nfsidl nfsio 57634 208790 0 0 3 0x14280 nfsidl nfsio 27188 458086 0 0 3 0x14280 nfsidl nfsio 69354 163109 0 0 3 0x14280 nfsidl nfsio 6140 226759 0 0 3 0x14280 nfsidl nfsio 97176 301907 0 0 3 0x14280 nfsidl nfsio 57971 83974 0 0 3 0x14280 nfsidl nfsio 72301 366445 0 0 3 0x14280 nfsidl nfsio 63918 182961 0 0 3 0x14280 nfsidl nfsio 14465 57901 0 0 3 0x14280 nfsidl nfsio 80708 150584 0 0 3 0x14280 nfsidl nfsio 59212 158481 0 0 3 0x14280 nfsidl nfsio 16058 305784 0 0 3 0x14280 nfsidl nfsio 47863 222213 91927 0 2 0x482 syz-executor 84555 15949 91927 0 2 0x2 syz-executor 27429 365472 91927 0 3 0x82 wait syz-executor 53027 93739 91927 0 2 0x482 syz-executor 41560 299025 91927 0 3 0x82 nanoslp syz-executor 42532 10760 91927 0 3 0x82 wait syz-executor 80542 329099 91927 0 2 0x482 syz-executor 91927 117288 62696 0 3 0x82 kqread syz-executor 62696 481858 1884 0 3 0x10008a sigsusp ksh 1884 253039 81823 0 3 0x98 kqread sshd-session 81823 88292 3022 0 3 0x92 kqread sshd-session 14949 318 1 0 3 0x100083 ttyin getty 3022 403107 1 0 3 0x88 kqread sshd 1555 279390 26388 73 3 0x1100090 kqread syslogd 26388 66252 1 0 3 0x100082 sbwait syslogd 69151 155647 1 0 3 0x100080 kqread resolvd 15787 500961 80547 77 3 0x100092 kqread dhcpleased 68440 490166 80547 77 3 0x100092 kqread dhcpleased 80547 446387 1 0 3 0x80 kqread dhcpleased 90920 70287 0 0 3 0x14200 bored smr 45267 357273 0 0 2 0x14200 zerothread 63262 376776 0 0 3 0x14200 aiodoned aiodoned 13492 255034 0 0 3 0x14200 syncer update 24530 261010 0 0 3 0x14200 cleaner cleaner 60150 361272 0 0 3 0x14200 reaper reaper 91799 131536 0 0 3 0x14200 pgdaemon pagedaemon 41391 514800 0 0 3 0x14200 bored viomb 51281 271655 0 0 3 0x40014200 acpi0 acpi0 83746 346152 0 0 3 0x14200 bored softnet3 44180 28423 0 0 3 0x14200 bored softnet2 76561 417554 0 0 3 0x14200 bored softnet1 68628 450772 0 0 3 0x14200 bored softnet0 38985 200870 0 0 3 0x14200 bored systqmp 12379 263579 0 0 3 0x14200 bored systq 58218 242351 0 0 3 0x40014200 tmoslp softclock 56494 436971 0 0 3 0x40014200 idle0 1 17037 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10165 11034K 11439K 166960K 11531 0 pcb 17 13K 13K 166960K 47 0 rtable 171 5K 6K 166960K 385 0 pf 26 12K 13K 166960K 42 0 ifaddr 30 5K 7K 166960K 54 0 ifgroup 38 1K 2K 166960K 62 0 sysctl 4 1K 1K 166960K 4 0 counters 27 17K 17K 166960K 37 0 ioctlops 0 0K 4K 166960K 53 0 iov 0 0K 16K 166960K 7 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1399 88K 88K 166960K 1549 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 1K 5K 166960K 5 0 VM map 2 1K 1K 166960K 2 0 sem 6 0K 0K 166960K 7 0 dirhash 12 2K 2K 166960K 12 0 ACPI 1692 195K 286K 166960K 12470 0 file desc 17 61K 110K 166960K 322 0 sigio 