panic: bad group arg size NUM, should be <= NUM for &prog.GroupArg{ArgCommon:prog.ArgCommon{ref:0x2de, dir:0x0}, Inner:[
13 views
Skip to first unread message
syzbot
Sep 27, 2022, 10:27:48 PM9/27/22
to syzkaller...@googlegroups.com
Hello,
syzbot found the following issue on:
HEAD commit: 3f8a27f9e27b Linux 4.19.211
git tree: linux-4.19.y
console output: https://syzkaller.appspot.com/x/log.txt?x=1256ade4880000
kernel config: https://syzkaller.appspot.com/x/.config?x=9b9277b418617afe
dashboard link: https://syzkaller.appspot.com/bug?extid=086278cbdccac6008c79
compiler: gcc version 10.2.1 20210110 (Debian 10.2.1-6)
Unfortunately, I don't have any reproducer for this issue yet.
Downloadable assets:
disk image: https://storage.googleapis.com/98c0bdb4abb3/disk-3f8a27f9.raw.xz
vmlinux: https://storage.googleapis.com/ea228ff02669/vmlinux-3f8a27f9.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+086278...@syzkaller.appspotmail.com
00000101030087000100e81d1c0060000000010002060002000061000000000000001000000000000866696c6530010103009e0001001ffd1c0060000000010000060002000067000000000000001300000000000866696c6531010103000900010097f01c0060000000010000060002000068000000000000001400000000000866696c65320101030028000100c3e31c0060000000010000060002000068000000000000001500000000000866696c653301010300e4000100b7a72000600000000100000a000200007b000000000000001600000000000866696c652e636f6c64", 0x1e0, 0xb0000}], 0x810, &(0x7f0000000880)=ANY=[], 0x0)
panic: bad group arg size 24, should be <= 0 for &prog.GroupArg{ArgCommon:prog.ArgCommon{ref:0x2de, dir:0x0}, Inner:[]prog.Arg{}} type "array"
goroutine 34 [running]:
github.com/google/syzkaller/prog.foreachArgImpl({0x8b4158, 0xc01e053740}, 0xc01f31b100, 0xc0271f3d00)
/syzkaller/gopath/src/github.com/google/syzkaller/prog/analysis.go:157 +0x5d9
github.com/google/syzkaller/prog.foreachArgImpl({0x8b4198, 0xc00f28a420}, 0xc01f31b100, 0xc0271f3d00)
/syzkaller/gopath/src/github.com/google/syzkaller/prog/analysis.go:164 +0x337
github.com/google/syzkaller/prog.ForeachArg(0xc00eb9bf40, 0x0)
/syzkaller/gopath/src/github.com/google/syzkaller/prog/analysis.go:123 +0x105
github.com/google/syzkaller/prog.(*Prog).MutateWithHints(0xc01f290c80, 0x0, 0xc00f284e10, 0xc0271f3d80)
/syzkaller/gopath/src/github.com/google/syzkaller/prog/hints.go:78 +0xaa
main.(*Proc).executeHintSeed(0xc01f290c80, 0x3a6, 0x0)
/syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/proc.go:248 +0xd2
main.(*Proc).smashInput(0xc01f290c80, 0xc0236ee590)
/syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/proc.go:214 +0x88
main.(*Proc).loop(0xc01f290c80)
/syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/proc.go:78 +0x125
created by main.main
/syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/fuzzer.go:307 +0x15a5
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot found the following issue on:
HEAD commit: 3f8a27f9e27b Linux 4.19.211
git tree: linux-4.19.y
console output: https://syzkaller.appspot.com/x/log.txt?x=1256ade4880000
kernel config: https://syzkaller.appspot.com/x/.config?x=9b9277b418617afe
dashboard link: https://syzkaller.appspot.com/bug?extid=086278cbdccac6008c79
compiler: gcc version 10.2.1 20210110 (Debian 10.2.1-6)
Unfortunately, I don't have any reproducer for this issue yet.
Downloadable assets:
disk image: https://storage.googleapis.com/98c0bdb4abb3/disk-3f8a27f9.raw.xz
vmlinux: https://storage.googleapis.com/ea228ff02669/vmlinux-3f8a27f9.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+086278...@syzkaller.appspotmail.com
00000101030087000100e81d1c0060000000010002060002000061000000000000001000000000000866696c6530010103009e0001001ffd1c0060000000010000060002000067000000000000001300000000000866696c6531010103000900010097f01c0060000000010000060002000068000000000000001400000000000866696c65320101030028000100c3e31c0060000000010000060002000068000000000000001500000000000866696c653301010300e4000100b7a72000600000000100000a000200007b000000000000001600000000000866696c652e636f6c64", 0x1e0, 0xb0000}], 0x810, &(0x7f0000000880)=ANY=[], 0x0)
panic: bad group arg size 24, should be <= 0 for &prog.GroupArg{ArgCommon:prog.ArgCommon{ref:0x2de, dir:0x0}, Inner:[]prog.Arg{}} type "array"
goroutine 34 [running]:
github.com/google/syzkaller/prog.foreachArgImpl({0x8b4158, 0xc01e053740}, 0xc01f31b100, 0xc0271f3d00)
/syzkaller/gopath/src/github.com/google/syzkaller/prog/analysis.go:157 +0x5d9
github.com/google/syzkaller/prog.foreachArgImpl({0x8b4198, 0xc00f28a420}, 0xc01f31b100, 0xc0271f3d00)
/syzkaller/gopath/src/github.com/google/syzkaller/prog/analysis.go:164 +0x337
github.com/google/syzkaller/prog.ForeachArg(0xc00eb9bf40, 0x0)
/syzkaller/gopath/src/github.com/google/syzkaller/prog/analysis.go:123 +0x105
github.com/google/syzkaller/prog.(*Prog).MutateWithHints(0xc01f290c80, 0x0, 0xc00f284e10, 0xc0271f3d80)
/syzkaller/gopath/src/github.com/google/syzkaller/prog/hints.go:78 +0xaa
main.(*Proc).executeHintSeed(0xc01f290c80, 0x3a6, 0x0)
/syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/proc.go:248 +0xd2
main.(*Proc).smashInput(0xc01f290c80, 0xc0236ee590)
/syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/proc.go:214 +0x88
main.(*Proc).loop(0xc01f290c80)
/syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/proc.go:78 +0x125
created by main.main
/syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/fuzzer.go:307 +0x15a5
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot
Dec 28, 2022, 6:22:31 AM12/28/22
to syzkaller...@googlegroups.com
Auto-closing this bug as obsolete.
Crashes did not happen for a while, no reproducer and no activity.
Crashes did not happen for a while, no reproducer and no activity.
Reply all
Reply to author
Forward
0 new messages