syzbot |
sign-in | mailing list | source | docs |
🐞 Open [941] ≡ Subsystems 🐞 Fixed [5127] 🐞 Invalid [12267] ⬇ Missing Backports [84] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes | 💬 Send us feedback |
Created | Duration | User | Patch | Repo | Result |
---|---|---|---|---|---|
2020/08/28 16:31 | 9m | coiby.xu@gmail.com | https://github.com/coiby/linux.git syzbot8_test1 | report log | |
2020/08/28 16:25 | 0m | coiby.xu@gmail.com | patch | git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git fb893de323e2d39f7a1f6df425703a2edbdf56ea | error OK |
2020/08/28 16:16 | 0m | coiby.xu@gmail.com | patch | git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git fb893de323e2d39f7a1f6df425703a2edbdf56ea | error OK |
INFO: trying to register non-static key. the code is fine but needs lockdep annotation. turning off the locking correctness validator. CPU: 0 PID: 6821 Comm: kworker/0:0 Not tainted 5.8.0-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Workqueue: events l2cap_chan_timeout Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x1f0/0x31e lib/dump_stack.c:118 register_lock_class+0xf06/0x1520 kernel/locking/lockdep.c:893 __lock_acquire+0xfa/0x2ab0 kernel/locking/lockdep.c:4305 lock_acquire+0x160/0x730 kernel/locking/lockdep.c:5005 __raw_spin_lock_bh include/linux/spinlock_api_smp.h:135 [inline] _raw_spin_lock_bh+0x31/0x40 kernel/locking/spinlock.c:175 spin_lock_bh include/linux/spinlock.h:359 [inline] lock_sock_nested+0x43/0x110 net/core/sock.c:3048 l2cap_sock_teardown_cb+0x72/0x3e0 net/bluetooth/l2cap_sock.c:1520 l2cap_chan_del+0xa3/0x760 net/bluetooth/l2cap_core.c:618 l2cap_chan_close+0x7bf/0xae0 net/bluetooth/l2cap_core.c:823 l2cap_chan_timeout+0x125/0x1e0 net/bluetooth/l2cap_core.c:436 process_one_work+0x789/0xfc0 kernel/workqueue.c:2269 worker_thread+0xaa4/0x1460 kernel/workqueue.c:2415 kthread+0x37e/0x3a0 drivers/block/aoe/aoecmd.c:1234 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:294 ================================================================== BUG: KASAN: use-after-free in instrument_atomic_read include/linux/instrumented.h:56 [inline] BUG: KASAN: use-after-free in atomic_read include/asm-generic/atomic-instrumented.h:27 [inline] BUG: KASAN: use-after-free in pv_hybrid_queued_unfair_trylock kernel/locking/qspinlock_paravirt.h:88 [inline] BUG: KASAN: use-after-free in __pv_queued_spin_lock_slowpath+0x19d/0xc00 kernel/locking/qspinlock.c:443 Read of size 4 at addr ffff88809b2b9088 by task kworker/0:0/6821 CPU: 0 PID: 6821 Comm: kworker/0:0 Not tainted 5.8.0-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Workqueue: events l2cap_chan_timeout Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x1f0/0x31e lib/dump_stack.c:118 print_address_description+0x66/0x620 mm/kasan/report.c:383 __kasan_report mm/kasan/report.c:513 [inline] kasan_report+0x132/0x1d0 mm/kasan/report.c:530 check_memory_region_inline mm/kasan/generic.c:183 [inline] check_memory_region+0x2b5/0x2f0 mm/kasan/generic.c:192 instrument_atomic_read include/linux/instrumented.h:56 [inline] atomic_read include/asm-generic/atomic-instrumented.h:27 [inline] pv_hybrid_queued_unfair_trylock kernel/locking/qspinlock_paravirt.h:88 [inline] __pv_queued_spin_lock_slowpath+0x19d/0xc00 