syzbot

 sign-in | mailing list | source | docs
🐞 Open [1677]
Subsystems
🐞 Fixed [6051]
🐞 Invalid [15015]
Missing Backports [150]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

bluetooth subsystem


List(s): linux-bluetooth@vger.kernel.org
Maintainer(s): luiz.dentz@gmail.com, marcel@holtmann.org
Fixed bugs: 82
Parent subsystem(s): kernel (89)
open (58):
Title Repro Cause bisect Fix bisect Count Last Reported Discussions
WARNING: refcount bug in sco_conn_put bluetooth 1 4d16h 13h44m
general protection fault in h5_close bluetooth C done 4 1d04h 1d06h
general protection fault in bcsp_close bluetooth C done 3 3d01h 1d07h
general protection fault in bcsp_recv bluetooth syz error 3 5d14h 6d06h
general protection fault in h5_recv bluetooth C done 8 4d03h 12d 💬 1 [9d23h]
general protection fault in __timer_delete_sync bluetooth C done 3 10d 14d 💬 1 [13d]
general protection fault in qca_close bluetooth C done 78 32m 15d PATCH [14d]
KASAN: null-ptr-deref Write in l2cap_sock_resume_cb (3) bluetooth 7 20d 24d
KASAN: slab-use-after-free Read in sock_def_readable bluetooth net 3 8d21h 25d
KASAN: slab-use-after-free Read in force_suspend_read bluetooth 8 7d04h 34d
KASAN: slab-use-after-free Read in full_proxy_read bluetooth 11 29d 35d
general protection fault in hci_devcd_register bluetooth 12 3d08h 42d
general protection fault in hci_abort_conn bluetooth 1 65d 42d
WARNING in hci_devcd_register bluetooth 2 39d 47d
KASAN: slab-use-after-free Read in mgmt_remove_adv_monitor_complete (2) bluetooth 1 54d 50d
WARNING in hci_conn_drop bluetooth 1 56d 52d
KASAN: slab-use-after-free Read in full_proxy_write bluetooth C 34 2d03h 54d
KASAN: slab-use-after-free Read in msft_opcode_get bluetooth 11 6d13h 57d
KASAN: slab-use-after-free Read in force_devcd_write bluetooth syz 237 17h19m 58d 💬 1 [4d10h]
KASAN: slab-use-after-free Read in hci_tx_work bluetooth 1 65d 60d
WARNING in sco_conn_put bluetooth 2 2d02h 61d
WARNING: held lock freed in bt_accept_dequeue bluetooth 2 49d 65d
KASAN: slab-use-after-free Read in l2cap_connect_cfm bluetooth syz inconclusive 32 7d11h 66d
WARNING in hci_conn_timeout (2) bluetooth C error 251 2h56m 66d
general protection fault in l2cap_conn_del bluetooth 2 56d 72d
BUG: unable to handle kernel paging request in hci_release_dev bluetooth 1 80d 76d
KASAN: slab-use-after-free Write in sco_conn_put bluetooth 63 8h39m 81d
KASAN: slab-use-after-free Read in __timer_delete bluetooth C done done 1 87d 86d 💬 1 [56d]
KASAN: slab-use-after-free Read in l2cap_disconn_ind bluetooth 2 20d 91d
KMSAN: uninit-value in hci_cmd_complete_evt bluetooth 3 19d 97d
KASAN: slab-use-after-free Write in sk_skb_reason_drop bluetooth net 2 57d 100d
INFO: task hung in hci_cmd_sync_clear (3) bluetooth syz done 4 6d10h 104d
KASAN: slab-use-after-free Read in l2cap_register_user bluetooth 5 12d 106d
KASAN: slab-use-after-free Read in l2cap_unregister_user bluetooth syz done 28370 now 112d 💬 1 [4d10h]
BUG: corrupted list in hci_cmd_sync_dequeue_once bluetooth 7 2d18h 123d
KASAN: slab-use-after-free Read in bt_accept_unlink bluetooth 19 4d05h 123d
KASAN: slab-use-after-free Read in l2cap_sock_new_connection_cb bluetooth 30 1d23h 123d
KASAN: slab-use-after-free Read in cmd_complete_rsp bluetooth 17 49d 123d
KASAN: slab-use-after-free Read in l2cap_sock_ready_cb (2) bluetooth 29 5d16h 143d
BUG: corrupted list in _hci_cmd_sync_cancel_entry bluetooth 3 81d 147d
BUG: corrupted list in mgmt_pending_remove bluetooth C error 34 2d01h 173d 💬 1 [85d]
WARNING: ODEBUG bug in hci_release_dev (2) bluetooth C error 186 2d20h 212d
possible deadlock in sco_connect_cfm bluetooth 17 16d 228d
KASAN: slab-use-after-free Read in hci_sock_get_cookie (2) bluetooth 30 4h30m 247d
KASAN: slab-use-after-free Read in skb_queue_purge_reason (2) bluetooth C done 98 9h20m 280d PATCH [9d07h]
BUG: sleeping function called from invalid context in lock_sock_nested (3) bluetooth C inconclusive 116 10h41m 284d 💬 2 [35d]
possible deadlock in mgmt_remove_adv_monitor_complete bluetooth C unreliable 39 5d17h 294d
KASAN: slab-use-after-free Read in l2cap_recv_frame bluetooth C inconclusive inconclusive 137 3d01h 300d 💬 2 [4d10h]
WARNING in hci_recv_frame bluetooth syz error 41 1d10h 301d 💬 1 [93d]
KASAN: slab-use-after-free Read in hci_disconnect bluetooth 24 3d09h 301d
WARNING in l2cap_chan_send bluetooth 41 5d09h 313d
KASAN: slab-use-after-free Read in __hci_req_sync bluetooth C error error 3383 192d 320d 💬 2 [225d]
WARNING in l2cap_chan_del bluetooth 136 1d20h 341d
general protection fault in lock_sock_nested bluetooth C done done 993 9m 529d
WARNING in call_timer_fn bluetooth C unreliable 5897 2h45m 828d 💬 8 [4d10h]
general protection fault in l2cap_chan_timeout (3) bluetooth C inconclusive inconclusive 13 1d12h 1107d
general protection fault in skb_release_data (2) net bluetooth C done error 702 6d21h 1626d
WARNING: ODEBUG bug in put_device bluetooth syz done error 61 79d 1659d
moderation (1):
Title Repro Cause bisect Fix bisect Count Last Reported Discussions
KASAN: slab-use-after-free Read in hidp_session_thread bluetooth 2 12d 8d07h