panic.go:LINE +0x72 (7)

[syzbot]

Hello,

syzbot found the following issue on:

HEAD commit: f232436a Remove duplicate comment.
git tree: openbsd
console output: https://syzkaller.appspot.com/x/log.txt?x=129227dc900000
kernel config: https://syzkaller.appspot.com/x/.config?x=bf87b6915a88cd0d
dashboard link: https://syzkaller.appspot.com/bug?extid=bbce03fbda8092f2317d

Unfortunately, I don't have any reproducer for this issue yet.

IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+bbce03...@syzkaller.appspotmail.com

/usr/local/go/src/runtime/panic.go:1116 +0x72
runtime.newosproc(0xc0014e4000)
/usr/local/go/src/runtime/os_openbsd.go:212 +0x1e5
runtime.newm1(0xc0014e4000)
/usr/local/go/src/runtime/proc.go:1811 +0xdd
runtime.newm(0x91bb38, 0xc00002e800)
/usr/local/go/src/runtime/proc.go:1790 +0x8e
runtime.startm(0x0, 0x1a019a01)
/usr/local/go/src/runtime/proc.go:1933 +0x13d
runtime.wakep()
/usr/local/go/src/runtime/proc.go:2020 +0x66
runtime.startTheWorldWithSema(0x462d01, 0x111924f494)
/usr/local/go/src/runtime/proc.go:1084 +0x145
runtime.gcMarkTermination.func3()
/usr/local/go/src/runtime/mgc.go:1752 +0x26
runtime.systemstack(0x0)
/usr/local/go/src/runtime/asm_amd64.s:370 +0x66
runtime.mstart()
/usr/local/go/src/runtime/proc.go:1101

goroutine 33 [running]:
runtime.systemstack_switch()
/usr/local/go/src/runtime/asm_amd64.s:330 fp=0xc0001de548 sp=0xc0001de540 pc=0x46b220
runtime.gcMarkTermination(0x3fdca75243ad41cd)
/usr/local/go/src/runtime/mgc.go:1752 +0x3da fp=0xc0001de708 sp=0xc0001de548 pc=0x41c1fa
runtime.gcMarkDone()
/usr/local/go/src/runtime/mgc.go:1630 +0x275 fp=0xc0001de760 sp=0xc0001de708 pc=0x41bd55
runtime.gcBgMarkWorker(0xc00002c000)
/usr/local/go/src/runtime/mgc.go:2018 +0x2af fp=0xc0001de7d8 sp=0xc0001de760 pc=0x41cd6f
runtime.goexit()
/usr/local/go/src/runtime/asm_amd64.s:1374 +0x1 fp=0xc0001de7e0 sp=0xc0001de7d8 pc=0x46ce61
created by runtime.gcBgMarkStartWorkers
/usr/local/go/src/runtime/mgc.go:1839 +0x77

goroutine 1 [select]:
main.(*Fuzzer).pollLoop(0xc0000a4b00)
/syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/fuzzer.go:328 +0x12a
main.main()
/syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/fuzzer.go:270 +0x12e5

