KASAN: use-after-free Write in refcount_warn_saturate
Status: upstream: reported C repro on 2020/02/28 07:50
First crash: 235d, last: 76d

Cause bisection: the issue happens on the oldest tested release (bisect log)
Crash: WARNING in sysfs_warn_dup (log)
Repro: C syz .config

Fix bisection: fixed by (bisect log):

commit b83764f9220a4a14525657466f299850bbc98de9
Author: Miao-chen Chou <>
Date: Tue Jun 30 03:15:00 2020 +0000

  Bluetooth: Fix kernel oops triggered by hci_adv_monitors_clear()

Sample crash report:

Crashes (2):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Maintainers
ci-upstream-kasan-gce-selinux-root 2020/08/04 20:35 upstream c0842fbc 80a06902 .config log report syz C,,,,,,
ci-upstream-kasan-gce-386 2020/02/28 05:25 upstream f8788d86 59b57593 .config log report syz C,,,,,,