syzbot

 sign-in | mailing list | source | docs
🐞 Open [717] 🐞 Fixed [181] 🐞 Invalid [640] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

panic: runtime error: invalid memory address or nil pointer dereference

Status: auto-closed as invalid on 2020/03/17 06:44
Reported-by: syzbot+fe51dcb4df3dffab18dc@syzkaller.appspotmail.com
First crash: 1621d, last: 1621d
Similar bugs (11)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
linux-4.14 panic: runtime error: invalid memory address or nil pointer dereference (2) 2 1450d 1496d 0/1 auto-closed as invalid on 2020/09/04 07:47
android-54 panic: runtime error: invalid memory address or nil pointer dereference 233 1082d 1082d 0/2 closed as invalid on 2021/05/10 12:09
upstream panic: runtime error: invalid memory address or nil pointer dereference (3) 127 1082d 1082d 0/26 closed as invalid on 2021/05/10 12:38
linux-4.14 panic: runtime error: invalid memory address or nil pointer dereference (3) 219 1082d 1082d 0/1 closed as invalid on 2021/05/10 12:09
linux-4.19 panic: runtime error: invalid memory address or nil pointer dereference (2) 1 1343d 1343d 0/1 auto-closed as invalid on 2020/12/20 16:18
upstream panic: runtime error: invalid memory address or nil pointer dereference (2) 1894 1082d 1082d 0/26 closed as invalid on 2021/05/10 12:18
upstream panic: runtime error: invalid memory address or nil pointer dereference (5) 1 191d 187d 0/26 auto-obsoleted due to no activity on 2024/01/16 09:30
upstream panic: runtime error: invalid memory address or nil pointer dereference 1 1515d 1515d 0/26 auto-closed as invalid on 2020/06/01 17:49
linux-4.19 panic: runtime error: invalid memory address or nil pointer dereference (3) 219 1004d 1092d 0/1 auto-closed as invalid on 2021/10/25 16:30
linux-4.19 panic: runtime error: invalid memory address or nil pointer dereference 1 1483d 1483d 0/1 auto-closed as invalid on 2020/08/02 09:10
upstream panic: runtime error: invalid memory address or nil pointer dereference (4) 1 309d 305d 0/26 auto-obsoleted due to no activity on 2023/09/20 17:18

Sample crash report:
e4abe77258962304cd992f3d41997accd0dcef06808be65698ae988bf1a2093497c64028e8aa4e4ca6090fb87e79a733af31ccda29bde00774f1f94cf2f926d3cd009b127f0896839b27ab76e946b53ee04feb4ca50613ec8b135c8a2be972af43ce2", &(0x7f00000004c0)="862b142eaac2b51eb84ef6e79f1fee14f77dda788931b17eff4115201a97e99331d63bad4b63ecafd981a240cc2fa69982d6589544ab53e865829bd586c8daece4869c4720b027f3900683c1772fc73fad149a4f3ed6befaa5c61de47b771852a92612ef05c3062a702ed16fede7fd5a6d99c67d6bc2b485cf4699ad0258e0789048d54fca424436728031de95"}, 0x40)
panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x20 pc=0x6f6934]

