syzbot

 sign-in | mailing list | source | docs
🐞 Open [41]
🐞 Fixed [469]
🐞 Invalid [348]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
💬 Send us feedback

panic: invalid allocation length: 0x0 (2)

Status: fixed on 2018/12/19 10:45
Fix commit: 3b3f02627870 Truncate ar before calling mm.breakCopyOnWriteLocked().
First crash: 2171d, last: 2170d
Similar bugs (3)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
gvisor panic: invalid allocation length: 0x0 (3) syz 12 1764d 1764d 0/26 fixed on 2020/01/31 18:49
gvisor panic: invalid allocation length: 0x0 C 223 2181d 2348d 0/26 fixed on 2018/12/12 09:36
gvisor panic: invalid allocation length: 0x0 (4) C 4338 901d 903d 14/26 fixed on 2022/06/09 07:46

Sample crash report:
panic: invalid allocation length: 0x0

goroutine 107 [running]:
gvisor.googlesource.com/gvisor/pkg/sentry/platform/filemem.(*FileMem).Allocate(0xc000151b00, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0)
	pkg/sentry/platform/filemem/filemem.go:255 +0x78e
gvisor.googlesource.com/gvisor/pkg/sentry/platform.AllocateAndFill(0x1203ec0, 0xc000151b00, 0x0, 0x1, 0x11f2440, 0xc00042ef80, 0x0, 0x0, 0x0, 0x0)
	pkg/sentry/platform/platform.go:418 +0x74
gvisor.googlesource.com/gvisor/pkg/sentry/mm.(*MemoryManager).breakCopyOnWriteLocked(0xc0003fcd80, 0xc0003fd470, 0x4, 0x20002000, 0x21000000, 0x4, 0x21000000, 0x0, 0x0, 0xc0003fd470)
	pkg/sentry/mm/pma.go:433 +0x342
gvisor.googlesource.com/gvisor/pkg/sentry/mm.(*MemoryManager).getPMAsLocked(0xc0003fcd80, 0x1200780, 0xc00024aa80, 0xc0003fcdf0, 0x5, 0x20002000, 0x21000000, 0x1, 0xc0003fcdf0, 0x7, ...)
	pkg/sentry/mm/pma.go:142 +0x35a
gvisor.googlesource.com/gvisor/pkg/sentry/mm.(*MemoryManager).withInternalMappings(0xc0003fcd80, 0x1200780, 0xc00024aa80, 0x20002640, 0x21000000, 0x100, 0xc0001e4f80, 0xc0001e4fe0, 0x40cbb7, 0xc000350cc0)
	pkg/sentry/mm/io.go:484 +0x274
gvisor.googlesource.com/gvisor/pkg/sentry/mm.(*MemoryManager).ZeroOut(0xc0003fcd80, 0x1200780, 0xc00024aa80, 0x20002640, 0x7ffff000, 0x450100, 0xc0001e5020, 0xc0001e5020, 0x405bd3)
	pkg/sentry/mm/io.go:205 +0x1ab
gvisor.googlesource.com/gvisor/pkg/sentry/usermem.ZeroOutVec(0x1200780, 0xc00024aa80, 0x11ffa60, 0xc0003fcd80, 0x0, 0x1, 0x20002640, 0x7ffff000, 0x7fffffffffffffff, 0x1200100, ...)
	pkg/sentry/usermem/usermem.go:324 +0x194
gvisor.googlesource.com/gvisor/pkg/sentry/usermem.IOSequence.ZeroOut(0x11ffa60, 0xc0003fcd80, 0x0, 0x1, 0x20002640, 0x7ffff000, 0x100, 0x1200780, 0xc00024aa80, 0x7fffffffffffffff, ...)
	pkg/sentry/usermem/usermem.go:514 +0xd5
gvisor.googlesource.com/gvisor/pkg/sentry/fs/dev.(*fullDevice).DeprecatedPreadv(0xc0003467e0, 0x1200780, 0xc00024aa80, 0x11ffa60, 0xc0003fcd80, 0x0, 0x1, 0x20002640, 0x7ffff000, 0x100, ...)
	pkg/sentry/fs/dev/full.go:49 +0xe1
gvisor.googlesource.com/gvisor/pkg/sentry/fs/fsutil.(*Handle).Read(0xc00042ef40, 0x1200780, 0xc00024aa80, 0xc00026f4d0, 0x11ffa60, 0xc0003fcd80, 0x0, 0x1, 0x20002640, 0x7ffff000, ...)