kernel/locking/qspinlock.c:443 pv_queued_spin_lock_slowpath arch/x86/include/asm/paravirt.h:656 [inline] queued_spin_lock_slowpath arch/x86/include/asm/qspinlock.h:51 [inline] queued_spin_lock include/asm-generic/qspinlock.h:85 [inline] do_raw_spin_lock+0x5bf/0x800 kernel/locking/spinlock_debug.c:113 spin_lock_bh include/linux/spinlock.h:359 [inline] lock_sock_nested+0x43/0x110 net/core/sock.c:3048 l2cap_sock_teardown_cb+0x72/0x3e0 net/bluetooth/l2cap_sock.c:1520 l2cap_chan_del+0xa3/0x760 net/bluetooth/l2cap_core.c:618 l2cap_chan_close+0x7bf/0xae0 net/bluetooth/l2cap_core.c:823 l2cap_chan_timeout+0x125/0x1e0 net/bluetooth/l2cap_core.c:436 process_one_work+0x789/0xfc0 kernel/workqueue.c:2269 worker_thread+0xaa4/0x1460 kernel/workqueue.c:2415 kthread+0x37e/0x3a0 drivers/block/aoe/aoecmd.c:1234 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:294 Allocated by task 7587: kasan_save_stack mm/kasan/common.c:48 [inline] kasan_set_track mm/kasan/common.c:56 [inline] __kasan_kmalloc+0x100/0x130 mm/kasan/common.c:461 kmem_cache_alloc_trace+0x1f6/0x2f0 mm/slab.c:3550 kmalloc include/linux/slab.h:554 [inline] kzalloc include/linux/slab.h:666 [inline] l2cap_chan_create+0x4c/0x320 net/bluetooth/l2cap_core.c:450 l2cap_sock_alloc+0x136/0x1d0 net/bluetooth/l2cap_sock.c:1805 l2cap_sock_create+0x11f/0x550 net/bluetooth/l2cap_sock.c:1836 bt_sock_create+0x15b/0x220 net/bluetooth/af_bluetooth.c:130 __sock_create+0x5b3/0x8c0 net/socket.c:1427 sock_create net/socket.c:1478 [inline] __sys_socket+0xde/0x2d0 net/socket.c:1520 __do_sys_socket net/socket.c:1529 [inline] __se_sys_socket net/socket.c:1527 [inline] __x64_sys_socket+0x76/0x80 net/socket.c:1527 do_syscall_64+0x31/0x70 arch/x86/entry/common.c:46 entry_SYSCALL_64_after_hwframe+0x44/0xa9 Freed by task 7587: kasan_save_stack mm/kasan/common.c:48 [inline] kasan_set_track+0x3d/0x70 mm/kasan/common.c:56 kasan_set_free_info+0x17/0x30 mm/kasan/generic.c:355 __kasan_slab_free+0xdd/0x110 mm/kasan/common.c:422 __cache_free mm/slab.c:3418 [inline] kfree+0x10a/0x220 mm/slab.c:3756 l2cap_sock_release+0x154/0x190 net/bluetooth/l2cap_sock.c:1392 __sock_release net/socket.c:596 [inline] sock_close+0xd8/0x260 net/socket.c:1277 __fput+0x34f/0x7b0 fs/file_table.c:281 task_work_run+0x137/0x1c0 kernel/task_work.c:135 get_signal+0x15ab/0x1d30 kernel/signal.c:2547 arch_do_signal+0x33/0x610 arch/x86/kernel/signal.c:811 exit_to_user_mode_loop kernel/entry/common.c:135 [inline] exit_to_user_mode_prepare+0x8d/0x1c0 kernel/entry/common.c:166 syscall_exit_to_user_mode+0x5e/0x1a0 kernel/entry/common.c:241 entry_SYSCALL_64_after_hwframe+0x44/0xa9 The buggy address belongs to the object at ffff88809b2b9000 which belongs to the cache kmalloc-2k of size 2048 The buggy address is located 136 bytes inside of 2048-byte region [ffff88809b2b9000, ffff88809b2b9800) The buggy address belongs to the page: page:000000009376a887 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x9b2b9 flags: 0xfffe0000000200(slab) raw: 00fffe0000000200 ffffea000269d408 ffffea00027df348 ffff8880aa440800 raw: 0000000000000000 ffff88809b2b9000 0000000100000001 0000000000000000 page dumped because: kasan: bad access detected Memory state around the buggy address: ffff88809b2b8f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc ffff88809b2b9000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb >ffff88809b2b9080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb ^ ffff88809b2b9100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb ffff88809b2b9180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb ==================================================================
