KASAN: use-after-free Read in si470x_int_in

KASAN: use-after-free Read in si470x_int_in_callback (2)
Status: upstream: reported C repro on 2019/10/18 14:53
Reported-by: syzbot+9ca7a12fd736d93e0232@syzkaller.appspotmail.com
First crash: 645d, last: 11d

Cause bisection: failed (bisect log)

similar bugs (1):
Kernel	Title	Repro	Cause bisect	Fix bisect	Count	Last	Reported	Patched	Status
upstream	KASAN: use-after-free Read in si470x_int_in_callback	C			25	657d	745d	14/22	fixed on 2019/10/15 23:40

Patch testing requests:
Created	Duration	User	Patch	Repo	Result
2019/12/04 15:03	17m	oneukum@suse.com	patch	https://github.com/google/kasan.git 22be26f7	OK
2019/11/28 11:10	11m	oneukum@suse.com	patch	https://github.com/google/kasan.git 22be26f7	report log
2019/11/27 18:07	16m	stern@rowland.harvard.edu	patch	https://github.com/google/kasan.git 22be26f7	OK
2019/11/27 10:27	11m	oneukum@suse.com	patch	https://github.com/google/kasan.git 22be26f7	report log
2019/11/21 12:01	14m	oneukum@suse.com	patch	https://github.com/google/kasan.git 22be26f7	report log
2019/11/20 10:32	12m	oneukum@suse.com	patch	https://github.com/google/kasan.git 22be26f7	report log
2019/11/18 13:44	9m	oneukum@suse.com	patch	https://github.com/google/kasan.git 22be26f7	report log

Sample crash report:

==================================================================
BUG: KASAN: use-after-free in si470x_int_in_callback.cold+0x96/0xbf drivers/media/radio/si470x/radio-si470x-usb.c:378
Read of size 8 at addr ffff888037360b40 by task sshd/8448

CPU: 0 PID: 8448 Comm: sshd Not tainted 5.14.0-rc1-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 <IRQ>
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0xcd/0x134 lib/dump_stack.c:105
 print_address_description.constprop.0.cold+0x6c/0x2d6 mm/kasan/report.c:233
 __kasan_report mm/kasan/report.c:419 [inline]
 kasan_report.cold+0x83/0xdf mm/kasan/report.c:436
 si470x_int_in_callback.cold+0x96/0xbf drivers/media/radio/si470x/radio-si470x-usb.c:378
 __usb_hcd_giveback_urb+0x2b0/0x5c0 drivers/usb/core/hcd.c:1656
 usb_hcd_giveback_urb+0x367/0x410 drivers/usb/core/hcd.c:1726
 dummy_timer+0x11f9/0x32b0 drivers/usb/gadget/udc/dummy_hcd.c:1987
 call_timer_fn+0x1a5/0x6b0 kernel/time/timer.c:1417
 expire_timers kernel/time/timer.c:1462 [inline]
 __run_timers.part.0+0x675/0xa50 kernel/time/timer.c:1731
 __run_timers kernel/time/timer.c:1712 [inline]
 run_timer_softirq+0xb3/0x1d0 kernel/time/timer.c:1744
 __do_softirq+0x29b/0x9c2 kernel/softirq.c:558
 invoke_softirq kernel/softirq.c:432 [inline]
 __irq_exit_rcu+0x16e/0x1c0 kernel/softirq.c:636
 irq_exit_rcu+0x5/0x20 kernel/softirq.c:648
 sysvec_apic_timer_interrupt+0x93/0xc0 arch/x86/kernel/apic/apic.c:1100
 </IRQ>
 asm_sysvec_apic_timer_interrupt+0x12/0x20 arch/x86/include/asm/idtentry.h:638
RIP: 0010:deref_stack_reg+0x105/0x150 arch/x86/kernel/unwind_orc.c:357
Code: 00 00 00 00 00 fc ff df 48 89 d9 48 89 ef e8 12 f9 ff ff 48 c1 e9 03 80 3c 11 00 75 31 48 89 03 b8 01 00 00 00 48 83 c4 08 5b <5d> 41 5c 41 5d c3 e8 f0 fb 86 00 e9 1f ff ff ff e8 f6 fb 86 00 e9
RSP: 0018:ffffc90001d47508 EFLAGS: 00000296
RAX: 0000000000000001 RBX: 1ffff920003a8ead RCX: 1ffff920003a8ec9
RDX: dffffc0000000000 RSI: ffffc90001d47f50 RDI: ffffc90001d47f50
RBP: ffffc90001d47f50 R08: ffffffff8e7c4608 R09: 0000000000000001
R10: fffff520003a8ecb R11: 0000000000086088 R12: ffffc90001d47600
R13: ffffc90001d40000 R14: ffffc90001d47600 R15: ffffffff8e7c460c
 unwind_next_frame+0xcc3/0x1ce0 arch/x86/kernel/unwind_orc.c:534
