From: syzbot <syzbot+e29c204bd2e3906fe69c@syzkaller.appspotmail.com>
To: davem@davemloft.net, edumazet@google.com,
krzysztof.kozlowski@linaro.org, kuba@kernel.org,
linux-kernel@vger.kernel.org, netdev@vger.kernel.org,
pabeni@redhat.com, syzkaller-bugs@googlegroups.com
Subject: [syzbot] [nfc?] [net?] WARNING: locking bug in nci_close_device (2)
Date: Sat, 30 Mar 2024 04:02:25 -0700 [thread overview]
Message-ID: <00000000000008cd6e0614deb1db@google.com> (raw)
Hello,
syzbot found the following issue on:
HEAD commit: 707081b61156 Merge branch 'for-next/core', remote-tracking..
git tree: git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci
console output: https://syzkaller.appspot.com/x/log.txt?x=12ae3185180000
kernel config: https://syzkaller.appspot.com/x/.config?x=caeac3f3565b057a
dashboard link: https://syzkaller.appspot.com/bug?extid=e29c204bd2e3906fe69c
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
userspace arch: arm64
Unfortunately, I don't have any reproducer for this issue yet.
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/6cad68bf7532/disk-707081b6.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/1a27e5400778/vmlinux-707081b6.xz
kernel image: https://storage.googleapis.com/syzbot-assets/67dfc53755d0/Image-707081b6.gz.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+e29c204bd2e3906fe69c@syzkaller.appspotmail.com
------------[ cut here ]------------
DEBUG_LOCKS_WARN_ON(1)
WARNING: CPU: 0 PID: 10856 at kernel/locking/lockdep.c:232 check_wait_context kernel/locking/lockdep.c:4773 [inline]
WARNING: CPU: 0 PID: 10856 at kernel/locking/lockdep.c:232 __lock_acquire+0x78c/0x763c kernel/locking/lockdep.c:5087
Modules linked in:
CPU: 0 PID: 10856 Comm: syz-executor.1 Not tainted 6.8.0-rc7-syzkaller-g707081b61156 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/29/2024
pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : check_wait_context kernel/locking/lockdep.c:4773 [inline]
pc : __lock_acquire+0x78c/0x763c kernel/locking/lockdep.c:5087
lr : hlock_class kernel/locking/lockdep.c:232 [inline]
lr : check_wait_context kernel/locking/lockdep.c:4773 [inline]
lr : __lock_acquire+0x780/0x763c kernel/locking/lockdep.c:5087
sp : ffff800099ba7240
x29: ffff800099ba7500 x28: ffff0000d7f65a00 x27: ffff0000d7f664f0
x26: 1fffe0001afecc9e x25: ffff0000d7f66458 x24: 0000000000000001
x23: 0000000000000003 x22: 0000000000000c17 x21: ffff8000922364c0
x20: 0000000000000000 x19: ffff0000d7f664f4 x18: 1fffe000367fff96
x17: 0000000000000000 x16: ffff80008ad6b09c x15: 0000000000000001
x14: 1fffe00036800002 x13: 0000000000000000 x12: dfff800000000000
x11: 0000000000040000 x10: 0000000000022c3d x9 : afcfeb2b6d9f9a00
x8 : 0000000000000000 x7 : 0000000000000001 x6 : 0000000000000001
x5 : ffff800099ba6b38 x4 : ffff80008ed822c0 x3 : ffff8000805ba130
x2 : 0000000000000001 x1 : 0000000100000000 x0 : 0000000000000000
Call trace:
check_wait_context kernel/locking/lockdep.c:4773 [inline]
__lock_acquire+0x78c/0x763c kernel/locking/lockdep.c:5087
lock_acquire+0x23c/0x71c kernel/locking/lockdep.c:5754
__flush_workqueue+0x14c/0x11c4 kernel/workqueue.c:3146
nci_close_device+0x140/0x5b8 net/nfc/nci/core.c:567
