panic: runtime error: makeslice: len out of range
146 views
Skip to first unread message
syzbot
Dec 12, 2019, 10:14:11 AM12/12/19
to syzkaller...@googlegroups.com
Hello,
syzbot found the following crash on:
HEAD commit: a844dc4c Linux 4.14.158
git tree: linux-4.14.y
console output: https://syzkaller.appspot.com/x/log.txt?x=1598a6a9e00000
kernel config: https://syzkaller.appspot.com/x/.config?x=c02bef505ffc02ff
dashboard link: https://syzkaller.appspot.com/bug?extid=228b8f7af7b2b6b39d73
compiler: gcc (GCC) 9.0.0 20181231 (experimental)
Unfortunately, I don't have any reproducer for this crash yet.
IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+228b8f...@syzkaller.appspotmail.com
287865711a0dc357181ce5354c85df3992b9eea6da491a3b6e1f401a309356f4c5e3dc6e392fb6d3d01e20ec8d39ec098126e22c485c9f2ca13f7f6b49a7f6edc79f88c682ca3a9e1594c18f6fe350f583c552be6273760e1cd2425342a017272603953176d3723c77eeac74896ef4835618ac64bed8556d8efeba65864d3d2f69118b138def201ebd6b84ef41423c10e96e9b636a6269e40751f2fbcd027f627f4e1286fcccadfaa6e354454dec4972377ebe65bdb4a721201b87dc4ff664f92a56f595459a57c743f571b23b8c98",
0x1000}],
0x7, &(0x7f00000038c0)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x4}}],
0x18}}], 0x3, 0xc010)
panic: runtime error: makeslice: len out of range
goroutine 12 [running]:
github.com/google/syzkaller/prog.clone(0x9f6d20, 0xc4463d80f0,
0xc43e833208, 0xc43b263c78, 0x7fe16aa3809a)
/syzkaller/gopath/src/github.com/google/syzkaller/prog/clone.go:55 +0xf8
github.com/google/syzkaller/prog.clone(0x9f6d60, 0xc4463d8120,
0xc43e833208, 0x9f6ca0, 0xc441726640)
/syzkaller/gopath/src/github.com/google/syzkaller/prog/clone.go:44 +0x5ab
github.com/google/syzkaller/prog.(*Prog).Clone(0xc443e07200, 0x8bb3ab)
/syzkaller/gopath/src/github.com/google/syzkaller/prog/clone.go:24 +0x19d
github.com/google/syzkaller/prog.resourceCentric(0xfac980, 0xc4416bc000,
0xc433102f20, 0x72bb01, 0x81cdc0, 0xc43c496840, 0xc43e8334b0)
/syzkaller/gopath/src/github.com/google/syzkaller/prog/rand.go:817 +0xc1
github.com/google/syzkaller/prog.(*ResourceType).generate(0xfac980,
0xc433102f20, 0xc4416bc000, 0x1a, 0xc43e8336b8, 0x40fff9, 0xc43c497b60,
0x30)
/syzkaller/gopath/src/github.com/google/syzkaller/prog/rand.go:650 +0x931
github.com/google/syzkaller/prog.(*randGen).generateArgImpl(0xc433102f20,
0xc4416bc000, 0x9fa280, 0xfac980, 0xc43e833600, 0x0, 0x0, 0x0, 0x0, 0x0)
/syzkaller/gopath/src/github.com/google/syzkaller/prog/rand.go:643 +0x1b8
github.com/google/syzkaller/prog.(*randGen).generateArg(0xc433102f20,
0xc4416bc000, 0x9fa280, 0xfac980, 0x3, 0x3, 0x0, 0xc42501a6b0, 0x1)
/syzkaller/gopath/src/github.com/google/syzkaller/prog/rand.go:592 +0x52
github.com/google/syzkaller/prog.(*randGen).generateArgs(0xc433102f20,
0xc4416bc000, 0xdf7ae0, 0x3, 0x3, 0xc43e8338c0, 0xfc2b25d1,
0x40bea99971bfc93a, 0xc43e8338a0, 0x400000000072da28, ...)
