syzbot


fixed (2044):
Title Repro Bisected Count Last Reported Closed Patch
KASAN: use-after-free Read in bitmap_ip_destroy C cause+fix 1 32d 32d 1d17h 32c72165 netfilter: ipset: use bitmap infrastructure completely
upstream boot error: KASAN: slab-out-of-bounds Write in hpet_alloc 33 20d 21d 2d18h 98c49f17 char: hpet: Fix out-of-bounds read bug
KMSAN: uninit-value in setup_udp_tunnel_sock C 1 30d 30d 2d18h 940ba149 net-backports: gtp: make sure only SOCK_DGRAM UDP sockets are accepted
WARNING in nft_request_module C cause 7 36d 36d 2d18h 9332d27d netfilter: nf_tables: remove WARN and add NLA_STRING upper limits
memory leak in reiserfs_fill_super C 20 21d 71d 2d18h 5474ca7d reiserfs: Fix memory leak of journal device string
WARNING: lock held when returning to user space in tun_get_user (2) 7 18d 29d 2d18h 1efba987 net-backports: tun: add mutex_unlock() call and napi.skb clearing in tun_get_user()
memory leak in kobject_set_name_vargs (2) C cause 47 28d 212d 2d18h cb626bf5 net-sysfs: Fix reference count leak
KCSAN: data-race in __rcu_read_unlock / sync_rcu_exp_select_cpus 7 14d 108d 2d18h c51f83c3 rcu: Use READ_ONCE() for ->expmask in rcu_read_unlock_special()
KASAN: slab-out-of-bounds Read in bitmap_port_gc C cause 197 16d 33d 2d18h 32c72165 netfilter: ipset: use bitmap infrastructure completely
KMSAN: uninit-value in can_receive C 14 5d19h 94d 2d18h e7153bf7 can: can_dropped_invalid_skb(): ensure an initialized headroom in outgoing CAN sk_buffs
memory leak in _sctp_make_chunk C 1 66d 66d 2d18h be7a7729 sctp: free cmd->obj.chunk for the unprocessed SCTP_CMD_REPLY
WARNING in devlink_port_type_warn 2340 33d 105d 2d18h 4c582234 devlink: Wait longer before warning about unset port type
BUG: unable to handle kernel NULL pointer dereference in x25_connect 1 76d 76d 2d18h e21dba7a net/x25: fix nonblocking connect
KASAN: user-memory-access Write in video_usercopy 3 43d 43d 2d18h 1dc8b65c media: v4l2-core: only zero-out ioctl-read buffers
BUG: unable to handle kernel NULL pointer dereference in cfg80211_wext_siwrts 3 32d 41d 2d18h 24953de0 cfg80211: check for set_wiphy_params
KASAN: null-ptr-deref Write in x25_connect 1 81d 76d 2d18h e21dba7a net/x25: fix nonblocking connect
KASAN: slab-out-of-bounds Read in bitmap_ip_list C 85 17d 34d 2d18h 32c72165 netfilter: ipset: use bitmap infrastructure completely
kernel BUG at fs/namei.c:LINE! 3593 38d 38d 2d18h c64cd6e3 reimplement path_mountpoint() with less magic
KASAN: use-after-free Read in bitmap_port_ext_cleanup C cause 11 32d 41d 2d18h c1209593 netfilter: fix a use-after-free in mtype_destroy()
KMSAN: uninit-value in sd_init (2) C 94 108d 104d 2d18h de89d086 media: gspca: zero usb_buf
KMSAN: uninit-value in __request_module (3) C 58 3d10h 31d 2d18h 36d79af7 net-backports: net_sched: use validated TCA_KIND attribute in tc_new_tfilter()
KMSAN: uninit-value in rsvp_change C 4 23d 23d 2d18h cb3c0e6b cls_rsvp: fix rsvp_policy
BUG: unable to handle kernel paging request in rhashtable_replace_fast 2 28d 36d 2d18h 41cdc741 netdevsim: fix nsim_fib6_rt_create() error path
KASAN: use-after-free Read in __nf_tables_abort C cause 3 29d 31d 2d18h eb014de4 netfilter: nf_tables: autoload modules from the abort path
KASAN: use-after-free Read in rsi_rx_done_handler 8 41d 170d 2d18h e93cd351 rsi: fix use-after-free on failed probe and unbind
general protection fault in hsr_addr_is_self 3 4d15h 19d 2d18h 2b5b8251 net: hsr: fix possible NULL deref in hsr_handle_frame()
WARNING: suspicious RCU usage in find_set_and_id syz cause 6 27d 30d 2d18h 50385171 netfilter: ipset: fix suspicious RCU usage in find_set_and_id
BUG: corrupted list in nft_obj_del C cause 7 34d 36d 2d18h 335178d5 netfilter: nf_tables: fix flowtable list del corruption
BUG: corrupted list in nf_tables_commit C cause 8 36d 36d 2d18h 335178d5 netfilter: nf_tables: fix flowtable list del corruption
kernel panic: stack is corrupted in __lock_acquire (4) syz cause+fix 75 98d 256d 2d18h 4da6a196 bpf: Sockmap/tls, during free we may call tcp_bpf_unhash() in loop
INFO: rcu detected stall in addrconf_rs_timer (3) C cause+fix 81 63d 59d 2d18h d9e15a27 pkt_sched: fq: do not accept silly TCA_FQ_QUANTUM
KASAN: slab-out-of-bounds Read in bitmap_ipmac_list C cause 108 18d 34d 2d18h 32c72165 netfilter: ipset: use bitmap infrastructure completely
BUG: corrupted list in __dentry_kill (2) C cause 4945 71d 71d 2d18h a3d1e7eb simple_recursive_removal(): kernel-side rm -rf for ramfs-style filesystems
KASAN: slab-out-of-bounds Write in setup_udp_tunnel_sock (2) C cause 8 29d 31d 2d18h 940ba149 net-backports: gtp: make sure only SOCK_DGRAM UDP sockets are accepted
BUG: sleeping function called from invalid context in lock_sock_nested C 1232 2d19h 78d 2d18h 37f96694 crypto: af_alg - Use bh_lock_sock in sk_destruct
general protection fault in dccp_timeout_nlattr_to_obj C cause 7 42d 45d 2d18h 1d9a7acd netfilter: conntrack: dccp, sctp: handle null timeout argument
memory leak in vlan_dev_set_egress_priority C 1 45d 45d 2d18h 9bbd917e vlan: fix memory leak in vlan_dev_set_egress_priority
general protection fault in nft_parse_register 1 34d 34d 2d18h 7eaecf79 netfilter: nft_osf: add missing check for DREG attribute
WARNING in sk_psock_drop 157 25d 34d 2d18h 58c8db92 net, sk_msg: Don't check if sock is locked when tearing down psock
KCSAN: data-race in __rcu_read_unlock / rcu_report_exp_cpu_mult 21 18d 78d 2d18h c51f83c3 rcu: Use READ_ONCE() for ->expmask in rcu_read_unlock_special()
KCSAN: data-race in tomoyo_supervisor / tomoyo_supervisor (3) 142 7d19h 59d 2d18h a8772fad tomoyo: Use atomic_t for statistics counter
KMSAN: uninit-value in macvlan_broadcast C 2 45d 45d 2d18h 96cc4b69 macvlan: do not assume mac_header is set in macvlan_broadcast()
general protection fault in xt_rateest_tg_checkentry C cause 12 46d 56d 2d18h 1b789577 netfilter: arp_tables: init netns pointer in xt_tgchk_param struct
general protection fault in hash_netiface6_uadt 1 42d 42d 2d18h 22dad713 netfilter: ipset: avoid null deref when IPSET_ATTR_LINENO is present
WARNING in tcp_ack C cause 3 43d 44d 2d18h 90d72256 gtp: fix bad unlock balance in gtp_encap_enable_socket
memory leak in em_nbyte_change C 1 27d 27d 2d18h 55cd9f67 net_sched: ematch: reject invalid TCF_EM_SIMPLE
KCSAN: data-race in __skb_try_recv_from_queue / unix_dgram_sendmsg 61 18d 36d 2d18h 86b18aaa skbuff: fix a data race in skb_queue_len()
KMSAN: uninit-value in digitv_rc_query C 4 121d 104d 2d18h eecc70d2 media: digitv: don't continue if remote control state can't be read 569bc8d6 media: dvb-usb/dvb-usb-urb.c: initialize actlen to 0
general protection fault in xt_rateest_put C cause 97 33d 40d 2d18h 212e7f56 netfilter: arp_tables: init netns pointer in xt_tgdtor_param struct
KCSAN: data-race in rcu_gp_fqs_check_wake / rcu_preempt_deferred_qs_irqrestore 99 14d 135d 2d18h 6935c398 rcu: Avoid data-race in rcu_gp_fqs_check_wake()
BUG: sleeping function called from invalid context in tpk_write C cause 12 34d 75d 2d18h 9a655c77 ttyprintk: fix a potential deadlock in interrupt context issue
KCSAN: data-race in rcu_gp_fqs_check_wake / rcu_note_context_switch 51 14d 127d 2d18h 6935c398 rcu: Avoid data-race in rcu_gp_fqs_check_wake()
memory leak in snd_pcm_hw_params C 25 15d 22d 2d18h 66f2d19f ALSA: pcm: Fix memory leak at closing a stream without hw_free
KASAN: slab-out-of-bounds Read in macvlan_broadcast C cause 10 43d 45d 2d18h 96cc4b69 macvlan: do not assume mac_header is set in macvlan_broadcast()
KMSAN: uninit-value in number C 190 7d01h 104d 2d18h 51d0c99b media: af9005: uninitialized variable printked
KCSAN: data-race in find_next_bit / rcu_report_exp_cpu_mult 203 14d 136d 2d18h 15c7c972 rcu: Use *_ONCE() to protect lockless ->expmask accesses
KMSAN: uninit-value in __tipc_nl_compat_dumpit C 4428 2d19h 71d 2d18h a7869e5f tipc: eliminate KMSAN: uninit-value in __tipc_nl_compat_dumpit error
KASAN: slab-out-of-bounds Read in nla_put_nohdr C cause 1 30d 30d 2d18h 61678d28 net_sched: fix datalen for ematch
general protection fault in path_openat C cause 7 20d 20d 2d18h 6404674a vfs: fix do_last() regression
general protection fault in free_verifier_state (3) C 5 30d 37d 2d18h f59bbfc2 bpf: Fix error path under memory pressure
WARNING: bad unlock balance in release_sock 1 44d 44d 2d18h 90d72256 gtp: fix bad unlock balance in gtp_encap_enable_socket
KASAN: use-after-free Read in tcp_fastretrans_alert C cause 1 33d 33d 2d18h 2bec445f net-backports: tcp: do not leave dangling pointers in tp->highest_sack
KASAN: use-after-free Read in root_remove_peer_lists C cause 2 19d 19d 2d18h 9981159f wireguard: allowedips: fix use-after-free in root_remove_peer_lists
KASAN: use-after-free Read in snd_timer_resolution C 5 18d 36d 2d18h 60adcfde ALSA: seq: Fix racy access for queue timer in proc read
KMSAN: uninit-value in i2c_w (2) C 3 116d 104d 2d18h de89d086 media: gspca: zero usb_buf
KCSAN: data-race in tick_do_update_jiffies64 / tick_do_update_jiffies64 (4) 394 7d19h 78d 2d18h de95a991 net-backports: tick/sched: Annotate lockless access to last_jiffies_update
general protection fault in hash_netnet6_uadt 1 43d 43d 2d18h 22dad713 netfilter: ipset: avoid null deref when IPSET_ATTR_LINENO is present
BUG: unable to handle kernel paging request in rhashtable_jhash2 C cause 6 35d 36d 2d18h 41cdc741 netdevsim: fix nsim_fib6_rt_create() error path
memory leak in tcf_ctinfo_init C 2 32d 33d 2d18h 09d4f10a net: sched: act_ctinfo: fix memory leak
WARNING in do_dentry_open (2) C cause 17 22d 19d 2d18h a37f4958 debugfs: Return -EPERM when locked down
KASAN: slab-out-of-bounds Read in __nla_put_nohdr C cause 4 30d 30d 2d18h 61678d28 net_sched: fix datalen for ematch
INFO: rcu detected stall in br_handle_frame (2) C cause 2 62d 58d 2d18h d9e15a27 pkt_sched: fq: do not accept silly TCA_FQ_QUANTUM
memory leak in nf_tables_parse_netdev_hooks C 6 6d12h 36d 2d18h cd77e75b netfilter: nf_tables: fix memory leak in nf_tables_parse_netdev_hooks()
KCSAN: data-race in process_srcu / synchronize_srcu 112 14d 108d 2d18h 844a378d srcu: Apply *_ONCE() to ->srcu_last_gp_end
WARNING in __proc_create (2) C cause 4 29d 30d 2d18h a45ea48e afs: Fix characters allowed into cell names
INFO: rcu detected stall in netlink_sendmsg (3) C cause 6 9d23h 63d 2d18h d9e15a27 pkt_sched: fq: do not accept silly TCA_FQ_QUANTUM
general protection fault in timer_is_static_object C 2 86d 83d 2d18h cb222aed Input: add safety guards to input_set_keycode()
KASAN: null-ptr-deref Write in queue_work_on C cause+fix 5 187d 183d 2d18h 0ace17d5 can, slip: Protect tty->disc_data in write_wakeup and close with RCU
WARNING in cbq_destroy_class C cause 7 7d17h 30d 2d18h 2e24cd75 net_sched: fix ops->bind_class() implementations
WARNING in tracepoint_probe_register_prio (3) syz cause 979 6d03h 643d 2d18h 64ae572b tracing: Fix sched switch start/stop refcount racy updates
kernel BUG at arch/x86/kvm/mmu/mmu.c:LINE! C cause 6 59d 66d 2d18h 005ba37c mm: thp: KVM: Explicitly check for THP when populating secondary MMU
BUG: spinlock already unlocked in input_set_keycode C 2 96d 94d 2d18h cb222aed Input: add safety guards to input_set_keycode()
WARNING: refcount bug in cdev_get C cause 105 44d 184d 2d18h 68faa679 chardev: Avoid potential use-after-free in 'chrdev_open()'
KMSAN: uninit-value in read_sensor_register (2) C 44 110d 127d 2d18h de89d086 media: gspca: zero usb_buf
inconsistent lock state in rxrpc_put_client_conn C cause 18198 11d 17d 2d18h 963485d4 rxrpc: Fix call RCU cleanup using non-bh-safe locks
general protection fault in hash_ipmark6_uadt 2 42d 42d 2d18h 22dad713 netfilter: ipset: avoid null deref when IPSET_ATTR_LINENO is present
WARNING in cbq_destroy C cause 1 30d 30d 2d18h 2e24cd75 net_sched: fix ops->bind_class() implementations
WARNING in dln2_start_rx_urbs/usb_submit_urb C 44 18d 106d 2d18h 2b8bd606 mfd: dln2: More sanity checking for endpoints
KASAN: use-after-free Read in tcp_check_sack_reordering C cause 2 25d 33d 2d18h 2bec445f net-backports: tcp: do not leave dangling pointers in tp->highest_sack
BUG: unable to handle kernel NULL pointer dereference in cfg80211_wext_siwfrag C cause 8 32d 45d 2d18h 24953de0 cfg80211: check for set_wiphy_params
WARNING in cgroup_apply_control_enable C cause 178 39d 591d 2d18h 3bc0bb36 cgroup: Prevent double killing of css when enabling threaded cgroup
KASAN: slab-out-of-bounds Read in hid_field_extract C 6 43d 76d 2d18h 8ec321e9 HID: Fix slab-out-of-bounds read in hid_field_extract
general protection fault in nft_chain_parse_hook C cause 48 21d 36d 2d18h 82603549 netfilter: nf_tables: add __nft_chain_type_get()
WARNING in nf_tables_table_destroy C cause+fix 1 34d 34d 2d18h eb014de4 netfilter: nf_tables: autoload modules from the abort path
KASAN: slab-out-of-bounds Write in mpol_parse_str C cause 3 41d 37d 2d18h c7a91bc7 mm/mempolicy.c: fix out of bounds write in mpol_parse_str()
KASAN: slab-out-of-bounds Read in bitmap_ip_gc C cause 15 15d 33d 2d18h 32c72165 netfilter: ipset: use bitmap infrastructure completely
WARNING: ODEBUG bug in rsi_probe C 10487 16d 312d 2d18h 92aafe77 rsi: fix use-after-free on probe errors
KASAN: use-after-free Read in macvlan_broadcast C cause 12 43d 45d 2d18h 96cc4b69 macvlan: do not assume mac_header is set in macvlan_broadcast()
general protection fault in nft_tunnel_get_init C cause 7 36d 36d 2d18h 1c702bf9 netfilter: nft_tunnel: fix null-attribute check
KASAN: slab-out-of-bounds Read in bitmap_port_add syz cause 9 27d 34d 2d18h 32c72165 netfilter: ipset: use bitmap infrastructure completely
WARNING: bad unlock balance in gtp_encap_enable_socket C cause 8 42d 46d 2d18h 90d72256 net-backports: gtp: fix bad unlock balance in gtp_encap_enable_socket
WARNING: bad unlock balance in sch_direct_xmit C cause 35 32d 79d 2d18h 53d37497 net: avoid updating qdisc_xmit_lock_key in netdev_update_lockdep_key()
general protection fault in inet6_set_link_af C cause 8 12d 15d 2d18h db3fa271 ipv6/addrconf: fix potential NULL deref in inet6_set_link_af()
general protection fault in tcf_ife_cleanup C cause 111 17d 41d 2d18h 44c23d71 net/sched: act_ife: initalize ife->metalist earlier
BUG: unable to handle kernel paging request in do_csum (2) C cause 6 26d 27d 2d18h 6cd021a5 udp: segment looped gso packets correctly
KASAN: use-after-free Write in hci_sock_bind 4 4d19h 37d 2d18h 11eb85ec Bluetooth: Fix race condition in hci_release_sock()
KASAN: use-after-free Write in __alloc_skb (2) C cause 7 53d 70d 2d18h d836f5c6 net-backports: net: rtnetlink: validate IFLA_MTU attribute in rtnl_create_link()
KASAN: slab-out-of-bounds Read in bitmap_ip_test syz 10 23d 33d 2d18h 32c72165 netfilter: ipset: use bitmap infrastructure completely
WARNING in geneve_exit_batch_net 15 2d20h 28d 2d18h 760d228e net_sched: walk through all child classes in tc_bind_tclass()
KASAN: slab-out-of-bounds Read in tcf_exts_destroy C cause+fix 8 125d 28d 2d18h 599be01e net_sched: fix an OOB access in cls_tcindex
general protection fault in hash_ipportnet4_uadt C cause 13 42d 44d 2d18h 22dad713 netfilter: ipset: avoid null deref when IPSET_ATTR_LINENO is present
KASAN: use-after-free Write in percpu_ref_switch_to_percpu 1 17d 16d 2d18h 2faf852d io_uring: cleanup fixed file data table references
KASAN: slab-out-of-bounds Read in bitmap_port_list C 152 25d 34d 2d18h 32c72165 netfilter: ipset: use bitmap infrastructure completely
WARNING in uvc_scan_chain_forward C 6 42d 66d 2d18h 68035c80 media: uvcvideo: Avoid cyclic entity chains due to malformed USB descriptors
WARNING: ODEBUG bug in tcindex_destroy_work (2) 5 7d16h 18d 2d18h 599be01e net_sched: fix an OOB access in cls_tcindex
inconsistent lock state in rxrpc_put_client_connection_id C cause 473 11d 17d 2d18h 963485d4 rxrpc: Fix call RCU cleanup using non-bh-safe locks
INFO: task hung in aead_recvmsg C cause 11991 29d 802d 2d18h bbefa1dd crypto: pcrypt - Avoid deadlock by using per-instance padata queues
KASAN: use-after-free Read in bitmap_port_destroy C 1 33d 33d 2d18h c1209593 netfilter: fix a use-after-free in mtype_destroy()
KASAN: null-ptr-deref Read in tcf_generic_walker C cause 6 6d15h 25d 2d18h 760d228e net_sched: walk through all child classes in tc_bind_tclass()
WARNING: refcount bug in chrdev_open C cause+fix 15 82d 184d 2d18h 68faa679 chardev: Avoid potential use-after-free in 'chrdev_open()'
KMSAN: uninit-value in dvb_usb_adapter_dvb_init 1 112d 104d 2d18h 26cff637 media: vp7045: do not read uninitialized values if usb transfer fails
INFO: task hung in __generic_file_fsync (2) C cause+fix 28 49d 50d 2d22h 85a8ce62 block: add bio_truncate to fix guard_bio_eod
WARNING in tcp_enter_loss (2) C cause+fix 4 660d 710d 2d22h 16ae6aa1 tcp: ignore Fast Open on repair mode
KASAN: null-ptr-deref Read in refcount_sub_and_test_checked (2) C cause+fix 916 262d 464d 2d22h 62dcb4f4 media: vb2: check memory model for VIDIOC_CREATE_BUFS
BUG: unable to handle kernel paging request in xfs_sb_quiet_read_verify C cause 6 63d 63d 7d07h d98c9e83 kasan: fix crashes on access to memory mapped by vm_map_ram()
KASAN: vmalloc-out-of-bounds Write in pcpu_alloc C cause 31 55d 79d 7d07h 253a496d kasan: don't assume percpu shadow allocations will succeed
KASAN: use-after-free Read in iov_iter_alignment C cause 3 81d 80d 7d07h e0ff126e pipe: Fix bogus dereference in iov_iter_alignment()
memory leak in sctp_stream_init C 1 68d 67d 7d07h 951c6db9 sctp: fix memleak on err handling of stream initialization
general protection fault in gigaset_probe C 6 91d 210d 7d07h 53f35a39 staging: gigaset: fix general protection fault on probe
KASAN: use-after-free Read in ext4_xattr_set_entry (2) C cause 19 66d 475d 7d07h 9803387c ext4: validate the debug_want_extra_isize mount option at parse time
KMSAN: uninit-value in __crc32c_le_base syz 567 43d 89d 7d07h b6f3320b sctp: fully initialize v4 addr in some functions
unregister_netdevice: waiting for DEV to become free (2) C cause 385621 7d08h 554d 7d07h ddd9b5e3 net-sysfs: Call dev_hold always in rx_queue_add_kobject
KMSAN: uninit-value in br_nf_forward_arp (3) 2 83d 75d 7d07h 56042858 net-backports: netfilter: bridge: make sure to pull arp header in br_nf_forward_arp()
KCSAN: data-race in taskstats_exit / taskstats_exit 157 7d19h 139d 7d07h 0b8d616f taskstats: fix data-race
WARNING in azx_rirb_get_response 4 65d 67d 7d07h 475feec0 ALSA: hda - Downgrade error message for single-cmd fallback
INFO: task hung in sync_inodes_sb (3) C cause 6 48d 56d 7d07h 85a8ce62 block: add bio_truncate to fix guard_bio_eod
linux-next boot error: general protection fault in do_mount_root 9 66d 66d 7d07h 7de7de7c Fix root mounting with no mount options
upstream boot error: general protection fault in do_mount_root 12 66d 67d 7d07h 7de7de7c Fix root mounting with no mount options
KMSAN: uninit-value in bond_neigh_setup 64 51d 75d 7d07h f394722f net-backports: neighbour: remove neigh_cleanup() method
KASAN: use-after-free Read in tomoyo_realpath_from_path syz cause+fix 7 67d 260d 7d07h 6f7c4137 tomoyo: Don't use nifty names on sockets.
KASAN: slab-out-of-bounds Read in hsr_debugfs_rename C cause 18 45d 55d 7d07h 04b69426 hsr: fix slab-out-of-bounds Read in hsr_debugfs_rename()
general protection fault in j1939_sk_bind syz cause+fix 22 82d 108d 7d07h 00d4e14d can: j1939: j1939_sk_bind(): take priv after lock is held
BUG: unable to handle kernel paging request in pcpu_alloc C cause 24 60d 79d 7d07h 253a496d kasan: don't assume percpu shadow allocations will succeed
general protection fault in sctp_stream_free (2) C cause 25 52d 63d 7d07h 61d5d406 sctp: fix err handling of stream initialization
inconsistent lock state in sp_get C cause 2 70d 70d 7d07h 5c9934b6 6pack,mkiss: fix possible deadlock
general protection fault in j1939_jsk_del (2) syz 21 66d 83d 7d07h 00d4e14d can: j1939: j1939_sk_bind(): take priv after lock is held
KASAN: vmalloc-out-of-bounds Read in compat_copy_entries C cause 3 68d 68d 7d07h e608f631 netfilter: ebtables: compat: reject all padding in matches/watchers
WARNING in ovl_rename C cause+fix 5 299d 295d 7d07h 6889ee5a ovl: relax WARN_ON() on rename to self
possible deadlock in mon_bin_vma_fault C cause 11427 68d 535d 7d07h 19e6317d usb: mon: Fix a deadlock in usbmon between mmap and read
WARNING: refcount bug in smc_release (2) C cause 9 64d 87d 7d07h 86434744 net/smc: add fallback check to connect()
BUG: corrupted list in hsr_add_node 1 109d 108d 7d07h 92a35678 hsr: fix a race condition in node list insertion and deletion
BUG: Bad rss-counter state (3) C cause+fix 438 207d 673d 20d 173d9d9f mm/huge_memory: splitting set mapping+index before unfreeze
possible deadlock in flush_workqueue (2) C cause+fix 256 55d 488d 20d e7c58097 hugetlbfs: revert "Use i_mmap_rwsem to fix page fault/truncate race"
KASAN: slab-out-of-bounds Read in build_audio_procunit (2) C 1 106d 105d 28d 976a68f0 ALSA: usb-audio: Fix incorrect size check for processing/extension units
KASAN: use-after-free Read in j1939_xtp_rx_abort_one C cause+fix 11 100d 108d 33d ddeeb7d4 can: j1939: j1939_can_recv(): add priv refcounting
memory leak in fdb_create (2) C 1 80d 80d 44d c4b4c421 net: bridge: deny dev_set_mac_address() when unregistering
KMSAN: uninit-value in __request_module (2) 3 63d 75d 44d 2dd5616e net-backports: net_sched: validate TCA_KIND attribute in tc_chain_tmplt_add()
KASAN: vmalloc-out-of-bounds Write in kvm_dev_ioctl_get_cpuid C 41 78d 79d 44d 433f4ba1 KVM: x86: fix out-of-bounds write in KVM_GET_EMULATED_CPUID (CVE-2019-19332)
kernel BUG at include/linux/mm.h:LINE! (5) C cause+fix 129 283d 353d 44d 9354544c net/tls: fix page double free on TX cleanup
KASAN: use-after-free Read in __queue_work (2) C cause+fix 577 238d 592d 44d 430ac66e net/9p/trans_fd.c: fix race-condition by flushing workqueue before the kfree()
KASAN: slab-out-of-bounds Read in bpf_prog_create C cause 447 74d 156d 44d 0033b34a ppp: fix out-of-bounds access in bpf_prog_create()
memory leak in register_netdevice C 19 75d 80d 44d 42c17fa6 net: fix a leak in register_netdevice()
KASAN: slab-out-of-bounds Read in vcs_scr_readw C cause+fix 16 79d 79d 44d 0c9acb1a vcs: prevent write access to vcsu devices
kernel BUG at fs/pipe.c:LINE! C cause 693 74d 81d 44d 8c7b8c34 pipe: Remove assertion from pipe_poll()
KMSAN: uninit-value in usbnet_probe C 1 260d 260d 44d 78226f6e net: usb: asix: init MAC address buffers
KMSAN: uninit-value in nf_conntrack_tcp_packet syz 3 78d 81d 44d 9424e2e7 net-backports: tcp: md5: fix potential overestimation of TCP option space
KASAN: slab-out-of-bounds Read in linear_transfer (3) C cause 5 77d 79d 44d 4cc8d650 ALSA: pcm: oss: Avoid potential buffer overflows
KCSAN: data-race in mod_timer / run_timer_softirq 4 60d 126d 44d 56144737 net-backports: hrtimer: Annotate lockless access to timer->state
KASAN: slab-out-of-bounds Write in pipe_write C cause 40 75d 81d 44d 8f868d68 pipe: Fix missing mask update after pipe_wait()
WARNING in tty_set_termios C cause+fix 1997 204d 404d 44d b36a1552 Bluetooth: hci_uart: check for missing tty operations
general protection fault in override_creds C cause 6 77d 81d 44d 0b8c0ec7 io_uring: use current task creds instead of allocating a new one
WARNING in drm_mode_createblob_ioctl C cause 7 106d 130d 44d 5bf8bec3 drm: limit to INT_MAX in create_blob ioctl
WARNING: refcount bug in skb_set_owner_w C cause 2 80d 81d 44d 501a90c9 net-backports: inet: protect against too small mtu values.
