syzbot

 sign-in | mailing list | source | docs
🐞 Open [41]
🐞 Fixed [469]
🐞 Invalid [348]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
💬 Send us feedback

panic: runtime error: invalid memory address or nil pointer dereference (4)

Status: fixed on 2020/11/13 09:22
Fix commit: 4e389c785779 Check for nil in kernel.FSContext functions.
First crash: 1500d, last: 1481d
Similar bugs (25)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
gvisor panic: runtime error: invalid memory address or nil pointer dereference (18) 4 444d 445d 26/26 fixed on 2023/09/13 00:17
gvisor panic: runtime error: invalid memory address or nil pointer dereference (9) C 262 1025d 1021d 14/26 fixed on 2022/02/10 01:56
gvisor panic: runtime error: invalid memory address or nil pointer dereference (7) C 45305 1126d 1155d 14/26 fixed on 2021/10/27 00:49
gvisor panic: runtime error: invalid memory address or nil pointer dereference (3) C 20051 1547d 2083d 0/26 fixed on 2020/09/09 05:34
gvisor panic: runtime error: invalid memory address or nil pointer dereference (23) C 4239 252d 257d 26/26 fixed on 2024/03/19 11:42
gvisor panic: runtime error: invalid memory address or nil pointer dereference (22) 1 362d 362d 26/26 fixed on 2023/12/01 06:13
gvisor panic: runtime error: invalid memory address or nil pointer dereference (10) C 11 977d 983d 14/26 fixed on 2022/03/25 11:21
gvisor panic: runtime error: invalid memory address or nil pointer dereference (12) C 31 676d 738d 18/26 fixed on 2023/01/23 05:20
gvisor panic: runtime error: invalid memory address or nil pointer dereference (26) C 7905 4d13h 13d 26/26 fixed on 2024/11/22 02:29
gvisor panic: runtime error: invalid memory address or nil pointer dereference (21) 1 377d 377d 26/26 fixed on 2023/11/17 08:30
gvisor panic: runtime error: invalid memory address or nil pointer dereference (14) C 753 637d 638d 18/26 fixed on 2023/02/28 09:05
gvisor panic: runtime error: invalid memory address or nil pointer dereference C 20682 2295d 2348d 0/26 fixed on 2018/08/19 04:32
gvisor panic: runtime error: invalid memory address or nil pointer dereference (25) 1 114d 114d 26/26 fixed on 2024/08/06 09:03
gvisor panic: runtime error: invalid memory address or nil pointer dereference (27) C 1117 3d02h 4d12h 26/26 fixed on 2024/11/23 14:37
gvisor panic: runtime error: invalid memory address or nil pointer dereference (24) 92 245d 246d 0/26 closed as invalid on 2024/03/26 13:32
gvisor panic: runtime error: invalid memory address or nil pointer dereference (13) C 2752 638d 641d 18/26 fixed on 2023/02/27 08:23
gvisor panic: runtime error: invalid memory address or nil pointer dereference (8) C 214 1028d 1053d 14/26 fixed on 2022/02/01 22:27
gvisor panic: runtime error: invalid memory address or nil pointer dereference (2) C 4493 2271d 2291d 0/26 fixed on 2018/10/15 18:31
gvisor panic: runtime error: invalid memory address or nil pointer dereference (17) 2 480d 480d 26/26 fixed on 2023/08/04 01:52
gvisor panic: runtime error: invalid memory address or nil pointer dereference (5) syz 62 1421d 1465d 14/26 fixed on 2021/01/06 10:11
gvisor panic: runtime error: invalid memory address or nil pointer dereference (11) C 2733 746d 840d 14/26 fixed on 2022/11/11 17:56
gvisor panic: runtime error: invalid memory address or nil pointer dereference (19) C 79 419d 433d 26/26 fixed on 2023/10/05 23:05
gvisor panic: runtime error: invalid memory address or nil pointer dereference (20) C 8 390d 397d 26/26 fixed on 2023/11/02 02:06
gvisor panic: runtime error: invalid memory address or nil pointer dereference (16) C 48 483d 490d 26/26 fixed on 2023/08/02 12:57
gvisor panic: runtime error: invalid memory address or nil pointer dereference (15) 1 530d 530d 26/26 fixed on 2023/07/12 19:22

