syzbot

 sign-in | mailing list | source | docs | 🏰
🐞 Open [1347]
Subsystems
🐞 Fixed [7127]
🐞 Invalid [18864]
Missing Backports [220]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
✨ AI
💬 Send us feedback

Applied filters: NoSubsystem=true (drop)
Extra filters: [With Repro]
Title Rank 🛈 Repro Cause bisect Fix bisect Count Last Reported Patched Closed Patch
WARNING: possible circular locking dependency detected (5) -1 C 1 260d 260d 29/29 216d 9f7c02e03157 nbd: restrict sockets to TCP and UDP
upstream build error (23) -1 46 307d 308d 29/29 271d f627b51aaa04 compiler_types: Provide __no_kstack_erase to disable coverage only on Clang
riscv/fixes test error: can't ssh into the instance -1 48 637d 655d 28/29 588d 1ff95eb2bebd riscv: Fix RISCV_ALTERNATIVE_EARLY
riscv/fixes boot error: can't ssh into the instance (3) -1 210 742d 796d 25/29 740d f5c12105c15f mm,page_owner: fix refcount imbalance
upstream boot error: can't ssh into the instance (16) -1 415 822d 874d 25/29 799d f6564fce256a mm, kmsan: fix infinite recursion due to RCU critical section
riscv/fixes boot error: failed to read from qemu: EOF -1 54 908d 917d 25/29 852d 420370f3ae3d riscv: Check if the code to patch lies in the exit section
KASAN: use-after-free Read in j1939_session_get_by_addr 19 C done error 66 2389d 2401d 25/29 872d d966635b384b can: j1939: transport: make sure the aborted session will be deactivated only once
riscv/fixes boot error: can't ssh into the instance (2) -1 109 1091d 1097d 23/29 1064d 25abe0db9243 riscv: Fix kfence now that the linear mapping can be backed by PUD/P4D/PGD
kernel BUG in vmf_insert_pfn_prot -1 C done done 1933 1115d 1719d 22/29 1084d a5b44c4adb16 drm/fbdev-generic: Always use shadow buffering
unregister_netdevice: waiting for DEV to become free (7) 2 C inconclusive 20422 1090d 1292d 22/29 1090d 266e9b3475ba RDMA/siw: Remove namespace check from siw_netdev_event()
INFO: task hung in tcindex_partial_destroy_work 1 C done unreliable 84 1937d 2073d 22/29 1090d 8c710f75256b net/sched: Retire tcindex classifier
WARNING: fbcon: Driver 'vkmsdrmfb' missed to adjust virtual screen size (0x0 vs. 64x768) -1 C unreliable error 24 1422d 1422d 22/29 1090d 1935f0deb611 drm/fb-helper: set x/yres_virtual in drm_fb_helper_check_var
WARNING: can't access registers at entry_SYSCALL_64_after_hwframe -1 C 15 1197d 1202d 22/29 1090d 00c8f01c4e84 objtool: Fix ORC 'signal' propagation
WARNING in j1939_xtp_rx_abort_one -1 C done 379 1225d 1763d 22/29 1090d d0553680f94c can: j1939: fix errant WARN_ON_ONCE in j1939_session_deactivate
upstream-arm64 build error -1 11 1198d 1201d 22/29 1090d d54170812ef1 arm64: fix .idmap.text assertion for large kernels
WARNING in submit_bio_checks -1 C done unreliable 1851 1533d 2152d 22/29 1142d 57e95e4670d1 block: fix and cleanup bio_check_ro
KASAN: use-after-free Read in hci_cmd_timeout 19 C done error 371 1271d 2583d 22/29 1147d 97dfaf073f58 Bluetooth: hci_sync: cancel cmd_timer if hci_open failed
WARNING in __dev_queue_xmit -1 C done 16774 1194d 1408d 22/29 1194d dc633700f00f net/af_packet: check len when min_header_len equals to 0 b12e924a2f5b net/ieee802154: don't warn zero-sized raw_sendmsg() 3a4d061c699b net/ieee802154: reject zero-sized raw_sendmsg()
INFO: task hung in addrconf_verify_work (6) 1 C done 86 1198d 1435d 22/29 1194d ff1fa2081d17 net: tun: avoid disabling NAPI twice
KASAN: use-after-free Read in drm_gem_object_release_handle 19 C done 362 1275d 1659d 22/29 1194d 24013314be6e drm/shmem-helper: Remove errant put in error path
KASAN: slab-out-of-bounds Read in vxlan_vnifilter_dump_dev 19 C done 30 1524d 1525d 22/29 1194d 9d570741aec1 vxlan: do not feed vxlan_vnifilter_dump_dev with non vxlan devices
WARNING in bpf_check (3) -1 C done done 1736 1339d 2273d 22/29 1194d 34dd3bad1a6f bpf: Relax the requirement to use preallocated hash maps in tracing progs.
