panic: bpf_mcopy
11 views
Skip to first unread message
syzbot
Dec 4, 2018, 2:44:04 AM12/4/18
to syzkaller-o...@googlegroups.com
Hello,
syzbot found the following crash on:
HEAD commit: f939acc2595a DT_MIPS_RLD_MAP is an offset, so relocate it ..
git tree: https://github.com/openbsd/src.git master
console output: https://syzkaller.appspot.com/x/log.txt?x=107e2125400000
dashboard link: https://syzkaller.appspot.com/bug?extid=7769df921505d4f4df7f
compiler:
Unfortunately, I don't have any reproducer for this crash yet.
IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+7769df...@syzkaller.appspotmail.com
panic: bpf_mcopy
Stopped at db_enter+0xa: popq %rbp
TID PID UID PRFLAGS PFLAGS CPU COMMAND
* 29463 54073 0 0x2 0 0 syz-executor0
db_enter() at db_enter+0xa
panic() at panic+0x147
bpf_mcopy(0,1,42) at bpf_mcopy+0x7f
ffff800021161d60(ffff800000074340,1,ffff800000074340,ffffff00068c5e00,ffff800021161c78,78b6a6cdc7f5e535)
at
0xffff800021161d60
bpf_mtap_ether(ffff800021161cf8,42,ffff800000074340) at bpf_mtap_ether+0xeb
ifiq_input(ffff800000171050,ffff800000171290,ffffff00068c5e00) at
ifiq_input+0x105
vio_rxeof(ffff800000171050) at vio_rxeof+0x220
vio_rx_intr(ffffffff) at vio_rx_intr+0x23
virtio_check_vqs(ffff80000001c300) at virtio_check_vqs+0x166
intr_handler(0,ffff80000024b980) at intr_handler+0x3f
Xintr_ioapic_edge19_untramp(0,20,5050d6b9000,0,20,ffff800021162150) at
Xintr_ioapic_edge19_untramp+0x19f
copyout(ffff800021162150,ffff80000292e000,1,ffff80000292e008,20,ffff800021161f78)
at
copyout+0x5c
ufs_readdir(ffffffff81dfb828) at ufs_readdir+0x28d
VOP_READDIR(ffffff006e47b530,ffff8000210c39d8,ffff8000211621f0,10000) at
VOP_READDIR+0x65
--db_more-- end trace frame:
0xffff8000211621b0, count: 0
--db_more--
https://www.openbsd.org/ddb.html describes the minimum info
required in bug
--db_more-- reports. Insufficient info
makes it difficult to find and fix bugs.
ddb> t $lines = 0
---
This bug is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this bug report. See:
https://goo.gl/tpsmEJ#bug-status-tracking for how to communicate with
syzbot.
syzbot found the following crash on:
HEAD commit: f939acc2595a DT_MIPS_RLD_MAP is an offset, so relocate it ..
git tree: https://github.com/openbsd/src.git master
console output: https://syzkaller.appspot.com/x/log.txt?x=107e2125400000
dashboard link: https://syzkaller.appspot.com/bug?extid=7769df921505d4f4df7f
compiler:
Unfortunately, I don't have any reproducer for this crash yet.
IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+7769df...@syzkaller.appspotmail.com
panic: bpf_mcopy
Stopped at db_enter+0xa: popq %rbp
TID PID UID PRFLAGS PFLAGS CPU COMMAND
* 29463 54073 0 0x2 0 0 syz-executor0
db_enter() at db_enter+0xa
panic() at panic+0x147
bpf_mcopy(0,1,42) at bpf_mcopy+0x7f
ffff800021161d60(ffff800000074340,1,ffff800000074340,ffffff00068c5e00,ffff800021161c78,78b6a6cdc7f5e535)
at
0xffff800021161d60
bpf_mtap_ether(ffff800021161cf8,42,ffff800000074340) at bpf_mtap_ether+0xeb
ifiq_input(ffff800000171050,ffff800000171290,ffffff00068c5e00) at
ifiq_input+0x105
vio_rxeof(ffff800000171050) at vio_rxeof+0x220
vio_rx_intr(ffffffff) at vio_rx_intr+0x23
virtio_check_vqs(ffff80000001c300) at virtio_check_vqs+0x166
intr_handler(0,ffff80000024b980) at intr_handler+0x3f
Xintr_ioapic_edge19_untramp(0,20,5050d6b9000,0,20,ffff800021162150) at
Xintr_ioapic_edge19_untramp+0x19f
copyout(ffff800021162150,ffff80000292e000,1,ffff80000292e008,20,ffff800021161f78)
at
copyout+0x5c
ufs_readdir(ffffffff81dfb828) at ufs_readdir+0x28d
VOP_READDIR(ffffff006e47b530,ffff8000210c39d8,ffff8000211621f0,10000) at
VOP_READDIR+0x65
--db_more-- end trace frame:
0xffff8000211621b0, count: 0
--db_more--
https://www.openbsd.org/ddb.html describes the minimum info
required in bug
--db_more-- reports. Insufficient info
makes it difficult to find and fix bugs.
ddb> t $lines = 0
---
This bug is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this bug report. See:
https://goo.gl/tpsmEJ#bug-status-tracking for how to communicate with
syzbot.
syzbot
Jun 2, 2019, 3:44:04 AM6/2/19
to syzkaller-o...@googlegroups.com
Auto-closing this bug as obsolete.
Crashes did not happen for a while, no reproducer and no activity.
Crashes did not happen for a while, no reproducer and no activity.
Reply all
Reply to author
Forward
0 new messages