syzbot

 sign-in | mailing list | source | docs
🐞 Open [1589]
Subsystems
🐞 Fixed [6365]
🐞 Invalid [16225]
Missing Backports [194]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

KASAN: slab-use-after-free Read in rose_timer_expiry (3)

Status: upstream: reported on 2025/05/19 14:23
Subsystems: hams
[Documentation on labels]
Reported-by: syzbot+942297eecf7d2d61d1f1@syzkaller.appspotmail.com
First crash: 54d, last: 18m
Discussions (2)
Title Replies (including bot) Last reply
[syzbot] Monthly hams report (Jun 2025) 0 (1) 2025/06/23 07:31
[syzbot] [hams?] KASAN: slab-use-after-free Read in rose_timer_expiry (3) 0 (1) 2025/05/19 14:23
Similar bugs (4)
Kernel Title Rank 🛈 Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KASAN: slab-use-after-free Read in rose_timer_expiry (2) hams 16 158 56d 180d 28/29 fixed on 2025/05/14 23:24
upstream KASAN: slab-use-after-free Read in rose_timer_expiry hams 16 5 420d 430d 0/29 closed as invalid on 2024/06/04 18:05
linux-5.15 KASAN: use-after-free Read in rose_timer_expiry 16 62 11h54m 67d 0/3 upstream: reported on 2025/05/02 15:02
linux-6.1 KASAN: use-after-free Read in rose_timer_expiry 16 22 23h48m 66d 0/3 upstream: reported on 2025/05/03 12:30

Sample crash report:
==================================================================
BUG: KASAN: slab-use-after-free in rose_timer_expiry+0x471/0x4b0 net/rose/rose_timer.c:183
Read of size 2 at addr ffff88805149b82a by task syz-executor/5839

CPU: 0 UID: 0 PID: 5839 Comm: syz-executor Not tainted 6.16.0-rc5-syzkaller-00038-g733923397fd9 #0 PREEMPT(full) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
Call Trace:
 <IRQ>
 dump_stack_lvl+0x189/0x250 lib/dump_stack.c:120
 print_address_description mm/kasan/report.c:408 [inline]
 print_report+0xd2/0x2b0 mm/kasan/report.c:521
 kasan_report+0x118/0x150 mm/kasan/report.c:634
 rose_timer_expiry+0x471/0x4b0 net/rose/rose_timer.c:183
 call_timer_fn+0x17e/0x5f0 kernel/time/timer.c:1747
 expire_timers kernel/time/timer.c:1798 [inline]
 __run_timers kernel/time/timer.c:2372 [inline]
 __run_timer_base+0x61a/0x860 kernel/time/timer.c:2384
 run_timer_base kernel/time/timer.c:2393 [inline]
 run_timer_softirq+0xb7/0x180 kernel/time/timer.c:2403
 handle_softirqs+0x283/0x870 kernel/softirq.c:579
 __do_softirq kernel/softirq.c:613 [inline]
 invoke_softirq kernel/softirq.c:453 [inline]
 __irq_exit_rcu+0xca/0x1f0 kernel/softirq.c:680
 irq_exit_rcu+0x9/0x30 kernel/softirq.c:696
 instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1050 [inline]
 sysvec_apic_timer_interrupt+0xa6/0xc0 arch/x86/kernel/apic/apic.c:1050
 </IRQ>
 <TASK>
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702
RIP: 0010:syscall_enter_from_user_mode_work include/linux/entry-common.h:169 [inline]
RIP: 0010:syscall_enter_from_user_mode include/linux/entry-common.h:200 [inline]
RIP: 0010:do_syscall_64+0xc3/0x3b0 arch/x86/entry/syscall_64.c:90
Code: 00 48 8b 7d 08 48 89 7b 18 e8 49 5a 00 00 0f 1f 44 00 00 0f 1f 44 00 00 90 e8 49 11 60 f6 90 90 e8 f2 10 60 f6 fb 49 8b 57 08 <f6> c2 3f 74 0e 4c 89 f7 4c 89 ee e8 2d 5f 43 f6 49 89 c4 90 90 41
RSP: 0018:ffffc9000403fef0 EFLAGS: 00000286
RAX: fd825702e4560100 RBX: ffffc9000403fef0 RCX: fd825702e4560100
RDX: 0000000000000000 RSI: ffffffff8d984d62 RDI: ffffffff8be1ca40
RBP: ffffc9000403ff48 R08: ffffffff8fa0c5f7 R09: 1ffffffff1f418be
R10: dffffc0000000000 R11: fffffbfff1f418bf R12: 000000000000003d
R13: 000000000000003d R14: ffffc9000403ff58 R15: ffff88807c83bc00
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7fe7ecb84b97
Code: 89 7c 24 10 48 89 4c 24 18 e8 45 1b 03 00 4c 8b 54 24 18 8b 54 24 14 41 89 c0 48 8b 74 24 08 8b 7c 24 10 b8 3d 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 89 44 24 10 e8 95 1b 03 00 8b 44
RSP: 002b:00007ffdbed613b0 EFLAGS: 00000293 ORIG_RAX: 000000000000003d
RAX: ffffffffffffffda RBX: 00000000000001c4 RCX: 00007fe7ecb84b97
RDX: 0000000040000001 RSI: 00007ffdbed6141c RDI: 00000000ffffffff
RBP: 00007ffdbed6141c R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000075
R13: 0000000000000046 R14: 00000000000699ec R15: 00007ffdbed61470
 </TASK>

