KASAN: vmalloc-out-of-bounds Read in kcov_remote

ID	Workflow	Result	Correct	Bug	Created	Started	Finished	Revision	Error
4a93e1b2-5dbe-4aa4-aa4c-12062719945b	assessment-security	DenialOfService: ❌ Exploitable: ❌ FilesystemTrigger: ❌ NetworkTrigger: ❌ PeripheralTrigger: ❌ RemoteTrigger: ❌ Unprivileged: ❌ UserNamespace: ❌ VMGuestTrigger: ❌ VMHostTrigger: ❌	❓	KASAN: vmalloc-out-of-bounds Read in kcov_remote_start	2026/05/23 06:13	2026/05/23 06:13	2026/05/23 07:07	c69befb30ac10e158cc9d1557b508ee3f0eca1de

Title	Replies (including bot)	Last reply
[PATCH] kcov: fix potential kcov_mode corruption under CONFIG_PREEMPT_RT	5 (5)	2026/05/21 08:38
[syzbot] Monthly usb report (May 2026)	0 (1)	2026/05/02 12:32
[syzbot] Monthly bluetooth report (May 2026)	0 (1)	2026/05/02 12:32
[syzbot] Monthly bluetooth report (Apr 2026)	0 (1)	2026/04/01 07:42
[syzbot] Monthly bluetooth report (Jan 2026)	0 (1)	2026/01/28 22:38
[syzbot] Monthly bluetooth report (Dec 2025)	0 (1)	2025/12/29 08:12
[syzbot] [usb?] KASAN: vmalloc-out-of-bounds Read in kcov_remote_start	0 (1)	2025/10/05 04:26

Title

Replies (including bot)

Last reply

[PATCH] kcov: fix potential kcov_mode corruption under CONFIG_PREEMPT_RT

5 (5)

2026/05/21 08:38

[syzbot] Monthly usb report (May 2026)

0 (1)

2026/05/02 12:32

[syzbot] Monthly bluetooth report (May 2026)

0 (1)

2026/05/02 12:32

[syzbot] Monthly bluetooth report (Apr 2026)

0 (1)

2026/04/01 07:42

[syzbot] Monthly bluetooth report (Jan 2026)

0 (1)

2026/01/28 22:38

[syzbot] Monthly bluetooth report (Dec 2025)

0 (1)

2025/12/29 08:12

[syzbot] [usb?] KASAN: vmalloc-out-of-bounds Read in kcov_remote_start

0 (1)

2025/10/05 04:26

================================================================== BUG: KASAN: vmalloc-out-of-bounds in __list_del_entry_valid_or_report+0xb5/0x190 lib/list_debug.c:65 Read of size 8 at addr ffffc90006de9008 by task kworker/0:0/9 CPU: 0 UID: 0 PID: 9 Comm: kworker/0:0 Tainted: G L syzkaller #0 PREEMPT_{RT,(full)} Tainted: [L]=SOFTLOCKUP Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 Workqueue: usb_hub_wq hub_event Call Trace: <TASK> dump_stack_lvl+0xe8/0x150 lib/dump_stack.c:120 print_address_description+0x55/0x1e0 mm/kasan/report.c:378 print_report+0x58/0x70 mm/kasan/report.c:482 kasan_report+0x117/0x150 mm/kasan/report.c:595 __list_del_entry_valid_or_report+0xb5/0x190 lib/list_debug.c:65 __list_del_entry_valid include/linux/list.h:132 [inline] __list_del_entry include/linux/list.h:246 [inline] list_del include/linux/list.h:260 [inline] kcov_remote_area_get kernel/kcov.c:143 [inline] kcov_remote_start+0x295/0x6f0 kernel/kcov.c:920 kcov_remote_start_usb include/linux/kcov.h:55 [inline] hub_event+0x15d/0x4cf0 drivers/usb/core/hub.c:5889 process_one_work kernel/workqueue.c:3322 [inline] process_scheduled_works+0xa8e/0x14e0 kernel/workqueue.c:3405 worker_thread+0xa47/0xfb0 kernel/workqueue.c:3486 kthread+0x388/0x470 kernel/kthread.c:436 ret_from_fork+0x514/0xb70 arch/x86/kernel/process.c:158 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245 </TASK> The buggy address belongs to a vmalloc virtual mapping Memory state around the buggy address: ffffc90006de8f00: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 ffffc90006de8f80: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 >ffffc90006de9000: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 ^ ffffc90006de9080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 ffffc90006de9100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 ==================================================================

