panic: ffs_blkfree: bad size (2)
0 views
Skip to first unread message
syzbot
Sep 29, 2023, 3:11:09 AM9/29/23
to syzkaller-o...@googlegroups.com
Hello,
syzbot found the following issue on:
HEAD commit: 22f3b8cefb12 fix two wrong function names in the descripti..
git tree: openbsd
console output: https://syzkaller.appspot.com/x/log.txt?x=16248dfa680000
kernel config: https://syzkaller.appspot.com/x/.config?x=1bc15e68cd2a49e5
dashboard link: https://syzkaller.appspot.com/bug?extid=a67731394a9ebc6e7cec
Unfortunately, I don't have any reproducer for this issue yet.
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/bed721d752ba/disk-22f3b8ce.raw.xz
bsd.gdb: https://storage.googleapis.com/syzbot-assets/d0c5cab49461/bsd-22f3b8ce.gdb.xz
kernel image: https://storage.googleapis.com/syzbot-assets/69de8491271b/kernel-22f3b8ce.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+a67731...@syzkaller.appspotmail.com
panic: ffs_blkfree: bad size
Starting stack trace...
panic(ffffffff827c62e5) at panic+0x159 sys/kern/subr_prf.c:229
ffs_blkfree(fffffd807820f698,31121f292abd13fa,4000) at ffs_blkfree+0xa42 sys/ufs/ffs/ffs_alloc.c:1296
ffs_indirtrunc(fffffd807820f698,fffffffffffffff4,227180,0,0,ffff8000216c2338) at ffs_indirtrunc+0x65d sys/ufs/ffs/ffs_inode.c:545
ffs_truncate(fffffd807820f698,33fa8,0,fffffd807f7d7888) at ffs_truncate+0xfd9 sys/ufs/ffs/ffs_inode.c:337
ffs_write(ffff8000216c2570) at ffs_write+0x924
VOP_WRITE(fffffd805faf3128,ffff8000216c2620,3,fffffd807f7d7888) at VOP_WRITE+0xc3 sys/kern/vfs_vops.c:245
ktrwriteraw(ffff800021633008,fffffd805faf3128,fffffd807f7d7888,ffff8000216c26e0,ffff8000216c26c0) at ktrwriteraw+0x14a sys/kern/kern_ktrace.c:664
ktrstruct(ffff800021633008,ffffffff8276fab2,ffff8000216c2820,10) at ktrstruct+0x156 ktrwrite2 sys/kern/kern_ktrace.c:627 [inline]
ktrstruct(ffff800021633008,ffffffff8276fab2,ffff8000216c2820,10) at ktrstruct+0x156 sys/kern/kern_ktrace.c:308
thrsleep(ffff800021633008,ffff8000216c2890) at thrsleep+0x100 sys/kern/kern_synch.c:636
sys___thrsleep(ffff800021633008,ffff8000216c2890,ffff8000216c28e0) at sys___thrsleep+0xb5 sys/kern/kern_synch.c:718
syscall(ffff8000216c2960) at syscall+0x4a8 sys/arch/amd64/amd64/trap.c:623
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x23fd3cb60, count: 245
End of stack trace.
syncing disks...23 20 done
dump to dev 4,1 not possible
rebooting...
SeaBIOS (version 1.8.2-google)
Total RAM Size = 0x0000000080000000 = 2048 MiB
CPUs found: 2 Max CPUs supported: 2
SeaBIOS (version 1.8.2-google)
Machine UUID 860ebdd0-427f-2be6-5726-fd56b385017a
found virtio-scsi at 0:3
virtio-scsi vendor='Google' product='PersistentDisk' rev='1' type=0 removable=0
virtio-scsi blksize=512 sectors=4194304 = 2048 MiB
drive 0x000f28a0: PCHS=0/0/0 translation=lba LCHS=520/128/63 s=4194304
Sending Seabios boot VM event.
Booting from Hard Disk 0...
>> OpenBSD/amd64 BOOT 3.65
boot> set $lines = 0
set: syntax error
boot> set $maxwidth = 0
set: syntax error
boot> show panic
boot: illegal argument panic
boot> trace
boot> show registers
boot> show proc
boot> ps
boot> show all locks
boot> show malloc
boot> show all pools
boot> machine ddbcpu 0
machine: syntax error
boot> trace
boot> machine ddbcpu 1
machine: syntax error
boot> trace
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
If the bug is already fixed, let syzbot know by replying with:
#syz fix: exact-commit-title
If you want to overwrite bug's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)
If the bug is a duplicate of another bug, reply with:
#syz dup: exact-subject-of-another-report
If you want to undo deduplication, reply with:
#syz undup
syzbot found the following issue on:
HEAD commit: 22f3b8cefb12 fix two wrong function names in the descripti..
git tree: openbsd
console output: https://syzkaller.appspot.com/x/log.txt?x=16248dfa680000
kernel config: https://syzkaller.appspot.com/x/.config?x=1bc15e68cd2a49e5
dashboard link: https://syzkaller.appspot.com/bug?extid=a67731394a9ebc6e7cec
Unfortunately, I don't have any reproducer for this issue yet.
