syzbot

 sign-in | mailing list | source | docs
🐞 Open [1573]
Subsystems
🐞 Fixed [6404]
🐞 Invalid [16283]
Missing Backports [198]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

KASAN: slab-use-after-free Read in bt_accept_unlink

Status: upstream: reported on 2024/10/21 08:47
Subsystems: bluetooth
[Documentation on labels]
Reported-by: syzbot+a1595e656a83ea5b78eb@syzkaller.appspotmail.com
First crash: 288d, last: 12h13m
Discussions (1)
Title Replies (including bot) Last reply
[syzbot] [bluetooth?] KASAN: slab-use-after-free Read in bt_accept_unlink 0 (1) 2024/10/21 08:47
Similar bugs (6)
Kernel Title Rank 🛈 Repro Cause bisect Fix bisect Count Last Reported Patched Status
linux-6.1 KASAN: use-after-free Read in bt_accept_unlink 19 1 36d 36d 0/3 upstream: reported on 2025/06/10 23:51
linux-5.15 BUG: corrupted list in bt_accept_unlink 17 3 58d 99d 0/3 upstream: reported on 2025/04/09 00:51
linux-6.6 KASAN: slab-out-of-bounds Read in bt_accept_unlink 17 1 30d 30d 0/2 upstream: reported on 2025/06/17 00:09
upstream general protection fault in bt_accept_unlink (2) bluetooth 2 1 1596d 1592d 0/29 auto-closed as invalid on 2021/07/01 06:33
upstream BUG: corrupted list in bt_accept_unlink bluetooth 8 syz error error 1 1797d 1797d 0/29 auto-obsoleted due to no activity on 2022/09/07 16:27
linux-4.14 BUG: corrupted list in bt_accept_unlink 8 syz unreliable 1 1682d 1802d 0/1 upstream: reported syz repro on 2020/08/09 08:38

Sample crash report:
==================================================================
BUG: KASAN: slab-use-after-free in __list_del_entry_valid_or_report+0x92/0x190 lib/list_debug.c:62
Read of size 8 at addr ffff88807d702558 by task syz-executor/5848

CPU: 0 UID: 0 PID: 5848 Comm: syz-executor Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
Call Trace:
 <TASK>
 dump_stack_lvl+0x189/0x250 lib/dump_stack.c:120
 print_address_description mm/kasan/report.c:378 [inline]
 print_report+0xca/0x230 mm/kasan/report.c:480
 kasan_report+0x118/0x150 mm/kasan/report.c:593
 __list_del_entry_valid_or_report+0x92/0x190 lib/list_debug.c:62
 __list_del_entry_valid include/linux/list.h:124 [inline]
 __list_del_entry include/linux/list.h:215 [inline]
 list_del_init include/linux/list.h:287 [inline]
 bt_accept_unlink+0x39/0x240 net/bluetooth/af_bluetooth.c:259
 l2cap_sock_teardown_cb+0x17e/0x460 net/bluetooth/l2cap_sock.c:1613
 l2cap_chan_del+0xb5/0x5e0 net/bluetooth/l2cap_core.c:655
 l2cap_conn_del+0x388/0x680 net/bluetooth/l2cap_core.c:1787
 hci_disconn_cfm include/net/bluetooth/hci_core.h:2070 [inline]
 hci_conn_hash_flush+0x10d/0x230 net/bluetooth/hci_conn.c:2560
 hci_dev_close_sync+0xaef/0x1330 net/bluetooth/hci_sync.c:5294
 hci_dev_do_close net/bluetooth/hci_core.c:501 [inline]
 hci_unregister_dev+0x21a/0x510 net/bluetooth/hci_core.c:2717
 vhci_release+0x80/0xd0 drivers/bluetooth/hci_vhci.c:665
 __fput+0x44c/0xa70 fs/file_table.c:465
 task_work_run+0x1d4/0x260 kernel/task_work.c:227
 exit_task_work include/linux/task_work.h:40 [inline]
 do_exit+0x6b5/0x22e0 kernel/exit.c:964
 do_group_exit+0x21c/0x2d0 kernel/exit.c:1105
 __do_sys_exit_group kernel/exit.c:1116 [inline]
 __se_sys_exit_group kernel/exit.c:1114 [inline]
 __x64_sys_exit_group+0x3f/0x40 kernel/exit.c:1114
 x64_sys_call+0x21ba/0x21c0 arch/x86/include/generated/asm/syscalls_64.h:232
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xfa/0x3b0 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7feb30b8e929
Code: Unable to access opcode bytes at 0x7feb30b8e8ff.
RSP: 002b:00007ffd6b3d25d8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
RAX: ffffffffffffffda RBX: 00007feb30c1094a RCX: 00007feb30b8e929
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
RBP: 0000000000000002 R08: 00007ffd6b3d0377 R09: 00007ffd6b3d3890
R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffd6b3d3890
R13: 00007feb30c10925 R14: 000000000016221d R15: 00007ffd6b3d4960
 </TASK>

