syzbot

 sign-in | mailing list | source | docs
🞠Open [1641]
≡ Subsystems
🞠Fixed [6108]
🞠Invalid [15307]
⬇ Missing Backports [171]
≡ Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

WARNING: refcount bug in bnep_session

Status: upstream: reported on 2024/11/27 11:44
Subsystems: kernel
[Documentation on labels]
Reported-by: syzbot+8b3024ae934a6e1911d9@syzkaller.appspotmail.com
First crash: 125d, last: 17m
Discussions (1)
Title Replies (including bot) Last reply
[syzbot] [kernel?] WARNING: refcount bug in bnep_session 0 (1) 2024/11/27 11:44

Sample crash report:
------------[ cut here ]------------
refcount_t: underflow; use-after-free.
WARNING: CPU: 0 PID: 10930 at lib/refcount.c:28 refcount_warn_saturate+0x14a/0x210 lib/refcount.c:28
Modules linked in:
CPU: 0 UID: 0 PID: 10930 Comm: kbnepd ÒÜ'ç‘ Not tainted 6.14.0-rc5-syzkaller-00023-gbb2281fb05e5 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
RIP: 0010:refcount_warn_saturate+0x14a/0x210 lib/refcount.c:28
Code: ff 89 de e8 88 42 f5 fc 84 db 0f 85 66 ff ff ff e8 db 47 f5 fc c6 05 bf 44 86 0b 01 90 48 c7 c7 a0 14 d3 8b e8 97 76 b5 fc 90 <0f> 0b 90 90 e9 43 ff ff ff e8 b8 47 f5 fc 0f b6 1d 9a 44 86 0b 31
RSP: 0018:ffffc9000502f948 EFLAGS: 00010282
RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff817a2229
RDX: ffff8880471b0000 RSI: ffffffff817a2236 RDI: 0000000000000001
RBP: ffff8880687a8c78 R08: 0000000000000001 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000001 R12: ffff888043555400
R13: ffff8880687a8c78 R14: ffffffff85ec13a0 R15: dffffc0000000000
FS:  0000000000000000(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000000110c39e7b4 CR3: 000000006e100000 CR4: 00000000003526f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <TASK>
 __refcount_sub_and_test include/linux/refcount.h:275 [inline]
 __refcount_dec_and_test include/linux/refcount.h:307 [inline]
 refcount_dec_and_test include/linux/refcount.h:325 [inline]
 kref_put include/linux/kref.h:64 [inline]
 klist_dec_and_del lib/klist.c:206 [inline]
 klist_put+0x11b/0x1b0 lib/klist.c:217
 device_del+0x1d9/0x9f0 drivers/base/core.c:3831
 unregister_netdevice_many_notify+0x13aa/0x1f30 net/core/dev.c:11920
 unregister_netdevice_many net/core/dev.c:11948 [inline]
 unregister_netdevice_queue+0x307/0x3f0 net/core/dev.c:11818
 unregister_netdevice include/linux/netdevice.h:3337 [inline]
 unregister_netdev+0x1f/0x60 net/core/dev.c:11966
 bnep_session+0x21b6/0x2ca0 net/bluetooth/bnep/core.c:525
 kthread+0x3af/0x750 kernel/kthread.c:464
 ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:148
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244
 </TASK>

