syzbot

 sign-in | mailing list | source | docs
🐞 Open [129]
🐞 Fixed [2]
🐞 Invalid [237]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
💬 Send us feedback

KASAN: use-after-free Write in enqueue_timer

Status: upstream: reported C repro on 2024/07/25 13:16
Bug presence: origin:lts
[Documentation on labels]
Reported-by: syzbot+092cf816f02f1a8a8f2e@syzkaller.appspotmail.com
First crash: 682d, last: 1d12h
Bug presence (2)
Date Name Commit Repro Result
2024/12/01 lts (merge base) 0d968ced7330 C [report] KASAN: use-after-free Write in enqueue_timer
2024/12/01 upstream (ToT) bcc8eda6d349 C Didn't crash
Similar bugs (9)
Kernel Title Rank 🛈 Repro Cause bisect Fix bisect Count Last Reported Patched Status
android-54 KASAN: use-after-free Write in enqueue_timer (2) 22 C 5369 338d 436d 0/2 upstream: reported C repro on 2025/02/17 15:17
android-54 KASAN: use-after-free Write in enqueue_timer 22 C 4288 665d 1172d 0/2 auto-obsoleted due to no activity on 2024/09/11 16:22
upstream KASAN: use-after-free Write in enqueue_timer net 22 1 1262d 1262d 22/29 fixed on 2023/02/24 13:50
android-5-15 KASAN: use-after-free Write in enqueue_timer 22 1 832d 832d 0/2 auto-obsoleted due to no activity on 2024/04/17 12:01
android-5-15 KASAN: use-after-free Write in enqueue_timer (2) 22 2 111d 179d 0/2 auto-obsoleted due to no activity on 2026/04/08 11:13
upstream KASAN: slab-use-after-free Write in enqueue_timer (2) wireguard 22 4 66d 98d 0/29 closed as invalid on 2026/04/08 13:13
upstream KASAN: slab-use-after-free Write in enqueue_timer net 22 18 1080d 1095d 0/29 auto-obsoleted due to no activity on 2023/08/22 15:17
upstream KASAN: slab-out-of-bounds Write in enqueue_timer bluetooth 21 1 315d 311d 0/29 auto-obsoleted due to no activity on 2025/09/26 09:41
upstream KASAN: invalid-access Write in enqueue_timer ext4 -1 20 1877d 1899d 0/29 auto-closed as invalid on 2021/07/08 00:48
Last patch testing requests (2)
Created Duration User Patch Repo Result
2025/03/06 22:24 13m retest repro android14-6.1 report log
2025/03/06 22:24 13m retest repro android14-6.1 report log

Sample crash report:
==================================================================
BUG: KASAN: use-after-free in hlist_add_head include/linux/list.h:930 [inline]
BUG: KASAN: use-after-free in enqueue_timer+0xae/0x480 kernel/time/timer.c:611
Write of size 8 at addr ffff88811bb00a00 by task kworker/u5:7/406

CPU: 1 PID: 406 Comm: kworker/u5:7 Not tainted syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
Workqueue: hci0 hci_power_on
Call Trace:
 <TASK>
 __dump_stack+0x21/0x24 lib/dump_stack.c:88
 dump_stack_lvl+0x110/0x170 lib/dump_stack.c:106
 print_address_description+0x71/0x200 mm/kasan/report.c:316
 print_report+0x4a/0x60 mm/kasan/report.c:420
 kasan_report+0x122/0x150 mm/kasan/report.c:524
 __asan_report_store8_noabort+0x17/0x20 mm/kasan/report_generic.c:356
 hlist_add_head include/linux/list.h:930 [inline]
 enqueue_timer+0xae/0x480 kernel/time/timer.c:611
 internal_add_timer kernel/time/timer.c:640 [inline]
 __mod_timer+0x84c/0xc00 kernel/time/timer.c:1137
 schedule_timeout+0x154/0x340 kernel/time/timer.c:2019
 __hci_cmd_sync_sk+0x3be/0xd30 net/bluetooth/hci_sync.c:166
 __hci_cmd_sync_status_sk net/bluetooth/hci_sync.c:253 [inline]
 __hci_cmd_sync_status net/bluetooth/hci_sync.c:277 [inline]
 hci_read_local_features_sync net/bluetooth/hci_sync.c:3636 [inline]
