syzbot

 sign-in | mailing list | source | docs
🐞 Open [41]
🐞 Fixed [469]
🐞 Invalid [348]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
💬 Send us feedback

panic: runtime error: slice bounds out of range [:LINE] with capacity 0

Status: fixed on 2021/09/27 21:02
Fix commit: 6d0b40b1d159 [op] Make PacketBuffer Clone() do a deeper copy.
First crash: 1206d, last: 1205d
Similar bugs (2)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
gvisor panic: runtime error: slice bounds out of range [:NUM] with capacity NUM C 196 1025d 1033d 14/26 fixed on 2022/11/14 20:25
gvisor panic: runtime error: slice bounds out of range [:NUM] with capacity NUM (2) C 7 643d 645d 18/26 fixed on 2023/02/24 03:02

Sample crash report:
panic: runtime error: slice bounds out of range [:16] with capacity 0

goroutine 292769 [running]:
panic(0x1172540, 0xc000db6438)
	GOROOT/src/runtime/panic.go:1065 +0x565 fp=0xc08a606350 sp=0xc08a606288 pc=0x437c65
runtime.goPanicSliceAcap(0x10, 0x0)
	GOROOT/src/runtime/panic.go:106 +0xa5 fp=0xc08a606398 sp=0xc08a606350 pc=0x4352c5
gvisor.dev/gvisor/pkg/tcpip/header.IPv4.SourceAddress(...)
	pkg/tcpip/header/ipv4.go:299
gvisor.dev/gvisor/pkg/tcpip/header.(*IPv4).SourceAddress(0x1c17220, 0x13e3fd8, 0x1c17220)
	<autogenerated>:1 +0x85 fp=0xc08a6063d0 sp=0xc08a606398 pc=0x906ea5
gvisor.dev/gvisor/pkg/tcpip/transport/tcp.newIncomingSegment(0x2, 0xc0013bbb30, 0x4, 0x95e3, 0xc0013bbb2c, 0x4, 0x13d5bb8, 0xc0000e6780, 0xc0083f9200, 0x0)
	pkg/tcpip/transport/tcp/segment.go:95 +0x63 fp=0xc08a606468 sp=0xc08a6063d0 pc=0xad2183
gvisor.dev/gvisor/pkg/tcpip/transport/tcp.(*dispatcher).queuePacket(0xc000bba0c0, 0x13dd218, 0xc00a11f200, 0x2, 0xc0013bbb30, 0x4, 0x95e3, 0xc0013bbb2c, 0x4, 0x13d5bb8, ...)
	pkg/tcpip/transport/tcp/dispatcher.go:180 +0xbb fp=0xc08a608bd0 sp=0xc08a606468 pc=0xac039b
gvisor.dev/gvisor/pkg/tcpip/transport/tcp.(*protocol).QueuePacket(0xc000bba000, 0x13dd218, 0xc00a11f200, 0x2, 0xc0013bbb30, 0x4, 0x95e3, 0xc0013bbb2c, 0x4, 0xc0083f9200)
	pkg/tcpip/transport/tcp/protocol.go:134 +0x9b fp=0xc08a608c40 sp=0xc08a608bd0 pc=0xacce3b
gvisor.dev/gvisor/pkg/tcpip/stack.(*endpointsByNIC).handlePacket(0xc007a23500, 0x2, 0xc0013bbb30, 0x4, 0x95e3, 0xc0013bbb2c, 0x4, 0xc0083f9200, 0xc00a36ed48)
	pkg/tcpip/stack/transport_demuxer.go:176 +0x20b fp=0xc08a608cc0 sp=0xc08a608c40 pc=0x945fab
gvisor.dev/gvisor/pkg/tcpip/stack.(*transportDemuxer).deliverPacket(0xc0005997d0, 0xc000000006, 0xc0083f9200, 0x2, 0xc0013bbb30, 0x4, 0x95e3, 0xc0013bbb2c, 0x4, 0xc0013bbb28)
	pkg/tcpip/stack/transport_demuxer.go:581 +0x570 fp=0xc08a608d58 sp=0xc08a608cc0 pc=0x948d90
gvisor.dev/gvisor/pkg/tcpip/stack.(*nic).DeliverTransportPacket(0xc000bc2000, 0x6, 0xc0083f9200, 0x0)
	pkg/tcpip/stack/nic.go:820 +0x2e5 fp=0xc08a608e60 sp=0xc08a608d58 pc=0x932c65
gvisor.dev/gvisor/pkg/tcpip/network/ipv4.(*endpoint).handleValidatedPacket(0xc0000d9500, 0xc00a32b8e8, 0x14, 0x34, 0xc0083f9200, 0x1255dd8, 0x2)
	pkg/tcpip/network/ipv4/ipv4.go:1046 +0x8ec fp=0xc08a609628 sp=0xc08a608e60 pc=0xaff34c
gvisor.dev/gvisor/pkg/tcpip/network/ipv4.(*endpoint).HandlePacket(0xc0000d9500, 0xc0083f9200)
