panic: ffs_valloc: dup alloc Stopped at db_enter+0x25: addq $0x8,%rsp TID PID UID PRFLAGS PFLAGS CPU COMMAND *175375 95602 0 0 0x4000000 0 syz-executor db_enter() at db_enter+0x25 sys/arch/amd64/amd64/db_interface.c:437 panic(ffffffff830ab318) at panic+0x1cf sys/kern/subr_prf.c:198 ffs_inode_alloc(fffffd807d906878,8000,fffffd807f7d7548,ffff800037648d60) at ffs_inode_alloc+0x96c sys/ufs/ffs/ffs_alloc.c:404 ufs_makeinode(8000,fffffd806c83dd98,ffff800037649098,ffff8000376490c8) at ufs_makeinode+0xcb sys/ufs/ufs/ufs_vnops.c:1728 ufs_create(ffff800037648e10) at ufs_create+0x4e sys/ufs/ufs/ufs_vnops.c:147 VOP_CREATE(fffffd806c83dd98,ffff800037649098,ffff8000376490c8,ffff800037648e98) at VOP_CREATE+0xff sys/kern/vfs_vops.c:103 vn_open(ffff800037649068,70f,0) at vn_open+0x491 sys/kern/vfs_vnops.c:116 doopenat(ffff80002a48c018,ffffff9c,20000040,70e,0,ffff800037649210) at doopenat+0x31d sys/kern/vfs_syscalls.c:1123 syscall(ffff8000376492c0) at syscall+0x97e sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xc7f93affe30, count: 5 https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. ddb> ddb> set $lines = 0 ddb> set $maxwidth = 0 ddb> show panic *cpu0: ffs_valloc: dup alloc ddb> trace db_enter() at db_enter+0x25 sys/arch/amd64/amd64/db_interface.c:437 panic(ffffffff830ab318) at panic+0x1cf sys/kern/subr_prf.c:198 ffs_inode_alloc(fffffd807d906878,8000,fffffd807f7d7548,ffff800037648d60) at ffs_inode_alloc+0x96c sys/ufs/ffs/ffs_alloc.c:404 ufs_makeinode(8000,fffffd806c83dd98,ffff800037649098,ffff8000376490c8) at ufs_makeinode+0xcb sys/ufs/ufs/ufs_vnops.c:1728 ufs_create(ffff800037648e10) at ufs_create+0x4e sys/ufs/ufs/ufs_vnops.c:147 VOP_CREATE(fffffd806c83dd98,ffff800037649098,ffff8000376490c8,ffff800037648e98) at VOP_CREATE+0xff sys/kern/vfs_vops.c:103 vn_open(ffff800037649068,70f,0) at vn_open+0x491 sys/kern/vfs_vnops.c:116 doopenat(ffff80002a48c018,ffffff9c,20000040,70e,0,ffff800037649210) at doopenat+0x31d sys/kern/vfs_syscalls.c:1123 syscall(ffff8000376492c0) at syscall+0x97e sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xc7f93affe30, count: -10 ddb> show registers rdi 0 rsi 0x1 rbp 0xffff800037648b00 rbx 0xfffffd807d97e100 rdx 0 rcx 0 rax 0xffff80002a48c018 r8 0 r9 0x8080808080808080 r10 0x5a3459258305cc87 r11 0x829db664ba56ac96 r12 0 r13 0xfffffd807d9064b8 r14 0 r15 0x1 rip 0xffffffff81c57035 db_enter+0x25 cs 0x8 rflags 0x246 rsp 0xffff800037648af0 ss 0x10 db_enter+0x25: addq $0x8,%rsp ddb> show proc PROC (syz-executor) tid=175375 pid=95602 tcnt=3 stat=onproc flags process=0 proc=4000000 runpri=17, usrpri=50, slppri=17, nice=20 wchan=0x0, wmesg=, ps_single=0x0 scnt=0 ecnt=0 forw=0xffffffffffffffff, list=0xffff80002a48d458,0xffff80002a4d1c08 process=0xffff8000ffff4cf0 user=0xffff800037644000, vmspace=0xfffffd806c267d80 estcpu=0, cpticks=1, pctcpu=0.0, user=0, sys=1, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 95602 101794 89648 0 2 0 