panic: runtime error: invalid memory address or nil pointer dereference
19 views
Skip to first unread message
syzbot
Apr 4, 2020, 5:09:16 AM4/4/20
to syzkaller...@googlegroups.com
Hello,
syzbot found the following crash on:
HEAD commit: dda0e292 Linux 4.19.114
git tree: linux-4.19.y
console output: https://syzkaller.appspot.com/x/log.txt?x=11ceb1fbe00000
kernel config: https://syzkaller.appspot.com/x/.config?x=f32ac7e5b2d5c341
dashboard link: https://syzkaller.appspot.com/bug?extid=3284e6f7fac757837502
compiler: gcc (GCC) 9.0.0 20181231 (experimental)
Unfortunately, I don't have any reproducer for this crash yet.
IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+3284e6...@syzkaller.appspotmail.com
ioctl$TCGETS2(r0, 0xc0045878, &(0x7f0000000000))
panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x0 pc=0x0]
goroutine 40 [running]:
runtime: unexpected return pc for runtime.sigpanic called from 0x0
stack: frame={sp:0xc44e9c8b88, fp:0xc44e9c8bd8} stack=[0xc44e9c8000,0xc44e9c9000)
000000c44e9c8a88: 000000000042a98a <runtime.dopanic+74> 000000c44e9c8a98
000000c44e9c8a98: 0000000000455ac0 <runtime.dopanic.func1+0> 000000c4381f2180
000000c44e9c8aa8: 000000000042a5c1 <runtime.gopanic+961> 000000c44e9c8ac8
000000c44e9c8ab8: 000000c44e9c8b58 000000000042a5c1 <runtime.gopanic+961>
000000c44e9c8ac8: 0000000000000000 00000000009bf5a8
000000c44e9c8ad8: 000000c42484f2b0 0000001000000010
000000c44e9c8ae8: 00000000007a9ba1 <main.(*Proc).executeRaw+161> 0000000000000000
000000c44e9c8af8: 000000c44e9c8c88 000000c4381f2180
000000c44e9c8b08: 0000000000000000 000000c42484f2a0
000000c44e9c8b18: 000000c42484f280 000000c4381f21a8
000000c44e9c8b28: 000000c4381f21a0 0000000000000000
000000c44e9c8b38: 00000000007fa400 000000c42a553c40
000000c44e9c8b48: 0000000000000000 0000000000000000
000000c44e9c8b58: 000000c44e9c8b78 000000000042949e <runtime.panicmem+94>
000000c44e9c8b68: 0000000000823e20 0000000000d29cd0
000000c44e9c8b78: 000000c44e9c8bc8 00000000004401da <runtime.sigpanic+378>
000000c44e9c8b88: <000000c4381f2180 0000000000000001
000000c44e9c8b98: 0000000000000000 0000000000000000
000000c44e9c8ba8: 0000000000000000 000000c4381f2180
000000c44e9c8bb8: 0000000000000000 0000000000000000
000000c44e9c8bc8: 0000000000000000 !0000000000000000
000000c44e9c8bd8: >0000000000000000 0000000000000000
000000c44e9c8be8: 0000000000000000 0000000000000000
000000c44e9c8bf8: 0000000000000000 0000000000000000
000000c44e9c8c08: 0000000000000000 0000000000000000
000000c44e9c8c18: 0000000000000000 0000000000000000
000000c44e9c8c28: 0000000000000000 0000000000000000
000000c44e9c8c38: 0000000000000000 0000000000000000
000000c44e9c8c48: 0000000000000000 0000000000000000
000000c44e9c8c58: 0000000000000000 0000000000000000
000000c44e9c8c68: 0000000000000000 0000000000000000
000000c44e9c8c78: 0000000000000000 0000000000000000
000000c44e9c8c88: 0000000000000000 0000000000000000
000000c44e9c8c98: 0000000000000000 0000000000000000
000000c44e9c8ca8: 0000000000000000 0000000000000000
000000c44e9c8cb8: 0000000000000000 0000000000000000
000000c44e9c8cc8: 0000000000000000 0000000000000000
panic(0x823e20, 0xd29cd0)
/syzkaller/go/src/runtime/panic.go:551 +0x3c1
runtime.panicmem()
/syzkaller/go/src/runtime/panic.go:63 +0x5e
runtime: unexpected return pc for runtime.sigpanic called from 0x0
stack: frame={sp:0xc44e9c8b88, fp:0xc44e9c8bd8} stack=[0xc44e9c8000,0xc44e9c9000)
000000c44e9c8a88: 000000000042a98a <runtime.dopanic+74> 000000c44e9c8a98
000000c44e9c8a98: 0000000000455ac0 <runtime.dopanic.func1+0> 000000c4381f2180
000000c44e9c8aa8: 000000000042a5c1 <runtime.gopanic+961> 000000c44e9c8ac8
000000c44e9c8ab8: 000000c44e9c8b58 000000000042a5c1 <runtime.gopanic+961>
000000c44e9c8ac8: 0000000000000000 00000000009bf5a8
000000c44e9c8ad8: 000000c42484f2b0 0000001000000010
000000c44e9c8ae8: 00000000007a9ba1 <main.(*Proc).executeRaw+161> 0000000000000000
