syzbot |
sign-in | mailing list | source | docs |
🐞 Open [971] 🐞 Fixed [3862] 🐞 Invalid [8336] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes |
Kernel | Title | Repro | Cause bisect | Fix bisect | Count | Last | Reported | Patched | Status |
---|---|---|---|---|---|---|---|---|---|
linux-4.19 | possible deadlock in __might_fault | C | done | 385 | 921d | 1172d | 1/1 | fixed on 2020/01/18 20:51 | |
linux-4.14 | possible deadlock in __might_fault | C | done | 295 | 930d | 1171d | 1/1 | fixed on 2020/01/09 09:47 | |
android-44 | possible deadlock in __might_fault | C | 6745 | 1554d | 1581d | 2/2 | fixed on 2018/04/24 18:02 | ||
android-49 | possible deadlock in __might_fault | C | 10264 | 1560d | 1581d | 3/3 | fixed on 2018/04/24 17:23 | ||
android-414 | possible deadlock in __might_fault | 136 | 943d | 1171d | 0/1 | auto-closed as invalid on 2020/03/25 09:38 | |||
upstream | possible deadlock in __might_fault (3) | C | 10722 | 925d | 1396d | 0/22 | closed as dup on 2018/09/16 01:51 | ||
upstream | possible deadlock in __might_fault (2) | C | 20 | 1518d | 1521d | 9/22 | fixed on 2018/07/09 18:05 |
audit: type=1400 audit(1520889706.124:7): avc: denied { map } for pid=4128 comm="syzkaller630279" path="/root/syzkaller630279704" dev="sda1" ino=16481 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 audit: type=1400 audit(1520889706.124:8): avc: denied { map } for pid=4128 comm="syzkaller630279" path="/dev/ashmem" dev="devtmpfs" ino=1139 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:device_t:s0 tclass=chr_file permissive=1 ====================================================== WARNING: possible circular locking dependency detected 4.16.0-rc5+ #351 Not tainted ------------------------------------------------------ syzkaller630279/4128 is trying to acquire lock: (&mm->mmap_sem){++++}, at: [<000000001d32bb58>] __might_fault+0xe0/0x1d0 mm/memory.c:4570 but task is already holding lock: (ashmem_mutex){+.+.}, at: [<00000000ed7c74f0>] ashmem_pin_unpin drivers/staging/android/ashmem.c:705 [inline] (ashmem_mutex){+.+.}, at: [<00000000ed7c74f0>] ashmem_ioctl+0x3db/0x11b0 drivers/staging/android/ashmem.c:782 which lock already depends on the new lock. the existing dependency chain (in reverse order) is: -> #1 (ashmem_mutex){+.+.}: __mutex_lock_common kernel/locking/mutex.c:756 [inline] __mutex_lock+0x16f/0x1a80 kernel/locking/mutex.c:893 mutex_lock_nested+0x16/0x20 kernel/locking/mutex.c:908 ashmem_mmap+0x53/0x410 drivers/staging/android/ashmem.c:362 call_mmap include/linux/fs.h:1786 [inline] mmap_region+0xa99/0x15a0 mm/mmap.c:1705 do_mmap+0x6c0/0xe00 mm/mmap.c:1483 do_mmap_pgoff include/linux/mm.h:2223 [inline] vm_mmap_pgoff+0x1de/0x280 mm/util.c:355 SYSC_mmap_pgoff mm/mmap.c:1533 [inline] SyS_mmap_pgoff+0x462/0x5f0 mm/mmap.c:1491 SYSC_mmap arch/x86/kernel/sys_x86_64.c:100 [inline] SyS_mmap+0x16/0x20 arch/x86/kernel/sys_x86_64.c:91 do_syscall_64+0x281/0x940 arch/x86/entry/common.c:287 entry_SYSCALL_64_after_hwframe+0x42/0xb7 -> #0 (&mm->mmap_sem){++++}: lock_acquire+0x1d5/0x580 kernel/locking/lockdep.c:3920 __might_fault+0x13a/0x1d0 mm/memory.c:4571 _copy_from_user+0x2c/0x110 lib/usercopy.c:10 copy_from_user