KMSAN: uninit-value in ___bpf_prog_run (4)
bpf
|
C |
|
|
322 |
86d |
500d
|
27/28 |
never |
4c2d14c40a68
ppp: Fix KMSAN uninit-value warning with bpf
|
possible deadlock in xsk_diag_dump
bpf
net
|
|
|
|
4 |
24d |
31d
|
26/28 |
never |
f0433eea4688
net: don't mix device locking in dev_close_many() calls
|
KASAN: slab-out-of-bounds Read in atomic_ptr_type_ok
bpf
|
C |
done |
|
4 |
60d |
57d
|
27/28 |
never |
9aa8fe29f624
Merge branch 'bpf-fix-oob-read-and-add-tests-for-load-acquire-store-release'
c03bb2fa327e
bpf: Fix out-of-bounds read in check_atomic_load/store()
|
WARNING in vmap_pages_range_noflush (2)
bpf
net
|
C |
error |
|
250 |
990d |
992d
|
1/28 |
never |
mm/gup.c: Fix return value for __gup_longterm_locked()
|
possible deadlock in lock_timer_base
bpf
trace
|
C |
|
|
142 |
113d |
1587d
|
1/28 |
never |
kfence: fix potential deadlock due to wake_up()
|
general protection fault in bpf_map_offload_map_alloc
bpf
|
|
|
|
494 |
62d |
63d
|
27/28 |
never |
0a5c8b2c8ccb
bpf: fix a possible NULL deref in bpf_map_offload_map_alloc()
|
possible deadlock in bpf_map_mmap
bpf
|
|
|
|
1 |
113d |
109d
|
27/28 |
never |
bc27c52eea18
bpf: avoid holding freeze_mutex during mmap operation
|
WARNING in dev_xdp_install
bpf
|
C |
|
|
245 |
35d |
42d
|
27/28 |
never |
d996e412b2df
bpf: add missing ops lock around dev_xdp_attach_link
|
UBSAN: array-index-out-of-bounds in bpf_prog_select_runtime
bpf
|
C |
done |
|
1160 |
39d |
421d
|
27/28 |
never |
6ebc5030e0c5
bpf: Fix array bounds error with may_goto
|
possible deadlock in __bpf_ringbuf_reserve
bpf
|
C |
error |
|
2490 |
18d |
423d
|
26/28 |
never |
a650d38915c1
bpf: Convert ringbuf map to rqspinlock
|
possible deadlock in queue_stack_map_push_elem
bpf
|
C |
error |
|
78 |
34d |
386d
|
27/28 |
never |
2f41503d6476
bpf: Convert queue_stack map to rqspinlock
|
possible deadlock in __queue_map_get
bpf
|
C |
error |
|
180 |
32d |
391d
|
27/28 |
never |
2f41503d6476
bpf: Convert queue_stack map to rqspinlock
|
possible deadlock in trie_delete_elem
bpf
|
C |
done |
done |
21444 |
40d |
415d
|
17/28 |
never |
47979314c0fe
bpf: Convert lpm_trie.c to rqspinlock
|
KASAN: vmalloc-out-of-bounds Write in push_insn_history
bpf
|
|
|
|
136 |
151d |
164d
|
28/28 |
2d01h |
d699440f58ce
mm: fix vrealloc()'s KASAN poisoning logic
|
KASAN: vmalloc-out-of-bounds Write in vrealloc_noprof
bpf
|
C |
done |
|
440 |
2d08h |
165d
|
28/28 |
2d01h |
d699440f58ce
mm: fix vrealloc()'s KASAN poisoning logic
|
general protection fault in bpf_prog_array_delete_safe
bpf
|
C |
done |
|
5 |
152d |
154d
|
28/28 |
3d01h |
978c4486cca5
bpf,perf: Fix invalid prog_array access in perf_event_detach_bpf_prog
|
KASAN: slab-use-after-free Read in bpf_trace_run2 (2)
bpf
trace
|
syz |
error |
|
123 |
186d |
203d
|
28/28 |
3d01h |
2e8a12b82c40
tracing: Fix syscall tracepoint use-after-free
|
WARNING: locking bug in __lock_task_sighand
bpf
trace
|
C |
unreliable |
|
89 |
105d |
162d
|
28/28 |
3d01h |
87c544108b61
bpf: Send signals asynchronously if !preemptible
|
BUG: using smp_processor_id() in preemptible code in bpf_mem_alloc
bpf
|
C |
done |
|
12 |
175d |
172d
|
28/28 |
143d |
4ff04abf9d5b
bpf: Add necessary migrate_disable to range_tree.
|
WARNING in push_jmp_history
bpf
|
C |
done |
|
5 |
214d |
213d
|
28/28 |
176d |
aa30eb3260b2
bpf: Force checkpoint when jmp history is too long
|
general protection fault in dev_map_enqueue (2)
bpf
net
|
C |
error |
done |
336 |
281d |
347d
|
28/28 |
177d |
09d88791c7cd
bpf: Make sure internal and UAPI bpf_redirect flags don't overlap
|
WARNING in sock_map_close (2)
bpf
net
|
C |
done |
|
3 |
260d |
260d
|
28/28 |
199d |
1461f5a3d810
l2tp: avoid overriding sk->sk_user_data
|
BUG: unable to handle kernel paging request in bpf_prog_ADDR (3)
bpf
net
|
C |
done |
|
6 |
300d |
300d
|
28/28 |
199d |
92de36080c93
bpf: Fail verification for sign-extension of packet data/data_end/data_meta
|
KASAN: slab-use-after-free Read in htab_map_alloc (2)
bpf
|
|
|
|
224 |
363d |
370d
|
27/28 |
239d |
86735b57c905
net/sched: unregister lockdep keys in qdisc_create/qdisc_alloc error path
|
KASAN: stack-out-of-bounds Read in xdp_do_check_flushed
bpf
net
|
C |
done |
|
127 |
280d |
301d
|
27/28 |
259d |
9da49aa80d68
tun: Add missing bpf_net_ctx_clear() in do_xdp_generic()
|
general protection fault in __dev_flush
net
bpf
|
C |
|
|
35 |
280d |
294d
|
27/28 |
259d |
9da49aa80d68
tun: Add missing bpf_net_ctx_clear() in do_xdp_generic()
|
general protection fault in bq_flush_to_queue
bpf
net
|
|
|
|
22 |
280d |
289d
|
27/28 |
259d |
9da49aa80d68
tun: Add missing bpf_net_ctx_clear() in do_xdp_generic()
|
KASAN: slab-use-after-free Read in bq_xmit_all
bpf
net
|
C |
done |
|
29 |
280d |
294d
|
27/28 |
259d |
9da49aa80d68
tun: Add missing bpf_net_ctx_clear() in do_xdp_generic()
|
general protection fault in __xsk_map_flush
bpf
net
|
C |
done |
|
26 |
280d |
297d
|
27/28 |
259d |
9da49aa80d68
tun: Add missing bpf_net_ctx_clear() in do_xdp_generic()
|
general protection fault in __cpu_map_flush
bpf
net
|
C |
inconclusive |
|
25 |
281d |
294d
|
27/28 |
259d |
9da49aa80d68
tun: Add missing bpf_net_ctx_clear() in do_xdp_generic()
|
general protection fault in xdp_do_generic_redirect
net
bpf
|
|
|
|
8 |
304d |
308d
|
27/28 |
268d |
fecef4cd42c6
tun: Assign missing bpf_net_context.
|
general protection fault in dev_map_redirect
bpf
net
|
C |
|
|
362 |
304d |
311d
|
27/28 |
268d |
fecef4cd42c6
tun: Assign missing bpf_net_context.
|
stack segment fault in dev_hash_map_redirect
bpf
net
|
C |
done |
|
29 |
304d |
311d
|
27/28 |
268d |
fecef4cd42c6
tun: Assign missing bpf_net_context.
|
general protection fault in xdp_do_redirect
bpf
net
|
|
|
|
15 |
305d |
311d
|
27/28 |
268d |
fecef4cd42c6
tun: Assign missing bpf_net_context.
|
stack segment fault in bpf_xdp_redirect
bpf
net
|
C |
|
|
181 |
304d |
311d
|
27/28 |
268d |
fecef4cd42c6
tun: Assign missing bpf_net_context.
|
stack segment fault in cpu_map_redirect
net
bpf
|
C |
done |
|
11 |
304d |
303d
|
27/28 |
268d |
fecef4cd42c6
tun: Assign missing bpf_net_context.
|
WARNING in bpf_lwt_seg6_adjust_srh
bpf
net
|
C |
done |
|
30 |
303d |
318d
|
27/28 |
268d |
c13fda93aca1
bpf: Remove tst_run from lwt_seg6local_prog_ops.
