syzbot

 sign-in | mailing list | source | docs
🐞 Open [1031] 🐞 Fixed [3926] 🐞 Invalid [8527] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes

WARNING in notifier_chain_register

Status: upstream: reported C repro on 2022/07/06 13:50
Reported-by: syzbot+5214f8dac5863061e37c@syzkaller.appspotmail.com
First crash: 42d, last: 5h02m

Cause bisection: introduced by (bisect log) :
commit ff7f2926114d3a50f5ffe461a9bce8d761748da5
Author: Vasyl Vavrychuk <vasyl.vavrychuk@opensynergy.com>
Date: Tue Apr 26 08:18:23 2022 +0000

  Bluetooth: core: Fix missing power_on work cancel on HCI close

Crash: INFO: task hung in hci_dev_close_sync (log)
Repro: C syz .config
Patch testing requests:
Created Duration User Patch Repo Result
2022/07/08 11:16 18m hdanton@sina.com patch https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git cb71b93c2dc3 OK log
2022/07/07 10:58 12m hdanton@sina.com patch https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git cb71b93c2dc3 report log

Sample crash report:
------------[ cut here ]------------
notifier callback hci_suspend_notifier already registered
WARNING: CPU: 1 PID: 7052 at kernel/notifier.c:28 notifier_chain_register kernel/notifier.c:28 [inline]
WARNING: CPU: 1 PID: 7052 at kernel/notifier.c:28 notifier_chain_register+0x156/0x210 kernel/notifier.c:22
Modules linked in:
CPU: 1 PID: 7052 Comm: syz-executor232 Not tainted 5.19.0-syzkaller-13930-g7ebfc85e2cd7 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022
RIP: 0010:notifier_chain_register kernel/notifier.c:28 [inline]
RIP: 0010:notifier_chain_register+0x156/0x210 kernel/notifier.c:22
Code: 89 ea 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 80 3c 02 00 0f 85 a5 00 00 00 49 8b 75 00 48 c7 c7 c0 f0 eb 89 e8 c7 e3 e8 07 <0f> 0b 41 bc ef ff ff ff e8 2d 2e 2b 00 44 89 e0 48 83 c4 18 5b 5d
RSP: 0018:ffffc9000c01fd58 EFLAGS: 00010282
RAX: 0000000000000000 RBX: ffff88801f141108 RCX: 0000000000000000
RDX: ffff88807a77d880 RSI: ffffffff8161f148 RDI: fffff52001803f9d
RBP: 0000000000000000 R08: 0000000000000005 R09: 0000000000000000
R10: 0000000080000000 R11: 0000000000000000 R12: 0000000000000000
R13: ffff88801f141108 R14: ffff88802693d110 R15: dffffc0000000000
FS:  00005555557f0300(0000) GS:ffff8880b9a00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f02e6b5af68 CR3: 00000000792aa000 CR4: 0000000000350ef0
Call Trace:
 <TASK>
 __blocking_notifier_chain_register kernel/notifier.c:266 [inline]
 blocking_notifier_chain_register+0x6f/0xc0 kernel/notifier.c:284
 hci_register_suspend_notifier net/bluetooth/hci_core.c:2749 [inline]
 hci_register_suspend_notifier+0x9d/0xc0 net/bluetooth/hci_core.c:2743
 hci_sock_release+0x4a2/0x520 net/bluetooth/hci_sock.c:890
 __sock_release+0xcd/0x280 net/socket.c:650
 sock_close+0x18/0x20 net/socket.c:1365
 __fput+0x277/0x9d0 fs/file_table.c:320
 task_work_run+0xdd/0x1a0 kernel/task_work.c:177
 resume_user_mode_work include/linux/resume_user_mode.h:49 [inline]
 exit_to_user_mode_loop kernel/entry/common.c:169 [inline]
 exit_to_user_mode_prepare+0x23c/0x250 kernel/entry/common.c:201
 __syscall_exit_to_user_mode_work kernel/entry/common.c:283 [inline]
 syscall_exit_to_user_mode+0x19/0x50 kernel/entry/common.c:294
 do_syscall_64+0x42/0xb0 arch/x86/entry/common.c:86
 entry_SYSCALL_64_after_hwframe+0x63/0xcd
RIP: 0033:0x7f02e6ac69db
Code: 0f 05 48 3d 00 f0 ff ff 77 45 c3 0f 1f 40 00 48 83 ec 18 89 7c 24 0c e8 63 fc ff ff 8b 7c 24 0c 41 89 c0 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 35 44 89 c7 89 44 24 0c e8 a1 fc ff ff 8b 44
RSP: 002b:00007ffdafea6b60 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
RAX: 0000000000000000 RBX: 0000000000000005 RCX: 00007f02e6ac69db
RDX: ffffffffffffffb8 RSI: 00000000400448ca RDI: 0000000000000004
RBP: 0000000000000003 R08: 0000000000000000 R09: 00007ffd00000004
R10: 00007ffd00000004 R11: 0000000000000293 R12: 00005555557f02b8
R13: 0000000000000011 R14: 00007ffdafea6c20 R15: 00007ffdafea6bb0
 </TASK>

Crashes (6):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Title
ci-upstream-kasan-gce-root 2022/08/17 11:33 upstream 7ebfc85e2cd7 4e72d229 .config log report syz C WARNING in notifier_chain_register
ci-upstream-kasan-gce-selinux-root 2022/08/13 16:32 upstream 7ebfc85e2cd7 8dfcaa3d .config log report syz C WARNING in notifier_chain_register
ci-upstream-linux-next-kasan-gce-root 2022/07/11 01:19 linux-next cb71b93c2dc3 b5765a15 .config log report syz C WARNING in notifier_chain_register
ci-upstream-linux-next-kasan-gce-root 2022/07/06 06:56 linux-next cb71b93c2dc3 bff65f44 .config log report syz C WARNING in notifier_chain_register
ci-upstream-net-this-kasan-gce 2022/08/10 23:27 net 6fd2c17fb6e0 a6201f11 .config log report info WARNING in notifier_chain_register
ci-upstream-linux-next-kasan-gce-root 2022/07/27 00:17 linux-next cb71b93c2dc3 279b89c2 .config log report info WARNING in notifier_chain_register