 hci_init_stage_sync net/bluetooth/hci_sync.c:3547 [inline]
 hci_init1_sync net/bluetooth/hci_sync.c:3731 [inline]
 hci_init_sync net/bluetooth/hci_sync.c:4813 [inline]
 hci_dev_init_sync net/bluetooth/hci_sync.c:5004 [inline]
 hci_dev_open_sync+0x13e0/0x32a0 net/bluetooth/hci_sync.c:5084
 hci_dev_do_open net/bluetooth/hci_core.c:439 [inline]
 hci_power_on+0x195/0x5c0 net/bluetooth/hci_core.c:945
 process_one_work+0x71f/0xc40 kernel/workqueue.c:2302
 worker_thread+0xa29/0x11e0 kernel/workqueue.c:2449
 kthread+0x281/0x320 kernel/kthread.c:386
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:295
 </TASK>

Allocated by task 429:
 kasan_save_stack mm/kasan/common.c:46 [inline]
 kasan_set_track+0x4b/0x70 mm/kasan/common.c:53
 kasan_save_alloc_info+0x25/0x30 mm/kasan/generic.c:505
 ____kasan_kmalloc mm/kasan/common.c:380 [inline]
 __kasan_kmalloc+0x95/0xb0 mm/kasan/common.c:389
 kasan_kmalloc include/linux/kasan.h:212 [inline]
 __do_kmalloc_node mm/slab_common.c:938 [inline]
 __kmalloc+0xb1/0x1e0 mm/slab_common.c:951
 kmalloc include/linux/slab.h:568 [inline]
 kzalloc include/linux/slab.h:699 [inline]
 hci_alloc_dev_priv+0x27/0x1bd0 net/bluetooth/hci_core.c:2433
 hci_alloc_dev include/net/bluetooth/hci_core.h:1505 [inline]
 hci_uart_register_dev drivers/bluetooth/hci_ldisc.c:641 [inline]
 hci_uart_set_proto drivers/bluetooth/hci_ldisc.c:719 [inline]
 hci_uart_tty_ioctl+0x3c8/0xa20 drivers/bluetooth/hci_ldisc.c:774
 tty_ioctl+0x8ef/0xc60 drivers/tty/tty_io.c:2785
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:870 [inline]
 __se_sys_ioctl+0x12f/0x1b0 fs/ioctl.c:856
 __x64_sys_ioctl+0x7b/0x90 fs/ioctl.c:856
 x64_sys_call+0x58b/0x9a0 arch/x86/include/generated/asm/syscalls_64.h:17
 do_syscall_x64 arch/x86/entry/common.c:46 [inline]
 do_syscall_64+0x4c/0xa0 arch/x86/entry/common.c:76
 entry_SYSCALL_64_after_hwframe+0x68/0xd2

Freed by task 433:
 kasan_save_stack mm/kasan/common.c:46 [inline]
 kasan_set_track+0x4b/0x70 mm/kasan/common.c:53
 kasan_save_free_info+0x31/0x50 mm/kasan/generic.c:516
 ____kasan_slab_free+0x132/0x180 mm/kasan/common.c:242
 __kasan_slab_free+0x11/0x20 mm/kasan/common.c:250
 kasan_slab_free include/linux/kasan.h:178 [inline]
 slab_free_hook mm/slub.c:1750 [inline]
 slab_free_freelist_hook+0xc2/0x190 mm/slub.c:1776
 slab_free mm/slub.c:3712 [inline]
 __kmem_cache_free+0xb7/0x1b0 mm/slub.c:3728
 kfree+0x6f/0xf0 mm/slab_common.c:990
 hci_release_dev+0x12a3/0x13b0 net/bluetooth/hci_core.c:2761
 bt_host_release+0x82/0x90 net/bluetooth/hci_sysfs.c:85
 device_release+0xa4/0x1d0 drivers/base/core.c:-1
 kobject_cleanup lib/kobject.c:681 [inline]
 kobject_release lib/kobject.c:712 [inline]
 kref_put include/linux/kref.h:65 [inline]
 kobject_put+0x19d/0x280 lib/kobject.c:729
 put_device+0x1f/0x30 drivers/base/core.c:3806
 hci_dev_put include/net/bluetooth/hci_core.h:1465 [inline]
 hci_dev_cmd+0x279/0x740 net/bluetooth/hci_core.c:795
 hci_sock_ioctl+0x41e/0x7f0 net/bluetooth/hci_sock.c:1096
 sock_do_ioctl+0x114/0x330 net/socket.c:1191
 sock_ioctl+0x4bd/0x710 net/socket.c:1310
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:870 [inline]
 __se_sys_ioctl+0x12f/0x1b0 fs/ioctl.c:856
 __x64_sys_ioctl+0x7b/0x90 fs/ioctl.c:856
 x64_sys_call+0x58b/0x9a0 arch/x86/include/generated/asm/syscalls_64.h:17
