syzbot


panic: runtime error: invalid memory address or nil pointer dereference (4)

Status: auto-obsoleted due to no activity on 2023/09/20 17:18
Reported-by: syzbot+7fae0dbd2cba53aa03b2@syzkaller.appspotmail.com
First crash: 245d, last: 245d
Similar bugs (11)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
linux-4.14 panic: runtime error: invalid memory address or nil pointer dereference (2) 2 1386d 1432d 0/1 auto-closed as invalid on 2020/09/04 07:47
android-54 panic: runtime error: invalid memory address or nil pointer dereference 233 1018d 1018d 0/2 closed as invalid on 2021/05/10 12:09
upstream panic: runtime error: invalid memory address or nil pointer dereference (3) 127 1018d 1018d 0/26 closed as invalid on 2021/05/10 12:38
linux-4.14 panic: runtime error: invalid memory address or nil pointer dereference (3) 219 1018d 1018d 0/1 closed as invalid on 2021/05/10 12:09
linux-4.19 panic: runtime error: invalid memory address or nil pointer dereference (2) 1 1279d 1279d 0/1 auto-closed as invalid on 2020/12/20 16:18
upstream panic: runtime error: invalid memory address or nil pointer dereference (2) 1894 1018d 1018d 0/26 closed as invalid on 2021/05/10 12:18
upstream panic: runtime error: invalid memory address or nil pointer dereference (5) 1 127d 123d 0/26 auto-obsoleted due to no activity on 2024/01/16 09:30
upstream panic: runtime error: invalid memory address or nil pointer dereference 1 1451d 1451d 0/26 auto-closed as invalid on 2020/06/01 17:49
linux-4.14 panic: runtime error: invalid memory address or nil pointer dereference 1 1557d 1557d 0/1 auto-closed as invalid on 2020/03/17 06:44
linux-4.19 panic: runtime error: invalid memory address or nil pointer dereference (3) 219 940d 1028d 0/1 auto-closed as invalid on 2021/10/25 16:30
linux-4.19 panic: runtime error: invalid memory address or nil pointer dereference 1 1419d 1419d 0/1 auto-closed as invalid on 2020/08/02 09:10

Sample crash report:
(&(0x7f0000000000)='./file2\x00', &(0x7f0000000080), &(0x7f0000000200)={0x0, 0xfb, 0x4f, 0x0, 0x0, "14313579615e678cf38fd892972ec844", "5da1514c08ba69e7c97dbab57fecf950b6c9f9dad4af38e42336991057a83751a52e72ade305092e6fe9cb715c15d62e129ccb7b1dd9e601d78c"}, 0x4f, 0x0)
lsetxattr$trusted_overlay_upper(&(0x7f0000000140)='./file1\x00', &(0x7f0000000180), 0x0, 0x0, 0xb00)
panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x0 pc=0x46a658]

goroutine 10 [running]:
fmt.(*buffer).writeString(...)
	/usr/local/go/src/fmt/print.go:108
fmt.(*pp).doPrintf(0xc03703a0d0, {0xaa1619, 0x14}, {0xc0029477f8?, 0x2, 0x2})
	/usr/local/go/src/fmt/print.go:1034 +0x176
fmt.Fprintf({0xcbb120, 0xc0282cd1e0}, {0xaa1619, 0x14}, {0xc0029477f8, 0x2, 0x2})
	/usr/local/go/src/fmt/print.go:224 +0x75
github.com/google/syzkaller/pkg/log.message({0x0, 0x0}, {0xaa1619, 0x14}, {0xc0029477f8, 0x2, 0x2})
	/syzkaller/gopath/src/github.com/google/syzkaller/pkg/log/log.go:104 +0x14d
github.com/google/syzkaller/pkg/log.Logf(0x0?, {0xaa1619?, 0x0?}, {0xc0029477f8?, 0xc0029477d0?, 0x40da48?})
	/syzkaller/gopath/src/github.com/google/syzkaller/pkg/log/log.go:76 +0x3b
main.(*Proc).executeRaw(0xc02c1dc100, 0x20?, 0xa39560?, 0x6)
	/syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/proc.go:345 +0x3f4
main.(*Proc).execute(0xc02c1dc100, 0xad8fa1?, 0xb2?, 0xc0029479e0?, 0x0?)
	/syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/proc.go:255 +0x49
main.(*Proc).executeHintSeed.func1(0x14?)
	/syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/proc.go:250 +0x85
github.com/google/syzkaller/prog.(*Prog).MutateWithHints.func1()
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/hints.go:79 +0x6d
github.com/google/syzkaller/prog.checkConstArg(0xc01f3df700, 0xc017c72db0?, 0xc002947d18)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/hints.go:136 +0xef
github.com/google/syzkaller/prog.generateHints(0xc01f848d20?, {0xcbe990, 0xc01f3df700}, 0xc002947ab0?)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/hints.go:120 +0x13c
github.com/google/syzkaller/prog.(*Prog).MutateWithHints.func2({0xcbe990?, 0xc01f3df700?}, 0xc01f5bf880?)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/hints.go:82 +0x34
github.com/google/syzkaller/prog.foreachArgImpl({0xcbe990?, 0xc01f3df700?}, 0xc01f5bf880, 0xc002947d00)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/analysis.go:134 +0x139
github.com/google/syzkaller/prog.ForeachArg(0xc01f470910, 0x1?)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/analysis.go:127 +0xde
github.com/google/syzkaller/prog.(*Prog).MutateWithHints(0xc02c1dc100?, 0x3, 0xc01f825c20, 0xc002947d80)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/hints.go:81 +0xaa
main.(*Proc).executeHintSeed(0xc02c1dc100, 0xc027380600?, 0x3)
	/syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/proc.go:248 +0xd2
main.(*Proc).smashInput(0xc02c1dc100, 0xc008340ec0)
	/syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/proc.go:214 +0x88
main.(*Proc).loop(0xc02c1dc100)
	/syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/proc.go:78 +0xf2
created by main.main
	/syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/fuzzer.go:310 +0x15e5
SeaBIOS (version 1.8.2-google)
Total RAM Size = 0x0000000200000000 = 8192 MiB
CPUs found: 2     Max CPUs supported: 2
SeaBIOS (version 1.8.2-google)
Machine UUID 4f529eef-28bc-79ad-2a9e-d197f2e1e7a4
found virtio-scsi at 0:3
virtio-scsi vendor='Google' product='PersistentDisk' rev='1' type=0 removable=0
virtio-scsi blksize=512 sectors=4194304 = 2048 MiB
drive 0x000f2830: PCHS=0/0/0 translation=lba LCHS=520/128/63 s=4194304
Sending Seabios boot VM event.
Booting from Hard Disk 0...

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2023/06/22 17:17 upstream dad9774deaf1 09ffe269 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root panic: runtime error: invalid memory address or nil pointer dereference
* Struck through repros no longer work on HEAD.