Allocated by task 15476:
 kasan_save_stack mm/kasan/common.c:47 [inline]
 kasan_save_track+0x3e/0x80 mm/kasan/common.c:68
 poison_kmalloc_redzone mm/kasan/common.c:377 [inline]
 __kasan_kmalloc+0x93/0xb0 mm/kasan/common.c:394
 kasan_kmalloc include/linux/kasan.h:260 [inline]
 __do_kmalloc_node mm/slub.c:4328 [inline]
 __kmalloc_node_track_caller_noprof+0x271/0x4e0 mm/slub.c:4347
 kmalloc_reserve+0x136/0x290 net/core/skbuff.c:601
 __alloc_skb+0x142/0x2d0 net/core/skbuff.c:670
 alloc_skb include/linux/skbuff.h:1336 [inline]
 _sctp_make_chunk+0x5e/0x430 net/sctp/sm_make_chunk.c:1435
 sctp_make_data net/sctp/sm_make_chunk.c:1467 [inline]
 sctp_make_datafrag_empty+0x122/0x230 net/sctp/sm_make_chunk.c:732
 sctp_datamsg_from_user+0x729/0xef0 net/sctp/chunk.c:262
 sctp_sendmsg_to_asoc+0x1003/0x1810 net/sctp/socket.c:1860
 sctp_sendmsg+0x1941/0x2810 net/sctp/socket.c:2032
 sock_sendmsg_nosec net/socket.c:712 [inline]
 __sock_sendmsg+0x19c/0x270 net/socket.c:727
 __sys_sendto+0x3bd/0x520 net/socket.c:2180
 __do_sys_sendto net/socket.c:2187 [inline]
 __se_sys_sendto net/socket.c:2183 [inline]
 __x64_sys_sendto+0xde/0x100 net/socket.c:2183
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xfa/0x3b0 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

Freed by task 15477:
 kasan_save_stack mm/kasan/common.c:47 [inline]
 kasan_save_track+0x3e/0x80 mm/kasan/common.c:68
 kasan_save_free_info+0x46/0x50 mm/kasan/generic.c:576
 poison_slab_object mm/kasan/common.c:247 [inline]
 __kasan_slab_free+0x62/0x70 mm/kasan/common.c:264
 kasan_slab_free include/linux/kasan.h:233 [inline]
 slab_free_hook mm/slub.c:2381 [inline]
 slab_free mm/slub.c:4643 [inline]
 kfree+0x18e/0x440 mm/slub.c:4842
 skb_release_data+0x62d/0x7c0 net/core/skbuff.c:1087
 skb_release_all net/core/skbuff.c:1152 [inline]
 __kfree_skb net/core/skbuff.c:1166 [inline]
 consume_skb+0x9e/0xf0 net/core/skbuff.c:1398
 sctp_chunk_destroy net/sctp/sm_make_chunk.c:1495 [inline]
 sctp_chunk_put+0x17d/0x200 net/sctp/sm_make_chunk.c:1522
 sctp_datamsg_destroy net/sctp/chunk.c:-1 [inline]
 sctp_datamsg_put+0x409/0x540 net/sctp/chunk.c:128
 sctp_chunk_free+0x4a/0x60 net/sctp/sm_make_chunk.c:1507
 __sctp_outq_teardown+0x7ab/0x9a0 net/sctp/outqueue.c:257
 sctp_association_free+0x240/0x7f0 net/sctp/associola.c:340
 sctp_cmd_delete_tcb net/sctp/sm_sideeffect.c:950 [inline]
 sctp_cmd_interpreter net/sctp/sm_sideeffect.c:1336 [inline]
 sctp_side_effects net/sctp/sm_sideeffect.c:1204 [inline]
 sctp_do_sm+0x3eba/0x5a20 net/sctp/sm_sideeffect.c:1175
 sctp_primitive_SHUTDOWN+0x98/0xc0 net/sctp/primitive.c:89
 inet_shutdown+0x271/0x390 net/ipv4/af_inet.c:923
 __sys_shutdown_sock net/socket.c:2406 [inline]
 __sys_shutdown net/socket.c:2422 [inline]
 __do_sys_shutdown net/socket.c:2427 [inline]
 __se_sys_shutdown net/socket.c:2425 [inline]
 __x64_sys_shutdown+0x13f/0x1a0 net/socket.c:2425
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xfa/0x3b0 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

