syzbot

 sign-in | mailing list | source | docs
🐞 Open [1498]
Subsystems
🐞 Fixed [6526]
🐞 Invalid [16611]
Missing Backports [205]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

WARNING: refcount bug in bnep_session

Status: upstream: reported on 2024/11/27 11:44
Subsystems: kernel
[Documentation on labels]
Reported-by: syzbot+8b3024ae934a6e1911d9@syzkaller.appspotmail.com
First crash: 272d, last: 17d
Discussions (1)
Title Replies (including bot) Last reply
[syzbot] [kernel?] WARNING: refcount bug in bnep_session 0 (1) 2024/11/27 11:44

Sample crash report:
------------[ cut here ]------------
refcount_t: underflow; use-after-free.
WARNING: CPU: 0 PID: 17378 at lib/refcount.c:28 refcount_warn_saturate+0x11a/0x1d0 lib/refcount.c:28
Modules linked in:
CPU: 0 UID: 0 PID: 17378 Comm: kbnepd bnep0 Not tainted 6.15.0-syzkaller-12058-g64980441d269 #0 PREEMPT(full) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
RIP: 0010:refcount_warn_saturate+0x11a/0x1d0 lib/refcount.c:28
Code: 00 65 e1 8b e8 87 ef c9 fc 90 0f 0b 90 90 eb d7 e8 1b 41 06 fd c6 05 f8 cb cf 0a 01 90 48 c7 c7 60 65 e1 8b e8 67 ef c9 fc 90 <0f> 0b 90 90 eb b7 e8 fb 40 06 fd c6 05 d5 cb cf 0a 01 90 48 c7 c7
RSP: 0018:ffffc9000c8276a0 EFLAGS: 00010246
RAX: 6caad8d84d128900 RBX: 0000000000000003 RCX: ffff88803105bc00
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000002
RBP: 0000000000000000 R08: 0000000000000003 R09: 0000000000000004
R10: dffffc0000000000 R11: fffffbfff1bfaa44 R12: dffffc0000000000
R13: ffff88805b80d460 R14: ffff88805b80d478 R15: ffffffff85ef1a70
FS:  0000000000000000(0000) GS:ffff888125c89000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f59c96e7d60 CR3: 0000000033e86000 CR4: 00000000003526f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <TASK>
 __refcount_sub_and_test include/linux/refcount.h:400 [inline]
 __refcount_dec_and_test include/linux/refcount.h:432 [inline]
 refcount_dec_and_test include/linux/refcount.h:450 [inline]
 kref_put include/linux/kref.h:64 [inline]
 klist_dec_and_del+0x3c7/0x3d0 lib/klist.c:206
 klist_put lib/klist.c:217 [inline]
 klist_del+0xa6/0x110 lib/klist.c:230
 device_del+0x280/0x8e0 drivers/base/core.c:3858
 unregister_netdevice_many_notify+0x1d52/0x2320 net/core/dev.c:12111
 unregister_netdevice_many net/core/dev.c:12139 [inline]
 unregister_netdevice_queue+0x33c/0x380 net/core/dev.c:11983
 unregister_netdevice include/linux/netdevice.h:3379 [inline]
 unregister_netdev+0x1f/0x60 net/core/dev.c:12157
 bnep_session+0x294d/0x2b40 net/bluetooth/bnep/core.c:525
 kthread+0x70e/0x8a0 kernel/kthread.c:464
 ret_from_fork+0x3f9/0x770 arch/x86/kernel/process.c:148
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
 </TASK>