KASAN: use-after-free Read in xlog_alloc_log (2) 55 75d 83d 44d 798a9cad xfs: fix mount failure crash on invalid iclog memory access
KMSAN: use-after-free in netlink_recvmsg C 1 100d 100d 70d cf94da6f Bluetooth: Fix invalid-free in bcsp_close()
KMSAN: use-after-free in kfree_skb syz 34 87d 135d 70d cf94da6f Bluetooth: Fix invalid-free in bcsp_close()
general protection fault in io_commit_cqring C cause 3 99d 99d 70d 15dff286 io_uring: check for validity of ->rings in teardown
general protection fault in ext4_writepages C cause 18 93d 102d 70d 4d06bfb9 ext4: Add error handling for io_end_vec struct allocation
KMSAN: use-after-free in __skb_try_recv_from_queue C 4 99d 122d 70d cf94da6f Bluetooth: Fix invalid-free in bcsp_close()
general protection fault in ip_sublist_rcv C cause 287 113d 123d 70d 51210ad5 inet: do not call sublist_rcv on empty list
kernel BUG at include/linux/scatterlist.h:LINE! C cause 307 80d 274d 70d d10523d0 net/tls: free the record on encryption error
KASAN: use-after-free Read in snd_timer_open C cause 87 101d 101d 70d 0c4f09ce ALSA: timer: Fix the breakage of slave link open
linux-next boot error: general protection fault in __x64_sys_settimeofday 6 98d 98d 70d 5e0fb1b5 y2038: time: avoid timespec usage in settimeofday()
INFO: task hung in io_wq_destroy C cause 20 84d 115d 70d b60fda60 io-wq: wait for io_wq_create() to setup necessary workers
INFO: trying to register non-static key in io_cqring_ev_posted C cause 6 85d 97d 70d eb065d30 io_uring: io_allocate_scq_urings() should return a sane state
KASAN: global-out-of-bounds Write in kbd_event C 6 84d 106d 70d b2b2dd71 tty: vt: keyboard: reject invalid keycodes
KCSAN: data-race in __ip4_datagram_connect / raw_bind 1 118d 118d 70d 25c7a6d1 net: avoid potential false sharing in neighbor related code
KASAN: slab-out-of-bounds Write in __ext4_expand_extra_isize 16 193d 535d 70d 4ea99936 ext4: add more paranoia checking in ext4_expand_extra_isize handling
KASAN: use-after-free Read in tipc_nl_node_dump_monitor_peer C cause 3 135d 135d 70d ab5b526d net: genetlink: always allocate separate attrs for dumpit ops
KCSAN: data-race in __dev_queue_xmit / __dev_queue_xmit 40 70d 120d 70d 90b2be27 net/sched: annotate lockless accesses to qdisc->empty
general protection fault in tss_update_io_bitmap C cause 65 86d 92d 70d e3cb0c71 x86/ioperm: Fix use of deprecated config option
general protection fault in ip6_sublist_rcv C cause 327 113d 115d 70d 51210ad5 inet: do not call sublist_rcv on empty list
KCSAN: data-race in inet_putpeer / inet_putpeer 20 103d 120d 70d 71685eb4 inetpeer: fix data-race in inet_putpeer / inet_putpeer
KASAN: use-after-free Write in __ext4_expand_extra_isize (2) 14 105d 123d 70d 4ea99936 ext4: add more paranoia checking in ext4_expand_extra_isize handling
general protection fault in flexcop_usb_probe C 403 84d 314d 70d 1b976fc6 media: b2c2-flexcop-usb: add sanity checking
KCSAN: data-race in __remove_hrtimer / __tcp_ack_snd_check 4 85d 106d 70d 56144737 hrtimer: Annotate lockless access to timer->state
KCSAN: data-race in eth_header_cache / neigh_resolve_output 1 107d 107d 70d c305c6ae net-backports: net: add annotations on hh->hh_len lockless accesses
KMSAN: use-after-free in sk_forced_mem_schedule 2 93d 101d 70d cf94da6f Bluetooth: Fix invalid-free in bcsp_close()
WARNING in iov_iter_pipe C cause 1117 88d 105d 70d 419e9c38 iomap: Fix pipe page leakage during splicing
kernel BUG at kernel/time/timer.c:LINE! (4) syz 1 140d 136d 70d f3f5ba42 media: imon: invalid dereference in imon_touch_event
general protection fault in devlink_get_from_attrs C 7 137d 136d 70d 82a843de net: devlink: fix reporter dump dumpit
KASAN: use-after-free Read in appledisplay_bl_get_brightness C 1 153d 150d 70d 91feb015 appledisplay: fix error handling in the scheduled work
general protection fault in vti6_ioctl 1 128d 128d 70d 9077f052 net: propagate errors correctly in register_netdevice()
INFO: trying to register non-static key in ida_destroy C 4272 83d 206d 70d 8c279e93 media: uvcvideo: Fix error path in control parsing failure
KCSAN: data-race in tun_get_user / tun_net_get_stats64 1 115d 115d 70d de7d5084 net-backports: net: provide dev_lstats_read() helper
KCSAN: data-race in sk_wait_data / tcp_queue_rcv 4 109d 106d 70d f8cc62ca net: add a READ_ONCE() in skb_peek_tail()
KCSAN: data-race in __remove_hrtimer / tcp_pacing_check 1 109d 106d 70d 56144737 hrtimer: Annotate lockless access to timer->state
KMSAN: use-after-free in __netif_receive_skb_core 1 100d 100d 70d cf94da6f Bluetooth: Fix invalid-free in bcsp_close()
KCSAN: data-race in tcp_add_backlog / tcp_recvmsg (2) 47 70d 106d 70d 9ed498c6 net-backports: net: silence data-races on sk_backlog.tail
KCSAN: data-race in sk_wait_data / skb_queue_tail 3 117d 118d 70d f8cc62ca net-backports: net: add a READ_ONCE() in skb_peek_tail()
KMSAN: use-after-free in skb_dequeue C 1 130d 130d 70d cf94da6f Bluetooth: Fix invalid-free in bcsp_close()
KASAN: use-after-free Read in tipc_nl_publ_dump C 2 137d 136d 70d ab5b526d net: genetlink: always allocate separate attrs for dumpit ops
KCSAN: data-race in ip_finish_output2 / ip_finish_output2 26 74d 119d 70d 25c7a6d1 net: avoid potential false sharing in neighbor related code
general protection fault in snd_usb_create_mixer C 1 93d 91d 70d 9435f2bb ALSA: usb-audio: Fix NULL dereference at parsing BADD
general protection fault in tipc_nl_publ_dump C 135 134d 136d 70d 6ea67769 net: tipc: prepare attrs in __tipc_nl_compat_dumpit()
KASAN: use-after-free Read in nf_ct_deliver_cached_events C cause 169 115d 121d 70d ad88b7a6 netfilter: ecache: don't look for ecache extension on dying/unconfirmed conntracks
general protection fault in veth_get_stats64 C cause 2 141d 141d 70d 9077f052 net: propagate errors correctly in register_netdevice()
KCSAN: data-race in icmp_global_allow / icmp_global_allow 29 70d 121d 70d bbab7ef2 net-backports: net: icmp: fix data-race in cmp_global_allow()
general protection fault in usb_set_interface C 3 154d 157d 70d c7a19146 media: usbvision: Fix invalid accesses after device disconnect
KCSAN: data-race in __dev_queue_xmit / pfifo_fast_dequeue 6 83d 121d 70d 90b2be27 net/sched: annotate lockless accesses to qdisc->empty
KCSAN: data-race in tcp_chrono_stop / tcp_recvmsg 3 105d 106d 70d a5a7daa5 net-backports: tcp: fix data-race in tcp_recvmsg()
KCSAN: data-race in gro_normal_list.part.0 / napi_busy_loop 1 103d 103d 70d c39e342a net-backports: tun: fix data-race in gro_normal_list()
KASAN: use-after-free Read in slip_open C cause 3 88d 90d 70d e58c1912 slip: Fix use-after-free Read in slip_open
KCSAN: data-race in fanout_demux_rollover / fanout_demux_rollover 1 104d 104d 70d b756ad92 net-backports: packet: fix data-race in fanout_flow_is_huge()
WARNING in __rtnl_newlink C cause 2 140d 140d 70d 9077f052 net: propagate errors correctly in register_netdevice()
BUG: unable to handle kernel paging request in __ext4_expand_extra_isize 6 143d 123d 70d 4ea99936 ext4: add more paranoia checking in ext4_expand_extra_isize handling
KASAN: use-after-free Read in shmem_fault (2) 5 114d 174d 70d 8897c1b1 shmem: pin the file in shmem_fault() if mmap_sem is dropped
BUG: unable to handle kernel paging request in io_wq_cancel_all C cause 2 114d 114d 70d 975c99a5 io_uring: io_wq_create() returns an error pointer, not NULL
KASAN: invalid-free in io_sqe_files_unregister C cause 3 102d 102d 70d 46568e9b io_uring: fix error clear of ->file_table in io_sqe_files_register()
KASAN: invalid-free in skb_free_head C cause 1 111d 111d 70d cf94da6f Bluetooth: Fix invalid-free in bcsp_close()
general protection fault in ovs_vport_add C cause 5 132d 140d 70d 9077f052 net: propagate errors correctly in register_netdevice()
KASAN: use-after-free Read in nl8NUM_dump_wpan_phy C cause 6 134d 136d 70d ab5b526d net: genetlink: always allocate separate attrs for dumpit ops
KASAN: use-after-free Read in tipc_udp_nl_dump_remoteip C cause 3 135d 136d 70d ab5b526d net: genetlink: always allocate separate attrs for dumpit ops
KASAN: use-after-free Read in __cfg8NUM_wpan_dev_from_attrs C cause 3 137d 136d 70d ab5b526d net: genetlink: always allocate separate attrs for dumpit ops
WARNING: ODEBUG bug in free_netdev C cause 2 139d 139d 70d 11fc7d5a tun: fix memory leak in error path
KCSAN: data-race in sctp_assoc_migrate / sctp_hash_obj 12 78d 105d 70d 31243461 sctp: cache netns in sctp_ep_common
general protection fault in ip6_tnl_ioctl C cause 7 129d 140d 70d 9077f052 net: propagate errors correctly in register_netdevice()
KCSAN: data-race in __dev_queue_xmit / net_tx_action 1 105d 104d 70d 90b2be27 net/sched: annotate lockless accesses to qdisc->empty
KMSAN: use-after-free in copyout C 1 135d 135d 70d cf94da6f Bluetooth: Fix invalid-free in bcsp_close()
general protection fault in virtio_transport_release C cause 7 92d 93d 70d 039fccca vsock: avoid to assign transport if its initialization fails
BUG: workqueue lockup (4) C 47 95d 501d 70d 7e7c005b rtc: disable uie before setting time and enable after
WARNING in port100_send_cmd_async/usb_submit_urb C 83 85d 225d 72d 5f9f0b11 nfc: port100: handle command failure cleanly
general protection fault in kvm_coalesced_mmio_init syz cause 48 100d 109d 83d 8a44119a KVM: Fix NULL-ptr deref after kvm_create_vm fails
general protection fault in j1939_netdev_notify syz cause 11 96d 108d 83d c48c8c1e can: j1939: main: j1939_ndev_to_priv(): avoid crash if can_ml_priv is NULL
KASAN: use-after-free Read in j1939_sk_recv C cause 2 102d 102d 83d ddeeb7d4 can: j1939: j1939_can_recv(): add priv refcounting
KASAN: use-after-free Read in j1939_session_deactivate syz cause 1 104d 104d 83d ddeeb7d4 can: j1939: j1939_can_recv(): add priv refcounting
WARNING in smc_unhash_sk (3) C cause 362 87d 177d 83d 8204df72 net/smc: fix fastopen for non-blocking connect()
KASAN: use-after-free Read in do_mount syz cause 6 128d 136d 83d 0ecee669 fs/namespace.c: fix use-after-free of mount in mnt_warn_timestamp_expiry()
general protection fault in j1939_jsk_del syz cause 132 84d 108d 83d fd81ebfe can: j1939: socket: rework socket locking for j1939_sk_release() and j1939_sk_sendmsg()
memory leak in smc_create C 19 96d 109d 83d 6d6dd528 net/smc: fix refcount non-blocking connect() -part 2
KASAN: use-after-free Read in j1939_session_get_by_addr_locked C cause 1 102d 102d 83d ddeeb7d4 can: j1939: j1939_can_recv(): add priv refcounting
INFO: task hung in synchronize_rcu syz cause 1206 83d 110d 83d 8a44119a KVM: Fix NULL-ptr deref after kvm_create_vm fails
KMSAN: uninit-value in ax88172a_bind C 5 115d 129d 83d a9a51bd7 ax88172a: fix information leak on short answers
KMSAN: uninit-value in gf128mul_4k_lle (3) C 2958 89d 454d 83d 683916f6 net/tls: fix sk_msg trim on fallback to copy mode
KMSAN: uninit-value in aesti_encrypt C 54 137d 238d 83d 683916f6 net/tls: fix sk_msg trim on fallback to copy mode
WARNING: suspicious RCU usage in kvm_dev_ioctl C cause 333 100d 110d 83d e2d3fcaf KVM: fix placement of refcount initialization
KMSAN: use-after-free in build_audio_procunit C 2 121d 121d 83d 976a68f0 ALSA: usb-audio: Fix incorrect size check for processing/extension units
WARNING: refcount bug in j1939_netdev_start syz cause 6 85d 107d 83d fd81ebfe can: j1939: socket: rework socket locking for j1939_sk_release() and j1939_sk_sendmsg()
KMSAN: uninit-value in get_min_max_with_quirks C 11 116d 104d 83d 167beb17 ALSA: usb-audio: Fix missing error check at mixer resolution test
WARNING: ODEBUG bug in input_ff_destroy C 6 92d 99d 83d fa3a5a18 Input: ff-memless - kill timer in destroy()
general protection fault in memcg_flush_percpu_vmstats C cause 19 113d 176d 83d 7961eee3 mm: memcontrol: fix NULL-ptr deref in percpu stats flush
KCSAN: data-race in neigh_resolve_output / neigh_resolve_output 4 105d 119d 83d 1b53d644 net-backports: net: fix data-race in neigh_event_send()
KCSAN: data-race in find_match / find_match 2 106d 109d 83d 1bef4c22 net-backports: ipv6: fixes rt6_probe() and fib6_nh->last_probe init
INFO: task hung in mpage_prepare_extent_to_map syz cause 18606 107d 115d 83d 4655e5e5 mm,thp: recheck each page before collapsing file THP
KMSAN: uninit-value in cdc_ncm_set_dgram_size C 4 114d 113d 83d 332f989a CDC-NCM: handle incomplete transfer of MTU
KASAN: use-after-free Read in mcba_usb_disconnect C 2 110d 143d 83d 4d663649 can: mcba_usb: fix use-after-free on disconnect
KMSAN: kernel-usb-infoleak in pcan_usb_wait_rsp C 2 127d 127d 83d f7a1337f can: peak_usb: fix slab info leak
KASAN: invalid-free in rsi_91x_deinit C 109 156d 303d 84d 8b51dc72 rsi: fix a double free bug in rsi_91x_deinit()
WARNING in generic_make_request_checks C cause 7760 84d 561d 84d 8b2ded1c block: don't warn when doing fsync on read-only devices
BUG: spinlock recursion in release_sock C cause 116 210d 211d 85d 5d92e631 net/tls: partially revert fix transition through disconnect with close
KMSAN: use-after-free in adu_disconnect C 16 129d 135d 86d 44efc269 USB: adutux: fix use-after-free on disconnect
KMSAN: use-after-free in mutex_spin_on_owner C 1 135d 134d 86d edc4746f USB: iowarrior: fix use-after-free on disconnect
KMSAN: use-after-free in iowarrior_disconnect C 21 129d 135d 86d edc4746f USB: iowarrior: fix use-after-free on disconnect
KMSAN: use-after-free in usb_autopm_put_interface C 63 115d 129d 86d 7a759197 USB: usblp: fix use-after-free on disconnect
KMSAN: use-after-free in __pm_runtime_resume 1 135d 135d 86d 5f924277 HID: logitech: Fix general protection fault caused by Logitech driver
KMSAN: use-after-free in hidraw_ioctl 1 135d 135d 86d 416dacb8 HID: hidraw: Fix invalid read in hidraw_ioctl
KMSAN: use-after-free in rxrpc_put_peer 1 126d 126d 86d 91fcfbe8 rxrpc: Fix call crypto state cleanup
KMSAN: uninit-value in lg4ff_set_autocenter_default C 1 116d 115d 86d d9d4b1e4 HID: Fix assumption that devices have inputs
WARNING in sk_stream_kill_queues (3) C cause 622 257d 616d 86d 9354544c net/tls: fix page double free on TX cleanup
KCSAN: data-race in udp_set_dev_scratch / udpv6_recvmsg 5 109d 120d 90d a793183c udp: fix data-race in udp_set_dev_scratch()
KCSAN: data-race in __skb_wait_for_more_packets / skb_queue_tail 1 113d 113d 90d 7c422d0c net: add READ_ONCE() annotation in __skb_wait_for_more_packets()
KASAN: use-after-free Read in batadv_iv_ogm_queue_add 3 112d 143d 90d 40e220b4 batman-adv: Avoid free/alloc race when handling OGM buffer
WARNING: refcount bug in smc_release C cause 8 96d 120d 90d 301428ea net/smc: fix refcounting for non-blocking connect()
INFO: trying to register non-static key in bond_3ad_update_lacp_rate C cause 26 113d 115d 90d ad9bd8da bonding: fix using uninitialized mode_lock
KCSAN: data-race in datagram_poll / skb_queue_tail 5 109d 118d 90d 3ef7cf57 net-backports: net: use skb_queue_empty_lockless() in poll() handlers
general protection fault in process_one_work 2 115d 115d 90d 6d6f0383 netdevsim: Fix use-after-free during device dismantle
KASAN: use-after-free Read in fuse_request_end syz cause 6 120d 125d 90d 2b319d1f fuse: don't dereference req->args on finished request
KCSAN: data-race in udp6_lib_lookup2 / udpv6_queue_rcv_one_skb 1 119d 119d 90d 7170a977 net: annotate accesses to sk->sk_incoming_cpu
KCSAN: data-race in tcp_v4_rcv / tcp_v4_rcv 4 109d 113d 90d 7170a977 net-backports: net: annotate accesses to sk->sk_incoming_cpu
memory leak in internal_dev_create C 88 112d 199d 90d 9464cc37 net: openvswitch: free vport unless register_netdevice() succeeds
divide error in dummy_timer C 3 114d 119d 90d 54f83b8c USB: gadget: Reject endpoints with 0 maxpacket value
KCSAN: data-race in __skb_recv_udp / __udp_enqueue_schedule_skb 7 108d 121d 90d 137a0dbe net-backports: udp: use skb_queue_empty_lockless()
KCSAN: data-race in first_packet_length / udp_poll 2 112d 118d 90d 137a0dbe net-backports: udp: use skb_queue_empty_lockless()
memory leak in copy_net_ns C cause 422 111d 149d 90d 82ecff65 keys: Fix memory leak in copy_net_ns
KCSAN: data-race in update_defense_level / update_defense_level (2) 20 108d 121d 90d c24b75e0 ipvs: move old_secure_tcp into struct netns_ipvs
INFO: trying to register non-static key in bond_3ad_update_ad_actor_settings C cause 69 113d 115d 90d ad9bd8da bonding: fix using uninitialized mode_lock
KASAN: use-after-free Read in bpf_prog_kallsyms_find (2) C cause 9 119d 130d 90d cd7455f1 bpf: Fix use after free in subprog's jited symbol removal
KASAN: use-after-free Read in is_bpf_text_address C cause 3 120d 121d 90d cd7455f1 bpf: Fix use after free in subprog's jited symbol removal
KCSAN: data-race in __skb_wait_for_more_packets / __sock_queue_rcv_skb 10 109d 119d 90d 7c422d0c net: add READ_ONCE() annotation in __skb_wait_for_more_packets()
KASAN: use-after-free Read in io_uring_setup syz cause 1 116d 116d 90d 044c1ab3 io_uring: don't touch ctx in setup after ring fd install
KCSAN: data-race in udpv6_queue_rcv_one_skb / udpv6_queue_rcv_one_skb 1 116d 115d 90d ee8d153d net-backports: net: annotate lockless accesses to sk->sk_napi_id
BUG: unable to handle kernel paging request in is_bpf_text_address C cause 2 126d 126d 90d cd7455f1 bpf: Fix use after free in subprog's jited symbol removal
INFO: task hung in ld_usb_write C 831 108d 121d 90d 52403cfb USB: ldusb: fix control-message timeout
KCSAN: data-race in __skb_recv_udp / datagram_poll 1 109d 109d 90d 3f926af3 net: use skb_queue_empty_lockless() in busy poll contexts
KCSAN: data-race in __skb_wait_for_more_packets / __udp_enqueue_schedule_skb 2 113d 120d 90d 7c422d0c net-backports: net: add READ_ONCE() annotation in __skb_wait_for_more_packets()
general protection fault in kernfs_add_one C cause 98 199d 522d 90d ac43432c driver core: Fix use-after-free and double free on glue directory
KASAN: use-after-free Read in ep_scan_ready_list C fix 39 554d 589d 92d 430ac66e net/9p/trans_fd.c: fix race-condition by flushing workqueue before the kfree()
KASAN: use-after-free Read in iowarrior_disconnect C 3056 129d 185d 92d edc4746f USB: iowarrior: fix use-after-free on disconnect
WARNING in kernfs_get C cause 316 200d 529d 92d ac43432c driver core: Fix use-after-free and double free on glue directory
KASAN: use-after-free Read in __schedule (2) C fix 961 349d 567d 92d 26b471c7 KVM: nVMX: Fix bad cleanup on error of get/set nested state IOCTLs
divide error in usbtmc_generic_read C 2 191d 190d 92d de7b9aa6 usbtmc: more sanity checking for packet size
KASAN: use-after-free Read in p9_fd_poll C fix 8 557d 589d 92d 430ac66e net/9p/trans_fd.c: fix race-condition by flushing workqueue before the kfree()
KASAN: use-after-free Read in vhci_hub_control C fix 41 490d 535d 92d 81f7567c usb: usbip: Fix BUG: KASAN: slab-out-of-bounds in vhci_hub_control()
INFO: task hung in vivid_stop_generating_vid_cap C cause+fix 81 476d 479d 101d d65842f7 media: vb2: add waiting_in_dqbuf flag
WARNING in event_function_local C fix 15451 498d 754d 101d 214ff83d KVM: x86: hyperv: implement PV IPI send hypercalls
BUG: MAX_LOCK_DEPTH too low! (2) C fix 5 588d 618d 101d bab2c80e nsh: set mac len based on inner packet
inconsistent lock state in ila_xlat_nl_cmd_del_mapping C fix 2496 550d 556d 101d 7494de04 mfd: da9063: Replace regmap_add_irq_chip with devm counterpart
INFO: task hung in fuse_reverse_inval_entry C fix 23 565d 578d 101d c59fd85e fuse: change interrupt requests allocation algorithm
BUG: corrupted list in p9_conn_cancel C fix 18 491d 591d 101d 9f476d7c net/9p/trans_fd.c: fix race by holding the lock
general protection fault in p9_conn_cancel C fix 2 571d 589d 101d 9f476d7c net/9p/trans_fd.c: fix race by holding the lock
WARNING: ODEBUG bug in p9_fd_close C fix 82 552d 592d 101d 430ac66e net/9p/trans_fd.c: fix race-condition by flushing workqueue before the kfree()
general protection fault in vb2_mmap C cause+fix 21 422d 467d 101d cd26d1c4 media: vb2: vb2_mmap: move lock up
KASAN: stack-out-of-bounds Read in xfrm_state_find (5) C fix 654 387d 690d 101d 32bf94fb xfrm: validate template mode
KASAN: slab-out-of-bounds Write in end_requests C fix 2 566d 570d 101d 45ff350b fuse: fix unlocked access to processing queue
KASAN: use-after-free Read in uprobe_perf_close C fix 54 370d 689d 101d 621b6d2e perf/core: Fix use-after-free in uprobe_perf_close()
KASAN: use-after-free Read in _decode_session4 C fix 3 692d 692d 101d c6741fbe vti6: Properly adjust vti6 MTU from MTU of lower device
general protection fault in tcp_cleanup_ulp syz cause+fix 6 517d 533d 101d 5607fff3 bpf: sockmap only allow ESTABLISHED sock state
WARNING in request_end C cause+fix 14 478d 514d 101d 4c316f2f fuse: set FR_SENT while locked
WARNING in dma_buf_vunmap C cause+fix 17 427d 465d 101d 62dcb4f4 media: vb2: check memory model for VIDIOC_CREATE_BUFS
BUG: corrupted list in p9_write_work C fix 5 514d 560d 101d 728356de 9p: Add refcount to p9_req_t
KASAN: use-after-free Read in tick_sched_handle (3) C fix 12 403d 458d 103d bc6e019b fou: Prevent unbounded recursion in GUE error handler also with UDP-Lite
general protection fault in qca_setup C cause+fix 6 374d 374d 103d b36a1552 Bluetooth: hci_uart: check for missing tty operations
general protection fault in tcp_splice_read C cause+fix 23 318d 427d 103d 07603b23 net/smc: propagate file from SMC to TCP socket
KASAN: use-after-free Read in crypto_gcm_init_common C cause+fix 14 406d 471d 105d 9354544c net/tls: fix page double free on TX cleanup
KASAN: slab-out-of-bounds Read in find_first_zero_bit C fix 1 691d 691d 105d d1877155 bfs: extra sanity checking and static inode bitmap
kernel BUG at net/ipv4/ip_output.c:LINE! C fix 28225 397d 588d 105d e7c87bd6 bpf: in __bpf_redirect_no_mac pull mac only if present
general protection fault in put_pid syz cause+fix 3 426d 436d 105d a8e911d1 x86_64: increase stack size for KASAN_EXTRA
suspicious RCU usage at ./include/net/inet_sock.h:LINE C fix 171 747d 838d 105d 3f32d0be tipc: lock wakeup & inputq at tipc_link_reset()
KASAN: use-after-free Read in _decode_session6 C fix 4 464d 532d 105d e7c87bd6 bpf: in __bpf_redirect_no_mac pull mac only if present
general protection fault in propagate_entity_cfs_rq C fix 1 588d 588d 105d bab2c80e nsh: set mac len based on inner packet
KASAN: use-after-free Write in __vb2_cleanup_fileio C cause+fix 2 477d 479d 105d d65842f7 media: vb2: add waiting_in_dqbuf flag
KCSAN: data-race in sk_stream_wait_memory / tcp_shifted_skb 1 118d 106d 106d ab4e846a tcp: annotate sk->sk_wmem_queued lockless reads
KCSAN: data-race in sk_stream_wait_memory / tcp_fragment 1 109d 106d 106d ab4e846a tcp: annotate sk->sk_wmem_queued lockless reads
KCSAN: data-race in tcp_sendmsg_locked / tcp_stream_memory_free 2 117d 106d 106d 0f317464 tcp: annotate tp->write_seq lockless reads
KCSAN: data-race in tcp_event_new_data_sent / tcp_stream_memory_free 3 110d 106d 106d e0d694d6 tcp: annotate tp->snd_nxt lockless reads
KCSAN: data-race in tcp_ack / tcp_poll (2) 5 113d 106d 106d ab4e846a tcp: annotate sk->sk_wmem_queued lockless reads
KCSAN: data-race in sk_stream_wait_memory / tcp_ack 2 110d 106d 106d ab4e846a tcp: annotate sk->sk_wmem_queued lockless reads
KASAN: slab-out-of-bounds Read in ld_usb_read (3) C 74 116d 127d 106d 7a6f22d7 USB: ldusb: fix read info leaks
KASAN: slab-out-of-bounds Read in build_audio_procunit C 6 112d 121d 106d ba8bf096 ALSA: usb-audio: Fix copy&paste error in the validator
KASAN: slab-out-of-bounds Write in ga_probe C 5 135d 157d 106d d9d4b1e4 HID: Fix assumption that devices have inputs
INFO: task hung in nbd_ioctl C cause 71 108d 143d 106d cf1b2326 nbd: verify socket is supported during setup
KASAN: use-after-free Read in usb_autopm_put_interface C 2373 115d 128d 106d 7a759197 USB: usblp: fix use-after-free on disconnect
memory leak in gfs2_init_fs_context C 13 119d 141d 106d 30aecae8 gfs2: Fix memory leak when gfs2meta's fs_context is freed
KMSAN: uninit-value in sr9800_bind C 27 118d 141d 108d 77b6d09f net: usb: sr9800: fix uninitialized local variable
WARNING in filldir64 76 126d 136d 108d b9959c7a filldir[64]: remove WARN_ON_ONCE() for bad directory entries
memory leak in llc_ui_create (2) C cause 19 124d 244d 108d c6ee11c3 llc: fix sk_buff leak in llc_sap_state_process()
KCSAN: data-race in tcp_add_backlog / tcp_rcv_space_adjust (2) 18 121d 127d 108d ebb3b78d tcp: annotate sk->sk_rcvbuf lockless reads
KCSAN: data-race in __nf_ct_refresh_acct / __nf_ct_refresh_acct 2460 108d 139d 108d e37542ba net-backports: netfilter: conntrack: avoid possible false sharing
BUG: unable to handle kernel NULL pointer dereference in xsk_poll C cause 10 126d 144d 108d df551058 xsk: Fix crash in poll when device does not support ndo_xsk_wakeup
KASAN: use-after-free Read in rxrpc_release_call syz cause 13 126d 181d 108d 91fcfbe8 rxrpc: Fix call crypto state cleanup
KASAN: use-after-free Read in rxrpc_send_keepalive C cause 694 123d 195d 108d c48fc11b rxrpc: Fix call ref leak
KCSAN: data-race in __tcp_select_window / tcp_add_backlog 23502 108d 139d 108d 70c26558 net: silence KCSAN warnings about sk->sk_backlog.len reads
memory leak in sctp_get_port_local (3) C 4 124d 130d 108d 63dfb793 sctp: change sctp_prot .no_autobind with true
memory leak in llc_ui_sendmsg C 125 124d 275d 108d c6ee11c3 llc: fix sk_buff leak in llc_sap_state_process()
KCSAN: data-race in tcp_add_backlog / tcp_recvmsg 17719 109d 139d 108d 8265792b net-backports: net: silence KCSAN warnings around sk_add_backlog() calls
INFO: task hung in addrconf_verify_work (2) C 22 130d 130d 108d 39f13ea2 net: avoid potential infinite loop in tc_ctl_action()
KASAN: use-after-free Read in pn533_send_complete C 4 116d 136d 108d 6af3aa57 NFC: pn533: fix use-after-free and memleaks
KCSAN: data-race in tcp_poll / tcp_recvmsg (2) 22 121d 127d 108d 7db48e98 tcp: annotate tp->copied_seq lockless reads
KASAN: use-after-free Read in rxrpc_put_peer C cause 38 124d 176d 108d 55f6c98e rxrpc: Fix trace-after-put looking at the put peer record 9ebeddef rxrpc: rxrpc_peer needs to hold a ref on the rxrpc_local record
KCSAN: data-race in tcp_poll / tcp_queue_rcv 1897 108d 139d 108d dba7d9b8 net-backports: tcp: annotate tp->rcv_nxt lockless reads
memory leak in llc_conn_ac_send_sabme_cmd_p_set_x C 225 124d 275d 108d b74555de llc: fix sk_buff leak in llc_conn_service()
general protection fault in rxrpc_error_report C cause 6 124d 136d 108d f0308fb0 rxrpc: Fix possible NULL pointer access in ICMP handling
KCSAN: data-race in tcp_add_backlog / tcp_grow_window.isra.0 21713 108d 139d 108d 70c26558 net-backports: net: silence KCSAN warnings about sk->sk_backlog.len reads
WARNING: suspicious RCU usage in xfrm_alloc_userspi C cause+fix 86 337d 338d 109d f10e0010 net: xfrm: Add '_rcu' tag for rcu protected pointer in netns_xfrm
general protection fault in get_work_pool C fix 24 317d 720d 109d 07bf7908 xfrm: Validate address prefix lengths in the xfrm selector.
