syzbot


KASAN: use-after-free Read in firmware_fallback_sysfs

Status: fixed on 2021/11/10 00:50
Subsystems: kernel
[Documentation on labels]
Reported-by: syzbot+de271708674e2093097b@syzkaller.appspotmail.com
Fix commit: 75d95e2e39b2 firmware_loader: fix use-after-free in firmware_fallback_sysfs
First crash: 1354d, last: 1151d
Cause bisection: failed (error log, bisect log)
  
Duplicate bugs (3)
duplicates (3):
Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
KASAN: use-after-free Read in kill_pending_fw_fallback_reqs kernel 784 1121d 1305d 0/28 closed as dup on 2021/03/19 06:17
WARNING: locking bug in complete_all kernel 4 1171d 1243d 0/28 closed as dup on 2021/07/05 05:25
BUG: unable to handle kernel paging request in complete_all kernel 2 1183d 1196d 0/28 closed as dup on 2021/07/05 05:25
Discussions (15)
Title Replies (including bot) Last reply
[PATCH 5.10 000/135] 5.10.58-rc1 review 159 (159) 2021/08/19 08:52
[PATCH 4.19 00/54] 4.19.203-rc1 review 64 (64) 2021/08/12 19:20
[PATCH 5.13 000/175] 5.13.10-rc1 review 183 (183) 2021/08/12 06:45
[PATCH 5.4 00/85] 5.4.140-rc1 review 91 (91) 2021/08/11 22:21
[PATCH v8 0/2] firmware_loader: fix uaf in firmware_fallback_sysfs 6 (6) 2021/07/29 16:52
[PATCH v7 0/2] firmware_loader: fix uaf in firmware_fallback_sysfs 8 (8) 2021/07/27 12:57
[PATCH v6 0/2] firmware_loader: fix uaf in firmware_fallback_sysfs 6 (6) 2021/07/23 17:26
[PATCH v5 0/2] firmware_loader: fix uaf in firmware_fallback_sysfs 3 (3) 2021/07/21 19:00
[PATCH v4] firmware_loader: fix use-after-free in firmware_fallback_sysfs 5 (5) 2021/06/11 03:16
Re: [PATCH v4] firmware_loader: fix use-after-free in firmware_fallback_sysfs 1 (1) 2021/05/19 18:56
[PATCH v3] firmware_loader: fix use-after-free in firmware_fallback_sysfs 9 (9) 2021/04/30 02:49
[PATCH v2] firmware_loader: fix use-after-free in firmware_fallback_sysfs 4 (4) 2021/04/14 09:11
[PATCH] firmware_loader: fix use-after-free in firmware_fallback_sysfs 1 (1) 2021/04/13 10:19
KASAN: use-after-free Read in firmware_fallback_sysfs 0 (3) 2021/03/21 12:02
Re: [syzbot] KASAN: use-after-free Read in kill_pending_fw_fallback_reqs 1 (1) 2021/03/19 06:17
Similar bugs (3)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
android-54 KASAN: use-after-free Read in firmware_fallback_sysfs C 2349 1088d 1638d 1/2 fixed on 2021/10/21 11:33
android-54 BUG: corrupted list in firmware_fallback_sysfs 70 1089d 1637d 0/2 auto-closed as invalid on 2022/02/17 06:30
android-54 KASAN: slab-out-of-bounds Read in firmware_fallback_sysfs 6 1499d 1609d 0/2 auto-closed as invalid on 2021/01/03 04:24
Last patch testing requests (6)
Created Duration User Patch Repo Result
2021/07/27 18:46 19m mail@anirudhrb.com patch upstream OK
2021/04/14 16:20 19m mail@anirudhrb.com patch linux-next OK
2021/04/14 07:06 19m mail@anirudhrb.com patch linux-next OK
2021/04/13 09:04 18m mail@anirudhrb.com patch linux-next OK
2021/04/13 06:36 19m mail@anirudhrb.com patch linux-next OK
2021/04/12 13:33 12m mail@anirudhrb.com linux-next report log

Sample crash report:
platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
==================================================================
BUG: KASAN: use-after-free in __list_add_valid+0x81/0xa0 lib/list_debug.c:23
Read of size 8 at addr ffff888017b23cc8 by task syz-executor877/9843

CPU: 0 PID: 9843 Comm: syz-executor877 Not tainted 5.14.0-rc4-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0xcd/0x134 lib/dump_stack.c:105
 print_address_description.constprop.0.cold+0x6c/0x309 mm/kasan/report.c:233
 __kasan_report mm/kasan/report.c:419 [inline]
 kasan_report.cold+0x83/0xdf mm/kasan/report.c:436
 __list_add_valid+0x81/0xa0 lib/list_debug.c:23
 __list_add include/linux/list.h:67 [inline]
 list_add include/linux/list.h:86 [inline]
 fw_load_sysfs_fallback drivers/base/firmware_loader/fallback.c:516 [inline]