syz-executor *95602 175375 89648 0 7 0x4000000 syz-executor 95602 361133 89648 0 3 0x4000080 fsleep syz-executor 66139 229163 91747 0 2 0 syz-executor 66139 82703 91747 0 3 0x4000080 sbwait syz-executor 444 273045 65819 0 2 0x490 syz-executor 444 122474 65819 0 3 0x4000090 sbwait syz-executor 444 146028 65819 0 3 0x4000090 fsleep syz-executor 444 279812 65819 0 3 0x4000090 fsleep syz-executor 97264 60488 54054 0 2 0 syz-executor 97264 463095 54054 0 2 0x4000000 syz-executor 97264 122944 54054 0 2 0x4000000 syz-executor 35935 398073 35679 0 2 0x480 syz-executor 35935 213261 35679 0 2 0x4000000 syz-executor 35935 187431 35679 0 3 0x4000080 fsleep syz-executor 89648 176589 78372 0 3 0x82 nanoslp syz-executor 91747 104915 78372 0 2 0x482 syz-executor 65819 106362 78372 0 2 0x482 syz-executor 54054 335739 78372 0 2 0x482 syz-executor 77649 47124 78372 0 2 0x82 syz-executor 35679 36222 78372 0 2 0x482 syz-executor 78372 152419 3780 0 3 0x82 wait syz-executor 3780 178683 35851 0 3 0x10008a sigsusp ksh 35851 455349 32953 0 3 0x98 kqread sshd-session 32953 467789 32414 0 3 0x92 kqread sshd-session 55212 118725 1 0 3 0x100083 ttyin getty 32414 171555 1 0 3 0x88 kqread sshd 69013 344857 36702 73 3 0x1100090 kqread syslogd 36702 248397 1 0 3 0x100082 sbwait syslogd 41484 435891 1 0 3 0x100080 kqread resolvd 58071 209186 6476 77 3 0x100092 kqread dhcpleased 15738 146563 6476 77 3 0x100092 kqread dhcpleased 6476 400786 1 0 3 0x80 kqread dhcpleased 77336 21050 0 0 3 0x14200 bored smr 82276 276579 0 0 2 0x14200 zerothread 81289 388873 0 0 3 0x14200 aiodoned aiodoned 1889 232017 0 0 3 0x14200 syncer update 32065 372095 0 0 3 0x14200 cleaner cleaner 26491 102260 0 0 3 0x14200 reaper reaper 27101 400900 0 0 3 0x14200 pgdaemon pagedaemon 32775 408630 0 0 3 0x14200 bored viomb 66549 465913 0 0 3 0x40014200 acpi0 acpi0 30937 64097 0 0 3 0x14200 bored softnet3 12494 86231 0 0 3 0x14200 bored softnet2 45882 302313 0 0 3 0x14200 bored softnet1 28387 182126 0 0 3 0x14200 bored softnet0 4259 343700 0 0 3 0x14200 bored systqmp 99377 354982 0 0 3 0x14200 bored systq 96601 304120 0 0 2 0x40014200 softclock 2035 189 0 0 3 0x40014200 idle0 1 412677 0 0 3 0x82 wait init 0 0 -1 0 3 0x10200 scheduler swapper ddb> show all locks No such command ddb> show malloc Type InUse MemUse HighUse Limit Requests Type Lim devbuf 10217 10292K 10292K 166960K 11302 0 pcb 18 12K 12K 166960K 22 0 rtable 239 7K 7K 166960K 367 0 pf 30 12K 12K 166960K 30 0 ifaddr 42 7K 7K 166960K 44 0 ifgroup 50 2K 2K 166960K 50 0 counters 30 17K 17K 166960K 30 0 ioctlops 0 0K 2K 166960K 32 0 iov 0 0K 8K 166960K 2 0 mount 1 1K 1K 166960K 1 0 log 0 0K 0K 166960K 4 0 vnodes 1403 88K 88K 166960K 1426 0 UFS quota 1 32K 32K 166960K 1 0 UFS mount 5 36K 36K 166960K 5 0 shm 2 1K 5K 166960K 3 0 VM map 2 1K 1K 166960K 2 0 sem 2 0K 0K 166960K 2 0 dirhash 12 2K 2K 166960K 12 0 ACPI 1697 195K 286K 166960K 12548 0 file desc 15 53K 97K 166960K 