panic: kernel diagnostic assertion "mhead->m_flags & M_PKTHDR" failed: file "/syzkaller/managers/main/kernel/sys/net/switchctl.c", line 238
Stopped at db_enter+0x18: addq $0x8,%rsp
TID PID UID PRFLAGS PFLAGS CPU COMMAND
*220298 53922 0 0 0x4000000 0 syz-executor.1
db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:398
panic() at panic+0x15c sys/kern/subr_prf.c:207
__assert(ffffffff821f9c5a,ffffffff82231713,ee,ffffffff82185c23) at __assert+0x2b sys/kern/subr_prf.c:154
switchwrite(86128,ffff80001594be30,11) at switchwrite+0x44f sys/net/switchctl.c:238
spec_write(ffff80001594bc10) at spec_write+0xcc sys/kern/spec_vnops.c:309
VOP_WRITE(fffffd802da3e0e0,ffff80001594be30,11,fffffd803f7c6cc0) at VOP_WRITE+0xc6 sys/kern/vfs_vops.c:269
vn_write(fffffd803755b3c0,ffff80001594be30,1) at vn_write+0x194 sys/kern/vfs_vnops.c:414
dofilewritev(ffff8000ffff3968,3,ffff80001594be30,1,ffff80001594bf20) at dofilewritev+0x1ac sys/kern/sys_generic.c:364
sys_pwritev(ffff8000ffff3968,ffff80001594bed8,ffff80001594bf20) at sys_pwritev+0xb8 sys/kern/vfs_syscalls.c:3260
syscall(ffff80001594bfa0) at syscall+0x507 sys/arch/amd64/amd64/trap.c:555
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0xa71b4706bb0, count: 4
https://www.openbsd.org/ddb.html describes the minimum info required in bug
reports. Insufficient info makes it difficult to find and fix bugs.
ddb>
ddb> set $lines = 0
ddb> set $maxwidth = 0
ddb> show panic
kernel diagnostic assertion "mhead->m_flags & M_PKTHDR" failed: file "/syzkaller/managers/main/kernel/sys/net/switchctl.c", line 238
ddb> trace
db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:398
panic() at panic+0x15c sys/kern/subr_prf.c:207
__assert(ffffffff821f9c5a,ffffffff82231713,ee,ffffffff82185c23) at __assert+0x2b sys/kern/subr_prf.c:154
switchwrite(86128,ffff80001594be30,11) at switchwrite+0x44f sys/net/switchctl.c:238
spec_write(ffff80001594bc10) at spec_write+0xcc sys/kern/spec_vnops.c:309
VOP_WRITE(fffffd802da3e0e0,ffff80001594be30,11,fffffd803f7c6cc0) at VOP_WRITE+0xc6 sys/kern/vfs_vops.c:269
vn_write(fffffd803755b3c0,ffff80001594be30,1) at vn_write+0x194 sys/kern/vfs_vnops.c:414
dofilewritev(ffff8000ffff3968,3,ffff80001594be30,1,ffff80001594bf20) at dofilewritev+0x1ac sys/kern/sys_generic.c:364
sys_pwritev(ffff8000ffff3968,ffff80001594bed8,ffff80001594bf20) at sys_pwritev+0xb8 sys/kern/vfs_syscalls.c:3260
syscall(ffff80001594bfa0) at syscall+0x507 sys/arch/amd64/amd64/trap.c:555
