syzbot


Title Repro Cause bisect Fix bisect Count Last Reported Closed Patch
BUG: sleeping function called from invalid context in htb_destroy C done 2 31d 552d 1d00h 66f6f409 net: sched: validate stab values
possible deadlock in red_change C done 10 32d 272d 2d04h 66f6f409 net: sched: validate stab values
BUG: unable to handle kernel NULL pointer dereference in __lookup_slow C done 23 45d 203d 13d b8590c82 reiserfs: add check for an invalid ih_entry_count
WARNING in ext4_xattr_set_entry C done 12 46d 180d 16d a8fb57ec ext4: do not try to set xattr into ea_inode if value is empty
BUG: unable to handle kernel NULL pointer dereference in amp_read_loc_assoc_final_data C done 114 50d 266d 16d 99c2c8b0 Bluetooth: Fix null pointer dereference in amp_read_loc_assoc_final_data
KASAN: use-after-free Read in skb_dequeue syz done 1 57d 262d 24d c1a77dbc btrfs: raid56: simplify tracking of Q stripe presence
KASAN: use-after-free Read in ntfs_iget C done 1 57d 117d 24d 23e89586 ntfs: check for valid standard information attribute
KASAN: use-after-free Read in ntfs_read_locked_inode C done 2 60d 210d 30d 23e89586 ntfs: check for valid standard information attribute
kernel BUG in pfkey_send_acquire C done 56 66d 95d 36d fa137b50 block: split .sysfs_lock into two locks
general protection fault in ioctl_standard_call C done 23 70d 184d 39d 3f33e522 wext: fix NULL-ptr-dereference with cfg80211's lack of commit()
KASAN: slab-out-of-bounds Read in squashfs_export_iget C done 5 82d 182d 51d a6f933a3 squashfs: add more sanity checks in inode lookup
general protection fault in ieee80211_subif_start_xmit C done 4 86d 127d 52d b26b5e08 mac80211: pause TX while changing interface type
UBSAN: undefined-behaviour in tcindex_set_parms C done 39 98d 213d 59d 22c1b226 net_sched: avoid shift-out-of-bounds in tcindex_set_parms()
kernel BUG at fs/reiserfs/prints.c:LINE! C done 5 108d 199d 60d b8590c82 reiserfs: add check for an invalid ih_entry_count
KASAN: use-after-free Read in search_by_entry_key C done 1 108d 198d 62d b8590c82 reiserfs: add check for an invalid ih_entry_count
KASAN: slab-out-of-bounds Read in squashfs_get_id C 58 67d 211d 62d e5099c0e squashfs: add more sanity checks in id lookup
KASAN: use-after-free Read in squashfs_get_id C 3 106d 160d 62d e5099c0e squashfs: add more sanity checks in id lookup
KASAN: use-after-free Read in tls_write_space C done 25 114d 739d 84d d71f3fb9 net: usb: rtl8150: set random MAC address when set_ethernet_addr() fails
divide error in do_journal_end C done 2 116d 176d 86d b8590c82 reiserfs: add check for an invalid ih_entry_count
general protection fault in dqput C done 2 117d 130d 86d 7bae8482 quota: Sanity-check quota file headers on load
WARNING in md_ioctl C done 199 117d 734d 86d b85abab5 md: fix a warning caused by a race between concurrent md_ioctl()s
general protection fault in hci_phy_link_complete_evt C done 28 121d 264d 90d abae1003 Bluetooth: Fix null pointer dereference in hci_event_packet()
KASAN: use-after-free Read in leaf_paste_entries C done 1 124d 124d 93d b8590c82 reiserfs: add check for an invalid ih_entry_count
general protection fault in hci_event_packet C done 3 125d 191d 94d abae1003 Bluetooth: Fix null pointer dereference in hci_event_packet()
KASAN: slab-out-of-bounds Read in hci_le_meta_evt C done 12 125d 266d 94d 61490c48 Bluetooth: Fix slab-out-of-bounds read in hci_le_direct_adv_report_evt()
KASAN: use-after-free Read in reiserfs_read_locked_inode C done 4 128d 210d 98d b8590c82 reiserfs: add check for an invalid ih_entry_count
INFO: task hung in rdma_destroy_id C done 2 129d 159d 98d 01413361 usb: uas: Add PNY USB Portable SSD to unusual_uas
