syzbot |
sign-in | mailing list | source | docs |
| 🐞 Open [717] 🐞 Fixed [181] 🐞 Invalid [640] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes | 💬 Send us feedback |
| Created | Duration | User | Patch | Repo | Result |
|---|---|---|---|---|---|
| 2023/02/08 03:32 | 9m | retest repro | linux-4.14.y | report log | |
| 2023/02/08 02:32 | 10m | retest repro | linux-4.14.y | report log | |
| 2023/02/08 01:32 | 9m | retest repro | linux-4.14.y | report log | |
| 2023/02/08 00:32 | 20m | retest repro | linux-4.14.y | report log | |
| 2022/09/17 19:29 | 10m | retest repro | linux-4.14.y | report log | |
| 2022/09/17 18:29 | 16m | retest repro | linux-4.14.y | report log | |
| 2022/09/17 17:29 | 10m | retest repro | linux-4.14.y | report log | |
| 2022/09/17 16:29 | 10m | retest repro | linux-4.14.y | report log |
================================================================== BUG: KASAN: slab-out-of-bounds in memcpy include/linux/string.h:376 [inline] BUG: KASAN: slab-out-of-bounds in soft_cursor+0x442/0xa50 drivers/video/fbdev/core/softcursor.c:70 Read of size 15 at addr ffff8880b4533c70 by task kworker/1:3/4645 CPU: 1 PID: 4645 Comm: kworker/1:3 Not tainted 4.14.232-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Workqueue: events_power_efficient fb_flashcursor Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x1b2/0x281 lib/dump_stack.c:58 print_address_description.cold+0x54/0x1d3 mm/kasan/report.c:252 kasan_report_error.cold+0x8a/0x191 mm/kasan/report.c:351 kasan_report+0x6f/0x80 mm/kasan/report.c:409 memcpy+0x20/0x50 mm/kasan/kasan.c:302 memcpy include/linux/string.h:376 [inline] soft_cursor+0x442/0xa50 drivers/video/fbdev/core/softcursor.c:70 bit_cursor+0xf7a/0x1580 drivers/video/fbdev/core/bitblit.c:377 fb_flashcursor+0x356/0x3f0 drivers/video/fbdev/core/fbcon.c:373 process_one_work+0x793/0x14a0 kernel/workqueue.c:2116 worker_thread+0x5cc/0xff0 kernel/workqueue.c:2250 kthread+0x30d/0x420 kernel/kthread.c:232 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:404 Allocated by task 7955: save_stack mm/kasan/kasan.c:447 [inline] set_track mm/kasan/kasan.c:459 [inline] kasan_kmalloc+0xeb/0x160 mm/kasan/kasan.c:551 __do_kmalloc mm/slab.c:3720 [inline] __kmalloc+0x15a/0x400 mm/slab.c:3729 kmalloc include/linux/slab.h:493 [inline] fbcon_set_font+0x2fb/0x7c0 drivers/video/fbdev/core/fbcon.c:2459 con_font_set drivers/tty/vt/vt.c:4190 [inline] con_font_op+0x9e8/0xdb0 drivers/tty/vt/vt.c:4234 vt_ioctl+0xd5d/0x1d50 drivers/tty/vt/vt_ioctl.c:938 tty_ioctl+0x50f/0x13c0 drivers/tty/tty_io.c:2661 vfs_ioctl fs/ioctl.c:46 [inline] file_ioctl fs/ioctl.c:500 [inline] do_vfs_ioctl+0x75a/0xff0 fs/ioctl.c:684 SYSC_ioctl fs/ioctl.c:701 [inline] SyS_ioctl+0x7f/0xb0 fs/ioctl.c:692 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x46/0xbb Freed by task 6216: save_stack mm/kasan/kasan.c:447 [inline] set_track mm/kasan/kasan.c:459 [inline] kasan_slab_free+0xc3/0x1a0 mm/kasan/kasan.c:524 __cache_free mm/slab.c:3496 [inline] kfree+0xc9/0x250 