| Title | Replies (including bot) | Last reply |
|---|---|---|
| [syzbot] [kernel?] KASAN: slab-use-after-free Read in binder_release_work | 1 (3) | 2024/10/03 01:20 |
syzbot |
sign-in | mailing list | source | docs |
| Title | Replies (including bot) | Last reply |
|---|---|---|
| [syzbot] [kernel?] KASAN: slab-use-after-free Read in binder_release_work | 1 (3) | 2024/10/03 01:20 |
| Kernel | Title | Repro | Cause bisect | Fix bisect | Count | Last | Reported | Patched | Status |
|---|---|---|---|---|---|---|---|---|---|
| android-5-10 | KASAN: use-after-free Read in binder_release_work | C | 36 | 1d16h | 8d19h | 0/2 | upstream: reported C repro on 2024/11/12 10:57 | ||
| android-5-15 | KASAN: use-after-free Read in binder_release_work origin:upstream | C | 48 | 1d13h | 52d | 0/2 | upstream: reported C repro on 2024/09/30 05:16 |
================================================================== BUG: KASAN: slab-use-after-free in __list_del_entry_valid_or_report+0x14c/0x1c0 lib/list_debug.c:49 Read of size 8 at addr ffff88801e3b9c08 by task kworker/1:2/963 CPU: 1 UID: 0 PID: 963 Comm: kworker/1:2 Not tainted 6.12.0-rc5-syzkaller-00308-g3e5e6c9900c3 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 Workqueue: events binder_deferred_func Call Trace: <TASK> __dump_stack lib/dump_stack.c:94 [inline] dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120 print_address_description mm/kasan/report.c:377 [inline] print_report+0xc3/0x620 mm/kasan/report.c:488 kasan_report+0xd9/0x110 mm/kasan/report.c:601 __list_del_entry_valid_or_report+0x14c/0x1c0 lib/list_debug.c:49 __list_del_entry_valid include/linux/list.h:124 [inline] __list_del_entry include/linux/list.h:215 [inline] list_del_init include/linux/list.h:287 [inline] binder_dequeue_work_head_ilocked drivers/android/binder.c:540 [inline] binder_release_work+0x9b/0x490 drivers/android/binder.c:5110 binder_deferred_release drivers/android/binder.c:6261 [inline] binder_deferred_func+0xe6e/0x12e0 drivers/android/binder.c:6296 process_one_work+0x9c8/0x1ba0 kernel/workqueue.c:3229 process_scheduled_works kernel/workqueue.c:3310 [inline] worker_thread+0x6c8/0xf00 kernel/workqueue.c:3391 kthread+0x2c4/0x3a0 kernel/kthread.c:389 ret_from_fork+0x48/0x80 arch/x86/kernel/process.c:147 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244 </TASK> Allocated by task 5897: kasan_save_stack+0x33/0x60 mm/kasan/common.c:47 kasan_save_track+0x14/0x30 mm/kasan/common.c:68 poison_kmalloc_redzone mm/kasan/common.c:377 [inline] __kasan_kmalloc+0xaa/0xb0 mm/kasan/common.c:394 kmalloc_noprof include/linux/slab.h:878 [inline] kzalloc_noprof include/linux/slab.h:1014 [inline] binder_request_freeze_notification drivers/android/binder.c:3855 [inline] binder_thread_write+0xe19/0x4c60 drivers/android/binder.c:4485 binder_ioctl_write_read drivers/android/binder.c:5387 [inline] binder_ioctl+0x265b/0x6fa0 drivers/android/binder.c:5718 vfs_ioctl fs/ioctl.c:51 [inline] __do_sys_ioctl fs/ioctl.c:907 [inline] __se_sys_ioctl fs/ioctl.c:893 [inline] __x64_sys_ioctl+0x192/0x220 fs/ioctl.c:893 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f Freed by task 963: kasan_save_stack+0x33/0x60 mm/kasan/common.c:47 kasan_save_track+0x14/0x30 mm/kasan/common.c:68 kasan_save_free_info+0x3b/0x60 mm/kasan/generic.c:579 poison_slab_object mm/kasan/common.c:247 [inline] __kasan_slab_free+0x51/0x70 mm/kasan/common.c:264 kasan_slab_free include/linux/kasan.h:230 [inline] slab_free_hook mm/slub.c:2342 [inline] slab_free mm/slub.c:4579 [inline] kfree+0x14f/0x4b0 mm/slub.c:4727 binder_free_ref drivers/android/binder.c:1355 [inline] binder_deferred_release drivers/android/binder.c:6256 [inline] binder_deferred_func+0xdd7/0x12e0 drivers/android/binder.c:6296 process_one_work+0x9c8/0x1ba0 kernel/workqueue.c:3229 process_scheduled_works kernel/workqueue.c:3310 [inline] worker_thread+0x6c8/0xf00 kernel/workqueue.c:3391 kthread+0x2c4/0x3a0 kernel/kthread.c:389 ret_from_fork+0x48/0x80 arch/x86/kernel/process.c:147 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244 The buggy address belongs to the object at ffff88801e3b9c00 which belongs to the cache kmalloc-64 of size 64 The buggy address is located 8 bytes inside of freed 64-byte region [ffff88801e3b9c00, ffff88801e3b9c40) The buggy address belongs to the physical page: page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1e3b9 anon flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff) page_type: f5(slab) raw: 00fff00000000000 ffff88801b0418c0 ffffea0000bd2b80 dead000000000005 raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 page dumped because: kasan: bad access detected page_owner tracks the page as allocated page last allocated via order 0, migratetype Unmovable, gfp_mask 0x52cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 2, tgid 2 (kthreadd), ts 12429811391, free_ts 0 set_page_owner include/linux/page_owner.h:32 [inline] post_alloc_hook+0x2d1/0x350 mm/page_alloc.c:1537 prep_new_page mm/page_alloc.c:1545 [inline] get_page_from_freelist+0x101e/0x3070 mm/page_alloc.c:3457 __alloc_pages_noprof+0x223/0x25a0 mm/page_alloc.c:4733 alloc_pages_mpol_noprof+0x2c9/0x610 mm/mempolicy.c:2265 alloc_slab_page mm/slub.c:2412 [inline] allocate_slab mm/slub.c:2578 [inline] new_slab+0x2ba/0x3f0 mm/slub.c:2631 ___slab_alloc+0xdac/0x1880 mm/slub.c:3818 __slab_alloc.constprop.0+0x56/0xb0 mm/slub.c:3908 __slab_alloc_node mm/slub.c:3961 [inline] slab_alloc_node mm/slub.c:4122 [inline] __do_kmalloc_node mm/slub.c:4263 [inline] __kmalloc_noprof+0x367/0x400 mm/slub.c:4276 kmalloc_noprof include/linux/slab.h:882 [inline] kzalloc_noprof include/linux/slab.h:1014 [inline] lsm_blob_alloc+0x68/0x90 security/security.c:685 lsm_task_alloc security/security.c:772 [inline] security_task_alloc+0x2d/0x260 security/security.c:3159 copy_process+0x24d1/0x8cb0 kernel/fork.c:2354 kernel_clone+0xfd/0x960 kernel/fork.c:2784 kernel_thread+0xc0/0x100 kernel/fork.c:2846 create_kthread kernel/kthread.c:412 [inline] kthreadd+0x4ef/0x7d0 kernel/kthread.c:767 ret_from_fork+0x48/0x80 arch/x86/kernel/process.c:147 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244 page_owner free stack trace missing Memory state around the buggy address: ffff88801e3b9b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc ffff88801e3b9b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc >ffff88801e3b9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc ^ ffff88801e3b9c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc ffff88801e3b9d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc ================================================================== ================================================================== BUG: KASAN: slab-use-after-free in __list_del_entry_valid_or_report+0x166/0x1c0 lib/list_debug.c:50 Read of size 8 at addr ffff88801e3b9c00 by task kworker/1:2/963 CPU: 1 UID: 0 PID: 963 Comm: kworker/1:2 Tainted: G B 6.12.0-rc5-syzkaller-00308-g3e5e6c9900c3 #0 Tainted: [B]=BAD_PAGE Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 Workqueue: events binder_deferred_func Call Trace: <TASK> __dump_stack lib/dump_stack.c:94 [inline] dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120 print_address_description mm/kasan/report.c:377 [inline] print_report+0xc3/0x620 mm/kasan/report.c:488 kasan_report+0xd9/0x110 mm/kasan/report.c:601 __list_del_entry_valid_or_report+0x166/0x1c0 lib/list_debug.c:50 __list_del_entry_valid include/linux/list.h:124 [inline] __list_del_entry include/linux/list.h:215 [inline] list_del_init include/linux/list.h:287 [inline] binder_dequeue_work_head_ilocked drivers/android/binder.c:540 [inline] binder_release_work+0x9b/0x490 drivers/android/binder.c:5110 binder_deferred_release drivers/android/binder.c:6261 [inline] binder_deferred_func+0xe6e/0x12e0 drivers/android/binder.c:6296 process_one_work+0x9c8/0x1ba0 kernel/workqueue.c:3229 process_scheduled_works kernel/workqueue.c:3310 [inline] worker_thread+0x6c8/0xf00 kernel/workqueue.c:3391 kthread+0x2c4/0x3a0 kernel/kthread.c:389 ret_from_fork+0x48/0x80 arch/x86/kernel/process.c:147 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244 </TASK> Allocated by task 5897: kasan_save_stack+0x33/0x60 mm/kasan/common.c:47 kasan_save_track+0x14/0x30 mm/kasan/common.c:68 poison_kmalloc_redzone mm/kasan/common.c:377 [inline] __kasan_kmalloc+0xaa/0xb0 mm/kasan/common.c:394 kmalloc_noprof include/linux/slab.h:878 [inline] kzalloc_noprof include/linux/slab.h:1014 [inline] binder_request_freeze_notification drivers/android/binder.c:3855 [inline] binder_thread_write+0xe19/0x4c60 drivers/android/binder.c:4485 binder_ioctl_write_read drivers/android/binder.c:5387 [inline] binder_ioctl+0x265b/0x6fa0 drivers/android/binder.c:5718 vfs_ioctl fs/ioctl.c:51 [inline] __do_sys_ioctl fs/ioctl.c:907 [inline] __se_sys_ioctl fs/ioctl.c:893 [inline] __x64_sys_ioctl+0x192/0x220 fs/ioctl.c:893 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f Freed by task 963: kasan_save_stack+0x33/0x60 mm/kasan/common.c:47 kasan_save_track+0x14/0x30 mm/kasan/common.c:68 kasan_save_free_info+0x3b/0x60 mm/kasan/generic.c:579 poison_slab_object mm/kasan/common.c:247 [inline] __kasan_slab_free+0x51/0x70 mm/kasan/common.c:264 kasan_slab_free include/linux/kasan.h:230 [inline] slab_free_hook mm/slub.c:2342 [inline] slab_free mm/slub.c:4579 [inline] kfree+0x14f/0x4b0 mm/slub.c:4727 binder_free_ref drivers/android/binder.c:1355 [inline] binder_deferred_release drivers/android/binder.c:6256 [inline] binder_deferred_func+0xdd7/0x12e0 drivers/android/binder.c:6296 process_one_work+0x9c8/0x1ba0 kernel/workqueue.c:3229 process_scheduled_works kernel/workqueue.c:3310 [inline] worker_thread+0x6c8/0xf00 kernel/workqueue.c:3391 kthread+0x2c4/0x3a0 kernel/kthread.c:389 ret_from_fork+0x48/0x80 arch/x86/kernel/process.c:147 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244 The buggy address belongs to the object at ffff88801e3b9c00 which belongs to the cache kmalloc-64 of size 64 The buggy address is located 0 bytes inside of freed 64-byte region [ffff88801e3b9c00, ffff88801e3b9c40) The buggy address belongs to the physical page: page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1e3b9 anon flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff) page_type: f5(slab) raw: 00fff00000000000 ffff88801b0418c0 ffffea0000bd2b80 dead000000000005 raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 page dumped because: kasan: bad access detected page_owner tracks the page as allocated page last allocated via order 0, migratetype Unmovable, gfp_mask 0x52cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 2, tgid 2 (kthreadd), ts 12429811391, free_ts 0 set_page_owner include/linux/page_owner.h:32 [inline] post_alloc_hook+0x2d1/0x350 mm/page_alloc.c:1537 prep_new_page mm/page_alloc.c:1545 [inline] get_page_from_freelist+0x101e/0x3070 mm/page_alloc.c:3457 __alloc_pages_noprof+0x223/0x25a0 mm/page_alloc.c:4733 alloc_pages_mpol_noprof+0x2c9/0x610 mm/mempolicy.c:2265 alloc_slab_page mm/slub.c:2412 [inline] allocate_slab