syzbot

 sign-in | mailing list | source | docs
🐞 Open [196]
🐞 Fixed [42]
🐞 Invalid [470]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
💬 Send us feedback

KASAN: slab-out-of-bounds in sg_remove_request at addr ADDR (11)

Status: closed as invalid on 2017/11/05 07:52
First crash: 2574d, last: 2574d
Similar bugs (11)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
android-49 KASAN: slab-out-of-bounds in sg_remove_request at addr ADDR (10) 1 2576d 2576d 0/3 closed as invalid on 2017/11/03 07:08
android-49 KASAN: slab-out-of-bounds in sg_remove_request at addr ADDR (4) 1 2586d 2586d 0/3 closed as invalid on 2017/10/22 18:19
android-49 KASAN: slab-out-of-bounds in sg_remove_request at addr ADDR (7) 1 2584d 2584d 0/3 closed as invalid on 2017/10/25 06:19
android-49 KASAN: slab-out-of-bounds in sg_remove_request at addr ADDR (12) 1 2557d 2557d 0/3 closed as invalid on 2017/11/21 08:19
android-49 KASAN: slab-out-of-bounds in sg_remove_request at addr ADDR (3) 2 2587d 2590d 0/3 closed as invalid on 2017/10/22 12:19
android-49 KASAN: slab-out-of-bounds in sg_remove_request at addr ADDR (6) 1 2584d 2584d 0/3 closed as invalid on 2017/10/24 19:19
android-49 KASAN: slab-out-of-bounds in sg_remove_request at addr ADDR (9) 4 2579d 2582d 0/3 closed as invalid on 2017/10/30 13:35
android-49 KASAN: slab-out-of-bounds in sg_remove_request at addr ADDR (8) 1 2584d 2584d 0/3 closed as invalid on 2017/10/26 15:19
android-49 KASAN: slab-out-of-bounds in sg_remove_request at addr ADDR 19 2591d 2611d 0/3 closed as invalid on 2017/10/18 09:51
android-49 KASAN: slab-out-of-bounds in sg_remove_request at addr ADDR (2) 1 2590d 2590d 0/3 closed as invalid on 2017/10/19 10:51
android-49 KASAN: slab-out-of-bounds in sg_remove_request at addr ADDR (5) 1 2585d 2585d 0/3 closed as invalid on 2017/10/24 05:19

Sample crash report:
   program syz-executor3 not setting count and/or reply_len properly
SELinux: unrecognized netlink message: protocol=0 nlmsg_type=34067 sclass=netlink_route_socket pig=6802 comm=syz-executor0
==================================================================
BUG: KASAN: slab-out-of-bounds in __read_once_size include/linux/compiler.h:243 [inline] at addr ffff8801cf28afc0
BUG: KASAN: slab-out-of-bounds in list_empty include/linux/list.h:189 [inline] at addr ffff8801cf28afc0
BUG: KASAN: slab-out-of-bounds in sg_remove_request+0x103/0x120 drivers/scsi/sg.c:2120 at addr ffff8801cf28afc0

Crashes (2):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2017/11/04 12:02 https://android.googlesource.com/kernel/common android-4.9 dfe0a9bcfc3a d49979f7 .config console log report ci-android-49-kasan-gce
2017/11/03 19:54 https://android.googlesource.com/kernel/common android-4.9 dfe0a9bcfc3a d49979f7 .config console log report ci-android-49-kasan-gce
* Struck through repros no longer work on HEAD.