mm/slab.c:3815 skb_free_head net/core/skbuff.c:563 [inline] skb_release_data+0x5f6/0x820 net/core/skbuff.c:583 skb_release_all net/core/skbuff.c:640 [inline] __kfree_skb net/core/skbuff.c:654 [inline] consume_skb+0xe0/0x380 net/core/skbuff.c:714 skb_free_datagram+0x16/0xe0 net/core/datagram.c:331 netlink_recvmsg+0x5c1/0xda0 net/netlink/af_netlink.c:1957 sock_recvmsg_nosec net/socket.c:819 [inline] sock_recvmsg net/socket.c:826 [inline] sock_recvmsg+0xc0/0x100 net/socket.c:822 ___sys_recvmsg+0x20b/0x4d0 net/socket.c:2221 __sys_recvmsg+0xa0/0x120 net/socket.c:2266 SYSC_recvmsg net/socket.c:2278 [inline] SyS_recvmsg+0x27/0x40 net/socket.c:2273 do_syscall_64+0x1d5/0x640 arch/x86/entry/common.c:292 entry_SYSCALL_64_after_hwframe+0x46/0xbb The buggy address belongs to the object at ffff8880b4533a80 which belongs to the cache kmalloc-512 of size 512 The buggy address is located 496 bytes inside of 512-byte region [ffff8880b4533a80, ffff8880b4533c80) The buggy address belongs to the page: page:ffffea0002d14cc0 count:1 mapcount:0 mapping:ffff8880b4533080 index:0x0 flags: 0xfff00000000100(slab) raw: 00fff00000000100 ffff8880b4533080 0000000000000000 0000000100000006 raw: ffffea0002d29820 ffffea0002595720 ffff88813fe80940 0000000000000000 page dumped because: kasan: bad access detected Memory state around the buggy address: ffff8880b4533b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ffff8880b4533b80: 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc fc >ffff8880b4533c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc ^ ffff8880b4533c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc ffff8880b4533d00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb ==================================================================
| Time | Kernel | Commit | Syzkaller | Config | Log | Report | Syz repro | C repro | VM info | Assets (help?) | Manager | Title |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2021/05/17 18:27 | linux-4.14.y | 7d7d1c0ab3eb | a2eb125d | .config | console log | report | syz | C | ci2-linux-4-14 | KASAN: slab-out-of-bounds Read in soft_cursor | ||
| 2020/03/05 08:28 | linux-4.14.y | 78d697fc93f9 | 576fb9bc | .config | console log | report | syz | C | ci2-linux-4-14 | |||
| 2020/01/07 12:38 | linux-4.14.y | 84f5ad468100 | 1bcd407e | .config | console log | report | syz | C | ci2-linux-4-14 | |||
| 2019/12/03 13:53 | linux-4.14.y | fbc5fe7a54d0 | ab342da3 | .config | console log | report | syz | C | ci2-linux-4-14 | |||
| 2021/05/07 01:12 | linux-4.14.y | 7d7d1c0ab3eb | 06585184 | .config | console log | report | info | ci2-linux-4-14 | KASAN: slab-out-of-bounds Read in soft_cursor | |||
| 2021/04/17 01:15 | linux-4.14.y | cf256fbcbe34 | 7e2b734b | .config | console log | report | info | ci2-linux-4-14 | KASAN: slab-out-of-bounds Read in soft_cursor | |||
| 2021/04/03 06:18 | linux-4.14.y | bd634aa64163 | 6a81331a | .config | console log | report | info | ci2-linux-4-14 | KASAN: slab-out-of-bounds Read in soft_cursor | |||
