syzbot


KASAN: use-after-free Read in io_poll_remove_entries

Status: auto-obsoleted due to no activity on 2023/07/04 23:32
Subsystems: io-uring
[Documentation on labels]
Reported-by: syzbot+cd301bb6523ea8cc8ca2@syzkaller.appspotmail.com
First crash: 853d, last: 473d
Cause bisection: introduced by (bisect log) :
commit 91eac1c69c202d9dad8bf717ae5b92db70bfe5cf
Author: Jens Axboe <axboe@kernel.dk>
Date: Wed Mar 16 22:59:10 2022 +0000

  io_uring: cache poll/double-poll state with a request flag

Crash: KASAN: use-after-free Read in tty_release (log)
Repro: C syz .config
  
Fix bisection: fixed by (bisect log) :
commit 9cae36a094e7e9d6e5fe8b6dcd4642138b3eb0c7
Author: Jens Axboe <axboe@kernel.dk>
Date: Thu Jun 2 05:57:02 2022 +0000

  io_uring: reinstate the inflight tracking

  
Discussions (2)
Title Replies (including bot) Last reply
[syzbot] Monthly io-uring report 9 (10) 2023/03/27 20:21
[syzbot] KASAN: use-after-free Read in io_poll_remove_entries 1 (5) 2022/03/23 05:00
Similar bugs (1)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
linux-6.1 general protection fault in io_poll_remove_entries C done 21 476d 495d 3/3 fixed on 2023/05/02 21:55
Last patch testing requests (7)
Created Duration User Patch Repo Result
2023/06/15 08:20 26m retest repro upstream OK log
2023/06/15 04:14 41m retest repro linux-next OK log
2023/06/15 00:10 22m retest repro git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci OK log
2022/11/15 10:30 18m retest repro upstream OK log
2022/11/15 10:30 18m retest repro upstream OK log
2022/11/15 10:30 19m retest repro upstream OK log
2022/03/23 01:22 12m axboe@kernel.dk git://git.kernel.dk/linux-block for-5.18/io_uring OK

Sample crash report:
==================================================================
BUG: KASAN: use-after-free in __lock_acquire+0x3ab9/0x5660 kernel/locking/lockdep.c:4923
Read of size 8 at addr ffff88807b7a93b8 by task syz-executor404/4110

CPU: 0 PID: 4110 Comm: syz-executor404 Not tainted 5.18.0-syzkaller-11972-gd1dc87763f40 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0xcd/0x134 lib/dump_stack.c:106
 print_address_description.constprop.0.cold+0xeb/0x495 mm/kasan/report.c:313
 print_report mm/kasan/report.c:429 [inline]
 kasan_report.cold+0xf4/0x1c6 mm/kasan/report.c:491
 __lock_acquire+0x3ab9/0x5660 kernel/locking/lockdep.c:4923
 lock_acquire kernel/locking/lockdep.c:5665 [inline]
 lock_acquire+0x1ab/0x570 kernel/locking/lockdep.c:5630
 __raw_spin_lock_irq include/linux/spinlock_api_smp.h:119 [inline]
 _raw_spin_lock_irq+0x32/0x50 kernel/locking/spinlock.c:170
 spin_lock_irq include/linux/spinlock.h:374 [inline]
 io_poll_remove_entry fs/io_uring.c:6840 [inline]
 io_poll_remove_entries.part.0+0x15f/0x7e0 fs/io_uring.c:6873
 io_poll_remove_entries fs/io_uring.c:6853 [inline]
 io_apoll_task_func+0xbd/0x230 fs/io_uring.c:6989
 handle_tw_list fs/io_uring.c:2938 [inline]
 tctx_task_work+0x16a/0xe10 fs/io_uring.c:2967
 task_work_run+0xdd/0x1a0 kernel/task_work.c:177
 exit_task_work include/linux/task_work.h:38 [inline]
 do_exit+0xaff/0x2a00 kernel/exit.c:795
 do_group_exit+0xd2/0x2f0 kernel/exit.c:925
 __do_sys_exit_group kernel/exit.c:936 [inline]
 __se_sys_exit_group kernel/exit.c:934 [inline]
 __x64_sys_exit_group+0x3a/0x50 kernel/exit.c:934
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x46/0xb0
RIP: 0033:0x7fd1eaa3a689
Code: Unable to access opcode bytes at RIP 0x7fd1eaa3a65f.
RSP: 002b:00007ffe67b8b7a8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
RAX: ffffffffffffffda RBX: 00007fd1eaaae330 RCX: 00007fd1eaa3a689
RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000000
RBP: 0000000000000000 R08: ffffffffffffffc0 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd1eaaae330
R13: 0000000000000001 R14: 0000000000000000 R15: 0000000000000001
 </TASK>

