syzbot

 sign-in | mailing list | source | docs
🐞 Open [843]
🐞 Fixed [87]
🐞 Invalid [1235]
Missing Backports [132]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
💬 Send us feedback

KASAN: use-after-free Read in qd_unlock

Status: upstream: reported C repro on 2024/06/24 17:41
Bug presence: origin:lts-only
[Documentation on labels]
Reported-by: syzbot+edea969b2d7e2438f7f1@syzkaller.appspotmail.com
First crash: 614d, last: 7h22m
Fix commit to backport (bisect log) :
tree: upstream
commit f66af88e33212b57ea86da2c5d66c0d9d5c46344
Author: Andreas Gruenbacher <agruenba@redhat.com>
Date: Mon Aug 28 14:39:20 2023 +0000

  gfs2: Stop using gfs2_make_fs_ro for withdraw

  
Bug presence (2)
Date Name Commit Repro Result
2025/03/15 linux-5.15.y (ToT) 0c935c049b5c C [report] KASAN: use-after-free Read in qd_unlock
2025/03/15 upstream (ToT) b35233e7bfa0 C Didn't crash
Similar bugs (3)
Kernel Title Rank 🛈 Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KASAN: use-after-free Read in qd_unlock (2) gfs2 19 C error done 5 924d 1153d 23/29 fixed on 2023/10/12 12:47
linux-6.1 KASAN: use-after-free Read in qd_unlock 19 7 606d 614d 0/3 auto-obsoleted due to no activity on 2024/10/10 22:13
upstream KASAN: use-after-free Read in qd_unlock gfs2 19 1 1437d 1433d 0/29 auto-closed as invalid on 2022/07/22 08:43
Last patch testing requests (4)
Created Duration User Patch Repo Result
2025/02/28 22:13 12m retest repro linux-5.15.y report log
2025/02/14 11:32 12m retest repro linux-5.15.y report log
2024/12/20 15:06 14m retest repro linux-5.15.y report log
2024/10/09 21:54 15m retest repro linux-5.15.y report log
Fix bisection attempts (4)
Created Duration User Patch Repo Result
2025/05/13 06:23 7h52m fix candidate upstream OK (1) job log
2024/12/13 16:16 1m fix candidate upstream error job log
2024/10/06 14:40 1m fix candidate upstream error job log
2024/07/27 22:24 1m fix candidate upstream error job log

Sample crash report:
R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffc31288c30
R13: 00007f5f21bf3f90 R14: 000000000001a2c2 R15: 00007ffc31288c70
 </TASK>
==================================================================
BUG: KASAN: use-after-free in instrument_atomic_read include/linux/instrumented.h:71 [inline]
BUG: KASAN: use-after-free in test_bit include/asm-generic/bitops/instrumented-non-atomic.h:134 [inline]
BUG: KASAN: use-after-free in qd_unlock+0x30/0x2d0 fs/gfs2/quota.c:497
Read of size 8 at addr ffff888069007330 by task syz-executor/4295