goroutine 16 [IO wait]:
internal/poll.runtime_pollWait(0x2984ed918, 0x72, 0x985bc0)
/usr/local/go/src/runtime/netpoll.go:220 +0x55
internal/poll.(*pollDesc).wait(0xc0001c2098, 0x72, 0xc0002d2000, 0x1000, 0x1000)
/usr/local/go/src/internal/poll/fd_poll_runtime.go:87 +0x45
internal/poll.(*pollDesc).waitRead(...)
/usr/local/go/src/internal/poll/fd_poll_runtime.go:92
internal/poll.(*FD).Read(0xc0001c2080, 0xc0002d2000, 0x1000, 0x1000, 0x0, 0x0, 0x0)
/usr/local/go/src/internal/poll/fd_unix.go:159 +0x1b1
net.(*netFD).Read(0xc0001c2080, 0xc0002d2000, 0x1000, 0x1000, 0xcac440, 0x20d7537d0, 0xc000001200)
/usr/local/go/src/net/fd_posix.go:55 +0x4f
net.(*conn).Read(0xc00000f458, 0xc0002d2000, 0x1000, 0x1000, 0x0, 0x0, 0x0)
/usr/local/go/src/net/net.go:182 +0x8e
bufio.(*Reader).fill(0xc00005be60)
/usr/local/go/src/bufio/bufio.go:101 +0x105
bufio.(*Reader).ReadByte(0xc00005be60, 0xc0002ea528, 0x42a37eb692f8ea01, 0x4200000000000000)
/usr/local/go/src/bufio/bufio.go:253 +0x39
compress/flate.(*decompressor).moreBits(0xc0002cc000, 0xc001dac3c0, 0x199)
/usr/local/go/src/compress/flate/inflate.go:696 +0x37
compress/flate.(*decompressor).nextBlock(0xc0002cc000)
/usr/local/go/src/compress/flate/inflate.go:303 +0x36
compress/flate.(*decompressor).Read(0xc0002cc000, 0xc0002e0000, 0x1000, 0x1000, 0x7e72cc, 0xc0000c9a80, 0xc00018a320)
/usr/local/go/src/compress/flate/inflate.go:347 +0x79
github.com/google/syzkaller/pkg/rpctype.(*flateConn).Read(0xc000105080, 0xc0002e0000, 0x1000, 0x1000, 0x199, 0x7ee64b, 0x2)
/syzkaller/gopath/src/github.com/google/syzkaller/pkg/rpctype/rpc.go:131 +0x51


OpenBSD/amd64 (ci-openbsd-multicore-1.c.syzkaller.internal) (tty00)

bufio.(*Reader).Read(0xc00005bec0, 0xc0000212a7, 0x1, 0x9, 0xc0000989a0, 0xc001dac3c0, 0x7f8e8b)
/usr/local/go/src/bufio/bufio.go:227 +0x222
io.ReadAtLeast(0x9848e0, 0xc00005bec0, 0xc0000212a7, 0x1, 0x9, 0x1, 0x1, 0x0, 0x994920)
/usr/local/go/src/io/io.go:314 +0x87
io.ReadFull(...)
/usr/local/go/src/io/io.go:333
encoding/gob.decodeUintReader(0x9848e0, 0xc00005bec0, 0xc0000212a7, 0x9, 0x9, 0x4, 0xc0001afd90, 0x405abc, 0xc000000180)
/usr/local/go/src/encoding/gob/decode.go:120 +0x6f
encoding/gob.(*Decoder).recvMessage(0xc0000c9a80, 0x7)
/usr/local/go/src/encoding/gob/decoder.go:81 +0x57
encoding/gob.(*Decoder).decodeTypeSequence(0xc0000c9a80, 0xc0001afe00, 0xc0001afe00)
/usr/local/go/src/encoding/gob/decoder.go:143 +0x10d
encoding/gob.(*Decoder).DecodeValue(0xc0000c9a80, 0x8446a0, 0xc000105560, 0x16, 0x0, 0x0)
/usr/local/go/src/encoding/gob/decoder.go:211 +0xdc
encoding/gob.(*Decoder).Decode(0xc0000c9a80, 0x8446a0, 0xc000105560, 0x30, 0x30)
/usr/local/go/src/encoding/gob/decoder.go:188 +0x173
net/rpc.(*gobClientCodec).ReadResponseHeader(0xc000105170, 0xc000105560, 0xc001dac3c0, 0x0)
/usr/local/go/src/net/rpc/client.go:228 +0x45
net/rpc.(*Client).input(0xc00005bf80)
/usr/local/go/src/net/rpc/client.go:109 +0xa8
created by net/rpc.NewClientWithCodec
/usr/local/go/src/net/rpc/client.go:206 +0x89

goroutine 18 [chan receive]:
github.com/google/syzkaller/pkg/osutil.HandleInterrupts.func1(0xc0001ba000)
/syzkaller/gopath/src/github.com/google/syzkaller/pkg/osutil/osutil_unix.go:78 +0xb6
created by github.com/google/syzkaller/pkg/osutil.HandleInterrupts
/syzkaller/gopath/src/github.com/google/syzkaller/pkg/osutil/osutil_unix.go:75 +0x3f

goroutine 19 [chan receive]:
main.main.func1(0xc0001ba000)
/syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/fuzzer.go:159 +0x34
created by main.main
/syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/fuzzer.go:157 +0x5b4

