syzbot


KASAN: use-after-free Read in corrupted (4)
Status: upstream: reported C repro on 2020/08/11 12:47
Reported-by: syzbot+48135e34de22e3a82c99@syzkaller.appspotmail.com
First crash: 658d, last: 5d11h

Cause bisection: introduced by (bisect log) [release commit]:
commit c470abd4fde40ea6a0846a2beab642a578c0b8cd
Author: Linus Torvalds <torvalds@linux-foundation.org>
Date: Sun Feb 19 22:34:00 2017 +0000

  Linux 4.10

Crash: KASAN: use-after-free Read in lock_sock_nested (log)
Repro: syz .config

Fix bisection: failed (bisect log)
similar bugs (12):
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KASAN: use-after-free Read in corrupted C 2 1473d 1476d 9/22 fixed on 2018/07/09 18:05
linux-4.14 KASAN: use-after-free Read in corrupted syz error 1 88d 558d 0/1 upstream: reported syz repro on 2020/11/15 10:58
android-414 KASAN: use-after-free Read in corrupted C 2 1027d 1028d 0/1 public: reported C repro on 2019/08/03 12:36
upstream KASAN: use-after-free Read in corrupted (3) syz done 1 1067d 1066d 13/22 fixed on 2019/08/27 17:15
upstream KASAN: use-after-free Read in corrupted (2) syz 1 1129d 1129d 0/22 closed as invalid on 2019/04/25 11:05
upstream KMSAN: uninit-value in corrupted syz 2 197d 197d 0/22 closed as invalid on 2021/11/18 13:55
android-54 BUG: unable to handle kernel NULL pointer dereference in corrupted C 166 18h50m 536d 0/2 upstream: reported C repro on 2020/12/07 19:36
upstream BUG: unable to handle kernel paging request in corrupted (3) C done 45 207d 376d 22/22 fixed on 2021/11/10 00:50
linux-4.19 BUG: corrupted list in corrupted C error 3 238d 608d 0/1 upstream: reported C repro on 2020/09/27 07:51
upstream general protection fault in corrupted (2) C 2 1236d 1239d 12/22 fixed on 2019/03/06 07:43
upstream general protection fault in corrupted syz 1 1400d 1400d 0/22 closed as invalid on 2018/07/29 11:55
android-54 general protection fault in corrupted C 1 810d 810d 0/2 closed as invalid on 2021/10/13 11:17
Patch testing requests:
Created Duration User Patch Repo Result
2022/05/23 00:09 17m hdanton@sina.com upstream OK

Sample crash report:
traps: syz-executor229[3615] general protection fault ip:7feb96eb56a1 sp:20000fd0 error:0 in syz-executor2295634012[7feb96e75000+84000]

Crashes (5):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Title
ci-upstream-kasan-gce-root 2022/05/22 23:01 upstream eaea45fc0e7b 7268fa62 .config log report syz C general protection fault in corrupted
ci-upstream-linux-next-kasan-gce-root 2022/03/08 04:55 linux-next 91265a6da44d 7bdd8b2c .config log report syz KASAN: use-after-free Read in corrupted
ci-upstream-kasan-gce-selinux-root 2020/08/24 08:56 upstream cb95712138ec cef5ae68 .config log report syz
ci-upstream-kasan-gce-selinux-root 2020/08/07 12:39 upstream d6efb3ac3e6c cb436c69 .config log report syz
ci-upstream-linux-next-kasan-gce-root 2020/08/12 00:11 linux-next 4c9b89d8981b bacaf5fa .config log report syz