general protection fault in xfrm_init_replay syz cause+fix 2 707d 706d 109d d97ca5d7 xfrm_user: uncoditionally validate esn replay attribute struct
WARNING: suspicious RCU usage in xfrm_get_spdinfo C cause+fix 46 337d 338d 109d f10e0010 net: xfrm: Add '_rcu' tag for rcu protected pointer in netns_xfrm
WARNING: suspicious RCU usage in xfrm_get_sadinfo C cause+fix 28 337d 338d 109d f10e0010 net: xfrm: Add '_rcu' tag for rcu protected pointer in netns_xfrm
WARNING: suspicious RCU usage in xfrm_get_policy syz cause+fix 8 338d 338d 109d f10e0010 net: xfrm: Add '_rcu' tag for rcu protected pointer in netns_xfrm
memory leak in sctp_stream_init_ext C 34 130d 265d 115d 3c52b0af lib/generic-radix-tree.c: add kmemleak annotations
possible deadlock in usb_deregister_dev (2) C 956 129d 157d 116d 33a78132 USB: legousbtower: fix deadlock on disconnect
KMSAN: uninit-value in mts_usb_probe C 29 135d 141d 116d 177238c3 USB: microtek: fix info-leak at probe
WARNING in mark_lock (2) 14 122d 150d 116d 8e00c4e9 writeback: fix use-after-free in finish_writeback_work()
BUG: bad usercopy in read_rio 2 131d 134d 116d 015664d1 USB: rio500: Remove Rio 500 kernel driver
KMSAN: uninit-value in iowarrior_disconnect C 18 134d 140d 116d edc4746f USB: iowarrior: fix use-after-free on disconnect
general protection fault in open_rio 2 148d 149d 116d 015664d1 USB: rio500: Remove Rio 500 kernel driver
KASAN: use-after-free Read in adu_disconnect C 5304 129d 199d 116d 44efc269 USB: adutux: fix use-after-free on disconnect
INFO: rcu detected stall in dummy_timer C 16 130d 195d 116d 32a0721c USB: yurex: Don't retry on unexpected errors
KASAN: invalid-free in disconnect_rio (2) C 51 133d 154d 116d 015664d1 USB: rio500: Remove Rio 500 kernel driver
general protection fault in finish_writeback_work 10 125d 150d 116d 8e00c4e9 writeback: fix use-after-free in finish_writeback_work()
INFO: trying to register non-static key in finish_writeback_work syz cause 1 151d 149d 116d 8e00c4e9 writeback: fix use-after-free in finish_writeback_work()
INFO: rcu detected stall in rt6_probe_deferred 336 158d 163d 122d d4d6ec6d sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero
INFO: rcu detected stall in addrconf_rs_timer (2) 362 141d 163d 122d d4d6ec6d sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero
general protection fault in bpf_tcp_close (2) C fix 26 545d 589d 122d e06fa9c1 bpf, sockmap: fix potential use after free in bpf_tcp_close
BUG: unable to handle kernel NULL pointer dereference in rds_bind C cause 51 146d 157d 128d 05733434 net/rds: Check laddr_check before calling it
divide error in tabledist 3 145d 154d 128d b41d936b sch_netem: fix a divide by zero in tabledist()
WARNING: lock held when returning to user space in rcu_lock_acquire C cause 3 141d 141d 128d 73956fc0 membarrier: Fix RCU locking bug caused by faulty merge
memory leak in v9fs_cache_session_get_cookie C 242 128d 275d 128d 962a991c 9p/cache.c: Fix memory leak in v9fs_cache_session_get_cookie
WARNING in em28xx_usb_disconnect C 8 163d 195d 128d 46e4a266 media: em28xx: modules workqueue not inited for 2nd device
KASAN: use-after-free Read in si470x_int_in_callback C 25 137d 226d 128d 0d616f2a media: radio/si470x: kill urb on error
kernel BUG at include/linux/skbuff.h:LINE! (2) C cause 58 178d 188d 128d c7a42eb4 net: ipv6: fix listify ip6_rcv_finish in case of forwarding
general protection fault in make_kuid C cause 4 188d 213d 128d 1dd9bc08 vfs: set fs_context::user_ns for reconfigure
general protection fault in ath6kl_usb_alloc_urb_from_pipe C 1160 154d 314d 128d 39d170b3 ath6kl: fix a NULL-ptr-deref bug in ath6kl_usb_alloc_urb_from_pipe()
KMSAN: uninit-value in read_sensor_register C 25 128d 258d 128d 4843a543 media: gspca: zero usb_buf on error
WARNING in rcu_note_context_switch C cause 1 143d 143d 128d 73956fc0 membarrier: Fix RCU locking bug caused by faulty merge
KMSAN: kernel-usb-infoleak in ttusb_dec_send_command C 2 196d 205d 128d a10feaf8 media: ttusb-dec: Fix info-leak in ttusb_dec_send_command()
KASAN: use-after-free Read in atusb_disconnect C 112 129d 170d 128d 7fd25e6f ieee802154: atusb: fix use-after-free at disconnect
possible deadlock in io_submit_one (2) 353 148d 186d 128d 76e43c8c fuse: fix deadlock with aio poll and fuse_iqueue::waitq.lock
BUG: using smp_processor_id() in preemptible [ADDR] code: mime_typevmnet0/NUM 1 172d 170d 128d 00d9e47f posix-cpu-timers: Always clear head pointer on dequeue
KMSAN: uninit-value in inet_ehash_insert C 7 137d 143d 128d 6af1799a net-backports: ipv6: drop incoming packets having a v4mapped source address
KASAN: slab-out-of-bounds Read in hdpvr_probe C 10 165d 240d 128d 8b8900b7 media: hdpvr: add terminating 0 at end of string
BUG: assuming atomic context at net/kcm/kcmsock.c:LINE C cause 178 144d 150d 128d 0355d6c1 net-backports: kcm: disable preemption in kcm_parse_func_strparser()
WARNING: suspicious RCU usage in netem_enqueue C cause 16 146d 160d 128d 159d2c7d net-backports: sch_netem: fix rcu splat in netem_enqueue()
general protection fault in xsk_poll C cause 430 158d 185d 128d 42fddcc7 xsk: use state member for socket synchronization
INFO: task syz-executor can't die for more than 143 seconds. C cause 61 145d 253d 128d 8619e5bd /dev/mem: Bail out upon SIGKILL. 7c3a6aed kexec: bail out upon SIGKILL when allocating memory. 8f9e86ee staging: android: ion: Bail out upon SIGKILL when allocating memory.
BUG: sleeping function called from invalid context in tcf_chain0_head_change_cb_del C cause 187 144d 157d 128d e3ae1f96 net: sched: sch_sfb: don't call qdisc_put() while holding tree lock
KASAN: global-out-of-bounds Read in load_next_firmware_from_table C 5 176d 226d 128d 764f3f1e libertas: Add missing sentinel at end of if_usb.c fw_table
WARNING in handle_desc C cause 6 154d 162d 128d 3ca94192 KVM: X86: Fix userspace set invalid CR4
KASAN: use-after-free Read in ext4_data_block_valid 108 212d 659d 128d 7727ae52 ext4: fix potential use after free after remounting with noblock_validity
general protection fault in kstrtouint (2) C cause 40 174d 217d 128d 74983ac2 vfs: Make fs_parse() handle fs_param_is_fd-type params better
BUG: corrupted list in __netif_receive_skb_list_core 3 135d 189d 128d c7a42eb4 net: ipv6: fix listify ip6_rcv_finish in case of forwarding
divide error in usbnet_update_max_qlen C 17 145d 157d 128d 280ceaed usbnet: sanity checking of packet sizes and device mtu
KASAN: slab-out-of-bounds Read in technisat_usb2_rc_query C 2236 174d 312d 128d 0c4df39e media: technisat-usb2: break out of loop at end of buffer
KASAN: slab-out-of-bounds Read in do_tcp_getsockopt 3 151d 171d 128d 3afb0961 tcp: fix slab-out-of-bounds in tcp_zerocopy_receive()
general protection fault in __apic_accept_irq C cause 69 156d 169d 128d a073d7e3 KVM: hyperv: Fix Direct Synthetic timers assert an interrupt w/o lapic_in_kernel
INFO: rcu detected stall in pie_timer C 19 129d 164d 128d 4ce70b4a net-backports: net: sched: sch_htb: don't call qdisc_put() while holding tree lock
KASAN: global-out-of-bounds Read in dvb_pll_attach C 2 166d 225d 128d c268e7ad media: dvb-frontends: use ida for pll number
general protection fault in pk_probe C 2 174d 170d 128d 98375b86 HID: prodikeys: Fix general protection fault during probe
possible deadlock in free_ioctx_users C 509 148d 529d 128d 76e43c8c fuse: fix deadlock with aio poll and fuse_iqueue::waitq.lock
KASAN: use-after-free Read in cbq_enqueue C cause 4 136d 138d 128d e9789c7c sch_cbq: validate TCA_CBQ_WRROPT to avoid crash
general protection fault in dsmark_init C cause 3 137d 139d 128d 474f0813 sch_dsmark: fix potential NULL deref in dsmark_init()
KASAN: global-out-of-bounds Read in hdpvr_probe C 15 181d 294d 128d d4a6a953 media: hdpvr: Add device num check and handling
KASAN: slab-out-of-bounds Read in sctp_inq_pop 1 180d 178d 128d c7a42eb4 net: ipv6: fix listify ip6_rcv_finish in case of forwarding
WARNING: lock held when returning to user space in membarrier_private_expedited C cause 7 141d 143d 128d 73956fc0 membarrier: Fix RCU locking bug caused by faulty merge
WARNING in blk_mq_sched_free_requests (2) 7 145d 150d 128d 284b94be blk-mq: move lockdep_assert_held() into elevator_exit
WARNING: ODEBUG bug in usbhid_disconnect (2) C 48 148d 170d 128d 2bcdacb7 HID: sony: Fix memory corruption issue on cleanup.
KASAN: slab-out-of-bounds Read in usb_reset_and_verify_device syz 1 179d 170d 128d 3dd550a2 USB: usbcore: Fix slab-out-of-bounds bug during device reset
general protection fault in sctp_inq_pop 4 179d 182d 128d c7a42eb4 net: ipv6: fix listify ip6_rcv_finish in case of forwarding
KMSAN: uninit-value in i2c_w C 2 262d 261d 128d 4843a543 media: gspca: zero usb_buf on error
BUG: MAX_STACK_TRACE_ENTRIES too low! (2) C cause 5045 160d 328d 128d 12593b74 locking/lockdep: Reduce space occupied by stack traces
possible deadlock in open_rio (3) C 169 154d 156d 128d 9472aff1 USB: rio500: Fix lockdep violation
WARNING in kfree C cause 2 175d 174d 128d 43ce4c1f vfs: Add a single-or-reconfig keying to vfs_get_super()
KMSAN: uninit-value in __request_module C 13 138d 157d 128d 62794fc4 net_sched: add max len check for TCA_KIND
WARNING in zd_mac_clear C 13194 154d 314d 128d 7a2eb736 zd1211rw: remove false assertion from zd_mac_clear()
general protection fault in xsk_map_update_elem C cause 12 148d 150d 128d fcd30ae0 bpf/xskmap: Return ERR_PTR for failure case instead of NULL.
possible deadlock in pie_timer C cause 2 145d 146d 128d e3ae1f96 net: sched: sch_sfb: don't call qdisc_put() while holding tree lock
KMSAN: uninit-value in sd_init C 122 128d 261d 128d 4843a543 media: gspca: zero usb_buf on error
WARNING in iguanair_probe/usb_submit_urb C 3 159d 209d 128d ab1cbdf1 media: iguanair: add sanity checks
memory leak in llcp_sock_bind C cause 2 150d 214d 128d a0c2dc1f nfc: fix memory leak in llcp_sock_bind()
general protection fault in __pm_runtime_resume C 197 148d 211d 128d 5f924277 HID: logitech: Fix general protection fault caused by Logitech driver
BUG: unable to handle kernel paging request in coalesced_mmio_write C cause 10 235d 240d 128d b60fe990 KVM: coalesced_mmio: add bounds checking
divide error in cdc_ncm_update_rxtx_max C 5 144d 157d 128d 3fe4b335 cdc_ncm: fix divide-by-zero caused by invalid wMaxPacketSize
general protection fault in tcf_action_destroy 128 145d 163d 128d 3d66b89c net: sched: fix possible crash in tcf_action_destroy()
general protection fault in trace_probe_unlink C cause 7 153d 157d 128d d59fae6f tracing/kprobe: Fix NULL pointer access in trace_porbe_unlink()
memory leak in ppp_write C 5 155d 199d 128d 4c247de5 ppp: Fix memory leak in ppp_write
general protection fault in qdisc_put C cause 60 156d 166d 128d 6efb971b net_sched: let qdisc_put() accept NULL pointer
general protection fault in dev_map_hash_update_elem C cause 4 161d 168d 128d af58e7ee xdp: Fix race in dev_map_hash_update_elem() when replacing element
KASAN: slab-out-of-bounds Read in hidraw_ioctl C 104 155d 205d 128d 416dacb8 HID: hidraw: Fix invalid read in hidraw_ioctl
INFO: rcu detected stall in sys_exit_group C cause 1 159d 155d 134d d4d6ec6d sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero
INFO: rcu detected stall in sys_sendmmsg 2 164d 164d 134d d4d6ec6d sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero
INFO: rcu detected stall in pppoe_sendmsg 7 159d 166d 134d d4d6ec6d sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero
WARNING in xfrm_policy_inexact_list_reinsert 2 169d 196d 134d 769a807d xfrm: policy: avoid warning splat when merging nodes
general protection fault in rds_recv_rcvbuf_delta C cause 35 238d 466d 134d c5c1a030 net/rds: An rds_sock is added too early to the hash table
INFO: rcu detected stall in sys_sendmsg C cause 2 160d 160d 134d d4d6ec6d sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero
INFO: rcu detected stall in br_hello_timer_expired 4 158d 163d 134d d4d6ec6d sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero
INFO: rcu detected stall in addrconf_dad_work C cause 126 158d 163d 134d d4d6ec6d sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero
INFO: rcu detected stall in inet_release 1 167d 166d 134d d4d6ec6d sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero
INFO: rcu detected stall in packet_sendmsg 10 159d 165d 134d d4d6ec6d sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero
general protection fault in addrconf_f6i_alloc C 305 158d 168d 134d 8652f17c ipv6: addrconf_f6i_alloc - fix non-null pointer check to !IS_ERR()
INFO: rcu detected stall in sys_clone 1 162d 162d 134d d4d6ec6d sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero
WARNING in __mark_chain_precision (2) C cause 18 157d 175d 134d 2339cd6c bpf: fix precision tracking of stack slots
INFO: rcu detected stall in dccp_write_timer 5 164d 166d 134d d4d6ec6d sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero
INFO: rcu detected stall in br_handle_frame C cause 341 158d 163d 134d d4d6ec6d sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero
general protection fault in tls_sk_proto_close (2) syz cause 246 158d 177d 134d 44580a01 net: sock_map, fix missing ulp check in sock hash case
INFO: rcu detected stall in mld_ifc_timer_expire C cause 152 158d 166d 134d d4d6ec6d sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero
INFO: rcu detected stall in neigh_timer_handler (2) 2 163d 165d 134d d4d6ec6d sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero
BUG: soft lockup in addrconf_dad_work C cause 1 162d 162d 134d d4d6ec6d sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero
INFO: rcu detected stall in igmp_ifc_timer_expire C 57 158d 417d 134d d4d6ec6d sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero
INFO: rcu detected stall in mld_dad_timer_expire 3 163d 164d 134d d4d6ec6d sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero
memory leak in sctp_get_port_local (2) C 34 138d 196d 134d 29b99f54 sctp: destroy bucket if failed to bind addr
BUG: unable to handle kernel NULL pointer dereference in tc_bind_tclass C cause 61 158d 166d 134d 8b142a00 net_sched: check cops->tcf_block in tc_bind_tclass()
INFO: rcu detected stall in netlink_sendmsg (2) C cause 11 159d 165d 134d d4d6ec6d sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero
KMSAN: uninit-value in capi_write C 445 134d 374d 134d fe163e53 isdn/capi: check message length in capi_write()
general protection fault in icmpv6_xrlim_allow 4 262d 268d 135d c3bcde02 tipc: pass tunnel dev as NULL to udp_tunnel(6)_xmit_skb
general protection fault in ip6_rcv_finish 3 252d 258d 135d c3bcde02 tipc: pass tunnel dev as NULL to udp_tunnel(6)_xmit_skb
memory leak in sctp_send_reset_streams C 7 188d 265d 139d 6d5afe20 sctp: fix memleak in sctp_send_reset_streams
general protection fault in requeue_rx_msgs syz cause+fix 1 631d 631d 139d eb7f54b9 kcm: Fix use-after-free caused by clonned sockets
WARNING: suspicious RCU usage (4) C fix 1 537d 535d 139d 865e63b0 tracing: Add back in rcu_irq_enter/exit_irqson() for rcuidle tracepoints
WARNING: suspicious RCU usage in trace_call_bpf C fix 327 518d 535d 139d 865e63b0 tracing: Add back in rcu_irq_enter/exit_irqson() for rcuidle tracepoints
KASAN: use-after-free Read in psock_map_pop C fix 204 485d 529d 139d 5607fff3 bpf: sockmap only allow ESTABLISHED sock state
WARNING in lockdep_unregister_key (2) 3 309d 312d 139d 8b39adbe locking/lockdep: Make lockdep_unregister_key() honor 'debug_locks' again
WARNING: refcount bug in nr_insert_socket C cause 55 202d 226d 139d 4638faac netrom: hold sock when setting skb->destructor
KASAN: slab-out-of-bounds Read in sock_hash_ctx_update_elem C fix 5 570d 570d 139d b845c898 bpf, sockmap: fix sock_hash_alloc and reject zero-sized keys
general protection fault in smap_list_hash_remove C fix 52 578d 596d 139d 99ba2b5a bpf: sockhash, disallow bpf_tcp_close and update in parallel
KASAN: user-memory-access Read in ip6_hold_safe (3) 456 246d 265d 139d c3bcde02 tipc: pass tunnel dev as NULL to udp_tunnel(6)_xmit_skb
WARNING in cbs_dequeue_soft C cause 13 158d 166d 158d 1c6c09a0 net/sched: cbs: Set default link speed to 10 Mbps in cbs_set_port_rate
KMSAN: uninit-value in batadv_iv_send_outstanding_bat_ogm_packet C 9 183d 183d 158d a15d56a6 batman-adv: Only read OGM tvlv_len after buffer len check
possible deadlock in open_rio 1107 167d 203d 167d 2ca359f4 Revert "USB: rio500: simplify locking"
possible deadlock in usb_deregister_dev C 82 192d 199d 167d c468a8aa usb: iowarrior: fix deadlock on disconnect
general protection fault in packet_lookup_frame C cause 7 191d 191d 167d 32d3182c net/packet: fix race in tpacket_snd()
WARNING in bpf_jit_free C cause 21697 167d 584d 167d c751798a bpf: fix use after free in prog symbol exposure
BUG: Dentry still in use [unmount of nfsd nfsd] 1 197d 193d 167d d6846bfb nfsd: fix dentry leak upon mkdir failure.