BUG: sleeping function called from invalid context in static_key_slow_inc 5 C done 82 1281d 1293d 22/29 1194d af295e854a4e l2tp: Don't sleep and disable BH under writer-side sk_callback_lock
KASAN: use-after-free Read in ath9k_hif_usb_rx_cb (2) 19 C done 48810 1391d 2024d 22/29 1194d 0ac4827f78c7 ath9k: fix use-after-free in ath9k_hif_usb_rx_cb
KASAN: use-after-free Read in madvise_update_vma 19 C done 38 1558d 1576d 22/29 1194d 942341dcc574 mm: fix use-after-free when anon vma name is used after vma is freed
BUG: sleeping function called from invalid context in sk_psock_stop 5 C done 232 1394d 1453d 22/29 1194d 697fb80a5364 bpf: Fix sockmap calling sleepable function in teardown path
WARNING in __dma_map_sg_attrs -1 C inconclusive 65 1394d 1644d 22/29 1194d 9e9fa6a9198b udmabuf: Set the DMA mask for the udmabuf device (v2)
possible deadlock in p9_req_put 4 C done 2815 1303d 1394d 22/29 1194d 52f1c45dde91 9p: trans_fd/p9_conn_cancel: drop client lock earlier
WARNING in pskb_expand_head -1 C done done 222 1308d 1955d 22/29 1194d dbae2b062824 net: skb: introduce and use a single page frag cache
KASAN: use-after-free Read in __kernfs_remove 19 C done 3985 1333d 1377d 22/29 1194d 4abc99652812 kernfs: fix use-after-free in __kernfs_remove
INFO: task hung in synchronize_rcu (3) 1 C done done 374 1203d 2141d 22/29 1194d 2d08935682ac KVM: x86: Don't re-acquire SRCU lock in complete_emulated_io()
WARNING: suspicious RCU usage (5) -1 C done 1 1450d 1446d 20/29 1439d f4e61f0c9add x86/kvm: Fix broken irq restoration in kvm_wait
WARNING in drm_gem_shmem_vm_open -1 syz done done 38 1613d 1748d 20/29 1481d 0499f419b76f video: vga16fb: Only probe for EGA and VGA 16 color graphic cards
INFO: task hung in usb_get_descriptor 1 C done done 4149 1543d 2065d 20/29 1481d 363eaa3a450a usbip: synchronize event handler with sysfs code paths
WARNING in cgroup_finalize_control -1 syz done done 9 1685d 2213d 20/29 1547d 7ee285395b21 cgroup: Make rebind_subsystems() disable v2 controllers all at once
WARNING in ref_tracker_dir_exit -1 C done 16271 1603d 1631d 20/29 1547d 34ac17ecbf57 ethtool: use ethnl_parse_header_dev_put()
WARNING in sta_info_insert_rcu -1 C done done 2533 1640d 2077d 20/29 1547d a6555f844549 mac80211: Drop frames from invalid MAC address in ad-hoc mode
WARNING in loop_add -1 C done error 64 1662d 2475d 20/29 1547d 278167fd2f8f block: add __must_check for *add_disk*() callers
kernel BUG at net/core/dev.c:LINE! (4) -1 C done done 432 1630d 2018d 20/29 1547d f123cffdd8fe net: netlink: af_netlink: Prevent empty skb by adding a check on len.
WARNING in bpf_warn_invalid_xdp_action -1 C done done 8941 1603d 2323d 20/29 1547d 2cbad989033b bpf: Do not WARN in bpf_warn_invalid_xdp_action()
unregister_netdevice: waiting for DEV to become free (6) 2 C error 13128 1547d 1665d 20/29 1547d 34ac17ecbf57 ethtool: use ethnl_parse_header_dev_put()
BUG: unable to handle kernel NULL pointer dereference in bpf 10 C done 753 1604d 1676d 20/29 1547d ad10c381d133 bpf: Add missing map_delete_elem method to bloom filter map
unregister_netdevice: waiting for DEV to become free (5) 2 C done 40035 1665d 1910d 20/29 1665d 0d7a7b2014b1 ipv6: remove extra dev_hold() for fallback tunnels
WARNING in taprio_change -1 C done 746 1851d 2087d 20/29 1665d ed8157f1ebf1 net: sched: tapr: prevent cycle_time == 0 in parse_taprio_schedule
WARNING in netlbl_cipsov4_add -1 C inconclusive 4433 1729d 1928d 20/29 1665d 8ca34a13f7f9 net: cipso: fix warnings in netlbl_cipsov4_add_std
WARNING in cfg80211_connect -1 C done 2320 1879d 2070d 20/29 1665d 1b5ab825d9ac cfg80211: remove WARN_ON() in cfg80211_sme_connect
BUG: unable to handle kernel paging request in corrupted (3) 8 C done 45 1674d 1842d 20/29 1665d 7a274727702c io_uring: don't modify req->poll for rw
possible deadlock in loop_probe 4 C done 20656 1787d 1812d 20/29 1665d 962bf783ef65 mtd: break circular locks in register_mtd_blktrans
linux-next build error (12) -1 63 1792d 1891d 20/29 1665d 7aae231ac93b bpf: tcp: Limit calling some tcp cc functions to CONFIG_DYNAMIC_FTRACE
WARNING: suspicious RCU usage in bond_ipsec_add_sa (2) 4 C done 540 1793d 2080d 20/29 1665d b648eba4c69e bonding: fix suspicious RCU usage in bond_ipsec_add_sa()
linux-next test error: unregister_netdevice: waiting for DEV to become free -1 2 1889d 1889d 20/29 1665d 0d7a7b2014b1 ipv6: remove extra dev_hold() for fallback tunnels
KASAN: slab-out-of-bounds Read in qrtr_endpoint_post (2) 17 C done 41 1767d 2132d 20/29 1665d ad9d24c9429e net: qrtr: fix OOB Read in qrtr_endpoint_post
net-next test error: unregister_netdevice: waiting for DEV to become free -1 18 1889d 1890d 20/29 1665d 0d7a7b2014b1 ipv6: remove extra dev_hold() for fallback tunnels
BUG: MAX_LOCKDEP_ENTRIES too low! -1 C done 179076 1851d 2542d 20/29 1665d 5dc33592e955 lockdep: Allow tuning tracing capacity constants.
possible deadlock in del_gendisk 4 C done 158215 1728d 1876d 20/29 1665d 990e78116d38 block: loop: fix deadlock between open and remove
memory leak in rds_send_probe 3 C done 27 1963d 2506d 20/29 1665d 49bfcbfd989a net: rds: fix memory leak in rds_recvmsg
WARNING: still has locks held in io_sq_thread 4 C done 8689 1877d 1891d 20/29 1665d 82734c5b1b24 io_uring: drop sqd lock before handling signals for SQPOLL
memory leak in h4_recv_buf 3 C done 21 1775d 2535d 20/29 1665d bb2853a6a421 tty: Fix data race between tiocsti() and flush_to_ldisc()
WARNING in sta_info_alloc -1 C done done 145 1812d 2065d 20/29 1665d 0ee4d55534f8 mac80211: remove warning in ieee80211_get_sband()
WARNING: ODEBUG bug in cancel_delayed_work -1 C done 3384 1682d 2132d 20/29 1665d 3a9d54b1947e Bluetooth: Set CONF_NOT_COMPLETE as l2cap_chan default
possible deadlock in console_lock_spinning_enable 4 C done 1693 1665d 2539d 20/29 1665d c0070e1e6027 ttyprintk: Add TTY hangup callback.
