syzbot



Linux

fixed (954):
Title Repro Count Last Reported Closed Patch
general protection fault in icmp_timeout_obj_to_nlattr C 13 13d 17d 5d01h netfilter: nfnetlink_cttimeout: pass default timeout policy to obj_to_nlattr
general protection fault in addr_resolve C 32 40d 57d 5d01h RDMA/core: Check error status of rdma_find_ndev_for_src_ip_rcu
KMSAN: uninit-value in synaptics_detect C 137 5d07h 58d 5d01h Input: synaptics - avoid using uninitialized variable when probing
BUG: unable to handle kernel NULL pointer dereference in sha256_mb_mgr_get_comp_job_avx2 1 39d 38d 5d01h crypto: x86 - remove SHA multibuffer routines and mcryptd
KMSAN: uninit-value in dev_mc_add_excl C 13 9d23h 21d 5d01h rtnetlink: Disallow FDB configuration for non-Ethernet device
KASAN: stack-out-of-bounds Read in __aa_lookupn_ns C 52 21d 52d 5d01h apparmor: Fix uninitialized value in aa_split_fqname
KASAN: slab-out-of-bounds Read in sctp_getsockopt C 9 22d 22d 5d01h sctp: check policy more carefully when getting pr status
WARNING in __put_task_struct (2) C 17 31d 40d 5d01h RDMA/restrack: Protect from reentry to resource return path
KASAN: invalid-free in p9stat_free C 3 83d 83d 5d01h ["9p: clear dangling pointers in p9stat_free" "v9fs_dir_readdir: fix double-free on p9stat_read error"]
possible deadlock in ovl_copy_up_start 2 23d 30d 5d01h ovl: fix recursive oi->lock in ovl_link()
KASAN: use-after-free Read in sha_complete_job 1 44d 43d 5d01h crypto: x86 - remove SHA multibuffer routines and mcryptd
BUG: corrupted list in cpu_stop_queue_work C 24 124d 133d 5d01h shmem: Convert shmem_add_to_page_cache to XArray
KMSAN: uninit-value in dev_uc_add_excl C 20 16d 58d 5d01h rtnetlink: Disallow FDB configuration for non-Ethernet device
general protection fault in rb_erase C 79836 12d 52d 5d01h ext4: fix EXT4_IOC_SWAP_BOOT
KASAN: use-after-free Read in tcf_block_find C 27 46d 52d 5d01h net_sched: fix a crash in tc_new_tfilter()
KASAN: use-after-free Read in seq_escape 1 48d 47d 5d01h ext4: fix use-after-free race in ext4_remount()'s error path
KASAN: use-after-free Read in _copy_from_iter C 12 108d 120d 5d01h 9p: Add refcount to p9_req_t
KASAN: use-after-free Read in gfs2_log_flush syz 14 26d 66d 5d01h gfs2: Don't leave s_fs_info pointing to freed memory in init_sbd
general protection fault in getname_kernel C 10 32d 40d 5d01h gfs2_meta: ->mount() can get NULL dev_name
kernel BUG at arch/x86/mm/physaddr.c:LINE! C 10 6d04h 38d 5d01h ovl: fix error handling in ovl_verify_set_fh()
general protection fault in __skb_flow_dissect (2) C 11 52d 60d 5d01h flow_dissector: lookup netns by skb->sk if skb->dev is NULL
general protection fault in ctnetlink_alloc_filter C 80 54d 58d 5d01h netfilter: ctnetlink: must check mark attributes vs NULL
WARNING: kmalloc bug in krealloc C 2 124d 124d 5d01h mm: don't warn about large allocations for slab
KASAN: slab-out-of-bounds Read in refcount_inc_not_zero_checked 2 30d 31d 5d01h bpf: skmsg, fix psock create on existing kcm/tls port
WARNING: kmalloc bug in __v9fs_get_acl C 212 22d 130d 5d01h mm: don't warn about large allocations for slab
BUG: unable to handle kernel NULL pointer dereference in blk_mq_map_swqueue C 8 32d 52d 5d01h blk-mq: fallback to previous nr_hw_queues when updating fails
KASAN: use-after-free Write in jbd2_log_do_checkpoint 1 66d 61d 5d01h jbd2: fix use after free in jbd2_log_do_checkpoint()
WARNING: kmalloc bug in str_read C 11 27d 71d 5d01h selinux: Add __GFP_NOWARN to allocation at str_read()
KASAN: use-after-free Read in __dev_queue_xmit (3) 11 47d 50d 5d01h net_sched: fix a crash in tc_new_tfilter()
KMSAN: uninit-value in ip_tunnel_lookup (2) C 2 22d 23d 5d01h ip_gre: fix parsing gre header in ipgre_err
KASAN: use-after-free Read in sha512_ctx_mgr_resubmit C 4 44d 94d 5d01h crypto: x86 - remove SHA multibuffer routines and mcryptd
kernel BUG at mm/shmem.c:LINE! C 30 131d 133d 5d01h shmem: Convert shmem_add_to_page_cache to XArray
KASAN: null-ptr-deref Read in refcount_sub_and_test_checked C 31 12d 43d 5d01h ipv6: do not leave garbage in rt->fib6_metrics
WARNING in tcp_cleanup_ulp syz 16 31d 32d 5d01h tcp, ulp: remove socket lock assertion on ULP cleanup
KASAN: use-after-free Read in sctp_outq_select_transport 1 25d 25d 5d01h sctp: clear the transport of some out_chunk_list chunks in sctp_assoc_rm_peer
WARNING: kmalloc bug in input_mt_init_slots C 54 23d 57d 5d01h mm: don't warn about large allocations for slab
general protection fault in dev_gro_receive (2) syz 4 29d 37d 5d01h net: Properly unlink GRO packets on overflow.
upstream boot error (2) 1 18d 18d 5d01h block: brd: associate with queue until adding disk
WARNING: kmalloc bug in get_valid_checkpoint syz 2 191d 191d 5d01h mm: don't warn about large allocations for slab
WARNING in tcp_close syz 284 26d 126d 5d01h tcp: do not release socket ownership in tcp_close()
BUG: corrupted list in p9_read_work syz 23 13d 124d 5d01h 9p/trans_fd: abort p9_read_work if req status changed
general protection fault in netdev_master_upper_dev_get 1 23d 23d 5d01h net/neigh: fix NULL deref in pneigh_dump_table()
KASAN: use-after-free Read in kfree_skb 1 26d 26d 5d01h llc: do not use sk_eat_skb()
KASAN: use-after-free Read in fuse_dev_do_read syz 19 17d 65d 5d01h fuse: Fix use-after-free in fuse_dev_do_read()
WARNING: kmalloc bug in vfs_getxattr_alloc C 9 80d 122d 5d01h mm: don't warn about large allocations for slab
BUG: unable to handle kernel NULL pointer dereference in sha1_mb_mgr_get_comp_job_avx2 1 52d 52d 5d01h crypto: x86 - remove SHA multibuffer routines and mcryptd
WARNING: kmalloc bug in bfs_fill_super C 147 187d 232d 5d01h bfs: add sanity check at bfs_fill_super()
INFO: task hung in ext4_fallocate C 1 48d 47d 5d01h ext4: fix argument checking in EXT4_IOC_MOVE_EXT
WARNING: refcount bug in qdisc_put 5 48d 48d 5d01h net_sched: fix a crash in tc_new_tfilter()
KMSAN: uninit-value in vcs_read C 2343 162d 186d 8d16h vt: prevent leaking uninitialized data to userspace via /dev/vcs*
kernel BUG at include/linux/skbuff.h:LINE! 3 117d 125d 17d nsh: set mac len based on inner packet
KASAN: use-after-free Read in sctp_id2assoc 1 44d 44d 18d sctp: fix race on sctp_id2asoc
WARNING in usb_submit_urb (3) C 58 20d 36d 18d USB: fix the usbfs flag sanitization for control transfers
KMSAN: kernel-infoleak in _copy_to_iter (3) C 36 19d 30d 18d tipc: fix info leak from kernel tipc_event
KASAN: use-after-free Read in inet6_mc_check 1 36d 36d 18d ipv6: mcast: fix a use-after-free in inet6_mc_check
KASAN: slab-out-of-bounds Read in fscache_alloc_cookie C 1936 30d 131d 18d ["fscache: Fix incomplete initialisation of inline key space" "fscache: Fix out of bound read in long cookie keys"]
KASAN: use-after-free Read in __llc_lookup_established 1 38d 37d 18d llc: set SOCK_RCU_FREE in llc_sap_add_socket()
KASAN: slab-out-of-bounds Read in vhci_hub_control C 43 29d 74d 18d usb: usbip: Fix BUG: KASAN: slab-out-of-bounds in vhci_hub_control()
BUG: sleeping function called from invalid context at net/core/dev.c:LINE syz 8 31d 40d 18d xsk: do not call synchronize_net() under RCU read lock
KASAN: slab-out-of-bounds Read in _decode_session6 C 35 18d 76d 18d net/xfrm: fix out-of-bounds packet access
INFO: rcu detected stall in mousedev_write 18 71d 86d 30d Input: mousedev - add a schedule point in mousedev_write()
kernel BUG at net/core/dev.c:LINE! (2) syz 2 38d 38d 30d net: make skb_partial_csum_set() more robust against overflows
KASAN: use-after-free Read in finish_task_switch C 3047 54d 99d 33d KVM: nVMX: Fix bad cleanup on error of get/set nested state IOCTLs
WARNING in __skb_flow_dissect syz 3 38d 39d 37d tun: napi flags belong to tfile
general protection fault in dev_gro_receive syz 8 39d 50d 37d tun: napi flags belong to tfile
possible deadlock in flush_workqueue C 73762 44d 86d 37d net-backports: bonding: avoid possible dead-lock
KASAN: use-after-free Read in rawv6_sendmsg C 84 38d 70d 37d net-backports: ipv6: take rcu lock in rawv6_send_hdrinc()
possible deadlock in rtnetlink_rcv_msg 1 61d 61d 37d net-backports: bonding: avoid possible dead-lock
KASAN: slab-out-of-bounds Read in string (2) 14 43d 50d 37d ovl: fix access beyond unterminated strings
WARNING in pcpu_alloc C 4 38d 47d 37d bpf: don't accept cgroup local storage with zero value size
KASAN: use-after-free Write in ucma_put_ctx syz 11 52d 71d 37d ucma: fix a use-after-free in ucma_resolve_ip()
general protection fault in usb_find_alt_setting (2) C 53 53d 75d 37d USB: handle NULL config in usb_find_alt_setting()
INFO: trying to register non-static key in tun_chr_write_iter 14 38d 50d 37d tun: initialize napi_mutex unconditionally
WARNING in rollback_registered_many 1 48d 48d 37d rtnl: limit IFLA_NUM_TX_QUEUES and IFLA_NUM_RX_QUEUES to 4096
KASAN: use-after-free Read in ip_cmsg_recv_offset C 9 47d 49d 37d net-backports: ipv4: fix use-after-free in ip_cmsg_recv_dstaddr()
possible deadlock in team_vlan_rx_add_vid syz 5 67d 101d 37d team: Forbid enslaving team device to itself
general protection fault in ubifs_mount C 216 57d 75d 37d ubifs: Check for name being NULL while mounting
KMSAN: uninit-value in ip6_tnl_start_xmit C 69 50d 61d 37d ip6_tunnel: be careful when accessing the inner header
KASAN: use-after-free Read in destroy_async_on_interface C 134 53d 75d 37d USB: fix error handling in usb_driver_claim_interface()
WARNING in usb_submit_urb (2) C 259 37d 75d 37d USB: usbdevfs: sanitize flags more
INFO: task hung in unregister_netdevice_notifier (2) 1 46d 46d 37d rtnl: limit IFLA_NUM_TX_QUEUES and IFLA_NUM_RX_QUEUES to 4096
KASAN: use-after-free Read in cma_bind_port syz 2 66d 71d 37d ucma: fix a use-after-free in ucma_resolve_ip()
KMSAN: uninit-value in pppoe_rcv C 2 196d 66d 37d pppoe: fix reception of frames with no mac header
INFO: task hung in rollback_registered_many 4 41d 48d 37d rtnl: limit IFLA_NUM_TX_QUEUES and IFLA_NUM_RX_QUEUES to 4096
WARNING: suspicious RCU usage in inet_csk_route_req C 43 44d 279d 37d tcp/dccp: fix lockdep issue when SYN is backlogged
KMSAN: kernel-infoleak in _copy_to_iter (2) C 7 45d 73d 40d xfrm_user: prevent leaking 2 bytes of kernel memory
general protection fault in rhashtable_walk_start_check C 112 65d 76d 52d tipc: call start and done ops directly in __tipc_nl_compat_dumpit()
WARNING in try_charge syz 649 52d 105d 52d mm: memcontrol: print proper OOM header when no eligible victim left
divide error in nbd_ioctl C 50 67d 74d 52d nbd: don't allow invalid blocksize settings
WARNING in apparmor_secid_to_secctx C 3344 64d 79d 52d apparmor: fix bad debug check in apparmor_secid_to_secctx()
KASAN: use-after-free Read in ceph_destroy_options 1 87d 86d 52d ceph: avoid a use-after-free in ceph_destroy_options()
general protection fault in ovl_free_fs C 4 69d 71d 52d ovl: fix oopses in ovl_fill_super() failure paths
KMSAN: uninit-value in snd_midi_event_encode_byte C 3 75d 76d 52d ALSA: rawmidi: Initialize allocated buffers
KASAN: use-after-free Read in __rhashtable_lookup (2) C 22 66d 86d 52d rds: fix two RCU related problems
general protection fault in rhashtable_walk_exit C 8 66d 68d 52d tipc: check return value of __tipc_dump_start()
KASAN: use-after-free Read in sock_i_ino syz 127 64d 75d 52d tipc: orphan sock in tipc_release()
BUG: unable to handle kernel paging request in kfree (2) C 297 79d 131d 54d net/9p/client.c: version pointer uninitialized
KMSAN: uninit-value in memcmp (2) C 131 66d 57d 55d net: fix uninit-value in __hw_addr_add_ex()
KASAN: use-after-free Write in ip6_dst_destroy 1 132d 132d 65d ipv6: use fib6_info_hold_safe() when necessary
KASAN: stack-out-of-bounds Read in fib_table_lookup 1 125d 125d 67d bpf: sockhash, disallow bpf_tcp_close and update in parallel
WARNING in wiphy_register (2) C 8 92d 94d 67d mac80211_hwsim: require at least one channel
KASAN: use-after-free Read in tipc_group_fill_sock_diag syz 35 73d 90d 67d tipc: switch to rhashtable iterator
KASAN: global-out-of-bounds Read in ip6_xmit 2 248d 248d 67d l2tp: fix races with ipv4-mapped ipv6 addresses
WARNING in __fsnotify_recalc_mask syz 9 89d 91d 67d fsnotify: fix false positive warning on inode delete
KASAN: use-after-free Read in sctp_transport_get_next C 6 82d 85d 67d sctp: hold transport before accessing its asoc in sctp_transport_get_next
KASAN: stack-out-of-bounds Read in __schedule syz 4 79d 81d 67d bpf, sockmap: fix sock_hash_alloc and reject zero-sized keys
BUG: soft lockup in shrink_dcache_parent (2) 7 159d 166d 68d restore cond_resched() in shrink_dcache_parent()
INFO: task hung in fsnotify_mark_destroy_workfn syz 13 99d 213d 70d android: binder: Rate-limit debug and userspace triggered err msgs
KASAN: use-after-free Read in ip6_tnl_start_xmit 1 200d 200d 72d packet: in packet_snd start writing at link layer allocation
INFO: rcu detected stall in snd_pcm_oss_prepare 4 221d 223d 73d ALSA: pcm: Fix endless loop for XRUN recovery in OSS emulation
WARNING in up_write C 725 181d 228d 73d locking/rwsem: Add a new RWSEM_ANONYMOUSLY_OWNED flag
BUG: soft lockup in d_walk C 163 159d 204d 73d restore cond_resched() in shrink_dcache_parent()
general protection fault in vsscanf C 7 100d 130d 75d 9p: fix multiple NULL-pointer-dereferences
net-next boot error 66 109d 114d 81d virtio-net: correctly update XDP_TX counters
WARNING in input_alloc_absinfo C 318 83d 156d 81d Input: do not use WARN() in input_alloc_absinfo()
KASAN: use-after-free Read in ip6_hold_safe C 1 107d 107d 81d l2tp: use sk_dst_check() to avoid race on sk->sk_dst_cache
KASAN: use-after-free Read in iotlb_access_ok 1 106d 102d 81d vhost: reset metadata cache when initializing new IOTLB
general protection fault in process_init_reply C 24 87d 122d 81d fuse: Fix oops at process_init_reply()
WARNING: suspicious RCU usage in bpf_prog_array_copy_core C 22873 81d 95d 81d bpf: fix a rcu usage warning in bpf_prog_array_copy_core()
WARNING: lock held when returning to user space in fuse_lock_inode C 1439 87d 128d 81d fuse: fix initial parallel dirops
WARNING: refcount bug in llc_sap_find C 18 100d 102d 81d llc: use refcount_inc_not_zero() for llc_sap_find()
possible deadlock in rhashtable_lookup_insert_fast C 28 92d 95d 81d ila: make lockdep happy again
KASAN: slab-out-of-bounds Write in crypto_dh_encode_key C 1401 103d 131d 81d crypto: dh - fix calculating encoded key size
KASAN: slab-out-of-bounds Read in _autofs_dev_ioctl C 5 93d 94d 81d autofs: fix autofs_sbi() does not check super block type
KASAN: use-after-free Write in ip6_hold_safe C 25 104d 115d 81d l2tp: use sk_dst_check() to avoid race on sk->sk_dst_cache
general protection fault in validate_checkpoint 186 107d 108d 81d f2fs: fix invalid memory access
BUG: soft lockup in snd_virmidi_output_trigger 3 121d 222d 81d ALSA: virmidi: Fix too long output trigger loop
general protection fault in send_sigurg_to_task C 6 93d 96d 81d signal: Don't send signals to tasks that don't exist
KASAN: slab-out-of-bounds Write in eth_header_parse C 7 99d 112d 81d packet: refine ring v3 block size test to hold one frame
WARNING in __snd_rawmidi_transmit_ack (2) C 6 87d 95d 81d ALSA: seq: virmidi: Fix discarding the unsubscribed output
general protection fault in send_sigio_to_task C 176 92d 96d 81d signal: Don't send signals to tasks that don't exist
KASAN: use-after-free Read in do_shrink_slab 9 87d 91d 81d mm: check shrinker is memcg-aware in register_shrinker_prepared()
KMSAN: uninit-value in do_msgrcv C 8 81d 158d 81d ["ipc/util.c: use ipc_rcu_putref() for failues in ipc_addid()" "ipc: compute kern_ipc_perm.id under the ipc lock" "ipc: reorganize initialization of kern_ipc_perm.seq"]
WARNING: ODEBUG bug in vsock_stream_connect C 42 101d 110d 81d vsock: split dwork to avoid reinitializations
KASAN: slab-out-of-bounds Read in pdu_read C 267 96d 131d 81d ["9p: validate PDU length" "net/9p/client.c: version pointer uninitialized"]
WARNING in close_fs_devices C 137 122d 165d 81d btrfs: fix mount and ioctl device scan ioctl race
general protection fault in string (2) 1 106d 106d 81d net: check extack._msg before print
general protection fault in p9_fd_create_unix C 4 127d 130d 81d 9p: fix multiple NULL-pointer-dereferences
general protection fault in mount_fs C 1 226d 226d 81d hfsplus: don't return 0 when fill_super() failed
general protection fault in open_fs_devices C 8 132d 164d 81d btrfs: fix mount and ioctl device scan ioctl race
general protection fault in smc_ioctl (3) C 15 100d 101d 81d net/smc: move sock lock in smc_ioctl()
KASAN: slab-out-of-bounds Write in vmac_final C 2 158d 154d 81d crypto: vmac - separate tfm and request context
BUG: corrupted list in p9_fd_cancel C 34 117d 131d 81d net/9p/trans_fd.c: fix race by holding the lock
general protection fault in smc_tx_prepared_sends C 7 106d 107d 81d net/smc: move sock lock in smc_ioctl()
KASAN: use-after-free Read in p9_poll_workfn C 148 92d 131d 81d net/9p/trans_fd.c: fix race-condition by flushing workqueue before the kfree()
WARNING: bad usercopy in __kvm_write_guest_page C 4 182d 175d 85d KVM: vmx: use local variable for current_vmptr when emulating VMPTRST
WARNING in refcount_inc (3) C 7 230d 230d 85d mm,vmscan: Allow preallocating memory for register_shrinker().
