syzbot

 sign-in | mailing list | source | docs
🐞 Open [1542]
Subsystems
🐞 Fixed [6205]
🐞 Invalid [15597]
Missing Backports [182]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump

Status: upstream: reported C repro on 2025/03/31 14:28
Subsystems: bluetooth
[Documentation on labels]
Reported-by: syzbot+ac3c79181f6aecc5120c@syzkaller.appspotmail.com
First crash: 27d, last: 1h48m
Discussions (2)
Title Replies (including bot) Last reply
[syzbot] [bluetooth?] KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump 1 (4) 2025/04/23 11:39
[syzbot] Monthly bluetooth report (Apr 2025) 0 (1) 2025/04/22 10:11
Last patch testing requests (1)
Created Duration User Patch Repo Result
2025/04/23 11:20 17m contact@arnaud-lcm.com patch upstream report log

Sample crash report:
==================================================================
BUG: KASAN: vmalloc-out-of-bounds in skb_put_data include/linux/skbuff.h:2752 [inline]
BUG: KASAN: vmalloc-out-of-bounds in hci_devcd_dump+0x142/0x240 net/bluetooth/coredump.c:258
Read of size 140 at addr ffffc90000ace000 by task kworker/u9:0/55

CPU: 0 UID: 0 PID: 55 Comm: kworker/u9:0 Not tainted 6.15.0-rc3-syzkaller-00019-gbc3372351d0c #0 PREEMPT(full) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
Workqueue: hci0 hci_devcd_timeout
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:94 [inline]
 dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120
 print_address_description mm/kasan/report.c:408 [inline]
 print_report+0xc3/0x670 mm/kasan/report.c:521
 kasan_report+0xe0/0x110 mm/kasan/report.c:634
 check_region_inline mm/kasan/generic.c:183 [inline]
 kasan_check_range+0xef/0x1a0 mm/kasan/generic.c:189
 __asan_memcpy+0x23/0x60 mm/kasan/shadow.c:105
 skb_put_data include/linux/skbuff.h:2752 [inline]
 hci_devcd_dump+0x142/0x240 net/bluetooth/coredump.c:258
 hci_devcd_timeout+0xb5/0x2e0 net/bluetooth/coredump.c:413
 process_one_work+0x9cc/0x1b70 kernel/workqueue.c:3238
 process_scheduled_works kernel/workqueue.c:3319 [inline]
 worker_thread+0x6c8/0xf10 kernel/workqueue.c:3400
 kthread+0x3c2/0x780 kernel/kthread.c:464
 ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:153
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
 </TASK>

The buggy address ffffc90000ace000 belongs to a vmalloc virtual mapping
Memory state around the buggy address:
 ffffc90000acdf00: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
 ffffc90000acdf80: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
>ffffc90000ace000: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
                   ^
 ffffc90000ace080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
 ffffc90000ace100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
==================================================================

Crashes (384):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2025/04/23 06:06 upstream bc3372351d0c 53a8b9bd .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/04/21 11:57 upstream 9d7a0577c9db 2a20f901 .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/04/14 00:47 upstream 5aaaedb0cb54 0bd6db41 .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/04/12 06:33 upstream e618ee89561b 0bd6db41 .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/04/08 00:12 upstream 0af2f6be1b42 a2ada0e7 .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/04/03 10:29 upstream a1b5bd45d4ee 996a9618 .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/04/24 06:06 upstream a79be02bba5c 9882047a .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/04/23 09:15 upstream bc3372351d0c 57d54c08 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/04/23 02:12 upstream bc3372351d0c 53a8b9bd .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/04/22 22:37 upstream bc3372351d0c 53a8b9bd .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/04/22 20:45 upstream a33b5a08cbbd 53a8b9bd .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/04/22 19:35 upstream a33b5a08cbbd 53a8b9bd .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/04/22 17:14 upstream a33b5a08cbbd 53a8b9bd .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/04/22 17:09 upstream a33b5a08cbbd 53a8b9bd .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/04/21 11:07 upstream 9d7a0577c9db 2a20f901 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/04/21 05:12 upstream 9d7a0577c9db 2a20f901 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/04/20 09:00 upstream 119009db2674 2a20f901 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/04/19 23:20 upstream 8560697b23dc 2a20f901 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/04/19 10:33 upstream 3088d26962e8 2a20f901 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/04/18 14:13 upstream fc96b232f8e7 2a20f901 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/04/17 21:20 upstream b5c6891b2c5b 2a20f901 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/04/17 20:16 upstream cfb2e2c57aef 552876f8 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/04/17 17:25 upstream cfb2e2c57aef 552876f8 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/04/16 21:46 upstream c62f4b82d571 a95239b1 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/04/16 16:56 upstream c62f4b82d571 a95239b1 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/04/16 14:59 upstream 1a1d569a75f3 a95239b1 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/04/16 09:59 upstream 1a1d569a75f3 a95239b1 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/04/16 06:27 upstream 1a1d569a75f3 a95239b1 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/04/15 22:29 upstream 1a1d569a75f3 a95239b1 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/04/15 18:32 upstream 1a1d569a75f3 85125322 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/04/15 03:29 upstream 834a4a689699 0bd6db41 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/04/14 21:37 upstream 834a4a689699 0bd6db41 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/04/14 21:33 upstream 834a4a689699 0bd6db41 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/04/14 17:20 upstream 8ffd015db85f 0bd6db41 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/04/14 05:42 upstream 8ffd015db85f 0bd6db41 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/04/13 23:41 upstream 5aaaedb0cb54 0bd6db41 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/04/13 22:08 upstream 5aaaedb0cb54 0bd6db41 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/04/13 22:05 upstream 5aaaedb0cb54 0bd6db41 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/04/13 19:59 upstream 5aaaedb0cb54 0bd6db41 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/04/13 15:26 upstream 7cdabafc0012 0bd6db41 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/04/13 09:42 upstream 7cdabafc0012 0bd6db41 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/04/13 08:30 upstream 7cdabafc0012 0bd6db41 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/04/12 19:44 upstream 3bde70a2c827 0bd6db41 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/04/12 13:23 upstream 3bde70a2c827 0bd6db41 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/04/12 11:31 upstream e618ee89561b 0bd6db41 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/04/12 05:22 upstream e618ee89561b 0bd6db41 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/04/12 05:19 upstream e618ee89561b 0bd6db41 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/04/10 23:59 upstream 0c7cae12f67c 94486846 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/04/10 10:05 upstream 3b07108ada81 988b336c .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/03/31 11:51 upstream 4e82c87058f4 d3999433 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/03/27 14:22 upstream 1a9239bb4253 928390c4 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
* Struck through repros no longer work on HEAD.