syzbot


general protection fault in device_move

Status: upstream: reported syz repro on 2024/11/20 18:53
Subsystems: kernel
[Documentation on labels]
Reported-by: syzbot+1f4e278e8e1a9b01f95f@syzkaller.appspotmail.com
First crash: 335d, last: 3h54m
Cause bisection: failed (error log, bisect log)
  
Discussions (1)
Title Replies (including bot) Last reply
[syzbot] [kernel?] general protection fault in device_move 0 (3) 2025/09/24 06:46
Similar bugs (3)
Kernel Title Rank 🛈 Repro Cause bisect Fix bisect Count Last Reported Patched Status
linux-6.6 general protection fault in device_move 2 6 17d 106d 0/2 upstream: reported on 2025/07/04 01:12
linux-6.1 general protection fault in device_move 8 43 2d22h 291d 0/3 upstream: reported on 2024/12/31 11:47
linux-5.15 BUG: unable to handle kernel paging request in device_move 8 41 58d 306d 0/3 upstream: reported on 2024/12/16 11:50
Last patch testing requests (1)
Created Duration User Patch Repo Result
2025/09/24 06:46 26m kriish.sharma2006@gmail.com http://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/ 7595b66ae9de OK log

Sample crash report:
Oops: general protection fault, probably for non-canonical address 0xdffffc000000000b: 0000 [#1] SMP KASAN PTI
KASAN: null-ptr-deref in range [0x0000000000000058-0x000000000000005f]
CPU: 0 UID: 0 PID: 10396 Comm: syz-executor Not tainted 6.16.0-rc3-syzkaller-00044-g7595b66ae9de #0 PREEMPT(full) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
RIP: 0010:klist_put lib/klist.c:212 [inline]
RIP: 0010:klist_del lib/klist.c:230 [inline]
RIP: 0010:klist_remove+0x14a/0x340 lib/klist.c:249
Code: 4d 89 f5 49 c1 ed 03 43 80 7c 3d 00 00 74 08 4c 89 f7 e8 99 db cb f6 4d 8b 26 49 83 e4 fe 49 8d 7c 24 58 48 89 f8 48 c1 e8 03 <42> 80 3c 38 00 74 05 e8 7a db cb f6 49 8b 44 24 58 48 89 44 24 08
RSP: 0018:ffffc90004f4f600 EFLAGS: 00010202
RAX: 000000000000000b RBX: ffff888035b08000 RCX: 0000000000000000
RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000058
RBP: ffffc90004f4f6e8 R08: ffffffff8f867143 R09: 1ffffffff1f0ce28
R10: dffffc0000000000 R11: fffffbfff1f0ce29 R12: 0000000000000000
R13: 1ffff110285f388c R14: ffff888142f9c460 R15: dffffc0000000000
FS:  0000000000000000(0000) GS:ffff888125c83000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000055ebe60eacc0 CR3: 00000000343b0000 CR4: 00000000003526f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <TASK>
 device_move+0x193/0x700 drivers/base/core.c:4618
 hci_conn_del_sysfs+0xb8/0x170 net/bluetooth/hci_sysfs.c:75
 hci_conn_cleanup net/bluetooth/hci_conn.c:175 [inline]
 hci_conn_del+0x8ff/0xcb0 net/bluetooth/hci_conn.c:1173
 hci_conn_hash_flush+0x191/0x230 net/bluetooth/hci_conn.c:2561
 hci_dev_close_sync+0xaef/0x1330 net/bluetooth/hci_sync.c:5250
 hci_dev_do_close net/bluetooth/hci_core.c:483 [inline]
 hci_unregister_dev+0x206/0x500 net/bluetooth/hci_core.c:2691
 vhci_release+0x80/0xd0 drivers/bluetooth/hci_vhci.c:665
 __fput+0x449/0xa70 fs/file_table.c:465
 task_work_run+0x1d1/0x260 kernel/task_work.c:227
