syzbot

 sign-in | mailing list | source | docs
🐞 Open [53] 🐞 Fixed [314] 🐞 Invalid [325] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

panic: runtime error: invalid memory address or nil pointer dereference [recovered]

Status: closed as dup on 2021/09/27 17:33
Reported-by: syzbot+2f86134b30793b5438cf@syzkaller.appspotmail.com
First crash: 936d, last: 934d
Duplicate of
Title Repro Cause bisect Fix bisect Count Last Reported
panic: runtime error: invalid memory address or nil pointer dereference 12 934d 936d

Sample crash report:
panic: runtime error: invalid memory address or nil pointer dereference [recovered]
	panic: runtime error: invalid memory address or nil pointer dereference
target: freebsd/amd64, rev: 78494d166f1bbede620120c506ccd9f7878b05f9, mode=1, prog:
"r0 = socket$inet(0x2, 0x5, 0x0)\nr1 = socket$inet_sctp(0x2, 0x5, 0x84)\nr2 = dup2(r1, r0)\nsendto$inet(r2, 0x0, 0x0, 0x0, &(0x7f0000000180)={0x10, 0x2, 0x2, @rand_addr=0x5}, 0x10)\nr3 = socket$inet(0x2, 0x5, 0x0)\nr4 = socket$inet_sctp(0x2, 0x5, 0x84)\nr5 = dup2(r4, r3)\nsendto$inet(r5, 0x0, 0x0, 0x0, &(0x7f0000000180)={0x10, 0x2, 0x2, @rand_addr=0x5}, 0x10)\ngetsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x105, &(0x7f0000000040)=ANY=[@ANYBLOB=\"01000052\", @ANYRES32=<r6=>0x0], &(0x7f0000001700)=0x8)\ngetsockopt$inet6_sctp_SCTP_EVENT(r2, 0x84, 0x1e, &(0x7f0000000000)={r6, 0xc}, &(0x7f0000000140)=0x8)\n"
[signal SIGSEGV: segmentation violation code=0x1 addr=0x10 pc=0x5c04c7]

goroutine 1 [running]:
github.com/google/syzkaller/prog.(*Target).Deserialize.func1(0xc0000716c0, 0x1, 0xc00024cc80, 0x25c, 0x25c)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/encoding.go:237 +0x228
panic(0x8f70c0, 0x10354f0)
	/syzkaller/go/src/runtime/panic.go:969 +0x166
github.com/google/syzkaller/prog.(*parser).parseProg(0xc0000d3750, 0xffffffffffffffff, 0x82, 0xc00046b778)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/encoding.go:296 +0x447
github.com/google/syzkaller/prog.(*Target).Deserialize(0xc0000716c0, 0xc00024cc80, 0x25c, 0x25c, 0x1, 0x0, 0x0, 0x0)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/encoding.go:242 +0x177
main.(*Fuzzer).deserializeInput(0xc000071380, 0xc00024cc80, 0x25c, 0x25c, 0x30dcc6d2b2b54894)
	/syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/fuzzer.go:462 +0x69
main.(*Fuzzer).addInputFromAnotherFuzzer(0xc000071380, 0xc000098280, 0x20, 0xc00024cc80, 0x25c, 0x25c, 0xc000300d80, 0x10c, 0x10c, 0xc000320360, ...)
	/syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/fuzzer.go:434 +0x59
main.(*Fuzzer).poll(0xc000071380, 0x99e200, 0x0, 0xc0003ebe78)
	/syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/fuzzer.go:412 +0x427
main.main()
	/syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/fuzzer.go:267 +0x11d6
login:

Crashes (4):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2021/09/27 21:54 freebsd-src 74237127e340 78494d16 console log report ci-freebsd-main panic: runtime error: invalid memory address or nil pointer dereference [recovered]
2021/09/26 08:22 freebsd-src fb640be4e944 8cac236e console log report ci-freebsd-main panic: runtime error: invalid memory address or nil pointer dereference [recovered]
2021/09/26 06:10 freebsd-src fb640be4e944 8cac236e console log report ci-freebsd-main panic: runtime error: invalid memory address or nil pointer dereference [recovered]
2021/09/25 18:13 freebsd-src f766826fe3b8 8cac236e console log report ci-freebsd-main panic: runtime error: invalid memory address or nil pointer dereference [recovered]
* Struck through repros no longer work on HEAD.