|
possible deadlock in console_flush_all (2)
trace
bpf
|
C |
error |
|
52996 |
304d |
579d
|
26/28 |
303d |
ae01e52da244
serial: drop debugging WARN_ON_ONCE() from uart_write()
|
WARNING in skb_ensure_writable
bpf
net
|
C |
done |
|
2893 |
304d |
382d
|
26/28 |
303d |
2bbe3e5a2f4e
bpf: Avoid splat in pskb_pull_reason
|
INFO: task hung in bpf_prog_dev_bound_destroy
bpf
|
|
|
|
94 |
323d |
334d
|
26/28 |
303d |
d864319871b0
net/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc()
|
possible deadlock in __sock_map_delete
bpf
net
|
C |
|
|
14 |
346d |
390d
|
26/28 |
312d |
98e948fb60d4
bpf: Allow delete from sockmap/sockhash only if update is allowed
|
general protection fault in bpf_get_attach_cookie_tracing
bpf
trace
|
C |
error |
|
7 |
338d |
369d
|
26/28 |
325d |
d0d1df8ba18a
bpf: Set run context for rawtp test_run callback
|
KASAN: slab-use-after-free Read in bpf_link_free (2)
bpf
|
syz |
|
|
52 |
335d |
347d
|
26/28 |
325d |
2884dc7d08d9
bpf: Fix a potential use-after-free in bpf_link_free()
|
WARNING in sock_map_close
bpf
net
|
C |
error |
|
182 |
332d |
395d
|
25/28 |
332d |
4b4647add7d3
sock_map: avoid race between sock_map_close and sk_psock_put
|
possible deadlock in sock_hash_delete_elem (2)
bpf
net
|
C |
|
|
1127 |
333d |
415d
|
25/28 |
332d |
98e948fb60d4
bpf: Allow delete from sockmap/sockhash only if update is allowed
|
KMSAN: uninit-value in __bpf_strtoull
bpf
|
C |
|
|
119 |
339d |
415d
|
25/28 |
338d |
e8742081db7d
bpf: Mark bpf prog stack with kmsan_unposion_memory in interpreter mode
|
KMSAN: uninit-value in trie_delete_elem
bpf
|
C |
|
|
52 |
339d |
408d
|
25/28 |
338d |
e8742081db7d
bpf: Mark bpf prog stack with kmsan_unposion_memory in interpreter mode
|
KMSAN: uninit-value in dev_map_lookup_elem
bpf
net
|
C |
|
|
3 |
403d |
410d
|
25/28 |
338d |
e8742081db7d
bpf: Mark bpf prog stack with kmsan_unposion_memory in interpreter mode
|
KMSAN: uninit-value in trie_lookup_elem
bpf
|
C |
|
|
12 |
396d |
414d
|
25/28 |
338d |
e8742081db7d
bpf: Mark bpf prog stack with kmsan_unposion_memory in interpreter mode
|
possible deadlock in kvfree_call_rcu
bpf
|
C |
|
|
1431 |
339d |
408d
|
25/28 |
338d |
59f2f841179a
bpf: Avoid kfree_rcu() under lock in bpf_lpm_trie.
|
BUG: unable to handle kernel paging request in bpf_prog_ADDR (2)
bpf
|
C |
|
|
3 |
381d |
395d
|
25/28 |
338d |
543576ec15b1
bpf: Add BPF_PROG_TYPE_CGROUP_SKB attach type enforcement in BPF_LINK_CREATE
|
KMSAN: uninit-value in array_map_lookup_elem
bpf
|
C |
|
|
10 |
393d |
413d
|
25/28 |
338d |
e8742081db7d
bpf: Mark bpf prog stack with kmsan_unposion_memory in interpreter mode
|
KMSAN: uninit-value in sock_map_delete_elem
bpf
net
|
C |
|
|
44 |
339d |
410d
|
25/28 |
338d |
e8742081db7d
bpf: Mark bpf prog stack with kmsan_unposion_memory in interpreter mode
|
WARNING in __mark_chain_precision (4)
bpf
|
C |
|
|
8 |
383d |
403d
|
25/28 |
338d |
1f2a74b41ea8
bpf: prevent r10 register from being marked as precise
|
KASAN: stack-out-of-bounds Read in hash
bpf
|
C |
done |
|
5 |
390d |
398d
|
25/28 |
351d |
a8d89feba7e5
bpf: Check bloom filter map value size
|
possible deadlock in force_sig_info_to_task
bpf
trace
|
C |
error |
|
6 |
371d |
379d
|
25/28 |
351d |
02b670c1f88e
x86/mm: Remove broken vsyscall emulation code from the page fault code
|
KCSAN: data-race in sk_psock_drop / sk_psock_skb_ingress_enqueue
bpf
net
|
|
|
|
1 |
420d |
412d
|
25/28 |
351d |
6648e613226e
bpf, skmsg: Fix NULL pointer dereference in sk_psock_skb_ingress_enqueue
|
possible deadlock in tty_port_tty_get (2)
bpf
net
|
|
|
|
3 |
394d |
413d
|
25/28 |
351d |
ff9105993240
bpf, sockmap: Prevent lock inversion deadlock in map delete elem
|
possible deadlock in put_pwq_unlocked
trace
bpf
|
|
|
|
3 |
389d |
388d
|
25/28 |
351d |
ff9105993240
bpf, sockmap: Prevent lock inversion deadlock in map delete elem
|
WARNING in sock_map_delete_elem
bpf
net
|
C |
|
|
17183 |
378d |
417d
|
25/28 |
351d |
ff9105993240
bpf, sockmap: Prevent lock inversion deadlock in map delete elem
|
possible deadlock in scheduler_tick (3)
bpf
net
|
C |
|
|
1179 |
378d |
414d
|
25/28 |
351d |
ff9105993240
bpf, sockmap: Prevent lock inversion deadlock in map delete elem
|
possible deadlock in pit_timer_fn
bpf
net
|
|
|
|
7 |
389d |
400d
|
25/28 |
351d |
ff9105993240
bpf, sockmap: Prevent lock inversion deadlock in map delete elem
|
possible deadlock in rcu_exp_handler
bpf
net
|
C |
|
|
1 |
392d |
388d
|
25/28 |
351d |
ff9105993240
bpf, sockmap: Prevent lock inversion deadlock in map delete elem
|
possible deadlock in rcu_report_exp_cpu_mult
net
bpf
|
C |
done |
|
30 |
379d |
417d
|
25/28 |
351d |
ff9105993240
bpf, sockmap: Prevent lock inversion deadlock in map delete elem
|
possible deadlock in try_to_wake_up (4)
bpf
net
|
C |
error |
|
19 |
354d |
417d
|
25/28 |
351d |
ff9105993240
bpf, sockmap: Prevent lock inversion deadlock in map delete elem
|
possible deadlock in ahci_single_level_irq_intr
bpf
net
|
C |
|
|
10 |
400d |
408d
|
25/28 |
351d |
ff9105993240
bpf, sockmap: Prevent lock inversion deadlock in map delete elem
|
WARNING in sock_map_unref
bpf
net
|
C |
error |
|
97 |
379d |
392d
|
25/28 |
351d |
ff9105993240
bpf, sockmap: Prevent lock inversion deadlock in map delete elem
|
possible deadlock in __lock_task_sighand (2)
bpf
net
|
C |
|
|
1476 |
353d |
416d
|
25/28 |
351d |
ff9105993240
bpf, sockmap: Prevent lock inversion deadlock in map delete elem
|
WARNING in sock_hash_delete_elem
bpf
net
|
C |
done |
|
16982 |
378d |
417d
|
25/28 |
351d |
ff9105993240
bpf, sockmap: Prevent lock inversion deadlock in map delete elem
|
possible deadlock in hrtimer_run_queues
net
bpf
|
C |
error |
|
592 |
378d |
415d
|
25/28 |
351d |
ff9105993240
bpf, sockmap: Prevent lock inversion deadlock in map delete elem
|
possible deadlock in swake_up_one
bpf
net
|
C |
|
|
4 |
390d |
388d
|
25/28 |
351d |
ff9105993240
bpf, sockmap: Prevent lock inversion deadlock in map delete elem
|
possible deadlock in pwq_dec_nr_in_flight
trace
bpf
|
|
|
|
1 |
394d |
390d
|
25/28 |
351d |
ff9105993240
bpf, sockmap: Prevent lock inversion deadlock in map delete elem
|
WARNING in _prb_commit
net
bpf
|
|
|
|
4 |
389d |
385d
|
25/28 |
351d |
ff9105993240
bpf, sockmap: Prevent lock inversion deadlock in map delete elem
|
possible deadlock in posix_timer_fn (2)
net
bpf
|
|
|
|
1 |
392d |
388d
|
25/28 |
351d |
ff9105993240
bpf, sockmap: Prevent lock inversion deadlock in map delete elem
|
possible deadlock in drm_handle_vblank
bpf
net
|
|
|
|
30 |
389d |
415d
|
25/28 |
351d |
ff9105993240
bpf, sockmap: Prevent lock inversion deadlock in map delete elem
|
KASAN: slab-out-of-bounds Read in xsk_setsockopt
bpf
net
|
C |
|
|
17 |
391d |
399d
|
25/28 |
351d |
237f3cf13b20
xsk: validate user input for XDP_{UMEM|COMPLETION}_FILL_RING
|
UBSAN: array-index-out-of-bounds in check_stack_range_initialized
bpf
|
C |
error |
|
21 |
382d |
415d
|
25/28 |
351d |
ecc6a2101840
bpf: Protect against int overflow for stack access size
|
general protection fault in dev_map_enqueue
bpf
net
|
C |
|
|
676 |
351d |
408d
|
25/28 |
351d |
5bcf0dcbf906
xdp: use flags field to disambiguate broadcast redirect
|
KASAN: slab-use-after-free Read in bpf_link_free
bpf
|
syz |
|
|
181 |
351d |
399d
|
25/28 |
351d |
1a80dbcb2dba
bpf: support deferring bpf_link dealloc to after RCU grace period
|
KASAN: slab-use-after-free Read in bpf_trace_run4
bpf
trace
|
C |
error |
|
169 |
396d |
414d
|
25/28 |
351d |
1a80dbcb2dba
bpf: support deferring bpf_link dealloc to after RCU grace period
|
KASAN: slab-use-after-free Read in bpf_trace_run2
bpf
trace
|
C |
error |
|
653 |
396d |
414d
|
25/28 |
351d |
1a80dbcb2dba
bpf: support deferring bpf_link dealloc to after RCU grace period
|
KASAN: slab-use-after-free Read in bpf_trace_run1
bpf
trace
|
C |
error |
|
78 |
396d |
410d
|
25/28 |
351d |
1a80dbcb2dba
bpf: support deferring bpf_link dealloc to after RCU grace period
|
linux-next boot error: WARNING in register_btf_kfunc_id_set
bpf
|
|
|
|
9 |
462d |
462d
|
25/28 |
394d |
a05e90427ef6
bpf: btf: Add BTF_KFUNCS_START/END macro pair
|
general protection fault in bpf_struct_ops_find_value
bpf
|
C |
done |
|
9 |
467d |
469d
|
25/28 |
394d |
e6be8cd5d3cf
bpf: Fix error checks against bpf_get_btf_vmlinux().
