syzbot


fixed (2228):
Title Repro Bisected Count Last Reported Closed Patch
possible deadlock in ext4_evict_inode syz cause+fix 38 591d 630d 6d10h e5bfad3d smack: use GFP_NOFS while holding inode_smack::smk_lock
general protection fault in kobject_get 4 21d 87d 18d 5bdfa854 RDMA/mad: Do not crash if the rdma device does not have a umad interface
KASAN: use-after-free Write in tcindex_set_parms C cause 13 59d 79d 18d 0d1c3530 net_sched: keep alloc_hash updated after hash allocation
WARNING: kobject bug in add_one_compat_dev 2 89d 91d 18d f2f2b3bb RDMA/core: Fix missing error check on dev_set_name()
possible deadlock in io_submit_one (3) syz cause 45 48d 55d 18d 63f818f4 proc: Use a dedicated lock in struct pid
INFO: task hung in io_queue_file_removal C cause 16 61d 68d 18d 4afdb733 io-uring: drop completion when removing file
KASAN: slab-out-of-bounds Write in tcindex_set_parms C cause 10 60d 81d 18d 0d1c3530 net_sched: keep alloc_hash updated after hash allocation
KASAN: use-after-free Read in tcindex_dump syz 1 81d 79d 18d b1be2e8c net_sched: hold rtnl lock in tcindex_partial_destroy_work()
KMSAN: uninit-value in simple_attr_read C 6 21d 91d 18d a65cab7d libfs: fix infoleak in simple_attr_read()
general protection fault in macsec_upd_offload C cause 5 57d 56d 18d aa81700c macsec: fix NULL dereference in macsec_upd_offload()
general protection fault in hfsc_unbind_tcf 1 70d 66d 18d ef299cc3 net_sched: cls_route: remove the right filter from hashtable
memory leak in erase_aeb C 109 19d 172d 18d c16f39d1 ubi: fastmap: Free unused fastmap anchor peb during detach
BUG: unable to handle kernel NULL pointer dereference in handle_external_interrupt_irqoff C cause 6404 62d 67d 18d 428b8f1d KVM: VMX: don't allow memory operands for inline asm that modifies SP
possible deadlock in send_sigurg C cause 65 42d 55d 18d 63f818f4 proc: Use a dedicated lock in struct pid
WARNING: bad unlock balance in ucma_event_handler C cause 143 51d 715d 18d 7c119107 RDMA/ucma: Put a lock around every call to the rdma_cm layer
WARNING in geneve_exit_batch_net (2) C cause 9 66d 89d 18d 0fda7600 geneve: move debug check after netdev unregister
general protection fault in fbcon_switch 1 63d 62d 18d b139f8b0 fbcon: fix null-ptr-deref in fbcon_switch
KASAN: invalid-free in tcf_exts_destroy C cause 1 81d 81d 18d 0d1c3530 net_sched: keep alloc_hash updated after hash allocation
KASAN: use-after-free Read in __hrtimer_run_queues C cause 299 51d 58d 18d 73d20564 hrtimer: Don't dereference the hrtimer pointer after the callback
WARNING: bad unlock balance in ucma_destroy_id syz cause 44 85d 639d 18d 7c119107 RDMA/ucma: Put a lock around every call to the rdma_cm layer
WARNING: bad unlock balance in __get_user_pages_remote C cause 15 51d 51d 18d c7b6a566 mm/gup: Mark lock taken only after a successful retake
INFO: trying to register non-static key in __io_uring_register C cause 39 50d 51d 18d f7fe9346 io_uring: initialize fixed_file_data lock
KASAN: slab-out-of-bounds Read in selinux_xfrm_alloc_user C cause 1 60d 59d 18d a1a7e3a3 xfrm: add the missing verify_sec_ctx_len check in xfrm_add_acquire
KASAN: stack-out-of-bounds Write in mpol_to_str C cause 23 60d 64d 18d aa9f7d51 mm: mempolicy: require at least one nodeid for MPOL_PREFERRED
general protection fault in do_tcp_getsockopt (2) C cause 1 71d 71d 18d 6cd6cbf5 net-backports: tcp: repair: fix TCP_QUEUE_SEQ implementation
KASAN: use-after-free Read in addr_handler syz cause 12 50d 532d 18d 7c119107 RDMA/ucma: Put a lock around every call to the rdma_cm layer
INFO: trying to register non-static key in io_cqring_ev_posted (2) C cause 42 21d 58d 18d 10bea96d io_uring: add missing finish_wait() in io_sq_thread()
KASAN: use-after-free Read in cma_cancel_operation C cause 617 106d 787d 18d 7c119107 RDMA/ucma: Put a lock around every call to the rdma_cm layer
BUG: unable to handle kernel paging request in kernel_get_mempolicy C cause 1 55d 52d 18d ba841078 mm/mempolicy: Allow lookup_node() to handle fatal signal
WARNING: ODEBUG bug in rfcomm_dev_ioctl 1 83d 82d 18d 71811cac Bluetooth: RFCOMM: fix ODEBUG bug in rfcomm_dev_ioctl
KASAN: slab-out-of-bounds Read in cgroup_file_notify C cause 1 83d 79d 18d 726b7bbe hugetlb_cgroup: fix illegal access to memory
WARNING: refcount bug in __tcf_action_put syz 1 80d 79d 18d 0d1c3530 net_sched: keep alloc_hash updated after hash allocation
KASAN: use-after-free Read in rdma_listen (2) C cause 354 56d 425d 18d 7c119107 RDMA/ucma: Put a lock around every call to the rdma_cm layer
WARNING: kobject bug in ib_register_device C cause 14 56d 94d 18d 7aefa623 RDMA/nl: Do not permit empty devices names during RDMA_NLDEV_CMD_NEWLINK/SET
general protection fault in ethnl_parse_header C cause 9 65d 70d 18d 55b474c4 netlink: check for null extack in cookie helpers
WARNING in vcpu_enter_guest syz cause 19 68d 181d 18d d3329454 KVM: x86: remove bogus user-triggerable WARN_ON
general protection fault in hsr_addr_is_self (2) 1 70d 69d 18d 3a303cfd hsr: fix general protection fault in hsr_addr_is_self()
linux-next test error: KASAN: use-after-free Read in l2cap_sock_release 12 113d 115d 18d 2a154903 Bluetooth: prefetch channel before killing sock
possible deadlock in send_sigio C cause 7 46d 54d 18d 63f818f4 proc: Use a dedicated lock in struct pid
WARNING: ODEBUG bug in __init_work syz cause 1 67d 66d 18d ef299cc3 net_sched: cls_route: remove the right filter from hashtable
WARNING in call_rcu C cause 8 72d 79d 18d ef299cc3 net_sched: cls_route: remove the right filter from hashtable
WARNING: ODEBUG bug in prism2sta_disconnect_usb 1 67d 66d 18d a1f165a6 staging: wlan-ng: fix ODEBUG bug in prism2sta_disconnect_usb
WARNING: ODEBUG bug in tcf_queue_work C cause 30 84d 84d 18d ef299cc3 net_sched: cls_route: remove the right filter from hashtable
WARNING in __blk_mq_delay_run_hw_queue C cause+fix 6 131d 236d 18d 6e66b493 blk-mq: Keep set->nr_hw_queues and set->map[].nr_queues in sync
general protection fault in qdisc_hash_add C cause 47 77d 77d 18d 7c4046b1 Revert "net: sched: make newly activated qdiscs visible"
WARNING: refcount bug in tcindex_data_put C cause 27 55d 56d 18d a8eab6d3 net_sched: fix a missing refcnt in tcindex_init()
KASAN: use-after-free Read in route4_get C 8 47d 76d 18d ef299cc3 net_sched: cls_route: remove the right filter from hashtable
KASAN: use-after-free Read in __list_del_entry_valid (4) C cause 16 107d 795d 18d 7c119107 RDMA/ucma: Put a lock around every call to the rdma_cm layer
general protection fault in erspan_netlink_parms C cause 5 73d 74d 18d 32ca98fe net: ip_gre: Accept IFLA_INFO_DATA-less configuration
WARNING in kernfs_create_dir_ns C cause+fix 3 73d 334d 18d 810507fe locking/lockdep: Reuse freed chain_hlocks entries
WARNING in af_alg_make_sg C cause 13 50d 50d 18d ae46d2aa mm/gup: Let __get_user_pages_locked() return -EINTR for fatal signal
general protection fault in rdma_listen (2) syz cause 104 57d 568d 18d 7c119107 RDMA/ucma: Put a lock around every call to the rdma_cm layer
WARNING in kernfs_new_node C cause+fix 2 73d 297d 18d 810507fe locking/lockdep: Reuse freed chain_hlocks entries
possible deadlock in cma_netdev_callback C cause 1399 51d 92d 18d 33fb27fd RDMA/siw: Fix passive connection establishment
WARNING: refcount bug in sctp_wfree C cause 20 59d 80d 18d 5c3e82fe sctp: fix refcount bug in sctp_wfree
WARNING in ext4_write_inode 13 85d 92d 18d 10a98cb1 xfs: clear PF_MEMALLOC before exiting xfsaild thread
BUG: corrupted list in rdma_listen C 202 191d 770d 18d 7c119107 RDMA/ucma: Put a lock around every call to the rdma_cm layer
possible deadlock in free_ioctx_users (2) C cause 44 48d 55d 18d 63f818f4 proc: Use a dedicated lock in struct pid
WARNING: ODEBUG bug in route4_change C cause 68 55d 79d 18d ef299cc3 net_sched: cls_route: remove the right filter from hashtable
KASAN: use-after-free Read in tty_open C cause+fix 8 65d 177d 18d ca4463bf vt: vt_ioctl: fix VT_DISALLOCATE freeing in-use virtual console
KASAN: slab-out-of-bounds Read in edge_interrupt_callback C 1 67d 66d 18d 57aa9f29 USB: serial: io_edgeport: fix slab-out-of-bounds read in edge_interrupt_callback
KMSAN: uninit-value in tcf_exts_change C 5 69d 79d 18d 0d1c3530 net_sched: keep alloc_hash updated after hash allocation
BUG: sleeping function called from invalid context in kmem_cache_alloc_node_trace C cause 364 80d 82d 18d 138470a9 net/sched: act_ct: fix lockdep splat in tcf_ct_flow_table_get
KASAN: use-after-free Write in release_tty C cause 591 55d 177d 18d ca4463bf vt: vt_ioctl: fix VT_DISALLOCATE freeing in-use virtual console
WARNING: ODEBUG bug in tcindex_destroy_work (3) syz cause 13 57d 93d 18d 304e0242 net_sched: add a temporary refcnt for struct tcindex_data
KASAN: slab-out-of-bounds Read in hfa384x_usbin_callback C 1 69d 69d 18d 1165dd73 staging: wlan-ng: fix use-after-free Read in hfa384x_usbin_callback
KMSAN: uninit-value in macsec_handle_frame 1 68d 68d 18d b06d072c macsec: restrict to ethernet devices
WARNING: refcount bug in igmp_start_timer syz cause+fix 19 283d 649d 41d 323ebb61 net: use listified RX for handling GRO_NORMAL skbs
possible deadlock in sch_direct_xmit C cause+fix 1548 184d 863d 41d 323ebb61 net: use listified RX for handling GRO_NORMAL skbs
KASAN: use-after-free Read in alloc_netdev_mqs 1 105d 105d 43d e08ad805 net: add strict checks in netdev_name_node_alt_destroy()
KMSAN: uninit-value in __iptunnel_pull_header C 12 74d 83d 43d 17c25caf gre: fix uninit-value in __iptunnel_pull_header
KASAN: use-after-free Read in inet_gifconf 24 97d 103d 43d 44bfa9c5 net: rtnetlink: fix bugs in rtnl_alt_ifname()
INFO: task hung in hashlimit_mt_check_common C cause 20 99d 139d 43d 8d0015a7 netfilter: xt_hashlimit: limit the max size of hashtable c4a3922d netfilter: xt_hashlimit: reduce hashlimit_mutex scope for htable_put()
divide error in wg_packet_encrypt_worker C cause 12 97d 104d 43d 175f1ca9 wireguard: send: account for mtu=0 devices
WARNING in idr_destroy C cause 5 71d 86d 43d b216a8e7 drm/lease: fix WARNING in idr_destroy
BUG: soft lockup in sys_exit_group C 6 68d 91d 43d d683469b ALSA: line6: Fix endless MIDI read loop
KASAN: use-after-free Read in ipv6_get_ifaddr 1 101d 101d 43d e08ad805 net: add strict checks in netdev_name_node_alt_destroy()
KASAN: use-after-free Read in inet_lookup_ifaddr_rcu 2 97d 99d 43d e08ad805 net: add strict checks in netdev_name_node_alt_destroy()
KASAN: use-after-free Write in hiddev_disconnect 20 71d 135d 43d 5c02c447 HID: hiddev: Fix race in in hiddev_disconnect()
KMSAN: use-after-free in netdev_state_change 2 87d 87d 43d 44bfa9c5 net: rtnetlink: fix bugs in rtnl_alt_ifname()
KMSAN: uninit-value in audit_receive C 4 94d 94d 43d 75612528 audit: always check the netlink payload length in audit_receive_msg()
WARNING: lock held when returning to user space in ovl_write_iter C cause 6 73d 88d 43d c8536804 ovl: fix lockdep warning for async write
general protection fault in vt_ioctl 1 108d 108d 43d 6cd1ed50 net-backports: vt: vt_ioctl: fix race in VT_RESIZEX
KASAN: use-after-free Read in percpu_ref_switch_to_atomic_rcu 5 89d 111d 43d c1e2148f io_uring: free fixed_file_data after RCU grace period
KASAN: use-after-free Read in rtnl_fill_ifinfo (2) 2 102d 103d 43d 44bfa9c5 net: rtnetlink: fix bugs in rtnl_alt_ifname()
INFO: task hung in hashlimit_net_exit syz cause 53 97d 105d 43d 8d0015a7 netfilter: xt_hashlimit: limit the max size of hashtable
kernel BUG at arch/x86/mm/physaddr.c:LINE! (4) C 18 62d 97d 43d 2ad3e17e audit: fix error handling in audit_data_to_entry()
KMSAN: uninit-value in slhc_compress C 3 86d 85d 43d 110a40df slip: make slhc_compress() more robust against malicious packets
WARNING: proc registration bug in hashlimit_mt_check_common C cause 320 83d 108d 43d 99b79c39 netfilter: xt_hashlimit: unregister proc file before releasing mutex
linux-next test error: WARNING in snd_pcm_plug_alloc 3 77d 77d 43d 5461e053 ALSA: pcm: oss: Remove WARNING from snd_pcm_plug_alloc() checks
WARNING: ODEBUG bug in smc_ib_remove_dev 52 73d 87d 43d ece0d7bd net/smc: cancel event worker during device removal
memory leak in dma_buf_ioctl C cause 129 93d 309d 43d d1f37226 dma-buf: free dmabuf->name in dma_buf_release()
KASAN: use-after-free Read in netdev_state_change 2 102d 103d 43d 44bfa9c5 net: rtnetlink: fix bugs in rtnl_alt_ifname()
KCSAN: data-race in snd_seq_check_queue / snd_seq_control_queue 97 44d 142d 43d bb51e669 ALSA: seq: Avoid concurrent access to queue flags
INFO: trying to register non-static key in xa_destroy C cause 46 66d 94d 43d 12e5eef0 RDMA/siw: Fix failure handling during device creation
BUG: unable to handle kernel NULL pointer dereference in inet_release syz 3 93d 93d 43d b6f61189 ipv6: restrict IPV6_ADDRFORM operation
INFO: rcu detected stall in ip_set_uadd C cause 11 88d 125d 43d f66ee041 netfilter: ipset: Fix "INFO: rcu detected stall in hash_xxx" reports
general protection fault in batadv_iv_ogm_schedule 2 97d 110d 43d 8e8ce081 batman-adv: Don't schedule OGM for disabled interface
INFO: task hung in paste_selection C cause+fix 8 109d 174d 43d e8c75a30 vt: selection, push sel_lock up
BUG: unable to handle kernel paging request in ethnl_update_bitset32 C 168 83d 94d 43d e34f1753 ethtool: limit bitset size
KASAN: use-after-free Read in ipv6_chk_addr_and_flags 1 102d 102d 43d e08ad805 net: add strict checks in netdev_name_node_alt_destroy()
KMSAN: use-after-free in find_match C 52 73d 102d 43d e08ad805 net-backports: net: add strict checks in netdev_name_node_alt_destroy()
KASAN: use-after-free Read in vgem_gem_dumb_create C cause 15 106d 118d 43d 4b848f20 drm/vgem: Close use-after-free race in vgem_gem_create
KMSAN: uninit-value in bpf_skb_load_helper_32_no_cache 2 113d 111d 43d 457fed77 net/smc: fix leak of kernel memory to user space
memory leak in nf_tables_parse_netdev_hooks (2) C 2 82d 87d 43d 2d285f26 netfilter: nf_tables: free flowtable hooks on hook register error
KMSAN: uninit-value in bond_alb_xmit syz 3 84d 85d 43d b7469e83 bonding/alb: make sure arp header is pulled before accessing it
divide error in encrypt_packet C cause 89 96d 105d 43d 175f1ca9 wireguard: send: account for mtu=0 devices
general protection fault in smc_ib_remove_dev C cause 98 83d 94d 43d a2f2ef4a net/smc: check for valid ib_client_data
possible deadlock in htab_lru_map_delete_node C cause 264 96d 101d 43d b9aff38d bpf: Fix a potential deadlock with bpf_map_do_batch
KMSAN: use-after-free in inet_gifconf 10 73d 97d 43d e08ad805 net-backports: net: add strict checks in netdev_name_node_alt_destroy()
KMSAN: use-after-free in ip6_dst_destroy C 2 76d 88d 43d 44bfa9c5 net: rtnetlink: fix bugs in rtnl_alt_ifname()
KASAN: use-after-free Read in raw_notifier 3 102d 103d 43d 44bfa9c5 net: rtnetlink: fix bugs in rtnl_alt_ifname()
memory leak in fasync_helper C 14 112d 172d 43d 67f562e3 net/smc: transfer fasync_list in case of fallback
possible deadlock in tty_unthrottle 3 67d 91d 43d e8c75a30 vt: selection, push sel_lock up
possible deadlock in inet_csk_accept C cause 992 77d 79d 43d 06669ea3 net: memcg: fix lockdep splat in inet_csk_accept()
KASAN: slab-out-of-bounds Read in ethnl_update_bitset32 syz 2 89d 94d 43d e34f1753 ethtool: limit bitset size
KMSAN: uninit-value in audit_log_vformat C 220 43d 94d 43d 75612528 audit: always check the netlink payload length in audit_receive_msg()
KASAN: use-after-free Read in dev_get_by_index_rcu 1 98d 98d 43d e08ad805 net: add strict checks in netdev_name_node_alt_destroy()
INFO: rcu detected stall in hash_ip4_gc C cause 1 124d 123d 43d f66ee041 netfilter: ipset: Fix "INFO: rcu detected stall in hash_xxx" reports
KCSAN: data-race in queue_access_lock / snd_seq_check_queue 58 83d 125d 43d bb51e669 ALSA: seq: Avoid concurrent access to queue flags
KMSAN: kernel-infoleak in tty_compat_ioctl C 162 65d 94d 43d 17329563 tty: fix compat TIOCGSERIAL leaking uninitialized memory
BUG: sleeping function called from invalid context in __kmalloc C cause 5 104d 111d 43d b27a939e ceph: canonicalize server path in place
INFO: rcu detected stall in ip_set_udel C cause 12 102d 125d 43d f66ee041 netfilter: ipset: Fix "INFO: rcu detected stall in hash_xxx" reports
general protection fault in ip_set_comment_free C cause 19 86d 123d 43d 8af1c6fb netfilter: ipset: Fix forceadd evaluation path
possible deadlock in bond_get_stats (3) syz cause 2 97d 97d 43d b3e80d44 bonding: fix lockdep warning in bond_get_stats()
general protection fault in batadv_iv_ogm_schedule_buff 24 80d 102d 43d 8e8ce081 batman-adv: Don't schedule OGM for disabled interface
KMSAN: use-after-free in veth_xmit 8 73d 89d 43d e08ad805 net-backports: net: add strict checks in netdev_name_node_alt_destroy()
KMSAN: uninit-value in kstrdup C 8 79d 106d 43d 44bfa9c5 net: rtnetlink: fix bugs in rtnl_alt_ifname()
possible deadlock in sidtab_sid2str_put C cause 1382 105d 121d 43d 39a706fb selinux: fix sidtab string cache locking
KCSAN: data-race in __snd_rawmidi_transmit_ack / snd_rawmidi_write 168 44d 170d 43d dfa9a5ef ALSA: rawmidi: Avoid bit fields for state flags
KASAN: use-after-free Read in vsscanf 2 99d 102d 43d e08ad805 net: add strict checks in netdev_name_node_alt_destroy()
KASAN: use-after-free Read in n_tty_receive_buf_common C cause 68 98d 174d 43d 07e6124a vt: selection, close sel_buffer race
KASAN: use-after-free Read in ethnl_update_bitset32 C cause 6 87d 94d 43d e34f1753 ethtool: limit bitset size
KASAN: use-after-free Read in fib_nexthop_info 1 102d 102d 43d 44bfa9c5 net: rtnetlink: fix bugs in rtnl_alt_ifname()
general protection fault in nf_flow_table_offload_setup C cause+fix 835 97d 130d 43d a7da92c2 netfilter: flowtable: skip offload setup if disabled
memory leak in nfs_fs_context_parse_monolithic C 18 77d 104d 43d 75a9b917 NFS: Fix leak of ctx->nfs_server.hostname
KASAN: slab-out-of-bounds Read in inet_gifconf 2 103d 103d 43d 44bfa9c5 net: rtnetlink: fix bugs in rtnl_alt_ifname()
KASAN: use-after-free Read in find_match C cause 142 96d 103d 43d 44bfa9c5 net: rtnetlink: fix bugs in rtnl_alt_ifname()
KMSAN: uninit-value in fat_evict_inode C 256 73d 97d 43d bc87302a fat: fix uninit-memory access for partial initialized inode
KASAN: use-after-free Read in br_dev_xmit 1 93d 93d 43d 823d81b0 net: bridge: fix stale eth hdr pointer in br_dev_xmit
KASAN: use-after-free Read in ip6_dst_destroy C cause 1 103d 103d 43d 44bfa9c5 net: rtnetlink: fix bugs in rtnl_alt_ifname()
WARNING: bad unlock balance in ovl_llseek C cause 4 75d 88d 43d 531d3040 ovl: fix lock in ovl_llseek()
KASAN: use-after-free Read in l3mdev_master_ifindex_rcu C cause+fix 13 99d 105d 43d e08ad805 net: add strict checks in netdev_name_node_alt_destroy()
KASAN: slab-out-of-bounds Read in resample_shrink C cause 5 65d 83d 43d f2ecf903 ALSA: pcm: oss: Avoid plugin buffer overflow
general protection fault in nldev_stat_set_doit C cause 8 77d 94d 43d 78f34a16 RDMA/nldev: Fix crash when set a QP to a new counter but QPN is missing
kernel panic: stack is corrupted in vhost_net_ioctl C cause 2 103d 190d 43d 42d84c84 vhost: Check docket sk_family instead of call getname
KASAN: use-after-free Read in __neigh_notify 2 102d 102d 43d 44bfa9c5 net: rtnetlink: fix bugs in rtnl_alt_ifname()
BUG: unable to handle kernel NULL pointer dereference in cipso_v4_sock_setattr C cause 8 83d 93d 43d dc24f8b4 mptcp: add dummy icsk_sync_mss()
INFO: task hung in lock_sock_nested (2) C cause 418 83d 96d 43d 3f74957f vsock: fix potential deadlock in transport->release()
KMSAN: use-after-free in l3mdev_master_ifindex_rcu C 5 73d 97d 43d e08ad805 net: add strict checks in netdev_name_node_alt_destroy()
unregister_netdevice: waiting for DEV to become free (3) C 1864 43d 105d 43d e34f1753 ethtool: limit bitset size
KMSAN: use-after-free in dev_alloc_name_ns 3 73d 87d 43d e08ad805 net: add strict checks in netdev_name_node_alt_destroy()
KCSAN: data-race in snd_seq_prioq_cell_out / snd_seq_timer_interrupt 118 44d 138d 43d dc749779 ALSA: seq: Fix concurrent access to queue current tick/time
KASAN: use-after-free Read in mld_in_v1_mode C cause 3 102d 105d 43d e08ad805 net-backports: net: add strict checks in netdev_name_node_alt_destroy()
possible deadlock in bpf_lru_push_free C cause 609 96d 102d 43d b9aff38d bpf: Fix a potential deadlock with bpf_map_do_batch
WARNING in switch_fpu_return syz cause+fix 11 114d 148d 64d 2620fe26 KVM: x86: Revert "KVM: X86: Fix fpu state crash in kvm guest"
KMSAN: use-after-free in rdma_listen C 26 84d 230d 64d 5fc01fb8 RDMA/cma: Rollback source IP address if failing to acquire device
KMSAN: uninit-value in rdma_listen C 28 241d 606d 64d 5fc01fb8 RDMA/cma: Rollback source IP address if failing to acquire device
KASAN: slab-out-of-bounds Read in bitmap_ip_add syz cause+fix 7 119d 131d 64d 32c72165 netfilter: ipset: use bitmap infrastructure completely
general protection fault in __nf_tables_chain_type_lookup 1 129d 128d 70d 82603549 netfilter: nf_tables: add __nft_chain_type_get()
KASAN: slab-out-of-bounds Read in bitmap_ip_ext_cleanup C cause+fix 8 114d 130d 72d 32c72165 netfilter: ipset: use bitmap infrastructure completely
KASAN: slab-out-of-bounds Read in bitmap_port_ext_cleanup C cause+fix 10 122d 130d 72d 32c72165 netfilter: ipset: use bitmap infrastructure completely
BUG: corrupted list in __nf_tables_abort C cause+fix 29 124d 131d 72d eb014de4 netfilter: nf_tables: autoload modules from the abort path
KASAN: slab-out-of-bounds Read in bitmap_ipmac_destroy C cause+fix 2 125d 125d 72d 32c72165 netfilter: ipset: use bitmap infrastructure completely
KASAN: slab-out-of-bounds Read in bitmap_ipmac_gc C cause+fix 70 113d 129d 72d 32c72165 netfilter: ipset: use bitmap infrastructure completely
BUG: unable to handle kernel paging request in ion_heap_sglist_zero 1 178d 178d 72d d98c9e83 kasan: fix crashes on access to memory mapped by vm_map_ram()
KASAN: slab-out-of-bounds Read in bitmap_ipmac_ext_cleanup C cause+fix 15 114d 129d 72d 32c72165 netfilter: ipset: use bitmap infrastructure completely
KASAN: slab-out-of-bounds Read in bitmap_port_destroy C cause+fix 2 126d 126d 72d 32c72165 netfilter: ipset: use bitmap infrastructure completely
general protection fault in gcmaes_crypt_by_sg (2) C cause+fix 28 129d 176d 78d db885e66 net/tls: fix async operation
possible deadlock in wg_noise_handshake_create_initiation C cause 11 111d 115d 78d ec31c267 wireguard: noise: reject peers with low order public keys
KASAN: use-after-free Read in slcan_open C cause 2 179d 178d 78d 9ebd796e can: slcan: Fix use-after-free Read in slcan_open
kernel BUG at fs/btrfs/volumes.c:LINE! 130 183d 722d 78d 321f69f8 btrfs: reset device back to allocation state when removing
BUG: unable to handle kernel paging request in slhc_free C cause+fix 177 399d 517d 78d baf76f0c slip: make slhc_free() silently accept an error pointer
WARNING in _chaoskey_fill/usb_submit_urb C 15 195d 248d 78d 92aa5986 USB: chaoskey: fix error case of a timeout
KASAN: slab-out-of-bounds Read in iov_iter_alignment C cause+fix 79 178d 175d 78d e0ff126e pipe: Fix bogus dereference in iov_iter_alignment()
possible deadlock in wg_set_device C cause 33 110d 115d 78d ec31c267 wireguard: noise: reject peers with low order public keys
WARNING: ODEBUG bug in io_sqe_files_unregister C cause 964 112d 159d 78d 2faf852d io_uring: cleanup fixed file data table references
WARNING in flexcop_usb_probe/usb_submit_urb C 4 244d 281d 78d 1b976fc6 media: b2c2-flexcop-usb: add sanity checking
linux-next build error (7) 7 123d 127d 78d ac6119e7 efi/x86: Disable instrumentation in the EFI runtime handling code
BUG: unable to handle kernel paging request in xfs_sb_read_verify 69 161d 180d 83d d98c9e83 kasan: fix crashes on access to memory mapped by vm_map_ram()
BUG: unable to handle kernel paging request in ion_heap_clear_pages C 4378 161d 180d 83d d98c9e83 kasan: fix crashes on access to memory mapped by vm_map_ram()