 do_syscall_x64 arch/x86/entry/common.c:46 [inline]
 do_syscall_64+0x4c/0xa0 arch/x86/entry/common.c:76
 entry_SYSCALL_64_after_hwframe+0x68/0xd2

Last potentially related work creation:
 kasan_save_stack+0x3a/0x60 mm/kasan/common.c:46
 __kasan_record_aux_stack+0xb6/0xc0 mm/kasan/generic.c:486
 kasan_record_aux_stack_noalloc+0xb/0x10 mm/kasan/generic.c:496
 insert_work+0x51/0x300 kernel/workqueue.c:1368
 __queue_work+0x9b1/0xd30 kernel/workqueue.c:1527
 queue_work_on+0xde/0x150 kernel/workqueue.c:1555
 queue_work include/linux/workqueue.h:510 [inline]
 hci_cmd_sync_run net/bluetooth/hci_sync.c:140 [inline]
 __hci_cmd_sync_sk+0xa7f/0xd30 net/bluetooth/hci_sync.c:162
 __hci_cmd_sync_status_sk net/bluetooth/hci_sync.c:253 [inline]
 __hci_cmd_sync_status net/bluetooth/hci_sync.c:277 [inline]
 hci_cmd_sync_status+0x53/0x120 net/bluetooth/hci_sync.c:288
 hci_dev_cmd+0x648/0x740 net/bluetooth/hci_core.c:-1
 hci_sock_ioctl+0x41e/0x7f0 net/bluetooth/hci_sock.c:1096
 sock_do_ioctl+0x114/0x330 net/socket.c:1191
 sock_ioctl+0x4bd/0x710 net/socket.c:1310
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:870 [inline]
 __se_sys_ioctl+0x12f/0x1b0 fs/ioctl.c:856
 __x64_sys_ioctl+0x7b/0x90 fs/ioctl.c:856
 x64_sys_call+0x58b/0x9a0 arch/x86/include/generated/asm/syscalls_64.h:17
 do_syscall_x64 arch/x86/entry/common.c:46 [inline]
 do_syscall_64+0x4c/0xa0 arch/x86/entry/common.c:76
 entry_SYSCALL_64_after_hwframe+0x68/0xd2

Second to last potentially related work creation:
 kasan_save_stack+0x3a/0x60 mm/kasan/common.c:46
 __kasan_record_aux_stack+0xb6/0xc0 mm/kasan/generic.c:486
 kasan_record_aux_stack_noalloc+0xb/0x10 mm/kasan/generic.c:496
 insert_work+0x51/0x300 kernel/workqueue.c:1368
 __queue_work+0x9b1/0xd30 kernel/workqueue.c:1527
 queue_work_on+0xde/0x150 kernel/workqueue.c:1555
 queue_work include/linux/workqueue.h:510 [inline]
 hci_cmd_sync_run net/bluetooth/hci_sync.c:140 [inline]
 __hci_cmd_sync_sk+0xa7f/0xd30 net/bluetooth/hci_sync.c:162
 __hci_cmd_sync_status_sk net/bluetooth/hci_sync.c:253 [inline]
 __hci_cmd_sync_status net/bluetooth/hci_sync.c:277 [inline]
 hci_cmd_sync_status+0x53/0x120 net/bluetooth/hci_sync.c:288
 hci_dev_cmd+0x648/0x740 net/bluetooth/hci_core.c:-1
 hci_sock_ioctl+0x41e/0x7f0 net/bluetooth/hci_sock.c:1096
 sock_do_ioctl+0x114/0x330 net/socket.c:1191
 sock_ioctl+0x4bd/0x710 net/socket.c:1310
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:870 [inline]
 __se_sys_ioctl+0x12f/0x1b0 fs/ioctl.c:856
 __x64_sys_ioctl+0x7b/0x90 fs/ioctl.c:856
 x64_sys_call+0x58b/0x9a0 arch/x86/include/generated/asm/syscalls_64.h:17
 do_syscall_x64 arch/x86/entry/common.c:46 [inline]
 do_syscall_64+0x4c/0xa0 arch/x86/entry/common.c:76
 entry_SYSCALL_64_after_hwframe+0x68/0xd2

The buggy address belongs to the object at ffff88811bb00000
 which belongs to the cache kmalloc-8k of size 8192
The buggy address is located 2560 bytes inside of
 8192-byte region [ffff88811bb00000, ffff88811bb02000)

The buggy address belongs to the physical page:
page:ffffea00046ec000 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x11bb00
head:ffffea00046ec000 order:3 compound_mapcount:0 compound_pincount:0
flags: 0x4000000000010200(slab|head|zone=1)
raw: 4000000000010200 0000000000000000 dead000000000122 ffff888100043500
