[v5.15] WARNING in hci_cmd_timeout (2)
0 views
Skip to first unread message
syzbot
Dec 28, 2023, 4:43:22 PM12/28/23
to syzkaller...@googlegroups.com
Hello,
syzbot found the following issue on:
HEAD commit: d93fa2c78854 Linux 5.15.145
git tree: linux-5.15.y
console output: https://syzkaller.appspot.com/x/log.txt?x=163afc81e80000
kernel config: https://syzkaller.appspot.com/x/.config?x=8eb25e663e3df1b9
dashboard link: https://syzkaller.appspot.com/bug?extid=30e82be1301252ee6013
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
userspace arch: arm64
Unfortunately, I don't have any reproducer for this issue yet.
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/45f65ff2a6ba/disk-d93fa2c7.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/983a4d12af77/vmlinux-d93fa2c7.xz
kernel image: https://storage.googleapis.com/syzbot-assets/8864285a1d94/Image-d93fa2c7.gz.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+30e82b...@syzkaller.appspotmail.com
Bluetooth: hci3: command 0x041b tx timeout
------------[ cut here ]------------
WARNING: CPU: 1 PID: 4249 at kernel/workqueue.c:1453 __queue_work+0xee4/0x114c kernel/workqueue.c:1453
Modules linked in:
CPU: 1 PID: 4249 Comm: kworker/1:10 Not tainted 5.15.145-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023
Workqueue: events hci_cmd_timeout
pstate: 804000c5 (Nzcv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : __queue_work+0xee4/0x114c kernel/workqueue.c:1453
lr : __queue_work+0xee4/0x114c kernel/workqueue.c:1453
sp : ffff80001e997a40
x29: ffff80001e997a80 x28: ffff0001b4827500 x27: 0000000000000008
x26: ffff0000d619a000 x25: dfff800000000000 x24: ffff0000d619a1c0
x23: 1fffe0001ac33438 x22: ffff0000d0ac9b48 x21: 1fffe0001a159369
x20: 00000000000b0012 x19: ffff0000d48e4b30 x18: 0000000000000001
x17: 0000000000000000 x16: ffff8000082e9b28 x15: 00000000ffffffff
x14: ffff0000d0ac9b40 x13: 0000000000005b18 x12: 0000000000000001
x11: 0000000000000000 x10: 0000000000000000 x9 : ffff0000d0ac9b40
x8 : ffff800008204a6c x7 : 0000000000000000 x6 : 0000000000005ad8
x5 : ffff80001e997178 x4 : 0000000000000000 x3 : ffff800008203a94
x2 : ffff0000d48e4b30 x1 : 0000000000200000 x0 : 0000000000000000
Call trace:
__queue_work+0xee4/0x114c kernel/workqueue.c:1453
queue_work_on+0xc4/0x17c kernel/workqueue.c:1559
queue_work include/linux/workqueue.h:512 [inline]
hci_cmd_timeout+0x1d0/0x204 net/bluetooth/hci_core.c:2787
process_one_work+0x790/0x11b8 kernel/workqueue.c:2310
worker_thread+0x910/0x1034 kernel/workqueue.c:2457
kthread+0x37c/0x45c kernel/kthread.c:319
ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:870
irq event stamp: 680960
hardirqs last enabled at (680959): [<ffff800008329e94>] __up_console_sem+0xb4/0x100 kernel/printk/printk.c:257
hardirqs last disabled at (680960): [<ffff800008203a88>] queue_work_on+0x7c/0x17c kernel/workqueue.c:1556
softirqs last enabled at (680948): [<ffff800010896cd8>] local_bh_enable+0x10/0x34 include/linux/bottom_half.h:31
softirqs last disabled at (680930): [<ffff800010896c10>] local_bh_disable+0x10/0x34 include/linux/bottom_half.h:18
---[ end trace f065ca1c4fc4ad55 ]---
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
If the report is already addressed, let syzbot know by replying with:
#syz fix: exact-commit-title
If you want to overwrite report's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)
If the report is a duplicate of another one, reply with:
#syz dup: exact-subject-of-another-report
If you want to undo deduplication, reply with:
#syz undup
syzbot found the following issue on:
HEAD commit: d93fa2c78854 Linux 5.15.145
git tree: linux-5.15.y
console output: https://syzkaller.appspot.com/x/log.txt?x=163afc81e80000
kernel config: https://syzkaller.appspot.com/x/.config?x=8eb25e663e3df1b9
dashboard link: https://syzkaller.appspot.com/bug?extid=30e82be1301252ee6013
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
userspace arch: arm64
Unfortunately, I don't have any reproducer for this issue yet.