KASAN: use-after-free Read in bitmap_ip_ext_cleanup C cause+fix 2 130d 130d 96d 32c72165 netfilter: ipset: use bitmap infrastructure completely
KASAN: use-after-free Read in bitmap_ipmac_ext_cleanup C cause+fix 2 129d 130d 96d 32c72165 netfilter: ipset: use bitmap infrastructure completely
KASAN: slab-out-of-bounds Write in bitmap_ip_del C cause+fix 7 127d 129d 96d 32c72165 netfilter: ipset: use bitmap infrastructure completely
KASAN: use-after-free Read in bitmap_ip_destroy C cause+fix 1 130d 130d 99d 32c72165 netfilter: ipset: use bitmap infrastructure completely
upstream boot error: KASAN: slab-out-of-bounds Write in hpet_alloc 33 118d 119d 100d 98c49f17 char: hpet: Fix out-of-bounds read bug
KMSAN: uninit-value in setup_udp_tunnel_sock C 1 128d 128d 100d 940ba149 net-backports: gtp: make sure only SOCK_DGRAM UDP sockets are accepted
WARNING in nft_request_module C cause 7 133d 134d 100d 9332d27d netfilter: nf_tables: remove WARN and add NLA_STRING upper limits
memory leak in reiserfs_fill_super C 20 119d 169d 100d 5474ca7d reiserfs: Fix memory leak of journal device string
WARNING: lock held when returning to user space in tun_get_user (2) 7 116d 127d 100d 1efba987 net-backports: tun: add mutex_unlock() call and napi.skb clearing in tun_get_user()
memory leak in kobject_set_name_vargs (2) C cause 47 125d 310d 100d cb626bf5 net-sysfs: Fix reference count leak
KCSAN: data-race in __rcu_read_unlock / sync_rcu_exp_select_cpus 7 112d 206d 100d c51f83c3 rcu: Use READ_ONCE() for ->expmask in rcu_read_unlock_special()
KASAN: slab-out-of-bounds Read in bitmap_port_gc C cause 197 114d 131d 100d 32c72165 netfilter: ipset: use bitmap infrastructure completely
KMSAN: uninit-value in can_receive C 14 103d 192d 100d e7153bf7 can: can_dropped_invalid_skb(): ensure an initialized headroom in outgoing CAN sk_buffs
memory leak in _sctp_make_chunk C 1 164d 164d 100d be7a7729 sctp: free cmd->obj.chunk for the unprocessed SCTP_CMD_REPLY
WARNING in devlink_port_type_warn 2340 131d 202d 100d 4c582234 devlink: Wait longer before warning about unset port type
BUG: unable to handle kernel NULL pointer dereference in x25_connect 1 174d 173d 100d e21dba7a net/x25: fix nonblocking connect
KASAN: user-memory-access Write in video_usercopy 3 140d 141d 100d 1dc8b65c media: v4l2-core: only zero-out ioctl-read buffers
BUG: unable to handle kernel NULL pointer dereference in cfg80211_wext_siwrts 3 130d 139d 100d 24953de0 cfg80211: check for set_wiphy_params
KASAN: null-ptr-deref Write in x25_connect 1 179d 174d 100d e21dba7a net/x25: fix nonblocking connect
KASAN: slab-out-of-bounds Read in bitmap_ip_list C 85 115d 131d 100d 32c72165 netfilter: ipset: use bitmap infrastructure completely
kernel BUG at fs/namei.c:LINE! 3593 135d 135d 100d c64cd6e3 reimplement path_mountpoint() with less magic
KASAN: use-after-free Read in bitmap_port_ext_cleanup C cause 11 130d 139d 100d c1209593 netfilter: fix a use-after-free in mtype_destroy()
KMSAN: uninit-value in sd_init (2) C 94 206d 202d 100d de89d086 media: gspca: zero usb_buf
KMSAN: uninit-value in __request_module (3) C 58 101d 129d 100d 36d79af7 net-backports: net_sched: use validated TCA_KIND attribute in tc_new_tfilter()
KMSAN: uninit-value in rsvp_change C 4 120d 121d 100d cb3c0e6b cls_rsvp: fix rsvp_policy
BUG: unable to handle kernel paging request in rhashtable_replace_fast 2 126d 133d 100d 41cdc741 netdevsim: fix nsim_fib6_rt_create() error path
KASAN: use-after-free Read in __nf_tables_abort C cause 3 127d 129d 100d eb014de4 netfilter: nf_tables: autoload modules from the abort path
KASAN: use-after-free Read in rsi_rx_done_handler 8 139d 268d 100d e93cd351 rsi: fix use-after-free on failed probe and unbind
general protection fault in hsr_addr_is_self 3 102d 117d 100d 2b5b8251 net: hsr: fix possible NULL deref in hsr_handle_frame()
WARNING: suspicious RCU usage in find_set_and_id syz cause 6 125d 128d 100d 50385171 netfilter: ipset: fix suspicious RCU usage in find_set_and_id
BUG: corrupted list in nft_obj_del C cause 7 131d 134d 100d 335178d5 netfilter: nf_tables: fix flowtable list del corruption
BUG: corrupted list in nf_tables_commit C cause 8 134d 134d 100d 335178d5 netfilter: nf_tables: fix flowtable list del corruption
kernel panic: stack is corrupted in __lock_acquire (4) syz cause+fix 75 196d 353d 100d 4da6a196 bpf: Sockmap/tls, during free we may call tcp_bpf_unhash() in loop
INFO: rcu detected stall in addrconf_rs_timer (3) C cause+fix 81 161d 157d 100d d9e15a27 pkt_sched: fq: do not accept silly TCA_FQ_QUANTUM
KASAN: slab-out-of-bounds Read in bitmap_ipmac_list C cause 108 116d 131d 100d 32c72165 netfilter: ipset: use bitmap infrastructure completely
BUG: corrupted list in __dentry_kill (2) C cause 4945 168d 168d 100d a3d1e7eb simple_recursive_removal(): kernel-side rm -rf for ramfs-style filesystems
KASAN: slab-out-of-bounds Write in setup_udp_tunnel_sock (2) C cause 8 127d 129d 100d 940ba149 net-backports: gtp: make sure only SOCK_DGRAM UDP sockets are accepted
BUG: sleeping function called from invalid context in lock_sock_nested C 1232 100d 175d 100d 37f96694 crypto: af_alg - Use bh_lock_sock in sk_destruct
general protection fault in dccp_timeout_nlattr_to_obj C cause 7 140d 143d 100d 1d9a7acd netfilter: conntrack: dccp, sctp: handle null timeout argument
memory leak in vlan_dev_set_egress_priority C 1 143d 143d 100d 9bbd917e vlan: fix memory leak in vlan_dev_set_egress_priority
general protection fault in nft_parse_register 1 132d 131d 100d 7eaecf79 netfilter: nft_osf: add missing check for DREG attribute
WARNING in sk_psock_drop 157 123d 132d 100d 58c8db92 net, sk_msg: Don't check if sock is locked when tearing down psock
KCSAN: data-race in __rcu_read_unlock / rcu_report_exp_cpu_mult 21 116d 175d 100d c51f83c3 rcu: Use READ_ONCE() for ->expmask in rcu_read_unlock_special()
KCSAN: data-race in tomoyo_supervisor / tomoyo_supervisor (3) 142 105d 157d 100d a8772fad tomoyo: Use atomic_t for statistics counter
KMSAN: uninit-value in macvlan_broadcast C 2 143d 143d 100d 96cc4b69 macvlan: do not assume mac_header is set in macvlan_broadcast()
general protection fault in xt_rateest_tg_checkentry C cause 12 143d 154d 100d 1b789577 netfilter: arp_tables: init netns pointer in xt_tgchk_param struct
general protection fault in hash_netiface6_uadt 1 139d 139d 100d 22dad713 netfilter: ipset: avoid null deref when IPSET_ATTR_LINENO is present
WARNING in tcp_ack C cause 3 141d 141d 100d 90d72256 gtp: fix bad unlock balance in gtp_encap_enable_socket
memory leak in em_nbyte_change C 1 125d 125d 100d 55cd9f67 net_sched: ematch: reject invalid TCF_EM_SIMPLE
KCSAN: data-race in __skb_try_recv_from_queue / unix_dgram_sendmsg 61 116d 134d 100d 86b18aaa skbuff: fix a data race in skb_queue_len()
KMSAN: uninit-value in digitv_rc_query C 4 219d 202d 100d eecc70d2 media: digitv: don't continue if remote control state can't be read 569bc8d6 media: dvb-usb/dvb-usb-urb.c: initialize actlen to 0
general protection fault in xt_rateest_put C cause 97 131d 138d 100d 212e7f56 netfilter: arp_tables: init netns pointer in xt_tgdtor_param struct
KCSAN: data-race in rcu_gp_fqs_check_wake / rcu_preempt_deferred_qs_irqrestore 99 112d 232d 100d 6935c398 rcu: Avoid data-race in rcu_gp_fqs_check_wake()
BUG: sleeping function called from invalid context in tpk_write C cause 12 132d 173d 100d 9a655c77 ttyprintk: fix a potential deadlock in interrupt context issue
KCSAN: data-race in rcu_gp_fqs_check_wake / rcu_note_context_switch 51 112d 225d 100d 6935c398 rcu: Avoid data-race in rcu_gp_fqs_check_wake()
memory leak in snd_pcm_hw_params C 25 112d 120d 100d 66f2d19f ALSA: pcm: Fix memory leak at closing a stream without hw_free
KASAN: slab-out-of-bounds Read in macvlan_broadcast C cause 10 140d 143d 100d 96cc4b69 macvlan: do not assume mac_header is set in macvlan_broadcast()
KMSAN: uninit-value in number C 190 104d 202d 100d 51d0c99b media: af9005: uninitialized variable printked
KCSAN: data-race in find_next_bit / rcu_report_exp_cpu_mult 203 112d 234d 100d 15c7c972 rcu: Use *_ONCE() to protect lockless ->expmask accesses
KMSAN: uninit-value in __tipc_nl_compat_dumpit C 4428 100d 169d 100d a7869e5f tipc: eliminate KMSAN: uninit-value in __tipc_nl_compat_dumpit error
KASAN: slab-out-of-bounds Read in nla_put_nohdr C cause 1 128d 127d 100d 61678d28 net_sched: fix datalen for ematch
general protection fault in path_openat C cause 7 118d 117d 100d 6404674a vfs: fix do_last() regression
general protection fault in free_verifier_state (3) C 5 128d 134d 100d f59bbfc2 bpf: Fix error path under memory pressure
WARNING: bad unlock balance in release_sock 1 141d 141d 100d 90d72256 gtp: fix bad unlock balance in gtp_encap_enable_socket
KASAN: use-after-free Read in tcp_fastretrans_alert C cause 1 131d 131d 100d 2bec445f net-backports: tcp: do not leave dangling pointers in tp->highest_sack
KASAN: use-after-free Read in root_remove_peer_lists C cause 2 117d 117d 100d 9981159f wireguard: allowedips: fix use-after-free in root_remove_peer_lists
KASAN: use-after-free Read in snd_timer_resolution C 5 116d 134d 100d 60adcfde ALSA: seq: Fix racy access for queue timer in proc read
KMSAN: uninit-value in i2c_w (2) C 3 213d 202d 100d de89d086 media: gspca: zero usb_buf
KCSAN: data-race in tick_do_update_jiffies64 / tick_do_update_jiffies64 (4) 394 105d 176d 100d de95a991 net-backports: tick/sched: Annotate lockless access to last_jiffies_update
general protection fault in hash_netnet6_uadt 1 140d 140d 100d 22dad713 netfilter: ipset: avoid null deref when IPSET_ATTR_LINENO is present
BUG: unable to handle kernel paging request in rhashtable_jhash2 C cause 6 133d 134d 100d 41cdc741 netdevsim: fix nsim_fib6_rt_create() error path
memory leak in tcf_ctinfo_init C 2 130d 131d 100d 09d4f10a net: sched: act_ctinfo: fix memory leak
WARNING in do_dentry_open (2) C cause 17 120d 117d 100d a37f4958 debugfs: Return -EPERM when locked down
KASAN: slab-out-of-bounds Read in __nla_put_nohdr C cause 4 128d 128d 100d 61678d28 net_sched: fix datalen for ematch
INFO: rcu detected stall in br_handle_frame (2) C cause 2 160d 156d 100d d9e15a27 pkt_sched: fq: do not accept silly TCA_FQ_QUANTUM
memory leak in nf_tables_parse_netdev_hooks C 6 104d 133d 100d cd77e75b netfilter: nf_tables: fix memory leak in nf_tables_parse_netdev_hooks()
KCSAN: data-race in process_srcu / synchronize_srcu 112 112d 206d 100d 844a378d srcu: Apply *_ONCE() to ->srcu_last_gp_end
WARNING in __proc_create (2) C cause 4 127d 128d 100d a45ea48e afs: Fix characters allowed into cell names
INFO: rcu detected stall in netlink_sendmsg (3) C cause 6 107d 161d 100d d9e15a27 pkt_sched: fq: do not accept silly TCA_FQ_QUANTUM
general protection fault in timer_is_static_object C 2 184d 181d 100d cb222aed Input: add safety guards to input_set_keycode()
KASAN: null-ptr-deref Write in queue_work_on C cause+fix 5 285d 281d 100d 0ace17d5 can, slip: Protect tty->disc_data in write_wakeup and close with RCU
WARNING in cbq_destroy_class C cause 7 105d 128d 100d 2e24cd75 net_sched: fix ops->bind_class() implementations
WARNING in tracepoint_probe_register_prio (3) syz cause 979 103d 741d 100d 64ae572b tracing: Fix sched switch start/stop refcount racy updates
kernel BUG at arch/x86/kvm/mmu/mmu.c:LINE! C cause 6 156d 164d 100d 005ba37c mm: thp: KVM: Explicitly check for THP when populating secondary MMU
BUG: spinlock already unlocked in input_set_keycode C 2 194d 192d 100d cb222aed Input: add safety guards to input_set_keycode()
WARNING: refcount bug in cdev_get C cause 105 142d 282d 100d 68faa679 chardev: Avoid potential use-after-free in 'chrdev_open()'
KMSAN: uninit-value in read_sensor_register (2) C 44 207d 225d 100d de89d086 media: gspca: zero usb_buf
inconsistent lock state in rxrpc_put_client_conn C cause 18198 109d 115d 100d 963485d4 rxrpc: Fix call RCU cleanup using non-bh-safe locks
general protection fault in hash_ipmark6_uadt 2 140d 140d 100d 22dad713 netfilter: ipset: avoid null deref when IPSET_ATTR_LINENO is present
WARNING in cbq_destroy C cause 1 127d 127d 100d 2e24cd75 net_sched: fix ops->bind_class() implementations
WARNING in dln2_start_rx_urbs/usb_submit_urb C 44 115d 204d 100d 2b8bd606 mfd: dln2: More sanity checking for endpoints
KASAN: use-after-free Read in tcp_check_sack_reordering C cause 2 122d 131d 100d 2bec445f net-backports: tcp: do not leave dangling pointers in tp->highest_sack
BUG: unable to handle kernel NULL pointer dereference in cfg80211_wext_siwfrag C cause 8 130d 142d 100d 24953de0 cfg80211: check for set_wiphy_params
WARNING in cgroup_apply_control_enable C cause 178 136d 689d 100d 3bc0bb36 cgroup: Prevent double killing of css when enabling threaded cgroup
KASAN: slab-out-of-bounds Read in hid_field_extract C 6 141d 174d 100d 8ec321e9 HID: Fix slab-out-of-bounds read in hid_field_extract
general protection fault in nft_chain_parse_hook C cause 48 119d 134d 100d 82603549 netfilter: nf_tables: add __nft_chain_type_get()
WARNING in nf_tables_table_destroy C cause+fix 1 132d 131d 100d eb014de4 netfilter: nf_tables: autoload modules from the abort path
KASAN: slab-out-of-bounds Write in mpol_parse_str C cause 3 138d 135d 100d c7a91bc7 mm/mempolicy.c: fix out of bounds write in mpol_parse_str()
KASAN: slab-out-of-bounds Read in bitmap_ip_gc C cause 15 113d 131d 100d 32c72165 netfilter: ipset: use bitmap infrastructure completely
WARNING: ODEBUG bug in rsi_probe C 10487 114d 410d 100d 92aafe77 rsi: fix use-after-free on probe errors
KASAN: use-after-free Read in macvlan_broadcast C cause 12 141d 143d 100d 96cc4b69 macvlan: do not assume mac_header is set in macvlan_broadcast()
general protection fault in nft_tunnel_get_init C cause 7 134d 134d 100d 1c702bf9 netfilter: nft_tunnel: fix null-attribute check
KASAN: slab-out-of-bounds Read in bitmap_port_add syz cause 9 125d 131d 100d 32c72165 netfilter: ipset: use bitmap infrastructure completely
WARNING: bad unlock balance in gtp_encap_enable_socket C cause 8 139d 143d 100d 90d72256 net-backports: gtp: fix bad unlock balance in gtp_encap_enable_socket
WARNING: bad unlock balance in sch_direct_xmit C cause 35 130d 177d 100d 53d37497 net: avoid updating qdisc_xmit_lock_key in netdev_update_lockdep_key()
general protection fault in inet6_set_link_af C cause 8 109d 113d 100d db3fa271 ipv6/addrconf: fix potential NULL deref in inet6_set_link_af()
general protection fault in tcf_ife_cleanup C cause 111 115d 138d 100d 44c23d71 net/sched: act_ife: initalize ife->metalist earlier
BUG: unable to handle kernel paging request in do_csum (2) C cause 6 123d 125d 100d 6cd021a5 udp: segment looped gso packets correctly
KASAN: use-after-free Write in hci_sock_bind 4 102d 134d 100d 11eb85ec Bluetooth: Fix race condition in hci_release_sock()
KASAN: use-after-free Write in __alloc_skb (2) C cause 7 151d 167d 100d d836f5c6 net-backports: net: rtnetlink: validate IFLA_MTU attribute in rtnl_create_link()
KASAN: slab-out-of-bounds Read in bitmap_ip_test syz 10 120d 131d 100d 32c72165 netfilter: ipset: use bitmap infrastructure completely
WARNING in geneve_exit_batch_net 15 100d 126d 100d 760d228e net_sched: walk through all child classes in tc_bind_tclass()
KASAN: slab-out-of-bounds Read in tcf_exts_destroy C cause+fix 8 223d 126d 100d 599be01e net_sched: fix an OOB access in cls_tcindex
general protection fault in hash_ipportnet4_uadt C cause 13 140d 142d 100d 22dad713 netfilter: ipset: avoid null deref when IPSET_ATTR_LINENO is present
KASAN: use-after-free Write in percpu_ref_switch_to_percpu 1 115d 114d 100d 2faf852d io_uring: cleanup fixed file data table references
KASAN: slab-out-of-bounds Read in bitmap_port_list C 152 123d 131d 100d 32c72165 netfilter: ipset: use bitmap infrastructure completely
WARNING in uvc_scan_chain_forward C 6 140d 164d 100d 68035c80 media: uvcvideo: Avoid cyclic entity chains due to malformed USB descriptors
WARNING: ODEBUG bug in tcindex_destroy_work (2) 5 105d 116d 100d 599be01e net_sched: fix an OOB access in cls_tcindex
inconsistent lock state in rxrpc_put_client_connection_id C cause 473 109d 114d 100d 963485d4 rxrpc: Fix call RCU cleanup using non-bh-safe locks
INFO: task hung in aead_recvmsg C cause 11991 126d 900d 100d bbefa1dd crypto: pcrypt - Avoid deadlock by using per-instance padata queues
KASAN: use-after-free Read in bitmap_port_destroy C 1 131d 131d 100d c1209593 netfilter: fix a use-after-free in mtype_destroy()
KASAN: null-ptr-deref Read in tcf_generic_walker C cause 6 104d 122d 100d 760d228e net_sched: walk through all child classes in tc_bind_tclass()
WARNING: refcount bug in chrdev_open C cause+fix 15 180d 282d 100d 68faa679 chardev: Avoid potential use-after-free in 'chrdev_open()'
KMSAN: uninit-value in dvb_usb_adapter_dvb_init 1 210d 202d 100d 26cff637 media: vp7045: do not read uninitialized values if usb transfer fails
INFO: task hung in __generic_file_fsync (2) C cause+fix 28 147d 148d 100d 85a8ce62 block: add bio_truncate to fix guard_bio_eod
WARNING in tcp_enter_loss (2) C cause+fix 4 758d 808d 100d 16ae6aa1 tcp: ignore Fast Open on repair mode
KASAN: null-ptr-deref Read in refcount_sub_and_test_checked (2) C cause+fix 916 360d 561d 100d 62dcb4f4 media: vb2: check memory model for VIDIOC_CREATE_BUFS
BUG: unable to handle kernel paging request in xfs_sb_quiet_read_verify C cause 6 161d 161d 105d d98c9e83 kasan: fix crashes on access to memory mapped by vm_map_ram()
KASAN: vmalloc-out-of-bounds Write in pcpu_alloc C cause 31 152d 177d 105d 253a496d kasan: don't assume percpu shadow allocations will succeed
KASAN: use-after-free Read in iov_iter_alignment C cause 3 178d 178d 105d e0ff126e pipe: Fix bogus dereference in iov_iter_alignment()
memory leak in sctp_stream_init C 1 166d 165d 105d 951c6db9 sctp: fix memleak on err handling of stream initialization
general protection fault in gigaset_probe C 6 189d 308d 105d 53f35a39 staging: gigaset: fix general protection fault on probe
KASAN: use-after-free Read in ext4_xattr_set_entry (2) C cause 19 164d 573d 105d 9803387c ext4: validate the debug_want_extra_isize mount option at parse time
KMSAN: uninit-value in __crc32c_le_base syz 567 141d 187d 105d b6f3320b sctp: fully initialize v4 addr in some functions
unregister_netdevice: waiting for DEV to become free (2) C cause 385621 105d 652d 105d ddd9b5e3 net-sysfs: Call dev_hold always in rx_queue_add_kobject
KMSAN: uninit-value in br_nf_forward_arp (3) 2 180d 173d 105d 56042858 net-backports: netfilter: bridge: make sure to pull arp header in br_nf_forward_arp()
KCSAN: data-race in taskstats_exit / taskstats_exit 157 105d 236d 105d 0b8d616f taskstats: fix data-race
WARNING in azx_rirb_get_response 4 162d 164d 105d 475feec0 ALSA: hda - Downgrade error message for single-cmd fallback
INFO: task hung in sync_inodes_sb (3) C cause 6 145d 154d 105d 85a8ce62 block: add bio_truncate to fix guard_bio_eod
linux-next boot error: general protection fault in do_mount_root 9 164d 164d 105d 7de7de7c Fix root mounting with no mount options
upstream boot error: general protection fault in do_mount_root 12 164d 164d 105d 7de7de7c Fix root mounting with no mount options
KMSAN: uninit-value in bond_neigh_setup 64 149d 173d 105d f394722f net-backports: neighbour: remove neigh_cleanup() method
KASAN: use-after-free Read in tomoyo_realpath_from_path syz cause+fix 7 164d 358d 105d 6f7c4137 tomoyo: Don't use nifty names on sockets.
KASAN: slab-out-of-bounds Read in hsr_debugfs_rename C cause 18 143d 153d 105d 04b69426 hsr: fix slab-out-of-bounds Read in hsr_debugfs_rename()
general protection fault in j1939_sk_bind syz cause+fix 22 179d 205d 105d 00d4e14d can: j1939: j1939_sk_bind(): take priv after lock is held
BUG: unable to handle kernel paging request in pcpu_alloc C cause 24 158d 176d 105d 253a496d kasan: don't assume percpu shadow allocations will succeed
general protection fault in sctp_stream_free (2) C cause 25 150d 161d 105d 61d5d406 sctp: fix err handling of stream initialization
inconsistent lock state in sp_get C cause 2 168d 168d 105d 5c9934b6 6pack,mkiss: fix possible deadlock
general protection fault in j1939_jsk_del (2) syz 21 164d 180d 105d 00d4e14d can: j1939: j1939_sk_bind(): take priv after lock is held
KASAN: vmalloc-out-of-bounds Read in compat_copy_entries C cause 3 166d 166d 105d e608f631 netfilter: ebtables: compat: reject all padding in matches/watchers
WARNING in ovl_rename C cause+fix 5 396d 393d 105d 6889ee5a ovl: relax WARN_ON() on rename to self
possible deadlock in mon_bin_vma_fault C cause 11427 166d 633d 105d 19e6317d usb: mon: Fix a deadlock in usbmon between mmap and read
WARNING: refcount bug in smc_release (2) C cause 9 162d 185d 105d 86434744 net/smc: add fallback check to connect()
BUG: corrupted list in hsr_add_node 1 207d 205d 105d 92a35678 hsr: fix a race condition in node list insertion and deletion
BUG: Bad rss-counter state (3) C cause+fix 438 304d 770d 118d 173d9d9f mm/huge_memory: splitting set mapping+index before unfreeze
possible deadlock in flush_workqueue (2) C cause+fix 256 153d 586d 118d e7c58097 hugetlbfs: revert "Use i_mmap_rwsem to fix page fault/truncate race"
KASAN: slab-out-of-bounds Read in build_audio_procunit (2) C 1 204d 203d 126d 976a68f0 ALSA: usb-audio: Fix incorrect size check for processing/extension units
KASAN: use-after-free Read in j1939_xtp_rx_abort_one C cause+fix 11 198d 205d 131d ddeeb7d4 can: j1939: j1939_can_recv(): add priv refcounting
memory leak in fdb_create (2) C 1 178d 178d 142d c4b4c421 net: bridge: deny dev_set_mac_address() when unregistering
KMSAN: uninit-value in __request_module (2) 3 161d 173d 142d 2dd5616e net-backports: net_sched: validate TCA_KIND attribute in tc_chain_tmplt_add()
KASAN: vmalloc-out-of-bounds Write in kvm_dev_ioctl_get_cpuid C 41 176d 176d 142d 433f4ba1 KVM: x86: fix out-of-bounds write in KVM_GET_EMULATED_CPUID (CVE-2019-19332)
kernel BUG at include/linux/mm.h:LINE! (5) C cause+fix 129 381d 451d 142d 9354544c net/tls: fix page double free on TX cleanup
KASAN: use-after-free Read in __queue_work (2) C cause+fix 577 336d 690d 142d 430ac66e net/9p/trans_fd.c: fix race-condition by flushing workqueue before the kfree()
KASAN: slab-out-of-bounds Read in bpf_prog_create C cause 447 172d 254d 142d 0033b34a ppp: fix out-of-bounds access in bpf_prog_create()
memory leak in register_netdevice C 19 173d 178d 142d 42c17fa6 net: fix a leak in register_netdevice()
KASAN: slab-out-of-bounds Read in vcs_scr_readw C cause+fix 16 176d 177d 142d 0c9acb1a vcs: prevent write access to vcsu devices
kernel BUG at fs/pipe.c:LINE! C cause 693 172d 178d 142d 8c7b8c34 pipe: Remove assertion from pipe_poll()
KMSAN: uninit-value in usbnet_probe C 1 358d 358d 142d 78226f6e net: usb: asix: init MAC address buffers
KMSAN: uninit-value in nf_conntrack_tcp_packet syz 3 175d 178d 142d 9424e2e7 net-backports: tcp: md5: fix potential overestimation of TCP option space
KASAN: slab-out-of-bounds Read in linear_transfer (3) C cause 5 175d 176d 142d 4cc8d650 ALSA: pcm: oss: Avoid potential buffer overflows
KCSAN: data-race in mod_timer / run_timer_softirq 4 158d 224d 142d 56144737 net-backports: hrtimer: Annotate lockless access to timer->state
KASAN: slab-out-of-bounds Write in pipe_write C cause 40 173d 178d 142d 8f868d68 pipe: Fix missing mask update after pipe_wait()
WARNING in tty_set_termios C cause+fix 1997 301d 502d 142d b36a1552 Bluetooth: hci_uart: check for missing tty operations
general protection fault in override_creds C cause 6 175d 178d 142d 0b8c0ec7 io_uring: use current task creds instead of allocating a new one
WARNING in drm_mode_createblob_ioctl C cause 7 204d 227d 142d 5bf8bec3 drm: limit to INT_MAX in create_blob ioctl
WARNING: refcount bug in skb_set_owner_w C cause 2 178d 178d 142d 501a90c9 net-backports: inet: protect against too small mtu values.
