syzbot


panic: runtime error: invalid memory address or nil pointer dereference

Status: auto-closed as invalid on 2020/08/02 09:10
Reported-by: syzbot+3284e6f7fac757837502@syzkaller.appspotmail.com
First crash: 1694d, last: 1694d
Similar bugs (11)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
linux-4.14 panic: runtime error: invalid memory address or nil pointer dereference (2) 2 1661d 1707d 0/1 auto-closed as invalid on 2020/09/04 07:47
android-54 panic: runtime error: invalid memory address or nil pointer dereference 233 1293d 1293d 0/2 closed as invalid on 2021/05/10 12:09
upstream panic: runtime error: invalid memory address or nil pointer dereference (3) 127 1293d 1293d 0/28 closed as invalid on 2021/05/10 12:38
linux-4.14 panic: runtime error: invalid memory address or nil pointer dereference (3) 219 1293d 1293d 0/1 closed as invalid on 2021/05/10 12:09
linux-4.19 panic: runtime error: invalid memory address or nil pointer dereference (2) 1 1553d 1553d 0/1 auto-closed as invalid on 2020/12/20 16:18
upstream panic: runtime error: invalid memory address or nil pointer dereference (2) 1894 1293d 1293d 0/28 closed as invalid on 2021/05/10 12:18
upstream panic: runtime error: invalid memory address or nil pointer dereference (5) 1 402d 398d 0/28 auto-obsoleted due to no activity on 2024/01/16 09:30
upstream panic: runtime error: invalid memory address or nil pointer dereference 1 1725d 1725d 0/28 auto-closed as invalid on 2020/06/01 17:49
linux-4.14 panic: runtime error: invalid memory address or nil pointer dereference 1 1832d 1832d 0/1 auto-closed as invalid on 2020/03/17 06:44
linux-4.19 panic: runtime error: invalid memory address or nil pointer dereference (3) 219 1214d 1303d 0/1 auto-closed as invalid on 2021/10/25 16:30
upstream panic: runtime error: invalid memory address or nil pointer dereference (4) 1 519d 515d 0/28 auto-obsoleted due to no activity on 2023/09/20 17:18

Sample crash report:
ioctl$TCGETS2(r0, 0xc0045878, &(0x7f0000000000))
panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x0 pc=0x0]