|
BUG: unable to handle kernel NULL pointer dereference in dev_map_hash_update_elem
bpf
net
|
C |
|
|
2 |
438d |
445d
|
25/28 |
394d |
281d464a34f5
bpf: Fix DEVMAP_HASH overflow check on 32-bit arches
|
general protection fault in btf_is_module
bpf
|
C |
error |
|
318 |
466d |
470d
|
25/28 |
394d |
e6be8cd5d3cf
bpf: Fix error checks against bpf_get_btf_vmlinux().
|
BUG: unable to handle kernel NULL pointer dereference in unix_stream_sendmsg
bpf
net
|
C |
|
|
1 |
437d |
437d
|
25/28 |
402d |
4cd12c6065df
bpf, sockmap: Fix NULL pointer dereference in sk_psock_verdict_data_ready()
|
BUG: unable to handle kernel NULL pointer dereference in sk_psock_verdict_data_ready
net
bpf
|
C |
unreliable |
|
15 |
432d |
552d
|
25/28 |
402d |
4cd12c6065df
bpf, sockmap: Fix NULL pointer dereference in sk_psock_verdict_data_ready()
|
WARNING in __mark_chain_precision (3)
bpf
|
C |
done |
|
19 |
494d |
516d
|
25/28 |
464d |
482d548d40b0
bpf: handle fake register spill to stack with BPF_ST_MEM instruction
|
KASAN: slab-use-after-free Read in nla_find
bpf
net
|
C |
done |
|
4 |
508d |
508d
|
25/28 |
465d |
2130c519a401
bpf: Use nla_ok() instead of checking nla_len directly
|
WARNING: locking bug in corrupted (2)
bpf
reiserfs
|
C |
done |
done |
1 |
515d |
668d
|
25/28 |
465d |
6f861765464f
fs: Block writes to mounted block devices
|
WARNING in __sk_msg_free
bpf
net
|
C |
done |
|
4 |
491d |
489d
|
25/28 |
465d |
dc9dfc8dc629
net: tls, fix WARNIING in __sk_msg_free
|
kernel BUG in prog_array_map_poke_run
bpf
|
C |
done |
done |
35 |
508d |
549d
|
25/28 |
472d |
4b7de801606e
bpf: Fix prog_array_map_poke_run map poke update
|
KASAN: null-ptr-deref Write in unix_stream_bpf_update_proto
bpf
net
|
C |
done |
|
54 |
496d |
526d
|
25/28 |
474d |
8d6650646ce4
bpf: syzkaller found null ptr deref in unix_bpf proto add
|
WARNING in bpf_mprog_pos_after
bpf
|
|
|
|
3 |
591d |
599d
|
25/28 |
505d |
f9b0e1088bbf
bpf, mprog: Fix maximum program check on mprog attachment
|
WARNING: zero-size vmalloc in xskq_create
bpf
net
|
|
|
|
20 |
574d |
582d
|
25/28 |
505d |
a12bbb3cccf0
xdp: Fix zero-size allocation warning in xskq_create()
|
WARNING: zero-size vmalloc in print_tainted
bpf
net
|
C |
|
|
79 |
698d |
732d
|
25/28 |
505d |
a12bbb3cccf0
xdp: Fix zero-size allocation warning in xskq_create()
|
WARNING in bpf_mprog_attach
bpf
|
C |
|
|
3 |
583d |
590d
|
25/28 |
505d |
f9b0e1088bbf
bpf, mprog: Fix maximum program check on mprog attachment
|
WARNING in bpf_mprog_pos_before
bpf
|
C |
done |
|
26 |
583d |
590d
|
25/28 |
505d |
f9b0e1088bbf
bpf, mprog: Fix maximum program check on mprog attachment
|
general protection fault in bpf_prog_offload_verifier_prep
bpf
|
C |
done |
|
31 |
595d |
613d
|
25/28 |
505d |
1a49f4195d34
bpf: Avoid dummy bpf_offload_netdev in __bpf_prog_dev_bound_init
|
WARNING: refcount bug in xp_put_pool
bpf
net
|
C |
done |
|
2 |
650d |
648d
|
23/28 |
575d |
85c2c79a0730
xsk: fix refcount underflow in error path
|
KASAN: slab-use-after-free Read in xsk_diag_dump
net
bpf
|
C |
done |
|
9 |
610d |
619d
|
23/28 |
575d |
3e019d8a05a3
xsk: Fix xsk_diag use-after-free error during socket cleanup
|
UBSAN: array-index-out-of-bounds in bpf_mprog_detach
bpf
|
|
|
|
3 |
643d |
649d
|
23/28 |
575d |
d210f9735e13
bpf: Fix mprog detachment for empty mprog entry
|
KCSAN: data-race in bpf_percpu_array_update / bpf_percpu_array_update (2)
bpf
|
|
|
|
1 |
619d |
619d
|
23/28 |
575d |
6a86b5b5cd76
bpf: Annotate bpf_long_memcpy with data_race
|
WARNING in tcx_uninstall
bpf
net
|
C |
done |
|
7 |
649d |
653d
|
23/28 |
575d |
079082c60aff
tcx: Fix splat during dev unregister
|
WARNING in bpf_xdp_adjust_tail (4)
bpf
|
C |
error |
|
466 |
640d |
850d
|
23/28 |
575d |
d14eea09edf4
net: core: remove unnecessary frame_sz check in bpf_xdp_adjust_tail()
|
KMSAN: uninit-value in ieee802154_subif_start_xmit
bpf
|
C |
done |
|
119 |
645d |
641d
|
23/28 |
575d |
db2baf82b098
bpf: Fix an incorrect verification success with movsx insn
|
WARNING: ODEBUG bug in tcx_uninstall
net
bpf
|
C |
done |
|
38 |
654d |
659d
|
23/28 |
575d |
dc644b540a2d
tcx: Fix splat in ingress_destroy upon tcx_entry_free
|
INFO: rcu detected stall in ext4_file_write_iter (7)
mm
bpf
ext4
|
|
|
|
3 |
617d |
659d
|
23/28 |
575d |
8c21ab1bae94
net/sched: fq_pie: avoid stalls in fq_pie_timer()
|
UBSAN: array-index-out-of-bounds in print_bpf_insn
bpf
|
C |
done |
|
9 |
646d |
648d
|
23/28 |
575d |
e99688eba2e9
bpf: Fix an array-index-out-of-bounds issue in disasm.c
|
KCSAN: data-race in __bpf_lru_list_rotate / __htab_lru_percpu_map_update_elem (5)
bpf
|
|
|
|
13 |
683d |
745d
|
23/28 |
588d |
ee9fd0ac3017
bpf: Address KCSAN report on bpf_lru_list
|
WARNING in btf_type_id_size (2)
bpf
|
C |
error |
|
8 |
684d |
715d
|
23/28 |
588d |
e6c2f594ed96
bpf: Silence a warning in btf_type_id_size()
|
WARNING: bad unlock balance in bpf
bpf
|
C |
done |
|
12 |
714d |
714d
|
23/28 |
588d |
4266f41feaee
bpf: Fix bad unlock balance on freeze_mutex
|
WARNING in bpf_verifier_vlog
bpf
|
C |
inconclusive |
|
6 |
736d |
973d
|
23/28 |
588d |
cff36398bd4c
bpf: drop unnecessary user-triggerable WARN_ONCE in verifierl log
|
BUG: unable to handle kernel NULL pointer dereference in __build_skb_around
net
bpf
|
C |
done |
|
29 |
780d |
786d
|
22/28 |
701d |
e5995bc7e2ba
bpf, test_run: fix crashes due to XDP frame overwriting/corruption
|
KASAN: slab-out-of-bounds Write in copy_array (2)
bpf
|
|
|
|
108 |
701d |
729d
|
22/28 |
701d |
45435d8da71f
bpf: Always use maximal size for copy_array()
|
riscv/fixes boot error: WARNING in __apply_to_page_range (2)
bpf
|
|
|
|
5 |
808d |
870d
|
22/28 |
701d |
96f9d4daf745
riscv: Rework kasan population functions
|
general protection fault in bpf_struct_ops_link_create
bpf
net
|
C |
done |
|
17 |
774d |
777d
|
22/28 |
701d |
55fbae05476d
bpf: Check IS_ERR for the bpf_map_get() return value
|
WARNING in sock_map_del_link
bpf
net
|
|
|
|
91 |
756d |
757d
|
22/28 |
701d |
8c5c2a4898e3
bpf, sockmap: Revert buggy deadlock fix in the sockhash and sockmap
|