147 0 proc 60 75K 124K 166960K 477 0 subproc 104 6K 6K 166960K 104 0 NFS srvsock 1 0K 0K 166960K 1 0 NFS daemon 1 16K 16K 166960K 1 0 ip_moptions 0 0K 0K 166960K 1 0 in_multi 99 7K 7K 166960K 99 0 ether_multi 1 0K 0K 166960K 1 0 ISOFS mount 1 32K 32K 166960K 1 0 MSDOSFS mount 1 16K 16K 166960K 1 0 ttys 37 175K 175K 166960K 37 0 exec 0 0K 1K 166960K 344 0 tdb 3 0K 0K 166960K 3 0 VM swap 8 62K 64K 166960K 10 0 UVM amap 213 78K 78K 166960K 2832 0 UVM aobj 4 2K 2K 166960K 4 0 pinsyscall 36 72K 98K 166960K 1170 0 memdesc 1 4K 4K 166960K 1 0 crypto data 1 1K 1K 166960K 1 0 NDP 27 2K 2K 166960K 27 0 temp 33 6802K 6866K 166960K 3718 0 kqueue 13 20K 20K 166960K 22 0 SYN cache 2 16K 16K 166960K 2 0 ddb> show all pools Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle rtpcb 120 38 0 35 1 0 1 1 0 8 0 rtentry 112 112 0 1 4 0 4 4 0 8 0 unpcb 144 39 0 16 1 0 1 1 0 8 0 syncache 336 3 0 3 1 0 1 1 0 8 1 tcpcb 808 20 0 15 2 0 2 2 0 8 1 arp 88 18 0 0 1 0 1 1 0 8 0 ipq 40 1 0 0 1 0 1 1 0 8 0 ipqe 40 1 0 0 1 0 1 1 0 8 0 inpcb 336 74 0 66 2 0 2 2 0 8 1 nd6 104 24 0 0 1 0 1 1 0 8 0 kcovpl 48 8 0 0 1 0 1 1 0 8 0 art_heap8 4096 2 0 0 2 0 2 2 0 8 0 art_heap4 256 452 0 0 29 0 29 29 0 8 0 art_table 32 454 0 0 4 0 4 4 0 8 0 art_node 16 111 0 10 1 0 1 1 0 8 0 shmpl 112 1 0 0 1 0 1 1 0 8 0 dirhash 1024 17 0 0 3 0 3 3 0 8 0 dino2pl 256 1567 0 64 95 0 95 95 0 8 0 ffsino 240 1567 0 64 89 0 89 89 0 8 0 nchpl 144 1761 0 83 63 0 63 63 0 8 0 uvmvnodes 80 1719 0 0 36 0 36 36 0 8 0 vnodes 216 1719 0 0 96 0 96 96 0 8 0 namei 1024 5298 0 5297 2 0 2 2 0 8 1 vcpupl 3904 1 0 0 1 0 1 1 0 8 0 vmpool 664 1 0 0 1 0 1 1 0 8 0 kstatmem 264 22 0 0 2 0 2 2 0 8 0 scxspl 216 4956 0 4956 2 0 2 2 1 8 2 plimitpl 152 27 0 10 1 0 1 1 0 8 0 sigapl 424 427 0 383 7 0 7 7 0 8 1 futexpl 64 224 0 220 1 0 1 1 0 8 0 knotepl 120 3007 0 2960 2 0 2 2 0 8 0 kqueuepl 184 19 0 10 1 0 1 1 0 8 0 pipepl 288 102 0 75 2 0 2 2 0 8 0 fdescpl 432 411 0 384 5 0 5 5 0 8 1 filepl 120 1416 0 1131 9 0 9 9 0 8 0 lockfpl 104 8 0 6 1 0 1 1 0 8 0 lockfspl 48 5 0 3 1 0 1 1 0 8 0 sessionpl 144 21 0 13 1 0 1 1 0 8 0 pgrppl 48 29 0 13 1 0 1 1 0 8 0 ucredpl 104 65 0 53 1 0 1 1 0 8 0 zombiepl 144 386 0 383 1 0 1 1 0 8 0 processpl 1096 427 0 383 4 0 4 4 0 8 0 procpl 648 453 0 399 5 0 5 5 0 8 0 sockpl 504 151 0 117 5 0 5 5 0 8 0 mcl8k 8192 7 0 7 1 0 1 1 0 8 1 mcl4k 4096 3 0 3 1 0 1 1 0 8 1 mcl2k 2048 4836 0 4740 26 5 21 26 0 8 6 mtagpl 96 5 0 4 1 0 1 1 0 8 0 mbufpl 256 6463 0 6305 14 0 14 14 0 8 2 bufpl 280 4692 0 89 329 0 329 329 0 8 0 anonpl 24 175305 0 167524 48 0 48 48 0 187 0 amapchunkpl 152 9983 0 9273 30 0 30 30 0 158 0 amappl16 200 5119 0 5108 5 0 5 5 0 8 4 amappl15 192 10 0 10 1 0 1 1 0 8 1 amappl14 184 102 0 92 1 0 1 1 0 8 0 amappl13 176 10 0 10 1 0 1 1 0 8 1 amappl12 168 1121 0 1093 3 0 3 3 0 8 0 amappl11 160 55 0 45 1 0 1 1 0 8 0 amappl10 152 14 0 14 1 0 1 1 0 8 1 amappl9 144 129 0 129 1 0 1 1 0 8 1 amappl8 136 28 0 27 1 0 1 1 0 8 0 