syzbot

Title	Rank 🛈	Repro	Count	Last	Reported	Patched	Closed	Patch
kernel BUG at drivers/android/binder_alloc.c:LINE!	-1	C	44	2311d	2559d	1/3	never	5997da82145b FROMGIT: binder: fix BUG_ON found by selinux-testsuite
possible deadlock in seq_read	4	C	56124	2306d	2542d	1/3	never	73601ea5b7b1 fs/open.c: allow opening only regular files during execve()
android-4.9 boot error: general protection fault in ion_heap_destroy	-1		729	2564d	2602d	1/3	never	270fbfb501f1 ANDROID: ion_dummy_driver: Remove SYSTEM_CONTIG heap
possible deadlock in ashmem_llseek	4		5	2945d	2989d	3/3	2545d	cb57469c9573 staging: android: ashmem: Fix lockdep issue during llseek
general protection fault in sg_remove_scat	2	C	279	2919d	3101d	3/3	2737d	48ae8484e9fc scsi: sg: don't return bogus Sg_requests
KASAN: stack-out-of-bounds Read in xt_copy_counters_from_user	17	C	18	2747d	2753d	3/3	2738d	e466af75c074 netfilter: x_tables: avoid stack-out-of-bounds read in xt_copy_counters_from_user
general protection fault in sockfs_setattr	2	C	11	2775d	2793d	3/3	2774d	6d8c50dcb029 UPSTREAM: socket: close race condition between sock_close() and sockfs_setattr()
BUG: unable to handle kernel paging request in page_remove_rmap	8	C	14617	2775d	2782d	3/3	2775d	fd7e315988b7 x86/mm: Simplify p[g4um]d_page() macros
BUG: unable to handle kernel paging request in copy_huge_pmd	8	C	433	2775d	2782d	3/3	2775d	fd7e315988b7 x86/mm: Simplify p[g4um]d_page() macros
BUG: unable to handle kernel paging request in __split_huge_pmd	8	C	174	2775d	2782d	3/3	2775d	fd7e315988b7 x86/mm: Simplify p[g4um]d_page() macros
KASAN: use-after-free Read in __list_del_entry (3)	19	C	9	2938d	2945d	3/3	2854d	7aa135fcf263 UPSTREAM: ANDROID: binder: prevent transactions into own process.
KASAN: use-after-free Read in binder_release_work	19	C	132	2894d	2908d	3/3	2867d	7aa135fcf263 UPSTREAM: ANDROID: binder: prevent transactions into own process.
WARNING in set_precision	-1	C	1320	2887d	3009d	3/3	2887d	9c438d7a3a52 KEYS: DNS: limit the length of option strings
possible deadlock in __might_fault	4	C	10264	2930d	2952d	3/3	2895d	740a5759bf22 staging: android: ashmem: Fix possible deadlock in ashmem_ioctl
BUG: using __this_cpu_read() in preemptible code in ipcomp_init_state	4	C	304159	2909d	3028d	2/3	2909d	0dcd7876029b net: xfrm: use preempt-safe this_cpu_read() in ipcomp_alloc_tfms()
WARNING in binder_send_failed_reply	-1	C	74	2944d	3043d	2/3	2942d	e46a3b3ba750 UPSTREAM: ANDROID: binder: remove WARN() for redundant txn error
KASAN: use-after-free Read in remove_wait_queue	19	C	6	2957d	2967d	2/3	2945d	5eeb2ca02a2f ANDROID: binder: synchronize_rcu() when using POLLFREE.
WARNING in __alloc_pages_slowpath (3)	-1	C	547	2947d	2950d	2/3	2947d	f67385227a42 ANDROID: keychord: Check for write data size
KASAN: double-free or invalid-free in relay_open	24	C	64	2961d	3012d	2/3	2957d	a1be1f3931bf kernel/relay.c: revert "kernel/relay.c: fix potential memory leak"
BUG: Double free or freeing an invalid pointer (2)	-1	C	1	3033d	3033d	2/3	2957d	a1be1f3931bf kernel/relay.c: revert "kernel/relay.c: fix potential memory leak"
KASAN: use-after-free Read in __lock_acquire	19	C	1161	2972d	3043d	2/3	2964d	f5cb779ba163 UPSTREAM: ANDROID: binder: remove waitqueue when thread exits.