0 0K 0K 166960K 4 0 proc 60 59K 124K 166960K 521 0 subproc 72 4K 4K 166960K 81 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 0 0K 0K 166960K 16 0 in_multi 66 4K 7K 166960K 111 0 ether_multi 1 0K 0K 166960K 3 0 mrt 0 0K 0K 166960K 3 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 85 387K 387K 166960K 85 0 exec 0 0K 1K 166960K 470 0 fusefs mount 1 32K 32K 166960K 1 0 pfkey data 0 0K 0K 166960K 3 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 224 143K 157K 166960K 4333 0 UVM aobj 41 2K 2K 166960K 42 0 pinsyscall 38 76K 100K 166960K 1363 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 ip6_options 0 0K 0K 166960K 9 0 NDP 8 0K 2K 166960K 34 0 temp 42 8672K 8736K 166960K 23837 0 kqueue 16 22K 26K 166960K 59 0 SYN cache 2 16K 16K 166960K 2 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle rtpcb 120 43 0 40 1 0 1 1 0 8 0 rtentry 136 122 0 45 4 0 4 4 0 8 0 unpcb 144 235 0 220 4 0 4 4 0 8 3 syncache 336 3 0 3 1 0 1 1 0 8 1 tcpcb 808 30 0 26 1 0 1 1 0 8 0 arp 88 20 0 8 1 0 1 1 0 8 0 ipq 40 1 0 0 1 0 1 1 0 8 0 ipqe 40 1 0 0 1 0 1 1 0 8 0 inpcb 344 254 0 246 7 0 7 7 0 8 6 nd6 104 27 0 12 1 0 1 1 0 8 0 pkpcb 40 5 0 5 1 0 1 1 0 8 1 kcovpl 48 9 0 1 1 0 1 1 0 8 0 ppxss 1072 6 0 6 1 0 1 1 0 8 1 art_heap8 4096 1 0 0 1 0 1 1 0 8 0 art_heap4 256 497 0 176 29 0 29 29 0 8 8 art_table 32 498 0 176 4 0 4 4 0 8 0 art_node 16 121 0 51 1 0 1 1 0 8 0 sysvmsgpl 40 4 0 1 1 0 1 1 0 8 0 semapl 112 5 0 1 1 0 1 1 0 8 0 shmpl 112 39 0 1 2 0 2 2 0 8 0 dirhash 1024 17 0 0 3 0 3 3 0 8 0 dino2pl 256 1858 0 356 95 0 95 95 0 8 0 ffsino 248 1858 0 356 95 0 95 95 0 8 0 nchpl 144 2286 0 599 63 0 63 63 0 8 0 rtmask 32 1 0 1 1 0 1 1 0 8 1 uvmvnodes 80 2078 0 0 43 0 43 43 0 8 0 vnodes 216 2078 0 0 116 0 116 116 0 8 0 namei 1024 8333 0 8333 2 0 2 2 0 8 2 kstatmem 264 32 0 16 2 0 2 2 0 8 0 scxspl 216 7428 0 7428 8 0 8 8 1 8 8 plimitpl 152 60 0 43 1 0 1 1 0 8 0 sigapl 424 612 0 545 8 0 8 8 0 8 0 futexpl 64 2722 0 2719 1 0 1 1 0 8 0 knotepl 120 286986 0 286936 16 6 10 16 0 8 8 kqueuepl 184 71 0 59 1 0 1 1 0 8 0 pipepl 296 119 0 92 3 0 3 3 0 8 0 fdescpl 440 574 0 545 5 0 5 5 0 8 1 filepl 120 3056 0 2833 14 0 14 14 0 8 6 lockfpl 104 318 0 312 2 0 2 2 0 8 1 lockfspl 48 28 0 24 1 0 1 1 0 8 0 sessionpl 144 22 0 14 1 0 1 1 0 8 0 pgrppl 48 31 0 15 1 0 1 1 0 8 0 ucredpl 104 303 0 292 1 0 1 1 0 8 0 zombiepl 144 548 0 545 1 0 1 1 0 8 0 processpl 1112 612 0 545 5 0 5 5 0 8 0 procpl 656 870 0 797 7 0 7 7 0 8 0 sosppl 168 3 0 3 1 0 1 1 0 8 1 sockpl 528 537 0 511 7 0 7 7 0 8 5 mcl64k 65536 4 0 4 1 0 1 1 0 8 1 mcl12k 12288 1 0 1 1 0 1 1 0 8 1 mcl9k 9216 1 0 1 1 0 1 1 0 8 1 mcl8k 8192 4 0 4 1 0 1 1 0 8 1 mcl4k 4096 2629 0 2580 13 0 13 13 0 8 6 mcl2k2 2112 5 0 5 1 0 1 1 0 8 1 mcl2k 