kern.securelevel: 0 -> 1
creating runtime link editor directory cache.
preserving editor files.
starting network daemons: sshd.
starting local daemons:.
Thu Dec 5 04:53:49 PST 2019
OpenBSD/amd64 (ci-openbsd-main-7.c.syzkaller.internal) (tty00)
Warning: Permanently added '10.128.15.194' (ECDSA) to the list of known hosts.
2019/12/05 04:54:16 parsed 1 programs
2019/12/05 04:54:23 executed programs: 0
login: kernel: protection fault trap, code=0
Stopped at pool_do_put+0x12e: movq 0x8(%rbx),%rbx
ddb>
ddb> set $lines = 0
ddb> set $maxwidth = 0
ddb> show panic
the kernel did not panic
ddb> trace
pool_do_put(ffffffff8253d850,fffffd80331bcc00) at pool_do_put+0x12e
pool_put(ffffffff8253d850,fffffd80331bcc00) at pool_put+0x4b
m_free(fffffd80331bcc00) at m_free+0x119
rt_ifa_del(ffff8000006a2400,800100,ffff8000006a2440,0) at rt_ifa_del+0x436
in6_unlink_ifa(ffff8000006a2400,ffff8000009e3800) at in6_unlink_ifa+0x571
in6_update_ifa(ffff8000009e3800,ffff800014928ae0,0) at in6_update_ifa+0x13f7
in6_ioctl_change_ifaddr(8080691a,ffff800014928ae0,ffff8000009e3800) at in6_ioctl_change_ifaddr+0x40c
ifioctl(fffffd80363c1a88,8080691a,ffff800014928ae0,ffff8000ffff89e8) at ifioctl+0xe60
sys_ioctl(ffff8000ffff89e8,ffff800014928bf8,ffff800014928c40) at sys_ioctl+0x5b9
syscall(ffff800014928cc0) at syscall+0x507
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x7f7ffffea9d0, count: -11
ddb> show registers
rdi 0
rsi 0xddda3b155c04d41e
rbp 0xffff800014928530
rbx 0xddda3b155c04d41e
rdx 0xffff800014928480
rcx 0x1000 __ALIGN_SIZE
rax 0xfffffd80331bd000
r8 0x4
r9 0x5
r10 0x571c08e1b070a055
r11 0x4200ae0b24da3713
r12 0xfffffd80331bcc00
r13 0xddda3b155c04d41e
r14 0xffffffff8253d850 mbpool
r15 0xfffffd8035961398
rip 0xffffffff8211679e pool_do_put+0x12e
cs 0x8
rflags 0x10216 __ALIGN_SIZE+0xf216
rsp 0xffff800014928480
ss 0x10
pool_do_put+0x12e: movq 0x8(%rbx),%rbx
ddb> show proc
PROC (syz-executor.0) pid=165607 stat=onproc
flags process=0 proc=0
pri=50, usrpri=50, nice=20
forw=0xffffffffffffffff, list=0xffff8000ffff8770,0xffffffff825420b8
process=0xffff8000148b2d98 user=0xffff800014923000, vmspace=0xfffffd803f012330
estcpu=0, cpticks=0, pctcpu=0.0
user=0, sys=0, intr=0
ddb> ps
PID TID PPID UID S FLAGS WAIT COMMAND
*21335 165607 73338 0 7 0 syz-executor.0
73338 76844 42799 0 3 0x82 nanosleep syz-executor.0
42799 220971 66991 0 3 0x82 thrsleep syz-execprog
42799 304318 66991 0 3 0x4000082 nanosleep syz-execprog
42799 506481 66991 0 3 0x4000082 thrsleep syz-execprog
42799 513536 66991 0 3 0x4000082 thrsleep syz-execprog
42799 368667 66991 0 3 0x4000082 kqread syz-execprog
42799 24734 66991 0 3 0x4000082 thrsleep syz-execprog
42799 466042 66991 0 3 0x4000082 thrsleep syz-execprog