BUG: bad unlock balance in ipmr_mfc_seq_stop	4	C	7493	2965d	3043d	2/3	2964d	4adfa79fc254 ip6mr: fix stale iterator
WARNING in task_participate_group_stop	-1	C	15	2999d	3156d	2/3	2972d	426915796cca kernel/signal.c: remove the no longer needed SIGNAL_UNKILLABLE check in complete_signal()
general protection fault in ip6_setup_cork	2		924	3071d	3083d	2/3	2975d	864e2a1f8aac ipv6: flowlabel: do not leave opt->tot_len with garbage
kernel BUG at net/key/af_key.c:LINE!	-1	C	1	3135d	3135d	2/3	2975d	0e74aa1d79a5 xfrm: Copy policy family in clone_policy
general protection fault in assoc_array_apply_edit	2		1	3078d	3077d	2/3	2978d	ea6789980fda assoc_array: Fix a buggy node-splitting case
BUG: unable to handle kernel paging request in snd_seq_oss_readq_puts	8	C	3	3113d	3112d	2/3	3013d	132d358b183a ALSA: seq: Fix OSS sysex delivery in OSS emulation
KASAN: stack-out-of-bounds Read in memcmp	17	C	4	3158d	3162d	1/3	3038d	4c86d77743a5 BACKPORT: xfrm: Don't use sk_family for socket policy lookups
WARNING in reuseport_alloc	-1	C	106	3052d	3081d	1/3	3042d	1b5f962e71bf soreuseport: fix initialization race
WARNING in skb_warn_bad_offload	-1	C	442	3063d	3170d	1/3	3063d	net: remove open-coded skb_cow_head.
KASAN: use-after-free Read in fanout_demux_rollover	19	C	5	3105d	3126d	1/3	3064d	008ba2a13f2d packet: hold bind lock when rebinding to fanout hook
WARNING in __alloc_pages_slowpath	-1	C	2412	3069d	3144d	1/3	3069d	7682e399485f FROMLIST: ALSA: usx2y: Suppress kernel warning at page allocation failures
KASAN: use-after-free Read in bio_copy_user_iov	19	syz	73	3131d	3162d	1/3	3078d	1bc0eb044615 scsi: sg: protect accesses to 'reserved' page array
BUG: sleeping function called from invalid context at mm/slab.h:LINE	-1	C	3	3155d	3168d	1/3	3078d	89e357d83c06 af_key: Add lock to key dump
BUG: unable to handle kernel NULL pointer dereference in __remove_shared_vm_struct	10	C	1	3141d	3139d	1/3	3078d	2b7e8665b4ff fork: fix incorrect fput of ->exe_file causing use-after-free
WARNING in __switch_to	-1	C	54	3097d	3165d	1/3	3078d	814fb7bb7db5 x86/fpu: Don't let userspace set bogus xcomp_bv
general protection fault in skb_release_data	2		1	3149d	3149d	1/3	3078d	232cd35d0804 ipv6: fix out of bound writes in __ip6_append_data()
WARNING in fib6_del	-1		281	3101d	3139d	1/3	3079d	7483cea79957 UPSTREAM: ipv6: fib: Unlink replaced routes from their nodes
KASAN: use-after-free Read in parse_ipsecrequests	19	C	7	3169d	3170d	1/3	3139d	096f41d3a8fc UPSTREAM: af_key: Fix sadb_x_ipsecrequest parsing
WARNING in __list_add	-1	C	11	3152d	3165d	1/3	3150d	59584701f1e2 ANDROID: keychord: Fix races in keychord_write.
BUG: Double free or freeing an invalid pointer	-1	syz	70	3151d	3169d	1/3	3150d	59584701f1e2 ANDROID: keychord: Fix races in keychord_write.
KASAN: slab-out-of-bounds Read in keychord_write	17	syz	2	3171d	3170d	1/3	3165d	913d980e07d8 ANDROID: keychord: Fix a slab out-of-bounds read.