INFO: task hung in do_read_cache_page C done 2 130d 190d 100d 8e63266b fcntl: Fix potential deadlock in send_sig{io, urg}()
BUG: unable to handle kernel paging request in dquot_add_space C done 1 132d 192d 100d 7bae8482 quota: Sanity-check quota file headers on load
BUG: unable to handle kernel paging request in dqput C done 8 130d 200d 100d 7bae8482 quota: Sanity-check quota file headers on load
general protection fault in gfs2_ri_update C done 28 136d 212d 104d 6790f8b9 gfs2: check for empty rgrp tree in gfs2_ri_update
KASAN: use-after-free Write in sco_chan_del C done 10 139d 263d 108d abae1003 Bluetooth: Fix null pointer dereference in hci_event_packet()
KASAN: use-after-free Read in btrfs_scan_one_device C done 43 143d 218d 113d aec62fa4 btrfs: don't access possibly stale fs_info data for printing duplicate device
BUG: sleeping function called from invalid context in corrupted C done 2 150d 151d 119d 499b109b mac80211: free sta in sta_info_insert_finish() on errors
BUG: sleeping function called from invalid context in sta_info_move_state C done 760 149d 152d 119d 499b109b mac80211: free sta in sta_info_insert_finish() on errors
KASAN: slab-out-of-bounds Read in ntfs_attr_find C done 10 151d 208d 121d dff5d774 ntfs: add check for mft record size in superblock
general protection fault in rose_send_frame C done 5 155d 733d 121d 731b9890 rose: Fix Null pointer dereference in rose_send_frame()
KASAN: slab-out-of-bounds Read in soft_cursor C done 61 168d 507d 138d 3e1600cc ALSA: hda: fix a runtime pm issue in SOF when integrated GPU is disabled
KASAN: use-after-free Read in debugfs_remove C done 15 173d 669d 143d 8a78b4c0 blktrace: fix debugfs use after free
UBSAN: undefined-behaviour in init_sb C done 2 175d 208d 145d 6a253f38 gfs2: add validation checks for size of superblock
WARNING in unlock_new_inode C done 66 175d 214d 145d 7a1e074b reiserfs: only call unlock_new_inode() if I_NEW
KASAN: use-after-free Read in tipc_mcast_xmit C done 3 176d 200d 146d 26217e06 tipc: fix the skb_unshare() in tipc_buf_append()
KASAN: global-out-of-bounds Read in fb_pad_aligned_buffer C done 5 176d 502d 146d 6612b754 vt: Disable KD_FONT_OP_COPY
KASAN: use-after-free Read in ntfs_attr_find C done 13 177d 208d 147d dff5d774 ntfs: add check for mft record size in superblock
divide error in tabledist C done 3 187d 544d 157d 95ba2236 netem: fix zero division in tabledist
general protection fault in qp_release_pages C done 4 188d 190d 157d 0b02a432 VMCI: check return value of get_user_pages_fast() for errors
UBSAN: undefined-behaviour in tabledist C done 2 196d 196d 164d 95ba2236 netem: fix zero division in tabledist
KASAN: global-out-of-bounds Read in fbcon_get_font C done 47 195d 507d 164d 43198a5b fbcon: Fix global-out-of-bounds read in fbcon_get_font()
KASAN: slab-out-of-bounds Read in fbcon_get_font C done 97 199d 507d 169d 1221d11e vt_ioctl: change VT_RESIZEX ioctl to check for error return from vc_resize()
general protection fault in get_unique_tuple C done 33 200d 461d 169d 289fe546 netfilter: ctnetlink: add a range check for l3/l4 protonum
general protection fault in nf_nat_setup_info C done 22 204d 295d 174d 289fe546 netfilter: ctnetlink: add a range check for l3/l4 protonum
KASAN: use-after-free Read in soft_cursor C done 16 209d 505d 178d 76fe9298 fbcon: Fix user font detection test at fbcon_resize().
KASAN: global-out-of-bounds Read in get_unique_tuple C done 1 209d 450d 179d 289fe546 netfilter: ctnetlink: add a range check for l3/l4 protonum
KASAN: global-out-of-bounds Read in fbcon_resize C done 286 212d 231d 181d 76fe9298 fbcon: Fix user font detection test at fbcon_resize().