66991 216653 53655 0 3 0x10008a pause ksh
53655 351435 30693 0 3 0x92 select sshd
95674 134738 1 0 3 0x100083 ttyin getty
30693 451049 1 0 3 0x80 select sshd
9834 199760 78800 73 3 0x100090 kqread syslogd
78800 380667 1 0 3 0x100082 netio syslogd
65222 12158 1 77 3 0x100090 poll dhclient
98389 218446 1 0 3 0x80 poll dhclient
90031 445842 0 0 2 0x14200 zerothread
38860 282554 0 0 3 0x14200 aiodoned aiodoned
80812 253758 0 0 3 0x14200 syncer update
80446 428827 0 0 3 0x14200 cleaner cleaner
72916 45788 0 0 3 0x14200 reaper reaper
66573 237345 0 0 3 0x14200 pgdaemon pagedaemon
69837 75266 0 0 3 0x14200 bored crynlk
60580 432336 0 0 3 0x14200 bored crypto
44375 86512 0 0 3 0x40014200 acpi0 acpi0
86974 144373 0 0 3 0x14200 bored softnet
39152 407358 0 0 3 0x14200 bored systqmp
66473 473756 0 0 3 0x14200 bored systq
73895 202891 0 0 3 0x40014200 bored softclock
55859 280372 0 0 3 0x40014200 idle0
77598 457905 0 0 3 0x14200 bored smr
1 42149 0 0 3 0x82 wait init
0 0 -1 0 3 0x10200 scheduler swapper
ddb> show all locks
No such command
ddb> show malloc
Type InUse MemUse HighUse Limit Requests Type Lim
devbuf 9442 6320K 6320K 78643K 10539 0
pcb 13 8K 8K 78643K 13 0
rtable 83 2K 2K 78643K 155 0
ifaddr 33 9K 9K 78643K 33 0
counters 19 16K 16K 78643K 19 0
ioctlops 0 0K 2K 78643K 14 0
mount 1 1K 1K 78643K 1 0
vnodes 1180 74K 74K 78643K 1185 0
UFS quota 1 32K 32K 78643K 1 0
UFS mount 5 36K 36K 78643K 5 0
shm 2 1K 1K 78643K 2 0
VM map 2 0K 0K 78643K 2 0
sem 2 0K 0K 78643K 2 0
dirhash 12 2K 2K 78643K 12 0
ACPI 1794 195K 288K 78643K 12646 0
file desc 3 8K 12K 78643K 18 0
proc 47 38K 54K 78643K 318 0
NFS srvsock 1 0K 0K 78643K 1 0
NFS daemon 1 16K 16K 78643K 1 0
in_multi 22 1K 1K 78643K 22 0
ether_multi 1 0K 0K 78643K 1 0
ISOFS mount 1 32K 32K 78643K 1 0
MSDOSFS mount 1 16K 16K 78643K 1 0
ttys 18 79K 79K 78643K 18 0
exec 0 0K 1K 78643K 171 0
pagedep 1 8K 8K 78643K 1 0
inodedep 1 32K 32K 78643K 1 0
newblk 1 0K 0K 78643K 1 0
VM swap 7 26K 26K 78643K 7 0
UVM amap 75 11K 12K 78643K 861 0
UVM aobj 2 2K 2K 78643K 2 0
memdesc 1 4K 4K 78643K 1 0
crypto data 1 1K 1K 78643K 1 0
NDP 6 0K 0K 78643K 6 0
temp 27 3001K 3065K 78643K 3056 0
SYN cache 2 16K 16K 78643K 2 0
ddb> show all pools
Name Size Requests Fail Releases Pgreq Pgrel Npage Hiwat Minpg Maxpg Idle
arp 64 4 0 0 1 0 1 1 0 8 0
rtpcb 80 17 0 15 1 0 1 1 0 8 0
rtentry 112 34 0 1 1 0 1 1 0 8 0
unpcb 120 27 0 19 1 0 1 1 0 8 0
syncache 264 5 0 5 2 1 1 1 0 8 1
tcpcb 544 8 0 5 1 0 1 1 0 8 0
inpcb 280 27 0 20 1 0 1 1 0 8 0
nd6 48 2 0 0 1 0 1 1 0 8 0
art_heap8 4096 1 0 0 1 0 1 1 0 8 0
art_heap4 256 168 0 0 11 0 11 11 0 8 0
art_table 32 169 0 0 2 0 2 2 0 8 0
art_node 16 33 0 3 1 0 1 1 0 8 0
dirhash 1024 17 0 0 3 0 3 3 0 8 0
dino1pl 128 1415 0 19 46 0 46 46 0 8 0