CPU: 1 PID: 4295 Comm: syz-executor Not tainted syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
Call Trace:
 <TASK>
 dump_stack_lvl+0x188/0x250 lib/dump_stack.c:106
 print_address_description+0x60/0x2d0 mm/kasan/report.c:248
 __kasan_report mm/kasan/report.c:434 [inline]
 kasan_report+0xdf/0x130 mm/kasan/report.c:451
 check_region_inline mm/kasan/generic.c:-1 [inline]
 kasan_check_range+0x235/0x290 mm/kasan/generic.c:189
 instrument_atomic_read include/linux/instrumented.h:71 [inline]
 test_bit include/asm-generic/bitops/instrumented-non-atomic.h:134 [inline]
 qd_unlock+0x30/0x2d0 fs/gfs2/quota.c:497
 gfs2_quota_sync+0x5cf/0x700 fs/gfs2/quota.c:1336
 gfs2_sync_fs+0x48/0xb0 fs/gfs2/super.c:651
 sync_filesystem+0xe6/0x220 fs/sync.c:56
 generic_shutdown_super+0x6b/0x300 fs/super.c:448
 kill_block_super+0x7c/0xe0 fs/super.c:1427
 deactivate_locked_super+0x93/0xf0 fs/super.c:335
 cleanup_mnt+0x42d/0x4e0 fs/namespace.c:1148
 task_work_run+0x125/0x1a0 kernel/task_work.c:188
 tracehook_notify_resume include/linux/tracehook.h:189 [inline]
 exit_to_user_mode_loop+0x10f/0x130 kernel/entry/common.c:181
 exit_to_user_mode_prepare+0xee/0x180 kernel/entry/common.c:214
 __syscall_exit_to_user_mode_work kernel/entry/common.c:296 [inline]
 syscall_exit_to_user_mode+0x16/0x40 kernel/entry/common.c:307
 do_syscall_64+0x58/0xa0 arch/x86/entry/common.c:86
 entry_SYSCALL_64_after_hwframe+0x66/0xd0
RIP: 0033:0x7f5f21b5f9d7
Code: a2 c7 05 1c ed 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
RSP: 002b:00007ffc31287ae8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
RAX: 0000000000000000 RBX: 00007f5f21bf3f90 RCX: 00007f5f21b5f9d7
RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc31287ba0
RBP: 00007ffc31287ba0 R08: 00007ffc31288ba0 R09: 00000000ffffffff
R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffc31288c30
R13: 00007f5f21bf3f90 R14: 000000000001a2c2 R15: 00007ffc31288c70
 </TASK>

Allocated by task 4324:
 kasan_save_stack mm/kasan/common.c:38 [inline]
 kasan_set_track mm/kasan/common.c:46 [inline]
 set_alloc_info mm/kasan/common.c:434 [inline]
 __kasan_slab_alloc+0x9c/0xd0 mm/kasan/common.c:467
 kasan_slab_alloc include/linux/kasan.h:254 [inline]
 slab_post_alloc_hook+0x4c/0x380 mm/slab.h:519
 slab_alloc_node mm/slub.c:3225 [inline]
 slab_alloc mm/slub.c:3233 [inline]
 kmem_cache_alloc+0x100/0x290 mm/slub.c:3238
 kmem_cache_zalloc include/linux/slab.h:728 [inline]
 qd_alloc+0x50/0x260 fs/gfs2/quota.c:216
 gfs2_quota_init+0x74e/0xea0 fs/gfs2/quota.c:1426
 gfs2_make_fs_rw+0x414/0x580 fs/gfs2/super.c:159
 gfs2_fill_super+0x1837/0x1f00 fs/gfs2/ops_fstype.c:1276
 get_tree_bdev+0x3f1/0x610 fs/super.c:1325
 gfs2_get_tree+0x4d/0x1e0 fs/gfs2/ops_fstype.c:1332
 vfs_get_tree+0x88/0x270 fs/super.c:1530
 do_new_mount+0x24a/0xa40 fs/namespace.c:3034
 do_mount fs/namespace.c:3377 [inline]
 __do_sys_mount fs/namespace.c:3585 [inline]
 __se_sys_mount+0x2e3/0x3d0 fs/namespace.c:3562
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x4c/0xa0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x66/0xd0