	pkg/tcpip/network/ipv4/ipv4.go:836 +0x166 fp=0xc08a6098c0 sp=0xc08a609628 pc=0xafe426
gvisor.dev/gvisor/pkg/tcpip/stack.(*nic).DeliverNetworkPacket(0xc000bc2000, 0x0, 0x0, 0x0, 0x0, 0x800, 0xc0083f9200)
	pkg/tcpip/stack/nic.go:749 +0x288 fp=0xc08a609950 sp=0xc08a6098c0 pc=0x9326a8
gvisor.dev/gvisor/pkg/tcpip/link/nested.(*Endpoint).DeliverNetworkPacket(0xc000156c40, 0x0, 0x0, 0x0, 0x0, 0xc000000800, 0xc0083f9200)
	pkg/tcpip/link/nested/nested.go:59 +0xbe fp=0xc08a6099a8 sp=0xc08a609950 pc=0xb9a47e
gvisor.dev/gvisor/pkg/tcpip/link/sniffer.(*endpoint).DeliverNetworkPacket(0xc000156c40, 0x0, 0x0, 0x0, 0x0, 0x800, 0xc0083f9200)
	pkg/tcpip/link/sniffer/sniffer.go:140 +0x94 fp=0xc08a6099f0 sp=0xc08a6099a8 pc=0xb9b254
gvisor.dev/gvisor/pkg/tcpip/link/loopback.(*endpoint).WritePacket(0xc0009b06c0, 0xc0013bb9a0, 0x4, 0xc0013bb9a0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100000800, ...)
	pkg/tcpip/link/loopback/loopback.go:89 +0xca fp=0xc08a609a48 sp=0xc08a6099f0 pc=0xe1e58a
gvisor.dev/gvisor/pkg/tcpip/link/nested.(*Endpoint).WritePacket(...)
	pkg/tcpip/link/nested/nested.go:117
gvisor.dev/gvisor/pkg/tcpip/link/sniffer.(*endpoint).WritePacket(0xc000156c40, 0xc0013bb9a0, 0x4, 0xc0013bb9a0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100000800, ...)
	pkg/tcpip/link/sniffer/sniffer.go:174 +0x10d fp=0xc08a609b30 sp=0xc08a609a48 pc=0xb9b5cd
gvisor.dev/gvisor/pkg/tcpip/stack.(*nic).writePacket(0xc000bc2000, 0xc0013bb9a0, 0x4, 0xc0013bb9a0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100000800, ...)
	pkg/tcpip/stack/nic.go:368 +0xfe fp=0xc08a609bc8 sp=0xc08a609b30 pc=0x93069e
gvisor.dev/gvisor/pkg/tcpip/stack.(*nic).writePacketBuffer(0xc000bc2000, 0xc0013bb9a0, 0x4, 0xc0013bb9a0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100000800, ...)
	pkg/tcpip/stack/nic.go:314 +0xd0 fp=0xc08a609c78 sp=0xc08a609bc8 pc=0x92ffd0
gvisor.dev/gvisor/pkg/tcpip/stack.(*nic).enqueuePacketBuffer(0xc000bc2000, 0xc001a8aa00, 0x800, 0x13bcb80, 0xc0083f9100, 0xc00a32b8fc, 0x20, 0x20)
	pkg/tcpip/stack/nic.go:329 +0x25d fp=0xc08a609dc8 sp=0xc08a609c78 pc=0x93041d
gvisor.dev/gvisor/pkg/tcpip/stack.(*nic).WritePacket(0xc000bc2000, 0xc001a8aa00, 0xc000000800, 0xc0083f9100, 0x34, 0x0)
	pkg/tcpip/stack/nic.go:307 +0x53 fp=0xc08a609e18 sp=0xc08a609dc8 pc=0x92fed3
gvisor.dev/gvisor/pkg/tcpip/network/ipv4.(*endpoint).writePacket(0xc0000d9500, 0xc001a8aa00, 0xc0083f9100, 0xc001a8aa00, 0x0, 0x0)
	pkg/tcpip/network/ipv4/ipv4.go:495 +0x375 fp=0xc08a60a050 sp=0xc08a609e18 pc=0xafc375
gvisor.dev/gvisor/pkg/tcpip/network/ipv4.(*endpoint).WritePacket(0xc0000d9500, 0xc001a8aa00, 0x2004000000006, 0xc0083f9100, 0xffff1120, 0xc00a32b8fc)
	pkg/tcpip/network/ipv4/ipv4.go:445 +0x179 fp=0xc08a60a0c0 sp=0xc08a60a050 pc=0xafbe99
gvisor.dev/gvisor/pkg/tcpip/stack.(*Route).WritePacket(0xc001a8aa00, 0x4000000006, 0xc0083f9100, 0xc00031a468, 0x2)
	pkg/tcpip/stack/route.go:462 +0xad fp=0xc08a60a100 sp=0xc08a60a0c0 pc=0x939fad
gvisor.dev/gvisor/pkg/tcpip/transport/tcp.sendTCP(0xc001a8aa00, 0x95e3, 0xc0013bb9a0, 0x4, 0x2, 0xc0013bb9a0, 0x4, 0xf4d064a600110040, 0xffff7a85907c, 0xc00947c060, ...)
