From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mail-vk1-f180.google.com (mail-vk1-f180.google.com [209.85.221.180]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id AFCC83B1ED0 for ; Fri, 26 Jun 2026 21:25:54 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.221.180 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1782509156; cv=none; b=kAo9+JUQv747JEgsq4u+xpjD8EfSYk58+jUh3x6uyERd3lT4rSHhAdw/SrOz3d3Epx0N+LFz3KtAxvVYAP4WmQv84S58l8I6NjvrXofp43hEo5eN7puosuPIrIXSdTEtjoaywkHbSwcTZoid3sa/pH8hMH2fjJf7Bepx9tdPiH8= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1782509156; c=relaxed/simple; bh=mxEmrMRVqEB9+nqnQIkRBq+6A4i0FsAEgyxL8ao21p4=; h=Message-ID:Date:Subject:To:Cc:Content-Type:MIME-Version:From; b=lXAiIUd3jCi9mhKfjnoAcIW03cd5kaszSA834Uzms+UbgCUk0eGfSlLiVbSuFcCMmI9vszaTgx/2kxiwmzSp5kAOmWAL4Pq0BXd3prPnI9fyFSFSSTA1/b7sVDcjxbT7DKkALOPg/6OxY7Gi0PUpwZnEA8TL5pUAUbtS7lgbY8U= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=WoFYQRtY; arc=none smtp.client-ip=209.85.221.180 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="WoFYQRtY" Received: by mail-vk1-f180.google.com with SMTP id 71dfb90a1353d-5bc0af1e234so40115e0c.1 for ; Fri, 26 Jun 2026 14:25:54 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20251104; t=1782509154; x=1783113954; darn=vger.kernel.org; h=from:mime-version:content-transfer-encoding:content-type:cc:to :subject:date:message-id:from:to:cc:subject:date:message-id:reply-to :content-type; bh=zmaFB7ZBeOCQQ5rd3Aq3jn7oV6o8wBJFRJaNA+WzwH4=; b=WoFYQRtYLSKVGKHiz75DFTdKJAnjSRU7z8La+kZi9xPt21Dyv/MOWbrgODEVws2Gvn +CYkpjrQJ51kcKKOhQdLA5MC8Szv+51INIrLTi2Z3S20Pxw2dSd4Dzc3OfOoe7xjAJYQ pVX2lh9EvLmc9hIitwlOOmIoJs12pLuwP3XQG0VUPIaEvJs6nObZmAISVr5DwSDK1pu0 Ee9qG7DG3gFwbmP4rD6mOmv0ZBta5NCfxIbPmxtlBVfxr8DlrPK3UEXSV/nI+sUsUB2t b8WIZUTj2u5y71YmnRS6zBMT1IPZj4QCfukXGRRW5MIwsnR4cXIqbH98WlesLhsiRRPe 2QGg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1782509154; x=1783113954; h=from:mime-version:content-transfer-encoding:content-type:cc:to :subject:date:message-id:x-gm-gg:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to:content-type; bh=zmaFB7ZBeOCQQ5rd3Aq3jn7oV6o8wBJFRJaNA+WzwH4=; b=qt444wzI2lQyi7PMbpYiHlfbJNSBr6Mz6dHshybGT6S1j+himCYGh4Gzm6cvi+nMGC WKBwzxwo8PfQad3NzZ42iAdu2jknC9nKKKP0xRyOFwQ+rYVllf71yKEdIreCanxtOxAa 37x2obkI/jhHTc9BKmaLQ8nyytJsPLGxhUVAHO1ZFYsbJc5qHigYfecyTNkjQGlJ14vg nDs0TDUs0L+T+h8fct5jUJoCJg2P8vVgUuZhT7gxF++GFnrh60+F2t/yM9A70HMeY6Cp dU0hzy4cLTuXqlWn0OowGjf0L/QhmVSWYoY0KG9cRjBQuZzP2loRNRVcJ+7cjYOulH1V yMmQ== X-Forwarded-Encrypted: i=1; AHgh+RqgUWWyMc/NKKHdop0MJg1FxhZ5Gk5FQz4ob4Tcu/LvcHfcwxGoiHupQjZXEHB57MPGZLR1pxQLE3Afcqs=@vger.kernel.org X-Gm-Message-State: AOJu0YwG2bvcQ3rNx7rk2fSmVUADTHGI2wW3Ocvwy9CcpgxBHkhJm9xY onuI6+I7lFrCoBSd1hrUv7G0RnDvgThABT3w5RQuS4qSFG4aLVXQlNWA X-Gm-Gg: AfdE7cmvEPdQ8inufgq7Zxj4fSmBjyLm6X9TBkXx3sg0R6N/SF5zyEOqmTDPFBLWW1S +rrKl2yyRfw/XCDugKqejDLujWK4p1PpwLQGXXTA/S41p6deyQPP7w0ZMMyvCykC6yhbNWPwX3I TlT5OhykENwqyO7tRY1teiG/u/tEwk8xUgrtrs+MIXYk9B9jIvcrMXNdzdmoA3ARH+12GYETtpO 3xMH9pPcayO4KyQJyfN2g+kI+j31mxqKIWFHBRbzL41FaeV/cOnzjipwbvLetJiIAqbSdynuhM0 Qv5fW+pPcjF/kE1f/9xuyA559jgBe4Tj+OWv5yD0c5q39SmxCP0DpabvMHWcLx13eLX+lugPTHT MgNO8FBCQ2w5P9dxP4z7csXZfCZ0Cs4lsHpZ2Zrut8DK0px4LY73vSLsIdjlbkXd6fcjlA5aAht VNTjxBsvxFPquMk8WySUAa2dq8aPkNn8y0JK7eSDdsa2B7rWQyv7Gy//WADTZWpIWv0nl7bfmVx 6NLQs98k9H1 X-Received: by 2002:a05:6102:548a:b0:632:9ebf:6069 with SMTP id ada2fe7eead31-734360a285amr1556889137.4.1782509153699; Fri, 26 Jun 2026 14:25:53 -0700 (PDT) Received: from [192.168.10.115] ([132.170.207.48]) by smtp.gmail.com with ESMTPSA id a1e0cc1a2514c-96916b986e1sm1946183241.0.2026.06.26.14.25.52 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 26 Jun 2026 14:25:53 -0700 (PDT) Message-ID: <6a3eee61.0ca26d91.74bfa.10cf@mx.google.com> Date: Fri, 26 Jun 2026 14:25:53 -0700 (PDT) Subject: general protection fault in netdev_unregister_kobject To: akpm@linux-foundation.org, linux-kernel@vger.kernel.org Cc: syzkaller@googlegroups.com, contact@pgazz.com Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 8bit Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: sanan.hasanou@gmail.com Good day, dear maintainers, We found a bug using a modified version of syzkaller. Kernel Branch: 7.0-rc1 Kernel Config: Reproducer: Thank you! Best regards, Sanan Hasanov Oops: general protection fault, probably for non-canonical address 0xdffffc000000000b: 0000 [#1] SMP KASAN KASAN: null-ptr-deref in range [0x0000000000000058-0x000000000000005f] CPU: 1 UID: 0 PID: 246588 Comm: kbnepd bnep0 Tainted: G L 7.0.0-rc1 #1 PREEMPT(full) Tainted: [L]=SOFTLOCKUP Hardware name: QEMU Ubuntu 24.04 PC v2 (i440FX + PIIX, arch_caps fix, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 RIP: 0010:klist_put lib/klist.c:212 [inline] RIP: 0010:klist_del+0x4c/0xc0 lib/klist.c:230 Code: f5 49 89 dd 49 c1 ed 03 43 80 7c 3d 00 00 74 08 48 89 df e8 96 39 9e f5 4c 8b 33 49 83 e6 fe 49 8d 7e 58 48 89 f8 48 c1 e8 03 <42> 80 3c 38 00 74 05 e8 78 39 9e f5 4d 8b 66 58 4c 89 f7 e8 8c 16 RSP: 0018:ffffc90004d3f7e8 EFLAGS: 00010212 RAX: 000000000000000b RBX: ffff88804d043460 RCX: ffff8880243b9d00 RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000058 