mm/slub.c:2578 [inline] new_slab+0x2ba/0x3f0 mm/slub.c:2631 ___slab_alloc+0xdac/0x1880 mm/slub.c:3818 __slab_alloc.constprop.0+0x56/0xb0 mm/slub.c:3908 __slab_alloc_node mm/slub.c:3961 [inline] slab_alloc_node mm/slub.c:4122 [inline] __do_kmalloc_node mm/slub.c:4263 [inline] __kmalloc_noprof+0x367/0x400 mm/slub.c:4276 kmalloc_noprof include/linux/slab.h:882 [inline] kzalloc_noprof include/linux/slab.h:1014 [inline] lsm_blob_alloc+0x68/0x90 security/security.c:685 lsm_task_alloc security/security.c:772 [inline] security_task_alloc+0x2d/0x260 security/security.c:3159 copy_process+0x24d1/0x8cb0 kernel/fork.c:2354 kernel_clone+0xfd/0x960 kernel/fork.c:2784 kernel_thread+0xc0/0x100 kernel/fork.c:2846 create_kthread kernel/kthread.c:412 [inline] kthreadd+0x4ef/0x7d0 kernel/kthread.c:767 ret_from_fork+0x48/0x80 arch/x86/kernel/process.c:147 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244 page_owner free stack trace missing Memory state around the buggy address: ffff88801e3b9b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc ffff88801e3b9b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc >ffff88801e3b9c00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc ^ ffff88801e3b9c80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc ffff88801e3b9d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc ================================================================== Oops: general protection fault, probably for non-canonical address 0xe0907c3da0000078: 0000 [#1] PREEMPT SMP KASAN NOPTI KASAN: maybe wild-memory-access in range [0x048401ed000003c0-0x048401ed000003c7] CPU: 1 UID: 0 PID: 963 Comm: kworker/1:2 Tainted: G B 6.12.0-rc5-syzkaller-00308-g3e5e6c9900c3 #0 Tainted: [B]=BAD_PAGE Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 Workqueue: events binder_deferred_func RIP: 0010:__list_del_entry_valid_or_report+0x95/0x1c0 lib/list_debug.c:62 Code: 0f 84 8a 00 00 00 48 b8 22 01 00 00 00 00 ad de 48 39 c1 0f 84 86 00 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 cf 48 c1 ef 03 <80> 3c 07 00 0f 85 f1 00 00 00 48 8b 01 48 39 f0 75 75 48 8d 7a 08 RSP: 0018:ffffc900037ffbd8 EFLAGS: 00010216 RAX: dffffc0000000000 RBX: ffff88801e3b9c00 RCX: 048401ed000003c3 RDX: ffff888029a9f700 RSI: ffff88801e3b9c00 RDI: 0090803da0000078 RBP: 0000000000000001 R08: 0000000000000007 R09: 0000000000000000 R10: 0000000000000000 R11: 3d3d3d3d3d3d3d3d R12: dffffc0000000000 R13: ffff88807cbac2d0 R14: ffff88807cbac0d8 R15: ffff88801e3b9c08 FS: 0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007fc4e2f720d0 CR3: 000000000df7c000 CR4: 0000000000350ef0 Call Trace: <TASK> __list_del_entry_valid include/linux/list.h:124 [inline] __list_del_entry include/linux/list.h:215 [inline] list_del_init include/linux/list.h:287 [inline] binder_dequeue_work_head_ilocked drivers/android/binder.c:540 [inline] binder_release_work+0x9b/0x490 drivers/android/binder.c:5110 binder_deferred_release drivers/android/binder.c:6261 [inline] binder_deferred_func+0xe6e/0x12e0 drivers/android/binder.c:6296 process_one_work+0x9c8/0x1ba0 kernel/workqueue.c:3229 process_scheduled_works kernel/workqueue.c:3310 [inline] worker_thread+0x6c8/0xf00 kernel/workqueue.c:3391 kthread+0x2c4/0x3a0 kernel/kthread.c:389 ret_from_fork+0x48/0x80 arch/x86/kernel/process.c:147 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244 </TASK> Modules linked in: ---[ end trace 0000000000000000 ]--- RIP: 0010:__list_del_entry_valid_or_report+0x95/0x1c0 lib/list_debug.c:62 Code: 0f 84 8a 00 00 00 48 b8 22 01 00 00 00 00 ad de 48 39 c1 0f 84 86 00 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 cf 48 c1 ef 03 <80> 3c 07 00 0f 85 f1 00 00 00 48 8b 01 