Hello,
syzbot found the following issue on:
HEAD commit: ca1c9012c941 Linux 6.1.26
git tree: linux-6.1.y
console output:
https://syzkaller.appspot.com/x/log.txt?x=10d81d40280000
kernel config:
https://syzkaller.appspot.com/x/.config?x=f95cba4715d63af9
dashboard link:
https://syzkaller.appspot.com/bug?extid=466f488371fea3a64c73
compiler: Debian clang version 15.0.7, GNU ld (GNU Binutils for Debian) 2.35.2
userspace arch: arm64
syz repro:
https://syzkaller.appspot.com/x/repro.syz?x=11f21008280000
C reproducer:
https://syzkaller.appspot.com/x/repro.c?x=13671b84280000
Downloadable assets:
disk image:
https://storage.googleapis.com/syzbot-assets/b6b74e769ec1/disk-ca1c9012.raw.xz
vmlinux:
https://storage.googleapis.com/syzbot-assets/31fce9ce6f18/vmlinux-ca1c9012.xz
kernel image:
https://storage.googleapis.com/syzbot-assets/cd73b5bb5ef4/Image-ca1c9012.gz.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by:
syzbot+466f48...@syzkaller.appspotmail.com
------------[ cut here ]------------
WARNING: CPU: 0 PID: 14 at drivers/net/wireless/ath/ath6kl/htc_pipe.c:963 ath6kl_htc_pipe_rx_complete+0xae0/0xc78 drivers/net/wireless/ath/ath6kl/htc_pipe.c:964
Modules linked in:
CPU: 0 PID: 14 Comm: kworker/0:1 Not tainted 6.1.26-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/30/2023
Workqueue: ath6kl_wq ath6kl_usb_io_comp_work
pstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : ath6kl_htc_pipe_rx_complete+0xae0/0xc78 drivers/net/wireless/ath/ath6kl/htc_pipe.c:964
lr : ath6kl_htc_pipe_rx_complete+0xad8/0xc78 drivers/net/wireless/ath/ath6kl/htc_pipe.c:963
sp : ffff800019ba7940
x29: ffff800019ba7a50 x28: 1fffe0001bc88594 x27: 1fffe0001bc88518
x26: dfff800000000000 x25: ffff0000c45efdc0 x24: ffff0000d5940e00
x23: 1ffff00003374f3c x22: ffff800013441930 x21: ffff0000d5940e00
x20: 0000000000000000 x19: dfff800000000000 x18: ffff800019ba7780
x17: ffff80001558d000 x16: ffff80000825e194 x15: 000000000000b652
x14: 000000001b127eb8 x13: dfff800000000000 x12: 0000000000000003
x11: ff8080000d58dc88 x10: 0000000000000000 x9 : ffff80000d58dc88
x8 : ffff0000c09a1b40 x7 : 0000000000000000 x6 : 0000000000000000
x5 : ffff800018736e70 x4 : 0000000000000000 x3 : 0000000000000000
x2 : 0000000000000005 x1 : ffff0000c45efdc0 x0 : ffff800013441ca0
Call trace:
ath6kl_htc_pipe_rx_complete+0xae0/0xc78 drivers/net/wireless/ath/ath6kl/htc_pipe.c:964
ath6kl_htc_rx_complete drivers/net/wireless/ath/ath6kl/htc-ops.h:109 [inline]
ath6kl_core_rx_complete+0x78/0x90 drivers/net/wireless/ath/ath6kl/core.c:62
ath6kl_usb_io_comp_work+0xe0/0x160 drivers/net/wireless/ath/ath6kl/usb.c:604
process_one_work+0x7ac/0x1404 kernel/workqueue.c:2289
worker_thread+0x8e4/0xfec kernel/workqueue.c:2436
kthread+0x250/0x2d8 kernel/kthread.c:376
ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:860
irq event stamp: 50238
hardirqs last enabled at (50237): [<ffff8000121bef3c>] __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:151 [inline]
hardirqs last enabled at (50237): [<ffff8000121bef3c>] _raw_spin_unlock_irqrestore+0x48/0xac kernel/locking/spinlock.c:194
hardirqs last disabled at (50238): [<ffff8000120dc90c>] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:405
softirqs last enabled at (3652): [<ffff80000839169c>] local_bh_enable+0xc/0x2c include/linux/bottom_half.h:32
softirqs last disabled at (3648): [<ffff800008391670>] local_bh_disable+0xc/0x2c include/linux/bottom_half.h:19
---[ end trace 0000000000000000 ]---
ath6kl: Target not yet initialized
---
This report is generated by a bot. It may contain errors.
See
https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at
syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
If the bug is already fixed, let syzbot know by replying with:
#syz fix: exact-commit-title
If you want syzbot to run the reproducer, reply with:
#syz test: git://repo/address.git branch-or-commit-hash
If you attach or paste a git patch, syzbot will apply it before testing.