syzbot |
sign-in | mailing list | source | docs |
| 🐞 Open [712] 🐞 Fixed [297] 🐞 Invalid [838] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes | 💬 Send us feedback |
| Kernel | Title | Repro | Cause bisect | Fix bisect | Count | Last | Reported | Patched | Status |
|---|---|---|---|---|---|---|---|---|---|
| upstream | KASAN: global-out-of-bounds Read in fbcon_get_font fbdev | C | inconclusive | inconclusive | 41 | 1300d | 1597d | 15/26 | fixed on 2020/11/16 12:12 |
| linux-4.14 | KASAN: global-out-of-bounds Read in fbcon_get_font | C | done | 42 | 1287d | 1603d | 1/1 | fixed on 2020/11/13 22:55 |
| Created | Duration | User | Patch | Repo | Result |
|---|---|---|---|---|---|
| 2020/11/08 20:05 | 3h43m | bisect fix | linux-4.19.y | job log (1) | |
| 2020/09/17 02:33 | 23m | bisect fix | linux-4.19.y | job log (0) log |
audit: type=1400 audit(1577900454.396:35): avc: denied { map } for pid=7719 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1
audit: type=1400 audit(1577900465.766:36): avc: denied { map } for pid=7731 comm="syz-executor364" path="/root/syz-executor364662320" dev="sda1" ino=16483 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1
==================================================================
BUG: KASAN: global-out-of-bounds in memcpy include/linux/string.h:348 [inline]
BUG: KASAN: global-out-of-bounds in fbcon_get_font+0x2b2/0x5e0 drivers/video/fbdev/core/fbcon.c:2443
Read of size 32 at addr ffffffff87ecb9e0 by task syz-executor364/7733
CPU: 0 PID: 7733 Comm: syz-executor364 Not tainted 4.19.92-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
__dump_stack lib/dump_stack.c:77 [inline]
dump_stack+0x197/0x210 lib/dump_stack.c:118
print_address_description.cold+0x5/0x20d mm/kasan/report.c:256
kasan_report_error mm/kasan/report.c:354 [inline]
kasan_report mm/kasan/report.c:412 [inline]
kasan_report.cold+0x8c/0x2ba mm/kasan/report.c:396
check_memory_region_inline mm/kasan/kasan.c:260 [inline]
check_memory_region+0x123/0x190 mm/kasan/kasan.c:267
memcpy+0x24/0x50 mm/kasan/kasan.c:302
memcpy include/linux/string.h:348 [inline]
fbcon_get_font+0x2b2/0x5e0 drivers/video/fbdev/core/fbcon.c:2443
con_font_get drivers/tty/vt/vt.c:4400 [inline]
con_font_op+0x20b/0x1250 drivers/tty/vt/vt.c:4559
vt_ioctl+0xd2e/0x2530 drivers/tty/vt/vt_ioctl.c:913
tty_ioctl+0x7f3/0x1510 drivers/tty/tty_io.c:2669
vfs_ioctl fs/ioctl.c:46 [inline]
file_ioctl fs/ioctl.c:501 [inline]
do_vfs_ioctl+0xd5f/0x1380 fs/ioctl.c:688
ksys_ioctl+0xab/0xd0 fs/ioctl.c:705
__do_sys_ioctl fs/ioctl.c:712 [inline]
__se_sys_ioctl fs/ioctl.c:710 [inline]
__x64_sys_ioctl+0x73/0xb0 fs/ioctl.c:710
do_syscall_64+0xfd/0x620 arch/x86/entry/common.c:293
entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x4459b9
Code: e8 fc b8 02 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 8b 12 fc ff c3 66 2e 0f 1f 84 00 00 00 00
RSP: 002b:00007fa968113db8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 00000000006dac58 RCX: 00000000004459b9
RDX: 0000000020000200 RSI: 0000000000004b60 RDI: 0000000000000007
RBP: 00000000006dac50 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 00000000006dac5c
