syzbot


KASAN: use-after-free Read in refcount_inc_not_zero_checked (2)
Status: upstream: reported syz repro on 2019/03/16 20:12
Reported-by: syzbot+eff6b596cc8194e2f029@syzkaller.appspotmail.com
First crash: 380d, last: 8d19h

Cause bisection: the bug happens on the oldest tested release
Crash: inconsistent lock state in nr_find_socket (log)
Repro: syz .config
similar bugs (2):
Kernel Title Repro Bisected Count Last Reported Patched Status
upstream KASAN: use-after-free Read in refcount_inc_not_zero_checked syz 24 394d 453d 12/17 fixed on 2019/03/06 07:43
linux-4.19 KASAN: use-after-free Read in refcount_inc_not_zero_checked 1 335d 335d 0/1 auto-closed as invalid on 2019/10/25 08:52

Sample crash report:

Fix bisection attempts:
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro
ci-upstream-kasan-gce-root 2020/03/22 06:35 upstream b74b991f bab43553 .config log report syz
ci-upstream-kasan-gce-root 2020/01/27 23:31 upstream 6a1000bd bab43553 .config log report syz
ci-upstream-kasan-gce-root 2019/12/18 18:43 upstream 2187f215 bab43553 .config log report syz
ci-upstream-kasan-gce-root 2019/11/09 16:17 upstream 0058b0a5 bab43553 .config log report syz
ci-upstream-kasan-gce-root 2019/08/19 08:02 upstream 9c7dc824 bab43553 .config log report syz
Crashes (2):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro Maintainers
ci-upstream-kasan-gce-root 2019/03/16 14:30 upstream 9c7dc824 bab43553 .config log report syz davem@davemloft.net, linux-hams@vger.kernel.org, linux-kernel@vger.kernel.org, netdev@vger.kernel.org, ralf@linux-mips.org
ci-upstream-kasan-gce-selinux-root 2019/04/17 19:03 upstream fe5cdef2 b0e8efcb .config log report davem@davemloft.net, linux-hams@vger.kernel.org, linux-kernel@vger.kernel.org, netdev@vger.kernel.org, ralf@linux-mips.org