syzbot


pool: free list modified: pdppl (3)

Status: auto-obsoleted due to no activity on 2023/01/20 06:59
Reported-by: syzbot+614c458f83ae2631c788@syzkaller.appspotmail.com
First crash: 106d, last: 106d
similar bugs (2):
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
openbsd pool: free list modified: pdppl 1 1191d 1191d 0/3 closed as invalid on 2019/11/03 08:39
openbsd pool: free list modified: pdppl (2) 1 423d 423d 0/3 auto-closed as invalid on 2022/03/09 08:14

Sample crash report:
panic: pool_do_get: pdppl free list modified: page 0xfffffd807c79f000; item addr 0xfffffd807c79f000; offset 0x0=0x11e57ed0 != 0x8c1db69afe7e0cc9
Stopped at      db_enter+0x18:  addq    $0x8,%rsp
    TID    PID    UID     PRFLAGS     PFLAGS  CPU  COMMAND
*345037  66840      0         0x2          0    0  syz-executor.4
db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:437
panic(ffffffff82618cf2) at panic+0x161 sys/kern/subr_prf.c:198
pool_do_get(ffffffff829db668,1,ffff8000231c5628) at pool_do_get+0x427 sys/kern/subr_pool.c:738
pool_get(ffffffff829db668,1) at pool_get+0xb3 sys/kern/subr_pool.c:582
pmap_create() at pmap_create+0x13f sys/arch/amd64/amd64/pmap.c:1337
uvmspace_fork(ffff800021711798) at uvmspace_fork+0x60 uvmspace_init sys/uvm/uvm_map.c:3325 [inline]
uvmspace_fork(ffff800021711798) at uvmspace_fork+0x60 uvmspace_alloc sys/uvm/uvm_map.c:3303 [inline]
uvmspace_fork(ffff800021711798) at uvmspace_fork+0x60 sys/uvm/uvm_map.c:3896
process_new(ffff8000231f5510,ffff800021711798,1) at process_new+0x304 sys/kern/kern_fork.c:260
fork1(ffff8000217ae2a8,1,ffffffff81ca0de0,0,ffff8000231c5900,0) at fork1+0x30c sys/kern/kern_fork.c:379
syscall(ffff8000231c5970) at syscall+0x447 sys/arch/amd64/amd64/trap.c:585
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x7f7ffffe0850, count: 5
https://www.openbsd.org/ddb.html describes the minimum info required in bug
reports.  Insufficient info makes it difficult to find and fix bugs.
ddb> 
ddb> set $lines = 0
ddb> set $maxwidth = 0
ddb> show panic
*cpu0: pool_do_get: pdppl free list modified: page 0xfffffd807c79f000; item addr 0xfffffd807c79f000; offset 0x0=0x11e57ed0 != 0x8c1db69afe7e0cc9
ddb> trace
db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:437
panic(ffffffff82618cf2) at panic+0x161 sys/kern/subr_prf.c:198
pool_do_get(ffffffff829db668,1,ffff8000231c5628) at pool_do_get+0x427 sys/kern/subr_pool.c:738
pool_get(ffffffff829db668,1) at pool_get+0xb3 sys/kern/subr_pool.c:582
pmap_create() at pmap_create+0x13f sys/arch/amd64/amd64/pmap.c:1337
uvmspace_fork(ffff800021711798) at uvmspace_fork+0x60 uvmspace_init sys/uvm/uvm_map.c:3325 [inline]
uvmspace_fork(ffff800021711798) at uvmspace_fork+0x60 uvmspace_alloc sys/uvm/uvm_map.c:3303 [inline]
uvmspace_fork(ffff800021711798) at uvmspace_fork+0x60 sys/uvm/uvm_map.c:3896
process_new(ffff8000231f5510,ffff800021711798,1) at process_new+0x304 sys/kern/kern_fork.c:260
fork1(ffff8000217ae2a8,1,ffffffff81ca0de0,0,ffff8000231c5900,0) at fork1+0x30c sys/kern/kern_fork.c:379
syscall(ffff8000231c5970) at syscall+0x447 sys/arch/amd64/amd64/trap.c:585
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x7f7ffffe0850, count: -10
ddb> show registers
rdi                                0
rsi                              0x1
rbp               0xffff8000231c54a0
rbx               0x8c1db69afe7e0cc9
rdx                                0
rcx                                0
rax               0xffff8000217ae2a8
r8                 0x101010101010101
r9                0x8080808080808080
r10               0x4f1d51cc3993af9a
r11               0xe3fce8d2ed1265c6
r12                                0
r13               0xfffffd807c79f000
r14                                0
r15                              0x1
rip               0xffffffff823ac408    db_enter+0x18
cs                               0x8
rflags                         0x246
rsp               0xffff8000231c5490
ss                              0x10
db_enter+0x18:  addq    $0x8,%rsp
ddb> show proc
PROC (syz-executor.4) pid=345037 stat=onproc
    flags process=2<EXEC> proc=0
    pri=81, usrpri=81, nice=20
    forw=0xffffffffffffffff, list=0xffff8000231f4550,0xffff80002cec42b8
    process=0xffff800021711798 user=0xffff8000231c0000, vmspace=0xfffffd805ec7c118
    estcpu=36, cpticks=2, pctcpu=0.0