 fw_load_from_user_helper drivers/base/firmware_loader/fallback.c:581 [inline]
 firmware_fallback_sysfs+0x455/0xe10 drivers/base/firmware_loader/fallback.c:657
 _request_firmware+0xa80/0xe80 drivers/base/firmware_loader/main.c:833
 request_firmware+0x32/0x50 drivers/base/firmware_loader/main.c:877
 reg_reload_regdb+0x7a/0x240 net/wireless/reg.c:1095
 genl_family_rcv_msg_doit+0x228/0x320 net/netlink/genetlink.c:739
 genl_family_rcv_msg net/netlink/genetlink.c:783 [inline]
 genl_rcv_msg+0x328/0x580 net/netlink/genetlink.c:800
 netlink_rcv_skb+0x153/0x420 net/netlink/af_netlink.c:2504
 genl_rcv+0x24/0x40 net/netlink/genetlink.c:811
 netlink_unicast_kernel net/netlink/af_netlink.c:1314 [inline]
 netlink_unicast+0x533/0x7d0 net/netlink/af_netlink.c:1340
 netlink_sendmsg+0x86d/0xdb0 net/netlink/af_netlink.c:1929
 sock_sendmsg_nosec net/socket.c:703 [inline]
 sock_sendmsg+0xcf/0x120 net/socket.c:723
 ____sys_sendmsg+0x6e8/0x810 net/socket.c:2392
 ___sys_sendmsg+0xf3/0x170 net/socket.c:2446
 __sys_sendmsg+0xe5/0x1b0 net/socket.c:2475
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x44/0xae
RIP: 0033:0x44b349
Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 31 16 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007f47e5fc4318 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 00000000004d72b8 RCX: 000000000044b349
RDX: 0000000000000000 RSI: 0000000020000780 RDI: 0000000000000003
RBP: 00000000004d72b0 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0031313230386c6e
R13: 00007ffe22ff424f R14: 00007f47e5fc4400 R15: 0000000000022000

Allocated by task 9837:
 kasan_save_stack+0x1b/0x40 mm/kasan/common.c:38
 kasan_set_track mm/kasan/common.c:46 [inline]
 set_alloc_info mm/kasan/common.c:434 [inline]
 ____kasan_kmalloc mm/kasan/common.c:513 [inline]
 ____kasan_kmalloc mm/kasan/common.c:472 [inline]
 __kasan_kmalloc+0x9b/0xd0 mm/kasan/common.c:522
 kmalloc include/linux/slab.h:591 [inline]
 kzalloc include/linux/slab.h:721 [inline]
 __allocate_fw_priv drivers/base/firmware_loader/main.c:187 [inline]
 alloc_lookup_fw_priv drivers/base/firmware_loader/main.c:251 [inline]
 _request_firmware_prepare drivers/base/firmware_loader/main.c:746 [inline]
 _request_firmware+0x2de/0xe80 drivers/base/firmware_loader/main.c:808
 request_firmware+0x32/0x50 drivers/base/firmware_loader/main.c:877
 reg_reload_regdb+0x7a/0x240 net/wireless/reg.c:1095
 genl_family_rcv_msg_doit+0x228/0x320 net/netlink/genetlink.c:739
 genl_family_rcv_msg net/netlink/genetlink.c:783 [inline]
 genl_rcv_msg+0x328/0x580 net/netlink/genetlink.c:800
 netlink_rcv_skb+0x153/0x420 net/netlink/af_netlink.c:2504
 genl_rcv+0x24/0x40 net/netlink/genetlink.c:811
 netlink_unicast_kernel net/netlink/af_netlink.c:1314 [inline]
 netlink_unicast+0x533/0x7d0 net/netlink/af_netlink.c:1340
 netlink_sendmsg+0x86d/0xdb0 net/netlink/af_netlink.c:1929
 sock_sendmsg_nosec net/socket.c:703 [inline]
 sock_sendmsg+0xcf/0x120 net/socket.c:723
 ____sys_sendmsg+0x6e8/0x810 net/socket.c:2392
 ___sys_sendmsg+0xf3/0x170 net/socket.c:2446
 __sys_sendmsg+0xe5/0x1b0 net/socket.c:2475
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x44/0xae

Freed by task 9837:
 kasan_save_stack+0x1b/0x40 mm/kasan/common.c:38
 kasan_set_track+0x1c/0x30 mm/kasan/common.c:46
 kasan_set_free_info+0x20/0x30 mm/kasan/generic.c:360
 ____kasan_slab_free mm/kasan/common.c:366 [inline]
 ____kasan_slab_free mm/kasan/common.c:328 [inline]
 __kasan_slab_free+0xfb/0x130 mm/kasan/common.c:374
 kasan_slab_free include/linux/kasan.h:230 [inline]
 slab_free_hook mm/slub.c:1625 [inline]
 slab_free_freelist_hook+0xdf/0x240 mm/slub.c:1650
 slab_free mm/slub.c:3210 [inline]
 kfree+0xe4/0x530 mm/slub.c:4264
 __free_fw_priv drivers/base/firmware_loader/main.c:283 [inline]
 kref_put include/linux/kref.h:65 [inline]
