general protection fault in lock_sock

Kernel	Title	Repro	Cause bisect	Fix bisect	Count	Last	Reported	Patched	Status
android-49	general protection fault in lock_sock_nested				1	2686d	2686d	0/3	auto-closed as invalid on 2019/02/22 12:39
linux-4.14	general protection fault in lock_sock_nested				4	1504d	1722d	0/1	auto-closed as invalid on 2021/09/04 19:35
upstream	general protection fault in lock_sock_nested bluetooth	C	done	done	2691	14m	648d	0/29	upstream: reported C repro on 2023/09/11 07:52
linux-5.15	general protection fault in lock_sock_nested missing-backport origin:upstream	C		error	125	8d04h	442d	0/3	upstream: reported C repro on 2024/04/04 13:25
linux-6.1	general protection fault in lock_sock_nested origin:upstream	syz			141	2d08h	432d	0/3	upstream: reported syz repro on 2024/04/14 08:46
upstream	BUG: unable to handle kernel paging request in lock_sock_nested bluetooth				43	1339d	1780d	0/29	auto-closed as invalid on 2022/02/16 22:16
linux-4.19	KASAN: wild-memory-access Write in lock_sock_nested				2	1604d	1672d	0/1	auto-closed as invalid on 2021/05/28 14:35
linux-6.1	BUG: sleeping function called from invalid context in lock_sock_nested (2) origin:upstream missing-backport	C		error	5	56d	117d	0/3	upstream: reported C repro on 2025/02/23 00:56
linux-4.19	KASAN: use-after-free Read in lock_sock_nested	C			471	842d	2155d	0/1	upstream: reported C repro on 2019/07/26 21:27
linux-4.14	KASAN: use-after-free Read in lock_sock_nested	C		inconclusive	331	882d	2249d	0/1	upstream: reported C repro on 2019/04/24 06:28
upstream	KASAN: use-after-free Read in lock_sock_nested hams	C	inconclusive	done	1856	752d	2361d	0/29	auto-obsoleted due to no activity on 2023/08/23 09:06
linux-6.1	BUG: sleeping function called from invalid context in lock_sock_nested				7	335d	356d	0/3	auto-obsoleted due to no activity on 2024/10/28 05:57
linux-4.14	BUG: unable to handle kernel paging request in lock_sock_nested				4	1498d	1617d	0/1	auto-closed as invalid on 2021/09/11 11:51
upstream	KASAN: slab-out-of-bounds Read in lock_sock_nested bluetooth	syz	unreliable	done	23	1334d	1774d	0/29	auto-obsoleted due to no activity on 2022/09/29 10:19
linux-4.19	KASAN: slab-out-of-bounds Read in lock_sock_nested				14	1017d	1681d	0/1	auto-obsoleted due to no activity on 2023/01/05 15:59
upstream	BUG: sleeping function called from invalid context in lock_sock_nested (3) bluetooth	C	inconclusive	error	141	85d	403d	0/29	upstream: reported C repro on 2024/05/13 12:58
linux-5.15	BUG: sleeping function called from invalid context in lock_sock_nested missing-backport origin:upstream	C		error	22	28d	356d	0/3	upstream: reported C repro on 2024/06/29 07:50