Sample crash report:
panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x40 pc=0x71e9ec]

goroutine 1017 [running]:
panic(0x1071840, 0x1e02f90)
	GOROOT/src/runtime/panic.go:1064 +0x46d fp=0xc0002ceac0 sp=0xc0002cea08 pc=0x43438d
runtime.panicmem(...)
	GOROOT/src/runtime/panic.go:212
runtime.sigpanic()
	GOROOT/src/runtime/signal_unix.go:695 +0x3da fp=0xc0002ceaf0 sp=0xc0002ceac0 pc=0x44b93a
gvisor.dev/gvisor/pkg/sentry/vfs.(*Mount).IncRef(...)
	pkg/sentry/vfs/mount.go:583
gvisor.dev/gvisor/pkg/sentry/vfs.VirtualDentry.IncRef(0x0, 0x0)
	pkg/sentry/vfs/vfs.go:1147 +0x3c fp=0xc0002ceb08 sp=0xc0002ceaf0 pc=0x71e9ec
gvisor.dev/gvisor/pkg/sentry/kernel.(*FSContext).RootDirectoryVFS2(0xc000745270, 0x0, 0x0)
	pkg/sentry/kernel/fs_context.go:261 +0x88 fp=0xc0002ceb48 sp=0xc0002ceb08 pc=0x9300a8
gvisor.dev/gvisor/pkg/sentry/fsimpl/proc.(*mountInfoData).Generate(0xc0007fd800, 0x1404820, 0xc000908228, 0xc00091f128, 0x0, 0x0)
	pkg/sentry/fsimpl/proc/task_files.go:963 +0xc1 fp=0xc0002cebd0 sp=0xc0002ceb48 pc=0xcb3f01
gvisor.dev/gvisor/pkg/sentry/vfs.(*DynamicBytesFileDescriptionImpl).preadLocked(0xc00091f110, 0x1404820, 0xc000908228, 0x13fc0e0, 0xc0006b4000, 0x0, 0x1, 0x0, 0x0, 0x0, ...)
	pkg/sentry/vfs/file_description_impl_util.go:322 +0xa2 fp=0xc0002cec58 sp=0xc0002cebd0 pc=0x7088c2
gvisor.dev/gvisor/pkg/sentry/vfs.(*DynamicBytesFileDescriptionImpl).PRead(0xc00091f110, 0x1404820, 0xc000908228, 0x13fc0e0, 0xc0006b4000, 0x0, 0x1, 0x0, 0x0, 0x0, ...)
	pkg/sentry/vfs/file_description_impl_util.go:346 +0xd5 fp=0xc0002ced00 sp=0xc0002cec58 pc=0x708b95
gvisor.dev/gvisor/pkg/sentry/fsimpl/kernfs.(*DynamicBytesFD).PRead(0xc00091f110, 0x1404820, 0xc000908228, 0x13fc0e0, 0xc0006b4000, 0x0, 0x1, 0x0, 0x0, 0x0, ...)
	pkg/sentry/fsimpl/kernfs/dynamic_bytes_file.go:127 +0xa4 fp=0xc0002ced88 sp=0xc0002ced00 pc=0x800804
gvisor.dev/gvisor/pkg/sentry/vfs.(*FileDescription).PRead(0xc00091f168, 0x1404820, 0xc000908228, 0x13fc0e0, 0xc0006b4000, 0x0, 0x1, 0x0, 0x0, 0x0, ...)
	pkg/sentry/vfs/file_description.go:657 +0xd3 fp=0xc0002cee10 sp=0xc0002ced88 pc=0x706313
gvisor.dev/gvisor/pkg/sentry/syscalls/linux/vfs2.getAIOCallback.func1(0x1404820, 0xc000908228)
	pkg/sentry/syscalls/linux/vfs2/aio.go:222 +0x307 fp=0xc0002cef90 sp=0xc0002cee10 pc=0xd82207
gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).QueueAIO.func1(0xc00014b340, 0xc000a62a80, 0xc00034452c)
	pkg/sentry/kernel/aio.go:37 +0x68 fp=0xc0002cefc8 sp=0xc0002cef90 pc=0x98d118
runtime.goexit()
	src/runtime/asm_amd64.s:1373 +0x1 fp=0xc0002cefd0 sp=0xc0002cefc8 pc=0x467da1
created by gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).QueueAIO
	pkg/sentry/kernel/aio.go:35 +0x9c

Crashes (4):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2020/10/18 14:50 gvisor 9a3d8973c4fc fea47c01 .config console log report syz C ci-gvisor-main
2020/11/05 18:30 gvisor a15562c019a4 64069d48 .config console log report info ci-gvisor-main
2020/10/29 05:15 gvisor 8fa18e8ecb3e f24824d3 .config console log report info ci-gvisor-kvm-proxy-overlay-sandbox
2020/10/18 14:38 gvisor 9a3d8973c4fc fea47c01 .config console log report info ci-gvisor-main
* Struck through repros no longer work on HEAD.