Crashes (2728):
Time	Kernel	Commit	Syzkaller	Config	Log	Report	VM info	Assets (help?)	Manager	Title
2026/06/20 19:58	upstream	1a3746ccbb0a	43bfcdb0	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci-upstream-kasan-gce-smack-root	KASAN: vmalloc-out-of-bounds Read in kcov_remote_start
2026/06/19 23:52	upstream	c98d767b3457	43bfcdb0	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci-upstream-kasan-gce-smack-root	KASAN: vmalloc-out-of-bounds Read in kcov_remote_start
2026/06/19 10:11	upstream	8c13415c8a43	d7ffd47b	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci-upstream-kasan-gce-smack-root	KASAN: vmalloc-out-of-bounds Read in kcov_remote_start
2026/06/19 08:15	upstream	8c13415c8a43	d7ffd47b	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci-upstream-kasan-gce-smack-root	KASAN: vmalloc-out-of-bounds Read in kcov_remote_start
2026/06/19 05:28	upstream	8c13415c8a43	d7ffd47b	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci-upstream-kasan-gce-smack-root	KASAN: vmalloc-out-of-bounds Read in kcov_remote_start
2026/06/18 09:47	upstream	e771677c937d	b62b3ded	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci-upstream-kasan-gce-smack-root	KASAN: vmalloc-out-of-bounds Read in kcov_remote_start
2026/06/17 20:52	upstream	9c87e61e3c57	62cc6db3	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci-upstream-kasan-gce-smack-root	KASAN: vmalloc-out-of-bounds Read in kcov_remote_start
2026/06/17 19:47	upstream	9c87e61e3c57	62cc6db3	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci-upstream-kasan-gce-smack-root	KASAN: vmalloc-out-of-bounds Read in kcov_remote_start
2026/06/17 07:28	upstream	6b5a2b7d9bc1	62cc6db3	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci-upstream-kasan-gce-smack-root	KASAN: vmalloc-out-of-bounds Read in kcov_remote_start
2026/06/17 01:21	upstream	6b5a2b7d9bc1	0e4b3e40	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci-upstream-kasan-gce-smack-root	KASAN: vmalloc-out-of-bounds Read in kcov_remote_start
2026/06/16 22:18	upstream	6b5a2b7d9bc1	0e4b3e40	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci-upstream-kasan-gce-smack-root	KASAN: vmalloc-out-of-bounds Read in kcov_remote_start
2026/05/22 20:33	upstream	45255ea1ca09	e16cf9f3	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci-upstream-kasan-gce-smack-root	KASAN: vmalloc-out-of-bounds Read in kcov_remote_start
2026/03/09 04:48	upstream	014441d1e4b2	5cb44a80	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci-upstream-kasan-gce-smack-root	KASAN: vmalloc-out-of-bounds Read in kcov_remote_start
2025/10/05 02:43	upstream	d104e3d17f7b	49379ee0	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci-upstream-kasan-gce-smack-root	KASAN: vmalloc-out-of-bounds Read in kcov_remote_start
2025/10/01 04:17	upstream	50c19e20ed2e	65a0eece	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci-upstream-kasan-gce-smack-root	KASAN: vmalloc-out-of-bounds Read in kcov_remote_start
2026/06/20 21:16	linux-next	ec039126b7fa	43bfcdb0	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci-upstream-rust-kasan-gce	KASAN: vmalloc-out-of-bounds Read in kcov_remote_start
2026/06/20 17:56	linux-next	3ce97bd3c4f1	43bfcdb0	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci-upstream-linux-next-kasan-gce-root	KASAN: vmalloc-out-of-bounds Read in kcov_remote_start
2026/06/20 12:43	linux-next	ec039126b7fa	43bfcdb0	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci-upstream-rust-kasan-gce	KASAN: vmalloc-out-of-bounds Read in kcov_remote_start
2026/06/20 07:39	linux-next	ec039126b7fa	43bfcdb0	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci-upstream-rust-kasan-gce	KASAN: vmalloc-out-of-bounds Read in kcov_remote_start
