syzbot

 sign-in | mailing list | source | docs
🐞 Open [52] 🐞 Fixed [315] 🐞 Invalid [326] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

panic: udp6_output: non-excl udbinfo lock, excl inp lock: pcbinfo ADDR 0x1 inp ADDR 0x2

Status: fixed on 2019/07/13 20:54
Reported-by: syzbot+c5ffbc8f14294c7b0e54@syzkaller.appspotmail.com
Fix commit: 9e44bc22d884 r348494 fixes a race in udp_output(). The same race exists in udp_output6(), therefore apply a similar patch to IPv6.
First crash: 1768d, last: 1768d

Sample crash report:
panic: udp6_output: non-excl udbinfo lock, excl inp lock: pcbinfo 0xfffffe000026f9c8 0x1 inp 0xfffff80003db97a0 0x2
cpuid = 0
time = 135
KDB: stack backtrace:
db_trace_self_wrapper() at db_trace_self_wrapper+0x47/frame 0xfffffe0020f0d4b0
vpanic() at vpanic+0x1e0/frame 0xfffffe0020f0d510
panic() at panic+0x43/frame 0xfffffe0020f0d570
udp6_send() at udp6_send+0x1175/frame 0xfffffe0020f0d730
sosend_dgram() at sosend_dgram+0x550/frame 0xfffffe0020f0d7a0
sosend() at sosend+0xc6/frame 0xfffffe0020f0d810
kern_sendit() at kern_sendit+0x35e/frame 0xfffffe0020f0d8c0
sendit() at sendit+0x225/frame 0xfffffe0020f0d920
sys_sendmsg() at sys_sendmsg+0x8b/frame 0xfffffe0020f0d980
amd64_syscall() at amd64_syscall+0x436/frame 0xfffffe0020f0dab0
fast_syscall_common() at fast_syscall_common+0x101/frame 0xfffffe0020f0dab0
--- syscall (198, FreeBSD ELF64, nosys), rip = 0x4131fa, rsp = 0x7fffdffdcf38, rbp = 0x3 ---
KDB: enter: panic
[ thread pid 8639 tid 100869 ]
Stopped at      kdb_enter+0x6a: movq    $0,kdb_why

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2019/06/24 01:54 freebsd e589cda98324 472f0082 console log report ci-freebsd-main
* Struck through repros no longer work on HEAD.