general protection fault in __sock_release syz done 8 226d 238d 196d 37d933e8 fix regression in "epoll: Keep a reference on files added to the check list"
WARNING in snd_pcm_plugin_build_mulaw C done 2 228d 238d 197d 569e1b62 ALSA: pcm: oss: Remove superfluous WARN_ON() for mulaw sanity check
KASAN: use-after-free Read in seq_release_private syz done 1 227d 227d 197d 37d933e8 fix regression in "epoll: Keep a reference on files added to the check list"
WARNING: ODEBUG bug in get_signal syz done 3 229d 239d 198d 37d933e8 fix regression in "epoll: Keep a reference on files added to the check list"
WARNING in snd_pcm_drop syz done 1 229d 229d 198d 37d933e8 fix regression in "epoll: Keep a reference on files added to the check list"
WARNING: ODEBUG bug in exit_to_usermode_loop syz done 2 229d 231d 198d dff6a2c2 nvmet-fc: Fix a missed _irqsave version of spin_lock in 'nvmet_fc_fod_op_done()'
general protection fault in tty_release C done 9 230d 237d 199d 37d933e8 fix regression in "epoll: Keep a reference on files added to the check list"
KASAN: use-after-free Write in __sock_release syz done 1 231d 231d 201d 37d933e8 fix regression in "epoll: Keep a reference on files added to the check list"
KASAN: use-after-free Read in locks_remove_file syz done 4 231d 239d 201d 37d933e8 fix regression in "epoll: Keep a reference on files added to the check list"
KASAN: use-after-free Read in cuse_channel_release syz done 1 232d 232d 201d 37d933e8 fix regression in "epoll: Keep a reference on files added to the check list"
KASAN: use-after-free Read in __fput syz done 1 233d 233d 202d 37d933e8 fix regression in "epoll: Keep a reference on files added to the check list"
KASAN: use-after-free Write in ex_handler_refcount C done 11 233d 441d 202d 29e1dfcd Bluetooth: add a mutex lock to avoid UAF in do_enale_set
kernel BUG at include/linux/fs.h:LINE! syz done 1 233d 233d 202d 37d933e8 fix regression in "epoll: Keep a reference on files added to the check list"
KASAN: use-after-free Read in snd_pcm_oss_release syz done 1 233d 233d 202d 37d933e8 fix regression in "epoll: Keep a reference on files added to the check list"
kernel BUG at fs/inode.c:LINE! syz done 2 234d 263d 203d 37d933e8 fix regression in "epoll: Keep a reference on files added to the check list"
KASAN: invalid-free in vcs_release syz done 1 234d 234d 204d 37d933e8 fix regression in "epoll: Keep a reference on files added to the check list"
KASAN: use-after-free Read in fbcon_cursor syz done 4 235d 495d 205d 770adb5d fbcon: remove soft scrollback code
BUG: corrupted list in mousedev_release syz done 1 235d 235d 205d 37d933e8 fix regression in "epoll: Keep a reference on files added to the check list"
KASAN: use-after-free Read in eventfd_release syz done 1 237d 237d 206d 37d933e8 fix regression in "epoll: Keep a reference on files added to the check list"
INFO: trying to register non-static key in uhid_char_release C done 3 237d 259d 206d abae259f HID: core: Correctly handle ReportSize being zero
WARNING in corrupted (2) C done 1 238d 238d 207d 569e1b62 ALSA: pcm: oss: Remove superfluous WARN_ON() for mulaw sanity check
INFO: trying to register non-static key in uhid_dev_destroy C done 14 245d 413d 214d abae259f HID: core: Correctly handle ReportSize being zero
KASAN: slab-out-of-bounds Read in vcs_scr_readw C inconclusive 80 497d 507d 217d 627f3b9e vcs: prevent write access to vcsu devices
WARNING in inc_nlink C done 8 247d 396d 217d 169f7f37 fs/minix: don't allow getting deleted inodes
BUG: unable to handle kernel NULL pointer dereference in get_block C done 60 251d 402d 220d 954fc7da fs/minix: reject too-large maximum file size
KASAN: slab-out-of-bounds Read in get_block C done 3 254d 369d 223d 954fc7da fs/minix: reject too-large maximum file size
KASAN: use-after-free Read in get_block C done 6 254d 386d 224d 954fc7da fs/minix: reject too-large maximum file size
KASAN: slab-out-of-bounds Read in hci_event_packet C done 15 254d 464d 224d 8c4a649c Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt()
KASAN: slab-out-of-bounds Read in bacpy C done 3 260d 722d 226d 8c4a649c Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt()
KASAN: slab-out-of-bounds Read in hci_extended_inquiry_result_evt C done 6 258d 292d 226d 8c4a649c Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt()
KASAN: null-ptr-deref Read in drm_dp_aux_dev_get_by_minor C done 1 259d 319d 226d 954fc7da fs/minix: reject too-large maximum file size
KASAN: slab-out-of-bounds Read in hci_inquiry_result_with_rssi_evt C done 4 258d 287d 226d 48f70ecd Bluetooth: Prevent out-of-bounds read in hci_inquiry_result_with_rssi_evt()
KASAN: use-after-free Read in l2cap_chan_close C done 8 259d 441d 226d 29e1dfcd Bluetooth: add a mutex lock to avoid UAF in do_enale_set
BUG: unable to handle kernel NULL pointer dereference in do_syscall_64 (2) C done 4 263d 275d 232d dd58bd1b fbdev: Detect integer underflow at "struct fbcon_ops"->clear_margins.