Allocated by task 6027:
 kasan_save_stack mm/kasan/common.c:47 [inline]
 kasan_save_track+0x3e/0x80 mm/kasan/common.c:68
 poison_kmalloc_redzone mm/kasan/common.c:377 [inline]
 __kasan_kmalloc+0x93/0xb0 mm/kasan/common.c:394
 kasan_kmalloc include/linux/kasan.h:260 [inline]
 __kmalloc_cache_noprof+0x230/0x3d0 mm/slub.c:4359
 kmalloc_noprof include/linux/slab.h:905 [inline]
 batadv_forw_packet_alloc+0x1e9/0x390 net/batman-adv/send.c:521
 batadv_iv_ogm_aggregate_new net/batman-adv/bat_iv_ogm.c:571 [inline]
 batadv_iv_ogm_queue_add+0x85f/0xd30 net/batman-adv/bat_iv_ogm.c:678
 batadv_iv_ogm_schedule_buff net/batman-adv/bat_iv_ogm.c:857 [inline]
 batadv_iv_ogm_schedule+0xabd/0xea0 net/batman-adv/bat_iv_ogm.c:876
 batadv_iv_send_outstanding_bat_ogm_packet+0x6c6/0x7e0 net/batman-adv/bat_iv_ogm.c:1720
 process_one_work kernel/workqueue.c:3238 [inline]
 process_scheduled_works+0xade/0x17b0 kernel/workqueue.c:3321
 worker_thread+0x8a0/0xda0 kernel/workqueue.c:3402
 kthread+0x711/0x8a0 kernel/kthread.c:464
 ret_from_fork+0x3f9/0x770 arch/x86/kernel/process.c:148
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245

Freed by task 8002:
 kasan_save_stack mm/kasan/common.c:47 [inline]
 kasan_save_track+0x3e/0x80 mm/kasan/common.c:68
 kasan_save_free_info+0x46/0x50 mm/kasan/generic.c:576
 poison_slab_object mm/kasan/common.c:247 [inline]
 __kasan_slab_free+0x62/0x70 mm/kasan/common.c:264
 kasan_slab_free include/linux/kasan.h:233 [inline]
 slab_free_hook mm/slub.c:2381 [inline]
 slab_free mm/slub.c:4643 [inline]
 kfree+0x18e/0x440 mm/slub.c:4842
 process_one_work kernel/workqueue.c:3238 [inline]
 process_scheduled_works+0xade/0x17b0 kernel/workqueue.c:3321
 worker_thread+0x8a0/0xda0 kernel/workqueue.c:3402
 kthread+0x711/0x8a0 kernel/kthread.c:464
 ret_from_fork+0x3f9/0x770 arch/x86/kernel/process.c:148
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245