kernel BUG at mm/huge_memory.c:LINE! 27 243d 413d 167d a53190a4 mm: mempolicy: handle vma with unmovable pages mapped correctly in mbind
memory leak in ip6_mc_add_src C 1 178d 178d 167d a84d0164 mld: fix memory leak in mld_del_delrec()
WARNING in bpf_prog_kallsyms_add syz cause+fix 2 210d 412d 167d c751798a bpf: fix use after free in prog symbol exposure
WARNING in __iforce_usb_xmit/usb_submit_urb C 3 195d 199d 167d 849f5ae3 Input: iforce - add sanity checks
WARNING in kbtab_open/usb_submit_urb C 5 194d 212d 167d c88090df Input: kbtab - sanity check for endpoint type
BUG: unable to handle kernel paging request in bpf_prog_kallsyms_find syz cause+fix 3 384d 459d 167d c751798a bpf: fix use after free in prog symbol exposure
KASAN: use-after-free Read in rxrpc_queue_local C cause 1 192d 192d 167d 06d9532f rxrpc: Fix read-after-free in rxrpc_queue_local()
BUG: unable to handle kernel paging request in bpf_prog_kallsyms_add syz cause 234 168d 529d 167d c751798a bpf: fix use after free in prog symbol exposure
general protection fault in tls_write_space syz 33 185d 195d 167d 57c722e9 net/tls: swap sk_write_space on close
WARNING in usbtouch_open C 768 192d 206d 167d b55d996f Input: usbtouchscreen - initialize PM mutex before using it
KASAN: use-after-free Read in usb_free_coherent 310 192d 203d 167d fc05481b usb: yurex: Fix use-after-free in yurex_delete
KMSAN: uninit-value in rtm_new_nexthop C 8 183d 183d 167d d00ee64e netlink: Fix nlmsg_parse as a wrapper for strict message parsing
KASAN: slab-out-of-bounds Read in bpf_int_jit_compile C cause 1 215d 212d 167d 7c2e988f bpf: fix x64 JIT code generation for jmp to 1st insn
KASAN: use-after-free Read in snd_seq_ioctl_get_client_pool 1 185d 182d 167d 75545304 ALSA: seq: Fix potential concurrent access to the deleted pool
KASAN: use-after-free Read in bpf_prog_kallsyms_del syz cause+fix 3 415d 494d 167d c751798a bpf: fix use after free in prog symbol exposure
kernel BUG at net/rxrpc/local_object.c:LINE! C cause 11167 171d 238d 167d 730c5fd4 rxrpc: Fix local endpoint refcounting
KASAN: null-ptr-deref Write in rxrpc_unuse_local C cause 4422 191d 195d 167d 68553f1a rxrpc: Fix local refcounting
KASAN: use-after-free Read in bpf_get_prog_name 1 210d 209d 167d c751798a bpf: fix use after free in prog symbol exposure
KMSAN: uninit-value in batadv_netlink_dump_hardif C 58 178d 213d 167d 3ee1bb7a batman-adv: fix uninit-value in batadv_netlink_get_ifindex()
WARNING in bpf_prog_kallsyms_find C cause 5632 167d 289d 167d c751798a bpf: fix use after free in prog symbol exposure
KASAN: slab-out-of-bounds Read in do_jit C cause 16 167d 212d 167d 7c2e988f bpf: fix x64 JIT code generation for jmp to 1st insn
KASAN: use-after-free Read in ld_usb_release C 14 186d 195d 167d 303911cf USB: core: Fix races in character device registration and deregistraion
KMSAN: uninit-value in rtm_dump_nexthop C 6 177d 193d 167d d00ee64e netlink: Fix nlmsg_parse as a wrapper for strict message parsing
WARNING in is_bpf_text_address C cause 104 177d 244d 167d c751798a bpf: fix use after free in prog symbol exposure
KASAN: slab-out-of-bounds Read in usbnet_generic_cdc_bind C 2 191d 192d 167d 54364278 USB: CDC: fix sanity checks in CDC union parser
WARNING in __blkdev_put (2) syz 3082 192d 199d 167d e91455ba bdev: Fixup error handling in blkdev_get()
KASAN: use-after-free Read in device_release_driver_internal C 5 189d 212d 167d c52873e5 usb: cdc-acm: make sure a refcount is taken early enough
KASAN: use-after-free Read in bpf_prog_kallsyms_add syz cause+fix 120 294d 529d 167d c751798a bpf: fix use after free in prog symbol exposure
WARNING in wdm_write/usb_submit_urb C 15 171d 185d 167d 1426bd2c USB: cdc-wdm: fix race between write and disconnect due to flag abuse
BUG: corrupted list in rxrpc_local_processor C cause 1679 187d 195d 167d b00df840 rxrpc: Fix local endpoint replacement
KASAN: use-after-free Write in __xfrm_policy_unlink (2) 7 234d 280d 172d b805d78d xfrm: policy: Fix out-of-bound array accesses in __xfrm_policy_unlink
BUG: unable to handle kernel paging request in hrtimer_interrupt syz cause 2 210d 246d 177d 95fa1454 bpf: sockmap/tls, close can race with map free
WARNING in smc_unhash_sk (2) C cause 1047 177d 313d 177d cd206360 net/smc: avoid fallback in case of non-blocking connect
WARNING: ODEBUG bug in tls_sw_free_resources_tx 23 212d 471d 177d f87e62d4 net/tls: remove close callback sock unlock/lock around TX work flush
general protection fault in rcu_core syz cause 1 226d 226d 177d 95fa1454 bpf: sockmap/tls, close can race with map free
general protection fault in mm_update_next_owner syz cause+fix 1 257d 257d 177d 95fa1454 bpf: sockmap/tls, close can race with map free
KMSAN: kernel-usb-infoleak in pcan_usb_pro_send_req C 16 180d 205d 177d 30a8beeb can: peak_usb: pcan_usb_fd: Fix info-leaks to USB devices
KASAN: use-after-free Write in validate_chain syz cause 3 234d 244d 177d 95fa1454 bpf: sockmap/tls, close can race with map free
WARNING: held lock freed! (2) C cause 1 231d 227d 177d 4638faac netrom: hold sock when setting skb->destructor
general protection fault in tls_trim_both_msgs C cause 36 199d 211d 177d 5d92e631 net/tls: partially revert fix transition through disconnect with close
KASAN: use-after-free Read in psi_task_change syz cause 1 210d 209d 177d 95fa1454 bpf: sockmap/tls, close can race with map free
KASAN: slab-out-of-bounds Read in class_equal syz cause 45 198d 271d 177d 95fa1454 bpf: sockmap/tls, close can race with map free
KASAN: slab-out-of-bounds Write in check_noncircular syz cause 1 217d 217d 177d 95fa1454 bpf: sockmap/tls, close can race with map free
WARNING in mark_lock syz cause 2 186d 241d 177d 95fa1454 bpf: sockmap/tls, close can race with map free
general protection fault in holtek_kbd_input_event C 67 198d 210d 177d 01ec0a5f HID: holtek: test for sanity of intfdata
KASAN: use-after-free Read in release_sock C cause 10 200d 210d 177d 4638faac netrom: hold sock when setting skb->destructor
KASAN: slab-out-of-bounds Write in validate_chain syz cause 6 229d 244d 177d 95fa1454 bpf: sockmap/tls, close can race with map free
general protection fault in tcf_ife_init C cause 72 199d 213d 177d c8ec4632 ife: error out when nla attributes are empty
KASAN: invalid-free in tls_sk_proto_cleanup 5 202d 205d 177d 5d92e631 net/tls: partially revert fix transition through disconnect with close
BUG: unable to handle kernel paging request in __do_softirq syz cause+fix 1 247d 246d 177d 95fa1454 bpf: sockmap/tls, close can race with map free
kernel panic: stack is corrupted in validate_chain syz cause 1 240d 240d 177d 95fa1454 bpf: sockmap/tls, close can race with map free
KASAN: slab-out-of-bounds Read in corrupted (2) syz cause 3 210d 259d 177d 95fa1454 bpf: sockmap/tls, close can race with map free
BUG: unable to handle kernel paging request in tls_prots syz cause 1 240d 239d 177d 95fa1454 bpf: sockmap/tls, close can race with map free
kernel panic: corrupted stack end in dput syz cause 1 235d 235d 177d 95fa1454 bpf: sockmap/tls, close can race with map free
general protection fault in tls_sk_proto_close syz cause 260 177d 209d 177d 5d92e631 net/tls: partially revert fix transition through disconnect with close
WARNING in debug_check_no_obj_freed C cause 47 178d 245d 177d f9cedf1a net/smc: do not schedule tx_work in SMC_CLOSED state
BUG: unable to handle kernel paging request in cpuacct_account_field syz cause+fix 1 245d 244d 177d 95fa1454 bpf: sockmap/tls, close can race with map free
memory leak in fdb_create C cause 4 202d 242d 177d d7bae09f net: bridge: delete local fdb on device init failure
KASAN: use-after-free Read in tls_wait_data 1 203d 196d 177d 5d92e631 net/tls: partially revert fix transition through disconnect with close
BUG: unable to handle kernel NULL pointer dereference in corrupted (4) syz cause+fix 1 241d 240d 177d 95fa1454 bpf: sockmap/tls, close can race with map free
possible deadlock in rxrpc_put_peer 1 213d 209d 177d 60034d3d rxrpc: Fix potential deadlock
WARNING: held lock freed in nr_release C cause 344 198d 219d 177d 4638faac netrom: hold sock when setting skb->destructor
KASAN: use-after-free Read in corrupted (3) syz cause 1 239d 239d 177d 95fa1454 bpf: sockmap/tls, close can race with map free
WARNING: ODEBUG bug in __sk_destruct C 2855 197d 662d 177d f9cedf1a net/smc: do not schedule tx_work in SMC_CLOSED state
WARNING in cgroup_rstat_updated syz cause 1 198d 198d 177d 95fa1454 bpf: sockmap/tls, close can race with map free
general protection fault in rb_erase (2) syz cause 4 206d 413d 177d 95fa1454 bpf: sockmap/tls, close can race with map free
KASAN: slab-out-of-bounds Read in usage_accumulate syz cause 3 240d 259d 177d 95fa1454 bpf: sockmap/tls, close can race with map free
KASAN: use-after-free Read in nr_release C cause 25 179d 258d 177d 4638faac netrom: hold sock when setting skb->destructor
WARNING: refcount bug in nr_rx_frame C cause 15 201d 217d 177d 4638faac netrom: hold sock when setting skb->destructor
KASAN: use-after-free Read in hiddev_release C 11 188d 203d 177d 9c09b214 HID: hiddev: avoid opening a disconnected device 6d4472d7 HID: hiddev: do cleanup in failure of opening a device
KASAN: use-after-free Read in nr_insert_socket C cause 22 201d 217d 177d 4638faac netrom: hold sock when setting skb->destructor
general protection fault in tls_tx_records 1 204d 196d 177d 5d92e631 net/tls: partially revert fix transition through disconnect with close
BUG: unable to handle kernel paging request in bpf_prog_ADDR C cause 13 200d 216d 177d 06a22d89 bpf: fix access to skb_shared_info->gso_segs
KASAN: use-after-free Read in nr_rx_frame (2) C cause 3 205d 213d 177d 4638faac netrom: hold sock when setting skb->destructor
memory leak in create_ctx syz 1 257d 257d 177d 95fa1454 bpf: sockmap/tls, close can race with map free
WARNING in xt_compat_add_offset C cause 18 199d 363d 177d 3b48300d netfilter: ebtables: also count base chain policies
KMSAN: kernel-usb-infoleak in pcan_usb_pro_init C 13 181d 205d 177d ead16e53 can: peak_usb: pcan_usb_pro: Fix info-leaks to USB devices
kernel panic: corrupted stack end in corrupted syz cause 17 198d 245d 177d 95fa1454 bpf: sockmap/tls, close can race with map free
WARNING in gpio_to_desc C 3 195d 225d 177d c3953a3c NFC: nfcmrvl: fix gpio-handling regression
KASAN: use-after-free Read in tls_sk_proto_cleanup 9 200d 211d 177d 5d92e631 net/tls: partially revert fix transition through disconnect with close
general protection fault in rb_next (3) syz cause+fix 1 250d 249d 177d 95fa1454 bpf: sockmap/tls, close can race with map free
general protection fault in tls_setsockopt syz cause 7 206d 219d 177d 5d92e631 net/tls: partially revert fix transition through disconnect with close
KMSAN: uninit-value in read_eprom_word C 31 179d 205d 177d 224c0497 net: usb: pegasus: fix improper read if get_registers() fail
general protection fault in finish_task_switch (2) C fix 1538 515d 559d 182d 26b471c7 KVM: nVMX: Fix bad cleanup on error of get/set nested state IOCTLs
KASAN: use-after-free Read in tls_push_sg 2 206d 279d 184d 9354544c net/tls: fix page double free on TX cleanup
possible deadlock in xsk_notifier C cause 495 216d 227d 191d 5464c3a0 xdp: fix potential deadlock on socket mutex
KASAN: use-after-free Write in _free_event C 112 354d 592d 191d 1cf8dfe8 perf/core: Fix race between close() and fork()
WARNING in __mark_chain_precision C cause 105 191d 227d 191d b3b50f05 bpf: fix precision bit propagation for BPF_ST instructions
linux-next boot error: WARNING in corrupted 12 229d 231d 191d 18c49926 cpufreq: Add QoS requests for userspace constraints
INFO: task hung in snd_seq_write 6 337d 542d 191d ede34f39 ALSA: seq: Break too long mutex context in the write loop
memory leak in nfs_get_client C 12 228d 255d 191d 9f7761cf NFS: Cleanup if nfs_match_client is interrupted
usb-fuzzer boot error: general protection fault in dma_direct_max_mapping_size 21 209d 212d 191d 1b5d9a6e scsi: core: fix the dma_max_mapping_size call
memory leak in policydb_read C cause 1 214d 212d 191d 45385237 selinux: fix memory leak in policydb_init()
WARNING in binder_transaction_buffer_release syz cause 38 233d 276d 191d 49ed9694 binder: prevent transactions to context manager from its own process.
general protection fault in snd_usb_pipe_sanity_check C 72 192d 206d 191d 5d78e1c2 ALSA: usb-audio: Fix gpf in snd_usb_pipe_sanity_check
INFO: rcu detected stall in snd_seq_write syz cause 18 211d 542d 191d ede34f39 ALSA: seq: Break too long mutex context in the write loop
KASAN: stack-out-of-bounds Read in hfcsusb_probe C 634 206d 312d 191d f384e62a ISDN: hfcsusb: checking idx of ep configuration
BUG: unable to handle kernel NULL pointer dereference in hci_uart_set_flow_control C cause 7 336d 336d 191d b36a1552 Bluetooth: hci_uart: check for missing tty operations
kernel BUG at drivers/usb/wusbcore/wusbhc.c:LINE! C 1 212d 212d 191d f90bf1ec usb: wusbcore: fix unbalanced get/put cluster_id
memory leak in sctp_get_port_local C 28 201d 268d 199d 9b6c0887 sctp: not bind the socket in sctp_connect
WARNING: Support for this device (Terratec Grabster AV400) is experimental. C 371 207d 296d 199d 1753c7c4 media: pvrusb2: use a different format for warnings
general protection fault in send_hsr_supervision_frame C cause 1395 220d 228d 199d 311633b6 hsr: switch ->dellink() to ->ndo_uninit()
memory leak in ip_mc_add_src (2) C 7 210d 239d 199d e5b1c6c6 igmp: fix memory leak in igmpv3_del_delrec()
general protection fault in btf_array_resolve C cause 109 224d 247d 199d e4f07120 bpf: fix NULL deref in btf_type_is_resolve_source_only
general protection fault in sctp_sched_prio_sched C cause 3 236d 250d 199d 4d141581 sctp: fix error handling on stream scheduler initialization
general protection fault in ip6_datagram_dst_update C cause 12 223d 226d 199d 8975a3ab ipv6: fix potential crash in ip6_datagram_dst_update()
KMSAN: uninit-value in ax88772_bind C 80 201d 262d 199d 78226f6e net: usb: asix: init MAC address buffers
KASAN: use-after-free Read in ip_expire 1 248d 248d 199d d5dd8879 inet: fix various use-after-free in defrags units
kernel BUG at drivers/android/binder_alloc.c:LINE! (4) C cause 26 239d 247d 199d bb4a2e48 binder: return errors from buffer copy functions
KASAN: use-after-free Read in cpia2_usb_disconnect C 3 226d 310d 199d eff73de2 media: cpia2_usb: first wake up, then free in disconnect
general protection fault in ovs_ct_exit C cause 9888 241d 246d 199d b272a0ad netns: restore ops before calling ops_exit_list
memory leak in binder_transaction C 3 240d 252d 199d 1909a671 binder: fix memory leak in error path
KASAN: use-after-free Read in xlog_alloc_log 16 219d 239d 199d 89b171ac xfs: fix iclog allocation size
KMSAN: uninit-value in bond_start_xmit (2) C 2309 199d 523d 199d 9d1bc24b bonding: validate ip header before check IPPROTO_IGMP
WARNING in __flush_work (3) C 1251 202d 312d 199d 11a087f4 media: uvcvideo: Fix access to uninitialized fields on probe error
memory leak in pfkey_xfrm_policy2msg_prep C 4 240d 271d 199d 7c80eb1c af_key: fix leaks in key_pol_get_resp and dump_sp.
KASAN: use-after-free Read in dvb_usb_device_exit C 825 200d 314d 199d 6cf97230 media: dvb: usb: fix use after free in dvb_usb_device_exit
KASAN: slab-out-of-bounds Read in au0828_rc_unregister (2) 11 271d 281d 199d 6d0d1ff9 media: au0828: fix null dereference in error path
INFO: trying to register non-static key in rtl_c2hcmd_launcher C 48950 206d 314d 199d 6c0ed66f rtlwifi: rtl8192cu: fix error handle when usb probe failed
KASAN: use-after-free Read in kfree_skb_list C cause 383 246d 264d 199d b7034146 net: fix use-after-free in kfree_skb_list
KASAN: null-ptr-deref Read in zr364xx_vidioc_querycap C 76 207d 297d 199d 5d2e73a5 media: usb:zr364xx:Fix KASAN:null-ptr-deref Read in zr364xx_vidioc_querycap
memory leak in __ip6_append_data C 10 242d 268d 199d dc93f46b inet: frags: fix use-after-free read in inet_frag_destroy_rcu
WARNING: ath10k USB support is incomplete, don't expect anything to work! C 347 207d 287d 199d 265df32e ath10k: Change the warning message string
KASAN: use-after-free Write in xfrm_hash_rebuild syz cause 8 232d 280d 199d fd709721 xfrm: policy: fix bydst hlist corruption on hash rebuild
memory leak in bcsp_recv C 3 244d 271d 199d 4ce9146e Bluetooth: hci_bcsp: Fix memory leak in rx_skb
memory leak in start_sync_thread C 7 236d 268d 199d 5db7c8b9 ipvs: fix tinfo memory leak in start_sync_thread
KASAN: use-after-free Read in v4l2_release C 275 207d 311d 199d c666355e media: radio-raremono: change devm_k*alloc to k*alloc
net-next build error (2) 2 265d 265d 199d c9bb6165 netfilter: nf_conntrack_bridge: fix CONFIG_IPV6=y
KASAN: use-after-free Read in brnf_exit_net syz cause 3 243d 246d 199d 7e6daf50 netfilter: bridge: prevent UAF in brnf_exit_net()
WARNING in static_key_slow_try_dec C cause 58 222d 226d 199d d44e3fa5 ipv6: fix static key imbalance in fl_create()
WARNING: suspicious RCU usage in in_dev_dump_addr C cause 107 260d 262d 199d d3e6e285 net: ipv4: fix rcu lockdep splat due to wrong annotation
memory leak in nf_hook_entries_grow C 99 227d 262d 199d cf47a0b8 ipvs: defer hook registration to avoid leaks
general protection fault in tcp_v6_send_reset C cause 353 255d 259d 199d 39209673 ipv6: tcp: fix potential NULL deref in tcp_v6_send_reset()
KASAN: use-after-free Read in inet_frag_destroy_rcu C cause 61 267d 269d 199d dc93f46b inet: frags: fix use-after-free read in inet_frag_destroy_rcu
general protection fault in btf_struct_resolve C cause 49 224d 247d 199d e4f07120 bpf: fix NULL deref in btf_type_is_resolve_source_only
KASAN: use-after-free Read in rhashtable_last_table (2) 1 273d 273d 199d dc93f46b inet: frags: fix use-after-free read in inet_frag_destroy_rcu
KASAN: use-after-free Read in unregister_shrinker syz cause 3 255d 260d 199d 689d7ba4 nfsd: fix cleanup of nfsd_reply_cache_init on failure
general protection fault in oom_unkillable_task 1 256d 251d 199d ac311a14 oom: decouple mems_allowed from oom_unkillable_task
general protection fault in rxrpc_connect_call C cause 15 248d 394d 199d e835ada0 rxrpc: Fix send on a connected, but unbound socket
WARNING: Detected a wedged cx25840 chip; the device will not work. C 62 207d 296d 199d 1753c7c4 media: pvrusb2: use a different format for warnings
WARNING: suspicious RCU usage in fib_dump_info_fnhe C cause 7 239d 240d 199d 3b525691 ipv6: fix suspicious RCU usage in rt6_dump_route()
memory leak in hsr_create_self_node C 5 238d 269d 199d b9a1e627 hsr: implement dellink to clean up resources
general protection fault in call_fib6_multipath_entry_notifiers C cause 94 241d 246d 199d 9eee3b49 ipv6: Error when route does not have any valid nexthops
WARNING in snd_usb_motu_microbookii_communicate/usb_submit_urb C 3 216d 254d 199d 801ebf10 ALSA: usb-audio: Sanity checks for each pipe and EP types
memory leak in nr_rx_frame C 5 206d 269d 199d c8c8218e netrom: fix a memory leak in nr_rx_frame()
KASAN: use-after-free Read in p54u_load_firmware_cb syz 40 207d 290d 199d 6e41e225 p54usb: Fix race between disconnect and firmware loading
memory leak in batadv_tvlv_handler_register C 313 224d 275d 199d 17f78dd1 batman-adv: fix for leaked TVLV handler.
INFO: task hung in io_uring_release 24 224d 242d 199d a4c0b3de io_uring: fix io_sq_thread_stop running in front of io_sq_thread
general protection fault in get_task_pid C cause 24 232d 234d 206d 28dd29c0 fork: return proper negative error code
general protection fault in do_move_mount (2) syz cause 7 239d 247d 206d 570d7a98 vfs: move_mount: reject moving kernel internal mounts
memory leak in packet_set_ring C 2 238d 243d 206d 55655e3d net/packet: fix memory leak in packet_set_ring()
possible deadlock in io_submit_one C cause 1779 210d 381d 206d cbcfa130 fs/userfaultfd.c: disable irqs for fault_pending and event locks
KMSAN: uninit-value in tipc_nl_compat_bearer_disable C 19 233d 246d 206d 4f07b80c tipc: check msg->req data len in tipc_nl_compat_bearer_disable
memory leak in sctp_v6_create_accept_sk C 1 264d 263d 206d 25bff6d5 sctp: change to hold sk after auth shkey is created successfully
memory leak in sctp_v4_create_accept_sk C 1 243d 242d 206d 25bff6d5 sctp: change to hold sk after auth shkey is created successfully
possible deadlock in userfaultfd_release C cause 137 238d 481d 206d cbcfa130 fs/userfaultfd.c: disable irqs for fault_pending and event locks
possible deadlock in userfaultfd_read (2) 228 229d 328d 206d cbcfa130 fs/userfaultfd.c: disable irqs for fault_pending and event locks
memory leak in mpihelp_mul_karatsuba_case C 2 241d 242d 206d c8ea9fce lib/mpi: Fix karactx leak in mpi_powm
KASAN: global-out-of-bounds Read in qmi_wwan_probe C 2 229d 241d 206d 904d88d7 qmi_wwan: Fix out-of-bounds read
KASAN: null-ptr-deref Write in submit_audio_out_urb (2) C 3423 206d 238d 206d 34501219 ALSA: line6: Fix write on zero-sized buffer
WARNING in kvm_set_tsc_khz C 5 562d 558d 206d 3f16a5c3 KVM: x86: degrade WARN to pr_warn_ratelimited
WARNING in notify_change C 566 293d 683d 211d f69e749a Abort file_remove_privs() for non-reg. files
WARNING in cgroup_exit C cause 64 287d 289d 211d f2b31bb5 cgroup: never call do_group_exit() with task->frozen bit set
WARNING: syz-executor still has locks held! C cause 233 442d 453d 211d a72173ec Revert "exec: make de_thread() freezable"
general protection fault in inet_accept C 131 428d 589d 224d 07603b23 net/smc: propagate file from SMC to TCP socket
memory leak in sctp_process_init C 10 249d 269d 225d 0a8dd9f6 Fix memory leak in sctp_process_init ce950f10 sctp: Free cookie before we memdup a new one
BUG: unable to handle kernel paging request in ipv6_rcv (2) 18 247d 271d 225d c3bcde02 tipc: pass tunnel dev as NULL to udp_tunnel(6)_xmit_skb
memory leak in __memcg_init_list_lru_node C 3 256d 270d 225d 3510955b mm/list_lru.c: fix memory leak in __memcg_init_list_lru_node
KMSAN: uninit-value in tcp_create_openreq_child C 4000 226d 246d 225d 85f9aa75 inet: clear num_timeout reqsk_alloc()
KASAN: slab-out-of-bounds Read in dst_dev_put 3 358d 409d 225d c3bcde02 tipc: pass tunnel dev as NULL to udp_tunnel(6)_xmit_skb
WARNING in fanotify_handle_event C cause 5 248d 247d 225d c285a2f0 fanotify: update connector fsid cache on add mark
KASAN: use-after-free Read in pneigh_get_next syz cause 2 250d 250d 225d f3e92cb8 neigh: fix use-after-free read in pneigh_get_next
KASAN: use-after-free Read in css_task_iter_advance 48 255d 261d 225d c596687a cgroup: Fix css_task_iter_advance_css_set() cset skip condition
BUG: Dentry still in use [unmount of tmpfs tmpfs] 2 257d 257d 225d 1b0b9cc8 vfs: fsmount: add missing mntget()
KASAN: slab-out-of-bounds Read in __fib6_drop_pcpu_from 1 249d 249d 225d c3bcde02 tipc: pass tunnel dev as NULL to udp_tunnel(6)_xmit_skb
WARNING: refcount bug in css_task_iter_next 11 255d 260d 225d c596687a cgroup: Fix css_task_iter_advance_css_set() cset skip condition
memory leak in raw_sendmsg C 2 250d 262d 225d fd704bd5 can: purge socket error queue on sock destruct
KASAN: slab-out-of-bounds Read in css_task_iter_advance C cause 19 255d 261d 225d c596687a cgroup: Fix css_task_iter_advance_css_set() cset skip condition
memory leak in tipc_buf_acquire C 15 249d 272d 225d 5cf02612 tipc: purge deferredq list for each grp member in tipc_group_delete
general protection fault in __smc_diag_dump syz cause 309 401d 414d 225d b03faa1f net/smc: postpone release of clcsock
inconsistent lock state in ax25_destroy_timer 2 249d 250d 225d d4d5d8e8 ax25: fix inconsistent lock state in ax25_destroy_timer
memory leak in inet6_create C 2 256d 259d 225d 522924b5 net: correct udp zerocopy refcnt also when zerocopy only on append
memory leak in kobject_set_name_vargs C 12 234d 267d 225d 4f488fbc cfg80211: fix memory leak of wiphy device name
inconsistent lock state in ax25_rt_autobind 2 249d 249d 225d d4d5d8e8 ax25: fix inconsistent lock state in ax25_destroy_timer
general protection fault in rt_cache_valid 24 243d 370d 225d c3bcde02 tipc: pass tunnel dev as NULL to udp_tunnel(6)_xmit_skb
KASAN: use-after-free Read in sprintf syz cause 2 250d 250d 225d f3e92cb8 neigh: fix use-after-free read in pneigh_get_next
BUG: Dentry still in use [unmount of sysfs sysfs] C cause 6 250d 250d 225d 1b0b9cc8 vfs: fsmount: add missing mntget()
general protection fault in dst_dev_put (2) C cause 442 247d 436d 225d c3bcde02 tipc: pass tunnel dev as NULL to udp_tunnel(6)_xmit_skb
KASAN: null-ptr-deref Read in css_task_iter_advance 2 255d 255d 225d c596687a cgroup: Fix css_task_iter_advance_css_set() cset skip condition
BUG: Dentry still in use [unmount of hugetlbfs hugetlbfs] C cause 3 248d 248d 225d 1b0b9cc8 vfs: fsmount: add missing mntget()
KMSAN: kernel-infoleak in copy_siginfo_to_user (2) C 15 255d 284d 225d f6e2aa91 signal/ptrace: Don't leak unitialized kernel memory with PTRACE_PEEK_SIGINFO
WARNING in blk_mq_sched_free_requests C cause 4 252d 255d 225d c326f846 blk-mq: remove WARN_ON(!q->elevator) from blk_mq_sched_free_requests
KASAN: slab-out-of-bounds Read in rt_cache_valid 3 263d 262d 225d c3bcde02 tipc: pass tunnel dev as NULL to udp_tunnel(6)_xmit_skb
BUG: unable to handle kernel paging request in dst_dev_put 3 267d 409d 225d c3bcde02 tipc: pass tunnel dev as NULL to udp_tunnel(6)_xmit_skb
KASAN: use-after-free Read in rt_cache_valid syz cause 5 257d 373d 225d c3bcde02 tipc: pass tunnel dev as NULL to udp_tunnel(6)_xmit_skb
memory leak in new_inode_pseudo C 136 226d 274d 225d 355e8d26 io_uring: fix memory leak of UNIX domain socket inode
memory leak in lapb_register C 16 249d 275d 225d 6be8e297 lapb: fixed leak of control-blocks.
