syzbot

 sign-in | mailing list | source | docs
🐞 Open [1478]
Subsystems
🐞 Fixed [6786]
🐞 Invalid [17537]
Missing Backports [221]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

bluetooth subsystem


List(s): linux-bluetooth@vger.kernel.org
Maintainer(s): luiz.dentz@gmail.com, marcel@holtmann.org
Fixed bugs: 97
Parent subsystem(s): kernel (92)
open (42):
Title Rank 🛈 Repro Cause bisect Fix bisect Count Last Reported Discussions
KASAN: null-ptr-deref Write in l2cap_sock_suspend_cb (3) bluetooth 12 1 8d12h 4d09h
KASAN: slab-use-after-free Write in le_read_features_complete bluetooth 24 C error 18 8d16h 5d19h
INFO: task hung in get_signal (2) bluetooth 1 syz 1 11d 7d21h
KASAN: slab-use-after-free Write in hci_conn_drop (3) bluetooth 24 C error 51 14h40m 10d 💬 1 [9d22h]
KASAN: slab-use-after-free Read in skb_pull bluetooth 19 1 19d 15d
KASAN: slab-use-after-free Read in hci_cmd_work (2) bluetooth 19 27015 24d 25d
memory leak in __hci_cmd_sync_sk bluetooth usb 3 C 1 21d 26d 💬 19 [20d]
linux-next test error: KASAN: slab-use-after-free Read in hci_cmd_work bluetooth -1 4 26d 29d
INFO: trying to register non-static key in l2cap_unregister_user bluetooth -1 2 1d02h 58d
KASAN: vmalloc-out-of-bounds Read in kcov_remote_start bluetooth 17 458 4h43m 69d
KASAN: slab-use-after-free Read in l2cap_disconn_ind (2) bluetooth 19 6 35d 70d
WARNING in hci_conn_drop (3) bluetooth -1 2 39d 71d
BUG: unable to handle kernel paging request in l2cap_conn_del bluetooth 8 1 88d 84d
KASAN: slab-use-after-free Read in hidp_session_thread (2) bluetooth 19 2 44d 93d
stack segment fault in kernfs_rename_ns bluetooth 2 23 6d21h 146d
KASAN: slab-use-after-free Read in hci_uart_write_work bluetooth 19 syz error 15 10d 152d 💬 3 [144d]
INFO: task hung in hci_conn_failed (4) bluetooth 1 syz 17 8d14h 185d
INFO: task hung in hci_remote_features_evt (2) bluetooth 1 syz error inconclusive 9 76d 220d
possible deadlock in l2cap_conn_del bluetooth 4 syz error 425 1d09h 257d
KASAN: wild-memory-access Read in l2cap_connect_cfm bluetooth 19 C error 119 5h12m 271d 💬 1 [62d]
possible deadlock in l2cap_info_timeout bluetooth 4 51 4h32m 291d
general protection fault in h5_recv bluetooth 10 C done 2670 1h23m 307d 💬 1 [16d]
KASAN: slab-use-after-free Read in force_devcd_write bluetooth 19 C 448 100d 353d 💬 4 [110d]
WARNING: held lock freed in bt_accept_dequeue bluetooth 4 17 6d02h 360d
WARNING in hci_conn_timeout (2) bluetooth -1 C error 2049 1h01m 361d
INFO: task hung in hci_cmd_sync_clear (3) bluetooth 1 syz done 47 3d08h 399d
KASAN: slab-use-after-free Read in l2cap_unregister_user bluetooth 24 C done 45519 1h45m 407d PATCH [37d]
BUG: corrupted list in hci_cmd_sync_dequeue_once bluetooth 8 129 43d 418d
KASAN: slab-use-after-free Read in bt_accept_unlink bluetooth 19 syz 102 10d 418d 💬 1 [28d]
KASAN: slab-use-after-free Read in l2cap_sock_new_connection_cb bluetooth 19 syz error 94 2d05h 418d 💬 3 [18d]
KASAN: slab-use-after-free Read in l2cap_sock_ready_cb (2) bluetooth 19 61 47d 438d
BUG: corrupted list in _hci_cmd_sync_cancel_entry bluetooth 8 syz error 46 50d 442d 💬 1 [170d]
WARNING: ODEBUG bug in hci_release_dev (2) bluetooth -1 C error 413 16h06m 507d
KASAN: slab-use-after-free Read in l2cap_recv_frame bluetooth 19 C inconclusive inconclusive 139 15d 595d 💬 2 [80d]
WARNING in hci_recv_frame bluetooth -1 C error 122 1d09h 596d 💬 1 [208d]
WARNING in l2cap_chan_send bluetooth -1 52 7d13h 608d
KASAN: slab-use-after-free Read in __hci_req_sync bluetooth 19 C error error 3383 487d 615d 💬 2 [520d]
WARNING in l2cap_chan_del bluetooth -1 332 6d11h 636d
general protection fault in lock_sock_nested bluetooth 19 C done done 3881 34m 824d
WARNING in call_timer_fn bluetooth -1 C unreliable 7802 13h52m 1123d 💬 8 [16d]
general protection fault in l2cap_chan_timeout (3) bluetooth 19 C inconclusive inconclusive 74 16d 1402d
general protection fault in skb_release_data (2) net bluetooth 24 C done error 703 256d 1921d
moderation (3):
Title Rank 🛈 Repro Cause bisect Fix bisect Count Last Reported Discussions
KCSAN: data-race in __hci_cmd_sync_sk / hci_cmd_sync_cancel_sync bluetooth 6 1 4d18h 4d18h
KCSAN: data-race in hci_uart_open / hci_uart_tty_close bluetooth 6 1 47d 47d
WARNING: refcount bug in hci_conn_del_sysfs bluetooth 13 1 85d 81d