48 39 f0 75 75 48 8d 7a 08 RSP: 0018:ffffc900037ffbd8 EFLAGS: 00010216 RAX: dffffc0000000000 RBX: ffff88801e3b9c00 RCX: 048401ed000003c3 RDX: ffff888029a9f700 RSI: ffff88801e3b9c00 RDI: 0090803da0000078 RBP: 0000000000000001 R08: 0000000000000007 R09: 0000000000000000 R10: 0000000000000000 R11: 3d3d3d3d3d3d3d3d R12: dffffc0000000000 R13: ffff88807cbac2d0 R14: ffff88807cbac0d8 R15: ffff88801e3b9c08 FS: 0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007fc4e2f720d0 CR3: 000000000df7c000 CR4: 0000000000350ef0 ---------------- Code disassembly (best guess): 0: 0f 84 8a 00 00 00 je 0x90 6: 48 b8 22 01 00 00 00 movabs $0xdead000000000122,%rax d: 00 ad de 10: 48 39 c1 cmp %rax,%rcx 13: 0f 84 86 00 00 00 je 0x9f 19: 48 b8 00 00 00 00 00 movabs $0xdffffc0000000000,%rax 20: fc ff df 23: 48 89 cf mov %rcx,%rdi 26: 48 c1 ef 03 shr $0x3,%rdi * 2a: 80 3c 07 00 cmpb $0x0,(%rdi,%rax,1) <-- trapping instruction 2e: 0f 85 f1 00 00 00 jne 0x125 34: 48 8b 01 mov (%rcx),%rax 37: 48 39 f0 cmp %rsi,%rax 3a: 75 75 jne 0xb1 3c: 48 8d 7a 08 lea 0x8(%rdx),%rdi
| Time | Kernel | Commit | Syzkaller | Config | Log | Report | Syz repro | C repro | VM info | Assets (help?) | Manager | Title |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2024/11/03 19:40 | upstream | 3e5e6c9900c3 | f00eed24 | .config | strace log | report | syz / log | C | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-badwrites-root | KASAN: slab-use-after-free Read in binder_release_work | |
| 2024/11/15 08:22 | upstream | cfaaa7d010d1 | f6ede3a3 | .config | console log | report | syz / log | C | [disk image (non-bootable)] [vmlinux] [kernel image] | ci-snapshot-upstream-root | KASAN: slab-use-after-free Read in binder_release_work | |
| 2024/11/09 08:52 | upstream | f1dce1f09380 | 6b856513 | .config | console log | report | syz / log | C | [disk image (non-bootable)] [vmlinux] [kernel image] | ci-snapshot-upstream-root | KASAN: slab-use-after-free Read in binder_release_work | |
| 2024/11/09 03:13 | upstream | f1dce1f09380 | 6b856513 | .config | console log | report | syz / log | C | [disk image (non-bootable)] [vmlinux] [kernel image] | ci-snapshot-upstream-root | KASAN: slab-use-after-free Read in binder_release_work | |
| 2024/09/29 00:02 | upstream | ad46e8f95e93 | ba29ff75 | .config | console log | report | syz / log | C | [disk image (non-bootable)] [vmlinux] [kernel image] | ci-qemu-upstream | KASAN: slab-use-after-free Read in binder_release_work | |
| 2024/09/28 22:55 | upstream | 3efc57369a0c | ba29ff75 | .config | console log | report | syz / log | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | KASAN: slab-use-after-free Read in binder_release_work | ||
| 2024/11/21 06:06 | upstream | 43fb83c17ba2 | 4b25d554 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-root | KASAN: slab-use-after-free Read in binder_release_work | ||
| 2024/11/20 12:18 | upstream | a5c93bfec0be | 7d02db5a | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | KASAN: slab-use-after-free Read in binder_release_work | ||
| 2024/11/20 11:10 | upstream | a5c93bfec0be | 7d02db5a | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | KASAN: slab-use-after-free Read in binder_release_work | ||
| 2024/11/20 10:07 | upstream | a5c93bfec0be | 7d02db5a | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | KASAN: slab-use-after-free Read in binder_release_work | ||
| 2024/11/20 06:05 | upstream | a5c93bfec0be | 7d02db5a | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | KASAN: slab-use-after-free Read in binder_release_work | ||
| 2024/11/20 03:25 | upstream | a5c93bfec0be | 7d02db5a | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | KASAN: slab-use-after-free Read in binder_release_work | ||