goroutine 15 [syscall]:
os/signal.signal_recv(0x0)
/usr/local/go/src/runtime/sigqueue.go:147 +0x9d
os/signal.loop()
/usr/local/go/src/os/signal/signal_unix.go:23 +0x25
created by os/signal.Notify.func1.1
/usr/local/go/src/os/signal/signal.go:150 +0x45

goroutine 34 [runnable]:
syscall.Syscall(0x88, 0xc001838520, 0x1c0, 0x0, 0x0, 0x0, 0x0)
/usr/local/go/src/syscall/asm_unix_amd64.s:19 +0x5
syscall.Mkdir(0xc0018384e0, 0x1a, 0xc0000001c0, 0x1a, 0x1)
/usr/local/go/src/syscall/zsyscall_openbsd_amd64.go:748 +0xa5
os.Mkdir(0xc0018384e0, 0x1a, 0x1c0, 0xc0018384e0, 0x1a)
/usr/local/go/src/os/file.go:258 +0x77
io/ioutil.TempDir(0x8e9a22, 0x2, 0x8fa206, 0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0)
/usr/local/go/src/io/ioutil/tempfile.go:117 +0x1f2
github.com/google/syzkaller/pkg/ipc.makeCommand(0x0, 0xc003390190, 0x1, 0x1, 0xc000104f00, 0xc00018c088, 0xc00018c2f0, 0x3001ee000, 0x1000000, 0x1000000, ...)
/syzkaller/gopath/src/github.com/google/syzkaller/pkg/ipc/ipc.go:536 +0x7c
github.com/google/syzkaller/pkg/ipc.(*Env).Exec(0xc000090090, 0xc000196040, 0xc000aaf580, 0xc0023edd68, 0x2, 0x2, 0x0, 0x414c00, 0x984b80, 0xc002b3e030)
/syzkaller/gopath/src/github.com/google/syzkaller/pkg/ipc/ipc.go:277 +0x48f
main.(*Proc).executeRaw(0xc00335c600, 0xc000196040, 0xc000aaf580, 0x1, 0x0)
/syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/proc.go:294 +0x228
main.(*Proc).execute(0xc00335c600, 0xc000196040, 0xc000aaf580, 0x0, 0x1, 0x1)
/syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/proc.go:251 +0x6a
main.(*Proc).loop(0xc00335c600)
/syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/proc.go:97 +0x492
created by main.main
/syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/fuzzer.go:267 +0x1175

goroutine 24 [runnable]:
runtime.GC()
/usr/local/go/src/runtime/mgc.go:1100 +0x65
runtime/debug.freeOSMemory()
/usr/local/go/src/runtime/mheap.go:1507 +0x25
runtime/debug.FreeOSMemory(...)
/usr/local/go/src/runtime/debug/garbage.go:100
main.(*Proc).executeRaw(0xc003098680, 0xc000196040, 0xc0018bdf80, 0x1, 0x0)
/syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/proc.go:300 +0x1b2
main.(*Proc).execute(0xc003098680, 0xc000196040, 0xc0018bdf80, 0x0, 0x1, 0x1)
/syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/proc.go:251 +0x6a
main.(*Proc).loop(0xc003098680)
/syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/proc.go:97 +0x492
created by main.main
/syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/fuzzer.go:267 +0x1175

goroutine 477 [runnable]:
syscall.Syscall(0x3, 0xb, 0xc002fc6000, 0x20000, 0x0, 0x20000, 0x0)
/usr/local/go/src/syscall/asm_unix_amd64.s:19 +0x5
syscall.read(0xb, 0xc002fc6000, 0x20000, 0x20000, 0xc00002e800, 0xc0001df6f0, 0x419745)
/usr/local/go/src/syscall/zsyscall_openbsd_amd64.go:870 +0x5a
syscall.Read(0xb, 0xc002fc6000, 0x20000, 0x20000, 0x72, 0x0, 0x0)
/usr/local/go/src/syscall/syscall_unix.go:187 +0x49
internal/poll.ignoringEINTR(0x91bd78, 0xb, 0xc002fc6000, 0x20000, 0x20000, 0xc001dac358, 0xc0032d4020, 0x10100c0001df7a8)
/usr/local/go/src/internal/poll/fd_unix.go:567 +0x52
internal/poll.(*FD).Read(0xc001dac000, 0xc002fc6000, 0x20000, 0x20000, 0x0, 0x0, 0x0)
/usr/local/go/src/internal/poll/fd_unix.go:155 +0x149
os.(*File).read(...)
/usr/local/go/src/os/file_posix.go:31
os.(*File).Read(0xc00282c010, 0xc002fc6000, 0x20000, 0x20000, 0x0, 0x984b80, 0xc00002a070)
/usr/local/go/src/os/file.go:116 +0x71
github.com/google/syzkaller/pkg/ipc.makeCommand.func2(0xc00282c010, 0xc0000ca000)
/syzkaller/gopath/src/github.com/google/syzkaller/pkg/ipc/ipc.go:605 +0xb8
created by github.com/google/syzkaller/pkg/ipc.makeCommand
/syzkaller/gopath/src/github.com/google/syzkaller/pkg/ipc/ipc.go:599 +0x948
login:


---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.

syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.

[Greg Steuck]

I wonder if this pertinent:

runtime: failed to create new OS thread (have 8 already; errno=35)
runtime: may need to increase max user processes (ulimit -p)
fatal error: runtime.newosproc

https://syzkaller.appspot.com/text?tag=CrashLog&x=129227dc900000

> --
> You received this message because you are subscribed to the Google Groups "syzkaller-openbsd-bugs" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to syzkaller-openbsd...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/syzkaller-openbsd-bugs/000000000000d8d9e605ac42e22b%40google.com.



--
nest.cx is Gmail hosted, use PGP: https://pgp.key-server.io/0x0B1542BD8DF5A1B0
Fingerprint: 5E2B 2D0E 1E03 2046 BEC3 4D50 0B15 42BD 8DF5 A1B0

[syzbot]

syzbot has found a reproducer for the following issue on:

HEAD commit: f232436a Remove duplicate comment.
git tree: openbsd

console output: https://syzkaller.appspot.com/x/log.txt?x=12ef5e34900000

kernel config: https://syzkaller.appspot.com/x/.config?x=bf87b6915a88cd0d
dashboard link: https://syzkaller.appspot.com/bug?extid=bbce03fbda8092f2317d

syz repro: https://syzkaller.appspot.com/x/repro.syz?x=1360291a900000

IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+bbce03...@syzkaller.appspotmail.com

/usr/local/go/src/runtime/panic.go:1116 +0x72

runtime.newosproc(0xc0001dc000)
/usr/local/go/src/runtime/os_openbsd.go:212 +0x1e5
runtime.newm1(0xc0001dc000)
/usr/local/go/src/runtime/proc.go:1811 +0xdd
runtime.newm(0x0, 0xc000020000)
/usr/local/go/src/runtime/proc.go:1790 +0x8e
runtime.startm(0xc000020000, 0xc000023e00)
/usr/local/go/src/runtime/proc.go:1933 +0x13d
runtime.handoffp(0xc000020000)
/usr/local/go/src/runtime/proc.go:1960 +0x52
runtime.forEachP(0x5e47a8)
/usr/local/go/src/runtime/proc.go:1341 +0x1cf
runtime.gcMarkDone.func1()
/usr/local/go/src/runtime/mgc.go:1474 +0x5e

runtime.systemstack(0x0)
/usr/local/go/src/runtime/asm_amd64.s:370 +0x66
runtime.mstart()
/usr/local/go/src/runtime/proc.go:1101

goroutine 60 [GC worker (idle)]:
runtime.systemstack_switch()
/usr/local/go/src/runtime/asm_amd64.s:330 fp=0xc000161f08 sp=0xc000161f00 pc=0x4647e0
runtime.gcMarkDone()
/usr/local/go/src/runtime/mgc.go:1467 +0x105 fp=0xc000161f60 sp=0xc000161f08 pc=0x41b305
runtime.gcBgMarkWorker(0xc000022800)
/usr/local/go/src/runtime/mgc.go:2018 +0x2af fp=0xc000161fd8 sp=0xc000161f60 pc=0x41c48f
runtime.goexit()
/usr/local/go/src/runtime/asm_amd64.s:1374 +0x1 fp=0xc000161fe0 sp=0xc000161fd8 pc=0x466421

created by runtime.gcBgMarkStartWorkers
/usr/local/go/src/runtime/mgc.go:1839 +0x77

