KASAN: null-ptr-deref Write in l2cap_sock_suspend

Kernel	Title	Rank 🛈	Count	Last	Reported	Patched	Status
linux-6.6	KASAN: null-ptr-deref Write in l2cap_sock_suspend_cb	12	1	313d	313d	0/2	auto-obsoleted due to no activity on 2025/10/13 20:35
upstream	KASAN: null-ptr-deref Write in l2cap_sock_suspend_cb bluetooth	12	1	973d	967d	0/29	auto-obsoleted due to no activity on 2023/12/23 09:03
upstream	KASAN: null-ptr-deref Write in l2cap_sock_suspend_cb (2) bluetooth	12	2	299d	302d	0/29	closed as invalid on 2025/08/19 19:15
upstream	KASAN: null-ptr-deref Write in l2cap_sock_suspend_cb (3) bluetooth	12	3	147d	156d	0/29	auto-obsoleted due to no activity on 2026/03/29 02:38

ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245 </TASK> kobject: kobject_add_internal failed for hci2:201 with -EEXIST, don't try to register things with the same name in the same directory. Bluetooth: hci2: failed to register connection device ================================================================== BUG: KASAN: null-ptr-deref in instrument_atomic_write include/linux/instrumented.h:97 [inline] BUG: KASAN: null-ptr-deref in set_bit include/asm-generic/bitops/instrumented-atomic.h:28 [inline] BUG: KASAN: null-ptr-deref in l2cap_sock_suspend_cb+0x4a/0x80 net/bluetooth/l2cap_sock.c:1784 Write of size 8 at addr 0000000000000798 by task kworker/u9:1/4916 CPU: 0 UID: 0 PID: 4916 Comm: kworker/u9:1 Not tainted syzkaller #0 PREEMPT_{RT,(full)} Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026 Workqueue: hci2 hci_rx_work Call Trace: <TASK> dump_stack_lvl+0xe8/0x150 lib/dump_stack.c:120 kasan_report+0x117/0x150 mm/kasan/report.c:595 check_region_inline mm/kasan/generic.c:-1 [inline] kasan_check_range+0x264/0x2c0 mm/kasan/generic.c:200 instrument_atomic_write include/linux/instrumented.h:97 [inline] set_bit include/asm-generic/bitops/instrumented-atomic.h:28 [inline] l2cap_sock_suspend_cb+0x4a/0x80 net/bluetooth/l2cap_sock.c:1784 l2cap_chan_ready+0x15b/0x230 net/bluetooth/l2cap_core.c:1273 l2cap_le_start+0x25b/0x1960 net/bluetooth/l2cap_core.c:1391 l2cap_conn_ready net/bluetooth/l2cap_core.c:1644 [inline] l2cap_connect_cfm+0x8d5/0x1560 net/bluetooth/l2cap_core.c:7419 hci_connect_cfm+0x95/0x140 include/net/bluetooth/hci_core.h:2139 le_conn_complete_evt+0x1134/0x16b0 net/bluetooth/hci_event.c:5865 hci_le_conn_complete_evt+0x187/0x470 net/bluetooth/hci_event.c:5891 hci_event_func net/bluetooth/hci_event.c:7793 [inline] hci_event_packet+0x659/0xef0 net/bluetooth/hci_event.c:7847 hci_rx_work+0x3ee/0x1040 net/bluetooth/hci_core.c:4077 process_one_work kernel/workqueue.c:3302 [inline] process_scheduled_works+0xb5d/0x1860 kernel/workqueue.c:3385 worker_thread+0xa53/0xfc0 kernel/workqueue.c:3466 kthread+0x388/0x470 kernel/kthread.c:436 ret_from_fork+0x514/0xb70 arch/x86/kernel/process.c:158 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245 </TASK> ==================================================================

Crashes (3):
Time	Kernel	Commit	Syzkaller	Config	Log	Report	VM info	Assets (help?)	Manager	Title
2026/05/10 18:56	upstream	aa54b1d27fe0	29233ece	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci-upstream-kasan-gce-smack-root	KASAN: null-ptr-deref Write in l2cap_sock_suspend_cb
2026/05/12 03:19	upstream	50897c955902	d168f260	.config	console log	report	info	[disk image (non-bootable)] [vmlinux] [kernel image]	ci-qemu-upstream	KASAN: null-ptr-deref Write in l2cap_sock_suspend_cb
2026/05/12 02:18	upstream	50897c955902	d168f260	.config	console log	report	info	[disk image (non-bootable)] [vmlinux] [kernel image]	ci-qemu-upstream	KASAN: null-ptr-deref Write in l2cap_sock_suspend_cb

Crashes (3):

Assets (help?)