 arch_stack_walk+0x7d/0xe0 arch/x86/kernel/stacktrace.c:25
 stack_trace_save+0x8c/0xc0 kernel/stacktrace.c:121
 kasan_save_stack+0x1b/0x40 mm/kasan/common.c:38
 kasan_set_track mm/kasan/common.c:46 [inline]
 set_alloc_info mm/kasan/common.c:434 [inline]
 ____kasan_kmalloc mm/kasan/common.c:513 [inline]
 ____kasan_kmalloc mm/kasan/common.c:472 [inline]
 __kasan_kmalloc+0x98/0xc0 mm/kasan/common.c:522
 kmalloc_reserve net/core/skbuff.c:355 [inline]
 __alloc_skb+0xde/0x340 net/core/skbuff.c:426
 alloc_skb_fclone include/linux/skbuff.h:1162 [inline]
 sk_stream_alloc_skb+0x109/0xc30 net/ipv4/tcp.c:887
 tcp_sendmsg_locked+0xc00/0x2e60 net/ipv4/tcp.c:1309
 tcp_sendmsg+0x2b/0x40 net/ipv4/tcp.c:1458
 inet_sendmsg+0x99/0xe0 net/ipv4/af_inet.c:821
 sock_sendmsg_nosec net/socket.c:702 [inline]
 sock_sendmsg+0xcf/0x120 net/socket.c:722
 sock_write_iter+0x289/0x3c0 net/socket.c:1049
 call_write_iter include/linux/fs.h:2114 [inline]
 new_sync_write+0x426/0x650 fs/read_write.c:518
 vfs_write+0x75a/0xa40 fs/read_write.c:605
 ksys_write+0x1ee/0x250 fs/read_write.c:658
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x44/0xae
RIP: 0033:0x7f045de9a970
Code: 73 01 c3 48 8b 0d 28 d5 2b 00 f7 d8 64 89 01 48 83 c8 ff c3 66 0f 1f 44 00 00 83 3d 99 2d 2c 00 00 75 10 b8 01 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 31 c3 48 83 ec 08 e8 7e 9b 01 00 48 89 04 24
RSP: 002b:00007ffd0d6f2958 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
RAX: ffffffffffffffda RBX: 0000000000000048 RCX: 00007f045de9a970
RDX: 0000000000000048 RSI: 000056259510f478 RDI: 0000000000000003
RBP: 000056259510ce90 R08: 0000000000000058 R09: 00007ffd0d783080
R10: 00007ffd0d7830f0 R11: 0000000000000246 R12: 0000000000000001
R13: 00007ffd0d6f29ef R14: 0000562593e7bbe7 R15: 0000000000000003

Allocated by task 3159:
 kasan_save_stack+0x1b/0x40 mm/kasan/common.c:38
 kasan_set_track mm/kasan/common.c:46 [inline]
 set_alloc_info mm/kasan/common.c:434 [inline]
 ____kasan_kmalloc mm/kasan/common.c:513 [inline]
 ____kasan_kmalloc mm/kasan/common.c:472 [inline]
 __kasan_kmalloc+0x98/0xc0 mm/kasan/common.c:522
 kasan_kmalloc include/linux/kasan.h:263 [inline]
 kmem_cache_alloc_trace+0x1e4/0x480 mm/slab.c:3575
 kmalloc include/linux/slab.h:591 [inline]
 kzalloc include/linux/slab.h:721 [inline]
 si470x_usb_driver_probe+0x51/0xf90 drivers/media/radio/si470x/radio-si470x-usb.c:573
 usb_probe_interface+0x315/0x7f0 drivers/usb/core/driver.c:396
 call_driver_probe drivers/base/dd.c:517 [inline]
 really_probe+0x23c/0xcd0 drivers/base/dd.c:595
 __driver_probe_device+0x338/0x4d0 drivers/base/dd.c:747
 driver_probe_device+0x4c/0x1a0 drivers/base/dd.c:777
 __device_attach_driver+0x20b/0x2f0 drivers/base/dd.c:894
 bus_for_each_drv+0x15f/0x1e0 drivers/base/bus.c:427
 __device_attach+0x228/0x4a0 drivers/base/dd.c:965
 bus_probe_device+0x1e4/0x290 drivers/base/bus.c:487
 device_add+0xc2f/0x2180 drivers/base/core.c:3352
 usb_set_configuration+0x113a/0x1910 drivers/usb/core/message.c:2170
 usb_generic_driver_probe+0xba/0x100 drivers/usb/core/generic.c:238
 usb_probe_device+0xd9/0x2c0 drivers/usb/core/driver.c:293
 call_driver_probe drivers/base/dd.c:517 [inline]
 really_probe+0x23c/0xcd0 drivers/base/dd.c:595
 __driver_probe_device+0x338/0x4d0 drivers/base/dd.c:747
 driver_probe_device+0x4c/0x1a0 drivers/base/dd.c:777
 __device_attach_driver+0x20b/0x2f0 drivers/base/dd.c:894
 bus_for_each_drv+0x15f/0x1e0 drivers/base/bus.c:427
 __device_attach+0x228/0x4a0 drivers/base/dd.c:965
 bus_probe_device+0x1e4/0x290 drivers/base/bus.c:487
