syzbot

 sign-in | mailing list | source | docs
🐞 Open [1591]
Subsystems
🐞 Fixed [6256]
🐞 Invalid [15853]
Missing Backports [186]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

Applied filters: Label=subsystems:v9fs (drop)
Title Repro Cause bisect Fix bisect Count Last Reported Patched Closed Patch
KCSAN: data-race in p9_conn_cancel / p9_write_work (7) v9fs 2 80d 105d 27/28 never fbc0283fbeae 9p/trans_fd: mark concurrent read and writes to p9_conn->err
KCSAN: data-race in p9_conn_cancel / p9_poll_workfn (9) v9fs 2 71d 109d 27/28 never fbc0283fbeae 9p/trans_fd: mark concurrent read and writes to p9_conn->err
KASAN: use-after-free Read in p9_req_put v9fs 230 11d 1014d 1/28 never 9p: p9_client_create: use p9_client_destroy on failure
general protection fault in p9_client_walk v9fs C 3 62d 78d 27/28 never 3f61ac7c65bd fs/9p: fix NULL pointer dereference on mkdir
BUG: stack guard page was hit in sys_open mm v9fs C 11 161d 197d 28/28 21d 4acb665cf4f3 netfs: Work around recursion by abandoning retry if nothing read
WARNING in p9_client_create (2) v9fs C done 26070 211d 247d 28/28 195d 79efebae4afc 9p: Avoid creating multiple slab caches with the same name
KASAN: slab-use-after-free Read in p9_fid_destroy v9fs C 13 365d 446d 25/28 350d f89ea63f1c65 netfs, 9p: Fix race between umount and async request completion
KASAN: slab-use-after-free Read in p9_client_destroy v9fs 7 369d 381d 25/28 350d f89ea63f1c65 netfs, 9p: Fix race between umount and async request completion
KASAN: slab-use-after-free Write in v9fs_free_request v9fs 9 365d 380d 25/28 350d f89ea63f1c65 netfs, 9p: Fix race between umount and async request completion
KMSAN: uninit-value in p9_client_rpc (2) v9fs C 5 389d 423d 25/28 350d 25460d6f3902 net/9p: fix uninit-value in p9_client_rpc()
KMSAN: uninit-value in v9fs_evict_inode v9fs C 5206 425d 437d 25/28 369d 6630036b7c22 fs/9p: fix uninitialized values during inode evict
KASAN: slab-use-after-free Read in v9fs_stat2inode_dotl v9fs C done 585 425d 480d 25/28 369d 11763a8598f8 fs/9p: fix uaf in in v9fs_stat2inode_dotl
KASAN: wild-memory-access Write in v9fs_get_acl v9fs C 7 778d 812d 22/28 719d 707823e7f22f 9P FS: Fix wild-memory-access write in v9fs_get_acl
BUG: corrupted list in p9_fd_cancel (2) v9fs fuse C error 8 922d 947d 22/28 823d 11c10956515b 9p/fd: fix issue of list_del corruption in p9_fd_cancel()
KFENCE: memory corruption in p9_req_put v9fs 2 920d 923d 22/28 823d 26273ade77f5 9p: set req refcount to zero to avoid uninitialized usage
inconsistent lock state in p9_req_put v9fs 181 965d 1015d 22/28 823d 296ab4a81384 net/9p: use a dedicated spinlock for trans_fd
INFO: task hung in p9_fd_close v9fs C error error 484 933d 2097d 22/28 823d ef575281b21e 9p/trans_fd: always use O_NONBLOCK read/write
KMSAN: uninit-value in p9pdu_readf v9fs 14 1211d 1325d 20/28 1176d 27eb4c3144f7 9p/net: fix missing error check in p9_check_errors
KASAN: invalid-free in p9_client_create (2) v9fs C done 3 1581d 1581d 19/28 1539d 757fed1d0898 Revert "mm/slub: fix a memory leak in sysfs_slab_add()"
WARNING: refcount bug in p9_req_put v9fs syz inconclusive done 6 1832d 2385d 15/28 1653d a39c46067c84 net/9p: validate fds in p9_fd_open
BUG: corrupted list in p9_read_work (2) v9fs syz done error 38 2015d 2377d 15/28 1713d 74d6a5d56629 9p/trans_fd: Fix concurrency del of req_list in p9_fd_cancelled/p9_read_work
KASAN: use-after-free Read in p9_fd_poll v9fs C done 8 2479d 2512d 13/28 2014d 430ac66eb4c5 net/9p/trans_fd.c: fix race-condition by flushing workqueue before the kfree()
BUG: corrupted list in p9_conn_cancel v9fs C done 18 2413d 2514d 13/28 2024d 9f476d7c540c net/9p/trans_fd.c: fix race by holding the lock
general protection fault in p9_conn_cancel v9fs C done 2 2494d 2512d 13/28 2024d 9f476d7c540c net/9p/trans_fd.c: fix race by holding the lock
WARNING: ODEBUG bug in p9_fd_close v9fs C done 82 2474d 2514d 13/28 2024d 430ac66eb4c5 net/9p/trans_fd.c: fix race-condition by flushing workqueue before the kfree()
BUG: corrupted list in p9_write_work v9fs C done 5 2437d 2482d 13/28 2024d 728356dedeff 9p: Add refcount to p9_req_t
memory leak in v9fs_cache_session_get_cookie v9fs C 242 2051d 2198d 13/28 2050d 962a991c5de1 9p/cache.c: Fix memory leak in v9fs_cache_session_get_cookie
BUG: unable to handle kernel NULL pointer dereference in setup_kmem_cache_node v9fs 3 2336d 2337d 11/28 2274d 09c2e76ed734 slab: alien caches must not be initialized if the allocation of the alien cache failed
WARNING in kmem_cache_create_usercopy v9fs C 10 2339d 2398d 11/28 2324d 574d356b7a02 9p/net: put a lower bound on msize
KASAN: invalid-free in p9stat_free v9fs C 3 2466d 2466d 11/28 2388d 62e3941776fe 9p: clear dangling pointers in p9stat_free 81c99089bce6 v9fs_dir_readdir: fix double-free on p9stat_read error
KASAN: use-after-free Read in _copy_from_iter v9fs C 12 2491d 2503d 11/28 2388d 728356dedeff 9p: Add refcount to p9_req_t
WARNING: kmalloc bug in __v9fs_get_acl v9fs C 212 2405d 2513d 11/28 2388d 61448479a9f2 mm: don't warn about large allocations for slab
BUG: corrupted list in p9_read_work v9fs syz 23 2396d 2507d 11/28 2388d e4ca13f7d075 9p/trans_fd: abort p9_read_work if req status changed
general protection fault in vsscanf v9fs C 7 2482d 2513d 8/28 2458d 10aa14527f45 9p: fix multiple NULL-pointer-dereferences
KASAN: slab-out-of-bounds Read in pdu_read v9fs C 267 2479d 2514d 8/28 2464d f984579a01d8 9p: validate PDU length 7913690dcc5e net/9p/client.c: version pointer uninitialized
general protection fault in p9_fd_create_unix v9fs C 4 2510d 2513d 8/28 2464d 10aa14527f45 9p: fix multiple NULL-pointer-dereferences
BUG: corrupted list in p9_fd_cancel v9fs C 34 2500d 2514d 8/28 2464d 9f476d7c540c net/9p/trans_fd.c: fix race by holding the lock
KASAN: use-after-free Read in p9_poll_workfn v9fs C 148 2475d 2514d 8/28 2464d 430ac66eb4c5 net/9p/trans_fd.c: fix race-condition by flushing workqueue before the kfree()