Time | Kernel | Commit | Syzkaller | Config | Log | Report | Syz repro | C repro | VM info | Assets (help?) | Manager | Title |
---|---|---|---|---|---|---|---|---|---|---|---|---|
2020/08/13 07:48 | upstream | fb893de323e2 | bc15f7db | .config | console log | report | syz | ci-upstream-kasan-gce-smack-root | ||||
2020/08/07 12:24 | upstream | d6efb3ac3e6c | cb436c69 | .config | console log | report | syz | ci-upstream-kasan-gce-smack-root | ||||
2020/10/04 20:34 | net-old | 1f7e877c2051 | 5ef9c291 | .config | console log | report | syz | ci-upstream-net-this-kasan-gce | ||||
2020/08/10 05:21 | net-old | 7c7ab580db49 | 70301872 | .config | console log | report | syz | ci-upstream-net-this-kasan-gce | ||||
2020/08/05 18:08 | net-next-old | 4c900a6b4e05 | b7129355 | .config | console log | report | syz | ci-upstream-net-kasan-gce | ||||
2020/12/14 15:04 | upstream | 2c85ebc57b3e | 97183ed7 | .config | console log | report | info | ci-upstream-kasan-gce-selinux-root | ||||
2020/12/14 13:49 | upstream | 2c85ebc57b3e | b22a7ec3 | .config | console log | report | info | ci-upstream-kasan-gce-selinux-root | ||||
2020/09/12 11:36 | upstream | 729e3d091984 | 21d289c2 | .config | console log | report | ci-qemu-upstream | |||||
2020/09/09 06:29 | upstream | fffe3ae0ee84 | 0ea7a887 | .config | console log | report | ci-qemu-upstream | |||||
2020/09/02 08:00 | upstream | b765a32a2e91 | abf9ba4f | .config | console log | report | ci-upstream-kasan-gce-root | |||||
2020/09/01 07:48 | upstream | b51594df17d0 | d5a3ae1f | .config | console log | report | ci-upstream-kasan-gce-smack-root | |||||
2020/08/19 00:58 | upstream | 18445bf405cb | e1c29030 | .config | console log | report | ci-upstream-kasan-gce-root | |||||
2020/08/05 15:22 | upstream | 442489c21923 | b7129355 | .config | console log | report | ci-upstream-kasan-gce-selinux-root | |||||
2020/11/26 23:48 | net-old | cbf3d60329c4 | 1d2b823e | .config | console log | report | info | ci-upstream-net-this-kasan-gce | ||||
2020/11/07 08:46 | net-old | bf3e76289cd2 | 64069d48 | .config | console log | report | info | ci-upstream-net-this-kasan-gce | ||||
2020/10/12 07:17 | net-old | 874fb9e2ca94 | 4a77ae0b | .config | console log | report | info | ci-upstream-net-this-kasan-gce | ||||
2020/09/09 19:27 | net-old | 843d926b003e | 0ea7a887 | .config | console log | report | ci-upstream-net-this-kasan-gce | |||||
2020/09/09 02:35 | net-old | 19162fd4063a | abf9ba4f | .config | console log | report | ci-upstream-net-this-kasan-gce | |||||
2020/09/06 14:54 | net-old | 94cc242a067a | abf9ba4f | .config | console log | report | ci-upstream-net-this-kasan-gce | |||||
2020/09/01 12:02 | net-old | bb8872a1e6bc | d5a3ae1f | .config | console log | report | ci-upstream-net-this-kasan-gce | |||||
2020/09/01 00:57 | net-old | bb8872a1e6bc | d5a3ae1f | .config | console log | report | ci-upstream-net-this-kasan-gce | |||||