| 2024/11/20 01:53 | upstream | a5c93bfec0be | 7d02db5a | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | KASAN: slab-use-after-free Read in binder_release_work | ||
| 2024/11/20 00:23 | upstream | 158f238aa69d | 571351cb | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | KASAN: slab-use-after-free Read in binder_release_work | ||
| 2024/11/19 23:08 | upstream | 158f238aa69d | 571351cb | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-smack-root | KASAN: slab-use-after-free Read in binder_release_work | ||
| 2024/11/19 22:06 | upstream | 158f238aa69d | 571351cb | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | KASAN: slab-use-after-free Read in binder_release_work | ||
| 2024/11/19 20:15 | upstream | 158f238aa69d | 571351cb | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | KASAN: slab-use-after-free Read in binder_release_work | ||
| 2024/11/19 18:02 | upstream | 158f238aa69d | 571351cb | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | KASAN: slab-use-after-free Read in binder_release_work | ||
| 2024/11/19 16:41 | upstream | 158f238aa69d | 571351cb | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | KASAN: slab-use-after-free Read in binder_release_work | ||
| 2024/11/19 15:34 | upstream | c6d64479d609 | 571351cb | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-root | KASAN: slab-use-after-free Read in binder_release_work | ||
| 2024/11/19 13:16 | upstream | c6d64479d609 | 571351cb | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | KASAN: slab-use-after-free Read in binder_release_work | ||
| 2024/11/19 11:46 | upstream | c6d64479d609 | 571351cb | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-root | KASAN: slab-use-after-free Read in binder_release_work | ||
| 2024/11/19 10:27 | upstream | c6d64479d609 | 571351cb | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | KASAN: slab-use-after-free Read in binder_release_work | ||
| 2024/11/19 08:53 | upstream | c6d64479d609 | 571351cb | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | KASAN: slab-use-after-free Read in binder_release_work | ||
| 2024/11/19 05:58 | upstream | c6d64479d609 | 571351cb | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | KASAN: slab-use-after-free Read in binder_release_work | ||
| 2024/11/19 03:56 | upstream | c6d64479d609 | 571351cb | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-root | KASAN: slab-use-after-free Read in binder_release_work | ||
| 2024/11/19 02:25 | upstream | c6d64479d609 | 571351cb | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | KASAN: slab-use-after-free Read in binder_release_work | ||
| 2024/11/18 22:44 | upstream | adc218676eef | 571351cb | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | KASAN: slab-use-after-free Read in binder_release_work | ||
| 2024/11/18 21:16 | upstream | adc218676eef | 571351cb | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-selinux-root | KASAN: slab-use-after-free Read in binder_release_work | ||
| 2024/11/18 08:32 | upstream | f66d6acccbc0 | cfe3a04a | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | KASAN: slab-use-after-free Read in binder_release_work | ||
| 2024/11/18 07:31 | upstream | f66d6acccbc0 | cfe3a04a | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | KASAN: slab-use-after-free Read in binder_release_work | ||
| 2024/11/18 06:16 | upstream | f66d6acccbc0 | cfe3a04a | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | KASAN: slab-use-after-free Read in binder_release_work | ||
| 2024/11/18 03:54 | upstream | f66d6acccbc0 | cfe3a04a | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | KASAN: slab-use-after-free Read in binder_release_work | ||