    user=0, sys=2, intr=0
ddb> ps
   PID     TID   PPID    UID  S       FLAGS  WAIT          COMMAND
 92308  210338  29189      0  2           0                syz-executor.7
 92308  188229  29189      0  3   0x4000080  fsleep        syz-executor.7
 80926  252401  33578      0  3        0x80  nanoslp       syz-executor.6
 80926  177073  33578      0  3   0x4000080  fsleep        syz-executor.6
 67969   83641  45832      0  2           0                syz-executor.3
 67969  330778  45832      0  3   0x4000080  fsleep        syz-executor.3
 81835  298736  20449      0  2           0                syz-executor.1
 81835  171127  20449      0  3   0x4000080  fsleep        syz-executor.1
 54504  422930  60657      0  2           0                syz-executor.0
 54504  271169  60657      0  3   0x4000080  fsleep        syz-executor.0
 54504  408234  60657      0  3   0x4000080  fsleep        syz-executor.0
 54504  217584  60657      0  3   0x4000080  fsleep        syz-executor.0
 31454  359145  53697      0  2           0                syz-executor.2
 31454   68004  53697      0  2   0x4000000                syz-executor.2
 60657  235510  12197      0  3        0x82  nanoslp       syz-executor.0
 29189  352899  12197      0  3        0x82  nanoslp       syz-executor.7
 20449  276439  12197      0  3        0x82  nanoslp       syz-executor.1
 64129  468245  12197      0  3        0x82  nanoslp       syz-executor.5
*66840  345037  12197      0  7         0x2                syz-executor.4
 33578  226496  12197      0  3        0x82  nanoslp       syz-executor.6
 45832  292710  12197      0  3        0x82  nanoslp       syz-executor.3
 55107  347486      1      0  3    0x100083  ttyin         getty
 53697  209882  12197      0  3        0x82  nanoslp       syz-executor.2
 26381  286346      0      0  3     0x14200  acct          acct
 20030  399758      0      0  3     0x14280  nfsidl        nfsio
 56144  378931      0      0  3     0x14280  nfsidl        nfsio
 20997  220089      0      0  3     0x14280  nfsidl        nfsio
 41770  455032      0      0  3     0x14280  nfsidl        nfsio
 49110    3500      0      0  3     0x14280  nfsidl        nfsio
 41403   36619      0      0  3     0x14280  nfsidl        nfsio
 12690   63206      0      0  3     0x14280  nfsidl        nfsio
 99188  503433      0      0  3     0x14280  nfsidl        nfsio
 50032   70992      0      0  3     0x14280  nfsidl        nfsio
 80137  455796      0      0  3     0x14280  nfsidl        nfsio
 68329  222572      0      0  3     0x14280  nfsidl        nfsio
 50825  321158      0      0  3     0x14280  nfsidl        nfsio
 62077   90452      0      0  3     0x14280  nfsidl        nfsio
 47346  198877      0      0  3     0x14280  nfsidl        nfsio
  5145  442396      0      0  3     0x14280  nfsidl        nfsio
 14155  403207      0      0  3     0x14280  nfsidl        nfsio
 89058   32676      0      0  3     0x14280  nfsidl        nfsio
 10635   29020      0      0  3     0x14280  nfsidl        nfsio
 52034   28865      0      0  3     0x14280  nfsidl        nfsio
 23153  454065      0      0  3     0x14280  nfsidl        nfsio
 70355  321590      0      0  3     0x14200  bored         sosplice
 12197   83719  72061      0  3        0x82  thrsleep      syz-fuzzer
 12197  235965  72061      0  3   0x4000082  nanoslp       syz-fuzzer
 12197  119812  72061      0  3   0x4000082  thrsleep      syz-fuzzer
 12197  217303  72061      0  3   0x4000082  wait          syz-fuzzer
 12197  502420  72061      0  3   0x4000082  thrsleep      syz-fuzzer
 12197   20692  72061      0  3   0x4000082  wait          syz-fuzzer
 12197  166025  72061      0  3   0x4000082  wait          syz-fuzzer
 12197    1669  72061      0  3   0x4000082  wait          syz-fuzzer
 12197  293476  72061      0  3   0x4000082  thrsleep      syz-fuzzer
 12197  251419  72061      0  3   0x4000082  wait          syz-fuzzer
 12197   38847  72061      0  3   0x4000082  wait          syz-fuzzer
 12197  360051  72061      0  3   0x4000082  wait          syz-fuzzer
 12197  138076  72061      0  3   0x4000082  wait          syz-fuzzer
 12197  123441  72061      0  3   0x4000082  kqread        syz-fuzzer
 72061   74360  48701      0  3    0x10008a  sigsusp       ksh
