syzbot

 sign-in | mailing list | source | docs
🐞 Open [171]
🐞 Fixed [299]
🐞 Invalid [970]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
💬 Send us feedback

panic: ffs_blkfree: bad size (6)

Status: upstream: reported on 2026/01/08 23:36
Reported-by: syzbot+354f9e7b763606ac8c86@syzkaller.appspotmail.com
First crash: 52d, last: 31d
Similar bugs (5)
Kernel Title Rank 🛈 Repro Cause bisect Fix bisect Count Last Reported Patched Status
openbsd panic: ffs_blkfree: bad size (3) 2 1 779d 779d 0/3 auto-obsoleted due to no activity on 2024/04/11 20:56
openbsd panic: ffs_blkfree: bad size (5) 2 8 358d 387d 0/3 auto-obsoleted due to no activity on 2025/06/06 15:13
openbsd panic: ffs_blkfree: bad size (4) 2 5 562d 661d 0/3 auto-obsoleted due to no activity on 2024/11/14 17:32
openbsd panic: ffs_blkfree: bad size 2 2 2433d 2437d 0/3 auto-closed as invalid on 2019/10/25 14:12
openbsd panic: ffs_blkfree: bad size (2) 2 1 884d 884d 0/3 auto-obsoleted due to no activity on 2023/12/28 07:11

Sample crash report:
panic: ffs_blkfree: bad size
Starting stack trace...
panic(ffffffff833ccae4) at panic+0x1d0 sys/kern/subr_prf.c:229
ffs_blkfree(fffffd806c6b7e20,6c93a001,4000) at ffs_blkfree+0xd4c sys/ufs/ffs/ffs_alloc.c:1285
ffs_indirtrunc(fffffd806c6b7e20,fffffffffffffff4,16d660,ffffffffffffffff,0,ffff80002a3942d8) at ffs_indirtrunc+0x7ca sys/ufs/ffs/ffs_inode.c:-1
ffs_truncate(fffffd806c6b7e20,0,0,ffffffffffffffff) at ffs_truncate+0x103f sys/ufs/ffs/ffs_inode.c:297
ufs_inactive(ffff80002a394430) at ufs_inactive+0x202 sys/ufs/ufs/ufs_inode.c:84
VOP_INACTIVE(fffffd806bb7deb0,ffff80002a29cd10) at VOP_INACTIVE+0x104 sys/kern/vfs_vops.c:498
vrele(fffffd806bb7deb0) at vrele+0x129 sys/kern/vfs_subr.c:837
ktrsettrace(ffff8000ffff1820,a0c7df9f,fffffd806c630a30,fffffd80097fd618) at ktrsettrace+0xe7 sys/kern/kern_ktrace.c:122
ktrops(ffff80002a29cd10,ffff8000ffff1820,0,a0c7df9f,fffffd806c630a30,fffffd80097fd618) at ktrops+0x26c sys/kern/kern_ktrace.c:573
doktrace(fffffd806c630a30,4,20c7df9f,0,ffff80002a29cd10) at doktrace+0x6bd ktrsetchildren sys/kern/kern_ktrace.c:595 [inline]
doktrace(fffffd806c630a30,4,20c7df9f,0,ffff80002a29cd10) at doktrace+0x6bd sys/kern/kern_ktrace.c:517
sys_ktrace(ffff80002a29cd10,ffff80002a3948a0,ffff80002a3947f0) at sys_ktrace+0x11c sys/kern/kern_ktrace.c:558
syscall(ffff80002a3948a0) at syscall+0xb17 mi_syscall sys/sys/syscall_mi.h:176 [inline]
syscall(ffff80002a3948a0) at syscall+0xb17 sys/arch/amd64/amd64/trap.c:775
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0xd04876bed00, count: 244
End of stack trace.

Crashes (2):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2026/01/29 07:29 openbsd 132d3f17556a b78a7341 .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-multicore panic: ffs_blkfree: bad size
2026/01/08 23:35 openbsd b9d9e3fc96bc c1f5c7d0 .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-multicore panic: ffs_blkfree: bad size
* Struck through repros no longer work on HEAD.