R13: 00007ffece8c78ff R14: 00007fa9681149c0 R15: 20c49ba5e353f7cf
The buggy address belongs to the variable:
fontdata_8x16+0x1000/0x1120
Memory state around the buggy address:
ffffffff87ecb880: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
ffffffff87ecb900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
>ffffffff87ecb980: 00 00 00 00 00 00 00 00 00 00 00 00 fa fa fa fa
^
ffffffff87ecba00: 06 fa fa fa fa fa fa fa 05 fa fa fa fa fa fa fa
ffffffff87ecba80: 06 fa fa fa fa fa fa fa 00 00 03 fa fa fa fa fa
==================================================================
| Time | Kernel | Commit | Syzkaller | Config | Log | Report | Syz repro | C repro | VM info | Assets (help?) | Manager | Title |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2020/01/01 17:43 | linux-4.19.y | c7ecf3e3a71c | 25a0186e | .config | console log | report | syz | C | ci2-linux-4-19 | |||
| 2019/12/03 07:39 | linux-4.19.y | 174651bdf802 | ab342da3 | .config | console log | report | syz | C | ci2-linux-4-19 | |||
| 2019/12/09 23:48 | linux-4.19.y | fb683b5e3f53 | b31eda3d | .config | console log | report | syz | ci2-linux-4-19 | ||||
| 2020/10/09 20:05 | linux-4.19.y | a1b977b49b66 | fa79ed2a | .config | console log | report | info | ci2-linux-4-19 | ||||
| 2020/10/05 20:47 | linux-4.19.y | b09c34517e1a | 1880b4a9 | .config | console log | report | info | ci2-linux-4-19 | ||||
| 2020/08/18 02:17 | linux-4.19.y | c14d30dc9987 | 5ce13532 | .config | console log | report | ci2-linux-4-19 | |||||
| 2020/08/16 02:14 | linux-4.19.y | c14d30dc9987 | 5ce13532 | .config | console log | report | ci2-linux-4-19 | |||||
| 2020/08/14 04:30 | linux-4.19.y | c14d30dc9987 | 54ce1ed6 | .config | console log | report | ci2-linux-4-19 | |||||
| 2020/08/12 21:25 | linux-4.19.y | c14d30dc9987 | 0d7bd2e0 | .config | console log | report | ci2-linux-4-19 | |||||
| 2020/07/20 19:40 | linux-4.19.y | 17a87580a885 | 8caeeeb7 | .config | console log | report | ci2-linux-4-19 | |||||
| 2020/07/20 19:31 | linux-4.19.y | 17a87580a885 | 8caeeeb7 | .config | console log | report | ci2-linux-4-19 | |||||
| 2020/07/19 07:46 | linux-4.19.y | 17a87580a885 | 9c812472 | .config | console log | report | ci2-linux-4-19 | |||||
| 2020/07/15 18:06 | linux-4.19.y | dce0f88600e4 | ada108d0 | .config | console log | report | ci2-linux-4-19 | |||||
| 2020/07/15 11:29 | linux-4.19.y | dce0f88600e4 | ada108d0 | .config | console log | report | ci2-linux-4-19 | |||||
| 2020/07/11 00:18 | linux-4.19.y | dce0f88600e4 | 18d18b59 | .config | console log | report | ci2-linux-4-19 | |||||
| 2020/07/10 06:04 | linux-4.19.y | dce0f88600e4 | edf162e8 | .config | console log | report | ci2-linux-4-19 | |||||
| 2020/07/03 17:52 | linux-4.19.y | 399849e4654e | 6e569755 | .config | console log | report | ci2-linux-4-19 | |||||
| 2020/06/21 06:08 | linux-4.19.y | 3fc898571b97 | c655ec77 | .config | console log | report | ci2-linux-4-19 | |||||
| 2020/06/20 09:13 | linux-4.19.y | 3fc898571b97 | c655ec77 | .config | console log | report | ci2-linux-4-19 | |||||
| 2020/06/12 15:07 | linux-4.19.y | 3fc898571b97 | 819b58b0 | .config | console log | report | ci2-linux-4-19 | |||||