raw: 0000000000000000 0000000000020002 00000001ffffffff 0000000000000000
page dumped because: kasan: bad access detected
page_owner tracks the page as allocated
page last allocated via order 3, migratetype Unmovable, gfp_mask 0x1d20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 429, tgid 429 (syz.5.46), ts 65033447250, free_ts 65008239080
 set_page_owner include/linux/page_owner.h:33 [inline]
 post_alloc_hook+0x1f5/0x210 mm/page_alloc.c:2672
 prep_new_page+0x1c/0x110 mm/page_alloc.c:2679
 get_page_from_freelist+0x2d12/0x2d80 mm/page_alloc.c:4585
 __alloc_pages+0x1fa/0x610 mm/page_alloc.c:5926
 alloc_slab_page+0x6e/0xf0 include/linux/gfp.h:-1
 allocate_slab mm/slub.c:1967 [inline]
 new_slab+0x98/0x3d0 mm/slub.c:2020
 ___slab_alloc+0x6bd/0xb20 mm/slub.c:3177
 __slab_alloc+0x5e/0xa0 mm/slub.c:3263
 slab_alloc_node mm/slub.c:3348 [inline]
 __kmem_cache_alloc_node+0x203/0x2c0 mm/slub.c:3423
 __do_kmalloc_node mm/slab_common.c:937 [inline]
 __kmalloc+0xa1/0x1e0 mm/slab_common.c:951
 kmalloc include/linux/slab.h:568 [inline]
 kzalloc include/linux/slab.h:699 [inline]
 hci_alloc_dev_priv+0x27/0x1bd0 net/bluetooth/hci_core.c:2433
 hci_alloc_dev include/net/bluetooth/hci_core.h:1505 [inline]
 hci_uart_register_dev drivers/bluetooth/hci_ldisc.c:641 [inline]
 hci_uart_set_proto drivers/bluetooth/hci_ldisc.c:719 [inline]
 hci_uart_tty_ioctl+0x3c8/0xa20 drivers/bluetooth/hci_ldisc.c:774
 tty_ioctl+0x8ef/0xc60 drivers/tty/tty_io.c:2785
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:870 [inline]
 __se_sys_ioctl+0x12f/0x1b0 fs/ioctl.c:856
 __x64_sys_ioctl+0x7b/0x90 fs/ioctl.c:856
 x64_sys_call+0x58b/0x9a0 arch/x86/include/generated/asm/syscalls_64.h:17
page last free stack trace:
 reset_page_owner include/linux/page_owner.h:26 [inline]
 free_pages_prepare mm/page_alloc.c:1580 [inline]
 free_pcp_prepare mm/page_alloc.c:1654 [inline]
 free_unref_page_prepare+0x7f8/0x800 mm/page_alloc.c:3620
 free_unref_page+0x95/0x540 mm/page_alloc.c:3718
 free_the_page mm/page_alloc.c:863 [inline]
 __free_pages+0x67/0x100 mm/page_alloc.c:6016
 __free_slab+0xca/0x1a0 mm/slub.c:2044
 free_slab mm/slub.c:2059 [inline]
 discard_slab+0x29/0x40 mm/slub.c:2065
 __slab_free+0x201/0x280 mm/slub.c:3625
 do_slab_free mm/slub.c:3666 [inline]
 ___cache_free+0xbf/0xd0 mm/slub.c:3722
 qlink_free mm/kasan/quarantine.c:168 [inline]
 qlist_free_all+0xc6/0x140 mm/kasan/quarantine.c:187
 kasan_quarantine_reduce+0x14a/0x170 mm/kasan/quarantine.c:294
 __kasan_slab_alloc+0x24/0x80 mm/kasan/common.c:311
 kasan_slab_alloc include/linux/kasan.h:202 [inline]
 slab_post_alloc_hook+0x4f/0x2d0 mm/slab.h:768
 slab_alloc_node mm/slub.c:3382 [inline]
 __kmem_cache_alloc_node+0x192/0x2c0 mm/slub.c:3423
 __do_kmalloc_node mm/slab_common.c:937 [inline]
 __kmalloc_node+0xa1/0x1e0 mm/slab_common.c:945
 kmalloc_node include/linux/slab.h:589 [inline]
 kvmalloc_node+0x28a/0x460 mm/util.c:592
 kvmalloc include/linux/slab.h:716 [inline]
 simple_xattr_alloc+0x43/0xa0 fs/xattr.c:1008
 shmem_initxattrs+0x8d/0x1e0 mm/shmem.c:3294

Memory state around the buggy address:
 ffff88811bb00900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
 ffff88811bb00980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
>ffff88811bb00a00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
                   ^