| 2024/11/18 01:09 | upstream | f66d6acccbc0 | cfe3a04a | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | KASAN: slab-use-after-free Read in binder_release_work | ||
| 2024/11/17 23:41 | upstream | f66d6acccbc0 | cfe3a04a | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | KASAN: slab-use-after-free Read in binder_release_work | ||
| 2024/11/17 21:01 | upstream | f66d6acccbc0 | cfe3a04a | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-root | KASAN: slab-use-after-free Read in binder_release_work | ||
| 2024/11/17 19:57 | upstream | 4a5df3796467 | cfe3a04a | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | KASAN: slab-use-after-free Read in binder_release_work | ||
| 2024/11/17 13:27 | upstream | 4a5df3796467 | cfe3a04a | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce | KASAN: slab-use-after-free Read in binder_release_work | ||
| 2024/11/17 12:49 | upstream | 4a5df3796467 | cfe3a04a | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-root | KASAN: slab-use-after-free Read in binder_release_work | ||
| 2024/11/17 08:53 | upstream | 4a5df3796467 | cfe3a04a | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-badwrites-root | KASAN: slab-use-after-free Read in binder_release_work | ||
| 2024/11/18 19:38 | upstream | adc218676eef | 571351cb | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kasan-gce-386 | KASAN: slab-use-after-free Read in binder_release_work | ||
| 2024/11/21 03:17 | upstream | 8f7c8b88bda4 | 4b25d554 | .config | console log | report | [disk image (non-bootable)] [vmlinux] [kernel image] | ci-snapshot-upstream-root | KASAN: slab-use-after-free Read in binder_release_work | |||
| 2024/11/20 21:37 | upstream | 8f7c8b88bda4 | 4fca1650 | .config | console log | report | [disk image (non-bootable)] [vmlinux] [kernel image] | ci-snapshot-upstream-root | KASAN: slab-use-after-free Read in binder_release_work | |||
| 2024/11/20 18:20 | upstream | bf9aa14fc523 | 4fca1650 | .config | console log | report | [disk image (non-bootable)] [vmlinux] [kernel image] | ci-snapshot-upstream-root | KASAN: slab-use-after-free Read in binder_release_work | |||
| 2024/11/20 15:28 | upstream | bf9aa14fc523 | 4fca1650 | .config | console log | report | [disk image (non-bootable)] [vmlinux] [kernel image] | ci-snapshot-upstream-root | KASAN: slab-use-after-free Read in binder_release_work | |||
| 2024/11/20 13:25 | upstream | bf9aa14fc523 | 4fca1650 | .config | console log | report | info | [disk image (non-bootable)] [vmlinux] [kernel image] | ci-qemu-upstream | KASAN: slab-use-after-free Read in binder_release_work | ||
| 2024/11/20 08:33 | upstream | bf9aa14fc523 | 7d02db5a | .config | console log | report | info | [disk image (non-bootable)] [vmlinux] [kernel image] | ci-qemu-upstream | KASAN: slab-use-after-free Read in binder_release_work | ||
| 2024/11/20 08:32 | upstream | bf9aa14fc523 | 7d02db5a | .config | console log | report | info | [disk image (non-bootable)] [vmlinux] [kernel image] | ci-qemu-upstream | KASAN: slab-use-after-free Read in binder_release_work | ||
| 2024/11/19 08:23 | upstream | 9fb2cfa4635a | 571351cb | .config | console log | report | [disk image (non-bootable)] [vmlinux] [kernel image] | ci-snapshot-upstream-root | KASAN: slab-use-after-free Read in binder_release_work | |||
| 2024/11/19 07:21 | upstream | 9fb2cfa4635a | 571351cb | .config | console log | report | [disk image (non-bootable)] [vmlinux] [kernel image] | ci-snapshot-upstream-root | KASAN: slab-use-after-free Read in binder_release_work | |||