KASAN: slab-out-of-bounds Write in copy_verifier_state
bpf
|
C |
error |
done |
825 |
854d |
872d
|
22/28 |
701d |
45435d8da71f
bpf: Always use maximal size for copy_array()
|
BUG: stack guard page was hit in inet6_release
bpf
net
|
C |
done |
|
4 |
835d |
884d
|
22/28 |
701d |
ddce1e091757
bpf, sockmap: Check for any of tcp_bpf_prots when cloning a listener
|
possible deadlock in bpf_trace_printk
bpf
trace
|
C |
done |
done |
68 |
809d |
1064d
|
22/28 |
777d |
05b24ff9b2cf
bpf: Prevent bpf program recursion for raw tracepoint probes
|
KASAN: vmalloc-out-of-bounds Read in bpf_jit_free
bpf
|
C |
|
|
68 |
1004d |
1179d
|
22/28 |
805d |
1d5f82d9dd47
bpf, x86: fix freeing of not-finalized bpf_prog_pack
d24d2a2b0a81
bpf: bpf_prog_pack: Set proper size before freeing ro_header
|
WARNING: kmalloc bug in xdp_umem_create (2)
bpf
net
|
C |
done |
|
21 |
1184d |
1250d
|
22/28 |
805d |
0708a0afe291
mm: Consider __GFP_NOWARN flag for oversized kvmalloc() calls
|
BUG: sleeping function called from invalid context in sk_psock_skb_ingress_self
net
bpf
|
C |
done |
|
151 |
915d |
937d
|
22/28 |
805d |
2d1f274b95c6
skmsg: pass gfp argument to alloc_sk_msg()
|
WARNING in bpf_skb_load_helper_16_no_cache
bpf
|
C |
done |
|
6 |
1011d |
1041d
|
22/28 |
805d |
0326195f523a
bpf: Make sure mac_header was set before using it
|
KASAN: vmalloc-out-of-bounds Write in ringbuf_map_alloc
bpf
|
C |
done |
|
541 |
1190d |
1193d
|
22/28 |
805d |
b293dcc473d2
bpf: Use VM_MAP instead of VM_ALLOC for ringbuf
|
bpf-next boot error: WARNING in bpf_prog_pack_free
bpf
|
|
|
|
12 |
1144d |
1145d
|
22/28 |
805d |
96805674e562
bpf: Fix bpf_prog_pack for multi-node setup
|
KASAN: slab-out-of-bounds Write in bpf_prog_test_run_xdp
bpf
net
|
C |
done |
|
18 |
1180d |
1198d
|
22/28 |
805d |
a6763080856f
bpf: test_run: Fix OOB access in bpf_prog_test_run_xdp
|
general protection fault in do_check_common
bpf
|
C |
done |
|
5 |
1037d |
1041d
|
22/28 |
805d |
d1a6edecc1fd
bpf: Check attach_func_proto more carefully in check_return_code
|
WARNING in bpf_test_finish
net
bpf
|
C |
done |
|
3 |
1166d |
1166d
|
22/28 |
805d |
530e214c5b5a
bpf, test_run: Fix overflow in XDP frags bpf_test_finish
|
KMSAN: uninit-value in ___bpf_prog_run (3)
bpf
|
C |
|
|
5 |
1119d |
1121d
|
22/28 |
805d |
99c07327ae11
netlink: reset network and mac headers in netlink_dump()
|
general protection fault in check_helper_call
bpf
|
C |
done |
|
4 |
1024d |
1029d
|
22/28 |
805d |
d1a6edecc1fd
bpf: Check attach_func_proto more carefully in check_return_code
|
general protection fault in btf_decl_tag_resolve
bpf
|
C |
done |
|
6 |
1191d |
1191d
|
22/28 |
805d |
d7e7b42f4f95
bpf: Fix a btf decl_tag bug when tagging a function
|
BUG: missing reserved tailroom
bpf
net
|
C |
done |
|
2 |
1156d |
1155d
|
22/28 |
805d |
b6f1f780b393
bpf, test_run: Fix packet size check for live packet mode
|
KASAN: slab-out-of-bounds Write in __build_skb_around
bpf
net
|
C |
error |
|
2536 |
878d |
893d
|
22/28 |
805d |
ce098da1497c
skbuff: Introduce slab_build_skb()
|
WARNING in btf_type_id_size
bpf
|
C |
done |
|
10 |
865d |
936d
|
22/28 |
805d |
ea68376c8bed
bpf: prevent decl_tag from being referenced in func_proto
|
WARNING: ODEBUG bug in htab_map_alloc
bpf
|
C |
|
|
6456 |
948d |
972d
|
22/28 |
805d |
cf7de6a53600
bpf: add missing percpu_counter_destroy() in htab_map_alloc()
|
WARNING: kmalloc bug in bpf
bpf
|
C |
done |
done |
562 |
1143d |
1260d
|
22/28 |
805d |
0708a0afe291
mm: Consider __GFP_NOWARN flag for oversized kvmalloc() calls
|
WARNING in bpf_skb_load_helper_32
bpf
|
C |
done |
|
9 |
1006d |
1037d
|
22/28 |
805d |
0326195f523a
bpf: Make sure mac_header was set before using it
|
WARNING in bpf_bprintf_prepare (2)
bpf
|
C |
|
|
2 |
938d |
977d
|
22/28 |
805d |
05b24ff9b2cf
bpf: Prevent bpf program recursion for raw tracepoint probes
|
WARNING in check_map_prog_compatibility
bpf
|
C |
inconclusive |
done |
128 |
956d |
1119d
|
22/28 |
805d |
34dd3bad1a6f
bpf: Relax the requirement to use preallocated hash maps in tracing progs.
|
bpf-next boot error: KASAN: global-out-of-bounds Read in task_iter_init
bpf
|
|
|
|
42 |
1274d |
1277d
|
20/28 |
1158d |
9e2ad638ae36
bpf: Extend BTF_ID_LIST_GLOBAL with parameter for number of IDs
|
general protection fault in bpf_skb_cgroup_id
bpf
net
|
C |
inconclusive |
|
107 |
1314d |
1329d
|
20/28 |
1158d |
435b08ec0094
bpf, test, cgroup: Use sk_{alloc,free} for test cases
|
general protection fault in bpf_skb_ancestor_cgroup_id
bpf
net
|
C |
unreliable |
|
232 |
1313d |
1329d
|
20/28 |
1158d |
435b08ec0094
bpf, test, cgroup: Use sk_{alloc,free} for test cases
|
general protection fault in dev_get_by_index_rcu (2)
bpf
net
|
C |
error |
|
18 |
1217d |
1218d
|
20/28 |
1158d |
382778edc826
xdp: check prog type before updating BPF link
|
WARNING: kmalloc bug in bpf_check
bpf
|
C |
done |
|
34 |
1331d |
1343d
|
20/28 |
1158d |
0e6491b55970
bpf: Add oversize check before call kvcalloc()
|
KASAN: vmalloc-out-of-bounds Read in bpf_prog_put
bpf
|
C |
done |
|
2 |
1237d |
1236d
|
20/28 |
1158d |
218d747a4142
bpf, sockmap: Fix double bpf_prog_put on error case in map_link
|
WARNING in bpf_bprintf_prepare
bpf
|
C |
unreliable |
|
96 |
1422d |
1460d
|
20/28 |
1276d |
e2d5b2bb769f
bpf: Fix nested bpf_bprintf_prepare with more per-cpu buffers
|
UBSAN: shift-out-of-bounds in ___bpf_prog_run
bpf
|
C |
unreliable |
|
38 |
1410d |
1521d
|
20/28 |
1276d |
28131e9d9333
bpf: Fix up register-based shifts in interpreter to silence KUBSAN
|
KASAN: use-after-free Write in sk_psock_stop
bpf
net
|
syz |
done |
|
74 |
1474d |
1494d
|
20/28 |
1276d |
aadb2bb83ff7
sock_map: Fix a potential use-after-free in sock_map_close()
|
memory leak in bpf (2)
bpf
|
C |
|
|
3 |
1431d |
1499d
|
20/28 |
1276d |
ccff81e1d028
bpf: Fix false positive kmemleak report in bpf_ringbuf_area_alloc()
|
general protection fault in btf_type_id_size
bpf
|
C |
unreliable |
|
6 |
1527d |
1523d
|
20/28 |
1276d |
350a5c4dd245
bpf: Dont allow vmlinux BTF to be used in map_create and prog_load.
