[syzbot] panic: runtime error: floating point error [recovered] (2)

From: syzbot
Date: Sun Dec 22 2024 - 09:57:32 EST


Hello,

syzbot found the following issue on:

HEAD commit: aef25be35d23 hexagon: Disable constant extender optimizati..
git tree: upstream
console output: https://syzkaller.appspot.com/x/log.txt?x=1784c2df980000
kernel config: https://syzkaller.appspot.com/x/.config?x=4f1586bab1323870
dashboard link: https://syzkaller.appspot.com/bug?extid=4fb57f15e8c895a21973
compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=174c37e8580000

Downloadable assets:
disk image (non-bootable): https://storage.googleapis.com/syzbot-assets/7feb34a89c2a/non_bootable_disk-aef25be3.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/c52463f4576f/vmlinux-aef25be3.xz
kernel image: https://storage.googleapis.com/syzbot-assets/9f8b90f65f14/bzImage-aef25be3.xz

IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+4fb57f15e8c895a21973@xxxxxxxxxxxxxxxxxxxxxxxxx

panic: runtime error: floating point error [recovered]
panic: bytes.Buffer: too large
[signal SIGFPE: floating-point exception code=0x80 addr=0x0 pc=0x474d52]

goroutine 7 [running]:
bytes.growSlice.func1()
/usr/local/go/src/bytes/buffer.go:232 +0x45
panic({0x128f240?, 0x297a930?})
/usr/local/go/src/runtime/panic.go:770 +0x132
bytes.growSlice({0xc007442800, 0x200, 0x1?}, 0x800?)
/usr/local/go/src/bytes/buffer.go:249 +0xb9
bytes.(*Buffer).grow(0xc001b1c5a0, 0x1)
/usr/local/go/src/bytes/buffer.go:151 +0x13d
bytes.(*Buffer).Write(0xc001b1c5a0, {0xc001e70800, 0x1, 0x0?})
/usr/local/go/src/bytes/buffer.go:179 +0x59
fmt.Fprintf({0x1c7d9c0, 0xc001b1c5a0}, {0x1c1a3b0, 0x1}, {0x0, 0x0, 0x0})
/usr/local/go/src/fmt/print.go:225 +0x97
github.com/google/syzkaller/prog.(*serializer).printf(...)
/syzkaller/gopath/src/github.com/google/syzkaller/prog/encoding.go:64
github.com/google/syzkaller/prog.(*PointerArg).serialize(0xc001d8a990, 0xc001b1c600)
/syzkaller/gopath/src/github.com/google/syzkaller/prog/encoding.go:142 +0x271
github.com/google/syzkaller/prog.(*serializer).arg(0x1c7d9c0?, {0x1c9c180?, 0xc001d8a990?})
/syzkaller/gopath/src/github.com/google/syzkaller/prog/encoding.go:125 +0x29
github.com/google/syzkaller/prog.(*GroupArg).serialize(0xc001d70f20, 0xc001b1c600)
/syzkaller/gopath/src/github.com/google/syzkaller/prog/encoding.go:203 +0x26d
github.com/google/syzkaller/prog.(*serializer).arg(0x1c7d9c0?, {0x1c9c240?, 0xc001d70f20?})
/syzkaller/gopath/src/github.com/google/syzkaller/prog/encoding.go:125 +0x29
github.com/google/syzkaller/prog.(*PointerArg).serialize(0xc001d8ac30, 0xc001b1c600)
/syzkaller/gopath/src/github.com/google/syzkaller/prog/encoding.go:146 +0x38e
github.com/google/syzkaller/prog.(*serializer).arg(0x1c7d9c0?, {0x1c9c180?, 0xc001d8ac30?})
/syzkaller/gopath/src/github.com/google/syzkaller/prog/encoding.go:125 +0x29
github.com/google/syzkaller/prog.(*serializer).call(0xc001b1c600, 0xc0007b6190)
/syzkaller/gopath/src/github.com/google/syzkaller/prog/encoding.go:86 +0x216
github.com/google/syzkaller/prog.(*Prog).serialize(0xc000ca7280, 0x0)
/syzkaller/gopath/src/github.com/google/syzkaller/prog/encoding.go:46 +0xd8
github.com/google/syzkaller/prog.(*Prog).Serialize(...)
/syzkaller/gopath/src/github.com/google/syzkaller/prog/encoding.go:30
github.com/google/syzkaller/pkg/rpcserver.(*Runner).handleExecutingMessage(0xc0002746c0, 0xc007431308)
/syzkaller/gopath/src/github.com/google/syzkaller/pkg/rpcserver/runner.go:371 +0x217
github.com/google/syzkaller/pkg/rpcserver.(*Runner).ConnectionLoop(0xc0002746c0)
/syzkaller/gopath/src/github.com/google/syzkaller/pkg/rpcserver/runner.go:201 +0x4b9
github.com/google/syzkaller/pkg/rpcserver.(*server).connectionLoop(0xc0016da300, 0xc0002746c0)
/syzkaller/gopath/src/github.com/google/syzkaller/pkg/rpcserver/rpcserver.go:356 +0x105
github.com/google/syzkaller/pkg/rpcserver.(*server).handleRunnerConn(0xc0016da300, 0xc0002746c0, 0xc00193e140)
/syzkaller/gopath/src/github.com/google/syzkaller/pkg/rpcserver/rpcserver.go:294 +0x411
github.com/google/syzkaller/pkg/rpcserver.(*server).handleConn(0xc0016da300, 0xc00193e140)
/syzkaller/gopath/src/github.com/google/syzkaller/pkg/rpcserver/rpcserver.go:261 +0x2b6
github.com/google/syzkaller/pkg/flatrpc.ListenAndServe.func1.1()
/syzkaller/gopath/src/github.com/google/syzkaller/pkg/flatrpc/conn.go:55 +0x122
created by github.com/google/syzkaller/pkg/flatrpc.ListenAndServe.func1 in goroutine 53
/syzkaller/gopath/src/github.com/google/syzkaller/pkg/flatrpc/conn.go:52 +0xb1


---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzkaller@xxxxxxxxxxxxxxxx.

syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.

If the report is already addressed, let syzbot know by replying with:
#syz fix: exact-commit-title

If you want syzbot to run the reproducer, reply with:
#syz test: git://repo/address.git branch-or-commit-hash
If you attach or paste a git patch, syzbot will apply it before testing.

If you want to overwrite report's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)

If the report is a duplicate of another one, reply with:
#syz dup: exact-subject-of-another-report

If you want to undo deduplication, reply with:
#syz undup