syzbot


Title Repro Cause bisect Fix bisect Count Last Reported Patched Closed Patch
kernel BUG at drivers/android/binder_alloc.c:LINE! C 44 1640d 1888d 1/3 never c8ddc8cc40e6 FROMGIT: binder: fix BUG_ON found by selinux-testsuite
possible deadlock in seq_read C 56124 1636d 1872d 1/3 never 7d7637dafc59 fs/open.c: allow opening only regular files during execve()
android-4.9 boot error: general protection fault in ion_heap_destroy 729 1893d 1932d 1/3 never 270fbfb501f1 ANDROID: ion_dummy_driver: Remove SYSTEM_CONTIG heap
possible deadlock in ashmem_llseek 5 2274d 2319d 3/3 1875d 1d47c874cd72 staging: android: ashmem: Fix lockdep issue during llseek
general protection fault in sg_remove_scat C 279 2249d 2431d 3/3 2067d 6505dd1f7f55 scsi: sg: don't return bogus Sg_requests
KASAN: stack-out-of-bounds Read in xt_copy_counters_from_user C 18 2076d 2083d 3/3 2068d 3ea051bcf2cd netfilter: x_tables: avoid stack-out-of-bounds read in xt_copy_counters_from_user
general protection fault in sockfs_setattr C 11 2104d 2123d 3/3 2103d 7fa8c15e72a4 UPSTREAM: socket: close race condition between sock_close() and sockfs_setattr()
BUG: unable to handle kernel paging request in page_remove_rmap C 14617 2105d 2111d 3/3 2105d 89c059b66a08 x86/mm: Simplify p[g4um]d_page() macros
BUG: unable to handle kernel paging request in copy_huge_pmd C 433 2105d 2111d 3/3 2105d 89c059b66a08 x86/mm: Simplify p[g4um]d_page() macros
BUG: unable to handle kernel paging request in __split_huge_pmd C 174 2105d 2111d 3/3 2105d 89c059b66a08 x86/mm: Simplify p[g4um]d_page() macros
KASAN: use-after-free Read in __list_del_entry (3) C 9 2267d 2275d 3/3 2183d c4048b20ffc5 UPSTREAM: ANDROID: binder: prevent transactions into own process.
KASAN: use-after-free Read in binder_release_work C 132 2224d 2238d 3/3 2196d c4048b20ffc5 UPSTREAM: ANDROID: binder: prevent transactions into own process.
WARNING in set_precision C 1320 2217d 2339d 3/3 2217d 06a02a816890 KEYS: DNS: limit the length of option strings
possible deadlock in __might_fault C 10264 2260d 2282d 3/3 2224d d3c79a38843b staging: android: ashmem: Fix possible deadlock in ashmem_ioctl
BUG: using __this_cpu_read() in preemptible code in ipcomp_init_state C 304159 2239d 2358d 2/3 2239d 30df7fb50d32 net: xfrm: use preempt-safe this_cpu_read() in ipcomp_alloc_tfms()
WARNING in binder_send_failed_reply C 74 2274d 2372d 2/3 2272d d3a2afb9382e UPSTREAM: ANDROID: binder: remove WARN() for redundant txn error
KASAN: use-after-free Read in remove_wait_queue C 6 2287d 2296d 2/3 2275d b6c6212514fe ANDROID: binder: synchronize_rcu() when using POLLFREE.
WARNING in __alloc_pages_slowpath (3) C 547 2277d 2280d 2/3 2277d f67385227a42 ANDROID: keychord: Check for write data size
KASAN: double-free or invalid-free in relay_open C 64 2291d 2342d 2/3 2287d 91cebf98cd94 kernel/relay.c: revert "kernel/relay.c: fix potential memory leak"
BUG: Double free or freeing an invalid pointer (2) C 1 2363d 2363d 2/3 2287d 91cebf98cd94 kernel/relay.c: revert "kernel/relay.c: fix potential memory leak"
KASAN: use-after-free Read in __lock_acquire C 1161 2302d 2373d 2/3 2294d 550c01d0e051 UPSTREAM: ANDROID: binder: remove waitqueue when thread exits.