KASAN: use-after-free Write in irq_bypass_register_consumer C 1632 122d 383d 85d KVM/Eventfd: Avoid crash when assign and deassign specific eventfd in parallel.
KASAN: slab-out-of-bounds Write in process_preds C 6020 144d 220d 85d tracing: Check for no filter when processing event filters
kernel BUG at net/ipv6/route.c:LINE! C 197 103d 125d 101d ipv6: use fib6_info_hold_safe() when necessary
possible deadlock in bond_get_stats C 11 107d 111d 101d bonding: avoid lockdep confusion in bond_get_stats()
kernel BUG at mm/memory.c:LINE! 1 132d 131d 101d mm: fix vma_is_anonymous() false-positives
WARNING in __ip6_make_skb C 1 125d 125d 101d ipv6: use fib6_info_hold_safe() when necessary
general protection fault in tcp_gso_segment 1 126d 126d 101d net: skb_segment() should not return NULL
KASAN: use-after-free Read in refcount_sub_and_test_checked 3 106d 108d 101d Revert "net/ipv6: fix metrics leak"
WARNING in ip6_sk_dst_lookup_flow C 2 106d 123d 101d ipv6: use fib6_info_hold_safe() when necessary
KMSAN: uninit-value in __nf_conntrack_find_get C 67 116d 123d 101d netfilter: conntrack: dccp: treat SYNC/SYNCACK as invalid if no prior state
KASAN: invalid-free in fat_fill_super 1 129d 129d 101d fat: fix memory allocation failure handling of match_strdup()
WARNING in ip6_setup_cork C 4 105d 125d 101d ipv6: use fib6_info_hold_safe() when necessary
KMSAN: kernel-infoleak in put_cmsg C 3 133d 123d 101d ip: in cmsg IP(V6)_ORIGDSTADDR call pskb_may_pull
BUG: unable to handle kernel paging request in neigh_update 1 120d 120d 101d ipv6: use fib6_info_hold_safe() when necessary
KMSAN: uninit-value in gc_worker 10 117d 129d 101d netfilter: conntrack: dccp: treat SYNC/SYNCACK as invalid if no prior state
kernel BUG at fs/userfaultfd.c:LINE! (2) C 8 106d 124d 101d userfaultfd: remove uffd flags from vma->vm_flags if UFFD_EVENT_FORK fails
KASAN: use-after-free Write in dst_release (2) C 3 106d 107d 101d Revert "net/ipv6: fix metrics leak"
KMSAN: kernel-infoleak in _copy_to_iter C 285 116d 152d 101d xfrm_user: prevent leaking 2 bytes of kernel memory
general protection fault in __delayacct_blkio_end C 50 116d 212d 101d delayacct: fix crash in delayacct_blkio_end() after delayacct init failure
unregister_netdevice: waiting for DEV to become free C 170521 101d 212d 101d xfrm: fix missing dst_release() after policy blocking lbcast and multicast
general protection fault in rds_ib_get_mr C 9 142d 241d 101d RDS: RDMA: Fix the NULL-ptr deref in rds_ib_get_mr
KASAN: out-of-bounds Read in bpf_test_finish 9 125d 131d 102d bpf: fix panic due to oob in bpf_prog_test_run_skb
KASAN: slab-out-of-bounds Read in ipv6_gso_pull_exthdrs C 4 140d 156d 102d nsh: set mac len based on inner packet
KASAN: stack-out-of-bounds Read in __d_lookup_rcu 1 121d 121d 102d bpf: sockhash, disallow bpf_tcp_close and update in parallel
WARNING: refcount bug in smap_release_sock C 55 118d 157d 102d ["bpf: sockmap, consume_skb in close path" "bpf: sockmap, error path can not release psock in multi-map case"]
KASAN: stack-out-of-bounds Read in __handle_mm_fault (2) C 3 119d 122d 102d bpf: sockhash, disallow bpf_tcp_close and update in parallel
KASAN: stack-out-of-bounds Read in vma_interval_tree_insert (2) 1 117d 116d 102d bpf: sockhash, disallow bpf_tcp_close and update in parallel
KASAN: stack-out-of-bounds Read in kernfs_find_ns 1 121d 121d 102d bpf: sockhash, disallow bpf_tcp_close and update in parallel
WARNING in __snd_rawmidi_transmit_ack syz 2 125d 124d 102d ALSA: rawmidi: Change resized buffers atomically
KASAN: stack-out-of-bounds Read in rb_next (2) 1 122d 121d 102d bpf: sockhash, disallow bpf_tcp_close and update in parallel
general protection fault in scheduler_tick C 1 132d 131d 102d bpf: sockhash, disallow bpf_tcp_close and update in parallel
KASAN: stack-out-of-bounds Read in neigh_flush_dev 1 127d 125d 102d bpf: sockhash, disallow bpf_tcp_close and update in parallel
KASAN: stack-out-of-bounds Read in copy_page_range 1 121d 121d 102d bpf: sockhash, disallow bpf_tcp_close and update in parallel
KASAN: stack-out-of-bounds Read in __cgroup_account_cputime_field 1 121d 121d 102d bpf: sockhash, disallow bpf_tcp_close and update in parallel
KASAN: stack-out-of-bounds Read in debug_check_no_obj_freed (5) 4 117d 124d 102d bpf: sockhash, disallow bpf_tcp_close and update in parallel
KASAN: stack-out-of-bounds Read in unmap_page_range (3) 1 117d 117d 102d bpf: sockhash, disallow bpf_tcp_close and update in parallel
general protection fault in cpuacct_account_field (2) 1 119d 119d 102d bpf: sockhash, disallow bpf_tcp_close and update in parallel
KASAN: stack-out-of-bounds Read in lock_sock_nested 1 124d 124d 102d bpf: sockhash, disallow bpf_tcp_close and update in parallel
KASAN: stack-out-of-bounds Read in netlink_has_listeners 1 124d 124d 102d bpf: sockhash, disallow bpf_tcp_close and update in parallel
BUG: unable to handle kernel NULL pointer dereference in corrupted (2) C 1 122d 122d 102d bpf: sockhash, disallow bpf_tcp_close and update in parallel
KASAN: slab-out-of-bounds Read in corrupted C 1 122d 122d 102d bpf: sockhash, disallow bpf_tcp_close and update in parallel
general protection fault in cpuacct_charge 1 117d 116d 102d bpf: sockhash, disallow bpf_tcp_close and update in parallel
KASAN: stack-out-of-bounds Read in bpf_tcp_close C 1 122d 122d 102d bpf: sockhash, disallow bpf_tcp_close and update in parallel
KASAN: stack-out-of-bounds Read in update_blocked_averages 1 127d 127d 102d bpf: sockhash, disallow bpf_tcp_close and update in parallel
KMSAN: uninit-value in af_alg_free_areq_sgls C 640 116d 223d 102d crypto: af_alg - Initialize sg_num_bytes in error code path
WARNING in bpf_check 3 122d 128d 102d bpf: don't leave partial mangled prog in jit_subprogs error path
KASAN: stack-out-of-bounds Read in __enqueue_entity 1 126d 126d 102d bpf: sockhash, disallow bpf_tcp_close and update in parallel
KASAN: stack-out-of-bounds Read in account_system_index_time C 2 124d 131d 102d bpf: sockhash, disallow bpf_tcp_close and update in parallel
WARNING in sctp_assoc_update_frag_point 5 122d 144d 102d sctp: fix the issue that pathmtu may be set lower than MINSEGMENT
kernel BUG at mm/slab.c:LINE! (2) C 701 117d 131d 102d bpf: fix panic due to oob in bpf_prog_test_run_skb
KASAN: stack-out-of-bounds Read in __task_pid_nr_ns 1 130d 130d 102d bpf: sockhash, disallow bpf_tcp_close and update in parallel
KASAN: stack-out-of-bounds Read in locks_remove_posix C 1 119d 119d 102d bpf: sockhash, disallow bpf_tcp_close and update in parallel
KASAN: stack-out-of-bounds Read in get_mem_cgroup_from_mm 1 130d 130d 102d bpf: sockhash, disallow bpf_tcp_close and update in parallel
KASAN: stack-out-of-bounds Read in change_protection 1 124d 124d 102d bpf: sockhash, disallow bpf_tcp_close and update in parallel
WARNING in do_debug (2) 1 122d 122d 102d bpf: sockhash, disallow bpf_tcp_close and update in parallel
KASAN: stack-out-of-bounds Read in __delayacct_add_tsk 1 129d 129d 102d bpf: sockhash, disallow bpf_tcp_close and update in parallel
general protection fault in __sock_release 1 121d 121d 102d bpf: sockhash, disallow bpf_tcp_close and update in parallel
KASAN: stack-out-of-bounds Read in add_wait_queue C 1 131d 131d 102d bpf: sockhash, disallow bpf_tcp_close and update in parallel
KASAN: stack-out-of-bounds Read in ext4_symlink 1 125d 124d 102d bpf: sockhash, disallow bpf_tcp_close and update in parallel
INFO: rcu detected stall in vprintk_emit syz 2 138d 144d 102d net/nfc: Avoid stalls when nfc_alloc_send_skb() returned NULL.
WARNING: refcount bug in smc_tcp_listen_work 1 164d 164d 102d net/smc: reduce sock_put() for fallback sockets
WARNING in set_precision C 140 121d 162d 102d KEYS: DNS: fix parsing multiple options
BUG: unable to handle kernel paging request in cpuacct_charge syz 2 123d 123d 102d bpf: sockhash, disallow bpf_tcp_close and update in parallel
KASAN: stack-out-of-bounds Read in __acct_update_integrals 2 120d 127d 102d bpf: sockhash, disallow bpf_tcp_close and update in parallel
KASAN: use-after-free Read in ipv6_gso_pull_exthdrs C 5 120d 152d 102d nsh: set mac len based on inner packet
general protection fault in rb_next 1 123d 123d 102d bpf: sockhash, disallow bpf_tcp_close and update in parallel
KASAN: stack-out-of-bounds Write in __tlb_remove_page_size 1 118d 117d 102d bpf: sockhash, disallow bpf_tcp_close and update in parallel
KASAN: stack-out-of-bounds Read in timerqueue_add C 4 120d 136d 102d bpf: sockhash, disallow bpf_tcp_close and update in parallel
KASAN: stack-out-of-bounds Read in rb_insert_color (2) 1 126d 126d 102d bpf: sockhash, disallow bpf_tcp_close and update in parallel
KASAN: stack-out-of-bounds Read in __tlb_remove_page_size 1 119d 119d 102d bpf: sockhash, disallow bpf_tcp_close and update in parallel
KASAN: stack-out-of-bounds Read in enqueue_task_fair 1 122d 122d 102d bpf: sockhash, disallow bpf_tcp_close and update in parallel
BUG: unable to handle kernel paging request in account_system_index_time 1 120d 119d 102d bpf: sockhash, disallow bpf_tcp_close and update in parallel
KASAN: stack-out-of-bounds Read in find_inode_nowait 1 131d 131d 102d bpf: sockhash, disallow bpf_tcp_close and update in parallel
WARNING in iov_iter_revert C 74 121d 188d 102d tls: Stricter error checking in zerocopy sendmsg path
general protection fault in smc_ioctl (2) C 43 102d 125d 102d net/smc: take sock lock in smc_ioctl()
KASAN: stack-out-of-bounds Read in tlb_flush_mmu_free 2 128d 130d 102d bpf: sockhash, disallow bpf_tcp_close and update in parallel
general protection fault in do_tcp_getsockopt C 9 121d 133d 102d tcp: cleanup copied_seq and urg_data in tcp_disconnect
KASAN: use-after-free Read in bpf_test_finish C 1211 117d 131d 102d bpf: fix panic due to oob in bpf_prog_test_run_skb
KASAN: use-after-free Write in skb_release_data C 1903 176d 229d 102d packet: reset network header if packet shorter than ll reserved space
KASAN: stack-out-of-bounds Read in rcu_process_callbacks C 1 125d 125d 102d bpf: sockhash, disallow bpf_tcp_close and update in parallel
BUG: unable to handle kernel paging request in ttwu_do_activate 1 135d 135d 102d bpf: sockhash, disallow bpf_tcp_close and update in parallel
WARNING in smc_unhash_sk C 155731 105d 267d 102d net/smc: reduce sock_put() for fallback sockets
kernel BUG at net/packet/af_packet.c:LINE! (3) syz 5 252d 299d 111d packet: fix bitfield update race
KASAN: slab-out-of-bounds Read in getname_kernel C 8 126d 226d 116d autofs: fix slab out of bounds read in getname_kernel()
kernel BUG at mm/gup.c:LINE! syz 4 138d 136d 116d ["fs, elf: make sure to page align bss in load_elf_library" "mm: do not bug_on on incorrect length in __mm_populate()"]
KASAN: global-out-of-bounds Write in string C 7 171d 228d 116d reiserfs: fix buffer overflow with long warning messages
KASAN: use-after-free Read in l2tp_session_create 119 238d 305d 120d l2tp: fix races in tunnel creation
KMSAN: uninit-value in ip_tunnel_xmit C 2594 123d 210d 123d packet: in packet_snd start writing at link layer allocation
KMSAN: uninit-value in br_nf_forward_arp 1 169d 166d 123d packet: in packet_snd start writing at link layer allocation
KMSAN: kernel-infoleak in vcs_read C 531 152d 162d 127d vt: prevent leaking uninitialized data to userspace via /dev/vcs*
WARNING: suspicious RCU usage in fib6_info_alloc syz 2 213d 213d 131d net/ipv6: Fix gfp_flags arg to addrconf_prefix_route
WARNING in kernfs_add_one C 174 131d 196d 131d driver core: Don't ignore class_dir_create_and_add() failure.