WARNING in hsr_forward_skb -1 C done done 1310 1880d 2708d 20/29 1665d 9d6803921a16 net: hsr: Reset MAC header for Tx path
INFO: task hung in hub_port_init 1 C done 15888 1666d 2065d 20/29 1665d 258c81b341c8 usbip: give back URBs for unsent unlink requests during cleanup
net-next build error (3) -1 7 1944d 1940d 20/29 1880d 9c97921a51a0 net: fix building errors on powerpc when CONFIG_RETPOLINE is not set
INFO: task hung in addrconf_verify_work (4) 1 C done 132 1928d 2015d 20/29 1880d d349f9976868 net_sched: fix RTNL deadlock again caused by request_module()
general protection fault in rose_send_frame 2 C done done 664 2020d 2700d 19/29 1910d 3b3fd068c56e rose: Fix Null pointer dereference in rose_send_frame()
WARNING: HARDIRQ-safe -> HARDIRQ-unsafe lock order detected (2) -1 C done 640 1974d 2092d 19/29 1910d 8d1ddb5e7937 fcntl: Fix potential deadlock in send_sig{io, urg}()
WARNING: filesystem loop2 was created with 512 inodes, the real maximum is 511, mounting anyway -1 2 2024d 2019d 19/29 1910d dc889b8d4a81 bfs: don't use WARNING: string when it's just info.
KASAN: null-ptr-deref Write in bdi_put 12 C done done 601 1967d 2001d 19/29 1910d 2d2f6f1b4799 block: pre-initialize struct block_device in bdev_alloc_inode
kernel BUG at net/core/skbuff.c:LINE! (3) -1 C done 4399 1926d 3043d 19/29 1910d afbc293add64 af_key: relax availability checks for skb size calculation
unregister_netdevice: waiting for DEV to become free (4) 2 C done 50394 1910d 2113d 19/29 1910d 5399d52233c4 rxrpc: Fix deadlock around release of dst cached on udp tunnel
WARNING: filesystem loop5 was created with 512 inodes, the real maximum is 511, mounting anyway -1 2 2017d 2013d 19/29 1910d dc889b8d4a81 bfs: don't use WARNING: string when it's just info.
WARNING: filesystem loop1 was created with 512 inodes, the real maximum is 511, mounting anyway -1 4 2024d 2073d 19/29 1910d dc889b8d4a81 bfs: don't use WARNING: string when it's just info.
general protection fault in call_commit_handler 2 C done 428 1967d 2048d 19/29 1910d 5122565188ba wext: fix NULL-ptr-dereference with cfg80211's lack of commit()
WARNING: filesystem loop3 was created with 512 inodes, the real maximum is 511, mounting anyway -1 3 2009d 2077d 19/29 1910d dc889b8d4a81 bfs: don't use WARNING: string when it's just info.
WARNING: filesystem loop4 was created with 512 inodes, the real maximum is 511, mounting anyway -1 3 2024d 2019d 19/29 1910d dc889b8d4a81 bfs: don't use WARNING: string when it's just info.
upstream build error (11) -1 25 1967d 2043d 15/29 1967d f78f63da916e mm/process_vm_access: Add missing #include <linux/compat.h>
BUG: MAX_LOCKDEP_CHAIN_HLOCKS too low! -1 C done error 25236 2205d 2645d 15/29 2001d 1a33e10e4a95 net: partially revert dynamic lockdep key changes
BUG: using __this_cpu_read() in preemptible code in trace_hardirqs_on 4 C done 502745 2026d 2058d 15/29 2024d f8e48a3dca06 lockdep: Fix preemption WARN for spurious IRQ-enable
INFO: trying to register non-static key in uhid_char_release -1 C done done 26 2101d 2278d 15/29 2024d bce1305c0ece HID: core: Correctly handle ReportSize being zero
kernel panic: Fatal exception (3) 2 C done 2 2058d 2057d 15/29 2024d eadd1befdd77 netem: fix zero division in tabledist
WARNING in print_bfs_bug -1 C done 14759 2056d 2408d 15/29 2024d 6d1823ccc480 lockdep: Optimize the memory usage of circular queue
INFO: task hung in io_uring_setup 1 C done 51 2093d 2098d 15/29 2024d 7e84e1c7566a io_uring: allow disabling rings during the creation
INFO: task hung in addrconf_verify_work (3) 1 C done 75 2037d 2071d 15/29 2024d 0fedc63fadf0 net_sched: commit action insertions together
WARNING: ODEBUG bug in exit_to_user_mode_prepare -1 C done done 27 2098d 2104d 15/29 2024d 77f4689de17c fix regression in "epoll: Keep a reference on files added to the check list"
possible deadlock in _snd_pcm_stream_lock_irqsave 4 C done 997 2055d 2092d 15/29 2024d 6564d0ad67ef ALSA: ctl: Workaround for lockdep warning wrt card->ctl_files_rwlock
WARNING in percpu_ref_exit (2) -1 C done done 272 2060d 2355d 15/29 2024d c1e2148f8ecb io_uring: free fixed_file_data after RCU grace period
bpf-next test error: BUG: program execution failed: executor 0: exit status 67 -1 12 2056d 2056d 15/29 2024d d25e2e9388ed netfilter: restore NF_INET_NUMHOOKS
INFO: task hung in htable_put 1 C done done 29 2296d 2350d 15/29 2024d 99b79c3900d4 netfilter: xt_hashlimit: unregister proc file before releasing mutex
WARNING: refcount bug in l2cap_chan_put 13 C inconclusive done 13 2126d 2290d 15/29 2024d b83764f9220a Bluetooth: Fix kernel oops triggered by hci_adv_monitors_clear()
KASAN: global-out-of-bounds Read in vga16fb_imageblit 17 C done 1071 2088d 2373d 15/29 2061d bd018a6a75ce video: fbdev: fix OOB read in vga_8planes_imageblit()
INFO: rcu detected stall in ext4_file_write_iter 1 C inconclusive done 93 2121d 2653d 15/29 2076d 7e24969022cb block: allow for_each_bvec to support zero len bvec
WARNING in restore_regulatory_settings -1 C done 10414 2094d 2339d 15/29 2076d 47caf685a685 cfg80211: regulatory: reject invalid hints
kernel BUG at mm/hugetlb.c:LINE! -1 C done error 10 2135d 2248d 15/29 2085d 15568299b7d9 hugetlbfs: prevent filesystem stacking of hugetlbfs
WARNING in ptrace_stop -1 C done 1413 2136d 2140d 15/29 2085d d136122f5845 sched: Fix race against ptrace_freeze_trace()
general protection fault in do_con_write 2 C done 10703 2137d 2372d 15/29 2085d ce684552a266 vt: Reject zero-sized screen buffer size.