2020/08/30 01:23 | net-old | c8146fe292a7 | d5a3ae1f | .config | console log | report | ci-upstream-net-this-kasan-gce | |||||
2020/08/29 22:05 | net-old | c8146fe292a7 | d5a3ae1f | .config | console log | report | ci-upstream-net-this-kasan-gce | |||||
2020/08/29 06:04 | net-old | 5438dd45831e | d5a3ae1f | .config | console log | report | ci-upstream-net-this-kasan-gce | |||||
2020/08/27 05:16 | net-old | 2e1ec861a605 | 318430cb | .config | console log | report | ci-upstream-net-this-kasan-gce | |||||
2020/08/15 16:39 | net-old | 4ca0d9ac3fd8 | 424dd8e7 | .config | console log | report | ci-upstream-net-this-kasan-gce | |||||
2020/08/13 03:36 | net-old | 06a7a37be55e | bc15f7db | .config | console log | report | ci-upstream-net-this-kasan-gce | |||||
2020/08/12 03:04 | net-old | 633f5b6bca9b | bb3e5fe6 | .config | console log | report | ci-upstream-net-this-kasan-gce | |||||
2020/08/10 17:53 | net-old | 7c7ab580db49 | 7adc7b65 | .config | console log | report | ci-upstream-net-this-kasan-gce | |||||
2020/08/10 07:55 | net-old | 7c7ab580db49 | 70301872 | .config | console log | report | ci-upstream-net-this-kasan-gce | |||||
2020/08/07 15:43 | net-old | 8912fd6a61d7 | cb436c69 | .config | console log | report | ci-upstream-net-this-kasan-gce | |||||
2020/12/04 20:49 | net-next-old | 55fd59b003f6 | 20366b87 | .config | console log | report | info | ci-upstream-net-kasan-gce | ||||
2020/11/22 20:51 | net-next-old | f9e425e99b07 | 0d27f508 | .config | console log | report | info | ci-upstream-net-kasan-gce | ||||
2020/11/18 15:46 | net-next-old | 6997faa997ba | 09323409 | .config | console log | report | info | ci-upstream-net-kasan-gce | ||||
2020/11/14 12:30 | net-next-old | 774626fa440e | 1bf9a662 | .config | console log | report | info | ci-upstream-net-kasan-gce | ||||
2020/11/12 10:03 | net-next-old | e545f8657393 | cca87986 | .config | console log | report | info | ci-upstream-net-kasan-gce | ||||
2020/11/07 22:22 | net-next-old | ae0d0bb29b31 | 64069d48 | .config | console log | report | info | ci-upstream-net-kasan-gce | ||||
2020/09/28 05:09 | net-next-old | 090bc03bc938 | 5dd8aee8 | .config | console log | report | info | ci-upstream-net-kasan-gce | ||||
2020/09/27 17:53 | net-next-old | 435be28b0789 | 5dd8aee8 | .config | console log | report | info | ci-upstream-net-kasan-gce | ||||
2020/09/26 00:15 | net-next-old | aafe8853f5e2 | 4a006f63 | .config | console log | report | info | ci-upstream-net-kasan-gce | ||||
2020/09/24 22:15 | net-next-old | 1a26e88d534b | 54289b08 | .config | console log | report | info | ci-upstream-net-kasan-gce | ||||
2020/09/12 17:26 | net-next-old | 5a6bd84f8154 | ce441f06 | .config | console log | report | ci-upstream-net-kasan-gce | |||||
2020/09/09 01:27 | net-next-old | 4349abdb409b | abf9ba4f | .config | console log | report | ci-upstream-net-kasan-gce | |||||
2020/09/07 16:00 | net-next-old | 02a20d4fef3d | abf9ba4f | .config | console log | report | ci-upstream-net-kasan-gce | |||||
2020/09/06 09:18 | net-next-old | 447a851bdb1a | abf9ba4f | .config | console log | report | ci-upstream-net-kasan-gce | |||||
2020/09/06 05:31 | net-next-old | 447a851bdb1a | abf9ba4f | .config | console log | report | ci-upstream-net-kasan-gce | |||||