The buggy address belongs to the object at ffff88807d702000
 which belongs to the cache kmalloc-2k of size 2048
The buggy address is located 1368 bytes inside of
 freed 2048-byte region [ffff88807d702000, ffff88807d702800)

The buggy address belongs to the physical page:
page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88807d702000 pfn:0x7d700
head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
flags: 0xfff00000000240(workingset|head|node=0|zone=1|lastcpupid=0x7ff)
page_type: f5(slab)
raw: 00fff00000000240 ffff88801a442000 ffffea0001686010 ffffea00019ee210
raw: ffff88807d702000 0000000000080006 00000000f5000000 0000000000000000
head: 00fff00000000240 ffff88801a442000 ffffea0001686010 ffffea00019ee210
head: ffff88807d702000 0000000000080006 00000000f5000000 0000000000000000
head: 00fff00000000003 ffffea0001f5c001 00000000ffffffff 00000000ffffffff
head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
page dumped because: kasan: bad access detected
page_owner tracks the page as allocated
page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5840, tgid 5840 (syz-executor), ts 92746768642, free_ts 92697053143
 set_page_owner include/linux/page_owner.h:32 [inline]
 post_alloc_hook+0x240/0x2a0 mm/page_alloc.c:1704
 prep_new_page mm/page_alloc.c:1712 [inline]
 get_page_from_freelist+0x21e4/0x22c0 mm/page_alloc.c:3669
 __alloc_frozen_pages_noprof+0x181/0x370 mm/page_alloc.c:4959
 alloc_pages_mpol+0x232/0x4a0 mm/mempolicy.c:2419
 alloc_slab_page mm/slub.c:2451 [inline]
 allocate_slab+0x8a/0x3b0 mm/slub.c:2619
 new_slab mm/slub.c:2673 [inline]
 ___slab_alloc+0xbfc/0x1480 mm/slub.c:3859
 __slab_alloc mm/slub.c:3949 [inline]
 __slab_alloc_node mm/slub.c:4024 [inline]
 slab_alloc_node mm/slub.c:4185 [inline]
 __do_kmalloc_node mm/slub.c:4327 [inline]
 __kvmalloc_node_noprof+0x429/0x5f0 mm/slub.c:5015
 kvmalloc_array_node_noprof include/linux/slab.h:1065 [inline]
 __ptr_ring_init_queue_alloc_noprof include/linux/ptr_ring.h:471 [inline]
 ptr_ring_init_noprof include/linux/ptr_ring.h:489 [inline]
 page_pool_init net/core/page_pool.c:266 [inline]
 page_pool_create_percpu+0x32a/0xbe0 net/core/page_pool.c:345
 nsim_create_page_pool drivers/net/netdevsim/netdev.c:393 [inline]
 nsim_init_napi drivers/net/netdevsim/netdev.c:416 [inline]
 nsim_open+0x3ba/0x860 drivers/net/netdevsim/netdev.c:471
