syzkaller: testing failed: failed to run ["go" "test" "-short" "./..."]: exit status 1
4 views
Skip to first unread message
syzbot
Mar 29, 2019, 2:56:06 PM3/29/19
to syzkaller-f...@googlegroups.com
Hello,
syzbot found the following crash on:
HEAD commit:
git tree: https://github.com/google/syzkaller.git master
console output: https://syzkaller.appspot.com/x/log.txt?x=138ab897200000
dashboard link: https://syzkaller.appspot.com/bug?extid=45aa6ba64ebbf176bcdd
compiler: go version go1.12.1 freebsd/amd64
Unfortunately, I don't have any reproducer for this crash yet.
IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+45aa6b...@syzkaller.appspotmail.com
---
This bug is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this bug report. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot found the following crash on:
HEAD commit:
git tree: https://github.com/google/syzkaller.git master
console output: https://syzkaller.appspot.com/x/log.txt?x=138ab897200000
dashboard link: https://syzkaller.appspot.com/bug?extid=45aa6ba64ebbf176bcdd
compiler: go version go1.12.1 freebsd/amd64
Unfortunately, I don't have any reproducer for this crash yet.
IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+45aa6b...@syzkaller.appspotmail.com
---
This bug is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this bug report. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
Dmitry Vyukov
Mar 29, 2019, 3:12:24 PM3/29/19
to syzbot, Anton Lindqvist, syzkaller-f...@googlegroups.com
On Fri, Mar 29, 2019 at 7:56 PM syzbot
<syzbot+45aa6b...@syzkaller.appspotmail.com> wrote:
>
> Hello,
>
> syzbot found the following crash on:
>
> HEAD commit:
> git tree: https://github.com/google/syzkaller.git master
> console output: https://syzkaller.appspot.com/x/log.txt?x=138ab897200000
> dashboard link: https://syzkaller.appspot.com/bug?extid=45aa6ba64ebbf176bcdd
> compiler: go version go1.12.1 freebsd/amd64
>
> Unfortunately, I don't have any reproducer for this crash yet.
>
> IMPORTANT: if you fix the bug, please add the following tag to the commit:
> Reported-by: syzbot+45aa6b...@syzkaller.appspotmail.com
+Anton
<syzbot+45aa6b...@syzkaller.appspotmail.com> wrote:
>
> Hello,
>
> syzbot found the following crash on:
>
> HEAD commit:
> git tree: https://github.com/google/syzkaller.git master
> console output: https://syzkaller.appspot.com/x/log.txt?x=138ab897200000
> dashboard link: https://syzkaller.appspot.com/bug?extid=45aa6ba64ebbf176bcdd
> compiler: go version go1.12.1 freebsd/amd64
>
> Unfortunately, I don't have any reproducer for this crash yet.
>
> IMPORTANT: if you fix the bug, please add the following tag to the commit:
> Reported-by: syzbot+45aa6b...@syzkaller.appspotmail.com
Uh, that's something we should have been caught during description compilation.
panic: call ioctl$BIOCGETIF: pointer arg 'buffer' has output direction
[recovered]
panic: call ioctl$BIOCGETIF: pointer arg 'buffer' has output direction
goroutine 338 [running]:
testing.tRunner.func1(0xc000756400)
/syzkaller/go/src/testing/testing.go:830 +0x392
panic(0x6045c0, 0xc00040d700)
/syzkaller/go/src/runtime/panic.go:522 +0x1b5
github.com/google/syzkaller/prog.(*Prog).debugValidate(...)
/syzkaller/gopath/src/github.com/google/syzkaller/prog/validation.go:19
github.com/google/syzkaller/prog.(*Target).Generate(0xc0000c56c0,
0x7ccd60, 0xc0017b1500, 0xa, 0x0, 0x741972)
/syzkaller/gopath/src/github.com/google/syzkaller/prog/generation.go:25 +0x3c7
github.com/google/syzkaller/prog.TestSerializeDeserializeRandom.func1(0xc000756400,
0xc0000c56c0, 0x7ccd60, 0xc0017b1500, 0x6)
/syzkaller/gopath/src/github.com/google/syzkaller/prog/encoding_test.go:345
+0xf8
github.com/google/syzkaller/prog.testEachTargetRandom.func1(0xc000756400)
/syzkaller/gopath/src/github.com/google/syzkaller/prog/export_test.go:88 +0x9a
testing.tRunner(0xc000756400, 0xc0020ca150)
/syzkaller/go/src/testing/testing.go:865 +0xc0
created by testing.(*T).Run
/syzkaller/go/src/testing/testing.go:916 +0x35a
FAIL github.com/google/syzkaller/prog 5.918s
Anton Lindqvist
Mar 29, 2019, 4:02:06 PM3/29/19
to Dmitry Vyukov, syzbot, syzkaller-f...@googlegroups.com
On Fri, Mar 29, 2019 at 08:12:10PM +0100, Dmitry Vyukov wrote:
> On Fri, Mar 29, 2019 at 7:56 PM syzbot
> <syzbot+45aa6b...@syzkaller.appspotmail.com> wrote:
> >
> > Hello,
> >
> > syzbot found the following crash on:
> >
> > HEAD commit:
> > git tree: https://github.com/google/syzkaller.git master
> > console output: https://syzkaller.appspot.com/x/log.txt?x=138ab897200000
> > dashboard link: https://syzkaller.appspot.com/bug?extid=45aa6ba64ebbf176bcdd
> > compiler: go version go1.12.1 freebsd/amd64
> >
> > Unfortunately, I don't have any reproducer for this crash yet.