amappl7 128 95 0 84 1 0 1 1 0 8 0 amappl6 120 165 0 164 1 0 1 1 0 8 0 amappl5 112 131 0 123 1 0 1 1 0 8 0 amappl4 104 290 0 275 1 0 1 1 0 8 0 amappl3 96 1813 0 1709 3 0 3 3 0 8 0 amappl2 88 613 0 560 2 0 2 2 0 8 0 amappl1 80 7575 0 7039 14 0 14 14 0 8 2 amappl 88 2488 0 2331 4 0 4 4 0 92 0 dma4096 4096 1 0 1 1 0 1 1 0 8 1 dma1024 1024 1 0 0 1 0 1 1 0 8 0 dma256 256 6 0 6 1 0 1 1 0 8 1 dma128 128 253 0 253 1 0 1 1 0 8 1 dma64 64 6 0 6 1 0 1 1 0 8 1 dma32 32 7 0 7 1 0 1 1 0 8 1 dma16 16 18 0 17 1 0 1 1 0 8 0 aobjpl 72 3 0 0 1 0 1 1 0 8 0 uaddrrnd 24 412 0 384 1 0 1 1 0 8 0 uaddrbest 32 2 0 0 1 0 1 1 0 8 0 uaddr 24 412 0 384 1 0 1 1 0 8 0 vmmpekpl 168 5382 0 5338 2 0 2 2 0 8 0 vmmpepl 168 36125 0 34490 79 0 79 79 0 357 2 vmsppl 344 411 0 384 4 0 4 4 0 8 1 rwobjpl 24 17494 0 14932 17 0 17 17 0 8 1 pdppl 4096 830 0 769 96 14 82 82 0 8 21 pvpl 32 302544 0 277313 210 0 210 210 0 265 2 pmappl 216 411 0 384 3 0 3 3 0 8 0 extentpl 40 56 0 38 1 0 1 1 0 8 0 phpool 112 373 0 19 11 0 11 11 0 8 0 ddb> machine ddbcpu 0 No such command ddb> trace db_enter() at db_enter+0x25 sys/arch/amd64/amd64/db_interface.c:437 panic(ffffffff830ab318) at panic+0x1cf sys/kern/subr_prf.c:198 ffs_inode_alloc(fffffd807d906878,8000,fffffd807f7d7548,ffff800037648d60) at ffs_inode_alloc+0x96c sys/ufs/ffs/ffs_alloc.c:404 ufs_makeinode(8000,fffffd806c83dd98,ffff800037649098,ffff8000376490c8) at ufs_makeinode+0xcb sys/ufs/ufs/ufs_vnops.c:1728 ufs_create(ffff800037648e10) at ufs_create+0x4e sys/ufs/ufs/ufs_vnops.c:147 VOP_CREATE(fffffd806c83dd98,ffff800037649098,ffff8000376490c8,ffff800037648e98) at VOP_CREATE+0xff sys/kern/vfs_vops.c:103 vn_open(ffff800037649068,70f,0) at vn_open+0x491 sys/kern/vfs_vnops.c:116 doopenat(ffff80002a48c018,ffffff9c,20000040,70e,0,ffff800037649210) at doopenat+0x31d sys/kern/vfs_syscalls.c:1123 syscall(ffff8000376492c0) at syscall+0x97e sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xc7f93affe30, count: -10 ddb> machine ddbcpu 1 No such command ddb> trace db_enter() at db_enter+0x25 sys/arch/amd64/amd64/db_interface.c:437 panic(ffffffff830ab318) at panic+0x1cf sys/kern/subr_prf.c:198 ffs_inode_alloc(fffffd807d906878,8000,fffffd807f7d7548,ffff800037648d60) at ffs_inode_alloc+0x96c sys/ufs/ffs/ffs_alloc.c:404 ufs_makeinode(8000,fffffd806c83dd98,ffff800037649098,ffff8000376490c8) at ufs_makeinode+0xcb sys/ufs/ufs/ufs_vnops.c:1728 ufs_create(ffff800037648e10) at ufs_create+0x4e sys/ufs/ufs/ufs_vnops.c:147 VOP_CREATE(fffffd806c83dd98,ffff800037649098,ffff8000376490c8,ffff800037648e98) at VOP_CREATE+0xff sys/kern/vfs_vops.c:103 vn_open(ffff800037649068,70f,0) at vn_open+0x491 sys/kern/vfs_vnops.c:116 doopenat(ffff80002a48c018,ffffff9c,20000040,70e,0,ffff800037649210) at doopenat+0x31d sys/kern/vfs_syscalls.c:1123 syscall(ffff8000376492c0) at syscall+0x97e sys/arch/amd64/amd64/trap.c:577 Xsyscall() at Xsyscall+0x128 end of kernel end trace frame: 0xc7f93affe30, count: -10