goroutine 40 [running]:
runtime: unexpected return pc for runtime.sigpanic called from 0x0
stack: frame={sp:0xc44e9c8b88, fp:0xc44e9c8bd8} stack=[0xc44e9c8000,0xc44e9c9000)
000000c44e9c8a88:  000000000042a98a <runtime.dopanic+74>  000000c44e9c8a98 
000000c44e9c8a98:  0000000000455ac0 <runtime.dopanic.func1+0>  000000c4381f2180 
000000c44e9c8aa8:  000000000042a5c1 <runtime.gopanic+961>  000000c44e9c8ac8 
000000c44e9c8ab8:  000000c44e9c8b58  000000000042a5c1 <runtime.gopanic+961> 
000000c44e9c8ac8:  0000000000000000  00000000009bf5a8 
000000c44e9c8ad8:  000000c42484f2b0  0000001000000010 
000000c44e9c8ae8:  00000000007a9ba1 <main.(*Proc).executeRaw+161>  0000000000000000 
000000c44e9c8af8:  000000c44e9c8c88  000000c4381f2180 
000000c44e9c8b08:  0000000000000000  000000c42484f2a0 
000000c44e9c8b18:  000000c42484f280  000000c4381f21a8 
000000c44e9c8b28:  000000c4381f21a0  0000000000000000 
000000c44e9c8b38:  00000000007fa400  000000c42a553c40 
000000c44e9c8b48:  0000000000000000  0000000000000000 
000000c44e9c8b58:  000000c44e9c8b78  000000000042949e <runtime.panicmem+94> 
000000c44e9c8b68:  0000000000823e20  0000000000d29cd0 
000000c44e9c8b78:  000000c44e9c8bc8  00000000004401da <runtime.sigpanic+378> 
000000c44e9c8b88: <000000c4381f2180  0000000000000001 
000000c44e9c8b98:  0000000000000000  0000000000000000 
000000c44e9c8ba8:  0000000000000000  000000c4381f2180 
000000c44e9c8bb8:  0000000000000000  0000000000000000 
000000c44e9c8bc8:  0000000000000000 !0000000000000000 
000000c44e9c8bd8: >0000000000000000  0000000000000000 
000000c44e9c8be8:  0000000000000000  0000000000000000 
000000c44e9c8bf8:  0000000000000000  0000000000000000 
000000c44e9c8c08:  0000000000000000  0000000000000000 
000000c44e9c8c18:  0000000000000000  0000000000000000 
000000c44e9c8c28:  0000000000000000  0000000000000000 
000000c44e9c8c38:  0000000000000000  0000000000000000 
000000c44e9c8c48:  0000000000000000  0000000000000000 
000000c44e9c8c58:  0000000000000000  0000000000000000 
000000c44e9c8c68:  0000000000000000  0000000000000000 
000000c44e9c8c78:  0000000000000000  0000000000000000 
000000c44e9c8c88:  0000000000000000  0000000000000000 
000000c44e9c8c98:  0000000000000000  0000000000000000 
000000c44e9c8ca8:  0000000000000000  0000000000000000 
000000c44e9c8cb8:  0000000000000000  0000000000000000 
000000c44e9c8cc8:  0000000000000000  0000000000000000 
panic(0x823e20, 0xd29cd0)
	/syzkaller/go/src/runtime/panic.go:551 +0x3c1
runtime.panicmem()
	/syzkaller/go/src/runtime/panic.go:63 +0x5e
runtime: unexpected return pc for runtime.sigpanic called from 0x0
stack: frame={sp:0xc44e9c8b88, fp:0xc44e9c8bd8} stack=[0xc44e9c8000,0xc44e9c9000)
000000c44e9c8a88:  000000000042a98a <runtime.dopanic+74>  000000c44e9c8a98 
000000c44e9c8a98:  0000000000455ac0 <runtime.dopanic.func1+0>  000000c4381f2180 
000000c44e9c8aa8:  000000000042a5c1 <runtime.gopanic+961>  000000c44e9c8ac8 
000000c44e9c8ab8:  000000c44e9c8b58  000000000042a5c1 <runtime.gopanic+961> 
000000c44e9c8ac8:  0000000000000000  00000000009bf5a8 
000000c44e9c8ad8:  000000c42484f2b0  0000001000000010 
000000c44e9c8ae8:  00000000007a9ba1 <main.(*Proc).executeRaw+161>  0000000000000000 
000000c44e9c8af8:  000000c44e9c8c88  000000c4381f2180 
000000c44e9c8b08:  0000000000000000  000000c42484f2a0 
000000c44e9c8b18:  000000c42484f280  000000c4381f21a8 
000000c44e9c8b28:  000000c4381f21a0  0000000000000000 
000000c44e9c8b38:  00000000007fa400  000000c42a553c40 
000000c44e9c8b48:  0000000000000000  0000000000000000 
000000c44e9c8b58:  000000c44e9c8b78  000000000042949e <runtime.panicmem+94> 
000000c44e9c8b68:  0000000000823e20  0000000000d29cd0 
000000c44e9c8b78:  000000c44e9c8bc8  00000000004401da <runtime.sigpanic+378> 
000000c44e9c8b88: <000000c4381f2180  0000000000000001 
000000c44e9c8b98:  0000000000000000  0000000000000000 
000000c44e9c8ba8:  0000000000000000  000000c4381f2180 
000000c44e9c8bb8:  0000000000000000  0000000000000000 
000000c44e9c8bc8:  0000000000000000 !0000000000000000 
000000c44e9c8bd8: >0000000000000000  0000000000000000 
000000c44e9c8be8:  0000000000000000  0000000000000000 
000000c44e9c8bf8:  0000000000000000  0000000000000000 
000000c44e9c8c08:  0000000000000000  0000000000000000 
000000c44e9c8c18:  0000000000000000  0000000000000000 
000000c44e9c8c28:  0000000000000000  0000000000000000 
000000c44e9c8c38:  0000000000000000  0000000000000000 
000000c44e9c8c48:  0000000000000000  0000000000000000 
000000c44e9c8c58:  0000000000000000  0000000000000000 
000000c44e9c8c68:  0000000000000000  0000000000000000 
000000c44e9c8c78:  0000000000000000  0000000000000000 
000000c44e9c8c88:  0000000000000000  0000000000000000 
000000c44e9c8c98:  0000000000000000  0000000000000000 
000000c44e9c8ca8:  0000000000000000  0000000000000000 
000000c44e9c8cb8:  0000000000000000  0000000000000000 
000000c44e9c8cc8:  0000000000000000  0000000000000000 
runtime.sigpanic()
	/syzkaller/go/src/runtime/signal_unix.go:388 +0x17a
created by main.main
	/syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/fuzzer.go:259 +0x1071

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2020/04/04 09:09 linux-4.19.y dda0e2920330 ef26b610 .config console log report ci2-linux-4-19
* Struck through repros no longer work on HEAD.