 48701  435861  22350      0  3        0x9a  kqread        sshd
 22350  469444      1      0  3        0x88  kqread        sshd
 56699  299575  87956     73  3   0x1100090  kqread        syslogd
 87956  333647      1      0  3    0x100082  netio         syslogd
 54115  486239      1      0  3    0x100080  kqread        resolvd
 55812  388778  79066     77  3    0x100092  kqread        dhcpleased
  5115  344141  79066     77  3    0x100092  kqread        dhcpleased
 79066  198958      1      0  3        0x80  kqread        dhcpleased
 90590    3604      0      0  3     0x14200  bored         smr
 44121  446193      0      0  2     0x14200                zerothread
 32511  207278      0      0  3     0x14200  aiodoned      aiodoned
 78399  410468      0      0  3     0x14200  syncer        update
  6773  410363      0      0  3     0x14200  cleaner       cleaner
 64614  247468      0      0  3     0x14200  reaper        reaper
 61474  208708      0      0  3     0x14200  pgdaemon      pagedaemon
 91101   32344      0      0  3     0x14200  bored         viomb
 87115  506443      0      0  3  0x40014200  acpi0         acpi0
  5081  320854      0      0  3     0x14200  bored         softnet
 84797  491124      0      0  3     0x14200  bored         softnet
 69705  379300      0      0  3     0x14200  bored         softnet
 11862  292134      0      0  3     0x14200  bored         softnet
 99740  314982      0      0  3     0x14200  bored         systqmp
  7664  413211      0      0  3     0x14200  bored         systq
 69390  205342      0      0  3  0x40014200  bored         softclock
  6532  258434      0      0  3  0x40014200                idle0
     1   39981      0      0  3        0x82  wait          init
     0       0     -1      0  3     0x10200  scheduler     swapper
ddb> show all locks
No such command
ddb> show malloc
           Type InUse  MemUse  HighUse   Limit  Requests Type Lim
         devbuf 10197   6427K    6831K  78643K     19618        0
            pcb    13     18K      23K  78643K      1150        0
         rtable   179     18K      20K  78643K      3942        0
         ifaddr   130     33K      33K  78643K      1457        0
         sysctl     3      1K       1K  78643K         3        0
       counters    24     17K      17K  78643K       214        0
       ioctlops     0      0K       4K  78643K      3778        0
            iov     0      0K      32K  78643K       905        0
          mount     1      1K       1K  78643K         1        0
            log     0      0K       0K  78643K         4        0
         vnodes  1488     93K      93K  78643K      5632        0
      UFS quota     1     32K      32K  78643K         1        0
      UFS mount     5     36K      36K  78643K         5        0
            shm     2      1K       5K  78643K        72        0
         VM map     2      0K       0K  78643K         2        0
            sem    12      0K       1K  78643K       581        0
        dirhash    12      2K       2K  78643K        12        0
           ACPI  1697    195K     286K  78643K     12548        0
      file desc    17     61K      65K  78643K      8198        0
          sigio     0      0K       0K  78643K      1062        0
           proc    59     59K      75K  78643K      2046        0
        subproc   104      6K       6K  78643K       741        0
    NFS srvsock     1      0K       0K  78643K         1        0
     NFS daemon     1     16K      16K  78643K         1        0
    ip_moptions     0      0K       0K  78643K       491        0
       in_multi    63      4K       6K  78643K       963        0
    ether_multi     1      0K       0K  78643K        41        0
            mrt     1      0K       0K  78643K        41        0
    ISOFS mount     1     32K      32K  78643K         1        0
  MSDOSFS mount     1     16K      16K  78643K         1        0
           ttys   163    731K     731K  78643K       163        0
           exec     0      0K       2K  78643K      3172        0
            tdb     3      0K       0K  78643K         3        0
        pagedep     1      8K       8K  78643K         1        0
       inodedep     1     32K      32K  78643K         1        0
         newblk     1      0K       0K  78643K         1        0