RBP: ffffc90004d3f810 R08: ffff888037d5ac33 R09: 1ffff11006fab586 R10: dffffc0000000000 R11: ffffed1006fab587 R12: ffff888050c12618 R13: 1ffff11009a0868c R14: 0000000000000000 R15: dffffc0000000000 FS: 0000000000000000(0000) GS:ffff8880d9cdb000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007f5033991f2c CR3: 000000004fa9b000 CR4: 00000000000006f0 Call Trace: device_del+0x2c2/0xce0 drivers/base/core.c:3855 netdev_unregister_kobject+0x262/0x380 net/core/net-sysfs.c:2329 unregister_netdevice_many_notify+0x1ae2/0x1f40 net/core/dev.c:12436 unregister_netdevice_many net/core/dev.c:12464 [inline] unregister_netdevice_queue net/core/dev.c:12278 [inline] unregister_netdevice include/linux/netdevice.h:3408 [inline] unregister_netdev+0x142/0x1b0 net/core/dev.c:12482 bnep_session+0x25d7/0x27d0 net/bluetooth/bnep/core.c:525 kthread+0x355/0x410 kernel/kthread.c:467 ret_from_fork+0x3a6/0x980 arch/x86/kernel/process.c:158 ret_from_fork_asm+0x11/0x20 arch/x86/entry/entry_64.S:245 Modules linked in: ---[ end trace 0000000000000000 ]--- RIP: 0010:klist_put lib/klist.c:212 [inline] RIP: 0010:klist_del+0x4c/0xc0 lib/klist.c:230 Code: f5 49 89 dd 49 c1 ed 03 43 80 7c 3d 00 00 74 08 48 89 df e8 96 39 9e f5 4c 8b 33 49 83 e6 fe 49 8d 7e 58 48 89 f8 48 c1 e8 03 <42> 80 3c 38 00 74 05 e8 78 39 9e f5 4d 8b 66 58 4c 89 f7 e8 8c 16 RSP: 0018:ffffc90004d3f7e8 EFLAGS: 00010212 RAX: 000000000000000b RBX: ffff88804d043460 RCX: ffff8880243b9d00 RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000058 RBP: ffffc90004d3f810 R08: ffff888037d5ac33 R09: 1ffff11006fab586 R10: dffffc0000000000 R11: ffffed1006fab587 R12: ffff888050c12618 R13: 1ffff11009a0868c R14: 0000000000000000 R15: dffffc0000000000 FS: 0000000000000000(0000) GS:ffff8880d9cdb000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007fc19c5f2160 CR3: 000000004fa9b000 CR4: 00000000000006f0 ---------------- Code disassembly (best guess): 0: f5 cmc 1: 49 89 dd mov %rbx,%r13 4: 49 c1 ed 03 shr $0x3,%r13 8: 43 80 7c 3d 00 00 cmpb $0x0,0x0(%r13,%r15,1) e: 74 08 je 0x18 10: 48 89 df mov %rbx,%rdi 13: e8 96 39 9e f5 call 0xf59e39ae 18: 4c 8b 33 mov (%rbx),%r14 1b: 49 83 e6 fe and $0xfffffffffffffffe,%r14 1f: 49 8d 7e 58 lea 0x58(%r14),%rdi 23: 48 89 f8 mov %rdi,%rax 26: 48 c1 e8 03 shr $0x3,%rax * 2a: 42 80 3c 38 00 cmpb $0x0,(%rax,%r15,1) <-- trapping instruction 2f: 74 05 je 0x36 31: e8 78 39 9e f5 call 0xf59e39ae 36: 4d 8b 66 58 mov 0x58(%r14),%r12 3a: 4c 89 f7 mov %r14,%rdi 3d: e8 .byte 0xe8 3e: 8c 16 mov %ss,(%rsi) <<<<<<<<<<<<<<< tail report >>>>>>>>>>>>>>>