Last potentially related work creation:
 kasan_save_stack+0x3e/0x60 mm/kasan/common.c:47
 kasan_record_aux_stack+0xbd/0xd0 mm/kasan/generic.c:548
 insert_work+0x3d/0x330 kernel/workqueue.c:2183
 __queue_work+0xbd9/0xfe0 kernel/workqueue.c:2345
 call_timer_fn+0x17e/0x5f0 kernel/time/timer.c:1747
 expire_timers kernel/time/timer.c:1793 [inline]
 __run_timers kernel/time/timer.c:2372 [inline]
 __run_timer_base+0x646/0x860 kernel/time/timer.c:2384
 run_timer_base kernel/time/timer.c:2393 [inline]
 run_timer_softirq+0xb7/0x180 kernel/time/timer.c:2403
 handle_softirqs+0x283/0x870 kernel/softirq.c:579
 __do_softirq kernel/softirq.c:613 [inline]
 invoke_softirq kernel/softirq.c:453 [inline]
 __irq_exit_rcu+0xca/0x1f0 kernel/softirq.c:680
 irq_exit_rcu+0x9/0x30 kernel/softirq.c:696
 instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1050 [inline]
 sysvec_apic_timer_interrupt+0xa6/0xc0 arch/x86/kernel/apic/apic.c:1050
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702

The buggy address belongs to the object at ffff88805149b800
 which belongs to the cache kmalloc-512 of size 512
The buggy address is located 42 bytes inside of
 freed 512-byte region [ffff88805149b800, ffff88805149ba00)

The buggy address belongs to the physical page:
page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x51498
head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
page_type: f5(slab)
raw: 00fff00000000040 ffff88801a441c80 dead000000000100 dead000000000122
raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
head: 00fff00000000040 ffff88801a441c80 dead000000000100 dead000000000122
head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
head: 00fff00000000002 ffffea0001452601 00000000ffffffff 00000000ffffffff
head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
page dumped because: kasan: bad access detected
page_owner tracks the page as allocated
page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5836, tgid 5836 (udevd), ts 106045678429, free_ts 87626384267
 set_page_owner include/linux/page_owner.h:32 [inline]
 post_alloc_hook+0x240/0x2a0 mm/page_alloc.c:1704
 prep_new_page mm/page_alloc.c:1712 [inline]
 get_page_from_freelist+0x21d5/0x22b0 mm/page_alloc.c:3669
 __alloc_frozen_pages_noprof+0x181/0x370 mm/page_alloc.c:4959
 alloc_pages_mpol+0x232/0x4a0 mm/mempolicy.c:2419
 alloc_slab_page mm/slub.c:2451 [inline]
 allocate_slab+0x8a/0x3b0 mm/slub.c:2619
 new_slab mm/slub.c:2673 [inline]
 ___slab_alloc+0xbfc/0x1480 mm/slub.c:3859
 __slab_alloc mm/slub.c:3949 [inline]
 __slab_alloc_node mm/slub.c:4024 [inline]
 slab_alloc_node mm/slub.c:4185 [inline]
 __kmalloc_cache_noprof+0x296/0x3d0 mm/slub.c:4354
 kmalloc_noprof include/linux/slab.h:905 [inline]
 kzalloc_noprof include/linux/slab.h:1039 [inline]
 kernfs_fop_open+0x397/0xca0 fs/kernfs/file.c:623
 do_dentry_open+0xdf0/0x1970 fs/open.c:964
 vfs_open+0x3b/0x340 fs/open.c:1094
 do_open fs/namei.c:3896 [inline]
 path_openat+0x2ee5/0x3830 fs/namei.c:4055
 do_filp_open+0x1fa/0x410 fs/namei.c:4082
 do_sys_openat2+0x121/0x1c0 fs/open.c:1437
 do_sys_open fs/open.c:1452 [inline]
 __do_sys_openat fs/open.c:1468 [inline]
 __se_sys_openat fs/open.c:1463 [inline]
 __x64_sys_openat+0x138/0x170 fs/open.c:1463
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xfa/0x3b0 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
page last free pid 5822 tgid 5822 stack trace:
 reset_page_owner include/linux/page_owner.h:25 [inline]
 free_pages_prepare mm/page_alloc.c:1248 [inline]
 free_unref_folios+0xcd2/0x1570 mm/page_alloc.c:2763
 folios_put_refs+0x559/0x640 mm/swap.c:992
 free_pages_and_swap_cache+0x277/0x520 mm/swap_state.c:264
 __tlb_batch_free_encoded_pages mm/mmu_gather.c:136 [inline]
 tlb_batch_pages_flush mm/mmu_gather.c:149 [inline]
 tlb_flush_mmu_free mm/mmu_gather.c:397 [inline]
 tlb_flush_mmu+0x3a0/0x680 mm/mmu_gather.c:404
 tlb_finish_mmu+0xc3/0x1d0 mm/mmu_gather.c:497
 vms_clear_ptes+0x42c/0x540 mm/vma.c:1230
 vms_complete_munmap_vmas+0x206/0x8a0 mm/vma.c:1272
 do_vmi_align_munmap+0x358/0x420 mm/vma.c:1531
 do_vmi_munmap+0x253/0x2e0 mm/vma.c:1579
 __vm_munmap+0x23b/0x3d0 mm/vma.c:3108
 __do_sys_munmap mm/mmap.c:1084 [inline]
 __se_sys_munmap mm/mmap.c:1081 [inline]
 __x64_sys_munmap+0x60/0x70 mm/mmap.c:1081
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xfa/0x3b0 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

