Groups
Groups
Sign in
Groups
Groups
syzkaller-bugs
Conversations
About
Send feedback
Help
Sort By Relevance
Sort By Date
1–30 of many
syzbot ci
12:21 AM
[syzbot ci] Re: io_uring: avoid uring_lock for IORING_SETUP_SINGLE_ISSUER
io_uring:
use
release-acquire ordering for IORING_SETUP_R_DISABLED * [PATCH v5 2/6] io_uring: clear IORING_SETUP_SINGLE_ISSUER for IORING_SETUP_SQPOLL * [PATCH v5 3/6] io_uring
unread,
[syzbot ci] Re: io_uring: avoid uring_lock for IORING_SETUP_SINGLE_ISSUER
io_uring:
use
release-acquire ordering for IORING_SETUP_R_DISABLED * [PATCH v5 2/6] io_uring: clear IORING_SETUP_SINGLE_ISSUER for IORING_SETUP_SQPOLL * [PATCH v5 3/6] io_uring
12:21 AM
syzbot
Dec 12
[syzbot] [kernfs?] KASAN: slab-use-after-free Read in kernfs_new_node
slab-
use
-
after
-
free
in instrument_atomic_read include/linux/instrumented.h:68 [inline] BUG: KASAN: slab-
use
-
after
-
free
in atomic_read include/linux/atomic/atomic
unread,
[syzbot] [kernfs?] KASAN: slab-use-after-free Read in kernfs_new_node
slab-
use
-
after
-
free
in instrument_atomic_read include/linux/instrumented.h:68 [inline] BUG: KASAN: slab-
use
-
after
-
free
in atomic_read include/linux/atomic/atomic
Dec 12
syzbot
5
Dec 11
[syzbot] [ocfs2?] KASAN: use-after-free Read in ocfs2_check_dir_entry
KASAN:
use
-
after
-
free
Read in ocfs2_check_dir_entry (kworker/u8:17,5105,0):ocfs2_read_blocks_sync:112 ERROR: status = -12 (kworker/u8:17,5105,0):ocfs2_read_locked_inode
unread,
[syzbot] [ocfs2?] KASAN: use-after-free Read in ocfs2_check_dir_entry
KASAN:
use
-
after
-
free
Read in ocfs2_check_dir_entry (kworker/u8:17,5105,0):ocfs2_read_blocks_sync:112 ERROR: status = -12 (kworker/u8:17,5105,0):ocfs2_read_locked_inode
Dec 11
syzbot
, …
Lizhi Xu
19
Dec 9
[syzbot] [hams?] KASAN: slab-use-after-free Read in ax25_find_cb
slab-
use
-
after
-
free
in ax25_find_cb+0x179/0x3a0 net/ax25/af_ax25.c:236 Read of size 8 at addr ffff888077f9da10 by task syz.2.252/6544 CPU: 1 UID: 0 PID: 6544 Comm: syz.2.252
unread,
[syzbot] [hams?] KASAN: slab-use-after-free Read in ax25_find_cb
slab-
use
-
after
-
free
in ax25_find_cb+0x179/0x3a0 net/ax25/af_ax25.c:236 Read of size 8 at addr ffff888077f9da10 by task syz.2.252/6544 CPU: 1 UID: 0 PID: 6544 Comm: syz.2.252
Dec 9
syzbot
3
Dec 9
[syzbot] [bpf?] KASAN: slab-use-after-free Write in defer_free
slab-
use
-
after
-
free
in defer_free+0x3c/0xbc mm/slub.c:6537 Write at addr f3f000000854f020 by task kworker/u8:6/983 Pointer tag: [f3], memory tag: [fe] CPU: 0 UID: 0 PID: 983
unread,
[syzbot] [bpf?] KASAN: slab-use-after-free Write in defer_free
slab-
use
-
after
-
free
in defer_free+0x3c/0xbc mm/slub.c:6537 Write at addr f3f000000854f020 by task kworker/u8:6/983 Pointer tag: [f3], memory tag: [fe] CPU: 0 UID: 0 PID: 983
Dec 9
syzbot
Dec 8
[syzbot] [bluetooth?] KASAN: slab-use-after-free Write in le_read_features_complete
slab-
use
-
after
-
free
in instrument_atomic_read_write include/linux/instrumented.h:96 [inline] BUG: KASAN: slab-
use
-
after
-
free
in atomic_dec_and_test include/linux
unread,
[syzbot] [bluetooth?] KASAN: slab-use-after-free Write in le_read_features_complete
slab-
use
-
after
-
free
in instrument_atomic_read_write include/linux/instrumented.h:96 [inline] BUG: KASAN: slab-