KASAN: use-after-free Read in xlog_alloc_log (2) 55 173d 180d 142d 798a9cad xfs: fix mount failure crash on invalid iclog memory access
KMSAN: use-after-free in netlink_recvmsg C 1 198d 197d 168d cf94da6f Bluetooth: Fix invalid-free in bcsp_close()
KMSAN: use-after-free in kfree_skb syz 34 185d 233d 168d cf94da6f Bluetooth: Fix invalid-free in bcsp_close()
general protection fault in io_commit_cqring C cause 3 196d 197d 168d 15dff286 io_uring: check for validity of ->rings in teardown
general protection fault in ext4_writepages C cause 18 191d 200d 168d 4d06bfb9 ext4: Add error handling for io_end_vec struct allocation
KMSAN: use-after-free in __skb_try_recv_from_queue C 4 196d 220d 168d cf94da6f Bluetooth: Fix invalid-free in bcsp_close()
general protection fault in ip_sublist_rcv C cause 287 210d 220d 168d 51210ad5 inet: do not call sublist_rcv on empty list
kernel BUG at include/linux/scatterlist.h:LINE! C cause 307 178d 372d 168d d10523d0 net/tls: free the record on encryption error
KASAN: use-after-free Read in snd_timer_open C cause 87 198d 199d 168d 0c4f09ce ALSA: timer: Fix the breakage of slave link open
linux-next boot error: general protection fault in __x64_sys_settimeofday 6 196d 196d 168d 5e0fb1b5 y2038: time: avoid timespec usage in settimeofday()
INFO: task hung in io_wq_destroy C cause 20 182d 213d 168d b60fda60 io-wq: wait for io_wq_create() to setup necessary workers
INFO: trying to register non-static key in io_cqring_ev_posted C cause 6 183d 195d 168d eb065d30 io_uring: io_allocate_scq_urings() should return a sane state
KASAN: global-out-of-bounds Write in kbd_event C 6 182d 204d 168d b2b2dd71 tty: vt: keyboard: reject invalid keycodes
KCSAN: data-race in __ip4_datagram_connect / raw_bind 1 216d 215d 168d 25c7a6d1 net: avoid potential false sharing in neighbor related code
KASAN: slab-out-of-bounds Write in __ext4_expand_extra_isize 16 291d 633d 168d 4ea99936 ext4: add more paranoia checking in ext4_expand_extra_isize handling
KASAN: use-after-free Read in tipc_nl_node_dump_monitor_peer C cause 3 233d 232d 168d ab5b526d net: genetlink: always allocate separate attrs for dumpit ops
KCSAN: data-race in __dev_queue_xmit / __dev_queue_xmit 40 168d 218d 168d 90b2be27 net/sched: annotate lockless accesses to qdisc->empty
general protection fault in tss_update_io_bitmap C cause 65 184d 190d 168d e3cb0c71 x86/ioperm: Fix use of deprecated config option
general protection fault in ip6_sublist_rcv C cause 327 210d 213d 168d 51210ad5 inet: do not call sublist_rcv on empty list
KCSAN: data-race in inet_putpeer / inet_putpeer 20 201d 218d 168d 71685eb4 inetpeer: fix data-race in inet_putpeer / inet_putpeer
KASAN: use-after-free Write in __ext4_expand_extra_isize (2) 14 203d 220d 168d 4ea99936 ext4: add more paranoia checking in ext4_expand_extra_isize handling
general protection fault in flexcop_usb_probe C 403 182d 412d 168d 1b976fc6 media: b2c2-flexcop-usb: add sanity checking
KCSAN: data-race in __remove_hrtimer / __tcp_ack_snd_check 4 183d 204d 168d 56144737 hrtimer: Annotate lockless access to timer->state
KCSAN: data-race in eth_header_cache / neigh_resolve_output 1 205d 205d 168d c305c6ae net-backports: net: add annotations on hh->hh_len lockless accesses
KMSAN: use-after-free in sk_forced_mem_schedule 2 191d 198d 168d cf94da6f Bluetooth: Fix invalid-free in bcsp_close()
WARNING in iov_iter_pipe C cause 1117 185d 203d 168d 419e9c38 iomap: Fix pipe page leakage during splicing
kernel BUG at kernel/time/timer.c:LINE! (4) syz 1 237d 234d 168d f3f5ba42 media: imon: invalid dereference in imon_touch_event
general protection fault in devlink_get_from_attrs C 7 235d 234d 168d 82a843de net: devlink: fix reporter dump dumpit
KASAN: use-after-free Read in appledisplay_bl_get_brightness C 1 250d 248d 168d 91feb015 appledisplay: fix error handling in the scheduled work
general protection fault in vti6_ioctl 1 226d 226d 168d 9077f052 net: propagate errors correctly in register_netdevice()
INFO: trying to register non-static key in ida_destroy C 4272 181d 304d 168d 8c279e93 media: uvcvideo: Fix error path in control parsing failure
KCSAN: data-race in tun_get_user / tun_net_get_stats64 1 213d 212d 168d de7d5084 net-backports: net: provide dev_lstats_read() helper
KCSAN: data-race in sk_wait_data / tcp_queue_rcv 4 207d 204d 168d f8cc62ca net: add a READ_ONCE() in skb_peek_tail()
KCSAN: data-race in __remove_hrtimer / tcp_pacing_check 1 207d 204d 168d 56144737 hrtimer: Annotate lockless access to timer->state
KMSAN: use-after-free in __netif_receive_skb_core 1 198d 198d 168d cf94da6f Bluetooth: Fix invalid-free in bcsp_close()
KCSAN: data-race in tcp_add_backlog / tcp_recvmsg (2) 47 168d 204d 168d 9ed498c6 net-backports: net: silence data-races on sk_backlog.tail
KCSAN: data-race in sk_wait_data / skb_queue_tail 3 215d 216d 168d f8cc62ca net-backports: net: add a READ_ONCE() in skb_peek_tail()
KMSAN: use-after-free in skb_dequeue C 1 228d 228d 168d cf94da6f Bluetooth: Fix invalid-free in bcsp_close()
KASAN: use-after-free Read in tipc_nl_publ_dump C 2 235d 234d 168d ab5b526d net: genetlink: always allocate separate attrs for dumpit ops
KCSAN: data-race in ip_finish_output2 / ip_finish_output2 26 171d 217d 168d 25c7a6d1 net: avoid potential false sharing in neighbor related code
general protection fault in snd_usb_create_mixer C 1 190d 189d 168d 9435f2bb ALSA: usb-audio: Fix NULL dereference at parsing BADD
general protection fault in tipc_nl_publ_dump C 135 232d 234d 168d 6ea67769 net: tipc: prepare attrs in __tipc_nl_compat_dumpit()
KASAN: use-after-free Read in nf_ct_deliver_cached_events C cause 169 213d 219d 168d ad88b7a6 netfilter: ecache: don't look for ecache extension on dying/unconfirmed conntracks
general protection fault in veth_get_stats64 C cause 2 239d 239d 168d 9077f052 net: propagate errors correctly in register_netdevice()
KCSAN: data-race in icmp_global_allow / icmp_global_allow 29 168d 218d 168d bbab7ef2 net-backports: net: icmp: fix data-race in cmp_global_allow()
general protection fault in usb_set_interface C 3 252d 255d 168d c7a19146 media: usbvision: Fix invalid accesses after device disconnect
KCSAN: data-race in __dev_queue_xmit / pfifo_fast_dequeue 6 181d 218d 168d 90b2be27 net/sched: annotate lockless accesses to qdisc->empty
KCSAN: data-race in tcp_chrono_stop / tcp_recvmsg 3 203d 204d 168d a5a7daa5 net-backports: tcp: fix data-race in tcp_recvmsg()
KCSAN: data-race in gro_normal_list.part.0 / napi_busy_loop 1 201d 201d 168d c39e342a net-backports: tun: fix data-race in gro_normal_list()
KASAN: use-after-free Read in slip_open C cause 3 186d 187d 168d e58c1912 slip: Fix use-after-free Read in slip_open
KCSAN: data-race in fanout_demux_rollover / fanout_demux_rollover 1 202d 202d 168d b756ad92 net-backports: packet: fix data-race in fanout_flow_is_huge()
WARNING in __rtnl_newlink C cause 2 238d 238d 168d 9077f052 net: propagate errors correctly in register_netdevice()
BUG: unable to handle kernel paging request in __ext4_expand_extra_isize 6 240d 220d 168d 4ea99936 ext4: add more paranoia checking in ext4_expand_extra_isize handling
KASAN: use-after-free Read in shmem_fault (2) 5 212d 272d 168d 8897c1b1 shmem: pin the file in shmem_fault() if mmap_sem is dropped
BUG: unable to handle kernel paging request in io_wq_cancel_all C cause 2 212d 211d 168d 975c99a5 io_uring: io_wq_create() returns an error pointer, not NULL
KASAN: invalid-free in io_sqe_files_unregister C cause 3 200d 200d 168d 46568e9b io_uring: fix error clear of ->file_table in io_sqe_files_register()
KASAN: invalid-free in skb_free_head C cause 1 209d 209d 168d cf94da6f Bluetooth: Fix invalid-free in bcsp_close()
general protection fault in ovs_vport_add C cause 5 229d 238d 168d 9077f052 net: propagate errors correctly in register_netdevice()
KASAN: use-after-free Read in nl8NUM_dump_wpan_phy C cause 6 232d 234d 168d ab5b526d net: genetlink: always allocate separate attrs for dumpit ops
KASAN: use-after-free Read in tipc_udp_nl_dump_remoteip C cause 3 233d 234d 168d ab5b526d net: genetlink: always allocate separate attrs for dumpit ops
KASAN: use-after-free Read in __cfg8NUM_wpan_dev_from_attrs C cause 3 235d 234d 168d ab5b526d net: genetlink: always allocate separate attrs for dumpit ops
WARNING: ODEBUG bug in free_netdev C cause 2 237d 237d 168d 11fc7d5a tun: fix memory leak in error path
KCSAN: data-race in sctp_assoc_migrate / sctp_hash_obj 12 176d 203d 168d 31243461 sctp: cache netns in sctp_ep_common
general protection fault in ip6_tnl_ioctl C cause 7 227d 238d 168d 9077f052 net: propagate errors correctly in register_netdevice()
KCSAN: data-race in __dev_queue_xmit / net_tx_action 1 202d 202d 168d 90b2be27 net/sched: annotate lockless accesses to qdisc->empty
KMSAN: use-after-free in copyout C 1 233d 233d 168d cf94da6f Bluetooth: Fix invalid-free in bcsp_close()
general protection fault in virtio_transport_release C cause 7 190d 191d 168d 039fccca vsock: avoid to assign transport if its initialization fails
BUG: workqueue lockup (4) C 47 193d 599d 168d 7e7c005b rtc: disable uie before setting time and enable after
WARNING in port100_send_cmd_async/usb_submit_urb C 83 182d 323d 170d 5f9f0b11 nfc: port100: handle command failure cleanly
general protection fault in kvm_coalesced_mmio_init syz cause 48 197d 206d 181d 8a44119a KVM: Fix NULL-ptr deref after kvm_create_vm fails
general protection fault in j1939_netdev_notify syz cause 11 194d 205d 181d c48c8c1e can: j1939: main: j1939_ndev_to_priv(): avoid crash if can_ml_priv is NULL
KASAN: use-after-free Read in j1939_sk_recv C cause 2 200d 200d 181d ddeeb7d4 can: j1939: j1939_can_recv(): add priv refcounting
KASAN: use-after-free Read in j1939_session_deactivate syz cause 1 202d 202d 181d ddeeb7d4 can: j1939: j1939_can_recv(): add priv refcounting
WARNING in smc_unhash_sk (3) C cause 362 185d 274d 181d 8204df72 net/smc: fix fastopen for non-blocking connect()
KASAN: use-after-free Read in do_mount syz cause 6 226d 234d 181d 0ecee669 fs/namespace.c: fix use-after-free of mount in mnt_warn_timestamp_expiry()
general protection fault in j1939_jsk_del syz cause 132 181d 205d 181d fd81ebfe can: j1939: socket: rework socket locking for j1939_sk_release() and j1939_sk_sendmsg()
memory leak in smc_create C 19 194d 207d 181d 6d6dd528 net/smc: fix refcount non-blocking connect() -part 2
KASAN: use-after-free Read in j1939_session_get_by_addr_locked C cause 1 200d 200d 181d ddeeb7d4 can: j1939: j1939_can_recv(): add priv refcounting
INFO: task hung in synchronize_rcu syz cause 1206 181d 207d 181d 8a44119a KVM: Fix NULL-ptr deref after kvm_create_vm fails
KMSAN: uninit-value in ax88172a_bind C 5 213d 226d 181d a9a51bd7 ax88172a: fix information leak on short answers
KMSAN: uninit-value in gf128mul_4k_lle (3) C 2958 187d 552d 181d 683916f6 net/tls: fix sk_msg trim on fallback to copy mode
KMSAN: uninit-value in aesti_encrypt C 54 235d 336d 181d 683916f6 net/tls: fix sk_msg trim on fallback to copy mode
WARNING: suspicious RCU usage in kvm_dev_ioctl C cause 333 197d 208d 181d e2d3fcaf KVM: fix placement of refcount initialization
KMSAN: use-after-free in build_audio_procunit C 2 219d 219d 181d 976a68f0 ALSA: usb-audio: Fix incorrect size check for processing/extension units
WARNING: refcount bug in j1939_netdev_start syz cause 6 183d 205d 181d fd81ebfe can: j1939: socket: rework socket locking for j1939_sk_release() and j1939_sk_sendmsg()
KMSAN: uninit-value in get_min_max_with_quirks C 11 214d 202d 181d 167beb17 ALSA: usb-audio: Fix missing error check at mixer resolution test
WARNING: ODEBUG bug in input_ff_destroy C 6 189d 197d 181d fa3a5a18 Input: ff-memless - kill timer in destroy()
general protection fault in memcg_flush_percpu_vmstats C cause 19 210d 273d 181d 7961eee3 mm: memcontrol: fix NULL-ptr deref in percpu stats flush
KCSAN: data-race in neigh_resolve_output / neigh_resolve_output 4 203d 217d 181d 1b53d644 net-backports: net: fix data-race in neigh_event_send()
KCSAN: data-race in find_match / find_match 2 204d 207d 181d 1bef4c22 net-backports: ipv6: fixes rt6_probe() and fib6_nh->last_probe init
INFO: task hung in mpage_prepare_extent_to_map syz cause 18606 205d 213d 181d 4655e5e5 mm,thp: recheck each page before collapsing file THP
KMSAN: uninit-value in cdc_ncm_set_dgram_size C 4 212d 211d 181d 332f989a CDC-NCM: handle incomplete transfer of MTU
KASAN: use-after-free Read in mcba_usb_disconnect C 2 208d 241d 181d 4d663649 can: mcba_usb: fix use-after-free on disconnect
KMSAN: kernel-usb-infoleak in pcan_usb_wait_rsp C 2 225d 225d 181d f7a1337f can: peak_usb: fix slab info leak
KASAN: invalid-free in rsi_91x_deinit C 109 254d 401d 182d 8b51dc72 rsi: fix a double free bug in rsi_91x_deinit()
WARNING in generic_make_request_checks C cause 7760 182d 659d 182d 8b2ded1c block: don't warn when doing fsync on read-only devices
BUG: spinlock recursion in release_sock C cause 116 308d 309d 183d 5d92e631 net/tls: partially revert fix transition through disconnect with close
KMSAN: use-after-free in adu_disconnect C 16 227d 233d 183d 44efc269 USB: adutux: fix use-after-free on disconnect
KMSAN: use-after-free in mutex_spin_on_owner C 1 232d 232d 183d edc4746f USB: iowarrior: fix use-after-free on disconnect
KMSAN: use-after-free in iowarrior_disconnect C 21 227d 233d 183d edc4746f USB: iowarrior: fix use-after-free on disconnect
KMSAN: use-after-free in usb_autopm_put_interface C 63 213d 227d 183d 7a759197 USB: usblp: fix use-after-free on disconnect
KMSAN: use-after-free in __pm_runtime_resume 1 233d 233d 183d 5f924277 HID: logitech: Fix general protection fault caused by Logitech driver
KMSAN: use-after-free in hidraw_ioctl 1 233d 233d 183d 416dacb8 HID: hidraw: Fix invalid read in hidraw_ioctl
KMSAN: use-after-free in rxrpc_put_peer 1 224d 224d 183d 91fcfbe8 rxrpc: Fix call crypto state cleanup
KMSAN: uninit-value in lg4ff_set_autocenter_default C 1 214d 213d 184d d9d4b1e4 HID: Fix assumption that devices have inputs
WARNING in sk_stream_kill_queues (3) C cause 622 355d 714d 184d 9354544c net/tls: fix page double free on TX cleanup
KCSAN: data-race in udp_set_dev_scratch / udpv6_recvmsg 5 207d 218d 188d a793183c udp: fix data-race in udp_set_dev_scratch()
KCSAN: data-race in __skb_wait_for_more_packets / skb_queue_tail 1 211d 211d 188d 7c422d0c net: add READ_ONCE() annotation in __skb_wait_for_more_packets()
KASAN: use-after-free Read in batadv_iv_ogm_queue_add 3 209d 241d 188d 40e220b4 batman-adv: Avoid free/alloc race when handling OGM buffer
WARNING: refcount bug in smc_release C cause 8 194d 218d 188d 301428ea net/smc: fix refcounting for non-blocking connect()
INFO: trying to register non-static key in bond_3ad_update_lacp_rate C cause 26 211d 213d 188d ad9bd8da bonding: fix using uninitialized mode_lock
KCSAN: data-race in datagram_poll / skb_queue_tail 5 206d 216d 188d 3ef7cf57 net-backports: net: use skb_queue_empty_lockless() in poll() handlers
general protection fault in process_one_work 2 212d 212d 188d 6d6f0383 netdevsim: Fix use-after-free during device dismantle
KASAN: use-after-free Read in fuse_request_end syz cause 6 218d 222d 188d 2b319d1f fuse: don't dereference req->args on finished request
KCSAN: data-race in udp6_lib_lookup2 / udpv6_queue_rcv_one_skb 1 217d 217d 188d 7170a977 net: annotate accesses to sk->sk_incoming_cpu
KCSAN: data-race in tcp_v4_rcv / tcp_v4_rcv 4 207d 211d 188d 7170a977 net-backports: net: annotate accesses to sk->sk_incoming_cpu
memory leak in internal_dev_create C 88 210d 296d 188d 9464cc37 net: openvswitch: free vport unless register_netdevice() succeeds
divide error in dummy_timer C 3 212d 217d 188d 54f83b8c USB: gadget: Reject endpoints with 0 maxpacket value
KCSAN: data-race in __skb_recv_udp / __udp_enqueue_schedule_skb 7 206d 218d 188d 137a0dbe net-backports: udp: use skb_queue_empty_lockless()
KCSAN: data-race in first_packet_length / udp_poll 2 209d 216d 188d 137a0dbe net-backports: udp: use skb_queue_empty_lockless()
memory leak in copy_net_ns C cause 422 209d 247d 188d 82ecff65 keys: Fix memory leak in copy_net_ns
KCSAN: data-race in update_defense_level / update_defense_level (2) 20 206d 218d 188d c24b75e0 ipvs: move old_secure_tcp into struct netns_ipvs
INFO: trying to register non-static key in bond_3ad_update_ad_actor_settings C cause 69 210d 213d 188d ad9bd8da bonding: fix using uninitialized mode_lock
KASAN: use-after-free Read in bpf_prog_kallsyms_find (2) C cause 9 217d 228d 188d cd7455f1 bpf: Fix use after free in subprog's jited symbol removal
KASAN: use-after-free Read in is_bpf_text_address C cause 3 218d 219d 188d cd7455f1 bpf: Fix use after free in subprog's jited symbol removal
KCSAN: data-race in __skb_wait_for_more_packets / __sock_queue_rcv_skb 10 207d 217d 188d 7c422d0c net: add READ_ONCE() annotation in __skb_wait_for_more_packets()
KASAN: use-after-free Read in io_uring_setup syz cause 1 214d 213d 188d 044c1ab3 io_uring: don't touch ctx in setup after ring fd install
KCSAN: data-race in udpv6_queue_rcv_one_skb / udpv6_queue_rcv_one_skb 1 214d 213d 188d ee8d153d net-backports: net: annotate lockless accesses to sk->sk_napi_id
BUG: unable to handle kernel paging request in is_bpf_text_address C cause 2 223d 223d 188d cd7455f1 bpf: Fix use after free in subprog's jited symbol removal
INFO: task hung in ld_usb_write C 831 206d 219d 188d 52403cfb USB: ldusb: fix control-message timeout
KCSAN: data-race in __skb_recv_udp / datagram_poll 1 207d 207d 188d 3f926af3 net: use skb_queue_empty_lockless() in busy poll contexts
KCSAN: data-race in __skb_wait_for_more_packets / __udp_enqueue_schedule_skb 2 211d 218d 188d 7c422d0c net-backports: net: add READ_ONCE() annotation in __skb_wait_for_more_packets()
general protection fault in kernfs_add_one C cause 98 296d 620d 188d ac43432c driver core: Fix use-after-free and double free on glue directory
KASAN: use-after-free Read in ep_scan_ready_list C fix 39 652d 687d 190d 430ac66e net/9p/trans_fd.c: fix race-condition by flushing workqueue before the kfree()
KASAN: use-after-free Read in iowarrior_disconnect C 3056 227d 283d 190d edc4746f USB: iowarrior: fix use-after-free on disconnect
WARNING in kernfs_get C cause 316 298d 626d 190d ac43432c driver core: Fix use-after-free and double free on glue directory
KASAN: use-after-free Read in __schedule (2) C fix 961 447d 665d 190d 26b471c7 KVM: nVMX: Fix bad cleanup on error of get/set nested state IOCTLs
divide error in usbtmc_generic_read C 2 288d 288d 190d de7b9aa6 usbtmc: more sanity checking for packet size
KASAN: use-after-free Read in p9_fd_poll C fix 8 655d 687d 190d 430ac66e net/9p/trans_fd.c: fix race-condition by flushing workqueue before the kfree()
KASAN: use-after-free Read in vhci_hub_control C fix 41 588d 633d 190d 81f7567c usb: usbip: Fix BUG: KASAN: slab-out-of-bounds in vhci_hub_control()
INFO: task hung in vivid_stop_generating_vid_cap C cause+fix 81 574d 577d 199d d65842f7 media: vb2: add waiting_in_dqbuf flag
WARNING in event_function_local C fix 15451 596d 852d 199d 214ff83d KVM: x86: hyperv: implement PV IPI send hypercalls
BUG: MAX_LOCK_DEPTH too low! (2) C fix 5 685d 716d 199d bab2c80e nsh: set mac len based on inner packet
inconsistent lock state in ila_xlat_nl_cmd_del_mapping C fix 2496 648d 653d 199d 7494de04 mfd: da9063: Replace regmap_add_irq_chip with devm counterpart
INFO: task hung in fuse_reverse_inval_entry C fix 23 663d 675d 199d c59fd85e fuse: change interrupt requests allocation algorithm
BUG: corrupted list in p9_conn_cancel C fix 18 588d 689d 199d 9f476d7c net/9p/trans_fd.c: fix race by holding the lock
general protection fault in p9_conn_cancel C fix 2 669d 687d 199d 9f476d7c net/9p/trans_fd.c: fix race by holding the lock
WARNING: ODEBUG bug in p9_fd_close C fix 82 650d 689d 199d 430ac66e net/9p/trans_fd.c: fix race-condition by flushing workqueue before the kfree()
general protection fault in vb2_mmap C cause+fix 21 520d 565d 199d cd26d1c4 media: vb2: vb2_mmap: move lock up
KASAN: stack-out-of-bounds Read in xfrm_state_find (5) C fix 654 485d 787d 199d 32bf94fb xfrm: validate template mode
KASAN: slab-out-of-bounds Write in end_requests C fix 2 664d 668d 199d 45ff350b fuse: fix unlocked access to processing queue
KASAN: use-after-free Read in uprobe_perf_close C fix 54 468d 787d 199d 621b6d2e perf/core: Fix use-after-free in uprobe_perf_close()
KASAN: use-after-free Read in _decode_session4 C fix 3 790d 790d 199d c6741fbe vti6: Properly adjust vti6 MTU from MTU of lower device
general protection fault in tcp_cleanup_ulp syz cause+fix 6 615d 630d 199d 5607fff3 bpf: sockmap only allow ESTABLISHED sock state
WARNING in request_end C cause+fix 14 575d 612d 199d 4c316f2f fuse: set FR_SENT while locked
WARNING in dma_buf_vunmap C cause+fix 17 524d 563d 199d 62dcb4f4 media: vb2: check memory model for VIDIOC_CREATE_BUFS
BUG: corrupted list in p9_write_work C fix 5 612d 657d 199d 728356de 9p: Add refcount to p9_req_t
KASAN: use-after-free Read in tick_sched_handle (3) C fix 12 501d 556d 201d bc6e019b fou: Prevent unbounded recursion in GUE error handler also with UDP-Lite
general protection fault in qca_setup C cause+fix 6 472d 472d 201d b36a1552 Bluetooth: hci_uart: check for missing tty operations
general protection fault in tcp_splice_read C cause+fix 23 416d 525d 201d 07603b23 net/smc: propagate file from SMC to TCP socket
KASAN: use-after-free Read in crypto_gcm_init_common C cause+fix 14 504d 569d 202d 9354544c net/tls: fix page double free on TX cleanup
KASAN: slab-out-of-bounds Read in find_first_zero_bit C fix 1 789d 789d 202d d1877155 bfs: extra sanity checking and static inode bitmap
kernel BUG at net/ipv4/ip_output.c:LINE! C fix 28225 494d 685d 202d e7c87bd6 bpf: in __bpf_redirect_no_mac pull mac only if present
general protection fault in put_pid syz cause+fix 3 524d 534d 202d a8e911d1 x86_64: increase stack size for KASAN_EXTRA
suspicious RCU usage at ./include/net/inet_sock.h:LINE C fix 171 845d 935d 202d 3f32d0be tipc: lock wakeup & inputq at tipc_link_reset()
KASAN: use-after-free Read in _decode_session6 C fix 4 562d 630d 203d e7c87bd6 bpf: in __bpf_redirect_no_mac pull mac only if present
general protection fault in propagate_entity_cfs_rq C fix 1 686d 686d 203d bab2c80e nsh: set mac len based on inner packet
KASAN: use-after-free Write in __vb2_cleanup_fileio C cause+fix 2 574d 577d 203d d65842f7 media: vb2: add waiting_in_dqbuf flag
KCSAN: data-race in sk_stream_wait_memory / tcp_shifted_skb 1 216d 204d 203d ab4e846a tcp: annotate sk->sk_wmem_queued lockless reads
KCSAN: data-race in sk_stream_wait_memory / tcp_fragment 1 207d 204d 203d ab4e846a tcp: annotate sk->sk_wmem_queued lockless reads
KCSAN: data-race in tcp_sendmsg_locked / tcp_stream_memory_free 2 215d 204d 203d 0f317464 tcp: annotate tp->write_seq lockless reads
KCSAN: data-race in tcp_event_new_data_sent / tcp_stream_memory_free 3 208d 204d 203d e0d694d6 tcp: annotate tp->snd_nxt lockless reads
KCSAN: data-race in tcp_ack / tcp_poll (2) 5 211d 204d 203d ab4e846a tcp: annotate sk->sk_wmem_queued lockless reads
KCSAN: data-race in sk_stream_wait_memory / tcp_ack 2 208d 204d 203d ab4e846a tcp: annotate sk->sk_wmem_queued lockless reads
KASAN: slab-out-of-bounds Read in ld_usb_read (3) C 74 214d 225d 204d 7a6f22d7 USB: ldusb: fix read info leaks
KASAN: slab-out-of-bounds Read in build_audio_procunit C 6 210d 219d 204d ba8bf096 ALSA: usb-audio: Fix copy&paste error in the validator
KASAN: slab-out-of-bounds Write in ga_probe C 5 233d 255d 204d d9d4b1e4 HID: Fix assumption that devices have inputs
INFO: task hung in nbd_ioctl C cause 71 205d 241d 204d cf1b2326 nbd: verify socket is supported during setup
KASAN: use-after-free Read in usb_autopm_put_interface C 2373 213d 226d 204d 7a759197 USB: usblp: fix use-after-free on disconnect
memory leak in gfs2_init_fs_context C 13 216d 239d 204d 30aecae8 gfs2: Fix memory leak when gfs2meta's fs_context is freed
KMSAN: uninit-value in sr9800_bind C 27 215d 239d 206d 77b6d09f net: usb: sr9800: fix uninitialized local variable
WARNING in filldir64 76 224d 234d 206d b9959c7a filldir[64]: remove WARN_ON_ONCE() for bad directory entries
memory leak in llc_ui_create (2) C cause 19 222d 342d 206d c6ee11c3 llc: fix sk_buff leak in llc_sap_state_process()
KCSAN: data-race in tcp_add_backlog / tcp_rcv_space_adjust (2) 18 219d 225d 206d ebb3b78d tcp: annotate sk->sk_rcvbuf lockless reads
KCSAN: data-race in __nf_ct_refresh_acct / __nf_ct_refresh_acct 2460 206d 237d 206d e37542ba net-backports: netfilter: conntrack: avoid possible false sharing
BUG: unable to handle kernel NULL pointer dereference in xsk_poll C cause 10 224d 241d 206d df551058 xsk: Fix crash in poll when device does not support ndo_xsk_wakeup
KASAN: use-after-free Read in rxrpc_release_call syz cause 13 224d 279d 206d 91fcfbe8 rxrpc: Fix call crypto state cleanup
KASAN: use-after-free Read in rxrpc_send_keepalive C cause 694 221d 293d 206d c48fc11b rxrpc: Fix call ref leak
KCSAN: data-race in __tcp_select_window / tcp_add_backlog 23502 206d 237d 206d 70c26558 net: silence KCSAN warnings about sk->sk_backlog.len reads
memory leak in sctp_get_port_local (3) C 4 221d 228d 206d 63dfb793 sctp: change sctp_prot .no_autobind with true
memory leak in llc_ui_sendmsg C 125 222d 373d 206d c6ee11c3 llc: fix sk_buff leak in llc_sap_state_process()
KCSAN: data-race in tcp_add_backlog / tcp_recvmsg 17719 207d 237d 206d 8265792b net-backports: net: silence KCSAN warnings around sk_add_backlog() calls
INFO: task hung in addrconf_verify_work (2) C 22 227d 227d 206d 39f13ea2 net: avoid potential infinite loop in tc_ctl_action()
KASAN: use-after-free Read in pn533_send_complete C 4 213d 234d 206d 6af3aa57 NFC: pn533: fix use-after-free and memleaks
KCSAN: data-race in tcp_poll / tcp_recvmsg (2) 22 219d 225d 206d 7db48e98 tcp: annotate tp->copied_seq lockless reads
KASAN: use-after-free Read in rxrpc_put_peer C cause 38 222d 274d 206d 55f6c98e rxrpc: Fix trace-after-put looking at the put peer record 9ebeddef rxrpc: rxrpc_peer needs to hold a ref on the rxrpc_local record
KCSAN: data-race in tcp_poll / tcp_queue_rcv 1897 206d 237d 206d dba7d9b8 net-backports: tcp: annotate tp->rcv_nxt lockless reads
memory leak in llc_conn_ac_send_sabme_cmd_p_set_x C 225 222d 373d 206d b74555de llc: fix sk_buff leak in llc_conn_service()
general protection fault in rxrpc_error_report C cause 6 222d 234d 206d f0308fb0 rxrpc: Fix possible NULL pointer access in ICMP handling
KCSAN: data-race in tcp_add_backlog / tcp_grow_window.isra.0 21713 206d 237d 206d 70c26558 net-backports: net: silence KCSAN warnings about sk->sk_backlog.len reads
WARNING: suspicious RCU usage in xfrm_alloc_userspi C cause+fix 86 435d 436d 207d f10e0010 net: xfrm: Add '_rcu' tag for rcu protected pointer in netns_xfrm
general protection fault in get_work_pool C fix 24 414d 817d 207d 07bf7908 xfrm: Validate address prefix lengths in the xfrm selector.