 free_fw_priv+0x2b1/0x4d0 drivers/base/firmware_loader/main.c:290
 firmware_free_data drivers/base/firmware_loader/main.c:586 [inline]
 release_firmware.part.0+0xc7/0xf0 drivers/base/firmware_loader/main.c:1055
 release_firmware drivers/base/firmware_loader/main.c:842 [inline]
 _request_firmware+0x709/0xe80 drivers/base/firmware_loader/main.c:841
 request_firmware+0x32/0x50 drivers/base/firmware_loader/main.c:877
 reg_reload_regdb+0x7a/0x240 net/wireless/reg.c:1095
 genl_family_rcv_msg_doit+0x228/0x320 net/netlink/genetlink.c:739
 genl_family_rcv_msg net/netlink/genetlink.c:783 [inline]
 genl_rcv_msg+0x328/0x580 net/netlink/genetlink.c:800
 netlink_rcv_skb+0x153/0x420 net/netlink/af_netlink.c:2504
 genl_rcv+0x24/0x40 net/netlink/genetlink.c:811
 netlink_unicast_kernel net/netlink/af_netlink.c:1314 [inline]
 netlink_unicast+0x533/0x7d0 net/netlink/af_netlink.c:1340
 netlink_sendmsg+0x86d/0xdb0 net/netlink/af_netlink.c:1929
 sock_sendmsg_nosec net/socket.c:703 [inline]
 sock_sendmsg+0xcf/0x120 net/socket.c:723
 ____sys_sendmsg+0x6e8/0x810 net/socket.c:2392
 ___sys_sendmsg+0xf3/0x170 net/socket.c:2446
 __sys_sendmsg+0xe5/0x1b0 net/socket.c:2475
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x44/0xae

The buggy address belongs to the object at ffff888017b23c00
 which belongs to the cache kmalloc-256 of size 256
The buggy address is located 200 bytes inside of
 256-byte region [ffff888017b23c00, ffff888017b23d00)
The buggy address belongs to the page:
page:ffffea00005ec880 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x17b22
head:ffffea00005ec880 order:1 compound_mapcount:0
flags: 0xfff00000010200(slab|head|node=0|zone=1|lastcpupid=0x7ff)
raw: 00fff00000010200 0000000000000000 dead000000000122 ffff888010841b40
raw: 0000000000000000 0000000000100010 00000001ffffffff 0000000000000000
page dumped because: kasan: bad access detected
page_owner tracks the page as allocated
page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 8449, ts 66897274962, free_ts 66674742035
 prep_new_page mm/page_alloc.c:2436 [inline]
 get_page_from_freelist+0xa72/0x2f80 mm/page_alloc.c:4169
 __alloc_pages+0x1b2/0x500 mm/page_alloc.c:5391
 alloc_pages+0x18c/0x2a0 mm/mempolicy.c:2244
 alloc_slab_page mm/slub.c:1688 [inline]
 allocate_slab+0x32e/0x4b0 mm/slub.c:1828
 new_slab mm/slub.c:1891 [inline]
 new_slab_objects mm/slub.c:2637 [inline]
 ___slab_alloc+0x4ba/0x820 mm/slub.c:2800
 __slab_alloc.constprop.0+0xa7/0xf0 mm/slub.c:2840
 slab_alloc_node mm/slub.c:2922 [inline]
 slab_alloc mm/slub.c:2964 [inline]
 kmem_cache_alloc_trace+0x30f/0x3c0 mm/slub.c:2981
 kmalloc include/linux/slab.h:591 [inline]
 kzalloc include/linux/slab.h:721 [inline]
 fib6_info_alloc+0xc1/0x210 net/ipv6/ip6_fib.c:155
 ip6_route_info_create+0x33e/0x1aa0 net/ipv6/route.c:3762
 addrconf_f6i_alloc+0x2b5/0x4c0 net/ipv6/route.c:4580
 ipv6_add_addr+0x3a6/0x1f00 net/ipv6/addrconf.c:1089
 inet6_addr_add+0x410/0xae0 net/ipv6/addrconf.c:2945
 inet6_rtm_newaddr+0xf00/0x1970 net/ipv6/addrconf.c:4871
 rtnetlink_rcv_msg+0x413/0xb80 net/core/rtnetlink.c:5574
 netlink_rcv_skb+0x153/0x420 net/netlink/af_netlink.c:2504
 netlink_unicast_kernel net/netlink/af_netlink.c:1314 [inline]
 netlink_unicast+0x533/0x7d0 net/netlink/af_netlink.c:1340
page last free stack trace:
 reset_page_owner include/linux/page_owner.h:24 [inline]
 free_pages_prepare mm/page_alloc.c:1346 [inline]
 free_pcp_prepare+0x2c5/0x780 mm/page_alloc.c:1397
 free_unref_page_prepare mm/page_alloc.c:3332 [inline]
 free_unref_page+0x19/0x690 mm/page_alloc.c:3411
 unfreeze_partials+0x17c/0x1d0 mm/slub.c:2418
 put_cpu_partial+0x13d/0x230 mm/slub.c:2454
 qlink_free mm/kasan/quarantine.c:146 [inline]
 qlist_free_all+0x5a/0xc0 mm/kasan/quarantine.c:165
 kasan_quarantine_reduce+0x180/0x200 mm/kasan/quarantine.c:272
 __kasan_slab_alloc+0x8e/0xa0 mm/kasan/common.c:444
 kasan_slab_alloc include/linux/kasan.h:254 [inline]
