syzbot

 sign-in | mailing list | source | docs
🐞 Open [847]
🐞 Fixed [87]
🐞 Invalid [1292]
Missing Backports [132]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
💬 Send us feedback

KASAN: use-after-free Read in qd_unlock

Status: upstream: reported C repro on 2024/06/24 17:41
Bug presence: origin:lts-only
[Documentation on labels]
Reported-by: syzbot+edea969b2d7e2438f7f1@syzkaller.appspotmail.com
First crash: 670d, last: 1h52m
Fix commit to backport (bisect log) :
tree: upstream
commit f66af88e33212b57ea86da2c5d66c0d9d5c46344
Author: Andreas Gruenbacher <agruenba@redhat.com>
Date: Mon Aug 28 14:39:20 2023 +0000

  gfs2: Stop using gfs2_make_fs_ro for withdraw

  
Bug presence (2)
Date Name Commit Repro Result
2025/03/15 linux-5.15.y (ToT) 0c935c049b5c C [report] KASAN: use-after-free Read in qd_unlock
2025/03/15 upstream (ToT) b35233e7bfa0 C Didn't crash
Similar bugs (3)
Kernel Title Rank 🛈 Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KASAN: use-after-free Read in qd_unlock (2) gfs2 19 C error done 5 980d 1208d 23/29 fixed on 2023/10/12 12:47
linux-6.1 KASAN: use-after-free Read in qd_unlock 19 7 661d 670d 0/3 auto-obsoleted due to no activity on 2024/10/10 22:13
upstream KASAN: use-after-free Read in qd_unlock gfs2 19 1 1493d 1489d 0/29 auto-closed as invalid on 2022/07/22 08:43
Last patch testing requests (4)
Created Duration User Patch Repo Result
2025/02/28 22:13 12m retest repro linux-5.15.y report log
2025/02/14 11:32 12m retest repro linux-5.15.y report log
2024/12/20 15:06 14m retest repro linux-5.15.y report log
2024/10/09 21:54 15m retest repro linux-5.15.y report log
Fix bisection attempts (4)
Created Duration User Patch Repo Result
2025/05/13 06:23 7h52m fix candidate upstream OK (1) job log
2024/12/13 16:16 1m fix candidate upstream error job log
2024/10/06 14:40 1m fix candidate upstream error job log
2024/07/27 22:24 1m fix candidate upstream error job log

Sample crash report:
RSP: 002b:00007ffdcef759b8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
RAX: 0000000000000000 RBX: 00007f8f78513120 RCX: 00007f8f7847f017
RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffdcef75a70
RBP: 00007ffdcef75a70 R08: 00007ffdcef76a70 R09: 00000000ffffffff
R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffdcef76b00
R13: 00007f8f78513120 R14: 0000000000015418 R15: 00007ffdcef76b40
 </TASK>
==================================================================
BUG: KASAN: use-after-free in instrument_atomic_read include/linux/instrumented.h:71 [inline]
BUG: KASAN: use-after-free in test_bit include/asm-generic/bitops/instrumented-non-atomic.h:134 [inline]
BUG: KASAN: use-after-free in qd_unlock+0x30/0x2d0 fs/gfs2/quota.c:497
Read of size 8 at addr ffff888073eb0090 by task syz-executor/4317