	pkg/sentry/fs/fsutil/handle.go:92 +0x107
gvisor.googlesource.com/gvisor/pkg/sentry/fs.(*overlayFileOperations).Read(0xc00045ae40, 0x1200780, 0xc00024aa80, 0xc00026f680, 0x11ffa60, 0xc0003fcd80, 0x0, 0x1, 0x20002640, 0x7ffff000, ...)
	pkg/sentry/fs/file_overlay.go:223 +0x2c2
gvisor.googlesource.com/gvisor/pkg/sentry/fs.(*File).Preadv(0xc00026f680, 0x1200780, 0xc00024aa80, 0x11ffa60, 0xc0003fcd80, 0x0, 0x1, 0x20002640, 0x7ffff000, 0x100, ...)
	pkg/sentry/fs/file.go:258 +0x182
gvisor.googlesource.com/gvisor/pkg/sentry/syscalls/linux.preadv(0xc00024aa80, 0xc00026f680, 0x11ffa60, 0xc0003fcd80, 0x0, 0x1, 0x20002640, 0x7ffff000, 0x100, 0x0, ...)
	pkg/sentry/syscalls/linux/sys_read.go:296 +0xee
gvisor.googlesource.com/gvisor/pkg/sentry/syscalls/linux.Pread64(0xc00024aa80, 0x5, 0x20002640, 0xfffffede, 0x0, 0x0, 0x4002e0, 0x0, 0x0, 0x0, ...)
	pkg/sentry/syscalls/linux/sys_read.go:114 +0x361
gvisor.googlesource.com/gvisor/pkg/sentry/kernel.(*Task).executeSyscall(0xc00024aa80, 0x11, 0x5, 0x20002640, 0xfffffede, 0x0, 0x0, 0x4002e0, 0xc00024aa80, 0x0, ...)
	pkg/sentry/kernel/task_syscall.go:165 +0x17b
gvisor.googlesource.com/gvisor/pkg/sentry/kernel.(*Task).doSyscallInvoke(0xc00024aa80, 0x11, 0x5, 0x20002640, 0xfffffede, 0x0, 0x0, 0x4002e0, 0x11f2160, 0x0)
	pkg/sentry/kernel/task_syscall.go:283 +0xb5
gvisor.googlesource.com/gvisor/pkg/sentry/kernel.(*Task).doSyscallEnter(0xc00024aa80, 0x11, 0x5, 0x20002640, 0xfffffede, 0x0, 0x0, 0x4002e0, 0xc0001e5c00, 0x4784ae)
	pkg/sentry/kernel/task_syscall.go:244 +0x10d
gvisor.googlesource.com/gvisor/pkg/sentry/kernel.(*Task).doSyscall(0xc00024aa80, 0x2, 0xc000532880)
	pkg/sentry/kernel/task_syscall.go:219 +0x1e4
gvisor.googlesource.com/gvisor/pkg/sentry/kernel.(*runApp).execute(0x0, 0xc00024aa80, 0x11f2160, 0x0)
	pkg/sentry/kernel/task_run.go:215 +0x15aa
gvisor.googlesource.com/gvisor/pkg/sentry/kernel.(*Task).run(0xc00024aa80, 0xe)
	pkg/sentry/kernel/task_run.go:91 +0x24c
created by gvisor.googlesource.com/gvisor/pkg/sentry/kernel.(*Task).Start
	pkg/sentry/kernel/task_start.go:279 +0x19e

Crashes (4):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2018/12/18 14:58 https://gvisor.googlesource.com/gvisor master 12c7430a01ad 4edaba93 .config console log report syz C ci-gvisor-ptrace-proxy-sandbox-race
2018/12/18 07:52 https://gvisor.googlesource.com/gvisor master f7e8dc57c526 def91db3 .config console log report syz C ci-gvisor-main
2018/12/17 11:52 https://gvisor.googlesource.com/gvisor master e491ebbacf54 def91db3 .config console log report syz C ci-gvisor-ptrace-direct-overlay-host
2018/12/17 11:28 https://gvisor.googlesource.com/gvisor master e491ebbacf54 def91db3 .config console log report syz C ci-gvisor-kvm-direct-overlay-host-race
* Struck through repros no longer work on HEAD.