syzbot

 sign-in | mailing list | source | docs
🐞 Open [1595]
Subsystems
🐞 Fixed [6145]
🐞 Invalid [15385]
Missing Backports [172]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump

Status: upstream: reported on 2025/03/31 14:28
Subsystems: bluetooth
[Documentation on labels]
Reported-by: syzbot+ac3c79181f6aecc5120c@syzkaller.appspotmail.com
First crash: 5d17h, last: 8h38m
Discussions (1)
Title Replies (including bot) Last reply
[syzbot] [bluetooth?] KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump 0 (1) 2025/03/31 14:28

Sample crash report:
==================================================================
BUG: KASAN: vmalloc-out-of-bounds in skb_put_data include/linux/skbuff.h:2752 [inline]
BUG: KASAN: vmalloc-out-of-bounds in hci_devcd_dump+0x142/0x240 net/bluetooth/coredump.c:258
Read of size 140 at addr ffffc9000f6bb000 by task kworker/u9:8/5850

CPU: 1 UID: 0 PID: 5850 Comm: kworker/u9:8 Not tainted 6.14.0-syzkaller-11270-g08733088b566 #0 PREEMPT(full) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
Workqueue: hci0 hci_devcd_timeout
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:94 [inline]
 dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120
 print_address_description mm/kasan/report.c:408 [inline]
 print_report+0xc3/0x670 mm/kasan/report.c:521
 kasan_report+0xe0/0x110 mm/kasan/report.c:634
 check_region_inline mm/kasan/generic.c:183 [inline]
 kasan_check_range+0xef/0x1a0 mm/kasan/generic.c:189
 __asan_memcpy+0x23/0x60 mm/kasan/shadow.c:105
 skb_put_data include/linux/skbuff.h:2752 [inline]
 hci_devcd_dump+0x142/0x240 net/bluetooth/coredump.c:258
 hci_devcd_timeout+0xb5/0x2e0 net/bluetooth/coredump.c:413
 process_one_work+0x9cc/0x1b70 kernel/workqueue.c:3238
 process_scheduled_works kernel/workqueue.c:3319 [inline]
 worker_thread+0x6c8/0xf10 kernel/workqueue.c:3400
 kthread+0x3c2/0x780 kernel/kthread.c:464
 ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:153
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
 </TASK>

The buggy address ffffc9000f6bb000 belongs to a vmalloc virtual mapping
Memory state around the buggy address:
 ffffc9000f6baf00: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
 ffffc9000f6baf80: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
>ffffc9000f6bb000: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
                   ^
 ffffc9000f6bb080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
 ffffc9000f6bb100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
==================================================================

Crashes (160):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2025/04/01 23:14 upstream 08733088b566 b8645499 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/04/01 20:23 upstream 08733088b566 b8645499 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/04/01 13:04 upstream 08733088b566 b8645499 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/04/01 11:40 upstream 08733088b566 b8645499 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/04/01 09:39 upstream 08733088b566 36d76a97 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/04/01 03:37 upstream 609706855d90 36d76a97 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/03/31 21:31 upstream 609706855d90 36d76a97 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/03/31 17:13 upstream 4e82c87058f4 d3999433 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/03/31 17:03 upstream 4e82c87058f4 d3999433 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/03/31 14:48 upstream 4e82c87058f4 d3999433 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/03/31 11:51 upstream 4e82c87058f4 d3999433 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/03/31 06:07 upstream aa918db707fb d3999433 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/03/30 21:38 upstream 7f2ff7b62617 d3999433 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/03/30 19:24 upstream 7f2ff7b62617 d3999433 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/03/30 14:47 upstream 7f2ff7b62617 d3999433 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/03/30 12:56 upstream 7f2ff7b62617 d3999433 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/03/30 10:08 upstream 7f2ff7b62617 d3999433 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/03/30 04:40 upstream 7f2ff7b62617 d3999433 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/03/30 02:31 upstream 7d06015d936c d3999433 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/03/30 01:21 upstream 7d06015d936c d3999433 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/03/30 00:09 upstream 7d06015d936c d3999433 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/03/29 21:32 upstream 7d06015d936c d3999433 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/03/29 21:32 upstream 7d06015d936c d3999433 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/03/29 15:30 upstream 7d06015d936c d3999433 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/03/29 14:29 upstream 7d06015d936c d3999433 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/03/29 11:31 upstream eff5f16bfd87 cf25e2c2 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/03/29 10:31 upstream eff5f16bfd87 cf25e2c2 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/03/29 08:28 upstream eff5f16bfd87 cf25e2c2 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/03/29 06:37 upstream eff5f16bfd87 cf25e2c2 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/03/29 03:27 upstream eff5f16bfd87 cf25e2c2 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/03/29 00:48 upstream acb4f33713b9 9a1a9e31 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/03/28 23:08 upstream acb4f33713b9 9a1a9e31 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/03/28 19:21 upstream acb4f33713b9 9a1a9e31 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/03/28 18:00 upstream acb4f33713b9 9a1a9e31 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/03/28 14:37 upstream acb4f33713b9 9a1a9e31 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/03/28 11:02 upstream 4fa118e5b79f 6c09fb82 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/03/28 10:34 upstream 4fa118e5b79f 6c09fb82 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/03/28 09:50 upstream 4fa118e5b79f 6c09fb82 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/03/28 09:49 upstream 4fa118e5b79f 6c09fb82 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/03/28 09:47 upstream 4fa118e5b79f 6c09fb82 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/03/28 09:47 upstream 4fa118e5b79f 6c09fb82 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/03/28 09:46 upstream 4fa118e5b79f 6c09fb82 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/03/28 09:44 upstream 4fa118e5b79f 6c09fb82 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/03/28 09:43 upstream 4fa118e5b79f 6c09fb82 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/03/28 09:43 upstream 4fa118e5b79f 6c09fb82 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/03/28 09:41 upstream 4fa118e5b79f 6c09fb82 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/03/28 09:40 upstream 4fa118e5b79f 6c09fb82 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/03/28 09:40 upstream 4fa118e5b79f 6c09fb82 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/03/28 09:37 upstream 4fa118e5b79f 6c09fb82 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/03/28 09:37 upstream 4fa118e5b79f 6c09fb82 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/03/27 14:22 upstream 1a9239bb4253 928390c4 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
* Struck through repros no longer work on HEAD.