2026/06/20 03:26	linux-next	ec039126b7fa	43bfcdb0	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci-upstream-rust-kasan-gce	KASAN: vmalloc-out-of-bounds Read in kcov_remote_start
2026/06/18 19:31	linux-next	e2cae00c05d1	a776b0d0	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci-upstream-linux-next-kasan-gce-root	KASAN: vmalloc-out-of-bounds Read in kcov_remote_start
2026/06/18 17:56	linux-next	e2cae00c05d1	a776b0d0	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci-upstream-linux-next-kasan-gce-root	KASAN: vmalloc-out-of-bounds Read in kcov_remote_start
2026/06/18 06:32	linux-next	4fa3f5fabb30	b62b3ded	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci-upstream-linux-next-kasan-gce-root	KASAN: vmalloc-out-of-bounds Read in kcov_remote_start
2026/06/18 03:18	linux-next	ec039126b7fa	b62b3ded	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci-upstream-rust-kasan-gce	KASAN: vmalloc-out-of-bounds Read in kcov_remote_start
2026/06/18 02:01	linux-next	ec039126b7fa	b62b3ded	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci-upstream-rust-kasan-gce	KASAN: vmalloc-out-of-bounds Read in kcov_remote_start
2026/06/17 17:29	linux-next	ec039126b7fa	62cc6db3	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci-upstream-rust-kasan-gce	KASAN: vmalloc-out-of-bounds Read in kcov_remote_start
2026/06/17 15:41	linux-next	4fa3f5fabb30	62cc6db3	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci-upstream-linux-next-kasan-gce-root	KASAN: vmalloc-out-of-bounds Read in kcov_remote_start
2026/06/17 08:48	linux-next	ec039126b7fa	62cc6db3	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci-upstream-rust-kasan-gce	KASAN: vmalloc-out-of-bounds Read in kcov_remote_start
2026/06/16 20:27	linux-next	4fa3f5fabb30	0e4b3e40	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci-upstream-linux-next-kasan-gce-root	KASAN: vmalloc-out-of-bounds Read in kcov_remote_start
2026/06/16 19:22	linux-next	4fa3f5fabb30	0e4b3e40	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci-upstream-linux-next-kasan-gce-root	KASAN: vmalloc-out-of-bounds Read in kcov_remote_start
2026/06/20 12:55	upstream	1a3746ccbb0a	43bfcdb0	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci-upstream-kasan-gce-smack-root	BUG: unable to handle kernel NULL pointer dereference in kcov_remote_start
2026/06/20 09:52	upstream	1a3746ccbb0a	43bfcdb0	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci-upstream-kasan-gce-smack-root	BUG: unable to handle kernel NULL pointer dereference in kcov_remote_start
2026/06/20 08:45	upstream	1a3746ccbb0a	43bfcdb0	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci-upstream-kasan-gce-smack-root	BUG: unable to handle kernel paging request in kcov_remote_start
2026/06/20 03:25	upstream	c98d767b3457	43bfcdb0	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci-upstream-kasan-gce-smack-root	BUG: corrupted list in kcov_remote_start
2026/06/19 15:18	upstream	8c13415c8a43	d7ffd47b	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci-upstream-kasan-gce-smack-root	BUG: unable to handle kernel NULL pointer dereference in kcov_remote_start
2026/06/19 11:33	upstream	8c13415c8a43	d7ffd47b	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci-upstream-kasan-gce-smack-root	BUG: unable to handle kernel NULL pointer dereference in kcov_remote_start
2026/06/19 06:34	upstream	8c13415c8a43	d7ffd47b	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci-upstream-kasan-gce-smack-root	BUG: unable to handle kernel NULL pointer dereference in kcov_remote_start
