syzbot


Title Repro Cause bisect Fix bisect Count Last Reported Patched Closed Patch
BUG: unable to handle kernel paging request in bpf_probe_read_kernel_str origin:upstream C done 1 35d 65d 3/3 3d22h f175de546a3e x86/mm: Disallow vsyscall page read for copy_from_kernel_nofault()
WARNING in ieee80211_bss_info_change_notify C done 442 38d 401d 3/3 8d02h 930e826962d9 wifi: nl80211: reject iftype change with mesh ID change
BUG: unable to handle kernel paging request in bit_putcs C done 4 40d 235d 3/3 9d09h 2f91a96b892f fbcon: always restore the old font data in fbcon_do_set_font()
KASAN: slab-out-of-bounds Read in ntfs_listxattr C done 52 42d 380d 3/3 9d22h 6ed6cdbe8833 fs/ntfs3: Fix oob in ntfs_listxattr
BUG: unable to handle kernel NULL pointer dereference in sk_psock_verdict_data_ready origin:upstream C done 1 57d 57d 3/3 24d 4588b13abcbd bpf, sockmap: Fix NULL pointer dereference in sk_psock_verdict_data_ready()
UBSAN: array-index-out-of-bounds in diNewExt origin:lts-only C done 2 80d 80d 3/3 38d efdd665ce1a1 drm/amd/display: Implement bounds check for stream encoder creation in DCN301
possible deadlock in hci_rfkill_set_block C done 1032 101d 169d 3/3 63d fc6471510582 Bluetooth: Fix deadlock in vhci_send_frame
UBSAN: shift-out-of-bounds in scalar32_min_max_arsh origin:upstream C done 1 113d 113d 3/3 82d 803fb6109fcf bpf: fix precision backtracking instruction iteration
general protection fault in __unmap_hugepage_range_final origin:upstream C done 13 122d 162d 3/3 92d 574a6db80f3e hugetlb: fix null-ptr-deref in hugetlb_vma_lock_write
WARNING in fib6_add C done 2 122d 289d 3/3 92d a3f5de10b5cf ipv6: fix potential NULL deref in fib6_add()
WARNING in __kernel_write_iter origin:upstream C done 224 130d 388d 3/3 99d 4fc9c61c02c0 btrfs: send: ensure send_fd is writable
WARNING in lookup_inline_extent_backref origin:upstream C done 2 132d 299d 3/3 101d 56f762659a5e btrfs: do not allow non subvolume root targets for snapshot
WARNING in nilfs_sufile_set_segment_usage origin:upstream C done 4 149d 396d 3/3 115d 3907e9cc85ff nilfs2: prevent WARNING in nilfs_sufile_set_segment_usage()
KASAN: use-after-free Read in unix_stream_read_actor origin:lts-only C done 1 149d 153d 3/3 115d d179189eec42 af_unix: fix use-after-free in unix_stream_read_actor()
WARNING in __alloc_skb origin:upstream C done 2 155d 155d 3/3 123d ab3e13b35c1a ppp: limit MRU to 64K
WARNING in imon_probe origin:upstream syz done 2 235d 303d 3/3 128d b083aaf5db2e media: imon: fix access to invalid resource for the second interface
WARNING in inet_csk_get_port origin:upstream C done 11 177d 205d 3/3 143d 8b9c79c0ecd2 tcp: Fix listen() warning with v4-mapped-v6 address.