nci_dev_down+0x40/0x54 net/nfc/nci/core.c:639
nfc_dev_down net/nfc/core.c:161 [inline]
nfc_rfkill_set_block+0x14c/0x2d0 net/nfc/core.c:179
rfkill_set_block+0x18c/0x37c net/rfkill/core.c:346
rfkill_fop_write+0x578/0x734 net/rfkill/core.c:1305
vfs_write+0x3c0/0xc3c fs/read_write.c:588
ksys_write+0x15c/0x26c fs/read_write.c:643
__do_sys_write fs/read_write.c:655 [inline]
__se_sys_write fs/read_write.c:652 [inline]
__arm64_sys_write+0x7c/0x90 fs/read_write.c:652
__invoke_syscall arch/arm64/kernel/syscall.c:34 [inline]
invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:48
el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:133
do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:152
el0_svc+0x54/0x168 arch/arm64/kernel/entry-common.c:712
el0t_64_sync_handler+0x84/0xfc arch/arm64/kernel/entry-common.c:730
el0t_64_sync+0x190/0x194 arch/arm64/kernel/entry.S:598
irq event stamp: 2283
hardirqs last enabled at (2283): [<ffff800080297cac>] raw_spin_rq_unlock_irq kernel/sched/sched.h:1397 [inline]
hardirqs last enabled at (2283): [<ffff800080297cac>] finish_lock_switch+0xbc/0x1e4 kernel/sched/core.c:5154
hardirqs last disabled at (2282): [<ffff80008ae46784>] __schedule+0x2bc/0x24b4 kernel/sched/core.c:6625
softirqs last enabled at (546): [<ffff80008003165c>] local_bh_enable+0x10/0x34 include/linux/bottom_half.h:32
softirqs last disabled at (544): [<ffff800080031628>] local_bh_disable+0x10/0x34 include/linux/bottom_half.h:19
---[ end trace 0000000000000000 ]---
Unable to handle kernel paging request at virtual address dfff800000000018
KASAN: null-ptr-deref in range [0x00000000000000c0-0x00000000000000c7]
Mem abort info:
ESR = 0x0000000096000005
EC = 0x25: DABT (current EL), IL = 32 bits
SET = 0, FnV = 0
EA = 0, S1PTW = 0
FSC = 0x05: level 1 translation fault
Data abort info:
ISV = 0, ISS = 0x00000005, ISS2 = 0x00000000
CM = 0, WnR = 0, TnD = 0, TagAccess = 0
GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0
[dfff800000000018] address between user and kernel address ranges
Internal error: Oops: 0000000096000005 [#1] PREEMPT SMP
Modules linked in:
CPU: 0 PID: 10856 Comm: syz-executor.1 Tainted: G W 6.8.0-rc7-syzkaller-g707081b61156 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/29/2024
pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : check_wait_context kernel/locking/lockdep.c:4773 [inline]
pc : __lock_acquire+0x568/0x763c kernel/locking/lockdep.c:5087
lr : hlock_class kernel/locking/lockdep.c:232 [inline]
lr : check_wait_context kernel/locking/lockdep.c:4773 [inline]
lr : __lock_acquire+0x780/0x763c kernel/locking/lockdep.c:5087
sp : ffff800099ba7240
x29: ffff800099ba7500 x28: ffff0000d7f65a00 x27: ffff0000d7f664f0
x26: 1fffe0001afecc9e x25: ffff0000d7f66458 x24: 0000000000000001
x23: 0000000000000003 x22: 0000000000000c17 x21: ffff8000922364c0
x20: 0000000000000000 x19: 00000000000000c4 x18: 1fffe000367fff96
x17: 0000000000000000 x16: ffff80008ad6b09c x15: 0000000000000001
x14: 1fffe00036800002 x13: 0000000000000000 x12: dfff800000000000
x11: 0000000000040000 x10: 0000000000022c3d x9 : afcfeb2b6d9f9a00
x8 : 0000000000000018 x7 : 0000000000000001 x6 : 0000000000000001
x5 : ffff800099ba6b38 x4 : ffff80008ed822c0 x3 : ffff8000805ba130