 slab_post_alloc_hook mm/slab.h:519 [inline]
 slab_alloc_node mm/slub.c:2956 [inline]
 slab_alloc mm/slub.c:2964 [inline]
 __kmalloc+0x1f4/0x330 mm/slub.c:4108
 kmalloc include/linux/slab.h:596 [inline]
 tomoyo_realpath_from_path+0xc3/0x620 security/tomoyo/realpath.c:254
 tomoyo_get_realpath security/tomoyo/file.c:151 [inline]
 tomoyo_path_perm+0x21b/0x400 security/tomoyo/file.c:822
 security_inode_getattr+0xcf/0x140 security/security.c:1332
 vfs_getattr fs/stat.c:139 [inline]
 vfs_fstat+0x43/0xb0 fs/stat.c:164
 __do_sys_newfstat+0x81/0x100 fs/stat.c:404
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x44/0xae

Memory state around the buggy address:
 ffff888017b23b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
 ffff888017b23c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
>ffff888017b23c80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
                                              ^
 ffff888017b23d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
 ffff888017b23d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
==================================================================

Crashes (16514):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2021/08/08 11:45 upstream 85a90500f9a1 6972b106 .config console log report syz C ci-upstream-kasan-gce-root KASAN: use-after-free Read in firmware_fallback_sysfs
2021/08/06 15:09 upstream 902e7f373fff f9e341e3 .config console log report syz C ci-upstream-kasan-gce-root KASAN: use-after-free Read in firmware_fallback_sysfs
2021/08/03 08:28 upstream c500bee1c5b2 6c236867 .config console log report syz C ci-upstream-kasan-gce-selinux-root KASAN: use-after-free Read in firmware_fallback_sysfs
2021/08/01 18:32 upstream f3438b4c4e69 6c236867 .config console log report syz C ci-upstream-kasan-gce-root KASAN: use-after-free Read in firmware_fallback_sysfs
2021/06/14 16:49 upstream 009c9aa5be65 1ba81399 .config console log report syz C ci-upstream-kasan-gce KASAN: use-after-free Read in firmware_fallback_sysfs
2021/08/05 03:08 bpf a02215ce72a3 b97d64c9 .config console log report syz C ci-upstream-bpf-kasan-gce KASAN: use-after-free Read in firmware_fallback_sysfs
2021/06/26 12:54 net-old d6765985a42a 9d2ab5df .config console log report syz C ci-upstream-net-this-kasan-gce KASAN: use-after-free Read in firmware_fallback_sysfs
2021/06/01 14:49 net-old 4ac06a1e013c 032639db .config console log report syz C ci-upstream-net-this-kasan-gce KASAN: use-after-free Read in firmware_fallback_sysfs
2021/05/23 00:57 net-old e29f011e8fc0 3c7fef33 .config console log report syz C ci-upstream-net-this-kasan-gce KASAN: use-after-free Read in firmware_fallback_sysfs
2021/05/17 06:58 bpf 2d58cee61309 f54a5c09 .config console log report syz C ci-upstream-bpf-kasan-gce KASAN: use-after-free Read in firmware_fallback_sysfs
2021/04/08 13:37 bpf 144748eb0c44 6a81331a .config console log report syz C ci-upstream-bpf-kasan-gce KASAN: use-after-free Read in firmware_fallback_sysfs
2021/04/05 14:05 net-old a14d273ba159 6a81331a .config console log report syz C ci-upstream-net-this-kasan-gce KASAN: use-after-free Read in firmware_fallback_sysfs
2021/08/13 18:23 net-next-old b769cf44ed55 3fd2ea69 .config console log report syz C ci-upstream-net-kasan-gce KASAN: use-after-free Read in firmware_fallback_sysfs
2021/08/05 02:36 bpf-next db517c8f8556 b97d64c9 .config console log report syz C ci-upstream-bpf-next-kasan-gce KASAN: use-after-free Read in firmware_fallback_sysfs
2021/07/23 09:17 net-next-old 4431531c482a bc5f1d88 .config console log report syz C ci-upstream-net-kasan-gce KASAN: use-after-free Read in firmware_fallback_sysfs
2021/06/26 12:50 net-next-old ff8744b5eb11 9d2ab5df .config console log report syz C ci-upstream-net-kasan-gce KASAN: use-after-free Read in firmware_fallback_sysfs