CPU: 0 PID: 4317 Comm: syz-executor Not tainted syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
Call Trace:
 <TASK>
 dump_stack_lvl+0x188/0x250 lib/dump_stack.c:106
 print_address_description+0x60/0x2d0 mm/kasan/report.c:248
 __kasan_report mm/kasan/report.c:434 [inline]
 kasan_report+0xdf/0x130 mm/kasan/report.c:451
 check_region_inline mm/kasan/generic.c:-1 [inline]
 kasan_check_range+0x235/0x290 mm/kasan/generic.c:189
 instrument_atomic_read include/linux/instrumented.h:71 [inline]
 test_bit include/asm-generic/bitops/instrumented-non-atomic.h:134 [inline]
 qd_unlock+0x30/0x2d0 fs/gfs2/quota.c:497
 gfs2_quota_sync+0x5cf/0x700 fs/gfs2/quota.c:1336
 gfs2_sync_fs+0x48/0xb0 fs/gfs2/super.c:651
 sync_filesystem+0xe6/0x220 fs/sync.c:56
 generic_shutdown_super+0x6b/0x300 fs/super.c:448
 kill_block_super+0x7c/0xe0 fs/super.c:1427
 deactivate_locked_super+0x93/0xf0 fs/super.c:335
 cleanup_mnt+0x42d/0x4e0 fs/namespace.c:1148
 task_work_run+0x125/0x1a0 kernel/task_work.c:188
 tracehook_notify_resume include/linux/tracehook.h:189 [inline]
 exit_to_user_mode_loop+0x10f/0x130 kernel/entry/common.c:181
 exit_to_user_mode_prepare+0xee/0x180 kernel/entry/common.c:214
 __syscall_exit_to_user_mode_work kernel/entry/common.c:296 [inline]
 syscall_exit_to_user_mode+0x16/0x40 kernel/entry/common.c:307
 do_syscall_64+0x58/0xa0 arch/x86/entry/common.c:86
 entry_SYSCALL_64_after_hwframe+0x66/0xd0
RIP: 0033:0x7f8f7847f017
Code: a2 c7 05 dc 06 25 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
RSP: 002b:00007ffdcef759b8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
RAX: 0000000000000000 RBX: 00007f8f78513120 RCX: 00007f8f7847f017
RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffdcef75a70
RBP: 00007ffdcef75a70 R08: 00007ffdcef76a70 R09: 00000000ffffffff
R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffdcef76b00
R13: 00007f8f78513120 R14: 0000000000015418 R15: 00007ffdcef76b40
 </TASK>

Allocated by task 4407:
 kasan_save_stack mm/kasan/common.c:38 [inline]
 kasan_set_track mm/kasan/common.c:46 [inline]
 set_alloc_info mm/kasan/common.c:434 [inline]
 __kasan_slab_alloc+0x9c/0xd0 mm/kasan/common.c:467
 kasan_slab_alloc include/linux/kasan.h:254 [inline]
 slab_post_alloc_hook+0x4c/0x380 mm/slab.h:519
 slab_alloc_node mm/slub.c:3225 [inline]
 slab_alloc mm/slub.c:3233 [inline]
 kmem_cache_alloc+0x100/0x290 mm/slub.c:3238
 kmem_cache_zalloc include/linux/slab.h:728 [inline]
 qd_alloc+0x50/0x260 fs/gfs2/quota.c:216
 gfs2_quota_init+0x74e/0xea0 fs/gfs2/quota.c:1426
 gfs2_make_fs_rw+0x414/0x580 fs/gfs2/super.c:159
 gfs2_fill_super+0x1837/0x1f00 fs/gfs2/ops_fstype.c:1276
 get_tree_bdev+0x3f1/0x610 fs/super.c:1325
 gfs2_get_tree+0x4d/0x1e0 fs/gfs2/ops_fstype.c:1332
 vfs_get_tree+0x88/0x270 fs/super.c:1530
 do_new_mount+0x24a/0xa40 fs/namespace.c:3034
 do_mount fs/namespace.c:3377 [inline]
 __do_sys_mount fs/namespace.c:3585 [inline]
 __se_sys_mount+0x2e3/0x3d0 fs/namespace.c:3562
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x4c/0xa0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x66/0xd0

Freed by task 4317:
 kasan_save_stack mm/kasan/common.c:38 [inline]
 kasan_set_track+0x4b/0x70 mm/kasan/common.c:46
 kasan_set_free_info+0x1f/0x40 mm/kasan/generic.c:360
 ____kasan_slab_free+0xd5/0x110 mm/kasan/common.c:366
 kasan_slab_free include/linux/kasan.h:230 [inline]
 slab_free_hook mm/slub.c:1710 [inline]
 slab_free_freelist_hook+0xea/0x170 mm/slub.c:1736
 slab_free mm/slub.c:3504 [inline]
 kmem_cache_free+0x8f/0x210 mm/slub.c:3520
 rcu_do_batch kernel/rcu/tree.c:2523 [inline]
 rcu_core+0x9d2/0x1670 kernel/rcu/tree.c:2763
 handle_softirqs+0x339/0x830 kernel/softirq.c:576
 __do_softirq kernel/softirq.c:610 [inline]
 invoke_softirq kernel/softirq.c:450 [inline]
 __irq_exit_rcu+0x13b/0x230 kernel/softirq.c:659
 irq_exit_rcu+0x5/0x20 kernel/softirq.c:671
 instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1108 [inline]
 sysvec_apic_timer_interrupt+0xa0/0xc0 arch/x86/kernel/apic/apic.c:1108
 asm_sysvec_apic_timer_interrupt+0x16/0x20 arch/x86/include/asm/idtentry.h:676

