panic: in_cksum: out of data, len 63
4 views
Skip to first unread message
syzbot
Jun 15, 2019, 8:43:07 PM6/15/19
to syzkaller-o...@googlegroups.com
Hello,
syzbot found the following crash on:
HEAD commit: 6205d5a7 "If any sets are missing, patches are skipped acc..
git tree: openbsd
console output: https://syzkaller.appspot.com/x/log.txt?x=168040faa00000
kernel config: https://syzkaller.appspot.com/x/.config?x=7f659e47e42d9641
dashboard link: https://syzkaller.appspot.com/bug?extid=2a2acca0123c1390affd
Unfortunately, I don't have any reproducer for this crash yet.
IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+2a2acc...@syzkaller.appspotmail.com
panic: in_cksum: out of data, len 63
Stopped at db_enter+0x18: addq $0x8,%rsp
TID PID UID PRFLAGS PFLAGS CPU COMMAND
147866 8639 0 0 0 1 syz-executor.1
*292363 36016 0 0 0x4000000 0K syz-executor.0
db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:398
panic() at panic+0x15c sys/kern/subr_prf.c:212
in_cksum(fffffd8065f8a500,3c) at in_cksum+0x6f8
ip_input_if(ffff800020c0b158,ffff800020c0b164,4,0,ffff800000a0b000) at
ip_input_if+0x32c sys/netinet/ip_input.c:310
ipv4_input(ffff800000a0b000,fffffd8065f8a500) at ipv4_input+0x48
sys/netinet/ip_input.c:255
tun_dev_write(ffff800000a0b000,ffff800020c0b500,3c9) at tun_dev_write+0x418
sys/net/if_tun.c:932
spec_write(ffff800020c0b2e8) at spec_write+0xd7 sys/kern/spec_vnops.c:310
VOP_WRITE(fffffd806471ab98,ffff800020c0b500,1,fffffd807f7c66c0) at
VOP_WRITE+0x6a sys/kern/vfs_vops.c:268
vn_write(fffffd80675f8dc0,ffff800020c0b500,0) at vn_write+0x1c2
sys/kern/vfs_vnops.c:397
dofilewritev(ffff800020b39128,3,ffff800020c0b500,0,ffff800020c0b610) at
dofilewritev+0x1ac sys/kern/sys_generic.c:364
sys_writev(ffff800020b39128,ffff800020c0b5a8,ffff800020c0b610) at
sys_writev+0xa7 sys/kern/sys_generic.c:311
syscall(ffff800020c0b680) at syscall+0x552 mi_syscall
sys/sys/syscall_mi.h:92 [inline]
syscall(ffff800020c0b680) at syscall+0x552 sys/arch/amd64/amd64/trap.c:554
Xsyscall(6,0,d,0,3,78fa9fa4010) at Xsyscall+0x128
end of kernel
end trace frame: 0x7922cd19c70, count: 2
https://www.openbsd.org/ddb.html describes the minimum info required in bug
reports. Insufficient info makes it difficult to find and fix bugs.
---
This bug is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this bug report. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot found the following crash on:
HEAD commit: 6205d5a7 "If any sets are missing, patches are skipped acc..
git tree: openbsd
console output: https://syzkaller.appspot.com/x/log.txt?x=168040faa00000
kernel config: https://syzkaller.appspot.com/x/.config?x=7f659e47e42d9641
dashboard link: https://syzkaller.appspot.com/bug?extid=2a2acca0123c1390affd
Unfortunately, I don't have any reproducer for this crash yet.
IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+2a2acc...@syzkaller.appspotmail.com
panic: in_cksum: out of data, len 63
Stopped at db_enter+0x18: addq $0x8,%rsp
TID PID UID PRFLAGS PFLAGS CPU COMMAND
147866 8639 0 0 0 1 syz-executor.1
*292363 36016 0 0 0x4000000 0K syz-executor.0
db_enter() at db_enter+0x18 sys/arch/amd64/amd64/db_interface.c:398
panic() at panic+0x15c sys/kern/subr_prf.c:212
in_cksum(fffffd8065f8a500,3c) at in_cksum+0x6f8
ip_input_if(ffff800020c0b158,ffff800020c0b164,4,0,ffff800000a0b000) at
ip_input_if+0x32c sys/netinet/ip_input.c:310
ipv4_input(ffff800000a0b000,fffffd8065f8a500) at ipv4_input+0x48
sys/netinet/ip_input.c:255
tun_dev_write(ffff800000a0b000,ffff800020c0b500,3c9) at tun_dev_write+0x418
sys/net/if_tun.c:932
spec_write(ffff800020c0b2e8) at spec_write+0xd7 sys/kern/spec_vnops.c:310
VOP_WRITE(fffffd806471ab98,ffff800020c0b500,1,fffffd807f7c66c0) at
VOP_WRITE+0x6a sys/kern/vfs_vops.c:268
vn_write(fffffd80675f8dc0,ffff800020c0b500,0) at vn_write+0x1c2
sys/kern/vfs_vnops.c:397
dofilewritev(ffff800020b39128,3,ffff800020c0b500,0,ffff800020c0b610) at
dofilewritev+0x1ac sys/kern/sys_generic.c:364
sys_writev(ffff800020b39128,ffff800020c0b5a8,ffff800020c0b610) at
sys_writev+0xa7 sys/kern/sys_generic.c:311
syscall(ffff800020c0b680) at syscall+0x552 mi_syscall
sys/sys/syscall_mi.h:92 [inline]
syscall(ffff800020c0b680) at syscall+0x552 sys/arch/amd64/amd64/trap.c:554
Xsyscall(6,0,d,0,3,78fa9fa4010) at Xsyscall+0x128
end of kernel
end trace frame: 0x7922cd19c70, count: 2
https://www.openbsd.org/ddb.html describes the minimum info required in bug
reports. Insufficient info makes it difficult to find and fix bugs.
---
This bug is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this bug report. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
Greg Steuck
Jun 15, 2019, 9:52:05 PM6/15/19
to syzbot, Alexander Bluhm, syzkaller-o...@googlegroups.com
Hi Alexander,
Looks like your assertion in in_cksum fired.
Thanks
Greg
--
You received this message because you are subscribed to the Google Groups "syzkaller-openbsd-bugs" group.
To unsubscribe from this group and stop receiving emails from it, send an email to syzkaller-openbsd...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/syzkaller-openbsd-bugs/000000000000b89e2f058b6629d6%40google.com.
For more options, visit https://groups.google.com/d/optout.
nest.cx is Gmail hosted, use PGP: https://pgp.key-server.io/0x0B1542BD8DF5A1B0
Fingerprint: 5E2B 2D0E 1E03 2046 BEC3 4D50 0B15 42BD 8DF5 A1B0
Fingerprint: 5E2B 2D0E 1E03 2046 BEC3 4D50 0B15 42BD 8DF5 A1B0
syzbot
Oct 25, 2019, 4:44:05 AM10/25/19
to alexand...@gmx.net, gr...@nest.cx, syzkaller-o...@googlegroups.com
Auto-closing this bug as obsolete.
Crashes did not happen for a while, no reproducer and no activity.
Crashes did not happen for a while, no reproducer and no activity.
Reply all
Reply to author
Forward
0 new messages