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/45f65ff2a6ba/disk-d93fa2c7.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/983a4d12af77/vmlinux-d93fa2c7.xz
kernel image: https://storage.googleapis.com/syzbot-assets/8864285a1d94/Image-d93fa2c7.gz.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+30e82b...@syzkaller.appspotmail.com
Bluetooth: hci3: command 0x041b tx timeout
------------[ cut here ]------------
WARNING: CPU: 1 PID: 4249 at kernel/workqueue.c:1453 __queue_work+0xee4/0x114c kernel/workqueue.c:1453
Modules linked in:
CPU: 1 PID: 4249 Comm: kworker/1:10 Not tainted 5.15.145-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023
Workqueue: events hci_cmd_timeout
pstate: 804000c5 (Nzcv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : __queue_work+0xee4/0x114c kernel/workqueue.c:1453
lr : __queue_work+0xee4/0x114c kernel/workqueue.c:1453
sp : ffff80001e997a40
x29: ffff80001e997a80 x28: ffff0001b4827500 x27: 0000000000000008
x26: ffff0000d619a000 x25: dfff800000000000 x24: ffff0000d619a1c0
x23: 1fffe0001ac33438 x22: ffff0000d0ac9b48 x21: 1fffe0001a159369
x20: 00000000000b0012 x19: ffff0000d48e4b30 x18: 0000000000000001
x17: 0000000000000000 x16: ffff8000082e9b28 x15: 00000000ffffffff
x14: ffff0000d0ac9b40 x13: 0000000000005b18 x12: 0000000000000001
x11: 0000000000000000 x10: 0000000000000000 x9 : ffff0000d0ac9b40
x8 : ffff800008204a6c x7 : 0000000000000000 x6 : 0000000000005ad8
x5 : ffff80001e997178 x4 : 0000000000000000 x3 : ffff800008203a94
x2 : ffff0000d48e4b30 x1 : 0000000000200000 x0 : 0000000000000000
Call trace:
__queue_work+0xee4/0x114c kernel/workqueue.c:1453
queue_work_on+0xc4/0x17c kernel/workqueue.c:1559
queue_work include/linux/workqueue.h:512 [inline]
hci_cmd_timeout+0x1d0/0x204 net/bluetooth/hci_core.c:2787
process_one_work+0x790/0x11b8 kernel/workqueue.c:2310
worker_thread+0x910/0x1034 kernel/workqueue.c:2457
kthread+0x37c/0x45c kernel/kthread.c:319
ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:870
irq event stamp: 680960
hardirqs last enabled at (680959): [<ffff800008329e94>] __up_console_sem+0xb4/0x100 kernel/printk/printk.c:257
hardirqs last disabled at (680960): [<ffff800008203a88>] queue_work_on+0x7c/0x17c kernel/workqueue.c:1556
softirqs last enabled at (680948): [<ffff800010896cd8>] local_bh_enable+0x10/0x34 include/linux/bottom_half.h:31
softirqs last disabled at (680930): [<ffff800010896c10>] local_bh_disable+0x10/0x34 include/linux/bottom_half.h:18
---[ end trace f065ca1c4fc4ad55 ]---
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
If the report is already addressed, let syzbot know by replying with:
#syz fix: exact-commit-title
If you want to overwrite report's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)
If the report is a duplicate of another one, reply with:
#syz dup: exact-subject-of-another-report
If you want to undo deduplication, reply with:
#syz undup
Reply all
Reply to author
Forward
0 new messages