goroutine 1 [semacquire]:
sync.runtime_Semacquire(0xc000014a78)
/usr/local/go/src/runtime/sema.go:56 +0x45
sync.(*WaitGroup).Wait(0xc000014a70)
/usr/local/go/src/sync/waitgroup.go:130 +0x65
main.main()
/syzkaller/gopath/src/github.com/google/syzkaller/tools/syz-execprog/execprog.go:108 +0x78d

goroutine 14 [runnable]:
syscall.Syscall(0x89, 0xc000176360, 0x0, 0x0, 0x0, 0x0, 0x0)
/usr/local/go/src/syscall/asm_unix_amd64.s:19 +0x5
syscall.Rmdir(0xc0001707e0, 0x20, 0x612880, 0x703248)
/usr/local/go/src/syscall/zsyscall_openbsd_amd64.go:943 +0x97
os.Remove(0xc0001707e0, 0x20, 0x0, 0xc00014ba50)
/usr/local/go/src/os/file_unix.go:284 +0x6e
os.removeAll(0xc0001707e0, 0x20, 0x0, 0x0)
/usr/local/go/src/os/removeall_at.go:29 +0x14d
os.RemoveAll(...)
/usr/local/go/src/os/path.go:67
github.com/google/syzkaller/pkg/osutil.RemoveAll(...)
/syzkaller/gopath/src/github.com/google/syzkaller/pkg/osutil/osutil_bsd.go:14
github.com/google/syzkaller/pkg/ipc.(*command).close(0xc0000a0fc0)
/syzkaller/gopath/src/github.com/google/syzkaller/pkg/ipc/ipc.go:647 +0x46
github.com/google/syzkaller/pkg/ipc.makeCommand.func1(0xc00014bd28)
/syzkaller/gopath/src/github.com/google/syzkaller/pkg/ipc/ipc.go:551 +0x3d
github.com/google/syzkaller/pkg/ipc.makeCommand(0x0, 0xc00001f220, 0x1, 0x1, 0xc0000b4f00, 0xc00000eee8, 0xc00000eef8, 0x2b04de000, 0x1000000, 0x1000000, ...)
/syzkaller/gopath/src/github.com/google/syzkaller/pkg/ipc/ipc.go:623 +0x9ec
github.com/google/syzkaller/pkg/ipc.(*Env).Exec(0xc0000a6750, 0xc000016ce0, 0xc000075c00, 0x8f5f79e26, 0xc00014beb8, 0x4b1f9a, 0x8000000000000000, 0x13e2e4e8e, 0x0, 0xbfc3593eab8fe916)
/syzkaller/gopath/src/github.com/google/syzkaller/pkg/ipc/ipc.go:277 +0x48f
main.(*Context).execute(0xc0000a04d0, 0x0, 0xc0000a6750, 0xc0000755c0)
/syzkaller/gopath/src/github.com/google/syzkaller/tools/syz-execprog/execprog.go:161 +0x111
main.(*Context).run(0xc0000a04d0, 0x0)
/syzkaller/gopath/src/github.com/google/syzkaller/tools/syz-execprog/execprog.go:141 +0xf5
main.main.func3(0xc000014a70, 0xc0000a04d0, 0x0)
/syzkaller/gopath/src/github.com/google/syzkaller/tools/syz-execprog/execprog.go:104 +0x5d
created by main.main
/syzkaller/gopath/src/github.com/google/syzkaller/tools/syz-execprog/execprog.go:102 +0x753

goroutine 15 [chan receive]:
github.com/google/syzkaller/pkg/osutil.HandleInterrupts.func1(0xc00005a3c0)

/syzkaller/gopath/src/github.com/google/syzkaller/pkg/osutil/osutil_unix.go:78 +0xb6
created by github.com/google/syzkaller/pkg/osutil.HandleInterrupts
/syzkaller/gopath/src/github.com/google/syzkaller/pkg/osutil/osutil_unix.go:75 +0x3f

goroutine 33 [syscall]:

os/signal.signal_recv(0x0)
/usr/local/go/src/runtime/sigqueue.go:147 +0x9d
os/signal.loop()
/usr/local/go/src/os/signal/signal_unix.go:23 +0x25
created by os/signal.Notify.func1.1
/usr/local/go/src/os/signal/signal.go:150 +0x45