</TASK> kobject: kobject_add_internal failed for hci0:201 with -EEXIST, don't try to register things with the same name in the same directory. Bluetooth: hci0: failed to register connection device general protection fault, probably for non-canonical address 0xdffffc0000000026: 0000 [#1] PREEMPT SMP KASAN KASAN: null-ptr-deref in range [0x0000000000000130-0x0000000000000137] CPU: 1 PID: 13583 Comm: kworker/u5:2 Not tainted 6.6.93-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 Workqueue: hci0 hci_rx_work RIP: 0010:__lock_acquire+0xeb/0x7c80 kernel/locking/lockdep.c:5005 Code: 85 dc 66 00 00 83 3d 4f dd e2 0c 00 48 89 9c 24 f0 00 00 00 0f 84 11 10 00 00 83 3d be c9 58 0b 00 74 36 48 89 f8 48 c1 e8 03 <42> 80 3c 00 00 74 1f 48 8b bc 24 88 00 00 00 e8 d1 3c 77 00 48 8b RSP: 0018:ffffc900035b7160 EFLAGS: 00010002 RAX: 0000000000000026 RBX: 1ffff920006b6e50 RCX: 0000000000000000 RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000130 RBP: ffffc900035b73a8 R08: dffffc0000000000 R09: 0000000000000000 R10: dffffc0000000000 R11: fffffbfff1c934ee R12: 0000000000000001 R13: 0000000000000000 R14: ffff88801eed3c00 R15: 0000000000000000 FS: 0000000000000000(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 000000110c24747b CR3: 000000006bbf8000 CR4: 00000000003506e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: <TASK> lock_acquire+0x197/0x410 kernel/locking/lockdep.c:5754 lock_sock_nested+0x48/0x100 net/core/sock.c:3510 lock_sock include/net/sock.h:1731 [inline] l2cap_sock_ready_cb+0x45/0x130 net/bluetooth/l2cap_sock.c:1658 l2cap_chan_ready net/bluetooth/l2cap_core.c:1263 [inline] l2cap_le_start+0xaf3/0x1370 net/bluetooth/l2cap_core.c:1375 l2cap_conn_ready net/bluetooth/l2cap_core.c:1628 [inline] l2cap_connect_cfm+0x6b9/0x1030 net/bluetooth/l2cap_core.c:7251 hci_connect_cfm+0x8f/0x130 include/net/bluetooth/hci_core.h:1967 le_conn_complete_evt+0xcd0/0x1220 net/bluetooth/hci_event.c:5772 hci_le_conn_complete_evt+0x187/0x440 net/bluetooth/hci_event.c:5798 hci_event_func net/bluetooth/hci_event.c:7433 [inline] hci_event_packet+0x795/0x1210 net/bluetooth/hci_event.c:7488 hci_rx_work+0x43a/0xd80 net/bluetooth/hci_core.c:3998 process_one_work kernel/workqueue.c:2634 [inline] process_scheduled_works+0xa45/0x15b0 kernel/workqueue.c:2711 worker_thread+0xa55/0xfc0 kernel/workqueue.c:2792 kthread+0x2fa/0x390 kernel/kthread.c:388 ret_from_fork+0x48/0x80 arch/x86/kernel/process.c:152 ret_from_fork_asm+0x11/0x20 arch/x86/entry/entry_64.S:293 </TASK> Modules linked in: ---[ end trace 0000000000000000 ]--- RIP: 0010:__lock_acquire+0xeb/0x7c80 kernel/locking/lockdep.c:5005 Code: 85 dc 66 00 00 83 3d 4f dd e2 0c 00 48 89 9c 24 f0 00 00 00 0f 84 11 10 00 00 83 3d be c9 58 0b 00 74 36 48 89 f8 48 c1 e8 03 <42> 80 3c 00 00 74 1f 48 8b bc 24 88 00 00 00 e8 d1 3c 77 00 48 8b RSP: 0018:ffffc900035b7160 EFLAGS: 00010002 RAX: 0000000000000026 RBX: 1ffff920006b6e50 RCX: 0000000000000000 RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000130 RBP: ffffc900035b73a8 R08: dffffc0000000000 R09: 0000000000000000 R10: dffffc0000000000 R11: fffffbfff1c934ee R12: 0000000000000001 R13: 0000000000000000 R14: ffff88801eed3c00 R15: 0000000000000000 FS: 0000000000000000(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 000000110c24747b CR3: 000000006bbf8000 CR4: 00000000003506e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 ---------------- Code disassembly (best guess): 0: 85 dc test %ebx,%esp 2: 66 00 00 data16 add %al,(%rax) 5: 83 3d 4f dd e2 0c 00 cmpl $0x0,0xce2dd4f(%rip) # 0xce2dd5b c: 48 89 9c 24 f0 00 00 mov %rbx,0xf0(%rsp) 13: 00 14: 0f 84 11 10 00 00 je 0x102b 1a: 83 3d be c9 58 0b 00 cmpl $0x0,0xb58c9be(%rip) # 0xb58c9df 21: 74 36 je 0x59 23: 48 89 f8 mov %rdi,%rax 26: 48 c1 e8 03 shr $0x3,%rax * 2a: 42 80 3c 00 00 cmpb $0x0,(%rax,%r8,1) <-- trapping instruction 2f: 74 1f je 0x50 31: 48 8b bc 24 88 00 00 mov 0x88(%rsp),%rdi 38: 00 39: e8 d1 3c 77 00 call 0x773d0f 3e: 48 rex.W 3f: 8b .byte 0x8b

Crashes (3):
Time	Kernel	Commit	Syzkaller	Config	Log	Report	VM info	Assets (help?)	Manager	Title
2025/06/19 11:03	linux-6.6.y	c2603c511feb	ed3e87f7	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci2-linux-6-6-kasan	general protection fault in lock_sock_nested
2025/06/19 04:51	linux-6.6.y	c2603c511feb	ed3e87f7	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci2-linux-6-6-kasan	general protection fault in lock_sock_nested
2025/06/19 04:50	linux-6.6.y	c2603c511feb	ed3e87f7	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci2-linux-6-6-kasan	general protection fault in lock_sock_nested

Crashes (3):

Assets (help?)