Last potentially related work creation:
 kasan_save_stack+0x35/0x60 mm/kasan/common.c:38
 kasan_record_aux_stack+0xb8/0x100 mm/kasan/generic.c:348
 __call_rcu kernel/rcu/tree.c:3011 [inline]
 call_rcu+0x189/0x950 kernel/rcu/tree.c:3091
 gfs2_quota_cleanup+0x43c/0x6a0 fs/gfs2/quota.c:1490
 gfs2_make_fs_ro+0x440/0x620 fs/gfs2/super.c:561
 signal_our_withdraw fs/gfs2/util.c:166 [inline]
 gfs2_withdraw+0x610/0x1490 fs/gfs2/util.c:343
 gfs2_dinode_in fs/gfs2/glops.c:465 [inline]
 gfs2_inode_refresh+0xb64/0xff0 fs/gfs2/glops.c:485
 inode_go_lock+0x127/0x470 fs/gfs2/glops.c:510
 do_promote+0x741/0xab0 fs/gfs2/glock.c:507
 finish_xmote+0x4df/0xb00 fs/gfs2/glock.c:678
 do_xmote+0x7b6/0x1120 fs/gfs2/glock.c:824
 gfs2_glock_nq+0xc7a/0x1550 fs/gfs2/glock.c:1534
 gfs2_glock_nq_init fs/gfs2/glock.h:246 [inline]
 do_sync+0x4ab/0xc40 fs/gfs2/quota.c:927
 gfs2_quota_sync+0x32c/0x700 fs/gfs2/quota.c:1329
 gfs2_sync_fs+0x48/0xb0 fs/gfs2/super.c:651
 sync_filesystem+0xe6/0x220 fs/sync.c:56
 generic_shutdown_super+0x6b/0x300 fs/super.c:448
 kill_block_super+0x7c/0xe0 fs/super.c:1427
 deactivate_locked_super+0x93/0xf0 fs/super.c:335
 cleanup_mnt+0x42d/0x4e0 fs/namespace.c:1148
 task_work_run+0x125/0x1a0 kernel/task_work.c:188
 tracehook_notify_resume include/linux/tracehook.h:189 [inline]
 exit_to_user_mode_loop+0x10f/0x130 kernel/entry/common.c:181
 exit_to_user_mode_prepare+0xee/0x180 kernel/entry/common.c:214
 __syscall_exit_to_user_mode_work kernel/entry/common.c:296 [inline]
 syscall_exit_to_user_mode+0x16/0x40 kernel/entry/common.c:307
 do_syscall_64+0x58/0xa0 arch/x86/entry/common.c:86
 entry_SYSCALL_64_after_hwframe+0x66/0xd0