Memory state around the buggy address:
 ffff88805149b700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
 ffff88805149b780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
>ffff88805149b800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
                                  ^
 ffff88805149b880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
 ffff88805149b900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
==================================================================
----------------
Code disassembly (best guess):
   0:	00 48 8b             	add    %cl,-0x75(%rax)
   3:	7d 08                	jge    0xd
   5:	48 89 7b 18          	mov    %rdi,0x18(%rbx)
   9:	e8 49 5a 00 00       	call   0x5a57
   e:	0f 1f 44 00 00       	nopl   0x0(%rax,%rax,1)
  13:	0f 1f 44 00 00       	nopl   0x0(%rax,%rax,1)
  18:	90                   	nop
  19:	e8 49 11 60 f6       	call   0xf6601167
  1e:	90                   	nop
  1f:	90                   	nop
  20:	e8 f2 10 60 f6       	call   0xf6601117
  25:	fb                   	sti
  26:	49 8b 57 08          	mov    0x8(%r15),%rdx
* 2a:	f6 c2 3f             	test   $0x3f,%dl <-- trapping instruction
  2d:	74 0e                	je     0x3d
  2f:	4c 89 f7             	mov    %r14,%rdi
  32:	4c 89 ee             	mov    %r13,%rsi
  35:	e8 2d 5f 43 f6       	call   0xf6435f67
  3a:	49 89 c4             	mov    %rax,%r12
  3d:	90                   	nop
  3e:	90                   	nop
  3f:	41                   	rex.B