INFO: rcu detected stall in unwind_next_frame 2 180d 183d 131d sctp: not allow transport timeout value less than HZ/5 for hb_timer
BUG: unable to handle kernel paging request in dput C 26 162d 165d 131d fix proc_fill_cache() in case of d_alloc_parallel() failure
general protection fault in fuse_ctl_remove_conn C 16 165d 204d 131d fuse: fix control dir setup and teardown
WARNING in bpf_int_jit_compile syz 11 139d 175d 131d bpf: reject any prog that failed read-only lock
possible deadlock in sock_hash_free C 45 172d 172d 131d bpf: sockhash fix omitted bucket lock in sock_close
possible deadlock in __might_fault (2) C 20 201d 204d 131d tcp: add TCP_ZEROCOPY_RECEIVE support for zerocopy receive
KMSAN: uninit-value in _copy_to_iter (2) C 226 162d 208d 131d vhost: fix info leak due to uninitialized memory
BUG: unable to handle kernel NULL pointer dereference in do_select 45 141d 141d 131d net: handle NULL ->poll gracefully
kernel BUG at fs/f2fs/inode.c:LINE! C 1 211d 210d 131d f2fs: avoid bug_on on corrupted inode
WARNING: ODEBUG bug in sock_hash_free 1 145d 144d 131d bpf: sockhash fix omitted bucket lock in sock_close
KASAN: slab-out-of-bounds Write in sha512_final C 21 143d 161d 131d dh key: fix rounding up KDF output length
KASAN: slab-out-of-bounds Write in rmd320_final C 44 143d 162d 131d dh key: fix rounding up KDF output length
INFO: rcu detected stall in kmem_cache_alloc_node_trace 1 219d 201d 131d sctp: not allow transport timeout value less than HZ/5 for hb_timer
KASAN: slab-out-of-bounds Read in bpf_csum_update C 2 169d 166d 131d bpf: reject passing modified ctx to helper functions
KMSAN: uninit-value in ip_vs_lblcr_check_expire 2050 131d 208d 131d ipvs: initialize tbl->entries after allocation
general protection fault in wb_workfn (2) 38 150d 175d 131d bdi: Fix another oops in wb_workfn()
INFO: rcu detected stall in is_bpf_text_address C 1 182d 182d 131d sctp: not allow transport timeout value less than HZ/5 for hb_timer
KASAN: use-after-free Read in __vfs_write syz 14 160d 163d 131d bpfilter: fix race in pipe access
general protection fault in pipe_write syz 1 162d 162d 131d bpfilter: fix race in pipe access
possible deadlock in tcp_mmap C 1908 201d 204d 131d tcp: add TCP_ZEROCOPY_RECEIVE support for zerocopy receive
KASAN: use-after-free Read in bpf_skb_change_proto 1 161d 160d 131d bpf: reject passing modified ctx to helper functions
KASAN: use-after-free Write in prb_fill_curr_block C 2 169d 169d 131d net/packet: refine check for priv area size
kernel BUG at fs/f2fs/node.c:LINE! C 1 210d 210d 131d ["f2fs: give message and set need_fsck given broken node id" "f2fs: give message and set need_fsck given broken node id"]
WARNING in skb_warn_bad_offload (2) C 6 203d 203d 131d udp: disable gso with no_check_tx
BUG: unable to handle kernel NULL pointer dereference in ep_item_poll C 15 141d 141d 131d net: handle NULL ->poll gracefully
WARNING in bpf_prog_select_runtime syz 45 155d 156d 131d bpf: reject any prog that failed read-only lock
KASAN: slab-out-of-bounds Read in bpf_skb_vlan_push syz 2 157d 157d 131d bpf: reject passing modified ctx to helper functions
WARNING: kernel stack regs has bad 'bp' value (3) C 7971 133d 288d 131d crypto: x86/salsa20 - remove x86 salsa20 implementations
general protection fault in __vfs_write syz 25 159d 163d 131d bpfilter: fix race in pipe access
INFO: task hung in n_tty_flush_buffer 6 139d 214d 131d n_tty: Access echo_* variables carefully.
KASAN: use-after-free Read in skb_ensure_writable C 4 160d 166d 131d bpf: reject passing modified ctx to helper functions
KASAN: use-after-free Read in build_segment_manager C 5 210d 211d 131d f2fs: sanity check for total valid node blocks
KASAN: use-after-free Read in bpf_tcp_close C 1748 136d 175d 131d bpf: sockhash fix omitted bucket lock in sock_close
KMSAN: uninit-value in nfqnl_recv_config (2) C 10 144d 159d 131d netfilter: nf_queue: augment nfqa_cfg_policy
KASAN: use-after-free Read in pipe_read C 3 161d 162d 131d bpfilter: fix race in pipe access
KASAN: slab-out-of-bounds Read in crypto_morus640_decrypt_chunk C 8 150d 157d 131d crypto: morus640 - Fix out-of-bounds access
WARNING in perf_trace_buf_alloc (2) C 22 271d 376d 131d bpf: remove tracepoints from bpf core
KASAN: use-after-free Read in finish_wait 8 160d 163d 131d bpfilter: fix race in pipe access
BUG: unable to handle kernel paging request in bpf_prog_select_runtime 1 147d 146d 131d bpf: undo prog rejection on read-only lock failure
WARNING: kmalloc bug in xdp_umem_create C 7 155d 160d 131d xsk: silence warning on memory allocation failure
KASAN: use-after-free Write in tls_push_record C 24 131d 176d 131d tls: fix use-after-free in tls_push_record
KASAN: use-after-free Read in fib6_table_lookup 1 153d 152d 131d net/ipv6: respect rcu grace period before freeing fib6_info
INFO: rcu detected stall in skb_free_head 4 169d 202d 131d sctp: not allow transport timeout value less than HZ/5 for hb_timer
KASAN: use-after-free Read in __kernel_write syz 7 160d 163d 131d bpfilter: fix race in pipe access
WARNING in ion_dma_buf_begin_cpu_access C 62 139d 160d 131d staging: android: ion: Return an ERR_PTR in ion_map_kernel
WARNING: lock held when returning to user space! (2) C 9 191d 192d 131d net/ipv6: fix lock imbalance in ip6_route_del()
INFO: rcu detected stall in corrupted syz 1 180d 180d 131d sctp: not allow transport timeout value less than HZ/5 for hb_timer
INFO: rcu detected stall in ip_route_output_key_hash 2 182d 185d 131d sctp: not allow transport timeout value less than HZ/5 for hb_timer
KMSAN: uninit-value in ebt_stp_mt_check (2) C 222 131d 163d 131d netfilter: x_tables: initialise match/target check parameter struct
kernel BUG at fs/f2fs/segment.c:LINE! syz 1 210d 210d 131d ["f2fs: sanity check for total valid node blocks" "f2fs: sanity check for total valid node blocks"]
BUG: unable to handle kernel NULL pointer dereference in corrupted C 5 162d 162d 131d smc: convert to ->poll_mask
KMSAN: uninit-value in eth_mac_addr 2 133d 166d 131d rtnetlink: validate attributes in do_setlink()
KASAN: slab-out-of-bounds Write in tgr192_final C 30 143d 161d 131d dh key: fix rounding up KDF output length
KASAN: slab-out-of-bounds Write in wp384_final C 27 143d 162d 131d dh key: fix rounding up KDF output length
INFO: rcu detected stall in dev_queue_xmit_nit 1 176d 176d 131d sctp: not allow transport timeout value less than HZ/5 for hb_timer
KASAN: slab-out-of-bounds Write in crypto_sha3_final C 68 143d 162d 131d dh key: fix rounding up KDF output length
KASAN: slab-out-of-bounds Read in bpf_skb_change_proto C 2 160d 160d 131d bpf: reject passing modified ctx to helper functions
BUG: unable to handle kernel paging request in build_segment_manager C 1 211d 211d 131d ["f2fs: sanity check on sit entry" "f2fs: sanity check on sit entry"]
KASAN: null-ptr-deref Write in simple_write_to_buffer C 5 171d 196d 131d PM / hibernate: Fix oops at snapshot_write()
INFO: rcu detected stall in sctp_packet_transmit 1 186d 185d 131d sctp: not allow transport timeout value less than HZ/5 for hb_timer
general protection fault in touch_atime syz 6 159d 163d 131d bpfilter: fix race in pipe access
WARNING: possible circular locking dependency detected (4) C 27 204d 211d 131d tcp: add TCP_ZEROCOPY_RECEIVE support for zerocopy receive
BUG: delta (-6195) <= 0 at net/dccp/ccids/ccid3.c:LINE/ccid3_hc_rx_send_feedback() 1 148d 148d 131d net: dccp: avoid crash in ccid3_hc_rx_send_feedback()
INFO: rcu detected stall in sctp_chunk_put 1 170d 169d 131d sctp: not allow transport timeout value less than HZ/5 for hb_timer
KASAN: slab-out-of-bounds Read in ip6_xmit (3) C 69 136d 179d 131d bpf: sockmap, fix crash when ipv6 sock is added
KASAN: slab-out-of-bounds Read in skb_ensure_writable C 9 157d 166d 131d bpf: reject passing modified ctx to helper functions
INFO: rcu detected stall in sctp_generate_heartbeat_event 2 183d 193d 131d sctp: not allow transport timeout value less than HZ/5 for hb_timer
KASAN: use-after-free Read in bpf_csum_update C 1 169d 166d 131d bpf: reject passing modified ctx to helper functions
BUG: soft lockup in do_raw_spin_unlock (2) 1 159d 159d 131d restore cond_resched() in shrink_dcache_parent()
BUG: unable to handle kernel paging request in bpf_int_jit_compile syz 2 143d 146d 131d bpf: undo prog rejection on read-only lock failure
general protection fault in __mnt_want_write 1 161d 160d 131d bpfilter: fix race in pipe access
KASAN: use-after-free Write in bpf_tcp_close C 67 138d 174d 131d bpf: sockhash fix omitted bucket lock in sock_close
general protection fault in bpf_tcp_close C 421 131d 175d 131d ["bpf: sockhash fix omitted bucket lock in sock_close" "bpf: sockmap, fix smap_list_map_remove when psock is in many maps"]
general protection fault in smc_ioctl C 5214 153d 182d 131d net/smc: return 0 for ioctl calls in states INIT and CLOSED
INFO: rcu detected stall in kfree_skbmem 4 170d 201d 131d sctp: not allow transport timeout value less than HZ/5 for hb_timer
INFO: task hung in tty_set_termios 1 232d 231d 131d n_tty: Access echo_* variables carefully.
bpf-next boot error: KASAN: use-after-free Write in call_usermodehelper_exec_work 3 163d 166d 131d umh: fix race condition
WARNING in do_dentry_open C 26 154d 162d 131d bpf: implement dummy fops for bpf objects
KASAN: slab-out-of-bounds Write in prb_fill_curr_block C 2 169d 169d 131d net/packet: refine check for priv area size
KASAN: slab-out-of-bounds Read in build_segment_manager C 1 211d 211d 131d f2fs: sanity check for total valid node blocks
KASAN: use-after-free Read in xfs_inobt_init_key_from_rec C 1 228d 228d 131d xfs: fix inobt magic number check
WARNING: refcount bug in __udp_gso_segment 2 190d 190d 131d udp: avoid refcount_t saturation in __udp_gso_segment()
INFO: task hung in namespace_unlock 15 135d 144d 131d n_tty: Access echo_* variables carefully.
KMSAN: uninit-value in rtnetlink_put_metrics syz 3 165d 166d 131d net: metrics: add proper netlink validation
KASAN: slab-out-of-bounds Read in bpf_skb_change_head C 2 157d 157d 131d bpf: reject passing modified ctx to helper functions
KASAN: slab-out-of-bounds Write in sha1_finup C 119 143d 163d 131d dh key: fix rounding up KDF output length
WARNING: kmalloc bug in map_get_next_key C 5 184d 185d 131d bpf: fix sock hashmap kmalloc warning
unexpected kernel reboot (2) C 2073 131d 221d 131d kvm: vmx: Nested VM-entry prereqs for event inj.
BUG: workqueue lockup (3) C 1215 135d 187d 131d restore cond_resched() in shrink_dcache_parent()
INFO: rcu detected stall in ipv6_addr_label 1 265d 265d 131d sctp: not allow transport timeout value less than HZ/5 for hb_timer
WARNING: kernel stack frame pointer has bad value C 1108 133d 212d 131d crypto: don't optimize keccakf()
KASAN: use-after-free Read in fuse_kill_sb_blk 4 181d 201d 131d fuse: don't keep dead fuse_conn at fuse_fill_super().
general protection fault in vfs_read syz 2 161d 163d 131d bpfilter: fix race in pipe access
KASAN: use-after-free Read in ip6_route_mpath_notify C 25 164d 169d 131d net/ipv6: prevent use after free in ip6_route_mpath_notify
BUG: unable to handle kernel NULL pointer dereference in do_sys_poll C 297 141d 141d 131d net: handle NULL ->poll gracefully
WARNING in ebt_do_table C 13 139d 164d 131d netfilter: ebtables: reject non-bridge targets
WARNING in sysfs_remove_group C 11125 132d 386d 131d loop: remember whether sysfs_create_group() was done
KASAN: null-ptr-deref Write in xdp_umem_unaccount_pages C 25 159d 163d 131d bpf, xdp: fix crash in xdp_umem_unaccount_pages
WARNING: kernel stack regs at (ptrval) in syzkaller has bad 'bp' value (ptrval) C 3 207d 208d 131d crypto: don't optimize keccakf()
KASAN: slab-out-of-bounds Write in tls_push_record 2 146d 160d 131d tls: fix use-after-free in tls_push_record
WARNING: suspicious RCU usage in rt6_remove_exception_rt syz 1761 206d 207d 131d net/ipv6: fix LOCKDEP issue in rt6_remove_exception_rt()
INFO: task hung in blk_queue_enter C 1595 131d 203d 131d block: don't use blocking queue entered for recursive bio submits
KASAN: use-after-free Read in skb_dequeue C 4 149d 149d 131d net/packet: fix use-after-free
KASAN: slab-out-of-bounds Write in sha1_final C 201 143d 163d 131d dh key: fix rounding up KDF output length
KASAN: use-after-free Read in corrupted C 2 185d 188d 131d fuse: don't keep dead fuse_conn at fuse_fill_super().
WARNING in ion_buffer_destroy C 7901 161d 311d 131d staging: android: ion: Switch to pr_warn_once in ion_buffer_destroy
KASAN: slab-out-of-bounds Write in tgr160_final C 55 143d 162d 131d dh key: fix rounding up KDF output length
KASAN: use-after-free Read in crypto_morus640_decrypt_chunk C 3 157d 157d 131d crypto: morus640 - Fix out-of-bounds access
WARNING: ODEBUG bug in del_timer (2) C 6 183d 185d 131d net/smc: init conn.tx_work & conn.send_lock sooner
INFO: task hung in jbd2_journal_stop 1 226d 226d 131d n_tty: Access echo_* variables carefully.
