panic: Bad tailq NEXT(ADDR->tqh

panic: Bad tailq NEXT(ADDR->tqh_last) != NULL

Status: auto-closed as invalid on 2019/10/25 08:50
Reported-by: syzbot+6fc50d56a0497637a4d9@syzkaller.appspotmail.com
First crash: 1806d, last: 1806d

▶ ▼ Similar bugs (3)

Kernel	Title	Repro	Count	Last	Reported	Patched	Status
freebsd	panic: Bad tailq NEXT(ADDR->tqh_last) != NULL (4)	C	147	1016d	1239d	2/2	fixed on 2021/09/20 20:59
freebsd	panic: Bad tailq NEXT(ADDR->tqh_last) != NULL (2)	C	2194	1241d	1463d	0/2	closed as invalid on 2020/11/23 15:16
freebsd	panic: Bad tailq NEXT(ADDR->tqh_last) != NULL (3)	C	12	1240d	1241d	2/2	fixed on 2020/11/25 19:45

Sample crash report:

Feb 18 13:56:40 ci-freebsd-main-6 kernpanic: Bad tailq NEXT(0xffffffff828d6938->tqh_last) != NULL
cpuid = 0
time = 4197400
KDB: stack backtrace:
db_trace_self_wrapper() at db_trace_self_wrapper+0x47/frame 0xfffffe0028a4f480
vpanic() at vpanic+0x1e0/frame 0xfffffe0028a4f4e0
panic() at panic+0x43/frame 0xfffffe0028a4f540
authunix_create() at authunix_create+0x801/frame 0xfffffe0028a4f800
sys_nlm_syscall() at sys_nlm_syscall+0xed/frame 0xfffffe0028a4f980
amd64_syscall() at amd64_syscall+0x436/frame 0xfffffe0028a4fab0
fast_syscall_common() at fast_syscall_common+0x101/frame 0xfffffe0028a4fab0
--- syscall (154, FreeBSD ELF64, sys_nlm_syscall), rip = 0x20000009, rsp = 0x7fffdfffdeb8, rbp = 0x98 ---
KDB: enter: panic
[ thread pid 1963 tid 100540 ]
Stopped at      kdb_enter+0x6a: movq    $0,kdb_why

Crashes (1):
Time	Kernel	Commit	Syzkaller	Config	Log	Report	Syz repro	C repro	VM info	Assets (help?)	Manager	Title
2019/05/09 01:56	freebsd	db5d04b9f424	1bb034d0		console log	report					ci-freebsd-main

* ~~Struck through~~ repros no longer work on HEAD.