INFO: trying to register non-static key in hci_uart_tty_receive
9 views
Skip to first unread message
syzbot
Aug 30, 2019, 3:40:08 PM8/30/19
to johan....@gmail.com, linux-b...@vger.kernel.org, linux-...@vger.kernel.org, mar...@holtmann.org, syzkall...@googlegroups.com
Hello,
syzbot found the following crash on:
HEAD commit: ed2393ca Add linux-next specific files for 20190827
git tree: linux-next
console output: https://syzkaller.appspot.com/x/log.txt?x=16350e7a600000
kernel config: https://syzkaller.appspot.com/x/.config?x=2ef5940a07ed45f4
dashboard link: https://syzkaller.appspot.com/bug?extid=13a3ab5c28d3fb67bacc
compiler: gcc (GCC) 9.0.0 20181231 (experimental)
Unfortunately, I don't have any reproducer for this crash yet.
IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+13a3ab...@syzkaller.appspotmail.com
INFO: trying to register non-static key.
the code is fine but needs lockdep annotation.
turning off the locking correctness validator.
CPU: 1 PID: 562 Comm: kworker/u4:3 Not tainted 5.3.0-rc6-next-20190827 #74
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS
Google 01/01/2011
Workqueue: events_unbound flush_to_ldisc
Call Trace:
__dump_stack lib/dump_stack.c:77 [inline]
dump_stack+0x172/0x1f0 lib/dump_stack.c:113
assign_lock_key kernel/locking/lockdep.c:881 [inline]
register_lock_class+0x179e/0x1850 kernel/locking/lockdep.c:1190
__lock_acquire+0xf4/0x4a00 kernel/locking/lockdep.c:3837
lock_acquire+0x190/0x410 kernel/locking/lockdep.c:4487
percpu_down_read include/linux/percpu-rwsem.h:40 [inline]
hci_uart_tty_receive+0xcf/0x6e0 drivers/bluetooth/hci_ldisc.c:603
tty_ldisc_receive_buf+0x15f/0x1c0 drivers/tty/tty_buffer.c:465
tty_port_default_receive_buf+0x7d/0xb0 drivers/tty/tty_port.c:38
receive_buf drivers/tty/tty_buffer.c:481 [inline]
flush_to_ldisc+0x222/0x390 drivers/tty/tty_buffer.c:533
process_one_work+0x9af/0x1740 kernel/workqueue.c:2269
worker_thread+0x98/0xe40 kernel/workqueue.c:2415
kthread+0x361/0x430 kernel/kthread.c:255
ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:352
---
This bug is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this bug report. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot found the following crash on:
HEAD commit: ed2393ca Add linux-next specific files for 20190827
git tree: linux-next
console output: https://syzkaller.appspot.com/x/log.txt?x=16350e7a600000
kernel config: https://syzkaller.appspot.com/x/.config?x=2ef5940a07ed45f4
dashboard link: https://syzkaller.appspot.com/bug?extid=13a3ab5c28d3fb67bacc
compiler: gcc (GCC) 9.0.0 20181231 (experimental)
Unfortunately, I don't have any reproducer for this crash yet.
IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+13a3ab...@syzkaller.appspotmail.com
INFO: trying to register non-static key.
the code is fine but needs lockdep annotation.
turning off the locking correctness validator.
CPU: 1 PID: 562 Comm: kworker/u4:3 Not tainted 5.3.0-rc6-next-20190827 #74
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS
Google 01/01/2011
Workqueue: events_unbound flush_to_ldisc
Call Trace:
__dump_stack lib/dump_stack.c:77 [inline]
dump_stack+0x172/0x1f0 lib/dump_stack.c:113
assign_lock_key kernel/locking/lockdep.c:881 [inline]
register_lock_class+0x179e/0x1850 kernel/locking/lockdep.c:1190
__lock_acquire+0xf4/0x4a00 kernel/locking/lockdep.c:3837
lock_acquire+0x190/0x410 kernel/locking/lockdep.c:4487
percpu_down_read include/linux/percpu-rwsem.h:40 [inline]
hci_uart_tty_receive+0xcf/0x6e0 drivers/bluetooth/hci_ldisc.c:603
tty_ldisc_receive_buf+0x15f/0x1c0 drivers/tty/tty_buffer.c:465
tty_port_default_receive_buf+0x7d/0xb0 drivers/tty/tty_port.c:38
receive_buf drivers/tty/tty_buffer.c:481 [inline]
flush_to_ldisc+0x222/0x390 drivers/tty/tty_buffer.c:533
process_one_work+0x9af/0x1740 kernel/workqueue.c:2269
worker_thread+0x98/0xe40 kernel/workqueue.c:2415
kthread+0x361/0x430 kernel/kthread.c:255
ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:352
---
This bug is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this bug report. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
Hillf Danton
Aug 31, 2019, 8:00:16 AM8/31/19
to syzbot, johan....@gmail.com, linux-b...@vger.kernel.org, linux-...@vger.kernel.org, mar...@holtmann.org, syzkall...@googlegroups.com
On Fri, 30 Aug 2019 12:40:07 -0700
--- a/drivers/bluetooth/hci_ldisc.c
+++ b/drivers/bluetooth/hci_ldisc.c
@@ -524,7 +524,7 @@ static void hci_uart_tty_close(struct tt
BT_DBG("tty %p", tty);
/* Detach from the tty */
- tty->disc_data = NULL;
+ smp_store_release(&tty->disc_data, NULL);
if (!hu)
return;
@@ -595,7 +595,8 @@ static void hci_uart_tty_wakeup(struct t
static void hci_uart_tty_receive(struct tty_struct *tty, const u8 *data,
char *flags, int count)
{
- struct hci_uart *hu = tty->disc_data;
+ /* paired with store in hci_uart_tty_close() */
+ struct hci_uart *hu = smp_load_acquire(&tty->disc_data);
if (!hu || tty != hu->tty)
return;
syzbot
Oct 28, 2019, 10:58:05 AM10/28/19
to syzkall...@googlegroups.com
Auto-closing this bug as obsolete.
Crashes did not happen for a while, no reproducer and no activity.
Crashes did not happen for a while, no reproducer and no activity.
Reply all
Reply to author
Forward
0 new messages