KASAN: use-after-free Read in blk_mq_free_rqs C cause 3481 254d 259d 232d c3e22192 block: free sched's request pool in blk_cleanup_queue
possible deadlock in aio_poll C 5041 384d 529d 236d ae62c16e userfaultfd: disable irqs when taking the waitqueue lock
KASAN: slab-out-of-bounds Read in linear_transfer (2) 1 312d 303d 241d ca0214ee ALSA: pcm: Fix possible OOB access in PCM oss plugins
KASAN: slab-out-of-bounds Read in rhashtable_walk_enter C cause 48 275d 279d 241d 526f5b85 tipc: fix modprobe tipc failed after switch order of device registration
BUG: spinlock bad magic in rhashtable_walk_enter C cause 8 275d 279d 241d 526f5b85 tipc: fix modprobe tipc failed after switch order of device registration
KASAN: use-after-free Write in check_and_subscribe_port 1 296d 289d 241d 7c32ae35 ALSA: seq: Cover unsubscribe_port() in list_mutex
WARNING: proc registration bug in snd_info_card_register C 453 270d 314d 241d 0b074ab7 ALSA: line6: Assure canceling delayed work at disconnection
KASAN: slab-out-of-bounds Write in default_read_copy_kernel C cause 3 361d 438d 241d ca0214ee ALSA: pcm: Fix possible OOB access in PCM oss plugins
INFO: task hung in __ia32_sys_io_uring_enter 2 311d 312d 242d b19062a5 io_uring: fix possible deadlock between io_uring_{enter,register}
INFO: task hung in __x64_sys_io_uring_enter 12 305d 312d 242d b19062a5 io_uring: fix possible deadlock between io_uring_{enter,register}
general protection fault in sctp_sched_dequeue_common (2) C cause 3 343d 343d 242d 2e990dfd sctp: remove sched init from sctp_stream_init
WARNING in ovl_instantiate syz cause 75 299d 467d 242d 146d62e5 ovl: detect overlapping layers acf3062a ovl: relax WARN_ON() for overlapping layers use case
general protection fault in sisusb_probe C 3 284d 287d 246d 9a5729f6 USB: sisusbvga: fix oops in error path of sisusb_probe
INFO: task hung in __get_super C 80 246d 690d 246d 33ec3e53 loop: Don't change loop device under exclusive opener
KASAN: slab-out-of-bounds Write in usb_get_bos_descriptor syz 3 273d 286d 246d a03ff544 USB: Fix slab-out-of-bounds write in usb_get_bos_descriptor
KASAN: invalid-free in disconnect_rio C 180 269d 314d 246d 3864d339 USB: rio500: refuse more than one device at a time
general protection fault in smsusb_init_device C 23 270d 308d 246d 31e0456d media: usb: siano: Fix general protection fault in smsusb
memory leak in packet_setsockopt C 10 259d 275d 246d afa0925c packet: unconditionally free po->rollover
KASAN: wild-memory-access Read in refcount_sub_and_test_checked 2 266d 282d 247d 61fb0d01 ipv6: prevent possible fib6 leaks
KASAN: use-after-free Read in ip6_fragment 1 278d 278d 247d 61fb0d01 ipv6: prevent possible fib6 leaks
BUG: unable to handle kernel NULL pointer dereference in ip6_rcv_finish 3 254d 282d 247d 61fb0d01 ipv6: prevent possible fib6 leaks
KASAN: use-after-free Write in fib6_purge_rt 2 272d 280d 247d 61fb0d01 ipv6: prevent possible fib6 leaks
KASAN: null-ptr-deref Write in fib6_purge_rt 18 261d 284d 247d 61fb0d01 ipv6: prevent possible fib6 leaks
KASAN: use-after-free Read in napi_gro_frags C cause 16 265d 267d 247d a4270d67 net-gro: fix use-after-free read in napi_gro_frags()
memory leak in ip_mc_add_src C 14 252d 275d 247d 3580d04a ipv4/igmp: fix another memory leak in igmpv3_del_delrec()
memory leak in process_preds C 1 269d 269d 247d dfb4a6f2 tracing: Avoid memory leak in predicate_parse()
memory leak in llc_ui_create C 4 257d 270d 247d 8fb44d60 llc: fix skb leak in llc_build_and_send_ui_pkt()
memory leak in inet_create C 2 261d 275d 247d 100f6d8e net: correct zerocopy refcnt with udp MSG_MORE
KASAN: slab-out-of-bounds Write in fib6_purge_rt 6 248d 283d 247d 61fb0d01 ipv6: prevent possible fib6 leaks
INFO: trying to register non-static key in rhashtable_walk_enter C 16 275d 279d 247d 526f5b85 tipc: fix modprobe tipc failed after switch order of device registration
KASAN: use-after-free Read in __dev_map_entry_free C 473 329d 610d 247d 2baae354 bpf: devmap: fix use-after-free Read in __dev_map_entry_free
KASAN: null-ptr-deref Write in submit_audio_out_urb C 185 254d 269d 247d 0b074ab7 ALSA: line6: Assure canceling delayed work at disconnection
INFO: task hung in usb_kill_urb C 1515 309d 314d 251d 50896c41 USB: dummy-hcd: Fix failure to give back unlinked URBs USB: dummy-hcd: Fix failure to give back unlinked URBs
KASAN: use-after-free Read in snd_seq_timer_interrupt 1 484d 484d 251d fe1b26c9 ALSA: timer: Make snd_timer_close() really kill pending actions
general protection fault in do_move_mount 3 288d 288d 251d 05883eee do_move_mount(): fix an unsafe use of is_anon_ns()
KASAN: use-after-free Read in tipc_sk_filter_rcv C cause 3439 330d 337d 251d 77d5ad40 tipc: fix use-after-free in tipc_sk_filter_rcv
BUG: assuming atomic context at net/core/flow_dissector.c:LINE syz 19 281d 286d 251d b1c17a9a flow_dissector: disable preemption around BPF calls
general protection fault in load_elf_binary C cause 15 324d 328d 251d cc338010 fs/binfmt_elf.c: free PT_INTERP filename ASAP
INFO: task hung in snd_seq_kernel_client_ctl C cause 554 314d 315d 251d f0654ba9 Revert "ALSA: seq: Protect in-kernel ioctl calls with mutex"
BUG: unable to handle kernel paging request in isolate_freepages_block 3 295d 289d 251d 60fce36a mm/compaction.c: correct zone boundary handling when isolating pages from a pageblock
KASAN: use-after-free Read in snd_timer_process_callbacks C cause 4 317d 318d 251d df55531b ALSA: timer: Revert active callback sync check at close
WARNING in cma_exit_net 25 324d 325d 251d 061ccb52 RDMA/cma: Set proper port number as index
KASAN: use-after-free Read in snd_seq_ioctl_get_subscription 2 475d 508d 251d 2eabc5ec ALSA: seq: Fix race of get-subscription call vs port-delete ioctls
KASAN: use-after-free Read in tcp_v6_send_reset 1 332d 332d 251d 4f661542 tcp: fix zerocopy and notsent_lowat issues
WARNING in batadv_mcast_mla_update 75 282d 417d 251d a3c7cd0c batman-adv: mcast: fix multicast tt/tvlv worker locking
BUG: using __this_cpu_read() in preemptible code in ip6_finish_output C cause 18807 319d 324d 251d 28b05b92 net: use correct this_cpu primitive in dev_recursion_level
WARNING: ODEBUG bug in netdev_freemem syz cause 1042 251d 416d 251d a3c7cd0c batman-adv: mcast: fix multicast tt/tvlv worker locking
WARNING: locking bug in nfs_get_client C cause 13 287d 288d 251d c260121a NFS: Fix a double unlock from nfs_match,get_client
WARNING: locking bug in copy_process C cause 3 285d 287d 251d c3b7112d fork: do not release lock that wasn't taken
KASAN: use-after-free Read in string C 247 295d 535d 251d c03a0fd0 kobject: Don't trigger kobject_uevent(KOBJ_REMOVE) twice.
KASAN: use-after-free Read in get_mem_cgroup_from_mm C cause 375 297d 471d 251d c3f3ce04 userfaultfd: use RCU to free the task struct when fork fails
KASAN: slab-out-of-bounds Write in skb_release_data 1 331d 331d 251d 4f661542 tcp: fix zerocopy and notsent_lowat issues
KASAN: use-after-free Read in __vb2_perform_fileio C cause 786 289d 479d 251d d65842f7 media: vb2: add waiting_in_dqbuf flag
BUG: sleeping function called from invalid context in line6_pcm_acquire 119 270d 288d 251d 7f84ff68 ALSA: line6: toneport: Fix broken usage of timer for delayed execution
kernel BUG at drivers/android/binder_alloc.c:LINE! (3) C cause 24 260d 329d 251d a3c7cd0c batman-adv: mcast: fix multicast tt/tvlv worker locking
WARNING in batadv_mcast_mla_tt_retract syz cause 190 282d 417d 251d a3c7cd0c batman-adv: mcast: fix multicast tt/tvlv worker locking
KASAN: use-after-free Write in __ext4_expand_extra_isize C 95 298d 689d 251d 7bc04c5c ext4: fix use-after-free race with debug_want_extra_isize
general protection fault in tipc_mcast_filter_msg C cause 3889 315d 337d 251d 08e046c8 tipc: fix a null pointer deref
WARNING in port_delete syz cause 22 374d 589d 251d 7c32ae35 ALSA: seq: Cover unsubscribe_port() in list_mutex feb68902 ALSA: seq: Protect in-kernel ioctl calls with mutex
kernel BUG at mm/slab.c:LINE! (4) 12 263d 331d 251d 4f661542 tcp: fix zerocopy and notsent_lowat issues
possible deadlock in acct_pin_kill C cause 273 294d 511d 251d 9419a319 acct_on(): don't mess with freeze protection
kernel BUG at arch/x86/mm/physaddr.c:LINE! (2) C cause 522 251d 461d 251d dad7e270 media: vivid: use vfree() instead of kfree() for dev->bitmap_cap
general protection fault in __handle_mm_fault C cause 17 494d 503d 254d ff09d7ec mm/memory.c: recheck page table entry with page table lock held
KMSAN: uninit-value in aa_fqlookupn_profile C 39 466d 510d 254d 250f2da4 apparmor: Fix uninitialized value in aa_split_fqname
BUG: bad usercopy in __check_heap_object (3) C 287 523d 594d 254d 1f4aace6 fs/seq_file.c: simplify seq_file iteration code and interface
general protection fault in put_fs_context C 9 478d 478d 254d 8d0347f6 convert do_remount_sb() to fs_context
kernel panic: MAC Initialization failed. (3) C cause 799 283d 357d 254d e80b1859 tomoyo: Add a kernel config option for fuzzing testing.
KASAN: use-after-free Read in br_mdb_ip_get 1 389d 389d 265d 1515a63f net: bridge: always clear mcast matching struct on reports and leaves
KMSAN: uninit-value in br_mdb_ip_get 5 329d 388d 265d 1515a63f net: bridge: always clear mcast matching struct on reports and leaves
WARNING in xfrm_state_fini (2) C 37510 294d 746d 269d dbb2483b xfrm: clean up xfrm protocol checks
KMSAN: uninit-value in rds_connect C 952 297d 539d 269d dd3ac9a6 net/rds: Check address length before reading address family
general protection fault in __dev_printk C 300 296d 309d 269d ef61eb43 USB: yurex: Fix protection fault after device removal
INFO: trying to register non-static key in vmk80xx_detach C 1528 269d 314d 269d 08b7c2f9 staging: comedi: vmk80xx: Fix use of uninitialized semaphore
KMSAN: uninit-value in rtnl_stats_dump syz 14 300d 314d 269d 69f23a09 rtnetlink: fix rtnl_valid_stats_req() nlmsg_len check
WARNING: suspicious RCU usage in fib_compute_spec_dst 1 313d 313d 269d c543cb4a ipv4: ensure rcu_read_lock() in ipv4_link_failure()
BUG: unable to handle page fault for address = ADDR C cause 3 301d 301d 269d baf76f0c slip: make slhc_free() silently accept an error pointer
KASAN: use-after-free Read in seccomp_notify_release (2) C cause 9 332d 333d 269d 7a0df7fb seccomp: Make NEW_LISTENER and TSYNC flags exclusive
WARNING in compat_copy_entries (2) syz cause 19416 283d 716d 269d 7caa56f0 netfilter: ebtables: CONFIG_COMPAT: drop a bogus WARN_ON
KMSAN: uninit-value in tomoyo_check_inet_address 33 280d 280d 269d e6193f78 tomoyo: Check address length before reading address family
BUG: sleeping function called from invalid context at crypto/skcipher.c:LINE 1 313d 312d 269d 44427c0f crypto: xts - Fix atomic sleep when walking skcipher
KMSAN: uninit-value in rds_bind C 6202 297d 539d 269d dd3ac9a6 net/rds: Check address length before reading address family
INFO: trying to register non-static key in ni6501_detach C 127 270d 312d 269d 660cf4ce staging: comedi: ni_usb6501: Fix use of uninitialized mutex
KASAN: slab-out-of-bounds Read in skb_gro_receive (2) C cause 5 295d 295d 269d 4dd2b82d udp: fix GRO packet of death
KASAN: stack-out-of-bounds Write in __ip_options_echo syz cause 8 303d 307d 269d 20ff83f1 ipv4: add sanity checks in ipv4_link_failure()
general protection fault in vcpu_enter_guest (2) C cause 11286 295d 301d 269d b904cb8d KVM: lapic: Check for in-kernel LAPIC before deferencing apic pointer
KASAN: use-after-free Read in snd_info_free_entry C 47 282d 312d 269d 2a3f7221 ALSA: core: Fix card races between register and disconnect 8c2f8708 ALSA: info: Fix racy addition/deletion of nodes
WARNING in percpu_ref_kill_and_confirm C cause 443 298d 304d 269d 35fa71a0 io_uring: fail io_uring_register(2) on a dying io_uring instance
general protection fault in skb_queue_tail C cause 35 302d 304d 269d 032be5f1 rxrpc: fix race condition in rxrpc_input_packet()
WARNING in wiphy_register (4) syz cause 3 313d 342d 269d 45fcef8b mac80211_hwsim: calculate if_combination.max_interfaces
INFO: task hung in __io_uring_register C cause 51 305d 313d 269d b19062a5 io_uring: fix possible deadlock between io_uring_{enter,register}
WARNING in __kthread_bind_mask C cause 2929 303d 314d 269d 06058632 io_uring: park SQPOLL thread if it's percpu
general protection fault in ieee80211_debugfs_rename_netdev 8 298d 312d 269d 51787914 mac80211: don't attempt to rename ERR_PTR() debugfs dirs
KASAN: slab-out-of-bounds Read in ds_probe C 5 271d 309d 269d c114944d USB: w1 ds2490: Fix bug caused by improper use of altsetting array
INFO: rcu detected stall in rose_loopback_timer 5 284d 303d 269d 0453c682 net/rose: fix unbound loop in rose_loopback_timer()
KMSAN: uninit-value in rtnl_stats_get C 5 306d 314d 269d 69f23a09 rtnetlink: fix rtnl_valid_stats_req() nlmsg_len check
KASAN: use-after-free Read in pid_nr_ns 1 299d 299d 269d 6c0afef5 ipv6/flowlabel: wait rcu grace period before put_pid()
KMSAN: uninit-value in tomoyo_check_unix_address 8 280d 280d 269d e6193f78 tomoyo: Check address length before reading address family
kernel BUG at net/core/net-sysfs.c:LINE! C cause 890 299d 335d 269d 8ed633b9 Revert "net-sysfs: Fix memory leak in netdev_register_kobject"
WARNING: refcount bug in l2tp_tunnel_get 1 297d 297d 269d a622b400 l2ip: fix possible use-after-free
WARNING in io_uring_setup C cause 3601 293d 314d 269d 917257da io_uring: only test SQPOLL cpu after we've verified it
KASAN: user-memory-access Write in fib6_purge_rt 6 271d 300d 269d 0e233874 ipv6: fix races in ip6_dst_destroy()
general protection fault in xfrmi_decode_session C cause 16694 294d 365d 269d 6ed69184 xfrm: Reset secpath in xfrm failure
INFO: task hung in vhost_net_stop_vq C cause 136 309d 447d 269d 813dbeb6 vhost: reject zero size iova range
general protection fault in fanotify_handle_event syz cause 5 308d 308d 269d b1da6a51 fsnotify: Fix NULL ptr deref in fanotify_get_fsid()
BUG: unable to handle kernel paging request in do_mount C 194 480d 518d 276d 3e1aeb00 vfs: Implement a filesystem superblock creation/configuration context
KASAN: stack-out-of-bounds Read in string C 46 303d 314d 281d c01c348e USB: core: Fix unterminated string returned by usb_string()
WARNING in usb_submit_urb (4) syz cause 46 282d 471d 281d c2b71462 USB: core: Fix bug caused by duplicate interface PM usage counter
WARNING: locking bug in icmp_send syz cause 1 366d 366d 287d 9926cb5f tipc: change to check tipc_own_id to return in tipc_net_stop
KMSAN: uninit-value in ip6_compressed_string C 9024 297d 449d 297d 7c2bd9a3 NFS: Forbid setting AF_INET6 to "struct sockaddr_in"->sin_family.
kernel BUG at fs/inode.c:LINE! C cause 2 432d 431d 314d 9bf964c9 autofs: simplify parse_options() function call
KMSAN: uninit-value in tipc_nl_compat_name_table_dump (2) C 6 344d 329d 315d 2ac695d1 tipc: handle the err returned from cmd header function
BUG: corrupted list in rhashtable_walk_enter syz cause 3 334d 333d 315d b5f9bd15 ila: Fix rhashtable walker list corruption
possible deadlock in seq_read C 19074 322d 811d 315d 73601ea5 fs/open.c: allow opening only regular files during execve()
KASAN: use-after-free Read in link_path_walk syz cause 5 434d 449d 315d 1da6c4d9 bpf: fix use after free in bpf_evict_inode
KASAN: slab-out-of-bounds Read in default_write_copy_kernel C cause 366 330d 453d 315d ca0214ee ALSA: pcm: Fix possible OOB access in PCM oss plugins
KASAN: use-after-free Read in trailing_symlink syz cause 2 435d 449d 315d 1da6c4d9 bpf: fix use after free in bpf_evict_inode
KMSAN: kernel-infoleak in sctp_getsockopt (3) syz 11 317d 329d 315d 09279e61 sctp: initialize _pad of sockaddr_in before copying to user memory
BUG: unable to handle kernel paging request in ip6_fragment 1 330d 328d 315d ef0efcd3 ipv6: Fix dangling pointer when ipv6 fragment
KMSAN: uninit-value in tipc_nl_compat_link_set (3) C 15 320d 330d 315d 8c63bf9a tipc: check link name with right length in tipc_nl_compat_link_set
KASAN: use-after-free Read in path_lookupat syz cause 1 449d 449d 315d 1da6c4d9 bpf: fix use after free in bpf_evict_inode
KMSAN: uninit-value in tipc_nl_compat_bearer_enable (2) C 51 317d 330d 315d 6f07e5f0 tipc: check bearer name with right length in tipc_nl_compat_bearer_enable
KASAN: use-after-free Read in drm_gem_object_release C 480 330d 483d 315d 21d2b122 drm/vgem: fix use-after-free when drm_gem_handle_create() fails
WARNING: lock held when returning to user space in tun_get_user C cause 55 341d 341d 316d 9180bb4f tun: add a missing rcu_read_unlock() in error path
kernel panic: corrupted stack end in wb_workfn C cause 14 417d 417d 316d ef82bcfa sctp: use memdup_user instead of vmemdup_user
general protection fault in fib6_purge_rt C cause 60 318d 435d 316d 9926cb5f tipc: change to check tipc_own_id to return in tipc_net_stop
KASAN: slab-out-of-bounds Read in icmp6_send 1 344d 343d 316d 4477138f tun: properly test for IFF_UP
KASAN: stack-out-of-bounds Write in rose_write_internal 1 343d 343d 316d e5dcc0c3 net: rose: fix a possible stack overflow
KASAN: use-after-free Read in __icmp_send 1 335d 331d 316d 4477138f tun: properly test for IFF_UP
general protection fault in sctp_assoc_rwnd_increase C cause 28 330d 345d 316d 636d25d5 sctp: not copy sctp_sock pd_lobby in sctp_copy_descendant
WARNING in free_loaded_vmcs (2) syz cause 5 534d 555d 324d 5bea5123 KVM: VMX: check nested state and CR4.VMXE against SMM
general protection fault in kvm_lapic_hv_timer_in_use syz cause 205 516d 559d 324d 26b471c7 KVM: nVMX: Fix bad cleanup on error of get/set nested state IOCTLs
WARNING in enter_vmx_operation syz cause 8 527d 539d 324d 5bea5123 KVM: VMX: check nested state and CR4.VMXE against SMM
general protection fault in loop_validate_file (2) 3 337d 340d 325d f7c8a412 loop: access lo_backing_file only when the loop device is Lo_bound
WARNING in lockdep_unregister_key C cause 214 332d 346d 325d 82efcab3 workqueue: Only unregister a registered lockdep key
WARNING: bad usercopy in fanotify_read C cause 5 345d 346d 325d b2d22b6b fanotify: Allow copying of file handle to userspace
KASAN: use-after-free Read in filemap_fault C 277 409d 419d 325d 6b4c9f44 filemap: drop the mmap_sem for all blocking operations
general protection fault in ebitmap_destroy (2) C cause 36 335d 343d 325d 6a1afffb selinux: fix NULL dereference in policydb_destroy()
WARNING in __flush_work (2) C 38 349d 350d 329d b30b61ff drm/vkms: Fix flush_work() without INIT_WORK().
general protection fault in sctp_sched_rr_dequeue C cause 11 342d 352d 329d 2e990dfd sctp: remove sched init from sctp_stream_init
KASAN: use-after-free Read in br_multicast_rcv 1 348d 348d 329d 083b78a9 ip: fix ip_mc_may_pull() return value
possible deadlock in shmem_fallocate (2) C 1325 351d 559d 329d fb4415a1 staging: android: ashmem: Don't call fallocate() with ashmem_mutex held.
BUG: MAX_STACK_TRACE_ENTRIES too low! C cause 1725 330d 356d 329d 009bb421 workqueue, lockdep: Fix an alloc_workqueue() error path
general protection fault in tc_ctl_chain C 21 364d 372d 329d af736bf0 net: sched: potential NULL dereference in tcf_block_find()
KMSAN: uninit-value in mpol_rebind_mm 6 332d 417d 329d 2e25644e mm, mempolicy: fix uninit memory access
INFO: trying to register non-static key in dump_header 1 361d 361d 329d b30b61ff drm/vkms: Fix flush_work() without INIT_WORK().
WARNING: lock held when returning to user space in grab_super 2 371d 414d 329d 399504e2 fix cgroup_do_mount() handling of failure exits
KASAN: use-after-free Read in unix_dgram_poll syz 2 358d 354d 329d 84c4e1f8 aio: simplify - and fix - fget/fput for io_submit()
general protection fault in hci_uart_write_work C 84 353d 402d 329d 32a7b4cb Bluetooth: hci_ldisc: Initialize hci_dev before open()
KASAN: use-after-free Read in rdma_listen C 1548 330d 690d 329d 5fc01fb8 RDMA/cma: Rollback source IP address if failing to acquire device
KASAN: use-after-free Read in h5_reset_rx 2 360d 366d 329d 56897b21 Bluetooth: hci_ldisc: Postpone HCI_UART_PROTO_READY bit set in hci_uart_set_proto()
kernel BUG at drivers/android/binder_alloc.c:LINE! (2) C 1257 329d 371d 329d 26528be6 binder: fix handling of misaligned binder object
INFO: trying to register non-static key in __flush_work C 5255 350d 418d 329d b30b61ff drm/vkms: Fix flush_work() without INIT_WORK().
KASAN: use-after-free Read in alloc_workqueue C 37 342d 354d 329d 009bb421 workqueue, lockdep: Fix an alloc_workqueue() error path
general protection fault in cgroup_reconfigure C 7 565d 594d 329d 23bf1b6b kernfs, sysfs, cgroup, intel_rdt: Support fs_context
KASAN: use-after-free Read in x25_device_event C 548 343d 418d 329d 95d6ebd5 net/x25: fix use-after-free in x25_device_event()
possible deadlock in __do_page_fault C 820 351d 518d 329d fb4415a1 staging: android: ashmem: Don't call fallocate() with ashmem_mutex held.
possible deadlock in vfs_fallocate C 3981 551d 662d 329d fb4415a1 staging: android: ashmem: Don't call fallocate() with ashmem_mutex held.
WARNING in get_q_data C 649 377d 387d 329d db9a01b3 media: vicodec: check type in g/s_selection
KMSAN: kernel-infoleak in video_usercopy C 410 330d 429d 329d f45f3f75 media: v4l2-ctrls.c/uvc: zero v4l2_event
KMSAN: uninit-value in gue6_err (2) C 2826 329d 351d 329d 5355ed63 fou, fou6: avoid uninit-value in gue_err() and gue6_err()
kernel BUG at kernel/time/timer.c:LINE! (3) 1 350d 350d 329d 1e027960 net/hsr: fix possible crash in add_timer()
BUG: unable to handle kernel paging request in gro_cells_destroy (3) 3 331d 348d 329d 2a5ff07a gro_cells: make sure device is up in gro_cells_receive()
KMSAN: kernel-infoleak in move_addr_to_user (2) C 8 331d 345d 329d 163d1c3d l2tp: fix infoleak in l2tp_ip6_recvmsg()
general protection fault in nf_ct_gre_keymap_flush C 22 388d 394d 329d ac088a88 netfilter: conntrack: fix error path in nf_conntrack_pernet_init()
general protection fault in xsk_diag_dump C 5 347d 353d 329d 915905f8 xsk: fix potential crash in xsk_diag_put_umem()
BUG: unable to handle kernel paging request in h4_recv_buf C 203 353d 415d 329d 1dc2d785 Bluetooth: hci_uart: Check if socket buffer is ERR_PTR in h4_recv_buf()
general protection fault in x25_write_internal 8 346d 346d 329d ee74d0bd net/x25: reset state in x25_connect()
BUG: unable to handle kernel NULL pointer dereference in __generic_file_write_iter 5 356d 364d 329d ac5ceccc x86/unwind: Add hardcoded ORC entry for NULL f4f34e1b x86/unwind: Handle NULL pointer calls better in frame unwinder
possible deadlock in userfaultfd_read 239 330d 384d 329d d3d6a18d aio: Fix locking in aio_poll()
KMSAN: uninit-value in gue_err (2) C 1617 329d 351d 329d 5355ed63 fou, fou6: avoid uninit-value in gue_err() and gue6_err()
KASAN: use-after-free Read in kobject_put C 12 358d 489d 329d e20a2e9c Bluetooth: Fix decrementing reference count twice in releasing socket
BUG: assuming atomic context at kernel/seccomp.c:LINE C 709 365d 365d 329d e80d02dd seccomp, bpf: disable preemption before calling into bpf prog
general protection fault in delayed_uprobe_remove C cause 2 474d 476d 335d 1aed58e6 Uprobes: Fix kernel oops with delayed_uprobe_remove()
WARNING: locking bug in lock_downgrade 30 395d 451d 336d 513e1073 locking/lockdep: Add debug_locks check in __lock_downgrade() locking/lockdep: Add debug_locks check in __lock_downgrade()
general protection fault in __x86_indirect_thunk_rbx C cause 16 470d 471d 336d d6367d62 fs/locks: use properly initialized file_lock when unlocking.