WARNING in inc_nlink -1 C done 26 2151d 2254d 15/29 2085d facb03dddec0 fs/minix: don't allow getting deleted inodes
KASAN: use-after-free Read in get_block 19 C done 23 2151d 2228d 15/29 2085d 270ef41094e9 fs/minix: reject too-large maximum file size
KASAN: use-after-free Read in l2cap_chan_close 19 C done 37 2126d 2307d 15/29 2085d f9c70bdc279b Bluetooth: add a mutex lock to avoid UAF in do_enale_set
WARNING in vkms_vblank_simulate -1 C done 12903 2091d 2668d 15/29 2085d 51f644b40b4b drm/atomic-helper: reset vblank on crtc reset
WARNING in hsr_addr_subst_dest -1 C done done 8639 2251d 2708d 15/29 2114d 4b793acdca00 hsr: use netdev_err() instead of WARN_ONCE()
BUG: unable to handle kernel paging request in netif_receive_generic_xdp 8 C done done 160 2190d 2326d 15/29 2136d 96aa1b22bd6b tun: correct header offsets in napi frags mode
BUG: using smp_processor_id() in preemptible [ADDR] code: syz-executor 4 C done 22297 2191d 2530d 15/29 2146d 1378817486d6 tipc: block BH before using dst_cache
KASAN: null-ptr-deref Write in choke_reset 12 C done 1441 2202d 2235d 15/29 2146d 8738c85c72b3 sch_choke: avoid potential panic in choke_reset()
WARNING in memtype_reserve -1 C done 600 2207d 2215d 15/29 2146d a0e710a7def4 USB: usbfs: fix mmap dma mismatch
BUG: unable to handle kernel paging request in do_xdp_generic 8 C done done 7444 2219d 2326d 15/29 2146d 96aa1b22bd6b tun: correct header offsets in napi frags mode
INFO: task syz-executor can't die for more than 143 seconds. (2) -1 C done 2512 2147d 2414d 15/29 2146d 566d136289dc pipe: Fix pipe_full() test in opipe_prep().
net-next test error: BUG: using smp_processor_id() in preemptible code in corrupted -1 4 2179d 2181d 15/29 2146d 811985365378 ext4: mballoc: Use this_cpu_read instead of this_cpu_ptr
net test error: BUG: using smp_processor_id() in preemptible code in corrupted -1 3 2177d 2179d 15/29 2146d 811985365378 ext4: mballoc: Use this_cpu_read instead of this_cpu_ptr
memory leak in bio_copy_user_iov 3 C done 34 2355d 2541d 15/29 2163d 3b7995a98ad7 block: fix memleak when __blk_rq_map_user_iov() is failed
KASAN: slab-out-of-bounds Write in tcindex_set_parms 21 C done 10 2255d 2277d 15/29 2214d 0d1c3530e1bd net_sched: keep alloc_hash updated after hash allocation
WARNING: bad unlock balance in ucma_event_handler 4 C done 143 2247d 2911d 15/29 2214d 7c11910783a1 RDMA/ucma: Put a lock around every call to the rdma_cm layer
WARNING: bad unlock balance in ucma_destroy_id 4 syz done 44 2281d 2835d 15/29 2214d 7c11910783a1 RDMA/ucma: Put a lock around every call to the rdma_cm layer
possible deadlock in free_ioctx_users (2) 4 C done 44 2244d 2251d 15/29 2214d 63f818f46af9 proc: Use a dedicated lock in struct pid
WARNING: ODEBUG bug in route4_change -1 C done 68 2251d 2275d 15/29 2214d ef299cc3fa1a net_sched: cls_route: remove the right filter from hashtable
KASAN: use-after-free Write in release_tty 22 C done 591 2251d 2373d 15/29 2214d ca4463bf8438 vt: vt_ioctl: fix VT_DISALLOCATE freeing in-use virtual console
INFO: task hung in hashlimit_mt_check_common 1 C done 20 2295d 2335d 15/29 2239d 8d0015a7ab76 netfilter: xt_hashlimit: limit the max size of hashtable c4a3922d2d20 netfilter: xt_hashlimit: reduce hashlimit_mutex scope for htable_put()
memory leak in dma_buf_ioctl 3 C done 129 2289d 2505d 15/29 2239d d1f37226431f dma-buf: free dmabuf->name in dma_buf_release()
KASAN: use-after-free Read in n_tty_receive_buf_common 19 C done 68 2294d 2370d 15/29 2239d 07e6124a1a46 vt: selection, close sel_buffer race
general protection fault in nf_flow_table_offload_setup 2 C done done 835 2293d 2326d 15/29 2239d a7da92c2c8a1 netfilter: flowtable: skip offload setup if disabled
KASAN: use-after-free Read in find_match 19 C done 142 2292d 2299d 15/29 2239d 44bfa9c5e5f0 net: rtnetlink: fix bugs in rtnl_alt_ifname()
unregister_netdevice: waiting for DEV to become free (3) 2 C 1864 2239d 2300d 15/29 2239d e34f1753eebc ethtool: limit bitset size
BUG: corrupted list in __nf_tables_abort 8 C done done 29 2320d 2327d 15/29 2268d eb014de4fd41 netfilter: nf_tables: autoload modules from the abort path
KASAN: slab-out-of-bounds Read in bitmap_ipmac_gc 17 C done done 70 2309d 2325d 15/29 2268d 32c72165dbd0 netfilter: ipset: use bitmap infrastructure completely
possible deadlock in wg_set_device 4 C done 33 2306d 2311d 15/29 2274d ec31c2676a10 wireguard: noise: reject peers with low order public keys
memory leak in kobject_set_name_vargs (2) 3 C done 47 2321d 2506d 15/29 2296d cb626bf566eb net-sysfs: Fix reference count leak
KASAN: slab-out-of-bounds Read in bitmap_port_gc 17 C done 197 2309d 2327d 15/29 2296d 32c72165dbd0 netfilter: ipset: use bitmap infrastructure completely
KASAN: slab-out-of-bounds Read in bitmap_ipmac_list 17 C done 108 2312d 2327d 15/29 2296d 32c72165dbd0 netfilter: ipset: use bitmap infrastructure completely