INFO: rcu detected stall in n_tty_receive_char_special C 3 203d 225d 131d n_tty: Fix stall at n_tty_receive_char_special().
net-next boot error: KASAN: use-after-free Write in call_usermodehelper_exec_work 8 162d 174d 131d umh: fix race condition
KMSAN: uninit-value in ip_vs_lblc_check_expire C 1431 131d 208d 131d ipvs: initialize tbl->entries in ip_vs_lblc_init_svc()
KASAN: null-ptr-deref Read in refcount_sub_and_test C 4 211d 212d 131d net/ipv6: Fix ip6_convert_metrics() bug
INFO: rcu detected stall in __ipv6_dev_get_saddr 1 171d 171d 131d sctp: not allow transport timeout value less than HZ/5 for hb_timer
WARNING: suspicious RCU usage in rt6_check_expired 4 208d 208d 131d net/ipv6: add rcu locking to ip6_negative_advice
INFO: rcu detected stall in blkdev_ioctl C 249 161d 336d 131d loop: add recursion validation to LOOP_CHANGE_FD
INFO: rcu detected stall in __save_stack_trace 3 131d 265d 131d sctp: not allow transport timeout value less than HZ/5 for hb_timer
INFO: task hung in commit_echoes 1 139d 135d 131d n_tty: Access echo_* variables carefully.
WARNING: kmalloc bug in memdup_user (3) C 137 184d 185d 131d bpf: fix sock hashmap kmalloc warning
KASAN: slab-out-of-bounds Write in sha512_finup C 25 144d 160d 131d dh key: fix rounding up KDF output length
INFO: rcu detected stall in d_walk C 25680 156d 219d 131d restore cond_resched() in shrink_dcache_parent()
KASAN: use-after-free Read in pipe_wait 2 159d 160d 131d bpfilter: fix race in pipe access
INFO: rcu detected stall in save_stack_trace C 1 181d 180d 131d sctp: not allow transport timeout value less than HZ/5 for hb_timer
INFO: rcu detected stall in __process_echoes C 326 139d 234d 131d n_tty: Access echo_* variables carefully.
INFO: task hung in blk_freeze_queue C 188 132d 283d 131d loop: add recursion validation to LOOP_CHANGE_FD
upstream boot error: KASAN: use-after-free Write in call_usermodehelper_exec_work 5 160d 162d 131d umh: fix race condition
possible deadlock in bpf_tcp_close C 152 172d 173d 131d bpf: sockhash fix omitted bucket lock in sock_close
WARNING in arch_uprobe_analyze_insn C 2 187d 187d 131d uprobes/x86: Remove incorrect WARN_ON() in uprobe_init_insn()
KASAN: use-after-free Read in rds_cong_queue_updates C 18168 136d 268d 131d ["rds: avoid unenecessary cong_update in loop transport" "rds: clean up loopback rds_connections on netns deletion"]
KASAN: use-after-free Read in iput C 2 214d 213d 132d tracing: Fix bad use of igrab in trace_uprobe.c
INFO: task hung in ucma_destroy_id C 46 213d 249d 135d RDMA/ucma: ucma_context reference leak in error path
BUG: corrupted list in tipc_nametbl_unsubscribe C 40 193d 253d 135d tipc: fix unbalanced reference counter
general protection fault in kernel_sock_shutdown C 3329 209d 267d 135d net/smc: fix shutdown in state SMC_LISTEN
INFO: trying to register non-static key in tun_do_read C 28 187d 193d 152d tuntap: fix use after free during release
KASAN: use-after-free Read in iptunnel_handle_offloads C 133 177d 223d 152d packet: fix reserve calculation
WARNING: suspicious RCU usage in rds_loop_conn_alloc C 34303 270d 278d 158d rds: do not call ->conn_alloc with GFP_KERNEL
WARNING in kcm_exit_net (3) syz 5 170d 170d 163d kcm: Fix use-after-free caused by clonned sockets
BUG: unable to handle kernel paging request in nla_strlcpy 1 171d 171d 163d netfilter: provide correct argument to nla_strlcpy()
KASAN: use-after-free Read in nla_strlcpy C 59 167d 180d 163d netfilter: provide correct argument to nla_strlcpy()
KASAN: slab-out-of-bounds Read in nla_strlcpy C 34 167d 180d 163d netfilter: provide correct argument to nla_strlcpy()
KASAN: use-after-free Read in __dev_queue_xmit (2) C 2 181d 181d 163d packet: in packet_snd start writing at link layer allocation
general protection fault in mr_mfc_find_parent 2 175d 181d 163d ipmr: properly check rhltable_init() return value
KASAN: use-after-free Read in __sk_free 1 184d 184d 163d sock_diag: fix use-after-free read in __sk_free
KASAN: use-after-free Read in timer_is_static_object 1 184d 184d 163d dccp: don't free ccid2_hc_tx_sock struct in dccp_disconnect()
kernel BUG at lib/string.c:LINE! (4) C 2 185d 185d 163d ipvs: fix buffer overflow with sync daemon and service
KASAN: use-after-free Read in sock_recv_errqueue 1 186d 186d 163d packet: in packet_snd start writing at link layer allocation
general protection fault in shmem_unused_huge_count 8 185d 187d 163d fs: don't scan the inode cache before SB_BORN is set
general protection fault in kernfs_kill_sb (2) C 22 177d 189d 163d kernfs: deal with kernfs_fill_super() failures
BUG: soft lockup in _decode_session6 C 1 189d 189d 163d xfrm6: avoid potential infinite loop in _decode_session6()
BUG: spinlock bad magic in tun_do_read syz 1 193d 193d 163d tun: fix use after free for ptr_ring
kernel BUG at include/linux/mm.h:LINE! syz 68 163d 200d 163d x86/kexec: Avoid double free_page() upon do_kexec_load() failure
WARNING in __mutex_unlock_slowpath C 2 199d 202d 163d idr: fix invalid ptr dereference on item delete
general protection fault in __radix_tree_delete C 38 175d 202d 163d idr: fix invalid ptr dereference on item delete
KASAN: stack-out-of-bounds Write in compat_copy_entries syz 10 168d 206d 163d netfilter: ebtables: handle string from userspace with care
KMSAN: uninit-value in ebt_stp_mt_check C 211 163d 208d 163d netfilter: bridge: stp fix reference to uninitialized data
WARNING: ODEBUG bug in hfsplus_fill_super C 1 231d 231d 163d hfsplus: stop workqueue when fill_super() failed
KASAN: use-after-free Read in radix_tree_next_chunk C 2749 179d 231d 163d fs: don't scan the inode cache before SB_BORN is set
KASAN: use-after-free Read in skb_copy_datagram_iter C 7 199d 236d 163d packet: in packet_snd start writing at link layer allocation
BUG: unable to handle kernel paging request in smc_ib_remember_port_attr C 112 180d 236d 163d net/smc: check for missing nlattrs in SMC_PNETID messages
KASAN: use-after-free Read in copyout C 11 180d 237d 163d packet: in packet_snd start writing at link layer allocation
KASAN: use-after-free Read in remove_wait_queue (2) C 4 252d 262d 163d ppp: remove the PPPIOCDETACH ioctl
kernel BUG at net/ipv4/tcp_output.c:LINE! (2) syz 23 194d 300d 163d tcp: purge write queue in tcp_connect_init()
WARNING in dev_vprintk_emit C 77 177d 304d 163d cfg80211: further limit wiphy names to 64 bytes
KASAN: slab-out-of-bounds Read in __ext4_check_dir_entry C 18 230d 231d 172d ext4: force revalidation of directory pointer after seekdir(2)
general protection fault in gfn_to_rmap syz 7 272d 382d 184d KVM: x86: fix vcpu initialization with userspace lapic
KMSAN: uninit-value in move_addr_to_user (2) C 44 185d 192d 184d tipc: fix one byte leak in tipc_sk_set_orig_addr()
KASAN: use-after-free Read in sctp_do_sm 2 193d 193d 184d sctp: remove sctp_chunk_put from fail_mark err path in sctp_ulpevent_make_rcvmsg
BUG: bad usercopy in __check_object_size 1 194d 194d 184d llc: better deal with too small mtu
KASAN: use-after-free Read in tls_sk_proto_close (2) C 297 189d 196d 184d tls: fix use after free in tls_sk_proto_close
KMSAN: uninit-value in strcmp C 3 196d 198d 184d tipc: eliminate KMSAN uninit-value in strcmp complaint
WARNING in __snd_pcm_lib_xfer syz 6 197d 199d 184d ALSA: pcm: Check PCM state at xfern compat ioctl
BUG: MAX_LOCK_DEPTH too low! 1 200d 200d 184d nsh: fix infinite loop
KASAN: use-after-free Read in perf_trace_rpc_stats_latency 1 201d 201d 184d sunrpc: Fix latency trace point crashes
KASAN: use-after-free Read in debugfs_remove (2) 1 210d 208d 184d bdi: Fix use after free bug in debugfs_remove()
general protection fault in wb_workfn 63 185d 212d 184d bdi: Fix oops in wb_workfn()
INFO: task hung in __do_page_fault 1 216d 215d 184d bdi: wake up concurrent wb_shutdown() callers.
INFO: task hung in do_vfs_ioctl 2 199d 217d 184d bdi: wake up concurrent wb_shutdown() callers.
INFO: task hung in get_timespec64 1 219d 219d 184d bdi: wake up concurrent wb_shutdown() callers.
INFO: task hung in handle_userfault 3 198d 221d 184d bdi: wake up concurrent wb_shutdown() callers.
INFO: task hung in sock_sendmsg 1 222d 221d 184d bdi: wake up concurrent wb_shutdown() callers.
INFO: task hung in do_set_master 1 225d 225d 184d bdi: wake up concurrent wb_shutdown() callers.
WARNING in add_uevent_var C 5 229d 229d 184d cfg80211: limit wiphy names to 128 bytes
INFO: task hung in wb_shutdown (2) 5064 196d 230d 184d bdi: wake up concurrent wb_shutdown() callers.
WARNING in xfrm6_tunnel_net_exit syz 14002 187d 317d 184d xfrm: Fix warning in xfrm6_tunnel_net_exit.
KASAN: slab-out-of-bounds Read in pfkey_add C 835 190d 336d 184d af_key: Always verify length of provided sadb_key
KMSAN: uninit-value in __sctp_v6_cmp_addr C 1109 185d 186d 185d sctp: handle two v4 addrs comparison in sctp_inet6_cmp_addr
BUG: unable to handle kernel NULL pointer dereference in smc_getsockopt C 9 185d 191d 185d net/smc: keep clcsock reference in smc_tcp_listen_work()
kernel BUG at kernel/softirq.c:LINE! 1 198d 198d 185d dccp: fix tasklet usage
KMSAN: uninit-value in put_cmsg C 2 199d 199d 185d rds: do not leak kernel memory to user land
WARNING: ODEBUG bug in del_timer C 200 185d 202d 185d net/smc: restrict non-blocking connect finish
KMSAN: uninit-value in rt6_multipath_hash C 3 186d 203d 185d ipv6: fix uninit-value in ip6_multipath_l3_keys()
general protection fault in smc_set_keepalive C 6 201d 206d 185d net/smc: keep clcsock reference in smc_tcp_listen_work()
KASAN: slab-out-of-bounds Read in __sctp_v6_cmp_addr C 3202 196d 208d 185d sctp: handle two v4 addrs comparison in sctp_inet6_cmp_addr
WARNING: kobject bug in br_add_if 41 193d 220d 185d ["bridge: check iface upper dev when setting master via ioctl" "kobject: don't use WARN for registration failures"]
WARNING in tracepoint_probe_unregister (2) 120 194d 249d 185d tracepoint: Do not warn on ENOMEM
WARNING in tracepoint_probe_register_prio (2) C 849 185d 249d 185d tracepoint: Do not warn on ENOMEM
general protection fault in smc_getsockopt C 577 197d 257d 185d net/smc: keep clcsock reference in smc_tcp_listen_work()
general protection fault in smc_setsockopt C 504 197d 261d 185d net/smc: keep clcsock reference in smc_tcp_listen_work()
general protection fault in smc_getname C 44 197d 261d 185d net/smc: keep clcsock reference in smc_tcp_listen_work()
WARNING in tcp_sacktag_write_queue C 8 201d 273d 185d tcp: fix TCP_REPAIR_QUEUE bound checking
WARNING in tcp_mark_head_lost C 18 194d 276d 185d net-backports: tcp: ignore Fast Open on repair mode
WARNING: kmalloc bug in memdup_user (2) 1 236d 236d 187d RDMA/ucma: Correct option size check using optlen
WARNING: suspicious RCU usage in tipc_bearer_find C 21 281d 281d 187d tipc: Fix missing RTNL lock protection during setting link properties
KASAN: slab-out-of-bounds Read in clusterip_tg_check C 22 286d 293d 187d netfilter: ipt_CLUSTERIP: fix out-of-bounds accesses in clusterip_tg_check()
general protection fault in account_system_index_time C 2 235d 234d 187d net: Fix untag for vlan packets without ethernet header
general protection fault in rdma_addr_size C 2 245d 239d 187d RDMA/ucma: Ensure that CM_ID exists prior to access it
INFO: trying to register non-static key in del_timer_sync C 89 266d 293d 187d netfilter: x_tables: fix missing timer initialization in xt_LED
BUG: unable to handle kernel paging request in memset_erms (2) C 11 286d 302d 187d ALSA: pcm: Avoid potential races between OSS ioctls and read/write
BUG: unable to handle kernel paging request in cgroup_mt_destroy_v1 C 3 290d 289d 188d netfilter: xt_cgroup: initialize info->priv in cgroup_mt_check_v1()
KASAN: null-ptr-deref Write in linear_transfer C 116 233d 316d 188d ALSA: pcm: Avoid potential races between OSS ioctls and read/write
KASAN: use-after-free Write in xt_rateest_put C 7 291d 292d 188d netfilter: xt_RATEEST: acquire xt_rateest_mutex for hash insert
BUG: workqueue lockup (2) C 406 191d 349d 188d n_tty: fix EXTPROC vs ICANON interaction with TIOCINQ (aka FIONREAD)
WARNING: bad unlock balance in xfs_iunlock C 1 229d 228d 192d xfs: don't iunlock the quota ip when quota block
KASAN: out-of-bounds Read in ip6_xmit 2 251d 293d 192d l2tp: fix races with ipv4-mapped ipv6 addresses
KASAN: use-after-free Read in work_is_static_object 3 298d 313d 192d kcm: lock lower socket in kcm_attach
KASAN: use-after-free Read in ip6_xmit C 5174 239d 317d 192d tls: Use correct sk->sk_prot for IPV6
KASAN: use-after-free Read in __dev_queue_xmit C 10 199d 317d 192d flow_dissector: properly cap thoff field
KMSAN: uninit-value in strlcpy C 2 195d 195d 193d vti6: better validate user provided tunnel names
inconsistent lock state in fs_reclaim_acquire C 36235 193d 204d 193d random: fix possible sleeping allocation from irq context
KMSAN: uninit-value in pppoe_connect 47 193d 208d 193d pppoe: check sockaddr length in pppoe_connect()
KMSAN: uninit-value in pppol2tp_connect C 13 193d 208d 193d l2tp: check sockaddr length in pppol2tp_connect()
WARNING in __might_sleep 6 205d 208d 193d random: fix possible sleeping allocation from irq context
WARNING: suspicious RCU usage in crng_reseed 39 194d 208d 193d random: fix possible sleeping allocation from irq context
WARNING: inconsistent lock state C 22 204d 208d 193d random: fix possible sleeping allocation from irq context
WARNING: HARDIRQ-safe -> HARDIRQ-unsafe lock order detected C 2126 194d 208d 193d random: fix possible sleeping allocation from irq context
KASAN: null-ptr-deref Read in refcount_inc_not_zero C 2352 207d 208d 193d llc: fix NULL pointer deref for SOCK_ZAPPED
KMSAN: uninit-value in fib6_new_table C 3 209d 210d 193d ipv6: add RTA_TABLE and RTA_PREFSRC to rtm_ipv6_policy
general protection fault in snd_rawmidi_ioctl_compat 1 220d 212d 193d ALSA: rawmidi: Fix missing input substream checks in compat ioctls
KASAN: use-after-free Read in llc_conn_tmr_common_cb 1 214d 212d 193d llc: delete timers synchronously in llc_sk_free()
KASAN: use-after-free Read in llc_conn_ac_send_sabme_cmd_p_set_x 1 216d 215d 193d llc: hold llc_sap before release_sock()
KASAN: use-after-free Read in tipc_nametbl_stop C 12 211d 215d 193d tipc: fix use-after-free in tipc_nametbl_stop
general protection fault in __tipc_nl_net_set syz 4 215d 215d 193d tipc: fix possible crash in __tipc_nl_net_set()
KMSAN: uninit-value in packet_set_ring C 6 199d 216d 193d net: af_packet: fix race in PACKET_{R|T}X_RING
KASAN: slab-out-of-bounds Write in perf_callchain_user syz 2 219d 219d 193d perf: Fix sample_max_stack maximum check
KMSAN: uninit-value in netif_skb_features C 119 193d 219d 193d vlan: Fix reading memory beyond skb->tail in skb_vlan_tagged_multi
BUG: corrupted list in team_nl_cmd_options_set C 2 216d 220d 193d team: avoid adding twice the same option to the event list
BUG: unable to handle kernel paging request in snd_pcm_format_set_silence syz 11 193d 220d 193d ALSA: pcm: Avoid potential races between OSS ioctls and read/write
KMSAN: uninit-value in neigh_dump_info C 6 205d 220d 193d net: validate attribute sizes in neigh_dump_table()
KASAN: use-after-free Read in tipc_sub_unsubscribe (2) C 5 213d 220d 193d tipc: fix unbalanced reference counter
KASAN: stack-out-of-bounds Read in __free_filter C 41 211d 220d 193d tracing: Enforce passing in filter=NULL to create_filter()
KMSAN: uninit-value in tcp_parse_options C 38 194d 220d 193d tcp: md5: reject TCP_MD5SIG or TCP_MD5SIG_EXT on established sockets
KASAN: stack-out-of-bounds Write in ip6_tnl_locate 4 219d 221d 193d ip6_tunnel: better validate user provided tunnel names
KASAN: null-ptr-deref Read in xattr_getsecurity 68 209d 221d 193d commoncap: Handle memory allocation failure.