divide error in fbcon_switch C done 259 268d 507d 233d 74752b81 vt: Reject zero-sized screen buffer size.
general protection fault in do_con_write C done 3008 268d 507d 233d 74752b81 vt: Reject zero-sized screen buffer size.
kernel BUG at fs/buffer.c:LINE! syz done 23 264d 717d 233d 954fc7da fs/minix: reject too-large maximum file size
general protection fault in free_netdev C done 99 265d 296d 233d abcf95e0 ip6_gre: fix null-ptr-deref in ip6gre_init_net()
BUG: unable to handle kernel paging request in do_con_trol C done 36 268d 500d 237d 74752b81 vt: Reject zero-sized screen buffer size.
WARNING in snd_info_get_line C done 23 268d 280d 237d 0c9d4b18 ALSA: info: Drop WARN_ON() from buffer NULL sanity check
BUG: unable to handle kernel paging request in insert_char C done 46 282d 502d 252d 74752b81 vt: Reject zero-sized screen buffer size.
INFO: task hung in __flush_work syz done 6 283d 733d 253d af224c2e net/9p: validate fds in p9_fd_open
KASAN: null-ptr-deref Read in do_con_trol C done 1 283d 434d 253d 74752b81 vt: Reject zero-sized screen buffer size.
KASAN: null-ptr-deref Read in insert_char C done 3 284d 479d 254d 74752b81 vt: Reject zero-sized screen buffer size.
KASAN: user-memory-access Read in insert_char C done 2 286d 499d 256d 74752b81 vt: Reject zero-sized screen buffer size.
BUG: unable to handle kernel paging request in csi_J C done 3 295d 463d 264d 74752b81 vt: Reject zero-sized screen buffer size.
BUG: unable to handle kernel NULL pointer dereference in generic_perform_write (2) C done 1 306d 396d 276d 5dbb6255 ext4: avoid race conditions when remounting with options that change dax
WARNING in enqueue_task_dl syz done 1 314d 643d 283d edf55b5e sched/deadline: Initialize ->dl_boosted
general protection fault in batadv_iv_ogm_schedule_buff 6 401d 457d 288d bf0ef794 batman-adv: Don't schedule OGM for disabled interface
general protection fault in fq_codel_enqueue C done 5 336d 364d 305d 8920e8ae net: check untrusted gso_size at kernel entry
kernel BUG at arch/x86/mm/physaddr.c:LINE! (2) C done 82 336d 477d 306d a3da2984 vt: fix unicode console freeing with a common interface
INFO: trying to register non-static key in hci_uart_flush syz done 4 341d 585d 311d 8efa59fc netfilter: nf_conntrack_pptp: fix compilation warning with W=1 build
KASAN: use-after-free Write in snd_rawmidi_kernel_write1 C done 1 342d 372d 312d a507658f ALSA: rawmidi: Fix racy buffer resize under concurrent accesses
KASAN: null-ptr-deref Write in choke_reset C done 236 344d 369d 314d 1733fe42 USB: serial: garmin_gps: add sanity checking for data length
KASAN: use-after-free Read in rdma_listen syz done 143 375d 687d 345d abc4ea7f RDMA/ucma: Put a lock around every call to the rdma_cm layer
KASAN: use-after-free Read in cma_cancel_operation C done 6 387d 537d 357d abc4ea7f RDMA/ucma: Put a lock around every call to the rdma_cm layer
WARNING in geneve_exit_batch_net C done 2 389d 434d 359d 2c1a05e9 geneve: move debug check after netdev unregister
WARNING: ODEBUG bug in rfcomm_dev_ioctl C done 1 391d 391d 360d 78a4ad28 Bluetooth: RFCOMM: fix ODEBUG bug in rfcomm_dev_ioctl
KASAN: use-after-free Write in release_tty C done 148 390d 507d 360d 54584f79 vt: vt_ioctl: fix VT_DISALLOCATE freeing in-use virtual console
WARNING: ODEBUG bug in route4_change C done 28 394d 414d 364d ea3d6652 net_sched: cls_route: remove the right filter from hashtable
WARNING: refcount bug in sock_wfree C done done 1 397d 517d 367d 6ce6aea3 sctp: fix refcount bug in sctp_wfree
KASAN: use-after-free Read in tty_open C done 2 401d 507d 371d 54584f79 vt: vt_ioctl: fix VT_DISALLOCATE freeing in-use virtual console
BUG: unable to handle kernel paging request in init_srcu_struct_fields syz done 3 401d 599d 371d e36be795 usbip: tools: Fix read_usb_vudc_device() error path handling