use
-
after
-
free
in atomic_dec_and_test include/linux
Dec 8
syzbot
,
Edward Adam Davis
3
Dec 3
[syzbot] [bluetooth?] KASAN: slab-use-after-free Write in hci_conn_drop (3)
slab-
use
-
after
-
free
in instrument_atomic_read_write include/linux/instrumented.h:96 [inline] BUG: KASAN: slab-
use
-
after
-
free
in atomic_dec_and_test include/linux
unread,
[syzbot] [bluetooth?] KASAN: slab-use-after-free Write in hci_conn_drop (3)
slab-
use
-
after
-
free
in instrument_atomic_read_write include/linux/instrumented.h:96 [inline] BUG: KASAN: slab-
use
-
after
-
free
in atomic_dec_and_test include/linux
Dec 3
syzbot
Nov 28
[syzbot] [io-uring?] KASAN: slab-use-after-free Read in io_poll_remove_entries (2)
slab-
use
-
after
-
free
in __raw_spin_lock_irq include/linux/spinlock_api_smp.h:119 [inline] BUG: KASAN: slab-
use
-
after
-
free
in _raw_spin_lock_irq+0xa2/0xf0 kernel/locking
unread,
[syzbot] [io-uring?] KASAN: slab-use-after-free Read in io_poll_remove_entries (2)
slab-
use
-
after
-
free
in __raw_spin_lock_irq include/linux/spinlock_api_smp.h:119 [inline] BUG: KASAN: slab-
use
-
after
-
free
in _raw_spin_lock_irq+0xa2/0xf0 kernel/locking
Nov 28
syzbot
Nov 28
[syzbot] [bluetooth?] KASAN: slab-use-after-free Read in skb_pull
slab-
use
-
after
-
free
in skb_pull_inline include/linux/skbuff.h:2839 [inline] BUG: KASAN: slab-
use
-
after
-
free
in skb_pull+0x133/0x1d0 net/core/skbuff.c:2619 Read of size
unread,
[syzbot] [bluetooth?] KASAN: slab-use-after-free Read in skb_pull
slab-
use
-
after
-
free
in skb_pull_inline include/linux/skbuff.h:2839 [inline] BUG: KASAN: slab-
use
-
after
-
free
in skb_pull+0x133/0x1d0 net/core/skbuff.c:2619 Read of size
Nov 28
syzbot
,
Edward Adam Davis
8
Nov 25
[syzbot] [bluetooth?] KASAN: slab-use-after-free Read in l2cap_sock_new_connection_cb
:4099
process_one_work
kernel/workqueue.c:3263 [inline] process_scheduled_works+0xae1/0x17b0 kernel/workqueue.c:3346 worker_thread+0x8a0/0xda0 kernel/workqueue
unread,
[syzbot] [bluetooth?] KASAN: slab-use-after-free Read in l2cap_sock_new_connection_cb
:4099
process_one_work
kernel/workqueue.c:3263 [inline] process_scheduled_works+0xae1/0x17b0 kernel/workqueue.c:3346 worker_thread+0x8a0/0xda0 kernel/workqueue
Nov 25
syzbot
Nov 24
[syzbot] [wireless?] KASAN: slab-use-after-free Read in __ieee80211_beacon_add_tim
slab-
use
-
after
-
free
in ieee80211_get_link_sband net/mac80211/ieee80211_i.h:1737 [inline] BUG: KASAN: slab-
use
-
after
-
free
in __ieee80211_beacon_add_tim+0x1d7/0x15a0
unread,
[syzbot] [wireless?] KASAN: slab-use-after-free Read in __ieee80211_beacon_add_tim
slab-
use
-
after
-
free
in ieee80211_get_link_sband net/mac80211/ieee80211_i.h:1737 [inline] BUG: KASAN: slab-
use
-
after
-
free
in __ieee80211_beacon_add_tim+0x1d7/0x15a0
Nov 24
syzbot ci
,
syzbot ci
2
Nov 21
[syzbot ci] Re: bpf: Fix FIONREAD and copied_seq issues
slab-
use
-
after
-
free
Read in tcp_ioctl Full report is available here: https://ci.syzbot.org/series/d61ee16d-47d7-4d43-ae17-0fb7c57066d9 *** KASAN: slab-out-of-bounds
unread,
[syzbot ci] Re: bpf: Fix FIONREAD and copied_seq issues
slab-
use
-
after
-
free