include/linux/uaccess.h:147 [inline] ashmem_pin_unpin drivers/staging/android/ashmem.c:710 [inline] ashmem_ioctl+0x438/0x11b0 drivers/staging/android/ashmem.c:782 vfs_ioctl fs/ioctl.c:46 [inline] do_vfs_ioctl+0x1b1/0x1520 fs/ioctl.c:686 SYSC_ioctl fs/ioctl.c:701 [inline] SyS_ioctl+0x8f/0xc0 fs/ioctl.c:692 do_syscall_64+0x281/0x940 arch/x86/entry/common.c:287 entry_SYSCALL_64_after_hwframe+0x42/0xb7 other info that might help us debug this: Possible unsafe locking scenario: CPU0 CPU1 ---- ---- lock(ashmem_mutex); lock(&mm->mmap_sem); lock(ashmem_mutex); lock(&mm->mmap_sem); *** DEADLOCK *** 1 lock held by syzkaller630279/4128: #0: (ashmem_mutex){+.+.}, at: [<00000000ed7c74f0>] ashmem_pin_unpin drivers/staging/android/ashmem.c:705 [inline] #0: (ashmem_mutex){+.+.}, at: [<00000000ed7c74f0>] ashmem_ioctl+0x3db/0x11b0 drivers/staging/android/ashmem.c:782 stack backtrace: CPU: 1 PID: 4128 Comm: syzkaller630279 Not tainted 4.16.0-rc5+ #351 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:17 [inline] dump_stack+0x194/0x24d lib/dump_stack.c:53 print_circular_bug.isra.38+0x2cd/0x2dc kernel/locking/lockdep.c:1223 check_prev_add kernel/locking/lockdep.c:1863 [inline] check_prevs_add kernel/locking/lockdep.c:1976 [inline] validate_chain kernel/locking/lockdep.c:2417 [inline] __lock_acquire+0x30a8/0x3e00 kernel/locking/lockdep.c:3431 lock_acquire+0x1d5/0x580 kernel/locking/lockdep.c:3920 __might_fault+0x13a/0x1d0 mm/memory.c:4571 _copy_from_user+0x2c/0x110 lib/usercopy.c:10 copy_from_user include/linux/uaccess.h:147 [inline] ashmem_pin_unpin drivers/staging/android/ashmem.c:710 [inline] ashmem_ioctl+0x438/0x11b0 drivers/staging/android/ashmem.c:782 vfs_ioctl fs/ioctl.c:46 [inline] do_vfs_ioctl+0x1b1/0x1520 fs/ioctl.c:686 SYSC_ioctl fs/ioctl.c:701 [inline] SyS_ioctl+0x8f/0xc0 fs/ioctl.c:692 do_syscall_64+0x281/0x940 arch/x86/entry/common.c:287 entry_SYSCALL_64_after_hwframe+0x42/0xb7 RIP: 0033:0x43fd19 RSP: 002b:00007ffdf4578d98 EFLAGS: 00000217 ORIG_RAX: 0000000000000010 RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 000000000043fd19 RDX: 0000000000000000 RSI: 0000000000007709 RDI: 0000000000000003 RBP: 00000000006ca018 R08: 000000000000000
Manager | Time | Kernel | Commit | Syzkaller | Config | Log | Report | Syz repro | C repro | VM info | Title |
---|---|---|---|---|---|---|---|---|---|---|---|
ci-upstream-kasan-gce | 2018/03/12 21:24 | upstream | 0c8efd610b58 | f505ca4b | .config | log | report | syz | C | ||
ci-upstream-kasan-gce | 2018/03/10 06:16 | upstream | 719ea86151f3 | 36d1c454 | .config | log | report | syz | C | ||
ci-upstream-kasan-gce | 2018/03/08 08:19 | upstream | 851710a80961 | d50edb7e | .config | log | report | syz | C | ||
ci-upstream-kasan-gce | 2018/03/06 12:44 | upstream | 094b58e1040a | aef0b792 | .config | log | report | syz | C | ||
ci-upstream-kasan-gce | 2018/03/01 22:54 | upstream | 8da5db7ddae1 | 2c6f473e | .config | log | report | syz | C | ||
ci-upstream-kasan-gce | 2018/02/26 10:38 | upstream | c89be5242607 | 9fe8aa42 | .config | log | report | syz | C | ||
ci-upstream-kasan-gce | 2018/02/26 09:55 | upstream | c89be5242607 | 9fe8aa42 | .config | log | report | syz | C | ||