| 2021/01/30 16:01 | linux-4.14.y | 2c8a3fceddf0 | fc9fd31e | .config | console log | report | info | ci2-linux-4-14 | KASAN: slab-out-of-bounds Read in soft_cursor | |||
| 2021/01/12 14:50 | linux-4.14.y | ec822b3e8bf4 | 2c1f2513 | .config | console log | report | info | ci2-linux-4-14 | ||||
| 2021/01/09 13:53 | linux-4.14.y | ec822b3e8bf4 | a6c52263 | .config | console log | report | info | ci2-linux-4-14 | ||||
| 2021/01/06 23:47 | linux-4.14.y | 1752938529c6 | c104d4a3 | .config | console log | report | info | ci2-linux-4-14 | ||||
| 2021/01/04 13:43 | linux-4.14.y | 1752938529c6 | 79264ae3 | .config | console log | report | info | ci2-linux-4-14 | ||||
| 2020/11/28 11:00 | linux-4.14.y | 87335852c5d9 | 486f93ef | .config | console log | report | info | ci2-linux-4-14 | ||||
| 2020/11/09 18:22 | linux-4.14.y | 6b6446efedb2 | cba33199 | .config | console log | report | info | ci2-linux-4-14 | ||||
| 2020/09/17 11:18 | linux-4.14.y | cbfa1702aaf6 | 8247808b | .config | console log | report | info | ci2-linux-4-14 | ||||
| 2020/08/22 21:42 | linux-4.14.y | 6a24ca2506d6 | 1da71ab0 | .config | console log | report | ci2-linux-4-14 | |||||
| 2020/07/24 11:14 | linux-4.14.y | 69b94dd6dcd1 | 554af388 | .config | console log | report | ci2-linux-4-14 | |||||
| 2020/07/21 09:41 | linux-4.14.y | b850307b279c | d88894e6 | .config | console log | report | ci2-linux-4-14 | |||||
| 2020/07/16 23:31 | linux-4.14.y | b850307b279c | 54b3c45e | .config | console log | report | ci2-linux-4-14 | |||||
| 2020/07/10 09:52 | linux-4.14.y | b850307b279c | 56d01184 | .config | console log | report | ci2-linux-4-14 | |||||
| 2020/07/05 13:13 | linux-4.14.y | b850307b279c | 22f87567 | .config | console log | report | ci2-linux-4-14 | |||||
| 2020/07/04 17:29 | linux-4.14.y | b850307b279c | 4f739670 | .config | console log | report | ci2-linux-4-14 | |||||
| 2020/06/29 13:44 | linux-4.14.y | b850307b279c | df01f6fc | .config | console log | report | ci2-linux-4-14 | |||||
| 2020/06/28 08:26 | linux-4.14.y | b850307b279c | a2cdad9d | .config | console log | report | ci2-linux-4-14 | |||||
| 2020/06/25 18:53 | linux-4.14.y | b850307b279c | adb7d9e6 | .config | console log | report | ci2-linux-4-14 | |||||
| 2020/06/23 15:10 | linux-4.14.y | b850307b279c | 54566aff | .config | console log | report | ci2-linux-4-14 | |||||
| 2020/06/09 13:12 | linux-4.14.y | c6db52a88798 | 092934c1 | .config | console log | report | ci2-linux-4-14 | |||||
| 2020/06/08 23:55 | linux-4.14.y | c6db52a88798 | 0d60b78a | .config | console log | report | ci2-linux-4-14 | |||||
| 2020/05/26 01:32 | linux-4.14.y | a41ba30d9df2 | 8ca3b7d2 | .config | console log | report | ci2-linux-4-14 | |||||
| 2020/05/25 01:22 | linux-4.14.y | a41ba30d9df2 | 11284182 | .config | console log | report | ci2-linux-4-14 | |||||
| 2020/05/20 00:08 | linux-4.14.y | ab9dfda23248 | 6d882fd2 | .config | console log | report | ci2-linux-4-14 | |||||
| 2020/05/13 23:47 | linux-4.14.y | ab9dfda23248 | a885920d | .config | console log | report | ci2-linux-4-14 | |||||