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/bed721d752ba/disk-22f3b8ce.raw.xz
bsd.gdb: https://storage.googleapis.com/syzbot-assets/d0c5cab49461/bsd-22f3b8ce.gdb.xz
kernel image: https://storage.googleapis.com/syzbot-assets/69de8491271b/kernel-22f3b8ce.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+a67731...@syzkaller.appspotmail.com
panic: ffs_blkfree: bad size
Starting stack trace...
panic(ffffffff827c62e5) at panic+0x159 sys/kern/subr_prf.c:229
ffs_blkfree(fffffd807820f698,31121f292abd13fa,4000) at ffs_blkfree+0xa42 sys/ufs/ffs/ffs_alloc.c:1296
ffs_indirtrunc(fffffd807820f698,fffffffffffffff4,227180,0,0,ffff8000216c2338) at ffs_indirtrunc+0x65d sys/ufs/ffs/ffs_inode.c:545
ffs_truncate(fffffd807820f698,33fa8,0,fffffd807f7d7888) at ffs_truncate+0xfd9 sys/ufs/ffs/ffs_inode.c:337
ffs_write(ffff8000216c2570) at ffs_write+0x924
VOP_WRITE(fffffd805faf3128,ffff8000216c2620,3,fffffd807f7d7888) at VOP_WRITE+0xc3 sys/kern/vfs_vops.c:245
ktrwriteraw(ffff800021633008,fffffd805faf3128,fffffd807f7d7888,ffff8000216c26e0,ffff8000216c26c0) at ktrwriteraw+0x14a sys/kern/kern_ktrace.c:664
ktrstruct(ffff800021633008,ffffffff8276fab2,ffff8000216c2820,10) at ktrstruct+0x156 ktrwrite2 sys/kern/kern_ktrace.c:627 [inline]
ktrstruct(ffff800021633008,ffffffff8276fab2,ffff8000216c2820,10) at ktrstruct+0x156 sys/kern/kern_ktrace.c:308
thrsleep(ffff800021633008,ffff8000216c2890) at thrsleep+0x100 sys/kern/kern_synch.c:636
sys___thrsleep(ffff800021633008,ffff8000216c2890,ffff8000216c28e0) at sys___thrsleep+0xb5 sys/kern/kern_synch.c:718
syscall(ffff8000216c2960) at syscall+0x4a8 sys/arch/amd64/amd64/trap.c:623
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x23fd3cb60, count: 245
End of stack trace.
syncing disks...23 20 done
dump to dev 4,1 not possible
rebooting...
SeaBIOS (version 1.8.2-google)
Total RAM Size = 0x0000000080000000 = 2048 MiB
CPUs found: 2 Max CPUs supported: 2
SeaBIOS (version 1.8.2-google)
Machine UUID 860ebdd0-427f-2be6-5726-fd56b385017a
found virtio-scsi at 0:3
virtio-scsi vendor='Google' product='PersistentDisk' rev='1' type=0 removable=0
virtio-scsi blksize=512 sectors=4194304 = 2048 MiB
drive 0x000f28a0: PCHS=0/0/0 translation=lba LCHS=520/128/63 s=4194304
Sending Seabios boot VM event.
Booting from Hard Disk 0...
>> OpenBSD/amd64 BOOT 3.65
boot> set $lines = 0
set: syntax error
boot> set $maxwidth = 0
set: syntax error
boot> show panic
boot: illegal argument panic
boot> trace
boot> show registers
boot> show proc
boot> ps
boot> show all locks
boot> show malloc
boot> show all pools
boot> machine ddbcpu 0
machine: syntax error
boot> trace
boot> machine ddbcpu 1
machine: syntax error
boot> trace
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
If the bug is already fixed, let syzbot know by replying with:
#syz fix: exact-commit-title
If you want to overwrite bug's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)
If the bug is a duplicate of another bug, reply with:
#syz dup: exact-subject-of-another-report
If you want to undo deduplication, reply with:
#syz undup
syzbot
Dec 28, 2023, 2:11:12 AM12/28/23
to syzkaller-o...@googlegroups.com
Auto-closing this bug as obsolete.
Crashes did not happen for a while, no reproducer and no activity.
Crashes did not happen for a while, no reproducer and no activity.
Reply all
Reply to author
Forward
0 new messages