general protection fault in h5_recv
bluetooth
|
syz |
|
|
3 |
6h04m |
6h03m
|
|
general protection fault in __timer_delete_sync
bluetooth
|
C |
done |
|
2 |
3d03h |
2d01h
|
💬 1 [1d09h] |
general protection fault in qca_close
bluetooth
|
C |
done |
|
26 |
2d05h |
3d08h
|
PATCH [2d17h] |
BUG: corrupted list in hci_chan_del (2)
bluetooth
|
C |
done |
|
491 |
48m |
3d08h
|
PATCH [1d13h] |
KASAN: null-ptr-deref Write in l2cap_sock_resume_cb (3)
bluetooth
|
|
|
|
7 |
8d02h |
12d
|
|
KASAN: slab-use-after-free Read in sock_def_readable
bluetooth
|
|
|
|
2 |
21h16m |
13d
|
|
KASAN: slab-use-after-free Read in force_suspend_read
bluetooth
|
|
|
|
7 |
3d20h |
22d
|
|
KASAN: slab-use-after-free Read in full_proxy_read
bluetooth
|
|
|
|
11 |
17d |
23d
|
|
general protection fault in hci_devcd_register
bluetooth
|
|
|
|
7 |
6h01m |
30d
|
|
general protection fault in hci_abort_conn
bluetooth
|
|
|
|
1 |
53d |
30d
|
|
WARNING in hci_devcd_register
bluetooth
|
|
|
|
2 |
27d |
35d
|
|
KASAN: slab-use-after-free Read in mgmt_remove_adv_monitor_complete (2)
bluetooth
|
|
|
|
1 |
42d |
38d
|
|
WARNING in hci_conn_drop
bluetooth
|
|
|
|
1 |
44d |
40d
|
|
KASAN: slab-use-after-free Read in full_proxy_write
bluetooth
|
C |
|
|
30 |
1d04h |
42d
|
|
KASAN: slab-use-after-free Read in msft_opcode_get
bluetooth
|
|
|
|
10 |
21h43m |
45d
|
|
KASAN: slab-use-after-free Read in force_devcd_write
bluetooth
|
syz |
|
|
174 |
2h45m |
46d
|
💬 1 [23d] |
KASAN: slab-use-after-free Read in hci_tx_work
bluetooth
|
|
|
|
1 |
53d |
48d
|
|
WARNING in sco_conn_put
bluetooth
|
|
|
|
1 |
53d |
49d
|
|
WARNING: held lock freed in bt_accept_dequeue
bluetooth
|
|
|
|
2 |
36d |
53d
|
|
KASAN: slab-use-after-free Read in l2cap_connect_cfm
bluetooth
|
syz |
inconclusive |
|
30 |
2d21h |
54d
|
|
WARNING in hci_conn_timeout (2)
bluetooth
|
C |
error |
|
216 |
1d09h |
54d
|
|
general protection fault in l2cap_conn_del
bluetooth
|
|
|
|
2 |
44d |
60d
|
|
BUG: unable to handle kernel paging request in hci_release_dev
bluetooth
|
|
|
|
1 |
68d |
64d
|
|
KASAN: slab-use-after-free Write in sco_conn_put
bluetooth
|
|
|
|
49 |
11h20m |
69d
|
|
KASAN: slab-use-after-free Read in __timer_delete
bluetooth
|
C |
done |
done |
1 |
75d |
74d
|
💬 1 [44d] |
KASAN: slab-use-after-free Read in lookup_object_or_alloc (2)
bluetooth
|
syz |
error |
|
5 |
4d01h |
74d
|
|
KASAN: slab-use-after-free Read in l2cap_disconn_ind
bluetooth
|
|
|
|
2 |
8d11h |
79d
|
|
KMSAN: uninit-value in hci_cmd_complete_evt
bluetooth
|
|
|
|
3 |
7d03h |
85d
|
|
KASAN: slab-use-after-free Write in sk_skb_reason_drop
bluetooth
net
|
|
|
|
2 |
45d |
88d
|
|
WARNING in emon
bluetooth
|
|
|
|
1 |
93d |
89d
|
|
INFO: task hung in hci_cmd_sync_clear (3)
bluetooth
|
syz |
done |