 ffff88811bb00a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
 ffff88811bb00b00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
==================================================================
Bluetooth: hci0: Opcode 0x1003 failed: -110

Crashes (593):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2026/04/21 20:31 android14-6.1 69e1e941dbe1 0b6ab7ec .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci2-android-6-1 KASAN: use-after-free Write in enqueue_timer
2026/04/10 06:46 android14-6.1 b1e92db6a41f 38c8e246 .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci2-android-6-1 KASAN: use-after-free Write in enqueue_timer
2026/03/17 13:46 android14-6.1 299d5eca2e4a c01bca74 .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci2-android-6-1 KASAN: use-after-free Write in enqueue_timer
2026/01/31 19:23 android14-6.1 defbecba6f63 afc0c4d4 .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci2-android-6-1 KASAN: use-after-free Write in enqueue_timer
2026/01/23 20:02 android14-6.1 d1c598f45d0f e2b1b6e6 .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci2-android-6-1 KASAN: use-after-free Write in enqueue_timer
2026/01/08 18:13 android14-6.1 524f9ed7e312 d6526ea3 .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci2-android-6-1 KASAN: use-after-free Write in enqueue_timer
2026/01/08 15:47 android14-6.1 524f9ed7e312 d6526ea3 .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci2-android-6-1 KASAN: use-after-free Write in enqueue_timer
2026/01/08 14:39 android14-6.1 524f9ed7e312 d6526ea3 .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci2-android-6-1 KASAN: use-after-free Write in enqueue_timer
2025/12/06 14:50 android14-6.1 5ddae867b428 d6526ea3 .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci2-android-6-1 KASAN: use-after-free Write in enqueue_timer
2025/11/22 02:42 android14-6.1 eba111621724 4fb8ef37 .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci2-android-6-1 KASAN: use-after-free Write in enqueue_timer
2025/11/03 09:43 android14-6.1 3e2aa22eb7df 2c50b6a9 .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci2-android-6-1 KASAN: use-after-free Write in enqueue_timer
2025/10/15 03:13 android14-6.1 c65cfeb3d9b5 b6605ba8 .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci2-android-6-1 KASAN: use-after-free Write in enqueue_timer
2025/08/28 08:29 android14-6.1 47b374a18638 e12e5ba4 .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci2-android-6-1 KASAN: use-after-free Write in enqueue_timer
2025/08/14 11:26 android14-6.1 c750dc582629 22ec1469 .config strace log report syz / log C [disk image] [vmlinux] [kernel image] ci2-android-6-1 KASAN: use-after-free Write in enqueue_timer
2025/08/14 09:31 android14-6.1 c750dc582629 22ec1469 .config strace log report syz / log C [disk image] [vmlinux] [kernel image] ci2-android-6-1 KASAN: use-after-free Write in enqueue_timer
2025/08/14 07:41 android14-6.1 c750dc582629 22ec1469 .config strace log report syz / log C [disk image] [vmlinux] [kernel image] ci2-android-6-1 KASAN: use-after-free Write in enqueue_timer
2025/08/14 04:50 android14-6.1 c750dc582629 22ec1469 .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci2-android-6-1 KASAN: use-after-free Write in enqueue_timer
