[v6.6] SYZFAIL: SIGILL
0 views
Skip to first unread message
syzbot
2:31 AM (8 hours ago) 2:31 AM
to syzkaller...@googlegroups.com
Hello,
syzbot found the following issue on:
HEAD commit: c596736dadab Linux 6.6.120
git tree: linux-6.6.y
console output: https://syzkaller.appspot.com/x/log.txt?x=178b0522580000
kernel config: https://syzkaller.appspot.com/x/.config?x=691a6769a86ac817
dashboard link: https://syzkaller.appspot.com/bug?extid=ad310297c550fbff9482
compiler: Debian clang version 20.1.8 (++20250708063551+0c9f909b7976-1~exp1~20250708183702.136), Debian LLD 20.1.8
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=11c23ab2580000
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/855c94eb3eef/disk-c596736d.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/b7510b30b774/vmlinux-c596736d.xz
kernel image: https://storage.googleapis.com/syzbot-assets/3ce7fe4f6991/bzImage-c596736d.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+ad3102...@syzkaller.appspotmail.com
SYZFAIL: SIGILL
pc-offset:0xffffffffffebf9d4 pc:0x7f668858f50c addr:(nil) code=128 (errno 9: Bad file descriptor)
SIGILL: illegal instruction
PC=0x47fad7 m=1 sigcode=128
instruction bytes: 0x48 0x83 0xc4 0x10 0x5d 0xc3 0xcc 0xcc 0xcc 0xb8 0xba 0x0 0x0 0x0 0xf 0x5
goroutine 0 gp=0xc000002700 m=1 mp=0xc00007c008 [idle]:
runtime.usleep(0x14)
/usr/local/go/src/runtime/sys_linux_amd64.s:135 +0x37 fp=0xc00005df38 sp=0xc00005df18 pc=0x47fad7
runtime.sysmon()
/usr/local/go/src/runtime/proc.go:6111 +0xa5 fp=0xc00005dfa0 sp=0xc00005df38 pc=0x44fda5
runtime.mstart1()
/usr/local/go/src/runtime/proc.go:1855 +0x93 fp=0xc00005dfc8 sp=0xc00005dfa0 pc=0x4466b3
runtime.mstart0()
/usr/local/go/src/runtime/proc.go:1808 +0x75 fp=0xc00005dff8 sp=0xc00005dfc8 pc=0x4465f5
runtime.mstart()
/usr/local/go/src/runtime/asm_amd64.s:395 +0x5 fp=0xc00005e000 sp=0xc00005dff8 pc=0x47c345
goroutine 1 gp=0xc000002380 m=nil [sync.WaitGroup.Wait]:
runtime.gopark(0xc000111c98?, 0x419274?, 0x60?, 0x92?, 0x7f9a2ad5fb20?)
/usr/local/go/src/runtime/proc.go:435 +0xce fp=0xc003474c38 sp=0xc003474c18 pc=0x47666e
runtime.goparkunlock(...)
/usr/local/go/src/runtime/proc.go:441
runtime.semacquire1(0xc001ed0190, 0x0, 0x1, 0x0, 0x18)
/usr/local/go/src/runtime/sema.go:188 +0x21d fp=0xc003474ca0 sp=0xc003474c38 pc=0x4567fd
sync.runtime_SemacquireWaitGroup(0xc00000eac8?)
/usr/local/go/src/runtime/sema.go:110 +0x25 fp=0xc003474cd8 sp=0xc003474ca0 pc=0x477c05
sync.(*WaitGroup).Wait(0x15a1b20?)
/usr/local/go/src/sync/waitgroup.go:118 +0x48 fp=0xc003474d00 sp=0xc003474cd8 pc=0x489bc8
golang.org/x/sync/errgroup.(*Group).Wait(0xc001ed0180)
/syzkaller/gopath/pkg/mod/golang.org/x/sy...@v0.17.0/errgroup/errgroup.go:56 +0x1e fp=0xc003474d20 sp=0xc003474d00 pc=0xfae5de
github.com/google/syzkaller/pkg/rpcserver.RunLocal({0x235ffb0?, 0xc00261a5f0?}, 0x2330568?)
/syzkaller/gopath/src/github.com/google/syzkaller/pkg/rpcserver/local.go:54 +0x192 fp=0xc003474da8 sp=0xc003474d20 pc=0x12725d2
main.main()
/syzkaller/gopath/src/github.com/google/syzkaller/tools/syz-execprog/execprog.go:187 +0x93e fp=0xc003474f50 sp=0xc003474da8 pc=0x127f3fe
runtime.main()
/usr/local/go/src/runtime/proc.go:283 +0x28b fp=0xc003474fe0 sp=0xc003474f50 pc=0x44310b
runtime.goexit({})
/usr/local/go/src/runtime/asm_amd64.s:1700 +0x1 fp=0xc003474fe8 sp=0xc003474fe0 pc=0x47e281
goroutine 17 gp=0xc0000a0000 m=nil [force gc (idle)]:
runtime.gopark(0x0?, 0x0?, 0x0?, 0x0?, 0x0?)
Connection to 10.128.1.69 closed by remote host.
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
If the report is already addressed, let syzbot know by replying with:
#syz fix: exact-commit-title
If you want syzbot to run the reproducer, reply with:
#syz test: git://repo/address.git branch-or-commit-hash
If you attach or paste a git patch, syzbot will apply it before testing.