ci-upstream-kasan-gce | 2018/02/26 09:41 | upstream | c89be5242607 | 9fe8aa42 | .config | log | report | syz | C | ||
ci-upstream-kasan-gce-386 | 2018/02/26 10:20 | upstream | c89be5242607 | 9fe8aa42 | .config | log | report | syz | C | ||
ci-upstream-kasan-gce-386 | 2018/02/26 09:55 | upstream | c89be5242607 | 9fe8aa42 | .config | log | report | syz | C | ||
ci-upstream-kasan-gce-386 | 2018/02/26 09:41 | upstream | c89be5242607 | 9fe8aa42 | .config | log | report | syz | C | ||
ci-upstream-kasan-gce-386 | 2018/02/23 09:55 | upstream | 0f9da844d877 | 8d8e2494 | .config | log | report | syz | C | ||
ci-upstream-kasan-gce-386 | 2018/03/12 21:24 | upstream | 0c8efd610b58 | f505ca4b | .config | log | report | syz | |||
ci-upstream-kasan-gce-386 | 2018/03/10 06:45 | upstream | 719ea86151f3 | 36d1c454 | .config | log | report | syz | |||
ci-upstream-kasan-gce-386 | 2018/03/08 08:25 | upstream | 851710a80961 | d50edb7e | .config | log | report | syz | |||
ci-upstream-kasan-gce-386 | 2018/03/06 12:46 | upstream | 094b58e1040a | aef0b792 | .config | log | report | syz | |||
ci-upstream-kasan-gce-386 | 2018/03/05 07:47 | upstream | e64b9562ba28 | 2c6f473e | .config | log | report | syz | |||
ci-upstream-kasan-gce-386 | 2018/03/03 11:34 | upstream | 0573fed92b67 | 2c6f473e | .config | log | report | syz | |||
ci-upstream-kasan-gce-386 | 2018/03/01 22:53 | upstream | 8da5db7ddae1 | 2c6f473e | .config | log | report | syz | |||
ci-upstream-kasan-gce | 2018/03/13 13:18 | upstream | fc6eabbbf8ef | 08dacaa0 | .config | log | report | ||||
ci-upstream-kasan-gce | 2018/03/13 01:19 | upstream | fc6eabbbf8ef | f505ca4b | .config | log | report | ||||
ci-upstream-kasan-gce | 2018/03/11 08:33 | upstream | 3266b5bd97ea | 36d1c454 | .config | log | report | ||||
ci-upstream-kasan-gce | 2018/03/11 00:58 | upstream | 3266b5bd97ea | 36d1c454 | .config | log | report | ||||
ci-upstream-kasan-gce | 2018/03/09 23:36 | upstream | 719ea86151f3 | 36d1c454 | .config | log | report | ||||
ci-upstream-kasan-gce | 2018/03/08 16:38 | upstream | 1b88accf6a65 | acd0caa5 | .config | log | report | ||||
ci-upstream-kasan-gce | 2018/03/08 13:12 | upstream | 1b88accf6a65 | acd0caa5 | .config | log | report | ||||
ci-upstream-kasan-gce | 2018/03/08 06:28 | upstream | 851710a80961 | d50edb7e | .config | log | report | ||||
ci-upstream-kasan-gce | 2018/03/06 19:36 | upstream | ce380619fab9 | c8a18476 | .config | log | report | ||||
ci-upstream-kasan-gce | 2018/03/05 16:18 | upstream | 661e50bc8532 | bbd5104f | .config | log | report | ||||
ci-upstream-kasan-gce | 2018/03/05 14:49 | upstream | 661e50bc8532 | bbd5104f | .config | log | report | ||||
ci-upstream-kasan-gce | 2018/03/05 13:08 | upstream | 661e50bc8532 | bbd5104f | .config | log | report | ||||
ci-upstream-kasan-gce | 2018/03/02 16:56 | upstream | 5d60e057d127 | 2c6f473e | .config | log | report | ||||
ci-upstream-kasan-gce | 2018/03/02 12:32 | upstream | 5d60e057d127 | 2c6f473e | .config | log | report | ||||
ci-upstream-kasan-gce | 2018/03/02 00:30 | upstream | 8da5db7ddae1 | 2c6f473e | .config | log | report | ||||
ci-upstream-kasan-gce | 2018/02/27 18:33 | upstream | 6f70eb2b00eb | 05b5a32c | .config | log | report | ||||