KASAN: slab-out-of-bounds Read in selinux_xfrm_alloc_user C done 3 403d 408d 372d 0a7b397c xfrm: add the missing verify_sec_ctx_len check in xfrm_add_acquire
WARNING: ODEBUG bug in rfcomm_dlc_free C done 21 404d 635d 374d 78a4ad28 Bluetooth: RFCOMM: fix ODEBUG bug in rfcomm_dev_ioctl
KASAN: slab-out-of-bounds Write in tcindex_set_parms C done 2 408d 408d 376d 557d015f net_sched: keep alloc_hash updated after hash allocation
KASAN: use-after-free Write in tcindex_set_parms C done 3 407d 411d 376d 557d015f net_sched: keep alloc_hash updated after hash allocation
possible deadlock in ovl_write_iter (2) syz done 2 409d 410d 379d eae6b4a4 USB: Disable LPM on WD19's Realtek Hub
KASAN: use-after-free Read in n_tty_receive_buf_common C done 40 411d 506d 380d b4492f1e vt: selection, push sel_lock up
inconsistent lock state in rxrpc_put_client_connection_id C done 89 419d 436d 389d 43cac315 rxrpc: Fix call RCU cleanup using non-bh-safe locks
KASAN: use-after-free Read in ext4_xattr_set_entry syz done 10 419d 667d 389d cb1702c4 ext4: validate the debug_want_extra_isize mount option at parse time
inconsistent lock state in rxrpc_put_client_conn C done 6584 419d 436d 389d 43cac315 rxrpc: Fix call RCU cleanup using non-bh-safe locks
kernel BUG at net/rxrpc/local_object.c:LINE! C done 13912 421d 631d 391d 79266814 rxrpc: Fix lack of conn cleanup when local endpoint is cleaned up [ver #2]
general protection fault in selinux_socket_sendmsg C done 36 422d 602d 392d 43cac315 rxrpc: Fix call RCU cleanup using non-bh-safe locks
INFO: task hung in paste_selection C done 10 423d 498d 392d b4492f1e vt: selection, push sel_lock up
INFO: task hung in htable_put C done 8 425d 470d 394d acbc5071 netfilter: xt_hashlimit: limit the max size of hashtable
kernel BUG at fs/reiserfs/lock.c:LINE! (2) C done 2 428d 428d 397d ef3d73fe reiserfs: Fix spurious unlock in reiserfs_fill_super() error handling
INFO: task hung in drain_all_pages C done 1 428d 458d 398d 8541452a s390/mm: Explicitly compare PAGE_DEFAULT_KEY against zero in storage_key_init_range
KASAN: stack-out-of-bounds Write in ax25_getname C done 4 432d 728d 401d ad598a48 vhost: Check docket sk_family instead of call getname
INFO: task hung in hashlimit_mt_check_common C done 3 435d 450d 403d acbc5071 netfilter: xt_hashlimit: limit the max size of hashtable
INFO: task hung in tty_ldisc_hangup C done 10 434d 501d 403d b4492f1e vt: selection, push sel_lock up
general protection fault in padata_reorder C done 90 433d 436d 403d cad926f7 padata: fix null pointer deref of pd->pinst
KASAN: slab-out-of-bounds Read in tcf_exts_destroy C done 1 437d 554d 407d 478c4b2f net_sched: fix an OOB access in cls_tcindex
BUG: sleeping function called from invalid context in tpk_write C done 30 443d 504d 412d fb566870 ttyprintk: fix a potential deadlock in interrupt context issue
general protection fault in path_openat C done 13 443d 449d 413d 8d7a5100 vfs: fix do_last() regression
KASAN: slab-out-of-bounds Read in __nla_put_nohdr C done 1 450d 450d 419d 66ac8ee9 net_sched: fix datalen for ematch
general protection fault in nft_chain_parse_hook C done 5 450d 462d 419d 1f7a1bcd netfilter: nf_tables: add __nft_chain_type_get()
WARNING in cbq_destroy_class C done 1 455d 455d 424d 9f7a3283 net_sched: fix ops->bind_class() implementations
KASAN: slab-out-of-bounds Write in setup_udp_tunnel_sock C done 1 456d 456d 426d d3b5ecce gtp: make sure only SOCK_DGRAM UDP sockets are accepted
KASAN: use-after-free Read in snd_timer_resolution C done 2 459d 460d 429d 20f2e4c2 ALSA: seq: Fix racy access for queue timer in proc read
KASAN: use-after-free Read in tcp_check_sack_reordering C done 1 459d 459d 429d fb566870 ttyprintk: fix a potential deadlock in interrupt context issue
general protection fault in xt_rateest_put C done 10 460d 463d 430d e3282417 netfilter: arp_tables: init netns pointer in xt_tgdtor_param struct