x2 : 0000000000000001 x1 : 0000000100000000 x0 : 0000000000000000
Call trace:
check_wait_context kernel/locking/lockdep.c:4773 [inline]
__lock_acquire+0x568/0x763c kernel/locking/lockdep.c:5087
lock_acquire+0x23c/0x71c kernel/locking/lockdep.c:5754
__flush_workqueue+0x14c/0x11c4 kernel/workqueue.c:3146
nci_close_device+0x140/0x5b8 net/nfc/nci/core.c:567
nci_dev_down+0x40/0x54 net/nfc/nci/core.c:639
nfc_dev_down net/nfc/core.c:161 [inline]
nfc_rfkill_set_block+0x14c/0x2d0 net/nfc/core.c:179
rfkill_set_block+0x18c/0x37c net/rfkill/core.c:346
rfkill_fop_write+0x578/0x734 net/rfkill/core.c:1305
vfs_write+0x3c0/0xc3c fs/read_write.c:588
ksys_write+0x15c/0x26c fs/read_write.c:643
__do_sys_write fs/read_write.c:655 [inline]
__se_sys_write fs/read_write.c:652 [inline]
__arm64_sys_write+0x7c/0x90 fs/read_write.c:652
__invoke_syscall arch/arm64/kernel/syscall.c:34 [inline]
invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:48
el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:133
do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:152
el0_svc+0x54/0x168 arch/arm64/kernel/entry-common.c:712
el0t_64_sync_handler+0x84/0xfc arch/arm64/kernel/entry-common.c:730
el0t_64_sync+0x190/0x194 arch/arm64/kernel/entry.S:598
Code: 34000ee8 aa1f03e8 91031113 d343fe68 (38ec6908)
---[ end trace 0000000000000000 ]---
----------------
Code disassembly (best guess):
0: 34000ee8 cbz w8, 0x1dc
4: aa1f03e8 mov x8, xzr
8: 91031113 add x19, x8, #0xc4
c: d343fe68 lsr x8, x19, #3
* 10: 38ec6908 ldrsb w8, [x8, x12] <-- trapping instruction
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzkaller@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
If the report is already addressed, let syzbot know by replying with:
#syz fix: exact-commit-title
If you want to overwrite report's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)
If the report is a duplicate of another one, reply with:
#syz dup: exact-subject-of-another-report
If you want to undo deduplication, reply with:
#syz undup
WARNING: multiple messages have this Message-ID (diff)
From: syzbot <syzbot+e29c204bd2e3906fe69c@syzkaller.appspotmail.com>
To: <davem@davemloft.net>, <edumazet@google.com>,
<krzysztof.kozlowski@linaro.org>, <kuba@kernel.org>,
<linux-kernel@vger.kernel.org>, <netdev@vger.kernel.org>,
<pabeni@redhat.com>, <syzkaller-bugs@googlegroups.com>
Subject: [syzbot] [nfc?] [net?] WARNING: locking bug in nci_close_device (2)
Date: Sat, 30 Mar 2024 04:02:25 -0700 [thread overview]
Message-ID: <00000000000008cd6e0614deb1db@google.com> (raw)
Message-ID: <20240330110225.CwPEIiWYejXcszjq3YrKzPf6dVu03uzzG3sUXtlovAg@z> (raw)
Hello,
syzbot found the following issue on:
HEAD commit: 707081b61156 Merge branch 'for-next/core', remote-tracking..
git tree: git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci
console output: https://syzkaller.appspot.com/x/log.txt?x=12ae3185180000
kernel config: https://syzkaller.appspot.com/x/.config?x=caeac3f3565b057a
dashboard link: https://syzkaller.appspot.com/bug?extid=e29c204bd2e3906fe69c
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
userspace arch: arm64
Unfortunately, I don't have any reproducer for this issue yet.
