syzbot

 sign-in | mailing list | source | docs
🐞 Open [13]
🐞 Fixed [525]
🐞 Invalid [406]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
💬 Send us feedback

panic: runtime error: invalid memory address or nil pointer dereference (4)

Status: fixed on 2020/11/13 09:22
Fix commit: 4e389c785779 Check for nil in kernel.FSContext functions.
First crash: 1777d, last: 1759d
Similar bugs (26)
Kernel Title Rank 🛈 Repro Cause bisect Fix bisect Count Last Reported Patched Status
gvisor panic: runtime error: invalid memory address or nil pointer dereference (18) 2 4 721d 722d 26/26 fixed on 2023/09/13 00:17
gvisor panic: runtime error: invalid memory address or nil pointer dereference (9) 2 C 262 1302d 1298d 14/26 fixed on 2022/02/10 01:56
gvisor panic: runtime error: invalid memory address or nil pointer dereference (7) 2 C 45305 1404d 1433d 14/26 fixed on 2021/10/27 00:49
gvisor panic: runtime error: invalid memory address or nil pointer dereference (3) 2 C 20051 1824d 2360d 0/26 fixed on 2020/09/09 05:34
gvisor panic: runtime error: invalid memory address or nil pointer dereference (23) 2 C 4239 529d 534d 26/26 fixed on 2024/03/19 11:42
gvisor panic: runtime error: invalid memory address or nil pointer dereference (22) 2 1 639d 639d 26/26 fixed on 2023/12/01 06:13
gvisor panic: runtime error: invalid memory address or nil pointer dereference (10) 2 C 11 1255d 1261d 14/26 fixed on 2022/03/25 11:21
gvisor panic: runtime error: invalid memory address or nil pointer dereference (12) 2 C 31 954d 1015d 18/26 fixed on 2023/01/23 05:20
gvisor panic: runtime error: invalid memory address or nil pointer dereference (28) 2 C 21 200d 200d 26/26 fixed on 2025/02/13 10:39
gvisor panic: runtime error: invalid memory address or nil pointer dereference (26) 2 C 7905 281d 290d 26/26 fixed on 2024/11/22 02:29
gvisor panic: runtime error: invalid memory address or nil pointer dereference (21) 2 1 654d 654d 26/26 fixed on 2023/11/17 08:30
gvisor panic: runtime error: invalid memory address or nil pointer dereference (14) 2 C 753 914d 915d 18/26 fixed on 2023/02/28 09:05
gvisor panic: runtime error: invalid memory address or nil pointer dereference 2 C 20682 2572d 2626d 0/26 fixed on 2018/08/19 04:32
gvisor panic: runtime error: invalid memory address or nil pointer dereference (25) 2 1 392d 392d 26/26 fixed on 2024/08/06 09:03
gvisor panic: runtime error: invalid memory address or nil pointer dereference (27) 2 C 1117 280d 281d 26/26 fixed on 2024/11/23 14:37
gvisor panic: runtime error: invalid memory address or nil pointer dereference (24) 2 92 522d 523d 0/26 closed as invalid on 2024/03/26 13:32
gvisor panic: runtime error: invalid memory address or nil pointer dereference (13) 2 C 2752 915d 918d 18/26 fixed on 2023/02/27 08:23
gvisor panic: runtime error: invalid memory address or nil pointer dereference (8) 2 C 214 1306d 1331d 14/26 fixed on 2022/02/01 22:27
gvisor panic: runtime error: invalid memory address or nil pointer dereference (2) 2 C 4493 2548d 2568d 0/26 fixed on 2018/10/15 18:31
gvisor panic: runtime error: invalid memory address or nil pointer dereference (17) 2 2 758d 758d 26/26 fixed on 2023/08/04 01:52
gvisor panic: runtime error: invalid memory address or nil pointer dereference (5) 2 syz 62 1698d 1742d 14/26 fixed on 2021/01/06 10:11
gvisor panic: runtime error: invalid memory address or nil pointer dereference (11) 2 C 2733 1024d 1117d 14/26 fixed on 2022/11/11 17:56
gvisor panic: runtime error: invalid memory address or nil pointer dereference (19) 2 C 79 696d 710d 26/26 fixed on 2023/10/05 23:05
gvisor panic: runtime error: invalid memory address or nil pointer dereference (20) 2 C 8 667d 674d 26/26 fixed on 2023/11/02 02:06
gvisor panic: runtime error: invalid memory address or nil pointer dereference (16) 2 C 48 760d 767d 26/26 fixed on 2023/08/02 12:57
gvisor panic: runtime error: invalid memory address or nil pointer dereference (15) 2 1 807d 807d 26/26 fixed on 2023/07/12 19:22