KASAN: use-after-free Read in update_blocked_averages C cause 3 452d 466d 336d bc6e019b fou: Prevent unbounded recursion in GUE error handler also with UDP-Lite
kernel BUG at mm/slab.c:LINE! (3) C cause 14 336d 464d 336d bc6e019b fou: Prevent unbounded recursion in GUE error handler also with UDP-Lite
WARNING in update_load_avg C cause 1 459d 458d 337d bc6e019b fou: Prevent unbounded recursion in GUE error handler also with UDP-Lite
WARNING: bad usercopy in corrupted (2) C cause 12 406d 452d 337d bc6e019b fou: Prevent unbounded recursion in GUE error handler also with UDP-Lite
KASAN: slab-out-of-bounds Read in tick_sched_handle C cause 7 403d 431d 340d bc6e019b fou: Prevent unbounded recursion in GUE error handler also with UDP-Lite
WARNING: lock held when returning to user space in set_property_atomic C 145 404d 418d 350d 4089e272 gpu/drm: Fix lock held when returning to user space.
general protection fault in ax25cmp C 2294 387d 419d 352d b0cf0292 net/rose: fix NULL ax25_cb kernel panic
KMSAN: uninit-value in batadv_interface_tx C 98 352d 374d 352d 4ffcbfac batman-adv: fix uninit-value in batadv_interface_tx()
kernel panic: stack is corrupted in perf_output_begin_forward 2 402d 409d 352d 44039e00 fou6: Prevent unbounded recursion in GUE error handler
kernel BUG at security/keys/keyring.c:LINE! C 12 404d 503d 352d ede0fa98 KEYS: always initialize keyring_index_key::desc_len
KASAN: slab-out-of-bounds Read in xfrm_policy_insert_list 1 403d 403d 352d 12750aba xfrm: policy: fix infinite loop when merging src-nodes
KMSAN: uninit-value in tipc_subscrb_rcv_cb C 13 662d 683d 352d a88289f4 tipc: fix uninit-value in in tipc_conn_rcv_sub
KASAN: use-after-free Write in __xfrm_policy_unlink C 254 355d 583d 352d 1548bc4e xfrm: policy: delete inexact policies from inexact list on hash rebuild
KMSAN: kernel-infoleak in kvm_vcpu_write_guest_page C 25 443d 471d 352d 3a33d030 kvm: x86/vmx: Use kzalloc for cached_vmcs12
KASAN: use-after-free Read in task_is_descendant C 27 400d 488d 352d 9474f4e7 Yama: Check for pid death before checking ancestry
KASAN: use-after-free Read in xfrm_migrate 5 387d 409d 352d 12750aba xfrm: policy: fix infinite loop when merging src-nodes
INFO: rcu detected stall in netlink_sendmsg syz 83 368d 424d 352d 12750aba xfrm: policy: fix infinite loop when merging src-nodes
WARNING in xfrm_policy_insert_list 2 401d 412d 352d 12750aba xfrm: policy: fix infinite loop when merging src-nodes
WARNING in __flush_work C 402 381d 387d 352d 2e3c18d0 block: pass no-op callback to INIT_WORK().
KASAN: use-after-free Read in __smc_diag_dump syz 34 402d 414d 352d 26d92e95 smc: move unhash as early as possible in smc_release()
KASAN: slab-out-of-bounds Read in xfrm_policy_lookup_bytype 6 405d 427d 352d 12750aba xfrm: policy: fix infinite loop when merging src-nodes
general protection fault in crypto_remove_spawns (2) 2 397d 403d 352d 6db43410 crypto: adiantum - initialize crypto_spawn::inst
KMSAN: uninit-value in tipc_nl_compat_doit C 153 367d 518d 352d 2753ca5d tipc: fix uninit-value in tipc_nl_compat_doit
general protection fault in watchdog C 1 434d 433d 352d e2c8d550 netfilter: ebtables: account ebt_table_info to kmemcg
KASAN: stack-out-of-bounds Read in select_task_rq_fair 2 402d 411d 352d 44039e00 fou6: Prevent unbounded recursion in GUE error handler
KASAN: use-after-free Read in kernel_accept C 19 434d 584d 352d 78abe3d0 net/smc: fix TCP fallback socket release 26d92e95 smc: move unhash as early as possible in smc_release()
KASAN: use-after-free Read in xfrm_policy_insert_list 30 387d 428d 352d 12750aba xfrm: policy: fix infinite loop when merging src-nodes
WARNING: refcount bug in rds_sock_addref 1 386d 385d 352d 6fa19f56 rds: fix refcount bug in rds_sock_addref
WARNING in __skb_flow_dissect (3) syz 224 402d 491d 352d 0b7959b6 tun: publish tfile after it's fully initialized
general protection fault in fuse_dev_do_write C 134 380d 506d 352d 97e1532e fuse: handle zero sized retrieve correctly
KMSAN: uninit-value in tipc_nl_compat_name_table_dump C 51 437d 478d 352d 974cb0e3 tipc: fix uninit-value in tipc_nl_compat_name_table_dump
INFO: rcu detected stall in snd_pcm_oss_read C 2 424d 423d 352d e190161f ALSA: pcm: Fix tight loop of OSS capture stream
KASAN: use-after-free Read in sctp_outq_tail 1 374d 373d 352d af98c5a7 sctp: set stream ext to NULL after freeing it in sctp_stream_outq_migrate
net-next boot error: can't ssh into the instance 33 387d 389d 352d 947b7ac1 Revert "block: cover another queue enter recursion via BIO_QUEUE_ENTERED"
BUG: unable to handle kernel paging request in dput (2) C 4 386d 386d 352d 36991ca6 blk-mq: protect debugfs_create_files() from failures 37ea7b63 debugfs: debugfs_lookup() should return NULL if not found
KASAN: slab-out-of-bounds Read in batadv_interface_tx C 41 378d 416d 352d 9114daa8 batman-adv: Force mac header to start of data on xmit
INFO: rcu detected stall in pfkey_sendmsg 7 403d 428d 352d 12750aba xfrm: policy: fix infinite loop when merging src-nodes
INFO: task hung in generic_file_write_iter 7 444d 583d 352d 04906b2f blockdev: Fix livelocks on loop device
general protection fault in kernel_accept C 280 428d 589d 352d 78abe3d0 net/smc: fix TCP fallback socket release 26d92e95 smc: move unhash as early as possible in smc_release()
KASAN: stack-out-of-bounds in do_raw_spin_lock C 1 412d 412d 352d 44039e00 fou6: Prevent unbounded recursion in GUE error handler
KASAN: use-after-free Read in refcount_inc_not_zero_checked syz 24 355d 414d 352d 63346650 netrom: switch to sock timer API
KMSAN: uninit-value in tipc_nl_compat_link_set (2) C 13 388d 429d 352d edf5ff04 tipc: fix uninit-value in tipc_nl_compat_link_set
KMSAN: uninit-value in tipc_nl_compat_bearer_enable C 144 353d 478d 352d 0762216c tipc: fix uninit-value in tipc_nl_compat_bearer_enable
KMSAN: kernel-infoleak in move_addr_to_user 5 359d 409d 352d 7d033c9f ipv6: fix kernel-infoleak in ipv6_local_error()
KASAN: use-after-free Read in kmemdup 1 398d 398d 352d 63530aba ax25: fix possible use-after-free
KMSAN: uninit-value in tipc_nl_compat_link_reset_stats syz 16 356d 409d 352d 8b66fee7 tipc: fix uninit-value in tipc_nl_compat_link_reset_stats
BUG: unable to handle kernel paging request in depot_save_stack C 1 412d 412d 352d 44039e00 fou6: Prevent unbounded recursion in GUE error handler
KASAN: global-out-of-bounds Read in validate_nla C 14 387d 392d 352d a8b5c6d6 nl80211: fix NLA_POLICY_NESTED() arguments
KASAN: invalid-free in sctp_stream_free C 5 374d 381d 352d af98c5a7 sctp: set stream ext to NULL after freeing it in sctp_stream_outq_migrate
WARNING: refcount bug in nr_release 1 411d 409d 352d 63346650 netrom: switch to sock timer API
general protection fault in dccp_parse_options 1 387d 387d 352d 9b1f19d8 dccp: fool proof ccid_hc_[rt]x_parse_options()
KASAN: slab-out-of-bounds Read in __xfrm_policy_bysel_ctx 1 414d 413d 352d 12750aba xfrm: policy: fix infinite loop when merging src-nodes
KMSAN: uninit-value in kvm_clear_dirty_log_protect 6 352d 396d 352d 98938aa8 KVM: validate userspace input in kvm_clear_dirty_log_protect()
BUG: unable to handle kernel NULL pointer dereference in corrupted (3) C 1 409d 409d 352d 44039e00 fou6: Prevent unbounded recursion in GUE error handler
KASAN: slab-out-of-bounds Read in kvm_clear_dirty_log_protect C 54 403d 414d 352d 98938aa8 KVM: validate userspace input in kvm_clear_dirty_log_protect()
net boot error: can't ssh into the instance 42 387d 389d 352d 947b7ac1 Revert "block: cover another queue enter recursion via BIO_QUEUE_ENTERED"
general protection fault in __dentry_path C 2082 354d 386d 352d 8ed0579c kvm: properly check debugfs dentry before using it
WARNING in tcp_send_loss_probe C 9 362d 413d 352d bf50b606 tcp: repaired skbs must init their tso_segs
BUG: unable to handle kernel paging request in do_csum C 11 445d 445d 352d d5be7f63 net-backports: net: validate untrusted gso packets without csum offload
KASAN: stack-out-of-bounds Read in pick_next_task_fair C 1 412d 412d 352d 44039e00 fou6: Prevent unbounded recursion in GUE error handler
general protection fault in icmp6_send syz 2 412d 412d 352d 8d933670 ipv6: make icmp6_send() robust against null skb->dev
WARNING in batadv_is_on_batman_iface syz 10 392d 417d 352d 955d3411 batman-adv: Avoid WARN on net_device without parent in netns
kernel panic: stack is corrupted in rcu_irq_enter 1 401d 401d 352d 44039e00 fou6: Prevent unbounded recursion in GUE error handler
WARNING in clear_standby C 3522 392d 517d 352d 4aac9228 libceph: avoid KEEPALIVE_PENDING races in ceph_con_keepalive()
general protection fault in __xfrm_policy_bysel_ctx 1 389d 387d 352d 12750aba xfrm: policy: fix infinite loop when merging src-nodes
KASAN: slab-out-of-bounds Read in xfrm_policy_inexact_insert 3 404d 427d 352d 12750aba xfrm: policy: fix infinite loop when merging src-nodes
WARNING in apparmor_cred_free C 109 399d 405d 352d a5795fd3 LSM: Check for NULL cred-security on free
KASAN: out-of-bounds Read in update_curr syz 1 411d 411d 352d 44039e00 fou6: Prevent unbounded recursion in GUE error handler
general protection fault in team_nl_cmd_options_set C 7 421d 379d 352d 2fdeee25 team: avoid complex list operations in team_nl_cmd_options_set()
KASAN: slab-out-of-bounds Write in __xfrm_policy_unlink 34 387d 467d 352d 12750aba xfrm: policy: fix infinite loop when merging src-nodes
INFO: rcu detected stall in xfrm_hash_rebuild 77 387d 438d 352d 12750aba xfrm: policy: fix infinite loop when merging src-nodes
INFO: task hung in lo_ioctl 47 686d 802d 352d 04906b2f blockdev: Fix livelocks on loop device
WARNING in wiphy_register (3) syz 31 387d 418d 352d 9c5d3afa mac80211_hwsim: check that n_limits makes sense
general protection fault in sctp_sched_dequeue_common 6 367d 457d 352d cfe4bd7a sctp: check and update stream->out_curr when allocating stream_out
kernel panic: stack is corrupted in printk C 1 412d 412d 352d 44039e00 fou6: Prevent unbounded recursion in GUE error handler
KMSAN: kernel-infoleak in vmx_get_nested_state C 6 352d 463d 352d 3a33d030 kvm: x86/vmx: Use kzalloc for cached_vmcs12
general protection fault in xfrm_policy_insert_list 4 409d 423d 352d 12750aba xfrm: policy: fix infinite loop when merging src-nodes
BUG: unable to handle kernel NULL pointer dereference in setup_kmem_cache_node 3 414d 414d 352d 09c2e76e slab: alien caches must not be initialized if the allocation of the alien cache failed
general protection fault in xfrm_policy_lookup_bytype 5 387d 417d 352d 12750aba xfrm: policy: fix infinite loop when merging src-nodes
KASAN: slab-out-of-bounds Read in __pskb_copy_fclone 22 434d 500d 352d e7c87bd6 bpf: in __bpf_redirect_no_mac pull mac only if present
INFO: rcu detected stall in sys_bind 1 378d 378d 352d cf657d22 net/x25: do not hold the cpu too long in x25_new_lci()
kernel panic: stack is corrupted in udp4_lib_lookup2 11 417d 413d 352d 44039e00 fou6: Prevent unbounded recursion in GUE error handler
general protection fault in rb_erase_cached C 1 412d 412d 352d 44039e00 fou6: Prevent unbounded recursion in GUE error handler
KASAN: stack-out-of-bounds Read in gue_err_proto_handler C 1 409d 409d 352d 44039e00 fou6: Prevent unbounded recursion in GUE error handler
KASAN: use-after-free Read in oom_kill_process 1 400d 396d 352d cefc7ef3 mm, oom: fix use-after-free in oom_kill_process
kernel panic: stack is corrupted in select_idle_sibling 1 411d 411d 352d 44039e00 fou6: Prevent unbounded recursion in GUE error handler
KASAN: use-after-free Read in __xfrm_policy_bysel_ctx 11 387d 424d 352d 12750aba xfrm: policy: fix infinite loop when merging src-nodes
KASAN: out-of-bounds Read in __switch_to C 1 412d 412d 352d 44039e00 fou6: Prevent unbounded recursion in GUE error handler
KASAN: use-after-free Read in xfrm_policy_inexact_insert 42 387d 417d 352d 12750aba xfrm: policy: fix infinite loop when merging src-nodes
KASAN: use-after-free Read in __wake_up_common_lock 1 387d 386d 352d bdcc5bc2 mISDN: fix a race in dev_expire_timer()
KMSAN: uninit-value in tipc_nl_compat_dumpit C 209 367d 517d 352d 2753ca5d tipc: fix uninit-value in tipc_nl_compat_doit
general protection fault in corrupted (2) C 2 409d 412d 352d 44039e00 fou6: Prevent unbounded recursion in GUE error handler
WARNING: locking bug in corrupted C 1 401d 401d 352d 44039e00 fou6: Prevent unbounded recursion in GUE error handler
possible deadlock in __wake_up_common_lock 7 405d 415d 352d 73444bc4 mm, page_alloc: do not wake kswapd with zone lock held
WARNING: refcount bug in kvm_vm_ioctl syz 13 386d 499d 352d cfa39381 kvm: fix kvm_ioctl_create_device() reference counting (CVE-2019-6974)
INFO: rcu detected stall in ipv6_rcv 7 389d 426d 352d 12750aba xfrm: policy: fix infinite loop when merging src-nodes
KASAN: use-after-free Read in selinux_netlbl_socket_setsockopt 1 387d 386d 352d 63346650 netrom: switch to sock timer API
KMSAN: uninit-value in gue_err C 4686 352d 406d 352d 26fc181e fou, fou6: do not assume linear skbs
KASAN: use-after-free Read in seccomp_notify_release C 27 356d 405d 352d a811dc61 seccomp: fix UAF in user-trap code
KASAN: use-after-free Read in batadv_interface_tx C 54 379d 417d 352d 9114daa8 batman-adv: Force mac header to start of data on xmit
general protection fault in ip6erspan_set_version C 39 361d 366d 352d efcc9bca net: ip6_gre: fix possible NULL pointer dereference in ip6erspan_set_version
WARNING in __might_sleep (2) C 36 392d 419d 352d fc01d8c6 tty/n_hdlc: fix __might_sleep warning
upstream boot error: can't ssh into the instance (2) 45 389d 390d 352d 947b7ac1 Revert "block: cover another queue enter recursion via BIO_QUEUE_ENTERED"
KASAN: use-after-free Read in xfrm_policy_lookup_bytype 33 387d 427d 352d 12750aba xfrm: policy: fix infinite loop when merging src-nodes
BUG: soft lockup in x25_connect 1 364d 364d 352d 797a22bd net/x25: fix a race in x25_bind()
WARNING in xfrm6_tunnel_net_exit (2) C 48816 361d 643d 352d f75a2804 xfrm: destroy xfrm_state synchronously on net exit path
WARNING in xfrm_policy_inexact_gc_tree 645 387d 438d 352d 12750aba xfrm: policy: fix infinite loop when merging src-nodes
KMSAN: uninit-value in tipc_conn_rcv_sub C 557 353d 648d 352d a88289f4 tipc: fix uninit-value in in tipc_conn_rcv_sub
WARNING: refcount bug in xfrm_policy_bysel_ctx 1 405d 405d 352d 12750aba xfrm: policy: fix infinite loop when merging src-nodes
WARNING: bad unlock balance in rxrpc_recvmsg C 9 378d 382d 352d 6dce3c20 rxrpc: bad unlock balance in rxrpc_recvmsg
KASAN: stack-out-of-bounds Write in page_counter_try_charge 1 401d 401d 352d 44039e00 fou6: Prevent unbounded recursion in GUE error handler
KMSAN: kernel-infoleak in sctp_getsockopt (2) C 16 352d 402d 352d 400b8b9a sctp: allocate sctp_sockaddr_entry with kzalloc
general protection fault in relay_open_buf C 287 385d 386d 352d 2c1cf00e relay: check return of create_buf_file() properly
KASAN: use-after-free Write in __wake_up_common_lock 1 380d 380d 352d bdcc5bc2 mISDN: fix a race in dev_expire_timer()
KMSAN: uninit-value in gue6_err C 8359 352d 406d 352d 26fc181e fou, fou6: do not assume linear skbs
general protection fault in ebitmap_destroy syz 1 407d 407d 352d 5b0e7310 selinux: fix GPF on invalid policy
general protection fault in debugfs_create_files C 111 385d 386d 352d 36991ca6 blk-mq: protect debugfs_create_files() from failures
general protection fault in kvm_ioapic_scan_entry C 148 446d 556d 358d dcbd3e49 KVM: X86: Fix NULL deref in vcpu_scan_ioapic
general protection fault in finish_wait C 22 376d 591d 358d 78abe3d0 net/smc: fix TCP fallback socket release
KASAN: slab-out-of-bounds Write in fpstate_init C 15088 423d 425d 358d ed8e4812 KVM: x86: fix size of x86_fpu_cache objects
KASAN: out-of-bounds Write in tls_push_record C 10 492d 593d 359d d829e9c4 tls: convert to generic sk_msg interface
KASAN: use-after-free Read in tls_tx_records 1 510d 510d 359d d829e9c4 tls: convert to generic sk_msg interface
general protection fault in tls_push_sg 12 501d 611d 359d d829e9c4 tls: convert to generic sk_msg interface
general protection fault in gcmaes_crypt_by_sg 3 494d 502d 359d d829e9c4 tls: convert to generic sk_msg interface
kernel BUG at include/linux/mm.h:LINE! (2) C 1009 359d 622d 359d d829e9c4 tls: convert to generic sk_msg interface
KASAN: use-after-free Write in tls_push_record (2) C 64 487d 589d 359d d829e9c4 tls: convert to generic sk_msg interface
KASAN: use-after-free Read in rdma_resolve_addr 1 513d 512d 365d 5fe23f26 ucma: fix a use-after-free in ucma_resolve_ip()
KASAN: use-after-free Read in cma_acquire_dev 1 595d 594d 365d 5fe23f26 ucma: fix a use-after-free in ucma_resolve_ip()
KASAN: use-after-free Read in wait_for_completion 1 488d 487d 365d 5fe23f26 ucma: fix a use-after-free in ucma_resolve_ip()
KASAN: use-after-free Read in __list_add_valid (5) C 16 690d 697d 365d 5fe23f26 ucma: fix a use-after-free in ucma_resolve_ip()
KASAN: use-after-free Read in bpf_cgroup_storage_release C 2 567d 567d 368d 82c018d7 Merge branch 'bpf-cgroup-local-storage'
KASAN: stack-out-of-bounds Read in rb_erase (4) 1 403d 403d 368d 11789039 fou: Prevent unbounded recursion in GUE error handler
general protection fault in list_lru_count_one C 12 585d 583d 391d 8e04944f mm,vmscan: Allow preallocating memory for register_shrinker().
WARNING in __debug_object_init (3) C 1557 479d 481d 395d 2cb494a3 bpf: add tests for direct packet access from CGROUP_SKB
general protection fault in keyctl_pkey_params_get C 85 415d 474d 401d 57b0e314 KEYS: fix parsing invalid pkey info string 94c13f66 security: don't use a negative Opt_err token index
KASAN: stack-out-of-bounds Read in keyctl_pkey_params_get 2 415d 414d 401d 57b0e314 KEYS: fix parsing invalid pkey info string
general protection fault in encode_rpcb_string C 6 578d 675d 401d 81c88b18 sunrpc: handle ENOMEM in rpcb_getport_async
KMSAN: uninit-value in vti6_tnl_xmit syz 60 406d 429d 401d cb9f1b78 ip: validate header length on virtual device xmit
general protection fault in lo_ioctl (2) syz 2 660d 660d 401d 310ca162 block/loop: Use global lock for ioctl() operation.
inconsistent lock state in nr_find_socket C 19 403d 418d 401d 7314f548 netrom: fix locking in nr_find_socket()
KASAN: invalid-free in x25_asy_free C 67 412d 419d 401d d5c7c745 net/wan: fix a double free in x25_asy_open_tty()
WARNING in kmem_cache_create_usercopy C 10 417d 475d 401d 574d356b 9p/net: put a lower bound on msize
possible deadlock in blkdev_reread_part C 5736 420d 841d 401d 0da03cab loop: Fix deadlock when calling blkdev_reread_part() 85b0a54a loop: Move loop_reread_partitions() out of loop_ctl_mutex
KMSAN: uninit-value in check_6rd C 81 407d 429d 401d cb9f1b78 ip: validate header length on virtual device xmit
WARNING: locking bug in loop_control_ioctl C 4018 441d 468d 401d 628bd859 loop: Fix double mutex_unlock(&loop_ctl_mutex) in loop_control_ioctl()
WARNING: ODEBUG bug in tipc_enable_bearer C 3 421d 425d 401d dc4501ff tipc: fix a double free in tipc_enable_bearer()
kernel BUG at kernel/time/timer.c:LINE! (2) C 5 414d 415d 401d 202700e3 net/hamradio/6pack: use mod_timer() to rearm timers
KASAN: slab-out-of-bounds Read in tun_net_xmit (2) C 10 417d 585d 401d aff6db45 ptr_ring: wrap back ->producer in __ptr_ring_swap_queue()
KASAN: use-after-free Read in nr_rx_frame syz 2 408d 414d 401d 7314f548 netrom: fix locking in nr_find_socket()
possible deadlock in nr_destroy_socket syz 20 404d 414d 401d 7314f548 netrom: fix locking in nr_find_socket()
INFO: task hung in loop_control_ioctl 4 497d 691d 401d 1dded9ac loop: Avoid circular locking dependency between loop_ctl_mutex and bd_mutex
KASAN: use-after-free Read in posix_lock_inode syz 5 414d 414d 401d bf77ae4c locks: fix error in locks_move_blocks()
general protection fault in transparent_hugepage_enabled C 626 415d 423d 401d 7635d9cb mm, thp, proc: report THP eligibility for each vma
KMSAN: kernel-infoleak in capi_unlocked_ioctl C 109 406d 416d 401d d63967e4 isdn: fix kernel-infoleak in capi_unlocked_ioctl
INFO: task hung in lo_open (2) 10 462d 691d 401d 1dded9ac loop: Avoid circular locking dependency between loop_ctl_mutex and bd_mutex
KASAN: user-memory-access Write in n_tty_set_termios C 85 420d 690d 401d 83d817f4 tty: Hold tty_ldisc_lock() during tty_reopen()
KASAN: use-after-free Read in ax25_fillin_cb syz 4 422d 419d 401d c4335704 ax25: fix a use-after-free in ax25_fillin_cb()
INFO: task hung in lo_release 1 583d 582d 401d 1dded9ac loop: Avoid circular locking dependency between loop_ctl_mutex and bd_mutex
KASAN: use-after-free Read in locks_delete_block syz 4 442d 465d 401d 16306a61 fs/locks: always delete_block after waiting.
general protection fault in fdb_find_rcu C 3 422d 418d 401d f989d03e net: rtnetlink: address is mandatory for rtnl_fdb_get
general protection fault in kvm_arch_vcpu_ioctl_run C 12 428d 444d 406d dcbd3e49 KVM: X86: Fix NULL deref in vcpu_scan_ioapic
general protection fault in __vb2_queue_free C 38 422d 478d 406d 62dcb4f4 media: vb2: check memory model for VIDIOC_CREATE_BUFS
WARNING in static_key_enable_cpuslocked 1 452d 452d 406d 9c480601 udp: fix jump label misuse
WARNING in static_key_disable_cpuslocked syz 5 442d 460d 406d 9c480601 udp: fix jump label misuse
BUG: corrupted list in ___neigh_create C 706 435d 438d 406d 8cc196d6 neighbor: gc_list changes should be protected by table lock
WARNING in __rcu_read_unlock C 2 425d 432d 406d 11789039 fou: Prevent unbounded recursion in GUE error handler
KASAN: use-after-free Read in __ipv6_addr_type 1 426d 426d 406d cbb49697 ipv6: tunnels: fix two use-after-free
BUG: corrupted list in neigh_mark_dead C 4117 435d 438d 406d 8cc196d6 neighbor: gc_list changes should be protected by table lock
KMSAN: kernel-infoleak in sctp_getsockopt syz 147 406d 442d 406d 4a2eb0c3 sctp: initialize sin6_flowinfo for ipv6 addrs in sctp_inet6addr_event
KASAN: use-after-free Read in tipc_group_bc_cong C 280 427d 438d 406d 143ece65 tipc: check tsk->group in tipc_wait_for_cond()
KASAN: use-after-free Read in tipc_mcast_xmit syz 7 424d 431d 406d 3c6306d4 tipc: check group dests after tipc_wait_for_cond()
KMSAN: uninit-value in __inet6_bind C 56 407d 437d 406d fb242745 ipv6: explicitly initialize udp6_addr in udp_sock_create6()
INFO: task hung in flush_workqueue C 293 425d 476d 406d 52117be6 media: vim2m: use cancel_delayed_work_sync instead of flush_schedule_work
KASAN: slab-out-of-bounds Read in neigh_mark_dead 12 435d 438d 406d 8cc196d6 neighbor: gc_list changes should be protected by table lock
KASAN: slab-out-of-bounds Read in ___neigh_create 1 438d 438d 406d 8cc196d6 neighbor: gc_list changes should be protected by table lock
KASAN: null-ptr-deref Write in kthread_stop C 2527 422d 479d 406d 701f49bc media: vivid: fix error handling of kthread_run
KASAN: use-after-free Read in kfree_skb (2) C 66 427d 437d 406d acb4a33e tipc: fix a double kfree_skb()
KASAN: use-after-free Read in skcipher_recvmsg 6 452d 476d 406d f7d76e05 crypto: user - fix use_after_free of struct xxx_request
BUG: sleeping function called from invalid context at mm/slab.h:LINE (4) C 36 431d 591d 406d f9c9bdb5 crypto: x86/chacha - avoid sleeping under kernel_fpu_begin()
general protection fault in inet_lhash2_lookup C 1137 429d 432d 406d eedbbb0d net: dccp: initialize (addr,port) listening hashtable
divide error in alarm_forward 1 431d 431d 406d 0e334db6 posix-timers: Fix division by zero bug
KASAN: use-after-free Read in kvm_put_kvm C 143 428d 488d 406d 987d1149 KVM: fix unregistering coalesced mmio zone from wrong bus
general protection fault in inet6_lhash2_lookup C 718 429d 432d 406d eedbbb0d net: dccp: initialize (addr,port) listening hashtable
KASAN: use-after-free Read in neigh_mark_dead C 858 435d 438d 406d 8cc196d6 neighbor: gc_list changes should be protected by table lock
WARNING in rds_message_alloc_sgs C 6 444d 478d 406d ea010070 net/rds: fix warn in rds_message_alloc_sgs
WARNING in vkms_plane_duplicate_state C 108 422d 455d 406d 7cdf33ab drm/vkms: Fix plane duplicate_state
divide error in vivid_vid_cap_s_dv_timings C 108 422d 479d 406d 9729d6d2 media: vivid: set min width/height to a value > 0
KMSAN: uninit-value in packet_sendmsg 5 455d 429d 406d 99137b78 packet: validate address length
KASAN: use-after-free Read in vb2_mmap C 276 422d 478d 406d cd26d1c4 media: vb2: vb2_mmap: move lock up
general protection fault in __ipv6_sock_mc_join C 9 433d 437d 406d fb83ed49 tipc: compare remote and local protocols in tipc_udp_enable()
BUG: pagefault on kernel address ADDR in non-whitelisted uaccess C 17 431d 476d 406d 560ccb75 media: vivid: free bitmap_cap when updating std/timings/etc.