 exit_task_work include/linux/task_work.h:40 [inline]
 do_exit+0x6b5/0x22e0 kernel/exit.c:964
 do_group_exit+0x21c/0x2d0 kernel/exit.c:1105
 get_signal+0x125e/0x1310 kernel/signal.c:3034
 arch_do_signal_or_restart+0x9a/0x750 arch/x86/kernel/signal.c:337
 exit_to_user_mode_loop+0x75/0x110 kernel/entry/common.c:111
 exit_to_user_mode_prepare include/linux/entry-common.h:330 [inline]
 syscall_exit_to_user_mode_work include/linux/entry-common.h:414 [inline]
 syscall_exit_to_user_mode include/linux/entry-common.h:449 [inline]
 do_syscall_64+0x2bd/0x3b0 arch/x86/entry/syscall_64.c:100
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7ff49718d58a
Code: Unable to access opcode bytes at 0x7ff49718d560.
RSP: 002b:00007ffdb0c713d0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
RAX: 0000000000000000 RBX: 0000000000000003 RCX: 00007ff49718d58a
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
RBP: 00007ffdb0c7142c R08: 00007ffdb0c70d2c R09: 00007ffdb0c71137
R10: 00007ffdb0c70db0 R11: 0000000000000293 R12: 0000000000000258
R13: 00000000000927c0 R14: 000000000005b6e1 R15: 00007ffdb0c71480
 </TASK>
Modules linked in:
---[ end trace 0000000000000000 ]---
RIP: 0010:klist_put lib/klist.c:212 [inline]
RIP: 0010:klist_del lib/klist.c:230 [inline]
RIP: 0010:klist_remove+0x14a/0x340 lib/klist.c:249
Code: 4d 89 f5 49 c1 ed 03 43 80 7c 3d 00 00 74 08 4c 89 f7 e8 99 db cb f6 4d 8b 26 49 83 e4 fe 49 8d 7c 24 58 48 89 f8 48 c1 e8 03 <42> 80 3c 38 00 74 05 e8 7a db cb f6 49 8b 44 24 58 48 89 44 24 08
RSP: 0018:ffffc90004f4f600 EFLAGS: 00010202
RAX: 000000000000000b RBX: ffff888035b08000 RCX: 0000000000000000
RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000058
RBP: ffffc90004f4f6e8 R08: ffffffff8f867143 R09: 1ffffffff1f0ce28
R10: dffffc0000000000 R11: fffffbfff1f0ce29 R12: 0000000000000000
R13: 1ffff110285f388c R14: ffff888142f9c460 R15: dffffc0000000000
FS:  0000000000000000(0000) GS:ffff888125d83000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000055ae783c2950 CR3: 00000000773ea000 CR4: 00000000003526f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
----------------
Code disassembly (best guess):
   0:	4d 89 f5             	mov    %r14,%r13
   3:	49 c1 ed 03          	shr    $0x3,%r13
   7:	43 80 7c 3d 00 00    	cmpb   $0x0,0x0(%r13,%r15,1)
   d:	74 08                	je     0x17
   f:	4c 89 f7             	mov    %r14,%rdi
  12:	e8 99 db cb f6       	call   0xf6cbdbb0
  17:	4d 8b 26             	mov    (%r14),%r12
  1a:	49 83 e4 fe          	and    $0xfffffffffffffffe,%r12
  1e:	49 8d 7c 24 58       	lea    0x58(%r12),%rdi
  23:	48 89 f8             	mov    %rdi,%rax
  26:	48 c1 e8 03          	shr    $0x3,%rax
* 2a:	42 80 3c 38 00       	cmpb   $0x0,(%rax,%r15,1) <-- trapping instruction
  2f:	74 05                	je     0x36
  31:	e8 7a db cb f6       	call   0xf6cbdbb0
  36:	49 8b 44 24 58       	mov    0x58(%r12),%rax
  3b:	48 89 44 24 08       	mov    %rax,0x8(%rsp)