2021/06/04 23:45 net-next-old ebbf5fcb94a7 966a236b .config console log report syz C ci-upstream-net-kasan-gce KASAN: use-after-free Read in firmware_fallback_sysfs
2021/06/01 14:54 bpf-next 05924717ac70 032639db .config console log report syz C ci-upstream-bpf-next-kasan-gce KASAN: use-after-free Read in firmware_fallback_sysfs
2021/05/28 15:31 net-next-old af9207adb6d9 858ea628 .config console log report syz C ci-upstream-net-kasan-gce KASAN: use-after-free Read in firmware_fallback_sysfs
2021/05/23 01:05 net-next-old f5120f599880 3c7fef33 .config console log report syz C ci-upstream-net-kasan-gce KASAN: use-after-free Read in firmware_fallback_sysfs
2021/04/08 14:08 net-next-old 3cd52c1e32fe 6a81331a .config console log report syz C ci-upstream-net-kasan-gce KASAN: use-after-free Read in firmware_fallback_sysfs
2021/04/08 14:04 bpf-next 957dca3df624 6a81331a .config console log report syz C ci-upstream-bpf-next-kasan-gce KASAN: use-after-free Read in firmware_fallback_sysfs
2021/04/05 14:04 net-next-old 7d42e84eb99d 6a81331a .config console log report syz C ci-upstream-net-kasan-gce KASAN: use-after-free Read in firmware_fallback_sysfs
2021/03/21 12:01 net-next-old a1e6f641e307 17810eae .config console log report syz C ci-upstream-net-kasan-gce KASAN: use-after-free Read in firmware_fallback_sysfs
2021/06/26 12:26 linux-next a1f92694393a 9d2ab5df .config console log report syz C ci-upstream-linux-next-kasan-gce-root KASAN: use-after-free Read in firmware_fallback_sysfs
2021/05/10 05:59 linux-next e6f67ebd93ef bc5434be .config console log report syz C ci-upstream-linux-next-kasan-gce-root KASAN: use-after-free Read in firmware_fallback_sysfs
2021/07/23 08:46 upstream 9bead1b58c4c bc5f1d88 .config console log report syz ci-upstream-kasan-gce-root KASAN: use-after-free Read in firmware_fallback_sysfs
2021/07/08 06:24 upstream 3dbdb38e2869 95793bce .config console log report syz ci-upstream-kasan-gce-root KASAN: use-after-free Read in firmware_fallback_sysfs
2021/06/13 13:37 upstream 8ecfa36cd4db 1ba81399 .config console log report syz ci-upstream-kasan-gce-root KASAN: use-after-free Read in firmware_fallback_sysfs
2021/08/13 17:54 net-old a9a507013a6f 3fd2ea69 .config console log report syz ci-upstream-net-this-kasan-gce KASAN: use-after-free Read in firmware_fallback_sysfs
2021/08/03 07:42 net-old 0541a6293298 6c236867 .config console log report syz ci-upstream-net-this-kasan-gce KASAN: use-after-free Read in firmware_fallback_sysfs
2021/07/23 09:07 net-old 9f42f674a892 bc5f1d88 .config console log report syz ci-upstream-net-this-kasan-gce KASAN: use-after-free Read in firmware_fallback_sysfs
2021/06/19 04:54 net-old 35036d69b9bd aba2b2fb .config console log report syz ci-upstream-net-this-kasan-gce KASAN: use-after-free Read in firmware_fallback_sysfs
2021/06/16 16:26 net-old a4f0377db125 c06f97ad .config console log report syz ci-upstream-net-this-kasan-gce KASAN: use-after-free Read in firmware_fallback_sysfs
2021/06/04 23:42 net-old 1a8024239dac 966a236b .config console log report syz ci-upstream-net-this-kasan-gce KASAN: use-after-free Read in firmware_fallback_sysfs
2021/06/01 14:19 bpf ff2e6efda0d5 032639db .config console log report syz ci-upstream-bpf-kasan-gce KASAN: use-after-free Read in firmware_fallback_sysfs
2021/05/28 14:56 net-old 44991d61aa12 858ea628 .config console log report syz ci-upstream-net-this-kasan-gce KASAN: use-after-free Read in firmware_fallback_sysfs
2021/04/27 23:56 net-old bbd6f0a94813 805b5003 .config console log report syz ci-upstream-net-this-kasan-gce KASAN: use-after-free Read in firmware_fallback_sysfs
2021/03/12 06:38 net-old 47142ed6c34d 429d8a6b .config console log report syz ci-upstream-net-this-kasan-gce KASAN: use-after-free Read in firmware_fallback_sysfs
