syzbot

 sign-in | mailing list | source | docs
🐞 Open [1609]
Subsystems
🐞 Fixed [6289]
🐞 Invalid [16005]
Missing Backports [189]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump

Status: upstream: reported C repro on 2025/03/31 14:28
Subsystems: bluetooth
[Documentation on labels]
Reported-by: syzbot+ac3c79181f6aecc5120c@syzkaller.appspotmail.com
First crash: 78d, last: 22h38m
Discussions (4)
Title Replies (including bot) Last reply
[PATCH] HCI: coredump: Use tmp buffer with dev_coredumpv 1 (1) 2025/06/14 04:19
[syzbot] [bluetooth?] KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump 3 (10) 2025/06/11 02:42
[syzbot] Monthly bluetooth report (May 2025) 0 (1) 2025/05/22 12:58
[syzbot] Monthly bluetooth report (Apr 2025) 0 (1) 2025/04/22 10:11
Last patch testing requests (5)
Created Duration User Patch Repo Result
2025/06/11 02:42 24m ipravdin.official@gmail.com patch upstream OK log
2025/06/08 22:26 15m ipravdin.official@gmail.com patch upstream error
2025/06/08 19:21 53m ipravdin.official@gmail.com patch upstream report log
2025/06/08 18:54 16m ipravdin.official@gmail.com patch upstream report log
2025/04/23 11:20 17m contact@arnaud-lcm.com patch upstream report log

Sample crash report:
==================================================================
BUG: KASAN: vmalloc-out-of-bounds in skb_put_data include/linux/skbuff.h:2753 [inline]
BUG: KASAN: vmalloc-out-of-bounds in hci_devcd_dump+0x142/0x240 net/bluetooth/coredump.c:258
Read of size 140 at addr ffffc90000abe000 by task kworker/u9:2/5833

CPU: 0 UID: 0 PID: 5833 Comm: kworker/u9:2 Not tainted 6.16.0-rc1-syzkaller #0 PREEMPT(full) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
Workqueue: hci0 hci_devcd_timeout
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:94 [inline]
 dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120
 print_address_description mm/kasan/report.c:408 [inline]
 print_report+0xcd/0x680 mm/kasan/report.c:521
 kasan_report+0xe0/0x110 mm/kasan/report.c:634
 check_region_inline mm/kasan/generic.c:183 [inline]
 kasan_check_range+0x100/0x1b0 mm/kasan/generic.c:189
 __asan_memcpy+0x23/0x60 mm/kasan/shadow.c:105
 skb_put_data include/linux/skbuff.h:2753 [inline]
 hci_devcd_dump+0x142/0x240 net/bluetooth/coredump.c:258
 hci_devcd_timeout+0xb5/0x2e0 net/bluetooth/coredump.c:413
 process_one_work+0x9cf/0x1b70 kernel/workqueue.c:3238
 process_scheduled_works kernel/workqueue.c:3321 [inline]
 worker_thread+0x6c8/0xf10 kernel/workqueue.c:3402
 kthread+0x3c2/0x780 kernel/kthread.c:464
 ret_from_fork+0x5d4/0x6f0 arch/x86/kernel/process.c:148
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
 </TASK>

The buggy address ffffc90000abe000 belongs to a vmalloc virtual mapping
Memory state around the buggy address:
 ffffc90000abdf00: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
 ffffc90000abdf80: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
>ffffc90000abe000: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
                   ^
 ffffc90000abe080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
 ffffc90000abe100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
==================================================================

