syzbot

 sign-in | mailing list | source | docs
🐞 Open [101]
🐞 Fixed [277]
🐞 Invalid [850]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
💬 Send us feedback

pool: free list modified: shmpl (6)

Status: upstream: reported on 2025/02/04 10:40
Reported-by: syzbot+640f5b53834a8559e680@syzkaller.appspotmail.com
First crash: 50d, last: 10d
Similar bugs (5)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
openbsd pool: free list modified: shmpl (3) 1 1756d 1756d 0/3 auto-closed as invalid on 2020/09/01 15:24
openbsd pool: free list modified: shmpl C 22 2121d 2215d 3/3 fixed on 2019/10/29 17:45
openbsd pool: free list modified: shmpl (5) 43 128d 220d 0/3 auto-obsoleted due to no activity on 2025/01/07 01:02
openbsd pool: free list modified: shmpl (2) 1 1937d 1937d 0/3 auto-closed as invalid on 2020/03/04 23:09
openbsd pool: free list modified: shmpl (4) 1 498d 498d 0/3 auto-obsoleted due to no activity on 2024/02/11 22:36

Sample crash report:
panic: pool_do_get: shmpl free list modified: page 0xfffffd806c92d000; item addr 0xfffffd806c92d628; offset 0x40=0xfe1eccf1
Starting stack trace...
panic(ffffffff83376366) at panic+0x1ba sys/kern/subr_prf.c:229
pool_do_get(ffffffff8389e260,1,ffff800030147bd8) at pool_do_get+0x5be
pool_get(ffffffff8389e260,1) at pool_get+0x103
shmget_allocate_segment(ffff80002a7ab748,ffff800030147e30,0,ffff800030147d80) at shmget_allocate_segment+0x1a7
sys_shmget(ffff80002a7ab748,ffff800030147e30,ffff800030147d80) at sys_shmget+0x1b2 sys/kern/sysv_shm.c:482
syscall(ffff800030147e30) at syscall+0x97e sys/arch/amd64/amd64/trap.c:577
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x9e78fb4bab0, count: 250
End of stack trace.