WARNING: refcount bug in cdev_get 13 C done 105 2337d 2478d 15/29 2296d 68faa679b8be chardev: Avoid potential use-after-free in 'chrdev_open()'
inconsistent lock state in rxrpc_put_client_conn 4 C done 18198 2304d 2310d 15/29 2296d 963485d436cc rxrpc: Fix call RCU cleanup using non-bh-safe locks
unregister_netdevice: waiting for DEV to become free (2) 2 C done 385621 2300d 2848d 15/29 2300d ddd9b5e3e765 net-sysfs: Call dev_hold always in rx_queue_add_kobject
general protection fault in j1939_sk_bind 2 syz done done 22 2375d 2401d 15/29 2300d 00d4e14d2e4c can: j1939: j1939_sk_bind(): take priv after lock is held
possible deadlock in mon_bin_vma_fault 4 C done 11427 2362d 2829d 15/29 2300d 19e6317d24c2 usb: mon: Fix a deadlock in usbmon between mmap and read
BUG: Bad rss-counter state (3) -1 C unreliable done 438 2500d 2966d 15/29 2314d 173d9d9fd3dd mm/huge_memory: splitting set mapping+index before unfreeze
possible deadlock in flush_workqueue (2) 4 C done done 256 2348d 2782d 15/29 2314d e7c58097793e hugetlbfs: revert "Use i_mmap_rwsem to fix page fault/truncate race"
KASAN: use-after-free Read in __queue_work (2) 19 C done done 577 2532d 2885d 15/29 2337d 430ac66eb4c5 net/9p/trans_fd.c: fix race-condition by flushing workqueue before the kfree()
KASAN: slab-out-of-bounds Write in pipe_write 21 C done 40 2369d 2374d 15/29 2337d 8f868d68d335 pipe: Fix missing mask update after pipe_wait()
WARNING in tty_set_termios -1 C done done 1997 2497d 2697d 15/29 2337d b36a1552d731 Bluetooth: hci_uart: check for missing tty operations
general protection fault in j1939_jsk_del 2 syz done 132 2377d 2401d 14/29 2377d fd81ebfe7975 can: j1939: socket: rework socket locking for j1939_sk_release() and j1939_sk_sendmsg()
INFO: task hung in synchronize_rcu 1 syz done 1206 2377d 2403d 14/29 2377d 8a44119a98be KVM: Fix NULL-ptr deref after kvm_create_vm fails
WARNING: suspicious RCU usage in kvm_dev_ioctl 4 C done 333 2393d 2403d 14/29 2377d e2d3fcaf939d KVM: fix placement of refcount initialization
INFO: task hung in mpage_prepare_extent_to_map 1 syz done 18606 2401d 2409d 14/29 2377d 4655e5e5f387 mm,thp: recheck each page before collapsing file THP
WARNING in generic_make_request_checks -1 C done 7760 2378d 2854d 13/29 2378d 8b2ded1c94c0 block: don't warn when doing fsync on read-only devices
memory leak in copy_net_ns 3 C done 422 2405d 2443d 13/29 2383d 82ecff655e79 keys: Fix memory leak in copy_net_ns
general protection fault in kernfs_add_one 2 C done 98 2492d 2816d 13/29 2384d ac43432cb1f5 driver core: Fix use-after-free and double free on glue directory
WARNING in kernfs_get -1 C done 316 2493d 2822d 13/29 2386d ac43432cb1f5 driver core: Fix use-after-free and double free on glue directory
INFO: task hung in vivid_stop_generating_vid_cap 1 C done done 81 2770d 2773d 13/29 2395d d65842f7126a media: vb2: add waiting_in_dqbuf flag
memory leak in llc_ui_create (2) 3 C done 19 2418d 2538d 13/29 2402d c6ee11c39fcc llc: fix sk_buff leak in llc_sap_state_process()
BUG: assuming atomic context at net/kcm/kcmsock.c:LINE -1 C done 178 2438d 2444d 13/29 2421d 0355d6c1d591 net-backports: kcm: disable preemption in kcm_parse_func_strparser()
WARNING: suspicious RCU usage in netem_enqueue 4 C done 16 2440d 2454d 13/29 2421d 159d2c7d8106 net-backports: sch_netem: fix rcu splat in netem_enqueue()
general protection fault in __apic_accept_irq 2 C done 69 2450d 2462d 13/29 2421d a073d7e3ad68 KVM: hyperv: Fix Direct Synthetic timers assert an interrupt w/o lapic_in_kernel
BUG: MAX_STACK_TRACE_ENTRIES too low! (2) -1 C done 5045 2453d 2622d 13/29 2421d 12593b7467f9 locking/lockdep: Reduce space occupied by stack traces
general protection fault in qdisc_put 2 C done 60 2449d 2459d 13/29 2421d 6efb971ba8ed net_sched: let qdisc_put() accept NULL pointer
INFO: rcu detected stall in addrconf_dad_work 1 C done 126 2452d 2457d 13/29 2428d d4d6ec6dac07 sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero
INFO: rcu detected stall in br_handle_frame 1 C done 341 2451d 2457d 13/29 2428d d4d6ec6dac07 sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero
INFO: rcu detected stall in mld_ifc_timer_expire 1 C done 152 2451d 2459d 13/29 2428d d4d6ec6dac07 sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero
INFO: rcu detected stall in netlink_sendmsg (2) 1 C done 11 2452d 2458d 13/29 2428d d4d6ec6dac07 sch_hhf: ensure quantum and hhf_non_hh_weight are non-zero
WARNING: refcount bug in nr_insert_socket 13 C done 55 2495d 2520d 13/29 2433d 4638faac0327 netrom: hold sock when setting skb->destructor
KASAN: null-ptr-deref Write in rxrpc_unuse_local 12 C done 4422 2485d 2489d 12/29 2461d 68553f1a6f74 rxrpc: Fix local refcounting
WARNING in smc_unhash_sk (2) -1 C done 1047 2471d 2607d 12/29 2471d cd2063604ea6 net/smc: avoid fallback in case of non-blocking connect