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0xa71b4706bb0, count: -11
ddb> show registers
rdi 0xffffffff819e8e47 db_enter+0x17
rsi 0x496b __ALIGN_SIZE+0x396b
rbp 0xffff80001594ba10
rbx 0xffff80001594bac0
rdx 0x496c __ALIGN_SIZE+0x396c
rcx 0xffff800017b4d000
rax 0xffff800017b4d000
r8 0xffff80001594b9d0
r9 0x1
r10 0xffff800000075e80
r11 0xaffdde8945b05321
r12 0x3000000008
r13 0xffff80001594ba20
r14 0x100
r15 0x1
rip 0xffffffff819e8e48 db_enter+0x18
cs 0x8
rflags 0x246
rsp 0xffff80001594ba00
ss 0x10
db_enter+0x18: addq $0x8,%rsp
ddb> show proc
PROC (syz-executor.1) pid=220298 stat=onproc
flags process=0 proc=4000000<THREAD>
pri=86, usrpri=86, nice=20
forw=0xffffffffffffffff, list=0xffff8000ffff27b0,0xffff8000ffff36f0
process=0xffff8000ffff6e10 user=0xffff800015947000, vmspace=0xfffffd803f012880
estcpu=36, cpticks=2, pctcpu=0.0
user=0, sys=2, intr=0
ddb> ps
PID TID PPID UID S FLAGS WAIT COMMAND
53922 254006 20477 0 2 0 syz-executor.1
*53922 220298 20477 0 7 0x4000000 syz-executor.1
53922 140394 20477 0 3 0x4000080 fsleep syz-executor.1
20477 279506 23120 0 3 0x82 nanosleep syz-executor.1
89779 257648 0 0 3 0x14200 acct acct
13303 284013 0 0 3 0x14200 bored sosplice
51798 368019 23120 0 2 0x482 syz-executor.0
23120 203583 20616 0 3 0x82 thrsleep syz-fuzzer
23120 51805 20616 0 2 0x4000482 syz-fuzzer
23120 45205 20616 0 3 0x4000082 thrsleep syz-fuzzer
23120 384402 20616 0 3 0x4000082 thrsleep syz-fuzzer
23120 218943 20616 0 3 0x4000082 thrsleep syz-fuzzer
23120 503969 20616 0 3 0x4000082 kqread syz-fuzzer
23120 443794 20616 0 3 0x4000082 thrsleep syz-fuzzer
20616 323385 37264 0 3 0x10008a pause ksh
37264 235411 62874 0 3 0x92 select sshd
19234 132413 1 0 3 0x100083 ttyin getty
62874 84448 1 0 3 0x80 select sshd
5144 435129 5100 73 3 0x100090 kqread syslogd
5100 232684 1 0 3 0x100082 netio syslogd
59308 99709 1 77 3 0x100090 poll dhclient
43750 430950 1 0 3 0x80 poll dhclient
28724 131720 0 0 2 0x14200 zerothread
78168 424896 0 0 3 0x14200 aiodoned aiodoned
50252 161966 0 0 3 0x14200 syncer update
24643 93202 0 0 3 0x14200 cleaner cleaner
50209 240945 0 0 3 0x14200 reaper reaper
27377 404653 0 0 3 0x14200 pgdaemon pagedaemon
80785 200697 0 0 3 0x14200 bored crynlk
30626 76368 0 0 3 0x14200 bored crypto
24659 8682 0 0 3 0x40014200 acpi0 acpi0
66515 159633 0 0 3 0x14200 bored softnet
41353 276600 0 0 3 0x14200 bored systqmp
55313 189657 0 0 3 0x14200 bored systq
58853 8689 0 0 2 0x40014200 softclock
1098 275256 0 0 3 0x40014200 idle0
93153 38969 0 0 3 0x14200 bored smr
