syzbot

 sign-in | mailing list | source | docs
🐞 Open [41]
🐞 Fixed [469]
🐞 Invalid [348]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
💬 Send us feedback

panic: runtime error: index out of range [NUM] with length NUM

Status: fixed on 2021/10/27 00:49
Fix commit: f54a25c1f03e Validate an icmp header before accessing it
First crash: 1129d, last: 1127d
Similar bugs (2)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
gvisor panic: runtime error: index out of range [NUM] with length NUM (2) C 21 1034d 1041d 14/26 fixed on 2022/01/26 19:49
gvisor panic: runtime error: index out of range [NUM] with length NUM (3) C 372 673d 676d 18/26 fixed on 2023/01/23 05:20

Sample crash report:
panic: runtime error: index out of range [0] with length 0

goroutine 642 [running]:
panic(0x11eb960, 0xc00023e108)
	GOROOT/src/runtime/panic.go:1065 +0x565 fp=0xc000924820 sp=0xc000924758 pc=0x437c65
runtime.goPanicIndex(0x0, 0x0)
	GOROOT/src/runtime/panic.go:88 +0xa5 fp=0xc000924868 sp=0xc000924820 pc=0x434fc5
gvisor.dev/gvisor/pkg/tcpip/header.ICMPv4.Type(...)
	pkg/tcpip/header/icmpv4.go:118
gvisor.dev/gvisor/pkg/tcpip/network/ipv4.(*protocol).returnError(0xc00068c7e0, 0x14574f8, 0xc00003c6da, 0xc00051c900, 0x0, 0x0)
	pkg/tcpip/network/ipv4/icmp.go:575 +0xca5 fp=0xc000924ad8 sp=0xc000924868 pc=0xb14905
gvisor.dev/gvisor/pkg/tcpip/network/ipv4.(*endpoint).handleValidatedPacket(0xc0004cb500, 0xc00052678e, 0x18, 0x34, 0xc00051c900, 0xc0009781d8, 0x7)
	pkg/tcpip/network/ipv4/ipv4.go:963 +0xd8c fp=0xc0009252a0 sp=0xc000924ad8 pc=0xb1b64c
gvisor.dev/gvisor/pkg/tcpip/network/ipv4.(*endpoint).HandlePacket(0xc0004cb500, 0xc00051c900)
	pkg/tcpip/network/ipv4/ipv4.go:851 +0x166 fp=0xc000925500 sp=0xc0009252a0 pc=0xb1a326
gvisor.dev/gvisor/pkg/tcpip/stack.(*nic).DeliverNetworkPacket(0xc0002e1880, 0xc00003c64a, 0x6, 0x0, 0x0, 0x800, 0xc00051c900)
	pkg/tcpip/stack/nic.go:781 +0x2b0 fp=0xc0009255a8 sp=0xc000925500 pc=0x94f3b0
gvisor.dev/gvisor/pkg/tcpip/link/channel.(*Endpoint).InjectLinkAddr(...)
	pkg/tcpip/link/channel/channel.go:195
gvisor.dev/gvisor/pkg/tcpip/link/tun.(*Device).Write(0xc0007044e8, 0xc00052678e, 0x42, 0x34, 0x0, 0x1, 0x20000000)
	pkg/tcpip/link/tun/device.go:235 +0x2d3 fp=0xc000925678 sp=0xc0009255a8 pc=0xb4a3b3
gvisor.dev/gvisor/pkg/sentry/devices/tundev.(*tunFD).Write(0xc000704480, 0x1476ce0, 0xc000707500, 0x14719b0, 0xc00091c000, 0x0, 0x1, 0x20000000, 0x42, 0x100, ...)
	pkg/sentry/devices/tundev/tundev.go:146 +0x1f0 fp=0xc000925780 sp=0xc000925678 pc=0xef83b0
gvisor.dev/gvisor/pkg/sentry/vfs.(*FileDescription).Write(0xc000704480, 0x1476ce0, 0xc000707500, 0x14719b0, 0xc00091c000, 0x0, 0x1, 0x20000000, 0x42, 0x100, ...)
	pkg/sentry/vfs/file_description.go:657 +0xb4 fp=0xc000925818 sp=0xc000925780 pc=0x747bb4
gvisor.dev/gvisor/pkg/sentry/syscalls/linux/vfs2.write(0xc000707500, 0xc000704480, 0x14719b0, 0xc00091c000, 0x0, 0x1, 0x20000000, 0x42, 0x100, 0x0, ...)
	pkg/sentry/syscalls/linux/vfs2/read_write.go:345 +0x9b fp=0xc0009259d0 sp=0xc000925818 pc=0xe4213b
gvisor.dev/gvisor/pkg/sentry/syscalls/linux/vfs2.Write(0xc000707500, 0xf0, 0x20000000, 0x42, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ...)
	pkg/sentry/syscalls/linux/vfs2/read_write.go:314 +0x245 fp=0xc000925b00 sp=0xc0009259d0 pc=0xe41a25
gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).executeSyscall(0xc000707500, 0x1, 0xf0, 0x20000000, 0x42, 0x0, 0x0, 0x0, 0x0, 0x12d7840, ...)
	pkg/sentry/kernel/task_syscall.go:103 +0x13c fp=0xc000925c60 sp=0xc000925b00 pc=0x9d7cfc
gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscallInvoke(0xc000707500, 0x1, 0xf0, 0x20000000, 0x42, 0x0, 0x0, 0x0, 0x0, 0x0)
	pkg/sentry/kernel/task_syscall.go:238 +0x66 fp=0xc000925ce8 sp=0xc000925c60 pc=0x9d8e86
gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscallEnter(0xc000707500, 0x1, 0xf0, 0x20000000, 0x42, 0x0, 0x0, 0x0, 0xc00056cb28, 0xc000568420)
	pkg/sentry/kernel/task_syscall.go:198 +0x98 fp=0xc000925d48 sp=0xc000925ce8 pc=0x9d8a78
gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscall(0xc000707500, 0x2, 0xc000707500)
	pkg/sentry/kernel/task_syscall.go:173 +0x15c fp=0xc000925e18 sp=0xc000925d48 pc=0x9d841c
gvisor.dev/gvisor/pkg/sentry/kernel.(*runApp).execute(0x0, 0xc000707500, 0x144a900, 0x0)
	pkg/sentry/kernel/task_run.go:282 +0xc8c fp=0xc000925f60 sp=0xc000925e18 pc=0x9cd0ac
gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).run(0xc000707500, 0xd)
	pkg/sentry/kernel/task_run.go:97 +0x1af fp=0xc000925fd0 sp=0xc000925f60 pc=0x9cbd2f
runtime.goexit()
	src/runtime/asm_amd64.s:1371 +0x1 fp=0xc000925fd8 sp=0xc000925fd0 pc=0x472861
created by gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).Start
	pkg/sentry/kernel/task_start.go:327 +0xfe