|
WARNING: suspicious RCU usage in tcp_bpf_update_proto
bpf
net
|
C |
done |
|
539 |
1474d |
1494d
|
20/28 |
1276d |
51e0158a5432
skmsg: Pass psock pointer to ->psock_update_sk_prot()
|
WARNING: suspicious RCU usage in bpf_get_current_cgroup_id
bpf
|
C |
done |
|
764 |
1347d |
1385d
|
20/28 |
1276d |
2d3a1e3615c5
bpf: Add rcu_read_lock in bpf_get_current_[ancestor_]cgroup_id() helpers
|
WARNING in tracepoint_add_func
bpf
trace
|
C |
done |
|
20635 |
1392d |
1776d
|
20/28 |
1276d |
9913d5745bd7
tracepoint: Add tracepoint_probe_register_may_exist() for BPF tracing
|
KASAN: vmalloc-out-of-bounds Read in bpf_trace_run2
trace
bpf
|
C |
done |
done |
5 |
1533d |
1691d
|
20/28 |
1486d |
befe6d946551
tracepoint: Do not fail unregistering a probe due to memory failure
|
BUG: unable to handle kernel paging request in bpf_trace_run2
bpf
trace
|
C |
done |
done |
10 |
1530d |
1691d
|
20/28 |
1486d |
befe6d946551
tracepoint: Do not fail unregistering a probe due to memory failure
|
KMSAN: uninit-value in bpf_iter_prog_supported
bpf
|
|
|
|
4479 |
1490d |
1552d
|
20/28 |
1490d |
17d8beda277a
bpf: Fix an unitialized value in bpf_iter
|
KCSAN: data-race in bpf_lru_pop_free / bpf_lru_push_free
bpf
|
|
|
|
237 |
1539d |
1725d
|
20/28 |
1490d |
6df8fb83301d
bpf_lru_list: Read double-checked variable once without lock
|
KCSAN: data-race in __bpf_lru_list_rotate / bpf_lru_push_free (2)
bpf
|
|
|
|
32 |
1545d |
1614d
|
20/28 |
1490d |
6df8fb83301d
bpf_lru_list: Read double-checked variable once without lock
|
KASAN: vmalloc-out-of-bounds Read in bpf_trace_run3
bpf
trace
|
C |
done |
|
6 |
1547d |
1649d
|
20/28 |
1490d |
befe6d946551
tracepoint: Do not fail unregistering a probe due to memory failure
|
BUG: unable to handle kernel paging request in bpf_trace_run3
bpf
trace
|
C |
done |
|
40 |
1538d |
1660d
|
20/28 |
1490d |
befe6d946551
tracepoint: Do not fail unregistering a probe due to memory failure
|
memory leak in xskq_create
bpf
net
|
C |
|
|
7 |
1587d |
1608d
|
19/28 |
1521d |
8bee68338408
xsk: Fix memory leak for failed bind
|
BUG: unable to handle kernel paging request in htab_map_alloc (2)
bpf
|
C |
unreliable |
|
8 |
1608d |
1616d
|
19/28 |
1521d |
e1868b9e36d0
bpf: Avoid overflows involving hash elem_size
|
BUG: unable to handle kernel paging request in bpf_lru_populate
bpf
|
C |
done |
|
12 |
1608d |
1614d
|
19/28 |
1521d |
e1868b9e36d0
bpf: Avoid overflows involving hash elem_size
|
general protection fault in xsk_recvmsg
bpf
net
|
C |
done |
unreliable |
1800 |
1606d |
1575d
|
19/28 |
1521d |
3546b9b8eced
xsk: Validate socket state in xsk_recvmsg, prior touching socket members
|
KASAN: vmalloc-out-of-bounds Write in pcpu_freelist_populate
bpf
|
|
|
|
6 |
1610d |
1613d
|
19/28 |
1521d |
e1868b9e36d0
bpf: Avoid overflows involving hash elem_size
|
KASAN: use-after-free Read in htab_map_alloc
bpf
|
C |
done |
|
38 |
1648d |
1651d
|
19/28 |
1521d |
8aaeed81fcb9
bpf: Fix error path in htab_map_alloc()
|
BUG: unable to handle kernel paging request in htab_free_elems
bpf
|
|
|
|
1 |
1615d |
1615d
|
19/28 |
1521d |
e1868b9e36d0
bpf: Avoid overflows involving hash elem_size
|
KASAN: vmalloc-out-of-bounds Write in htab_map_alloc
bpf
|
|
|
|
6 |
1608d |
1617d
|
19/28 |
1521d |
e1868b9e36d0
bpf: Avoid overflows involving hash elem_size
|
BUG: unable to handle kernel paging request in pcpu_freelist_populate
bpf
|
C |
unreliable |
|
42 |
1606d |
1617d
|
19/28 |
1521d |
e1868b9e36d0
bpf: Avoid overflows involving hash elem_size
|
KASAN: vmalloc-out-of-bounds Read in htab_free_elems
bpf
|
C |
unreliable |
|
7 |
1614d |
1615d
|
19/28 |
1521d |
e1868b9e36d0
bpf: Avoid overflows involving hash elem_size
|
KASAN: vmalloc-out-of-bounds Write in bpf_lru_populate
bpf
|
C |
unreliable |
|
19 |
1607d |
1618d
|
19/28 |
1521d |
e1868b9e36d0
bpf: Avoid overflows involving hash elem_size
|
general protection fault in xsk_release
bpf
net
|
C |
done |
|
2 |
1687d |
1687d
|
15/28 |
1635d |
1fd17c8cd0aa
xsk: Fix possible crash in socket_release when out-of-memory
|
KASAN: use-after-free Write in xp_put_pool
bpf
net
|
C |
done |
|
50 |
1688d |
1710d
|
15/28 |
1635d |
83cf5c68d663
xsk: Fix use-after-free in failed shared_umem bind
|
general protection fault in xsk_is_setup_for_bpf_map
bpf
net
|
C |
error |
|
294 |
1687d |
1710d
|
15/28 |
1635d |
968be23ceaca
xsk: Fix possible segfault at xskmap entry insertion
|
WARNING in bpf_raw_tp_link_fill_link_info
bpf
|
C |
error |
|
56 |
1687d |
1702d
|
15/28 |
1635d |
b474959d5afd
bpf: Fix a buffer out-of-bound access when filling raw_tp link_info
|
memory leak in xdp_umem_create
net
bpf
|
C |
|
|
17 |
1639d |
1659d
|
15/28 |
1635d |
e5e1a4bc916d
xsk: Fix possible memory leak at socket close
|
general protection fault in xsk_diag_dump (2)
bpf
net
|
C |
|
|
354 |
1691d |
1710d
|
15/28 |
1635d |
53ea2076d851
xsk: Fix possible segfault in xsk umem diagnostics
|
general protection fault in __btf_resolve_helper_id
bpf
|
C |
|
|
17 |
1760d |
1768d
|
15/28 |
1695d |
5b801dfb7feb
bpf: Fix NULL pointer dereference in __btf_resolve_helper_id()
|
KASAN: use-after-free Write in bpf_link_put
bpf
|
|
|
|
2 |
1833d |
1835d
|
15/28 |
1756d |
138c67677ff5
bpf: Fix use-after-free of bpf_link when priming half-fails
|
general protection fault in sock_hash_free
net
bpf
|
|
|
|
1 |
1801d |
1801d
|
15/28 |
1756d |
75e68e5bf2c7
bpf, sockhash: Synchronize delete from bucket list on map free
|
BUG: unable to handle kernel NULL pointer dereference in smp_call_function_many_cond (2)
bpf
|
|
|
|
1 |
1780d |
1780d
|
15/28 |
1756d |
3021e69219e2
kcov: check kcov_softirq in kcov_remote_stop()
|
KMSAN: uninit-value in bpf_skb_load_helper_32_no_cache
net
bpf
|
|
|
|
2 |
1920d |
1918d
|
15/28 |
1849d |
457fed775c97
net/smc: fix leak of kernel memory to user space
|
possible deadlock in htab_lru_map_delete_node
bpf
|
C |
done |
|
264 |
1903d |
1908d
|
15/28 |
1849d |
b9aff38de2cb
bpf: Fix a potential deadlock with bpf_map_do_batch
|
possible deadlock in bpf_lru_push_free
bpf
|
C |
done |
|
609 |
1903d |
1909d
|
15/28 |
1849d |
b9aff38de2cb
bpf: Fix a potential deadlock with bpf_map_do_batch
|
BUG: sleeping function called from invalid context in lock_sock_nested
bpf
net
|
