An In-depth Analysis of Duplicated Linux Kernel Bug Reports

Dongliang Mu, Yuhang Wu, Zhenpeng Lin, Yueqi Chen, Chensheng Yu, Xinyu Xing, Gang Wang

Research output: Contribution to conferencePaperpeer-review


In the past three years, the continuous fuzzing projects Syzkaller and Syzbot have achieved great success in detecting kernel vulnerabilities, finding more kernel bugs than those found in the past 20 years. However, a side effect of
continuous fuzzing is that it generates an excessive number of crash reports, many of which are “duplicated” reports caused by the same bug. While Syzbot uses a simple heuristic to group (deduplicate) reports, we find that it is often inaccurate. In this paper, we empirically analyze the duplicated kernel bug reports to understand: (1) the prevalence of duplication; (2) the potential costs introduced by duplication; and (3) the key causes behind the duplication problem. We collected all of the fixed kernel bugs from September 2017 to November 2020, including 3.24 million crash reports grouped by Syzbot under 2,526 bug reports (identified by unique bug titles). We found the bug reports indeed had duplication: 47.1% of the 2,526 bug reports are duplicated with one or more other reports. By analyzing the metadata of these reports, we found undetected duplication introduced extra costs in terms of time and developer efforts. Then we organized Linux kernel experts to analyze a sample of duplicated bugs (375 bug reports, unique 120 bugs) and identified 6 key contributing factors to the duplication. Based on these empirical findings, we proposed and prototyped actionable strategies for bug deduplication. After confirming their effectiveness using a ground-truth dataset, we further applied our methods and identified previously unknown duplication cases among open bugs.
Original languageEnglish (US)
StatePublished - 2022
EventNetwork and Distributed Systems Security (NDSS) Symposium 2022 - San Diego, United States
Duration: Feb 27 2022Mar 3 2022


ConferenceNetwork and Distributed Systems Security (NDSS) Symposium 2022
Country/TerritoryUnited States
CitySan Diego


Dive into the research topics of 'An In-depth Analysis of Duplicated Linux Kernel Bug Reports'. Together they form a unique fingerprint.

Cite this