 __dev_open+0x470/0x880 net/core/dev.c:1683
 __dev_change_flags+0x1ea/0x6d0 net/core/dev.c:9458
 netif_change_flags+0x88/0x1a0 net/core/dev.c:9521
 do_setlink+0xc55/0x41c0 net/core/rtnetlink.c:3141
 rtnl_changelink net/core/rtnetlink.c:3759 [inline]
 __rtnl_newlink net/core/rtnetlink.c:3918 [inline]
 rtnl_newlink+0x160b/0x1c70 net/core/rtnetlink.c:4055
 rtnetlink_rcv_msg+0x7cf/0xb70 net/core/rtnetlink.c:6944
 netlink_rcv_skb+0x208/0x470 net/netlink/af_netlink.c:2552
page last free pid 5845 tgid 5845 stack trace:
 reset_page_owner include/linux/page_owner.h:25 [inline]
 free_pages_prepare mm/page_alloc.c:1248 [inline]
 __free_frozen_pages+0xc71/0xe70 mm/page_alloc.c:2706
 __slab_free+0x326/0x400 mm/slub.c:4554
 qlink_free mm/kasan/quarantine.c:163 [inline]
 qlist_free_all+0x97/0x140 mm/kasan/quarantine.c:179
 kasan_quarantine_reduce+0x148/0x160 mm/kasan/quarantine.c:286
 __kasan_slab_alloc+0x22/0x80 mm/kasan/common.c:329
 kasan_slab_alloc include/linux/kasan.h:250 [inline]
 slab_post_alloc_hook mm/slub.c:4148 [inline]
 slab_alloc_node mm/slub.c:4197 [inline]
 __do_kmalloc_node mm/slub.c:4327 [inline]
 __kvmalloc_node_noprof+0x2b0/0x5f0 mm/slub.c:5015
 alloc_netdev_mqs+0xa6/0x11e0 net/core/dev.c:11711
 rtnl_create_link+0x31f/0xd10 net/core/rtnetlink.c:3631
 rtnl_newlink_create+0x25c/0xb00 net/core/rtnetlink.c:3813
 __rtnl_newlink net/core/rtnetlink.c:3940 [inline]
 rtnl_newlink+0x16d6/0x1c70 net/core/rtnetlink.c:4055
 rtnetlink_rcv_msg+0x7cf/0xb70 net/core/rtnetlink.c:6944
 netlink_rcv_skb+0x208/0x470 net/netlink/af_netlink.c:2552
 netlink_unicast_kernel net/netlink/af_netlink.c:1320 [inline]
 netlink_unicast+0x75c/0x8e0 net/netlink/af_netlink.c:1346
 netlink_sendmsg+0x805/0xb30 net/netlink/af_netlink.c:1896
 sock_sendmsg_nosec net/socket.c:712 [inline]
 __sock_sendmsg+0x21c/0x270 net/socket.c:727
 __sys_sendto+0x3bd/0x520 net/socket.c:2180

Memory state around the buggy address:
 ffff88807d702400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
 ffff88807d702480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
>ffff88807d702500: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
                                                    ^
 ffff88807d702580: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
 ffff88807d702600: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
==================================================================