KASAN: global-out-of-bounds Read in tpg_print_str_4 C 52 444d 469d 406d e5f71a27 media: v4l2-tpg: array index could become negative
KASAN: use-after-free Read in ___neigh_create C 164 435d 438d 406d 8cc196d6 neighbor: gc_list changes should be protected by table lock
net build error 2 515d 516d 416d 16fdf8ba rds: Fix build regression.
WARNING in fuse_destroy_inode C 7 460d 461d 420d 4fc4bb79 fuse: Add bad inode check in fuse_destroy_inode()
WARNING in userfaultfd_ioctl C 11 434d 444d 420d 01e881f5 userfaultfd: check VM_MAYWRITE was set after verifying the uffd is registered
KASAN: use-after-free Read in sctp_hash_transport 1 460d 459d 429d fb6df5a6 sctp: kfree_rcu asoc
KASAN: use-after-free Read in vhost_transport_send_pkt syz 36 444d 570d 429d 834e772c vhost/vsock: fix use-after-free in network stack callers
KASAN: use-after-free Read in delayed_uprobe_remove C 2 473d 476d 429d 1aed58e6 Uprobes: Fix kernel oops with delayed_uprobe_remove()
KMSAN: kernel-infoleak in _copy_to_iter (4) C 56 444d 448d 429d 68883893 rtnetlink: ndo_dflt_fdb_dump() only work for ARPHRD_ETHER devices
KASAN: invalid-free in hub_event 1 452d 451d 429d d81bb019 USB: Fix invalid-free bug in port_over_current_notify()
KASAN: use-after-free Read in sctp_epaddr_lookup_transport syz 5 460d 461d 429d fb6df5a6 sctp: kfree_rcu asoc
KASAN: use-after-free Read in vhost_work_queue syz 30 442d 541d 429d 834e772c vhost/vsock: fix use-after-free in network stack callers
KASAN: use-after-free Read in vhost_transport_cancel_pkt syz 17 468d 513d 429d 834e772c vhost/vsock: fix use-after-free in network stack callers
WARNING in alloc_pages_vma C 98 438d 441d 429d 356ff8a9 Revert "mm, thp: consolidate THP gfp handling into alloc_hugepage_direct_gfpmask"
KASAN: use-after-free Read in snd_ctl_elem_add 1 463d 462d 432d e1a7bfe3 ALSA: control: Fix race between adding and removing a user element
WARNING in cttimeout_default_get C 44 441d 461d 441d 89259088 netfilter: nfnetlink_cttimeout: fetch timeouts for udplite and gre, too
WARNING in format_decode (2) C 16 460d 542d 441d 1efb6ee3 bpf: fix check of allowed specifiers in bpf_trace_printk
KMSAN: uninit-value in linear_transfer (2) C 7 446d 469d 441d 65766ee0 ALSA: oss: Use kvzalloc() for local buffer allocations
KASAN: use-after-free Read in nbp_vlan_rcu_free 1 466d 466d 441d 9d332e69 net: bridge: fix vlan stats use-after-free on destruction
KMSAN: kernel-infoleak in kvm_write_guest_page C 36 443d 470d 441d bcbfbd8e KVM: x86: Fix kernel info-leak in KVM_HC_CLOCK_PAIRING hypercall
BUG: GPF in non-whitelisted uaccess (non-canonical address?) C 10 459d 466d 441d 8c01db76 HID: uhid: forbid UHID_CREATE under KERNEL_DS or elevated privileges
KASAN: slab-out-of-bounds Write in queue_stack_map_push_elem C 30 450d 452d 441d 813961de bpf: fix integer overflow in queue_stack_map
WARNING in bpf_check (2) C 9 463d 463d 441d afd59424 bpf: fix off-by-one error in adjust_subprog_starts
INFO: task hung in fuse_sb_destroy C 2 476d 476d 441d 7fabaf30 fuse: fix leaked notify reply
KMSAN: kernel-infoleak in kvm_arch_vcpu_ioctl C 31 446d 461d 441d 7f9ad1df KVM: nVMX: Fix kernel info-leak when enabling KVM_CAP_HYPERV_ENLIGHTENED_VMCS more than once
general protection fault in icmp_timeout_obj_to_nlattr C 13 473d 477d 465d 8866df92 netfilter: nfnetlink_cttimeout: pass default timeout policy to obj_to_nlattr
general protection fault in addr_resolve C 32 501d 518d 465d fe33507e RDMA/core: Check error status of rdma_find_ndev_for_src_ip_rcu
KMSAN: uninit-value in synaptics_detect C 137 465d 518d 465d f39f8688 Input: synaptics - avoid using uninitialized variable when probing
BUG: unable to handle kernel NULL pointer dereference in sha256_mb_mgr_get_comp_job_avx2 1 499d 499d 465d ab8085c1 crypto: x86 - remove SHA multibuffer routines and mcryptd
KMSAN: uninit-value in dev_mc_add_excl C 13 470d 482d 465d da715775 rtnetlink: Disallow FDB configuration for non-Ethernet device
KASAN: stack-out-of-bounds Read in __aa_lookupn_ns C 52 481d 513d 465d 250f2da4 apparmor: Fix uninitialized value in aa_split_fqname
KASAN: slab-out-of-bounds Read in sctp_getsockopt C 9 483d 482d 465d 71335836 sctp: check policy more carefully when getting pr status
WARNING in __put_task_struct (2) C 17 492d 500d 465d fe9bc164 RDMA/restrack: Protect from reentry to resource return path
KASAN: invalid-free in p9stat_free C 3 543d 543d 465d 62e39417 9p: clear dangling pointers in p9stat_free 81c99089 v9fs_dir_readdir: fix double-free on p9stat_read error
possible deadlock in ovl_copy_up_start 2 483d 491d 465d 6cd07870 ovl: fix recursive oi->lock in ovl_link()
KASAN: use-after-free Read in sha_complete_job 1 504d 503d 465d ab8085c1 crypto: x86 - remove SHA multibuffer routines and mcryptd
BUG: corrupted list in cpu_stop_queue_work C 24 584d 593d 465d 552446a4 shmem: Convert shmem_add_to_page_cache to XArray
KMSAN: uninit-value in dev_uc_add_excl C 20 476d 518d 465d da715775 rtnetlink: Disallow FDB configuration for non-Ethernet device
general protection fault in rb_erase C 79836 472d 513d 465d 18aded17 ext4: fix EXT4_IOC_SWAP_BOOT
KASAN: use-after-free Read in tcf_block_find C 27 506d 512d 465d 460b3601 net_sched: fix a crash in tc_new_tfilter()
KASAN: use-after-free Read in seq_escape 1 508d 508d 465d 33458eab ext4: fix use-after-free race in ext4_remount()'s error path
KASAN: use-after-free Read in _copy_from_iter C 12 569d 581d 465d 728356de 9p: Add refcount to p9_req_t
KASAN: use-after-free Read in gfs2_log_flush syz 14 486d 527d 465d 4c62bd9c gfs2: Don't leave s_fs_info pointing to freed memory in init_sbd
general protection fault in getname_kernel C 10 493d 501d 465d 3df629d8 gfs2_meta: ->mount() can get NULL dev_name
kernel BUG at arch/x86/mm/physaddr.c:LINE! C 10 466d 498d 465d babf4770 ovl: fix error handling in ovl_verify_set_fh()
general protection fault in __skb_flow_dissect (2) C 11 513d 521d 465d d0e13a14 flow_dissector: lookup netns by skb->sk if skb->dev is NULL
general protection fault in ctnetlink_alloc_filter C 80 515d 518d 465d 9306425b netfilter: ctnetlink: must check mark attributes vs NULL
WARNING: kmalloc bug in krealloc C 2 585d 585d 465d 61448479 mm: don't warn about large allocations for slab
KASAN: slab-out-of-bounds Read in refcount_inc_not_zero_checked 2 491d 491d 465d 5032d079 bpf: skmsg, fix psock create on existing kcm/tls port
WARNING: kmalloc bug in __v9fs_get_acl C 212 483d 590d 465d 61448479 mm: don't warn about large allocations for slab
BUG: unable to handle kernel NULL pointer dereference in blk_mq_map_swqueue C 8 492d 512d 465d e01ad46d blk-mq: fallback to previous nr_hw_queues when updating fails
KASAN: use-after-free Write in jbd2_log_do_checkpoint 1 527d 521d 465d ccd3c437 jbd2: fix use after free in jbd2_log_do_checkpoint()
WARNING: kmalloc bug in str_read C 11 487d 531d 465d 4458bba0 selinux: Add __GFP_NOWARN to allocation at str_read()
KASAN: use-after-free Read in __dev_queue_xmit (3) 11 508d 511d 465d 460b3601 net_sched: fix a crash in tc_new_tfilter()
KMSAN: uninit-value in ip_tunnel_lookup (2) C 2 483d 483d 465d b0350d51 ip_gre: fix parsing gre header in ipgre_err
KASAN: use-after-free Read in sha512_ctx_mgr_resubmit C 4 504d 554d 465d ab8085c1 crypto: x86 - remove SHA multibuffer routines and mcryptd
kernel BUG at mm/shmem.c:LINE! C 30 592d 594d 465d 552446a4 shmem: Convert shmem_add_to_page_cache to XArray
KASAN: null-ptr-deref Read in refcount_sub_and_test_checked C 31 473d 504d 465d fda21d46 ipv6: do not leave garbage in rt->fib6_metrics
WARNING in tcp_cleanup_ulp syz 16 492d 492d 465d aadd4355 tcp, ulp: remove socket lock assertion on ULP cleanup
KASAN: use-after-free Read in sctp_outq_select_transport 1 486d 485d 465d df132eff sctp: clear the transport of some out_chunk_list chunks in sctp_assoc_rm_peer
WARNING: kmalloc bug in input_mt_init_slots C 54 483d 517d 465d 61448479 mm: don't warn about large allocations for slab
general protection fault in dev_gro_receive (2) syz 4 490d 497d 465d ece23711 net: Properly unlink GRO packets on overflow.
upstream boot error (2) 1 478d 478d 465d 153fcd5f block: brd: associate with queue until adding disk
WARNING: kmalloc bug in get_valid_checkpoint syz 2 651d 651d 465d 61448479 mm: don't warn about large allocations for slab
WARNING in tcp_close syz 284 486d 586d 465d 8873c064 tcp: do not release socket ownership in tcp_close()
BUG: corrupted list in p9_read_work syz 23 473d 585d 465d e4ca13f7 9p/trans_fd: abort p9_read_work if req status changed
general protection fault in netdev_master_upper_dev_get 1 483d 483d 465d aab456df net/neigh: fix NULL deref in pneigh_dump_table()
KASAN: use-after-free Read in kfree_skb 1 487d 487d 465d 604d415e llc: do not use sk_eat_skb()
KASAN: use-after-free Read in fuse_dev_do_read syz 19 478d 526d 465d bc78abbd fuse: Fix use-after-free in fuse_dev_do_read()
WARNING: kmalloc bug in vfs_getxattr_alloc C 9 540d 583d 465d 61448479 mm: don't warn about large allocations for slab
BUG: unable to handle kernel NULL pointer dereference in sha1_mb_mgr_get_comp_job_avx2 1 512d 512d 465d ab8085c1 crypto: x86 - remove SHA multibuffer routines and mcryptd
WARNING: kmalloc bug in bfs_fill_super C 147 648d 692d 465d 9f2df09a bfs: add sanity check at bfs_fill_super()
INFO: task hung in ext4_fallocate C 1 508d 507d 465d f18b2b83 ext4: fix argument checking in EXT4_IOC_MOVE_EXT
WARNING: refcount bug in qdisc_put 5 508d 509d 465d 460b3601 net_sched: fix a crash in tc_new_tfilter()
KMSAN: uninit-value in vcs_read C 2343 622d 646d 469d 21eff69a vt: prevent leaking uninitialized data to userspace via /dev/vcs*
kernel BUG at include/linux/skbuff.h:LINE! 3 578d 586d 478d bab2c80e nsh: set mac len based on inner packet
KASAN: use-after-free Read in sctp_id2assoc 1 505d 505d 479d b336deca sctp: fix race on sctp_id2asoc
WARNING in usb_submit_urb (3) C 58 480d 496d 479d 665c365a USB: fix the usbfs flag sanitization for control transfers
KMSAN: kernel-infoleak in _copy_to_iter (3) C 36 479d 490d 479d b06f9d9f tipc: fix info leak from kernel tipc_event
KASAN: use-after-free Read in inet6_mc_check 1 496d 496d 479d dc012f36 ipv6: mcast: fix a use-after-free in inet6_mc_check
KASAN: slab-out-of-bounds Read in fscache_alloc_cookie C 1936 490d 592d 479d 1ff22883 fscache: Fix incomplete initialisation of inline key space fa520c47 fscache: Fix out of bound read in long cookie keys
KASAN: use-after-free Read in __llc_lookup_established 1 499d 498d 479d 5a8e7aea llc: set SOCK_RCU_FREE in llc_sap_add_socket()
KASAN: slab-out-of-bounds Read in vhci_hub_control C 43 489d 534d 479d 81f7567c usb: usbip: Fix BUG: KASAN: slab-out-of-bounds in vhci_hub_control()
BUG: sleeping function called from invalid context at net/core/dev.c:LINE syz 8 492d 500d 479d cee27167 xsk: do not call synchronize_net() under RCU read lock
KASAN: slab-out-of-bounds Read in _decode_session6 C 35 479d 537d 479d 9f7e43da net/xfrm: fix out-of-bounds packet access
INFO: rcu detected stall in mousedev_write 18 532d 546d 490d f74c371f Input: mousedev - add a schedule point in mousedev_write()
kernel BUG at net/core/dev.c:LINE! (2) syz 2 499d 499d 490d 52b5d6f5 net: make skb_partial_csum_set() more robust against overflows
KASAN: use-after-free Read in finish_task_switch C 3047 515d 559d 493d 26b471c7 KVM: nVMX: Fix bad cleanup on error of get/set nested state IOCTLs
WARNING in __skb_flow_dissect syz 3 498d 499d 497d af3fb24e tun: napi flags belong to tfile
general protection fault in dev_gro_receive syz 8 499d 511d 497d af3fb24e tun: napi flags belong to tfile
possible deadlock in flush_workqueue C 73762 504d 547d 497d d4859d74 net-backports: bonding: avoid possible dead-lock
KASAN: use-after-free Read in rawv6_sendmsg C 84 499d 531d 497d a688caa3 net-backports: ipv6: take rcu lock in rawv6_send_hdrinc()
possible deadlock in rtnetlink_rcv_msg 1 521d 521d 497d d4859d74 net-backports: bonding: avoid possible dead-lock
KASAN: slab-out-of-bounds Read in string (2) 14 504d 510d 497d 601350ff ovl: fix access beyond unterminated strings
WARNING in pcpu_alloc C 4 499d 507d 497d b0584ea6 bpf: don't accept cgroup local storage with zero value size
KASAN: use-after-free Write in ucma_put_ctx syz 11 513d 532d 497d 5fe23f26 ucma: fix a use-after-free in ucma_resolve_ip()
general protection fault in usb_find_alt_setting (2) C 53 513d 535d 497d c9a4cb20 USB: handle NULL config in usb_find_alt_setting()
INFO: trying to register non-static key in tun_chr_write_iter 14 499d 510d 497d c7256f57 tun: initialize napi_mutex unconditionally
WARNING in rollback_registered_many 1 509d 509d 497d 0e1d6eca rtnl: limit IFLA_NUM_TX_QUEUES and IFLA_NUM_RX_QUEUES to 4096
KASAN: use-after-free Read in ip_cmsg_recv_offset C 9 507d 509d 497d 64199fc0 net-backports: ipv4: fix use-after-free in ip_cmsg_recv_dstaddr()
possible deadlock in team_vlan_rx_add_vid syz 5 527d 561d 497d 471b83bd team: Forbid enslaving team device to itself
general protection fault in ubifs_mount C 216 518d 535d 497d 37f31b6c ubifs: Check for name being NULL while mounting
KMSAN: uninit-value in ip6_tnl_start_xmit C 69 511d 521d 497d 76c0ddd8 ip6_tunnel: be careful when accessing the inner header
KASAN: use-after-free Read in destroy_async_on_interface C 134 513d 535d 497d bd729f9d USB: fix error handling in usb_driver_claim_interface()
WARNING in usb_submit_urb (2) C 259 497d 535d 497d 7a68d9fb USB: usbdevfs: sanitize flags more
INFO: task hung in unregister_netdevice_notifier (2) 1 507d 507d 497d 0e1d6eca rtnl: limit IFLA_NUM_TX_QUEUES and IFLA_NUM_RX_QUEUES to 4096
KASAN: use-after-free Read in cma_bind_port syz 2 527d 532d 497d 5fe23f26 ucma: fix a use-after-free in ucma_resolve_ip()
KMSAN: uninit-value in pppoe_rcv C 2 657d 526d 497d 8540827e pppoe: fix reception of frames with no mac header
INFO: task hung in rollback_registered_many 4 501d 508d 497d 0e1d6eca rtnl: limit IFLA_NUM_TX_QUEUES and IFLA_NUM_RX_QUEUES to 4096
WARNING: suspicious RCU usage in inet_csk_route_req C 43 505d 739d 497d 1ad98e9d tcp/dccp: fix lockdep issue when SYN is backlogged
KMSAN: kernel-infoleak in _copy_to_iter (2) C 7 506d 533d 500d 45c180bc xfrm_user: prevent leaking 2 bytes of kernel memory
general protection fault in rhashtable_walk_start_check C 112 526d 537d 512d 8f5c5fcf tipc: call start and done ops directly in __tipc_nl_compat_dumpit()
WARNING in try_charge syz 649 512d 565d 512d 3100dab2 mm: memcontrol: print proper OOM header when no eligible victim left
divide error in nbd_ioctl C 50 527d 535d 512d bc811f05 nbd: don't allow invalid blocksize settings
WARNING in apparmor_secid_to_secctx C 3344 525d 540d 512d edf4e7b7 apparmor: fix bad debug check in apparmor_secid_to_secctx()
KASAN: use-after-free Read in ceph_destroy_options 1 547d 546d 512d 8aaff151 ceph: avoid a use-after-free in ceph_destroy_options()
general protection fault in ovl_free_fs C 4 529d 532d 512d 8c25741a ovl: fix oopses in ovl_fill_super() failure paths
KMSAN: uninit-value in snd_midi_event_encode_byte C 3 536d 536d 512d 5a7b44a8 ALSA: rawmidi: Initialize allocated buffers
KASAN: use-after-free Read in __rhashtable_lookup (2) C 22 526d 546d 512d cc4dfb7f rds: fix two RCU related problems
general protection fault in rhashtable_walk_exit C 8 526d 529d 512d 12a78b02 tipc: check return value of __tipc_dump_start()
KASAN: use-after-free Read in sock_i_ino syz 127 525d 535d 512d 0a3b8b2b tipc: orphan sock in tipc_release()
BUG: unable to handle kernel paging request in kfree (2) C 297 540d 592d 515d 7913690d net/9p/client.c: version pointer uninitialized
KMSAN: uninit-value in memcmp (2) C 131 526d 517d 515d 77d36398 net: fix uninit-value in __hw_addr_add_ex()
KASAN: use-after-free Write in ip6_dst_destroy 1 593d 593d 525d e873e4b9 ipv6: use fib6_info_hold_safe() when necessary
KASAN: stack-out-of-bounds Read in fib_table_lookup 1 585d 585d 527d 99ba2b5a bpf: sockhash, disallow bpf_tcp_close and update in parallel
WARNING in wiphy_register (2) C 8 553d 554d 528d 48400433 mac80211_hwsim: require at least one channel
KASAN: use-after-free Read in tipc_group_fill_sock_diag syz 35 533d 551d 528d 9a07efa9 tipc: switch to rhashtable iterator
KASAN: global-out-of-bounds Read in ip6_xmit 2 708d 709d 528d b954f940 l2tp: fix races with ipv4-mapped ipv6 addresses
WARNING in __fsnotify_recalc_mask syz 9 550d 551d 528d d3bc0fa8 fsnotify: fix false positive warning on inode delete
KASAN: use-after-free Read in sctp_transport_get_next C 6 543d 546d 528d bab1be79 sctp: hold transport before accessing its asoc in sctp_transport_get_next
KASAN: stack-out-of-bounds Read in __schedule syz 4 539d 541d 528d b845c898 bpf, sockmap: fix sock_hash_alloc and reject zero-sized keys
BUG: soft lockup in shrink_dcache_parent (2) 7 620d 627d 528d 4fb48871 restore cond_resched() in shrink_dcache_parent()
INFO: task hung in fsnotify_mark_destroy_workfn syz 13 560d 674d 531d 128f3804 android: binder: Rate-limit debug and userspace triggered err msgs
KASAN: use-after-free Read in ip6_tnl_start_xmit 1 660d 660d 532d b84bbaf7 packet: in packet_snd start writing at link layer allocation
INFO: rcu detected stall in snd_pcm_oss_prepare 4 681d 683d 533d e15dc99d ALSA: pcm: Fix endless loop for XRUN recovery in OSS emulation
WARNING in up_write C 725 641d 689d 533d d7d760ef locking/rwsem: Add a new RWSEM_ANONYMOUSLY_OWNED flag
BUG: soft lockup in d_walk C 163 619d 665d 533d 4fb48871 restore cond_resched() in shrink_dcache_parent()
general protection fault in vsscanf C 7 560d 590d 535d 10aa1452 9p: fix multiple NULL-pointer-dereferences
net-next boot error 66 569d 574d 541d ca9e83b4 virtio-net: correctly update XDP_TX counters
WARNING in input_alloc_absinfo C 318 544d 616d 541d 100294ce Input: do not use WARN() in input_alloc_absinfo()
KASAN: use-after-free Read in ip6_hold_safe C 1 567d 567d 541d 6d37fa49 l2tp: use sk_dst_check() to avoid race on sk->sk_dst_cache
KASAN: use-after-free Read in iotlb_access_ok 1 567d 562d 541d b13f9c63 vhost: reset metadata cache when initializing new IOTLB
general protection fault in process_init_reply C 24 548d 583d 541d e8f3bd77 fuse: Fix oops at process_init_reply()
WARNING: suspicious RCU usage in bpf_prog_array_copy_core C 22873 542d 555d 541d 965931e3 bpf: fix a rcu usage warning in bpf_prog_array_copy_core()
WARNING: lock held when returning to user space in fuse_lock_inode C 1439 547d 588d 541d 63576c13 fuse: fix initial parallel dirops
WARNING: refcount bug in llc_sap_find C 18 560d 562d 541d 0dcb8225 llc: use refcount_inc_not_zero() for llc_sap_find()
possible deadlock in rhashtable_lookup_insert_fast C 28 553d 556d 541d ff93bca7 ila: make lockdep happy again
KASAN: slab-out-of-bounds Write in crypto_dh_encode_key C 1401 563d 591d 541d 35f7d522 crypto: dh - fix calculating encoded key size
KASAN: slab-out-of-bounds Read in _autofs_dev_ioctl C 5 554d 555d 541d 0633da48 autofs: fix autofs_sbi() does not check super block type
KASAN: use-after-free Write in ip6_hold_safe C 25 565d 576d 541d 6d37fa49 l2tp: use sk_dst_check() to avoid race on sk->sk_dst_cache
general protection fault in validate_checkpoint 186 568d 568d 541d d3f07c04 f2fs: fix invalid memory access
BUG: soft lockup in snd_virmidi_output_trigger 3 581d 683d 541d 50e9ffb1 ALSA: virmidi: Fix too long output trigger loop
general protection fault in send_sigurg_to_task C 6 553d 556d 541d 84fe4cc0 signal: Don't send signals to tasks that don't exist
KASAN: slab-out-of-bounds Write in eth_header_parse C 7 560d 573d 541d 4576cd46 packet: refine ring v3 block size test to hold one frame
WARNING in __snd_rawmidi_transmit_ack (2) C 6 548d 555d 541d 82fd4b05 ALSA: seq: virmidi: Fix discarding the unsubscribed output
general protection fault in send_sigio_to_task C 176 553d 556d 541d 84fe4cc0 signal: Don't send signals to tasks that don't exist
KASAN: use-after-free Read in do_shrink_slab 9 547d 551d 541d 8df4a44c mm: check shrinker is memcg-aware in register_shrinker_prepared()
KMSAN: uninit-value in do_msgrcv C 8 541d 618d 541d 39cfffd7 ipc/util.c: use ipc_rcu_putref() for failues in ipc_addid() 615c999c ipc: compute kern_ipc_perm.id under the ipc lock e2652ae6 ipc: reorganize initialization of kern_ipc_perm.seq
WARNING: ODEBUG bug in vsock_stream_connect C 42 561d 570d 541d 455f05ec vsock: split dwork to avoid reinitializations
KASAN: slab-out-of-bounds Read in pdu_read C 267 557d 592d 541d f984579a 9p: validate PDU length 7913690d net/9p/client.c: version pointer uninitialized
WARNING in close_fs_devices C 137 582d 625d 541d 81ffd56b btrfs: fix mount and ioctl device scan ioctl race
general protection fault in string (2) 1 567d 567d 541d a6bcfc89 net: check extack._msg before print
general protection fault in p9_fd_create_unix C 4 587d 591d 541d 10aa1452 9p: fix multiple NULL-pointer-dereferences
general protection fault in mount_fs C 1 687d 687d 541d 7464726c hfsplus: don't return 0 when fill_super() failed
general protection fault in open_fs_devices C 8 593d 624d 541d 81ffd56b btrfs: fix mount and ioctl device scan ioctl race
general protection fault in smc_ioctl (3) C 15 560d 562d 541d 7311d665 net/smc: move sock lock in smc_ioctl()
KASAN: slab-out-of-bounds Write in vmac_final C 2 618d 614d 541d bb296481 crypto: vmac - separate tfm and request context
BUG: corrupted list in p9_fd_cancel C 34 577d 591d 541d 9f476d7c net/9p/trans_fd.c: fix race by holding the lock
general protection fault in smc_tx_prepared_sends C 7 566d 567d 541d 7311d665 net/smc: move sock lock in smc_ioctl()
KASAN: use-after-free Read in p9_poll_workfn C 148 552d 591d 541d 430ac66e net/9p/trans_fd.c: fix race-condition by flushing workqueue before the kfree()
WARNING: bad usercopy in __kvm_write_guest_page C 4 642d 635d 545d 0a06d425 KVM: vmx: use local variable for current_vmptr when emulating VMPTRST
WARNING in refcount_inc (3) C 7 690d 691d 545d 8e04944f mm,vmscan: Allow preallocating memory for register_shrinker().
