Hello,
syzbot found the following issue on:
HEAD commit: 61adba85cc40 Linux 6.1.81
git tree: linux-6.1.y
console output:
https://syzkaller.appspot.com/x/log.txt?x=12dda8da180000
kernel config:
https://syzkaller.appspot.com/x/.config?x=8da5a35c67a34fd5
dashboard link:
https://syzkaller.appspot.com/bug?extid=1869c0272d9fc7ddf891
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
userspace arch: arm64
Unfortunately, I don't have any reproducer for this issue yet.
Downloadable assets:
disk image:
https://storage.googleapis.com/syzbot-assets/61c8045dd77d/disk-61adba85.raw.xz
vmlinux:
https://storage.googleapis.com/syzbot-assets/1620a2c15322/vmlinux-61adba85.xz
kernel image:
https://storage.googleapis.com/syzbot-assets/68d3cf583201/Image-61adba85.gz.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by:
syzbot+1869c0...@syzkaller.appspotmail.com
panic: replaceArg: group fields don't match: 1/0
goroutine 14 [running]:
github.com/google/syzkaller/prog.replaceArg({0x9fabc8?, 0x4016b21080?}, {0x9fabc8?, 0x4017878420?})
/syzkaller/gopath/src/
github.com/google/syzkaller/prog/prog.go:377 +0x3fc
github.com/google/syzkaller/prog.replaceArg({0x9fabc8?, 0x4016b21320?}, {0x9fabc8?, 0x4017878400?})
/syzkaller/gopath/src/
github.com/google/syzkaller/prog/prog.go:382 +0x328
github.com/google/syzkaller/prog.replaceArg({0x9fabc8?, 0x4016b21340?}, {0x9fabc8?, 0x40178783e0?})
/syzkaller/gopath/src/
github.com/google/syzkaller/prog/prog.go:382 +0x328
github.com/google/syzkaller/prog.replaceArg({0x9fabc8?, 0x4016b21360?}, {0x9fabc8?, 0x40178783c0?})
/syzkaller/gopath/src/
github.com/google/syzkaller/prog/prog.go:382 +0x328
github.com/google/syzkaller/prog.replaceArg({0x9fabc8?, 0x4016b21380?}, {0x9fabc8?, 0x40178783a0?})
/syzkaller/gopath/src/
github.com/google/syzkaller/prog/prog.go:382 +0x328
github.com/google/syzkaller/prog.replaceArg({0x9fabc8?, 0x4016b213a0?}, {0x9fabc8?, 0x4017878380?})
/syzkaller/gopath/src/
github.com/google/syzkaller/prog/prog.go:382 +0x328
github.com/google/syzkaller/prog.replaceArg({0x9fabc8?, 0x4016b213c0?}, {0x9fabc8?, 0x4017878360?})
/syzkaller/gopath/src/
github.com/google/syzkaller/prog/prog.go:382 +0x328
github.com/google/syzkaller/prog.replaceArg({0x9fabc8?, 0x4016b213e0?}, {0x9fabc8?, 0x4017878340?})
/syzkaller/gopath/src/
github.com/google/syzkaller/prog/prog.go:382 +0x328
github.com/google/syzkaller/prog.(*StructType).mutate(0x1251ae0, 0x4016b20f00, 0x401762ed20, {0x9fabc8, 0x4016b21400?}, {0x401762eb48, {0x1914440, 0x4, 0x4}, 0x40176635f0, ...})
/syzkaller/gopath/src/
github.com/google/syzkaller/prog/mutation.go:490 +0x170
github.com/google/syzkaller/prog.(*Target).mutateArg(0x400a39a100?, 0x4017663170?, 0x4?, {0x9fabc8, 0x4016b21400}, {0x401762eb48, {0x1914440, 0x4, 0x4}, 0x40176635f0, ...}, ...)
/syzkaller/gopath/src/
github.com/google/syzkaller/prog/mutation.go:245 +0xc0
github.com/google/syzkaller/prog.(*mutator).mutateArg(0x4001cdfd48)
/syzkaller/gopath/src/
github.com/google/syzkaller/prog/mutation.go:196 +0x1f4
github.com/google/syzkaller/prog.(*Prog).Mutate(0x40189a3800, {0x9f6e48?, 0x4018c165d0}, 0x1e, 0x4017c8e000, 0x40003e2e70, {0x4015b82000, 0xde2f, 0x11000})
/syzkaller/gopath/src/
github.com/google/syzkaller/prog/mutation.go:51 +0x224
main.(*Proc).smashInput(0x4017c8e0c0, 0x4011c81050)
/syzkaller/gopath/src/
github.com/google/syzkaller/syz-fuzzer/proc.go:221 +0x10c
main.(*Proc).loop(0x4017c8e0c0)
/syzkaller/gopath/src/
github.com/google/syzkaller/syz-fuzzer/proc.go:78 +0xf4
created by main.main in goroutine 1
/syzkaller/gopath/src/
github.com/google/syzkaller/syz-fuzzer/fuzzer.go:336 +0x1288
---
This report is generated by a bot. It may contain errors.
See
https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at
syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
If the report is already addressed, let syzbot know by replying with:
#syz fix: exact-commit-title
If you want to overwrite report's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)
If the report is a duplicate of another one, reply with:
#syz dup: exact-subject-of-another-report
If you want to undo deduplication, reply with:
#syz undup