syzbot

 sign-in | mailing list | source | docs
🐞 Open [1516]
Subsystems
🐞 Fixed [6644]
🐞 Invalid [17027]
Missing Backports [214]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

KASAN: slab-use-after-free Write in dtSplitPage

Status: upstream: reported C repro on 2024/12/15 23:15
Subsystems: jfs
[Documentation on labels]
Reported-by: syzbot+a939a1121380d3212940@syzkaller.appspotmail.com
First crash: 362d, last: 18m
Cause bisection: the cause commit could be any of (bisect log):
  781773e3b680 sched/fair: Implement ENQUEUE_DELAYED
  a1c446611e31 sched,freezer: Mark TASK_FROZEN special
  e1459a50ba31 sched: Teach dequeue_task() about special task states
  f12e148892ed sched/fair: Prepare pick_next_task() for delayed dequeue
  152e11f6df29 sched/fair: Implement delayed dequeue
  2e0199df252a sched/fair: Prepare exit/cleanup paths for delayed_dequeue
  54a58a787791 sched/fair: Implement DELAY_ZERO
   
Discussions (2)
Title Replies (including bot) Last reply
[syzbot] Monthly jfs report (Sep 2025) 0 (1) 2025/09/23 06:49
[syzbot] [jfs?] KASAN: slab-use-after-free Write in dtSplitPage 0 (3) 2025/01/03 12:54
Similar bugs (3)
Kernel Title Rank 🛈 Repro Cause bisect Fix bisect Count Last Reported Patched Status
linux-6.6 UBSAN: array-index-out-of-bounds in dtSplitPage origin:upstream 24 C 80 18h39m 115d 0/2 upstream: reported C repro on 2025/06/20 22:01
linux-6.1 UBSAN: array-index-out-of-bounds in dtSplitPage origin:upstream 24 C 103 20h51m 287d 0/3 upstream: reported C repro on 2024/12/30 07:45
linux-5.15 UBSAN: array-index-out-of-bounds in dtSplitPage 24 C 88 1d01h 288d 0/3 upstream: reported C repro on 2024/12/29 06:57

Sample crash report:
==================================================================
BUG: KASAN: slab-use-after-free in dtMoveEntry fs/jfs/jfs_dtree.c:3922 [inline]
BUG: KASAN: slab-use-after-free in dtSplitPage+0x1e37/0x3b20 fs/jfs/jfs_dtree.c:1561
Write of size 1 at addr ffff888030d3a000 by task syz-executor423/5910

CPU: 0 UID: 0 PID: 5910 Comm: syz-executor423 Not tainted 6.15.0-rc6-syzkaller #0 PREEMPT(full) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
Call Trace:
 <TASK>
 dump_stack_lvl+0x189/0x250 lib/dump_stack.c:120
 print_address_description mm/kasan/report.c:408 [inline]
 print_report+0xb4/0x290 mm/kasan/report.c:521
 kasan_report+0x118/0x150 mm/kasan/report.c:634
 dtMoveEntry fs/jfs/jfs_dtree.c:3922 [inline]
 dtSplitPage+0x1e37/0x3b20 fs/jfs/jfs_dtree.c:1561
 dtSplitUp fs/jfs/jfs_dtree.c:1092 [inline]
 dtInsert+0x109b/0x5f40 fs/jfs/jfs_dtree.c:871
 jfs_create+0x6c8/0xa80 fs/jfs/namei.c:137
 lookup_open fs/namei.c:3701 [inline]
 open_last_lookups fs/namei.c:3800 [inline]
 path_openat+0x14f1/0x3830 fs/namei.c:4036
 do_filp_open+0x1fa/0x410 fs/namei.c:4066
 do_sys_openat2+0x121/0x1c0 fs/open.c:1429
 do_sys_open fs/open.c:1444 [inline]
 __do_sys_creat fs/open.c:1522 [inline]
 __se_sys_creat fs/open.c:1516 [inline]
 __x64_sys_creat+0x8f/0xc0 fs/open.c:1516
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xf6/0x210 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7fa01cd47769
Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 61 1f 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007fa01c4cc168 EFLAGS: 00000246 ORIG_RAX: 0000000000000055
RAX: ffffffffffffffda RBX: 00007fa01cdcf6f8 RCX: 00007fa01cd47769
RDX: ffffffffffffffb0 RSI: 0000000000000000 RDI: 00002000000006c0
RBP: 00007fa01cdcf6f0 R08: 00007fa01c4cc6c0 R09: 0000000000000000
R10: 00007fa01c4cc6c0 R11: 0000000000000246 R12: 00007fa01cdcf6fc
R13: 000000000000006e R14: 00007fffbd99d4c0 R15: 00007fffbd99d5a8
 </TASK>