KASAN: slab-out-of-bounds Read in class_equal 17 syz done 45 2491d 2565d 12/29 2471d 95fa145479fb bpf: sockmap/tls, close can race with map free
general protection fault in tcf_ife_init 2 C done 72 2493d 2507d 12/29 2471d c8ec4632c6ac ife: error out when nla attributes are empty
general protection fault in tls_sk_proto_close 2 syz done 260 2471d 2503d 12/29 2471d 5d92e631b8be net/tls: partially revert fix transition through disconnect with close
WARNING in debug_check_no_obj_freed -1 C done 47 2471d 2539d 12/29 2471d f9cedf1a9b1c net/smc: do not schedule tx_work in SMC_CLOSED state
BUG: unable to handle kernel NULL pointer dereference in corrupted (4) 10 syz done done 1 2534d 2534d 12/29 2471d 95fa145479fb bpf: sockmap/tls, close can race with map free
kernel panic: corrupted stack end in corrupted 2 syz done 17 2491d 2539d 12/29 2471d 95fa145479fb bpf: sockmap/tls, close can race with map free
WARNING in __mark_chain_precision -1 C done 105 2485d 2521d 12/29 2484d b3b50f05dc50 bpf: fix precision bit propagation for BPF_ST instructions
kernel BUG at drivers/android/binder_alloc.c:LINE! (4) -1 C done 26 2533d 2541d 12/29 2493d bb4a2e48d510 binder: return errors from buffer copy functions
general protection fault in ovs_ct_exit 2 C done 9888 2535d 2540d 12/29 2493d b272a0ad7301 netns: restore ops before calling ops_exit_list
possible deadlock in userfaultfd_release 4 C done 137 2532d 2775d 12/29 2500d cbcfa130a911 fs/userfaultfd.c: disable irqs for fault_pending and event locks
WARNING: syz-executor still has locks held! -1 C done 233 2736d 2747d 12/29 2505d a72173ecfc67 Revert "exec: make de_thread() freezable"
general protection fault in __smc_diag_dump 2 syz done 309 2695d 2708d 12/29 2519d b03faa1fafc8 net/smc: postpone release of clcsock
KASAN: slab-out-of-bounds Read in rhashtable_walk_enter 17 C done 48 2568d 2572d 12/29 2534d 526f5b851a96 tipc: fix modprobe tipc failed after switch order of device registration
KASAN: use-after-free Read in napi_gro_frags 19 C done 16 2559d 2561d 12/29 2541d a4270d6795b0 net-gro: fix use-after-free read in napi_gro_frags()
BUG: using __this_cpu_read() in preemptible code in ip6_finish_output 4 C done 18807 2612d 2618d 12/29 2545d 28b05b928868 net: use correct this_cpu primitive in dev_recursion_level
WARNING: ODEBUG bug in netdev_freemem -1 syz done 1042 2545d 2710d 12/29 2545d a3c7cd0cdf11 batman-adv: mcast: fix multicast tt/tvlv worker locking
KASAN: use-after-free Read in __vb2_perform_fileio 19 C done 786 2582d 2773d 12/29 2545d d65842f7126a media: vb2: add waiting_in_dqbuf flag
possible deadlock in acct_pin_kill 4 C done 273 2588d 2805d 12/29 2545d 9419a3191dcb acct_on(): don't mess with freeze protection
WARNING in compat_copy_entries (2) -1 syz done 19416 2576d 3010d 12/29 2563d 7caa56f006e9 netfilter: ebtables: CONFIG_COMPAT: drop a bogus WARN_ON
WARNING in percpu_ref_kill_and_confirm -1 C done 443 2591d 2598d 12/29 2563d 35fa71a030ca io_uring: fail io_uring_register(2) on a dying io_uring instance
general protection fault in skb_queue_tail 2 C done 35 2596d 2597d 12/29 2563d 032be5f19a94 rxrpc: fix race condition in rxrpc_input_packet()
WARNING in __kthread_bind_mask -1 C done 2929 2597d 2607d 12/29 2563d 060586324648 io_uring: park SQPOLL thread if it's percpu
WARNING in io_uring_setup -1 C done 3601 2587d 2607d 12/29 2563d 917257daa0fe io_uring: only test SQPOLL cpu after we've verified it
general protection fault in xfrmi_decode_session 2 C done 16694 2587d 2659d 12/29 2563d 6ed69184ed9c xfrm: Reset secpath in xfrm failure
BUG: MAX_STACK_TRACE_ENTRIES too low! -1 C done 1725 2623d 2649d 11/29 2623d 009bb421b6ce workqueue, lockdep: Fix an alloc_workqueue() error path
general protection fault in __x86_indirect_thunk_rbx 2 C done 16 2763d 2764d 11/29 2630d d6367d624137 fs/locks: use properly initialized file_lock when unlocking.
WARNING: bad usercopy in corrupted (2) -1 C done 12 2699d 2746d 11/29 2631d bc6e019b6ee6 fou: Prevent unbounded recursion in GUE error handler also with UDP-Lite
net-next boot error: can't ssh into the instance -1 33 2681d 2682d 11/29 2645d 947b7ac135b1 Revert "block: cover another queue enter recursion via BIO_QUEUE_ENTERED"
BUG: unable to handle kernel NULL pointer dereference in corrupted (3) 10 C 1 2703d 2703d 11/29 2645d 44039e00171b fou6: Prevent unbounded recursion in GUE error handler
net boot error: can't ssh into the instance -1 42 2681d 2683d 11/29 2645d 947b7ac135b1 Revert "block: cover another queue enter recursion via BIO_QUEUE_ENTERED"
upstream boot error: can't ssh into the instance (2) -1 45 2683d 2683d 11/29 2645d 947b7ac135b1 Revert "block: cover another queue enter recursion via BIO_QUEUE_ENTERED"
net build error -1 2 2809d 2809d 11/29 2710d 16fdf8ba9839 rds: Fix build regression.