Allocated by task 4110:
 kasan_save_stack+0x1e/0x40 mm/kasan/common.c:38
 kasan_set_track mm/kasan/common.c:45 [inline]
 set_alloc_info mm/kasan/common.c:436 [inline]
 ____kasan_kmalloc mm/kasan/common.c:515 [inline]
 ____kasan_kmalloc mm/kasan/common.c:474 [inline]
 __kasan_kmalloc+0xa9/0xd0 mm/kasan/common.c:524
 io_ring_ctx_alloc fs/io_uring.c:1838 [inline]
 io_uring_create fs/io_uring.c:12396 [inline]
 io_uring_setup.cold+0x12e/0x27fc fs/io_uring.c:12535
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x46/0xb0

Freed by task 3650:
 kasan_save_stack+0x1e/0x40 mm/kasan/common.c:38
 kasan_set_track+0x21/0x30 mm/kasan/common.c:45
 kasan_set_free_info+0x20/0x30 mm/kasan/generic.c:370
 ____kasan_slab_free mm/kasan/common.c:366 [inline]
 ____kasan_slab_free+0x166/0x1a0 mm/kasan/common.c:328
 kasan_slab_free include/linux/kasan.h:200 [inline]
 slab_free_hook mm/slub.c:1727 [inline]
 slab_free_freelist_hook+0x8b/0x1c0 mm/slub.c:1753
 slab_free mm/slub.c:3507 [inline]
 kfree+0xd6/0x4d0 mm/slub.c:4555
 io_ring_ctx_free fs/io_uring.c:11159 [inline]
 io_ring_exit_work+0xe29/0xe74 fs/io_uring.c:11303
 process_one_work+0x996/0x1610 kernel/workqueue.c:2289
 worker_thread+0x665/0x1080 kernel/workqueue.c:2436
 kthread+0x2e9/0x3a0 kernel/kthread.c:376
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:302

Last potentially related work creation:
 kasan_save_stack+0x1e/0x40 mm/kasan/common.c:38
 __kasan_record_aux_stack+0xbe/0xd0 mm/kasan/generic.c:348
 insert_work+0x48/0x350 kernel/workqueue.c:1358
 __queue_work+0x62e/0x1140 kernel/workqueue.c:1517
 queue_work_on+0xee/0x110 kernel/workqueue.c:1545
 queue_work include/linux/workqueue.h:502 [inline]
 io_ring_ctx_wait_and_kill+0x327/0x360 fs/io_uring.c:11357
 io_uring_release+0x42/0x46 fs/io_uring.c:11365
 __fput+0x277/0x9d0 fs/file_table.c:317
 task_work_run+0xdd/0x1a0 kernel/task_work.c:177
 exit_task_work include/linux/task_work.h:38 [inline]
 do_exit+0xaff/0x2a00 kernel/exit.c:795
 do_group_exit+0xd2/0x2f0 kernel/exit.c:925
 __do_sys_exit_group kernel/exit.c:936 [inline]
 __se_sys_exit_group kernel/exit.c:934 [inline]
 __x64_sys_exit_group+0x3a/0x50 kernel/exit.c:934
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x46/0xb0

The buggy address belongs to the object at ffff88807b7a9000
 which belongs to the cache kmalloc-2k of size 2048
The buggy address is located 952 bytes inside of
 2048-byte region [ffff88807b7a9000, ffff88807b7a9800)