2026/06/19 04:20	upstream	8c13415c8a43	d7ffd47b	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci-upstream-kasan-gce-smack-root	BUG: corrupted list in kcov_remote_start
2026/06/17 13:04	upstream	6b5a2b7d9bc1	62cc6db3	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci-upstream-kasan-gce-smack-root	BUG: unable to handle kernel paging request in kcov_remote_start
2026/06/17 06:06	upstream	6b5a2b7d9bc1	62cc6db3	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci-upstream-kasan-gce-smack-root	BUG: unable to handle kernel paging request in kcov_remote_start
2026/06/20 15:04	linux-next	3ce97bd3c4f1	43bfcdb0	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci-upstream-linux-next-kasan-gce-root	BUG: unable to handle kernel NULL pointer dereference in kcov_remote_start
2026/06/20 11:26	linux-next	ec039126b7fa	43bfcdb0	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci-upstream-rust-kasan-gce	BUG: unable to handle kernel NULL pointer dereference in kcov_remote_start
2026/06/20 06:29	linux-next	3ce97bd3c4f1	43bfcdb0	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci-upstream-linux-next-kasan-gce-root	BUG: unable to handle kernel NULL pointer dereference in kcov_remote_start
2026/06/20 05:10	linux-next	3ce97bd3c4f1	43bfcdb0	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci-upstream-linux-next-kasan-gce-root	BUG: unable to handle kernel NULL pointer dereference in kcov_remote_start
2026/06/20 00:55	linux-next	ec039126b7fa	43bfcdb0	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci-upstream-rust-kasan-gce	BUG: corrupted list in kcov_remote_start
2026/06/19 17:11	linux-next	3ce97bd3c4f1	43bfcdb0	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci-upstream-linux-next-kasan-gce-root	BUG: corrupted list in kcov_remote_start
2026/06/19 01:37	linux-next	e2cae00c05d1	a776b0d0	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci-upstream-linux-next-kasan-gce-root	BUG: corrupted list in kcov_remote_start
2026/06/18 23:20	linux-next	ec039126b7fa	a776b0d0	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci-upstream-rust-kasan-gce	BUG: corrupted list in kcov_remote_start
2026/06/18 20:49	linux-next	e2cae00c05d1	a776b0d0	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci-upstream-linux-next-kasan-gce-root	BUG: unable to handle kernel NULL pointer dereference in kcov_remote_start
2026/06/18 15:38	linux-next	ec039126b7fa	a776b0d0	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci-upstream-rust-kasan-gce	BUG: unable to handle kernel NULL pointer dereference in kcov_remote_start
2026/06/18 13:48	linux-next	ec039126b7fa	a776b0d0	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci-upstream-rust-kasan-gce	BUG: unable to handle kernel NULL pointer dereference in kcov_remote_start
2026/06/17 23:53	linux-next	4fa3f5fabb30	b62b3ded	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci-upstream-linux-next-kasan-gce-root	BUG: unable to handle kernel NULL pointer dereference in kcov_remote_start
2026/06/16 23:33	linux-next	4fa3f5fabb30	0e4b3e40	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci-upstream-linux-next-kasan-gce-root	BUG: unable to handle kernel paging request in kcov_remote_start
2026/06/16 17:16	linux-next	ec039126b7fa	0e4b3e40	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci-upstream-rust-kasan-gce	BUG: unable to handle kernel NULL pointer dereference in kcov_remote_start
2026/06/16 14:29	linux-next	8d6dbbbe3ba6	50bb0618	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci-upstream-linux-next-kasan-gce-root	BUG: unable to handle kernel NULL pointer dereference in kcov_remote_start

Crashes (2728):

Assets (help?)

2026/06/20 19:58

upstream