pool: cpu free list modified: mbufpl (3)
0 views
Skip to first unread message
syzbot
Oct 24, 2023, 7:03:08 AM10/24/23
to syzkaller-o...@googlegroups.com
Hello,
syzbot found the following issue on:
HEAD commit: 5fd2bbf05546 Make sure that unpacking of an AgentX OID doe..
git tree: openbsd
console output: https://syzkaller.appspot.com/x/log.txt?x=147eb5a3680000
kernel config: https://syzkaller.appspot.com/x/.config?x=7058272de1526588
dashboard link: https://syzkaller.appspot.com/bug?extid=0f9390c5f3f75976996f
Unfortunately, I don't have any reproducer for this issue yet.
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/ad9de21cbafd/disk-5fd2bbf0.raw.xz
bsd.gdb: https://storage.googleapis.com/syzbot-assets/36be3d1dbc47/bsd-5fd2bbf0.gdb.xz
kernel image: https://storage.googleapis.com/syzbot-assets/2fe2c197f7ba/kernel-5fd2bbf0.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+0f9390...@syzkaller.appspotmail.com
panic: pool_cache_item_magic_check: mbufpl cpu free list modified: item addr 0xfffffd8060246c00+16 0x0!=0x790190691e4b9908
Starting stack trace...
panic(ffffffff827ac4ec) at panic+0x16f sys/kern/subr_prf.c:229
pool_cache_get(ffffffff82d1bd78) at pool_cache_get+0x313 sys/kern/subr_pool.c:1897
pool_get(ffffffff82d1bd78,1) at pool_get+0x93 sys/kern/subr_pool.c:573
m_gethdr(1,1) at m_gethdr+0x67 sys/kern/uipc_mbuf.c:277
m_getuio(ffff800028796cc8,1,1f1b,ffff800028796d90) at m_getuio+0xa4 sys/kern/uipc_socket.c:685
sosend(fffffd805a1573d0,0,ffff800028796d90,0,0,0) at sosend+0x4f4 sys/kern/uipc_socket.c:639
sendit(ffff80002128b7f0,4,ffff800028796f28,0,ffff800028796f18) at sendit+0x65d sys/kern/uipc_syscalls.c:786
sys_sendmmsg(ffff80002128b7f0,ffff800028797000,ffff800028797050) at sys_sendmmsg+0x344 sys/kern/uipc_syscalls.c:677
syscall(ffff8000287970d0) at syscall+0x606 mi_syscall sys/sys/syscall_mi.h:110 [inline]
syscall(ffff8000287970d0) at syscall+0x606 sys/arch/amd64/amd64/trap.c:623
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0xcae4a669930, count: 247
End of stack trace.
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
If the bug is already fixed, let syzbot know by replying with:
#syz fix: exact-commit-title
If you want to overwrite bug's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)
If the bug is a duplicate of another bug, reply with:
#syz dup: exact-subject-of-another-report
If you want to undo deduplication, reply with:
#syz undup
syzbot found the following issue on:
HEAD commit: 5fd2bbf05546 Make sure that unpacking of an AgentX OID doe..
git tree: openbsd
console output: https://syzkaller.appspot.com/x/log.txt?x=147eb5a3680000
kernel config: https://syzkaller.appspot.com/x/.config?x=7058272de1526588
dashboard link: https://syzkaller.appspot.com/bug?extid=0f9390c5f3f75976996f
Unfortunately, I don't have any reproducer for this issue yet.
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/ad9de21cbafd/disk-5fd2bbf0.raw.xz
bsd.gdb: https://storage.googleapis.com/syzbot-assets/36be3d1dbc47/bsd-5fd2bbf0.gdb.xz
kernel image: https://storage.googleapis.com/syzbot-assets/2fe2c197f7ba/kernel-5fd2bbf0.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+0f9390...@syzkaller.appspotmail.com
panic: pool_cache_item_magic_check: mbufpl cpu free list modified: item addr 0xfffffd8060246c00+16 0x0!=0x790190691e4b9908
Starting stack trace...
panic(ffffffff827ac4ec) at panic+0x16f sys/kern/subr_prf.c:229
pool_cache_get(ffffffff82d1bd78) at pool_cache_get+0x313 sys/kern/subr_pool.c:1897
pool_get(ffffffff82d1bd78,1) at pool_get+0x93 sys/kern/subr_pool.c:573
m_gethdr(1,1) at m_gethdr+0x67 sys/kern/uipc_mbuf.c:277
m_getuio(ffff800028796cc8,1,1f1b,ffff800028796d90) at m_getuio+0xa4 sys/kern/uipc_socket.c:685
sosend(fffffd805a1573d0,0,ffff800028796d90,0,0,0) at sosend+0x4f4 sys/kern/uipc_socket.c:639
sendit(ffff80002128b7f0,4,ffff800028796f28,0,ffff800028796f18) at sendit+0x65d sys/kern/uipc_syscalls.c:786
sys_sendmmsg(ffff80002128b7f0,ffff800028797000,ffff800028797050) at sys_sendmmsg+0x344 sys/kern/uipc_syscalls.c:677
syscall(ffff8000287970d0) at syscall+0x606 mi_syscall sys/sys/syscall_mi.h:110 [inline]
syscall(ffff8000287970d0) at syscall+0x606 sys/arch/amd64/amd64/trap.c:623
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0xcae4a669930, count: 247
End of stack trace.
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
If the bug is already fixed, let syzbot know by replying with:
#syz fix: exact-commit-title
If you want to overwrite bug's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)
If the bug is a duplicate of another bug, reply with:
#syz dup: exact-subject-of-another-report
If you want to undo deduplication, reply with:
#syz undup
syzbot
Jan 22, 2024, 6:03:13 AMJan 22
to syzkaller-o...@googlegroups.com
Auto-closing this bug as obsolete.
Crashes did not happen for a while, no reproducer and no activity.
Crashes did not happen for a while, no reproducer and no activity.
Reply all
Reply to author
Forward
0 new messages