panic: runtime error: invalid memory address or nil pointer dereference
10 views
Skip to first unread message
syzbot
Oct 27, 2019, 6:52:08 PM10/27/19
to syzkaller-o...@googlegroups.com
Hello,
syzbot found the following crash on:
HEAD commit: 4e7e04ca Add code to spin up secondary CPUs.
git tree: openbsd
console output: https://syzkaller.appspot.com/x/log.txt?x=146fb7df600000
kernel config: https://syzkaller.appspot.com/x/.config?x=26ca0a9c07f16a3a
dashboard link: https://syzkaller.appspot.com/bug?extid=6f202bdd2db5e9295fdf
Unfortunately, I don't have any reproducer for this crash yet.
IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+6f202b...@syzkaller.appspotmail.com
panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x0 pc=0x0]
goroutine 24 [running]:
runtime: unexpected return pc for runtime.sigpanic called from 0x0
stack: frame={sp:0xc0006a57b0, fp:0xc0006a57e0}
stack=[0xc0006a2000,0xc0006a6000)
000000c0006a56b0: 0000000000000000 000000c0006a5710
000000c0006a56c0: 000000000042c3bf <runtime.preprintpanics+415>
000000000042cdd5 <runtime.fatalpanic+117>
000000c0006a56d0: 000000c0006a56e0 000000c002600ae0
000000c0006a56e0: 0000000000457950 <runtime.fatalpanic.func1+0>
000000c0006a5778
000000c0006a56f0: 000000c000105380 000000000042c7b5 <runtime.gopanic+709>
000000c0006a5700: 000000c0006a5720 000000c0006a56df
000000c0006a5710: 000000c0006a57a0 000000000042c7b5 <runtime.gopanic+709>
000000c0006a5720: 000000c0006a5778 00000000008f6920
000000c0006a5730: 000000c0030fac70 0000001000000010
000000c0006a5740: 00000000007d6b2e <main.(*Proc).executeRaw+158>
0000000000000000
000000c0006a5750: 000000c0006a5cf0 000000c000105380
000000c0006a5760: 0000000000000000 000000c0030fac40
000000c0006a5770: 000000c0001053a8 0000000000000000
000000c0006a5780: 00000000008255a0 000000c002600ae0
000000c0006a5790: 0000000000000000 0000000000000000
000000c0006a57a0: 000000c0006a57d0 0000000000441f81
<runtime.sigpanic+1041>
000000c0006a57b0: <000000000084ea00 0000000000c89080
000000c0006a57c0: 0000000000000000 0000000000000000
000000c0006a57d0: 0000000000000000 !0000000000000000
000000c0006a57e0: >0000000000000000 0000000000000000
000000c0006a57f0: 0000000000000000 0000000000000000
000000c0006a5800: 0000000000000000 0000000000000000
000000c0006a5810: 0000000000000000 0000000000000000
000000c0006a5820: 0000000000000000 0000000000000000
000000c0006a5830: 0000000000000000 0000000000000000
000000c0006a5840: 0000000000000000 0000000000000000
000000c0006a5850: 0000000000000000 0000000000000000
000000c0006a5860: 0000000000000000 0000000000000000
000000c0006a5870: 0000000000000000 0000000000000000
000000c0006a5880: 0000000000000000 0000000000000000
000000c0006a5890: 0000000000000000 0000000000000000
000000c0006a58a0: 0000000000000000 0000000000000000
000000c0006a58b0: 0000000000000000 0000000000000000
000000c0006a58c0: 0000000000000000 0000000000000000
000000c0006a58d0: 0000000000000000 0000000000000000
panic(0x84ea00, 0xc89080)
/usr/local/go/src/runtime/panic.go:565 +0x2c5
runtime: unexpected return pc for runtime.sigpanic called from 0x0
stack: frame={sp:0xc0006a57b0, fp:0xc0006a57e0}
stack=[0xc0006a2000,0xc0006a6000)
000000c0006a56b0: 0000000000000000 000000c0006a5710
000000c0006a56c0: 000000000042c3bf <runtime.preprintpanics+415>
000000000042cdd5 <runtime.fatalpanic+117>
000000c0006a56d0: 000000c0006a56e0 000000c002600ae0
000000c0006a56e0: 0000000000457950 <runtime.fatalpanic.func1+0>
000000c0006a5778
000000c0006a56f0: 000000c000105380 000000000042c7b5 <runtime.gopanic+709>
000000c0006a5700: 000000c0006a5720 000000c0006a56df
000000c0006a5710: 000000c0006a57a0 000000000042c7b5 <runtime.gopanic+709>
000000c0006a5720: 000000c0006a5778 00000000008f6920
000000c0006a5730: 000000c0030fac70 0000001000000010
000000c0006a5740: 00000000007d6b2e <main.(*Proc).executeRaw+158>
0000000000000000
000000c0006a5750: 000000c0006a5cf0 000000c000105380
000000c0006a5760: 0000000000000000 000000c0030fac40
000000c0006a5770: 000000c0001053a8 0000000000000000