Crashes (672):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2025/07/09 07:41 upstream 733923397fd9 abade794 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root KASAN: slab-use-after-free Read in rose_timer_expiry
2025/07/09 01:10 upstream d006330be3f7 abade794 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root KASAN: slab-use-after-free Read in rose_timer_expiry
2025/07/08 23:00 upstream d006330be3f7 abade794 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root KASAN: slab-use-after-free Read in rose_timer_expiry
2025/07/08 22:51 upstream d006330be3f7 abade794 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root KASAN: slab-use-after-free Read in rose_timer_expiry
2025/07/08 18:44 upstream d006330be3f7 abade794 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root KASAN: slab-use-after-free Read in rose_timer_expiry
2025/07/08 16:24 upstream d7b8f8e20813 abade794 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root KASAN: slab-use-after-free Read in rose_timer_expiry
2025/07/08 14:25 upstream d7b8f8e20813 4f67c4ae .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root KASAN: slab-use-after-free Read in rose_timer_expiry
2025/07/08 09:54 upstream d7b8f8e20813 4f67c4ae .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root KASAN: slab-use-after-free Read in rose_timer_expiry
2025/07/08 07:51 upstream d7b8f8e20813 4f67c4ae .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root KASAN: slab-use-after-free Read in rose_timer_expiry
2025/07/08 04:21 upstream d7b8f8e20813 4f67c4ae .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root KASAN: slab-use-after-free Read in rose_timer_expiry
2025/07/07 08:41 upstream d7b8f8e20813 4f67c4ae .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root KASAN: slab-use-after-free Read in rose_timer_expiry
2025/07/07 00:11 upstream d7b8f8e20813 4f67c4ae .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root KASAN: slab-use-after-free Read in rose_timer_expiry
2025/07/06 20:38 upstream 1f988d0788f5 4f67c4ae .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root KASAN: slab-use-after-free Read in rose_timer_expiry
2025/07/06 17:57 upstream 1f988d0788f5 4f67c4ae .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root KASAN: slab-use-after-free Read in rose_timer_expiry
2025/07/06 15:20 upstream 1f988d0788f5 4f67c4ae .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root KASAN: slab-use-after-free Read in rose_timer_expiry
2025/07/06 01:21 upstream 05df91921da6 4f67c4ae .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root KASAN: slab-use-after-free Read in rose_timer_expiry
2025/07/05 21:33 upstream 05df91921da6 4f67c4ae .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root KASAN: slab-use-after-free Read in rose_timer_expiry
2025/07/05 17:02 upstream a79a588fc176 4f67c4ae .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root KASAN: slab-use-after-free Read in rose_timer_expiry
2025/07/04 23:13 upstream 4c06e63b9203 d869b261 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root KASAN: slab-use-after-free Read in rose_timer_expiry
2025/07/04 20:14 upstream 4c06e63b9203 d869b261 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root KASAN: slab-use-after-free Read in rose_timer_expiry
2025/07/04 18:10 upstream 4c06e63b9203 d869b261 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root KASAN: slab-use-after-free Read in rose_timer_expiry
2025/07/04 10:08 upstream 17bbde2e1716 76ad128c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root KASAN: slab-use-after-free Read in rose_timer_expiry
2025/07/04 09:02 upstream 17bbde2e1716 76ad128c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root KASAN: slab-use-after-free Read in rose_timer_expiry
2025/07/04 05:57 upstream 17bbde2e1716 76ad128c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root KASAN: slab-use-after-free Read in rose_timer_expiry
2025/07/04 03:46 upstream 17bbde2e1716 76ad128c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root KASAN: slab-use-after-free Read in rose_timer_expiry
2025/06/28 10:20 upstream aaf724ed6926 fc9d8ee5 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root KASAN: slab-use-after-free Read in rose_timer_expiry
2025/06/20 22:03 upstream 75f5f23f8787 e3003213 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-rust-kasan-gce KASAN: slab-use-after-free Read in rose_timer_expiry
2025/06/27 18:48 upstream 67a993863163 803ce19b .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream KASAN: slab-use-after-free Read in rose_timer_expiry
2025/07/04 02:36 net 223e2288f4b8 76ad128c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce KASAN: slab-use-after-free Read in rose_timer_expiry