Crashes (105):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2025/06/05 16:48 upstream 64980441d269 6b6b5f21 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root WARNING: refcount bug in bnep_session
2025/04/24 00:35 upstream a79be02bba5c 9882047a .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING: refcount bug in bnep_session
2025/07/26 02:19 upstream 2942242dde89 fb8f743d .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: refcount bug in bnep_session
2025/07/07 08:34 upstream 772b78c2abd8 4f67c4ae .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: refcount bug in bnep_session
2025/07/05 20:44 upstream a79a588fc176 4f67c4ae .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: refcount bug in bnep_session
2025/06/30 08:57 upstream d0b3b7b22dfa fc9d8ee5 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: refcount bug in bnep_session
2025/06/26 08:12 upstream 92ca6c498a5e 26d77996 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: refcount bug in bnep_session
2025/06/05 08:41 upstream 1af80d00e1e0 6b6b5f21 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: refcount bug in bnep_session
2025/06/04 15:42 upstream 5abc7438f1e9 e565f08d .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: refcount bug in bnep_session
2025/06/03 19:54 upstream 546b1c9e93c2 a30356b7 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: refcount bug in bnep_session
2025/05/31 14:46 upstream 0f70f5b08a47 3d2f584d .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: refcount bug in bnep_session
2025/05/17 19:55 upstream 172a9d94339c f41472b0 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: refcount bug in bnep_session
2025/05/16 21:28 upstream 3c21441eeffc f41472b0 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: refcount bug in bnep_session
2025/05/13 18:58 upstream e9565e23cd89 9497799b .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: refcount bug in bnep_session
2025/05/02 13:46 upstream ebd297a2affa d7f099d1 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: refcount bug in bnep_session
2025/04/16 14:03 upstream 1a1d569a75f3 a95239b1 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: refcount bug in bnep_session
2025/03/30 07:16 upstream 93d52288679e d3999433 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: refcount bug in bnep_session
2025/03/17 23:40 upstream 4701f33a1070 489e2dc8 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING: refcount bug in bnep_session
2025/07/16 13:44 upstream 155a3c003e55 124ec9cc .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream-386 WARNING: refcount bug in bnep_session
2025/06/26 12:29 upstream ee88bddf7f2f 1ae8177e .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream-386 WARNING: refcount bug in bnep_session
2025/08/05 08:41 net 4eabe4cc0958 abdcb213 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce WARNING: refcount bug in bnep_session
2025/07/06 03:40 net b9fd9888a565 4f67c4ae .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce WARNING: refcount bug in bnep_session
2025/07/05 15:09 net b9fd9888a565 4f67c4ae .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce WARNING: refcount bug in bnep_session
2025/06/25 11:35 net 9caca6ac0e26 26d77996 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce WARNING: refcount bug in bnep_session
2025/06/25 10:25 net 9caca6ac0e26 26d77996 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce WARNING: refcount bug in bnep_session
2025/06/24 05:55 net 95b6759a8183 1a7fb460 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce WARNING: refcount bug in bnep_session
2025/06/21 09:08 net e0fca6f2cebf d6cdfb8a .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce WARNING: refcount bug in bnep_session
2025/06/15 02:37 net 5466491c9e33 5f4b362d .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce WARNING: refcount bug in bnep_session
2025/06/10 00:59 net fdd9ebccfc32 4826c28e .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce WARNING: refcount bug in bnep_session
2025/06/02 14:55 net 3382a1ed7f77 b396b4bf .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce WARNING: refcount bug in bnep_session
2025/05/16 05:16 net ef935650e044 cfde8269 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce WARNING: refcount bug in bnep_session
2025/05/15 11:17 net 09db7a4d287d d6b2ee52 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce WARNING: refcount bug in bnep_session
2025/04/24 19:10 net d861a5dbb960 9c80ffa0 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce WARNING: refcount bug in bnep_session
2025/04/23 18:48 net 491ef1117c56 d971f7e2 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce WARNING: refcount bug in bnep_session
2025/03/29 13:27 net 2ea396448f26 cf25e2c2 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce WARNING: refcount bug in bnep_session
2025/03/28 06:36 net 1a9239bb4253 6c09fb82 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce WARNING: refcount bug in bnep_session
2025/03/26 09:22 net 0032c99e83b9 89d30d73 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce WARNING: refcount bug in bnep_session
2025/03/16 10:21 net 4003c9e78778 e2826670 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce WARNING: refcount bug in bnep_session
2024/11/22 22:47 net fcc79e1714e8 68da6d95 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce WARNING: refcount bug in bnep_session
2025/07/23 19:42 net-next 56613001dfc9 e1dd4f22 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce WARNING: refcount bug in bnep_session
2025/07/17 08:30 net-next 511ad4c26446 44f8051e .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce WARNING: refcount bug in bnep_session
2025/07/11 23:55 net-next fadd1e6231b1 3cda49cf .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce WARNING: refcount bug in bnep_session
2025/06/24 13:52 net-next a6a4db166c65 e2f27c35 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce WARNING: refcount bug in bnep_session
2025/06/20 16:46 net-next 4f4040ea5d3e e3003213 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce WARNING: refcount bug in bnep_session
2025/06/20 12:32 net-next 4f4040ea5d3e e3003213 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce WARNING: refcount bug in bnep_session
2025/05/08 18:58 net-next 46431fd5224f dbf35fa1 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce WARNING: refcount bug in bnep_session
2025/05/08 08:46 net-next 3e52667a9c32 dbf35fa1 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce WARNING: refcount bug in bnep_session
2025/03/31 07:17 net-next 1a9239bb4253 d3999433 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce WARNING: refcount bug in bnep_session
2025/03/29 08:22 net-next 1a9239bb4253 cf25e2c2 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce WARNING: refcount bug in bnep_session
2025/03/20 15:30 net-next 6855b9be9cf7 62330552 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce WARNING: refcount bug in bnep_session
2025/03/17 03:19 net-next bfc6c67ec2d6 e2826670 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce WARNING: refcount bug in bnep_session
2025/03/15 02:29 net-next bfc6c67ec2d6 e2826670 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce WARNING: refcount bug in bnep_session
2025/04/05 00:05 linux-next a4cda136f021 1c4febdb .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-linux-next-kasan-gce-root WARNING: refcount bug in bnep_session
* Struck through repros no longer work on HEAD.