syzbot


general protection fault in device_move

Status: upstream: reported syz repro on 2024/11/20 18:53
Subsystems: kernel
Labels: prio:high
[Documentation on labels]
Reported-by: syzbot+1f4e278e8e1a9b01f95f@syzkaller.appspotmail.com
First crash: 593d, last: 3h20m
Cause bisection: failed (error log, bisect log)
  
✨ AI Jobs (2)
ID Workflow Result Correct Bug Created Started Finished Revision Error
55ff0cf9-82e3-4c90-bc4c-b96fa5ca6dbd patching 💥 general protection fault in device_move 2026/06/19 15:15 2026/06/19 15:15 2026/06/19 15:40 023e42b533e586523329e56d8cc833583d338ca9
reproducer did not crash
7f97eb9b-5e63-413d-ad5d-139742fd8ab3 assessment-security DenialOfService: ✅ Exploitable: ❌ FilesystemTrigger: ❌ NetworkTrigger: ❌ PeripheralTrigger: ❌ RemoteTrigger: ❌ Unprivileged: ✅ UserNamespace: ✅ VMGuestTrigger: ❌ VMHostTrigger: ❌ general protection fault in device_move 2026/05/20 01:49 2026/05/20 01:49 2026/05/20 02:41 1d9407ad5a662c921fc0d659cf022b438c0bde91

			
		
Discussions (1)
Title Replies (including bot) Last reply
[syzbot] [kernel?] general protection fault in device_move 0 (3) 2025/09/24 06:46
Similar bugs (3)
Kernel Title Rank 🛈 Repro Cause bisect Fix bisect Count Last Reported Patched Status
linux-6.6 general protection fault in device_move 2 21 24d 364d 0/2 upstream: reported on 2025/07/04 01:12
linux-6.1 general protection fault in device_move 8 71 3d05h 548d 0/3 upstream: reported on 2024/12/31 11:47
linux-5.15 BUG: unable to handle kernel paging request in device_move origin:lts-only 8 syz inconclusive 48 35d 563d 0/3 upstream: reported syz repro on 2024/12/16 11:50
Last patch testing requests (1)
Created Duration User Patch Repo Result
2025/09/24 06:46 26m kriish.sharma2006@gmail.com http://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/ 7595b66ae9de OK log