general protection fault in xfrm_init_replay syz cause+fix 2 805d 804d 207d d97ca5d7 xfrm_user: uncoditionally validate esn replay attribute struct
WARNING: suspicious RCU usage in xfrm_get_spdinfo C cause+fix 46 435d 436d 207d f10e0010 net: xfrm: Add '_rcu' tag for rcu protected pointer in netns_xfrm
WARNING: suspicious RCU usage in xfrm_get_sadinfo C cause+fix 28 435d 436d 207d f10e0010 net: xfrm: Add '_rcu' tag for rcu protected pointer in netns_xfrm
WARNING: suspicious RCU usage in xfrm_get_policy syz cause+fix 8 436d 436d 207d f10e0010 net: xfrm: Add '_rcu' tag for rcu protected pointer in netns_xfrm
memory leak in sctp_stream_init_ext C 34 228d 363d 213d 3c52b0af lib/generic-radix-tree.c: add kmemleak annotations
possible deadlock in usb_deregister_dev (2) C 956 227d 255d 214d 33a78132 USB: legousbtower: fix deadlock on disconnect
KMSAN: uninit-value in mts_usb_probe C 29 233d 239d 214d 177238c3 USB: microtek: fix info-leak at probe
WARNING in mark_lock (2) 14 220d 247d 214d 8e00c4e9 writeback: fix use-after-free in finish_writeback_work()
BUG: bad usercopy in read_rio 2 229d 232d 214d 015664d1 USB: rio500: Remove Rio 500 kernel driver
KMSAN: uninit-value in iowarrior_disconnect C 18 231d 238d 214d edc4746f USB: iowarrior: fix use-after-free on disconnect
general protection fault in open_rio 2 246d 247d 214d 015664d1 USB: rio500: Remove Rio 500 kernel driver
KASAN: use-after-free Read in adu_disconnect C 5304 227d 297d 214d 44efc269 USB: adutux: fix use-after-free on disconnect
INFO: rcu detected stall in dummy_timer C 16 228d 293d 214d 32a0721c USB: yurex: Don't retry on unexpected errors
KASAN: invalid-free in disconnect_rio (2) C 51 231d 252d 214d 015664d1 USB: rio500: Remove Rio 500 kernel driver
general protection fault in finish_writeback_work 10 223d 248d 214d 8e00c4e9 writeback: fix use-after-free in finish_writeback_work()
INFO: trying to register non-static key in finish_writeback_work syz cause 1 249d 246d 214d 8e00c4e9 writeback: fix use-after-free in finish_writeback_work()
INFO: rcu detected stall in rt6_probe_deferred 336 255d 261d 220d d4d6ec6d sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero
INFO: rcu detected stall in addrconf_rs_timer (2) 362 239d 261d 220d d4d6ec6d sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero
general protection fault in bpf_tcp_close (2) C fix 26 643d 687d 220d e06fa9c1 bpf, sockmap: fix potential use after free in bpf_tcp_close
BUG: unable to handle kernel NULL pointer dereference in rds_bind C cause 51 244d 255d 226d 05733434 net/rds: Check laddr_check before calling it
divide error in tabledist 3 243d 252d 226d b41d936b sch_netem: fix a divide by zero in tabledist()
WARNING: lock held when returning to user space in rcu_lock_acquire C cause 3 239d 239d 226d 73956fc0 membarrier: Fix RCU locking bug caused by faulty merge
memory leak in v9fs_cache_session_get_cookie C 242 226d 373d 226d 962a991c 9p/cache.c: Fix memory leak in v9fs_cache_session_get_cookie
WARNING in em28xx_usb_disconnect C 8 260d 293d 226d 46e4a266 media: em28xx: modules workqueue not inited for 2nd device
KASAN: use-after-free Read in si470x_int_in_callback C 25 235d 324d 226d 0d616f2a media: radio/si470x: kill urb on error
kernel BUG at include/linux/skbuff.h:LINE! (2) C cause 58 276d 286d 226d c7a42eb4 net: ipv6: fix listify ip6_rcv_finish in case of forwarding
general protection fault in make_kuid C cause 4 286d 311d 226d 1dd9bc08 vfs: set fs_context::user_ns for reconfigure
general protection fault in ath6kl_usb_alloc_urb_from_pipe C 1160 252d 412d 226d 39d170b3 ath6kl: fix a NULL-ptr-deref bug in ath6kl_usb_alloc_urb_from_pipe()
KMSAN: uninit-value in read_sensor_register C 25 226d 356d 226d 4843a543 media: gspca: zero usb_buf on error
WARNING in rcu_note_context_switch C cause 1 240d 240d 226d 73956fc0 membarrier: Fix RCU locking bug caused by faulty merge
KMSAN: kernel-usb-infoleak in ttusb_dec_send_command C 2 294d 303d 226d a10feaf8 media: ttusb-dec: Fix info-leak in ttusb_dec_send_command()
KASAN: use-after-free Read in atusb_disconnect C 112 227d 268d 226d 7fd25e6f ieee802154: atusb: fix use-after-free at disconnect
possible deadlock in io_submit_one (2) 353 246d 284d 226d 76e43c8c fuse: fix deadlock with aio poll and fuse_iqueue::waitq.lock
BUG: using smp_processor_id() in preemptible [ADDR] code: mime_typevmnet0/NUM 1 270d 268d 226d 00d9e47f posix-cpu-timers: Always clear head pointer on dequeue
KMSAN: uninit-value in inet_ehash_insert C 7 234d 241d 226d 6af1799a net-backports: ipv6: drop incoming packets having a v4mapped source address
KASAN: slab-out-of-bounds Read in hdpvr_probe C 10 262d 338d 226d 8b8900b7 media: hdpvr: add terminating 0 at end of string
BUG: assuming atomic context at net/kcm/kcmsock.c:LINE C cause 178 242d 248d 226d 0355d6c1 net-backports: kcm: disable preemption in kcm_parse_func_strparser()
WARNING: suspicious RCU usage in netem_enqueue C cause 16 244d 258d 226d 159d2c7d net-backports: sch_netem: fix rcu splat in netem_enqueue()
general protection fault in xsk_poll C cause 430 255d 283d 226d 42fddcc7 xsk: use state member for socket synchronization
INFO: task syz-executor can't die for more than 143 seconds. C cause 61 243d 351d 226d 8619e5bd /dev/mem: Bail out upon SIGKILL. 7c3a6aed kexec: bail out upon SIGKILL when allocating memory. 8f9e86ee staging: android: ion: Bail out upon SIGKILL when allocating memory.
BUG: sleeping function called from invalid context in tcf_chain0_head_change_cb_del C cause 187 242d 255d 226d e3ae1f96 net: sched: sch_sfb: don't call qdisc_put() while holding tree lock
KASAN: global-out-of-bounds Read in load_next_firmware_from_table C 5 274d 324d 226d 764f3f1e libertas: Add missing sentinel at end of if_usb.c fw_table
WARNING in handle_desc C cause 6 251d 260d 226d 3ca94192 KVM: X86: Fix userspace set invalid CR4
KASAN: use-after-free Read in ext4_data_block_valid 108 310d 756d 226d 7727ae52 ext4: fix potential use after free after remounting with noblock_validity
general protection fault in kstrtouint (2) C cause 40 272d 315d 226d 74983ac2 vfs: Make fs_parse() handle fs_param_is_fd-type params better
BUG: corrupted list in __netif_receive_skb_list_core 3 233d 287d 226d c7a42eb4 net: ipv6: fix listify ip6_rcv_finish in case of forwarding
divide error in usbnet_update_max_qlen C 17 243d 255d 226d 280ceaed usbnet: sanity checking of packet sizes and device mtu
KASAN: slab-out-of-bounds Read in technisat_usb2_rc_query C 2236 272d 410d 226d 0c4df39e media: technisat-usb2: break out of loop at end of buffer
KASAN: slab-out-of-bounds Read in do_tcp_getsockopt 3 249d 269d 226d 3afb0961 tcp: fix slab-out-of-bounds in tcp_zerocopy_receive()
general protection fault in __apic_accept_irq C cause 69 254d 266d 226d a073d7e3 KVM: hyperv: Fix Direct Synthetic timers assert an interrupt w/o lapic_in_kernel
INFO: rcu detected stall in pie_timer C 19 226d 262d 226d 4ce70b4a net-backports: net: sched: sch_htb: don't call qdisc_put() while holding tree lock
KASAN: global-out-of-bounds Read in dvb_pll_attach C 2 263d 323d 226d c268e7ad media: dvb-frontends: use ida for pll number
general protection fault in pk_probe C 2 272d 268d 226d 98375b86 HID: prodikeys: Fix general protection fault during probe
possible deadlock in free_ioctx_users C 509 246d 627d 226d 76e43c8c fuse: fix deadlock with aio poll and fuse_iqueue::waitq.lock
KASAN: use-after-free Read in cbq_enqueue C cause 4 234d 236d 226d e9789c7c sch_cbq: validate TCA_CBQ_WRROPT to avoid crash
general protection fault in dsmark_init C cause 3 235d 237d 226d 474f0813 sch_dsmark: fix potential NULL deref in dsmark_init()
KASAN: global-out-of-bounds Read in hdpvr_probe C 15 279d 392d 226d d4a6a953 media: hdpvr: Add device num check and handling
KASAN: slab-out-of-bounds Read in sctp_inq_pop 1 278d 276d 226d c7a42eb4 net: ipv6: fix listify ip6_rcv_finish in case of forwarding
WARNING: lock held when returning to user space in membarrier_private_expedited C cause 7 239d 240d 226d 73956fc0 membarrier: Fix RCU locking bug caused by faulty merge
WARNING in blk_mq_sched_free_requests (2) 7 243d 248d 226d 284b94be blk-mq: move lockdep_assert_held() into elevator_exit
WARNING: ODEBUG bug in usbhid_disconnect (2) C 48 246d 268d 226d 2bcdacb7 HID: sony: Fix memory corruption issue on cleanup.
KASAN: slab-out-of-bounds Read in usb_reset_and_verify_device syz 1 276d 268d 226d 3dd550a2 USB: usbcore: Fix slab-out-of-bounds bug during device reset
general protection fault in sctp_inq_pop 4 277d 280d 226d c7a42eb4 net: ipv6: fix listify ip6_rcv_finish in case of forwarding
KMSAN: uninit-value in i2c_w C 2 360d 359d 226d 4843a543 media: gspca: zero usb_buf on error
BUG: MAX_STACK_TRACE_ENTRIES too low! (2) C cause 5045 258d 426d 226d 12593b74 locking/lockdep: Reduce space occupied by stack traces
possible deadlock in open_rio (3) C 169 252d 254d 226d 9472aff1 USB: rio500: Fix lockdep violation
WARNING in kfree C cause 2 273d 272d 226d 43ce4c1f vfs: Add a single-or-reconfig keying to vfs_get_super()
KMSAN: uninit-value in __request_module C 13 235d 255d 226d 62794fc4 net_sched: add max len check for TCA_KIND
WARNING in zd_mac_clear C 13194 252d 412d 226d 7a2eb736 zd1211rw: remove false assertion from zd_mac_clear()
general protection fault in xsk_map_update_elem C cause 12 245d 248d 226d fcd30ae0 bpf/xskmap: Return ERR_PTR for failure case instead of NULL.
possible deadlock in pie_timer C cause 2 243d 244d 226d e3ae1f96 net: sched: sch_sfb: don't call qdisc_put() while holding tree lock
KMSAN: uninit-value in sd_init C 122 226d 359d 226d 4843a543 media: gspca: zero usb_buf on error
WARNING in iguanair_probe/usb_submit_urb C 3 257d 307d 226d ab1cbdf1 media: iguanair: add sanity checks
memory leak in llcp_sock_bind C cause 2 248d 312d 226d a0c2dc1f nfc: fix memory leak in llcp_sock_bind()
general protection fault in __pm_runtime_resume C 197 246d 309d 226d 5f924277 HID: logitech: Fix general protection fault caused by Logitech driver
BUG: unable to handle kernel paging request in coalesced_mmio_write C cause 10 333d 338d 226d b60fe990 KVM: coalesced_mmio: add bounds checking
divide error in cdc_ncm_update_rxtx_max C 5 241d 255d 226d 3fe4b335 cdc_ncm: fix divide-by-zero caused by invalid wMaxPacketSize
general protection fault in tcf_action_destroy 128 243d 261d 226d 3d66b89c net: sched: fix possible crash in tcf_action_destroy()
general protection fault in trace_probe_unlink C cause 7 251d 255d 226d d59fae6f tracing/kprobe: Fix NULL pointer access in trace_porbe_unlink()
memory leak in ppp_write C 5 253d 297d 226d 4c247de5 ppp: Fix memory leak in ppp_write
general protection fault in qdisc_put C cause 60 253d 263d 226d 6efb971b net_sched: let qdisc_put() accept NULL pointer
general protection fault in dev_map_hash_update_elem C cause 4 259d 266d 226d af58e7ee xdp: Fix race in dev_map_hash_update_elem() when replacing element
KASAN: slab-out-of-bounds Read in hidraw_ioctl C 104 253d 303d 226d 416dacb8 HID: hidraw: Fix invalid read in hidraw_ioctl
INFO: rcu detected stall in sys_exit_group C cause 1 257d 253d 232d d4d6ec6d sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero
INFO: rcu detected stall in sys_sendmmsg 2 261d 262d 232d d4d6ec6d sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero
INFO: rcu detected stall in pppoe_sendmsg 7 257d 263d 232d d4d6ec6d sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero
WARNING in xfrm_policy_inexact_list_reinsert 2 266d 294d 232d 769a807d xfrm: policy: avoid warning splat when merging nodes
general protection fault in rds_recv_rcvbuf_delta C cause 35 336d 563d 232d c5c1a030 net/rds: An rds_sock is added too early to the hash table
INFO: rcu detected stall in sys_sendmsg C cause 2 257d 258d 232d d4d6ec6d sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero
INFO: rcu detected stall in br_hello_timer_expired 4 256d 261d 232d d4d6ec6d sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero
INFO: rcu detected stall in addrconf_dad_work C cause 126 256d 261d 232d d4d6ec6d sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero
INFO: rcu detected stall in inet_release 1 265d 264d 232d d4d6ec6d sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero
INFO: rcu detected stall in packet_sendmsg 10 257d 262d 232d d4d6ec6d sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero
general protection fault in addrconf_f6i_alloc C 305 255d 266d 232d 8652f17c ipv6: addrconf_f6i_alloc - fix non-null pointer check to !IS_ERR()
INFO: rcu detected stall in sys_clone 1 259d 259d 232d d4d6ec6d sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero
WARNING in __mark_chain_precision (2) C cause 18 255d 273d 232d 2339cd6c bpf: fix precision tracking of stack slots
INFO: rcu detected stall in dccp_write_timer 5 262d 264d 232d d4d6ec6d sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero
INFO: rcu detected stall in br_handle_frame C cause 341 255d 261d 232d d4d6ec6d sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero
general protection fault in tls_sk_proto_close (2) syz cause 246 256d 274d 232d 44580a01 net: sock_map, fix missing ulp check in sock hash case
INFO: rcu detected stall in mld_ifc_timer_expire C cause 152 256d 263d 232d d4d6ec6d sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero
INFO: rcu detected stall in neigh_timer_handler (2) 2 261d 262d 232d d4d6ec6d sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero
BUG: soft lockup in addrconf_dad_work C cause 1 260d 260d 232d d4d6ec6d sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero
INFO: rcu detected stall in igmp_ifc_timer_expire C 57 256d 515d 232d d4d6ec6d sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero
INFO: rcu detected stall in mld_dad_timer_expire 3 260d 262d 232d d4d6ec6d sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero
memory leak in sctp_get_port_local (2) C 34 236d 294d 232d 29b99f54 sctp: destroy bucket if failed to bind addr
BUG: unable to handle kernel NULL pointer dereference in tc_bind_tclass C cause 61 256d 263d 232d 8b142a00 net_sched: check cops->tcf_block in tc_bind_tclass()
INFO: rcu detected stall in netlink_sendmsg (2) C cause 11 257d 262d 232d d4d6ec6d sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero
KMSAN: uninit-value in capi_write C 445 232d 472d 232d fe163e53 isdn/capi: check message length in capi_write()
general protection fault in icmpv6_xrlim_allow 4 359d 366d 233d c3bcde02 tipc: pass tunnel dev as NULL to udp_tunnel(6)_xmit_skb
general protection fault in ip6_rcv_finish 3 350d 356d 233d c3bcde02 tipc: pass tunnel dev as NULL to udp_tunnel(6)_xmit_skb
memory leak in sctp_send_reset_streams C 7 286d 363d 237d 6d5afe20 sctp: fix memleak in sctp_send_reset_streams
general protection fault in requeue_rx_msgs syz cause+fix 1 729d 728d 237d eb7f54b9 kcm: Fix use-after-free caused by clonned sockets
WARNING: suspicious RCU usage (4) C fix 1 635d 633d 237d 865e63b0 tracing: Add back in rcu_irq_enter/exit_irqson() for rcuidle tracepoints
WARNING: suspicious RCU usage in trace_call_bpf C fix 327 616d 633d 237d 865e63b0 tracing: Add back in rcu_irq_enter/exit_irqson() for rcuidle tracepoints
KASAN: use-after-free Read in psock_map_pop C fix 204 583d 626d 237d 5607fff3 bpf: sockmap only allow ESTABLISHED sock state
WARNING in lockdep_unregister_key (2) 3 406d 410d 237d 8b39adbe locking/lockdep: Make lockdep_unregister_key() honor 'debug_locks' again
WARNING: refcount bug in nr_insert_socket C cause 55 300d 324d 237d 4638faac netrom: hold sock when setting skb->destructor
KASAN: slab-out-of-bounds Read in sock_hash_ctx_update_elem C fix 5 668d 668d 237d b845c898 bpf, sockmap: fix sock_hash_alloc and reject zero-sized keys
general protection fault in smap_list_hash_remove C fix 52 675d 694d 237d 99ba2b5a bpf: sockhash, disallow bpf_tcp_close and update in parallel
KASAN: user-memory-access Read in ip6_hold_safe (3) 456 343d 362d 237d c3bcde02 tipc: pass tunnel dev as NULL to udp_tunnel(6)_xmit_skb
WARNING in cbs_dequeue_soft C cause 13 256d 263d 255d 1c6c09a0 net/sched: cbs: Set default link speed to 10 Mbps in cbs_set_port_rate
KMSAN: uninit-value in batadv_iv_send_outstanding_bat_ogm_packet C 9 281d 281d 255d a15d56a6 batman-adv: Only read OGM tvlv_len after buffer len check
possible deadlock in open_rio 1107 264d 301d 264d 2ca359f4 Revert "USB: rio500: simplify locking"
possible deadlock in usb_deregister_dev C 82 290d 297d 265d c468a8aa usb: iowarrior: fix deadlock on disconnect
general protection fault in packet_lookup_frame C cause 7 289d 289d 265d 32d3182c net/packet: fix race in tpacket_snd()
WARNING in bpf_jit_free C cause 21697 265d 682d 265d c751798a bpf: fix use after free in prog symbol exposure
BUG: Dentry still in use [unmount of nfsd nfsd] 1 295d 291d 265d d6846bfb nfsd: fix dentry leak upon mkdir failure.