/syzkaller/gopath/src/github.com/google/syzkaller/prog/rand.go:580 +0x18b
github.com/google/syzkaller/prog.(*StructType).generate(0xd2dde0,
0xc433102f20, 0xc4416bc000, 0xc, 0x1928780, 0xc43549e000,
0x29b9291810e9958d, 0xc43e833908)
/syzkaller/gopath/src/github.com/google/syzkaller/prog/rand.go:782 +0x74
github.com/google/syzkaller/prog.(*randGen).generateArgImpl(0xc433102f20,
0xc4416bc000, 0x9fa340, 0xd2dde0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0)
/syzkaller/gopath/src/github.com/google/syzkaller/prog/rand.go:643 +0x1b8
github.com/google/syzkaller/prog.(*randGen).generateArg(0xc433102f20,
0xc4416bc000, 0x9fa340, 0xd2dde0, 0x410848, 0xc43e833a20, 0x72e6b4,
0x8a3b51, 0x3)
/syzkaller/gopath/src/github.com/google/syzkaller/prog/rand.go:592 +0x52
github.com/google/syzkaller/prog.(*PtrType).generate(0xe95320,
0xc433102f20, 0xc4416bc000, 0x9f6ca0, 0xc4292f3e80, 0x0, 0x0, 0x0)
/syzkaller/gopath/src/github.com/google/syzkaller/prog/rand.go:798 +0xf7
github.com/google/syzkaller/prog.(*randGen).generateArgImpl(0xc433102f20,
0xc4416bc000, 0x9fa1c0, 0xe95320, 0xc43e833b00, 0x0, 0x0, 0x0, 0x0, 0x0)
/syzkaller/gopath/src/github.com/google/syzkaller/prog/rand.go:643 +0x1b8
github.com/google/syzkaller/prog.(*randGen).generateArg(0xc433102f20,
0xc4416bc000, 0x9fa1c0, 0xe95320, 0x0, 0x0, 0x0, 0x0, 0x0)
/syzkaller/gopath/src/github.com/google/syzkaller/prog/rand.go:592 +0x52
github.com/google/syzkaller/prog.(*randGen).generateArgs(0xc433102f20,
0xc4416bc000, 0xd2dda0, 0x3, 0x3, 0xb844e8c3ccd869d6, 0xc43e833cd8,
0x713f6e, 0x81cf40, 0xc4349eaa20, ...)
/syzkaller/gopath/src/github.com/google/syzkaller/prog/rand.go:580 +0x18b
github.com/google/syzkaller/prog.(*randGen).generateParticularCall(0xc433102f20,
0xc4416bc000,
0x10e7920, 0x25e, 0xc4416bc000, 0xc43e435c80)
/syzkaller/gopath/src/github.com/google/syzkaller/prog/rand.go:524 +0xd6
github.com/google/syzkaller/prog.(*randGen).generateCall(0xc433102f20,
0xc4416bc000, 0xc43e434400, 0x6, 0xc43e434400, 0xc43e434a40, 0xc4416bc000)
/syzkaller/gopath/src/github.com/google/syzkaller/prog/rand.go:516 +0xb4
github.com/google/syzkaller/prog.(*mutator).insertCall(0xc43e833e08, 0x14)
/syzkaller/gopath/src/github.com/google/syzkaller/prog/mutation.go:137
+0xf5
github.com/google/syzkaller/prog.(*Prog).Mutate(0xc43e434400, 0x9f47a0,
0xc42e97ec60, 0x1e, 0xc434695680, 0xc422c90000, 0x86fb, 0x9800)
/syzkaller/gopath/src/github.com/google/syzkaller/prog/mutation.go:42
+0x2a9
main.(*Proc).smashInput(0xc43467aa00, 0xc425e2e470)
/syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/proc.go:217
+0x131
main.(*Proc).loop(0xc43467aa00)
/syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/proc.go:82
+0x194
created by main.main
/syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/fuzzer.go:259
+0x1071
---
This bug is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this bug report. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot found the following crash on:
HEAD commit: a844dc4c Linux 4.14.158
git tree: linux-4.14.y
console output: https://syzkaller.appspot.com/x/log.txt?x=1598a6a9e00000
kernel config: https://syzkaller.appspot.com/x/.config?x=c02bef505ffc02ff
dashboard link: https://syzkaller.appspot.com/bug?extid=228b8f7af7b2b6b39d73
compiler: gcc (GCC) 9.0.0 20181231 (experimental)
Unfortunately, I don't have any reproducer for this crash yet.
IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+228b8f...@syzkaller.appspotmail.com
287865711a0dc357181ce5354c85df3992b9eea6da491a3b6e1f401a309356f4c5e3dc6e392fb6d3d01e20ec8d39ec098126e22c485c9f2ca13f7f6b49a7f6edc79f88c682ca3a9e1594c18f6fe350f583c552be6273760e1cd2425342a017272603953176d3723c77eeac74896ef4835618ac64bed8556d8efeba65864d3d2f69118b138def201ebd6b84ef41423c10e96e9b636a6269e40751f2fbcd027f627f4e1286fcccadfaa6e354454dec4972377ebe65bdb4a721201b87dc4ff664f92a56f595459a57c743f571b23b8c98",
0x1000}],
0x7, &(0x7f00000038c0)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x4}}],
0x18}}], 0x3, 0xc010)
panic: runtime error: makeslice: len out of range
goroutine 12 [running]:
github.com/google/syzkaller/prog.clone(0x9f6d20, 0xc4463d80f0,
0xc43e833208, 0xc43b263c78, 0x7fe16aa3809a)
/syzkaller/gopath/src/github.com/google/syzkaller/prog/clone.go:55 +0xf8
github.com/google/syzkaller/prog.clone(0x9f6d60, 0xc4463d8120,
0xc43e833208, 0x9f6ca0, 0xc441726640)
/syzkaller/gopath/src/github.com/google/syzkaller/prog/clone.go:44 +0x5ab
github.com/google/syzkaller/prog.(*Prog).Clone(0xc443e07200, 0x8bb3ab)
/syzkaller/gopath/src/github.com/google/syzkaller/prog/clone.go:24 +0x19d
github.com/google/syzkaller/prog.resourceCentric(0xfac980, 0xc4416bc000,
0xc433102f20, 0x72bb01, 0x81cdc0, 0xc43c496840, 0xc43e8334b0)
/syzkaller/gopath/src/github.com/google/syzkaller/prog/rand.go:817 +0xc1
github.com/google/syzkaller/prog.(*ResourceType).generate(0xfac980,
0xc433102f20, 0xc4416bc000, 0x1a, 0xc43e8336b8, 0x40fff9, 0xc43c497b60,
0x30)
/syzkaller/gopath/src/github.com/google/syzkaller/prog/rand.go:650 +0x931
github.com/google/syzkaller/prog.(*randGen).generateArgImpl(0xc433102f20,
0xc4416bc000, 0x9fa280, 0xfac980, 0xc43e833600, 0x0, 0x0, 0x0, 0x0, 0x0)
/syzkaller/gopath/src/github.com/google/syzkaller/prog/rand.go:643 +0x1b8
github.com/google/syzkaller/prog.(*randGen).generateArg(0xc433102f20,
0xc4416bc000, 0x9fa280, 0xfac980, 0x3, 0x3, 0x0, 0xc42501a6b0, 0x1)
/syzkaller/gopath/src/github.com/google/syzkaller/prog/rand.go:592 +0x52
github.com/google/syzkaller/prog.(*randGen).generateArgs(0xc433102f20,
0xc4416bc000, 0xdf7ae0, 0x3, 0x3, 0xc43e8338c0, 0xfc2b25d1,
0x40bea99971bfc93a, 0xc43e8338a0, 0x400000000072da28, ...)