 device_add+0xc2f/0x2180 drivers/base/core.c:3352
 usb_new_device.cold+0x63f/0x108e drivers/usb/core/hub.c:2559
 hub_port_connect drivers/usb/core/hub.c:5300 [inline]
 hub_port_connect_change drivers/usb/core/hub.c:5440 [inline]
 port_event drivers/usb/core/hub.c:5586 [inline]
 hub_event+0x2357/0x4330 drivers/usb/core/hub.c:5668
 process_one_work+0x98d/0x1630 kernel/workqueue.c:2276
 worker_thread+0x658/0x11f0 kernel/workqueue.c:2422
 kthread+0x3e5/0x4d0 kernel/kthread.c:319
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:295

Freed by task 3159:
 kasan_save_stack+0x1b/0x40 mm/kasan/common.c:38
 kasan_set_track+0x1c/0x30 mm/kasan/common.c:46
 kasan_set_free_info+0x20/0x30 mm/kasan/generic.c:360
 ____kasan_slab_free mm/kasan/common.c:366 [inline]
 ____kasan_slab_free mm/kasan/common.c:328 [inline]
 __kasan_slab_free+0xcd/0x100 mm/kasan/common.c:374
 kasan_slab_free include/linux/kasan.h:229 [inline]
 __cache_free mm/slab.c:3445 [inline]
 kfree+0x106/0x2c0 mm/slab.c:3803
 si470x_usb_driver_probe+0xb3d/0xf90 drivers/media/radio/si470x/radio-si470x-usb.c:766
 usb_probe_interface+0x315/0x7f0 drivers/usb/core/driver.c:396
 call_driver_probe drivers/base/dd.c:517 [inline]
 really_probe+0x23c/0xcd0 drivers/base/dd.c:595
 __driver_probe_device+0x338/0x4d0 drivers/base/dd.c:747
 driver_probe_device+0x4c/0x1a0 drivers/base/dd.c:777
 __device_attach_driver+0x20b/0x2f0 drivers/base/dd.c:894
 bus_for_each_drv+0x15f/0x1e0 drivers/base/bus.c:427
 __device_attach+0x228/0x4a0 drivers/base/dd.c:965
 bus_probe_device+0x1e4/0x290 drivers/base/bus.c:487
 device_add+0xc2f/0x2180 drivers/base/core.c:3352
 usb_set_configuration+0x113a/0x1910 drivers/usb/core/message.c:2170
 usb_generic_driver_probe+0xba/0x100 drivers/usb/core/generic.c:238
 usb_probe_device+0xd9/0x2c0 drivers/usb/core/driver.c:293
 call_driver_probe drivers/base/dd.c:517 [inline]
 really_probe+0x23c/0xcd0 drivers/base/dd.c:595
 __driver_probe_device+0x338/0x4d0 drivers/base/dd.c:747
 driver_probe_device+0x4c/0x1a0 drivers/base/dd.c:777
 __device_attach_driver+0x20b/0x2f0 drivers/base/dd.c:894
 bus_for_each_drv+0x15f/0x1e0 drivers/base/bus.c:427
 __device_attach+0x228/0x4a0 drivers/base/dd.c:965
 bus_probe_device+0x1e4/0x290 drivers/base/bus.c:487
 device_add+0xc2f/0x2180 drivers/base/core.c:3352
 usb_new_device.cold+0x63f/0x108e drivers/usb/core/hub.c:2559
 hub_port_connect drivers/usb/core/hub.c:5300 [inline]
 hub_port_connect_change drivers/usb/core/hub.c:5440 [inline]
 port_event drivers/usb/core/hub.c:5586 [inline]
 hub_event+0x2357/0x4330 drivers/usb/core/hub.c:5668
 process_one_work+0x98d/0x1630 kernel/workqueue.c:2276
 worker_thread+0x658/0x11f0 kernel/workqueue.c:2422
 kthread+0x3e5/0x4d0 kernel/kthread.c:319
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:295

The buggy address belongs to the object at ffff888037360000
 which belongs to the cache kmalloc-4k of size 4096
The buggy address is located 2880 bytes inside of
 4096-byte region [ffff888037360000, ffff888037361000)
The buggy address belongs to the page:
page:ffffea0000dcd800 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x37360
head:ffffea0000dcd800 order:1 compound_mapcount:0
flags: 0xfff00000010200(slab|head|node=0|zone=1|lastcpupid=0x7ff)
raw: 00fff00000010200 ffffea0000c45908 ffffea0000bb1508 ffff888010840900
raw: 0000000000000000 ffff888037360000 0000000100000001 0000000000000000
page dumped because: kasan: bad access detected
page_owner tracks the page as allocated