Crashes (823):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2025/06/10 03:09 upstream 19272b37aa4f 4826c28e .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/06/01 18:05 upstream 7d4e49a77d99 3d2f584d .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/05/18 05:09 upstream 5723cc3450bc f41472b0 .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/05/14 16:27 upstream 9f35e33144ae a4fa04ef .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/05/10 07:54 upstream 0e1329d4045c 77908e5f .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/05/09 20:35 upstream 9c69f8884904 43803998 .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/05/07 06:23 upstream 0d8d44db295c 350f4ffc .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/05/04 10:45 upstream 2a239ffbebb5 b0714e37 .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/05/02 12:19 upstream ebd297a2affa d7f099d1 .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/04/27 19:01 upstream 5bc1018675ec c6b4fb39 .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/04/26 20:07 upstream f1a3944c860b c6b4fb39 .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/04/23 06:06 upstream bc3372351d0c 53a8b9bd .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/04/21 11:57 upstream 9d7a0577c9db 2a20f901 .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/04/14 00:47 upstream 5aaaedb0cb54 0bd6db41 .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/04/12 06:33 upstream e618ee89561b 0bd6db41 .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/04/08 00:12 upstream 0af2f6be1b42 a2ada0e7 .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/04/03 10:29 upstream a1b5bd45d4ee 996a9618 .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/06/13 10:57 upstream 27605c8c0f69 98683f8f .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/06/13 09:51 upstream 27605c8c0f69 98683f8f .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/06/13 09:47 upstream 27605c8c0f69 98683f8f .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/06/11 15:02 upstream aef17cb3d3c4 98683f8f .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/06/10 12:03 upstream f09079bd04a9 5d7e17ca .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/06/10 08:25 upstream f09079bd04a9 4826c28e .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/06/09 09:54 upstream 19272b37aa4f 4826c28e .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/06/09 07:18 upstream 939f15e640f1 4826c28e .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/06/08 20:33 upstream 939f15e640f1 4826c28e .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/06/08 15:14 upstream 8630c59e9936 4826c28e .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/06/08 15:07 upstream 8630c59e9936 4826c28e .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/06/07 18:28 upstream bdc7f8c5adad 4826c28e .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/06/07 18:27 upstream bdc7f8c5adad 4826c28e .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/06/06 14:14 upstream e271ed52b344 3d899f2c .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/06/04 17:00 upstream 5abc7438f1e9 e565f08d .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/06/04 05:44 upstream 5abc7438f1e9 a30356b7 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/06/03 20:53 upstream 546b1c9e93c2 a30356b7 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/06/03 06:10 upstream 7f9039c524a3 a30356b7 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/06/02 03:09 upstream cd2e103d57e5 3d2f584d .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/06/01 23:19 upstream 7d4e49a77d99 3d2f584d .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/06/01 23:16 upstream 7d4e49a77d99 3d2f584d .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/06/01 14:05 upstream 7d4e49a77d99 3d2f584d .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/05/31 18:41 upstream 0f70f5b08a47 3d2f584d .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/05/31 18:30 upstream 0f70f5b08a47 3d2f584d .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/05/31 03:27 upstream 8477ab143069 3d2f584d .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/05/29 19:40 upstream e0797d3b91de 3d2f584d .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/05/29 00:41 upstream feacb1774bd5 3d2f584d .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/05/28 21:02 upstream feacb1774bd5 3d2f584d .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/05/27 21:48 upstream 914873bc7df9 874a1386 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/05/27 01:27 upstream 785cdec46e92 874a1386 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/05/26 21:55 upstream 0ff41df1cb26 874a1386 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/05/25 21:25 upstream 0f8c0258bf04 2d4582d0 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/05/25 07:25 upstream d0c22de9995b ed351ea7 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/05/24 10:41 upstream 4856ebd99715 ed351ea7 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/05/24 03:38 upstream 4856ebd99715 ed351ea7 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/05/22 17:58 upstream 5cdb2c77c4c3 0919b50b .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/05/22 14:49 upstream d608703fcdd9 0919b50b .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/05/22 11:18 upstream d608703fcdd9 0919b50b .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/05/21 10:04 upstream b36ddb9210e6 b47f9e02 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/05/21 09:56 upstream b36ddb9210e6 b47f9e02 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/05/21 00:30 upstream b36ddb9210e6 b47f9e02 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/05/20 19:11 upstream a5806cd506af b47f9e02 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/05/20 15:48 upstream a5806cd506af b47f9e02 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/03/31 11:51 upstream 4e82c87058f4 d3999433 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/03/27 14:22 upstream 1a9239bb4253 928390c4 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
* Struck through repros no longer work on HEAD.