Allocated by task 5843:
 kasan_save_stack mm/kasan/common.c:47 [inline]
 kasan_save_track+0x3e/0x80 mm/kasan/common.c:68
 poison_kmalloc_redzone mm/kasan/common.c:377 [inline]
 __kasan_kmalloc+0x93/0xb0 mm/kasan/common.c:394
 kasan_kmalloc include/linux/kasan.h:260 [inline]
 __do_kmalloc_node mm/slub.c:4327 [inline]
 __kmalloc_noprof+0x27a/0x4f0 mm/slub.c:4339
 kmalloc_noprof include/linux/slab.h:909 [inline]
 kzalloc_noprof include/linux/slab.h:1039 [inline]
 tomoyo_encode2 security/tomoyo/realpath.c:45 [inline]
 tomoyo_encode+0x28b/0x550 security/tomoyo/realpath.c:80
 tomoyo_realpath_from_path+0x58d/0x5d0 security/tomoyo/realpath.c:283
 tomoyo_get_realpath security/tomoyo/file.c:151 [inline]
 tomoyo_check_open_permission+0x1c1/0x3b0 security/tomoyo/file.c:771
 security_file_open+0xb1/0x270 security/security.c:3114
 do_dentry_open+0x35e/0x1970 fs/open.c:933
 vfs_open+0x3b/0x340 fs/open.c:1086
 do_open fs/namei.c:3880 [inline]
 path_openat+0x2ee5/0x3830 fs/namei.c:4039
 do_filp_open+0x1fa/0x410 fs/namei.c:4066
 do_sys_openat2+0x121/0x1c0 fs/open.c:1429
 do_sys_open fs/open.c:1444 [inline]
 __do_sys_openat fs/open.c:1460 [inline]
 __se_sys_openat fs/open.c:1455 [inline]
 __x64_sys_openat+0x138/0x170 fs/open.c:1455
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xf6/0x210 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

Freed by task 5843:
 kasan_save_stack mm/kasan/common.c:47 [inline]
 kasan_save_track+0x3e/0x80 mm/kasan/common.c:68
 kasan_save_free_info+0x46/0x50 mm/kasan/generic.c:576
 poison_slab_object mm/kasan/common.c:247 [inline]
 __kasan_slab_free+0x62/0x70 mm/kasan/common.c:264
 kasan_slab_free include/linux/kasan.h:233 [inline]
 slab_free_hook mm/slub.c:2380 [inline]
 slab_free mm/slub.c:4642 [inline]
 kfree+0x193/0x440 mm/slub.c:4841
 tomoyo_check_open_permission+0x2c2/0x3b0 security/tomoyo/file.c:786
 security_file_open+0xb1/0x270 security/security.c:3114
 do_dentry_open+0x35e/0x1970 fs/open.c:933
 vfs_open+0x3b/0x340 fs/open.c:1086
 do_open fs/namei.c:3880 [inline]
 path_openat+0x2ee5/0x3830 fs/namei.c:4039
 do_filp_open+0x1fa/0x410 fs/namei.c:4066
 do_sys_openat2+0x121/0x1c0 fs/open.c:1429
 do_sys_open fs/open.c:1444 [inline]
 __do_sys_openat fs/open.c:1460 [inline]
 __se_sys_openat fs/open.c:1455 [inline]
 __x64_sys_openat+0x138/0x170 fs/open.c:1455
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xf6/0x210 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

The buggy address belongs to the object at ffff888030d3a000
 which belongs to the cache kmalloc-64 of size 64
The buggy address is located 0 bytes inside of
 freed 64-byte region [ffff888030d3a000, ffff888030d3a040)