	pkg/tcpip/transport/tcp/connect.go:842 +0x285 fp=0xc08a60bf50 sp=0xc08a60a100 pc=0xabbc65
gvisor.dev/gvisor/pkg/tcpip/transport/tcp.(*endpoint).sendTCP(0xc009ceec00, 0xc001a8aa00, 0x95e3, 0xc0013bb9a0, 0x4, 0x2, 0xc0013bb9a0, 0x4, 0xf4d064a600110000, 0xffff7a85907c, ...)
	pkg/tcpip/transport/tcp/connect.go:734 +0xea fp=0xc08a60c020 sp=0xc08a60bf50 pc=0xabb02a
gvisor.dev/gvisor/pkg/tcpip/transport/tcp.(*endpoint).sendRaw(0xc009ceec00, 0x0, 0x0, 0x0, 0x0, 0xf4d064a600000011, 0xffff7a85907c, 0x0, 0x0)
	pkg/tcpip/transport/tcp/connect.go:899 +0x23c fp=0xc08a60c1a0 sp=0xc08a60c020 pc=0xabc41c
gvisor.dev/gvisor/pkg/tcpip/transport/tcp.(*sender).sendSegmentFromView(0xc009ce1880, 0x0, 0x0, 0x0, 0x0, 0xf4d064a600000011, 0x0, 0x0)
	pkg/tcpip/transport/tcp/snd.go:1547 +0xef fp=0xc08a60c1f8 sp=0xc08a60c1a0 pc=0xad7a2f
gvisor.dev/gvisor/pkg/tcpip/transport/tcp.(*sender).sendSegment(0xc009ce1880, 0xc00a35e000, 0x1d0aea6f, 0xe7791f860)
	pkg/tcpip/transport/tcp/snd.go:1515 +0x1c5 fp=0xc08a60d5d8 sp=0xc08a60c1f8 pc=0xad7845
gvisor.dev/gvisor/pkg/tcpip/transport/tcp.(*sender).maybeSendSegment(0xc009ce1880, 0xc00a35e000, 0xffcb, 0xc0f4d164a5, 0xad251e)
	pkg/tcpip/transport/tcp/snd.go:843 +0x35c fp=0xc08a60d668 sp=0xc08a60d5d8 pc=0xad559c
gvisor.dev/gvisor/pkg/tcpip/transport/tcp.(*sender).sendData(0xc009ce1880)
	pkg/tcpip/transport/tcp/snd.go:946 +0x129 fp=0xc08a60d6c0 sp=0xc08a60d668 pc=0xad5be9
gvisor.dev/gvisor/pkg/tcpip/transport/tcp.(*endpoint).sendData(...)