The buggy address belongs to the physical page:
page:ffffea0001edea00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7b7a8
head:ffffea0001edea00 order:3 compound_mapcount:0 compound_pincount:0
flags: 0xfff00000010200(slab|head|node=0|zone=1|lastcpupid=0x7ff)
raw: 00fff00000010200 0000000000000000 dead000000000122 ffff888010c42000
raw: 0000000000000000 0000000080080008 00000001ffffffff 0000000000000000
page dumped because: kasan: bad access detected
page_owner tracks the page as allocated
page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 4110, tgid 4110 (syz-executor404), ts 76147822933, free_ts 76137859535
 prep_new_page mm/page_alloc.c:2456 [inline]
 get_page_from_freelist+0x1290/0x3b70 mm/page_alloc.c:4198
 __alloc_pages+0x1c7/0x510 mm/page_alloc.c:5426
 alloc_pages+0x1aa/0x310 mm/mempolicy.c:2272
 alloc_slab_page mm/slub.c:1797 [inline]
 allocate_slab+0x26c/0x3c0 mm/slub.c:1942
 new_slab mm/slub.c:2002 [inline]
 ___slab_alloc+0x985/0xd90 mm/slub.c:3002
 __slab_alloc.constprop.0+0x4d/0xa0 mm/slub.c:3089
 slab_alloc_node mm/slub.c:3180 [inline]
 slab_alloc mm/slub.c:3222 [inline]
 __kmalloc+0x318/0x350 mm/slub.c:4413
 io_ring_ctx_alloc fs/io_uring.c:1838 [inline]
 io_uring_create fs/io_uring.c:12396 [inline]
 io_uring_setup.cold+0x12e/0x27fc fs/io_uring.c:12535
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x46/0xb0
page last free stack trace:
 reset_page_owner include/linux/page_owner.h:24 [inline]
 free_pages_prepare mm/page_alloc.c:1371 [inline]
 free_pcp_prepare+0x549/0xd20 mm/page_alloc.c:1421
 free_unref_page_prepare mm/page_alloc.c:3343 [inline]
 free_unref_page+0x19/0x6a0 mm/page_alloc.c:3438
 __unfreeze_partials+0x17c/0x1a0 mm/slub.c:2521
 qlink_free mm/kasan/quarantine.c:168 [inline]
 qlist_free_all+0x6a/0x170 mm/kasan/quarantine.c:187
 kasan_quarantine_reduce+0x180/0x200 mm/kasan/quarantine.c:294
 __kasan_slab_alloc+0xa2/0xc0 mm/kasan/common.c:446
 kasan_slab_alloc include/linux/kasan.h:224 [inline]
 slab_post_alloc_hook mm/slab.h:750 [inline]
 slab_alloc_node mm/slub.c:3214 [inline]
 slab_alloc mm/slub.c:3222 [inline]
 __kmem_cache_alloc_lru mm/slub.c:3229 [inline]
 kmem_cache_alloc+0x204/0x3b0 mm/slub.c:3239
 vm_area_alloc+0x1c/0x110 kernel/fork.c:459
 mmap_region+0x96e/0x1460 mm/mmap.c:1776
 do_mmap+0x863/0xfa0 mm/mmap.c:1587
 vm_mmap_pgoff+0x1b7/0x290 mm/util.c:552
 ksys_mmap_pgoff+0x40d/0x5a0 mm/mmap.c:1633
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x46/0xb0

Memory state around the buggy address:
 ffff88807b7a9280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
 ffff88807b7a9300: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
>ffff88807b7a9380: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
                                        ^
 ffff88807b7a9400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
 ffff88807b7a9480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
==================================================================

