syzbot

 sign-in | mailing list | source | docs
🐞 Open [1597]
Subsystems
🐞 Fixed [6230]
🐞 Invalid [15769]
Missing Backports [183]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

KASAN: use-after-free Read in corrupted (4)

Status: upstream: reported C repro on 2020/08/11 12:47
Subsystems: mm
[Documentation on labels]
Reported-by: syzbot+48135e34de22e3a82c99@syzkaller.appspotmail.com
First crash: 1742d, last: 85d
Cause bisection: introduced by (bisect log) [release commit]:
commit c470abd4fde40ea6a0846a2beab642a578c0b8cd
Author: Linus Torvalds <torvalds@linux-foundation.org>
Date: Sun Feb 19 22:34:00 2017 +0000

  Linux 4.10

Crash: KASAN: use-after-free Read in lock_sock_nested (log)
Repro: syz .config
  
Fix bisection: failed (error log, bisect log)
  
Discussions (1)
Title Replies (including bot) Last reply
KASAN: use-after-free Read in corrupted (4) 2 (4) 2022/06/01 13:51
Similar bugs (16)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KASAN: use-after-free Read in corrupted mm C 2 2556d 2559d 8/28 fixed on 2018/07/09 18:05
linux-4.14 KASAN: use-after-free Read in corrupted syz error 1 1172d 1642d 0/1 upstream: reported syz repro on 2020/11/15 10:58
android-414 KASAN: use-after-free Read in corrupted C 2 2111d 2112d 0/1 public: reported C repro on 2019/08/03 12:36
upstream KASAN: use-after-free Read in corrupted (3) kernel syz done 1 2150d 2150d 12/28 fixed on 2019/08/27 17:15
upstream KASAN: use-after-free Read in corrupted (2) usb syz 1 2212d 2212d 0/28 closed as invalid on 2019/04/25 11:05
upstream KMSAN: uninit-value in corrupted tomoyo syz 2 1280d 1280d 0/28 closed as invalid on 2021/11/18 13:55
android-54 BUG: unable to handle kernel NULL pointer dereference in corrupted C 452 40d 1620d 0/2 upstream: reported C repro on 2020/12/07 19:36
upstream BUG: unable to handle kernel paging request in corrupted (3) C done 45 1291d 1459d 20/28 fixed on 2021/11/10 00:50
linux-4.19 BUG: corrupted list in corrupted C error 4 1053d 1691d 0/1 upstream: reported C repro on 2020/09/27 07:51
linux-5.15 general protection fault in corrupted origin:upstream C 1 1d23h 262d 0/3 upstream: reported C repro on 2024/08/26 11:00
upstream general protection fault in corrupted (2) perf C 2 2320d 2322d 11/28 fixed on 2019/03/06 07:43
upstream general protection fault in corrupted syz 1 2483d 2483d 0/28 closed as invalid on 2018/07/29 11:55
android-54 general protection fault in corrupted C 1 1893d 1893d 0/2 closed as invalid on 2021/10/13 11:17
upstream BUG: unable to handle kernel paging request in corrupted C 10 2325d 2587d 0/28 closed as invalid on 2019/06/11 06:50
android-54 BUG: unable to handle kernel paging request in corrupted C 1 1859d 1859d 0/2 closed as invalid on 2021/10/13 14:32
upstream BUG: unable to handle kernel paging request in corrupted (2) syz done 1 2127d 2127d 0/28 closed as dup on 2019/07/23 07:35
Last patch testing requests (11)
Created Duration User Patch Repo Result
2025/04/18 15:42 24m retest repro upstream report log
2025/04/18 15:42 17m retest repro git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci report log
2025/03/05 09:43 22m retest repro upstream report log
2025/02/07 13:55 26m retest repro linux-next OK log
2025/02/07 13:55 21m retest repro upstream report log
2025/02/07 13:55 18m retest repro git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci report log
2025/02/05 10:00 20m retest repro upstream OK log
2024/11/27 21:09 18m retest repro git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci report log
2024/11/27 10:23 15m retest repro linux-next report log
2024/11/27 09:42 24m retest repro upstream report log
2022/05/23 00:09 17m hdanton@sina.com upstream OK
Fix bisection attempts (12)
Created Duration User Patch Repo Result
2021/09/21 20:37 6m bisect fix upstream error job log
2021/08/21 03:51 20m bisect fix upstream OK (0) job log log
2021/07/12 06:37 22m bisect fix upstream OK (0) job log log
2021/06/12 05:48 21m bisect fix upstream OK (0) job log log
2021/05/13 05:12 21m bisect fix upstream OK (0) job log log
2021/04/12 15:11 22m bisect fix upstream OK (0) job log log
2021/03/12 04:50 19m bisect fix upstream OK (0) job log log
2021/02/17 02:01 0m bisect fix upstream error job log
2021/01/18 01:44 16m bisect fix upstream OK (0) job log log
2020/12/18 22:39 17m bisect fix upstream OK (0) job log log
2020/11/12 12:09 17m bisect fix upstream OK (0) job log log
2020/10/13 03:57 17m bisect fix upstream OK (0) job log log