2025/07/03 08:34 net bd475eeaaf3c 115ceea7 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce KASAN: slab-use-after-free Read in rose_timer_expiry
2025/07/03 08:33 net bd475eeaaf3c 115ceea7 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce KASAN: slab-use-after-free Read in rose_timer_expiry
2025/07/03 07:07 net bd475eeaaf3c 0cd59a8f .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce KASAN: slab-use-after-free Read in rose_timer_expiry
2025/07/03 05:09 net bd475eeaaf3c 0cd59a8f .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce KASAN: slab-use-after-free Read in rose_timer_expiry
2025/07/03 03:02 net bd475eeaaf3c 0cd59a8f .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce KASAN: slab-use-after-free Read in rose_timer_expiry
2025/07/03 01:53 net 561aa0e22b70 0cd59a8f .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce KASAN: slab-use-after-free Read in rose_timer_expiry
2025/07/03 01:52 net 561aa0e22b70 0cd59a8f .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce KASAN: slab-use-after-free Read in rose_timer_expiry
2025/07/03 00:19 net 561aa0e22b70 0cd59a8f .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce KASAN: slab-use-after-free Read in rose_timer_expiry
2025/07/02 22:33 net 561aa0e22b70 0cd59a8f .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce KASAN: slab-use-after-free Read in rose_timer_expiry
2025/07/02 21:30 net 561aa0e22b70 0cd59a8f .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce KASAN: slab-use-after-free Read in rose_timer_expiry
2025/07/02 19:57 net 561aa0e22b70 0cd59a8f .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce KASAN: slab-use-after-free Read in rose_timer_expiry
2025/07/02 18:16 net 561aa0e22b70 0cd59a8f .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce KASAN: slab-use-after-free Read in rose_timer_expiry
2025/07/02 16:50 net 561aa0e22b70 0cd59a8f .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce KASAN: slab-use-after-free Read in rose_timer_expiry
2025/07/02 15:04 net 561aa0e22b70 0cd59a8f .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce KASAN: slab-use-after-free Read in rose_timer_expiry
2025/07/02 09:47 net 42fd432fe6d3 ffe4b334 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce KASAN: slab-use-after-free Read in rose_timer_expiry
2025/07/02 06:43 net 42fd432fe6d3 ffe4b334 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce KASAN: slab-use-after-free Read in rose_timer_expiry
2025/07/02 04:18 net 42fd432fe6d3 ffe4b334 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce KASAN: slab-use-after-free Read in rose_timer_expiry
2025/07/02 00:53 net 72fb83735c71 ffe4b334 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce KASAN: slab-use-after-free Read in rose_timer_expiry
2025/07/01 22:59 net 72fb83735c71 ffe4b334 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce KASAN: slab-use-after-free Read in rose_timer_expiry
2025/07/01 18:52 net 72fb83735c71 ffe4b334 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce KASAN: slab-use-after-free Read in rose_timer_expiry
2025/05/18 07:03 net c46286fdd6aa f41472b0 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce KASAN: slab-use-after-free Read in rose_timer_expiry
2025/05/15 14:10 net 09db7a4d287d d6b2ee52 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce KASAN: slab-use-after-free Read in rose_timer_expiry
2025/07/03 15:39 net-next 8b98f34ce1d8 115ceea7 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce KASAN: slab-use-after-free Read in rose_timer_expiry
2025/07/04 08:14 linux-next 8d6c58332c7a 76ad128c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-linux-next-kasan-gce-root KASAN: slab-use-after-free Read in rose_timer_expiry
2025/07/04 05:08 linux-next 8d6c58332c7a 76ad128c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-linux-next-kasan-gce-root KASAN: slab-use-after-free Read in rose_timer_expiry
2025/06/17 13:33 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 39dfc971e42d 417d98fa .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 KASAN: slab-use-after-free Read in rose_timer_expiry
2025/07/04 03:46 upstream 17bbde2e1716 76ad128c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root KASAN: slab-out-of-bounds Read in rose_timer_expiry
2025/07/01 21:14 net 72fb83735c71 ffe4b334 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce KFENCE: use-after-free in rose_timer_expiry
2025/06/24 05:48 net-next 27390db9592d 1a7fb460 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce KASAN: use-after-free Read in rose_timer_expiry
* Struck through repros no longer work on HEAD.