| 2020/05/12 07:56 | linux-4.14.y | ab9dfda23248 | a497a5b4 | .config | console log | report | ci2-linux-4-14 | |||||
| 2020/05/10 03:11 | linux-4.14.y | d71f695ce745 | 8742a2b9 | .config | console log | report | ci2-linux-4-14 | |||||
| 2020/05/08 22:21 | linux-4.14.y | d71f695ce745 | e97b06d3 | .config | console log | report | ci2-linux-4-14 | |||||
| 2020/05/03 15:44 | linux-4.14.y | 773e2b1cd56a | 58ae5e18 | .config | console log | report | ci2-linux-4-14 | |||||
| 2020/05/01 21:54 | linux-4.14.y | 050272a0423e | bc734e7a | .config | console log | report | ci2-linux-4-14 | |||||
| 2020/04/18 17:37 | linux-4.14.y | c10b57a567e4 | 365fba24 | .config | console log | report | ci2-linux-4-14 | |||||
| 2020/04/03 22:18 | linux-4.14.y | 4520f06b03ae | ef26b610 | .config | console log | report | ci2-linux-4-14 | |||||
| 2020/03/23 08:34 | linux-4.14.y | 01364dad1d45 | 78267cec | .config | console log | report | ci2-linux-4-14 | |||||
| 2020/03/20 14:02 | linux-4.14.y | 01364dad1d45 | 2c31c529 | .config | console log | report | ci2-linux-4-14 | |||||
| 2020/03/17 22:12 | linux-4.14.y | 12cd844a39ed | 97bc55ce | .config | console log | report | ci2-linux-4-14 | |||||
| 2020/03/01 22:24 | linux-4.14.y | 78d697fc93f9 | 4a4e0509 | .config | console log | report | ci2-linux-4-14 | |||||
| 2020/03/01 00:35 | linux-4.14.y | 78d697fc93f9 | c88c7b75 | .config | console log | report | ci2-linux-4-14 | |||||
| 2020/02/21 03:50 | linux-4.14.y | 98db2bf27b9e | bd2a74a3 | .config | console log | report | ci2-linux-4-14 | |||||
| 2020/02/20 13:58 | linux-4.14.y | 98db2bf27b9e | 81230308 | .config | console log | report | ci2-linux-4-14 | |||||
| 2020/02/05 11:24 | linux-4.14.y | 9fa690a2a016 | 93e5e335 | .config | console log | report | ci2-linux-4-14 | |||||
| 2020/02/02 16:35 | linux-4.14.y | 9fa690a2a016 | 93e5e335 | .config | console log | report | ci2-linux-4-14 | |||||
| 2020/01/28 04:56 | linux-4.14.y | 9a95f25269bd | 56cd6c9b | .config | console log | report | ci2-linux-4-14 | |||||
| 2020/01/24 06:36 | linux-4.14.y | 8bac50406cca | 2e95ab33 | .config | console log | report | ci2-linux-4-14 | |||||
| 2020/01/22 19:08 | linux-4.14.y | c1141b3aab36 | 3334d684 | .config | console log | report | ci2-linux-4-14 | |||||
| 2020/01/14 19:54 | linux-4.14.y | c04fc6fa5c96 | fa12bd3c | .config | console log | report | ci2-linux-4-14 | |||||
| 2020/01/14 19:34 | linux-4.14.y | 6d0c334a400d | fa12bd3c | .config | console log | report | ci2-linux-4-14 | |||||
| 2020/01/10 03:08 | linux-4.14.y | b0cdffaa546e | 4de4e9f0 | .config | console log | report | ci2-linux-4-14 | |||||
| 2020/01/06 20:25 | linux-4.14.y | 84f5ad468100 | 53430d97 | .config | console log | report | ci2-linux-4-14 | |||||
| 2019/12/17 22:56 | linux-4.14.y | bfb9e5c03076 | 1af3875f | .config | console log | report | ci2-linux-4-14 | |||||
| 2019/12/04 05:13 | linux-4.14.y | fbc5fe7a54d0 | 0ecb9746 | .config | console log | report | ci2-linux-4-14 |