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/6cad68bf7532/disk-707081b6.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/1a27e5400778/vmlinux-707081b6.xz
kernel image: https://storage.googleapis.com/syzbot-assets/67dfc53755d0/Image-707081b6.gz.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+e29c204bd2e3906fe69c@syzkaller.appspotmail.com
------------[ cut here ]------------
DEBUG_LOCKS_WARN_ON(1)
WARNING: CPU: 0 PID: 10856 at kernel/locking/lockdep.c:232 check_wait_context kernel/locking/lockdep.c:4773 [inline]
WARNING: CPU: 0 PID: 10856 at kernel/locking/lockdep.c:232 __lock_acquire+0x78c/0x763c kernel/locking/lockdep.c:5087
Modules linked in:
CPU: 0 PID: 10856 Comm: syz-executor.1 Not tainted 6.8.0-rc7-syzkaller-g707081b61156 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/29/2024
pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : check_wait_context kernel/locking/lockdep.c:4773 [inline]
pc : __lock_acquire+0x78c/0x763c kernel/locking/lockdep.c:5087
lr : hlock_class kernel/locking/lockdep.c:232 [inline]
lr : check_wait_context kernel/locking/lockdep.c:4773 [inline]
lr : __lock_acquire+0x780/0x763c kernel/locking/lockdep.c:5087
sp : ffff800099ba7240
x29: ffff800099ba7500 x28: ffff0000d7f65a00 x27: ffff0000d7f664f0
x26: 1fffe0001afecc9e x25: ffff0000d7f66458 x24: 0000000000000001
x23: 0000000000000003 x22: 0000000000000c17 x21: ffff8000922364c0
x20: 0000000000000000 x19: ffff0000d7f664f4 x18: 1fffe000367fff96
x17: 0000000000000000 x16: ffff80008ad6b09c x15: 0000000000000001
x14: 1fffe00036800002 x13: 0000000000000000 x12: dfff800000000000
x11: 0000000000040000 x10: 0000000000022c3d x9 : afcfeb2b6d9f9a00
x8 : 0000000000000000 x7 : 0000000000000001 x6 : 0000000000000001
x5 : ffff800099ba6b38 x4 : ffff80008ed822c0 x3 : ffff8000805ba130
x2 : 0000000000000001 x1 : 0000000100000000 x0 : 0000000000000000
Call trace:
check_wait_context kernel/locking/lockdep.c:4773 [inline]
__lock_acquire+0x78c/0x763c kernel/locking/lockdep.c:5087
lock_acquire+0x23c/0x71c kernel/locking/lockdep.c:5754
__flush_workqueue+0x14c/0x11c4 kernel/workqueue.c:3146
nci_close_device+0x140/0x5b8 net/nfc/nci/core.c:567
nci_dev_down+0x40/0x54 net/nfc/nci/core.c:639
nfc_dev_down net/nfc/core.c:161 [inline]
nfc_rfkill_set_block+0x14c/0x2d0 net/nfc/core.c:179
rfkill_set_block+0x18c/0x37c net/rfkill/core.c:346
rfkill_fop_write+0x578/0x734 net/rfkill/core.c:1305
vfs_write+0x3c0/0xc3c fs/read_write.c:588
ksys_write+0x15c/0x26c fs/read_write.c:643
__do_sys_write fs/read_write.c:655 [inline]
__se_sys_write fs/read_write.c:652 [inline]
__arm64_sys_write+0x7c/0x90 fs/read_write.c:652
__invoke_syscall arch/arm64/kernel/syscall.c:34 [inline]
invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:48
el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:133
do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:152
el0_svc+0x54/0x168 arch/arm64/kernel/entry-common.c:712
el0t_64_sync_handler+0x84/0xfc arch/arm64/kernel/entry-common.c:730
el0t_64_sync+0x190/0x194 arch/arm64/kernel/entry.S:598
irq event stamp: 2283
hardirqs last enabled at (2283): [<ffff800080297cac>] raw_spin_rq_unlock_irq kernel/sched/sched.h:1397 [inline]
hardirqs last enabled at (2283): [<ffff800080297cac>] finish_lock_switch+0xbc/0x1e4 kernel/sched/core.c:5154