ci-upstream-kasan-gce | 2018/02/25 23:11 | upstream | 3664ce2d9309 | 9fe8aa42 | .config | log | report | ||||
ci-upstream-kasan-gce | 2018/02/25 21:56 | upstream | 3664ce2d9309 | 9fe8aa42 | .config | log | report | ||||
ci-upstream-kasan-gce | 2018/02/25 14:36 | upstream | 3664ce2d9309 | 5c1e0207 | .config | log | report | ||||
ci-upstream-kasan-gce | 2018/02/25 14:32 | upstream | 3664ce2d9309 | 5c1e0207 | .config | log | report | ||||
ci-upstream-kasan-gce | 2018/02/25 14:29 | upstream | 3664ce2d9309 | 5c1e0207 | .config | log | report | ||||
ci-upstream-kasan-gce | 2018/02/25 14:29 | upstream | 3664ce2d9309 | 5c1e0207 | .config | log | report | ||||
ci-upstream-kasan-gce | 2018/02/25 14:25 | upstream | 3664ce2d9309 | 5c1e0207 | .config | log | report | ||||
ci-upstream-kasan-gce | 2018/02/25 14:24 | upstream | 3664ce2d9309 | 5c1e0207 | .config | log | report | ||||
ci-upstream-kasan-gce | 2018/02/25 14:16 | upstream | 3664ce2d9309 | 5c1e0207 | .config | log | report | ||||
ci-upstream-kasan-gce | 2018/02/25 14:13 | upstream | 3664ce2d9309 | 5c1e0207 | .config | log | report | ||||
ci-upstream-kasan-gce | 2018/02/25 14:12 | upstream | 3664ce2d9309 | 5c1e0207 | .config | log | report | ||||
ci-upstream-kasan-gce | 2018/02/25 14:05 | upstream | 3664ce2d9309 | 5c1e0207 | .config | log | report | ||||
ci-upstream-kasan-gce | 2018/02/25 14:05 | upstream | 3664ce2d9309 | 5c1e0207 | .config | log | report | ||||
ci-upstream-kasan-gce | 2018/02/25 14:03 | upstream | 3664ce2d9309 | 5c1e0207 | .config | log | report | ||||
ci-upstream-kasan-gce | 2018/02/25 13:52 | upstream | 3664ce2d9309 | 5c1e0207 | .config | log | report | ||||
ci-upstream-kasan-gce | 2018/02/25 13:48 | upstream | 3664ce2d9309 | 5c1e0207 | .config | log | report | ||||
ci-upstream-kasan-gce-386 | 2018/03/13 14:42 | upstream | fc6eabbbf8ef | 08dacaa0 | .config | log | report | ||||
ci-upstream-kasan-gce-386 | 2018/03/11 05:50 | upstream | 3266b5bd97ea | 36d1c454 | .config | log | report | ||||
ci-upstream-kasan-gce-386 | 2018/03/10 23:10 | upstream | 3266b5bd97ea | 36d1c454 | .config | log | report | ||||
ci-upstream-kasan-gce-386 | 2018/03/10 20:21 | upstream | cdb06e9d8f52 | 36d1c454 | .config | log | report | ||||
ci-upstream-kasan-gce-386 | 2018/03/10 18:47 | upstream | cdb06e9d8f52 | 36d1c454 | .config | log | report | ||||
ci-upstream-kasan-gce-386 | 2018/03/10 08:54 | upstream | cdb06e9d8f52 | 36d1c454 | .config | log | report | ||||
ci-upstream-kasan-gce-386 | 2018/03/07 09:15 | upstream | 86f84779d8e9 | c8a18476 | .config | log | report | ||||
ci-upstream-kasan-gce-386 | 2018/03/06 03:03 | upstream | 094b58e1040a | aef0b792 | .config | log | report | ||||
ci-upstream-kasan-gce-386 | 2018/03/02 06:50 | upstream | 8da5db7ddae1 | 2c6f473e | .config | log | report | ||||
ci-upstream-kasan-gce-386 | 2018/02/28 05:17 | upstream | f3afe530d644 | 05b5a32c | .config | log | report | ||||
ci-upstream-kasan-gce-386 | 2018/02/28 02:13 | upstream | f3afe530d644 | 05b5a32c | .config | log | report | ||||
ci-upstream-kasan-gce-386 | 2018/02/23 09:33 | upstream | 0f9da844d877 | 8d8e2494 | .config | log | report |