kernel BUG at mm/huge_memory.c:LINE! 27 341d 511d 265d a53190a4 mm: mempolicy: handle vma with unmovable pages mapped correctly in mbind
memory leak in ip6_mc_add_src C 1 276d 276d 265d a84d0164 mld: fix memory leak in mld_del_delrec()
WARNING in bpf_prog_kallsyms_add syz cause+fix 2 307d 510d 265d c751798a bpf: fix use after free in prog symbol exposure
WARNING in __iforce_usb_xmit/usb_submit_urb C 3 293d 297d 265d 849f5ae3 Input: iforce - add sanity checks
WARNING in kbtab_open/usb_submit_urb C 5 292d 310d 265d c88090df Input: kbtab - sanity check for endpoint type
BUG: unable to handle kernel paging request in bpf_prog_kallsyms_find syz cause+fix 3 482d 557d 265d c751798a bpf: fix use after free in prog symbol exposure
KASAN: use-after-free Read in rxrpc_queue_local C cause 1 290d 290d 265d 06d9532f rxrpc: Fix read-after-free in rxrpc_queue_local()
BUG: unable to handle kernel paging request in bpf_prog_kallsyms_add syz cause 234 266d 626d 265d c751798a bpf: fix use after free in prog symbol exposure
general protection fault in tls_write_space syz 33 283d 293d 265d 57c722e9 net/tls: swap sk_write_space on close
WARNING in usbtouch_open C 768 290d 304d 265d b55d996f Input: usbtouchscreen - initialize PM mutex before using it
KASAN: use-after-free Read in usb_free_coherent 310 290d 301d 265d fc05481b usb: yurex: Fix use-after-free in yurex_delete
KMSAN: uninit-value in rtm_new_nexthop C 8 281d 281d 265d d00ee64e netlink: Fix nlmsg_parse as a wrapper for strict message parsing
KASAN: slab-out-of-bounds Read in bpf_int_jit_compile C cause 1 313d 309d 265d 7c2e988f bpf: fix x64 JIT code generation for jmp to 1st insn
KASAN: use-after-free Read in snd_seq_ioctl_get_client_pool 1 283d 280d 265d 75545304 ALSA: seq: Fix potential concurrent access to the deleted pool
KASAN: use-after-free Read in bpf_prog_kallsyms_del syz cause+fix 3 513d 591d 265d c751798a bpf: fix use after free in prog symbol exposure
kernel BUG at net/rxrpc/local_object.c:LINE! C cause 11167 268d 336d 265d 730c5fd4 rxrpc: Fix local endpoint refcounting
KASAN: null-ptr-deref Write in rxrpc_unuse_local C cause 4422 289d 293d 265d 68553f1a rxrpc: Fix local refcounting
KASAN: use-after-free Read in bpf_get_prog_name 1 308d 307d 265d c751798a bpf: fix use after free in prog symbol exposure
KMSAN: uninit-value in batadv_netlink_dump_hardif C 58 276d 311d 265d 3ee1bb7a batman-adv: fix uninit-value in batadv_netlink_get_ifindex()
WARNING in bpf_prog_kallsyms_find C cause 5632 265d 387d 265d c751798a bpf: fix use after free in prog symbol exposure
KASAN: slab-out-of-bounds Read in do_jit C cause 16 265d 310d 265d 7c2e988f bpf: fix x64 JIT code generation for jmp to 1st insn
KASAN: use-after-free Read in ld_usb_release C 14 284d 293d 265d 303911cf USB: core: Fix races in character device registration and deregistraion
KMSAN: uninit-value in rtm_dump_nexthop C 6 275d 291d 265d d00ee64e netlink: Fix nlmsg_parse as a wrapper for strict message parsing
WARNING in is_bpf_text_address C cause 104 275d 342d 265d c751798a bpf: fix use after free in prog symbol exposure
KASAN: slab-out-of-bounds Read in usbnet_generic_cdc_bind C 2 288d 290d 265d 54364278 USB: CDC: fix sanity checks in CDC union parser
WARNING in __blkdev_put (2) syz 3082 290d 297d 265d e91455ba bdev: Fixup error handling in blkdev_get()
KASAN: use-after-free Read in device_release_driver_internal C 5 286d 310d 265d c52873e5 usb: cdc-acm: make sure a refcount is taken early enough
KASAN: use-after-free Read in bpf_prog_kallsyms_add syz cause+fix 120 392d 626d 265d c751798a bpf: fix use after free in prog symbol exposure
WARNING in wdm_write/usb_submit_urb C 15 269d 283d 265d 1426bd2c USB: cdc-wdm: fix race between write and disconnect due to flag abuse
BUG: corrupted list in rxrpc_local_processor C cause 1679 285d 293d 265d b00df840 rxrpc: Fix local endpoint replacement
KASAN: use-after-free Write in __xfrm_policy_unlink (2) 7 332d 378d 269d b805d78d xfrm: policy: Fix out-of-bound array accesses in __xfrm_policy_unlink
BUG: unable to handle kernel paging request in hrtimer_interrupt syz cause 2 308d 344d 275d 95fa1454 bpf: sockmap/tls, close can race with map free
WARNING in smc_unhash_sk (2) C cause 1047 275d 411d 275d cd206360 net/smc: avoid fallback in case of non-blocking connect
WARNING: ODEBUG bug in tls_sw_free_resources_tx 23 310d 569d 275d f87e62d4 net/tls: remove close callback sock unlock/lock around TX work flush
general protection fault in rcu_core syz cause 1 324d 323d 275d 95fa1454 bpf: sockmap/tls, close can race with map free
general protection fault in mm_update_next_owner syz cause+fix 1 355d 355d 275d 95fa1454 bpf: sockmap/tls, close can race with map free
KMSAN: kernel-usb-infoleak in pcan_usb_pro_send_req C 16 278d 303d 275d 30a8beeb can: peak_usb: pcan_usb_fd: Fix info-leaks to USB devices
KASAN: use-after-free Write in validate_chain syz cause 3 332d 342d 275d 95fa1454 bpf: sockmap/tls, close can race with map free
WARNING: held lock freed! (2) C cause 1 328d 325d 275d 4638faac netrom: hold sock when setting skb->destructor
general protection fault in tls_trim_both_msgs C cause 36 297d 308d 275d 5d92e631 net/tls: partially revert fix transition through disconnect with close
KASAN: use-after-free Read in psi_task_change syz cause 1 308d 307d 275d 95fa1454 bpf: sockmap/tls, close can race with map free
KASAN: slab-out-of-bounds Read in class_equal syz cause 45 296d 369d 275d 95fa1454 bpf: sockmap/tls, close can race with map free
KASAN: slab-out-of-bounds Write in check_noncircular syz cause 1 315d 314d 275d 95fa1454 bpf: sockmap/tls, close can race with map free
WARNING in mark_lock syz cause 2 284d 339d 275d 95fa1454 bpf: sockmap/tls, close can race with map free
general protection fault in holtek_kbd_input_event C 67 296d 308d 275d 01ec0a5f HID: holtek: test for sanity of intfdata
KASAN: use-after-free Read in release_sock C cause 10 298d 307d 275d 4638faac netrom: hold sock when setting skb->destructor
KASAN: slab-out-of-bounds Write in validate_chain syz cause 6 327d 342d 275d 95fa1454 bpf: sockmap/tls, close can race with map free
general protection fault in tcf_ife_init C cause 72 297d 311d 275d c8ec4632 ife: error out when nla attributes are empty
KASAN: invalid-free in tls_sk_proto_cleanup 5 299d 302d 275d 5d92e631 net/tls: partially revert fix transition through disconnect with close
BUG: unable to handle kernel paging request in __do_softirq syz cause+fix 1 345d 344d 275d 95fa1454 bpf: sockmap/tls, close can race with map free
kernel panic: stack is corrupted in validate_chain syz cause 1 338d 338d 275d 95fa1454 bpf: sockmap/tls, close can race with map free
KASAN: slab-out-of-bounds Read in corrupted (2) syz cause 3 307d 357d 275d 95fa1454 bpf: sockmap/tls, close can race with map free
BUG: unable to handle kernel paging request in tls_prots syz cause 1 337d 337d 275d 95fa1454 bpf: sockmap/tls, close can race with map free
kernel panic: corrupted stack end in dput syz cause 1 332d 332d 275d 95fa1454 bpf: sockmap/tls, close can race with map free
general protection fault in tls_sk_proto_close syz cause 260 275d 307d 275d 5d92e631 net/tls: partially revert fix transition through disconnect with close
WARNING in debug_check_no_obj_freed C cause 47 276d 343d 275d f9cedf1a net/smc: do not schedule tx_work in SMC_CLOSED state
BUG: unable to handle kernel paging request in cpuacct_account_field syz cause+fix 1 343d 342d 275d 95fa1454 bpf: sockmap/tls, close can race with map free
memory leak in fdb_create C cause 4 300d 339d 275d d7bae09f net: bridge: delete local fdb on device init failure
KASAN: use-after-free Read in tls_wait_data 1 300d 294d 275d 5d92e631 net/tls: partially revert fix transition through disconnect with close
BUG: unable to handle kernel NULL pointer dereference in corrupted (4) syz cause+fix 1 338d 338d 275d 95fa1454 bpf: sockmap/tls, close can race with map free
possible deadlock in rxrpc_put_peer 1 311d 307d 275d 60034d3d rxrpc: Fix potential deadlock
WARNING: held lock freed in nr_release C cause 344 295d 316d 275d 4638faac netrom: hold sock when setting skb->destructor
KASAN: use-after-free Read in corrupted (3) syz cause 1 337d 337d 275d 95fa1454 bpf: sockmap/tls, close can race with map free
WARNING: ODEBUG bug in __sk_destruct C 2855 295d 760d 275d f9cedf1a net/smc: do not schedule tx_work in SMC_CLOSED state
WARNING in cgroup_rstat_updated syz cause 1 296d 296d 275d 95fa1454 bpf: sockmap/tls, close can race with map free
general protection fault in rb_erase (2) syz cause 4 304d 511d 275d 95fa1454 bpf: sockmap/tls, close can race with map free
KASAN: slab-out-of-bounds Read in usage_accumulate syz cause 3 338d 357d 275d 95fa1454 bpf: sockmap/tls, close can race with map free
KASAN: use-after-free Read in nr_release C cause 25 276d 355d 275d 4638faac netrom: hold sock when setting skb->destructor
WARNING: refcount bug in nr_rx_frame C cause 15 299d 315d 275d 4638faac netrom: hold sock when setting skb->destructor
KASAN: use-after-free Read in hiddev_release C 11 286d 301d 275d 9c09b214 HID: hiddev: avoid opening a disconnected device 6d4472d7 HID: hiddev: do cleanup in failure of opening a device
KASAN: use-after-free Read in nr_insert_socket C cause 22 299d 315d 275d 4638faac netrom: hold sock when setting skb->destructor
general protection fault in tls_tx_records 1 302d 294d 275d 5d92e631 net/tls: partially revert fix transition through disconnect with close
BUG: unable to handle kernel paging request in bpf_prog_ADDR C cause 13 298d 314d 275d 06a22d89 bpf: fix access to skb_shared_info->gso_segs
KASAN: use-after-free Read in nr_rx_frame (2) C cause 3 302d 310d 275d 4638faac netrom: hold sock when setting skb->destructor
memory leak in create_ctx syz 1 355d 355d 275d 95fa1454 bpf: sockmap/tls, close can race with map free
WARNING in xt_compat_add_offset C cause 18 297d 461d 275d 3b48300d netfilter: ebtables: also count base chain policies
KMSAN: kernel-usb-infoleak in pcan_usb_pro_init C 13 279d 303d 275d ead16e53 can: peak_usb: pcan_usb_pro: Fix info-leaks to USB devices
kernel panic: corrupted stack end in corrupted syz cause 17 296d 343d 275d 95fa1454 bpf: sockmap/tls, close can race with map free
WARNING in gpio_to_desc C 3 293d 323d 275d c3953a3c NFC: nfcmrvl: fix gpio-handling regression
KASAN: use-after-free Read in tls_sk_proto_cleanup 9 298d 308d 275d 5d92e631 net/tls: partially revert fix transition through disconnect with close
general protection fault in rb_next (3) syz cause+fix 1 348d 346d 275d 95fa1454 bpf: sockmap/tls, close can race with map free
general protection fault in tls_setsockopt syz cause 7 303d 317d 275d 5d92e631 net/tls: partially revert fix transition through disconnect with close
KMSAN: uninit-value in read_eprom_word C 31 277d 303d 275d 224c0497 net: usb: pegasus: fix improper read if get_registers() fail
general protection fault in finish_task_switch (2) C fix 1538 612d 657d 279d 26b471c7 KVM: nVMX: Fix bad cleanup on error of get/set nested state IOCTLs
KASAN: use-after-free Read in tls_push_sg 2 303d 377d 282d 9354544c net/tls: fix page double free on TX cleanup
possible deadlock in xsk_notifier C cause 495 314d 325d 289d 5464c3a0 xdp: fix potential deadlock on socket mutex
KASAN: use-after-free Write in _free_event C 112 452d 689d 289d 1cf8dfe8 perf/core: Fix race between close() and fork()
WARNING in __mark_chain_precision C cause 105 289d 325d 289d b3b50f05 bpf: fix precision bit propagation for BPF_ST instructions
linux-next boot error: WARNING in corrupted 12 327d 329d 289d 18c49926 cpufreq: Add QoS requests for userspace constraints
INFO: task hung in snd_seq_write 6 435d 640d 289d ede34f39 ALSA: seq: Break too long mutex context in the write loop
memory leak in nfs_get_client C 12 325d 352d 289d 9f7761cf NFS: Cleanup if nfs_match_client is interrupted
usb-fuzzer boot error: general protection fault in dma_direct_max_mapping_size 21 307d 310d 289d 1b5d9a6e scsi: core: fix the dma_max_mapping_size call
memory leak in policydb_read C cause 1 312d 310d 289d 45385237 selinux: fix memory leak in policydb_init()
WARNING in binder_transaction_buffer_release syz cause 38 331d 374d 289d 49ed9694 binder: prevent transactions to context manager from its own process.
general protection fault in snd_usb_pipe_sanity_check C 72 290d 304d 289d 5d78e1c2 ALSA: usb-audio: Fix gpf in snd_usb_pipe_sanity_check
INFO: rcu detected stall in snd_seq_write syz cause 18 309d 640d 289d ede34f39 ALSA: seq: Break too long mutex context in the write loop
KASAN: stack-out-of-bounds Read in hfcsusb_probe C 634 304d 410d 289d f384e62a ISDN: hfcsusb: checking idx of ep configuration
BUG: unable to handle kernel NULL pointer dereference in hci_uart_set_flow_control C cause 7 434d 434d 289d b36a1552 Bluetooth: hci_uart: check for missing tty operations
kernel BUG at drivers/usb/wusbcore/wusbhc.c:LINE! C 1 310d 310d 289d f90bf1ec usb: wusbcore: fix unbalanced get/put cluster_id
memory leak in sctp_get_port_local C 28 299d 366d 297d 9b6c0887 sctp: not bind the socket in sctp_connect
WARNING: Support for this device (Terratec Grabster AV400) is experimental. C 371 304d 394d 297d 1753c7c4 media: pvrusb2: use a different format for warnings
general protection fault in send_hsr_supervision_frame C cause 1395 318d 325d 297d 311633b6 hsr: switch ->dellink() to ->ndo_uninit()
memory leak in ip_mc_add_src (2) C 7 308d 336d 297d e5b1c6c6 igmp: fix memory leak in igmpv3_del_delrec()
general protection fault in btf_array_resolve C cause 109 322d 344d 297d e4f07120 bpf: fix NULL deref in btf_type_is_resolve_source_only
general protection fault in sctp_sched_prio_sched C cause 3 334d 348d 297d 4d141581 sctp: fix error handling on stream scheduler initialization
general protection fault in ip6_datagram_dst_update C cause 12 321d 323d 297d 8975a3ab ipv6: fix potential crash in ip6_datagram_dst_update()
KMSAN: uninit-value in ax88772_bind C 80 299d 360d 297d 78226f6e net: usb: asix: init MAC address buffers
KASAN: use-after-free Read in ip_expire 1 346d 346d 297d d5dd8879 inet: fix various use-after-free in defrags units
kernel BUG at drivers/android/binder_alloc.c:LINE! (4) C cause 26 337d 345d 297d bb4a2e48 binder: return errors from buffer copy functions
KASAN: use-after-free Read in cpia2_usb_disconnect C 3 324d 408d 297d eff73de2 media: cpia2_usb: first wake up, then free in disconnect
general protection fault in ovs_ct_exit C cause 9888 339d 344d 297d b272a0ad netns: restore ops before calling ops_exit_list
memory leak in binder_transaction C 3 338d 350d 297d 1909a671 binder: fix memory leak in error path
KASAN: use-after-free Read in xlog_alloc_log 16 316d 336d 297d 89b171ac xfs: fix iclog allocation size
KMSAN: uninit-value in bond_start_xmit (2) C 2309 297d 621d 297d 9d1bc24b bonding: validate ip header before check IPPROTO_IGMP
WARNING in __flush_work (3) C 1251 300d 410d 297d 11a087f4 media: uvcvideo: Fix access to uninitialized fields on probe error
memory leak in pfkey_xfrm_policy2msg_prep C 4 338d 369d 297d 7c80eb1c af_key: fix leaks in key_pol_get_resp and dump_sp.
KASAN: use-after-free Read in dvb_usb_device_exit C 825 298d 412d 297d 6cf97230 media: dvb: usb: fix use after free in dvb_usb_device_exit
KASAN: slab-out-of-bounds Read in au0828_rc_unregister (2) 11 368d 379d 297d 6d0d1ff9 media: au0828: fix null dereference in error path
INFO: trying to register non-static key in rtl_c2hcmd_launcher C 48950 304d 412d 297d 6c0ed66f rtlwifi: rtl8192cu: fix error handle when usb probe failed
KASAN: use-after-free Read in kfree_skb_list C cause 383 343d 362d 297d b7034146 net: fix use-after-free in kfree_skb_list
KASAN: null-ptr-deref Read in zr364xx_vidioc_querycap C 76 304d 395d 297d 5d2e73a5 media: usb:zr364xx:Fix KASAN:null-ptr-deref Read in zr364xx_vidioc_querycap
memory leak in __ip6_append_data C 10 340d 366d 297d dc93f46b inet: frags: fix use-after-free read in inet_frag_destroy_rcu
WARNING: ath10k USB support is incomplete, don't expect anything to work! C 347 305d 385d 297d 265df32e ath10k: Change the warning message string
KASAN: use-after-free Write in xfrm_hash_rebuild syz cause 8 330d 378d 297d fd709721 xfrm: policy: fix bydst hlist corruption on hash rebuild
memory leak in bcsp_recv C 3 342d 369d 297d 4ce9146e Bluetooth: hci_bcsp: Fix memory leak in rx_skb
memory leak in start_sync_thread C 7 334d 366d 297d 5db7c8b9 ipvs: fix tinfo memory leak in start_sync_thread
KASAN: use-after-free Read in v4l2_release C 275 305d 409d 297d c666355e media: radio-raremono: change devm_k*alloc to k*alloc
net-next build error (2) 2 363d 363d 297d c9bb6165 netfilter: nf_conntrack_bridge: fix CONFIG_IPV6=y
KASAN: use-after-free Read in brnf_exit_net syz cause 3 341d 344d 297d 7e6daf50 netfilter: bridge: prevent UAF in brnf_exit_net()
WARNING in static_key_slow_try_dec C cause 58 320d 324d 297d d44e3fa5 ipv6: fix static key imbalance in fl_create()
WARNING: suspicious RCU usage in in_dev_dump_addr C cause 107 358d 360d 297d d3e6e285 net: ipv4: fix rcu lockdep splat due to wrong annotation
memory leak in nf_hook_entries_grow C 99 324d 360d 297d cf47a0b8 ipvs: defer hook registration to avoid leaks
general protection fault in tcp_v6_send_reset C cause 353 352d 357d 297d 39209673 ipv6: tcp: fix potential NULL deref in tcp_v6_send_reset()
KASAN: use-after-free Read in inet_frag_destroy_rcu C cause 61 365d 367d 297d dc93f46b inet: frags: fix use-after-free read in inet_frag_destroy_rcu
general protection fault in btf_struct_resolve C cause 49 322d 344d 297d e4f07120 bpf: fix NULL deref in btf_type_is_resolve_source_only
KASAN: use-after-free Read in rhashtable_last_table (2) 1 371d 371d 297d dc93f46b inet: frags: fix use-after-free read in inet_frag_destroy_rcu
KASAN: use-after-free Read in unregister_shrinker syz cause 3 353d 358d 297d 689d7ba4 nfsd: fix cleanup of nfsd_reply_cache_init on failure
general protection fault in oom_unkillable_task 1 354d 349d 297d ac311a14 oom: decouple mems_allowed from oom_unkillable_task
general protection fault in rxrpc_connect_call C cause 15 346d 491d 297d e835ada0 rxrpc: Fix send on a connected, but unbound socket
WARNING: Detected a wedged cx25840 chip; the device will not work. C 62 305d 394d 297d 1753c7c4 media: pvrusb2: use a different format for warnings
WARNING: suspicious RCU usage in fib_dump_info_fnhe C cause 7 337d 337d 297d 3b525691 ipv6: fix suspicious RCU usage in rt6_dump_route()
memory leak in hsr_create_self_node C 5 336d 367d 297d b9a1e627 hsr: implement dellink to clean up resources
general protection fault in call_fib6_multipath_entry_notifiers C cause 94 339d 344d 297d 9eee3b49 ipv6: Error when route does not have any valid nexthops
WARNING in snd_usb_motu_microbookii_communicate/usb_submit_urb C 3 314d 352d 297d 801ebf10 ALSA: usb-audio: Sanity checks for each pipe and EP types
memory leak in nr_rx_frame C 5 303d 367d 297d c8c8218e netrom: fix a memory leak in nr_rx_frame()
KASAN: use-after-free Read in p54u_load_firmware_cb syz 40 305d 388d 297d 6e41e225 p54usb: Fix race between disconnect and firmware loading
memory leak in batadv_tvlv_handler_register C 313 322d 373d 297d 17f78dd1 batman-adv: fix for leaked TVLV handler.
INFO: task hung in io_uring_release 24 322d 339d 297d a4c0b3de io_uring: fix io_sq_thread_stop running in front of io_sq_thread
general protection fault in get_task_pid C cause 24 330d 332d 304d 28dd29c0 fork: return proper negative error code
general protection fault in do_move_mount (2) syz cause 7 337d 345d 304d 570d7a98 vfs: move_mount: reject moving kernel internal mounts
memory leak in packet_set_ring C 2 336d 341d 304d 55655e3d net/packet: fix memory leak in packet_set_ring()
possible deadlock in io_submit_one C cause 1779 308d 479d 304d cbcfa130 fs/userfaultfd.c: disable irqs for fault_pending and event locks
KMSAN: uninit-value in tipc_nl_compat_bearer_disable C 19 331d 344d 304d 4f07b80c tipc: check msg->req data len in tipc_nl_compat_bearer_disable
memory leak in sctp_v6_create_accept_sk C 1 361d 361d 304d 25bff6d5 sctp: change to hold sk after auth shkey is created successfully
memory leak in sctp_v4_create_accept_sk C 1 341d 339d 304d 25bff6d5 sctp: change to hold sk after auth shkey is created successfully
possible deadlock in userfaultfd_release C cause 137 336d 579d 304d cbcfa130 fs/userfaultfd.c: disable irqs for fault_pending and event locks
possible deadlock in userfaultfd_read (2) 228 327d 426d 304d cbcfa130 fs/userfaultfd.c: disable irqs for fault_pending and event locks
memory leak in mpihelp_mul_karatsuba_case C 2 339d 339d 304d c8ea9fce lib/mpi: Fix karactx leak in mpi_powm
KASAN: global-out-of-bounds Read in qmi_wwan_probe C 2 327d 339d 304d 904d88d7 qmi_wwan: Fix out-of-bounds read
KASAN: null-ptr-deref Write in submit_audio_out_urb (2) C 3423 304d 336d 304d 34501219 ALSA: line6: Fix write on zero-sized buffer
WARNING in kvm_set_tsc_khz C 5 659d 656d 304d 3f16a5c3 KVM: x86: degrade WARN to pr_warn_ratelimited
WARNING in notify_change C 566 391d 780d 309d f69e749a Abort file_remove_privs() for non-reg. files
WARNING in cgroup_exit C cause 64 384d 387d 309d f2b31bb5 cgroup: never call do_group_exit() with task->frozen bit set
WARNING: syz-executor still has locks held! C cause 233 540d 551d 309d a72173ec Revert "exec: make de_thread() freezable"
general protection fault in inet_accept C 131 525d 687d 322d 07603b23 net/smc: propagate file from SMC to TCP socket
memory leak in sctp_process_init C 10 347d 367d 323d 0a8dd9f6 Fix memory leak in sctp_process_init ce950f10 sctp: Free cookie before we memdup a new one
BUG: unable to handle kernel paging request in ipv6_rcv (2) 18 345d 368d 323d c3bcde02 tipc: pass tunnel dev as NULL to udp_tunnel(6)_xmit_skb
memory leak in __memcg_init_list_lru_node C 3 353d 367d 323d 3510955b mm/list_lru.c: fix memory leak in __memcg_init_list_lru_node
KMSAN: uninit-value in tcp_create_openreq_child C 4000 323d 344d 323d 85f9aa75 inet: clear num_timeout reqsk_alloc()
KASAN: slab-out-of-bounds Read in dst_dev_put 3 456d 507d 323d c3bcde02 tipc: pass tunnel dev as NULL to udp_tunnel(6)_xmit_skb
WARNING in fanotify_handle_event C cause 5 346d 345d 323d c285a2f0 fanotify: update connector fsid cache on add mark
KASAN: use-after-free Read in pneigh_get_next syz cause 2 348d 348d 323d f3e92cb8 neigh: fix use-after-free read in pneigh_get_next
KASAN: use-after-free Read in css_task_iter_advance 48 352d 359d 323d c596687a cgroup: Fix css_task_iter_advance_css_set() cset skip condition
BUG: Dentry still in use [unmount of tmpfs tmpfs] 2 355d 354d 323d 1b0b9cc8 vfs: fsmount: add missing mntget()
KASAN: slab-out-of-bounds Read in __fib6_drop_pcpu_from 1 347d 347d 323d c3bcde02 tipc: pass tunnel dev as NULL to udp_tunnel(6)_xmit_skb
WARNING: refcount bug in css_task_iter_next 11 353d 357d 323d c596687a cgroup: Fix css_task_iter_advance_css_set() cset skip condition
memory leak in raw_sendmsg C 2 348d 360d 323d fd704bd5 can: purge socket error queue on sock destruct
KASAN: slab-out-of-bounds Read in css_task_iter_advance C cause 19 353d 359d 323d c596687a cgroup: Fix css_task_iter_advance_css_set() cset skip condition
memory leak in tipc_buf_acquire C 15 346d 370d 323d 5cf02612 tipc: purge deferredq list for each grp member in tipc_group_delete
general protection fault in __smc_diag_dump syz cause 309 499d 512d 323d b03faa1f net/smc: postpone release of clcsock
inconsistent lock state in ax25_destroy_timer 2 347d 348d 323d d4d5d8e8 ax25: fix inconsistent lock state in ax25_destroy_timer
memory leak in inet6_create C 2 354d 357d 323d 522924b5 net: correct udp zerocopy refcnt also when zerocopy only on append
memory leak in kobject_set_name_vargs C 12 331d 365d 323d 4f488fbc cfg80211: fix memory leak of wiphy device name
inconsistent lock state in ax25_rt_autobind 2 346d 347d 323d d4d5d8e8 ax25: fix inconsistent lock state in ax25_destroy_timer
general protection fault in rt_cache_valid 24 340d 467d 323d c3bcde02 tipc: pass tunnel dev as NULL to udp_tunnel(6)_xmit_skb
KASAN: use-after-free Read in sprintf syz cause 2 348d 348d 323d f3e92cb8 neigh: fix use-after-free read in pneigh_get_next
BUG: Dentry still in use [unmount of sysfs sysfs] C cause 6 348d 348d 323d 1b0b9cc8 vfs: fsmount: add missing mntget()
general protection fault in dst_dev_put (2) C cause 442 344d 534d 323d c3bcde02 tipc: pass tunnel dev as NULL to udp_tunnel(6)_xmit_skb
KASAN: null-ptr-deref Read in css_task_iter_advance 2 353d 353d 323d c596687a cgroup: Fix css_task_iter_advance_css_set() cset skip condition
BUG: Dentry still in use [unmount of hugetlbfs hugetlbfs] C cause 3 345d 345d 323d 1b0b9cc8 vfs: fsmount: add missing mntget()
KMSAN: kernel-infoleak in copy_siginfo_to_user (2) C 15 352d 382d 323d f6e2aa91 signal/ptrace: Don't leak unitialized kernel memory with PTRACE_PEEK_SIGINFO
WARNING in blk_mq_sched_free_requests C cause 4 350d 352d 323d c326f846 blk-mq: remove WARN_ON(!q->elevator) from blk_mq_sched_free_requests
KASAN: slab-out-of-bounds Read in rt_cache_valid 3 361d 359d 323d c3bcde02 tipc: pass tunnel dev as NULL to udp_tunnel(6)_xmit_skb
BUG: unable to handle kernel paging request in dst_dev_put 3 365d 507d 323d c3bcde02 tipc: pass tunnel dev as NULL to udp_tunnel(6)_xmit_skb
KASAN: use-after-free Read in rt_cache_valid syz cause 5 355d 471d 323d c3bcde02 tipc: pass tunnel dev as NULL to udp_tunnel(6)_xmit_skb
memory leak in new_inode_pseudo C 136 323d 372d 323d 355e8d26 io_uring: fix memory leak of UNIX domain socket inode
memory leak in lapb_register C 16 346d 373d 323d 6be8e297 lapb: fixed leak of control-blocks.