hardirqs last disabled at (2282): [<ffff80008ae46784>] __schedule+0x2bc/0x24b4 kernel/sched/core.c:6625
softirqs last enabled at (546): [<ffff80008003165c>] local_bh_enable+0x10/0x34 include/linux/bottom_half.h:32
softirqs last disabled at (544): [<ffff800080031628>] local_bh_disable+0x10/0x34 include/linux/bottom_half.h:19
---[ end trace 0000000000000000 ]---
Unable to handle kernel paging request at virtual address dfff800000000018
KASAN: null-ptr-deref in range [0x00000000000000c0-0x00000000000000c7]
Mem abort info:
ESR = 0x0000000096000005
EC = 0x25: DABT (current EL), IL = 32 bits
SET = 0, FnV = 0
EA = 0, S1PTW = 0
FSC = 0x05: level 1 translation fault
Data abort info:
ISV = 0, ISS = 0x00000005, ISS2 = 0x00000000
CM = 0, WnR = 0, TnD = 0, TagAccess = 0
GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0
[dfff800000000018] address between user and kernel address ranges
Internal error: Oops: 0000000096000005 [#1] PREEMPT SMP
Modules linked in:
CPU: 0 PID: 10856 Comm: syz-executor.1 Tainted: G W 6.8.0-rc7-syzkaller-g707081b61156 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/29/2024
pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : check_wait_context kernel/locking/lockdep.c:4773 [inline]
pc : __lock_acquire+0x568/0x763c kernel/locking/lockdep.c:5087
lr : hlock_class kernel/locking/lockdep.c:232 [inline]
lr : check_wait_context kernel/locking/lockdep.c:4773 [inline]
lr : __lock_acquire+0x780/0x763c kernel/locking/lockdep.c:5087
sp : ffff800099ba7240
x29: ffff800099ba7500 x28: ffff0000d7f65a00 x27: ffff0000d7f664f0
x26: 1fffe0001afecc9e x25: ffff0000d7f66458 x24: 0000000000000001
x23: 0000000000000003 x22: 0000000000000c17 x21: ffff8000922364c0
x20: 0000000000000000 x19: 00000000000000c4 x18: 1fffe000367fff96
x17: 0000000000000000 x16: ffff80008ad6b09c x15: 0000000000000001
x14: 1fffe00036800002 x13: 0000000000000000 x12: dfff800000000000
x11: 0000000000040000 x10: 0000000000022c3d x9 : afcfeb2b6d9f9a00
x8 : 0000000000000018 x7 : 0000000000000001 x6 : 0000000000000001
x5 : ffff800099ba6b38 x4 : ffff80008ed822c0 x3 : ffff8000805ba130
x2 : 0000000000000001 x1 : 0000000100000000 x0 : 0000000000000000
Call trace:
check_wait_context kernel/locking/lockdep.c:4773 [inline]
__lock_acquire+0x568/0x763c kernel/locking/lockdep.c:5087
lock_acquire+0x23c/0x71c kernel/locking/lockdep.c:5754
__flush_workqueue+0x14c/0x11c4 kernel/workqueue.c:3146
nci_close_device+0x140/0x5b8 net/nfc/nci/core.c:567
nci_dev_down+0x40/0x54 net/nfc/nci/core.c:639
nfc_dev_down net/nfc/core.c:161 [inline]
nfc_rfkill_set_block+0x14c/0x2d0 net/nfc/core.c:179
rfkill_set_block+0x18c/0x37c net/rfkill/core.c:346
rfkill_fop_write+0x578/0x734 net/rfkill/core.c:1305
vfs_write+0x3c0/0xc3c fs/read_write.c:588
ksys_write+0x15c/0x26c fs/read_write.c:643
__do_sys_write fs/read_write.c:655 [inline]
__se_sys_write fs/read_write.c:652 [inline]
__arm64_sys_write+0x7c/0x90 fs/read_write.c:652
__invoke_syscall arch/arm64/kernel/syscall.c:34 [inline]
invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:48
el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:133
do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:152
el0_svc+0x54/0x168 arch/arm64/kernel/entry-common.c:712
el0t_64_sync_handler+0x84/0xfc arch/arm64/kernel/entry-common.c:730