Sample crash report:
panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x40 pc=0x71e9ec]

goroutine 1017 [running]:
panic(0x1071840, 0x1e02f90)
	GOROOT/src/runtime/panic.go:1064 +0x46d fp=0xc0002ceac0 sp=0xc0002cea08 pc=0x43438d
runtime.panicmem(...)
	GOROOT/src/runtime/panic.go:212
runtime.sigpanic()
	GOROOT/src/runtime/signal_unix.go:695 +0x3da fp=0xc0002ceaf0 sp=0xc0002ceac0 pc=0x44b93a
gvisor.dev/gvisor/pkg/sentry/vfs.(*Mount).IncRef(...)
	pkg/sentry/vfs/mount.go:583
gvisor.dev/gvisor/pkg/sentry/vfs.VirtualDentry.IncRef(0x0, 0x0)
	pkg/sentry/vfs/vfs.go:1147 +0x3c fp=0xc0002ceb08 sp=0xc0002ceaf0 pc=0x71e9ec
gvisor.dev/gvisor/pkg/sentry/kernel.(*FSContext).RootDirectoryVFS2(0xc000745270, 0x0, 0x0)
	pkg/sentry/kernel/fs_context.go:261 +0x88 fp=0xc0002ceb48 sp=0xc0002ceb08 pc=0x9300a8
gvisor.dev/gvisor/pkg/sentry/fsimpl/proc.(*mountInfoData).Generate(0xc0007fd800, 0x1404820, 0xc000908228, 0xc00091f128, 0x0, 0x0)
	pkg/sentry/fsimpl/proc/task_files.go:963 +0xc1 fp=0xc0002cebd0 sp=0xc0002ceb48 pc=0xcb3f01
gvisor.dev/gvisor/pkg/sentry/vfs.(*DynamicBytesFileDescriptionImpl).preadLocked(0xc00091f110, 0x1404820, 0xc000908228, 0x13fc0e0, 0xc0006b4000, 0x0, 0x1, 0x0, 0x0, 0x0, ...)
	pkg/sentry/vfs/file_description_impl_util.go:322 +0xa2 fp=0xc0002cec58 sp=0xc0002cebd0 pc=0x7088c2
gvisor.dev/gvisor/pkg/sentry/vfs.(*DynamicBytesFileDescriptionImpl).PRead(0xc00091f110, 0x1404820, 0xc000908228, 0x13fc0e0, 0xc0006b4000, 0x0, 0x1, 0x0, 0x0, 0x0, ...)
	pkg/sentry/vfs/file_description_impl_util.go:346 +0xd5 fp=0xc0002ced00 sp=0xc0002cec58 pc=0x708b95
gvisor.dev/gvisor/pkg/sentry/fsimpl/kernfs.(*DynamicBytesFD).PRead(0xc00091f110, 0x1404820, 0xc000908228, 0x13fc0e0, 0xc0006b4000, 0x0, 0x1, 0x0, 0x0, 0x0, ...)
	pkg/sentry/fsimpl/kernfs/dynamic_bytes_file.go:127 +0xa4 fp=0xc0002ced88 sp=0xc0002ced00 pc=0x800804
gvisor.dev/gvisor/pkg/sentry/vfs.(*FileDescription).PRead(0xc00091f168, 0x1404820, 0xc000908228, 0x13fc0e0, 0xc0006b4000, 0x0, 0x1, 0x0, 0x0, 0x0, ...)
	pkg/sentry/vfs/file_description.go:657 +0xd3 fp=0xc0002cee10 sp=0xc0002ced88 pc=0x706313
gvisor.dev/gvisor/pkg/sentry/syscalls/linux/vfs2.getAIOCallback.func1(0x1404820, 0xc000908228)
	pkg/sentry/syscalls/linux/vfs2/aio.go:222 +0x307 fp=0xc0002cef90 sp=0xc0002cee10 pc=0xd82207
gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).QueueAIO.func1(0xc00014b340, 0xc000a62a80, 0xc00034452c)
	pkg/sentry/kernel/aio.go:37 +0x68 fp=0xc0002cefc8 sp=0xc0002cef90 pc=0x98d118
runtime.goexit()
	src/runtime/asm_amd64.s:1373 +0x1 fp=0xc0002cefd0 sp=0xc0002cefc8 pc=0x467da1
created by gvisor.dev/gvisor/pkg/sentry/kernel.(*Task).QueueAIO
	pkg/sentry/kernel/aio.go:35 +0x9c

Crashes (4):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2020/10/18 14:50 gvisor 9a3d8973c4fc fea47c01 .config console log report syz C ci-gvisor-main
2020/11/05 18:30 gvisor a15562c019a4 64069d48 .config console log report info ci-gvisor-main
2020/10/29 05:15 gvisor 8fa18e8ecb3e f24824d3 .config console log report info ci-gvisor-kvm-proxy-overlay-sandbox
2020/10/18 14:38 gvisor 9a3d8973c4fc fea47c01 .config console log report info ci-gvisor-main
* Struck through repros no longer work on HEAD.