KMSAN: uninit-value in inet_getpeer C 54 193d 222d 193d inetpeer: fix uninit-value in inet_getpeer
KMSAN: uninit-value in sctp_sendmsg syz 27 193d 223d 193d sctp: sctp_sockaddr_af must check minimal addr length for AF_INET6
KMSAN: uninit-value in sctp_do_bind C 31 193d 223d 193d sctp: sctp_sockaddr_af must check minimal addr length for AF_INET6
KMSAN: uninit-value in tipc_node_get_mtu C 139 193d 224d 193d tipc: fix missing initializer in tipc_sendmsg()
KMSAN: uninit-value in __skb_try_recv_from_queue C 108 193d 224d 193d net: initialize skb->peeked when cloning
KMSAN: uninit-value in inet6_rtm_delroute C 9 212d 224d 193d net: fix rtnh_ok()
KMSAN: uninit-value in memcmp C 30 195d 224d 193d net: fix uninit-value in __hw_addr_add_ex()
KMSAN: uninit-value in inet_csk_bind_conflict C 446 193d 224d 193d soreuseport: initialise timewait reuseport field
KMSAN: uninit-value in move_addr_to_user C 74 193d 224d 193d sctp: do not leak kernel memory to user space
KMSAN: uninit-value in ip_route_output_key_hash_rcu 179 193d 224d 193d ipv4: fix uninit-value in ip_route_output_key_hash_rcu()
KMSAN: uninit-value in fib_create_info C 19 218d 224d 193d net: fix rtnh_ok()
KMSAN: uninit-value in alg_bind C 1950 193d 224d 193d crypto: af_alg - fix possible uninit-value in alg_bind()
KMSAN: uninit-value in netlink_sendmsg C 2493 193d 224d 193d netlink: fix uninit-value in netlink_sendmsg
KMSAN: uninit-value in iptable_mangle_hook C 1134 193d 224d 193d dccp: initialize ireq->ir_mark
KMSAN: uninit-value in ip6table_mangle_hook C 601 193d 224d 193d dccp: initialize ireq->ir_mark
kernel BUG at drivers/vhost/vhost.c:LINE! (2) C 139 194d 225d 193d vhost: fix vhost_vq_access_ok() log check
WARNING in kmem_cache_free 1 225d 225d 193d crypto: drbg - set freed buffers to NULL
WARNING: lock held when returning to user space! C 40 210d 225d 193d loop: fix LOOP_GET_STATUS lock imbalance
INFO: rcu detected stall in io_playback_transfer 9 220d 225d 193d ALSA: pcm: Fix endless loop for XRUN recovery in OSS emulation
INFO: rcu detected stall in __snd_pcm_lib_xfer (2) C 1064 220d 225d 193d ALSA: pcm: Fix endless loop for XRUN recovery in OSS emulation
WARNING in snd_pcm_hw_params C 56 220d 225d 193d ALSA: pcm: Remove WARN_ON() at snd_pcm_hw_params() error
KASAN: stack-out-of-bounds Write in ipip6_tunnel_locate C 33 218d 226d 193d ipv6: sit: better validate user provided tunnel names
KASAN: stack-out-of-bounds Write in __ip_tunnel_create C 29 220d 226d 193d ip_tunnel: better validate user provided tunnel names
KASAN: stack-out-of-bounds Write in ip6gre_tunnel_locate C 923 218d 226d 193d ip6_gre: better validate user provided tunnel names
KASAN: use-after-free Read in binder_release_work C 6 206d 227d 193d ANDROID: binder: prevent transactions into own process.
general protection fault in ucma_set_ib_path (2) C 6 220d 228d 193d RDMA/ucma: Don't allow setting RDMA_OPTION_IB_PATH without an RDMA device
KASAN: use-after-free Write in dst_release C 832 219d 229d 193d pptp: remove a buggy dst release in pptp_connect()
WARNING in ext4_superblock_csum_set C 1 229d 229d 193d ext4: always initialize the crc32c checksum driver
INFO: rcu detected stall in bitmap_parselist 8 201d 230d 193d lib: fix stall in __bitmap_parselist()
kernel BUG at fs/ext4/extents.c:LINE! C 1 230d 230d 193d ext4: prevent right-shifting extents beyond EXT_MAX_BLOCKS
general protection fault in kernfs_kill_sb C 29 193d 230d 193d mm,vmscan: Allow preallocating memory for register_shrinker().
KASAN: use-after-free Read in alloc_pid C 7 221d 230d 193d mm,vmscan: Allow preallocating memory for register_shrinker().
kernel BUG at drivers/tty/tty_ldisc.c:LINE! 6 214d 230d 193d ["tty: Avoid possible error pointer dereference at tty_ldisc_restore()." "tty: Use __GFP_NOFAIL for tty_ldisc_get()"]
BUG: corrupted list in __dentry_kill C 35 211d 230d 193d rpc_pipefs: fix double-dput()
general protection fault in __list_del_entry_valid (3) C 40 231d 230d 193d tipc: Fix missing list initializations in struct tipc_subscription
WARNING: refcount bug in nfs_alloc_client 2 230d 231d 193d mm,vmscan: Allow preallocating memory for register_shrinker().
WARNING: kobject bug in gfs2_sys_fs_add C 49 204d 231d 193d kobject: don't use WARN for registration failures
WARNING: refcount bug in put_pid_ns syz 6 231d 231d 193d mm,vmscan: Allow preallocating memory for register_shrinker().
WARNING in format_decode C 1 231d 231d 193d fs/reiserfs/journal.c: add missing resierfs_warning() arg
general protection fault in __mem_cgroup_free C 22 219d 231d 193d memcg: fix per_node_info cleanup
WARNING in kill_block_super C 51 214d 232d 193d mm,vmscan: Allow preallocating memory for register_shrinker().
KASAN: use-after-free Read in snd_pcm_timer_resolution C 3 233d 232d 193d ALSA: pcm: Fix UAF at PCM release via PCM timer access
possible deadlock in perf_event_detach_bpf_prog 1 233d 233d 193d bpf/tracing: fix a deadlock in perf_event_detach_bpf_prog
WARNING: kobject bug in device_add C 563 193d 233d 193d kobject: don't use WARN for registration failures
INFO: task hung in stop_sync_thread (2) C 9 216d 233d 193d ipvs: fix rtnl_lock lockups caused by start_sync_thread
possible deadlock in rtnl_lock (5) C 1009 206d 235d 193d ipvs: fix rtnl_lock lockups caused by start_sync_thread
general protection fault in tipc_sk_fill_sock_diag C 180 218d 236d 193d ["tipc: Fix namespace violation in tipc_sk_fill_sock_diag" "tipc: use the right skb in tipc_sk_fill_sock_diag()"]
WARNING in __debug_object_init C 192 226d 236d 193d alarmtimer: Init nanosleep alarm timer on stack
KASAN: use-after-free Read in pppol2tp_connect (3) C 22 219d 237d 193d l2tp: fix races in tunnel creation
WARNING in __local_bh_enable_ip (2) 23 237d 248d 193d rds: tcp: must use spin_lock_irq* and not spin_lock_bh with rds_tcp_conn_lock
BUG: corrupted list in sctp_association_free 1 253d 249d 193d sctp: fix error return code in sctp_sendmsg_new_asoc()
KASAN: use-after-free Read in sctp_association_free (2) C 2 253d 253d 193d sctp: Fix double free in sctp_sendmsg_to_asoc
WARNING: kobject bug in netdev_queue_update_kobjects C 27 195d 257d 193d kobject: don't use WARN for registration failures
WARNING: refcount bug in free_nsproxy 4 232d 257d 193d mm,vmscan: Allow preallocating memory for register_shrinker().
KASAN: use-after-free Read in mac80211_hwsim_del_radio 11 232d 261d 193d mac80211_hwsim: fix use-after-free bug in hwsim_exit_net
WARNING: refcount bug in should_fail C 3 232d 263d 193d mm,vmscan: Allow preallocating memory for register_shrinker().
general protection fault in rds_sendmsg C 2 268d 268d 193d rds: rds_msg_zcopy should return error of null rm->data.op_mmp_znotifier
general protection fault in tipc_conn_close C 3 271d 271d 193d tipc: fix bug on error path in tipc_topsrv_kern_subscr()
BUG: sleeping function called from invalid context at net/core/sock.c:LINE (3) C 234 270d 273d 193d tipc: don't call sock_release() in atomic context
WARNING in strp_done C 2336 227d 276d 193d kcm: Call strp_stop before strp_done in kcm_attach
general protection fault in loopback_pos_update C 4 301d 299d 193d ALSA: pcm: Avoid potential races between OSS ioctls and read/write
INFO: task hung in __blkdev_get C 662 217d 343d 193d block/loop: fix deadlock after loop_set_status
kernel panic: n_tty: init_tty C 141 193d 377d 193d tty: Don't call panic() at tty_ldisc_init()
WARNING in tty_set_ldisc syz 177 201d 377d 193d tty: Avoid possible error pointer dereference at tty_ldisc_restore().
KASAN: use-after-free Read in shm_get_unmapped_area 19 289d 380d 193d ipc/shm: fix use-after-free of shm file via remap_file_pages()
possible deadlock in smc_close_non_accepted C 4 260d 260d 196d net/smc: simplify wait when closing listen socket
BUG: unable to handle kernel paging request in compat_copy_entries syz 5 259d 257d 207d netfilter: ebtables: CONFIG_COMPAT: don't trust userland offsets
KASAN: slab-out-of-bounds Write in tcp_v6_syn_recv_sock C 1063 301d 318d 207d net/tls: Only attach to sockets in ESTABLISHED state
possible deadlock in ftrace_profile_set_filter (2) C 1007 289d 349d 207d perf/core: Fix another perf,trace,cpuhp lock inversion
KASAN: use-after-free Read in perf_trace_lock_acquire (2) C 188 288d 360d 207d vhost_net: stop device during reset owner
possible deadlock in perf_trace_destroy (2) C 2006 289d 375d 207d perf/core: Fix lock inversion between perf,trace,cpuhp
possible deadlock in __neigh_create 1 230d 230d 221d ipv6: fix possible deadlock in rt6_age_examine_exception()
WARNING in binder_send_failed_reply C 206 267d 351d 222d ANDROID: binder: remove WARN() for redundant txn error
WARNING in skb_warn_bad_offload C 6527 257d 381d 222d net: avoid skb_warn_bad_offload on IS_ERR
KASAN: use-after-free Read in disk_unblock_events C 65 277d 383d 222d genhd: Fix use after free in __blkdev_get()
general protection fault in try_to_wake_up syz 1 237d 233d 225d vlan: Fix vlan insertion for packets without ethernet header
kernel BUG at lib/string.c:LINE! (3) C 5 233d 234d 225d RDMA/ucma: Introduce safer rdma_addr_size() variants
BUG: unable to handle kernel (2) syz 1 235d 235d 225d vlan: Fix vlan insertion for packets without ethernet header
general protection fault in timerqueue_add C 2 235d 235d 225d vlan: Fix vlan insertion for packets without ethernet header
BUG: unable to handle kernel paging request in __memmove 1 235d 235d 225d vlan: Fix vlan insertion for packets without ethernet header
BUG: unable to handle kernel paging request in netdev_queue_update_kobjects syz 1 235d 235d 225d vlan: Fix vlan insertion for packets without ethernet header
general protection fault in qlist_move_cache 1 235d 235d 225d vlan: Fix vlan insertion for packets without ethernet header
possible deadlock in handle_rx C 4 237d 236d 225d vhost_net: add missing lock nesting notation
general protection fault in rdma_notify C 3 241d 239d 225d RDMA/ucma: Check that device exists prior to accessing it
general protection fault in rdma_init_qp_attr (2) C 753 232d 239d 225d RDMA/ucma: Check that device is connected prior to access it
kernel BUG at ./include/linux/skbuff.h:LINE! (2) C 5 262d 239d 225d ipv6: the entire IPv6 header chain must fit the first fragment
possible deadlock in __ipv6_dev_mc_dec 1 240d 240d 225d ipv6: fix possible deadlock in rt6_age_examine_exception()
BUG: corrupted list in remove_wait_queue C 5 238d 241d 225d vhost: correctly remove wait queue during poll failure
kernel BUG at drivers/vhost/vhost.c:LINE! C 152 225d 243d 225d vhost: validate log when IOTLB is enabled
WARNING in xt_cluster_mt C 4 263d 263d 225d netfilter: drop template ct when conntrack is skipped.
general protection fault in native_write_cr4 C 132300 228d 332d 225d KVM: nVMX: fix guest CR4 loading when emulating L2 to L1 exit
KASAN: use-after-free Read in worker_thread (2) syz 6 365d 374d 225d kcm: Only allow TCP sockets to be attached to a KCM mux
general protection fault in ucma_connect C 2 246d 245d 239d RDMA/ucma: Ensure that CM_ID exists prior to access it
WARNING in kmalloc_slab (4) 1 250d 249d 239d xfrm_user: uncoditionally validate esn replay attribute struct
kernel BUG at lib/string.c:LINE! (2) syz 2 249d 249d 239d RDMA/ucma: Don't allow join attempts for unsupported AF family
KASAN: null-ptr-deref Write in rdma_resolve_addr C 66 242d 252d 239d RDMA/ucma: Check AF family prior resolving address
WARNING in __proc_create C 12 259d 253d 239d netfilter: x_tables: add and use xt_check_proc_name
KASAN: use-after-free Read in snd_pcm_oss_get_formats C 3 253d 253d 239d ALSA: pcm: Fix UAF in snd_pcm_oss_get_formats()
KASAN: use-after-free Read in pppol2tp_connect (2) C 10 239d 255d 239d l2tp: do not accept arbitrary sockets
BUG: unable to handle kernel paging request in ebt_among_mt_check (2) C 946 239d 255d 239d netfilter: bridge: ebt_among: add more missing match size checks
general protection fault in rdma_init_qp_attr C 2096 239d 255d 239d RDMA/ucma: Check that user doesn't overflow QP state
general protection fault in rdma_join_multicast C 258 241d 255d 239d RDMA/ucma: Fix access to non-initialized CM_ID object
KASAN: use-after-free Read in ucma_close C 176 241d 255d 239d RDMA/ucma: Fix use-after-free access in ucma_close
KASAN: slab-out-of-bounds Read in ip6_xmit (2) C 259 242d 255d 239d l2tp: fix races with ipv4-mapped ipv6 addresses
WARNING: kmalloc bug in memdup_user C 441 239d 255d 239d RDMA/ucma: Limit possible option size
KASAN: slab-out-of-bounds Write in setup_udp_tunnel_sock C 4 256d 256d 239d l2tp: do not accept arbitrary sockets
general protection fault in lowpan_device_event C 79 240d 257d 239d ieee802154: 6lowpan: fix possible NULL deref in lowpan_device_event()
possible deadlock in __might_fault C 8978 248d 263d 239d staging: android: ashmem: Fix possible deadlock in ashmem_ioctl
INFO: rcu detected stall in xfrm_confirm_neigh 7 254d 278d 239d xfrm: Fix infinite loop in xfrm_get_dst_nexthop with transport mode.