C |
|
|
1232 |
1907d |
1982d
|
15/28 |
1907d |
37f96694cf73
crypto: af_alg - Use bh_lock_sock in sk_destruct
|
WARNING in sk_psock_drop
bpf
net
|
|
|
|
157 |
1930d |
1938d
|
15/28 |
1907d |
58c8db929db1
net, sk_msg: Don't check if sock is locked when tearing down psock
|
general protection fault in free_verifier_state (3)
bpf
|
C |
|
|
5 |
1934d |
1941d
|
15/28 |
1907d |
f59bbfc2f609
bpf: Fix error path under memory pressure
|
KASAN: vmalloc-out-of-bounds Write in pcpu_alloc
bpf
|
C |
done |
|
31 |
1959d |
1983d
|
15/28 |
1911d |
253a496d8e57
kasan: don't assume percpu shadow allocations will succeed
|
BUG: unable to handle kernel paging request in pcpu_alloc
bpf
|
C |
done |
|
24 |
1964d |
1983d
|
15/28 |
1911d |
253a496d8e57
kasan: don't assume percpu shadow allocations will succeed
|
KASAN: slab-out-of-bounds Read in bpf_prog_create
bpf
net
|
C |
done |
|
447 |
1979d |
2060d
|
15/28 |
1948d |
0033b34a03ec
ppp: fix out-of-bounds access in bpf_prog_create()
|
KASAN: use-after-free Read in bpf_prog_kallsyms_find (2)
bpf
|
C |
done |
|
9 |
2023d |
2034d
|
13/28 |
1994d |
cd7455f1013e
bpf: Fix use after free in subprog's jited symbol removal
|
KASAN: use-after-free Read in is_bpf_text_address
bpf
|
C |
done |
|
3 |
2024d |
2026d
|
13/28 |
1994d |
cd7455f1013e
bpf: Fix use after free in subprog's jited symbol removal
|
BUG: unable to handle kernel paging request in is_bpf_text_address
bpf
|
C |
done |
|
2 |
2030d |
2030d
|
13/28 |
1994d |
cd7455f1013e
bpf: Fix use after free in subprog's jited symbol removal
|
BUG: unable to handle kernel NULL pointer dereference in xsk_poll
bpf
net
|
C |
done |
|
10 |
2030d |
2048d
|
13/28 |
2013d |
df551058f7a3
xsk: Fix crash in poll when device does not support ndo_xsk_wakeup
|
general protection fault in bpf_tcp_close (2)
bpf
|
C |
|
done |
26 |
2450d |
2493d
|
13/28 |
2027d |
e06fa9c16ce4
bpf, sockmap: fix potential use after free in bpf_tcp_close
|
general protection fault in xsk_poll
bpf
net
|
C |
done |
|
430 |
2062d |
2089d
|
13/28 |
2032d |
42fddcc7c64b
xsk: use state member for socket synchronization
|
general protection fault in xsk_map_update_elem
bpf
|
C |
done |
|
12 |
2052d |
2055d
|
13/28 |
2032d |
fcd30ae0665c
bpf/xskmap: Return ERR_PTR for failure case instead of NULL.
|
general protection fault in dev_map_hash_update_elem
bpf
net
|
C |
done |
|
4 |
2066d |
2072d
|
13/28 |
2032d |
af58e7ee6a8d
xdp: Fix race in dev_map_hash_update_elem() when replacing element
|
WARNING in __mark_chain_precision (2)
bpf
|
C |
done |
|
18 |
2061d |
2080d
|
13/28 |
2039d |
2339cd6cd0b5
bpf: fix precision tracking of stack slots
|
WARNING: suspicious RCU usage (4)
bpf
trace
|
C |
|
done |
1 |
2441d |
2440d
|
13/28 |
2044d |
865e63b04e9b
tracing: Add back in rcu_irq_enter/exit_irqson() for rcuidle tracepoints
|
WARNING: suspicious RCU usage in trace_call_bpf
bpf
trace
|
C |
|
done |
327 |
2422d |
2440d
|
13/28 |
2044d |
865e63b04e9b
tracing: Add back in rcu_irq_enter/exit_irqson() for rcuidle tracepoints
|
KASAN: use-after-free Read in psock_map_pop
bpf
|
C |
|
done |
204 |
2390d |
2433d
|
13/28 |
2044d |
5607fff30363
bpf: sockmap only allow ESTABLISHED sock state
|
KASAN: slab-out-of-bounds Read in sock_hash_ctx_update_elem
bpf
|
C |
|
done |
5 |
2474d |
2475d
|
13/28 |
2044d |
b845c898b2f1
bpf, sockmap: fix sock_hash_alloc and reject zero-sized keys
|
general protection fault in smap_list_hash_remove
bpf
|
C |
|
done |
52 |
2482d |
2501d
|
13/28 |
2044d |
99ba2b5aba24
bpf: sockhash, disallow bpf_tcp_close and update in parallel
|
WARNING in bpf_jit_free
bpf
|
C |
done |
|
21697 |
2071d |
2489d
|
12/28 |
2071d |
c751798aa224
bpf: fix use after free in prog symbol exposure
|
WARNING in bpf_prog_kallsyms_add
bpf
|
syz |
done |
done |
2 |
2114d |
2317d
|
12/28 |
2071d |
c751798aa224
bpf: fix use after free in prog symbol exposure
|
BUG: unable to handle kernel paging request in bpf_prog_kallsyms_find
bpf
|
syz |
done |
inconclusive |
3 |
2289d |
2363d
|
12/28 |
2071d |
c751798aa224
bpf: fix use after free in prog symbol exposure
|
BUG: unable to handle kernel paging request in bpf_prog_kallsyms_add
bpf
|
syz |
error |
|
234 |
2072d |
2433d
|
12/28 |
2071d |
c751798aa224
bpf: fix use after free in prog symbol exposure
|
KASAN: use-after-free Read in bpf_prog_kallsyms_del
bpf
|
syz |
done |
inconclusive |
3 |
2319d |
2398d
|
12/28 |
2071d |
c751798aa224
bpf: fix use after free in prog symbol exposure
|
KASAN: use-after-free Read in bpf_get_prog_name
bpf
|
|
|
|
1 |
2114d |
2114d
|
12/28 |
2071d |
c751798aa224
bpf: fix use after free in prog symbol exposure
|
WARNING in bpf_prog_kallsyms_find
bpf
|
C |
error |
|
5632 |
2071d |
2193d
|
12/28 |
2071d |
c751798aa224
bpf: fix use after free in prog symbol exposure
|
WARNING in is_bpf_text_address
bpf
|
C |
done |
|
104 |
2082d |
2149d
|
12/28 |
2071d |
c751798aa224
bpf: fix use after free in prog symbol exposure
|
KASAN: use-after-free Read in bpf_prog_kallsyms_add
bpf
|
syz |
error |
inconclusive |
120 |
2199d |
2433d
|
12/28 |
2071d |
c751798aa224
bpf: fix use after free in prog symbol exposure
|
BUG: unable to handle kernel paging request in __do_softirq
bpf
|
syz |
done |
done |
1 |
2151d |
2151d
|
12/28 |
2081d |
95fa145479fb
bpf: sockmap/tls, close can race with map free
|
BUG: unable to handle kernel paging request in tls_prots
net
bpf
|
syz |
done |
|
1 |
2144d |
2144d
|
12/28 |
2081d |
95fa145479fb
bpf: sockmap/tls, close can race with map free
|
possible deadlock in xsk_notifier
bpf
net
|
C |
done |
|
495 |
2120d |
2132d
|
12/28 |
2095d |
5464c3a0e9a0
xdp: fix potential deadlock on socket mutex
|
general protection fault in btf_array_resolve
bpf
|
C |
error |
|
109 |
2128d |
2151d
|
12/28 |
2104d |
e4f07120210a
bpf: fix NULL deref in btf_type_is_resolve_source_only
|
general protection fault in btf_struct_resolve
bpf
|
C |
error |
|
49 |
2128d |
2151d
|
12/28 |
2104d |
e4f07120210a
bpf: fix NULL deref in btf_type_is_resolve_source_only
|
KASAN: use-after-free Read in __dev_map_entry_free
bpf
net
|
C |
|
|
473 |
2234d |
2515d
|
12/28 |
2151d |
2baae3545327
bpf: devmap: fix use-after-free Read in __dev_map_entry_free
|
general protection fault in xsk_diag_dump
