syzbot

 sign-in | mailing list | source | docs
🐞 Open [144]
🐞 Fixed [274]
🐞 Invalid [739]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
💬 Send us feedback

panic.go:LINE +0x72 fp=ADDR sp=ADDR pc=ADDR (7)

Status: closed as invalid on 2020/03/03 08:16
Reported-by: syzbot+f289e0fcff33256199fb@syzkaller.appspotmail.com
First crash: 1725d, last: 1725d
Similar bugs (7)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
openbsd panic.go:LINE +0x72 fp=ADDR sp=ADDR pc=ADDR (2) 1 1846d 1846d 0/3 closed as invalid on 2019/11/02 08:04
openbsd panic.go:LINE +0x72 fp=ADDR sp=ADDR pc=ADDR (8) 10 1611d 1682d 0/3 closed as invalid on 2020/08/04 06:37
openbsd panic.go:LINE +0x72 fp=ADDR sp=ADDR pc=ADDR (6) 1 1749d 1749d 0/3 closed as invalid on 2020/02/09 09:06
openbsd panic.go:LINE +0x72 fp=ADDR sp=ADDR pc=ADDR (3) 1 1817d 1817d 0/3 closed as invalid on 2019/12/02 08:42
openbsd panic.go:LINE +0x72 fp=ADDR sp=ADDR pc=ADDR (4) 2 1762d 1763d 0/3 closed as invalid on 2020/01/26 09:58
openbsd panic.go:LINE +0x72 fp=ADDR sp=ADDR pc=ADDR 1 1868d 1868d 0/3 closed as invalid on 2019/10/26 08:48
openbsd panic.go:LINE +0x72 fp=ADDR sp=ADDR pc=ADDR (5) 1 1756d 1756d 0/3 closed as invalid on 2020/02/01 08:31

Sample crash report:
	/usr/local/go/src/runtime/panic.go:774 +0x72 fp=0xc00014d900 sp=0xc00014d8d0 pc=0x42e9d2
runtime.(*mcache).nextFree(0x2c0399008, 0xc00000f257, 0x8, 0xc0034f2700, 0x3)
	/usr/local/go/src/runtime/malloc.go:852 +0x217 fp=0xc00014d938 sp=0xc00014d900 pc=0x40baf7
runtime.mallocgc(0x1000, 0x0, 0xc002a4f000, 0xc00014da30)
	/usr/local/go/src/runtime/malloc.go:1022 +0x793 fp=0xc00014d9d8 sp=0xc00014d938 pc=0x40c2a3
runtime.growslice(0x83e660, 0xc001023800, 0x100, 0x100, 0x101, 0xc001023800, 0x80, 0x100)
	/usr/local/go/src/runtime/slice.go:175 +0x14e fp=0xc00014da40 sp=0xc00014d9d8 pc=0x444fae
github.com/google/syzkaller/prog.(*vmaAlloc).noteAlloc(0xc00349c600, 0x0, 0x800)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/alloc.go:132 +0xfa fp=0xc00014da98 sp=0xc00014da40 pc=0x76b5fa
github.com/google/syzkaller/prog.(*state).analyzeImpl.func1(0x9a78e0, 0xc003509770, 0xc002a4eda0)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/analysis.go:64 +0x4dc fp=0xc00014db90 sp=0xc00014da98 pc=0x79f0bc
github.com/google/syzkaller/prog.foreachArgImpl(0x9a78e0, 0xc003509770, 0xc0035055c8, 0x0, 0x0, 0x8ccf00, 0xc00014dcf8)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/analysis.go:125 +0xbe fp=0xc00014dc80 sp=0xc00014db90 pc=0x76bffe
github.com/google/syzkaller/prog.ForeachArg(0xc0035055c0, 0xc00014dcf8)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/analysis.go:120 +0x9e fp=0xc00014dce8 sp=0xc00014dc80 pc=0x76bece
github.com/google/syzkaller/prog.(*state).analyzeImpl(0xc0031d5180, 0xc0035055c0, 0xc002f2e001)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/analysis.go:58 +0x61 fp=0xc00014dd20 sp=0xc00014dce8 pc=0x76be11
github.com/google/syzkaller/prog.analyze(0xc003544680, 0xc002f2e000, 0x1f2b, 0x2400, 0xc003545bc0, 0xc00349ed40, 0x32de63396853aa8b)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/analysis.go:34 +0xa5 fp=0xc00014dd88 sp=0xc00014dd20 pc=0x76bb45
github.com/google/syzkaller/prog.(*mutator).mutateArg(0xc00014dec0, 0xa)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/mutation.go:165 +0xc1 fp=0xc00014de48 sp=0xc00014dd88 pc=0x7842e1
github.com/google/syzkaller/prog.(*Prog).Mutate(0xc003545bc0, 0x9a2120, 0xc00300a420, 0x1e, 0xc003544680, 0xc002f2e000, 0x1f2b, 0x2400)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/mutation.go:44 +0x2da fp=0xc00014df08 sp=0xc00014de48 pc=0x7835fa
main.(*Proc).loop(0xc003028140)
	/syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/proc.go:99 +0x434 fp=0xc00014dfd8 sp=0xc00014df08 pc=0x7ecfa4
runtime.goexit()
	/usr/local/go/src/runtime/asm_amd64.s:1357 +0x1 fp=0xc00014dfe0 sp=0xc00014dfd8 pc=0x45d461
created by main.main
	/syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/fuzzer.go:259 +0x114c