Freed by task 4295:
 kasan_save_stack mm/kasan/common.c:38 [inline]
 kasan_set_track+0x4b/0x70 mm/kasan/common.c:46
 kasan_set_free_info+0x1f/0x40 mm/kasan/generic.c:360
 ____kasan_slab_free+0xd5/0x110 mm/kasan/common.c:366
 kasan_slab_free include/linux/kasan.h:230 [inline]
 slab_free_hook mm/slub.c:1710 [inline]
 slab_free_freelist_hook+0xea/0x170 mm/slub.c:1736
 slab_free mm/slub.c:3504 [inline]
 kmem_cache_free+0x8f/0x210 mm/slub.c:3520
 rcu_do_batch kernel/rcu/tree.c:2523 [inline]
 rcu_core+0x9d2/0x1670 kernel/rcu/tree.c:2763
 handle_softirqs+0x339/0x830 kernel/softirq.c:576
 __do_softirq kernel/softirq.c:610 [inline]
 invoke_softirq kernel/softirq.c:450 [inline]
 __irq_exit_rcu+0x13b/0x230 kernel/softirq.c:659
 irq_exit_rcu+0x5/0x20 kernel/softirq.c:671
 instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1108 [inline]
 sysvec_apic_timer_interrupt+0xa0/0xc0 arch/x86/kernel/apic/apic.c:1108
 asm_sysvec_apic_timer_interrupt+0x16/0x20 arch/x86/include/asm/idtentry.h:676

Last potentially related work creation:
 kasan_save_stack+0x35/0x60 mm/kasan/common.c:38
 kasan_record_aux_stack+0xb8/0x100 mm/kasan/generic.c:348
 __call_rcu kernel/rcu/tree.c:3011 [inline]
 call_rcu+0x189/0x950 kernel/rcu/tree.c:3091
 gfs2_quota_cleanup+0x43c/0x6a0 fs/gfs2/quota.c:1490
 gfs2_make_fs_ro+0x440/0x620 fs/gfs2/super.c:561
 signal_our_withdraw fs/gfs2/util.c:166 [inline]
 gfs2_withdraw+0x610/0x1490 fs/gfs2/util.c:343
 gfs2_dinode_in fs/gfs2/glops.c:465 [inline]
 gfs2_inode_refresh+0xb64/0xff0 fs/gfs2/glops.c:485
 inode_go_lock+0x127/0x470 fs/gfs2/glops.c:510
 do_promote+0x741/0xab0 fs/gfs2/glock.c:507
 finish_xmote+0x4df/0xb00 fs/gfs2/glock.c:678
 do_xmote+0x7b6/0x1120 fs/gfs2/glock.c:824
 gfs2_glock_nq+0xc7a/0x1550 fs/gfs2/glock.c:1534
 gfs2_glock_nq_init fs/gfs2/glock.h:246 [inline]
 do_sync+0x4ab/0xc40 fs/gfs2/quota.c:927
 gfs2_quota_sync+0x32c/0x700 fs/gfs2/quota.c:1329
 gfs2_sync_fs+0x48/0xb0 fs/gfs2/super.c:651
 sync_filesystem+0xe6/0x220 fs/sync.c:56
 generic_shutdown_super+0x6b/0x300 fs/super.c:448
 kill_block_super+0x7c/0xe0 fs/super.c:1427
 deactivate_locked_super+0x93/0xf0 fs/super.c:335
 cleanup_mnt+0x42d/0x4e0 fs/namespace.c:1148
 task_work_run+0x125/0x1a0 kernel/task_work.c:188
 tracehook_notify_resume include/linux/tracehook.h:189 [inline]
 exit_to_user_mode_loop+0x10f/0x130 kernel/entry/common.c:181
 exit_to_user_mode_prepare+0xee/0x180 kernel/entry/common.c:214
 __syscall_exit_to_user_mode_work kernel/entry/common.c:296 [inline]
 syscall_exit_to_user_mode+0x16/0x40 kernel/entry/common.c:307
 do_syscall_64+0x58/0xa0 arch/x86/entry/common.c:86
 entry_SYSCALL_64_after_hwframe+0x66/0xd0

