syzbot

 sign-in | mailing list | source | docs
🐞 Open [1636]
Subsystems
🐞 Fixed [6115]
🐞 Invalid [15312]
Missing Backports [172]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

KASAN: slab-out-of-bounds Read in class_equal

Status: fixed on 2019/08/27 17:15
Reported-by: syzbot+3d04999521633dceb439@syzkaller.appspotmail.com
Fix commit: 95fa145479fb bpf: sockmap/tls, close can race with map free
First crash: 2134d, last: 2060d
Cause bisection: the cause commit could be any of (bisect log):
  7c00e8ae041b Merge tag 'armsoc-soc' of git://git.kernel.org/pub/scm/linux/kernel/git/arm/arm-soc
  a2b7ab45b890 Merge tag 'linux-watchdog-4.18-rc1' of git://www.linux-watchdog.org/linux-watchdog
  721afaa2aeb8 Merge tag 'armsoc-dt' of git://git.kernel.org/pub/scm/linux/kernel/git/arm/arm-soc
   
Duplicate bugs (1)
duplicates (1):
Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
KASAN: use-after-free Read in class_equal kernel syz error 34 2072d 2134d 0/28 closed as dup on 2019/05/26 06:43
Discussions (3)
Title Replies (including bot) Last reply
Reminder: 36 open syzbot bugs in "net/bpf" subsystem 1 (1) 2019/07/03 06:01
Reminder: 30 open syzbot bugs in "net/bpf" subsystem 1 (1) 2019/06/24 05:01
KASAN: slab-out-of-bounds Read in class_equal 1 (2) 2019/05/26 06:39

Sample crash report:
==================================================================
BUG: KASAN: slab-out-of-bounds in class_equal+0x40/0x50 kernel/locking/lockdep.c:1579
Read of size 8 at addr ffff88808f5015d0 by task syz-executor.2/10605

CPU: 1 PID: 10605 Comm: syz-executor.2 Not tainted 5.3.0-rc1+ #76
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:

Allocated by task 2404389456:
BUG: unable to handle page fault for address: ffffffff8c219220
#PF: supervisor read access in kernel mode
#PF: error_code(0x0000) - not-present page
PGD 8c70067 P4D 8c70067 PUD 8c71063 PMD 0 
Thread overran stack, or stack corrupted
Oops: 0000 [#1] PREEMPT SMP KASAN
CPU: 1 PID: 10605 Comm: syz-executor.2 Not tainted 5.3.0-rc1+ #76
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:stack_depot_fetch+0x10/0x30 lib/stackdepot.c:203
Code: ff ff 48 c7 c7 90 f1 d2 88 e8 cc 12 5d fe e9 d7 fe ff ff 90 90 90 90 90 90 90 89 f8 c1 ef 11 25 ff ff 1f 00 81 e7 f0 3f 00 00 <48> 03 3c c5 20 42 29 8b 48 8d 47 18 48 89 06 8b 47 0c c3 0f 1f 00
RSP: 0018:ffff88808f5013b8 EFLAGS: 00010006
RAX: 00000000001f0a00 RBX: ffff88808f501144 RCX: 0000000000000000
RDX: 0000000000000000 RSI: ffff88808f5013c0 RDI: 0000000000003ff0
RBP: ffff88808f5013d8 R08: 0000000000000020 R09: ffffed1015d244fa
R10: ffffed1015d244f9 R11: ffff8880ae9227cf R12: ffffea00023d4000
R13: ffff88808f5015d0 R14: ffff88821bc46e00 R15: ffff88808f501140
FS:  00005555569e9940(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: ffffffff8c219220 CR3: 00000000a0388000 CR4: 00000000001406e0
Call Trace:
Modules linked in:
CR2: ffffffff8c219220
---[ end trace 586405ae249ad1fa ]---
RIP: 0010:stack_depot_fetch+0x10/0x30 lib/stackdepot.c:203
Code: ff ff 48 c7 c7 90 f1 d2 88 e8 cc 12 5d fe e9 d7 fe ff ff 90 90 90 90 90 90 90 89 f8 c1 ef 11 25 ff ff 1f 00 81 e7 f0 3f 00 00 <48> 03 3c c5 20 42 29 8b 48 8d 47 18 48 89 06 8b 47 0c c3 0f 1f 00
RSP: 0018:ffff88808f5013b8 EFLAGS: 00010006
RAX: 00000000001f0a00 RBX: ffff88808f501144 RCX: 0000000000000000
RDX: 0000000000000000 RSI: ffff88808f5013c0 RDI: 0000000000003ff0
RBP: ffff88808f5013d8 R08: 0000000000000020 R09: ffffed1015d244fa
R10: ffffed1015d244f9 R11: ffff8880ae9227cf R12: ffffea00023d4000
R13: ffff88808f5015d0 R14: ffff88821bc46e00 R15: ffff88808f501140
FS:  00005555569e9940(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: ffffffff8c219220 CR3: 00000000a0388000 CR4: 00000000001406e0