bpf
net
|
C |
|
|
5 |
2251d |
2257d
|
11/28 |
2234d |
915905f8b1d4
xsk: fix potential crash in xsk_diag_put_umem()
|
KASAN: use-after-free Read in bpf_cgroup_storage_release
bpf
|
C |
|
|
2 |
2471d |
2471d
|
11/28 |
2273d |
82c018d734a7
Merge branch 'bpf-cgroup-local-storage'
|
WARNING in __debug_object_init (3)
bpf
net
|
C |
|
|
1557 |
2384d |
2385d
|
11/28 |
2300d |
2cb494a36c98
bpf: add tests for direct packet access from CGROUP_SKB
|
KASAN: slab-out-of-bounds Write in queue_stack_map_push_elem
bpf
|
C |
|
|
30 |
2354d |
2357d
|
11/28 |
2345d |
813961de3ee6
bpf: fix integer overflow in queue_stack_map
|
WARNING in bpf_check (2)
bpf
|
C |
|
|
9 |
2367d |
2367d
|
11/28 |
2345d |
afd594240806
bpf: fix off-by-one error in adjust_subprog_starts
|
KASAN: slab-out-of-bounds Read in refcount_inc_not_zero_checked
bpf
net
|
|
|
|
2 |
2395d |
2396d
|
11/28 |
2369d |
5032d079909d
bpf: skmsg, fix psock create on existing kcm/tls port
|
BUG: sleeping function called from invalid context at net/core/dev.c:LINE
bpf
|
syz |
|
|
8 |
2396d |
2405d
|
11/28 |
2383d |
cee271678d0e
xsk: do not call synchronize_net() under RCU read lock
|
WARNING in pcpu_alloc
bpf
|
C |
|
|
4 |
2403d |
2411d
|
11/28 |
2402d |
b0584ea66d73
bpf: don't accept cgroup local storage with zero value size
|
WARNING: suspicious RCU usage in bpf_prog_array_copy_core
bpf
|
C |
|
|
22873 |
2446d |
2460d
|
8/28 |
2445d |
965931e3a803
bpf: fix a rcu usage warning in bpf_prog_array_copy_core()
|
KASAN: out-of-bounds Read in bpf_test_finish
bpf
net
|
|
|
|
9 |
2489d |
2496d
|
8/28 |
2467d |
6e6fddc78323
bpf: fix panic due to oob in bpf_prog_test_run_skb
|
WARNING: refcount bug in smap_release_sock
bpf
|
C |
|
|
55 |
2483d |
2521d
|
8/28 |
2467d |
7ebc14d507b4
bpf: sockmap, consume_skb in close path
547b3aa451ae
bpf: sockmap, error path can not release psock in multi-map case
|
KASAN: stack-out-of-bounds Read in bpf_tcp_close
bpf
|
C |
|
|
1 |
2486d |
2486d
|
8/28 |
2467d |
99ba2b5aba24
bpf: sockhash, disallow bpf_tcp_close and update in parallel
|
WARNING in bpf_check
bpf
|
|
|
|
3 |
2487d |
2493d
|
8/28 |
2467d |
c7a897843224
bpf: don't leave partial mangled prog in jit_subprogs error path
|
WARNING in do_debug (2)
bpf
|
|
|
|
1 |
2487d |
2487d
|
8/28 |
2467d |
99ba2b5aba24
bpf: sockhash, disallow bpf_tcp_close and update in parallel
|
KASAN: use-after-free Read in bpf_test_finish
bpf
net
|
C |
|
|
1211 |
2481d |
2496d
|
8/28 |
2467d |
6e6fddc78323
bpf: fix panic due to oob in bpf_prog_test_run_skb
|
WARNING in bpf_int_jit_compile
bpf
net
|
syz |
|
|
11 |
2503d |
2540d
|
8/28 |
2495d |
9facc336876f
bpf: reject any prog that failed read-only lock
|
possible deadlock in sock_hash_free
bpf
|
C |
|
|
45 |
2537d |
2537d
|
8/28 |
2495d |
e9db4ef6bf4c
bpf: sockhash fix omitted bucket lock in sock_close
|
WARNING: ODEBUG bug in sock_hash_free
bpf
|
|
|
|
1 |
2510d |
2509d
|
8/28 |
2495d |
e9db4ef6bf4c
bpf: sockhash fix omitted bucket lock in sock_close
|
KASAN: slab-out-of-bounds Read in bpf_csum_update
bpf
net
|
C |
|
|
2 |
2533d |
2531d
|
8/28 |
2495d |
58990d1ff3f7
bpf: reject passing modified ctx to helper functions
|
INFO: rcu detected stall in is_bpf_text_address
bpf
|
C |
|
|
1 |
2547d |
2547d
|
8/28 |
2495d |
1d88ba1ebb27
sctp: not allow transport timeout value less than HZ/5 for hb_timer
|
KASAN: use-after-free Read in bpf_skb_change_proto
bpf
net
|
|
|
|
1 |
2526d |
2525d
|
8/28 |
2495d |
58990d1ff3f7
bpf: reject passing modified ctx to helper functions
|
WARNING in bpf_prog_select_runtime
bpf
|
syz |
|
|
45 |
2520d |
2521d
|
8/28 |
2495d |
9facc336876f
bpf: reject any prog that failed read-only lock
|
KASAN: slab-out-of-bounds Read in bpf_skb_vlan_push
bpf
net
|
syz |
|
|
2 |
2522d |
2522d
|
8/28 |
2495d |
58990d1ff3f7
bpf: reject passing modified ctx to helper functions
|
KASAN: use-after-free Read in skb_ensure_writable
bpf
net
|
C |
|
|
4 |
2525d |
2531d
|
8/28 |
2495d |
58990d1ff3f7
bpf: reject passing modified ctx to helper functions
|
KASAN: use-after-free Read in bpf_tcp_close
bpf
|
C |
|
|
1748 |
2501d |
2540d
|
8/28 |
2495d |
e9db4ef6bf4c
bpf: sockhash fix omitted bucket lock in sock_close
|
BUG: unable to handle kernel paging request in bpf_prog_select_runtime
bpf
|
|
|
|
1 |
2511d |
2511d
|
8/28 |
2495d |
85782e037f8a
bpf: undo prog rejection on read-only lock failure
|
WARNING: kmalloc bug in xdp_umem_create
bpf
net
|
C |
|
|
7 |
2519d |
2525d
|
8/28 |
2495d |
a343993c518c
xsk: silence warning on memory allocation failure
|
KASAN: slab-out-of-bounds Read in bpf_skb_change_proto
bpf
net
|
C |
|
|
2 |
2525d |
2525d
|
8/28 |
2495d |
58990d1ff3f7
bpf: reject passing modified ctx to helper functions
|
KASAN: slab-out-of-bounds Read in skb_ensure_writable
bpf
net
|
C |
|
|
9 |
2522d |
2531d
|
8/28 |
2495d |
58990d1ff3f7
bpf: reject passing modified ctx to helper functions
|
KASAN: use-after-free Read in bpf_csum_update
bpf
net
|
C |
|
|
1 |
2533d |
2531d
|
8/28 |
2495d |
58990d1ff3f7
bpf: reject passing modified ctx to helper functions
|
BUG: unable to handle kernel paging request in bpf_int_jit_compile
bpf
net
|
syz |
|
|
2 |
2508d |
2511d
|
8/28 |
2495d |
85782e037f8a
bpf: undo prog rejection on read-only lock failure
|
KASAN: use-after-free Write in bpf_tcp_close
bpf
|
C |
|
|
67 |
2503d |
2538d
|
8/28 |
2495d |
e9db4ef6bf4c
bpf: sockhash fix omitted bucket lock in sock_close
|
general protection fault in bpf_tcp_close
bpf
|
C |
|
|
421 |
2496d |
2540d
|
8/28 |
2495d |
e9db4ef6bf4c
bpf: sockhash fix omitted bucket lock in sock_close
54fedb42c653
bpf: sockmap, fix smap_list_map_remove when psock is in many maps
|
KASAN: slab-out-of-bounds Read in bpf_skb_change_head
bpf
net
|
C |
|
|
2 |
2521d |
2521d
|
8/28 |
2495d |
58990d1ff3f7
bpf: reject passing modified ctx to helper functions
|
WARNING: kmalloc bug in map_get_next_key
bpf
|
C |
|
|
5 |
2549d |
2550d
|
8/28 |
2495d |
683d2ac3904c
bpf: fix sock hashmap kmalloc warning
|
KASAN: null-ptr-deref Write in xdp_umem_unaccount_pages
bpf
net
|
C |
|
|
25 |
2524d |
2527d
|
8/28 |
2495d |
c09290c56376
bpf, xdp: fix crash in xdp_umem_unaccount_pages
|
WARNING: kmalloc bug in memdup_user (3)
bpf
|
C |
|
|
137 |
2549d |
2550d
|
8/28 |