The buggy address belongs to the object at ffff888073eb0000
 which belongs to the cache gfs2_quotad of size 272
The buggy address is located 144 bytes inside of
 272-byte region [ffff888073eb0000, ffff888073eb0110)
The buggy address belongs to the page:
page:ffffea0001cfac00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x73eb0
flags: 0xfff00000000200(slab|node=0|zone=1|lastcpupid=0x7ff)
raw: 00fff00000000200 0000000000000000 dead000000000122 ffff88814682b280
raw: 0000000000000000 00000000800c000c 00000001ffffffff 0000000000000000
page dumped because: kasan: bad access detected
page_owner tracks the page as allocated
page last allocated via order 0, migratetype Reclaimable, gfp_mask 0x112c50(GFP_NOFS|__GFP_NOWARN|__GFP_NORETRY|__GFP_HARDWALL|__GFP_RECLAIMABLE), pid 4407, ts 88489219824, free_ts 86299461516
 prep_new_page mm/page_alloc.c:2426 [inline]
 get_page_from_freelist+0x1bbd/0x1ca0 mm/page_alloc.c:4192
 __alloc_pages+0x1ee/0x480 mm/page_alloc.c:5501
 alloc_slab_page mm/slub.c:1780 [inline]
 allocate_slab mm/slub.c:1917 [inline]
 new_slab+0xc0/0x4b0 mm/slub.c:1980
 ___slab_alloc+0x80a/0xdd0 mm/slub.c:3013
 __slab_alloc mm/slub.c:3100 [inline]
 slab_alloc_node mm/slub.c:3191 [inline]
 slab_alloc mm/slub.c:3233 [inline]
 kmem_cache_alloc+0x195/0x290 mm/slub.c:3238
 kmem_cache_zalloc include/linux/slab.h:728 [inline]
 qd_alloc+0x50/0x260 fs/gfs2/quota.c:216
 gfs2_quota_init+0x74e/0xea0 fs/gfs2/quota.c:1426
 gfs2_make_fs_rw+0x414/0x580 fs/gfs2/super.c:159
 gfs2_fill_super+0x1837/0x1f00 fs/gfs2/ops_fstype.c:1276
 get_tree_bdev+0x3f1/0x610 fs/super.c:1325
 gfs2_get_tree+0x4d/0x1e0 fs/gfs2/ops_fstype.c:1332
 vfs_get_tree+0x88/0x270 fs/super.c:1530
 do_new_mount+0x24a/0xa40 fs/namespace.c:3034
 do_mount fs/namespace.c:3377 [inline]
 __do_sys_mount fs/namespace.c:3585 [inline]
 __se_sys_mount+0x2e3/0x3d0 fs/namespace.c:3562
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x4c/0xa0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x66/0xd0
page last free stack trace:
 reset_page_owner include/linux/page_owner.h:24 [inline]
 free_pages_prepare mm/page_alloc.c:1340 [inline]
 free_pcp_prepare mm/page_alloc.c:1391 [inline]
 free_unref_page_prepare+0x637/0x6c0 mm/page_alloc.c:3317
 free_unref_page+0x8f/0x2a0 mm/page_alloc.c:3396
 free_slab mm/slub.c:2020 [inline]
 discard_slab mm/slub.c:2026 [inline]
 __unfreeze_partials+0x1a5/0x200 mm/slub.c:2512
 put_cpu_partial+0x12d/0x190 mm/slub.c:2592
 qlist_free_all+0x35/0x90 mm/kasan/quarantine.c:176
 kasan_quarantine_reduce+0x150/0x160 mm/kasan/quarantine.c:283
 __kasan_slab_alloc+0x2f/0xd0 mm/kasan/common.c:444
 kasan_slab_alloc include/linux/kasan.h:254 [inline]
 slab_post_alloc_hook+0x4c/0x380 mm/slab.h:519
 slab_alloc_node mm/slub.c:3225 [inline]
 slab_alloc mm/slub.c:3233 [inline]
 __kmalloc+0x127/0x330 mm/slub.c:4408
 kmalloc include/linux/slab.h:612 [inline]
 tomoyo_realpath_from_path+0x118/0x610 security/tomoyo/realpath.c:254
 tomoyo_get_realpath security/tomoyo/file.c:151 [inline]
 tomoyo_path_perm+0x23f/0x5d0 security/tomoyo/file.c:822
 security_inode_getattr+0xcf/0x120 security/security.c:1349
 vfs_getattr+0x26/0x3a0 fs/stat.c:157
 vfs_fstat fs/stat.c:182 [inline]
 __do_sys_newfstat fs/stat.c:421 [inline]
 __se_sys_newfstat fs/stat.c:418 [inline]
 __x64_sys_newfstat+0x137/0x210 fs/stat.c:418
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x4c/0xa0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x66/0xd0

Memory state around the buggy address:
 ffff888073eaff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
 ffff888073eb0000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
>ffff888073eb0080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
                         ^
 ffff888073eb0100: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc
 ffff888073eb0180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
==================================================================