goroutine 33 [running]:
github.com/google/syzkaller/prog.foreachArgImpl(0x9f0460, 0xc42c89b0e0, 0xc42393ef08, 0xc42c89b0b0, 0x0, 0xc4396ac100, 0xc442be27f8)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/analysis.go:137 +0x204
github.com/google/syzkaller/prog.foreachArgImpl(0x9f04a0, 0xc42c89b0b0, 0xc42393ef08, 0x0, 0x0, 0x202030303030300, 0xc442be27f8)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/analysis.go:153 +0x3b5
github.com/google/syzkaller/prog.ForeachArg(0xc42393ef00, 0xc442be27f8)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/analysis.go:120 +0x88
github.com/google/syzkaller/prog.getCompatibleResources(0xc42393eec0, 0x8c21f8, 0xe, 0xc42b1138c0, 0x0, 0x0, 0x0)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/rand.go:870 +0xb9
github.com/google/syzkaller/prog.resourceCentric(0xf83820, 0xc423cff540, 0xc42b1138c0, 0x1, 0x20, 0xc442be29d8, 0x4dfde3)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/rand.go:818 +0xfa
github.com/google/syzkaller/prog.(*ResourceType).generate(0xf83820, 0xc42b1138c0, 0xc423cff540, 0x9f03e0, 0xc4367c8760, 0x0, 0x0, 0x0)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/rand.go:650 +0x931
github.com/google/syzkaller/prog.(*randGen).generateArgImpl(0xc42b1138c0, 0xc423cff540, 0x9f38e0, 0xf83820, 0xc442be2c00, 0x0, 0x0, 0x0, 0x0, 0x0)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/rand.go:643 +0x1b8
github.com/google/syzkaller/prog.(*randGen).generateArg(0xc42b1138c0, 0xc423cff540, 0x9f38e0, 0xf83820, 0x0, 0x0, 0x0, 0x0, 0x0)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/rand.go:592 +0x52
github.com/google/syzkaller/prog.(*randGen).generateArgs(0xc42b1138c0, 0xc423cff540, 0xe4d4a0, 0x4, 0x4, 0xc442be2e18, 0x89839b99, 0x6283d6c3f5fd4134, 0xc442be2df8, 0x620000000072d968, ...)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/rand.go:580 +0x18b
github.com/google/syzkaller/prog.(*StructType).generate(0xd16a60, 0xc42b1138c0, 0xc423cff540, 0xe, 0x18b4540, 0xc43d14aa00, 0x531ba831d747aa7b, 0xc442be2e60)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/rand.go:782 +0x74
github.com/google/syzkaller/prog.(*randGen).generateArgImpl(0xc42b1138c0, 0xc423cff540, 0x9f39a0, 0xd16a60, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/rand.go:643 +0x1b8
github.com/google/syzkaller/prog.(*randGen).generateArg(0xc42b1138c0, 0xc423cff540, 0x9f39a0, 0xd16a60, 0x410848, 0xc442be2f78, 0x72e5f4, 0x8a2880, 0x3)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/rand.go:592 +0x52
github.com/google/syzkaller/prog.(*PtrType).generate(0xe7d800, 0xc42b1138c0, 0xc423cff540, 0x9f03e0, 0xc4367c8740, 0x0, 0x0, 0x0)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/rand.go:798 +0xf7
github.com/google/syzkaller/prog.(*randGen).generateArgImpl(0xc42b1138c0, 0xc423cff540, 0x9f3820, 0xe7d800, 0xc442be3000, 0x0, 0x0, 0x0, 0x0, 0x0)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/rand.go:643 +0x1b8
github.com/google/syzkaller/prog.(*randGen).generateArg(0xc42b1138c0, 0xc423cff540, 0x9f3820, 0xe7d800, 0x0, 0x0, 0x0, 0x0, 0x0)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/rand.go:592 +0x52
github.com/google/syzkaller/prog.(*randGen).generateArgs(0xc42b1138c0, 0xc423cff540, 0xd169e0, 0x3, 0x3, 0xc43e87a660, 0x4c6fb06e323f4beb, 0xc442be3208, 0x4e0164, 0xc43e87a660, ...)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/rand.go:580 +0x18b
github.com/google/syzkaller/prog.(*randGen).generateParticularCall(0xc42b1138c0, 0xc423cff540, 0x10bad40, 0x1, 0x2, 0xc4352c6a30)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/rand.go:524 +0xd6
github.com/google/syzkaller/prog.(*randGen).createResource(0xc42b1138c0, 0xc423cff540, 0xf83760, 0x0, 0x0, 0x0, 0x0, 0x0)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/rand.go:357 +0x52b