2021/08/03 07:42 net-next-old 28814cd18cd7 6c236867 .config console log report syz ci-upstream-net-kasan-gce KASAN: use-after-free Read in firmware_fallback_sysfs
2021/06/16 16:19 net-next-old c7654495916e c06f97ad .config console log report syz ci-upstream-net-kasan-gce KASAN: use-after-free Read in firmware_fallback_sysfs
2021/06/01 14:42 net-next-old e099f3e8b71c 032639db .config console log report syz ci-upstream-net-kasan-gce KASAN: use-after-free Read in firmware_fallback_sysfs
2021/04/05 17:47 bpf-next 1e1032b0c4af 6a81331a .config console log report syz ci-upstream-bpf-next-kasan-gce KASAN: use-after-free Read in firmware_fallback_sysfs
2021/06/04 23:08 linux-next a1f92694393a 966a236b .config console log report syz ci-upstream-linux-next-kasan-gce-root KASAN: use-after-free Read in firmware_fallback_sysfs
2021/08/08 16:33 upstream 85a90500f9a1 6972b106 .config console log report info ci-upstream-kasan-gce-root KASAN: use-after-free Read in firmware_fallback_sysfs
2021/08/08 13:57 upstream 85a90500f9a1 6972b106 .config console log report info ci-upstream-kasan-gce KASAN: use-after-free Read in firmware_fallback_sysfs
2021/08/06 19:06 upstream 902e7f373fff f9e341e3 .config console log report info ci-upstream-kasan-gce-selinux-root KASAN: use-after-free Read in firmware_fallback_sysfs
2021/08/05 22:46 upstream 902e7f373fff d2d6e680 .config console log report info ci-qemu-upstream KASAN: use-after-free Read in firmware_fallback_sysfs
2021/08/05 20:07 upstream 902e7f373fff d2d6e680 .config console log report info ci-qemu-upstream-386 KASAN: use-after-free Read in firmware_fallback_sysfs
2021/07/28 07:28 upstream 7d549995d4e0 17d6ab15 .config console log report info ci-upstream-kasan-gce-386 KASAN: use-after-free Read in firmware_fallback_sysfs
2021/03/14 18:38 upstream f296bfd5cd04 4a003785 .config console log report info ci-qemu2-arm64 KASAN: use-after-free Read in firmware_fallback_sysfs
2021/03/10 00:59 upstream 144c79ef3353 26967e35 .config console log report info ci-qemu2-arm64-compat KASAN: use-after-free Read in firmware_fallback_sysfs
2021/01/31 19:25 upstream 6642d600b541 fc9fd31e .config console log report info ci-qemu2-arm64-compat KASAN: use-after-free Read in firmware_fallback_sysfs
2021/01/28 04:06 upstream 2ab38c17aac1 1fa053ad .config console log report info ci-qemu2-arm64 KASAN: use-after-free Read in firmware_fallback_sysfs
2021/08/19 15:15 bpf 3776f3517ed9 a2fe1cb5 .config console log report info ci-upstream-bpf-kasan-gce KASAN: use-after-free Read in firmware_fallback_sysfs
2021/08/19 13:03 bpf 3776f3517ed9 a2fe1cb5 .config console log report info ci-upstream-bpf-kasan-gce KASAN: use-after-free Read in firmware_fallback_sysfs
2021/08/19 11:00 bpf 3776f3517ed9 a2fe1cb5 .config console log report info ci-upstream-bpf-kasan-gce KASAN: use-after-free Read in firmware_fallback_sysfs
2021/08/19 09:56 bpf 3776f3517ed9 a2fe1cb5 .config console log report info ci-upstream-bpf-kasan-gce KASAN: use-after-free Read in firmware_fallback_sysfs
2021/08/19 09:42 bpf 3776f3517ed9 a2fe1cb5 .config console log report info ci-upstream-bpf-kasan-gce KASAN: use-after-free Read in firmware_fallback_sysfs
2021/08/19 08:27 bpf 3776f3517ed9 a2fe1cb5 .config console log report info ci-upstream-bpf-kasan-gce KASAN: use-after-free Read in firmware_fallback_sysfs
2021/08/19 06:42 bpf 3776f3517ed9 a2fe1cb5 .config console log report info ci-upstream-bpf-kasan-gce KASAN: use-after-free Read in firmware_fallback_sysfs
2021/08/19 05:35 bpf 3776f3517ed9 a2fe1cb5 .config console log report info ci-upstream-bpf-kasan-gce KASAN: use-after-free Read in firmware_fallback_sysfs
2021/08/19 05:19 bpf 3776f3517ed9 a2fe1cb5 .config console log report info ci-upstream-bpf-kasan-gce KASAN: use-after-free Read in firmware_fallback_sysfs