Sample crash report:
Oops: general protection fault, probably for non-canonical address 0xdffffc000000000b: 0000 [#1] SMP KASAN NOPTI
KASAN: null-ptr-deref in range [0x0000000000000058-0x000000000000005f]
CPU: 0 UID: 0 PID: 13123 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
RIP: 0010:klist_put+0x4d/0x1d0 lib/klist.c:212
Code: c1 ea 03 80 3c 02 00 0f 85 74 01 00 00 48 b8 00 00 00 00 00 fc ff df 4c 8b 23 49 83 e4 fe 49 8d 7c 24 58 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 43 01 00 00 4c 89 e7 4d 8b 74 24 58 e8 1c 0f 0d
RSP: 0018:ffffc90005e3f6f0 EFLAGS: 00010212
RAX: dffffc0000000000 RBX: ffff88807acda460 RCX: 0000000000000000
RDX: 000000000000000b RSI: ffffffff8b8b0345 RDI: 0000000000000058
RBP: 0000000000000001 R08: 0000000000000000 R09: fffffbfff217a5c8
R10: ffffffff90bd2e43 R11: 0000000000000001 R12: 0000000000000000
R13: 0000000000000001 R14: ffffffff90bd2e00 R15: dffffc0000000000
FS:  0000000000000000(0000) GS:ffff88812431b000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f5616c4f270 CR3: 0000000075b9d000 CR4: 0000000000350ef0
Call Trace:
 <TASK>
 klist_del lib/klist.c:230 [inline]
 klist_remove+0x14c/0x2e0 lib/klist.c:249
 device_move+0x12d/0x1140 drivers/base/core.c:4698
 hci_conn_del_sysfs+0x86/0x1a0 net/bluetooth/hci_sysfs.c:75
 hci_conn_cleanup net/bluetooth/hci_conn.c:170 [inline]
 hci_conn_del+0x506/0x1180 net/bluetooth/hci_conn.c:1306
 hci_conn_hash_flush+0x186/0x280 net/bluetooth/hci_conn.c:2734
 hci_dev_close_sync+0x5cf/0x13c0 net/bluetooth/hci_sync.c:5405
 hci_dev_do_close+0x2e/0xb0 net/bluetooth/hci_core.c:499
 hci_unregister_dev+0x23f/0x690 net/bluetooth/hci_core.c:2678
 vhci_release+0x17d/0x230 drivers/bluetooth/hci_vhci.c:700
 __fput+0x3ff/0xb50 fs/file_table.c:512
 task_work_run+0x150/0x240 kernel/task_work.c:233
 exit_task_work include/linux/task_work.h:40 [inline]
 do_exit+0x951/0x2ae0 kernel/exit.c:1004
 do_group_exit+0xd5/0x2a0 kernel/exit.c:1147
 get_signal+0x1ec7/0x21e0 kernel/signal.c:3038
 arch_do_signal_or_restart+0x91/0x7e0 arch/x86/kernel/signal.c:337
 __exit_to_user_mode_loop kernel/entry/common.c:66 [inline]
 exit_to_user_mode_loop+0x139/0x6f0 kernel/entry/common.c:101
 __exit_to_user_mode_prepare include/linux/irq-entry-common.h:207 [inline]
 syscall_exit_to_user_mode_prepare include/linux/irq-entry-common.h:230 [inline]
 syscall_exit_to_user_mode include/linux/entry-common.h:318 [inline]
 do_syscall_64+0x666/0x870 arch/x86/entry/syscall_64.c:100
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7ffb7af9e62a
Code: Unable to access opcode bytes at 0x7ffb7af9e600.
RSP: 002b:00007ffebc923ce8 EFLAGS: 00000216 ORIG_RAX: 0000000000000037
RAX: 0000000000000000 RBX: 00007ffebc923d70 RCX: 00007ffb7af9e62a
RDX: 0000000000000041 RSI: 0000000000000000 RDI: 0000000000000003
RBP: 0000000000000003 R08: 00007ffebc923d0c R09: 0000000000000000
R10: 00007ffebc923d70 R11: 0000000000000216 R12: 00007ffb7b1eafc0
R13: 00007ffebc923d0c R14: 0000000000000000 R15: 00007ffb7b1ed180
 </TASK>
Modules linked in:
---[ end trace 0000000000000000 ]---
RIP: 0010:klist_put+0x4d/0x1d0 lib/klist.c:212
Code: c1 ea 03 80 3c 02 00 0f 85 74 01 00 00 48 b8 00 00 00 00 00 fc ff df 4c 8b 23 49 83 e4 fe 49 8d 7c 24 58 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 43 01 00 00 4c 89 e7 4d 8b 74 24 58 e8 1c 0f 0d
RSP: 0018:ffffc90005e3f6f0 EFLAGS: 00010212
RAX: dffffc0000000000 RBX: ffff88807acda460 RCX: 0000000000000000
RDX: 000000000000000b RSI: ffffffff8b8b0345 RDI: 0000000000000058
RBP: 0000000000000001 R08: 0000000000000000 R09: fffffbfff217a5c8
R10: ffffffff90bd2e43 R11: 0000000000000001 R12: 0000000000000000
R13: 0000000000000001 R14: ffffffff90bd2e00 R15: dffffc0000000000
FS:  0000000000000000(0000) GS:ffff88812441b000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007fa6c51ea540 CR3: 0000000072f9c000 CR4: 0000000000350ef0
----------------
Code disassembly (best guess):
   0:	c1 ea 03             	shr    $0x3,%edx
   3:	80 3c 02 00          	cmpb   $0x0,(%rdx,%rax,1)
   7:	0f 85 74 01 00 00    	jne    0x181
   d:	48 b8 00 00 00 00 00 	movabs $0xdffffc0000000000,%rax
  14:	fc ff df
  17:	4c 8b 23             	mov    (%rbx),%r12
  1a:	49 83 e4 fe          	and    $0xfffffffffffffffe,%r12
  1e:	49 8d 7c 24 58       	lea    0x58(%r12),%rdi
  23:	48 89 fa             	mov    %rdi,%rdx
  26:	48 c1 ea 03          	shr    $0x3,%rdx
* 2a:	80 3c 02 00          	cmpb   $0x0,(%rdx,%rax,1) <-- trapping instruction
  2e:	0f 85 43 01 00 00    	jne    0x177
  34:	4c 89 e7             	mov    %r12,%rdi
  37:	4d 8b 74 24 58       	mov    0x58(%r12),%r14
  3c:	e8                   	.byte 0xe8
  3d:	1c 0f                	sbb    $0xf,%al
  3f:	0d                   	.byte 0xd