KASAN: use-after-free Read in blk_mq_free_rqs C cause 3481 352d 357d 330d c3e22192 block: free sched's request pool in blk_cleanup_queue
possible deadlock in aio_poll C 5041 482d 626d 334d ae62c16e userfaultfd: disable irqs when taking the waitqueue lock
KASAN: slab-out-of-bounds Read in linear_transfer (2) 1 410d 401d 339d ca0214ee ALSA: pcm: Fix possible OOB access in PCM oss plugins
KASAN: slab-out-of-bounds Read in rhashtable_walk_enter C cause 48 372d 376d 339d 526f5b85 tipc: fix modprobe tipc failed after switch order of device registration
BUG: spinlock bad magic in rhashtable_walk_enter C cause 8 372d 376d 339d 526f5b85 tipc: fix modprobe tipc failed after switch order of device registration
KASAN: use-after-free Write in check_and_subscribe_port 1 394d 387d 339d 7c32ae35 ALSA: seq: Cover unsubscribe_port() in list_mutex
WARNING: proc registration bug in snd_info_card_register C 453 368d 412d 339d 0b074ab7 ALSA: line6: Assure canceling delayed work at disconnection
KASAN: slab-out-of-bounds Write in default_read_copy_kernel C cause 3 459d 535d 339d ca0214ee ALSA: pcm: Fix possible OOB access in PCM oss plugins
INFO: task hung in __ia32_sys_io_uring_enter 2 409d 410d 340d b19062a5 io_uring: fix possible deadlock between io_uring_{enter,register}
INFO: task hung in __x64_sys_io_uring_enter 12 403d 410d 340d b19062a5 io_uring: fix possible deadlock between io_uring_{enter,register}
general protection fault in sctp_sched_dequeue_common (2) C cause 3 441d 441d 340d 2e990dfd sctp: remove sched init from sctp_stream_init
WARNING in ovl_instantiate syz cause 75 397d 565d 340d 146d62e5 ovl: detect overlapping layers acf3062a ovl: relax WARN_ON() for overlapping layers use case
general protection fault in sisusb_probe C 3 382d 385d 343d 9a5729f6 USB: sisusbvga: fix oops in error path of sisusb_probe
INFO: task hung in __get_super C 80 344d 788d 343d 33ec3e53 loop: Don't change loop device under exclusive opener
KASAN: slab-out-of-bounds Write in usb_get_bos_descriptor syz 3 371d 384d 343d a03ff544 USB: Fix slab-out-of-bounds write in usb_get_bos_descriptor
KASAN: invalid-free in disconnect_rio C 180 367d 412d 343d 3864d339 USB: rio500: refuse more than one device at a time
general protection fault in smsusb_init_device C 23 367d 406d 343d 31e0456d media: usb: siano: Fix general protection fault in smsusb
memory leak in packet_setsockopt C 10 356d 373d 343d afa0925c packet: unconditionally free po->rollover
KASAN: wild-memory-access Read in refcount_sub_and_test_checked 2 363d 380d 345d 61fb0d01 ipv6: prevent possible fib6 leaks
KASAN: use-after-free Read in ip6_fragment 1 376d 376d 345d 61fb0d01 ipv6: prevent possible fib6 leaks
BUG: unable to handle kernel NULL pointer dereference in ip6_rcv_finish 3 352d 380d 345d 61fb0d01 ipv6: prevent possible fib6 leaks
KASAN: use-after-free Write in fib6_purge_rt 2 370d 378d 345d 61fb0d01 ipv6: prevent possible fib6 leaks
KASAN: null-ptr-deref Write in fib6_purge_rt 18 359d 381d 345d 61fb0d01 ipv6: prevent possible fib6 leaks
KASAN: use-after-free Read in napi_gro_frags C cause 16 363d 365d 345d a4270d67 net-gro: fix use-after-free read in napi_gro_frags()
memory leak in ip_mc_add_src C 14 349d 373d 345d 3580d04a ipv4/igmp: fix another memory leak in igmpv3_del_delrec()
memory leak in process_preds C 1 367d 367d 345d dfb4a6f2 tracing: Avoid memory leak in predicate_parse()
memory leak in llc_ui_create C 4 355d 367d 345d 8fb44d60 llc: fix skb leak in llc_build_and_send_ui_pkt()
memory leak in inet_create C 2 359d 373d 345d 100f6d8e net: correct zerocopy refcnt with udp MSG_MORE
KASAN: slab-out-of-bounds Write in fib6_purge_rt 6 346d 381d 345d 61fb0d01 ipv6: prevent possible fib6 leaks
INFO: trying to register non-static key in rhashtable_walk_enter C 16 373d 376d 345d 526f5b85 tipc: fix modprobe tipc failed after switch order of device registration
KASAN: use-after-free Read in __dev_map_entry_free C 473 427d 708d 345d 2baae354 bpf: devmap: fix use-after-free Read in __dev_map_entry_free
KASAN: null-ptr-deref Write in submit_audio_out_urb C 185 352d 367d 345d 0b074ab7 ALSA: line6: Assure canceling delayed work at disconnection
INFO: task hung in usb_kill_urb C 1515 407d 412d 349d 50896c41 USB: dummy-hcd: Fix failure to give back unlinked URBs USB: dummy-hcd: Fix failure to give back unlinked URBs
KASAN: use-after-free Read in snd_seq_timer_interrupt 1 582d 582d 349d fe1b26c9 ALSA: timer: Make snd_timer_close() really kill pending actions
general protection fault in do_move_mount 3 386d 385d 349d 05883eee do_move_mount(): fix an unsafe use of is_anon_ns()
KASAN: use-after-free Read in tipc_sk_filter_rcv C cause 3439 428d 435d 349d 77d5ad40 tipc: fix use-after-free in tipc_sk_filter_rcv
BUG: assuming atomic context at net/core/flow_dissector.c:LINE syz 19 379d 384d 349d b1c17a9a flow_dissector: disable preemption around BPF calls
general protection fault in load_elf_binary C cause 15 422d 426d 349d cc338010 fs/binfmt_elf.c: free PT_INTERP filename ASAP
INFO: task hung in snd_seq_kernel_client_ctl C cause 554 412d 413d 349d f0654ba9 Revert "ALSA: seq: Protect in-kernel ioctl calls with mutex"
BUG: unable to handle kernel paging request in isolate_freepages_block 3 393d 387d 349d 60fce36a mm/compaction.c: correct zone boundary handling when isolating pages from a pageblock
KASAN: use-after-free Read in snd_timer_process_callbacks C cause 4 414d 415d 349d df55531b ALSA: timer: Revert active callback sync check at close
WARNING in cma_exit_net 25 421d 423d 349d 061ccb52 RDMA/cma: Set proper port number as index
KASAN: use-after-free Read in snd_seq_ioctl_get_subscription 2 573d 605d 349d 2eabc5ec ALSA: seq: Fix race of get-subscription call vs port-delete ioctls
KASAN: use-after-free Read in tcp_v6_send_reset 1 429d 429d 349d 4f661542 tcp: fix zerocopy and notsent_lowat issues
WARNING in batadv_mcast_mla_update 75 380d 514d 349d a3c7cd0c batman-adv: mcast: fix multicast tt/tvlv worker locking
BUG: using __this_cpu_read() in preemptible code in ip6_finish_output C cause 18807 416d 422d 349d 28b05b92 net: use correct this_cpu primitive in dev_recursion_level
WARNING: ODEBUG bug in netdev_freemem syz cause 1042 349d 514d 349d a3c7cd0c batman-adv: mcast: fix multicast tt/tvlv worker locking
WARNING: locking bug in nfs_get_client C cause 13 385d 386d 349d c260121a NFS: Fix a double unlock from nfs_match,get_client
WARNING: locking bug in copy_process C cause 3 382d 385d 349d c3b7112d fork: do not release lock that wasn't taken
KASAN: use-after-free Read in string C 247 393d 633d 349d c03a0fd0 kobject: Don't trigger kobject_uevent(KOBJ_REMOVE) twice.
KASAN: use-after-free Read in get_mem_cgroup_from_mm C cause 375 395d 569d 349d c3f3ce04 userfaultfd: use RCU to free the task struct when fork fails
KASAN: slab-out-of-bounds Write in skb_release_data 1 428d 428d 349d 4f661542 tcp: fix zerocopy and notsent_lowat issues
KASAN: use-after-free Read in __vb2_perform_fileio C cause 786 386d 577d 349d d65842f7 media: vb2: add waiting_in_dqbuf flag
BUG: sleeping function called from invalid context in line6_pcm_acquire 119 367d 386d 349d 7f84ff68 ALSA: line6: toneport: Fix broken usage of timer for delayed execution
kernel BUG at drivers/android/binder_alloc.c:LINE! (3) C cause 24 358d 427d 349d a3c7cd0c batman-adv: mcast: fix multicast tt/tvlv worker locking
WARNING in batadv_mcast_mla_tt_retract syz cause 190 380d 514d 349d a3c7cd0c batman-adv: mcast: fix multicast tt/tvlv worker locking
KASAN: use-after-free Write in __ext4_expand_extra_isize C 95 396d 787d 349d 7bc04c5c ext4: fix use-after-free race with debug_want_extra_isize
general protection fault in tipc_mcast_filter_msg C cause 3889 413d 435d 349d 08e046c8 tipc: fix a null pointer deref
WARNING in port_delete syz cause 22 472d 687d 349d 7c32ae35 ALSA: seq: Cover unsubscribe_port() in list_mutex feb68902 ALSA: seq: Protect in-kernel ioctl calls with mutex
kernel BUG at mm/slab.c:LINE! (4) 12 361d 428d 349d 4f661542 tcp: fix zerocopy and notsent_lowat issues
possible deadlock in acct_pin_kill C cause 273 392d 609d 349d 9419a319 acct_on(): don't mess with freeze protection
kernel BUG at arch/x86/mm/physaddr.c:LINE! (2) C cause 522 349d 559d 349d dad7e270 media: vivid: use vfree() instead of kfree() for dev->bitmap_cap
general protection fault in __handle_mm_fault C cause 17 591d 601d 352d ff09d7ec mm/memory.c: recheck page table entry with page table lock held
KMSAN: uninit-value in aa_fqlookupn_profile C 39 563d 608d 352d 250f2da4 apparmor: Fix uninitialized value in aa_split_fqname
BUG: bad usercopy in __check_heap_object (3) C 287 621d 692d 352d 1f4aace6 fs/seq_file.c: simplify seq_file iteration code and interface
general protection fault in put_fs_context C 9 576d 576d 352d 8d0347f6 convert do_remount_sb() to fs_context
kernel panic: MAC Initialization failed. (3) C cause 799 381d 455d 352d e80b1859 tomoyo: Add a kernel config option for fuzzing testing.
KASAN: use-after-free Read in br_mdb_ip_get 1 487d 487d 363d 1515a63f net: bridge: always clear mcast matching struct on reports and leaves
KMSAN: uninit-value in br_mdb_ip_get 5 427d 486d 363d 1515a63f net: bridge: always clear mcast matching struct on reports and leaves
WARNING in xfrm_state_fini (2) C 37510 391d 844d 367d dbb2483b xfrm: clean up xfrm protocol checks
KMSAN: uninit-value in rds_connect C 952 395d 637d 367d dd3ac9a6 net/rds: Check address length before reading address family
general protection fault in __dev_printk C 300 394d 407d 367d ef61eb43 USB: yurex: Fix protection fault after device removal
INFO: trying to register non-static key in vmk80xx_detach C 1528 367d 412d 367d 08b7c2f9 staging: comedi: vmk80xx: Fix use of uninitialized semaphore
KMSAN: uninit-value in rtnl_stats_dump syz 14 397d 412d 367d 69f23a09 rtnetlink: fix rtnl_valid_stats_req() nlmsg_len check
WARNING: suspicious RCU usage in fib_compute_spec_dst 1 411d 411d 367d c543cb4a ipv4: ensure rcu_read_lock() in ipv4_link_failure()
BUG: unable to handle page fault for address = ADDR C cause 3 399d 399d 367d baf76f0c slip: make slhc_free() silently accept an error pointer
KASAN: use-after-free Read in seccomp_notify_release (2) C cause 9 430d 430d 367d 7a0df7fb seccomp: Make NEW_LISTENER and TSYNC flags exclusive
WARNING in compat_copy_entries (2) syz cause 19416 381d 814d 367d 7caa56f0 netfilter: ebtables: CONFIG_COMPAT: drop a bogus WARN_ON
KMSAN: uninit-value in tomoyo_check_inet_address 33 378d 378d 367d e6193f78 tomoyo: Check address length before reading address family
BUG: sleeping function called from invalid context at crypto/skcipher.c:LINE 1 411d 410d 367d 44427c0f crypto: xts - Fix atomic sleep when walking skcipher
KMSAN: uninit-value in rds_bind C 6202 395d 637d 367d dd3ac9a6 net/rds: Check address length before reading address family
INFO: trying to register non-static key in ni6501_detach C 127 368d 410d 367d 660cf4ce staging: comedi: ni_usb6501: Fix use of uninitialized mutex
KASAN: slab-out-of-bounds Read in skb_gro_receive (2) C cause 5 393d 393d 367d 4dd2b82d udp: fix GRO packet of death
KASAN: stack-out-of-bounds Write in __ip_options_echo syz cause 8 401d 404d 367d 20ff83f1 ipv4: add sanity checks in ipv4_link_failure()
general protection fault in vcpu_enter_guest (2) C cause 11286 393d 399d 367d b904cb8d KVM: lapic: Check for in-kernel LAPIC before deferencing apic pointer
KASAN: use-after-free Read in snd_info_free_entry C 47 379d 410d 367d 2a3f7221 ALSA: core: Fix card races between register and disconnect 8c2f8708 ALSA: info: Fix racy addition/deletion of nodes
WARNING in percpu_ref_kill_and_confirm C cause 443 395d 402d 367d 35fa71a0 io_uring: fail io_uring_register(2) on a dying io_uring instance
general protection fault in skb_queue_tail C cause 35 400d 401d 367d 032be5f1 rxrpc: fix race condition in rxrpc_input_packet()
WARNING in wiphy_register (4) syz cause 3 411d 440d 367d 45fcef8b mac80211_hwsim: calculate if_combination.max_interfaces
INFO: task hung in __io_uring_register C cause 51 403d 411d 367d b19062a5 io_uring: fix possible deadlock between io_uring_{enter,register}
WARNING in __kthread_bind_mask C cause 2929 401d 411d 367d 06058632 io_uring: park SQPOLL thread if it's percpu
general protection fault in ieee80211_debugfs_rename_netdev 8 396d 410d 367d 51787914 mac80211: don't attempt to rename ERR_PTR() debugfs dirs
KASAN: slab-out-of-bounds Read in ds_probe C 5 369d 407d 367d c114944d USB: w1 ds2490: Fix bug caused by improper use of altsetting array
INFO: rcu detected stall in rose_loopback_timer 5 382d 401d 367d 0453c682 net/rose: fix unbound loop in rose_loopback_timer()
KMSAN: uninit-value in rtnl_stats_get C 5 404d 412d 367d 69f23a09 rtnetlink: fix rtnl_valid_stats_req() nlmsg_len check
KASAN: use-after-free Read in pid_nr_ns 1 397d 397d 367d 6c0afef5 ipv6/flowlabel: wait rcu grace period before put_pid()
KMSAN: uninit-value in tomoyo_check_unix_address 8 378d 378d 367d e6193f78 tomoyo: Check address length before reading address family
kernel BUG at net/core/net-sysfs.c:LINE! C cause 890 396d 432d 367d 8ed633b9 Revert "net-sysfs: Fix memory leak in netdev_register_kobject"
WARNING: refcount bug in l2tp_tunnel_get 1 395d 395d 367d a622b400 l2ip: fix possible use-after-free
WARNING in io_uring_setup C cause 3601 391d 411d 367d 917257da io_uring: only test SQPOLL cpu after we've verified it
KASAN: user-memory-access Write in fib6_purge_rt 6 368d 398d 367d 0e233874 ipv6: fix races in ip6_dst_destroy()
general protection fault in xfrmi_decode_session C cause 16694 391d 463d 367d 6ed69184 xfrm: Reset secpath in xfrm failure
INFO: task hung in vhost_net_stop_vq C cause 136 407d 545d 367d 813dbeb6 vhost: reject zero size iova range
general protection fault in fanotify_handle_event syz cause 5 406d 406d 367d b1da6a51 fsnotify: Fix NULL ptr deref in fanotify_get_fsid()
BUG: unable to handle kernel paging request in do_mount C 194 577d 615d 374d 3e1aeb00 vfs: Implement a filesystem superblock creation/configuration context
KASAN: stack-out-of-bounds Read in string C 46 401d 412d 379d c01c348e USB: core: Fix unterminated string returned by usb_string()
WARNING in usb_submit_urb (4) syz cause 46 380d 569d 379d c2b71462 USB: core: Fix bug caused by duplicate interface PM usage counter
WARNING: locking bug in icmp_send syz cause 1 464d 464d 385d 9926cb5f tipc: change to check tipc_own_id to return in tipc_net_stop
KMSAN: uninit-value in ip6_compressed_string C 9024 395d 547d 395d 7c2bd9a3 NFS: Forbid setting AF_INET6 to "struct sockaddr_in"->sin_family.
kernel BUG at fs/inode.c:LINE! C cause 2 529d 528d 412d 9bf964c9 autofs: simplify parse_options() function call
KMSAN: uninit-value in tipc_nl_compat_name_table_dump (2) C 6 442d 427d 412d 2ac695d1 tipc: handle the err returned from cmd header function
BUG: corrupted list in rhashtable_walk_enter syz cause 3 431d 430d 412d b5f9bd15 ila: Fix rhashtable walker list corruption
possible deadlock in seq_read C 19074 420d 909d 412d 73601ea5 fs/open.c: allow opening only regular files during execve()
KASAN: use-after-free Read in link_path_walk syz cause 5 531d 547d 412d 1da6c4d9 bpf: fix use after free in bpf_evict_inode
KASAN: slab-out-of-bounds Read in default_write_copy_kernel C cause 366 428d 551d 412d ca0214ee ALSA: pcm: Fix possible OOB access in PCM oss plugins
KASAN: use-after-free Read in trailing_symlink syz cause 2 533d 547d 412d 1da6c4d9 bpf: fix use after free in bpf_evict_inode
KMSAN: kernel-infoleak in sctp_getsockopt (3) syz 11 415d 427d 412d 09279e61 sctp: initialize _pad of sockaddr_in before copying to user memory
BUG: unable to handle kernel paging request in ip6_fragment 1 428d 426d 412d ef0efcd3 ipv6: Fix dangling pointer when ipv6 fragment
KMSAN: uninit-value in tipc_nl_compat_link_set (3) C 15 418d 428d 412d 8c63bf9a tipc: check link name with right length in tipc_nl_compat_link_set
KASAN: use-after-free Read in path_lookupat syz cause 1 547d 547d 412d 1da6c4d9 bpf: fix use after free in bpf_evict_inode
KMSAN: uninit-value in tipc_nl_compat_bearer_enable (2) C 51 415d 428d 412d 6f07e5f0 tipc: check bearer name with right length in tipc_nl_compat_bearer_enable
KASAN: use-after-free Read in drm_gem_object_release C 480 428d 581d 412d 21d2b122 drm/vgem: fix use-after-free when drm_gem_handle_create() fails
WARNING: lock held when returning to user space in tun_get_user C cause 55 439d 439d 414d 9180bb4f tun: add a missing rcu_read_unlock() in error path
kernel panic: corrupted stack end in wb_workfn C cause 14 514d 515d 414d ef82bcfa sctp: use memdup_user instead of vmemdup_user
general protection fault in fib6_purge_rt C cause 60 416d 533d 414d 9926cb5f tipc: change to check tipc_own_id to return in tipc_net_stop
KASAN: slab-out-of-bounds Read in icmp6_send 1 441d 441d 414d 4477138f tun: properly test for IFF_UP
KASAN: stack-out-of-bounds Write in rose_write_internal 1 441d 441d 414d e5dcc0c3 net: rose: fix a possible stack overflow
KASAN: use-after-free Read in __icmp_send 1 432d 428d 414d 4477138f tun: properly test for IFF_UP
general protection fault in sctp_assoc_rwnd_increase C cause 28 428d 443d 414d 636d25d5 sctp: not copy sctp_sock pd_lobby in sctp_copy_descendant
WARNING in free_loaded_vmcs (2) syz cause 5 632d 653d 422d 5bea5123 KVM: VMX: check nested state and CR4.VMXE against SMM
general protection fault in kvm_lapic_hv_timer_in_use syz cause 205 614d 656d 422d 26b471c7 KVM: nVMX: Fix bad cleanup on error of get/set nested state IOCTLs
WARNING in enter_vmx_operation syz cause 8 625d 637d 422d 5bea5123 KVM: VMX: check nested state and CR4.VMXE against SMM
general protection fault in loop_validate_file (2) 3 435d 438d 423d f7c8a412 loop: access lo_backing_file only when the loop device is Lo_bound
WARNING in lockdep_unregister_key C cause 214 430d 444d 423d 82efcab3 workqueue: Only unregister a registered lockdep key
WARNING: bad usercopy in fanotify_read C cause 5 443d 444d 423d b2d22b6b fanotify: Allow copying of file handle to userspace
KASAN: use-after-free Read in filemap_fault C 277 507d 517d 423d 6b4c9f44 filemap: drop the mmap_sem for all blocking operations
general protection fault in ebitmap_destroy (2) C cause 36 433d 441d 423d 6a1afffb selinux: fix NULL dereference in policydb_destroy()
WARNING in __flush_work (2) C 38 447d 448d 427d b30b61ff drm/vkms: Fix flush_work() without INIT_WORK().
general protection fault in sctp_sched_rr_dequeue C cause 11 440d 450d 427d 2e990dfd sctp: remove sched init from sctp_stream_init
KASAN: use-after-free Read in br_multicast_rcv 1 446d 446d 427d 083b78a9 ip: fix ip_mc_may_pull() return value
possible deadlock in shmem_fallocate (2) C 1325 449d 657d 427d fb4415a1 staging: android: ashmem: Don't call fallocate() with ashmem_mutex held.
BUG: MAX_STACK_TRACE_ENTRIES too low! C cause 1725 427d 453d 427d 009bb421 workqueue, lockdep: Fix an alloc_workqueue() error path
general protection fault in tc_ctl_chain C 21 462d 470d 427d af736bf0 net: sched: potential NULL dereference in tcf_block_find()
KMSAN: uninit-value in mpol_rebind_mm 6 430d 514d 427d 2e25644e mm, mempolicy: fix uninit memory access
INFO: trying to register non-static key in dump_header 1 459d 459d 427d b30b61ff drm/vkms: Fix flush_work() without INIT_WORK().
WARNING: lock held when returning to user space in grab_super 2 469d 512d 427d 399504e2 fix cgroup_do_mount() handling of failure exits
KASAN: use-after-free Read in unix_dgram_poll syz 2 456d 452d 427d 84c4e1f8 aio: simplify - and fix - fget/fput for io_submit()
general protection fault in hci_uart_write_work C 84 451d 500d 427d 32a7b4cb Bluetooth: hci_ldisc: Initialize hci_dev before open()
KASAN: use-after-free Read in rdma_listen C 1548 428d 787d 427d 5fc01fb8 RDMA/cma: Rollback source IP address if failing to acquire device
KASAN: use-after-free Read in h5_reset_rx 2 458d 463d 427d 56897b21 Bluetooth: hci_ldisc: Postpone HCI_UART_PROTO_READY bit set in hci_uart_set_proto()
kernel BUG at drivers/android/binder_alloc.c:LINE! (2) C 1257 427d 469d 427d 26528be6 binder: fix handling of misaligned binder object
INFO: trying to register non-static key in __flush_work C 5255 448d 516d 427d b30b61ff drm/vkms: Fix flush_work() without INIT_WORK().
KASAN: use-after-free Read in alloc_workqueue C 37 440d 452d 427d 009bb421 workqueue, lockdep: Fix an alloc_workqueue() error path
general protection fault in cgroup_reconfigure C 7 663d 691d 427d 23bf1b6b kernfs, sysfs, cgroup, intel_rdt: Support fs_context
KASAN: use-after-free Read in x25_device_event C 548 441d 516d 427d 95d6ebd5 net/x25: fix use-after-free in x25_device_event()
possible deadlock in __do_page_fault C 820 449d 616d 427d fb4415a1 staging: android: ashmem: Don't call fallocate() with ashmem_mutex held.
possible deadlock in vfs_fallocate C 3981 649d 760d 427d fb4415a1 staging: android: ashmem: Don't call fallocate() with ashmem_mutex held.
WARNING in get_q_data C 649 475d 485d 427d db9a01b3 media: vicodec: check type in g/s_selection
KMSAN: kernel-infoleak in video_usercopy C 410 428d 527d 427d f45f3f75 media: v4l2-ctrls.c/uvc: zero v4l2_event
KMSAN: uninit-value in gue6_err (2) C 2826 427d 449d 427d 5355ed63 fou, fou6: avoid uninit-value in gue_err() and gue6_err()
kernel BUG at kernel/time/timer.c:LINE! (3) 1 448d 448d 427d 1e027960 net/hsr: fix possible crash in add_timer()
BUG: unable to handle kernel paging request in gro_cells_destroy (3) 3 429d 446d 427d 2a5ff07a gro_cells: make sure device is up in gro_cells_receive()
KMSAN: kernel-infoleak in move_addr_to_user (2) C 8 428d 443d 427d 163d1c3d l2tp: fix infoleak in l2tp_ip6_recvmsg()
general protection fault in nf_ct_gre_keymap_flush C 22 486d 492d 427d ac088a88 netfilter: conntrack: fix error path in nf_conntrack_pernet_init()
general protection fault in xsk_diag_dump C 5 445d 450d 427d 915905f8 xsk: fix potential crash in xsk_diag_put_umem()
BUG: unable to handle kernel paging request in h4_recv_buf C 203 451d 512d 427d 1dc2d785 Bluetooth: hci_uart: Check if socket buffer is ERR_PTR in h4_recv_buf()
general protection fault in x25_write_internal 8 444d 444d 427d ee74d0bd net/x25: reset state in x25_connect()
BUG: unable to handle kernel NULL pointer dereference in __generic_file_write_iter 5 454d 462d 427d ac5ceccc x86/unwind: Add hardcoded ORC entry for NULL f4f34e1b x86/unwind: Handle NULL pointer calls better in frame unwinder
possible deadlock in userfaultfd_read 239 427d 482d 427d d3d6a18d aio: Fix locking in aio_poll()
KMSAN: uninit-value in gue_err (2) C 1617 427d 449d 427d 5355ed63 fou, fou6: avoid uninit-value in gue_err() and gue6_err()
KASAN: use-after-free Read in kobject_put C 12 456d 587d 427d e20a2e9c Bluetooth: Fix decrementing reference count twice in releasing socket
BUG: assuming atomic context at kernel/seccomp.c:LINE C 709 462d 463d 427d e80d02dd seccomp, bpf: disable preemption before calling into bpf prog
general protection fault in delayed_uprobe_remove C cause 2 572d 574d 433d 1aed58e6 Uprobes: Fix kernel oops with delayed_uprobe_remove()
WARNING: locking bug in lock_downgrade 30 493d 549d 433d 513e1073 locking/lockdep: Add debug_locks check in __lock_downgrade() locking/lockdep: Add debug_locks check in __lock_downgrade()
general protection fault in __x86_indirect_thunk_rbx C cause 16 568d 568d 434d d6367d62 fs/locks: use properly initialized file_lock when unlocking.
