panic: kernel diagnostic assertion "M_DATABUF(m) + M_SIZE(m) >= (m->m_data + m->m_len)" failed: file "/syzkaller/managers/main/kernel/sys/kern/uipc_mbuf.c", line 1335 Stopped at db_enter+0xa: popq %rbp TID PID UID PRFLAGS PFLAGS CPU COMMAND *493644 38952 0 0 0x4000000 0 syz-executor9632 db_enter() at db_enter+0xa panic() at panic+0x147 __assert(ffffffff813a1834,ffff800021103cf0,ffffff006d8d0d04,c) at __assert+0x24 m_copyback(ffffff006d8d0cf8,ffffff006d8d0c00,8,600,100) at m_copyback+0x4a4 swofp_send_error(ffff800000aa4800,ffffff006d8d0c00,ffff8000006b3d00,ffffff006d8d0cf8) at swofp_send_error+0xac swofp_recv_set_config(ffffff006d8d0c00,ffff800000aa4800) at swofp_recv_set_config+0x46 swofp_input(ffff800000aa4800,ffff800021103e98) at swofp_input+0xfe switchwrite(ffffff0072a92af0,ffffff0072a92af0,ffff800021104078) at switchwrite+0x30e spec_write(ffffffff81dfb940) at spec_write+0xa0 VOP_WRITE(1,ffffff0072a92af0,1,ffffff006e905260) at VOP_WRITE+0x65 vn_write(ffffff006e905260,ffff800021104078,a) at vn_write+0x161 dofilewritev(ffff8000211041a0,1,ffff8000211041b8,ffff8000210c2010,0) at dofilewritev+0x13e sys_pwritev(ffff800021104240,ffff8000210c2010,ffff8000210a5010) at sys_pwritev+0xbf --db_more-- syscall(0) at syscall+0x3e4 --db_more-- end trace frame: 0xffff8000211042c0, count: 0 --db_more-- https://www.openbsd.org/ddb.html describes the minimum info required in bug --db_more-- reports. Insufficient info makes it difficult to find and fix bugs. ddb> $lines = 0 ? ddb> show panic kernel diagnostic assertion "M_DATABUF(m) + M_SIZE(m) >= (m->m_data + m->m_len)" failed: file "/syzkaller/managers/main/kernel/sys/kern/uipc_mbuf.c", line 1335 ddb> trace db_enter() at db_enter+0xa panic() at panic+0x147 __assert(ffffffff813a1834,ffff800021103cf0,ffffff006d8d0d04,c) at __assert+0x24 m_copyback(ffffff006d8d0cf8,ffffff006d8d0c00,8,600,100) at m_copyback+0x4a4 swofp_send_error(ffff800000aa4800,ffffff006d8d0c00,ffff8000006b3d00,ffffff006d8d0cf8) at swofp_send_error+0xac swofp_recv_set_config(ffffff006d8d0c00,ffff800000aa4800) at swofp_recv_set_config+0x46 swofp_input(ffff800000aa4800,ffff800021103e98) at swofp_input+0xfe switchwrite(ffffff0072a92af0,ffffff0072a92af0,ffff800021104078) at switchwrite+0x30e spec_write(ffffffff81dfb940) at spec_write+0xa0 VOP_WRITE(1,ffffff0072a92af0,1,ffffff006e905260) at VOP_WRITE+0x65 vn_write(ffffff006e905260,ffff800021104078,a) at vn_write+0x161 dofilewritev(ffff8000211041a0,1,ffff8000211041b8,ffff8000210c2010,0) at dofilewritev+0x13e sys_pwritev(ffff800021104240,ffff8000210c2010,ffff8000210a5010) at sys_pwritev+0xbf syscall(0) at syscall+0x3e4 Xsyscall(6,0,78d667e22a0,0,78b26cb6098,78b26cb6090) at Xsyscall+0x128 end of kernel --db_more-- end trace frame: 0x78dfb060b40, count: -15 ddb> how registers No such command ddb> show proc PROC (syz-executor9632) pid=493644 stat=onproc flags process=0 proc=4000000 pri=50, usrpri=50, nice=20 forw=0xffffffffffffffff, list=0xffff8000210c2268,0xffffffff81eafaa0 process=0xffff8000210a5010 user=0xffff8000210ff000, vmspace=0xffffff007f12b420 estcpu=0, cpticks=1, pctcpu=0.0 user=0, sys=1, intr=0 ddb> ps PID TID PPID UID S FLAGS WAIT COMMAND 38952 144305 90902 0 2 0 syz-executor9632 *38952 493644 90902 0 7 0x4000000 syz-executor9632 90902 194569 71558 0 3 0x82 nanosleep syz-executor9632 71558 309209 16830 0 3 0x10008a pause ksh 16830 48163 46985 0 3 0x92 select sshd 3199 169615 1 0 3 0x100083 ttyin getty 46985 225443 1 0 3 0x80 select sshd 47338 300199 4465 73 3 0x100090 kqread syslogd 4465 267722 1 0 3 0x100082 netio syslogd 97035 507533 1 77 3 0x100090 poll dhclient 10698 201555 1 0 3 0x80 poll dhclient 93153 509914 0 0 2 0x14200 zerothread 34540 92097 0 0 3 0x14200 aiodoned aiodoned 2809 416480 0 0 3 0x14200 syncer update 41150 407119 0 0 3 0x14200 cleaner cleaner 11152 503560 0 0 3 0x14200 reaper reaper 25842 252600 0 0 3 0x14200 pgdaemon pagedaemon 79196 486929 0 0 3 0x14200 bored crynlk 79215 483737 0 0 3 0x14200 bored crypto 70525 49945 0 0 3 0x40014200 acpi0 acpi0 90632 215559 0 0 3 0x14200 bored softnet --db_more--