Crashes (8759):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2026/04/24 10:46 linux-5.15.y b9d57c40a767 9cfb3ca7 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/04/24 09:32 linux-5.15.y b9d57c40a767 9cfb3ca7 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/04/23 09:47 linux-5.15.y b9d57c40a767 b10da5ec .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/04/22 20:10 linux-5.15.y b9d57c40a767 4595e353 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/04/20 06:39 linux-5.15.y b9d57c40a767 303e2802 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/04/20 01:15 linux-5.15.y b9d57c40a767 303e2802 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/04/18 19:32 linux-5.15.y b9d57c40a767 303e2802 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/04/18 00:37 linux-5.15.y 91d48252ad4b 24ecfc1e .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/04/16 07:58 linux-5.15.y 91d48252ad4b df15c5f3 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/04/09 14:52 linux-5.15.y 91d48252ad4b 38c8e246 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/04/05 23:05 linux-5.15.y 91d48252ad4b 4440e7c2 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/04/05 10:10 linux-5.15.y 91d48252ad4b 4440e7c2 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/04/05 06:56 linux-5.15.y 91d48252ad4b 4440e7c2 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/04/03 14:06 linux-5.15.y 91d48252ad4b 4440e7c2 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/04/03 13:18 linux-5.15.y 91d48252ad4b 4440e7c2 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/04/01 19:40 linux-5.15.y 91d48252ad4b 9a1f7828 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/03/30 18:28 linux-5.15.y 91d48252ad4b dcaebc52 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/03/29 15:12 linux-5.15.y 91d48252ad4b b5ceaad2 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/03/28 21:25 linux-5.15.y 91d48252ad4b b5ceaad2 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/03/28 11:51 linux-5.15.y 91d48252ad4b 356bdfc9 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/03/28 11:08 linux-5.15.y 91d48252ad4b 356bdfc9 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/03/22 09:14 linux-5.15.y 91d48252ad4b 5b92003d .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/03/18 22:27 linux-5.15.y 91d48252ad4b 0199f9a1 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/03/11 11:59 linux-5.15.y 91d48252ad4b 86914af9 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/03/09 11:57 linux-5.15.y 91d48252ad4b 5cb44a80 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/03/09 09:59 linux-5.15.y 91d48252ad4b 5cb44a80 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/03/09 08:36 linux-5.15.y 91d48252ad4b 5cb44a80 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/03/08 16:47 linux-5.15.y 91d48252ad4b 5cb44a80 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/03/05 09:44 linux-5.15.y 91d48252ad4b a9fe5c9e .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/03/04 03:25 linux-5.15.y 3330a8d33e08 4180d919 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/03/01 18:05 linux-5.15.y 3330a8d33e08 43249bac .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/02/28 00:43 linux-5.15.y 3330a8d33e08 2cf092b8 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/02/24 22:29 linux-5.15.y 3330a8d33e08 96b1aa46 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/02/19 01:28 linux-5.15.y e45d5d41c134 77d4d919 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/02/18 02:27 linux-5.15.y e45d5d41c134 06ec4f7b .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/02/15 23:10 linux-5.15.y e45d5d41c134 1e62d198 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/02/13 02:34 linux-5.15.y e45d5d41c134 504cb1bf .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/02/11 10:25 linux-5.15.y 7b232985052f 441e25b7 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/02/04 12:39 linux-5.15.y 9eec9a14ee10 42b01fab .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/02/02 19:18 linux-5.15.y 9eec9a14ee10 018ebef2 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2025/01/31 07:18 linux-5.15.y 003148680b79 4c6ac32f .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2024/07/12 13:35 linux-5.15.y f45bea23c39c eaeb5c15 .config console log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-linux-5-15-kasan-arm64 KASAN: use-after-free Read in qd_unlock