        VM swap     8     62K      64K  78643K        10        0
       UVM amap   400    534K     534K  78643K     44430        0
       UVM aobj   131      6K       6K  78643K       139        0
        memdesc     1      4K       4K  78643K         1        0
    crypto data     1      1K       1K  78643K         1        0
    ip6_options     4      0K       0K  78643K       263        0
            NDP    10      0K       2K  78643K       303        0
           temp   120   4730K    5754K  78643K     90429        0
         kqueue    12     18K      26K  78643K       558        0
      SYN cache     2     16K      16K  78643K         2        0
ddb> show all pools
Name      Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle
rtpcb      120      574    0      571     6     5     1     3     0     8    0
rtentry    112      883    0      816     4     1     3     4     0     8    0
unpcb      144     6298    0     6285    64    60     4    10     0     8    3
syncache   296       27    0       27     6     5     1     1     0     8    1
tcpqe       32       16    0       16     4     3     1     1     0     8    1
tcpcb      768     1881    0     1871    80    77     3    18     0     8    1
arp         88      123    0      111     1     0     1     1     0     8    0
ipq         40        4    0        3     3     2     1     1     0     8    0
ipqe        40       13    0       12     3     2     1     1     0     8    0
inpcb      336     5886    0     5875    94    85     9    17     0     8    8
ip6q        72        2    0        2     1     1     0     1     0     8    0
ip6af       40        4    0        4     1     1     0     1     0     8    0
nd6         48      221    0      206     1     0     1     1     0     8    0
kcovpl      48       57    0       49     1     0     1     1     0     8    0
mppekey    1024       3    0        3     1     1     0     1     0     8    0
ppxss      1160      92    0       92     9     9     0     1     0     8    0
pppxif     1608      11    0       11     3     3     0     1     0     8    0
pfstscr     40     1641    0     1635     1     0     1     1     0     8    0
pfosfp      40       72    0       69     1     0     1     1     0     8    0
pfosfpen   112       72    0        1     3     0     3     3     0     8    0
pfrktable  1344     629    0      622     4     3     1     1     0     8    0
pfanchor   1280     574    2       67    43     0    43    43     0     8    0
pftag       88        9    0        6     3     2     1     1     0     8    0
pfqueue    264       76    0       76     4     4     0     1     0     8    0
pfstitem    24       93    0       87     1     0     1     1     0     8    0
pfstkey    120     1641    0     1637     1     0     1     1     0     8    0
pfstate    336      824    0      821     1     0     1     1     0     8    0
pfrule     1360     306    0      271    11     8     3     3     0     8    0
rttmr      136       12    0       12     2     2     0     1     0     8    0
art_heap8  4096       4    0        3     4     3     1     2     0     8    0
art_heap4  256     4165    0     3874    47    20    27    29     0     8    1
art_table   32     4169    0     3877     4     0     4     4     0     8    0
art_node    16      882    0      823     1     0     1     1     0     8    0
sysvmsgpl   40       62    0       37     1     0     1     1     0     8    0
semapl     112      578    0      568     1     0     1     1     0     8    0
shmpl      112      136    0        8     4     0     4     4     0     8    0
dirhash    1024      17    0        0     3     0     3     3     0     8    0
dino2pl    256    11591    0    10135    92     0    92    92     0     8    0
ffsino     240    11591    0    10135    86     0    86    86     0     8    0
nchpl      144    22371    0    20742    63     1    62    63     0     8    0
rtmask      32        2    0        2     1     1     0     1     0     8    0
uvmvnodes   80     5926    0        0   121     0   121   121     0     8    0
vnodes     216     5926    0        0   330     0   330   330     0     8    0
namei      1024   89580    0    89580     4     3     1     2     0     8    1
vcpupl     2048      72    0        1     9     0     9     9     0     8    0
