syzbot |
sign-in | mailing list | source | docs |
| 🐞 Open [1166] 🐞 Fixed [4299] 🐞 Invalid [9646] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes |
| Kernel | Title | Repro | Cause bisect | Fix bisect | Count | Last | Reported | Patched | Status |
|---|---|---|---|---|---|---|---|---|---|
| linux-4.19 | KASAN: use-after-free Write in udf_close_lvid udf | C | error | 4 | 21d | 404d | 0/1 | upstream: reported C repro on 2021/12/21 15:22 | |
| linux-4.14 | KASAN: use-after-free Write in udf_close_lvid udf | C | 4 | 21d | 52d | 0/1 | upstream: reported C repro on 2022/12/07 21:30 |
| Created | Duration | User | Patch | Repo | Result |
|---|---|---|---|---|---|
| 2022/05/28 07:34 | 17m | hdanton@sina.com | patch | https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git 97fa5887cf28 | OK |
| 2022/05/24 07:31 | 15m | hdanton@sina.com | patch | upstream | report log |
| 2022/05/24 04:48 | 4m | hdanton@sina.com | patch | upstream | error |
loop0: detected capacity change from 0 to 2048 UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) ================================================================== BUG: KASAN: use-after-free in udf_close_lvid.isra.0+0x4a7/0x550 fs/udf/super.c:2072 Write of size 1 at addr ffff888158290aa8 by task syz-executor364/5062 CPU: 1 PID: 5062 Comm: syz-executor364 Not tainted 6.1.0-syzkaller-11674-g84e57d292203 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 Call Trace: <TASK> __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0xd1/0x138 lib/dump_stack.c:106 print_address_description mm/kasan/report.c:306 [inline] print_report+0x15e/0x45d mm/kasan/report.c:417 kasan_report+0xbf/0x1f0 mm/kasan/report.c:517 udf_close_lvid.isra.0+0x4a7/0x550 fs/udf/super.c:2072 udf_put_super+0x1bb/0x230 fs/udf/super.c:2359 generic_shutdown_super+0x158/0x410 fs/super.c:492 kill_block_super+0x9b/0xf0 fs/super.c:1386 deactivate_locked_super+0x98/0x160 fs/super.c:332 deactivate_super+0xb1/0xd0 fs/super.c:363 cleanup_mnt+0x2ae/0x3d0 fs/namespace.c:1291 task_work_run+0x16f/0x270 kernel/task_work.c:179 exit_task_work include/linux/task_work.h:38 [inline] do_exit+0xaa8/0x2950 kernel/exit.c:867 do_group_exit+0xd4/0x2a0 kernel/exit.c:1010 __do_sys_exit_group kernel/exit.c:1021 [inline] __se_sys_exit_group kernel/exit.c:1019 [inline] __x64_sys_exit_group+0x3e/0x50 kernel/exit.c:1019 do_syscall_x64 arch/x86/entry/common.c:50 [inline] do_syscall_64+0x39/0xb0 arch/x86/entry/common.c:80 entry_SYSCALL_64_after_hwframe+0x63/0xcd RIP: 0033:0x7f2aba16e009 Code: Unable to access opcode bytes at 0x7f2aba16dfdf. RSP: 002b:00007ffc88061b88 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 RAX: ffffffffffffffda RBX: 00007f2aba1de350 RCX: 00007f2aba16e009 RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000001 RBP: 0000000000000001 R08: ffffffffffffffc0 R09: 000000000000000c R10: 000080001d00c0d0 R11: 0000000000000246 R12: 00007f2aba1de350 R13: 0000000000000001 R14: 0000000000000000 R15: 0000000000000001 </TASK> The buggy address belongs to the physical page: page:ffffea000560a400 refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x158290 flags: 0x57ff00000000000(node=1|zone=2|lastcpupid=0x7ff) raw: 057ff00000000000 ffffea000560a408 ffffea000560a408 0000000000000000 raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 page dumped because: kasan: bad access detected page_owner info is not present (never set?) Memory state around the buggy address: ffff888158290980: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ffff888158290a00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff >ffff888158290a80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ^ ffff888158290b00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ffff888158290b80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ==================================================================
| Manager | Time | Kernel | Commit | Syzkaller | Config | Log | Report | Syz repro | C repro | VM info | Assets | Title |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ci-upstream-kasan-gce-smack-root | 2022/12/28 09:05 | upstream | 4b0986a3613c | 4c7657cb | .config | console log | report | syz | C | |||
| ci-upstream-kasan-gce-smack-root | 2022/08/25 13:49 | upstream | c40e8341e3b3 | 4c7657cb | .config | console log | report | syz | C | |||