KASAN: use-after-free Read in update_blocked_averages C cause 3 550d 564d 434d bc6e019b fou: Prevent unbounded recursion in GUE error handler also with UDP-Lite
kernel BUG at mm/slab.c:LINE! (3) C cause 14 434d 561d 434d bc6e019b fou: Prevent unbounded recursion in GUE error handler also with UDP-Lite
WARNING in update_load_avg C cause 1 557d 556d 435d bc6e019b fou: Prevent unbounded recursion in GUE error handler also with UDP-Lite
WARNING: bad usercopy in corrupted (2) C cause 12 503d 550d 435d bc6e019b fou: Prevent unbounded recursion in GUE error handler also with UDP-Lite
KASAN: slab-out-of-bounds Read in tick_sched_handle C cause 7 501d 528d 438d bc6e019b fou: Prevent unbounded recursion in GUE error handler also with UDP-Lite
WARNING: lock held when returning to user space in set_property_atomic C 145 502d 515d 448d 4089e272 gpu/drm: Fix lock held when returning to user space.
general protection fault in ax25cmp C 2294 484d 517d 449d b0cf0292 net/rose: fix NULL ax25_cb kernel panic
KMSAN: uninit-value in batadv_interface_tx C 98 450d 472d 449d 4ffcbfac batman-adv: fix uninit-value in batadv_interface_tx()
kernel panic: stack is corrupted in perf_output_begin_forward 2 500d 506d 449d 44039e00 fou6: Prevent unbounded recursion in GUE error handler
kernel BUG at security/keys/keyring.c:LINE! C 12 501d 601d 449d ede0fa98 KEYS: always initialize keyring_index_key::desc_len
KASAN: slab-out-of-bounds Read in xfrm_policy_insert_list 1 501d 500d 449d 12750aba xfrm: policy: fix infinite loop when merging src-nodes
KMSAN: uninit-value in tipc_subscrb_rcv_cb C 13 760d 781d 449d a88289f4 tipc: fix uninit-value in in tipc_conn_rcv_sub
KASAN: use-after-free Write in __xfrm_policy_unlink C 254 452d 680d 449d 1548bc4e xfrm: policy: delete inexact policies from inexact list on hash rebuild
KMSAN: kernel-infoleak in kvm_vcpu_write_guest_page C 25 540d 569d 449d 3a33d030 kvm: x86/vmx: Use kzalloc for cached_vmcs12
KASAN: use-after-free Read in task_is_descendant C 27 498d 585d 449d 9474f4e7 Yama: Check for pid death before checking ancestry
KASAN: use-after-free Read in xfrm_migrate 5 485d 507d 449d 12750aba xfrm: policy: fix infinite loop when merging src-nodes
INFO: rcu detected stall in netlink_sendmsg syz 83 466d 521d 449d 12750aba xfrm: policy: fix infinite loop when merging src-nodes
WARNING in xfrm_policy_insert_list 2 499d 510d 449d 12750aba xfrm: policy: fix infinite loop when merging src-nodes
WARNING in __flush_work C 402 478d 485d 449d 2e3c18d0 block: pass no-op callback to INIT_WORK().
KASAN: use-after-free Read in __smc_diag_dump syz 34 500d 512d 449d 26d92e95 smc: move unhash as early as possible in smc_release()
KASAN: slab-out-of-bounds Read in xfrm_policy_lookup_bytype 6 503d 525d 449d 12750aba xfrm: policy: fix infinite loop when merging src-nodes
general protection fault in crypto_remove_spawns (2) 2 494d 500d 449d 6db43410 crypto: adiantum - initialize crypto_spawn::inst
KMSAN: uninit-value in tipc_nl_compat_doit C 153 464d 616d 449d 2753ca5d tipc: fix uninit-value in tipc_nl_compat_doit
general protection fault in watchdog C 1 532d 531d 449d e2c8d550 netfilter: ebtables: account ebt_table_info to kmemcg
KASAN: stack-out-of-bounds Read in select_task_rq_fair 2 500d 508d 449d 44039e00 fou6: Prevent unbounded recursion in GUE error handler
KASAN: use-after-free Read in kernel_accept C 19 532d 682d 449d 78abe3d0 net/smc: fix TCP fallback socket release 26d92e95 smc: move unhash as early as possible in smc_release()
KASAN: use-after-free Read in xfrm_policy_insert_list 30 485d 526d 449d 12750aba xfrm: policy: fix infinite loop when merging src-nodes
WARNING: refcount bug in rds_sock_addref 1 483d 483d 449d 6fa19f56 rds: fix refcount bug in rds_sock_addref
WARNING in __skb_flow_dissect (3) syz 224 499d 589d 449d 0b7959b6 tun: publish tfile after it's fully initialized
general protection fault in fuse_dev_do_write C 134 478d 604d 449d 97e1532e fuse: handle zero sized retrieve correctly
KMSAN: uninit-value in tipc_nl_compat_name_table_dump C 51 535d 576d 449d 974cb0e3 tipc: fix uninit-value in tipc_nl_compat_name_table_dump
INFO: rcu detected stall in snd_pcm_oss_read C 2 522d 521d 449d e190161f ALSA: pcm: Fix tight loop of OSS capture stream
KASAN: use-after-free Read in sctp_outq_tail 1 471d 471d 449d af98c5a7 sctp: set stream ext to NULL after freeing it in sctp_stream_outq_migrate
net-next boot error: can't ssh into the instance 33 485d 487d 449d 947b7ac1 Revert "block: cover another queue enter recursion via BIO_QUEUE_ENTERED"
BUG: unable to handle kernel paging request in dput (2) C 4 483d 484d 449d 36991ca6 blk-mq: protect debugfs_create_files() from failures 37ea7b63 debugfs: debugfs_lookup() should return NULL if not found
KASAN: slab-out-of-bounds Read in batadv_interface_tx C 41 476d 514d 449d 9114daa8 batman-adv: Force mac header to start of data on xmit
INFO: rcu detected stall in pfkey_sendmsg 7 501d 526d 449d 12750aba xfrm: policy: fix infinite loop when merging src-nodes
INFO: task hung in generic_file_write_iter 7 542d 680d 449d 04906b2f blockdev: Fix livelocks on loop device
general protection fault in kernel_accept C 280 526d 687d 449d 78abe3d0 net/smc: fix TCP fallback socket release 26d92e95 smc: move unhash as early as possible in smc_release()
KASAN: stack-out-of-bounds in do_raw_spin_lock C 1 509d 509d 449d 44039e00 fou6: Prevent unbounded recursion in GUE error handler
KASAN: use-after-free Read in refcount_inc_not_zero_checked syz 24 453d 512d 449d 63346650 netrom: switch to sock timer API
KMSAN: uninit-value in tipc_nl_compat_link_set (2) C 13 486d 527d 449d edf5ff04 tipc: fix uninit-value in tipc_nl_compat_link_set
KMSAN: uninit-value in tipc_nl_compat_bearer_enable C 144 451d 576d 449d 0762216c tipc: fix uninit-value in tipc_nl_compat_bearer_enable
KMSAN: kernel-infoleak in move_addr_to_user 5 456d 506d 449d 7d033c9f ipv6: fix kernel-infoleak in ipv6_local_error()
KASAN: use-after-free Read in kmemdup 1 495d 495d 449d 63530aba ax25: fix possible use-after-free
KMSAN: uninit-value in tipc_nl_compat_link_reset_stats syz 16 454d 507d 449d 8b66fee7 tipc: fix uninit-value in tipc_nl_compat_link_reset_stats
BUG: unable to handle kernel paging request in depot_save_stack C 1 510d 510d 449d 44039e00 fou6: Prevent unbounded recursion in GUE error handler
KASAN: global-out-of-bounds Read in validate_nla C 14 485d 490d 449d a8b5c6d6 nl80211: fix NLA_POLICY_NESTED() arguments
KASAN: invalid-free in sctp_stream_free C 5 471d 479d 449d af98c5a7 sctp: set stream ext to NULL after freeing it in sctp_stream_outq_migrate
WARNING: refcount bug in nr_release 1 509d 507d 449d 63346650 netrom: switch to sock timer API
general protection fault in dccp_parse_options 1 485d 485d 449d 9b1f19d8 dccp: fool proof ccid_hc_[rt]x_parse_options()
KASAN: slab-out-of-bounds Read in __xfrm_policy_bysel_ctx 1 512d 511d 449d 12750aba xfrm: policy: fix infinite loop when merging src-nodes
KMSAN: uninit-value in kvm_clear_dirty_log_protect 6 449d 494d 449d 98938aa8 KVM: validate userspace input in kvm_clear_dirty_log_protect()
BUG: unable to handle kernel NULL pointer dereference in corrupted (3) C 1 507d 507d 449d 44039e00 fou6: Prevent unbounded recursion in GUE error handler
KASAN: slab-out-of-bounds Read in kvm_clear_dirty_log_protect C 54 501d 512d 449d 98938aa8 KVM: validate userspace input in kvm_clear_dirty_log_protect()
net boot error: can't ssh into the instance 42 485d 487d 449d 947b7ac1 Revert "block: cover another queue enter recursion via BIO_QUEUE_ENTERED"
general protection fault in __dentry_path C 2082 451d 484d 449d 8ed0579c kvm: properly check debugfs dentry before using it
WARNING in tcp_send_loss_probe C 9 460d 511d 449d bf50b606 tcp: repaired skbs must init their tso_segs
BUG: unable to handle kernel paging request in do_csum C 11 542d 543d 449d d5be7f63 net-backports: net: validate untrusted gso packets without csum offload
KASAN: stack-out-of-bounds Read in pick_next_task_fair C 1 510d 510d 449d 44039e00 fou6: Prevent unbounded recursion in GUE error handler
general protection fault in icmp6_send syz 2 510d 510d 449d 8d933670 ipv6: make icmp6_send() robust against null skb->dev
WARNING in batadv_is_on_batman_iface syz 10 490d 515d 449d 955d3411 batman-adv: Avoid WARN on net_device without parent in netns
kernel panic: stack is corrupted in rcu_irq_enter 1 499d 499d 449d 44039e00 fou6: Prevent unbounded recursion in GUE error handler
WARNING in clear_standby C 3522 490d 615d 449d 4aac9228 libceph: avoid KEEPALIVE_PENDING races in ceph_con_keepalive()
general protection fault in __xfrm_policy_bysel_ctx 1 487d 485d 449d 12750aba xfrm: policy: fix infinite loop when merging src-nodes
KASAN: slab-out-of-bounds Read in xfrm_policy_inexact_insert 3 502d 525d 449d 12750aba xfrm: policy: fix infinite loop when merging src-nodes
WARNING in apparmor_cred_free C 109 497d 503d 449d a5795fd3 LSM: Check for NULL cred-security on free
KASAN: out-of-bounds Read in update_curr syz 1 509d 509d 449d 44039e00 fou6: Prevent unbounded recursion in GUE error handler
general protection fault in team_nl_cmd_options_set C 7 519d 477d 449d 2fdeee25 team: avoid complex list operations in team_nl_cmd_options_set()
KASAN: slab-out-of-bounds Write in __xfrm_policy_unlink 34 485d 565d 449d 12750aba xfrm: policy: fix infinite loop when merging src-nodes
INFO: rcu detected stall in xfrm_hash_rebuild 77 484d 535d 449d 12750aba xfrm: policy: fix infinite loop when merging src-nodes
INFO: task hung in lo_ioctl 47 784d 900d 449d 04906b2f blockdev: Fix livelocks on loop device
WARNING in wiphy_register (3) syz 31 485d 516d 449d 9c5d3afa mac80211_hwsim: check that n_limits makes sense
general protection fault in sctp_sched_dequeue_common 6 465d 554d 449d cfe4bd7a sctp: check and update stream->out_curr when allocating stream_out
kernel panic: stack is corrupted in printk C 1 510d 510d 449d 44039e00 fou6: Prevent unbounded recursion in GUE error handler
KMSAN: kernel-infoleak in vmx_get_nested_state C 6 450d 561d 449d 3a33d030 kvm: x86/vmx: Use kzalloc for cached_vmcs12
general protection fault in xfrm_policy_insert_list 4 507d 521d 449d 12750aba xfrm: policy: fix infinite loop when merging src-nodes
BUG: unable to handle kernel NULL pointer dereference in setup_kmem_cache_node 3 511d 512d 449d 09c2e76e slab: alien caches must not be initialized if the allocation of the alien cache failed
general protection fault in xfrm_policy_lookup_bytype 5 485d 514d 449d 12750aba xfrm: policy: fix infinite loop when merging src-nodes
KASAN: slab-out-of-bounds Read in __pskb_copy_fclone 22 532d 598d 449d e7c87bd6 bpf: in __bpf_redirect_no_mac pull mac only if present
INFO: rcu detected stall in sys_bind 1 475d 475d 449d cf657d22 net/x25: do not hold the cpu too long in x25_new_lci()
kernel panic: stack is corrupted in udp4_lib_lookup2 11 515d 511d 449d 44039e00 fou6: Prevent unbounded recursion in GUE error handler
general protection fault in rb_erase_cached C 1 510d 510d 449d 44039e00 fou6: Prevent unbounded recursion in GUE error handler
KASAN: stack-out-of-bounds Read in gue_err_proto_handler C 1 507d 507d 449d 44039e00 fou6: Prevent unbounded recursion in GUE error handler
KASAN: use-after-free Read in oom_kill_process 1 498d 493d 449d cefc7ef3 mm, oom: fix use-after-free in oom_kill_process
kernel panic: stack is corrupted in select_idle_sibling 1 509d 509d 449d 44039e00 fou6: Prevent unbounded recursion in GUE error handler
KASAN: use-after-free Read in __xfrm_policy_bysel_ctx 11 484d 521d 449d 12750aba xfrm: policy: fix infinite loop when merging src-nodes
KASAN: out-of-bounds Read in __switch_to C 1 510d 510d 449d 44039e00 fou6: Prevent unbounded recursion in GUE error handler
KASAN: use-after-free Read in xfrm_policy_inexact_insert 42 485d 514d 449d 12750aba xfrm: policy: fix infinite loop when merging src-nodes
KASAN: use-after-free Read in __wake_up_common_lock 1 484d 484d 449d bdcc5bc2 mISDN: fix a race in dev_expire_timer()
KMSAN: uninit-value in tipc_nl_compat_dumpit C 209 465d 615d 449d 2753ca5d tipc: fix uninit-value in tipc_nl_compat_doit
general protection fault in corrupted (2) C 2 507d 510d 449d 44039e00 fou6: Prevent unbounded recursion in GUE error handler
WARNING: locking bug in corrupted C 1 499d 499d 449d 44039e00 fou6: Prevent unbounded recursion in GUE error handler
possible deadlock in __wake_up_common_lock 7 503d 512d 449d 73444bc4 mm, page_alloc: do not wake kswapd with zone lock held
WARNING: refcount bug in kvm_vm_ioctl syz 13 483d 596d 449d cfa39381 kvm: fix kvm_ioctl_create_device() reference counting (CVE-2019-6974)
INFO: rcu detected stall in ipv6_rcv 7 487d 524d 449d 12750aba xfrm: policy: fix infinite loop when merging src-nodes
KASAN: use-after-free Read in selinux_netlbl_socket_setsockopt 1 484d 484d 449d 63346650 netrom: switch to sock timer API
KMSAN: uninit-value in gue_err C 4686 449d 503d 449d 26fc181e fou, fou6: do not assume linear skbs
KASAN: use-after-free Read in seccomp_notify_release C 27 454d 503d 449d a811dc61 seccomp: fix UAF in user-trap code
KASAN: use-after-free Read in batadv_interface_tx C 54 476d 514d 449d 9114daa8 batman-adv: Force mac header to start of data on xmit
general protection fault in ip6erspan_set_version C 39 459d 464d 449d efcc9bca net: ip6_gre: fix possible NULL pointer dereference in ip6erspan_set_version
WARNING in __might_sleep (2) C 36 489d 517d 449d fc01d8c6 tty/n_hdlc: fix __might_sleep warning
upstream boot error: can't ssh into the instance (2) 45 487d 487d 449d 947b7ac1 Revert "block: cover another queue enter recursion via BIO_QUEUE_ENTERED"
KASAN: use-after-free Read in xfrm_policy_lookup_bytype 33 485d 525d 449d 12750aba xfrm: policy: fix infinite loop when merging src-nodes
BUG: soft lockup in x25_connect 1 462d 462d 449d 797a22bd net/x25: fix a race in x25_bind()
WARNING in xfrm6_tunnel_net_exit (2) C 48816 459d 740d 449d f75a2804 xfrm: destroy xfrm_state synchronously on net exit path
WARNING in xfrm_policy_inexact_gc_tree 645 484d 535d 449d 12750aba xfrm: policy: fix infinite loop when merging src-nodes
KMSAN: uninit-value in tipc_conn_rcv_sub C 557 451d 746d 449d a88289f4 tipc: fix uninit-value in in tipc_conn_rcv_sub
WARNING: refcount bug in xfrm_policy_bysel_ctx 1 503d 503d 449d 12750aba xfrm: policy: fix infinite loop when merging src-nodes
WARNING: bad unlock balance in rxrpc_recvmsg C 9 475d 479d 449d 6dce3c20 rxrpc: bad unlock balance in rxrpc_recvmsg
KASAN: stack-out-of-bounds Write in page_counter_try_charge 1 499d 499d 449d 44039e00 fou6: Prevent unbounded recursion in GUE error handler
KMSAN: kernel-infoleak in sctp_getsockopt (2) C 16 449d 500d 449d 400b8b9a sctp: allocate sctp_sockaddr_entry with kzalloc
general protection fault in relay_open_buf C 287 482d 484d 449d 2c1cf00e relay: check return of create_buf_file() properly
KASAN: use-after-free Write in __wake_up_common_lock 1 478d 478d 449d bdcc5bc2 mISDN: fix a race in dev_expire_timer()
KMSAN: uninit-value in gue6_err C 8359 449d 503d 449d 26fc181e fou, fou6: do not assume linear skbs
general protection fault in ebitmap_destroy syz 1 505d 505d 449d 5b0e7310 selinux: fix GPF on invalid policy
general protection fault in debugfs_create_files C 111 482d 484d 449d 36991ca6 blk-mq: protect debugfs_create_files() from failures
general protection fault in kvm_ioapic_scan_entry C 148 543d 653d 456d dcbd3e49 KVM: X86: Fix NULL deref in vcpu_scan_ioapic
general protection fault in finish_wait C 22 474d 689d 456d 78abe3d0 net/smc: fix TCP fallback socket release
KASAN: slab-out-of-bounds Write in fpstate_init C 15088 521d 522d 456d ed8e4812 KVM: x86: fix size of x86_fpu_cache objects
KASAN: out-of-bounds Write in tls_push_record C 10 590d 691d 457d d829e9c4 tls: convert to generic sk_msg interface
KASAN: use-after-free Read in tls_tx_records 1 608d 608d 457d d829e9c4 tls: convert to generic sk_msg interface
general protection fault in tls_push_sg 12 599d 708d 457d d829e9c4 tls: convert to generic sk_msg interface
general protection fault in gcmaes_crypt_by_sg 3 592d 600d 457d d829e9c4 tls: convert to generic sk_msg interface
kernel BUG at include/linux/mm.h:LINE! (2) C 1009 457d 720d 457d d829e9c4 tls: convert to generic sk_msg interface
KASAN: use-after-free Write in tls_push_record (2) C 64 584d 687d 457d d829e9c4 tls: convert to generic sk_msg interface
KASAN: use-after-free Read in rdma_resolve_addr 1 610d 610d 462d 5fe23f26 ucma: fix a use-after-free in ucma_resolve_ip()
KASAN: use-after-free Read in cma_acquire_dev 1 692d 691d 462d 5fe23f26 ucma: fix a use-after-free in ucma_resolve_ip()
KASAN: use-after-free Read in wait_for_completion 1 586d 585d 462d 5fe23f26 ucma: fix a use-after-free in ucma_resolve_ip()
KASAN: use-after-free Read in __list_add_valid (5) C 16 788d 795d 462d 5fe23f26 ucma: fix a use-after-free in ucma_resolve_ip()
KASAN: use-after-free Read in bpf_cgroup_storage_release C 2 665d 665d 466d 82c018d7 Merge branch 'bpf-cgroup-local-storage'
KASAN: stack-out-of-bounds Read in rb_erase (4) 1 501d 501d 466d 11789039 fou: Prevent unbounded recursion in GUE error handler
general protection fault in list_lru_count_one C 12 682d 681d 489d 8e04944f mm,vmscan: Allow preallocating memory for register_shrinker().
WARNING in __debug_object_init (3) C 1557 577d 579d 493d 2cb494a3 bpf: add tests for direct packet access from CGROUP_SKB
general protection fault in keyctl_pkey_params_get C 85 512d 572d 499d 57b0e314 KEYS: fix parsing invalid pkey info string 94c13f66 security: don't use a negative Opt_err token index
KASAN: stack-out-of-bounds Read in keyctl_pkey_params_get 2 513d 512d 499d 57b0e314 KEYS: fix parsing invalid pkey info string
general protection fault in encode_rpcb_string C 6 676d 772d 499d 81c88b18 sunrpc: handle ENOMEM in rpcb_getport_async
KMSAN: uninit-value in vti6_tnl_xmit syz 60 504d 527d 499d cb9f1b78 ip: validate header length on virtual device xmit
general protection fault in lo_ioctl (2) syz 2 758d 757d 499d 310ca162 block/loop: Use global lock for ioctl() operation.
inconsistent lock state in nr_find_socket C 19 501d 516d 499d 7314f548 netrom: fix locking in nr_find_socket()
KASAN: invalid-free in x25_asy_free C 67 510d 517d 499d d5c7c745 net/wan: fix a double free in x25_asy_open_tty()
WARNING in kmem_cache_create_usercopy C 10 514d 573d 499d 574d356b 9p/net: put a lower bound on msize
possible deadlock in blkdev_reread_part C 5736 518d 939d 499d 0da03cab loop: Fix deadlock when calling blkdev_reread_part() 85b0a54a loop: Move loop_reread_partitions() out of loop_ctl_mutex
KMSAN: uninit-value in check_6rd C 81 505d 527d 499d cb9f1b78 ip: validate header length on virtual device xmit
WARNING: locking bug in loop_control_ioctl C 4018 538d 566d 499d 628bd859 loop: Fix double mutex_unlock(&loop_ctl_mutex) in loop_control_ioctl()
WARNING: ODEBUG bug in tipc_enable_bearer C 3 519d 522d 499d dc4501ff tipc: fix a double free in tipc_enable_bearer()
kernel BUG at kernel/time/timer.c:LINE! (2) C 5 511d 513d 499d 202700e3 net/hamradio/6pack: use mod_timer() to rearm timers
KASAN: slab-out-of-bounds Read in tun_net_xmit (2) C 10 515d 682d 499d aff6db45 ptr_ring: wrap back ->producer in __ptr_ring_swap_queue()
KASAN: use-after-free Read in nr_rx_frame syz 2 506d 512d 499d 7314f548 netrom: fix locking in nr_find_socket()
possible deadlock in nr_destroy_socket syz 20 502d 512d 499d 7314f548 netrom: fix locking in nr_find_socket()
INFO: task hung in loop_control_ioctl 4 595d 789d 499d 1dded9ac loop: Avoid circular locking dependency between loop_ctl_mutex and bd_mutex
KASAN: use-after-free Read in posix_lock_inode syz 5 512d 512d 499d bf77ae4c locks: fix error in locks_move_blocks()
general protection fault in transparent_hugepage_enabled C 626 512d 521d 499d 7635d9cb mm, thp, proc: report THP eligibility for each vma
KMSAN: kernel-infoleak in capi_unlocked_ioctl C 109 504d 514d 499d d63967e4 isdn: fix kernel-infoleak in capi_unlocked_ioctl
INFO: task hung in lo_open (2) 10 560d 789d 499d 1dded9ac loop: Avoid circular locking dependency between loop_ctl_mutex and bd_mutex
KASAN: user-memory-access Write in n_tty_set_termios C 85 517d 788d 499d 83d817f4 tty: Hold tty_ldisc_lock() during tty_reopen()
KASAN: use-after-free Read in ax25_fillin_cb syz 4 520d 517d 499d c4335704 ax25: fix a use-after-free in ax25_fillin_cb()
INFO: task hung in lo_release 1 680d 680d 499d 1dded9ac loop: Avoid circular locking dependency between loop_ctl_mutex and bd_mutex
KASAN: use-after-free Read in locks_delete_block syz 4 540d 563d 499d 16306a61 fs/locks: always delete_block after waiting.
general protection fault in fdb_find_rcu C 3 519d 515d 499d f989d03e net: rtnetlink: address is mandatory for rtnl_fdb_get
general protection fault in kvm_arch_vcpu_ioctl_run C 12 526d 541d 504d dcbd3e49 KVM: X86: Fix NULL deref in vcpu_scan_ioapic
general protection fault in __vb2_queue_free C 38 520d 576d 504d 62dcb4f4 media: vb2: check memory model for VIDIOC_CREATE_BUFS
WARNING in static_key_enable_cpuslocked 1 550d 550d 504d 9c480601 udp: fix jump label misuse
WARNING in static_key_disable_cpuslocked syz 5 540d 558d 504d 9c480601 udp: fix jump label misuse
BUG: corrupted list in ___neigh_create C 706 532d 535d 504d 8cc196d6 neighbor: gc_list changes should be protected by table lock
WARNING in __rcu_read_unlock C 2 522d 530d 504d 11789039 fou: Prevent unbounded recursion in GUE error handler
KASAN: use-after-free Read in __ipv6_addr_type 1 524d 524d 504d cbb49697 ipv6: tunnels: fix two use-after-free
BUG: corrupted list in neigh_mark_dead C 4117 532d 535d 504d 8cc196d6 neighbor: gc_list changes should be protected by table lock
KMSAN: kernel-infoleak in sctp_getsockopt syz 147 504d 540d 504d 4a2eb0c3 sctp: initialize sin6_flowinfo for ipv6 addrs in sctp_inet6addr_event
KASAN: use-after-free Read in tipc_group_bc_cong C 280 525d 535d 504d 143ece65 tipc: check tsk->group in tipc_wait_for_cond()
KASAN: use-after-free Read in tipc_mcast_xmit syz 7 521d 528d 504d 3c6306d4 tipc: check group dests after tipc_wait_for_cond()
KMSAN: uninit-value in __inet6_bind C 56 505d 535d 504d fb242745 ipv6: explicitly initialize udp6_addr in udp_sock_create6()
INFO: task hung in flush_workqueue C 293 523d 574d 504d 52117be6 media: vim2m: use cancel_delayed_work_sync instead of flush_schedule_work
KASAN: slab-out-of-bounds Read in neigh_mark_dead 12 533d 535d 504d 8cc196d6 neighbor: gc_list changes should be protected by table lock
KASAN: slab-out-of-bounds Read in ___neigh_create 1 536d 535d 504d 8cc196d6 neighbor: gc_list changes should be protected by table lock
KASAN: null-ptr-deref Write in kthread_stop C 2527 520d 577d 504d 701f49bc media: vivid: fix error handling of kthread_run
KASAN: use-after-free Read in kfree_skb (2) C 66 525d 535d 504d acb4a33e tipc: fix a double kfree_skb()
KASAN: use-after-free Read in skcipher_recvmsg 6 550d 574d 504d f7d76e05 crypto: user - fix use_after_free of struct xxx_request
BUG: sleeping function called from invalid context at mm/slab.h:LINE (4) C 36 528d 689d 504d f9c9bdb5 crypto: x86/chacha - avoid sleeping under kernel_fpu_begin()
general protection fault in inet_lhash2_lookup C 1137 527d 530d 504d eedbbb0d net: dccp: initialize (addr,port) listening hashtable
divide error in alarm_forward 1 529d 528d 504d 0e334db6 posix-timers: Fix division by zero bug
KASAN: use-after-free Read in kvm_put_kvm C 143 526d 586d 504d 987d1149 KVM: fix unregistering coalesced mmio zone from wrong bus
general protection fault in inet6_lhash2_lookup C 718 527d 530d 504d eedbbb0d net: dccp: initialize (addr,port) listening hashtable
KASAN: use-after-free Read in neigh_mark_dead C 858 532d 535d 504d 8cc196d6 neighbor: gc_list changes should be protected by table lock
WARNING in rds_message_alloc_sgs C 6 542d 576d 504d ea010070 net/rds: fix warn in rds_message_alloc_sgs
WARNING in vkms_plane_duplicate_state C 108 520d 553d 504d 7cdf33ab drm/vkms: Fix plane duplicate_state
divide error in vivid_vid_cap_s_dv_timings C 108 520d 577d 504d 9729d6d2 media: vivid: set min width/height to a value > 0
KMSAN: uninit-value in packet_sendmsg 5 553d 527d 504d 99137b78 packet: validate address length
KASAN: use-after-free Read in vb2_mmap C 276 520d 576d 504d cd26d1c4 media: vb2: vb2_mmap: move lock up
general protection fault in __ipv6_sock_mc_join C 9 531d 535d 504d fb83ed49 tipc: compare remote and local protocols in tipc_udp_enable()
BUG: pagefault on kernel address ADDR in non-whitelisted uaccess C 17 528d 574d 504d 560ccb75 media: vivid: free bitmap_cap when updating std/timings/etc.