|
4 |
8d18h |
92d
|
|
KASAN: slab-use-after-free Read in l2cap_register_user
bluetooth
|
|
|
|
5 |
7h39m |
94d
|
|
KASAN: slab-use-after-free Read in l2cap_unregister_user
bluetooth
|
syz |
done |
|
26086 |
now |
100d
|
💬 1 [23d] |
BUG: corrupted list in hci_cmd_sync_dequeue_once
bluetooth
|
|
|
|
6 |
31d |
111d
|
|
KASAN: slab-use-after-free Read in bt_accept_unlink
bluetooth
|
|
|
|
14 |
1d21h |
111d
|
|
KASAN: slab-use-after-free Read in l2cap_sock_new_connection_cb
bluetooth
|
|
|
|
23 |
20m |
111d
|
|
KASAN: slab-use-after-free Read in cmd_complete_rsp
bluetooth
|
|
|
|
17 |
37d |
111d
|
|
KASAN: slab-use-after-free Read in l2cap_sock_ready_cb (2)
bluetooth
|
|
|
|
23 |
2d22h |
131d
|
|
BUG: corrupted list in _hci_cmd_sync_cancel_entry
bluetooth
|
|
|
|
3 |
69d |
135d
|
|
BUG: corrupted list in mgmt_pending_remove
bluetooth
|
C |
error |
|
32 |
11d |
161d
|
💬 1 [73d] |
WARNING: ODEBUG bug in hci_release_dev (2)
bluetooth
|
C |
error |
|
177 |
10m |
200d
|
|
possible deadlock in sco_connect_cfm
bluetooth
|
|
|
|
17 |
4d13h |
216d
|
|
KASAN: slab-use-after-free Read in hci_sock_get_cookie (2)
bluetooth
|
|
|
|
28 |
6d09h |
235d
|
|
possible deadlock in mgmt_set_connectable_complete
bluetooth
|
syz |
|
|
44 |
74d |
266d
|
|
KASAN: slab-use-after-free Read in skb_queue_purge_reason (2)
bluetooth
|
C |
|
|
75 |
2h42m |
268d
|
💬 1 [4d10h] |
BUG: sleeping function called from invalid context in lock_sock_nested (3)
bluetooth
|
C |
inconclusive |
|
115 |
3d03h |
272d
|
💬 2 [23d] |
WARNING in sco_chan_del
bluetooth
|
|
|
|
10 |
92d |
274d
|
|
possible deadlock in mgmt_remove_adv_monitor_complete
bluetooth
|
C |
unreliable |
|
39 |
23d |
282d
|
|
KASAN: slab-use-after-free Read in l2cap_recv_frame
bluetooth
|
C |
inconclusive |
inconclusive |
137 |
5d05h |
288d
|
💬 2 [117d] |
WARNING in hci_recv_frame
bluetooth
|
syz |
error |
|
39 |
1d11h |
289d
|
💬 1 [81d] |
KASAN: slab-use-after-free Read in hci_disconnect
bluetooth
|
|
|
|
23 |
10d |
289d
|
|
WARNING in l2cap_chan_send
bluetooth
|
|
|
|
40 |
6h13m |
301d
|
|
KASAN: slab-use-after-free Read in __hci_req_sync
bluetooth
|
C |
error |
error |
3383 |
179d |
308d
|
💬 2 [213d] |
WARNING in l2cap_chan_del
bluetooth
|
|
|
|
120 |
18h45m |
329d
|
|
general protection fault in lock_sock_nested
bluetooth
|
C |
done |
done |
849 |
2h05m |
517d
|
|
WARNING in call_timer_fn
bluetooth
|
C |
unreliable |
|
5726 |
3h57m |
816d
|
💬 8 [23d] |
general protection fault in l2cap_chan_timeout (3)
bluetooth
|
C |
inconclusive |
inconclusive |
10 |
7d02h |
1095d
|
|
general protection fault in skb_release_data (2)
net
bluetooth
|
C |
done |
error |
701 |
23h02m |
1614d
|
|
WARNING: ODEBUG bug in put_device
bluetooth
|
syz |
done |
error |
61 |
67d |
1647d
|
|