The buggy address belongs to the object at ffff8880690072a0
 which belongs to the cache gfs2_quotad of size 272
The buggy address is located 144 bytes inside of
 272-byte region [ffff8880690072a0, ffff8880690073b0)
The buggy address belongs to the page:
page:ffffea0001a401c0 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x69007
flags: 0xfff00000000200(slab|node=0|zone=1|lastcpupid=0x7ff)
raw: 00fff00000000200 0000000000000000 dead000000000122 ffff88801d7c8c80
raw: 0000000000000000 00000000800c000c 00000001ffffffff 0000000000000000
page dumped because: kasan: bad access detected
page_owner tracks the page as allocated
page last allocated via order 0, migratetype Reclaimable, gfp_mask 0x112c50(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_HARDWALL|__GFP_RECLAIMABLE), pid 4315, ts 103713008904, free_ts 90833753550
 prep_new_page mm/page_alloc.c:2426 [inline]
 get_page_from_freelist+0x1bbd/0x1ca0 mm/page_alloc.c:4192
 __alloc_pages+0x1ee/0x480 mm/page_alloc.c:5487
 alloc_slab_page mm/slub.c:1780 [inline]
 allocate_slab mm/slub.c:1917 [inline]
 new_slab+0xc0/0x4b0 mm/slub.c:1980
 ___slab_alloc+0x80a/0xdd0 mm/slub.c:3013
 __slab_alloc mm/slub.c:3100 [inline]
 slab_alloc_node mm/slub.c:3191 [inline]
 slab_alloc mm/slub.c:3233 [inline]
 kmem_cache_alloc+0x195/0x290 mm/slub.c:3238
 kmem_cache_zalloc include/linux/slab.h:728 [inline]
 qd_alloc+0x50/0x260 fs/gfs2/quota.c:216
 gfs2_quota_init+0x74e/0xea0 fs/gfs2/quota.c:1426
 gfs2_make_fs_rw+0x414/0x580 fs/gfs2/super.c:159
 gfs2_fill_super+0x1837/0x1f00 fs/gfs2/ops_fstype.c:1276
 get_tree_bdev+0x3f1/0x610 fs/super.c:1325
 gfs2_get_tree+0x4d/0x1e0 fs/gfs2/ops_fstype.c:1332
 vfs_get_tree+0x88/0x270 fs/super.c:1530
 do_new_mount+0x24a/0xa40 fs/namespace.c:3034
 do_mount fs/namespace.c:3377 [inline]
 __do_sys_mount fs/namespace.c:3585 [inline]
 __se_sys_mount+0x2e3/0x3d0 fs/namespace.c:3562
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x4c/0xa0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x66/0xd0
page last free stack trace:
 reset_page_owner include/linux/page_owner.h:24 [inline]
 free_pages_prepare mm/page_alloc.c:1340 [inline]
 free_pcp_prepare mm/page_alloc.c:1391 [inline]
 free_unref_page_prepare+0x637/0x6c0 mm/page_alloc.c:3317
 free_unref_page_list+0x119/0x820 mm/page_alloc.c:3433
 release_pages+0x186c/0x1be0 mm/swap.c:963
 tlb_batch_pages_flush mm/mmu_gather.c:49 [inline]
 tlb_flush_mmu_free mm/mmu_gather.c:240 [inline]
 tlb_flush_mmu mm/mmu_gather.c:247 [inline]
 tlb_finish_mmu+0x176/0x300 mm/mmu_gather.c:338
 unmap_region+0x344/0x3b0 mm/mmap.c:2669
 __do_munmap+0x9f8/0xdf0 mm/mmap.c:2899
 __vm_munmap+0x140/0x240 mm/mmap.c:2952
 __do_sys_munmap mm/mmap.c:2978 [inline]
 __se_sys_munmap mm/mmap.c:2974 [inline]
 __x64_sys_munmap+0x67/0x70 mm/mmap.c:2974
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x4c/0xa0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x66/0xd0

Memory state around the buggy address:
 ffff888069007200: fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc
 ffff888069007280: fc fc fc fc fa fb fb fb fb fb fb fb fb fb fb fb
>ffff888069007300: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
                                     ^
 ffff888069007380: fb fb fb fb fb fb fc fc fc fc fc fc fc fc fc fc
 ffff888069007400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
==================================================================