Sample crash report:
traps: syz-executor322[3610] general protection fault ip:0 sp:0 error:0

Crashes (14):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2022/07/06 13:09 upstream e35e5b6f695d bff65f44 .config console log report syz C ci-upstream-kasan-gce-smack-root general protection fault in corrupted
2023/04/29 23:23 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 14f8db1c0f9a 62df2017 .config console log report syz C [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 BUG: unable to handle kernel paging request in corrupted
2025/02/19 08:58 upstream 6537cfb395f3 9a14138f .config console log report syz / log [disk image (non-bootable)] [vmlinux] [kernel image] [mounted in repro] ci-snapshot-upstream-root BUG: unable to handle kernel paging request in corrupted
2022/05/22 23:01 upstream eaea45fc0e7b 7268fa62 .config console log report syz C ci-upstream-kasan-gce-root general protection fault in corrupted
2022/06/03 19:46 net-old 58f9d52ff689 eee80d3c .config console log report syz C ci-upstream-net-this-kasan-gce BUG: unable to handle kernel paging request in corrupted
2022/06/03 18:49 net-next-old 58f9d52ff689 eee80d3c .config strace log report syz C ci-upstream-net-kasan-gce BUG: unable to handle kernel paging request in corrupted
2022/03/08 04:55 linux-next 91265a6da44d 7bdd8b2c .config console log report syz ci-upstream-linux-next-kasan-gce-root KASAN: use-after-free Read in corrupted
2020/08/24 08:56 upstream cb95712138ec cef5ae68 .config console log report syz ci-upstream-kasan-gce-selinux-root
2020/08/07 12:39 upstream d6efb3ac3e6c cb436c69 .config console log report syz ci-upstream-kasan-gce-selinux-root
2020/08/12 00:11 linux-next 4c9b89d8981b bacaf5fa .config console log report syz ci-upstream-linux-next-kasan-gce-root
2024/11/13 09:26 upstream 3022e9d00ebe 62026c85 .config console log report syz / log [disk image (non-bootable)] [vmlinux] [kernel image] [mounted in repro] ci-snapshot-upstream-root BUG: unable to handle kernel paging request in corrupted
2024/08/21 02:41 linux-next bb1b0acdcd66 9f0ab3fb .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-linux-next-kasan-gce-root BUG: unable to handle kernel paging request in console_flush_all
2024/08/21 01:20 linux-next bb1b0acdcd66 9f0ab3fb .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-linux-next-kasan-gce-root BUG: unable to handle kernel paging request in console_flush_all
2022/07/03 10:19 linux-next cb71b93c2dc3 1434eec0 .config console log report syz C ci-upstream-linux-next-kasan-gce-root general protection fault in corrupted
* Struck through repros no longer work on HEAD.