syzbot

 sign-in | mailing list | source | docs
🐞 Open [1568]
Subsystems
🐞 Fixed [5936]
🐞 Invalid [14430]
Missing Backports [102]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

bluetooth subsystem


List(s): linux-bluetooth@vger.kernel.org
Maintainer(s): luiz.dentz@gmail.com, marcel@holtmann.org
Fixed bugs: 79
Parent subsystem(s): kernel (82)
open (52):
Title Repro Cause bisect Fix bisect Count Last Reported Discussions
WARNING: held lock freed in bt_accept_dequeue bluetooth 1 7d16h 3d04h
KASAN: slab-use-after-free Read in l2cap_connect_cfm bluetooth syz inconclusive 19 5d14h 3d18h
WARNING in hci_conn_timeout (2) bluetooth C error 55 2h06m 3d18h
general protection fault in l2cap_conn_del bluetooth 1 14d 9d21h
BUG: unable to handle kernel paging request in hci_release_dev bluetooth 1 17d 13d
KASAN: slab-use-after-free Write in sco_conn_put bluetooth 15 4d14h 19d
KASAN: slab-use-after-free Read in __timer_delete bluetooth C done 1 24d 23d 💬 1 [23d]
KASAN: slab-use-after-free Read in lookup_object_or_alloc (2) bluetooth syz error 1 28d 24d
KASAN: slab-use-after-free Read in l2cap_disconn_ind bluetooth 1 29d 28d
KMSAN: uninit-value in hci_cmd_complete_evt bluetooth 2 20h27m 34d
KASAN: slab-use-after-free Write in sk_skb_reason_drop bluetooth 1 41d 37d
WARNING in emon bluetooth 1 43d 39d
INFO: task hung in hci_cmd_sync_clear (3) bluetooth syz 4 22d 42d
KASAN: slab-use-after-free Read in l2cap_register_user bluetooth 2 1d05h 43d
KASAN: slab-use-after-free Read in l2cap_unregister_user bluetooth syz 13282 now 49d 💬 1 [4d02h]
KASAN: slab-use-after-free Read in hci_send_acl (2) bluetooth 1 56d 51d
BUG: corrupted list in hci_cmd_sync_dequeue_once bluetooth 5 13h17m 61d
KASAN: slab-use-after-free Read in bt_accept_unlink bluetooth 8 7h19m 61d
KASAN: slab-use-after-free Read in l2cap_sock_new_connection_cb bluetooth 15 15d 61d
KASAN: slab-use-after-free Read in cmd_complete_rsp bluetooth 16 24d 61d
KASAN: slab-use-after-free Read in hci_req_cmd_complete bluetooth 1 76d 68d
possible deadlock in touch_wq_lockdep_map (2) bluetooth 5 61d 71d
KASAN: slab-use-after-free Read in l2cap_sock_ready_cb (2) bluetooth 12 6h07m 81d
BUG: corrupted list in _hci_cmd_sync_cancel_entry bluetooth 3 18d 84d
KASAN: slab-use-after-free Read in sco_chan_del (2) bluetooth 2 60d 89d
BUG: corrupted list in mgmt_pending_remove bluetooth C error 22 2d01h 111d 💬 1 [23d]
WARNING: ODEBUG bug in hci_release_dev (2) bluetooth syz error 51 16m 149d
KASAN: slab-use-after-free Read in mgmt_remove_adv_monitor_sync bluetooth syz 37 2d14h 150d PATCH [11d]
possible deadlock in sco_connect_cfm bluetooth 12 1d22h 165d
KASAN: slab-use-after-free Read in hci_sock_get_cookie (2) bluetooth 14 16d 184d
possible deadlock in mgmt_set_connectable_complete bluetooth syz 44 24d 216d
KASAN: slab-use-after-free Read in skb_queue_purge_reason (2) bluetooth 56 3d18h 218d
BUG: sleeping function called from invalid context in lock_sock_nested (3) bluetooth C inconclusive 90 4h55m 221d 💬 2 [4d02h]
WARNING in sco_chan_del bluetooth 10 41d 224d
possible deadlock in mgmt_remove_adv_monitor_complete bluetooth C unreliable 32 7d14h 232d
KASAN: slab-use-after-free Read in l2cap_recv_frame bluetooth C inconclusive 130 23d 238d 💬 2 [67d]
WARNING in hci_recv_frame bluetooth syz 30 1h09m 238d 💬 1 [30d]
KASAN: slab-use-after-free Read in hci_disconnect bluetooth 21 3d23h 239d
WARNING in l2cap_chan_send bluetooth 38 30d 251d
KASAN: slab-use-after-free Read in __hci_req_sync bluetooth C error error 3383 129d 257d 💬 2 [163d]
WARNING in l2cap_chan_del bluetooth 68 2h10m 278d
KASAN: slab-use-after-free Read in l2cap_send_cmd bluetooth 30 25d 299d
WARNING in hci_send_cmd bluetooth 8 65d 313d
WARNING in l2cap_do_send (2) bluetooth syz 1 347d 360d 💬 2 [359d]
general protection fault in lock_sock_nested bluetooth C done done 601 1h22m 467d
WARNING: refcount bug in sco_sock_timeout (2) bluetooth 10 61d 542d 💬 1 [375d]
KASAN: slab-use-after-free Write in sco_conn_del bluetooth C done 87 54d 571d 💬 2 [67d]
possible deadlock in rfcomm_dlc_exists bluetooth C error done 13649 67d 700d PATCH [228d]
WARNING in call_timer_fn bluetooth C unreliable 5215 30m 765d 💬 8 [4d02h]
general protection fault in l2cap_chan_timeout (3) bluetooth C inconclusive inconclusive 9 11d 1044d
general protection fault in skb_release_data (2) net bluetooth C done error 697 4d08h 1564d
WARNING: ODEBUG bug in put_device bluetooth syz done error 61 16d 1597d