WARNING: kmalloc bug in xfrm_add_sa C 109 239d 278d 239d xfrm_user: uncoditionally validate esn replay attribute struct
possible deadlock in get_user_pages_unlocked C 5 265d 288d 239d mm/gup.c: teach get_user_pages_unlocked to handle FOLL_NOWAIT
KASAN: stack-out-of-bounds Read in xfrm_state_find (4) C 102 239d 290d 239d xfrm: Refuse to insert 32 bit userspace socket policies on 64 bit systems
general protection fault in dccp_write_xmit C 5 256d 292d 239d dccp: check sk for closed state in dccp_sendmsg()
kernel panic: Out of memory and no killable processes... (2) C 1 293d 293d 239d netfilter: x_tables: make allocation less aggressive
WARNING in __xlate_proc_name C 11 257d 293d 239d netfilter: x_tables: add and use xt_check_proc_name
KASAN: use-after-free Read in pfifo_fast_enqueue C 20 240d 305d 239d net: sched: fix uses after free
possible deadlock in shmem_file_llseek C 4432 248d 311d 239d staging: android: ashmem: Fix lockdep issue during llseek
WARNING in ata_bmdma_qc_issue C 1 462d 382d 239d libata: don't try to pass through NCQ commands to non-NCQ devices
BUG: unable to handle kernel paging request in ata_bmdma_qc_prep C 13 374d 382d 239d libata: fix length validation of ATAPI-relayed SCSI commands
WARNING in ata_qc_issue C 35 368d 386d 239d libata: remove WARN() for DMA or PIO command without data
KASAN: use-after-free Read in get_work_pool syz 8 364d 387d 239d kcm: lock lower socket in kcm_attach
WARNING in kvm_arch_vcpu_ioctl_run (2) C 61018 292d 381d 249d KVM: VMX: Fix rflags cache during vCPU reset
WARNING in tracepoint_probe_unregister C 115 250d 377d 250d blktrace: fix unlocked registration of tracepoints
kernel BUG at arch/x86/kvm/x86.c:LINE! syz 20 353d 386d 250d KVM: x86: Exit to user-mode on #UD intercept when emulator requires
WARNING in tracepoint_probe_register_prio C 830 251d 386d 250d blktrace: fix unlocked registration of tracepoints
KASAN: use-after-free Read in strp_data_ready C 204 296d 389d 250d kcm: Only allow TCP sockets to be attached to a KCM mux
WARNING in refcount_sub_and_test C 75150 288d 389d 250d sctp: reset owner sk for data chunks on out queues when migrating a sock
general protection fault in hrtimer_active (2) C 10612 258d 263d 256d KVM: x86: fix vcpu initialization with userspace lapic
general protection fault in smc_create C 2 264d 264d 256d net/smc: fix NULL pointer dereference on sock_create_kern() error path
KASAN: slab-out-of-bounds Read in ip6_route_me_harder C 66 257d 265d 256d netfilter: use skb_to_full_sk in ip6_route_me_harder
KASAN: use-after-free Read in ip6_route_me_harder C 44 257d 265d 256d netfilter: use skb_to_full_sk in ip6_route_me_harder
KASAN: use-after-free Write in nf_nat_ipv6_manip_pkt C 2 272d 271d 256d netfilter: ipv6: fix use-after-free Write in nf_nat_ipv6_manip_pkt
BUG: unable to handle kernel paging request in ebt_among_mt_check C 823 256d 271d 256d netfilter: bridge: ebt_among: add missing match size checks
WARNING in compat_copy_entries C 434 256d 271d 256d netfilter: ebtables: CONFIG_COMPAT: don't trust userland offsets
WARNING in debug_print_object C 2 289d 289d 256d l2tp: fix tunnel lookup use-after-free race
KASAN: use-after-free Read in inet_shutdown C 22 258d 305d 256d l2tp: fix tunnel lookup use-after-free race
general protection fault in pppol2tp_connect C 1025 256d 305d 256d l2tp: fix tunnel lookup use-after-free race
KASAN: use-after-free Read in pppol2tp_connect C 25 256d 305d 256d l2tp: fix tunnel lookup use-after-free race
KASAN: slab-out-of-bounds Read in ip6_xmit C 156 257d 308d 256d tls: Use correct sk->sk_prot for IPV6
kernel BUG at arch/x86/kvm/mmu.c:LINE! C 695 263d 381d 256d KVM: mmu: Fix overlap between public and private memslots
WARNING in __x86_set_memory_region C 716 264d 382d 256d KVM/x86: remove WARN_ON() for when vm_munmap() fails
WARNING in handle_ept_misconfig C 238 264d 387d 256d KVM: X86: Fix SMRAM accessing even if VM is shutdown
general protection fault in arpt_do_table C 3 268d 268d 264d netfilter: add back stackpointer size checks
WARNING: ODEBUG bug in __queue_work C 2 273d 269d 264d netfilter: IDLETIMER: be syzkaller friendly
WARNING in __queue_work C 1 273d 273d 264d netfilter: IDLETIMER: be syzkaller friendly
WARNING: kmalloc bug in cpu_map_update_elem C 2677 264d 275d 264d bpf: cpumap: use GFP_KERNEL instead of GFP_ATOMIC in __cpu_map_entry_alloc()
WARNING in kvmalloc_node C 513 270d 276d 264d bpf: cpumap: use GFP_KERNEL instead of GFP_ATOMIC in __cpu_map_entry_alloc()
WARNING: kmalloc bug in bpf_prog_array_copy_info C 4424 264d 276d 264d bpf: fix bpf_prog_array_copy_to_user warning from perf event prog query
WARNING: ODEBUG bug in led_tg_destroy C 4 269d 277d 264d netfilter: x_tables: fix missing timer initialization in xt_LED
general protection fault in SyS_bpf (2) C 1065 264d 278d 264d bpf: fix sock_map_alloc() error path
divide error in nf_nat_l4proto_unique_tuple C 2 278d 278d 264d netfilter: nat: cope with negative port range
lost connection to test machine (4) C 1189 264d 278d 264d bpf: fix mlock precharge on arraymaps
KASAN: use-after-free Read in remove_wait_queue C 7 268d 278d 264d ANDROID: binder: synchronize_rcu() when using POLLFREE.
kernel BUG at kernel/time/timer.c:LINE! C 18 266d 278d 264d netfilter: x_tables: fix missing timer initialization in xt_LED
WARNING: bad unlock balance in hashlimit_mt_common C 2059 266d 279d 264d netfilter: xt_hashlimit: fix lock imbalance
possible deadlock in xt_find_table_lock (2) 4 281d 280d 264d netfilter: drop outermost socket lock in getsockopt()
possible deadlock in do_ip_getsockopt (2) 206 266d 281d 264d netfilter: drop outermost socket lock in getsockopt()
possible deadlock in do_ipv6_setsockopt (2) 3642 266d 281d 264d netfilter: drop outermost socket lock in getsockopt()
possible deadlock in do_ip_setsockopt (3) 3731 266d 282d 264d netfilter: drop outermost socket lock in getsockopt()
possible deadlock in rtnl_lock (4) C 73333 266d 282d 264d netfilter: drop outermost socket lock in getsockopt()
WARNING: kmalloc bug in relay_open_buf C 10 268d 283d 264d kernel/relay.c: limit kmalloc size to KMALLOC_MAX_SIZE
WARNING: proc registration bug in clusterip_tg_check C 779 266d 284d 264d netfilter: ipt_CLUSTERIP: fix a race condition of proc file creation
general protection fault in ip6t_do_table C 8077 267d 294d 264d netfilter: add back stackpointer size checks
WARNING in check_flush_dependency C 2205 266d 298d 264d mac80211_hwsim: don't use WQ_MEM_RECLAIM
WARNING in kmalloc_slab (3) C 1901 265d 349d 264d kernel/relay.c: limit kmalloc size to KMALLOC_MAX_SIZE
BUG: unable to handle kernel NULL pointer dereference in sha512_mb_mgr_get_comp_job_avx2 syz 32 295d 349d 264d crypto: sha512-mb - initialize pending lengths correctly
general protection fault in binder_poll C 159 267d 351d 264d binder: check for binder_thread allocation failure in binder_poll()
KASAN: use-after-free Read in rds_find_bound 1 326d 322d 275d rds: tcp: use rds_destroy_pending() to synchronize netns/module teardown and rds connection/workq management
KASAN: slab-out-of-bounds Read in string C 129 286d 297d 276d netfilter: x_tables: avoid out-of-bounds reads in xt_request_find_{match|target}
KASAN: use-after-free Read in rds_tcp_tune 12 299d 309d 276d rds: tcp: use rds_destroy_pending() to synchronize netns/module teardown and rds connection/workq management
INFO: rcu detected stall in memcpy 12 313d 317d 276d ALSA: pcm: Abort properly at pending signal in OSS read/write loops
INFO: rcu detected stall in tty_ioctl C 12 319d 332d 276d n_tty: fix EXTPROC vs ICANON interaction with TIOCINQ (aka FIONREAD)
INFO: rcu detected stall in n_tty_ioctl 24 319d 332d 276d n_tty: fix EXTPROC vs ICANON interaction with TIOCINQ (aka FIONREAD)
KASAN: use-after-free Read in __do_page_fault syz 679 372d 383d 276d x86/mm: fix use-after-free of vma during userfaultfd fault
possible deadlock in lru_add_drain_all 1300 336d 386d 276d mm: drop hotplug lock from lru_add_drain_all()
KASAN: use-after-free Read in __schedule C 145 330d 332d 276d KVM: x86: don't forget vcpu_put() in kvm_arch_vcpu_ioctl_set_sregs()
KASAN: stack-out-of-bounds Read in csum_and_copy_from_iter_full 1 355d 351d 276d net: ipv4: fix for a race condition in raw_sendmsg
KASAN: use-after-free Read in sock_release 1 357d 353d 276d fix kcm_clone()
KASAN: use-after-free Read in rds_tcp_dev_event 1 381d 375d 276d rds: tcp: correctly sequence cleanup on netns deletion.
possible deadlock in flush_work (2) 3 375d 377d 276d SUNRPC: Destroy transport from the system workqueue
KASAN: stack-out-of-bounds Read in memcmp 1 319d 316d 277d xfrm: Fix stack-out-of-bounds with misconfigured transport mode policies.
KASAN: stack-out-of-bounds Read in xfrm_selector_match 368 310d 317d 277d xfrm: Fix stack-out-of-bounds with misconfigured transport mode policies.
KASAN: use-after-free Read in __fput 23 346d 380d 277d fix kcm_clone()
WARNING in drm_modeset_lock_all 35 379d 386d 277d drm: Require __GFP_NOFAIL for the legacy drm_modeset_lock_all
WARNING: kmalloc bug in tun_device_event C 15 281d 283d 278d ["ptr_ring: fail early if queue occupies more than KMALLOC_MAX_SIZE" "ptr_ring: try vmalloc() when kmalloc() fails"]
WARNING: suspicious RCU usage in bpf_prog_array_copy_info C 17842 278d 284d 278d bpf: fix bpf_prog_array_copy_to_user() issues
suspicious RCU usage at ./include/linux/rcupdate.h:LINE (4) C 7264 284d 288d 278d bpf: fix bpf_prog_array_copy_to_user() issues
general protection fault in ___bpf_prog_run C 8 283d 291d 278d bpf: fix null pointer deref in bpf_prog_test_run_xdp
KASAN: use-after-free Write in xt_rateest_tg_checkentry C 2 291d 292d 278d netfilter: xt_RATEEST: acquire xt_rateest_mutex for hash insert
general protection fault in cgroup_mt_destroy_v1 C 91 280d 293d 278d netfilter: xt_cgroup: initialize info->priv in cgroup_mt_check_v1()
WARNING in usercopy_warn C 171 284d 302d 278d net: Whitelist the skbuff_head_cache "cb" field
KASAN: double-free or invalid-free in relay_open C 106 284d 382d 278d kernel/relay.c: revert "kernel/relay.c: fix potential memory leak"
WARNING in do_debug C 905 282d 382d 278d KVM: x86: fix escape of guest dr6 to the host
possible deadlock in rtnl_lock (3) C 3633 283d 284d 283d netfilter: on sockopt() acquire sock lock only in the required scope
possible deadlock in do_ip_setsockopt (2) 59 283d 285d 283d netfilter: on sockopt() acquire sock lock only in the required scope
WARNING: bad unlock balance in ipmr_mfc_seq_stop C 286 290d 336d 284d ip6mr: fix stale iterator
possible deadlock in rtnl_lock (2) C 10369 285d 289d 285d netfilter: on sockopt() acquire sock lock only in the required scope
suspicious RCU usage at ./include/linux/inetdevice.h:LINE (2) C 4 289d 289d 285d net: igmp: add a missing rcu locking section
possible deadlock in do_ip_getsockopt 22 288d 293d 285d netfilter: on sockopt() acquire sock lock only in the required scope
possible deadlock in xt_find_target 34 287d 294d 285d netfilter: on sockopt() acquire sock lock only in the required scope
WARNING in reuseport_add_sock C 7 298d 308d 285d soreuseport: fix mem leak in reuseport_add_sock()
WARNING in ion_ioctl C 8888 288d 317d 285d staging: android: ion: Switch from WARN to pr_warn
WARNING in __alloc_pages_slowpath C 9435 288d 317d 285d staging: android: ion: Add __GFP_NOWARN for system contig heap
lost connection to test machine (3) C 4251 286d 325d 285d netfilter: x_tables: fix int overflow in xt_alloc_table_info()
WARNING in register_lock_class C 2 332d 329d 285d ANDROID: binder: remove waitqueue when thread exits.
WARNING in sysfs_warn_dup 11 291d 334d 285d sysfs: turn WARN() into pr_warn()
KASAN: use-after-free Read in __lock_acquire (2) C 589 288d 364d 285d ANDROID: binder: remove waitqueue when thread exits.
WARNING in __check_heap_object C 5173 303d 375d 285d sctp: Define usercopy region in SCTP proto slab cache
KASAN: use-after-free Read in __list_add_valid (3) 16 289d 296d 286d vhost_net: stop device during reset owner
KASAN: use-after-free Read in fib6_lookup_1 11 306d 308d 286d ipv6: don't let tb6_root node share routes with other node
KASAN: use-after-free Read in fib6_remove_prefsrc 4 306d 308d 286d ipv6: don't let tb6_root node share routes with other node
KASAN: use-after-free Read in fib6_age 3 306d 309d 286d ipv6: don't let tb6_root node share routes with other node
KASAN: use-after-free Read in mon_bin_vma_fault 7 312d 324d 286d USB: fix usbmon BUG trigger
INFO: task hung in bpf_exit_net 1 347d 333d 286d sctp: fix the handling of ICMP Frag Needed for too small MTUs
INFO: trying to register non-static key in pfifo_fast_reset C 4 332d 335d 286d net_sched: properly check for empty skb array on error path
general protection fault in trie_get_next_key C 3 295d 295d 288d bpf: fix kernel page fault in lpm map trie_get_next_key
KASAN: use-after-free Read in tipc_group_size C 8 305d 313d 288d tipc: fix race between poll() and setsockopt()
suspicious RCU usage at net/ipv6/ip6_fib.c:LINE C 56 296d 318d 288d ipv6: remove null_entry before adding default route
BUG: Bad page state (3) C 3 313d 320d 288d USB: fix usbmon BUG trigger
WARNING in usb_submit_urb C 2 383d 375d 288d USB: usbfs: Filter flags passed in from user space
WARNING in task_participate_group_stop C 29 368d 383d 288d kernel/signal.c: remove the no longer needed SIGNAL_UNKILLABLE check in complete_signal()
general protection fault in __netlink_ns_capable C 74 312d 319d 289d rtnetlink: give a user socket to get_target_net()
KASAN: double-free or invalid-free in skb_free_head C 13 328d 334d 289d crypto: pcrypt - fix freeing pcrypt instances
BUG: unable to handle kernel NULL pointer dereference in page_mapping C 4 332d 335d 289d RDS: null pointer dereference in rds_atomic_free_op
general protection fault in page_mapping C 46 312d 340d 289d RDS: null pointer dereference in rds_atomic_free_op
inconsistent lock state in est_fetch_counters C 5829 289d 294d 289d net_sched: gen_estimator: fix lockdep splat
WARNING in vhost_dev_cleanup C 4 290d 296d 289d vhost_net: stop device during reset owner
general protection fault in tun_queue_purge C 4 295d 297d 289d Revert "net: ptr_ring: otherwise safe empty checks can overrun array bounds"
KASAN: use-after-free Read in __wake_up_common C 888 289d 299d 289d vhost_net: stop device during reset owner
general protection fault in nfs_idmap_legacy_upcall C 4 303d 302d 289d NFS: reject request for id_legacy key without auxdata
KASAN: use-after-free Read in map_lookup_elem C 6 305d 308d 289d bpf, array: fix overflow in max_entries and undefined behavior in index_mask
BUG: unable to handle kernel paging request in check_memory_region C 10 306d 308d 289d bpf, array: fix overflow in max_entries and undefined behavior in index_mask
KASAN: use-after-free Read in __bpf_prog_put 1 310d 310d 289d bpf, array: fix overflow in max_entries and undefined behavior in index_mask
general protection fault in fib6_add (2) C 3143 312d 318d 289d ipv6: fix general protection fault in fib6_add()
kernel BUG at fs/userfaultfd.c:LINE! C 3 332d 330d 289d userfaultfd: clear the vma->vm_userfaultfd_ctx if UFFD_EVENT_FORK fails
KASAN: slab-out-of-bounds Write in sha3_update (2) C 49 290d 330d 289d crypto: hash - prevent using keyed hashes without setting key
KASAN: stack-out-of-bounds Read in rds_sendmsg C 120 319d 343d 289d RDS: Check cmsg_len before dereferencing CMSG_DATA
KASAN: slab-out-of-bounds Read in sctp_send_reset_streams C 73 331d 343d 289d sctp: make sure stream nums can match optlen in sctp_setsockopt_reset_streams
kernel BUG at drivers/android/binder_alloc.c:LINE! C 856 346d 351d 289d ANDROID: binder: fix transaction leak.