000000c44e9c8af8: 000000c44e9c8c88 000000c4381f2180
000000c44e9c8b08: 0000000000000000 000000c42484f2a0
000000c44e9c8b18: 000000c42484f280 000000c4381f21a8
000000c44e9c8b28: 000000c4381f21a0 0000000000000000
000000c44e9c8b38: 00000000007fa400 000000c42a553c40
000000c44e9c8b48: 0000000000000000 0000000000000000
000000c44e9c8b58: 000000c44e9c8b78 000000000042949e <runtime.panicmem+94>
000000c44e9c8b68: 0000000000823e20 0000000000d29cd0
000000c44e9c8b78: 000000c44e9c8bc8 00000000004401da <runtime.sigpanic+378>
000000c44e9c8b88: <000000c4381f2180 0000000000000001
000000c44e9c8b98: 0000000000000000 0000000000000000
000000c44e9c8ba8: 0000000000000000 000000c4381f2180
000000c44e9c8bb8: 0000000000000000 0000000000000000
000000c44e9c8bc8: 0000000000000000 !0000000000000000
000000c44e9c8bd8: >0000000000000000 0000000000000000
000000c44e9c8be8: 0000000000000000 0000000000000000
000000c44e9c8bf8: 0000000000000000 0000000000000000
000000c44e9c8c08: 0000000000000000 0000000000000000
000000c44e9c8c18: 0000000000000000 0000000000000000
000000c44e9c8c28: 0000000000000000 0000000000000000
000000c44e9c8c38: 0000000000000000 0000000000000000
000000c44e9c8c48: 0000000000000000 0000000000000000
000000c44e9c8c58: 0000000000000000 0000000000000000
000000c44e9c8c68: 0000000000000000 0000000000000000
000000c44e9c8c78: 0000000000000000 0000000000000000
000000c44e9c8c88: 0000000000000000 0000000000000000
000000c44e9c8c98: 0000000000000000 0000000000000000
000000c44e9c8ca8: 0000000000000000 0000000000000000
000000c44e9c8cb8: 0000000000000000 0000000000000000
000000c44e9c8cc8: 0000000000000000 0000000000000000
runtime.sigpanic()
/syzkaller/go/src/runtime/signal_unix.go:388 +0x17a
created by main.main
/syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/fuzzer.go:259 +0x1071
---
This bug is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this bug report. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot found the following crash on:
HEAD commit: dda0e292 Linux 4.19.114
git tree: linux-4.19.y
console output: https://syzkaller.appspot.com/x/log.txt?x=11ceb1fbe00000
kernel config: https://syzkaller.appspot.com/x/.config?x=f32ac7e5b2d5c341
dashboard link: https://syzkaller.appspot.com/bug?extid=3284e6f7fac757837502
compiler: gcc (GCC) 9.0.0 20181231 (experimental)
Unfortunately, I don't have any reproducer for this crash yet.
IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+3284e6...@syzkaller.appspotmail.com
ioctl$TCGETS2(r0, 0xc0045878, &(0x7f0000000000))
panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x0 pc=0x0]
goroutine 40 [running]:
runtime: unexpected return pc for runtime.sigpanic called from 0x0
stack: frame={sp:0xc44e9c8b88, fp:0xc44e9c8bd8} stack=[0xc44e9c8000,0xc44e9c9000)
000000c44e9c8a88: 000000000042a98a <runtime.dopanic+74> 000000c44e9c8a98
000000c44e9c8a98: 0000000000455ac0 <runtime.dopanic.func1+0> 000000c4381f2180
000000c44e9c8aa8: 000000000042a5c1 <runtime.gopanic+961> 000000c44e9c8ac8
000000c44e9c8ab8: 000000c44e9c8b58 000000000042a5c1 <runtime.gopanic+961>
000000c44e9c8ac8: 0000000000000000 00000000009bf5a8
000000c44e9c8ad8: 000000c42484f2b0 0000001000000010
000000c44e9c8ae8: 00000000007a9ba1 <main.(*Proc).executeRaw+161> 0000000000000000
000000c44e9c8af8: 000000c44e9c8c88 000000c4381f2180
000000c44e9c8b08: 0000000000000000 000000c42484f2a0
000000c44e9c8b18: 000000c42484f280 000000c4381f21a8
000000c44e9c8b28: 000000c4381f21a0 0000000000000000
000000c44e9c8b38: 00000000007fa400 000000c42a553c40
000000c44e9c8b48: 0000000000000000 0000000000000000
000000c44e9c8b58: 000000c44e9c8b78 000000000042949e <runtime.panicmem+94>
000000c44e9c8b68: 0000000000823e20 0000000000d29cd0
000000c44e9c8b78: 000000c44e9c8bc8 00000000004401da <runtime.sigpanic+378>
000000c44e9c8b88: <000000c4381f2180 0000000000000001
000000c44e9c8b98: 0000000000000000 0000000000000000
000000c44e9c8ba8: 0000000000000000 000000c4381f2180