goroutine 1 [select]:
main.(*Fuzzer).pollLoop(0xc0000d6f20)
	/syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/fuzzer.go:320 +0x127
main.main()
	/syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/fuzzer.go:262 +0x12bd

goroutine 19 [IO wait]:
internal/poll.runtime_pollWait(0x251068ec8, 0x72, 0xffffffffffffffff)
	/usr/local/go/src/runtime/netpoll.go:184 +0x55
internal/poll.(*pollDesc).wait(0xc0000c1218, 0x72, 0x1000, 0x1000, 0xffffffffffffffff)
	/usr/local/go/src/internal/poll/fd_poll_runtime.go:87 +0x45
internal/poll.(*pollDesc).waitRead(...)
	/usr/local/go/src/internal/poll/fd_poll_runtime.go:92
internal/poll.(*FD).Read(0xc0000c1200, 0xc000222000, 0x1000, 0x1000, 0x0, 0x0, 0x0)
	/usr/local/go/src/internal/poll/fd_unix.go:169 +0x1cf
net.(*netFD).Read(0xc0000c1200, 0xc000222000, 0x1000, 0x1000, 0xc00014ba60, 0xc00014bb40, 0x7c3d0d)
	/usr/local/go/src/net/fd_unix.go:202 +0x4f
net.(*conn).Read(0xc00000f2f8, 0xc000222000, 0x1000, 0x1000, 0x0, 0x0, 0x0)
	/usr/local/go/src/net/net.go:184 +0x68
bufio.(*Reader).fill(0xc000057ce0)
	/usr/local/go/src/bufio/bufio.go:100 +0x103
bufio.(*Reader).ReadByte(0xc000057ce0, 0xc00014bc00, 0xc0000c1280, 0xc00000dcc0)
	/usr/local/go/src/bufio/bufio.go:252 +0x39
compress/flate.(*decompressor).moreBits(0xc000125300, 0x91ceb8, 0xc00014bb88)
	/usr/local/go/src/compress/flate/inflate.go:696 +0x37
compress/flate.(*decompressor).nextBlock(0xc000125300)
	/usr/local/go/src/compress/flate/inflate.go:303 +0x36
compress/flate.(*decompressor).Read(0xc000125300, 0xc00022e000, 0x1000, 0x1000, 0x892ea0, 0xc002b32f90, 0x199)
	/usr/local/go/src/compress/flate/inflate.go:347 +0x77
github.com/google/syzkaller/pkg/rpctype.(*flateConn).Read(0xc0000fab40, 0xc00022e000, 0x1000, 0x1000, 0x10, 0xc00014bb88, 0x7c3b6d)
	/syzkaller/gopath/src/github.com/google/syzkaller/pkg/rpctype/rpc.go:131 +0x51
bufio.(*Reader).Read(0xc000057d40, 0xc000020a50, 0x1, 0x9, 0x0, 0x0, 0xc00014bd70)
	/usr/local/go/src/bufio/bufio.go:226 +0x26a