2048 281 0 279 2 0 2 2 0 8 1 mtagpl 96 7 0 5 1 0 1 1 0 8 0 mbufpl 256 5589 0 5471 10 0 10 10 0 8 0 bufpl 280 2533 0 118 173 0 173 173 0 8 0 anonpl 24 128673 0 120421 75 0 75 75 0 187 0 amapchunkpl 152 13359 0 12814 26 0 26 26 0 158 3 amappl16 200 2719 0 2462 26 0 26 26 0 8 0 amappl15 192 5 0 4 1 0 1 1 0 8 0 amappl14 184 104 0 94 1 0 1 1 0 8 0 amappl13 176 30 0 30 1 0 1 1 0 8 1 amappl12 168 1196 0 1167 3 0 3 3 0 8 1 amappl11 160 44 0 34 1 0 1 1 0 8 0 amappl10 152 8 0 8 1 0 1 1 0 8 1 amappl9 144 245 0 244 1 0 1 1 0 8 0 amappl8 136 33 0 31 1 0 1 1 0 8 0 amappl7 128 99 0 89 1 0 1 1 0 8 0 amappl6 120 178 0 175 1 0 1 1 0 8 0 amappl5 112 120 0 114 1 0 1 1 0 8 0 amappl4 104 291 0 275 1 0 1 1 0 8 0 amappl3 96 2293 0 2188 4 0 4 4 0 8 1 amappl2 88 615 0 560 2 0 2 2 0 8 0 amappl1 80 8695 0 8144 14 0 14 14 0 8 2 amappl 88 3639 0 3476 5 0 5 5 0 92 0 dma4096 4096 1 0 1 1 0 1 1 0 8 1 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 6 0 6 1 0 1 1 0 8 1 dma128 128 253 0 253 1 0 1 1 0 8 1 dma64 64 6 0 6 1 0 1 1 0 8 1 dma32 32 7 0 7 1 0 1 1 0 8 1 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 41 0 1 1 0 1 1 0 8 0 uaddrrnd 24 574 0 545 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 574 0 545 1 0 1 1 0 8 0 vmmpekpl 168 6069 0 6027 3 0 3 3 0 8 0 vmmpepl 168 43080 0 41007 103 0 103 103 0 357 0 vmsppl 360 573 0 545 4 0 4 4 0 8 1 rwobjpl 32 16726 0 13528 28 0 28 28 0 8 0 pdppl 4096 1154 0 1090 98 30 68 82 0 8 4 pvpl 32 291678 0 277843 154 0 154 154 0 265 7 pmappl 216 573 0 545 3 0 3 3 0 8 0 extentpl 40 45 0 27 1 0 1 1 0 8 0 phpool 112 260 0 30 7 0 7 7 0 8 0 ddb> machine ddbcpu 0 No such command ddb> trace db_enter() at db_enter+0x25 sys/arch/amd64/amd64/db_interface.c:438 panic(ffffffff83355977) at panic+0x1cf sys/kern/subr_prf.c:198 malloc(1000003c2,1f,1) at malloc+0xcf4 sys/kern/kern_malloc.c:334 sys_semop(ffff80002a7e27c8,ffff80003c987e80,ffff80003c987dd0) at sys_semop+0x234 sys/kern/sysv_sem.c:564 syscall(ffff80003c987e80) at syscall+0x97e mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80003c987e80) at syscall+0x97e sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xe67ef931310, count: -6 ddb> machine ddbcpu 1 No such command ddb> trace db_enter() at db_enter+0x25 sys/arch/amd64/amd64/db_interface.c:438 panic(ffffffff83355977) at panic+0x1cf sys/kern/subr_prf.c:198 malloc(1000003c2,1f,1) at malloc+0xcf4 sys/kern/kern_malloc.c:334 sys_semop(ffff80002a7e27c8,ffff80003c987e80,ffff80003c987dd0) at sys_semop+0x234 sys/kern/sysv_sem.c:564 syscall(ffff80003c987e80) at syscall+0x97e mi_syscall sys/sys/syscall_mi.h:-1 [inline] syscall(ffff80003c987e80) at syscall+0x97e sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xe67ef931310, count: -6