BUG: sleeping function called from invalid context at net/core/sock.c:LINE (2) 185 353d 351d 289d crypto: af_alg - remove locking in async callback
general protection fault in sidtab_search_core syz 1306 345d 351d 289d selinux: skip bounded transition processing if the policy isn't loaded
general protection fault in show_timer C 10 333d 352d 289d posix-timer: Properly check sigevent->sigev_notify
WARNING: kernel stack regs has bad 'bp' value (2) C 16238 289d 354d 289d crypto: x86/twofish-3way - Fix %rbp usage
KASAN: slab-out-of-bounds Read in strcmp C 150 345d 354d 289d selinux: ensure the context is NUL terminated in security_context_to_sid_core()
KASAN: slab-out-of-bounds Read in xfrm_hash_rebuild C 18 307d 375d 289d xfrm: skip policies marked as dead while rehashing
BUG: looking up invalid subclass: 8 C 5 376d 376d 289d ALSA: seq: Avoid invalid lockdep class warning
BUG: unable to handle kernel paging request in devpts_mntget C 21 302d 379d 289d devpts: fix error handling in devpts_mntget()
suspicious RCU usage at ./include/linux/inetdevice.h:LINE 28 372d 380d 289d fib: fib_dump_info can no longer use __in_dev_get_rtnl
KASAN: use-after-free Read in __xfrm_state_lookup C 7 382d 381d 289d xfrm: defer daddr pointer assignment after spi parsing
KASAN: use-after-free Read in sctp_association_free C 20 365d 381d 289d sctp: do not free asoc when it is already dead in sctp_sendmsg
BUG: sleeping function called from invalid context at mm/slab.h:LINE (2) 2 298d 298d 289d bpf: fix incorrect kmalloc usage in lpm_trie MAP_GET_NEXT_KEY rcu region
KASAN: slab-out-of-bounds Read in erspan_build_header C 30 289d 298d 289d net: erspan: fix use-after-free
suspicious RCU usage at mm/slab.h:LINE 1 298d 298d 289d bpf: fix incorrect kmalloc usage in lpm_trie MAP_GET_NEXT_KEY rcu region
KASAN: slab-out-of-bounds Read in erspan_xmit C 51 296d 299d 289d net: erspan: fix use-after-free
KASAN: use-after-free Read in erspan_xmit C 68 296d 299d 289d net: erspan: fix use-after-free
KASAN: use-after-free Read in erspan_build_header C 60 289d 299d 289d net: erspan: fix use-after-free
WARNING in xdp_rxq_info_unreg C 198 298d 299d 289d tun: avoid calling xdp_rxq_info_unreg() twice
suspicious RCU usage at ./include/linux/rcupdate.h:LINE (3) C 5087 290d 299d 289d bpf: fix incorrect kmalloc usage in lpm_trie MAP_GET_NEXT_KEY rcu region
KASAN: use-after-free Read in tipc_group_is_open C 1 305d 305d 289d tipc: fix race between poll() and setsockopt()
general protection fault in get_info C 760 306d 308d 289d netfilter: x_tables: don't return garbage pointer on modprobe failure
KASAN: use-after-free Read in rb_first_postorder C 17267 302d 311d 289d tipc: fix a potental access after delete in tipc_sk_join()
general protection fault in free_verifier_state (2) C 2 313d 313d 289d bpf: fix verifier GPF in kmalloc failure path
suspicious RCU usage at net/netfilter/ipset/ip_set_core.c:LINE C 38048 310d 316d 289d netfilter: ipset: Missing nfnl_lock()/nfnl_unlock() is added to ip_set_net_exit()
general protection fault in copy_verifier_state C 2 322d 318d 289d bpf: fix verifier GPF in kmalloc failure path
possible deadlock in rtnl_lock C 15711 289d 346d 289d tuntap: fix possible deadlock when fail to register netdev
BUG: unable to handle kernel NULL pointer dereference in sctp_stream_free 2 334d 332d 290d sctp: fix error path in sctp_stream_init
WARNING in fpu__copy 8 332d 332d 290d kvm: x86: fix WARN due to uninitialized guest FPU state
general protection fault in __rds_rdma_map C 12 342d 355d 290d rds: Fix NULL pointer dereference in __rds_rdma_map
WARNING in xfrm_state_fini C 2231 306d 361d 290d xfrm: check id proto in validate_tmpl()
general protection fault in __list_del_entry_valid (2) C 21 305d 361d 290d sget(): handle failures of register_shrinker()
KASAN: stack-out-of-bounds Read in xfrm_state_find (3) C 10353 294d 362d 290d xfrm: Fix stack-out-of-bounds with misconfigured transport mode policies.
general protection fault in sctp_stream_free 17 336d 377d 290d sctp: fix error path in sctp_stream_init
possible deadlock in vhost_chr_write_iter C 25952 296d 299d 292d vhost: use mutex_lock_nested() in vhost_dev_lock_vqs()
KASAN: slab-out-of-bounds Read in __dev_queue_xmit C 6 314d 302d 292d net: qdisc_pkt_len_init() should be more robust
KASAN: use-after-free Read in psock_write_space C 6 301d 312d 292d kcm: Only allow TCP sockets to be attached to a KCM mux
kernel BUG at net/l2tp/l2tp_ppp.c:LINE! C 22 296d 318d 292d kcm: Check if sk_user_data already set in kcm_attach
general protection fault in skb_segment C 7 313d 323d 292d gso: validate gso_type in GSO handlers
kernel BUG at net/core/skbuff.c:LINE! (2) C 562 294d 383d 292d pppoe: take ->needed_headroom of lower device into account on xmit
BUG: unable to handle kernel NULL pointer dereference in proc_flush_task syz 1 336d 332d 294d pid: Handle failure to allocate the first pid in a pid namespace
KASAN: stack-out-of-bounds Read in write_mmio C 3 341d 351d 294d KVM: Fix stack-out-of-bounds read in write_mmio
general protection fault in proc_flush_task syz 2 336d 352d 294d pid: Handle failure to allocate the first pid in a pid namespace
general protection fault in lockdep_invariant_state (2) C 114 346d 374d 294d locking/lockdep: Fix possible NULL deref
general protection fault in __lock_acquire (2) C 15 294d 380d 294d tipc: fix a null pointer deref on error path
BUG: sleeping function called from invalid context at ./include/linux/uaccess.h:LINE C 19609 356d 382d 294d KVM: x86: fix em_fxstor() sleeping while in atomic
KASAN: use-after-free Read in fib6_add_1 C 4 306d 308d 296d net-backports: ipv6: don't let tb6_root node share routes with other node
WARNING in free_loaded_vmcs C 170 354d 361d 296d KVM: VMX: Fix vmx->nested freeing when no SMI handler
KASAN: slab-out-of-bounds Read in map_lookup_elem C 6 305d 308d 298d bpf, array: fix overflow in max_entries and undefined behavior in index_mask
possible deadlock in snd_seq_deliver_event C 6 376d 386d 298d ALSA: seq: Fix nested rwsem annotation for lockdep splat
general protection fault in ip6_xmit 16 300d 301d 299d ipv6: don't let tb6_root node share routes with other node
KASAN: use-after-free Read in fib6_ifup (2) C 18 306d 302d 299d ipv6: don't let tb6_root node share routes with other node
general protection fault in strlen C 53 301d 303d 299d netlink: reset extack earlier in netlink_rcv_skb
KASAN: stack-out-of-bounds Read in __nla_put C 57 301d 305d 299d netlink: reset extack earlier in netlink_rcv_skb
WARNING in canfd_rcv C 4 306d 305d 299d can: af_can: canfd_rcv(): replace WARN_ONCE by pr_warn_once
WARNING in can_rcv C 5 306d 305d 299d can: af_can: can_rcv(): replace WARN_ONCE by pr_warn_once
KASAN: slab-out-of-bounds Write in array_map_update_elem C 6 306d 306d 299d bpf, array: fix overflow in max_entries and undefined behavior in index_mask
KASAN: use-after-free Write in array_map_update_elem C 11 304d 306d 299d bpf, array: fix overflow in max_entries and undefined behavior in index_mask
BUG: unable to handle kernel paging request in __bpf_map_put 1 308d 307d 299d bpf, array: fix overflow in max_entries and undefined behavior in index_mask
WARNING in rfkill_alloc C 6 306d 307d 299d cfg80211: check dev_set_name() return value
WARNING in wiphy_register C 15 306d 307d 299d mac80211_hwsim: validate number of different channels
divide error in ___bpf_prog_run C 28 301d 308d 299d bpf: fix 32-bit divide by zero
BUG: unable to handle kernel paging request in bpf_fd_array_map_lookup_elem 5 305d 308d 299d bpf, array: fix overflow in max_entries and undefined behavior in index_mask
BUG: unable to handle kernel paging request in dst_release 113 304d 309d 299d ipv6: ip6_make_skb() needs to clear cork.base.dst
KASAN: slab-out-of-bounds Read in bpf_fd_array_map_lookup_elem 7 306d 310d 299d bpf, array: fix overflow in max_entries and undefined behavior in index_mask
KASAN: use-after-free Read in bpf_fd_array_map_lookup_elem 21 305d 310d 299d bpf, array: fix overflow in max_entries and undefined behavior in index_mask
WARNING in snd_interval_mulkdiv C 21 305d 311d 299d ALSA: pcm: Remove yet superfluous WARN_ON()
general protection fault in sctp_v6_get_dst C 6 311d 311d 299d sctp: do not allow the v4 socket to bind a v4mapped v6 address
WARNING in ___bpf_prog_run C 28 304d 311d 299d bpf: arsh is not supported in 32 bit alu thus reject it
WARNING in netlink_ack (2) C 6 311d 311d 299d netlink: extack needs to be reset each time through loop
BUG: unable to handle kernel paging request in fd_array_map_delete_elem 11 304d 311d 299d bpf, array: fix overflow in max_entries and undefined behavior in index_mask
general protection fault in __bpf_prog_put C 212 304d 311d 299d bpf, array: fix overflow in max_entries and undefined behavior in index_mask
general protection fault in cgroup_fd_array_put_ptr C 219 304d 311d 299d bpf, array: fix overflow in max_entries and undefined behavior in index_mask
KASAN: slab-out-of-bounds Read in perf_event_fd_array_release C 96 304d 311d 299d bpf, array: fix overflow in max_entries and undefined behavior in index_mask
general protection fault in __bpf_map_put C 331 304d 311d 299d bpf, array: fix overflow in max_entries and undefined behavior in index_mask
KASAN: use-after-free Read in tls_sk_proto_close C 9 304d 312d 299d net/tls: Only attach to sockets in ESTABLISHED state
WARNING: held lock freed! C 497 303d 313d 299d sctp: return error if the asoc has been peeled off in sctp_wait_for_sndbuf
BUG: sleeping function called from invalid context at ./include/linux/percpu-rwsem.h:LINE 20 307d 315d 299d xfrm: don't call xfrm_policy_cache_flush while holding spinlock
kernel BUG at ./include/linux/skbuff.h:LINE! C 4502 304d 317d 299d esp: Fix GRO when the headers not fully in the linear part of the skb.