BUG: corrupted list in nf_tables_commit C done 2 463d 463d 432d 8260ce5a netfilter: nf_tables: fix flowtable list del corruption
WARNING in nft_request_module C done 1 463d 463d 432d 1632efb3 netfilter: nf_tables: remove WARN and add NLA_STRING upper limits
general protection fault in nft_tunnel_get_init C done 1 463d 463d 432d 6de941ce netfilter: nft_tunnel: fix null-attribute check
general protection fault in nf_ct_netns_do_get C done 11 467d 482d 434d 46abb2a5 netfilter: arp_tables: init netns pointer in xt_tgchk_param struct
KASAN: use-after-free Write in __alloc_skb C done 2 467d 535d 436d be1a2be7 net: rtnetlink: validate IFLA_MTU attribute in rtnl_create_link()
general protection fault in xt_rateest_tg_checkentry C done 12 467d 483d 437d e3282417 netfilter: arp_tables: init netns pointer in xt_tgdtor_param struct
KASAN: slab-out-of-bounds Read in macvlan_broadcast C done 10 468d 472d 437d 5f3274c5 macvlan: do not assume mac_header is set in macvlan_broadcast()
KASAN: use-after-free Read in macvlan_broadcast C done 7 469d 472d 439d 5f3274c5 macvlan: do not assume mac_header is set in macvlan_broadcast()
WARNING: bad unlock balance in gtp_encap_enable_socket C done 2 471d 473d 440d 776a81a0 gtp: fix bad unlock balance in gtp_encap_enable_socket
BUG: sleeping function called from invalid context in lock_sock_nested syz done 1 475d 505d 442d 6b544caa crypto: af_alg - Use bh_lock_sock in sk_destruct
general protection fault in rxrpc_connect_call C done 285 477d 642d 447d 79266814 rxrpc: Fix lack of conn cleanup when local endpoint is cleaned up [ver #2]
possible deadlock in refcount_dec_and_mutex_lock C done done 5 481d 536d 450d e83a26a4 nbd: fix shutdown and recv work deadlock v2
INFO: rcu detected stall in addrconf_dad_work (2) C done 1 490d 490d 459d 94ac4a4d pkt_sched: fq: do not accept silly TCA_FQ_QUANTUM
WARNING: refcount bug in cdev_get C done 12 490d 615d 459d f57fd58d bridge/mdb: remove wrong use of NLM_F_MULTI
possible deadlock in __might_fault C done 385 491d 742d 460d 3757e381 usb: mon: Fix a deadlock in usbmon between mmap and read
INFO: task hung in fsnotify_mark_destroy_workfn syz done 3 493d 681d 463d 42a929ed rtc: disable uie before setting time and enable after
possible deadlock in mon_bin_vma_fault C done 375 494d 743d 463d 3757e381 usb: mon: Fix a deadlock in usbmon between mmap and read
WARNING in xfrm6_tunnel_net_exit syz done 34 495d 743d 464d bbbe4746 xfrm: destroy xfrm_state synchronously on net exit path
inconsistent lock state in sp_get C done 1 497d 497d 467d 9b8e63d0 6pack,mkiss: fix possible deadlock
KASAN: slab-out-of-bounds Read in linear_transfer C done 2 506d 506d 475d c6bebccd ALSA: pcm: oss: Avoid potential buffer overflows
WARNING: refcount bug in kobject_get C done 21 506d 735d 476d e1666bcb driver core: Fix use-after-free and double free on glue directory
KASAN: use-after-free Read in slip_open C done done 7 506d 518d 476d 0c6e6cea slip: Fix use-after-free Read in slip_open
INFO: task hung in vivid_stop_generating_vid_cap C done 291 509d 743d 479d 467052f6 media: vivid: Fix wrong locking that causes race conditions on streaming stop
INFO: task hung in sdr_cap_stop_streaming C done 152 509d 743d 479d 467052f6 media: vivid: Fix wrong locking that causes race conditions on streaming stop
KASAN: use-after-free Read in __vb2_perform_fileio C done 13 510d 740d 479d 467052f6 media: vivid: Fix wrong locking that causes race conditions on streaming stop
KASAN: use-after-free Read in kfree_skb C done 95 513d 634d 482d 03bf4876 Bluetooth: Fix invalid-free in bcsp_close()
WARNING in __vb2_queue_cancel C done 11 517d 729d 487d 467052f6 media: vivid: Fix wrong locking that causes race conditions on streaming stop
WARNING: suspicious RCU usage in memfd_fcntl C done done 1879 519d 542d 489d e4cc9c81 memfd: Use radix_tree_deref_slot_protected to avoid the warning.