Crashes (115):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2025/03/15 16:28 openbsd d50894551f06 e2826670 .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-main pool: free list modified: shmpl
2025/03/15 15:21 openbsd d50894551f06 e2826670 .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-multicore pool: free list modified: shmpl
2025/03/14 23:05 openbsd 337881db45d6 e2826670 .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-main pool: free list modified: shmpl
2025/03/14 17:09 openbsd 00df6ea29c1b e2826670 .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-setuid pool: free list modified: shmpl
2025/03/14 11:17 openbsd 00df6ea29c1b e2826670 .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-setuid pool: free list modified: shmpl
2025/03/14 07:53 openbsd 93c57cabe698 e2826670 .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-setuid pool: free list modified: shmpl
2025/03/14 05:15 openbsd 93c57cabe698 e2826670 .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-multicore pool: free list modified: shmpl
2025/03/14 02:24 openbsd 93c57cabe698 e2826670 .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-main pool: free list modified: shmpl
2025/03/14 00:54 openbsd 93c57cabe698 e2826670 .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-multicore pool: free list modified: shmpl
2025/03/13 10:04 openbsd dd809e4cd4f7 44be8b44 .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-setuid pool: free list modified: shmpl
2025/03/13 08:13 openbsd dd809e4cd4f7 44be8b44 .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-setuid pool: free list modified: shmpl
2025/03/13 04:48 openbsd f24522bc9568 1a5d9317 .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-main pool: free list modified: shmpl
2025/03/13 01:30 openbsd f24522bc9568 1a5d9317 .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-main pool: free list modified: shmpl
2025/03/12 17:00 openbsd c328ddbe3d16 ee70e6db .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-main pool: free list modified: shmpl
2025/03/12 15:51 openbsd c328ddbe3d16 ee70e6db .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-multicore pool: free list modified: shmpl
2025/03/12 13:48 openbsd c328ddbe3d16 ee70e6db .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-setuid pool: free list modified: shmpl
2025/03/12 10:33 openbsd c328ddbe3d16 ee70e6db .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-main pool: free list modified: shmpl
2025/03/12 08:56 openbsd c328ddbe3d16 ee70e6db .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-multicore pool: free list modified: shmpl
2025/03/12 01:14 openbsd 2747bf3bb72f f2eee6b3 .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-multicore pool: free list modified: shmpl
2025/03/11 22:56 openbsd 2747bf3bb72f f2eee6b3 .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-setuid pool: free list modified: shmpl
2025/03/11 21:54 openbsd 2747bf3bb72f f2eee6b3 .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-multicore pool: free list modified: shmpl
2025/03/11 19:24 openbsd 2747bf3bb72f f2eee6b3 .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-multicore pool: free list modified: shmpl
2025/03/11 14:41 openbsd 4b6c60d68713 16256247 .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-multicore pool: free list modified: shmpl
2025/03/11 11:58 openbsd 4b6c60d68713 16256247 .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-setuid pool: free list modified: shmpl
2025/03/11 10:45 openbsd 4b6c60d68713 16256247 .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-setuid pool: free list modified: shmpl
2025/03/11 06:31 openbsd 4b6c60d68713 16256247 .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-setuid pool: free list modified: shmpl
2025/03/11 04:18 openbsd 4b6c60d68713 16256247 .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-setuid pool: free list modified: shmpl
2025/03/10 19:31 openbsd 8d6481d63f8c 16256247 .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-multicore pool: free list modified: shmpl
2025/03/10 18:04 openbsd 8d6481d63f8c 16256247 .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-setuid pool: free list modified: shmpl
2025/03/10 14:32 openbsd 8d6481d63f8c 16256247 .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-main pool: free list modified: shmpl
2025/03/10 06:24 openbsd 7475d27301c2 163f510d .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-main pool: free list modified: shmpl
2025/03/10 01:51 openbsd 7475d27301c2 163f510d .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-multicore pool: free list modified: shmpl
2025/03/09 10:49 openbsd 147d2ad00d69 163f510d .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-setuid pool: free list modified: shmpl
2025/03/08 17:25 openbsd aa707e2a580f 7e3bd60d .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-setuid pool: free list modified: shmpl
2025/03/08 16:10 openbsd aa707e2a580f 7e3bd60d .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-setuid pool: free list modified: shmpl
2025/03/08 10:27 openbsd 083866324387 7e3bd60d .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-setuid pool: free list modified: shmpl
2025/03/08 06:57 openbsd 083866324387 7e3bd60d .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-multicore pool: free list modified: shmpl
2025/03/08 02:48 openbsd 083866324387 7e3bd60d .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-setuid pool: free list modified: shmpl
2025/03/07 21:50 openbsd 5a10b86fdff2 7e3bd60d .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-main pool: free list modified: shmpl
2025/03/07 19:19 openbsd 046fdfd47363 7e3bd60d .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-multicore pool: free list modified: shmpl
2025/03/07 17:37 openbsd 5a10b86fdff2 7e3bd60d .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-setuid pool: free list modified: shmpl
2025/03/07 09:41 openbsd 9ece57e35bce 831e3629 .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-setuid pool: free list modified: shmpl
2025/03/06 18:45 openbsd 03a0e6b8181a 831e3629 .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-setuid pool: free list modified: shmpl
2025/03/06 07:43 openbsd df8d7e9fbbdf 034534df .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-setuid pool: free list modified: shmpl
2025/03/06 06:43 openbsd df8d7e9fbbdf 034534df .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-setuid pool: free list modified: shmpl
2025/03/06 03:28 openbsd df8d7e9fbbdf 034534df .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-setuid pool: free list modified: shmpl
2025/03/05 22:50 openbsd df8d7e9fbbdf 034534df .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-setuid pool: free list modified: shmpl
2025/02/04 10:39 openbsd 1eab3ea7ad62 8f267cef .config console log report [disk image] [bsd.gdb] [kernel image] ci-openbsd-multicore pool: free list modified: shmpl
* Struck through repros no longer work on HEAD.