| 2020/06/12 11:57 | linux-4.19.y | 3fc898571b97 | 819b58b0 | .config | console log | report | ci2-linux-4-19 | |||||
| 2020/06/08 16:37 | linux-4.19.y | 106fa147d3da | 7604bb03 | .config | console log | report | ci2-linux-4-19 | |||||
| 2020/06/07 04:23 | linux-4.19.y | 4707d8e57273 | e6b89e4e | .config | console log | report | ci2-linux-4-19 | |||||
| 2020/05/24 23:20 | linux-4.19.y | 1bab61d3e8cd | ce7ca010 | .config | console log | report | ci2-linux-4-19 | |||||
| 2020/05/24 03:08 | linux-4.19.y | 1bab61d3e8cd | 96c92ad3 | .config | console log | report | ci2-linux-4-19 | |||||
| 2020/05/15 21:20 | linux-4.19.y | 258f0cf7ac3b | d7f9fffa | .config | console log | report | ci2-linux-4-19 | |||||
| 2020/05/08 00:24 | linux-4.19.y | 84920cc7fbe1 | 6c70a1c2 | .config | console log | report | ci2-linux-4-19 | |||||
| 2020/05/01 15:59 | linux-4.19.y | 765675379b62 | 143a10e9 | .config | console log | report | ci2-linux-4-19 | |||||
| 2020/05/01 07:14 | linux-4.19.y | 765675379b62 | 3698959a | .config | console log | report | ci2-linux-4-19 | |||||
| 2020/04/30 12:44 | linux-4.19.y | 765675379b62 | 3698959a | .config | console log | report | ci2-linux-4-19 | |||||
| 2020/04/30 01:07 | linux-4.19.y | 765675379b62 | 2dd552a5 | .config | console log | report | ci2-linux-4-19 | |||||
| 2020/04/29 13:25 | linux-4.19.y | 7edd66cf6167 | ba2806db | .config | console log | report | ci2-linux-4-19 | |||||
| 2020/04/25 15:37 | linux-4.19.y | 7edd66cf6167 | a113ba38 | .config | console log | report | ci2-linux-4-19 | |||||
| 2020/04/25 01:25 | linux-4.19.y | 7edd66cf6167 | 03d97a1b | .config | console log | report | ci2-linux-4-19 | |||||
| 2020/04/12 14:06 | linux-4.19.y | dda0e2920330 | 36b0b050 | .config | console log | report | ci2-linux-4-19 | |||||
| 2020/03/31 02:55 | linux-4.19.y | 54b4fa6d3955 | c8d1cc20 | .config | console log | report | ci2-linux-4-19 | |||||
| 2020/03/24 05:35 | linux-4.19.y | 14cfdbd39e31 | 33e14df3 | .config | console log | report | ci2-linux-4-19 | |||||
| 2020/03/22 14:18 | linux-4.19.y | 14cfdbd39e31 | 78267cec | .config | console log | report | ci2-linux-4-19 | |||||
| 2020/03/18 09:18 | linux-4.19.y | 93556fb211fa | 97bc55ce | .config | console log | report | ci2-linux-4-19 | |||||
| 2020/03/12 13:51 | linux-4.19.y | 569209711609 | d850e9d0 | .config | console log | report | ci2-linux-4-19 | |||||
| 2020/02/18 22:05 | linux-4.19.y | 9b15f7fae677 | 012fbc32 | .config | console log | report | ci2-linux-4-19 | |||||
| 2020/01/30 03:58 | linux-4.19.y | 7cdefde351b6 | 5ed23f9a | .config | console log | report | ci2-linux-4-19 | |||||
| 2020/01/14 12:54 | linux-4.19.y | dcd888983542 | 32881205 | .config | console log | report | ci2-linux-4-19 | |||||
| 2020/01/04 23:09 | linux-4.19.y | 3d40d7117e35 | 68256974 | .config | console log | report | ci2-linux-4-19 | |||||
| 2019/12/22 19:56 | linux-4.19.y | 672481c2deff | 8b967267 | .config | console log | report | ci2-linux-4-19 | |||||
| 2019/12/22 17:16 | linux-4.19.y | 672481c2deff | 8b967267 | .config | console log | report | ci2-linux-4-19 | |||||
| 2019/12/10 18:37 | linux-4.19.y | fb683b5e3f53 | 4b83c8fb | .config | console log | report | ci2-linux-4-19 |