vmpool     536       94    0       23     5     0     5     5     0     8    0
pfiaddrpl  120      191    0      174     3     2     1     1     0     8    0
kstatmem   264      298    0      278     2     0     2     2     0     8    0
scsiplug    72        8    0        8     2     2     0     1     0     8    0
scxspl     216    60707    0    60707    18    17     1     8     0     8    1
plimitpl   152      896    0      881     1     0     1     1     0     8    0
sigapl     424     8411    0     8344     8     0     8     8     0     8    0
futexpl     64    75469    0    75462     1     0     1     1     0     8    0
knotepl    120   124156    0   124076    48    43     5    11     0     8    0
kqueuepl   184     1315    0     1307    17    16     1     4     0     8    0
pipepl     288     1707    0     1679    32    29     3     7     0     8    0
fdescpl    432     8373    0     8345     4     0     4     4     0     8    0
filepl     120    60287    0    60011    69    57    12    16     0     8    2
lockfpl    104     3215    0     3213     7     6     1     2     0     8    0
lockfspl    48      798    0      796     1     0     1     1     0     8    0
sessionpl  144       74    0       58     1     0     1     1     0     8    0
pgrppl      48       81    0       65     1     0     1     1     0     8    0
ucredpl    104     6563    0     6552     1     0     1     1     0     8    0
zombiepl   144     8345    0     8344     1     0     1     1     0     8    0
processpl  1000    8411    0     8344    10     1     9     9     0     8    0
procpl     672    20003    0    19915    21    12     9     9     0     8    1
sosppl     168       66    0       66    10    10     0     1     0     8    0
sockpl     456    12758    0    12731   343   327    16    34     0     8   12
mcl64k     65536    301    0      301    10     9     1     1     0     8    1
mcl16k     16384    137    0      137    10     9     1     1     0     8    1
mcl12k     12288    281    0      281     9     8     1     1     0     8    1
mcl9k      9216     126    0      126    12    11     1     1     0     8    1
mcl8k      8192     726    0      725     4     3     1     2     0     8    0
mcl4k      4096    1319    0     1319     4     3     1     1     0     8    1
mcl2k2     2112     133    0      133    13    12     1     1     0     8    1
mcl2k      2048   91222    0    91162    25    16     9    13     0     8    0
mtagpl      96      565    0      554     9     5     4     5     0     8    3
mbufpl     256   230418    0   230203   813   788    25   572     0     8    1
bufpl      288    15173    0     8773   458     0   458   458     0     8    0
anonpl      24  1508044    0  1488847   188    70   118   129     0   188    1
amapchunkpl 152  127350    0   126626    72    42    30    40     0   158    1
amappl16   200    20245    0    19587    89    53    36    48     0     8    0
amappl15   192     1390    0     1379     2     1     1     2     0     8    0
amappl14   184     1385    0     1381     1     0     1     1     0     8    0
amappl13   176     1298    0     1296     1     0     1     1     0     8    0
amappl12   168     1320    0     1312     1     0     1     1     0     8    0
amappl11   160      165    0      154     1     0     1     1     0     8    0
amappl10   152     1579    0     1568     1     0     1     1     0     8    0
amappl9    144     1682    0     1677     1     0     1     1     0     8    0
amappl8    136     2272    0     2181     4     0     4     4     0     8    0
amappl7    128      976    0      953     1     0     1     1     0     8    0
amappl6    120     1354    0     1327     2     1     1     2     0     8    0
amappl5    112     7547    0     7535     1     0     1     1     0     8    0
amappl4    104     2313    0     2278     2     1     1     2     0     8    0
amappl3     96    24135    0    24079     2     0     2     2     0     8    0
amappl2     88     3241    0     3189     3     1     2     3     0     8    0
amappl1     80   195035    0   194305    28    12    16    21     0     8    0
amappl      88    42990    0    42785     7     2     5     5     0    92    0
dma4096    4096       1    0        1     1     1     0     1     0     8    0