2026/04/25 18:23 linux-5.15.y b9d57c40a767 9c2d0995 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/04/25 16:24 linux-5.15.y b9d57c40a767 9c2d0995 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/04/25 13:31 linux-5.15.y b9d57c40a767 9c2d0995 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/04/25 11:26 linux-5.15.y b9d57c40a767 9c2d0995 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/04/25 10:25 linux-5.15.y b9d57c40a767 9c2d0995 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/04/25 08:22 linux-5.15.y b9d57c40a767 9c2d0995 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/04/25 05:07 linux-5.15.y b9d57c40a767 9c2d0995 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/04/25 02:53 linux-5.15.y b9d57c40a767 9c2d0995 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/04/25 02:43 linux-5.15.y b9d57c40a767 9c2d0995 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/04/24 23:19 linux-5.15.y b9d57c40a767 1c2b9291 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/04/24 21:23 linux-5.15.y b9d57c40a767 1c2b9291 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/04/24 16:24 linux-5.15.y b9d57c40a767 1c2b9291 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/04/24 14:30 linux-5.15.y b9d57c40a767 1c2b9291 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/04/24 07:45 linux-5.15.y b9d57c40a767 9cfb3ca7 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/04/24 04:42 linux-5.15.y b9d57c40a767 9cfb3ca7 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/04/24 03:41 linux-5.15.y b9d57c40a767 9cfb3ca7 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/04/24 02:38 linux-5.15.y b9d57c40a767 9cfb3ca7 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/04/24 01:37 linux-5.15.y b9d57c40a767 9cfb3ca7 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/04/24 01:36 linux-5.15.y b9d57c40a767 9cfb3ca7 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/04/23 17:55 linux-5.15.y b9d57c40a767 4c3406dc .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/04/23 16:30 linux-5.15.y b9d57c40a767 4c3406dc .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/04/23 14:52 linux-5.15.y b9d57c40a767 4c3406dc .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/04/23 13:30 linux-5.15.y b9d57c40a767 4c3406dc .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/04/23 12:22 linux-5.15.y b9d57c40a767 4c3406dc .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/04/23 12:20 linux-5.15.y b9d57c40a767 4c3406dc .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/04/23 06:36 linux-5.15.y b9d57c40a767 b10da5ec .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/04/23 04:51 linux-5.15.y b9d57c40a767 b10da5ec .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/04/23 00:46 linux-5.15.y b9d57c40a767 b10da5ec .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/04/23 00:14 linux-5.15.y b9d57c40a767 b10da5ec .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/04/22 23:12 linux-5.15.y b9d57c40a767 b10da5ec .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/04/22 21:44 linux-5.15.y b9d57c40a767 4595e353 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/04/22 17:59 linux-5.15.y b9d57c40a767 4595e353 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/04/22 14:35 linux-5.15.y b9d57c40a767 4595e353 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/04/22 12:57 linux-5.15.y b9d57c40a767 4595e353 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/04/22 12:15 linux-5.15.y b9d57c40a767 4595e353 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/04/22 11:06 linux-5.15.y b9d57c40a767 4595e353 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/04/22 09:16 linux-5.15.y b9d57c40a767 0b6ab7ec .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/04/22 08:00 linux-5.15.y b9d57c40a767 0b6ab7ec .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/04/22 07:48 linux-5.15.y b9d57c40a767 0b6ab7ec .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/04/22 06:16 linux-5.15.y b9d57c40a767 0b6ab7ec .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/04/22 03:38 linux-5.15.y b9d57c40a767 0b6ab7ec .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/04/22 00:34 linux-5.15.y b9d57c40a767 0b6ab7ec .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/04/21 19:39 linux-5.15.y b9d57c40a767 0b6ab7ec .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/04/21 17:46 linux-5.15.y b9d57c40a767 0b6ab7ec .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/04/21 06:51 linux-5.15.y b9d57c40a767 3f2e655b .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/04/21 05:47 linux-5.15.y b9d57c40a767 3f2e655b .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2026/04/21 04:29 linux-5.15.y b9d57c40a767 3f2e655b .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2024/06/24 17:41 linux-5.15.y 4878aadf2d15 edc5149a .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan KASAN: use-after-free Read in qd_unlock
2025/08/26 18:35 linux-5.15.y c79648372d02 e12e5ba4 .config console log report info [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 KASAN: use-after-free Read in qd_unlock
* Struck through repros no longer work on HEAD.