Read in tcp_ioctl Full report is available here: https://ci.syzbot.org/series/d61ee16d-47d7-4d43-ae17-0fb7c57066d9 *** KASAN: slab-out-of-bounds
Nov 21
ALBIN BABU VARGHESE
,
syzbot
11
Nov 21
KASAN: use-after-free Read in ext4_find_extent (4)
KASAN:
use
-
after
-
free
Read in ext4_find_extent ================================================================== BUG: KASAN:
use
-
after
-
free
in ext4_ext_binsearch
unread,
KASAN: use-after-free Read in ext4_find_extent (4)
KASAN:
use
-
after
-
free
Read in ext4_find_extent ================================================================== BUG: KASAN:
use
-
after
-
free
in ext4_ext_binsearch
Nov 21
syzbot
,
Hillf Danton
7
Nov 18
[syzbot] [kernel?] general protection fault in put_ipc_ns
slab-
use
-
after
-
free
in hci_cmd_work+0x5d0/0x7b0 [ 83.977772][ T5149] Read of size 2 at addr ffff88807912b178 by task kworker/u9:1/5149 [ 83.985826][ T5149] [ 83.988159][ T5149
unread,
[syzbot] [kernel?] general protection fault in put_ipc_ns
slab-
use
-
after
-
free
in hci_cmd_work+0x5d0/0x7b0 [ 83.977772][ T5149] Read of size 2 at addr ffff88807912b178 by task kworker/u9:1/5149 [ 83.985826][ T5149] [ 83.988159][ T5149
Nov 18
syzbot
Nov 18
[syzbot] [bluetooth?] KASAN: slab-use-after-free Read in hci_cmd_work (2)
slab-
use
-
after
-
free
in hci_cmd_work+0x5d0/0x7b0 net/bluetooth/hci_core.c:4174 Read of size 2 at addr ffff888061d8f538 by task kworker/u9:5/5835 CPU: 1 UID: 0 PID: 5835 Comm
unread,
[syzbot] [bluetooth?] KASAN: slab-use-after-free Read in hci_cmd_work (2)
slab-
use
-
after
-
free
in hci_cmd_work+0x5d0/0x7b0 net/bluetooth/hci_core.c:4174 Read of size 2 at addr ffff888061d8f538 by task kworker/u9:5/5835 CPU: 1 UID: 0 PID: 5835 Comm
Nov 18
syzbot
,
Eric Dumazet
2
Nov 17
[syzbot] [mptcp?] KASAN: slab-use-after-free Read in mptcp_pm_del_add_timer
slab-
use
-
after
-
free
in __timer_delete_sync+0x372/0x3f0 kernel/time/timer.c:1616 Read of size 4 at addr ffff8880311e4150 by task kworker/1:1/44 CPU: 1 UID: 0 PID: 44 Comm: kworker
unread,
[syzbot] [mptcp?] KASAN: slab-use-after-free Read in mptcp_pm_del_add_timer
slab-
use
-
after
-
free
in __timer_delete_sync+0x372/0x3f0 kernel/time/timer.c:1616 Read of size 4 at addr ffff8880311e4150 by task kworker/1:1/44 CPU: 1 UID: 0 PID: 44 Comm: kworker
Nov 17
syzbot
, …
patchwork-b...@kernel.org
7
Nov 19
[syzbot] [bluetooth?] KASAN: slab-use-after-free Read in mgmt_pending_remove
slab-
use
-
after
-
free
in mgmt_pending_remove+0x3b/0x210 net/bluetooth/mgmt_util.c:316 Read of size 8 at addr ffff888077164818 by task syz.0.17/5989 CPU: 0 UID: 0 PID: 5989 Comm
unread,
[syzbot] [bluetooth?] KASAN: slab-use-after-free Read in mgmt_pending_remove
slab-
use
-
after
-
free
in mgmt_pending_remove+0x3b/0x210 net/bluetooth/mgmt_util.c:316 Read of size 8 at addr ffff888077164818 by task syz.0.17/5989 CPU: 0 UID: 0 PID: 5989 Comm
Nov 19
syzbot
Nov 14
[syzbot] [bluetooth?] linux-next test error: KASAN: slab-use-after-free Read in hci_cmd_work
slab-
use
-
after
-
free
in hci_cmd_work+0x5d0/0x7b0 net/bluetooth/hci_core.c:4174 Read of size 2 at addr ffff8880298b47b8 by task kworker/u9:0/52 CPU: 0 UID: 0 PID: 52 Comm: kworker
unread,
[syzbot] [bluetooth?] linux-next test error: KASAN: slab-use-after-free Read in hci_cmd_work
slab-
use
-
after
-