page last allocated via order 1, migratetype Unmovable, gfp_mask 0x2420c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_COMP|__GFP_THISNODE), pid 3159, ts 84444838096, free_ts 84301687828
 prep_new_page mm/page_alloc.c:2433 [inline]
 get_page_from_freelist+0xa72/0x2f80 mm/page_alloc.c:4166
 __alloc_pages+0x1b2/0x500 mm/page_alloc.c:5374
 __alloc_pages_node include/linux/gfp.h:570 [inline]
 kmem_getpages mm/slab.c:1377 [inline]
 cache_grow_begin+0x75/0x460 mm/slab.c:2593
 cache_alloc_refill+0x27f/0x380 mm/slab.c:2965
 ____cache_alloc mm/slab.c:3048 [inline]
 ____cache_alloc mm/slab.c:3031 [inline]
 __do_cache_alloc mm/slab.c:3275 [inline]
 slab_alloc mm/slab.c:3316 [inline]
 kmem_cache_alloc_trace+0x38c/0x480 mm/slab.c:3573
 kmalloc include/linux/slab.h:591 [inline]
 kzalloc include/linux/slab.h:721 [inline]
 si470x_usb_driver_probe+0x51/0xf90 drivers/media/radio/si470x/radio-si470x-usb.c:573
 usb_probe_interface+0x315/0x7f0 drivers/usb/core/driver.c:396
 call_driver_probe drivers/base/dd.c:517 [inline]
 really_probe+0x23c/0xcd0 drivers/base/dd.c:595
 __driver_probe_device+0x338/0x4d0 drivers/base/dd.c:747
 driver_probe_device+0x4c/0x1a0 drivers/base/dd.c:777
 __device_attach_driver+0x20b/0x2f0 drivers/base/dd.c:894
 bus_for_each_drv+0x15f/0x1e0 drivers/base/bus.c:427
 __device_attach+0x228/0x4a0 drivers/base/dd.c:965
 bus_probe_device+0x1e4/0x290 drivers/base/bus.c:487
 device_add+0xc2f/0x2180 drivers/base/core.c:3352
 usb_set_configuration+0x113a/0x1910 drivers/usb/core/message.c:2170
page last free stack trace:
 reset_page_owner include/linux/page_owner.h:24 [inline]
 free_pages_prepare mm/page_alloc.c:1343 [inline]
 free_pcp_prepare+0x2c5/0x780 mm/page_alloc.c:1394
 free_unref_page_prepare mm/page_alloc.c:3329 [inline]
 free_unref_page+0x19/0x690 mm/page_alloc.c:3408
 slab_destroy mm/slab.c:1627 [inline]
 slabs_destroy+0x89/0xc0 mm/slab.c:1647
 cache_flusharray mm/slab.c:3418 [inline]
 ___cache_free+0x4ba/0x600 mm/slab.c:3480
 qlink_free mm/kasan/quarantine.c:146 [inline]
 qlist_free_all+0x4e/0x110 mm/kasan/quarantine.c:165
 kasan_quarantine_reduce+0x180/0x200 mm/kasan/quarantine.c:272
 __kasan_slab_alloc+0x8b/0xa0 mm/kasan/common.c:444
 kasan_slab_alloc include/linux/kasan.h:253 [inline]
 slab_post_alloc_hook mm/slab.h:512 [inline]
 slab_alloc mm/slab.c:3323 [inline]
 __do_kmalloc mm/slab.c:3700 [inline]
 __kmalloc+0x284/0x4d0 mm/slab.c:3711
 kmalloc include/linux/slab.h:596 [inline]
 tomoyo_realpath_from_path+0xc3/0x620 security/tomoyo/realpath.c:254
 tomoyo_get_realpath security/tomoyo/file.c:151 [inline]
 tomoyo_path_number_perm+0x1d5/0x590 security/tomoyo/file.c:723
 security_file_ioctl+0x50/0xb0 security/security.c:1539
 __do_sys_ioctl fs/ioctl.c:1063 [inline]
 __se_sys_ioctl fs/ioctl.c:1055 [inline]
 __x64_sys_ioctl+0xb3/0x200 fs/ioctl.c:1055
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x44/0xae

Memory state around the buggy address:
 ffff888037360a00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
 ffff888037360a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
>ffff888037360b00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
                                           ^
 ffff888037360b80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
 ffff888037360c00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
==================================================================

Crashes (5583):
Manager	Time	Kernel	Commit	Syzkaller	Config	Log	Report	Syz repro	C repro	VM info	Title
ci-upstream-kasan-gce-selinux-root	2021/07/13 09:44	upstream	7fef2edf7cc7	f415556d	.config	log	report	syz	C		KASAN: use-after-free Read in si470x_int_in_callback