/syzkaller/gopath/src/github.com/google/syzkaller/prog/rand.go:580 +0x18b
github.com/google/syzkaller/prog.(*StructType).generate(0xd2dde0,
0xc433102f20, 0xc4416bc000, 0xc, 0x1928780, 0xc43549e000,
0x29b9291810e9958d, 0xc43e833908)
/syzkaller/gopath/src/github.com/google/syzkaller/prog/rand.go:782 +0x74
github.com/google/syzkaller/prog.(*randGen).generateArgImpl(0xc433102f20,
0xc4416bc000, 0x9fa340, 0xd2dde0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0)
/syzkaller/gopath/src/github.com/google/syzkaller/prog/rand.go:643 +0x1b8
github.com/google/syzkaller/prog.(*randGen).generateArg(0xc433102f20,
0xc4416bc000, 0x9fa340, 0xd2dde0, 0x410848, 0xc43e833a20, 0x72e6b4,
0x8a3b51, 0x3)
/syzkaller/gopath/src/github.com/google/syzkaller/prog/rand.go:592 +0x52
github.com/google/syzkaller/prog.(*PtrType).generate(0xe95320,
0xc433102f20, 0xc4416bc000, 0x9f6ca0, 0xc4292f3e80, 0x0, 0x0, 0x0)
/syzkaller/gopath/src/github.com/google/syzkaller/prog/rand.go:798 +0xf7
github.com/google/syzkaller/prog.(*randGen).generateArgImpl(0xc433102f20,
0xc4416bc000, 0x9fa1c0, 0xe95320, 0xc43e833b00, 0x0, 0x0, 0x0, 0x0, 0x0)
/syzkaller/gopath/src/github.com/google/syzkaller/prog/rand.go:643 +0x1b8
github.com/google/syzkaller/prog.(*randGen).generateArg(0xc433102f20,
0xc4416bc000, 0x9fa1c0, 0xe95320, 0x0, 0x0, 0x0, 0x0, 0x0)
/syzkaller/gopath/src/github.com/google/syzkaller/prog/rand.go:592 +0x52
github.com/google/syzkaller/prog.(*randGen).generateArgs(0xc433102f20,
0xc4416bc000, 0xd2dda0, 0x3, 0x3, 0xb844e8c3ccd869d6, 0xc43e833cd8,
0x713f6e, 0x81cf40, 0xc4349eaa20, ...)
/syzkaller/gopath/src/github.com/google/syzkaller/prog/rand.go:580 +0x18b
github.com/google/syzkaller/prog.(*randGen).generateParticularCall(0xc433102f20,
0xc4416bc000,
0x10e7920, 0x25e, 0xc4416bc000, 0xc43e435c80)
/syzkaller/gopath/src/github.com/google/syzkaller/prog/rand.go:524 +0xd6
github.com/google/syzkaller/prog.(*randGen).generateCall(0xc433102f20,
0xc4416bc000, 0xc43e434400, 0x6, 0xc43e434400, 0xc43e434a40, 0xc4416bc000)
/syzkaller/gopath/src/github.com/google/syzkaller/prog/rand.go:516 +0xb4
github.com/google/syzkaller/prog.(*mutator).insertCall(0xc43e833e08, 0x14)
/syzkaller/gopath/src/github.com/google/syzkaller/prog/mutation.go:137
+0xf5
github.com/google/syzkaller/prog.(*Prog).Mutate(0xc43e434400, 0x9f47a0,
0xc42e97ec60, 0x1e, 0xc434695680, 0xc422c90000, 0x86fb, 0x9800)
/syzkaller/gopath/src/github.com/google/syzkaller/prog/mutation.go:42
+0x2a9
main.(*Proc).smashInput(0xc43467aa00, 0xc425e2e470)
/syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/proc.go:217
+0x131
main.(*Proc).loop(0xc43467aa00)
/syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/proc.go:82
+0x194
created by main.main
/syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/fuzzer.go:259
+0x1071
---
This bug is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this bug report. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot
Apr 10, 2020, 11:14:07 AM4/10/20
to syzkaller...@googlegroups.com
Auto-closing this bug as obsolete.
Crashes did not happen for a while, no reproducer and no activity.
Crashes did not happen for a while, no reproducer and no activity.
Reply all
Reply to author
Forward
0 new messages