syzbot

 sign-in | mailing list | source | docs
🐞 Open [126] 🐞 Fixed [269] 🐞 Invalid [575] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

panic: broken type ref

Status: closed as invalid on 2020/05/11 22:47
Reported-by: syzbot+ff5af360e40a4353c405@syzkaller.appspotmail.com
First crash: 1442d, last: 1442d
Similar bugs (3)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
openbsd panic: broken type ref (2) 17 1356d 1435d 0/3 closed as dup on 2020/05/15 21:37
openbsd panic: broken type ref (4) 3 4d13h 5d12h 0/3 upstream: reported on 2024/04/14 17:07
openbsd panic: broken type ref (3) 1 689d 689d 0/3 closed as invalid on 2022/06/02 05:14

Sample crash report:
panic: broken type ref

goroutine 25 [running]:
github.com/google/syzkaller/prog.ArgCommon.Type(...)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/prog.go:39
github.com/google/syzkaller/prog.foreachArgImpl(0x9b07e0, 0xc0022ef560, 0xc002a8d388, 0xcbcac0, 0x3, 0x3, 0xc002a88ea0, 0x0, 0x0, 0xc0016a12e8)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/analysis.go:133 +0x8f5
github.com/google/syzkaller/prog.foreachArgImpl(0x9b08a0, 0xc0022ef540, 0xc002a8d388, 0xcbcac0, 0x3, 0x3, 0xc002a88ea0, 0x0, 0x0, 0xc0016a12e8)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/analysis.go:157 +0x6f2
github.com/google/syzkaller/prog.foreachArgImpl(0x9b0820, 0xc002a88ea0, 0xc002a8d388, 0xcbcac0, 0x3, 0x3, 0x0, 0x0, 0x0, 0xc0016a12e8)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/analysis.go:154 +0x646
github.com/google/syzkaller/prog.ForeachArg(0xc002a8d380, 0xc0016a12e8)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/analysis.go:122 +0x112
github.com/google/syzkaller/prog.getCompatibleResources(0xc002a8d200, 0x8fe58d, 0xb, 0xc0025bba40, 0x0, 0x0, 0x0)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/rand.go:898 +0xb9
github.com/google/syzkaller/prog.(*randGen).resourceCentric(0xc0025bba40, 0xc001b4cfa0, 0xca88e0, 0x0, 0x0, 0x0, 0xc001c6b980, 0xc0023f34f0, 0x792919)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/rand.go:846 +0xfe
github.com/google/syzkaller/prog.(*ResourceType).generate(0xca88e0, 0xc0025bba40, 0xc001b4cfa0, 0x0, 0x9b0760, 0xc001c6b980, 0x0, 0x0, 0x0)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/rand.go:675 +0x27c
github.com/google/syzkaller/prog.(*randGen).generateArgImpl(0xc0025bba40, 0xc001b4cfa0, 0x9b6a20, 0xca88e0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/rand.go:664 +0x450
github.com/google/syzkaller/prog.(*randGen).generateArg(...)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/rand.go:614
github.com/google/syzkaller/prog.(*randGen).generateArgs(0xc0025bba40, 0xc001b4cfa0, 0xd36f80, 0xc, 0xc, 0xaaaaaaaaaaaaaa00, 0x38, 0x8, 0x0, 0xc0023f37a8, ...)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/rand.go:602 +0x116
github.com/google/syzkaller/prog.(*StructType).generate(0xcb1fa0, 0xc0025bba40, 0xc001b4cfa0, 0x0, 0xd6efe0, 0x839940, 0xc00000d1e0, 0x20, 0x20)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/rand.go:786 +0x7c
github.com/google/syzkaller/prog.(*randGen).generateArgImpl(0xc0025bba40, 0xc001b4cfa0, 0x9b6ae0, 0xcb1fa0, 0x760000, 0x0, 0x0, 0x0, 0x0, 0x0)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/rand.go:664 +0x450
github.com/google/syzkaller/prog.(*randGen).generateArg(...)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/rand.go:614
github.com/google/syzkaller/prog.(*randGen).generateArgs(0xc0025bba40, 0xc001b4cfa0, 0xcb2120, 0x2, 0x2, 0x78b200, 0xc0025bb860, 0x30, 0xcaf7a0, 0x2, ...)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/rand.go:602 +0x116
github.com/google/syzkaller/prog.(*StructType).generate(0xcb20e0, 0xc0025bba40, 0xc001b4cfa0, 0x0, 0xd6efe0, 0x78b7c1, 0xc0025bb820, 0x32, 0x2)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/rand.go:786 +0x7c
github.com/google/syzkaller/prog.(*randGen).generateArgImpl(0xc0025bba40, 0xc001b4cfa0, 0x9b6ae0, 0xcb20e0, 0xd60000, 0x0, 0x0, 0x0, 0x0, 0x0)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/rand.go:664 +0x450
github.com/google/syzkaller/prog.(*randGen).generateArg(...)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/rand.go:614
github.com/google/syzkaller/prog.(*UnionType).mutate(0xcab5e0, 0xc0025bba40, 0xc001b4cfa0, 0x9b08a0, 0xc0025bb9a0, 0xc0025bb948, 0xcb1260, 0x2, 0x2, 0xc001cd0120, ...)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/mutation.go:474 +0x178
github.com/google/syzkaller/prog.(*Target).mutateArg(0xc0000e0000, 0xc0025bba40, 0xc001b4cfa0, 0x9b08a0, 0xc0025bb9a0, 0xc0025bb948, 0xcb1260, 0x2, 0x2, 0xc001cd0120, ...)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/mutation.go:246 +0xe3
github.com/google/syzkaller/prog.(*mutator).mutateArg(0xc0016a1ec0, 0xa)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/mutation.go:183 +0x322
github.com/google/syzkaller/prog.(*Prog).Mutate(0xc001ced100, 0x9a9ba0, 0xc001dc6720, 0x14, 0xc001d80c40, 0xc002298000, 0x207f, 0x2400)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/mutation.go:47 +0x32c
main.(*Proc).loop(0xc001d80c80)
	/syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/proc.go:95 +0x434
created by main.main
	/syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/fuzzer.go:258 +0x1155

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2020/05/08 17:00 openbsd 7bb4371dccb1 fe4122c3 .config console log report ci-openbsd-main
* Struck through repros no longer work on HEAD.