Crashes (7848):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2026/06/21 17:40 upstream 390d73adf896 43bfcdb0 .config console log report syz / log [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root general protection fault in device_move
2026/06/19 16:18 upstream 8c13415c8a43 d7ffd47b .config console log report syz / log [disk image] [vmlinux] [kernel image] [mounted in repro (corrupt fs)] ci-upstream-kasan-badwrites-root general protection fault in device_move
2025/06/25 20:35 upstream 7595b66ae9de 26d77996 .config console log report syz / log [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root general protection fault in device_move
2025/12/16 05:15 upstream 8f0b4cce4481 d1b870e1 .config console log report syz / log [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream general protection fault in device_move
2024/12/21 19:34 upstream 499551201b5f d7f584ee .config console log report syz / log [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream general protection fault in device_move
2026/05/05 19:59 net-next c1e5127b577c 06e69a27 .config console log report syz / log [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce general protection fault in device_move
2026/01/10 20:55 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 59e4d31a0470 d6526ea3 .config console log report syz / log [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 BUG: unable to handle kernel paging request in device_move
2026/07/02 16:22 upstream 4a50a141f05a 2b70b115 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root general protection fault in device_move
2026/07/02 07:28 upstream 4a50a141f05a 27192279 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root general protection fault in device_move
2026/07/01 15:17 upstream 665159e24674 27192279 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root general protection fault in device_move
2026/07/01 07:52 upstream 665159e24674 00a5cf1c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root general protection fault in device_move
2026/07/01 02:34 upstream dc59e4fea9d8 00a5cf1c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root general protection fault in device_move
2026/06/30 11:34 upstream dc59e4fea9d8 fff8d0a0 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root general protection fault in device_move
2026/06/29 22:43 upstream dc59e4fea9d8 6a0c72dc .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root general protection fault in device_move
2026/06/29 22:31 upstream dc59e4fea9d8 6a0c72dc .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root general protection fault in device_move
2026/06/29 17:05 upstream dc59e4fea9d8 6a0c72dc .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root general protection fault in device_move
2026/06/28 20:47 upstream 8b69c0475871 fb92f11c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root general protection fault in device_move
2026/06/28 12:36 upstream 780d569e6c4b fb92f11c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root general protection fault in device_move
2026/06/28 07:40 upstream 780d569e6c4b fb92f11c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root general protection fault in device_move
2026/06/28 01:25 upstream 5a66900afbd6 fb92f11c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root general protection fault in device_move
2026/06/27 21:11 upstream 5a66900afbd6 fb92f11c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root general protection fault in device_move
2026/06/26 14:55 upstream 4edcdefd4083 7ff32d8b .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root general protection fault in device_move
2026/07/03 08:13 upstream 87320be9f0d2 58bf2096 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream general protection fault in device_move
2026/06/30 17:52 upstream dc59e4fea9d8 e5173a01 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream general protection fault in device_move
2026/06/30 13:59 upstream dc59e4fea9d8 e5173a01 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream general protection fault in device_move
2026/06/29 06:36 upstream dc59e4fea9d8 fb92f11c .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream general protection fault in device_move
2026/06/28 15:23 upstream 8b69c0475871 fb92f11c .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream general protection fault in device_move
2026/06/27 19:40 upstream 5a66900afbd6 fb92f11c .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream general protection fault in device_move
2026/06/27 06:24 upstream 5a66900afbd6 fb92f11c .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream general protection fault in device_move
2026/06/26 17:38 upstream 51cb1aa1250c fb92f11c .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream general protection fault in device_move
2026/05/31 12:33 upstream 174914ea5513 6b4a8443 .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root general protection fault in device_move
2026/06/30 10:26 upstream dc59e4fea9d8 fff8d0a0 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream-386 general protection fault in device_move
2026/06/29 02:50 upstream dc59e4fea9d8 fb92f11c .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream-386 general protection fault in device_move