KASAN: use-after-free Read in diFree origin:lts-only C done 7 197d 358d 3/3 164d 4de3a603010e jfs: fix invalid free of JFS_IP(ipimap)->i_imap in diUnmount
possible deadlock in f2fs_getxattr origin:upstream missing-backport C done 1043 206d 263d 3/3 170d 980b592c6087 f2fs: avoid false alarm of circular locking
UBSAN: array-index-out-of-bounds in f2fs_iget origin:upstream C done 1 235d 235d 3/3 184d 0d545a8e77cb Revert "f2fs: fix to do sanity check on extent cache correctly"
WARNING in bpf_xdp_adjust_tail C done 238 240d 401d 3/3 185d 20acffcdc2b7 net: core: remove unnecessary frame_sz check in bpf_xdp_adjust_tail()
WARNING in sta_info_insert_rcu origin:upstream C done 1 243d 243d 3/3 189d 676a42341013 wifi: cfg80211: reject auth/assoc to AP with our address
KASAN: null-ptr-deref Write in get_block origin:upstream missing-backport C done 4 252d 298d 3/3 192d 1416eebaad80 fs/sysv: Null check to prevent null-ptr-deref bug
UBSAN: shift-out-of-bounds in dbUpdatePMap origin:upstream C done 1 264d 305d 3/3 197d c7feb54b1138 jfs: jfs_dmap: Validate db_l2nbperpage while mounting
WARNING in corrupted C done 3 271d 390d 3/3 197d 8abb53c5167c media: usb: siano: Fix warning due to null work_func_t function pointer
WARNING in usbnet_start_xmit/usb_submit_urb origin:lts-only C done 2 264d 335d 3/3 197d 1bebbd9b8037 net: usbnet: Fix WARNING in usbnet_start_xmit/usb_submit_urb
WARNING in smsusb_start_streaming C done 1 268d 268d 3/3 197d 8abb53c5167c media: usb: siano: Fix warning due to null work_func_t function pointer
WARNING in smsusb_term_device C done 131 269d 390d 3/3 197d 8abb53c5167c media: usb: siano: Fix warning due to null work_func_t function pointer
BUG: unable to handle kernel NULL pointer dereference in indx_find origin:lts-only C done 3 273d 394d 3/3 197d 000a9a72efa4 fs/ntfs3: Check fields while reading
UBSAN: shift-out-of-bounds in dbFree origin:upstream C done 1 282d 346d 3/3 202d c7feb54b1138 jfs: jfs_dmap: Validate db_l2nbperpage while mounting
UBSAN: array-index-out-of-bounds in xtSearch origin:upstream C done 3 278d 355d 3/3 202d f27f759f4cd4 jfs: validate max amount of blocks before allocation.
INFO: rcu detected stall in sock_close origin:upstream C done 1 277d 277d 3/3 202d 0b45af982a4d net/sched: taprio: Limit TCA_TAPRIO_ATTR_SCHED_CYCLE_TIME to INT_MAX.
WARNING in btrfs_remove_chunk origin:lts-only C done 10 287d 378d 3/3 205d 9628d45a0667 btrfs: scrub: reject unsupported scrub flags
KASAN: use-after-free Read in gsm_cleanup_mux C done 4 289d 355d 3/3 214d 31311a9a4baa tty: n_gsm: fix the UAF caused by race condition in gsm_cleanup_mux
BUG: unable to handle kernel NULL pointer dereference in hdr_find_e origin:upstream missing-backport C done 23 291d 387d 3/3 216d 000a9a72efa4 fs/ntfs3: Check fields while reading
BUG: unable to handle kernel paging request in sctp_outq_tail origin:lts-only C done 2 294d 399d 3/3 234d d2128636b303 sctp: check send stream number after wait_for_sndbuf
possible deadlock in static_key_slow_inc C done 1908 289d 401d 3/3 239d 0d7a4e6589a0 cgroup,freezer: hold cpu_hotplug_lock before freezer_mutex in freezer_css_{online,offline}()
kernel BUG in btrfs_global_root_insert C done 5 298d 368d 3/3 249d 4389fb6b6a9d btrfs: do not ASSERT() on duplicated global roots
kernel BUG in btrfs_global_root_delete C done 6 299d 366d 3/3 254d 4389fb6b6a9d btrfs: do not ASSERT() on duplicated global roots
BUG: soft lockup in addrconf_rs_timer C done 26 303d 315d 3/3 256d 1d37434ffc13 net/sched: fq_pie: ensure reasonable TCA_FQ_PIE_QUANTUM values
