panic: kernel diagnostic assertion "M_DATABUF(m) + M_SIZE(m) >= (m->m_data + m->m

panic: kernel diagnostic assertion "M_DATABUF(m) + M_SIZE(m) >= (m->m_data + m->m_len)" failed: file "/syzkaller/managers/main/kernel/sys/kern/uipc_mbuf.c", line 1335
Stopped at      db_enter+0xa:   popq    %rbp
    TID    PID    UID     PRFLAGS     PFLAGS  CPU  COMMAND
*493644  38952      0           0  0x4000000    0  syz-executor9632
db_enter() at db_enter+0xa
panic() at panic+0x147
__assert(ffffffff813a1834,ffff800021103cf0,ffffff006d8d0d04,c) at __assert+0x24
m_copyback(ffffff006d8d0cf8,ffffff006d8d0c00,8,600,100) at m_copyback+0x4a4
swofp_send_error(ffff800000aa4800,ffffff006d8d0c00,ffff8000006b3d00,ffffff006d8d0cf8) at swofp_send_error+0xac
swofp_recv_set_config(ffffff006d8d0c00,ffff800000aa4800) at swofp_recv_set_config+0x46
swofp_input(ffff800000aa4800,ffff800021103e98) at swofp_input+0xfe
switchwrite(ffffff0072a92af0,ffffff0072a92af0,ffff800021104078) at switchwrite+0x30e
spec_write(ffffffff81dfb940) at spec_write+0xa0
VOP_WRITE(1,ffffff0072a92af0,1,ffffff006e905260) at VOP_WRITE+0x65
vn_write(ffffff006e905260,ffff800021104078,a) at vn_write+0x161
dofilewritev(ffff8000211041a0,1,ffff8000211041b8,ffff8000210c2010,0) at dofilewritev+0x13e
sys_pwritev(ffff800021104240,ffff8000210c2010,ffff8000210a5010) at sys_pwritev+0xbf
--db_more--           syscall(0) at syscall+0x3e4
--db_more--           end trace frame: 0xffff8000211042c0, count: 0
--db_more--           https://www.openbsd.org/ddb.html describes the minimum info required in bug
--db_more--           reports.  Insufficient info makes it difficult to find and fix bugs.
ddb>  $lines = 0
?
ddb> show panic
kernel diagnostic assertion "M_DATABUF(m) + M_SIZE(m) >= (m->m_data + m->m_len)" failed: file "/syzkaller/managers/main/kernel/sys/kern/uipc_mbuf.c", line 1335
ddb> trace
db_enter() at db_enter+0xa
panic() at panic+0x147
__assert(ffffffff813a1834,ffff800021103cf0,ffffff006d8d0d04,c) at __assert+0x24
m_copyback(ffffff006d8d0cf8,ffffff006d8d0c00,8,600,100) at m_copyback+0x4a4
swofp_send_error(ffff800000aa4800,ffffff006d8d0c00,ffff8000006b3d00,ffffff006d8d0cf8) at swofp_send_error+0xac
swofp_recv_set_config(ffffff006d8d0c00,ffff800000aa4800) at swofp_recv_set_config+0x46
swofp_input(ffff800000aa4800,ffff800021103e98) at swofp_input+0xfe
switchwrite(ffffff0072a92af0,ffffff0072a92af0,ffff800021104078) at switchwrite+0x30e
spec_write(ffffffff81dfb940) at spec_write+0xa0
VOP_WRITE(1,ffffff0072a92af0,1,ffffff006e905260) at VOP_WRITE+0x65
vn_write(ffffff006e905260,ffff800021104078,a) at vn_write+0x161
dofilewritev(ffff8000211041a0,1,ffff8000211041b8,ffff8000210c2010,0) at dofilewritev+0x13e
sys_pwritev(ffff800021104240,ffff8000210c2010,ffff8000210a5010) at sys_pwritev+0xbf
syscall(0) at syscall+0x3e4
Xsyscall(6,0,78d667e22a0,0,78b26cb6098,78b26cb6090) at Xsyscall+0x128
end of kernel
--db_more--           end trace frame: 0x78dfb060b40, count: -15
ddb> how registers
No such command
ddb> show proc
PROC (syz-executor9632) pid=493644 stat=onproc
    flags process=0 proc=4000000<THREAD>
    pri=50, usrpri=50, nice=20
    forw=0xffffffffffffffff, list=0xffff8000210c2268,0xffffffff81eafaa0
    process=0xffff8000210a5010 user=0xffff8000210ff000, vmspace=0xffffff007f12b420
    estcpu=0, cpticks=1, pctcpu=0.0
    user=0, sys=1, intr=0
ddb> ps
   PID     TID   PPID    UID  S       FLAGS  WAIT          COMMAND
 38952  144305  90902      0  2           0                syz-executor9632
*38952  493644  90902      0  7   0x4000000                syz-executor9632
 90902  194569  71558      0  3        0x82  nanosleep     syz-executor9632
 71558  309209  16830      0  3    0x10008a  pause         ksh
 16830   48163  46985      0  3        0x92  select        sshd
  3199  169615      1      0  3    0x100083  ttyin         getty
 46985  225443      1      0  3        0x80  select        sshd
 47338  300199   4465     73  3    0x100090  kqread        syslogd
  4465  267722      1      0  3    0x100082  netio         syslogd
 97035  507533      1     77  3    0x100090  poll          dhclient
 10698  201555      1      0  3        0x80  poll          dhclient
 93153  509914      0      0  2     0x14200                zerothread
 34540   92097      0      0  3     0x14200  aiodoned      aiodoned
  2809  416480      0      0  3     0x14200  syncer        update
 41150  407119      0      0  3     0x14200  cleaner       cleaner
 11152  503560      0      0  3     0x14200  reaper        reaper
 25842  252600      0      0  3     0x14200  pgdaemon      pagedaemon
 79196  486929      0      0  3     0x14200  bored         crynlk
 79215  483737      0      0  3     0x14200  bored         crypto
 70525   49945      0      0  3  0x40014200  acpi0         acpi0
 90632  215559      0      0  3     0x14200  bored         softnet
--db_more--

Time	Kernel	Commit	Syzkaller	Config	Log	Report	Syz repro	C repro	Manager
2018/12/03 18:21	openbsd	f939acc2595a	21927904		console log	report	syz	C	ci-openbsd-main
2018/12/09 14:23	https://github.com/blackgnezdo/src.git anton-kcov-dec8	737f2a163501	e699a2b9	.config	console log	report			ci-openbsd-multicore
2018/12/07 23:51	https://github.com/blackgnezdo/src.git multicore	013d15613728	65ed2472	.config	console log	report			ci-openbsd-multicore
2018/12/07 23:28	https://github.com/blackgnezdo/src.git multicore	013d15613728	65ed2472	.config	console log	report			ci-openbsd-multicore
2018/12/07 23:23	https://github.com/blackgnezdo/src.git multicore	013d15613728	65ed2472	.config	console log	report			ci-openbsd-multicore
2018/12/05 21:02	openbsd	7d03a16b0321	f162ad97		console log	report			ci-openbsd-main
2018/12/03 18:02	openbsd	f939acc2595a	21927904		console log	report			ci-openbsd-main