dma1024    1024       1    0        0     1     0     1     1     0     8    0
dma256     256        6    0        6     1     1     0     1     0     8    0
dma128     128      253    0      253     1     1     0     1     0     8    0
dma64       64        6    0        6     1     1     0     1     0     8    0
dma32       32        7    0        7     1     1     0     1     0     8    0
dma16       16       18    0       17     1     0     1     1     0     8    0
aobjpl      72      138    0        8     3     0     3     3     0     8    0
uaddrrnd    24     8466    0     8368     1     0     1     1     0     8    0
uaddrbest   32        2    0        0     1     0     1     1     0     8    0
uaddr       24     8466    0     8368     1     0     1     1     0     8    0
vmmpekpl   168    60747    0    60676     4     0     4     4     0     8    0
vmmpepl    168   826664    0   823717   243   100   143   151     0   357    6
vmsppl     272     8466    0     8368     8     1     7     7     0     8    0
rwobjpl     24   194534    0   186652    50     1    49    50     0     8    0
pdppl      4096   16939    0    16807   642   509   133   136     0     8    1
pdppl: pool(0xffffffff829db668:pdppl): free list modified: page 0xfffffd807c79f000; item ordinal 0; addr 0xfffffd807c79f000 (p 0xfffffd8075ac6000); offset 0x0=0x11e57ed0
pool(pdppl): free list modified: page 0xfffffd807c79f000; item ordinal 0; addr 0xfffffd807c79f000 (p 0xfffffd8075ac6000); offset 0x0=0x0
pdppl: pool(0xffffffff829db668:pdppl): page inconsistency: page 0xfffffd807c79f000; item ordinal 1; addr 0x1bfa9f830d82ddf2
pvpl        32  3041021    0  3016837   388   188   200   268     0   265    4
pmappl     216     8466    0     8368     6     0     6     6     0     8    0
extentpl    40       56    0       38     1     0     1     1     0     8    0
phpool     112     2361    0     1489    43    15    28    41     0     8    0
ddb> machine ddbcpu 0
No such command
ddb> trace
db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:437
panic(ffffffff82618cf2) at panic+0x161 sys/kern/subr_prf.c:198
pool_do_get(ffffffff829db668,1,ffff8000231c5628) at pool_do_get+0x427 sys/kern/subr_pool.c:738
pool_get(ffffffff829db668,1) at pool_get+0xb3 sys/kern/subr_pool.c:582
pmap_create() at pmap_create+0x13f sys/arch/amd64/amd64/pmap.c:1337
uvmspace_fork(ffff800021711798) at uvmspace_fork+0x60 uvmspace_init sys/uvm/uvm_map.c:3325 [inline]
uvmspace_fork(ffff800021711798) at uvmspace_fork+0x60 uvmspace_alloc sys/uvm/uvm_map.c:3303 [inline]
uvmspace_fork(ffff800021711798) at uvmspace_fork+0x60 sys/uvm/uvm_map.c:3896
process_new(ffff8000231f5510,ffff800021711798,1) at process_new+0x304 sys/kern/kern_fork.c:260
fork1(ffff8000217ae2a8,1,ffffffff81ca0de0,0,ffff8000231c5900,0) at fork1+0x30c sys/kern/kern_fork.c:379
syscall(ffff8000231c5970) at syscall+0x447 sys/arch/amd64/amd64/trap.c:585
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x7f7ffffe0850, count: -10
ddb> machine ddbcpu 1
No such command
ddb> trace
db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:437
panic(ffffffff82618cf2) at panic+0x161 sys/kern/subr_prf.c:198
pool_do_get(ffffffff829db668,1,ffff8000231c5628) at pool_do_get+0x427 sys/kern/subr_pool.c:738
pool_get(ffffffff829db668,1) at pool_get+0xb3 sys/kern/subr_pool.c:582
pmap_create() at pmap_create+0x13f sys/arch/amd64/amd64/pmap.c:1337
uvmspace_fork(ffff800021711798) at uvmspace_fork+0x60 uvmspace_init sys/uvm/uvm_map.c:3325 [inline]
uvmspace_fork(ffff800021711798) at uvmspace_fork+0x60 uvmspace_alloc sys/uvm/uvm_map.c:3303 [inline]
uvmspace_fork(ffff800021711798) at uvmspace_fork+0x60 sys/uvm/uvm_map.c:3896
process_new(ffff8000231f5510,ffff800021711798,1) at process_new+0x304 sys/kern/kern_fork.c:260
fork1(ffff8000217ae2a8,1,ffffffff81ca0de0,0,ffff8000231c5900,0) at fork1+0x30c sys/kern/kern_fork.c:379
syscall(ffff8000231c5970) at syscall+0x447 sys/arch/amd64/amd64/trap.c:585
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x7f7ffffe0850, count: -10

Crashes (1):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets Title
ci-openbsd-main 2022/10/22 06:58 openbsd 3fb2197480c3 c0b80a55 .config console log report [disk image] [bsd.gdb] [kernel image] pool: free list modified: pdppl
* Struck through repros no longer work on HEAD.