ci-upstream-kasan-gce-smack-root	2021/06/04 18:54	upstream	f88cd3fb9df2	966a236b	.config	log	report	syz	C		KASAN: use-after-free Read in si470x_int_in_callback
ci-upstream-kasan-gce-smack-root	2021/06/02 19:02	upstream	231bc5390667	0740de69	.config	log	report	syz	C		KASAN: use-after-free Read in si470x_int_in_callback
ci-upstream-kasan-gce-root	2021/05/30 09:40	upstream	6799d4f2da49	325a8dab	.config	log	report	syz	C		KASAN: use-after-free Read in si470x_int_in_callback
ci-upstream-kasan-gce	2021/05/29 13:37	upstream	5ff2756afde0	858ea628	.config	log	report	syz	C		KASAN: use-after-free Read in si470x_int_in_callback
ci-upstream-kasan-gce-smack-root	2021/05/29 08:33	upstream	5ff2756afde0	858ea628	.config	log	report	syz	C		KASAN: use-after-free Read in si470x_int_in_callback
ci-upstream-kasan-gce-root	2021/05/26 12:52	upstream	ad9f25d33860	54f0bcf1	.config	log	report	syz	C		KASAN: use-after-free Read in si470x_int_in_callback
ci-qemu-upstream	2021/02/17 02:27	upstream	f40ddce88593	98682e5e	.config	log	report	syz	C		KASAN: use-after-free Read in si470x_int_in_callback
ci-qemu-upstream	2021/02/16 13:48	upstream	f40ddce88593	98682e5e	.config	log	report	syz	C		KASAN: use-after-free Read in si470x_int_in_callback
ci-upstream-linux-next-kasan-gce-root	2021/06/26 02:04	linux-next	a1f92694393a	ae6bf8dd	.config	log	report	syz	C		KASAN: use-after-free Read in si470x_int_in_callback
ci-upstream-linux-next-kasan-gce-root	2021/06/23 10:03	linux-next	a1f92694393a	aba2b2fb	.config	log	report	syz	C		KASAN: use-after-free Read in si470x_int_in_callback
ci-upstream-linux-next-kasan-gce-root	2021/06/20 01:53	linux-next	a1f92694393a	aba2b2fb	.config	log	report	syz	C		KASAN: use-after-free Read in si470x_int_in_callback
ci2-upstream-usb	2020/12/12 02:21	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	a256e24021bf	bca53db9	.config	log	report	syz	C
ci2-upstream-usb	2020/12/10 10:10	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	8010622c86ca	c090b4da	.config	log	report	syz	C
ci2-upstream-usb	2020/06/20 17:12	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	f8f02d5c671f	c655ec77	.config	log	report	syz	C
ci2-upstream-usb	2020/06/19 21:17	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	f8f02d5c671f	123cf502	.config	log	report	syz	C
ci2-upstream-usb	2020/06/08 21:13	https://github.com/google/kasan.git usb-fuzzer	2089c6ed5a17	7604bb03	.config	log	report	syz	C
ci2-upstream-usb	2020/05/14 03:37	https://github.com/google/kasan.git usb-fuzzer	059e7e0ff26c	a885920d	.config	log	report	syz	C
ci2-upstream-usb	2020/03/24 19:22	https://github.com/google/kasan.git usb-fuzzer	e17994d1e7b1	68660b21	.config	log	report	syz	C
ci2-upstream-usb	2020/03/23 17:45	https://github.com/google/kasan.git usb-fuzzer	e17994d1e7b1	84f999d6	.config	log	report	syz	C
ci2-upstream-usb	2020/03/21 12:07	https://github.com/google/kasan.git usb-fuzzer	e17994d1e7b1	aa6c6a55	.config	log	report	syz	C
ci2-upstream-usb	2020/03/10 13:03	https://github.com/google/kasan.git usb-fuzzer	d6ff8147a51c	35f53e45	.config	log	report	syz	C
ci2-upstream-usb	2020/03/08 01:06	https://github.com/google/kasan.git usb-fuzzer	d6ff8147a51c	2e9971bb	.config	log	report	syz	C
ci2-upstream-usb	2020/03/06 17:49	https://github.com/google/kasan.git usb-fuzzer	d6ff8147a51c	7fb694ef	.config	log	report	syz	C
ci2-upstream-usb	2020/03/02 07:48	https://github.com/google/kasan.git usb-fuzzer	d6ff8147a51c	4a4e0509	.config	log	report	syz	C
