syzbot

Applied filters: Label=subsystems:bluetooth (drop)

open (44) 🔗

Title	Rank 🛈	Repro	Cause bisect	Fix bisect	Count	Last	Reported	Discussions
memory leak in skb_clone (3) batman bluetooth	3	C			3	31d	9d16h
WARNING: locking bug in l2cap_unregister_user bluetooth	4				3	12d	23d
WARNING in hci_connect_sco bluetooth	-1				1	27d	23d
WARNING in hci_send_cmd (3) bluetooth	-1				1	36d	32d
KASAN: null-ptr-deref Write in l2cap_sock_suspend_cb (3) bluetooth	12				3	29d	38d
KASAN: slab-use-after-free Write in le_read_features_complete bluetooth	24	C	error		432	9d14h	40d	PATCH [29d]
INFO: task hung in get_signal (2) bluetooth	1	syz			1	46d	42d
KASAN: slab-use-after-free Write in hci_conn_drop (3) bluetooth	24	C	error		535	1h46m	44d	💬 1 [44d]
KASAN: slab-use-after-free Read in skb_pull bluetooth	19				1	54d	50d
KASAN: slab-use-after-free Read in hci_cmd_work (2) bluetooth	19				27015	59d	60d	PATCH [22d]
memory leak in __hci_cmd_sync_sk bluetooth usb	3	C			1	55d	60d	💬 19 [54d]
linux-next test error: KASAN: slab-use-after-free Read in hci_cmd_work bluetooth	-1				4	60d	63d
INFO: trying to register non-static key in l2cap_unregister_user bluetooth	-1				8	2d05h	92d
KASAN: vmalloc-out-of-bounds Read in kcov_remote_start usb bluetooth	17				758	3h11m	104d
KASAN: slab-use-after-free Read in l2cap_disconn_ind (2) bluetooth	19				6	70d	104d
WARNING in hci_conn_drop (3) bluetooth	-1				2	73d	105d
KASAN: slab-use-after-free Read in hidp_session_thread (2) bluetooth	19				2	78d	127d
stack segment fault in kernfs_rename_ns bluetooth	2				34	1d11h	181d
KASAN: slab-use-after-free Read in hci_uart_write_work bluetooth	19	syz	error		65	8h44m	186d	💬 3 [179d]
INFO: task hung in hci_conn_failed (4) bluetooth	1	syz			17	43d	219d
INFO: task hung in hci_remote_features_evt (2) bluetooth	1	syz	error	inconclusive	9	110d	255d
possible deadlock in l2cap_conn_del bluetooth	4	syz	error		483	11h58m	291d
KASAN: wild-memory-access Read in l2cap_connect_cfm bluetooth	19	C	error		174	6h25m	305d	💬 1 [97d]
possible deadlock in l2cap_info_timeout bluetooth	4				63	3d11h	325d
general protection fault in h5_recv bluetooth	10	C	done		3414	55m	341d	💬 1 [19d]
KASAN: slab-use-after-free Read in force_devcd_write bluetooth	19	C			448	134d	388d	💬 4 [145d]
WARNING: held lock freed in bt_accept_dequeue bluetooth	4				20	25d	395d
WARNING in hci_conn_timeout (2) bluetooth	-1	C	error		5459	now	395d
INFO: task hung in hci_cmd_sync_clear (3) bluetooth	1	syz	done		68	9d22h	434d
KASAN: slab-use-after-free Read in l2cap_unregister_user bluetooth	24	C	done		45866	6h18m	441d	PATCH [71d]
KASAN: slab-use-after-free Read in bt_accept_unlink bluetooth	19	syz			109	2d11h	453d	💬 1 [63d]
KASAN: slab-use-after-free Read in l2cap_sock_new_connection_cb bluetooth	19	syz	error		112	1d23h	453d	💬 3 [52d]
KASAN: slab-use-after-free Read in l2cap_sock_ready_cb (2) bluetooth	19				65	5d03h	472d
BUG: corrupted list in _hci_cmd_sync_cancel_entry bluetooth	8	syz	error	error	46	85d	476d	💬 1 [205d]
WARNING: ODEBUG bug in hci_release_dev (2) bluetooth	-1	C	error		444	1d17h	541d
KASAN: slab-use-after-free Read in l2cap_recv_frame bluetooth	19	C	inconclusive	inconclusive	140	8d20h	630d	💬 2 [114d]
WARNING in hci_recv_frame bluetooth	-1	C	error		132	16h53m	630d	💬 1 [242d]
WARNING in l2cap_chan_send bluetooth	-1				53	21d	643d
KASAN: slab-use-after-free Read in __hci_req_sync bluetooth	19	C	error	error	3383	521d	649d	💬 2 [555d]
WARNING in l2cap_chan_del bluetooth	-1				339	8d12h	670d
general protection fault in lock_sock_nested bluetooth	19	C	done	done	4115	12h47m	859d
WARNING in call_timer_fn bluetooth	-1	C	unreliable		8011	1h04m	1157d	💬 8 [19d]
general protection fault in l2cap_chan_timeout (3) bluetooth	19	C	inconclusive	inconclusive	77	2d01h	1436d
general protection fault in skb_release_data (2) net bluetooth	24	C	done	error	703	291d	1956d

moderation (3) 🔗

Title	Rank 🛈	Count	Last	Reported
KCSAN: data-race in __hci_cmd_sync_sk / hci_cmd_sync_cancel_sync bluetooth	6	1	39d	39d
KCSAN: data-race in data_push_tail / vsnprintf (9) bluetooth	6	178	2d08h	330d
KCSAN: data-race in data_alloc / data_push_tail (3) bluetooth	6	57	11d	496d