Crashes (61):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2025/07/13 06:48 upstream 3f31a806a62e 3cda49cf .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root KASAN: slab-use-after-free Read in bt_accept_unlink
2025/07/10 23:13 upstream bc9ff192a6c9 19d4829f .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root KASAN: slab-use-after-free Read in bt_accept_unlink
2025/07/08 10:43 upstream d7b8f8e20813 4f67c4ae .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root KASAN: slab-use-after-free Read in bt_accept_unlink
2025/07/08 05:26 upstream d7b8f8e20813 4f67c4ae .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root KASAN: slab-use-after-free Read in bt_accept_unlink
2025/06/21 10:35 upstream 11313e2f7812 d6cdfb8a .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root KASAN: slab-use-after-free Read in bt_accept_unlink
2025/06/10 12:19 upstream f09079bd04a9 4826c28e .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root KASAN: slab-use-after-free Read in bt_accept_unlink
2025/05/24 06:58 upstream 4856ebd99715 ed351ea7 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root KASAN: slab-use-after-free Read in bt_accept_unlink
2025/05/20 23:45 upstream b36ddb9210e6 8f9cf946 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root KASAN: slab-use-after-free Read in bt_accept_unlink
2025/05/20 00:04 upstream a5806cd506af 8f9cf946 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root KASAN: slab-use-after-free Read in bt_accept_unlink
2025/05/19 01:22 upstream a5806cd506af f41472b0 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root KASAN: slab-use-after-free Read in bt_accept_unlink
2025/05/19 00:37 upstream a5806cd506af f41472b0 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root KASAN: slab-use-after-free Read in bt_accept_unlink
2025/05/18 21:32 upstream 5723cc3450bc f41472b0 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root KASAN: slab-use-after-free Read in bt_accept_unlink
2025/05/17 15:38 upstream 172a9d94339c f41472b0 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root KASAN: slab-use-after-free Read in bt_accept_unlink
2025/05/16 05:41 upstream fee3e843b309 cfde8269 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root KASAN: slab-use-after-free Read in bt_accept_unlink
2025/05/16 02:36 upstream fee3e843b309 cfde8269 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root KASAN: slab-use-after-free Read in bt_accept_unlink
2025/04/23 11:14 upstream bc3372351d0c 53a8b9bd .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root KASAN: slab-use-after-free Read in bt_accept_unlink
2025/04/13 13:18 upstream 7cdabafc0012 0bd6db41 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root KASAN: slab-use-after-free Read in bt_accept_unlink
2025/04/08 18:07 upstream 0af2f6be1b42 a775275d .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root KASAN: slab-use-after-free Read in bt_accept_unlink
2025/02/17 17:43 upstream 0ad2507d5d93 9be4ace3 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root KASAN: slab-use-after-free Read in bt_accept_unlink
2025/02/08 00:03 upstream 7ee983c850b4 a4f327c2 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root KASAN: slab-use-after-free Read in bt_accept_unlink
2025/01/16 05:15 upstream 619f0b6fad52 968edaf4 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root KASAN: slab-use-after-free Read in bt_accept_unlink
2025/07/10 03:28 upstream 8c2e52ebbe88 956bd956 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream KASAN: slab-use-after-free Read in bt_accept_unlink
2025/07/02 06:14 upstream 66701750d556 bc80e4f0 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream KASAN: slab-use-after-free Read in bt_accept_unlink
2025/07/01 08:59 upstream 66701750d556 6e83b42d .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream KASAN: slab-use-after-free Read in bt_accept_unlink
2025/07/01 04:37 upstream 66701750d556 6e83b42d .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream KASAN: slab-use-after-free Read in bt_accept_unlink
2025/06/14 17:20 upstream 4774cfe3543a 5f4b362d .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream KASAN: slab-use-after-free Read in bt_accept_unlink
2025/05/29 12:37 upstream 90b83efa6701 3d2f584d .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream KASAN: slab-use-after-free Read in bt_accept_unlink
2025/04/03 08:36 upstream a1b5bd45d4ee 996a9618 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream KASAN: slab-use-after-free Read in bt_accept_unlink
2025/03/01 04:22 upstream 276f98efb64a 67cf5345 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream KASAN: slab-use-after-free Read in bt_accept_unlink
2025/01/16 22:26 upstream ce69b4019001 f9e07a6e .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream KASAN: slab-use-after-free Read in bt_accept_unlink
2024/10/27 14:44 upstream 850925a8133c 65e8686b .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream KASAN: slab-use-after-free Read in bt_accept_unlink