Crashes (6408):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2026/02/28 00:43 linux-5.15.y 3330a8d33e08 2cf092b8 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/02/24 22:29 linux-5.15.y 3330a8d33e08 96b1aa46 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/02/19 01:28 linux-5.15.y e45d5d41c134 77d4d919 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/02/18 02:27 linux-5.15.y e45d5d41c134 06ec4f7b .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/02/15 23:10 linux-5.15.y e45d5d41c134 1e62d198 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/02/13 02:34 linux-5.15.y e45d5d41c134 504cb1bf .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/02/11 10:25 linux-5.15.y 7b232985052f 441e25b7 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/02/04 12:39 linux-5.15.y 9eec9a14ee10 42b01fab .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/02/02 19:18 linux-5.15.y 9eec9a14ee10 018ebef2 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/01/30 10:50 linux-5.15.y 9eec9a14ee10 bfa73b7b .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/01/30 09:16 linux-5.15.y 9eec9a14ee10 bfa73b7b .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/01/25 00:46 linux-5.15.y 9eec9a14ee10 40acda8a .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/01/19 07:40 linux-5.15.y 68efe5a6c16a 20d37d28 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/01/19 06:29 linux-5.15.y 68efe5a6c16a 20d37d28 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/01/19 05:18 linux-5.15.y 68efe5a6c16a 20d37d28 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/01/19 04:04 linux-5.15.y 68efe5a6c16a 20d37d28 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/01/19 02:53 linux-5.15.y 68efe5a6c16a 20d37d28 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/01/18 11:13 linux-5.15.y 68efe5a6c16a 20d37d28 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/01/18 10:26 linux-5.15.y 68efe5a6c16a 20d37d28 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/01/18 10:08 linux-5.15.y 68efe5a6c16a 20d37d28 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/01/14 19:40 linux-5.15.y 68efe5a6c16a d6526ea3 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/01/12 16:12 linux-5.15.y 68efe5a6c16a d6526ea3 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/01/08 13:05 linux-5.15.y 68efe5a6c16a d6526ea3 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/01/08 03:09 linux-5.15.y 68efe5a6c16a d6526ea3 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/01/08 01:23 linux-5.15.y 68efe5a6c16a d6526ea3 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/01/07 16:31 linux-5.15.y 68efe5a6c16a d6526ea3 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/01/06 00:14 linux-5.15.y 68efe5a6c16a d6526ea3 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/01/05 22:25 linux-5.15.y 68efe5a6c16a d6526ea3 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/01/03 16:45 linux-5.15.y 68efe5a6c16a d6526ea3 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2025/12/31 06:40 linux-5.15.y 68efe5a6c16a d6526ea3 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2025/12/23 11:41 linux-5.15.y 68efe5a6c16a d6526ea3 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2025/12/19 01:41 linux-5.15.y 68efe5a6c16a d6526ea3 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2025/12/15 07:59 linux-5.15.y 68efe5a6c16a d6526ea3 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2025/11/27 02:18 linux-5.15.y cc5ec8769306 d6526ea3 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2025/11/25 20:17 linux-5.15.y cc5ec8769306 64219f15 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2025/11/21 04:02 linux-5.15.y cc5ec8769306 2cc4c24a .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2025/11/08 22:21 linux-5.15.y cc5ec8769306 4e1406b4 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2025/11/07 22:47 linux-5.15.y cc5ec8769306 4e1406b4 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2025/10/12 09:17 linux-5.15.y 29e53a5b1c4f ff1712fe .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2025/01/31 07:18 linux-5.15.y 003148680b79 4c6ac32f .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2025/07/18 00:12 linux-5.15.y 89950c454265 0d1223f1 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro #1 (clean fs)] [mounted in repro #2 (corrupt fs)] ci2-linux-5-15-kasan-arm64 KASAN: use-after-free Read in qd_unlock
2024/07/12 13:35 linux-5.15.y f45bea23c39c eaeb5c15 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-linux-5-15-kasan-arm64 KASAN: use-after-free Read in qd_unlock