free
in hci_cmd_work+0x5d0/0x7b0 net/bluetooth/hci_core.c:4174 Read of size 2 at addr ffff8880298b47b8 by task kworker/u9:0/52 CPU: 0 UID: 0 PID: 52 Comm: kworker
Nov 14
syzbot
2
Nov 6
Re: [syzbot] [net?] KASAN: slab-use-after-free Read in handle_tx (2)
:295
process_one_work
+0x9cf/0x1b70 kernel/workqueue.c:3263 process_scheduled_works kernel/workqueue.c:3346 [inline] worker_thread+0x6c8/0xf10 kernel/workqueue
unread,
Re: [syzbot] [net?] KASAN: slab-use-after-free Read in handle_tx (2)
:295
process_one_work
+0x9cf/0x1b70 kernel/workqueue.c:3263 process_scheduled_works kernel/workqueue.c:3346 [inline] worker_thread+0x6c8/0xf10 kernel/workqueue
Nov 6
syzbot
Nov 6
[syzbot] [tipc?] KASAN: slab-use-after-free Read in tipc_mon_reinit_self
slab-
use
-
after
-
free
in __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline] BUG: KASAN: slab-
use
-
after
-
free
in _raw_spin_lock_irqsave+0xa7/0xf0
unread,
[syzbot] [tipc?] KASAN: slab-use-after-free Read in tipc_mon_reinit_self
slab-
use
-
after
-
free
in __raw_spin_lock_irqsave include/linux/spinlock_api_smp.h:110 [inline] BUG: KASAN: slab-
use
-
after
-
free
in _raw_spin_lock_irqsave+0xa7/0xf0
Nov 6
syzbot
,
shaurya
6
Nov 7
Re: [syzbot] [bluetooth?] KASAN: slab-use-after-free Read in l2cap_unregister_user
slab-
use
-
after
-
free
Read in l2cap_unregister_user ================================================================== BUG: KASAN: slab-
use
-
after
-
free
in __mutex_waiter_is_first
unread,
Re: [syzbot] [bluetooth?] KASAN: slab-use-after-free Read in l2cap_unregister_user
slab-
use
-
after
-
free
Read in l2cap_unregister_user ================================================================== BUG: KASAN: slab-
use
-
after
-
free
in __mutex_waiter_is_first
Nov 7
syzbot
,
Nikolay Aleksandrov
2
Nov 3
[syzbot] [bridge?] KASAN: slab-use-after-free Read in br_switchdev_fdb_populate
slab-
use
-
after
-
free
in br_switchdev_fdb_populate+0x390/0x3a0 net/bridge/br_switchdev.c:141 > Read of size 8 at addr ffff888025122808 by task kworker/0:2/977 > hmm
unread,
[syzbot] [bridge?] KASAN: slab-use-after-free Read in br_switchdev_fdb_populate
slab-
use
-
after
-
free
in br_switchdev_fdb_populate+0x390/0x3a0 net/bridge/br_switchdev.c:141 > Read of size 8 at addr ffff888025122808 by task kworker/0:2/977 > hmm
Nov 3
syzbot
,
Lizhi Xu
11
Nov 6
[syzbot] [nbd?] KASAN: slab-use-after-free Write in recv_work (3)
slab-
use
-
after
-
free
in instrument_atomic_read_write include/linux/instrumented.h:96 [inline] BUG: KASAN: slab-
use
-
after
-
free
in atomic_dec include/linux/atomic/atomic
unread,
[syzbot] [nbd?] KASAN: slab-use-after-free Write in recv_work (3)
slab-
use
-
after
-
free
in instrument_atomic_read_write include/linux/instrumented.h:96 [inline] BUG: KASAN: slab-
use
-
after
-
free
in atomic_dec include/linux/atomic/atomic
Nov 6
syzbot
Oct 30
[syzbot] [media?] KASAN: slab-use-after-free Read in vb2_fop_release
slab-
use
-
after
-
free
in _vb2_fop_release drivers/media/common/videobuf2/videobuf2-v4l2.c:1153 [inline] BUG: KASAN: slab-
use
-
after
-
free
in vb2_fop_release+0xf0/0x200
unread,
[syzbot] [media?] KASAN: slab-use-after-free Read in vb2_fop_release
slab-
use
-
after
-
free