The buggy address belongs to the physical page:
page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x30d3a
ksm flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
page_type: f5(slab)
raw: 00fff00000000000 ffff88801a0418c0 ffffea00006fb7c0 0000000000000003
raw: 0000000000000000 0000000000200020 00000000f5000000 0000000000000000
page dumped because: kasan: bad access detected
page_owner tracks the page as allocated
page last allocated via order 0, migratetype Unmovable, gfp_mask 0x52cc0(GFP_KERNEL|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 5598, tgid 5598 (dhcpcd-run-hook), ts 57932261398, free_ts 45933889478
 set_page_owner include/linux/page_owner.h:32 [inline]
 post_alloc_hook+0x1d8/0x230 mm/page_alloc.c:1718
 prep_new_page mm/page_alloc.c:1726 [inline]
 get_page_from_freelist+0x21c7/0x22a0 mm/page_alloc.c:3688
 __alloc_frozen_pages_noprof+0x181/0x370 mm/page_alloc.c:4970
 alloc_pages_mpol+0x232/0x4a0 mm/mempolicy.c:2301
 alloc_slab_page mm/slub.c:2450 [inline]
 allocate_slab+0x8a/0x3b0 mm/slub.c:2618
 new_slab mm/slub.c:2672 [inline]
 ___slab_alloc+0xbfc/0x1480 mm/slub.c:3858
 __slab_alloc mm/slub.c:3948 [inline]
 __slab_alloc_node mm/slub.c:4023 [inline]
 slab_alloc_node mm/slub.c:4184 [inline]
 __do_kmalloc_node mm/slub.c:4326 [inline]
 __kmalloc_noprof+0x305/0x4f0 mm/slub.c:4339
 kmalloc_noprof include/linux/slab.h:909 [inline]
 kzalloc_noprof include/linux/slab.h:1039 [inline]
 ext4_htree_store_dirent+0x83/0x620 fs/ext4/dir.c:482
 htree_dirblock_to_tree+0x824/0xdf0 fs/ext4/namei.c:1111
 ext4_htree_fill_tree+0x5d7/0x10f0 fs/ext4/namei.c:1190
 ext4_dx_readdir fs/ext4/dir.c:601 [inline]
 ext4_readdir+0x2dde/0x3b60 fs/ext4/dir.c:146
 iterate_dir+0x5ac/0x770 fs/readdir.c:108
 __do_sys_getdents64 fs/readdir.c:403 [inline]
 __se_sys_getdents64+0xe4/0x260 fs/readdir.c:389
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xf6/0x210 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
page last free pid 5194 tgid 5194 stack trace:
 reset_page_owner include/linux/page_owner.h:25 [inline]
 free_pages_prepare mm/page_alloc.c:1262 [inline]
 __free_frozen_pages+0xb05/0xcd0 mm/page_alloc.c:2725
 mm_free_pgd kernel/fork.c:793 [inline]
 __mmdrop+0xb5/0x460 kernel/fork.c:939
 mmdrop include/linux/sched/mm.h:55 [inline]
 mmdrop_sched include/linux/sched/mm.h:83 [inline]
 mmdrop_lazy_tlb_sched include/linux/sched/mm.h:110 [inline]
 finish_task_switch+0x3ee/0x950 kernel/sched/core.c:5275
 context_switch kernel/sched/core.c:5385 [inline]
 __schedule+0x1697/0x4c70 kernel/sched/core.c:6767
 __schedule_loop kernel/sched/core.c:6845 [inline]
 schedule+0x165/0x360 kernel/sched/core.c:6860
 schedule_hrtimeout_range_clock+0x13c/0x2f0 kernel/time/sleep_timeout.c:216
 ep_poll fs/eventpoll.c:2115 [inline]
 do_epoll_wait+0xcac/0xf30 fs/eventpoll.c:2531
 __do_sys_epoll_wait fs/eventpoll.c:2539 [inline]
 __se_sys_epoll_wait fs/eventpoll.c:2534 [inline]
 __x64_sys_epoll_wait+0x1be/0x210 fs/eventpoll.c:2534
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xf6/0x210 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

Memory state around the buggy address:
 ffff888030d39f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
 ffff888030d39f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
>ffff888030d3a000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
                   ^
 ffff888030d3a080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
 ffff888030d3a100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc
==================================================================