2021/08/19 03:14 bpf 3776f3517ed9 a2fe1cb5 .config console log report info ci-upstream-bpf-kasan-gce KASAN: use-after-free Read in firmware_fallback_sysfs
2021/08/19 02:12 bpf 3776f3517ed9 a2fe1cb5 .config console log report info ci-upstream-bpf-kasan-gce KASAN: use-after-free Read in firmware_fallback_sysfs
2021/08/19 01:10 bpf 3776f3517ed9 a2fe1cb5 .config console log report info ci-upstream-bpf-kasan-gce KASAN: use-after-free Read in firmware_fallback_sysfs
2021/08/19 00:12 bpf 3776f3517ed9 a2fe1cb5 .config console log report info ci-upstream-bpf-kasan-gce KASAN: use-after-free Read in firmware_fallback_sysfs
2021/08/18 22:49 bpf 3776f3517ed9 a2fe1cb5 .config console log report info ci-upstream-bpf-kasan-gce KASAN: use-after-free Read in firmware_fallback_sysfs
2021/08/18 21:49 bpf 3776f3517ed9 a2fe1cb5 .config console log report info ci-upstream-bpf-kasan-gce KASAN: use-after-free Read in firmware_fallback_sysfs
2021/08/18 21:02 bpf 3776f3517ed9 a2fe1cb5 .config console log report info ci-upstream-bpf-kasan-gce KASAN: use-after-free Read in firmware_fallback_sysfs
2021/08/18 20:00 bpf 3776f3517ed9 a2fe1cb5 .config console log report info ci-upstream-bpf-kasan-gce KASAN: use-after-free Read in firmware_fallback_sysfs
2021/08/18 18:47 bpf 3776f3517ed9 a2fe1cb5 .config console log report info ci-upstream-bpf-kasan-gce KASAN: use-after-free Read in firmware_fallback_sysfs
2021/08/18 17:29 bpf 3776f3517ed9 a2fe1cb5 .config console log report info ci-upstream-bpf-kasan-gce KASAN: use-after-free Read in firmware_fallback_sysfs
2021/08/18 12:52 bpf 3776f3517ed9 a2fe1cb5 .config console log report info ci-upstream-bpf-kasan-gce KASAN: use-after-free Read in firmware_fallback_sysfs
2021/08/18 11:07 bpf 3776f3517ed9 a2fe1cb5 .config console log report info ci-upstream-bpf-kasan-gce KASAN: use-after-free Read in firmware_fallback_sysfs
2021/08/18 08:08 bpf 3776f3517ed9 a2fe1cb5 .config console log report info ci-upstream-bpf-kasan-gce KASAN: use-after-free Read in firmware_fallback_sysfs
2021/08/18 05:45 bpf 3776f3517ed9 a2fe1cb5 .config console log report info ci-upstream-bpf-kasan-gce KASAN: use-after-free Read in firmware_fallback_sysfs
2021/08/18 04:32 bpf 3776f3517ed9 a2fe1cb5 .config console log report info ci-upstream-bpf-kasan-gce KASAN: use-after-free Read in firmware_fallback_sysfs
2021/08/18 00:19 bpf 3776f3517ed9 a2fe1cb5 .config console log report info ci-upstream-bpf-kasan-gce KASAN: use-after-free Read in firmware_fallback_sysfs
2021/08/17 22:39 bpf 3776f3517ed9 a2fe1cb5 .config console log report info ci-upstream-bpf-kasan-gce KASAN: use-after-free Read in firmware_fallback_sysfs
2021/08/17 19:03 bpf 3776f3517ed9 a2fe1cb5 .config console log report info ci-upstream-bpf-kasan-gce KASAN: use-after-free Read in firmware_fallback_sysfs
2021/08/17 17:50 bpf 3776f3517ed9 a2fe1cb5 .config console log report info ci-upstream-bpf-kasan-gce KASAN: use-after-free Read in firmware_fallback_sysfs
2021/08/17 13:54 bpf 3776f3517ed9 33c26cb7 .config console log report info ci-upstream-bpf-kasan-gce KASAN: use-after-free Read in firmware_fallback_sysfs
2021/08/17 11:46 bpf 3776f3517ed9 33c26cb7 .config console log report info ci-upstream-bpf-kasan-gce KASAN: use-after-free Read in firmware_fallback_sysfs
2021/08/13 23:49 net-old a9a507013a6f 3fd2ea69 .config console log report info ci-upstream-net-this-kasan-gce KASAN: use-after-free Read in firmware_fallback_sysfs
2021/08/13 22:33 net-next-old b769cf44ed55 3fd2ea69 .config console log report info ci-upstream-net-kasan-gce KASAN: use-after-free Read in firmware_fallback_sysfs
2021/08/13 13:58 bpf-next 25dc3895baaa 3fd2ea69 .config console log report info ci-upstream-bpf-next-kasan-gce KASAN: use-after-free Read in firmware_fallback_sysfs
2021/07/30 04:42 linux-next 4ccc9e2db7ac c585c7b0 .config console log report info ci-upstream-linux-next-kasan-gce-root KASAN: use-after-free Read in firmware_fallback_sysfs