000000c44e9c8bb8: 0000000000000000 0000000000000000
000000c44e9c8bc8: 0000000000000000 !0000000000000000
000000c44e9c8bd8: >0000000000000000 0000000000000000
000000c44e9c8be8: 0000000000000000 0000000000000000
000000c44e9c8bf8: 0000000000000000 0000000000000000
000000c44e9c8c08: 0000000000000000 0000000000000000
000000c44e9c8c18: 0000000000000000 0000000000000000
000000c44e9c8c28: 0000000000000000 0000000000000000
000000c44e9c8c38: 0000000000000000 0000000000000000
000000c44e9c8c48: 0000000000000000 0000000000000000
000000c44e9c8c58: 0000000000000000 0000000000000000
000000c44e9c8c68: 0000000000000000 0000000000000000
000000c44e9c8c78: 0000000000000000 0000000000000000
000000c44e9c8c88: 0000000000000000 0000000000000000
000000c44e9c8c98: 0000000000000000 0000000000000000
000000c44e9c8ca8: 0000000000000000 0000000000000000
000000c44e9c8cb8: 0000000000000000 0000000000000000
000000c44e9c8cc8: 0000000000000000 0000000000000000
panic(0x823e20, 0xd29cd0)
/syzkaller/go/src/runtime/panic.go:551 +0x3c1
runtime.panicmem()
/syzkaller/go/src/runtime/panic.go:63 +0x5e
runtime: unexpected return pc for runtime.sigpanic called from 0x0
stack: frame={sp:0xc44e9c8b88, fp:0xc44e9c8bd8} stack=[0xc44e9c8000,0xc44e9c9000)
000000c44e9c8a88: 000000000042a98a <runtime.dopanic+74> 000000c44e9c8a98
000000c44e9c8a98: 0000000000455ac0 <runtime.dopanic.func1+0> 000000c4381f2180
000000c44e9c8aa8: 000000000042a5c1 <runtime.gopanic+961> 000000c44e9c8ac8
000000c44e9c8ab8: 000000c44e9c8b58 000000000042a5c1 <runtime.gopanic+961>
000000c44e9c8ac8: 0000000000000000 00000000009bf5a8
000000c44e9c8ad8: 000000c42484f2b0 0000001000000010
000000c44e9c8ae8: 00000000007a9ba1 <main.(*Proc).executeRaw+161> 0000000000000000
000000c44e9c8af8: 000000c44e9c8c88 000000c4381f2180
000000c44e9c8b08: 0000000000000000 000000c42484f2a0
000000c44e9c8b18: 000000c42484f280 000000c4381f21a8
000000c44e9c8b28: 000000c4381f21a0 0000000000000000
000000c44e9c8b38: 00000000007fa400 000000c42a553c40
000000c44e9c8b48: 0000000000000000 0000000000000000
000000c44e9c8b58: 000000c44e9c8b78 000000000042949e <runtime.panicmem+94>
000000c44e9c8b68: 0000000000823e20 0000000000d29cd0
000000c44e9c8b78: 000000c44e9c8bc8 00000000004401da <runtime.sigpanic+378>
000000c44e9c8b88: <000000c4381f2180 0000000000000001
000000c44e9c8b98: 0000000000000000 0000000000000000
000000c44e9c8ba8: 0000000000000000 000000c4381f2180
000000c44e9c8bb8: 0000000000000000 0000000000000000
000000c44e9c8bc8: 0000000000000000 !0000000000000000
000000c44e9c8bd8: >0000000000000000 0000000000000000
000000c44e9c8be8: 0000000000000000 0000000000000000
000000c44e9c8bf8: 0000000000000000 0000000000000000
000000c44e9c8c08: 0000000000000000 0000000000000000
000000c44e9c8c18: 0000000000000000 0000000000000000
000000c44e9c8c28: 0000000000000000 0000000000000000
000000c44e9c8c38: 0000000000000000 0000000000000000
000000c44e9c8c48: 0000000000000000 0000000000000000
000000c44e9c8c58: 0000000000000000 0000000000000000
000000c44e9c8c68: 0000000000000000 0000000000000000
000000c44e9c8c78: 0000000000000000 0000000000000000
000000c44e9c8c88: 0000000000000000 0000000000000000
000000c44e9c8c98: 0000000000000000 0000000000000000
000000c44e9c8ca8: 0000000000000000 0000000000000000
000000c44e9c8cb8: 0000000000000000 0000000000000000
000000c44e9c8cc8: 0000000000000000 0000000000000000
runtime.sigpanic()
/syzkaller/go/src/runtime/signal_unix.go:388 +0x17a
created by main.main
/syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/fuzzer.go:259 +0x1071
---
This bug is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this bug report. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot
Aug 2, 2020, 5:10:11 AM8/2/20
to syzkaller...@googlegroups.com
Auto-closing this bug as obsolete.
Crashes did not happen for a while, no reproducer and no activity.
Crashes did not happen for a while, no reproducer and no activity.
Reply all
Reply to author
Forward
0 new messages