WARNING in nilfs_segctor_do_construct C done 2 304d 334d 3/3 261d 69caea4eed1c nilfs2: fix possible out-of-bounds segment allocation in resize ioctl
BUG: soft lockup in fq_pie_timer C done 7 306d 314d 3/3 265d 1d37434ffc13 net/sched: fq_pie: ensure reasonable TCA_FQ_PIE_QUANTUM values
possible deadlock in ext4_xattr_set_handle C done 15 309d 397d 3/3 269d b112babc565e ext4: add EA_INODE checking to ext4_iget()
kernel BUG in __phys_addr C done 2 308d 339d 3/3 269d a8eaa9a06add fs/ntfs3: Validate MFT flags before replaying logs
BUG: soft lockup in tc_modify_qdisc origin:upstream C done 1 313d 313d 3/3 277d 1d37434ffc13 net/sched: fq_pie: ensure reasonable TCA_FQ_PIE_QUANTUM values
INFO: task hung in usbdev_open origin:lts-only C done 3 319d 377d 3/3 288d d5dba4b7bf90 USB: sisusbvga: Add endpoint checks
WARNING in hfsplus_cat_write_inode origin:lts-only C done 9 324d 384d 3/3 290d 48960a503fce fs: hfsplus: remove WARN_ON() from hfsplus_cat_{read,write}_inode()
WARNING in hfsplus_cat_read_inode origin:lts-only C done 24 323d 365d 3/3 290d 48960a503fce fs: hfsplus: remove WARN_ON() from hfsplus_cat_{read,write}_inode()
WARNING: bad unlock balance in l2cap_disconnect_rsp origin:lts-only C done 37 323d 357d 3/3 290d fd269a0435f8 Bluetooth: L2CAP: fix "bad unlock balance" in l2cap_disconnect_rsp
WARNING: bad unlock balance in l2cap_recv_frame origin:lts-only C done 22 326d 357d 3/3 290d fd269a0435f8 Bluetooth: L2CAP: fix "bad unlock balance" in l2cap_disconnect_rsp
KASAN: slab-out-of-bounds Read in xfs_btree_lookup_get_block origin:lts-only C done 1 326d 326d 3/3 295d a2961463d74f xfs: verify buffer contents when we skip log replay
possible deadlock in ext4_multi_mount_protect origin:upstream C done 165 330d 373d 3/3 297d 19fb73b8eaef ext4: fix lockdep warning when enabling MMP
WARNING in __virt_to_phys origin:lts-only C done 1 329d 336d 3/3 297d a8eaa9a06add fs/ntfs3: Validate MFT flags before replaying logs
WARNING in kvfree C done 3 340d 377d 3/3 309d c5fa4eedddd1 ext4: fix invalid free tracking in ext4_xattr_move_to_block()
WARNING in ath6kl_htc_pipe_rx_complete C done 1 347d 347d 3/3 315d 644df7e865e7 wifi: ath6kl: reduce WARN to dev_dbg() in callback
WARNING in split_huge_page_to_list C done 140 351d 396d 3/3 317d e8a7bdb6f76c mm/huge_memory.c: warn with pr_warn_ratelimited instead of VM_WARN_ON_ONCE_FOLIO
possible deadlock in blkcg_deactivate_policy C done 168 353d 399d 3/3 317d b5dae1cd0d83 Revert "blk-cgroup: synchronize pd_free_fn() from blkg_free_workfn() and blkcg_deactivate_policy()"
general protection fault in io_poll_remove_entries C done 21 376d 394d 3/3 345d 3eb2138d4693 io_uring/poll: clear single/double poll flags on poll arming
WARNING in ip6erspan_tunnel_xmit C done 1 388d 388d 3/3 357d 9c7d6803689c erspan: do not use skb_mac_header() in ndo_start_xmit()
WARNING: refcount bug in qrtr_node_lookup C done 1 392d 392d 3/3 361d aa95efa187b4 net: qrtr: Fix a refcount bug in qrtr_recvmsg()
possible deadlock in l2tp_tunnel_register C done 44 399d 401d 3/3 366d 4bb736b40475 l2tp: Avoid possible recursive deadlock in l2tp_tunnel_register()
WARNING in fscrypt_destroy_keyring C done 1 397d 397d 3/3 366d d77531fac6a1 fscrypt: destroy keyring after security_sb_delete()
possible deadlock in throtl_pending_timer_fn C done 266 398d 399d 3/3 366d b5dae1cd0d83 Revert "blk-cgroup: synchronize pd_free_fn() from blkg_free_workfn() and blkcg_deactivate_policy()"
KASAN: use-after-free Read in hfsplus_release_folio C done 2 399d 400d 3/3 366d 0c80bef0b7d2 fs: hfsplus: fix UAF issue in hfsplus_put_super