Crashes (12):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2021/10/24 01:24 gvisor 14f4113924c8 282f03fb .config console log report syz C ci-gvisor-ptrace-1 panic: runtime error: index out of range [NUM] with length NUM
2021/10/24 01:23 gvisor 14f4113924c8 282f03fb .config console log report syz C ci-gvisor-ptrace-1-cover panic: runtime error: index out of range [NUM] with length NUM
2021/10/24 01:22 gvisor 14f4113924c8 282f03fb .config console log report syz C ci-gvisor-ptrace-2-cover panic: runtime error: index out of range [NUM] with length NUM
2021/10/24 01:17 gvisor 14f4113924c8 282f03fb .config console log report syz C ci-gvisor-ptrace-2-race panic: runtime error: index out of range [NUM] with length NUM
2021/10/24 01:17 gvisor 14f4113924c8 282f03fb .config console log report syz C ci-gvisor-ptrace-1-race panic: runtime error: index out of range [NUM] with length NUM
2021/10/24 01:17 gvisor 14f4113924c8 282f03fb .config console log report syz C ci-gvisor-ptrace-2 panic: runtime error: index out of range [NUM] with length NUM
2021/10/24 01:16 gvisor 14f4113924c8 282f03fb .config console log report syz C ci-gvisor-kvm panic: runtime error: index out of range [NUM] with length NUM
2021/10/24 01:03 gvisor 14f4113924c8 282f03fb .config console log report syz C ci-gvisor-kvm-cover panic: runtime error: index out of range [NUM] with length NUM
2021/10/26 03:58 gvisor 7c267106d1d7 c1132b49 .config console log report info ci-gvisor-kvm-cover panic: runtime error: index out of range [NUM] with length NUM
2021/10/24 16:41 gvisor 14f4113924c8 282f03fb .config console log report info ci-gvisor-kvm-cover panic: runtime error: index out of range [NUM] with length NUM
2021/10/24 07:52 gvisor 14f4113924c8 282f03fb .config console log report info ci-gvisor-kvm-cover panic: runtime error: index out of range [NUM] with length NUM
2021/10/24 00:57 gvisor 14f4113924c8 282f03fb .config console log report info ci-gvisor-kvm-cover panic: runtime error: index out of range [NUM] with length NUM
* Struck through repros no longer work on HEAD.