syzbot

 sign-in | mailing list | source | docs
🐞 Open [1413]
Subsystems
🐞 Fixed [5827]
🐞 Invalid [14217]
Missing Backports [92]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

WARNING in hci_send_cmd

Status: upstream: reported on 2024/02/12 10:37
Subsystems: bluetooth
[Documentation on labels]
Reported-by: syzbot+c39f6e731d27b028df97@syzkaller.appspotmail.com
First crash: 285d, last: 35d
Discussions (1)
Title Replies (including bot) Last reply
[syzbot] [bluetooth?] WARNING in hci_send_cmd 0 (1) 2024/02/12 10:37

Sample crash report:
Bluetooth: MGMT ver 1.23
------------[ cut here ]------------
WARNING: CPU: 0 PID: 13947 at kernel/workqueue.c:2257 __queue_work+0xcd3/0xf50 kernel/workqueue.c:2256
Modules linked in:
CPU: 0 UID: 0 PID: 13947 Comm: syz.2.2029 Not tainted 6.12.0-rc3-syzkaller-00087-gc964ced77262 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
RIP: 0010:__queue_work+0xcd3/0xf50 kernel/workqueue.c:2256
Code: ff e8 41 ad 37 00 90 0f 0b 90 e9 1e fd ff ff e8 33 ad 37 00 eb 13 e8 2c ad 37 00 eb 0c e8 25 ad 37 00 eb 05 e8 1e ad 37 00 90 <0f> 0b 90 48 83 c4 60 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc
RSP: 0018:ffffc90003c776a8 EFLAGS: 00010087
RAX: ffffffff815d39d4 RBX: ffff88802875bc00 RCX: 0000000000040000
RDX: ffffc90008e1a000 RSI: 0000000000005902 RDI: 0000000000005903
RBP: 0000000000000000 R08: ffffffff815d2e34 R09: 0000000000000000
R10: ffffc90003c77780 R11: fffff5200078eef1 R12: ffff888021742000
R13: ffff8880217421c0 R14: dffffc0000000000 R15: 0000000000000008
FS:  00007febc53796c0(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000001b31e16ff8 CR3: 000000006a2fc000 CR4: 00000000003526f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <TASK>
 queue_work_on+0x1c2/0x380 kernel/workqueue.c:2390
 queue_work include/linux/workqueue.h:662 [inline]
 hci_send_cmd+0xb6/0x180 net/bluetooth/hci_core.c:3066
 set_link_security+0x606/0x820 net/bluetooth/mgmt.c:1899
 hci_mgmt_cmd+0xc47/0x11d0 net/bluetooth/hci_sock.c:1712
 hci_sock_sendmsg+0x7b8/0x11c0 net/bluetooth/hci_sock.c:1832
 sock_sendmsg_nosec net/socket.c:729 [inline]
 __sock_sendmsg+0x221/0x270 net/socket.c:744
 sock_write_iter+0x2d7/0x3f0 net/socket.c:1165
 new_sync_write fs/read_write.c:590 [inline]
 vfs_write+0xa6d/0xc90 fs/read_write.c:683
 ksys_write+0x183/0x2b0 fs/read_write.c:736
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7febc457dff9
Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007febc5379038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
RAX: ffffffffffffffda RBX: 00007febc4735f80 RCX: 00007febc457dff9
RDX: 0000000000000007 RSI: 0000000020000000 RDI: 0000000000000008
RBP: 00007febc45f0296 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 0000000000000000 R14: 00007febc4735f80 R15: 00007ffc88696c28
 </TASK>

Crashes (8):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2024/10/17 05:19 upstream c964ced77262 666f77ed .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root WARNING in hci_send_cmd
2024/02/10 01:34 upstream e6f39a90de92 77b23aa1 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root WARNING in hci_send_cmd
2024/09/13 15:19 net 3e705251d998 73e8a465 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce WARNING in hci_send_cmd
2024/04/21 02:50 net f99c5f563c17 af24b050 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce WARNING in hci_send_cmd
2024/07/21 12:27 net-next 58f9416d413a b88348e9 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-net-next-test-gce WARNING in hci_send_cmd
2024/06/23 11:31 net-next 185d72112b95 edc5149a .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce WARNING in hci_send_cmd
2024/05/11 06:02 net-next b9d5f5711dd8 9026e142 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce WARNING in hci_send_cmd
2024/05/04 03:34 net-next 5829614a7b3b 610f2a54 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce WARNING in hci_send_cmd
* Struck through repros no longer work on HEAD.