Crashes (751):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2022/06/02 22:19 upstream d1dc87763f40 5783034f .config console log report syz C ci-upstream-kasan-gce KASAN: use-after-free Read in io_poll_remove_entries
2022/04/18 23:51 upstream b2d229d4ddb1 8bcc32a6 .config console log report syz C ci-upstream-kasan-gce KASAN: use-after-free Read in io_poll_remove_entries
2022/04/18 23:25 upstream b2d229d4ddb1 8bcc32a6 .config console log report syz C ci-upstream-kasan-gce-root KASAN: use-after-free Read in io_poll_remove_entries
2022/03/23 01:20 upstream b47d5a4f6b8d d88ef0c5 .config console log report syz C ci-upstream-kasan-gce-smack-root KASAN: use-after-free Read in io_poll_remove_entries
2023/03/16 07:42 upstream 9c1bec9c0b08 18b58603 .config strace log report syz C [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce general protection fault in io_poll_remove_entries
2023/02/27 19:46 linux-next 7f7a8831520f e792ae78 .config strace log report syz C [disk image] [vmlinux] [kernel image] ci-upstream-linux-next-kasan-gce-root general protection fault in io_poll_remove_entries
2023/03/15 01:21 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci fe15c26ee26e 0d5c4377 .config console log report syz C [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 KASAN: null-ptr-deref Read in io_poll_remove_entries
2022/03/22 06:18 upstream 8565d64430f8 e2d91b1d .config console log report info ci-upstream-kasan-gce-selinux-root KASAN: use-after-free Read in io_poll_remove_entries
2023/01/14 10:10 linux-next 0a093b2893c7 529798b0 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-linux-next-kasan-gce-root KASAN: use-after-free Read in io_poll_remove_entries
2023/03/31 11:20 upstream 62bad54b26db f325deb0 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce general protection fault in io_poll_remove_entries
2023/03/31 09:18 upstream 62bad54b26db f325deb0 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce general protection fault in io_poll_remove_entries
2023/03/31 04:13 upstream 8bb95a1662f8 f325deb0 .config console log report info ci-upstream-kasan-gce general protection fault in io_poll_remove_entries
2023/03/31 00:38 upstream 8bb95a1662f8 f325deb0 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root general protection fault in io_poll_remove_entries
2023/03/30 20:55 upstream 8bb95a1662f8 f325deb0 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root general protection fault in io_poll_remove_entries
2023/03/30 18:55 upstream 8bb95a1662f8 f325deb0 .config console log report info ci-upstream-kasan-gce general protection fault in io_poll_remove_entries
2023/03/30 14:45 upstream ffe78bbd5121 f325deb0 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root general protection fault in io_poll_remove_entries
2023/03/30 07:44 upstream ffe78bbd5121 f325deb0 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root general protection fault in io_poll_remove_entries
2023/03/30 05:51 upstream ffe78bbd5121 f325deb0 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root general protection fault in io_poll_remove_entries
2023/03/30 01:25 upstream ffe78bbd5121 f325deb0 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce general protection fault in io_poll_remove_entries
2023/03/29 09:50 upstream fcd476ea6a88 fc067f05 .config console log report info ci-upstream-kasan-gce general protection fault in io_poll_remove_entries
2023/03/29 05:13 upstream fcd476ea6a88 fc067f05 .config console log report info ci-upstream-kasan-gce-selinux-root general protection fault in io_poll_remove_entries
2023/03/29 03:05 upstream fcd476ea6a88 fc067f05 .config console log report info ci-upstream-kasan-gce-selinux-root general protection fault in io_poll_remove_entries
2023/03/28 21:56 upstream fcd476ea6a88 48c74771 .config console log report info ci-upstream-kasan-gce general protection fault in io_poll_remove_entries
2023/03/28 16:54 upstream 3a93e40326c8 48c74771 .config console log report info ci-upstream-kasan-gce general protection fault in io_poll_remove_entries
2023/03/28 14:06 upstream 3a93e40326c8 48c74771 .config console log report info ci-upstream-kasan-gce general protection fault in io_poll_remove_entries
2023/03/28 12:06 upstream 3a93e40326c8 47f3aaf1 .config console log report info ci-upstream-kasan-gce general protection fault in io_poll_remove_entries
2023/03/28 11:06 upstream 3a93e40326c8 47f3aaf1 .config console log report info ci-upstream-kasan-gce general protection fault in io_poll_remove_entries
2023/03/28 08:14 upstream 3a93e40326c8 47f3aaf1 .config console log report info ci-upstream-kasan-gce general protection fault in io_poll_remove_entries
2023/03/28 01:04 upstream 3a93e40326c8 47f3aaf1 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root general protection fault in io_poll_remove_entries
2023/03/27 23:18 upstream 3a93e40326c8 47f3aaf1 .config console log report info ci-upstream-kasan-gce general protection fault in io_poll_remove_entries
2023/03/27 19:49 upstream 197b6b60ae7b f8f96aa9 .config console log report info ci-upstream-kasan-gce general protection fault in io_poll_remove_entries