BUG: bad unlock balance in ipmr_mfc_seq_stop C 7493 2295d 2373d 2/3 2294d 7d3d60ef2256 ip6mr: fix stale iterator
WARNING in task_participate_group_stop C 15 2329d 2486d 2/3 2302d 4d53eb494950 kernel/signal.c: remove the no longer needed SIGNAL_UNKILLABLE check in complete_signal()
general protection fault in ip6_setup_cork 924 2401d 2413d 2/3 2305d 28fa583fd8ce ipv6: flowlabel: do not leave opt->tot_len with garbage
kernel BUG at net/key/af_key.c:LINE! C 1 2465d 2465d 2/3 2305d 6ceabde66643 xfrm: Copy policy family in clone_policy
general protection fault in assoc_array_apply_edit 1 2407d 2407d 2/3 2308d 67bcc5e530d5 assoc_array: Fix a buggy node-splitting case
BUG: unable to handle kernel paging request in snd_seq_oss_readq_puts C 3 2442d 2442d 2/3 2342d 4b52c3170bd8 ALSA: seq: Fix OSS sysex delivery in OSS emulation
KASAN: stack-out-of-bounds Read in memcmp C 4 2488d 2492d 1/3 2368d 0b8656414e29 BACKPORT: xfrm: Don't use sk_family for socket policy lookups
WARNING in reuseport_alloc C 106 2382d 2411d 1/3 2372d 3b0b4d2c47ec soreuseport: fix initialization race
WARNING in skb_warn_bad_offload C 442 2393d 2499d 1/3 2393d net: remove open-coded skb_cow_head.
KASAN: use-after-free Read in fanout_demux_rollover C 5 2435d 2456d 1/3 2393d 6f7cdd4aa0a4 packet: hold bind lock when rebinding to fanout hook
WARNING in __alloc_pages_slowpath C 2412 2399d 2474d 1/3 2399d 1f46caef2914 FROMLIST: ALSA: usx2y: Suppress kernel warning at page allocation failures
KASAN: use-after-free Read in bio_copy_user_iov syz 73 2461d 2492d 1/3 2407d 4099ac938385 scsi: sg: protect accesses to 'reserved' page array
BUG: sleeping function called from invalid context at mm/slab.h:LINE C 3 2484d 2498d 1/3 2407d 0f94b36de37c af_key: Add lock to key dump
BUG: unable to handle kernel NULL pointer dereference in __remove_shared_vm_struct C 1 2470d 2469d 1/3 2407d b65b6ac52e0f fork: fix incorrect fput of ->exe_file causing use-after-free
WARNING in __switch_to C 54 2427d 2495d 1/3 2407d 5e9b07f30d21 x86/fpu: Don't let userspace set bogus xcomp_bv
general protection fault in skb_release_data 1 2479d 2479d 1/3 2407d 304b41014acb ipv6: fix out of bound writes in __ip6_append_data()
WARNING in fib6_del 281 2431d 2468d 1/3 2409d 9b2b08179641 UPSTREAM: ipv6: fib: Unlink replaced routes from their nodes
KASAN: use-after-free Read in parse_ipsecrequests C 7 2499d 2499d 1/3 2469d 3c17d418afb0 UPSTREAM: af_key: Fix sadb_x_ipsecrequest parsing
WARNING in __list_add C 11 2482d 2495d 1/3 2480d 59584701f1e2 ANDROID: keychord: Fix races in keychord_write.
BUG: Double free or freeing an invalid pointer syz 70 2481d 2499d 1/3 2480d 59584701f1e2 ANDROID: keychord: Fix races in keychord_write.
KASAN: slab-out-of-bounds Read in keychord_write syz 2 2501d 2499d 1/3 2494d 913d980e07d8 ANDROID: keychord: Fix a slab out-of-bounds read.