syzbot

 sign-in | mailing list | source | docs
🐞 Open [1592]
Subsystems
🐞 Fixed [6233]
🐞 Invalid [15779]
Missing Backports [183]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump

Status: upstream: reported C repro on 2025/03/31 14:28
Subsystems: bluetooth
[Documentation on labels]
Reported-by: syzbot+ac3c79181f6aecc5120c@syzkaller.appspotmail.com
First crash: 50d, last: now
Discussions (2)
Title Replies (including bot) Last reply
[syzbot] [bluetooth?] KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump 1 (4) 2025/04/23 11:39
[syzbot] Monthly bluetooth report (Apr 2025) 0 (1) 2025/04/22 10:11
Last patch testing requests (1)
Created Duration User Patch Repo Result
2025/04/23 11:20 17m contact@arnaud-lcm.com patch upstream report log

Sample crash report:
==================================================================
BUG: KASAN: vmalloc-out-of-bounds in skb_put_data include/linux/skbuff.h:2752 [inline]
BUG: KASAN: vmalloc-out-of-bounds in hci_devcd_dump+0x142/0x240 net/bluetooth/coredump.c:258
Read of size 140 at addr ffffc90000ace000 by task kworker/u9:1/5143

CPU: 1 UID: 0 PID: 5143 Comm: kworker/u9:1 Not tainted 6.15.0-rc6-syzkaller-00052-g9f35e33144ae #0 PREEMPT(full) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
Workqueue: hci0 hci_devcd_timeout
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:94 [inline]
 dump_stack_lvl+0x116/0x1f0 lib/dump_stack.c:120
 print_address_description mm/kasan/report.c:408 [inline]
 print_report+0xc3/0x670 mm/kasan/report.c:521
 kasan_report+0xe0/0x110 mm/kasan/report.c:634
 check_region_inline mm/kasan/generic.c:183 [inline]
 kasan_check_range+0xef/0x1a0 mm/kasan/generic.c:189
 __asan_memcpy+0x23/0x60 mm/kasan/shadow.c:105
 skb_put_data include/linux/skbuff.h:2752 [inline]
 hci_devcd_dump+0x142/0x240 net/bluetooth/coredump.c:258
 hci_devcd_timeout+0xb5/0x2e0 net/bluetooth/coredump.c:413
 process_one_work+0x9cc/0x1b70 kernel/workqueue.c:3238
 process_scheduled_works kernel/workqueue.c:3319 [inline]
 worker_thread+0x6c8/0xf10 kernel/workqueue.c:3400
 kthread+0x3c5/0x780 kernel/kthread.c:464
 ret_from_fork+0x48/0x80 arch/x86/kernel/process.c:153
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
 </TASK>

The buggy address ffffc90000ace000 belongs to a vmalloc virtual mapping
Memory state around the buggy address:
 ffffc90000acdf00: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
 ffffc90000acdf80: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
>ffffc90000ace000: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
                   ^
 ffffc90000ace080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
 ffffc90000ace100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
==================================================================

Crashes (642):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2025/05/14 16:27 upstream 9f35e33144ae a4fa04ef .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/05/10 07:54 upstream 0e1329d4045c 77908e5f .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/05/09 20:35 upstream 9c69f8884904 43803998 .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/05/07 06:23 upstream 0d8d44db295c 350f4ffc .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/05/04 10:45 upstream 2a239ffbebb5 b0714e37 .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/05/02 12:19 upstream ebd297a2affa d7f099d1 .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/04/27 19:01 upstream 5bc1018675ec c6b4fb39 .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/04/26 20:07 upstream f1a3944c860b c6b4fb39 .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/04/23 06:06 upstream bc3372351d0c 53a8b9bd .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/04/21 11:57 upstream 9d7a0577c9db 2a20f901 .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/04/14 00:47 upstream 5aaaedb0cb54 0bd6db41 .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/04/12 06:33 upstream e618ee89561b 0bd6db41 .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/04/08 00:12 upstream 0af2f6be1b42 a2ada0e7 .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/04/03 10:29 upstream a1b5bd45d4ee 996a9618 .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/05/17 06:10 upstream 3c21441eeffc f41472b0 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/05/17 05:42 upstream 3c21441eeffc f41472b0 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/05/17 05:36 upstream 3c21441eeffc f41472b0 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/05/16 23:06 upstream 3c21441eeffc f41472b0 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/05/16 13:08 upstream fee3e843b309 cfde8269 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/05/16 12:05 upstream fee3e843b309 cfde8269 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/05/16 06:58 upstream fee3e843b309 cfde8269 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/05/16 04:55 upstream fee3e843b309 cfde8269 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/05/16 02:03 upstream 088d13246a46 cfde8269 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/05/16 00:09 upstream 088d13246a46 cfde8269 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/05/15 19:58 upstream 088d13246a46 cfde8269 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/05/15 16:43 upstream 088d13246a46 cfde8269 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/05/15 06:24 upstream c94d59a126cb d6b2ee52 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/05/14 15:47 upstream 9f35e33144ae a4fa04ef .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/05/14 15:12 upstream 9f35e33144ae a4fa04ef .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/05/14 14:38 upstream 9f35e33144ae a4fa04ef .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/05/14 14:37 upstream 9f35e33144ae a4fa04ef .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/05/14 11:26 upstream 9f35e33144ae a4fa04ef .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/05/14 06:24 upstream 405e6c37c89e 7344edeb .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/05/14 03:37 upstream 405e6c37c89e 7344edeb .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/05/13 12:02 upstream e9565e23cd89 9497799b .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/05/12 23:56 upstream 627277ba7c23 f6671af7 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/05/12 21:52 upstream 627277ba7c23 f6671af7 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/05/12 01:35 upstream cd802e7e5f1e 77908e5f .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/05/11 16:58 upstream 3ce9925823c7 77908e5f .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/05/11 13:32 upstream 3ce9925823c7 77908e5f .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/05/11 03:03 upstream 3ce9925823c7 77908e5f .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/05/10 05:21 upstream 0e1329d4045c 77908e5f .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/05/08 15:53 upstream d76bb1ebb558 dbf35fa1 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/05/08 09:31 upstream d76bb1ebb558 dbf35fa1 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/05/08 05:21 upstream d76bb1ebb558 dbf35fa1 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/05/07 18:34 upstream 707df3375124 dbf35fa1 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/05/06 18:47 upstream 0d8d44db295c 350f4ffc .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/05/06 15:28 upstream 01f95500a162 350f4ffc .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/05/06 06:37 upstream 01f95500a162 ae98e6b9 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/05/06 05:02 upstream 01f95500a162 ae98e6b9 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/05/05 22:00 upstream 01f95500a162 ae98e6b9 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/05/05 20:08 upstream 92a09c47464d 6ca47dd8 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/05/05 03:27 upstream 92a09c47464d b0714e37 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/05/04 21:40 upstream e8ab83e34bdc b0714e37 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/05/04 17:02 upstream e8ab83e34bdc b0714e37 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/05/04 15:11 upstream e8ab83e34bdc b0714e37 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/03/31 11:51 upstream 4e82c87058f4 d3999433 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
2025/03/27 14:22 upstream 1a9239bb4253 928390c4 .config console log report info [disk image] [vmlinux] [kernel image] ci-qemu-gce-upstream-auto KASAN: vmalloc-out-of-bounds Read in hci_devcd_dump
* Struck through repros no longer work on HEAD.