2025/07/20 22:41 android14-6.1 145c7fad733f 7117feec .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci2-android-6-1 KASAN: use-after-free Write in enqueue_timer
2025/06/18 06:09 android14-6.1 ba4506940166 e77fae15 .config strace log report syz / log C [disk image] [vmlinux] [kernel image] ci2-android-6-1 KASAN: use-after-free Write in enqueue_timer
2025/06/17 12:55 android14-6.1 6246d345f550 cfebc887 .config strace log report syz / log C [disk image] [vmlinux] [kernel image] ci2-android-6-1 KASAN: use-after-free Write in enqueue_timer
2025/06/07 17:11 android14-6.1 7af56ffc913d 4826c28e .config strace log report syz / log C [disk image] [vmlinux] [kernel image] ci2-android-6-1 KASAN: use-after-free Write in enqueue_timer
2025/06/07 12:59 android14-6.1 7af56ffc913d 4826c28e .config strace log report syz / log C [disk image] [vmlinux] [kernel image] ci2-android-6-1 KASAN: use-after-free Write in enqueue_timer
2025/06/07 09:55 android14-6.1 7af56ffc913d 4826c28e .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci2-android-6-1 KASAN: use-after-free Write in enqueue_timer
2025/06/07 08:08 android14-6.1 7af56ffc913d 4826c28e .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci2-android-6-1 KASAN: use-after-free Write in enqueue_timer
2025/02/18 04:44 android14-6.1 ccc915784332 429ea007 .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci2-android-6-1 KASAN: use-after-free Write in enqueue_timer
2024/12/02 01:46 android14-6.1 a887a44ace2a 68914665 .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci2-android-6-1 KASAN: use-after-free Write in enqueue_timer
2024/12/01 21:59 android14-6.1 a887a44ace2a 68914665 .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci2-android-6-1 KASAN: use-after-free Write in enqueue_timer
2024/12/01 20:12 android14-6.1 a887a44ace2a 68914665 .config strace log report syz / log C [disk image] [vmlinux] [kernel image] ci2-android-6-1 KASAN: use-after-free Write in enqueue_timer
2024/12/01 16:27 android14-6.1 a887a44ace2a 68914665 .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci2-android-6-1 KASAN: use-after-free Write in enqueue_timer
2024/12/01 13:55 android14-6.1 a887a44ace2a 68914665 .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci2-android-6-1 KASAN: use-after-free Write in enqueue_timer
2024/12/01 08:46 android14-6.1 a887a44ace2a 68914665 .config strace log report syz / log C [disk image] [vmlinux] [kernel image] ci2-android-6-1 KASAN: use-after-free Write in enqueue_timer
2024/12/01 04:38 android14-6.1 a887a44ace2a 68914665 .config strace log report syz / log C [disk image] [vmlinux] [kernel image] ci2-android-6-1 KASAN: use-after-free Write in enqueue_timer
2025/08/28 11:49 android14-6.1 47b374a18638 e12e5ba4 .config console log report syz / log [disk image] [vmlinux] [kernel image] ci2-android-6-1 KASAN: use-after-free Write in enqueue_timer
2026/04/28 19:05 android14-6.1 34e7543523a9 ce741359 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-6-1 KASAN: use-after-free Write in enqueue_timer
2026/04/28 12:08 android14-6.1 34e7543523a9 ce741359 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-6-1 KASAN: use-after-free Write in enqueue_timer
2026/04/27 17:07 android14-6.1 8852ea8c096a 0f700595 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-6-1 KASAN: use-after-free Write in enqueue_timer