ffsino 240 1415 0 19 83 0 83 83 0 8 0
nchpl 144 1640 0 35 60 0 60 60 0 8 0
uvmvnodes 72 1424 0 0 26 0 26 26 0 8 0
vnodes 208 1424 0 0 75 0 75 75 0 8 0
namei 1024 3862 0 3862 2 1 1 1 0 8 1
scxspl 192 4149 0 4149 8 1 7 7 0 8 7
plimitpl 152 14 0 8 1 0 1 1 0 8 0
sigapl 432 197 0 185 2 0 2 2 0 8 0
knotepl 112 39 0 28 1 0 1 1 0 8 0
kqueuepl 104 2 0 0 1 0 1 1 0 8 0
pipepl 128 134 0 121 2 1 1 1 0 8 0
fdescpl 424 198 0 185 2 0 2 2 0 8 0
filepl 120 997 0 943 2 0 2 2 0 8 0
lockfpl 104 5 0 4 1 0 1 1 0 8 0
lockfspl 48 3 0 2 1 0 1 1 0 8 0
sessionpl 112 18 0 9 1 0 1 1 0 8 0
pgrppl 48 18 0 9 1 0 1 1 0 8 0
ucredpl 96 47 0 40 1 0 1 1 0 8 0
zombiepl 144 185 0 185 2 1 1 1 0 8 1
processpl 864 212 0 185 4 0 4 4 0 8 0
procpl 632 218 0 185 3 0 3 3 0 8 0
sockpl 384 71 0 54 2 0 2 2 0 8 0
mcl4k 4096 10 0 10 2 1 1 1 0 8 1
mcl2k 2048 5478 0 5445 8 2 6 8 0 8 1
mtagpl 80 2 0 2 1 1 0 1 0 8 0
mbufpl 256 9472 0 9395 9 4 5 5 0 8 0
mbufpl: pool(0xffffffff8253d850:mbufpl): free list modified: page 0xfffffd80331bc000; item ordinal 1; addr 0xfffffd80331bcd00 (p 0xfffffd8035961000); offset 0x0=0x0
pool(mbufpl): free list modified: page 0xfffffd80331bc000; item ordinal 1; addr 0xfffffd80331bcd00 (p 0xfffffd8035961000); offset 0x0=0x0
mbufpl: pool(0xffffffff8253d850:mbufpl): page inconsistency: page 0xfffffd80331bc000; item ordinal 2; addr 0xddda3b155c04d41e
bufpl 280 5846 0 1353 321 0 321 321 0 8 0
anonpl 16 20168 0 18683 16 3 13 13 0 62 6
amapchunkpl 152 684 0 624 5 0 5 5 0 158 2
amappl16 192 71 0 47 2 0 2 2 0 8 0
amappl15 184 50 0 46 1 0 1 1 0 8 0
amappl14 176 23 0 20 2 1 1 1 0 8 0
amappl13 168 8 0 6 1 0 1 1 0 8 0
amappl12 160 9 0 7 2 1 1 1 0 8 0
amappl11 152 43 0 32 1 0 1 1 0 8 0
amappl10 144 11 0 10 2 1 1 1 0 8 0
amappl9 136 397 0 392 1 0 1 1 0 8 0
amappl8 128 85 0 75 1 0 1 1 0 8 0
amappl7 120 84 0 75 1 0 1 1 0 8 0
amappl6 112 60 0 53 1 0 1 1 0 8 0
amappl5 104 133 0 123 1 0 1 1 0 8 0
amappl4 96 426 0 402 1 0 1 1 0 8 0
amappl3 88 123 0 116 1 0 1 1 0 8 0
amappl2 80 809 0 751 4 1 3 3 0 8 1
amappl1 72 13116 0 12709 27 10 17 20 0 8 8
amappl 80 419 0 393 1 0 1 1 0 84 0
dma4096 4096 1 0 1 1 1 0 1 0 8 0
dma256 256 6 0 6 1 1 0 1 0 8 0
dma128 128 253 0 253 1 1 0 1 0 8 0
dma64 64 6 0 6 1 1 0 1 0 8 0
dma32 32 7 0 7 1 1 0 1 0 8 0
dma16 16 18 0 17 1 0 1 1 0 8 0
aobjpl 64 1 0 0 1 0 1 1 0 8 0
uaddrrnd 24 198 0 185 1 0 1 1 0 8 0
uaddrbest 32 2 0 0 1 0 1 1 0 8 0
uaddr 24 198 0 185 1 0 1 1 0 8 0
vmmpekpl 168 6065 0 6051 1 0 1 1 0 8 0
vmmpepl 168 29333 0 28434 92 14 78 78 0 357 38
vmsppl 272 197 0 185 1 0 1 1 0 8 0
pdppl 4096 402 0 370 5 0 5 5 0 8 0
pvpl 32 102984 0 99211 118 5 113 113 0 265 81
pmappl 200 197 0 185 1 0 1 1 0 8 0
extentpl 40 46 0 29 1 0 1 1 0 8 0
phpool 112 128 0 10 4 0 4 4 0 8 0
ddb>