possible deadlock in ppp_dev_uninit C 6 305d 317d 299d ppp: unlock all_ppp_mutex before registering device
WARNING in adjust_ptr_min_max_vals C 252 301d 318d 299d bpf: mark dst unknown on inconsistent {s, u}bounds adjustments
suspicious RCU usage at ./include/linux/rcupdate.h:LINE (2) C 174 300d 380d 299d xfrm: fix rcu usage in xfrm_get_type_offload
KASAN: use-after-free Read in fib6_ifdown C 26 306d 309d 302d ipv6: remove null_entry before adding default route
KASAN: use-after-free Read in rt6_mtu_change_route 5 306d 309d 302d ipv6: remove null_entry before adding default route
INFO: task hung in snd_pcm_oss_write syz 2 311d 311d 302d ALSA: pcm: Abort properly at pending signal in OSS read/write loops
INFO: rcu detected stall in snd_pcm_plug_write_transfer 1 311d 311d 302d ALSA: pcm: Abort properly at pending signal in OSS read/write loops
INFO: rcu detected stall in mulaw_transfer 37 313d 316d 302d ALSA: aloop: Fix racy hw constraints adjustment
general protection fault in nf_tables_dump_obj_done C 976 312d 317d 302d netfilter: nf_tables: fix potential NULL-ptr deref in nf_tables_dump_obj_done()
suspicious RCU usage at sound/core/pcm_lib.c:LINE 1 318d 317d 302d ALSA: pcm: Abort properly at pending signal in OSS read/write loops
BUG: unable to handle kernel paging request in memset_erms C 35 303d 317d 302d ALSA: aloop: Fix inconsistent format due to incomplete rule
WARNING in rds_cmsg_rdma_args C 6 318d 318d 302d RDS: Heap OOB write in rds_message_alloc_sgs()
WARNING in snd_pcm_hw_param_first C 2905 311d 321d 302d ALSA: pcm: Remove incorrect snd_BUG_ON() usages
kernel BUG at ./include/linux/mm.h:LINE! (3) C 621 307d 325d 302d USB: fix usbmon BUG trigger
BUG: soft lockup (2) C 29 313d 342d 302d ALSA: pcm: Abort properly at pending signal in OSS read/write loops
general protection fault in crypto_remove_spawns C 85 316d 355d 302d crypto: algapi - fix NULL dereference in crypto_remove_spawns()
WARNING in strp_data_ready C 59034 318d 389d 304d strparser: Call sock_owned_by_user_nocheck
KASAN: double-free or invalid-free in kvm_arch_vcpu_uninit 1 312d 308d 307d crypto: pcrypt - fix freeing pcrypt instances
BUG: bad usercopy in alg_setsockopt 5 318d 316d 310d crypto: pcrypt - fix freeing pcrypt instances
BUG: bad usercopy in do_syslog 1 320d 316d 310d crypto: pcrypt - fix freeing pcrypt instances
KASAN: slab-out-of-bounds Read in cap_inode_getsecurity C 11 316d 317d 310d capabilities: fix buffer overread on very short xattr
KASAN: slab-out-of-bounds Read in cap_convert_nscap C 4148 315d 319d 310d capabilities: fix buffer overread on very short xattr
BUG: bad usercopy in strncpy_from_user 1 325d 321d 310d crypto: pcrypt - fix freeing pcrypt instances
BUG: unable to handle kernel paging request in ipcget 2 332d 329d 310d crypto: pcrypt - fix freeing pcrypt instances
BUG: bad usercopy in rw_copy_check_uvector 7 314d 329d 310d crypto: pcrypt - fix freeing pcrypt instances
general protection fault in skcipher_walk_done C 8 313d 332d 310d crypto: chacha20poly1305 - validate the digest size
KASAN: use-after-free Read in __list_del_entry_valid (2) C 11 332d 334d 310d crypto: pcrypt - fix freeing pcrypt instances
BUG: unable to handle kernel NULL pointer dereference in blkcipher_walk_done C 2 338d 338d 310d crypto: chacha20poly1305 - validate the digest size
BUG: unable to handle kernel NULL pointer dereference in scatterwalk_copychunks C 3 337d 338d 310d crypto: chacha20poly1305 - validate the digest size
KASAN: wild-memory-access Write in scatterwalk_copychunks C 15 316d 342d 310d crypto: chacha20poly1305 - validate the digest size
general protection fault in scatterwalk_copychunks (2) C 141 316d 343d 310d crypto: chacha20poly1305 - validate the digest size
KASAN: use-after-free Read in handle_userfault C 151 323d 386d 311d userfaultfd: clear the vma->vm_userfaultfd_ctx if UFFD_EVENT_FORK fails
INFO: task hung in cleanup_net 1 345d 333d 318d net: Fix double free and memory corruption in get_net_ns_by_id()
KASAN: global-out-of-bounds Read in crypto_chacha20_crypt C 74 332d 335d 318d crypto: skcipher - set walk.iv for zero-length inputs
general protection fault in blkcipher_walk_first C 7 330d 341d 318d crypto: af_alg - wait for data at beginning of recvmsg
possible deadlock (2) 2 339d 341d 318d crypto: skcipher - set walk.iv for zero-length inputs
BUG: unable to handle kernel paging request in kvm_arch_vcpu_ioctl_run 1 346d 342d 318d x86/entry: Fix assumptions that the HW TSS is at the beginning of cpu_tss
BUG: unable to handle kernel paging request in copy_siginfo_to_user 1 346d 342d 318d x86/entry: Fix assumptions that the HW TSS is at the beginning of cpu_tss
BUG: unable to handle kernel paging request in match_subs_info 1 348d 343d 318d x86/entry: Fix assumptions that the HW TSS is at the beginning of cpu_tss
BUG: unable to handle kernel paging request in __put_user_8 1 349d 343d 318d x86/entry: Fix assumptions that the HW TSS is at the beginning of cpu_tss
BUG: unable to handle kernel paging request in __schedule 2 348d 343d 318d x86/entry: Fix assumptions that the HW TSS is at the beginning of cpu_tss
KASAN: use-after-free Write in aead_recvmsg C 21 331d 348d 318d crypto: af_alg - fix race accessing cipher request
BUG: unable to handle kernel paging request in __switch_to 1 353d 349d 318d x86/entry: Fix assumptions that the HW TSS is at the beginning of cpu_tss
general protection fault in crypto_chacha20_crypt C 2374 323d 354d 318d crypto: skcipher - set walk.iv for zero-length inputs
general protection fault in blkcipher_walk_done C 47 319d 355d 318d crypto: af_alg - wait for data at beginning of recvmsg
WARNING in netlink_ack C 6 329d 330d 325d netlink: fix netlink_ack() extack race
general protection fault in free_verifier_state C 2 331d 331d 325d bpf: fix verifier NULL pointer dereference
KASAN: use-after-free in aead_recvmsg 2 343d 343d 325d crypto: algif_aead - fix reference counting of null skcipher
kernel BUG at net/packet/af_packet.c:LINE! (2) 2 349d 351d 325d make sock_alloc_file() do sock_release() on failures
WARNING in refcount_dec (2) 1 359d 359d 325d net/packet: fix a race in packet_bind() and packet_notifier()
WARNING in lock_release C 72 333d 366d 330d alloc_super(): do ->s_umount initialization earlier
general protection fault in ___cache_free 1 342d 337d 331d crypto: salsa20 - fix blkcipher_walk API usage
general protection fault in kfree 13 342d 351d 331d crypto: salsa20 - fix blkcipher_walk API usage
general protection fault in strcmp 1 352d 352d 331d KEYS: reject NULL restriction string when type is specified
WARNING in initialize_timer 2 352d 352d 331d ALSA: seq: Remove spurious WARN_ON() at timer check
WARNING: suspicious RCU usage (3) 16 353d 354d 331d crypto: salsa20 - fix blkcipher_walk API usage
KASAN: stack-out-of-bounds Write in sha3_update C 5 358d 354d 331d crypto: hmac - require that the underlying hash algorithm is unkeyed
general protection fault in af_alg_free_areq_sgls C 2916 335d 355d 331d crypto: af_alg - fix NULL pointer dereference in
KASAN: use-after-free Read in aead_recvmsg C 4338 335d 355d 331d crypto: algif_aead - fix reference counting of null skcipher
general protection fault in scatterwalk_copychunks C 414 344d 354d 344d crypto: algif_aead - skip SGL entries with NULL page
kernel BUG at net/core/dev.c:LINE! C 5 356d 360d 344d net-backports: net/packet: fix a race in packet_bind() and packet_notifier()
possible deadlock in blk_trace_remove 5 356d 363d 344d blktrace: fix trace mutex deadlock
general protection fault in fanout_demux_rollover 3 358d 377d 344d packet: fix crash in fanout_demux_rollover()
kernel panic: softlockup: hung tasks 2 424d 394d 344d SUNRPC: Allow connect to return EHOSTUNREACH
general protection fault in dax_alloc_inode 1 375d 368d 348d dax: fix general protection fault in dax_alloc_inode
kernel BUG at net/key/af_key.c:LINE! C 63 396d 389d 348d xfrm: Copy policy family in clone_policy
WARNING in snd_timer_user_info_compat C 174 358d 361d 354d ALSA: timer: Remove kernel warning at compat ioctl error paths
KASAN: use-after-free Read in tcp_ack 68 367d 369d 354d net-backports: tcp: highest_sack fix
KASAN: use-after-free Read in mpi_free C 27 364d 372d 354d crypto: dh - Fix double free of ctx->p
WARNING in free_kthread_struct C 136405 371d 375d 354d kthread: zero the kthread data structure
INFO: trying to register non-static key. (2) C 8624 373d 375d 354d tcp: fix a lockdep issue in tcp_fastopen_reset_cipher()
possible deadlock in generic_file_write_iter C 61506 354d 377d 354d block, locking/lockdep: Assign a lock_class per gendisk used for wait_for_completion()
KASAN: use-after-free Read in fsnotify 1 415d 379d 354d dnotify: Handle errors from fsnotify_add_mark_locked() in fcntl_dirnotify()
KASAN: use-after-free Read in tipc_send_group_bcast 4 389d 380d 354d tipc: fix a dangling pointer
general protection fault in bpf_check 3 375d 380d 354d bpf: fix verifier NULL pointer dereference
general protection fault in iov_iter_fault_in_readable 5 372d 380d 354d tun: do not arm flow_gc_timer in tun_flow_init()
kernel BUG at fs/notify/dnotify/dnotify.c:LINE! 19 370d 383d 354d dnotify: Handle errors from fsnotify_add_mark_locked() in fcntl_dirnotify()
KASAN: use-after-free Write in detach_if_pending C 4169 391d 386d 354d tun: do not arm flow_gc_timer in tun_flow_init()
KASAN: slab-out-of-bounds Read in tipc_nametbl_lookup_dst_nodes C 22388 366d 389d 354d tipc: eliminate KASAN warning
BUG: unable to handle kernel paging request in vsock_diag_dump C 6 386d 389d 354d vsock: always call vsock_init_tables()
KASAN: use-after-free Read in tipc_group_self C 2942 371d 389d 354d tipc: fix a dangling pointer
general protection fault in do_raw_spin_lock 8 387d 391d 354d net-backports: ipv6: add ip6_null_entry check in rt6_select()
general protection fault in tun_flow_cleanup 1 426d 394d 354d tun: do not arm flow_gc_timer in tun_flow_init()
KASAN: use-after-free Read in free_netdev C 42 372d 395d 354d net-tun: fix panics at dismantle time
general protection fault in hrtimer_active C 669 372d 395d 354d net-tun: fix panics at dismantle time
WARNING in fib6_add C 8225 371d 395d 354d ipv6: prevent user from adding cached routes
WARNING in tun_get_user C 17398 371d 396d 354d net-backports: tun: relax check on eth_get_headlen() return value
BUG: sleeping function called from invalid context at net/core/sock.c:LINE C 407 355d 394d 355d strparser: Use delayed work instead of timer for msg timeout
KASAN: use-after-free Read in snd_timer_user_info_compat syz 2 396d 386d 360d ALSA: timer: Add missing mutex lock for compat ioctls
WARNING in tcp_update_reordering 748 364d 362d 361d tcp: fix tcp_fastretrans_alert warning
general protection fault in asn1_ber_decoder C 5009 371d 376d 364d KEYS: fix NULL pointer dereference during ASN.1 parsing [ver #2]
BUG: soft lockup C 466 367d 381d 364d ALSA: timer: Limit max instances per timer
BUG: unable to handle kernel paging request in snd_seq_oss_readq_puts C 389 375d 381d 364d ALSA: seq: Fix OSS sysex delivery in OSS emulation
KASAN: stack-out-of-bounds Read in xfrm_state_find (2) C 93 372d 381d 364d xfrm: Fix stack-out-of-bounds read in xfrm_state_find.
WARNING in refcount_add_not_zero 70 364d 381d 364d tcp: gso: avoid refcount_t warning from tcp_gso_segment()
KASAN: slab-out-of-bounds Read in asn1_ber_decoder C 17 372d 377d 371d KEYS: fix out-of-bounds read during ASN.1 parsing
KASAN: use-after-free Read in __lock_acquire syz 894 372d 381d 371d futex: Fix more put_pi_state() vs. exit_pi_state_list() races
KASAN: use-after-free Read in do_raw_spin_unlock syz 3 381d 382d 371d futex: Fix more put_pi_state() vs. exit_pi_state_list() races
BUG: workqueue lockup C 172 371d 382d 371d tun/tap: sanitize TUNSETSNDBUF input
WARNING in get_pi_state C 42 381d 383d 371d futex: Fix more put_pi_state() vs. exit_pi_state_list() races
INFO: rcu detected stall (2) C 56 371d 383d 371d net-backports: tun/tap: sanitize TUNSETSNDBUF input
general protection fault in __list_del_entry_valid C 72 374d 389d 371d ipsec: Fix aborted xfrm policy dump crash
WARNING in kmalloc_slab (2) C 2478 371d 389d 371d ipv6: flowlabel: do not leave opt->tot_len with garbage
KASAN: use-after-free Read in packet_getsockopt (2) syz 12 385d 393d 371d packet: avoid panic in packet_getsockopt()
WARNING in refcount_dec 9 372d 395d 371d ipv6: addrconf: increment ifp refcount before ipv6_del_addr()
general protection fault in ip6_setup_cork 56 386d 395d 371d net-backports: ipv6: flowlabel: do not leave opt->tot_len with garbage
WARNING in reuseport_alloc C 408 372d 395d 371d soreuseport: fix initialization race
KASAN: use-after-free Read in ip_queue_xmit 1 396d 396d 371d net-backports: tcp/dccp: fix ireq->opt races
KASAN: use-after-free Write in __run_timers 6144 391d 451d 371d net-backports: tun: call dev_get_valid_name() before register_netdevice()
kernel BUG at net/ipv4/tcp_output.c:LINE! 37 431d 444d 375d tcp: add an ability to dump and restore window parameters
WARNING in sk_stream_kill_queues syz 96 458d 461d 375d net-backports: dccp: purge write queue in dccp_destroy_sock()
general protection fault in refcount_sub_and_test 1 475d 459d 376d ipv6: fix NULL dereference in ip6_route_dev_notify()
KASAN: use-after-free Read in dev_queue_xmit_nit C 13 418d 430d 376d packet: hold bind lock when rebinding to fanout hook
WARNING in fib6_del 24 437d 450d 376d ipv6: fib: Unlink replaced routes from their nodes
KASAN: use-after-free Read in ccid2_hc_tx_rto_expire 5 454d 458d 376d dccp: defer ccid_hc_tx_delete() at dismantle time
BUG: unable to handle kernel NULL pointer dereference in free_fib_info_rcu 3 459d 459d 376d ipv4: fix NULL dereference in free_fib_info_rcu()
KASAN: double-free or invalid-free in selinux_tun_dev_free_security C 12033 452d 463d 376d tun: handle register_netdevice() failures properly
kernel BUG at net/core/skbuff.c:LINE! 5 389d 459d 386d ipv4: better IP_MAX_MTU enforcement
general protection fault in kvm_cpuid C 20 418d 437d 389d KVM: MMU: check guest CR3 reserved bits based on its physical address width.
KASAN: use-after-free Read in __list_add_valid syz 26 392d 440d 389d packet: hold bind lock when rebinding to fanout hook
general protection fault in skb_clone syz 3 458d 457d 389d tun: make tun_build_skb() thread safe
BUG: unable to handle kernel paging request in skb_release_data syz 15 458d 458d 389d tun: make tun_build_skb() thread safe
kernel BUG at lib/string.c:LINE! C 73 404d 419d 389d netfilter: x_tables: avoid stack-out-of-bounds read in xt_copy_counters_from_user
WARNING in __local_bh_enable_ip 22 419d 427d 389d bpf: do not disable/enable BH in bpf_map_free_id()
WARNING in __switch_to C 535 416d 463d 389d x86/fpu: Don't let userspace set bogus xcomp_bv
WARNING: kernel stack regs has bad 'bp' value C 66131 417d 463d 389d crypto: x86/sha256-avx2 - Fix RBP usage
general protection fault in __ip_options_echo (2) C 2 438d 438d 389d udp: drop head states only when all skb references are gone
general protection fault in perf_trace_block_get_rq C 180 429d 439d 389d block: tolerate tracing of NULL bio
kernel BUG at mm/slab.c:LINE! C 860 436d 440d 389d bpf: fix numa_node validation
possible deadlock in kcm_sendpage syz 14 441d 444d 389d kcm: do not attach PF_KCM sockets to avoid deadlock
general protection fault in SyS_bpf C 10 448d 449d 389d bpf: fix a return in sockmap_get_from_fd()
WARNING in refcount_inc 7 442d 450d 389d net_sched: fix a refcount_t issue with noop_qdisc
general protection fault in __lock_acquire 5 400d 451d 389d ipv6: reset fn->rr_ptr when replacing route
KASAN: slab-out-of-bounds Read in skb_release_data 1 458d 457d 389d tun: make tun_build_skb() thread safe
KASAN: use-after-free Read in get_mm_exe_file C 2 453d 457d 389d fork: fix incorrect fput of ->exe_file causing use-after-free
KASAN: wild-memory-access Read in skb_copy_ubufs C 23 457d 458d 389d tun: make tun_build_skb() thread safe
KASAN: use-after-free Read in skb_release_data syz 7 459d 458d 389d tun: make tun_build_skb() thread safe
general protection fault in skb_release_data syz 198 457d 458d 389d tun: make tun_build_skb() thread safe
KASAN: use-after-free Read in skb_push 4 453d 459d 389d tipc: fix use-after-free
general protection fault in fib6_add 18 453d 459d 389d ipv6: repair fib6 tree in failure case
BUG: Bad page state C 2 459d 459d 389d mm/madvise.c: fix freeing of locked page with MADV_FREE
KASAN: use-after-free Read in ip6_pol_route 249 452d 460d 389d ipv6: reset fn->rr_ptr when replacing route
KASAN: use-after-free Read in free_ldt_struct C 109 446d 460d 389d x86/mm: Fix use-after-free of ldt_struct
BUG: unable to handle kernel NULL pointer dereference at ADDR C 63 446d 460d 389d strparser: initialize all callbacks
WARNING in kmalloc_slab C 22353 389d 461d 389d ptr_ring: use kmalloc_array()
WARNING in idr_replace C 1209 429d 461d 389d idr: remove WARN_ON_ONCE() when trying to replace negative ID
general protection fault in __skb_flow_dissect C 37 459d 461d 389d dsa: fix flow disector null pointer
general protection fault in fib_dump_info C 428 452d 463d 389d net: check and errout if res->fi is NULL when RTM_F_FIB_MATCH is set
suspicious RCU usage at ./include/linux/kvm_host.h:LINE C 103402 417d 463d 389d KVM: fix rcu warning on VM_CREATE errors
INFO: task hung C 13878 417d 482d 417d tcp: fix hang in tcp_sendpage_locked()
WARNING in kvm_arch_vcpu_ioctl_run C 20284 417d 482d 417d KVM: X86: Fix residual mmio emulation request to userspace
inconsistent lock state in sk_clone_lock C 16 459d 462d 437d tcp: fix possible deadlock in TCP stack vs BPF filter
BUG: sleeping function called from invalid context at mm/slab.h:LINE C 8 459d 463d 437d af_key: do not use GFP_KERNEL in atomic contexts
kernel BUG at mm/usercopy.c:LINE! C 23 458d 463d 437d udp: harden copy_linear_skb()