| ci-upstream-kasan-gce-smack-root | 2022/07/26 04:18 | upstream | e0dccc3b76fb | 4c7657cb | .config | console log | report | syz | C | |||
| ci-upstream-kasan-gce-smack-root | 2022/06/25 20:51 | upstream | 0840a7914caa | 4c7657cb | .config | console log | report | syz | C |
| Manager | Time | Kernel | Commit | Syzkaller | Config | Log | Report | Syz repro | C repro | VM info | Assets | Title |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ci-upstream-kasan-gce-root | 2022/12/16 18:22 | upstream | 84e57d292203 | 79e1d513 | .config | console log | report | syz | C | [disk image] [vmlinux] [kernel image] [mounted in repro] | KASAN: use-after-free Write in udf_close_lvid | |
| ci2-upstream-fs | 2022/11/29 04:59 | upstream | b7b275e60bcd | ca9683b8 | .config | console log | report | syz | C | [disk image] [vmlinux] [kernel image] [mounted in repro] | KASAN: use-after-free Write in udf_close_lvid | |
| ci-upstream-kasan-gce-smack-root | 2022/05/23 17:07 | upstream | 4b0986a3613c | 4c7657cb | .config | console log | report | syz | C | KASAN: use-after-free Write in udf_close_lvid | ||
| ci-upstream-linux-next-kasan-gce-root | 2023/01/21 03:59 | linux-next | d514392f17fd | 559a440a | .config | strace log | report | syz | C | [disk image] [vmlinux] [kernel image] [mounted in repro] | KASAN: use-after-free Write in udf_close_lvid | |
| ci2-upstream-fs | 2023/01/02 17:48 | upstream | 88603b6dc419 | ab32d508 | .config | console log | report | syz | C | [disk image] [vmlinux] [kernel image] [mounted in repro] | BUG: unable to handle kernel paging request in udf_close_lvid | |
| ci2-upstream-fs | 2022/12/30 04:23 | upstream | 2258c2dc850b | 44712fbc | .config | console log | report | syz | C | [disk image] [vmlinux] [kernel image] [mounted in repro] | BUG: unable to handle kernel paging request in udf_close_lvid | |
| ci2-upstream-fs | 2022/12/02 07:49 | upstream | ef4d3ea40565 | e080de16 | .config | console log | report | syz | C | [disk image] [vmlinux] [kernel image] [mounted in repro] | BUG: unable to handle kernel paging request in udf_close_lvid | |
| ci-upstream-kasan-gce-smack-root | 2022/11/04 18:13 | upstream | ee6050c8af96 | 6d752409 | .config | console log | report | syz | C | [disk image] [vmlinux] [kernel image] [mounted in repro #1] [mounted in repro #2] | BUG: unable to handle kernel paging request in udf_close_lvid | |
| ci2-upstream-fs | 2023/01/22 13:54 | upstream | 2241ab53cbb5 | cc0f9968 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | KASAN: use-after-free Write in udf_close_lvid | ||
| ci2-upstream-fs | 2023/01/20 18:33 | upstream | d368967cb103 | dd15ff29 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | KASAN: use-after-free Write in udf_close_lvid | ||
| ci2-upstream-fs | 2023/01/16 10:34 | upstream | 5dc4c995db9e | a63719e7 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | KASAN: use-after-free Write in udf_close_lvid | ||
| ci2-upstream-fs | 2023/01/15 14:01 | upstream | 7c6984405241 | a63719e7 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | KASAN: use-after-free Write in udf_close_lvid | ||
| ci2-upstream-fs | 2023/01/12 10:35 | upstream | e8f60cd7db24 | 96166539 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | KASAN: use-after-free Write in udf_close_lvid | ||
| ci2-upstream-fs | 2022/12/20 20:43 | upstream | 6feb57c2fd7c | d3e76707 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | KASAN: use-after-free Write in udf_close_lvid | ||
| ci2-upstream-fs | 2022/12/05 16:29 | upstream | 76dcd734eca2 | 045cbb84 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | KASAN: use-after-free Write in udf_close_lvid | ||
| ci2-upstream-fs | 2022/12/02 18:17 | upstream | a4412fdd49dc | e080de16 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | KASAN: use-after-free Write in udf_close_lvid | ||
| ci2-upstream-fs | 2022/11/24 09:07 | upstream | 4312098baf37 | ff68ff8f | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | KASAN: use-after-free Write in udf_close_lvid | ||
| ci-upstream-kasan-gce-smack-root | 2022/11/04 17:44 | upstream | ee6050c8af96 | 6d752409 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | KASAN: use-after-free Write in udf_close_lvid |