Crashes (3282):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2025/05/12 12:04 upstream 82f2b0b97b36 77908e5f .config strace log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-upstream-fs KASAN: slab-use-after-free Write in dtSplitPage
2025/10/12 23:47 upstream 67029a49db6c ff1712fe .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-upstream-fs KASAN: slab-out-of-bounds Read in dtSplitPage
2025/03/16 12:34 upstream 31d7109a19f6 e2826670 .config strace log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-upstream-fs UBSAN: array-index-out-of-bounds in dtSplitPage
2025/01/03 12:53 upstream 0bc21e701a6f d3ccff63 .config strace log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-upstream-fs UBSAN: array-index-out-of-bounds in dtSplitPage
2025/08/11 11:51 upstream 8f5ae30d69d7 32a0e5ed .config console log report syz / log C [disk image (non-bootable)] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci-snapshot-upstream-root UBSAN: array-index-out-of-bounds in dtSplitPage
2025/06/02 19:54 upstream cd2e103d57e5 aaaaf5ea .config console log report syz / log C [disk image (non-bootable)] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci-snapshot-upstream-root KASAN: slab-out-of-bounds Read in dtSplitPage
2025/01/01 01:54 upstream ccb98ccef0e5 d3ccff63 .config console log report syz / log [disk image] [vmlinux] [kernel image] [mounted in repro #1] [mounted in repro #2] [mounted in repro #3] [mounted in repro #4] [mounted in repro #5] ci2-upstream-fs UBSAN: array-index-out-of-bounds in dtSplitPage
2024/12/27 12:50 upstream d6ef8b40d075 d3ccff63 .config console log report syz / log [disk image] [vmlinux] [kernel image] [mounted in repro] ci-upstream-kasan-badwrites-root UBSAN: array-index-out-of-bounds in dtSplitPage
2024/10/16 07:37 upstream 2f87d0916ce0 bde2d81c .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs KASAN: slab-use-after-free Write in dtSplitPage
2025/08/22 14:33 upstream 3957a5720157 bf27483f .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root KASAN: slab-use-after-free Write in dtSplitPage
2025/10/13 21:52 upstream 3a8660878839 b6605ba8 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs KASAN: slab-out-of-bounds Read in dtSplitPage
2025/10/13 20:04 upstream 3a8660878839 b6605ba8 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs KASAN: slab-out-of-bounds Read in dtSplitPage
2025/10/13 17:46 upstream 3a8660878839 b6605ba8 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs KASAN: slab-out-of-bounds Read in dtSplitPage
2025/10/13 16:35 upstream 3a8660878839 b6605ba8 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs KASAN: slab-out-of-bounds Read in dtSplitPage
2025/10/13 12:59 upstream 3a8660878839 b6605ba8 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs UBSAN: array-index-out-of-bounds in dtSplitPage
2025/10/12 23:45 upstream 8765f467912f ff1712fe .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root KASAN: slab-use-after-free Read in dtSplitPage
2025/10/12 07:59 upstream 98906f9d850e ff1712fe .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs KASAN: slab-out-of-bounds Read in dtSplitPage
2025/10/11 14:16 upstream 0739473694c4 ff1712fe .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs UBSAN: array-index-out-of-bounds in dtSplitPage
2025/10/11 02:52 upstream 917167ed1211 ff1712fe .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs KASAN: slab-out-of-bounds Read in dtSplitPage
2025/10/10 17:44 upstream 5472d60c129f ff1712fe .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs KASAN: slab-out-of-bounds Read in dtSplitPage
2025/10/10 16:04 upstream 5472d60c129f ff1712fe .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs KASAN: slab-out-of-bounds Read in dtSplitPage
2025/10/10 08:26 upstream 5472d60c129f ff1712fe .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs KASAN: slab-out-of-bounds Read in dtSplitPage
2025/10/10 05:00 upstream 5472d60c129f ff1712fe .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs UBSAN: array-index-out-of-bounds in dtSplitPage
2025/10/10 03:39 upstream 18a7e218cfcd 7e2882b3 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root UBSAN: array-index-out-of-bounds in dtSplitPage
2025/10/09 22:16 upstream ec714e371f22 7e2882b3 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs KASAN: slab-out-of-bounds Read in dtSplitPage
2025/10/01 13:31 upstream 50c19e20ed2e a1859138 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs KASAN: slab-out-of-bounds Write in dtSplitPage
2025/10/13 18:52 upstream 3a8660878839 b6605ba8 .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root KASAN: slab-out-of-bounds Read in dtSplitPage
2025/10/13 15:19 upstream 3a8660878839 b6605ba8 .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root KASAN: slab-use-after-free Read in dtSplitPage
2025/10/13 03:34 upstream 3a8660878839 ff1712fe .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root KASAN: slab-out-of-bounds Read in dtSplitPage
2025/10/12 21:40 upstream 67029a49db6c ff1712fe .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root UBSAN: array-index-out-of-bounds in dtSplitPage
2025/10/12 17:45 upstream 67029a49db6c ff1712fe .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root KASAN: slab-out-of-bounds Read in dtSplitPage
2025/10/12 06:33 upstream 98906f9d850e ff1712fe .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root KASAN: slab-out-of-bounds Read in dtSplitPage