io.ReadAtLeast(0x99e0a0, 0xc000057d40, 0xc000020a50, 0x1, 0x9, 0x1, 0x1, 0x0, 0x0)
	/usr/local/go/src/io/io.go:310 +0x87
io.ReadFull(...)
	/usr/local/go/src/io/io.go:329
encoding/gob.decodeUintReader(0x99e0a0, 0xc000057d40, 0xc000020a50, 0x9, 0x9, 0x4050d5, 0x4307fc, 0xc00014bd48, 0x45a310)
	/usr/local/go/src/encoding/gob/decode.go:120 +0x6f
encoding/gob.(*Decoder).recvMessage(0xc0000c1280, 0x404fbc)
	/usr/local/go/src/encoding/gob/decoder.go:81 +0x57
encoding/gob.(*Decoder).decodeTypeSequence(0xc0000c1280, 0xc000000100, 0xc00014be10)
	/usr/local/go/src/encoding/gob/decoder.go:143 +0x10c
encoding/gob.(*Decoder).DecodeValue(0xc0000c1280, 0x82da40, 0xc0000fb020, 0x16, 0x0, 0x0)
	/usr/local/go/src/encoding/gob/decoder.go:211 +0x10b
encoding/gob.(*Decoder).Decode(0xc0000c1280, 0x82da40, 0xc0000fb020, 0x0, 0x0)
	/usr/local/go/src/encoding/gob/decoder.go:188 +0x16d
net/rpc.(*gobClientCodec).ReadResponseHeader(0xc0000fac30, 0xc0000fb020, 0xc002b32f60, 0x0)
	/usr/local/go/src/net/rpc/client.go:228 +0x45
net/rpc.(*Client).input(0xc000057e00)
	/usr/local/go/src/net/rpc/client.go:109 +0xa5
created by net/rpc.NewClientWithCodec
	/usr/local/go/src/net/rpc/client.go:206 +0x89

goroutine 7 [syscall]:
os/signal.signal_recv(0x0)
	/usr/local/go/src/runtime/sigqueue.go:147 +0x9c
os/signal.loop()
	/usr/local/go/src/os/signal/signal_unix.go:23 +0x22
created by os/signal.init.0
	/usr/local/go/src/os/signal/signal_unix.go:29 +0x41

goroutine 16 [chan receive]:
main.main.func1(0xc00006a5a0)
	/syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/fuzzer.go:137 +0x34
created by main.main
	/syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/fuzzer.go:135 +0x5b0

goroutine 15 [chan receive]:
github.com/google/syzkaller/pkg/osutil.HandleInterrupts.func1(0xc00006a5a0)
	/syzkaller/gopath/src/github.com/google/syzkaller/pkg/osutil/osutil_unix.go:74 +0xb6
created by github.com/google/syzkaller/pkg/osutil.HandleInterrupts
	/syzkaller/gopath/src/github.com/google/syzkaller/pkg/osutil/osutil_unix.go:71 +0x3f