KASAN: use-after-free Write in irq_bypass_register_consumer C 1632 582d 843d 545d b5020a8e KVM/Eventfd: Avoid crash when assign and deassign specific eventfd in parallel.
KASAN: slab-out-of-bounds Write in process_preds C 6020 604d 680d 545d 70303420 tracing: Check for no filter when processing event filters
kernel BUG at net/ipv6/route.c:LINE! C 197 564d 586d 561d e873e4b9 ipv6: use fib6_info_hold_safe() when necessary
possible deadlock in bond_get_stats C 11 567d 571d 561d 7e2556e4 bonding: avoid lockdep confusion in bond_get_stats()
kernel BUG at mm/memory.c:LINE! 1 593d 592d 561d bfd40eaf mm: fix vma_is_anonymous() false-positives
WARNING in __ip6_make_skb C 1 586d 586d 561d e873e4b9 ipv6: use fib6_info_hold_safe() when necessary
general protection fault in tcp_gso_segment 1 586d 586d 561d ff907a11 net: skb_segment() should not return NULL
KASAN: use-after-free Read in refcount_sub_and_test_checked 3 567d 568d 561d e6aed040 Revert "net/ipv6: fix metrics leak"
WARNING in ip6_sk_dst_lookup_flow C 2 567d 584d 561d e873e4b9 ipv6: use fib6_info_hold_safe() when necessary
KMSAN: uninit-value in __nf_conntrack_find_get C 67 577d 583d 561d 6613b617 netfilter: conntrack: dccp: treat SYNC/SYNCACK as invalid if no prior state
KASAN: invalid-free in fat_fill_super 1 590d 589d 561d 35033ab9 fat: fix memory allocation failure handling of match_strdup()
WARNING in ip6_setup_cork C 4 566d 586d 561d e873e4b9 ipv6: use fib6_info_hold_safe() when necessary
KMSAN: kernel-infoleak in put_cmsg C 3 594d 583d 561d 2efd4fca ip: in cmsg IP(V6)_ORIGDSTADDR call pskb_may_pull
BUG: unable to handle kernel paging request in neigh_update 1 580d 580d 561d e873e4b9 ipv6: use fib6_info_hold_safe() when necessary
KMSAN: uninit-value in gc_worker 10 577d 589d 561d 6613b617 netfilter: conntrack: dccp: treat SYNC/SYNCACK as invalid if no prior state
kernel BUG at fs/userfaultfd.c:LINE! (2) C 8 567d 585d 561d 31e810aa userfaultfd: remove uffd flags from vma->vm_flags if UFFD_EVENT_FORK fails
KASAN: use-after-free Write in dst_release (2) C 3 567d 568d 561d e6aed040 Revert "net/ipv6: fix metrics leak"
KMSAN: kernel-infoleak in _copy_to_iter C 285 577d 612d 561d 45c180bc xfrm_user: prevent leaking 2 bytes of kernel memory
general protection fault in __delayacct_blkio_end C 50 577d 672d 561d b512719f delayacct: fix crash in delayacct_blkio_end() after delayacct init failure
unregister_netdevice: waiting for DEV to become free C 170521 561d 672d 561d 8cc88773 xfrm: fix missing dst_release() after policy blocking lbcast and multicast
general protection fault in rds_ib_get_mr C 9 602d 701d 561d 9e630bcb RDS: RDMA: Fix the NULL-ptr deref in rds_ib_get_mr
KASAN: out-of-bounds Read in bpf_test_finish 9 585d 591d 562d 6e6fddc7 bpf: fix panic due to oob in bpf_prog_test_run_skb
KASAN: slab-out-of-bounds Read in ipv6_gso_pull_exthdrs C 4 600d 616d 562d bab2c80e nsh: set mac len based on inner packet
KASAN: stack-out-of-bounds Read in __d_lookup_rcu 1 581d 581d 562d 99ba2b5a bpf: sockhash, disallow bpf_tcp_close and update in parallel
WARNING: refcount bug in smap_release_sock C 55 579d 617d 562d 7ebc14d5 bpf: sockmap, consume_skb in close path 547b3aa4 bpf: sockmap, error path can not release psock in multi-map case
KASAN: stack-out-of-bounds Read in __handle_mm_fault (2) C 3 580d 582d 562d 99ba2b5a bpf: sockhash, disallow bpf_tcp_close and update in parallel
KASAN: stack-out-of-bounds Read in vma_interval_tree_insert (2) 1 577d 577d 562d 99ba2b5a bpf: sockhash, disallow bpf_tcp_close and update in parallel
KASAN: stack-out-of-bounds Read in kernfs_find_ns 1 582d 582d 562d 99ba2b5a bpf: sockhash, disallow bpf_tcp_close and update in parallel
WARNING in __snd_rawmidi_transmit_ack syz 2 585d 585d 562d 39675f7a ALSA: rawmidi: Change resized buffers atomically
KASAN: stack-out-of-bounds Read in rb_next (2) 1 582d 582d 562d 99ba2b5a bpf: sockhash, disallow bpf_tcp_close and update in parallel
general protection fault in scheduler_tick C 1 592d 592d 562d 99ba2b5a bpf: sockhash, disallow bpf_tcp_close and update in parallel
KASAN: stack-out-of-bounds Read in neigh_flush_dev 1 587d 585d 562d 99ba2b5a bpf: sockhash, disallow bpf_tcp_close and update in parallel
KASAN: stack-out-of-bounds Read in copy_page_range 1 582d 582d 562d 99ba2b5a bpf: sockhash, disallow bpf_tcp_close and update in parallel
KASAN: stack-out-of-bounds Read in __cgroup_account_cputime_field 1 582d 582d 562d 99ba2b5a bpf: sockhash, disallow bpf_tcp_close and update in parallel
KASAN: stack-out-of-bounds Read in debug_check_no_obj_freed (5) 4 578d 584d 562d 99ba2b5a bpf: sockhash, disallow bpf_tcp_close and update in parallel
KASAN: stack-out-of-bounds Read in unmap_page_range (3) 1 578d 578d 562d 99ba2b5a bpf: sockhash, disallow bpf_tcp_close and update in parallel
general protection fault in cpuacct_account_field (2) 1 580d 579d 562d 99ba2b5a bpf: sockhash, disallow bpf_tcp_close and update in parallel
KASAN: stack-out-of-bounds Read in lock_sock_nested 1 585d 585d 562d 99ba2b5a bpf: sockhash, disallow bpf_tcp_close and update in parallel
KASAN: stack-out-of-bounds Read in netlink_has_listeners 1 584d 584d 562d 99ba2b5a bpf: sockhash, disallow bpf_tcp_close and update in parallel
BUG: unable to handle kernel NULL pointer dereference in corrupted (2) C 1 583d 583d 562d 99ba2b5a bpf: sockhash, disallow bpf_tcp_close and update in parallel
KASAN: slab-out-of-bounds Read in corrupted C 1 583d 583d 562d 99ba2b5a bpf: sockhash, disallow bpf_tcp_close and update in parallel
general protection fault in cpuacct_charge 1 577d 577d 562d 99ba2b5a bpf: sockhash, disallow bpf_tcp_close and update in parallel
KASAN: stack-out-of-bounds Read in bpf_tcp_close C 1 582d 582d 562d 99ba2b5a bpf: sockhash, disallow bpf_tcp_close and update in parallel
KASAN: stack-out-of-bounds Read in update_blocked_averages 1 588d 587d 562d 99ba2b5a bpf: sockhash, disallow bpf_tcp_close and update in parallel
KMSAN: uninit-value in af_alg_free_areq_sgls C 640 576d 684d 562d 2546da99 crypto: af_alg - Initialize sg_num_bytes in error code path
WARNING in bpf_check 3 582d 589d 562d c7a89784 bpf: don't leave partial mangled prog in jit_subprogs error path
KASAN: stack-out-of-bounds Read in __enqueue_entity 1 586d 586d 562d 99ba2b5a bpf: sockhash, disallow bpf_tcp_close and update in parallel
KASAN: stack-out-of-bounds Read in account_system_index_time C 2 585d 592d 562d 99ba2b5a bpf: sockhash, disallow bpf_tcp_close and update in parallel
WARNING in sctp_assoc_update_frag_point 5 583d 605d 562d a6592547 sctp: fix the issue that pathmtu may be set lower than MINSEGMENT
kernel BUG at mm/slab.c:LINE! (2) C 701 577d 592d 562d 6e6fddc7 bpf: fix panic due to oob in bpf_prog_test_run_skb
KASAN: stack-out-of-bounds Read in __task_pid_nr_ns 1 591d 591d 562d 99ba2b5a bpf: sockhash, disallow bpf_tcp_close and update in parallel
KASAN: stack-out-of-bounds Read in locks_remove_posix C 1 580d 579d 562d 99ba2b5a bpf: sockhash, disallow bpf_tcp_close and update in parallel
KASAN: stack-out-of-bounds Read in get_mem_cgroup_from_mm 1 590d 590d 562d 99ba2b5a bpf: sockhash, disallow bpf_tcp_close and update in parallel
KASAN: stack-out-of-bounds Read in change_protection 1 584d 584d 562d 99ba2b5a bpf: sockhash, disallow bpf_tcp_close and update in parallel
WARNING in do_debug (2) 1 583d 583d 562d 99ba2b5a bpf: sockhash, disallow bpf_tcp_close and update in parallel
KASAN: stack-out-of-bounds Read in __delayacct_add_tsk 1 589d 589d 562d 99ba2b5a bpf: sockhash, disallow bpf_tcp_close and update in parallel
general protection fault in __sock_release 1 581d 581d 562d 99ba2b5a bpf: sockhash, disallow bpf_tcp_close and update in parallel
KASAN: stack-out-of-bounds Read in add_wait_queue C 1 592d 592d 562d 99ba2b5a bpf: sockhash, disallow bpf_tcp_close and update in parallel
KASAN: stack-out-of-bounds Read in ext4_symlink 1 585d 585d 562d 99ba2b5a bpf: sockhash, disallow bpf_tcp_close and update in parallel
INFO: rcu detected stall in vprintk_emit syz 2 599d 605d 562d 3bc53be9 net/nfc: Avoid stalls when nfc_alloc_send_skb() returned NULL.
WARNING: refcount bug in smc_tcp_listen_work 1 624d 624d 562d e1bbdd57 net/smc: reduce sock_put() for fallback sockets
WARNING in set_precision C 140 581d 622d 562d c604cb76 KEYS: DNS: fix parsing multiple options
BUG: unable to handle kernel paging request in cpuacct_charge syz 2 584d 584d 562d 99ba2b5a bpf: sockhash, disallow bpf_tcp_close and update in parallel
KASAN: stack-out-of-bounds Read in __acct_update_integrals 2 580d 588d 562d 99ba2b5a bpf: sockhash, disallow bpf_tcp_close and update in parallel
KASAN: use-after-free Read in ipv6_gso_pull_exthdrs C 5 580d 612d 562d bab2c80e nsh: set mac len based on inner packet
general protection fault in rb_next 1 583d 583d 562d 99ba2b5a bpf: sockhash, disallow bpf_tcp_close and update in parallel
KASAN: stack-out-of-bounds Write in __tlb_remove_page_size 1 579d 578d 562d 99ba2b5a bpf: sockhash, disallow bpf_tcp_close and update in parallel
KASAN: stack-out-of-bounds Read in timerqueue_add C 4 580d 596d 562d 99ba2b5a bpf: sockhash, disallow bpf_tcp_close and update in parallel
KASAN: stack-out-of-bounds Read in rb_insert_color (2) 1 586d 586d 562d 99ba2b5a bpf: sockhash, disallow bpf_tcp_close and update in parallel
KASAN: stack-out-of-bounds Read in __tlb_remove_page_size 1 580d 579d 562d 99ba2b5a bpf: sockhash, disallow bpf_tcp_close and update in parallel
KASAN: stack-out-of-bounds Read in enqueue_task_fair 1 583d 583d 562d 99ba2b5a bpf: sockhash, disallow bpf_tcp_close and update in parallel
BUG: unable to handle kernel paging request in account_system_index_time 1 580d 579d 562d 99ba2b5a bpf: sockhash, disallow bpf_tcp_close and update in parallel
KASAN: stack-out-of-bounds Read in find_inode_nowait 1 592d 591d 562d 99ba2b5a bpf: sockhash, disallow bpf_tcp_close and update in parallel
WARNING in iov_iter_revert C 74 582d 648d 562d 32da1221 tls: Stricter error checking in zerocopy sendmsg path
general protection fault in smc_ioctl (2) C 43 562d 585d 562d 1992d998 net/smc: take sock lock in smc_ioctl()
KASAN: stack-out-of-bounds Read in tlb_flush_mmu_free 2 588d 591d 562d 99ba2b5a bpf: sockhash, disallow bpf_tcp_close and update in parallel
general protection fault in do_tcp_getsockopt C 9 581d 593d 562d 6508b678 tcp: cleanup copied_seq and urg_data in tcp_disconnect
KASAN: use-after-free Read in bpf_test_finish C 1211 577d 592d 562d 6e6fddc7 bpf: fix panic due to oob in bpf_prog_test_run_skb
KASAN: use-after-free Write in skb_release_data C 1903 636d 689d 562d 993675a3 packet: reset network header if packet shorter than ll reserved space
KASAN: stack-out-of-bounds Read in rcu_process_callbacks C 1 586d 586d 562d 99ba2b5a bpf: sockhash, disallow bpf_tcp_close and update in parallel
BUG: unable to handle kernel paging request in ttwu_do_activate 1 596d 596d 562d 99ba2b5a bpf: sockhash, disallow bpf_tcp_close and update in parallel
WARNING in smc_unhash_sk C 155731 565d 727d 562d e1bbdd57 net/smc: reduce sock_put() for fallback sockets
kernel BUG at net/packet/af_packet.c:LINE! (3) syz 5 712d 759d 571d a6361f0c packet: fix bitfield update race
KASAN: slab-out-of-bounds Read in getname_kernel C 8 587d 686d 576d 02f51d45 autofs: fix slab out of bounds read in getname_kernel()
kernel BUG at mm/gup.c:LINE! syz 4 599d 597d 576d 24962af7 fs, elf: make sure to page align bss in load_elf_library bb177a73 mm: do not bug_on on incorrect length in __mm_populate()
KASAN: global-out-of-bounds Write in string C 7 631d 688d 576d fe10e398 reiserfs: fix buffer overflow with long warning messages
KASAN: use-after-free Read in l2tp_session_create 119 698d 765d 580d 6b9f3423 l2tp: fix races in tunnel creation
KMSAN: uninit-value in ip_tunnel_xmit C 2594 583d 670d 583d b84bbaf7 packet: in packet_snd start writing at link layer allocation
KMSAN: uninit-value in br_nf_forward_arp 1 630d 626d 583d b84bbaf7 packet: in packet_snd start writing at link layer allocation
KMSAN: kernel-infoleak in vcs_read C 531 612d 622d 587d 21eff69a vt: prevent leaking uninitialized data to userspace via /dev/vcs*
WARNING: suspicious RCU usage in fib6_info_alloc syz 2 673d 673d 591d 27b10608 net/ipv6: Fix gfp_flags arg to addrconf_prefix_route
WARNING in kernfs_add_one C 174 592d 656d 591d 84d0c27d driver core: Don't ignore class_dir_create_and_add() failure.
INFO: rcu detected stall in unwind_next_frame 2 641d 644d 591d 1d88ba1e sctp: not allow transport timeout value less than HZ/5 for hb_timer
BUG: unable to handle kernel paging request in dput C 26 622d 625d 591d d85b399b fix proc_fill_cache() in case of d_alloc_parallel() failure
general protection fault in fuse_ctl_remove_conn C 16 625d 664d 591d 6becdb60 fuse: fix control dir setup and teardown
WARNING in bpf_int_jit_compile syz 11 599d 635d 591d 9facc336 bpf: reject any prog that failed read-only lock
possible deadlock in sock_hash_free C 45 633d 633d 591d e9db4ef6 bpf: sockhash fix omitted bucket lock in sock_close
possible deadlock in __might_fault (2) C 20 661d 664d 591d 05255b82 tcp: add TCP_ZEROCOPY_RECEIVE support for zerocopy receive
KMSAN: uninit-value in _copy_to_iter (2) C 226 623d 668d 591d 670ae9ca vhost: fix info leak due to uninitialized memory
BUG: unable to handle kernel NULL pointer dereference in do_select 45 601d 602d 591d e88958e6 net: handle NULL ->poll gracefully
kernel BUG at fs/f2fs/inode.c:LINE! C 1 671d 671d 591d 5d64600d f2fs: avoid bug_on on corrupted inode
WARNING: ODEBUG bug in sock_hash_free 1 605d 605d 591d e9db4ef6 bpf: sockhash fix omitted bucket lock in sock_close
KASAN: slab-out-of-bounds Write in sha512_final C 21 604d 621d 591d 3619dec5 dh key: fix rounding up KDF output length
KASAN: slab-out-of-bounds Write in rmd320_final C 44 603d 623d 591d 3619dec5 dh key: fix rounding up KDF output length
INFO: rcu detected stall in kmem_cache_alloc_node_trace 1 679d 661d 591d 1d88ba1e sctp: not allow transport timeout value less than HZ/5 for hb_timer
KASAN: slab-out-of-bounds Read in bpf_csum_update C 2 629d 627d 591d 58990d1f bpf: reject passing modified ctx to helper functions
KMSAN: uninit-value in ip_vs_lblcr_check_expire 2050 591d 668d 591d 3aa1409a ipvs: initialize tbl->entries after allocation
general protection fault in wb_workfn (2) 38 611d 635d 591d 3ee7e869 bdi: Fix another oops in wb_workfn()
INFO: rcu detected stall in is_bpf_text_address C 1 642d 642d 591d 1d88ba1e sctp: not allow transport timeout value less than HZ/5 for hb_timer
KASAN: use-after-free Read in __vfs_write syz 14 620d 623d 591d 66e58e0e bpfilter: fix race in pipe access
general protection fault in pipe_write syz 1 623d 622d 591d 66e58e0e bpfilter: fix race in pipe access
possible deadlock in tcp_mmap C 1908 661d 664d 591d 05255b82 tcp: add TCP_ZEROCOPY_RECEIVE support for zerocopy receive
KASAN: use-after-free Read in bpf_skb_change_proto 1 621d 620d 591d 58990d1f bpf: reject passing modified ctx to helper functions
KASAN: use-after-free Write in prb_fill_curr_block C 2 629d 630d 591d eb73190f net/packet: refine check for priv area size
kernel BUG at fs/f2fs/node.c:LINE! C 1 670d 670d 591d a4f843bd f2fs: give message and set need_fsck given broken node id
WARNING in skb_warn_bad_offload (2) C 6 663d 664d 591d a8c744a8 udp: disable gso with no_check_tx
BUG: unable to handle kernel NULL pointer dereference in ep_item_poll C 15 601d 602d 591d e88958e6 net: handle NULL ->poll gracefully
WARNING in bpf_prog_select_runtime syz 45 615d 617d 591d 9facc336 bpf: reject any prog that failed read-only lock
KASAN: slab-out-of-bounds Read in bpf_skb_vlan_push syz 2 617d 617d 591d 58990d1f bpf: reject passing modified ctx to helper functions
WARNING: kernel stack regs has bad 'bp' value (3) C 7971 593d 748d 591d b7b73cd5 crypto: x86/salsa20 - remove x86 salsa20 implementations
general protection fault in __vfs_write syz 25 620d 623d 591d 66e58e0e bpfilter: fix race in pipe access
INFO: task hung in n_tty_flush_buffer 6 600d 674d 591d ebec3f8f n_tty: Access echo_* variables carefully.
KASAN: use-after-free Read in skb_ensure_writable C 4 620d 627d 591d 58990d1f bpf: reject passing modified ctx to helper functions
KASAN: use-after-free Read in build_segment_manager C 5 671d 671d 591d 8a29c126 f2fs: sanity check for total valid node blocks
KASAN: use-after-free Read in bpf_tcp_close C 1748 597d 636d 591d e9db4ef6 bpf: sockhash fix omitted bucket lock in sock_close
KMSAN: uninit-value in nfqnl_recv_config (2) C 10 604d 620d 591d ba062ebb netfilter: nf_queue: augment nfqa_cfg_policy
KASAN: use-after-free Read in pipe_read C 3 622d 623d 591d 66e58e0e bpfilter: fix race in pipe access
KASAN: slab-out-of-bounds Read in crypto_morus640_decrypt_chunk C 8 610d 617d 591d a81ae809 crypto: morus640 - Fix out-of-bounds access
WARNING in perf_trace_buf_alloc (2) C 22 731d 836d 591d 4d220ed0 bpf: remove tracepoints from bpf core
KASAN: use-after-free Read in finish_wait 8 620d 623d 591d 66e58e0e bpfilter: fix race in pipe access
BUG: unable to handle kernel paging request in bpf_prog_select_runtime 1 607d 607d 591d 85782e03 bpf: undo prog rejection on read-only lock failure
WARNING: kmalloc bug in xdp_umem_create C 7 615d 621d 591d a343993c xsk: silence warning on memory allocation failure
KASAN: use-after-free Write in tls_push_record C 24 592d 636d 591d a447da7d tls: fix use-after-free in tls_push_record
KASAN: use-after-free Read in fib6_table_lookup 1 614d 613d 591d 9b0a8da8 net/ipv6: respect rcu grace period before freeing fib6_info
INFO: rcu detected stall in skb_free_head 4 630d 662d 591d 1d88ba1e sctp: not allow transport timeout value less than HZ/5 for hb_timer
KASAN: use-after-free Read in __kernel_write syz 7 620d 623d 591d 66e58e0e bpfilter: fix race in pipe access
WARNING in ion_dma_buf_begin_cpu_access C 62 599d 621d 591d 0a2bc003 staging: android: ion: Return an ERR_PTR in ion_map_kernel
WARNING: lock held when returning to user space! (2) C 9 651d 652d 591d 9e575010 net/ipv6: fix lock imbalance in ip6_route_del()
INFO: rcu detected stall in corrupted syz 1 641d 640d 591d 1d88ba1e sctp: not allow transport timeout value less than HZ/5 for hb_timer
INFO: rcu detected stall in ip_route_output_key_hash 2 642d 645d 591d 1d88ba1e sctp: not allow transport timeout value less than HZ/5 for hb_timer
KMSAN: uninit-value in ebt_stp_mt_check (2) C 222 591d 623d 591d c568503e netfilter: x_tables: initialise match/target check parameter struct
kernel BUG at fs/f2fs/segment.c:LINE! syz 1 671d 670d 591d 8a29c126 f2fs: sanity check for total valid node blocks
BUG: unable to handle kernel NULL pointer dereference in corrupted C 5 622d 622d 591d c0129a06 smc: convert to ->poll_mask
KMSAN: uninit-value in eth_mac_addr 2 593d 626d 591d 644c7eeb rtnetlink: validate attributes in do_setlink()
KASAN: slab-out-of-bounds Write in tgr192_final C 30 603d 622d 591d 3619dec5 dh key: fix rounding up KDF output length
KASAN: slab-out-of-bounds Write in wp384_final C 27 603d 623d 591d 3619dec5 dh key: fix rounding up KDF output length
INFO: rcu detected stall in dev_queue_xmit_nit 1 636d 636d 591d 1d88ba1e sctp: not allow transport timeout value less than HZ/5 for hb_timer
KASAN: slab-out-of-bounds Write in crypto_sha3_final C 68 604d 623d 591d 3619dec5 dh key: fix rounding up KDF output length
KASAN: slab-out-of-bounds Read in bpf_skb_change_proto C 2 621d 620d 591d 58990d1f bpf: reject passing modified ctx to helper functions
BUG: unable to handle kernel paging request in build_segment_manager C 1 671d 671d 591d b2ca374f f2fs: sanity check on sit entry
KASAN: null-ptr-deref Write in simple_write_to_buffer C 5 631d 656d 591d fc14eebf PM / hibernate: Fix oops at snapshot_write()
INFO: rcu detected stall in sctp_packet_transmit 1 646d 646d 591d 1d88ba1e sctp: not allow transport timeout value less than HZ/5 for hb_timer
general protection fault in touch_atime syz 6 620d 623d 591d 66e58e0e bpfilter: fix race in pipe access
WARNING: possible circular locking dependency detected (4) C 27 664d 672d 591d 05255b82 tcp: add TCP_ZEROCOPY_RECEIVE support for zerocopy receive
BUG: delta (-6195) <= 0 at net/dccp/ccids/ccid3.c:LINE/ccid3_hc_rx_send_feedback() 1 608d 608d 591d 74174fe5 net: dccp: avoid crash in ccid3_hc_rx_send_feedback()
INFO: rcu detected stall in sctp_chunk_put 1 630d 629d 591d 1d88ba1e sctp: not allow transport timeout value less than HZ/5 for hb_timer
KASAN: slab-out-of-bounds Read in ip6_xmit (3) C 69 597d 639d 591d 9901c5d7 bpf: sockmap, fix crash when ipv6 sock is added
KASAN: slab-out-of-bounds Read in skb_ensure_writable C 9 618d 627d 591d 58990d1f bpf: reject passing modified ctx to helper functions
INFO: rcu detected stall in sctp_generate_heartbeat_event 2 644d 654d 591d 1d88ba1e sctp: not allow transport timeout value less than HZ/5 for hb_timer
KASAN: use-after-free Read in bpf_csum_update C 1 629d 627d 591d 58990d1f bpf: reject passing modified ctx to helper functions
BUG: soft lockup in do_raw_spin_unlock (2) 1 619d 619d 591d 4fb48871 restore cond_resched() in shrink_dcache_parent()
BUG: unable to handle kernel paging request in bpf_int_jit_compile syz 2 603d 607d 591d 85782e03 bpf: undo prog rejection on read-only lock failure
general protection fault in __mnt_want_write 1 621d 621d 591d 66e58e0e bpfilter: fix race in pipe access
KASAN: use-after-free Write in bpf_tcp_close C 67 598d 634d 591d e9db4ef6 bpf: sockhash fix omitted bucket lock in sock_close
general protection fault in bpf_tcp_close C 421 592d 635d 591d e9db4ef6 bpf: sockhash fix omitted bucket lock in sock_close 54fedb42 bpf: sockmap, fix smap_list_map_remove when psock is in many maps
general protection fault in smc_ioctl C 5214 613d 643d 591d 2351abe6 net/smc: return 0 for ioctl calls in states INIT and CLOSED
INFO: rcu detected stall in kfree_skbmem 4 631d 661d 591d 1d88ba1e sctp: not allow transport timeout value less than HZ/5 for hb_timer
INFO: task hung in tty_set_termios 1 692d 691d 591d ebec3f8f n_tty: Access echo_* variables carefully.
bpf-next boot error: KASAN: use-after-free Write in call_usermodehelper_exec_work 3 623d 626d 591d bf956be5 umh: fix race condition
WARNING in do_dentry_open C 26 615d 622d 591d b1655857 bpf: implement dummy fops for bpf objects
KASAN: slab-out-of-bounds Write in prb_fill_curr_block C 2 630d 630d 591d eb73190f net/packet: refine check for priv ar