1 492653 0 0 3 0x82 wait init
0 0 -1 0 3 0x10200 scheduler swapper
ddb> show all locks
No such command
ddb> show malloc
Type InUse MemUse HighUse Limit Requests Type Lim
devbuf 9503 6986K 7557K 78643K 11637 0
pcb 13 10K 12K 78643K 119 0
rtable 110 3K 4K 78643K 354 0
ifaddr 67 13K 13K 78643K 135 0
counters 19 16K 16K 78643K 19 0
ioctlops 0 0K 2K 78643K 35 0
iov 1 2K 16K 78643K 55 0
mount 1 1K 1K 78643K 1 0
vnodes 1218 77K 77K 78643K 1626 0
UFS quota 1 32K 32K 78643K 1 0
UFS mount 5 36K 36K 78643K 5 0
shm 2 1K 5K 78643K 5 0
VM map 4 1K 1K 78643K 4 0
sem 12 0K 1K 78643K 68 0
dirhash 12 2K 2K 78643K 12 0
ACPI 1794 195K 288K 78643K 12646 0
file desc 5 13K 25K 78643K 400 0
sigio 0 0K 0K 78643K 19 0
proc 49 38K 63K 78643K 440 0
subproc 32 2K 2K 78643K 51 0
NFS srvsock 1 0K 0K 78643K 1 0
NFS daemon 1 16K 16K 78643K 1 0
ip_moptions 0 0K 0K 78643K 41 0
in_multi 49 3K 3K 78643K 71 0
ether_multi 1 0K 0K 78643K 5 0
mrt 0 0K 0K 78643K 2 0
ISOFS mount 1 32K 32K 78643K 1 0
MSDOSFS mount 1 16K 16K 78643K 1 0
ttys 96 424K 424K 78643K 96 0
exec 0 0K 1K 78643K 231 0
pagedep 1 8K 8K 78643K 1 0
inodedep 1 32K 32K 78643K 1 0
newblk 1 0K 0K 78643K 1 0
VM swap 7 26K 26K 78643K 7 0
UVM amap 114 22K 27K 78643K 1977 0
UVM aobj 26 2K 2K 78643K 26 0
memdesc 1 4K 4K 78643K 1 0
crypto data 1 1K 1K 78643K 1 0
ip6_options 0 0K 0K 78643K 94 0
NDP 11 0K 0K 78643K 27 0
temp 130 3558K 4189K 78643K 20529 0
kqueue 0 0K 0K 78643K 2 0
SYN cache 2 16K 16K 78643K 2 0
ddb> show all pools
Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle
arp 64 11 0 5 1 0 1 1 0 8 0
rtpcb 96 50 0 48 1 0 1 1 0 8 0
rtentry 112 65 0 20 2 0 2 2 0 8 0
unpcb 120 279 0 271 1 0 1 1 0 8 0
syncache 280 4 0 4 1 1 0 1 0 8 0
tcpqe 32 118 0 118 1 1 0 1 0 8 0
tcpcb 640 1006 0 1001 33 31 2 18 0 8 1
ipq 40 7 0 7 2 2 0 1 0 8 0
ipqe 40 149 0 149 2 2 0 1 0 8 0
inpcb 280 1353 0 1346 18 15 3 9 0 8 2
nd6 48 6 0 2 1 0 1 1 0 8 0
pkpcb 40 4 0 4 2 2 0 1 0 8 0
ppxss 1128 5 0 5 3 3 0 1 0 8 0
art_heap8 4096 2 0 0 2 0 2 2 0 8 0
art_heap4 256 270 0 47 15 1 14 14 0 8 0
art_table 32 272 0 47 2 0 2 2 0 8 0
art_node 16 64 0 23 1 0 1 1 0 8 0
sysvmsgpl 40 50 0 30 1 0 1 1 0 8 0
semupl 112 2 0 2 1 1 0 1 0 8 0
semapl 112 66 0 56 1 0 1 1 0 8 0
shmpl 112 24 0 0 1 0 1 1 0 8 0
dirhash 1024 17 0 0 3 0 3 3 0 8 0
dino1pl 128 2015 0 618 46 0 46 46 0 8 0
ffsino 240 2015 0 618 83 0 83 83 0 8 0
nchpl 144 2766 0 1164 60 0 60 60 0 8 0
uvmvnodes 72 2330 0 0 43 0 43 43 0 8 0
vnodes 208 2330 0 0 123 0 123 123 0 8 0