2026/03/01 00:20 linux-5.15.y 3330a8d33e08 43249bac .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/02/28 21:19 linux-5.15.y 3330a8d33e08 43249bac .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/02/28 19:06 linux-5.15.y 3330a8d33e08 43249bac .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/02/28 18:26 linux-5.15.y 3330a8d33e08 43249bac .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/02/28 09:24 linux-5.15.y 3330a8d33e08 43249bac .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/02/28 07:44 linux-5.15.y 3330a8d33e08 43249bac .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/02/28 04:47 linux-5.15.y 3330a8d33e08 43249bac .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/02/28 04:14 linux-5.15.y 3330a8d33e08 43249bac .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/02/28 02:35 linux-5.15.y 3330a8d33e08 2cf092b8 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/02/27 22:59 linux-5.15.y 3330a8d33e08 2cf092b8 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/02/27 19:47 linux-5.15.y 3330a8d33e08 2cf092b8 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/02/27 18:07 linux-5.15.y 3330a8d33e08 2cf092b8 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/02/27 16:19 linux-5.15.y 3330a8d33e08 2cf092b8 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/02/27 13:10 linux-5.15.y 3330a8d33e08 a2f13f71 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/02/27 12:20 linux-5.15.y 3330a8d33e08 a2f13f71 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/02/27 08:31 linux-5.15.y 3330a8d33e08 a2f13f71 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/02/27 05:05 linux-5.15.y 3330a8d33e08 a2f13f71 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/02/27 02:41 linux-5.15.y 3330a8d33e08 a2f13f71 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/02/27 02:38 linux-5.15.y 3330a8d33e08 a2f13f71 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/02/27 01:22 linux-5.15.y 3330a8d33e08 a2f13f71 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/02/27 00:10 linux-5.15.y 3330a8d33e08 a2f13f71 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/02/26 18:47 linux-5.15.y 3330a8d33e08 ffa54287 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/02/26 16:02 linux-5.15.y 3330a8d33e08 ffa54287 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/02/26 14:42 linux-5.15.y 3330a8d33e08 ffa54287 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/02/26 13:16 linux-5.15.y 3330a8d33e08 ffa54287 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/02/26 12:50 linux-5.15.y 3330a8d33e08 ffa54287 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/02/26 03:17 linux-5.15.y 3330a8d33e08 e0f78d93 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/02/26 01:23 linux-5.15.y 3330a8d33e08 e0f78d93 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/02/26 00:52 linux-5.15.y 3330a8d33e08 e0f78d93 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/02/25 19:43 linux-5.15.y 3330a8d33e08 94a9671e .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/02/25 17:55 linux-5.15.y 3330a8d33e08 94a9671e .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/02/25 14:03 linux-5.15.y 3330a8d33e08 94a9671e .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/02/25 13:21 linux-5.15.y 3330a8d33e08 94a9671e .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/02/25 12:14 linux-5.15.y 3330a8d33e08 94a9671e .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/02/25 07:31 linux-5.15.y 3330a8d33e08 787dfb7c .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/02/25 07:15 linux-5.15.y 3330a8d33e08 787dfb7c .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/02/25 05:54 linux-5.15.y 3330a8d33e08 787dfb7c .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/02/25 03:14 linux-5.15.y 3330a8d33e08 787dfb7c .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/02/25 02:06 linux-5.15.y 3330a8d33e08 787dfb7c .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/02/25 02:04 linux-5.15.y 3330a8d33e08 787dfb7c .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/02/24 23:53 linux-5.15.y 3330a8d33e08 787dfb7c .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/02/24 20:19 linux-5.15.y 3330a8d33e08 96b1aa46 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/02/24 19:57 linux-5.15.y 3330a8d33e08 96b1aa46 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/02/24 19:42 linux-5.15.y 3330a8d33e08 96b1aa46 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2024/06/24 17:41 linux-5.15.y 4878aadf2d15 edc5149a .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2025/08/26 18:35 linux-5.15.y c79648372d02 e12e5ba4 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 KASAN: use-after-free Read in qd_unlock
* Struck through repros no longer work on HEAD.