Crashes (45):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2019/07/25 11:41 upstream bed38c3e2dca 32329ceb .config console log report syz ci-upstream-kasan-gce-selinux-root
2019/07/10 11:31 upstream e9a83bd23220 f62e1e85 .config console log report syz ci-upstream-kasan-gce-root
2019/06/26 09:10 upstream 249155c20f9b 0a8d1a96 .config console log report syz ci-upstream-kasan-gce-root
2019/06/26 06:32 upstream 249155c20f9b 0a8d1a96 .config console log report syz ci-upstream-kasan-gce-root
2019/06/26 06:31 upstream 249155c20f9b 0a8d1a96 .config console log report syz ci-upstream-kasan-gce-selinux-root
2019/06/25 18:24 upstream 249155c20f9b 0a8d1a96 .config console log report syz ci-upstream-kasan-gce-selinux-root
2019/06/24 11:38 upstream 241e39004581 472f0082 .config console log report syz ci-upstream-kasan-gce-selinux-root
2019/06/16 15:46 upstream e01e060fe00d 442206d7 .config console log report syz ci-upstream-kasan-gce-selinux-root
2019/06/16 10:52 upstream e01e060fe00d 442206d7 .config console log report syz ci-upstream-kasan-gce-selinux-root
2019/06/15 11:18 upstream 0011572c8830 442206d7 .config console log report syz ci-upstream-kasan-gce-selinux-root
2019/06/15 10:21 upstream 0011572c8830 442206d7 .config console log report syz ci-upstream-kasan-gce-smack-root
2019/06/12 22:58 upstream 35110e38e6c5 794a1ad7 .config console log report syz ci-upstream-kasan-gce-root
2019/06/11 20:11 upstream 01ccc3ad4413 5b5826d0 .config console log report syz ci-upstream-kasan-gce-root
2019/06/11 17:18 upstream 01ccc3ad4413 5b5826d0 .config console log report syz ci-upstream-kasan-gce-selinux-root
2019/06/09 05:49 upstream 8d72e5bd86cb 0159583c .config console log report syz ci-upstream-kasan-gce-smack-root
2019/06/08 00:26 upstream 16d72dd4891f ce9107d0 .config console log report syz ci-upstream-kasan-gce-root
2019/06/06 13:39 upstream 156c05917e09 a547defc .config console log report syz ci-upstream-kasan-gce-smack-root
2019/06/05 16:11 upstream 788a024921c4 bfb4a51e .config console log report syz ci-upstream-kasan-gce-root
2019/05/25 09:04 upstream c50bbf615f2f 85c57315 .config console log report syz ci-upstream-kasan-gce-selinux-root
2019/08/07 02:28 net-old 107e47cc80ec c6f01e54 .config console log report syz ci-upstream-net-this-kasan-gce
2019/08/06 23:54 net-old 107e47cc80ec c6f01e54 .config console log report syz ci-upstream-net-this-kasan-gce
2019/07/18 21:18 net-old 49d05fe2c9d1 7bb222f7 .config console log report syz ci-upstream-net-this-kasan-gce
2019/07/10 09:50 net-old e858faf556d4 f62e1e85 .config console log report syz ci-upstream-net-this-kasan-gce
2019/07/01 22:03 net-old 0e3183cd2a64 907bf746 .config console log report syz ci-upstream-net-this-kasan-gce
2019/06/25 08:01 net-old 45d5cb137c36 82c13b6b .config console log report syz ci-upstream-net-this-kasan-gce
2019/06/25 02:03 net-old 45d5cb137c36 82c13b6b .config console log report syz ci-upstream-net-this-kasan-gce
2019/06/21 04:26 net-old 48620e341659 34bf9440 .config console log report syz ci-upstream-net-this-kasan-gce
2019/06/20 19:16 net-old 48620e341659 34bf9440 .config console log report syz ci-upstream-net-this-kasan-gce
2019/06/12 20:53 net-old ec66854c832c 794a1ad7 .config console log report syz ci-upstream-net-this-kasan-gce
2019/06/05 19:46 net-old fdf71426e7c5 bfb4a51e .config console log report syz ci-upstream-net-this-kasan-gce
2019/06/05 11:04 net-old f4cfcfbdf03c bfb4a51e .config console log report syz ci-upstream-net-this-kasan-gce
2019/07/31 11:13 net-next-old 31cc088a4f5d 7c7ded69 .config console log report syz ci-upstream-net-kasan-gce
2019/07/16 14:34 net-next-old 192f0f8e9db7 db842eb6 .config console log report syz ci-upstream-net-kasan-gce
2019/07/01 06:17 net-next-old 954a5a029472 699d6448 .config console log report syz ci-upstream-net-kasan-gce
2019/06/19 01:13 net-next-old 13091aa30535 e3f76baa .config console log report syz ci-upstream-net-kasan-gce
2019/06/16 12:50 net-next-old 930cfe0f129d 442206d7 .config console log report syz ci-upstream-net-kasan-gce
2019/06/16 10:10 net-next-old 930cfe0f129d 442206d7 .config console log report syz ci-upstream-net-kasan-gce
2019/06/12 20:14 net-next-old 7a096d579e8e 794a1ad7 .config console log report syz ci-upstream-net-kasan-gce
2019/06/07 02:31 net-next-old 4daa95af7f1c 698773cb .config console log report syz ci-upstream-net-kasan-gce
2019/05/25 08:25 net-next-old af5136f95045 85c57315 .config console log report syz ci-upstream-net-kasan-gce
2019/07/19 00:15 linux-next 6d21a41b7b1f 7bb222f7 .config console log report syz ci-upstream-linux-next-kasan-gce-root
2019/07/02 17:39 linux-next 4fc74c2c8af7 55565fa0 .config console log report syz ci-upstream-linux-next-kasan-gce-root
2019/07/02 15:03 linux-next 4fc74c2c8af7 55565fa0 .config console log report syz ci-upstream-linux-next-kasan-gce-root
2019/06/22 03:26 linux-next dc636f5d78de 34bf9440 .config console log report syz ci-upstream-linux-next-kasan-gce-root
2019/06/07 08:35 linux-next 8b4d1d574048 698773cb .config console log report syz ci-upstream-linux-next-kasan-gce-root
* Struck through repros no longer work on HEAD.