KASAN: global-out-of-bounds Read in tpg_print_str_4 C 52 542d 567d 504d e5f71a27 media: v4l2-tpg: array index could become negative
KASAN: use-after-free Read in ___neigh_create C 164 532d 535d 504d 8cc196d6 neighbor: gc_list changes should be protected by table lock
net build error 2 613d 613d 514d 16fdf8ba rds: Fix build regression.
WARNING in fuse_destroy_inode C 7 558d 559d 518d 4fc4bb79 fuse: Add bad inode check in fuse_destroy_inode()
WARNING in userfaultfd_ioctl C 11 532d 542d 518d 01e881f5 userfaultfd: check VM_MAYWRITE was set after verifying the uffd is registered
KASAN: use-after-free Read in sctp_hash_transport 1 558d 557d 527d fb6df5a6 sctp: kfree_rcu asoc
KASAN: use-after-free Read in vhost_transport_send_pkt syz 36 541d 668d 527d 834e772c vhost/vsock: fix use-after-free in network stack callers
KASAN: use-after-free Read in delayed_uprobe_remove C 2 571d 574d 527d 1aed58e6 Uprobes: Fix kernel oops with delayed_uprobe_remove()
KMSAN: kernel-infoleak in _copy_to_iter (4) C 56 542d 546d 527d 68883893 rtnetlink: ndo_dflt_fdb_dump() only work for ARPHRD_ETHER devices
KASAN: invalid-free in hub_event 1 549d 549d 527d d81bb019 USB: Fix invalid-free bug in port_over_current_notify()
KASAN: use-after-free Read in sctp_epaddr_lookup_transport syz 5 558d 559d 527d fb6df5a6 sctp: kfree_rcu asoc
KASAN: use-after-free Read in vhost_work_queue syz 30 539d 639d 527d 834e772c vhost/vsock: fix use-after-free in network stack callers
KASAN: use-after-free Read in vhost_transport_cancel_pkt syz 17 566d 610d 527d 834e772c vhost/vsock: fix use-after-free in network stack callers
WARNING in alloc_pages_vma C 98 536d 539d 527d 356ff8a9 Revert "mm, thp: consolidate THP gfp handling into alloc_hugepage_direct_gfpmask"
KASAN: use-after-free Read in snd_ctl_elem_add 1 561d 560d 530d e1a7bfe3 ALSA: control: Fix race between adding and removing a user element
WARNING in cttimeout_default_get C 44 539d 559d 538d 89259088 netfilter: nfnetlink_cttimeout: fetch timeouts for udplite and gre, too
WARNING in format_decode (2) C 16 558d 640d 538d 1efb6ee3 bpf: fix check of allowed specifiers in bpf_trace_printk
KMSAN: uninit-value in linear_transfer (2) C 7 544d 567d 538d 65766ee0 ALSA: oss: Use kvzalloc() for local buffer allocations
KASAN: use-after-free Read in nbp_vlan_rcu_free 1 564d 563d 538d 9d332e69 net: bridge: fix vlan stats use-after-free on destruction
KMSAN: kernel-infoleak in kvm_write_guest_page C 36 541d 568d 538d bcbfbd8e KVM: x86: Fix kernel info-leak in KVM_HC_CLOCK_PAIRING hypercall
BUG: GPF in non-whitelisted uaccess (non-canonical address?) C 10 557d 564d 538d 8c01db76 HID: uhid: forbid UHID_CREATE under KERNEL_DS or elevated privileges
KASAN: slab-out-of-bounds Write in queue_stack_map_push_elem C 30 548d 550d 538d 813961de bpf: fix integer overflow in queue_stack_map
WARNING in bpf_check (2) C 9 561d 560d 538d afd59424 bpf: fix off-by-one error in adjust_subprog_starts
INFO: task hung in fuse_sb_destroy C 2 574d 574d 538d 7fabaf30 fuse: fix leaked notify reply
KMSAN: kernel-infoleak in kvm_arch_vcpu_ioctl C 31 544d 559d 538d 7f9ad1df KVM: nVMX: Fix kernel info-leak when enabling KVM_CAP_HYPERV_ENLIGHTENED_VMCS more than once
general protection fault in icmp_timeout_obj_to_nlattr C 13 571d 575d 563d 8866df92 netfilter: nfnetlink_cttimeout: pass default timeout policy to obj_to_nlattr
general protection fault in addr_resolve C 32 599d 615d 563d fe33507e RDMA/core: Check error status of rdma_find_ndev_for_src_ip_rcu
KMSAN: uninit-value in synaptics_detect C 137 563d 616d 563d f39f8688 Input: synaptics - avoid using uninitialized variable when probing
BUG: unable to handle kernel NULL pointer dereference in sha256_mb_mgr_get_comp_job_avx2 1 597d 596d 563d ab8085c1 crypto: x86 - remove SHA multibuffer routines and mcryptd
KMSAN: uninit-value in dev_mc_add_excl C 13 568d 580d 563d da715775 rtnetlink: Disallow FDB configuration for non-Ethernet device
KASAN: stack-out-of-bounds Read in __aa_lookupn_ns C 52 579d 610d 563d 250f2da4 apparmor: Fix uninitialized value in aa_split_fqname
KASAN: slab-out-of-bounds Read in sctp_getsockopt C 9 581d 580d 563d 71335836 sctp: check policy more carefully when getting pr status
WARNING in __put_task_struct (2) C 17 589d 598d 563d fe9bc164 RDMA/restrack: Protect from reentry to resource return path
KASAN: invalid-free in p9stat_free C 3 641d 641d 563d 62e39417 9p: clear dangling pointers in p9stat_free 81c99089 v9fs_dir_readdir: fix double-free on p9stat_read error
possible deadlock in ovl_copy_up_start 2 581d 588d 563d 6cd07870 ovl: fix recursive oi->lock in ovl_link()
KASAN: use-after-free Read in sha_complete_job 1 602d 601d 563d ab8085c1 crypto: x86 - remove SHA multibuffer routines and mcryptd
BUG: corrupted list in cpu_stop_queue_work C 24 682d 691d 563d 552446a4 shmem: Convert shmem_add_to_page_cache to XArray
KMSAN: uninit-value in dev_uc_add_excl C 20 574d 616d 563d da715775 rtnetlink: Disallow FDB configuration for non-Ethernet device
general protection fault in rb_erase C 79836 570d 611d 563d 18aded17 ext4: fix EXT4_IOC_SWAP_BOOT
KASAN: use-after-free Read in tcf_block_find C 27 604d 610d 563d 460b3601 net_sched: fix a crash in tc_new_tfilter()
KASAN: use-after-free Read in seq_escape 1 606d 605d 563d 33458eab ext4: fix use-after-free race in ext4_remount()'s error path
KASAN: use-after-free Read in _copy_from_iter C 12 667d 679d 563d 728356de 9p: Add refcount to p9_req_t
KASAN: use-after-free Read in gfs2_log_flush syz 14 584d 624d 563d 4c62bd9c gfs2: Don't leave s_fs_info pointing to freed memory in init_sbd
general protection fault in getname_kernel C 10 590d 599d 563d 3df629d8 gfs2_meta: ->mount() can get NULL dev_name
kernel BUG at arch/x86/mm/physaddr.c:LINE! C 10 564d 596d 563d babf4770 ovl: fix error handling in ovl_verify_set_fh()
general protection fault in __skb_flow_dissect (2) C 11 611d 618d 563d d0e13a14 flow_dissector: lookup netns by skb->sk if skb->dev is NULL
general protection fault in ctnetlink_alloc_filter C 80 612d 616d 563d 9306425b netfilter: ctnetlink: must check mark attributes vs NULL
WARNING: kmalloc bug in krealloc C 2 683d 683d 563d 61448479 mm: don't warn about large allocations for slab
KASAN: slab-out-of-bounds Read in refcount_inc_not_zero_checked 2 588d 589d 563d 5032d079 bpf: skmsg, fix psock create on existing kcm/tls port
WARNING: kmalloc bug in __v9fs_get_acl C 212 581d 688d 563d 61448479 mm: don't warn about large allocations for slab
BUG: unable to handle kernel NULL pointer dereference in blk_mq_map_swqueue C 8 590d 610d 563d e01ad46d blk-mq: fallback to previous nr_hw_queues when updating fails
KASAN: use-after-free Write in jbd2_log_do_checkpoint 1 625d 619d 563d ccd3c437 jbd2: fix use after free in jbd2_log_do_checkpoint()
WARNING: kmalloc bug in str_read C 11 585d 629d 563d 4458bba0 selinux: Add __GFP_NOWARN to allocation at str_read()
KASAN: use-after-free Read in __dev_queue_xmit (3) 11 605d 609d 563d 460b3601 net_sched: fix a crash in tc_new_tfilter()
KMSAN: uninit-value in ip_tunnel_lookup (2) C 2 581d 581d 563d b0350d51 ip_gre: fix parsing gre header in ipgre_err
KASAN: use-after-free Read in sha512_ctx_mgr_resubmit C 4 602d 652d 563d ab8085c1 crypto: x86 - remove SHA multibuffer routines and mcryptd
kernel BUG at mm/shmem.c:LINE! C 30 690d 692d 563d 552446a4 shmem: Convert shmem_add_to_page_cache to XArray
KASAN: null-ptr-deref Read in refcount_sub_and_test_checked C 31 570d 601d 563d fda21d46 ipv6: do not leave garbage in rt->fib6_metrics
WARNING in tcp_cleanup_ulp syz 16 589d 590d 563d aadd4355 tcp, ulp: remove socket lock assertion on ULP cleanup
KASAN: use-after-free Read in sctp_outq_select_transport 1 584d 583d 563d df132eff sctp: clear the transport of some out_chunk_list chunks in sctp_assoc_rm_peer
WARNING: kmalloc bug in input_mt_init_slots C 54 581d 615d 563d 61448479 mm: don't warn about large allocations for slab
general protection fault in dev_gro_receive (2) syz 4 588d 595d 563d ece23711 net: Properly unlink GRO packets on overflow.
upstream boot error (2) 1 576d 576d 563d 153fcd5f block: brd: associate with queue until adding disk
WARNING: kmalloc bug in get_valid_checkpoint syz 2 749d 749d 563d 61448479 mm: don't warn about large allocations for slab
WARNING in tcp_close syz 284 584d 684d 563d 8873c064 tcp: do not release socket ownership in tcp_close()
BUG: corrupted list in p9_read_work syz 23 571d 682d 563d e4ca13f7 9p/trans_fd: abort p9_read_work if req status changed
general protection fault in netdev_master_upper_dev_get 1 581d 581d 563d aab456df net/neigh: fix NULL deref in pneigh_dump_table()
KASAN: use-after-free Read in kfree_skb 1 585d 585d 563d 604d415e llc: do not use sk_eat_skb()
KASAN: use-after-free Read in fuse_dev_do_read syz 19 575d 623d 563d bc78abbd fuse: Fix use-after-free in fuse_dev_do_read()
WARNING: kmalloc bug in vfs_getxattr_alloc C 9 638d 680d 563d 61448479 mm: don't warn about large allocations for slab
BUG: unable to handle kernel NULL pointer dereference in sha1_mb_mgr_get_comp_job_avx2 1 610d 610d 563d ab8085c1 crypto: x86 - remove SHA multibuffer routines and mcryptd
WARNING: kmalloc bug in bfs_fill_super C 147 746d 790d 563d 9f2df09a bfs: add sanity check at bfs_fill_super()
INFO: task hung in ext4_fallocate C 1 606d 605d 563d f18b2b83 ext4: fix argument checking in EXT4_IOC_MOVE_EXT
WARNING: refcount bug in qdisc_put 5 606d 607d 563d 460b3601 net_sched: fix a crash in tc_new_tfilter()
KMSAN: uninit-value in vcs_read C 2343 720d 744d 566d 21eff69a vt: prevent leaking uninitialized data to userspace via /dev/vcs*
kernel BUG at include/linux/skbuff.h:LINE! 3 675d 684d 576d bab2c80e nsh: set mac len based on inner packet
KASAN: use-after-free Read in sctp_id2assoc 1 603d 602d 577d b336deca sctp: fix race on sctp_id2asoc
WARNING in usb_submit_urb (3) C 58 578d 594d 577d 665c365a USB: fix the usbfs flag sanitization for control transfers
KMSAN: kernel-infoleak in _copy_to_iter (3) C 36 577d 588d 577d b06f9d9f tipc: fix info leak from kernel tipc_event
KASAN: use-after-free Read in inet6_mc_check 1 594d 594d 577d dc012f36 ipv6: mcast: fix a use-after-free in inet6_mc_check
KASAN: slab-out-of-bounds Read in fscache_alloc_cookie C 1936 588d 690d 577d 1ff22883 fscache: Fix incomplete initialisation of inline key space fa520c47 fscache: Fix out of bound read in long cookie keys
KASAN: use-after-free Read in __llc_lookup_established 1 596d 595d 577d 5a8e7aea llc: set SOCK_RCU_FREE in llc_sap_add_socket()
KASAN: slab-out-of-bounds Read in vhci_hub_control C 43 587d 632d 577d 81f7567c usb: usbip: Fix BUG: KASAN: slab-out-of-bounds in vhci_hub_control()
BUG: sleeping function called from invalid context at net/core/dev.c:LINE syz 8 589d 598d 577d cee27167 xsk: do not call synchronize_net() under RCU read lock
KASAN: slab-out-of-bounds Read in _decode_session6 C 35 577d 634d 577d 9f7e43da net/xfrm: fix out-of-bounds packet access
INFO: rcu detected stall in mousedev_write 18 630d 644d 588d f74c371f Input: mousedev - add a schedule point in mousedev_write()
kernel BUG at net/core/dev.c:LINE! (2) syz 2 596d 596d 588d 52b5d6f5 net: make skb_partial_csum_set() more robust against overflows
KASAN: use-after-free Read in finish_task_switch C 3047 612d 657d 591d 26b471c7 KVM: nVMX: Fix bad cleanup on error of get/set nested state IOCTLs
WARNING in __skb_flow_dissect syz 3 596d 597d 595d af3fb24e tun: napi flags belong to tfile
general protection fault in dev_gro_receive syz 8 597d 609d 595d af3fb24e tun: napi flags belong to tfile
possible deadlock in flush_workqueue C 73762 602d 644d 595d d4859d74 net-backports: bonding: avoid possible dead-lock
KASAN: use-after-free Read in rawv6_sendmsg C 84 597d 628d 595d a688caa3 net-backports: ipv6: take rcu lock in rawv6_send_hdrinc()
possible deadlock in rtnetlink_rcv_msg 1 619d 619d 595d d4859d74 net-backports: bonding: avoid possible dead-lock
KASAN: slab-out-of-bounds Read in string (2) 14 602d 608d 595d 601350ff ovl: fix access beyond unterminated strings
WARNING in pcpu_alloc C 4 596d 605d 595d b0584ea6 bpf: don't accept cgroup local storage with zero value size
KASAN: use-after-free Write in ucma_put_ctx syz 11 611d 629d 595d 5fe23f26 ucma: fix a use-after-free in ucma_resolve_ip()
general protection fault in usb_find_alt_setting (2) C 53 611d 633d 595d c9a4cb20 USB: handle NULL config in usb_find_alt_setting()
INFO: trying to register non-static key in tun_chr_write_iter 14 596d 608d 595d c7256f57 tun: initialize napi_mutex unconditionally
WARNING in rollback_registered_many 1 606d 606d 595d 0e1d6eca rtnl: limit IFLA_NUM_TX_QUEUES and IFLA_NUM_RX_QUEUES to 4096
KASAN: use-after-free Read in ip_cmsg_recv_offset C 9 605d 607d 595d 64199fc0 net-backports: ipv4: fix use-after-free in ip_cmsg_recv_dstaddr()
possible deadlock in team_vlan_rx_add_vid syz 5 625d 659d 595d 471b83bd team: Forbid enslaving team device to itself
general protection fault in ubifs_mount C 216 616d 633d 595d 37f31b6c ubifs: Check for name being NULL while mounting
KMSAN: uninit-value in ip6_tnl_start_xmit C 69 609d 619d 595d 76c0ddd8 ip6_tunnel: be careful when accessing the inner header
KASAN: use-after-free Read in destroy_async_on_interface C 134 611d 633d 595d bd729f9d USB: fix error handling in usb_driver_claim_interface()
WARNING in usb_submit_urb (2) C 259 595d 633d 595d 7a68d9fb USB: usbdevfs: sanitize flags more
INFO: task hung in unregister_netdevice_notifier (2) 1 604d 604d 595d 0e1d6eca rtnl: limit IFLA_NUM_TX_QUEUES and IFLA_NUM_RX_QUEUES to 4096
KASAN: use-after-free Read in cma_bind_port syz 2 625d 629d 595d 5fe23f26 ucma: fix a use-after-free in ucma_resolve_ip()
KMSAN: uninit-value in pppoe_rcv C 2 754d 624d 595d 8540827e pppoe: fix reception of frames with no mac header
INFO: task hung in rollback_registered_many 4 599d 606d 595d 0e1d6eca rtnl: limit IFLA_NUM_TX_QUEUES and IFLA_NUM_RX_QUEUES to 4096
WARNING: suspicious RCU usage in inet_csk_route_req C 43 602d 837d 595d 1ad98e9d tcp/dccp: fix lockdep issue when SYN is backlogged
KMSAN: kernel-infoleak in _copy_to_iter (2) C 7 604d 631d 598d 45c180bc xfrm_user: prevent leaking 2 bytes of kernel memory
general protection fault in rhashtable_walk_start_check C 112 623d 634d 610d 8f5c5fcf tipc: call start and done ops directly in __tipc_nl_compat_dumpit()
WARNING in try_charge syz 649 610d 663d 610d 3100dab2 mm: memcontrol: print proper OOM header when no eligible victim left
divide error in nbd_ioctl C 50 625d 632d 610d bc811f05 nbd: don't allow invalid blocksize settings
WARNING in apparmor_secid_to_secctx C 3344 623d 638d 610d edf4e7b7 apparmor: fix bad debug check in apparmor_secid_to_secctx()
KASAN: use-after-free Read in ceph_destroy_options 1 645d 644d 610d 8aaff151 ceph: avoid a use-after-free in ceph_destroy_options()
general protection fault in ovl_free_fs C 4 627d 629d 610d 8c25741a ovl: fix oopses in ovl_fill_super() failure paths
KMSAN: uninit-value in snd_midi_event_encode_byte C 3 634d 634d 610d 5a7b44a8 ALSA: rawmidi: Initialize allocated buffers
KASAN: use-after-free Read in __rhashtable_lookup (2) C 22 624d 644d 610d cc4dfb7f rds: fix two RCU related problems
general protection fault in rhashtable_walk_exit C 8 624d 626d 610d 12a78b02 tipc: check return value of __tipc_dump_start()
KASAN: use-after-free Read in sock_i_ino syz 127 623d 633d 610d 0a3b8b2b tipc: orphan sock in tipc_release()
BUG: unable to handle kernel paging request in kfree (2) C 297 638d 689d 612d 7913690d net/9p/client.c: version pointer uninitialized
KMSAN: uninit-value in memcmp (2) C 131 624d 615d 613d 77d36398 net: fix uninit-value in __hw_addr_add_ex()
KASAN: use-after-free Write in ip6_dst_destroy 1 691d 691d 623d e873e4b9 ipv6: use fib6_info_hold_safe() when necessary
KASAN: stack-out-of-bounds Read in fib_table_lookup 1 683d 683d 625d 99ba2b5a bpf: sockhash, disallow bpf_tcp_close and update in parallel
WARNING in wiphy_register (2) C 8 650d 652d 626d 48400433 mac80211_hwsim: require at least one channel
KASAN: use-after-free Read in tipc_group_fill_sock_diag syz 35 631d 649d 626d 9a07efa9 tipc: switch to rhashtable iterator
KASAN: global-out-of-bounds Read in ip6_xmit 2 806d 807d 626d b954f940 l2tp: fix races with ipv4-mapped ipv6 addresses
WARNING in __fsnotify_recalc_mask syz 9 647d 649d 626d d3bc0fa8 fsnotify: fix false positive warning on inode delete
KASAN: use-after-free Read in sctp_transport_get_next C 6 641d 643d 626d bab1be79 sctp: hold transport before accessing its asoc in sctp_transport_get_next
KASAN: stack-out-of-bounds Read in __schedule syz 4 637d 639d 626d b845c898 bpf, sockmap: fix sock_hash_alloc and reject zero-sized keys
BUG: soft lockup in shrink_dcache_parent (2) 7 717d 724d 626d 4fb48871 restore cond_resched() in shrink_dcache_parent()
INFO: task hung in fsnotify_mark_destroy_workfn syz 13 658d 772d 629d 128f3804 android: binder: Rate-limit debug and userspace triggered err msgs
KASAN: use-after-free Read in ip6_tnl_start_xmit 1 758d 758d 630d b84bbaf7 packet: in packet_snd start writing at link layer allocation
INFO: rcu detected stall in snd_pcm_oss_prepare 4 779d 781d 631d e15dc99d ALSA: pcm: Fix endless loop for XRUN recovery in OSS emulation
WARNING in up_write C 725 739d 787d 631d d7d760ef locking/rwsem: Add a new RWSEM_ANONYMOUSLY_OWNED flag
BUG: soft lockup in d_walk C 163 717d 763d 631d 4fb48871 restore cond_resched() in shrink_dcache_parent()
general protection fault in vsscanf C 7 658d 688d 633d 10aa1452 9p: fix multiple NULL-pointer-dereferences
net-next boot error 66 667d 672d 639d ca9e83b4 virtio-net: correctly update XDP_TX counters
WARNING in input_alloc_absinfo C 318 641d 714d 639d 100294ce Input: do not use WARN() in input_alloc_absinfo()
KASAN: use-after-free Read in ip6_hold_safe C 1 665d 665d 639d 6d37fa49 l2tp: use sk_dst_check() to avoid race on sk->sk_dst_cache
KASAN: use-after-free Read in iotlb_access_ok 1 664d 660d 639d b13f9c63 vhost: reset metadata cache when initializing new IOTLB
general protection fault in process_init_reply C 24 646d 681d 639d e8f3bd77 fuse: Fix oops at process_init_reply()
WARNING: suspicious RCU usage in bpf_prog_array_copy_core C 22873 639d 653d 639d 965931e3 bpf: fix a rcu usage warning in bpf_prog_array_copy_core()
WARNING: lock held when returning to user space in fuse_lock_inode C 1439 645d 686d 639d 63576c13 fuse: fix initial parallel dirops
WARNING: refcount bug in llc_sap_find C 18 658d 660d 639d 0dcb8225 llc: use refcount_inc_not_zero() for llc_sap_find()
possible deadlock in rhashtable_lookup_insert_fast C 28 650d 653d 639d ff93bca7 ila: make lockdep happy again
KASAN: slab-out-of-bounds Write in crypto_dh_encode_key C 1401 661d 689d 639d 35f7d522 crypto: dh - fix calculating encoded key size
KASAN: slab-out-of-bounds Read in _autofs_dev_ioctl C 5 651d 652d 639d 0633da48 autofs: fix autofs_sbi() does not check super block type
KASAN: use-after-free Write in ip6_hold_safe C 25 662d 673d 639d 6d37fa49 l2tp: use sk_dst_check() to avoid race on sk->sk_dst_cache
general protection fault in validate_checkpoint 186 665d 666d 639d d3f07c04 f2fs: fix invalid memory access
BUG: soft lockup in snd_virmidi_output_trigger 3 679d 780d 639d 50e9ffb1 ALSA: virmidi: Fix too long output trigger loop
general protection fault in send_sigurg_to_task C 6 651d 654d 639d 84fe4cc0 signal: Don't send signals to tasks that don't exist
KASAN: slab-out-of-bounds Write in eth_header_parse C 7 658d 671d 639d 4576cd46 packet: refine ring v3 block size test to hold one frame
WARNING in __snd_rawmidi_transmit_ack (2) C 6 645d 653d 639d 82fd4b05 ALSA: seq: virmidi: Fix discarding the unsubscribed output
general protection fault in send_sigio_to_task C 176 650d 654d 639d 84fe4cc0 signal: Don't send signals to tasks that don't exist
KASAN: use-after-free Read in do_shrink_slab 9 645d 649d 639d 8df4a44c mm: check shrinker is memcg-aware in register_shrinker_prepared()
KMSAN: uninit-value in do_msgrcv C 8 639d 716d 639d 39cfffd7 ipc/util.c: use ipc_rcu_putref() for failues in ipc_addid() 615c999c ipc: compute kern_ipc_perm.id under the ipc lock e2652ae6 ipc: reorganize initialization of kern_ipc_perm.seq
WARNING: ODEBUG bug in vsock_stream_connect C 42 659d 668d 639d 455f05ec vsock: split dwork to avoid reinitializations
KASAN: slab-out-of-bounds Read in pdu_read C 267 655d 690d 639d f984579a 9p: validate PDU length 7913690d net/9p/client.c: version pointer uninitialized
WARNING in close_fs_devices C 137 680d 723d 639d 81ffd56b btrfs: fix mount and ioctl device scan ioctl race
general protection fault in string (2) 1 665d 665d 639d a6bcfc89 net: check extack._msg before print
general protection fault in p9_fd_create_unix C 4 685d 688d 639d 10aa1452 9p: fix multiple NULL-pointer-dereferences
general protection fault in mount_fs C 1 785d 785d 639d 7464726c hfsplus: don't return 0 when fill_super() failed
general protection fault in open_fs_devices C 8 690d 722d 639d 81ffd56b btrfs: fix mount and ioctl device scan ioctl race
general protection fault in smc_ioctl (3) C 15 658d 659d 639d 7311d665 net/smc: move sock lock in smc_ioctl()
KASAN: slab-out-of-bounds Write in vmac_final C 2 716d 712d 639d bb296481 crypto: vmac - separate tfm and request context
BUG: corrupted list in p9_fd_cancel C 34 675d