If you want to overwrite report's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)
If the report is a duplicate of another one, reply with:
#syz dup: exact-subject-of-another-report
If you want to undo deduplication, reply with:
#syz undup
syzbot found the following issue on:
HEAD commit: c596736dadab Linux 6.6.120
git tree: linux-6.6.y
console output: https://syzkaller.appspot.com/x/log.txt?x=178b0522580000
kernel config: https://syzkaller.appspot.com/x/.config?x=691a6769a86ac817
dashboard link: https://syzkaller.appspot.com/bug?extid=ad310297c550fbff9482
compiler: Debian clang version 20.1.8 (++20250708063551+0c9f909b7976-1~exp1~20250708183702.136), Debian LLD 20.1.8
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=11c23ab2580000
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/855c94eb3eef/disk-c596736d.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/b7510b30b774/vmlinux-c596736d.xz
kernel image: https://storage.googleapis.com/syzbot-assets/3ce7fe4f6991/bzImage-c596736d.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+ad3102...@syzkaller.appspotmail.com
SYZFAIL: SIGILL
pc-offset:0xffffffffffebf9d4 pc:0x7f668858f50c addr:(nil) code=128 (errno 9: Bad file descriptor)
SIGILL: illegal instruction
PC=0x47fad7 m=1 sigcode=128
instruction bytes: 0x48 0x83 0xc4 0x10 0x5d 0xc3 0xcc 0xcc 0xcc 0xb8 0xba 0x0 0x0 0x0 0xf 0x5
goroutine 0 gp=0xc000002700 m=1 mp=0xc00007c008 [idle]:
runtime.usleep(0x14)
/usr/local/go/src/runtime/sys_linux_amd64.s:135 +0x37 fp=0xc00005df38 sp=0xc00005df18 pc=0x47fad7
runtime.sysmon()
/usr/local/go/src/runtime/proc.go:6111 +0xa5 fp=0xc00005dfa0 sp=0xc00005df38 pc=0x44fda5
runtime.mstart1()
/usr/local/go/src/runtime/proc.go:1855 +0x93 fp=0xc00005dfc8 sp=0xc00005dfa0 pc=0x4466b3
runtime.mstart0()
/usr/local/go/src/runtime/proc.go:1808 +0x75 fp=0xc00005dff8 sp=0xc00005dfc8 pc=0x4465f5
runtime.mstart()
/usr/local/go/src/runtime/asm_amd64.s:395 +0x5 fp=0xc00005e000 sp=0xc00005dff8 pc=0x47c345
goroutine 1 gp=0xc000002380 m=nil [sync.WaitGroup.Wait]:
runtime.gopark(0xc000111c98?, 0x419274?, 0x60?, 0x92?, 0x7f9a2ad5fb20?)
/usr/local/go/src/runtime/proc.go:435 +0xce fp=0xc003474c38 sp=0xc003474c18 pc=0x47666e
runtime.goparkunlock(...)
/usr/local/go/src/runtime/proc.go:441
runtime.semacquire1(0xc001ed0190, 0x0, 0x1, 0x0, 0x18)
/usr/local/go/src/runtime/sema.go:188 +0x21d fp=0xc003474ca0 sp=0xc003474c38 pc=0x4567fd
sync.runtime_SemacquireWaitGroup(0xc00000eac8?)
/usr/local/go/src/runtime/sema.go:110 +0x25 fp=0xc003474cd8 sp=0xc003474ca0 pc=0x477c05
sync.(*WaitGroup).Wait(0x15a1b20?)
/usr/local/go/src/sync/waitgroup.go:118 +0x48 fp=0xc003474d00 sp=0xc003474cd8 pc=0x489bc8
golang.org/x/sync/errgroup.(*Group).Wait(0xc001ed0180)
/syzkaller/gopath/pkg/mod/golang.org/x/sy...@v0.17.0/errgroup/errgroup.go:56 +0x1e fp=0xc003474d20 sp=0xc003474d00 pc=0xfae5de
github.com/google/syzkaller/pkg/rpcserver.RunLocal({0x235ffb0?, 0xc00261a5f0?}, 0x2330568?)
/syzkaller/gopath/src/github.com/google/syzkaller/pkg/rpcserver/local.go:54 +0x192 fp=0xc003474da8 sp=0xc003474d20 pc=0x12725d2
main.main()
/syzkaller/gopath/src/github.com/google/syzkaller/tools/syz-execprog/execprog.go:187 +0x93e fp=0xc003474f50 sp=0xc003474da8 pc=0x127f3fe
runtime.main()
/usr/local/go/src/runtime/proc.go:283 +0x28b fp=0xc003474fe0 sp=0xc003474f50 pc=0x44310b
runtime.goexit({})
/usr/local/go/src/runtime/asm_amd64.s:1700 +0x1 fp=0xc003474fe8 sp=0xc003474fe0 pc=0x47e281
goroutine 17 gp=0xc0000a0000 m=nil [force gc (idle)]:
runtime.gopark(0x0?, 0x0?, 0x0?, 0x0?, 0x0?)
Connection to 10.128.1.69 closed by remote host.
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
If the report is already addressed, let syzbot know by replying with:
#syz fix: exact-commit-title
If you want syzbot to run the reproducer, reply with:
#syz test: git://repo/address.git branch-or-commit-hash
If you attach or paste a git patch, syzbot will apply it before testing.
If you want to overwrite report's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)
If the report is a duplicate of another one, reply with:
#syz dup: exact-subject-of-another-report
If you want to undo deduplication, reply with:
#syz undup
Reply all
Reply to author
Forward
0 new messages