	pkg/tcpip/transport/tcp/connect.go:924
gvisor.dev/gvisor/pkg/tcpip/transport/tcp.(*endpoint).shutdownLocked(0xc009ceec00, 0x3, 0x0, 0xc0004b57b0)
	pkg/tcpip/transport/tcp/endpoint.go:2406 +0x265 fp=0xc08a60d778 sp=0xc08a60d6c0 pc=0xac7ae5
gvisor.dev/gvisor/pkg/tcpip/transport/tcp.(*endpoint).Close(0xc009ceec00)
	pkg/tcpip/transport/tcp/endpoint.go:1025 +0x16d fp=0xc08a60d7c0 sp=0xc08a60d778 pc=0xac1dcd
gvisor.dev/gvisor/pkg/sentry/socket/netstack.(*socketOpsCommon).Release(0xc00a322a30, 0x13e6280, 0xc00a58ea80)
	pkg/sentry/socket/netstack/netstack.go:433 +0x1a2 fp=0xc08a60d890 sp=0xc08a60d7c0 pc=0xb28e42
gvisor.dev/gvisor/pkg/sentry/socket/netstack.(*SocketVFS2).Release(0xc00a3229c0, 0x13e6280, 0xc00a58ea80)
	pkg/sentry/socket/netstack/netstack_vfs2.go:85 +0xab fp=0xc08a60d8c8 sp=0xc08a60d890 pc=0xb39e2b
gvisor.dev/gvisor/pkg/sentry/vfs.(*FileDescription).DecRef.func1()
	pkg/sentry/vfs/file_description.go:194 +0x231 fp=0xc08a60d9a8 sp=0xc08a60d8c8 pc=0x75ead1
gvisor.dev/gvisor/pkg/sentry/vfs.(*FileDescriptionRefs).DecRef(0xc00a3229c0, 0xc0004b5a30)
	bazel-out/k8-fastbuild-ST-4c64f0b3d5c7/bin/pkg/sentry/vfs/file_description_refs.go:131 +0x5a fp=0xc08a60da20 sp=0xc08a60d9a8 pc=0x73f6fa
gvisor.dev/gvisor/pkg/sentry/vfs.(*FileDescription).DecRef(0xc00a3229c0, 0x13e6280, 0xc00a58ea80)
	pkg/sentry/vfs/file_description.go:163 +0x69 fp=0xc08a60da60 sp=0xc08a60da20 pc=0x7394a9
gvisor.dev/gvisor/pkg/sentry/syscalls/linux/vfs2.Close(0xc00a58ea80, 0x4, 0x1, 0x575648, 0x7fe98402d4f0, 0x0, 0x1b2eb201c0, 0x0, 0x0, 0x0, ...)
	pkg/sentry/syscalls/linux/vfs2/fd.go:45 +0x1ba fp=0xc08a60db00 sp=0xc08a60da60 pc=0xddea5a
gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).executeSyscall(0xc00a58ea80, 0x3, 0x4, 0x1, 0x575648, 0x7fe98402d4f0, 0x0, 0x1b2eb201c0, 0xe37930, 0x1254960, ...)
	pkg/sentry/kernel/task_syscall.go:104 +0x13c fp=0xc08a60dc60 sp=0xc08a60db00 pc=0x9bf83c
gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscallInvoke(0xc00a58ea80, 0x3, 0x4, 0x1, 0x575648, 0x7fe98402d4f0, 0x0, 0x1b2eb201c0, 0x0, 0x1b2eb201c0)
	pkg/sentry/kernel/task_syscall.go:239 +0x66 fp=0xc08a60dce8 sp=0xc08a60dc60 pc=0x9c09c6
gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscallEnter(0xc00a58ea80, 0x3, 0x4, 0x1, 0x575648, 0x7fe98402d4f0, 0x0, 0x1b2eb201c0, 0x0, 0x0)
	pkg/sentry/kernel/task_syscall.go:199 +0x98 fp=0xc08a60dd48 sp=0xc08a60dce8 pc=0x9c05b8
gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).doSyscall(0xc00a58ea80, 0x2, 0xc00a58ea80)
	pkg/sentry/kernel/task_syscall.go:174 +0x15c fp=0xc08a60de18 sp=0xc08a60dd48 pc=0x9bff5c
gvisor.dev/gvisor/pkg/sentry/kernel.(*runApp).execute(0x0, 0xc00a58ea80, 0x13bba60, 0x0)
	pkg/sentry/kernel/task_run.go:282 +0xca5 fp=0xc08a60df60 sp=0xc08a60de18 pc=0x9b4b25
gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).run(0xc00a58ea80, 0x2232)
	pkg/sentry/kernel/task_run.go:97 +0x1af fp=0xc08a60dfd0 sp=0xc08a60df60 pc=0x9b378f
runtime.goexit()
	src/runtime/asm_amd64.s:1371 +0x1 fp=0xc08a60dfd8 sp=0xc08a60dfd0 pc=0x472821
created by gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).Start
	pkg/sentry/kernel/task_start.go:328 +0xfe

Crashes (2):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2021/08/09 11:50 gvisor c07dc3828a03 6972b106 .config console log report info ci-gvisor-kvm panic: runtime error: slice bounds out of range [:LINE] with capacity 0
2021/08/08 05:51 gvisor c07dc3828a03 6972b106 .config console log report info ci-gvisor-kvm panic: runtime error: slice bounds out of range [:LINE] with capacity 0
* Struck through repros no longer work on HEAD.