ci2-upstream-usb	2020/02/29 01:27	https://github.com/google/kasan.git usb-fuzzer	d6ff8147a51c	c88c7b75	.config	log	report	syz	C
ci2-upstream-usb	2020/02/28 19:34	https://github.com/google/kasan.git usb-fuzzer	d6ff8147a51c	c88c7b75	.config	log	report	syz	C
ci2-upstream-usb	2020/02/27 09:21	https://github.com/google/kasan.git usb-fuzzer	d6ff8147a51c	40bcfdd5	.config	log	report	syz	C
ci2-upstream-usb	2020/02/26 21:51	https://github.com/google/kasan.git usb-fuzzer	d6ff8147a51c	251aabb7	.config	log	report	syz	C
ci2-upstream-usb	2020/02/24 18:14	https://github.com/google/kasan.git usb-fuzzer	d6ff8147a51c	1253d6f0	.config	log	report	syz	C
ci2-upstream-usb	2020/02/10 19:43	https://github.com/google/kasan.git usb-fuzzer	e5cd56e94edd	d9e55b05	.config	log	report	syz	C
ci2-upstream-usb	2020/02/07 21:07	https://github.com/google/kasan.git usb-fuzzer	e5cd56e94edd	06150bf1	.config	log	report	syz	C
ci2-upstream-usb	2020/01/23 00:22	https://github.com/google/kasan.git usb-fuzzer	4cc301ee04d9	3334d684	.config	log	report	syz	C
ci2-upstream-usb	2019/12/20 00:05	https://github.com/google/kasan.git usb-fuzzer	ecdf2214f472	36650b4b	.config	log	report	syz	C
ci2-upstream-usb	2019/12/16 20:59	https://github.com/google/kasan.git usb-fuzzer	4cc037ecf2cb	0ae38e44	.config	log	report	syz	C
ci2-upstream-usb	2019/12/12 20:53	https://github.com/google/kasan.git usb-fuzzer	4cc037ecf2cb	08003f64	.config	log	report	syz	C
ci2-upstream-usb	2019/12/11 15:49	https://github.com/google/kasan.git usb-fuzzer	a38cc9afab8a	0d368675	.config	log	report	syz	C
ci2-upstream-usb	2019/12/06 19:13	https://github.com/google/kasan.git usb-fuzzer	1f22d15c209f	85f26751	.config	log	report	syz	C
ci2-upstream-usb	2019/12/03 21:54	https://github.com/google/kasan.git usb-fuzzer	1f22d15c209f	0ecb9746	.config	log	report	syz	C
ci2-upstream-usb	2019/11/15 20:09	https://github.com/google/kasan.git usb-fuzzer	3183c03757f8	79248ee8	.config	log	report	syz	C
ci2-upstream-usb	2019/11/06 22:05	https://github.com/google/kasan.git usb-fuzzer	d60bbfea36c1	da505f84	.config	log	report	syz	C
ci2-upstream-usb	2019/11/06 11:12	https://github.com/google/kasan.git usb-fuzzer	b1aa9d834830	bc2c6e45	.config	log	report	syz	C
ci2-upstream-usb	2019/10/29 21:56	https://github.com/google/kasan.git usb-fuzzer	ff6409a6ec35	5ea87a66	.config	log	report	syz	C
ci2-upstream-usb	2019/10/23 03:26	https://github.com/google/kasan.git usb-fuzzer	22be26f76193	d0686497	.config	log	report	syz	C
ci2-upstream-usb	2019/10/18 11:53	https://github.com/google/kasan.git usb-fuzzer	22be26f76193	8c88c9c1	.config	log	report	syz	C
ci-upstream-kasan-gce	2021/05/15 21:34	upstream	f36edc5533b2	93f844de	.config	log	report			info	KASAN: use-after-free Read in si470x_int_in_callback
ci-upstream-kasan-gce-selinux-root	2021/04/16 04:07	upstream	7e25f40eab52	c59079a6	.config	log	report			info	KASAN: use-after-free Read in si470x_int_in_callback
ci2-upstream-usb	2021/05/20 10:54	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	9fbf82c76414	a343ba6b	.config	log	report			info	KASAN: use-after-free Read in si470x_int_in_callback
ci2-upstream-usb	2021/05/19 22:07	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	9fbf82c76414	a343ba6b	.config	log	report			info	KASAN: use-after-free Read in si470x_int_in_callback
ci2-upstream-usb	2021/05/19 14:31	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	9fbf82c76414	a343ba6b	.config	log	report			info	KASAN: use-after-free Read in si470x_int_in_callback
ci2-upstream-usb	2021/05/19 12:24	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	9fbf82c76414	a343ba6b	.config	log	report			info	KASAN: use-after-free Read in si470x_int_in_callback