unregister_netdevice: waiting for DEV to become free 2 C 170521 2855d 2966d 8/29 2855d 8cc88773855f xfrm: fix missing dst_release() after policy blocking lbcast and multicast
WARNING: kernel stack regs has bad 'bp' value (3) -1 C 7971 2887d 3042d 8/29 2885d b7b73cd5d746 crypto: x86/salsa20 - remove x86 salsa20 implementations
BUG: workqueue lockup (3) -1 C 1215 2889d 2941d 8/29 2885d 4fb48871409e restore cond_resched() in shrink_dcache_parent()
WARNING: kernel stack frame pointer has bad value -1 C 1108 2887d 2966d 8/29 2885d f044a84e040b crypto: don't optimize keccakf()
general protection fault in gfn_to_rmap 2 syz 7 3026d 3136d 5/29 2938d b7e31be38558 KVM: x86: fix vcpu initialization with userspace lapic
BUG: workqueue lockup (2) -1 C 406 2945d 3103d 5/29 2942d 966031f34018 n_tty: fix EXTPROC vs ICANON interaction with TIOCINQ (aka FIONREAD)
WARNING in ata_bmdma_qc_issue -1 C 1 3216d 3136d 4/29 2993d 2c1ec6fda2d0 libata: don't try to pass through NCQ commands to non-NCQ devices
BUG: unable to handle kernel paging request in ata_bmdma_qc_prep 8 C 13 3128d 3136d 4/29 2993d 058f58e235cb libata: fix length validation of ATAPI-relayed SCSI commands
KASAN: use-after-free Read in get_work_pool 19 syz 8 3118d 3141d 4/29 2993d 2cc683e88c0c kcm: lock lower socket in kcm_attach
WARNING in ata_qc_issue -1 C 35 3122d 3140d 4/29 2993d 9173e5e80729 libata: remove WARN() for DMA or PIO command without data
kernel BUG at arch/x86/kvm/x86.c:LINE! -1 syz 20 3107d 3140d 4/29 3004d 61cb57c9ed63 KVM: x86: Exit to user-mode on #UD intercept when emulator requires
lost connection to test machine (4) -1 C 1189 3018d 3032d 4/29 3018d 9c2d63b843a5 bpf: fix mlock precharge on arraymaps
lost connection to test machine (3) -1 C 4251 3040d 3079d 4/29 3039d 889c604fd0b5 netfilter: x_tables: fix int overflow in xt_alloc_table_info()
WARNING in task_participate_group_stop -1 C 29 3122d 3137d 4/29 3042d 426915796cca kernel/signal.c: remove the no longer needed SIGNAL_UNKILLABLE check in complete_signal()
WARNING: kernel stack regs has bad 'bp' value (2) -1 C 16238 3043d 3108d 4/29 3043d d8c7fe9f2a48 crypto: x86/twofish-3way - Fix %rbp usage
BUG: sleeping function called from invalid context at ./include/linux/uaccess.h:LINE -1 C 19609 3110d 3136d 4/29 3048d 4d772cb85f64 KVM: x86: fix em_fxstor() sleeping while in atomic
possible deadlock in snd_seq_deliver_event 4 C 6 3130d 3140d 4/29 3052d 1f20f9ff57ca ALSA: seq: Fix nested rwsem annotation for lockdep splat
kernel panic: softlockup: hung tasks 2 2 3178d 3148d 3/29 3098d 4ba161a793d5 SUNRPC: Allow connect to return EHOSTUNREACH
kernel BUG at net/key/af_key.c:LINE! -1 C 63 3150d 3143d 3/29 3102d 0e74aa1d79a5 xfrm: Copy policy family in clone_policy
general protection fault in tun_flow_cleanup 2 1 3180d 3148d 3/29 3108d ee74d9967b82 tun: do not arm flow_gc_timer in tun_flow_init()
KASAN: slab-out-of-bounds Read in tipc_nametbl_lookup_dst_nodes 17 C 22388 3120d 3143d 3/29 3108d f65163fed0e7 tipc: eliminate KASAN warning
possible deadlock in generic_file_write_iter 4 C 61506 3108d 3131d 3/29 3108d e319e1fbd9d4 block, locking/lockdep: Assign a lock_class per gendisk used for wait_for_completion()
BUG: soft lockup -1 C 466 3121d 3135d 3/29 3118d 9b7d869ee5a7 ALSA: timer: Limit max instances per timer
BUG: unable to handle kernel paging request in snd_seq_oss_readq_puts 8 C 389 3129d 3135d 3/29 3118d 132d358b183a ALSA: seq: Fix OSS sysex delivery in OSS emulation
general protection fault in __list_del_entry_valid 2 C 72 3128d 3143d 3/29 3125d 1137b5e2529a ipsec: Fix aborted xfrm policy dump crash
KASAN: use-after-free Write in __run_timers 22 6144 3145d 3205d 3/29 3125d 0ad646c81b21 net-backports: tun: call dev_get_valid_name() before register_netdevice()
BUG: workqueue lockup -1 C 172 3125d 3136d 3/29 3125d 93161922c658 tun/tap: sanitize TUNSETSNDBUF input
kernel BUG at net/ipv4/tcp_output.c:LINE! -1 37 3185d 3198d 3/29 3129d b1ed4c4fa9a5 tcp: add an ability to dump and restore window parameters
WARNING in sk_stream_kill_queues -1 syz 96 3212d 3215d 3/29 3129d 7749d4ff88d3 net-backports: dccp: purge write queue in dccp_destroy_sock()
general protection fault in refcount_sub_and_test 2 1 3229d 3213d 3/29 3130d 12d94a804946 ipv6: fix NULL dereference in ip6_route_dev_notify()
KASAN: double-free or invalid-free in selinux_tun_dev_free_security 24 C 12033 3206d 3217d 3/29 3130d ff244c6b29b1 tun: handle register_netdevice() failures properly
KASAN: use-after-free Read in dev_queue_xmit_nit 19 C 13 3172d 3184d 3/29 3130d 008ba2a13f2d packet: hold bind lock when rebinding to fanout hook
KASAN: use-after-free Read in ccid2_hc_tx_rto_expire 19 5 3208d 3212d 3/29 3130d 120e9dabaf55 dccp: defer ccid_hc_tx_delete() at dismantle time
WARNING in fib6_del -1 24 3191d 3204d 3/29 3130d 7483cea79957 ipv6: fib: Unlink replaced routes from their nodes
BUG: unable to handle kernel NULL pointer dereference in free_fib_info_rcu 10 3 3213d 3213d 3/29 3130d 187e5b3ac84d ipv4: fix NULL dereference in free_fib_info_rcu()
KASAN: use-after-free Read in __list_add_valid 19 syz 26 3146d 3194d 3/29 3143d 008ba2a13f2d packet: hold bind lock when rebinding to fanout hook
general protection fault in kvm_cpuid 2 C 20 3172d 3191d 3/29 3143d d1cd3ce90044 KVM: MMU: check guest CR3 reserved bits based on its physical address width.