2023/03/27 13:08 upstream 197b6b60ae7b f8f96aa9 .config console log report info ci-upstream-kasan-gce-smack-root general protection fault in io_poll_remove_entries
2023/03/27 07:21 upstream 0ec57cfa721f fbf0499a .config console log report info ci-upstream-kasan-gce general protection fault in io_poll_remove_entries
2023/03/27 01:42 upstream 0ec57cfa721f fbf0499a .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root general protection fault in io_poll_remove_entries
2023/03/26 23:34 upstream 197b6b60ae7b fbf0499a .config console log report info ci-upstream-kasan-gce-root general protection fault in io_poll_remove_entries
2023/03/26 16:08 upstream da8e7da11e4b fbf0499a .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce general protection fault in io_poll_remove_entries
2023/03/25 13:59 upstream 65aca32efdcb fbf0499a .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs general protection fault in io_poll_remove_entries
2023/03/25 04:33 upstream 65aca32efdcb fbf0499a .config console log report info ci-upstream-kasan-gce general protection fault in io_poll_remove_entries
2023/03/24 20:01 upstream 4bae0ad148f4 9700afae .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce general protection fault in io_poll_remove_entries
2023/03/24 17:35 upstream 4bae0ad148f4 9700afae .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce general protection fault in io_poll_remove_entries
2023/03/24 12:01 upstream 1e760fa3596e f94b4a29 .config console log report info ci-upstream-kasan-gce general protection fault in io_poll_remove_entries
2023/03/24 05:22 upstream 9fd6ba5420ba f94b4a29 .config console log report info ci-upstream-kasan-gce general protection fault in io_poll_remove_entries
2023/03/23 12:22 upstream fff5a5e7f528 f94b4a29 .config console log report info ci-upstream-kasan-gce-selinux-root general protection fault in io_poll_remove_entries
2023/03/23 10:37 upstream fff5a5e7f528 f94b4a29 .config console log report info ci-upstream-kasan-gce general protection fault in io_poll_remove_entries
2023/03/23 00:44 upstream fff5a5e7f528 f94b4a29 .config console log report info ci-upstream-kasan-gce general protection fault in io_poll_remove_entries
2023/03/22 18:19 upstream a1effab7a3a3 d846e076 .config console log report info ci-upstream-kasan-gce-selinux-root general protection fault in io_poll_remove_entries
2023/03/22 17:36 upstream a1effab7a3a3 d846e076 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root general protection fault in io_poll_remove_entries
2023/03/22 08:53 upstream 2faac9a98f01 8b4eb097 .config console log report info ci-upstream-kasan-gce-smack-root general protection fault in io_poll_remove_entries
2023/03/04 23:49 upstream c29214bc8916 f8902b57 .config console log report info ci-qemu-upstream general protection fault in io_poll_remove_entries
2022/04/10 16:19 upstream e1f700ebd6be e22c3da3 .config console log report info ci-upstream-kasan-gce KFENCE: use-after-free in io_poll_remove_entries
2023/03/29 21:59 upstream ffe78bbd5121 f325deb0 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-386 general protection fault in io_poll_remove_entries
2023/03/26 10:26 upstream da8e7da11e4b fbf0499a .config console log report info ci-upstream-kasan-gce-386 general protection fault in io_poll_remove_entries
2023/03/25 19:34 upstream 4bdec23f971b fbf0499a .config console log report info ci-upstream-kasan-gce-386 general protection fault in io_poll_remove_entries
2023/03/25 08:21 upstream 65aca32efdcb fbf0499a .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-386 general protection fault in io_poll_remove_entries
2023/03/25 04:08 upstream 65aca32efdcb fbf0499a .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-386 general protection fault in io_poll_remove_entries
2023/03/23 20:18 upstream 9fd6ba5420ba f94b4a29 .config console log report info ci-upstream-kasan-gce-386 general protection fault in io_poll_remove_entries
2023/03/22 15:42 upstream a1effab7a3a3 d846e076 .config console log report info ci-qemu-upstream-386 general protection fault in io_poll_remove_entries
2023/03/22 12:55 upstream a1effab7a3a3 d846e076 .config console log report info ci-upstream-kasan-gce-386 general protection fault in io_poll_remove_entries
2023/03/22 11:43 upstream a1effab7a3a3 d846e076 .config console log report info ci-upstream-kasan-gce-386 general protection fault in io_poll_remove_entries
2022/04/01 13:45 upstream e8b767f5e040 20955a24 .config console log report info ci-upstream-kasan-gce-386 BUG: corrupted list in io_poll_remove_entries
2023/03/06 06:29 linux-next dc837c1a5137 f8902b57 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-linux-next-kasan-gce-root general protection fault in io_poll_remove_entries
2023/04/05 23:31 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 59caa87f9dfb 8b834965 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 KASAN: null-ptr-deref Read in io_poll_remove_entries
2023/04/01 17:51 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 59caa87f9dfb f325deb0 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 KASAN: null-ptr-deref Read in io_poll_remove_entries
* Struck through repros no longer work on HEAD.