namei 1024 8269 0 8269 1 0 1 1 0 8 1
vcpupl 1984 2 0 0 1 0 1 1 0 8 0
vmpool 520 2 0 0 1 0 1 1 0 8 0
scxspl 208 7430 0 7430 8 7 1 7 0 8 1
plimitpl 152 48 0 41 1 0 1 1 0 8 0
sigapl 432 567 0 554 2 0 2 2 0 8 0
futexpl 56 13341 0 13340 1 0 1 1 0 8 0
knotepl 112 122 0 103 1 0 1 1 0 8 0
kqueuepl 104 467 0 465 7 6 1 4 0 8 0
pipepl 128 448 0 429 4 2 2 2 0 8 1
fdescpl 424 568 0 554 2 0 2 2 0 8 0
filepl 120 5440 0 5342 18 13 5 11 0 8 1
lockfpl 104 150 0 149 1 0 1 1 0 8 0
lockfspl 48 60 0 59 1 0 1 1 0 8 0
sessionpl 128 18 0 8 1 0 1 1 0 8 0
pgrppl 48 18 0 8 1 0 1 1 0 8 0
ucredpl 96 993 0 986 1 0 1 1 0 8 0
zombiepl 144 554 0 553 1 0 1 1 0 8 0
processpl 896 584 0 553 4 0 4 4 0 8 0
procpl 648 1171 0 1132 5 1 4 5 0 8 0
sosppl 144 10 0 10 3 2 1 1 0 8 1
sockpl 384 1688 0 1669 27 21 6 14 0 8 4
mcl64k 65536 40 0 39 3 2 1 1 0 8 0
mcl16k 16384 13 0 13 3 2 1 1 0 8 1
mcl12k 12288 21 0 21 3 2 1 1 0 8 1
mcl9k 9216 5 0 5 4 3 1 1 0 8 1
mcl8k 8192 11 0 11 4 3 1 1 0 8 1
mcl4k 4096 43 0 43 2 1 1 1 0 8 1
mcl2k2 2112 6 0 6 2 2 0 1 0 8 0
mcl2k 2048 70546 0 70521 15 11 4 11 0 8 0
mtagpl 80 21 0 9 2 1 1 1 0 8 0
mbufpl 256 116178 0 116071 33 22 11 20 0 8 2
bufpl 280 6778 0 1923 347 0 347 347 0 8 0
anonpl 16 91548 0 74087 101 12 89 96 0 62 8
amapchunkpl 152 3403 0 3251 12 3 9 12 0 158 0
amappl16 192 3826 0 2742 79 23 56 66 0 8 1
amappl14 176 205 0 201 1 0 1 1 0 8 0
amappl13 168 1 0 0 1 0 1 1 0 8 0
amappl12 160 190 0 188 2 1 1 1 0 8 0
amappl11 152 65 0 52 1 0 1 1 0 8 0
amappl10 144 21 0 18 1 0 1 1 0 8 0
amappl9 136 550 0 546 1 0 1 1 0 8 0
amappl8 128 188 0 154 2 0 2 2 0 8 0
amappl7 120 40 0 35 1 0 1 1 0 8 0
amappl6 112 76 0 64 1 0 1 1 0 8 0
amappl5 104 375 0 364 1 0 1 1 0 8 0
amappl4 96 794 0 761 1 0 1 1 0 8 0
amappl3 88 280 0 274 1 0 1 1 0 8 0
amappl2 80 3634 0 3566 3 1 2 3 0 8 0
amappl1 72 20106 0 19690 26 16 10 20 0 8 0
amappl 80 1473 0 1425 2 0 2 2 0 84 0
dma4096 4096 1 0 1 1 1 0 1 0 8 0
dma256 256 6 0 6 1 1 0 1 0 8 0
dma128 128 253 0 253 1 1 0 1 0 8 0
dma64 64 6 0 6 1 1 0 1 0 8 0
dma32 32 7 0 7 1 1 0 1 0 8 0
dma16 16 18 0 17 1 0 1 1 0 8 0
aobjpl 64 25 0 0 1 0 1 1 0 8 0
uaddrrnd 24 570 0 554 1 0 1 1 0 8 0
uaddrbest 32 2 0 0 1 0 1 1 0 8 0
uaddr 24 570 0 554 1 0 1 1 0 8 0
vmmpekpl 168 8602 0 8576 2 0 2 2 0 8 0
vmmpepl 168 76315 0 74145 172 35 137 137 0 357 37
vmsppl 272 567 0 554 2 1 1 2 0 8 0
pdppl 4096 1146 0 1110 6 1 5 6 0 8 0
pvpl 32 237590 0 216952 229 14 215 223 0 265 28
pmappl 200 569 0 554 1 0 1 1 0 8 0
extentpl 40 46 0 29 1 0 1 1 0 8 0
phpool 112 174 0 46 4 0 4 4 0 8 0