failed to run ["ssh" "-p" "22" "-F" "/dev/null" "-o" "UserKnownHostsFile=/dev/null" "-o" "BatchMode=yes" "-o" "IdentitiesOnly=yes" "-o" "StrictHostKeyChecking=no" "-o" "ConnectTimeout=10" "-i" "/syzkaller/managers/i386/latest.tmp/key" "root@10.128.0.166" "pwd"]: exit status 255 ssh: connect to host 10.128.0.166 port 22: Operation timed out Pseudo-terminal will not be allocated because stdin is not a terminal. Warning: Permanently added '[ssh-serialport.googleapis.com]:9600' (RSA) to the list of known hosts. SeaBIOS (version 1.8.2-20190909_225952-google) Total RAM Size = 0x0000000080000000 = 2048 MiB 2019/10/8 16:21:48 Begin firmware boot time (Seabios) CPUs found: 2 Max CPUs supported: 2 Comparing RSDP and RSDP Comparing RSDT and RSDT Comparing FACP and FACP Comparing FACS and FACS return 0 for FACS vs FACS: SUCCESS Comparing DSDT and DSDT return 0 for DSDT vs DSDT: SUCCESS return 0 for FACP vs FACP: SUCCESS Comparing SRAT and SRAT return 0 for SRAT vs SRAT: SUCCESS Comparing APIC and APIC return 0 for APIC vs APIC: SUCCESS Comparing SSDT and SSDT return 0 for SSDT vs SSDT: SUCCESS Comparing WAET and WAET return 0 for WAET vs WAET: SUCCESS return 0 for RSDT vs RSDT: SUCCESS return 0 for RSDP vs RSDP: SUCCESS found virtio-scsi at 0:3 virtio-scsi vendor='Google' product='PersistentDisk' rev='1' type=0 removable=0 virtio-scsi blksize=512 sectors=6291456 = 3072 MiB drive 0x000f2560: PCHS=0/0/0 translation=lba LCHS=780/128/63 s=6291456 2019/10/8 16:21:48 End firmware boot time (Seabios) Sending Seabios boot VM event. Booting from Hard Disk 0... Loading /boot/loader.conf.local -\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-Loading kernel... \|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\/boot/kernel/kernel text=0x1cad170 |/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-\|/-data=0x23ea88+0x63ea08 \|/-\|/-\|/-\|/-\|syms=[0x8+0x1a8a10/-\|/-\|/-\|/-+0x8+0x197af2\|/-\|/-\|/-\] Loading configured modules... |/-\|/-\/boot/entropy size=0x1000 |/-\|/GDB: no debug ports present KDB: debugger backends: ddb KDB: current backend: ddb ---<>--- Copyright (c) 1992-2019 The FreeBSD Project. Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994 The Regents of the University of California. All rights reserved. FreeBSD is a registered trademark of The FreeBSD Foundation. FreeBSD 13.0-CURRENT #241 92f05be957a-c263223(HEAD): Tue Oct 8 16:14:39 UTC 2019 root@ci-freebsd:/syzkaller/managers/i386/kernel/obj/syzkaller/managers/i386/kernel/amd64.amd64/sys/SYZKALLER amd64 FreeBSD clang version 8.0.1 (tags/RELEASE_801/final 366581) (based on LLVM 8.0.1) WARNING: WITNESS option enabled, expect reduced performance. WARNING: DIAGNOSTIC option enabled, expect reduced performance. Entering uma_startup with 6 boot pages configured startup_alloc from "UMA Kegs", 5 boot pages left startup_alloc from "UMA Zones", 4 boot pages left startup_alloc from "UMA Zones", 3 boot pages left startup_alloc from "UMA Hash", 2 boot pages left startup_alloc from "UMA Zones", 1 boot pages left Entering uma_startup1 with 0 boot pages left Entering uma_startup2 with 0 boot pages left VT(vga): text 80x25 CPU: Intel(R) Xeon(R) CPU @ 2.30GHz (2299.90-MHz K8-class CPU) Origin="GenuineIntel" Id=0x306f0 Family=0x6 Model=0x3f Stepping=0 Features=0x1f83fbff Features2=0xfefa3223 AMD Features=0x2c100800 AMD Features2=0x21 Structured Extended Features=0x27eb Structured Extended Features3=0xac000400 XSAVE Features=0x1 IA32_ARCH_CAPS=0xc VT-x: PAT,HLT,PAUSE,EPT,UG,VPID TSC: P-state invariant Hypervisor: Origin = "KVMKVMKVM" real memory = 2147483648 (2048 MB) avail memory = 2030366720 (1936 MB) Event timer "LAPIC" quality 600 ACPI APIC Table: FreeBSD/SMP: Multiprocessor System Detected: 2 CPUs FreeBSD/SMP: 1 package(s) x 1 core(s) x 2 hardware threads random: registering fast source Intel Secure Key RNG random: fast provider: "Intel Secure Key RNG" random: unblocking device. ioapic0 irqs 0-23 Launching APs: 1 random: entropy device external interface kbd1 at kbdmux0 000.000044 [4335] netmap_init netmap: loaded module module_register_init: MOD_LOAD (vesa, 0xffffffff81767bf0, 0) error 19 [ath_hal] loaded nexus0 vtvga0: cryptosoft0: acpi0: acpi0: Power Button (fixed) acpi0: Sleep Button (fixed) cpu0: on acpi0 atrtc0: port 0x70-0x71,0x72-0x77 irq 8 on acpi0 atrtc0: registered as a time-of-day clock, resolution 1.000000s Event timer "RTC" frequency 32768 Hz quality 0 Timecounter "ACPI-fast" frequency 3579545 Hz quality 900 acpi_timer0: <24-bit timer at 3.579545MHz> port 0xb008-0xb00b on acpi0 pcib0: port 0xcf8-0xcff on acpi0 pci0: on pcib0 isab0: at device 1.0 on pci0 isa0: on isab0 pci0: at device 1.3 (no driver attached) virtio_pci0: port 0xc000-0xc03f mem 0xfebfe000-0xfebfe07f irq 11 at device 3.0 on pci0 vtscsi0: on virtio_pci0 virtio_pci1: port 0xc040-0xc07f mem 0xfebff000-0xfebff07f irq 11 at device 4.0 on pci0 vtnet0: on virtio_pci1 vtnet0: Ethernet address: 42:01:0a:80:00:a6 vtnet0: netmap queues/slots: TX 2/2048, RX 2/2048 000.000122 [ 503] vtnet_netmap_attach vtnet attached txq=2, txd=2048 rxq=2, rxd=2048 atkbdc0: port 0x60,0x64 irq 1 on acpi0 atkbd0: irq 1 on atkbdc0 kbd0 at atkbd0 atkbd0: [GIANT-LOCKED] psm0: irq 12 on atkbdc0 psm0: [GIANT-LOCKED] psm0: model IntelliMouse Explorer, device ID 4 uart0: <16550 or compatible> port 0x3f8-0x3ff irq 4 flags 0x10 on acpi0 uart0: console (9600,n,8,1) uart1: <16550 or compatible> port 0x2f8-0x2ff irq 3 on acpi0 uart2: <16550 or compatible> port 0x3e8-0x3ef irq 6 on acpi0 uart3: <16550 or compatible> port 0x2e8-0x2ef irq 7 on acpi0 orm0: at iomem 0xeb800-0xeffff pnpid ORM0000 on isa0 vga0: at port 0x3b0-0x3bb iomem 0xb0000-0xb7fff pnpid PNP0900 on isa0 attimer0: at port 0x40 on isa0 Timecounter "i8254" frequency 1193182 Hz quality 0 attimer0: Can't map interrupt. NULL mp in getnewvnode(9), tag crossmp Timecounters tick every 10.000 msec usb_needs_explore_all: no devclass da0 at vtscsi0 bus 0 scbus0 target 1 lun 0 da0: Fixed Direct Access SPC-4 SCSI device da0: 300.000MB/s transfers da0: Command Queueing enabled da0: 3072MB (6291456 512 byte sectors) WARNING: WITNESS option enabled, expect reduced serialport: Connected to syzkaller.us-central1-c.ci-freebsd-i386-test-0 port 1 (session ID: c037f8659d4f965e2489e90c2d627ed833b61dc69ebbc35b29631f2e0209efea, active connections: 1). performance. WARNING: DIAGNOSTIC option enabled, expect reduced performance. Trying to mount root from ufs:/dev/gpt/rootfs [rw]... GEOM: da0: the secondary GPT header is not in the last LBA. Setting hostuuid: c5737494-45a4-11e9-9216-00a0980e0293. Setting hostid: 0xdcc40b08. No suitable dump device was found. Starting file system checks: /dev/gpt/rootfs: FILE SYSTEM CLEAN; SKIPPING CHECKS /dev/gpt/rootfs: clean, 188000 free (1264 frags, 23342 blocks, 0.2% fragmentation) Mounting local filesystems:. ELF ldconfig path: /lib /usr/lib /usr/lib/compat 32-bit compatibility ldconfig path: Setting hostname: freebsd. Setting up harvesting: PURE_RDRAND,[UMA],[FS_ATIME],SWI,INTERRUPT,NET_NG,[NET_ETHER],NET_TUN,MOUSE,KEYBOARD,ATTACH,CACHED Feeding entropy: . lo0: link state changed to UP vtnet0: link state changed to UP Starting Network: lo0 vtnet0. lo0: flags=8049 metric 0 mtu 16384 options=680003 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x2 inet 127.0.0.1 netmask 0xff000000 groups: lo nd6 options=23 vtnet0: flags=8943 metric 0 mtu 1500 options=6c07bb ether 42:01:0a:80:00:a6 inet6 fe80::4001:aff:fe80:a6%vtnet0 prefixlen 64 scopeid 0x1 media: Ethernet 10Gbase-T status: active nd6 options=23 Starting devd. Autoloading module: intpm.ko intsmb0: irq 9 at device 1.3 on pci0 intsmb0: Could not allocate I/O space device_attach: intsmb0 attach returned 6 Starting dhclient. panic: Assertion in_epoch(net_epoch_preempt) failed at /syzkaller/managers/i386/kernel/sys/net/if.c:3694 cpuid = 0 time = 1570551738 KDB: stack backtrace: db_trace_self_wrapper() at db_trace_self_wrapper+0x47/frame 0xfffffe001a110850 vpanic() at vpanic+0x1e0/frame 0xfffffe001a1108b0 panic() at panic+0x43/frame 0xfffffe001a110910 if_delmulti_ifma_flags() at if_delmulti_ifma_flags+0x1af/frame 0xfffffe001a110950 inm_release_task() at inm_release_task+0x345/frame 0xfffffe001a1109c0 gtaskqueue_run_locked() at gtaskqueue_run_locked+0x13e/frame 0xfffffe001a110a20 gtaskqueue_thread_loop() at gtaskqueue_thread_loop+0xdd/frame 0xfffffe001a110a60 fork_exit() at fork_exit+0xb0/frame 0xfffffe001a110ab0 fork_trampoline() at fork_trampoline+0xe/frame 0xfffffe001a110ab0 --- trap 0, rip = 0, rsp = 0, rbp = 0 --- KDB: enter: panic [ thread pid 0 tid 100005 ] Stopped at kdb_enter+0x6a: movq $0,kdb_why db>