2021/06/19 03:38 git://git.kernel.org/pub/scm/linux/kernel/git/riscv/linux.git fixes 18a3c5f7abfd aba2b2fb .config console log report info ci-qemu2-riscv64 KASAN: use-after-free Read in firmware_fallback_sysfs
2021/06/27 05:21 upstream 625acffd7ae2 9d2ab5df .config console log report info ci-qemu2-arm64-mte KASAN: invalid-access Read in firmware_fallback_sysfs
2021/05/27 18:28 upstream bf152b0b41dc 858ea628 .config console log report info ci-qemu2-arm32 BUG: corrupted list in firmware_fallback_sysfs
2021/03/14 10:52 upstream 88fe49249c99 4a003785 .config console log report info ci-qemu2-arm64-mte KASAN: invalid-access Read in firmware_fallback_sysfs
2021/08/19 14:04 bpf 3776f3517ed9 a2fe1cb5 .config console log report info ci-upstream-bpf-kasan-gce BUG: corrupted list in firmware_fallback_sysfs
2021/08/19 12:00 bpf 3776f3517ed9 a2fe1cb5 .config console log report info ci-upstream-bpf-kasan-gce BUG: corrupted list in firmware_fallback_sysfs
2021/08/19 04:15 bpf 3776f3517ed9 a2fe1cb5 .config console log report info ci-upstream-bpf-kasan-gce BUG: corrupted list in firmware_fallback_sysfs
2021/08/18 16:16 bpf 3776f3517ed9 a2fe1cb5 .config console log report info ci-upstream-bpf-kasan-gce BUG: corrupted list in firmware_fallback_sysfs
2021/08/18 15:10 bpf 3776f3517ed9 a2fe1cb5 .config console log report info ci-upstream-bpf-kasan-gce BUG: corrupted list in firmware_fallback_sysfs
2021/08/18 14:09 bpf 3776f3517ed9 a2fe1cb5 .config console log report info ci-upstream-bpf-kasan-gce BUG: corrupted list in firmware_fallback_sysfs
2021/08/18 12:13 bpf 3776f3517ed9 a2fe1cb5 .config console log report info ci-upstream-bpf-kasan-gce BUG: corrupted list in firmware_fallback_sysfs
2021/08/18 09:56 bpf 3776f3517ed9 a2fe1cb5 .config console log report info ci-upstream-bpf-kasan-gce BUG: corrupted list in firmware_fallback_sysfs
2021/08/18 08:41 bpf 3776f3517ed9 a2fe1cb5 .config console log report info ci-upstream-bpf-kasan-gce BUG: corrupted list in firmware_fallback_sysfs
2021/08/18 06:54 bpf 3776f3517ed9 a2fe1cb5 .config console log report info ci-upstream-bpf-kasan-gce BUG: corrupted list in firmware_fallback_sysfs
2021/08/18 03:25 bpf 3776f3517ed9 a2fe1cb5 .config console log report info ci-upstream-bpf-kasan-gce BUG: corrupted list in firmware_fallback_sysfs
2021/08/18 02:32 bpf 3776f3517ed9 a2fe1cb5 .config console log report info ci-upstream-bpf-kasan-gce BUG: corrupted list in firmware_fallback_sysfs
2021/08/18 01:21 bpf 3776f3517ed9 a2fe1cb5 .config console log report info ci-upstream-bpf-kasan-gce BUG: corrupted list in firmware_fallback_sysfs
2021/08/17 14:40 bpf 3776f3517ed9 33c26cb7 .config console log report info ci-upstream-bpf-kasan-gce BUG: corrupted list in firmware_fallback_sysfs
2021/08/17 12:46 bpf 3776f3517ed9 33c26cb7 .config console log report info ci-upstream-bpf-kasan-gce BUG: corrupted list in firmware_fallback_sysfs
2021/08/13 10:07 bpf 2d3a1e3615c5 3fd2ea69 .config console log report info ci-upstream-bpf-kasan-gce KASAN: slab-out-of-bounds Read in firmware_fallback_sysfs
2021/08/12 11:41 bpf-next 25dc3895baaa 6972b106 .config console log report info ci-upstream-bpf-next-kasan-gce KFENCE: use-after-free in firmware_fallback_sysfs
2021/06/23 23:51 https://github.com/google/kmsan.git master 31ffdb453231 fe4ab389 .config console log report info ci-upstream-kmsan-gce KMSAN: uninit-value in firmware_fallback_sysfs
2021/06/19 09:59 https://github.com/google/kmsan.git master bfeba8b4c158 aba2b2fb .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in firmware_fallback_sysfs
2021/06/18 22:41 https://github.com/google/kmsan.git master bfeba8b4c158 aba2b2fb .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in firmware_fallback_sysfs
* Struck through repros no longer work on HEAD.