goroutine 61 [runnable]:
github.com/google/syzkaller/pkg/ipc.makeCommand.func2(0xc00000f358, 0xc0000a0f50)
/syzkaller/gopath/src/github.com/google/syzkaller/pkg/ipc/ipc.go:599

created by github.com/google/syzkaller/pkg/ipc.makeCommand
/syzkaller/gopath/src/github.com/google/syzkaller/pkg/ipc/ipc.go:599 +0x948

goroutine 62 [runnable]:
syscall.Syscall(0x6, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0)
/usr/local/go/src/syscall/asm_unix_amd64.s:19 +0x5
syscall.Close(0x9, 0xc000178240, 0xc0001606b8)
/usr/local/go/src/syscall/zsyscall_openbsd_amd64.go:403 +0x45
internal/poll.(*FD).destroy(0xc000178240, 0x25a4b1c01, 0x0)
/usr/local/go/src/internal/poll/fd_unix.go:77 +0x43
internal/poll.(*FD).decref(0xc000178240, 0xc000160701, 0x4bc508)
/usr/local/go/src/internal/poll/fd_mutex.go:213 +0x45
internal/poll.(*FD).Close(0xc000178240, 0x612580, 0xc00001e050)
/usr/local/go/src/internal/poll/fd_unix.go:99 +0x4f
os.(*file).close(0xc000178240, 0xc000500000, 0x20000)
/usr/local/go/src/os/file_unix.go:235 +0x38
os.(*File).Close(...)
/usr/local/go/src/os/file_posix.go:25
github.com/google/syzkaller/pkg/ipc.makeCommand.func2(0xc00000f388, 0xc0000a0fc0)
/syzkaller/gopath/src/github.com/google/syzkaller/pkg/ipc/ipc.go:614 +0x1f5

[Dmitry Vyukov]

On Fri, Aug 7, 2020 at 8:00 AM syzbot
<syzbot+bbce03...@syzkaller.appspotmail.com> wrote:
>
> syzbot has found a reproducer for the following issue on:
>
> HEAD commit: f232436a Remove duplicate comment.
> git tree: openbsd
> console output: https://syzkaller.appspot.com/x/log.txt?x=12ef5e34900000
> kernel config: https://syzkaller.appspot.com/x/.config?x=bf87b6915a88cd0d
> dashboard link: https://syzkaller.appspot.com/bug?extid=bbce03fbda8092f2317d
> syz repro: https://syzkaller.appspot.com/x/repro.syz?x=1360291a900000

The repro uses sysctl, perhaps it's a bad sysctl.

> --
> You received this message because you are subscribed to the Google Groups "syzkaller-openbsd-bugs" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to syzkaller-openbsd...@googlegroups.com.

> To view this discussion on the web visit https://groups.google.com/d/msgid/syzkaller-openbsd-bugs/000000000000f7e2ab05ac435194%40google.com.

[Anton Lindqvist]

On Fri, Aug 07, 2020 at 09:10:58AM +0200, 'Dmitry Vyukov' via syzkaller-openbsd-bugs wrote:
> On Fri, Aug 7, 2020 at 8:00 AM syzbot
> <syzbot+bbce03...@syzkaller.appspotmail.com> wrote:
> >
> > syzbot has found a reproducer for the following issue on:
> >
> > HEAD commit: f232436a Remove duplicate comment.
> > git tree: openbsd
> > console output: https://syzkaller.appspot.com/x/log.txt?x=12ef5e34900000
> > kernel config: https://syzkaller.appspot.com/x/.config?x=bf87b6915a88cd0d
> > dashboard link: https://syzkaller.appspot.com/bug?extid=bbce03fbda8092f2317d
> > syz repro: https://syzkaller.appspot.com/x/repro.syz?x=1360291a900000
>
> The repro uses sysctl, perhaps it's a bad sysctl.

This is kern.maxthread, a root only knob that can cause the syz-execprog
process to panic. Greg is currently working on sanitizing sysctl integer
knobs in the OpenBSD kernel. This will improve the situation but
preventing fiddling with this knob is a good call anyway.

https://github.com/google/syzkaller/pull/2043

[Anton Lindqvist]

Should be fixed by now:

https://github.com/google/syzkaller/commit/872ebc286c4aa445b597066672a6082a9e724b0d

#syz invalid