2026/04/26 15:46 android14-6.1 5d4307594b33 9c2d0995 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-6-1 KASAN: use-after-free Write in enqueue_timer
2026/04/26 14:12 android14-6.1 5d4307594b33 9c2d0995 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-6-1 KASAN: use-after-free Write in enqueue_timer
2026/04/24 03:23 android14-6.1 75682bfcf2cf 9cfb3ca7 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-6-1 KASAN: use-after-free Write in enqueue_timer
2026/04/24 01:47 android14-6.1 75682bfcf2cf 9cfb3ca7 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-6-1 KASAN: use-after-free Write in enqueue_timer
2026/04/23 08:44 android14-6.1 b09267bea1e5 b10da5ec .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-6-1 KASAN: use-after-free Write in enqueue_timer
2026/04/21 22:17 android14-6.1 69e1e941dbe1 0b6ab7ec .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-6-1 KASAN: use-after-free Write in enqueue_timer
2026/04/21 21:55 android14-6.1 69e1e941dbe1 0b6ab7ec .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-6-1 KASAN: use-after-free Write in enqueue_timer
2026/04/21 03:30 android14-6.1 da3ffb22836e e65da4ee .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-6-1 KASAN: use-after-free Write in enqueue_timer
2026/04/19 20:42 android14-6.1 7790109d9d13 303e2802 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-6-1 KASAN: use-after-free Write in enqueue_timer
2026/04/19 07:46 android14-6.1 7790109d9d13 303e2802 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-6-1 KASAN: use-after-free Write in enqueue_timer
2026/04/17 13:57 android14-6.1 98d5d8f31585 de0a551d .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-6-1 KASAN: use-after-free Write in enqueue_timer
2026/04/16 09:17 android14-6.1 98d5d8f31585 df15c5f3 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-6-1 KASAN: use-after-free Write in enqueue_timer
2026/04/15 04:00 android14-6.1 98d5d8f31585 e2e976a8 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-6-1 KASAN: use-after-free Write in enqueue_timer
2026/04/14 21:34 android14-6.1 5f8c7313b0cf 362d1323 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-6-1 KASAN: use-after-free Write in enqueue_timer
2026/04/14 21:06 android14-6.1 5f8c7313b0cf 362d1323 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-6-1 KASAN: use-after-free Write in enqueue_timer
2026/04/14 09:59 android14-6.1 ef75da414d7b 1a086e7c .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-6-1 KASAN: use-after-free Write in enqueue_timer
2026/04/14 08:24 android14-6.1 ef75da414d7b 1a086e7c .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-6-1 KASAN: use-after-free Write in enqueue_timer
2026/04/14 05:38 android14-6.1 ef75da414d7b 1a086e7c .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-6-1 KASAN: use-after-free Write in enqueue_timer
2026/04/13 18:22 android14-6.1 4a2a41bddacb 9530ccf9 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-6-1 KASAN: use-after-free Write in enqueue_timer
2026/04/13 10:41 android14-6.1 4a2a41bddacb 9530ccf9 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-6-1 KASAN: use-after-free Write in enqueue_timer
2026/04/13 08:17 android14-6.1 4a2a41bddacb 38c8e246 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-6-1 KASAN: use-after-free Write in enqueue_timer