2024/10/10 10:49 upstream d3d1556696c1 a156c552 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream KASAN: slab-use-after-free Read in bt_accept_unlink
2024/10/01 18:11 upstream e32cde8d2bd7 e9f6e118 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream KASAN: slab-use-after-free Read in bt_accept_unlink
2025/02/15 02:47 upstream 04f41cbf03ec 40a34ec9 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream-386 KASAN: slab-use-after-free Read in bt_accept_unlink
2025/02/11 19:48 upstream febbc555cf0f f2baddf5 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream-386 KASAN: slab-use-after-free Read in bt_accept_unlink
2025/01/28 17:15 upstream 805ba04cb7cc ac37c1f8 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream-386 KASAN: slab-use-after-free Read in bt_accept_unlink
2025/06/30 03:14 linux-next 2aeda9592360 fc9d8ee5 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-linux-next-kasan-gce-root KASAN: slab-use-after-free Read in bt_accept_unlink
2025/02/15 19:38 linux-next 0ae0fa3bf0b4 40a34ec9 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-linux-next-kasan-gce-root KASAN: slab-use-after-free Read in bt_accept_unlink
2025/02/11 22:13 linux-next df5d6180169a f2baddf5 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-linux-next-kasan-gce-root KASAN: slab-use-after-free Read in bt_accept_unlink
2024/12/07 21:44 linux-next af2ea8ab7a54 9ac0fdc6 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-linux-next-kasan-gce-root KASAN: slab-use-after-free Read in bt_accept_unlink
2024/11/22 18:55 linux-next cfba9f07a1d6 68da6d95 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-linux-next-kasan-gce-root KASAN: slab-use-after-free Read in bt_accept_unlink
2025/07/16 13:47 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci ec4801305969 c118d736 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 KASAN: slab-use-after-free Read in bt_accept_unlink
2025/04/09 05:51 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 0af2f6be1b42 b133e63a .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 KASAN: slab-use-after-free Read in bt_accept_unlink
2024/11/21 22:47 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 7b1d1d4cfac0 4b25d554 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 KASAN: slab-use-after-free Read in bt_accept_unlink
2025/07/14 03:02 upstream 5d5d62298b8b 3cda49cf .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root KASAN: slab-out-of-bounds Read in bt_accept_unlink
2025/05/19 03:37 upstream a5806cd506af f41472b0 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root KASAN: slab-out-of-bounds Read in bt_accept_unlink
2025/05/18 00:44 upstream 5723cc3450bc f41472b0 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root KASAN: use-after-free Read in bt_accept_unlink
2025/05/16 02:35 upstream fee3e843b309 cfde8269 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root BUG: corrupted list in bt_accept_unlink
2025/05/15 18:55 upstream 546bce579204 d6b2ee52 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root KASAN: slab-out-of-bounds Read in bt_accept_unlink
2025/04/08 20:25 upstream 0af2f6be1b42 a775275d .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root BUG: corrupted list in bt_accept_unlink
2024/11/14 00:56 upstream f1b785f4c787 a8c99394 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root KASAN: slab-out-of-bounds Read in bt_accept_unlink
2025/07/01 03:14 upstream 66701750d556 6e83b42d .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream KASAN: slab-out-of-bounds Read in bt_accept_unlink
2025/06/29 08:47 upstream dfba48a70cb6 fc9d8ee5 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream KASAN: slab-out-of-bounds Read in bt_accept_unlink
2025/06/18 09:49 upstream 52da431bf03b 74c9d252 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream KASAN: slab-out-of-bounds Read in bt_accept_unlink
2025/04/07 11:24 upstream 0af2f6be1b42 2f0c9720 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream KASAN: slab-out-of-bounds Read in bt_accept_unlink
2025/06/25 12:02 upstream 7595b66ae9de 26d77996 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream-386 KASAN: slab-out-of-bounds Read in bt_accept_unlink
2025/06/11 12:51 upstream aef17cb3d3c4 5d7e17ca .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream-386 BUG: corrupted list in bt_accept_unlink
2025/04/07 05:28 upstream 16cd1c265776 1c65791e .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream-386 KASAN: slab-out-of-bounds Read in bt_accept_unlink
2025/02/05 02:52 upstream d009de7d5428 44c01590 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream-386 KASAN: slab-out-of-bounds Read in bt_accept_unlink
2025/01/21 14:39 upstream 3d3a9c8b89d4 6e87cfa2 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream-386 KASAN: slab-out-of-bounds Read in bt_accept_unlink
2024/12/21 04:48 upstream e9b8ffafd20a d7f584ee .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream-386 BUG: corrupted list in bt_accept_unlink
* Struck through repros no longer work on HEAD.