github.com/google/syzkaller/prog.(*ResourceType).generate(0xf83760, 0xc42b1138c0, 0xc423cff540, 0xa, 0xc442be3760, 0x40fff9, 0xc4367c8700, 0x20)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/rand.go:679 +0x80b
github.com/google/syzkaller/prog.(*randGen).generateArgImpl(0xc42b1138c0, 0xc423cff540, 0x9f38e0, 0xf83760, 0xc442be3700, 0x0, 0x0, 0x0, 0x0, 0x0)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/rand.go:643 +0x1b8
github.com/google/syzkaller/prog.(*randGen).generateArg(0xc42b1138c0, 0xc423cff540, 0x9f38e0, 0xf83760, 0x2, 0x2, 0x40fff9, 0x10000c4367c85e0, 0x20)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/rand.go:592 +0x52
github.com/google/syzkaller/prog.(*randGen).generateArgs(0xc42b1138c0, 0xc423cff540, 0xcd2a20, 0x2, 0x2, 0xc442be3968, 0x89839b99, 0xf83fa7ea754a3d6d, 0xc442be3948, 0xf80000000072d968, ...)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/rand.go:580 +0x18b
github.com/google/syzkaller/prog.(*StructType).generate(0xd16ae0, 0xc42b1138c0, 0xc423cff540, 0xf, 0x18b4540, 0xc43d14aa00, 0x5f7b04e00c980d71, 0xc442be39b0)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/rand.go:782 +0x74
github.com/google/syzkaller/prog.(*randGen).generateArgImpl(0xc42b1138c0, 0xc423cff540, 0x9f39a0, 0xd16ae0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/rand.go:643 +0x1b8
github.com/google/syzkaller/prog.(*randGen).generateArg(0xc42b1138c0, 0xc423cff540, 0x9f39a0, 0xd16ae0, 0x410848, 0xc442be3ac8, 0x72e5f4, 0x8a2880, 0x3)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/rand.go:592 +0x52
github.com/google/syzkaller/prog.(*PtrType).generate(0xe7d8c0, 0xc42b1138c0, 0xc423cff540, 0x9f03e0, 0xc4367c86e0, 0x0, 0x0, 0x0)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/rand.go:798 +0xf7
github.com/google/syzkaller/prog.(*randGen).generateArgImpl(0xc42b1138c0, 0xc423cff540, 0x9f3820, 0xe7d8c0, 0xc442be3b00, 0x0, 0x0, 0x0, 0x0, 0x0)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/rand.go:643 +0x1b8
github.com/google/syzkaller/prog.(*randGen).generateArg(0xc42b1138c0, 0xc423cff540, 0x9f3820, 0xe7d8c0, 0x0, 0x0, 0x0, 0x0, 0x0)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/rand.go:592 +0x52
github.com/google/syzkaller/prog.(*randGen).generateArgs(0xc42b1138c0, 0xc423cff540, 0xd16aa0, 0x3, 0x3, 0x536bf20ff7d0765e, 0xc442be3d80, 0x713eae, 0x81bcc0, 0xc423db2930, ...)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/rand.go:580 +0x18b
github.com/google/syzkaller/prog.(*randGen).generateParticularCall(0xc42b1138c0, 0xc423cff540, 0x10bada0, 0x251, 0xc423cff540, 0xc4352c69c0)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/rand.go:524 +0xd6
github.com/google/syzkaller/prog.(*randGen).generateCall(0xc42b1138c0, 0xc423cff540, 0xc43e7f6e40, 0x2, 0xc43e7f6e40, 0x0, 0xc423cff540)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/rand.go:516 +0xb4
github.com/google/syzkaller/prog.(*mutator).insertCall(0xc442be3eb0, 0x14)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/mutation.go:137 +0xf5
github.com/google/syzkaller/prog.(*Prog).Mutate(0xc43e7f6e40, 0x9edee0, 0xc42cc14990, 0x1e, 0xc43a758c00, 0xc423842000, 0xb100, 0xc000)
	/syzkaller/gopath/src/github.com/google/syzkaller/prog/mutation.go:42 +0x2a9
main.(*Proc).loop(0xc43a758dc0)
	/syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/proc.go:99 +0x465
created by main.main
	/syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/fuzzer.go:259 +0x1071

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2019/11/18 06:43 linux-4.14.y 775d01b65b5d d5696d51 .config console log report ci2-linux-4-14
* Struck through repros no longer work on HEAD.