2495d |
683d2ac3904c
bpf: fix sock hashmap kmalloc warning
|
possible deadlock in bpf_tcp_close
bpf
|
C |
|
|
152 |
2537d |
2538d
|
8/28 |
2495d |
e9db4ef6bf4c
bpf: sockhash fix omitted bucket lock in sock_close
|
possible deadlock in perf_event_detach_bpf_prog
bpf
trace
|
|
|
|
1 |
2598d |
2597d
|
5/28 |
2557d |
3a38bb98d9ab
bpf/tracing: fix a deadlock in perf_event_detach_bpf_prog
|
WARNING: kmalloc bug in bpf_prog_array_copy_info
bpf
|
C |
|
|
4424 |
2628d |
2641d
|
4/28 |
2628d |
9c481b908b01
bpf: fix bpf_prog_array_copy_to_user warning from perf event prog query
|
general protection fault in SyS_bpf (2)
bpf
|
C |
|
|
1065 |
2628d |
2642d
|
4/28 |
2628d |
952fad8e3239
bpf: fix sock_map_alloc() error path
|
WARNING in kvmalloc_node
bpf
net
|
C |
|
|
513 |
2635d |
2641d
|
4/28 |
2628d |
7fc17e909edf
bpf: cpumap: use GFP_KERNEL instead of GFP_ATOMIC in __cpu_map_entry_alloc()
|
WARNING: kmalloc bug in cpu_map_update_elem
bpf
net
|
C |
|
|
2677 |
2628d |
2640d
|
4/28 |
2628d |
7fc17e909edf
bpf: cpumap: use GFP_KERNEL instead of GFP_ATOMIC in __cpu_map_entry_alloc()
|
general protection fault in ___bpf_prog_run
bpf
|
C |
|
|
8 |
2648d |
2655d
|
4/28 |
2642d |
65073a67331d
bpf: fix null pointer deref in bpf_prog_test_run_xdp
|
general protection fault in trie_get_next_key
bpf
|
C |
|
|
3 |
2660d |
2660d
|
4/28 |
2653d |
6dd1ec6c7a2c
bpf: fix kernel page fault in lpm map trie_get_next_key
|
KASAN: use-after-free Read in __bpf_prog_put
bpf
|
|
|
|
1 |
2675d |
2675d
|
4/28 |
2654d |
bbeb6e4323da
bpf, array: fix overflow in max_entries and undefined behavior in index_mask
|
BUG: unable to handle kernel paging request in check_memory_region
bpf
|
C |
|
|
10 |
2670d |
2673d
|
4/28 |
2654d |
bbeb6e4323da
bpf, array: fix overflow in max_entries and undefined behavior in index_mask
|
KASAN: use-after-free Read in map_lookup_elem
bpf
|
C |
|
|
6 |
2669d |
2673d
|
4/28 |
2654d |
bbeb6e4323da
bpf, array: fix overflow in max_entries and undefined behavior in index_mask
|
BUG: sleeping function called from invalid context at mm/slab.h:LINE (2)
bpf
|
|
|
|
2 |
2663d |
2663d
|
4/28 |
2654d |
2310035fa03f
bpf: fix incorrect kmalloc usage in lpm_trie MAP_GET_NEXT_KEY rcu region
|
general protection fault in free_verifier_state (2)
bpf
|
C |
|
|
2 |
2678d |
2678d
|
4/28 |
2654d |
5896351ea936
bpf: fix verifier GPF in kmalloc failure path
|
suspicious RCU usage at ./include/linux/rcupdate.h:LINE (3)
bpf
|
C |
|
|
5087 |
2655d |
2664d
|
4/28 |
2654d |
2310035fa03f
bpf: fix incorrect kmalloc usage in lpm_trie MAP_GET_NEXT_KEY rcu region
|
suspicious RCU usage at mm/slab.h:LINE
bpf
|
|
|
|
1 |
2663d |
2663d
|
4/28 |
2654d |
2310035fa03f
bpf: fix incorrect kmalloc usage in lpm_trie MAP_GET_NEXT_KEY rcu region
|
general protection fault in copy_verifier_state
bpf
|
C |
|
|
2 |
2687d |
2683d
|
4/28 |
2654d |
5896351ea936
bpf: fix verifier GPF in kmalloc failure path
|
WARNING in xdp_rxq_info_unreg
bpf
net
|
C |
|
|
198 |
2663d |
2663d
|
4/28 |
2654d |
c13da21cdb80
tun: avoid calling xdp_rxq_info_unreg() twice
|
KASAN: slab-out-of-bounds Read in map_lookup_elem
bpf
|
C |
|
|
6 |
2670d |
2673d
|
4/28 |
2663d |
bbeb6e4323da
bpf, array: fix overflow in max_entries and undefined behavior in index_mask
|
general protection fault in __bpf_map_put
bpf
|
C |
|
|
331 |
2669d |
2676d
|
4/28 |
2664d |
bbeb6e4323da
bpf, array: fix overflow in max_entries and undefined behavior in index_mask
|
WARNING in adjust_ptr_min_max_vals
bpf
|
C |
|
|
252 |
2666d |
2683d
|
4/28 |
2664d |
6f16101e6a8b
bpf: mark dst unknown on inconsistent {s, u}bounds adjustments
|
KASAN: slab-out-of-bounds Read in perf_event_fd_array_release
bpf
|
C |
|
|
96 |
2669d |
2676d
|
4/28 |
2664d |
bbeb6e4323da
bpf, array: fix overflow in max_entries and undefined behavior in index_mask
|
KASAN: slab-out-of-bounds Read in bpf_fd_array_map_lookup_elem
bpf
|
|
|
|
7 |
2670d |
2675d
|
4/28 |
2664d |
bbeb6e4323da
bpf, array: fix overflow in max_entries and undefined behavior in index_mask
|
KASAN: use-after-free Write in array_map_update_elem
bpf
|
C |
|
|
11 |
2669d |
2671d
|
4/28 |
2664d |
bbeb6e4323da
bpf, array: fix overflow in max_entries and undefined behavior in index_mask
|
general protection fault in __bpf_prog_put
bpf
|
C |
|
|
212 |
2669d |
2676d
|
4/28 |
2664d |
bbeb6e4323da
bpf, array: fix overflow in max_entries and undefined behavior in index_mask
|
KASAN: use-after-free Read in bpf_fd_array_map_lookup_elem
bpf
|
|
|
|
21 |
2669d |
2675d
|
4/28 |
2664d |
bbeb6e4323da
bpf, array: fix overflow in max_entries and undefined behavior in index_mask
|
KASAN: slab-out-of-bounds Write in array_map_update_elem
bpf
|
C |
|
|
6 |
2671d |
2671d
|
4/28 |
2664d |
bbeb6e4323da
bpf, array: fix overflow in max_entries and undefined behavior in index_mask
|
BUG: unable to handle kernel paging request in bpf_fd_array_map_lookup_elem
bpf
|
|
|
|
5 |
2669d |
2673d
|
4/28 |
2664d |
bbeb6e4323da
bpf, array: fix overflow in max_entries and undefined behavior in index_mask
|
general protection fault in cgroup_fd_array_put_ptr
bpf
|
C |
|
|
219 |
2669d |
2676d
|
4/28 |
2664d |
bbeb6e4323da
bpf, array: fix overflow in max_entries and undefined behavior in index_mask
|
WARNING in ___bpf_prog_run
bpf
|
C |
|
|
28 |
2669d |
2675d
|
4/28 |
2664d |
7891a87efc71
bpf: arsh is not supported in 32 bit alu thus reject it
|
BUG: unable to handle kernel paging request in fd_array_map_delete_elem
bpf
|
|
|
|
11 |
2669d |
2676d
|
4/28 |
2664d |
bbeb6e4323da
bpf, array: fix overflow in max_entries and undefined behavior in index_mask
|
BUG: unable to handle kernel paging request in __bpf_map_put
bpf
|
|
|
|
1 |
2673d |
2672d
|
4/28 |
2664d |
bbeb6e4323da
bpf, array: fix overflow in max_entries and undefined behavior in index_mask
|
divide error in ___bpf_prog_run
bpf
|
C |
|
|
28 |
2666d |
2673d
|
4/28 |
2664d |
68fda450a7df
bpf: fix 32-bit divide by zero
|
general protection fault in free_verifier_state
bpf
|
C |
|
|
2 |
2696d |
2696d
|
3/28 |
2690d |
8c01c4f896aa
bpf: fix verifier NULL pointer dereference
|
general protection fault in bpf_check
bpf
|
|
|
|
3 |
2740d |
2745d
|
3/28 |
2719d |
8c01c4f896aa
bpf: fix verifier NULL pointer dereference
|