Crashes (5062):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2025/06/25 20:35 upstream 7595b66ae9de 26d77996 .config console log report syz / log [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root general protection fault in device_move
2024/12/21 19:34 upstream 499551201b5f d7f584ee .config console log report syz / log [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream general protection fault in device_move
2025/10/18 13:38 upstream f406055cb18c 1c8c8cd8 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root general protection fault in device_move
2025/10/18 10:33 upstream cf1ea8854e4f 1c8c8cd8 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root general protection fault in device_move
2025/10/17 08:57 upstream 98ac9cc4b445 19568248 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root general protection fault in device_move
2025/10/15 16:48 upstream 1f4a222b0e33 19568248 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root general protection fault in device_move
2025/10/10 07:09 upstream 5472d60c129f ff1712fe .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root general protection fault in device_move
2025/09/29 16:25 upstream e5f0a698b34e 86341da6 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root general protection fault in device_move
2025/10/18 09:08 upstream 6f3b6e91f720 1c8c8cd8 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream general protection fault in device_move
2025/10/17 16:20 upstream 98ac9cc4b445 e18aa505 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream general protection fault in device_move
2025/10/17 11:58 upstream 98ac9cc4b445 e18aa505 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream general protection fault in device_move
2025/10/16 21:03 upstream 634ec1fc7982 19568248 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream general protection fault in device_move
2025/10/15 08:30 upstream 9b332cece987 b6605ba8 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream general protection fault in device_move
2025/10/15 06:54 upstream 9b332cece987 b6605ba8 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream general protection fault in device_move
2025/10/14 19:04 upstream 9b332cece987 b6605ba8 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream general protection fault in device_move
2025/10/14 16:15 upstream 3a8660878839 b6605ba8 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream general protection fault in device_move
2025/10/14 10:03 upstream 3a8660878839 b6605ba8 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream general protection fault in device_move
2025/10/14 08:56 upstream 3a8660878839 b6605ba8 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream general protection fault in device_move
2025/10/13 09:12 upstream 3a8660878839 ff1712fe .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream general protection fault in device_move
2025/08/10 22:57 upstream 2b38afce25c4 32a0e5ed .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root general protection fault in device_move
2025/10/17 13:17 upstream 98ac9cc4b445 e18aa505 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream-386 general protection fault in device_move
2025/10/16 10:40 upstream 7ea30958b305 19568248 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream-386 general protection fault in device_move
2025/10/13 21:33 upstream 3a8660878839 b6605ba8 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream-386 general protection fault in device_move
2025/10/17 23:33 net 7f864458e9a6 1c8c8cd8 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce general protection fault in device_move
2025/10/17 17:30 net 7f864458e9a6 7adf5298 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce general protection fault in device_move
2025/10/17 10:33 net 634ec1fc7982 19568248 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce general protection fault in device_move
2025/10/17 06:45 net 634ec1fc7982 19568248 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce general protection fault in device_move
2025/10/16 23:42 net 634ec1fc7982 19568248 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce general protection fault in device_move
2025/10/16 16:32 net 8d93ff40d49d 19568248 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce general protection fault in device_move
2025/10/16 02:30 net bfdd74166a63 19568248 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce general protection fault in device_move
2025/10/16 01:14 net bfdd74166a63 19568248 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce general protection fault in device_move
2025/10/15 21:07 net bfdd74166a63 19568248 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce general protection fault in device_move
2025/10/15 19:47 net bfdd74166a63 19568248 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce general protection fault in device_move
2025/10/15 13:30 net 7f0fddd817ba b6605ba8 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce general protection fault in device_move
2025/10/15 04:03 net 4f86eb0a38bc b6605ba8 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce general protection fault in device_move
2025/10/14 12:45 net 2c67301584f2 b6605ba8 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce general protection fault in device_move
2025/10/14 11:32 net 2c67301584f2 b6605ba8 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce general protection fault in device_move
2025/10/14 06:32 net 2c67301584f2 b6605ba8 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce general protection fault in device_move
2025/10/13 23:59 net 0b4b77eff5f8 b6605ba8 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce general protection fault in device_move
2025/10/13 20:11 net 0b4b77eff5f8 b6605ba8 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce general protection fault in device_move
2025/10/13 12:51 net 0b4b77eff5f8 ff1712fe .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce general protection fault in device_move
2025/10/18 12:17 net-next 0746da01767e 1c8c8cd8 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce general protection fault in device_move
2025/10/18 12:01 net-next 0746da01767e 1c8c8cd8 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce general protection fault in device_move
2025/10/18 01:43 net-next 0746da01767e 1c8c8cd8 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce general protection fault in device_move
2025/10/17 04:48 net-next ef672e4665dd 19568248 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce general protection fault in device_move
2025/10/16 22:10 net-next ef672e4665dd 19568248 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce general protection fault in device_move
2025/10/16 18:13 net-next ef672e4665dd 19568248 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce general protection fault in device_move
2025/10/15 02:18 net-next bdec4271e808 b6605ba8 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce general protection fault in device_move
2025/10/14 14:54 net-next 3dacc900c00b b6605ba8 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce general protection fault in device_move
2025/10/13 23:13 net-next 18a7e218cfcd b6605ba8 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce general protection fault in device_move
2025/10/13 14:41 net-next 18a7e218cfcd ff1712fe .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce general protection fault in device_move
2025/10/13 11:40 net-next 18a7e218cfcd ff1712fe .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce general protection fault in device_move
2025/10/13 08:03 net-next 18a7e218cfcd ff1712fe .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce general protection fault in device_move
2024/11/20 18:34 net-next dd7207838d38 4fca1650 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce general protection fault in device_move
2024/11/16 18:43 net-next 38f83a57aa8e cfe3a04a .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce general protection fault in device_move
2025/10/13 00:58 linux-next 2b763d465239 ff1712fe .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-linux-next-kasan-gce-root general protection fault in device_move
2025/10/07 05:16 linux-next 4a7153147192 8ef35d49 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-rust-kasan-gce general protection fault in device_move
2025/10/13 18:52 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci bf45a62baffc b6605ba8 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 BUG: unable to handle kernel paging request in device_move
2025/10/03 17:25 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 2213e57a69f0 49379ee0 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 BUG: unable to handle kernel paging request in device_move
* Struck through repros no longer work on HEAD.