000000c0006a5780: 00000000008255a0 000000c002600ae0
000000c0006a5790: 0000000000000000 0000000000000000
000000c0006a57a0: 000000c0006a57d0 0000000000441f81
<runtime.sigpanic+1041>
000000c0006a57b0: <000000000084ea00 0000000000c89080
000000c0006a57c0: 0000000000000000 0000000000000000
000000c0006a57d0: 0000000000000000 !0000000000000000
000000c0006a57e0: >0000000000000000 0000000000000000
000000c0006a57f0: 0000000000000000 0000000000000000
000000c0006a5800: 0000000000000000 0000000000000000
000000c0006a5810: 0000000000000000 0000000000000000
000000c0006a5820: 0000000000000000 0000000000000000
000000c0006a5830: 0000000000000000 0000000000000000
000000c0006a5840: 0000000000000000 0000000000000000
000000c0006a5850: 0000000000000000 0000000000000000
000000c0006a5860: 0000000000000000 0000000000000000
000000c0006a5870: 0000000000000000 0000000000000000
000000c0006a5880: 0000000000000000 0000000000000000
000000c0006a5890: 0000000000000000 0000000000000000
000000c0006a58a0: 0000000000000000 0000000000000000
000000c0006a58b0: 0000000000000000 0000000000000000
000000c0006a58c0: 0000000000000000 0000000000000000
000000c0006a58d0: 0000000000000000 0000000000000000
runtime.panicmem(...)
/usr/local/go/src/runtime/panic.go:82
runtime.sigpanic()
/usr/local/go/src/runtime/signal_unix.go:390 +0x411
created by main.main
/syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/fuzzer.go:256
+0x1133
` �� +'���� �
1� ���h ` �� +'���� �
1� ���h Q àQ à" "" "
OpenBSD/amd64 (ci-openbsd-multicore-9.c.syzkaller.internal) (tty00)
login:
---
This bug is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this bug report. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot found the following crash on:
HEAD commit: 4e7e04ca Add code to spin up secondary CPUs.
git tree: openbsd
console output: https://syzkaller.appspot.com/x/log.txt?x=146fb7df600000
kernel config: https://syzkaller.appspot.com/x/.config?x=26ca0a9c07f16a3a
dashboard link: https://syzkaller.appspot.com/bug?extid=6f202bdd2db5e9295fdf
Unfortunately, I don't have any reproducer for this crash yet.
IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+6f202b...@syzkaller.appspotmail.com
panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x0 pc=0x0]
goroutine 24 [running]:
runtime: unexpected return pc for runtime.sigpanic called from 0x0
stack: frame={sp:0xc0006a57b0, fp:0xc0006a57e0}
stack=[0xc0006a2000,0xc0006a6000)
000000c0006a56b0: 0000000000000000 000000c0006a5710
000000c0006a56c0: 000000000042c3bf <runtime.preprintpanics+415>
000000000042cdd5 <runtime.fatalpanic+117>
000000c0006a56d0: 000000c0006a56e0 000000c002600ae0
000000c0006a56e0: 0000000000457950 <runtime.fatalpanic.func1+0>
000000c0006a5778
000000c0006a56f0: 000000c000105380 000000000042c7b5 <runtime.gopanic+709>
000000c0006a5700: 000000c0006a5720 000000c0006a56df
000000c0006a5710: 000000c0006a57a0 000000000042c7b5 <runtime.gopanic+709>
000000c0006a5720: 000000c0006a5778 00000000008f6920
000000c0006a5730: 000000c0030fac70 0000001000000010
000000c0006a5740: 00000000007d6b2e <main.(*Proc).executeRaw+158>
0000000000000000
000000c0006a5750: 000000c0006a5cf0 000000c000105380
000000c0006a5760: 0000000000000000 000000c0030fac40
000000c0006a5770: 000000c0001053a8 0000000000000000
000000c0006a5780: 00000000008255a0 000000c002600ae0
000000c0006a5790: 0000000000000000 0000000000000000
000000c0006a57a0: 000000c0006a57d0 0000000000441f81
<runtime.sigpanic+1041>
000000c0006a57b0: <000000000084ea00 0000000000c89080
000000c0006a57c0: 0000000000000000 0000000000000000
000000c0006a57d0: 0000000000000000 !0000000000000000
000000c0006a57e0: >0000000000000000 0000000000000000
000000c0006a57f0: 0000000000000000 0000000000000000
000000c0006a5800: 0000000000000000 0000000000000000
000000c0006a5810: 0000000000000000 0000000000000000
000000c0006a5820: 0000000000000000 0000000000000000
000000c0006a5830: 0000000000000000 0000000000000000
000000c0006a5840: 0000000000000000 0000000000000000
000000c0006a5850: 0000000000000000 0000000000000000