> >
> > IMPORTANT: if you fix the bug, please add the following tag to the commit:
> > Reported-by: syzbot+45aa6b...@syzkaller.appspotmail.com
>
> +Anton
> Uh, that's something we should have been caught during description compilation.
>
> panic: call ioctl$BIOCGETIF: pointer arg 'buffer' has output direction
> [recovered]
> panic: call ioctl$BIOCGETIF: pointer arg 'buffer' has output direction
Ouch, my bad. Should I interpret the errors as the ptr[out, ifreq]
> On Fri, Mar 29, 2019 at 7:56 PM syzbot
> <syzbot+45aa6b...@syzkaller.appspotmail.com> wrote:
> >
> > Hello,
> >
> > syzbot found the following crash on:
> >
> > HEAD commit:
> > git tree: https://github.com/google/syzkaller.git master
> > console output: https://syzkaller.appspot.com/x/log.txt?x=138ab897200000
> > dashboard link: https://syzkaller.appspot.com/bug?extid=45aa6ba64ebbf176bcdd
> > compiler: go version go1.12.1 freebsd/amd64
> >
> > Unfortunately, I don't have any reproducer for this crash yet.
> >
> > IMPORTANT: if you fix the bug, please add the following tag to the commit:
> > Reported-by: syzbot+45aa6b...@syzkaller.appspotmail.com
>
> +Anton
> Uh, that's something we should have been caught during description compilation.
>
> panic: call ioctl$BIOCGETIF: pointer arg 'buffer' has output direction
> [recovered]
> panic: call ioctl$BIOCGETIF: pointer arg 'buffer' has output direction
argument contradicts the buffer[in] field? Could the field make use of a
better type? In the end, it's just a pointer to a buffer.
Dmitry Vyukov
Apr 1, 2019, 6:53:25 AM4/1/19
to Anton Lindqvist, syzbot, syzkaller-f...@googlegroups.com
On Fri, Mar 29, 2019 at 9:02 PM Anton Lindqvist <an...@basename.se> wrote:
>
> On Fri, Mar 29, 2019 at 08:12:10PM +0100, Dmitry Vyukov wrote:
> > On Fri, Mar 29, 2019 at 7:56 PM syzbot
> > <syzbot+45aa6b...@syzkaller.appspotmail.com> wrote:
> > >
> > > Hello,
> > >
> > > syzbot found the following crash on:
> > >
> > > HEAD commit:
> > > git tree: https://github.com/google/syzkaller.git master
> > > console output: https://syzkaller.appspot.com/x/log.txt?x=138ab897200000
> > > dashboard link: https://syzkaller.appspot.com/bug?extid=45aa6ba64ebbf176bcdd
> > > compiler: go version go1.12.1 freebsd/amd64
> > >
> > > Unfortunately, I don't have any reproducer for this crash yet.
> > >
> > > IMPORTANT: if you fix the bug, please add the following tag to the commit:
> > > Reported-by: syzbot+45aa6b...@syzkaller.appspotmail.com
> >
> > +Anton
> > Uh, that's something we should have been caught during description compilation.
> >
> > panic: call ioctl$BIOCGETIF: pointer arg 'buffer' has output direction
> > [recovered]
> > panic: call ioctl$BIOCGETIF: pointer arg 'buffer' has output direction
>
> Ouch, my bad. Should I interpret the errors as the ptr[out, ifreq]
> argument contradicts the buffer[in] field? Could the field make use of a
> better type? In the end, it's just a pointer to a buffer.
Turns out this this because of buffer type. "ptr" has the special case
>
> On Fri, Mar 29, 2019 at 08:12:10PM +0100, Dmitry Vyukov wrote:
> > On Fri, Mar 29, 2019 at 7:56 PM syzbot
> > <syzbot+45aa6b...@syzkaller.appspotmail.com> wrote:
> > >
> > > Hello,
> > >
> > > syzbot found the following crash on:
> > >
> > > HEAD commit:
> > > git tree: https://github.com/google/syzkaller.git master
> > > console output: https://syzkaller.appspot.com/x/log.txt?x=138ab897200000
> > > dashboard link: https://syzkaller.appspot.com/bug?extid=45aa6ba64ebbf176bcdd
> > > compiler: go version go1.12.1 freebsd/amd64
> > >
> > > Unfortunately, I don't have any reproducer for this crash yet.
> > >
> > > IMPORTANT: if you fix the bug, please add the following tag to the commit:
> > > Reported-by: syzbot+45aa6b...@syzkaller.appspotmail.com
> >
> > +Anton
> > Uh, that's something we should have been caught during description compilation.
> >
> > panic: call ioctl$BIOCGETIF: pointer arg 'buffer' has output direction
> > [recovered]
> > panic: call ioctl$BIOCGETIF: pointer arg 'buffer' has output direction
>
> Ouch, my bad. Should I interpret the errors as the ptr[out, ifreq]
> argument contradicts the buffer[in] field? Could the field make use of a
> better type? In the end, it's just a pointer to a buffer.
for this to override the direction:
base.ArgDir = prog.DirIn // pointers are always in
But "buffer" always missed this special case.
I made "buffer" a builtin alias to "ptr[array[int8]]". It should fix the crash:
https://github.com/google/syzkaller/commit/162bd26be4e47d89f305435f7a1917b023138ed6
#syz invalid
Reply all
Reply to author
Forward
0 new messages