syzbot

 sign-in | mailing list | source | docs
🐞 Open [993] Subsystems 🐞 Fixed [5244] 🐞 Invalid [12515] Missing Backports [83] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

WARNING in hci_send_cmd

Status: upstream: reported on 2024/02/12 10:37
Subsystems: bluetooth
[Documentation on labels]
Reported-by: syzbot+c39f6e731d27b028df97@syzkaller.appspotmail.com
First crash: 77d, last: 6d04h
Discussions (1)
Title Replies (including bot) Last reply
[syzbot] [bluetooth?] WARNING in hci_send_cmd 0 (1) 2024/02/12 10:37

Sample crash report:
------------[ cut here ]------------
WARNING: CPU: 0 PID: 11256 at kernel/workqueue.c:1728 __queue_work+0xdc6/0x11d0 kernel/workqueue.c:1727
Modules linked in:
CPU: 0 PID: 11256 Comm: syz-executor.2 Not tainted 6.8.0-rc3-syzkaller-00215-ge6f39a90de92 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
RIP: 0010:__queue_work+0xdc6/0x11d0 kernel/workqueue.c:1727
Code: 07 83 c0 03 38 d0 7c 09 84 d2 74 05 e8 d3 31 8d 00 8b 5b 2c 31 ff 83 e3 20 89 de e8 84 7c 33 00 85 db 75 56 e8 9b 81 33 00 90 <0f> 0b 90 e9 ac f8 ff ff e8 8d 81 33 00 90 0f 0b 90 e9 5b f8 ff ff
RSP: 0018:ffffc9000bec7a20 EFLAGS: 00010087
RAX: 000000000000282e RBX: 0000000000000000 RCX: ffffc90009c6e000
RDX: 0000000000040000 RSI: ffffffff8158e825 RDI: 0000000000000005
RBP: 0000000000000200 R08: 0000000000000005 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000001 R12: ffff8880418bcda8
R13: 0000000000000000 R14: ffff88807f8b9c00 R15: ffff88807f8b9c00
FS:  00007f1069ea96c0(0000) GS:ffff8880b9400000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000020000040 CR3: 00000000776c8000 CR4: 0000000000350ef0
Call Trace:
 <TASK>
 queue_work_on+0xf4/0x120 kernel/workqueue.c:1837
 queue_work include/linux/workqueue.h:548 [inline]
 hci_send_cmd+0xcb/0x1b0 net/bluetooth/hci_core.c:3072
 hci_acl_create_connection+0x426/0x5d0 net/bluetooth/hci_conn.c:237
 hci_connect_acl+0x3e3/0x700 net/bluetooth/hci_conn.c:1706
 l2cap_chan_connect+0x724/0x2180 net/bluetooth/l2cap_core.c:8054
 l2cap_sock_connect+0x33f/0x720 net/bluetooth/l2cap_sock.c:256
 __sys_connect_file+0x162/0x1a0 net/socket.c:2048
 __sys_connect+0x149/0x170 net/socket.c:2065
 __do_sys_connect net/socket.c:2075 [inline]
 __se_sys_connect net/socket.c:2072 [inline]
 __x64_sys_connect+0x72/0xb0 net/socket.c:2072
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xd8/0x270 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x6f/0x77
RIP: 0033:0x7f106907dda9
Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007f1069ea90c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
RAX: ffffffffffffffda RBX: 00007f10691abf80 RCX: 00007f106907dda9
RDX: 000000000000000e RSI: 0000000020000040 RDI: 0000000000000004
RBP: 00007f10690ca47a R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 000000000000000b R14: 00007f10691abf80 R15: 00007ffcf75228b8
 </TASK>

Crashes (2):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2024/02/10 01:34 upstream e6f39a90de92 77b23aa1 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root WARNING in hci_send_cmd
2024/04/21 02:50 net f99c5f563c17 af24b050 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce WARNING in hci_send_cmd
* Struck through repros no longer work on HEAD.