2026/06/27 14:36 upstream 5a66900afbd6 fb92f11c .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream-386 general protection fault in device_move
2026/07/02 02:22 net a225f8c20712 27192279 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce general protection fault in device_move
2026/07/01 22:03 net a225f8c20712 27192279 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce general protection fault in device_move
2026/07/01 21:00 net a225f8c20712 27192279 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce general protection fault in device_move
2026/06/30 21:25 net 2a00517db8de 00e8b0fd .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce general protection fault in device_move
2026/06/30 19:51 net 2a00517db8de 00e8b0fd .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce general protection fault in device_move
2026/06/29 10:22 net 32f1c2bbb26a fb92f11c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce general protection fault in device_move
2026/06/29 09:12 net 32f1c2bbb26a fb92f11c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce general protection fault in device_move
2026/06/28 23:27 net 32f1c2bbb26a fb92f11c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce general protection fault in device_move
2026/06/28 17:25 net 32f1c2bbb26a fb92f11c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce general protection fault in device_move
2026/06/28 15:05 net 32f1c2bbb26a fb92f11c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce general protection fault in device_move
2026/06/27 04:32 net 6c00e85cd46f fb92f11c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce general protection fault in device_move
2026/06/27 01:06 net 805185b7c7a1 fb92f11c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce general protection fault in device_move
2026/06/26 10:52 net 805185b7c7a1 7ff32d8b .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce general protection fault in device_move
2026/07/02 12:09 net-next d6e815297491 27192279 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce general protection fault in device_move
2026/07/01 12:19 net-next 1c664ec4b9ea 00a5cf1c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce general protection fault in device_move
2026/06/29 14:02 net-next 805185b7c7a1 6a0c72dc .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce general protection fault in device_move
2026/06/29 01:34 net-next 805185b7c7a1 fb92f11c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce general protection fault in device_move
2026/06/28 09:34 net-next 805185b7c7a1 fb92f11c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce general protection fault in device_move
2026/06/28 04:23 net-next 805185b7c7a1 fb92f11c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce general protection fault in device_move
2026/06/27 17:12 net-next 805185b7c7a1 fb92f11c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce general protection fault in device_move
2026/06/27 16:01 net-next 805185b7c7a1 fb92f11c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce general protection fault in device_move
2026/06/27 09:47 net-next 805185b7c7a1 fb92f11c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce general protection fault in device_move
2026/06/27 03:30 net-next 805185b7c7a1 fb92f11c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce general protection fault in device_move
2026/06/26 20:39 net-next 805185b7c7a1 fb92f11c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce general protection fault in device_move
2026/06/26 09:50 net-next 805185b7c7a1 7ff32d8b .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce general protection fault in device_move
2024/11/20 18:34 net-next dd7207838d38 4fca1650 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce general protection fault in device_move
2024/11/16 18:43 net-next 38f83a57aa8e cfe3a04a .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce general protection fault in device_move
2026/07/02 11:04 linux-next 7de6ae9e1220 27192279 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-rust-kasan-gce general protection fault in device_move
2026/06/25 14:44 linux-next 6c94b38b83a0 432fd51a .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-linux-next-kasan-gce-root general protection fault in device_move
2026/06/24 19:43 linux-next 4e5dfb7c8401 c1da772e .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-rust-kasan-gce general protection fault in device_move
2026/07/01 16:18 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci ff4c5a0de1f2 27192279 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 BUG: unable to handle kernel paging request in device_move
2026/06/28 03:18 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 92e3f6ef4ffb fb92f11c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 BUG: unable to handle kernel paging request in device_move
2026/06/26 18:56 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 92e3f6ef4ffb fb92f11c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 BUG: unable to handle kernel paging request in device_move
* Struck through repros no longer work on HEAD.