syzbot

 sign-in | mailing list | source | docs
🐞 Open [569] 🐞 Fixed [66] 🐞 Invalid [207] Missing Backports [40] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

panic: replaceArg: group fields don't match: NUM/NUM

Status: upstream: reported on 2024/03/08 17:59
Reported-by: syzbot+1869c0272d9fc7ddf891@syzkaller.appspotmail.com
First crash: 56d, last: 55d
Similar bugs (4)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream panic: replaceArg: group fields don't match: NUM/NUM 387 55d 56d 0/26 closed as invalid on 2024/03/12 09:36
android-5-15 panic: replaceArg: group fields don't match: NUM/NUM 7 55d 56d 0/2 premoderation: reported on 2024/03/08 19:23
linux-5.15 panic: replaceArg: group fields don't match: NUM/NUM 2 55d 55d 0/3 upstream: reported on 2024/03/09 00:25
android-5-10 panic: replaceArg: group fields don't match: NUM/NUM 13 55d 56d 0/2 auto-obsoleted due to no activity on 2024/04/28 04:20

Sample crash report:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
fsetxattr$security_ima(r0, &(0x7f0000000400), 0x0, 0x0, 0x0)
00:10:33 executing program 4:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
fsetxattr$security_ima(r0, &(0x7f0000000400), 0x0, 0x0, 0x0)
panic: replaceArg: group fields don't match: 0/1

goroutine 12 [running]:
github.com/google/syzkaller/prog.replaceArg({0x9fabc8?, 0x4019c0b520?}, {0x9fabc8?, 0x401a0b5860?})
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/prog.go:377 +0x3fc
github.com/google/syzkaller/prog.replaceArg({0x9fabc8?, 0x4019c0b480?}, {0x9fabc8?, 0x401a0b5480?})
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/prog.go:382 +0x328
github.com/google/syzkaller/prog.replaceArg({0x9fabc8?, 0x4019c0b3a0?}, {0x9fabc8?, 0x401a0b52a0?})
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/prog.go:382 +0x328
github.com/google/syzkaller/prog.replaceArg({0x9fabc8?, 0x4019c0af80?}, {0x9fabc8?, 0x401a0b4da0?})
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/prog.go:382 +0x328
github.com/google/syzkaller/prog.replaceArg({0x9fabc8?, 0x4019c0aea0?}, {0x9fabc8?, 0x401a0b4d00?})
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/prog.go:382 +0x328
github.com/google/syzkaller/prog.replaceArg({0x9fabc8?, 0x4019c0ad20?}, {0x9fabc8?, 0x401a0b4cc0?})
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/prog.go:382 +0x328
github.com/google/syzkaller/prog.replaceArg({0x9fabc8?, 0x4019c0ad00?}, {0x9fabc8?, 0x401a0b4ae0?})
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/prog.go:382 +0x328
github.com/google/syzkaller/prog.replaceArg({0x9fabc8?, 0x4019c0aca0?}, {0x9fabc8?, 0x401a0b4a20?})
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/prog.go:382 +0x328
github.com/google/syzkaller/prog.(*StructType).mutate(0x1251ae0, 0x4019c0ba20, 0x40173f9b30, {0x9fabc8, 0x4019c0a8c0?}, {0x40173f9ae8, {0x1914440, 0x4, 0x4}, 0x4013f8ba70, ...})
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/mutation.go:490 +0x170
github.com/google/syzkaller/prog.(*Target).mutateArg(0x4003988b00?, 0x4013f8bad0?, 0x1024?, {0x9fabc8, 0x4019c0a8c0}, {0x40173f9ae8, {0x1914440, 0x4, 0x4}, 0x4013f8ba70, ...}, ...)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/mutation.go:245 +0xc0
github.com/google/syzkaller/prog.(*mutator).mutateArg(0x40020cdd48)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/mutation.go:196 +0x1f4
github.com/google/syzkaller/prog.(*Prog).Mutate(0x40232a0480, {0x9f6e48?, 0x4023362ab0}, 0x1e, 0x40231fa000, 0x400009b8f0, {0x400439a000, 0xfca1, 0x11000})
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/mutation.go:51 +0x224
main.(*Proc).smashInput(0x401d9783c0, 0x40117d1440)
	/syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/proc.go:221 +0x10c
main.(*Proc).loop(0x401d9783c0)
	/syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/proc.go:78 +0xf4
created by main.main in goroutine 1
	/syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/fuzzer.go:336 +0x1288

Crashes (3):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2024/03/08 23:53 linux-6.1.y 61adba85cc40 8e75c913 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 panic: replaceArg: group fields don't match: NUM/NUM
2024/03/08 20:54 linux-6.1.y 61adba85cc40 8e75c913 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 panic: replaceArg: group fields don't match: NUM/NUM
2024/03/08 17:59 linux-6.1.y 61adba85cc40 8e75c913 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 panic: replaceArg: group fields don't match: NUM/NUM
* Struck through repros no longer work on HEAD.