ci2-upstream-usb	2021/05/19 00:54	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	9fbf82c76414	a343ba6b	.config	log	report			info	KASAN: use-after-free Read in si470x_int_in_callback
ci2-upstream-usb	2021/05/18 22:31	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	9fbf82c76414	a343ba6b	.config	log	report			info	KASAN: use-after-free Read in si470x_int_in_callback
ci2-upstream-usb	2021/05/18 21:23	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	9fbf82c76414	a343ba6b	.config	log	report			info	KASAN: use-after-free Read in si470x_int_in_callback
ci2-upstream-usb	2021/05/18 17:10	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	9fbf82c76414	a343ba6b	.config	log	report			info	KASAN: use-after-free Read in si470x_int_in_callback
ci2-upstream-usb	2021/05/18 15:57	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	9fbf82c76414	a343ba6b	.config	log	report			info	KASAN: use-after-free Read in si470x_int_in_callback
ci2-upstream-usb	2021/05/18 08:24	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	9fbf82c76414	a343ba6b	.config	log	report			info	KASAN: use-after-free Read in si470x_int_in_callback
ci2-upstream-usb	2021/05/18 02:55	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	9fbf82c76414	a343ba6b	.config	log	report			info	KASAN: use-after-free Read in si470x_int_in_callback
ci2-upstream-usb	2021/05/18 01:14	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	9fbf82c76414	a343ba6b	.config	log	report			info	KASAN: use-after-free Read in si470x_int_in_callback
ci2-upstream-usb	2021/05/17 19:19	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	9fbf82c76414	a2eb125d	.config	log	report			info	KASAN: use-after-free Read in si470x_int_in_callback
ci2-upstream-usb	2021/05/17 17:35	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	9fbf82c76414	a2eb125d	.config	log	report			info	KASAN: use-after-free Read in si470x_int_in_callback
ci2-upstream-usb	2021/05/17 14:35	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	9fbf82c76414	a2eb125d	.config	log	report			info	KASAN: use-after-free Read in si470x_int_in_callback
ci2-upstream-usb	2021/05/17 12:32	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	9fbf82c76414	a2eb125d	.config	log	report			info	KASAN: use-after-free Read in si470x_int_in_callback
ci2-upstream-usb	2021/05/17 10:49	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	9fbf82c76414	a2eb125d	.config	log	report			info	KASAN: use-after-free Read in si470x_int_in_callback
ci2-upstream-usb	2021/05/17 06:54	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	216e0e563d81	f54a5c09	.config	log	report			info	KASAN: use-after-free Read in si470x_int_in_callback
ci2-upstream-usb	2021/05/17 04:40	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	216e0e563d81	f54a5c09	.config	log	report			info	KASAN: use-after-free Read in si470x_int_in_callback
ci2-upstream-usb	2021/05/16 23:17	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	216e0e563d81	f54a5c09	.config	log	report			info	KASAN: use-after-free Read in si470x_int_in_callback
ci2-upstream-usb	2021/05/16 22:04	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	216e0e563d81	f54a5c09	.config	log	report			info	KASAN: use-after-free Read in si470x_int_in_callback
ci2-upstream-usb	2021/05/16 18:51	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	216e0e563d81	f54a5c09	.config	log	report			info	KASAN: use-after-free Read in si470x_int_in_callback