possible deadlock in ovl_write_iter syz done 84 526d 736d 490d ab69a230 Revert "tipc: fix modprobe tipc failed after switch order of device registration"
KASAN: use-after-free Read in rxrpc_send_keepalive syz done 6 541d 614d 491d 570ab0dd rxrpc: Fix call ref leak
BUG: corrupted list in p9_fd_cancelled syz done 2 527d 590d 491d 78a917be perf/core: Consistently fail fork on allocation failures
KASAN: use-after-free Read in __lock_sock syz done 2 543d 543d 492d 51f0c108 libata/ahci: Fix PCS quirk application
WARNING in corrupted syz done 25 564d 716d 492d ed568ca7 bpf: fix use after free in prog symbol exposure
possible deadlock in io_submit_one syz done 406 566d 743d 492d 052b3181 fs/userfaultfd.c: disable irqs for fault_pending and event locks
WARNING in bpf_jit_free syz done 293 566d 743d 493d ed568ca7 bpf: fix use after free in prog symbol exposure
KASAN: use-after-free Read in pneigh_get_next syz done 1 677d 677d 494d 103835df neigh: fix use-after-free read in pneigh_get_next
WARNING in ovl_rename syz done 1 726d 726d 494d f1c5aa5e ovl: detect overlapping layers
kernel BUG at arch/x86/mm/physaddr.c:LINE! syz done 1 664d 664d 494d 4736bb27 ip_tunnel: allow not to count pkts on tstats by setting skb's dev to NULL
WARNING in ovl_instantiate syz done 5 734d 738d 494d f1c5aa5e ovl: detect overlapping layers
WARNING: suspicious RCU usage in llc_sap_close C done 10 532d 688d 494d 9a484516 llc: avoid blocking in llc_sap_close()
BUG: unable to handle kernel NULL pointer dereference in blk_mq_map_swqueue C done 12 542d 727d 496d 9f0f39c9 nbd: fix max number of supported devs
KASAN: null-ptr-deref Write in kvm_write_guest_virt_system C done 50 560d 578d 498d 3683dd70 crypto: cavium/zip - Add missing single_release()
possible deadlock in free_ioctx_users C done 77 566d 688d 498d 5bead06b fuse: fix deadlock with aio poll and fuse_iqueue::waitq.lock
KASAN: use-after-free Read in wait_consider_task C done 58 570d 580d 498d 4eb92a11 RDMA/restrack: Protect from reentry to resource return path
WARNING: ODEBUG bug in free_task C done 165 570d 580d 498d 4eb92a11 RDMA/restrack: Protect from reentry to resource return path
general protection fault in tcf_action_destroy C done 15 567d 589d 498d 50dddec6 mISDN: enforce CAP_NET_RAW for raw sockets
WARNING: suspicious RCU usage in netem_enqueue C done 2 572d 577d 499d 195a3ea4 net_sched: add max len check for TCA_KIND
KASAN: use-after-free Read in __change_pid C done 4 572d 579d 499d 4eb92a11 RDMA/restrack: Protect from reentry to resource return path
possible deadlock in do_io_accounting C done 4 571d 682d 499d f1c5aa5e ovl: detect overlapping layers
KASAN: use-after-free Read in pids_release C done 7 572d 579d 499d 4eb92a11 RDMA/restrack: Protect from reentry to resource return path
general protection fault in release_task C done 3 573d 580d 500d 4eb92a11 RDMA/restrack: Protect from reentry to resource return path
general protection fault in wait_consider_task C done 5 572d 578d 500d 4eb92a11 RDMA/restrack: Protect from reentry to resource return path
INFO: rcu detected stall in netlink_sendmsg C done 3 584d 589d 500d a9e91767 sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero
KASAN: use-after-free Read in release_task C done 2 574d 577d 500d 4eb92a11 RDMA/restrack: Protect from reentry to resource return path
WARNING in handle_desc C done 1 581d 581d 500d 21874027 KVM: X86: Fix userspace set invalid CR4
BUG: unable to handle kernel NULL pointer dereference in tc_bind_tclass C done 18 575d 594d 500d 07f7ec87 net_sched: check cops->tcf_block in tc_bind_tclass()
general protection fault in qdisc_destroy C done 9 580d 590d 500d 7a1bad56 net_sched: let qdisc_put() accept NULL pointer
INFO: rcu detected stall in addrconf_dad_work C done 19 582d 594d 502d a9e91767 sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero
INFO: rcu detected stall in mld_ifc_timer_expire C done 33 582d 594d 502d a9e91767 sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero
INFO: rcu detected stall in br_handle_frame C done 41 582d 594d 502d a9e91767 sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero
INFO: task hung in __x64_sys_io_destroy C done 1 583d 583d 502d ec2a3681 media: tvp5150: fix switch exit in set control handler
WARNING: refcount bug in hci_register_dev C done 3 588d 600d 504d e1666bcb driver core: Fix use-after-free and double free on glue directory
WARNING in kernfs_get C done 14 588d 728d 504d e1666bcb driver core: Fix use-after-free and double free on glue directory
general protection fault in kernfs_add_one C done 8 597d 736d 505d e1666bcb driver core: Fix use-after-free and double free on glue directory
general protection fault in packet_lookup_frame C done 1 618d 618d 505d 154e6bc4 net/packet: fix race in tpacket_snd()
WARNING in tty_set_termios C done 151 628d 738d 506d 56966212 Bluetooth: hci_uart: check for missing tty operations
general protection fault in tcf_ife_init C done 15 626d 643d 506d c4c88993 ife: error out when nla attributes are empty
KASAN: null-ptr-deref Write in kthread_stop C done 12 626d 731d 506d 467052f6 media: vivid: Fix wrong locking that causes race conditions on streaming stop
general protection fault in rds_recv_rcvbuf_delta C done 7 634d 680d 507d 3de749d6 net/rds: An rds_sock is added too early to the hash table
INFO: task hung in blkdev_issue_flush C done 2 661d 661d 507d 76cf93f0 hwmon: (acpi_power_meter) Change log level for 'unsafe software power cap'
general protection fault in iptunnel_xmit C done 2 635d 635d 507d 4736bb27 ip_tunnel: allow not to count pkts on tstats by setting skb's dev to NULL
WARNING in kernfs_put C done 1 666d 666d 508d e1666bcb driver core: Fix use-after-free and double free on glue directory
WARNING in notify_change C done 12 671d 728d 509d e8e448b0 Abort file_remove_privs() for non-reg. files
BUG: unable to handle kernel paging request in coalesced_mmio_write C done 2 670d 670d 509d 232a6462 KVM: coalesced_mmio: add bounds checking
possible deadlock in userfaultfd_release C done 4 671d 676d 509d 052b3181 fs/userfaultfd.c: disable irqs for fault_pending and event locks
possible deadlock in acct_pin_kill C done 125 702d 736d 509d ab69a230 Revert "tipc: fix modprobe tipc failed after switch order of device registration"
WARNING in xfrm_state_fini C done 78 718d 743d 510d ab69a230 Revert "tipc: fix modprobe tipc failed after switch order of device registration"
WARNING in __flush_work C done 135 716d 722d 510d af48f7d7 drm/udl: Replace drm_dev_unref with drm_dev_put
KASAN: use-after-free Read in get_mem_cgroup_from_mm C done 6 724d 738d 510d ab69a230 Revert "tipc: fix modprobe tipc failed after switch order of device registration"
general protection fault in ip6erspan_set_version C done 7 734d 743d 511d ab69a230 Revert "tipc: fix modprobe tipc failed after switch order of device registration"
possible deadlock in pipe_lock C done 2 726d 729d 511d f1c5aa5e ovl: detect overlapping layers
general protection fault in sctp_timeout_obj_to_nlattr C done 7 738d 742d 511d ab69a230 Revert "tipc: fix modprobe tipc failed after switch order of device registration"
general protection fault in generic_timeout_obj_to_nlattr C done 11 739d 743d 511d ab69a230 Revert "tipc: fix modprobe tipc failed after switch order of device registration"
general protection fault in gre_timeout_obj_to_nlattr C done 13 738d 743d 511d ab69a230 Revert "tipc: fix modprobe tipc failed after switch order of device registration"
general protection fault in tcp_timeout_obj_to_nlattr C done 7 739d 741d 512d ab69a230 Revert "tipc: fix modprobe tipc failed after switch order of device registration"
general protection fault in icmp_timeout_obj_to_nlattr C done 3 741d 743d 512d ab69a230 Revert "tipc: fix modprobe tipc failed after switch order of device registration"
general protection fault in udp_timeout_obj_to_nlattr C done 8 739d 743d 512d ab69a230 Revert "tipc: fix modprobe tipc failed after switch order of device registration"
general protection fault in dccp_timeout_obj_to_nlattr C done 7 739d 743d 512d ab69a230 Revert "tipc: fix modprobe tipc failed after switch order of device registration"