BUG: unable to handle kernel paging request in skb_release_data 8 syz 15 3212d 3212d 3/29 3143d 0bbd7dad34f8 tun: make tun_build_skb() thread safe
general protection fault in skb_clone 2 syz 3 3212d 3211d 3/29 3143d 0bbd7dad34f8 tun: make tun_build_skb() thread safe
WARNING in __local_bh_enable_ip -1 22 3173d 3181d 3/29 3143d 930651a75bf1 bpf: do not disable/enable BH in bpf_map_free_id()
WARNING: kernel stack regs has bad 'bp' value -1 C 66131 3171d 3217d 3/29 3143d d3dfbfe2e6e7 crypto: x86/sha256-avx2 - Fix RBP usage
general protection fault in fib6_add 2 18 3207d 3213d 3/29 3143d 348a4002729c ipv6: repair fib6 tree in failure case
KASAN: use-after-free Read in skb_push 19 4 3207d 3213d 3/29 3143d 5bfd37b4de5c tipc: fix use-after-free
general protection fault in SyS_bpf 2 C 10 3202d 3203d 3/29 3143d ae2b27b859a1 bpf: fix a return in sockmap_get_from_fd()
KASAN: use-after-free Read in free_ldt_struct 19 C 109 3200d 3214d 3/29 3143d ccd5b3235180 x86/mm: Fix use-after-free of ldt_struct
WARNING in idr_replace -1 C 1209 3183d 3215d 3/29 3143d a47f68d6a944 idr: remove WARN_ON_ONCE() when trying to replace negative ID
KASAN: use-after-free Read in get_mm_exe_file 19 C 2 3207d 3211d 3/29 3143d 2b7e8665b4ff fork: fix incorrect fput of ->exe_file causing use-after-free
KASAN: wild-memory-access Read in skb_copy_ubufs 17 C 23 3211d 3212d 3/29 3143d 0bbd7dad34f8 tun: make tun_build_skb() thread safe
kernel BUG at mm/slab.c:LINE! -1 C 860 3190d 3194d 3/29 3143d 96e5ae4e76f1 bpf: fix numa_node validation
general protection fault in __skb_flow_dissect 2 C 37 3213d 3215d 3/29 3143d 7324157b8af1 dsa: fix flow disector null pointer
WARNING in refcount_inc -1 7 3196d 3204d 3/29 3143d 551143d8d954 net_sched: fix a refcount_t issue with noop_qdisc
general protection fault in fib_dump_info 2 C 428 3206d 3217d 3/29 3143d bc3aae2bbac4 net: check and errout if res->fi is NULL when RTM_F_FIB_MATCH is set
BUG: Bad page state -1 C 2 3213d 3213d 3/29 3143d 263630e8d176 mm/madvise.c: fix freeing of locked page with MADV_FREE
general protection fault in skb_release_data 2 syz 198 3211d 3212d 3/29 3143d 0bbd7dad34f8 tun: make tun_build_skb() thread safe
KASAN: use-after-free Read in skb_release_data 19 syz 7 3213d 3212d 3/29 3143d 0bbd7dad34f8 tun: make tun_build_skb() thread safe
possible deadlock in kcm_sendpage 4 syz 14 3195d 3198d 3/29 3143d 351050ecd652 kcm: do not attach PF_KCM sockets to avoid deadlock
general protection fault in __ip_options_echo (2) 2 C 2 3192d 3192d 3/29 3143d ca2c1418efe9 udp: drop head states only when all skb references are gone
KASAN: slab-out-of-bounds Read in skb_release_data 17 1 3212d 3211d 3/29 3143d 0bbd7dad34f8 tun: make tun_build_skb() thread safe
suspicious RCU usage at ./include/linux/kvm_host.h:LINE -1 C 103402 3171d 3217d 3/29 3143d 021086e383fa KVM: fix rcu warning on VM_CREATE errors
KASAN: use-after-free Read in ip6_pol_route 19 249 3206d 3214d 3/29 3143d 383143f31d7d ipv6: reset fn->rr_ptr when replacing route
general protection fault in perf_trace_block_get_rq 2 C 180 3183d 3193d 3/29 3143d f8e9ec16611b block: tolerate tracing of NULL bio
BUG: unable to handle kernel NULL pointer dereference at ADDR -1 C 63 3200d 3214d 3/29 3143d 3fd871270732 strparser: initialize all callbacks
INFO: task hung -1 C 13878 3171d 3236d 3/29 3171d bd9dfc54e392 tcp: fix hang in tcp_sendpage_locked()
WARNING in kvm_arch_vcpu_ioctl_run -1 C 20284 3171d 3236d 3/29 3171d bbeac2830f4d KVM: X86: Fix residual mmio emulation request to userspace
kernel BUG at mm/usercopy.c:LINE! -1 C 23 3212d 3217d 2/29 3191d fd851ba9caa9 udp: harden copy_linear_skb()
BUG: sleeping function called from invalid context at mm/slab.h:LINE -1 C 8 3213d 3217d 2/29 3191d 36f41f8fc6d8 af_key: do not use GFP_KERNEL in atomic contexts
inconsistent lock state in sk_clone_lock 4 C 16 3213d 3216d 2/29 3191d d624d276d1dd tcp: fix possible deadlock in TCP stack vs BPF filter