2025/10/12 00:38 upstream 98906f9d850e ff1712fe .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root KASAN: slab-out-of-bounds Read in dtSplitPage
2025/10/11 17:18 upstream 0739473694c4 ff1712fe .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root KASAN: slab-out-of-bounds Read in dtSplitPage
2025/10/11 08:16 upstream 917167ed1211 ff1712fe .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root KASAN: slab-out-of-bounds Read in dtSplitPage
2025/10/11 05:21 upstream 917167ed1211 ff1712fe .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root UBSAN: array-index-out-of-bounds in dtSplitPage
2025/10/10 18:58 upstream 5472d60c129f ff1712fe .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root KASAN: slab-out-of-bounds Read in dtSplitPage
2025/10/10 13:39 upstream 5472d60c129f ff1712fe .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root KASAN: slab-out-of-bounds Read in dtSplitPage
2025/10/10 12:15 upstream 5472d60c129f ff1712fe .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root KASAN: slab-out-of-bounds Read in dtSplitPage
2025/09/27 20:23 upstream fec734e8d564 001c9061 .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root KASAN: use-after-free Write in dtSplitPage
2025/10/13 22:48 linux-next 52ba76324a9d b6605ba8 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-linux-next-kasan-gce-root KASAN: slab-out-of-bounds Read in dtSplitPage
2025/10/13 14:00 linux-next 52ba76324a9d ff1712fe .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-linux-next-kasan-gce-root UBSAN: array-index-out-of-bounds in dtSplitPage
2025/10/13 11:25 linux-next 2b763d465239 ff1712fe .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-linux-next-kasan-gce-root KASAN: slab-use-after-free Read in dtSplitPage
2025/10/13 08:53 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci bf45a62baffc ff1712fe .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 KASAN: slab-use-after-free Read in dtSplitPage
2025/10/13 08:02 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci bf45a62baffc ff1712fe .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 KASAN: slab-out-of-bounds Read in dtSplitPage
2025/10/13 06:26 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci bf45a62baffc ff1712fe .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 KASAN: slab-out-of-bounds Read in dtSplitPage
2025/10/13 04:42 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci bf45a62baffc ff1712fe .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 KASAN: slab-out-of-bounds Read in dtSplitPage
2025/10/13 01:21 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci bf45a62baffc ff1712fe .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 KASAN: slab-out-of-bounds Read in dtSplitPage
2025/10/12 23:26 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci bf45a62baffc ff1712fe .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 KASAN: slab-out-of-bounds Read in dtSplitPage
2025/10/12 20:34 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci bf45a62baffc ff1712fe .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 KASAN: slab-out-of-bounds Read in dtSplitPage
2025/10/12 19:13 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci bf45a62baffc ff1712fe .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 KASAN: slab-use-after-free Read in dtSplitPage
2025/10/12 13:10 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci bf45a62baffc ff1712fe .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 KASAN: slab-out-of-bounds Read in dtSplitPage
2025/10/12 11:15 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci bf45a62baffc ff1712fe .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 KASAN: slab-use-after-free Read in dtSplitPage
2025/10/12 10:07 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci bf45a62baffc ff1712fe .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 KASAN: slab-out-of-bounds Read in dtSplitPage
2025/10/12 04:10 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci bf45a62baffc ff1712fe .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 KASAN: slab-out-of-bounds Read in dtSplitPage
2025/10/12 02:23 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci bf45a62baffc ff1712fe .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 KASAN: slab-use-after-free Read in dtSplitPage
2025/10/11 12:28 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci bf45a62baffc ff1712fe .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 KASAN: slab-use-after-free Read in dtSplitPage
2025/10/10 23:53 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci bf45a62baffc ff1712fe .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 KASAN: slab-use-after-free Read in dtSplitPage
2025/10/10 14:55 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci bf45a62baffc ff1712fe .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 KASAN: slab-use-after-free Read in dtSplitPage
2025/10/10 10:26 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci bf45a62baffc ff1712fe .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 KASAN: slab-out-of-bounds Read in dtSplitPage
2025/10/09 23:39 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci bf45a62baffc 7e2882b3 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 KASAN: slab-use-after-free Read in dtSplitPage
* Struck through repros no longer work on HEAD.