2020/08/31 04:07 | net-next-old | 0f091e43310f | d5a3ae1f | .config | console log | report | ci-upstream-net-kasan-gce | |||||
2020/08/30 21:24 | net-next-old | 0f091e43310f | d5a3ae1f | .config | console log | report | ci-upstream-net-kasan-gce | |||||
2020/08/30 09:34 | net-next-old | 0f091e43310f | d5a3ae1f | .config | console log | report | ci-upstream-net-kasan-gce | |||||
2020/08/28 09:48 | net-next-old | 50aba46c234e | 816e0689 | .config | console log | report | ci-upstream-net-kasan-gce | |||||
2020/08/27 11:46 | net-next-old | f09665811b14 | 816e0689 | .config | console log | report | ci-upstream-net-kasan-gce | |||||
2020/08/26 00:53 | net-next-old | fdf1923bf9f7 | 344da168 | .config | console log | report | ci-upstream-net-kasan-gce | |||||
2020/08/24 23:57 | net-next-old | 7611cbb900b4 | 67b599d1 | .config | console log | report | ci-upstream-net-kasan-gce | |||||
2020/08/23 20:38 | net-next-old | d7223aa58671 | cef5ae68 | .config | console log | report | ci-upstream-net-kasan-gce | |||||
2020/08/16 19:39 | net-next-old | 7fca4dee610d | 424dd8e7 | .config | console log | report | ci-upstream-net-kasan-gce | |||||
2020/08/16 05:39 | net-next-old | 7fca4dee610d | 424dd8e7 | .config | console log | report | ci-upstream-net-kasan-gce | |||||
2020/08/15 02:46 | net-next-old | 7fca4dee610d | 424dd8e7 | .config | console log | report | ci-upstream-net-kasan-gce | |||||
2020/08/14 18:01 | net-next-old | a1d21081a60d | 424dd8e7 | .config | console log | report | ci-upstream-net-kasan-gce | |||||
2020/08/14 14:34 | net-next-old | a1d21081a60d | 424dd8e7 | .config | console log | report | ci-upstream-net-kasan-gce | |||||
2020/08/14 00:13 | net-next-old | bfdd5aaa54b0 | 54ce1ed6 | .config | console log | report | ci-upstream-net-kasan-gce | |||||
2020/08/13 17:26 | net-next-old | bfdd5aaa54b0 | bc15f7db | .config | console log | report | ci-upstream-net-kasan-gce | |||||
2020/08/13 08:12 | net-next-old | bfdd5aaa54b0 | bc15f7db | .config | console log | report | ci-upstream-net-kasan-gce | |||||
2020/08/12 22:45 | net-next-old | bfdd5aaa54b0 | bc15f7db | .config | console log | report | ci-upstream-net-kasan-gce | |||||
2020/08/10 22:37 | net-next-old | bfdd5aaa54b0 | 7adc7b65 | .config | console log | report | ci-upstream-net-kasan-gce | |||||
2020/08/08 20:06 | net-next-old | bfdd5aaa54b0 | f721e4a0 | .config | console log | report | ci-upstream-net-kasan-gce | |||||
2020/11/13 01:44 | linux-next | 6dd65e60af98 | 16fca0c8 | .config | console log | report | info | ci-upstream-linux-next-kasan-gce-root | ||||
2020/10/02 18:39 | linux-next | 2172e358cd17 | 4969d6ca | .config | console log | report | info | ci-upstream-linux-next-kasan-gce-root | ||||
2020/09/12 14:32 | linux-next | d5b2251d63b5 | ce441f06 | .config | console log | report | ci-upstream-linux-next-kasan-gce-root | |||||
2020/09/10 23:26 | linux-next | 7ce53e3a447b | 409809d8 | .config | console log | report | ci-upstream-linux-next-kasan-gce-root | |||||
2020/08/17 20:52 | linux-next | 0f1fa5848ab3 | 424dd8e7 | .config | console log | report | ci-upstream-linux-next-kasan-gce-root | |||||
2020/08/17 03:58 | linux-next | 0f1fa5848ab3 | 424dd8e7 | .config | console log | report | ci-upstream-linux-next-kasan-gce-root |