ci2-upstream-usb	2021/05/16 17:47	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	216e0e563d81	f54a5c09	.config	log	report			info	KASAN: use-after-free Read in si470x_int_in_callback
ci2-upstream-usb	2021/05/16 15:13	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	216e0e563d81	f54a5c09	.config	log	report			info	KASAN: use-after-free Read in si470x_int_in_callback
ci2-upstream-usb	2021/05/16 14:10	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	216e0e563d81	f54a5c09	.config	log	report			info	KASAN: use-after-free Read in si470x_int_in_callback
ci2-upstream-usb	2021/05/16 11:33	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	216e0e563d81	f54a5c09	.config	log	report			info	KASAN: use-after-free Read in si470x_int_in_callback
ci2-upstream-usb	2021/05/16 09:23	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	216e0e563d81	f54a5c09	.config	log	report			info	KASAN: use-after-free Read in si470x_int_in_callback
ci2-upstream-usb	2021/05/16 06:50	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	216e0e563d81	f54a5c09	.config	log	report			info	KASAN: use-after-free Read in si470x_int_in_callback
ci2-upstream-usb	2021/05/16 03:41	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	216e0e563d81	f54a5c09	.config	log	report			info	KASAN: use-after-free Read in si470x_int_in_callback
ci2-upstream-usb	2021/05/16 02:14	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	216e0e563d81	f54a5c09	.config	log	report			info	KASAN: use-after-free Read in si470x_int_in_callback
ci2-upstream-usb	2021/05/15 23:36	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	216e0e563d81	93f844de	.config	log	report			info	KASAN: use-after-free Read in si470x_int_in_callback
ci2-upstream-usb	2021/05/15 15:06	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	216e0e563d81	93f844de	.config	log	report			info	KASAN: use-after-free Read in si470x_int_in_callback
ci2-upstream-usb	2021/05/15 14:04	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	216e0e563d81	93f844de	.config	log	report			info	KASAN: use-after-free Read in si470x_int_in_callback
ci2-upstream-usb	2021/05/15 13:44	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	216e0e563d81	93f844de	.config	log	report			info	KASAN: use-after-free Read in si470x_int_in_callback
ci2-upstream-usb	2021/05/15 12:10	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	216e0e563d81	93f844de	.config	log	report			info	KASAN: use-after-free Read in si470x_int_in_callback
ci2-upstream-usb	2021/05/15 11:03	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	216e0e563d81	93f844de	.config	log	report			info	KASAN: use-after-free Read in si470x_int_in_callback
ci2-upstream-usb	2021/05/15 08:46	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	216e0e563d81	8bdd5343	.config	log	report			info	KASAN: use-after-free Read in si470x_int_in_callback
ci2-upstream-usb	2021/05/15 00:05	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	216e0e563d81	8bdd5343	.config	log	report			info	KASAN: use-after-free Read in si470x_int_in_callback
ci2-upstream-usb	2021/05/14 18:31	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	216e0e563d81	8bdd5343	.config	log	report			info	KASAN: use-after-free Read in si470x_int_in_callback
ci2-upstream-usb	2021/05/14 16:45	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	216e0e563d81	8bdd5343	.config	log	report			info	KASAN: use-after-free Read in si470x_int_in_callback
ci2-upstream-usb	2021/01/10 06:07	https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing	841081d89d5a	2c1f2513	.config	log	report			info