Crashes (58):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2025/03/05 19:12 upstream bb2281fb05e5 60f5d8d9 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: refcount bug in bnep_session
2025/02/16 02:53 upstream 496659003dac 40a34ec9 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: refcount bug in bnep_session
2024/12/21 07:27 upstream 499551201b5f d7f584ee .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: refcount bug in bnep_session
2025/03/17 23:40 upstream 4701f33a1070 489e2dc8 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: refcount bug in bnep_session
2025/03/09 16:02 upstream 1110ce6a1e34 163f510d .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: refcount bug in bnep_session
2025/02/17 23:22 upstream 2408a807bfc3 429ea007 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: refcount bug in bnep_session
2025/02/16 18:10 upstream ad1b832bf1cf 40a34ec9 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: refcount bug in bnep_session
2025/01/06 12:27 upstream ab75170520d4 f3558dbf .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: refcount bug in bnep_session
2025/01/06 03:42 upstream ab75170520d4 f3558dbf .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: refcount bug in bnep_session
2025/01/04 08:48 upstream 63676eefb7a0 f3558dbf .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: refcount bug in bnep_session
2025/03/09 17:18 upstream 1110ce6a1e34 163f510d .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream-386 WARNING: refcount bug in bnep_session
2025/02/13 06:47 upstream 4dc1d1bec898 2afad16e .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream-386 WARNING: refcount bug in bnep_session
2025/03/28 06:36 net 1a9239bb4253 6c09fb82 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce WARNING: refcount bug in bnep_session
2025/03/26 09:22 net 0032c99e83b9 89d30d73 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce WARNING: refcount bug in bnep_session
2025/03/16 10:21 net 4003c9e78778 e2826670 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce WARNING: refcount bug in bnep_session
2025/03/13 23:09 net 2409fa66e29a e2826670 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce WARNING: refcount bug in bnep_session
2025/03/08 11:00 net df8ce77ba8b7 7e3bd60d .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce WARNING: refcount bug in bnep_session
2025/03/07 19:35 net fc14f9c02639 7e3bd60d .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce WARNING: refcount bug in bnep_session
2025/03/07 06:33 net 115ef44a9822 831e3629 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce WARNING: refcount bug in bnep_session
2025/03/05 12:26 net b33a53461006 60f5d8d9 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce WARNING: refcount bug in bnep_session
2025/03/05 07:58 net 3c6a041b317a c3901742 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce WARNING: refcount bug in bnep_session
2025/03/03 11:53 net a466fd7e9faf c3901742 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce WARNING: refcount bug in bnep_session
2025/03/02 15:08 net a466fd7e9faf c3901742 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce WARNING: refcount bug in bnep_session
2025/02/25 17:40 net bc50682128bd d34966d1 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce WARNING: refcount bug in bnep_session
2025/02/19 02:39 net f7b5279b67e7 9a14138f .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce WARNING: refcount bug in bnep_session
2025/02/09 13:12 net 011b03359038 ef44b750 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce WARNING: refcount bug in bnep_session
2025/02/04 08:45 net 0e6dc66b5c5f 8f267cef .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce WARNING: refcount bug in bnep_session
2025/01/31 06:41 net dfffaccffc53 4c6ac32f .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce WARNING: refcount bug in bnep_session
2025/01/24 07:21 net 15a901361ec3 521b0ce3 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce WARNING: refcount bug in bnep_session
2025/01/10 16:34 net 8c7a6efc017e 67d7ec0a .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce WARNING: refcount bug in bnep_session
2025/01/10 10:39 net 8c7a6efc017e 67d7ec0a .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce WARNING: refcount bug in bnep_session
2024/12/30 04:25 net a024e377efed d3ccff63 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce WARNING: refcount bug in bnep_session
2024/12/15 16:01 net c296c0bf4518 7cbfbb3a .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce WARNING: refcount bug in bnep_session
2024/12/10 12:16 net f136552b7ce3 cfc402b4 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce WARNING: refcount bug in bnep_session
2024/12/07 06:27 net 0f6ede9fbc74 9ac0fdc6 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce WARNING: refcount bug in bnep_session
2024/11/22 22:47 net fcc79e1714e8 68da6d95 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce WARNING: refcount bug in bnep_session
2025/03/20 15:30 net-next 6855b9be9cf7 62330552 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce WARNING: refcount bug in bnep_session
2025/03/17 03:19 net-next bfc6c67ec2d6 e2826670 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce WARNING: refcount bug in bnep_session
2025/03/15 02:29 net-next bfc6c67ec2d6 e2826670 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce WARNING: refcount bug in bnep_session
2025/03/09 19:47 net-next 8ef890df4031 163f510d .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce WARNING: refcount bug in bnep_session
2025/03/09 02:18 net-next 8ef890df4031 163f510d .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce WARNING: refcount bug in bnep_session
2025/03/08 03:58 net-next 865eddcf0afb 7e3bd60d .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce WARNING: refcount bug in bnep_session
2025/03/05 13:52 net-next f252f23ab657 60f5d8d9 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce WARNING: refcount bug in bnep_session
2025/02/25 02:19 net-next 98f992884333 d34966d1 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce WARNING: refcount bug in bnep_session
2025/02/23 21:53 net-next b66e19dcf684 d34966d1 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce WARNING: refcount bug in bnep_session
2025/02/16 13:09 net-next 0784d83df3bf 40a34ec9 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce WARNING: refcount bug in bnep_session
2025/02/11 11:47 net-next 907dd32b4a8a 43f51a00 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce WARNING: refcount bug in bnep_session
2025/02/11 01:10 net-next 34c84b394890 43f51a00 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce WARNING: refcount bug in bnep_session
2025/02/08 15:03 net-next 7bca2b2d5fcc ef44b750 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce WARNING: refcount bug in bnep_session
2025/01/16 03:37 net-next 9eb8069d9940 968edaf4 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce WARNING: refcount bug in bnep_session
2025/01/10 14:09 net-next 25cc469d6d34 67d7ec0a .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce WARNING: refcount bug in bnep_session
2025/01/08 07:44 net-next a8a6531164e5 f3558dbf .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce WARNING: refcount bug in bnep_session
2024/12/27 22:11 net-next 9268abe611b0 d3ccff63 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce WARNING: refcount bug in bnep_session
2024/12/10 03:43 net-next e58b4771af2b cfc402b4 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce WARNING: refcount bug in bnep_session
2024/12/07 14:33 net-next 860dbab69ad8 9ac0fdc6 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce WARNING: refcount bug in bnep_session
2024/12/07 03:28 net-next 51db5c894300 9ac0fdc6 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce WARNING: refcount bug in bnep_session
2024/11/27 08:00 net-next fcc79e1714e8 52b38cc1 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce WARNING: refcount bug in bnep_session
* Struck through repros no longer work on HEAD.