goroutine 24 [IO wait]:
internal/poll.runtime_pollWait(0x251068c58, 0x72, 0xffffffffffffffff)
	/usr/local/go/src/runtime/netpoll.go:184 +0x55
internal/poll.(*pollDesc).wait(0xc00293d8d8, 0x72, 0x1ff01, 0x1ffd6, 0xffffffffffffffff)
	/usr/local/go/src/internal/poll/fd_poll_runtime.go:87 +0x45
internal/poll.(*pollDesc).waitRead(...)
	/usr/local/go/src/internal/poll/fd_poll_runtime.go:92
internal/poll.(*FD).Read(0xc00293d8c0, 0xc0016da02a, 0x1ffd6, 0x1ffd6, 0x0, 0x0, 0x0)
	/usr/local/go/src/internal/poll/fd_unix.go:169 +0x1cf
os.(*File).read(...)
	/usr/local/go/src/os/file_unix.go:259
os.(*File).Read(0xc00000f9c8, 0xc0016da02a, 0x1ffd6, 0x1ffd6, 0x2a, 0x0, 0x0)
	/usr/local/go/src/os/file.go:116 +0x71
github.com/google/syzkaller/pkg/ipc.makeCommand.func2(0xc00000f9c8, 0xc0005ae7e0)
	/syzkaller/gopath/src/github.com/google/syzkaller/pkg/ipc/ipc.go:603 +0xaf
created by github.com/google/syzkaller/pkg/ipc.makeCommand
	/syzkaller/gopath/src/github.com/google/syzkaller/pkg/ipc/ipc.go:597 +0x89f

goroutine 26 [runnable]:
runtime.goparkunlock(...)
	/usr/local/go/src/runtime/proc.go:310
sync.runtime_notifyListWait(0xc0000f5d10, 0x13)
	/usr/local/go/src/runtime/sema.go:510 +0xf8
sync.(*Cond).Wait(0xc0000f5d00)
	/usr/local/go/src/sync/cond.go:56 +0x9d
github.com/google/syzkaller/pkg/ipc.(*Gate).Enter(0xc0000f5d40, 0x1)
	/syzkaller/gopath/src/github.com/google/syzkaller/pkg/ipc/gate.go:34 +0x4d
main.(*Proc).executeRaw(0xc002efbcc0, 0xc000022a00, 0xc003545240, 0x1, 0x0)
	/syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/proc.go:286 +0x6b
main.(*Proc).execute(0xc002efbcc0, 0xc000022a00, 0xc003545240, 0x0, 0x1, 0x1)
	/syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/proc.go:255 +0x6a
main.(*Proc).loop(0xc002efbcc0)
	/syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/proc.go:101 +0x4de
created by main.main
	/syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/fuzzer.go:259 +0x114c

goroutine 27 [IO wait]:
internal/poll.runtime_pollWait(0x251068d28, 0x72, 0xffffffffffffffff)
	/usr/local/go/src/runtime/netpoll.go:184 +0x55
internal/poll.(*pollDesc).wait(0xc000464498, 0x72, 0x1ff01, 0x1ffd6, 0xffffffffffffffff)
	/usr/local/go/src/internal/poll/fd_poll_runtime.go:87 +0x45
internal/poll.(*pollDesc).waitRead(...)
	/usr/local/go/src/internal/poll/fd_poll_runtime.go:92
internal/poll.(*FD).Read(0xc000464480, 0xc0021d002a, 0x1ffd6, 0x1ffd6, 0x0, 0x0, 0x0)
	/usr/local/go/src/internal/poll/fd_unix.go:169 +0x1cf
os.(*File).read(...)
	/usr/local/go/src/os/file_unix.go:259
os.(*File).Read(0xc00000fd78, 0xc0021d002a, 0x1ffd6, 0x1ffd6, 0x2a, 0x0, 0x0)
	/usr/local/go/src/os/file.go:116 +0x71
github.com/google/syzkaller/pkg/ipc.makeCommand.func2(0xc00000fd78, 0xc0005ae8c0)
	/syzkaller/gopath/src/github.com/google/syzkaller/pkg/ipc/ipc.go:603 +0xaf
created by github.com/google/syzkaller/pkg/ipc.makeCommand
	/syzkaller/gopath/src/github.com/google/syzkaller/pkg/ipc/ipc.go:597 +0x89f

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2020/03/02 21:09 openbsd 23a32f86e8aa 4a4e0509 .config console log report ci-openbsd-main
* Struck through repros no longer work on HEAD.