panic: (runtime.errorString) (0x,0x)

12 views

Skip to first unread message

syzbot

unread,

Dec 11, 2020, 3:03:12 PM12/11/20

to syzkaller-upst...@googlegroups.com

Hello,

syzbot found the following issue on:

HEAD commit: 15ac8fdb Add linux-next specific files for 20201207
git tree: linux-next
console output: https://syzkaller.appspot.com/x/log.txt?x=160913cf500000
kernel config: https://syzkaller.appspot.com/x/.config?x=3696b8138207d24d
dashboard link: https://syzkaller.appspot.com/bug?extid=c99f6d5a27587e66c7df
compiler: gcc (GCC) 10.1.0-syz 20200507
CC: [linux-...@vger.kernel.org]

Unfortunately, I don't have any reproducer for this issue yet.

IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+c99f6d...@syzkaller.appspotmail.com

panic: (runtime.errorString) (0x ,0x )
fatal error: panic holding locks

goroutine 1 [running]:
runtime.throw(0x , 0x )
/syzkaller/go/src/runtime/panic.go:1116 +0x fp=0x sp=0x pc=0x
panic(0x , 0x )
/syzkaller/go/src/runtime/panic.go:917 +0x fp=0x sp=0x pc=0x
runtime.growslice(0x , 0x , 0x , 0x , 0x , 0x , 0x , 0x )
/syzkaller/go/src/runtime/slice.go:170 +0x fp=0x sp=0x pc=0x
sync.(*Pool).pinSlow(0x , 0x , 0x )
/syzkaller/go/src/sync/pool.go:223 +0x fp=0x sp=0x pc=0x
sync.(*Pool).pin(0x , 0x , 0x )
/syzkaller/go/src/sync/pool.go:206 +0x fp=0x sp=0x pc=0x
sync.(*Pool).Get(0x , 0x , 0x )
/syzkaller/go/src/sync/pool.go:128 +0x fp=0x sp=0x pc=0x
fmt.newPrinter(0x )
/syzkaller/go/src/fmt/print.go:137 +0x fp=0x sp=0x pc=0x
fmt.Errorf(0x , 0x , 0x , 0x , 0x , 0x , 0x )
/syzkaller/go/src/fmt/errors.go:18 +0x fp=0x sp=0x pc=0x
github.com/google/syzkaller/prog.(*parser).parseProg(0x , 0x , 0x , 0x )
/syzkaller/gopath/src/github.com/google/syzkaller/prog/encoding.go:264 +0x fp=0x sp=0x pc=0x
github.com/google/syzkaller/prog.(*Target).Deserialize(0x , 0x , 0x , 0x , 0x , 0x , 0x , 0x )
/syzkaller/gopath/src/github.com/google/syzkaller/prog/encoding.go:214 +0x fp=0x sp=0x pc=0x
main.(*Fuzzer).deserializeInput(0x , 0x , 0x , 0x , 0x )
/syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/fuzzer.go:441 +0x fp=0x sp=0x pc=0x
main.(*Fuzzer).addInputFromAnotherFuzzer(0x , 0x , 0x , 0x , 0x , 0x , 0x , 0x , 0x , 0x , ...)
/syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/fuzzer.go:413 +0x fp=0x sp=0x pc=0x
main.(*Fuzzer).poll(0x , 0x , 0x , 0x )
/syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/fuzzer.go:391 +0x fp=0x sp=0x pc=0x
main.(*Fuzzer).pollLoop(0x )
/syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/fuzzer.go:368 +0x fp=0x sp=0x pc=0x
main.main()
/syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/fuzzer.go:285 +0x fp=0x sp=0x pc=0x
runtime.main()
/syzkaller/go/src/runtime/proc.go:203 +0x fp=0x sp=0x pc=0x
runtime.goexit()
/syzkaller/go/src/runtime/asm_amd64.s:1373 +0x fp=0x sp=0x pc=0x
fatal error:
panic during panic
runtime.throw(0x , 0x )
/syzkaller/go/src/runtime/panic.go:1116 +0x
runtime.panicCheck1(0x , 0x , 0x )
/syzkaller/go/src/runtime/panic.go:34 +0x
runtime.goPanicIndex(0x , 0x )
/syzkaller/go/src/runtime/panic.go:87 +0x
runtime.cfuncname(...)
/syzkaller/go/src/runtime/symtab.go:798
runtime.funcname(0x , 0x , 0x , 0x )
/syzkaller/go/src/runtime/symtab.go:802 +0x
runtime.isSystemGoroutine(0x , 0x , 0x )
/syzkaller/go/src/runtime/traceback.go:1040 +0x
runtime.tracebackothers(0x )
/syzkaller/go/src/runtime/traceback.go:931 +0x
runtime.dopanic_m(0x , 0x , 0x , 0x )
/syzkaller/go/src/runtime/panic.go:1322 +0x
runtime.fatalthrow.func1()
/syzkaller/go/src/runtime/panic.go:1171 +0x
runtime.systemstack(0x )
/syzkaller/go/src/runtime/asm_amd64.s:370 +0x
runtime.mstart()
/syzkaller/go/src/runtime/proc.go:1041

---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.

syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.

Dmitry Vyukov

unread,

Dec 14, 2020, 5:30:24 AM12/14/20

to syzbot, 'Dmitry Vyukov' via syzkaller-upstream-moderation

linux-next seems to start corrupting memory of user-space processes,
but it also seems to be fixed by now:
https://syzkaller.appspot.com/bug?id=8fd2a5cb9fda77cbea5ef75235e9cd8aa7106a88
https://syzkaller.appspot.com/bug?id=ad9fe42593b16340fbd1e776deb964f45055fa2f
https://syzkaller.appspot.com/bug?id=31393f0c8cfba2ceff2d0d70de5458993d8d4088
https://syzkaller.appspot.com/bug?id=47ebe9b93b8512fc1ebac4c2512f0339039cc1a9

#syz invalid

> --
> You received this message because you are subscribed to the Google Groups "syzkaller-upstream-moderation" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to syzkaller-upstream-m...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/syzkaller-upstream-moderation/00000000000030a4c005b635c8eb%40google.com.

Reply all

Reply to author

Forward

0 new messages