in _vb2_fop_release drivers/media/common/videobuf2/videobuf2-v4l2.c:1153 [inline] BUG: KASAN: slab-
use
-
after
-
free
in vb2_fop_release+0xf0/0x200
Oct 30
syzbot
, …
syzbot
5
Oct 30
[syzbot] Monthly xfs report (Oct 2025)
:1434
process_one_work
+0x7e8/0x155c kernel/workqueue.c:3236 process_scheduled_works kernel/workqueue.c:3319 [inline] worker_thread+0x958/0xed8 kernel/workqueue
unread,
[syzbot] Monthly xfs report (Oct 2025)
:1434
process_one_work
+0x7e8/0x155c kernel/workqueue.c:3236 process_scheduled_works kernel/workqueue.c:3319 [inline] worker_thread+0x958/0xed8 kernel/workqueue
Oct 30
syzbot
16
Oct 29
Re: [syzbot] [ocfs2?] KASAN: use-after-free Read in __ocfs2_flush_truncate_log
:51
process_one_work
+0x85b/0xfe0 kernel/workqueue.c:2282 worker_thread+0xa9b/0x1430 kernel/workqueue.c:2428 kthread+0x384/0x410 kernel/kthread.c:328 ret_from_fork
unread,
Re: [syzbot] [ocfs2?] KASAN: use-after-free Read in __ocfs2_flush_truncate_log
:51
process_one_work
+0x85b/0xfe0 kernel/workqueue.c:2282 worker_thread+0xa9b/0x1430 kernel/workqueue.c:2428 kthread+0x384/0x410 kernel/kthread.c:328 ret_from_fork
Oct 29
syzbot
13
Oct 29
Re: [syzbot] [ocfs2?] KASAN: use-after-free Read in ocfs2_dx_dir_lookup_rec
T18]
process_one_work
+0x85e/0xff0 [ 67.954046][ T18] worker_thread+0xa9b/0x1430 [ 67.958082][ T18] ? rcu_lock_release+0x20/0x20 [ 67.962220][ T18] kthread+0x386/0x410
unread,
Re: [syzbot] [ocfs2?] KASAN: use-after-free Read in ocfs2_dx_dir_lookup_rec
T18]
process_one_work
+0x85e/0xff0 [ 67.954046][ T18] worker_thread+0xa9b/0x1430 [ 67.958082][ T18] ? rcu_lock_release+0x20/0x20 [ 67.962220][ T18] kthread+0x386/0x410
Oct 29
syzbot
15
Oct 29
Re: [syzbot] [ocfs2?] KASAN: use-after-free Read in ocfs2_claim_suballoc_bits
:51
process_one_work
+0x85c/0xfa0 kernel/workqueue.c:2282 worker_thread+0xa9b/0x1430 kernel/workqueue.c:2428 kthread+0x360/0x3e0 kernel/kthread.c:328 ret_from_fork
unread,
Re: [syzbot] [ocfs2?] KASAN: use-after-free Read in ocfs2_claim_suballoc_bits
:51
process_one_work
+0x85c/0xfa0 kernel/workqueue.c:2282 worker_thread+0xa9b/0x1430 kernel/workqueue.c:2428 kthread+0x360/0x3e0 kernel/kthread.c:328 ret_from_fork
Oct 29
syzbot
,
Oliver Neukum
10
Oct 25
[syzbot] [input?] [usb?] KASAN: slab-out-of-bounds Read in mcp2221_raw_event (2)
KASAN:
use
-
after
-
free
Read in mcp2221_raw_event ================================================================== BUG: KASAN:
use
-
after
-
free
in mcp2221_raw_event
unread,
[syzbot] [input?] [usb?] KASAN: slab-out-of-bounds Read in mcp2221_raw_event (2)
KASAN:
use
-
after
-
free
Read in mcp2221_raw_event ================================================================== BUG: KASAN:
use
-
after
-
free
in mcp2221_raw_event
Oct 25
syzbot
, …
Lizhi Xu
31
Nov 13
[syzbot] [hams?] KASAN: slab-use-after-free Read in nr_add_node
slab-
use
-
after
-
free
Read in nr_add_node ================================================================== BUG: KASAN: slab-
use
-
after
-
free
in nr_add_node+0x2b65
unread,
[syzbot] [hams?] KASAN: slab-use-after-free Read in nr_add_node
slab-
use
-
after
-
free
Read in nr_add_node ================================================================== BUG: KASAN: slab-
use
-
after
-
free
in nr_add_node+0x2b65
Nov 13
