syzbot


panic: bad group arg size 29, should be <= 32 for &prog.GroupArg{ArgCommon:prog.ArgCommon{ref:LINEx2c0, dir:LINEx0}, Inn

Status: closed as invalid on 2020/05/22 06:30
Reported-by: syzbot+5333b317bb5f3d0d8e9b@syzkaller.appspotmail.com
First crash: 1407d, last: 1407d

Sample crash report:
panic: bad group arg size 29, should be <= 32 for &prog.GroupArg{ArgCommon:prog.ArgCommon{ref:0x2c0, dir:0x0}, Inner:[]prog.Arg{(*prog.DataArg)(0xc0020248a0), (*prog.ConstArg)(0xc002026130), (*prog.ConstArg)(0xc002026140), (*prog.ConstArg)(0xc002026150)}} type &prog.StructType{TypeCommon:prog.TypeCommon{TypeName:"ifreq_name", TypeSize:0x20, IsOptional:false, IsVarlen:false, self:0x2c0}, Fields:[]prog.Field{prog.Field{Name:"ifr_name", Type:(*prog.BufferType)(0xcc4f60)}, prog.Field{Name:"tapindex", Type:(*prog.ProcType)(0xcba960)}, prog.Field{Name:"z", Type:(*prog.ConstType)(0xcb6880)}, prog.Field{Name:"", Type:(*prog.ConstType)(0xcba6c0)}}, AlignAttr:0x0}

goroutine 25 [running]:
github.com/google/syzkaller/prog.foreachArgImpl(0x9b0b20, 0xc002211a40, 0xc002023180, 0xc0005e1908)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/analysis.go:149 +0x765
github.com/google/syzkaller/prog.foreachArgImpl(0x9b0b60, 0xc002024870, 0xc002023180, 0xc0005e1908)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/analysis.go:156 +0x5e5
github.com/google/syzkaller/prog.ForeachArg(0xc002022f80, 0xc0005e1908)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/analysis.go:122 +0xdd
github.com/google/syzkaller/prog.getCompatibleResources(0xc002022ec0, 0x8f9fd0, 0x7, 0xc00282d8c0, 0x0, 0x0, 0x0)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/rand.go:898 +0xb9
github.com/google/syzkaller/prog.(*randGen).resourceCentric(0xc00282d8c0, 0xc001b7b310, 0xca87a0, 0x0, 0x0, 0x0, 0x924940, 0xc0005e1b18, 0x40)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/rand.go:846 +0xfe
github.com/google/syzkaller/prog.(*ResourceType).generate(0xca87a0, 0xc00282d8c0, 0xc001b7b310, 0x0, 0x886a00, 0x0, 0xc001c66600, 0x10, 0x10)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/rand.go:675 +0x27c
github.com/google/syzkaller/prog.(*randGen).generateArgImpl(0xc00282d8c0, 0xc001b7b310, 0x9b6e40, 0xca87a0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/rand.go:664 +0x450
github.com/google/syzkaller/prog.(*randGen).generateArg(...)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/rand.go:614
github.com/google/syzkaller/prog.(*randGen).generateArgs(0xc00282d8c0, 0xc001b7b310, 0xca7260, 0x1, 0x1, 0x49f700, 0xc001f0e000, 0x155, 0x155, 0x2070, ...)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/rand.go:602 +0x116
github.com/google/syzkaller/prog.(*randGen).generateParticularCall(0xc00282d8c0, 0xc001b7b310, 0xd29600, 0x137, 0xc001b7b310, 0xc001be5da0)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/rand.go:557 +0xd5
github.com/google/syzkaller/prog.(*randGen).generateCall(0xc00282d8c0, 0xc001b7b310, 0xc001c630c0, 0xa, 0xc001c630c0, 0xc001c634c0, 0xc001b7b310)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/rand.go:546 +0x95
github.com/google/syzkaller/prog.(*mutator).insertCall(0xc0005e1ec0, 0x14)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/mutation.go:141 +0xf2
github.com/google/syzkaller/prog.(*Prog).Mutate(0xc001c630c0, 0x9aa1a0, 0xc001560bd0, 0x14, 0xc001514880, 0xc001eb6000, 0x2113, 0x2400)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/mutation.go:45 +0x2ea
main.(*Proc).loop(0xc0015148c0)
	/syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/proc.go:95 +0x434
created by main.main
	/syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/fuzzer.go:258 +0x1155


Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2020/05/21 05:53 openbsd cec60a45d9fd c61086ab .config console log report ci-openbsd-main
* Struck through repros no longer work on HEAD.