| 2024/11/18 13:33 | upstream | adc218676eef | e7bb5d6e | .config | console log | report | [disk image (non-bootable)] [vmlinux] [kernel image] | ci-snapshot-upstream-root | KASAN: slab-use-after-free Read in binder_release_work | |||
| 2024/11/18 12:23 | upstream | adc218676eef | e7bb5d6e | .config | console log | report | [disk image (non-bootable)] [vmlinux] [kernel image] | ci-snapshot-upstream-root | KASAN: slab-use-after-free Read in binder_release_work | |||
| 2024/11/18 02:35 | upstream | f66d6acccbc0 | cfe3a04a | .config | console log | report | info | [disk image (non-bootable)] [vmlinux] [kernel image] | ci-qemu-upstream | KASAN: slab-use-after-free Read in binder_release_work | ||
| 2024/11/18 02:34 | upstream | f66d6acccbc0 | cfe3a04a | .config | console log | report | [disk image (non-bootable)] [vmlinux] [kernel image] | ci-snapshot-upstream-root | KASAN: slab-use-after-free Read in binder_release_work | |||
| 2024/11/17 22:07 | upstream | f66d6acccbc0 | cfe3a04a | .config | console log | report | info | [disk image (non-bootable)] [vmlinux] [kernel image] | ci-qemu-upstream | KASAN: slab-use-after-free Read in binder_release_work | ||
| 2024/11/17 18:56 | upstream | f66d6acccbc0 | cfe3a04a | .config | console log | report | info | [disk image (non-bootable)] [vmlinux] [kernel image] | ci-qemu-upstream | KASAN: slab-use-after-free Read in binder_release_work | ||
| 2024/11/17 17:42 | upstream | 4a5df3796467 | cfe3a04a | .config | console log | report | info | [disk image (non-bootable)] [vmlinux] [kernel image] | ci-qemu-upstream | KASAN: slab-use-after-free Read in binder_release_work | ||
| 2024/11/17 15:26 | upstream | 4a5df3796467 | cfe3a04a | .config | console log | report | info | [disk image (non-bootable)] [vmlinux] [kernel image] | ci-qemu-upstream | KASAN: slab-use-after-free Read in binder_release_work | ||
| 2024/11/16 01:27 | upstream | f868cd251776 | cfe3a04a | .config | console log | report | info | [disk image (non-bootable)] [vmlinux] [kernel image] | ci-qemu-upstream-386 | KASAN: slab-use-after-free Read in binder_release_work | ||
| 2024/11/14 16:26 | upstream | 0a9b9d17f3a7 | 4dfba277 | .config | console log | report | info | [disk image (non-bootable)] [vmlinux] [kernel image] | ci-qemu2-arm64 | KASAN: slab-use-after-free Read in binder_release_work | ||
| 2024/11/14 14:58 | upstream | 0a9b9d17f3a7 | 4dfba277 | .config | console log | report | info | [disk image (non-bootable)] [vmlinux] [kernel image] | ci-qemu2-arm64-mte | KASAN: slab-use-after-free Read in binder_release_work | ||
| 2024/10/29 22:13 | upstream | e42b1a9a2557 | 66aeb999 | .config | console log | report | info | [disk image (non-bootable)] [vmlinux] [kernel image] | ci-qemu2-arm64-compat | KASAN: slab-use-after-free Read in binder_release_work | ||
| 2024/10/12 02:48 | linux-next | d61a00525464 | 084d8178 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-linux-next-kasan-gce-root | KASAN: slab-use-after-free Read in binder_release_work | ||
| 2024/11/10 23:37 | git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci | 563047e691f2 | 6b856513 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-gce-arm64 | KASAN: slab-use-after-free Read in binder_release_work | ||
| 2024/11/19 00:10 | git://git.kernel.org/pub/scm/linux/kernel/git/riscv/linux.git fixes | 57f7c7dc78cd | 4dfba277 | .config | console log | report | info | [disk image (non-bootable)] [vmlinux] [kernel image] | ci-qemu2-riscv64 | KASAN: slab-use-after-free Read in binder_release_work | ||
| 2024/11/04 21:32 | upstream | 59b723cd2adb | 7bfecfb9 | .config | console log | report | info | [disk image (non-bootable)] [vmlinux] [kernel image] | ci-qemu-upstream-386 | KFENCE: use-after-free in binder_release_work |