2026/04/12 23:38 android14-6.1 4a2a41bddacb 38c8e246 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-6-1 KASAN: use-after-free Write in enqueue_timer
2026/04/12 15:49 android14-6.1 4a2a41bddacb 38c8e246 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-6-1 KASAN: use-after-free Write in enqueue_timer
2026/04/12 14:12 android14-6.1 4a2a41bddacb 38c8e246 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-6-1 KASAN: use-after-free Write in enqueue_timer
2026/04/12 10:27 android14-6.1 4a2a41bddacb 38c8e246 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-6-1 KASAN: use-after-free Write in enqueue_timer
2026/04/12 02:13 android14-6.1 4a2a41bddacb 38c8e246 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-6-1 KASAN: use-after-free Write in enqueue_timer
2026/04/11 21:59 android14-6.1 4a2a41bddacb 38c8e246 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-6-1 KASAN: use-after-free Write in enqueue_timer
2026/04/11 18:53 android14-6.1 4a2a41bddacb 38c8e246 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-6-1 KASAN: use-after-free Write in enqueue_timer
2026/04/11 11:53 android14-6.1 4a2a41bddacb 38c8e246 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-6-1 KASAN: use-after-free Write in enqueue_timer
2026/04/11 04:34 android14-6.1 4a2a41bddacb 38c8e246 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-6-1 KASAN: use-after-free Write in enqueue_timer
2026/04/10 23:25 android14-6.1 4a2a41bddacb 38c8e246 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-6-1 KASAN: use-after-free Write in enqueue_timer
2026/04/10 13:02 android14-6.1 b1e92db6a41f 38c8e246 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-6-1 KASAN: use-after-free Write in enqueue_timer
2026/04/10 10:22 android14-6.1 b1e92db6a41f 38c8e246 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-6-1 KASAN: use-after-free Write in enqueue_timer
2026/04/10 05:48 android14-6.1 b1e92db6a41f 38c8e246 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-6-1 KASAN: use-after-free Write in enqueue_timer
2026/04/09 17:05 android14-6.1 a0f30a943e32 38c8e246 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-6-1 KASAN: use-after-free Write in enqueue_timer
2026/04/09 03:24 android14-6.1 a0f30a943e32 38c8e246 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-6-1 KASAN: use-after-free Write in enqueue_timer
2026/04/08 16:54 android14-6.1 0a2e62b2578f d9b7f621 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-6-1 KASAN: use-after-free Write in enqueue_timer
2026/04/08 14:38 android14-6.1 0a2e62b2578f d9b7f621 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-6-1 KASAN: use-after-free Write in enqueue_timer
2026/04/08 06:47 android14-6.1 0a2e62b2578f 2c961e87 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-6-1 KASAN: use-after-free Write in enqueue_timer
2026/04/08 03:41 android14-6.1 0a2e62b2578f 2c961e87 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-6-1 KASAN: use-after-free Write in enqueue_timer
2024/07/20 07:38 android14-6.1 6d6afa9d3f8f b88348e9 .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-6-1 KASAN: use-after-free Write in enqueue_timer
2024/06/17 10:01 android14-6.1 c0618d182a9c 88722c0f .config console log report info [disk image] [vmlinux] [kernel image] ci2-android-6-1 KASAN: use-after-free Write in enqueue_timer
* Struck through repros no longer work on HEAD.