000000c0006a5860: 0000000000000000 0000000000000000
000000c0006a5870: 0000000000000000 0000000000000000
000000c0006a5880: 0000000000000000 0000000000000000
000000c0006a5890: 0000000000000000 0000000000000000
000000c0006a58a0: 0000000000000000 0000000000000000
000000c0006a58b0: 0000000000000000 0000000000000000
000000c0006a58c0: 0000000000000000 0000000000000000
000000c0006a58d0: 0000000000000000 0000000000000000
panic(0x84ea00, 0xc89080)
/usr/local/go/src/runtime/panic.go:565 +0x2c5
runtime: unexpected return pc for runtime.sigpanic called from 0x0
stack: frame={sp:0xc0006a57b0, fp:0xc0006a57e0}
stack=[0xc0006a2000,0xc0006a6000)
000000c0006a56b0: 0000000000000000 000000c0006a5710
000000c0006a56c0: 000000000042c3bf <runtime.preprintpanics+415>
000000000042cdd5 <runtime.fatalpanic+117>
000000c0006a56d0: 000000c0006a56e0 000000c002600ae0
000000c0006a56e0: 0000000000457950 <runtime.fatalpanic.func1+0>
000000c0006a5778
000000c0006a56f0: 000000c000105380 000000000042c7b5 <runtime.gopanic+709>
000000c0006a5700: 000000c0006a5720 000000c0006a56df
000000c0006a5710: 000000c0006a57a0 000000000042c7b5 <runtime.gopanic+709>
000000c0006a5720: 000000c0006a5778 00000000008f6920
000000c0006a5730: 000000c0030fac70 0000001000000010
000000c0006a5740: 00000000007d6b2e <main.(*Proc).executeRaw+158>
0000000000000000
000000c0006a5750: 000000c0006a5cf0 000000c000105380
000000c0006a5760: 0000000000000000 000000c0030fac40
000000c0006a5770: 000000c0001053a8 0000000000000000
000000c0006a5780: 00000000008255a0 000000c002600ae0
000000c0006a5790: 0000000000000000 0000000000000000
000000c0006a57a0: 000000c0006a57d0 0000000000441f81
<runtime.sigpanic+1041>
000000c0006a57b0: <000000000084ea00 0000000000c89080
000000c0006a57c0: 0000000000000000 0000000000000000
000000c0006a57d0: 0000000000000000 !0000000000000000
000000c0006a57e0: >0000000000000000 0000000000000000
000000c0006a57f0: 0000000000000000 0000000000000000
000000c0006a5800: 0000000000000000 0000000000000000
000000c0006a5810: 0000000000000000 0000000000000000
000000c0006a5820: 0000000000000000 0000000000000000
000000c0006a5830: 0000000000000000 0000000000000000
000000c0006a5840: 0000000000000000 0000000000000000
000000c0006a5850: 0000000000000000 0000000000000000
000000c0006a5860: 0000000000000000 0000000000000000
000000c0006a5870: 0000000000000000 0000000000000000
000000c0006a5880: 0000000000000000 0000000000000000
000000c0006a5890: 0000000000000000 0000000000000000
000000c0006a58a0: 0000000000000000 0000000000000000
000000c0006a58b0: 0000000000000000 0000000000000000
000000c0006a58c0: 0000000000000000 0000000000000000
000000c0006a58d0: 0000000000000000 0000000000000000
runtime.panicmem(...)
/usr/local/go/src/runtime/panic.go:82
runtime.sigpanic()
/usr/local/go/src/runtime/signal_unix.go:390 +0x411
created by main.main
/syzkaller/gopath/src/github.com/google/syzkaller/syz-fuzzer/fuzzer.go:256
+0x1133
` �� +'���� �
1� ���h ` �� +'���� �
1� ���h Q àQ à" "" "
OpenBSD/amd64 (ci-openbsd-multicore-9.c.syzkaller.internal) (tty00)
login:
---
This bug is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this bug report. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
Dmitry Vyukov
Oct 28, 2019, 3:09:27 AM10/28/19
to syzbot, syzkaller-o...@googlegroups.com
I guess some machine memory corruptions.
#syz invalid
> --
> You received this message because you are subscribed to the Google Groups "syzkaller-openbsd-bugs" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to syzkaller-openbsd...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/syzkaller-openbsd-bugs/00000000000095536f0595ec3b3c%40google.com.
#syz invalid
> You received this message because you are subscribed to the Google Groups "syzkaller-openbsd-bugs" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to syzkaller-openbsd...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/syzkaller-openbsd-bugs/00000000000095536f0595ec3b3c%40google.com.
Reply all
Reply to author
Forward
0 new messages