el0t_64_sync+0x190/0x194 arch/arm64/kernel/entry.S:598
Code: 34000ee8 aa1f03e8 91031113 d343fe68 (38ec6908)
---[ end trace 0000000000000000 ]---
----------------
Code disassembly (best guess):
0: 34000ee8 cbz w8, 0x1dc
4: aa1f03e8 mov x8, xzr
8: 91031113 add x19, x8, #0xc4
c: d343fe68 lsr x8, x19, #3
* 10: 38ec6908 ldrsb w8, [x8, x12] <-- trapping instruction
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzkaller@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
If the report is already addressed, let syzbot know by replying with:
#syz fix: exact-commit-title
If you want to overwrite report's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)
If the report is a duplicate of another one, reply with:
#syz dup: exact-subject-of-another-report
If you want to undo deduplication, reply with:
#syz undup
X-sender: <netdev+bounces-83500-steffen.klassert=secunet.com@vger.kernel.org>
X-Receiver: <steffen.klassert@secunet.com> ORCPT=rfc822;steffen.klassert@secunet.com NOTIFY=NEVER; X-ExtendedProps=BQAVABYAAgAAAAUAFAARAPDFCS25BAlDktII2g02frgPADUAAABNaWNyb3NvZnQuRXhjaGFuZ2UuVHJhbnNwb3J0LkRpcmVjdG9yeURhdGEuSXNSZXNvdXJjZQIAAAUAagAJAAEAAAAAAAAABQAWAAIAAAUAQwACAAAFAEYABwADAAAABQBHAAIAAAUAEgAPAGIAAAAvbz1zZWN1bmV0L291PUV4Y2hhbmdlIEFkbWluaXN0cmF0aXZlIEdyb3VwIChGWURJQk9IRjIzU1BETFQpL2NuPVJlY2lwaWVudHMvY249U3RlZmZlbiBLbGFzc2VydDY4YwUACwAXAL4AAACheZxkHSGBRqAcAp3ukbifQ049REI2LENOPURhdGFiYXNlcyxDTj1FeGNoYW5nZSBBZG1pbmlzdHJhdGl2ZSBHcm91cCAoRllESUJPSEYyM1NQRExUKSxDTj1BZG1pbmlzdHJhdGl2ZSBHcm91cHMsQ049c2VjdW5ldCxDTj1NaWNyb3NvZnQgRXhjaGFuZ2UsQ049U2VydmljZXMsQ049Q29uZmlndXJhdGlvbixEQz1zZWN1bmV0LERDPWRlBQAOABEABiAS9uuMOkqzwmEZDvWNNQUAHQAPAAwAAABtYngtZXNzZW4tMDIFADwAAgAADwA2AAAATWljcm9zb2Z0LkV4Y2hhbmdlLlRyYW5zcG9ydC5NYWlsUmVjaXBpZW50LkRpc3BsYXlOYW1lDwARAAAAS2xhc3NlcnQsIFN0ZWZmZW4FAAwAAgAABQBsAAIAAAUAWAAXAEoAAADwxQktuQQJQ5LSCNoNNn64Q049S2xhc3NlcnQgU3RlZmZlbixPVT1Vc2VycyxPVT1NaWdyYXRpb24sREM9c2VjdW5ldCxEQz1kZQUAJgACAAEFACIADwAxAAAAQXV0b1Jlc3BvbnNlU3VwcHJlc3M6IDANClRyYW5zbWl0SGlzdG9yeTogRmFsc2UNCg8ALwAAAE1pY3Jvc29mdC5FeGNoYW5nZS5UcmFuc3BvcnQuRXhwYW5zaW9uR3JvdXBUeXBlDwAVAAAATWVtYmVyc0dyb3VwRXhwYW5zaW9uBQAjAAIAAQ==
X-CreatedBy: MSExchange15
X-HeloDomain: b.mx.secunet.com
X-ExtendedProps: BQBjAAoAD9Pp8x1Q3AgFAGEACAABAAAABQA3AAIAAA8APAAAAE1pY3Jvc29mdC5FeGNoYW5nZS5UcmFuc3BvcnQuTWFpbFJlY2lwaWVudC5Pcmdhbml6YXRpb25TY29wZREAAAAAAAAAAAAAAAAAAAAAAAUASQACAAEFAGIACgAYAAAAmYoAAAUABAAUIAEAAAAcAAAAc3RlZmZlbi5rbGFzc2VydEBzZWN1bmV0LmNvbQUABgACAAEFACkAAgABDwAJAAAAQ0lBdWRpdGVkAgABBQACAAcAAQAAAAUAAwAHAAAAAAAFAAUAAgABBQBkAA8AAwAAAEh1Yg==
X-Source: SMTP:Default MBX-DRESDEN-01
X-SourceIPAddress: 62.96.220.37
X-EndOfInjectedXHeaders: 24740
Received: from cas-essen-02.secunet.de (10.53.40.202) by
mbx-dresden-01.secunet.de (10.53.40.199) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2507.37; Sat, 30 Mar 2024 12:02:38 +0100
Received: from b.mx.secunet.com (62.96.220.37) by cas-essen-02.secunet.de
(10.53.40.202) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35 via Frontend
Transport; Sat, 30 Mar 2024 12:02:38 +0100
Received: from localhost (localhost [127.0.0.1])
by b.mx.secunet.com (Postfix) with ESMTP id 45C052025D
for <steffen.klassert@secunet.com>; Sat, 30 Mar 2024 12:02:38 +0100 (CET)
X-Virus-Scanned: by secunet
X-Spam-Flag: NO
X-Spam-Score: -2.446
X-Spam-Level:
X-Spam-Status: No, score=-2.446 tagged_above=-999 required=2.1
tests=[BAYES_00=-1.9, FROM_LOCAL_HEX=0.006,
HEADER_FROM_DIFFERENT_DOMAINS=0.249, MAILING_LIST_MULTI=-1,
RCVD_IN_DNSWL_MED=-2.3, SORTED_RECIPS=2.499, SPF_HELO_NONE=0.001,
SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from b.mx.secunet.com ([127.0.0.1])
by localhost (a.mx.secunet.com [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id U_HQH-_t2Beg for <steffen.klassert@secunet.com>;
Sat, 30 Mar 2024 12:02:37 +0100 (CET)
Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=139.178.88.99; helo=sv.mirrors.kernel.org; envelope-from=netdev+bounces-83500-steffen.klassert=secunet.com@vger.kernel.org; receiver=steffen.klassert@secunet.com
DKIM-Filter: OpenDKIM Filter v2.11.0 b.mx.secunet.com A9F0D20322
Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org [139.178.88.99])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
(No client certificate requested)
by b.mx.secunet.com (Postfix) with ESMTPS id A9F0D20322
for <steffen.klassert@secunet.com>; Sat, 30 Mar 2024 12:02:36 +0100 (CET)
Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
(No client certificate requested)
by sv.mirrors.kernel.org (Postfix) with ESMTPS id B88E52832B5
for <steffen.klassert@secunet.com>; Sat, 30 Mar 2024 11:02:34 +0000 (UTC)
Received: from localhost.localdomain (localhost.localdomain [127.0.0.1])
by smtp.subspace.kernel.org (Postfix) with ESMTP id 88C3A2BAF6;
Sat, 30 Mar 2024 11:02:28 +0000 (UTC)
X-Original-To: netdev@vger.kernel.org
Received: from mail-il1-f200.google.com (mail-il1-f200.google.com [209.85.166.200])
(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
(No client certificate requested)
by smtp.subspace.kernel.org (Postfix) with ESMTPS id 7D0C217745
for <netdev@vger.kernel.org>; Sat, 30 Mar 2024 11:02:26 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.166.200
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
t=1711796548; cv=none; b=PosxYqb1zAY/YDAhdASyjwR3d02h4pA4RJzdPR+plZUs9RfH5g8OtO2sBS2TnFf98Yce0jYp5FEJEnmSSnp3KZ9sxciz2ioegNK09cd1ej9m3RbtAYYwQtRYnT1F9Ky3qPpFAh/LSW+6jZrDm7xL/XdWDYJOLr3zo4Dv18vK3yw=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
s=arc-20240116; t=1711796548; c=relaxed/simple;
bh=yPcfTvipI2/+vcDGEXJhfS40amnwmytukAZNlZ00LQs=;
h=MIME-Version:Date:Message-ID:Subject:From:To:Content-Type; b=qExrOcNVU+859vmsVDqF7BLLwYxKZvZLmhoT5Y0laDAa2J2Qoqzq78Zfk4THLzVX2U/bVN3peeWOLWmacwbOfwVSJnao0hUTzj7M5P6/PMHiPae567nKqCCXvLko87onfk5ZXpnPV4Ij1btQLoTlM8k6FKrOu+nho0M+nol+jVQ=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=fail (p=none dis=none) header.from=syzkaller.appspotmail.com; spf=pass smtp.mailfrom=M3KW2WVRGUFZ5GODRSRYTGD7.apphosting.bounces.google.com; arc=none smtp.client-ip=209.85.166.200
Authentication-Results: smtp.subspace.kernel.org; dmarc=fail (p=none dis=none) header.from=syzkaller.appspotmail.com
Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=M3KW2WVRGUFZ5GODRSRYTGD7.apphosting.bounces.google.com
Received: by mail-il1-f200.google.com with SMTP id e9e14a558f8ab-36854f4e9b3so25783045ab.2
for <netdev@vger.kernel.org>; Sat, 30 Mar 2024 04:02:26 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20230601; t=1711796545; x=1712401345;
h=to:from:subject:message-id:date:mime-version:x-gm-message-state
:from:to:cc:subject:date:message-id:reply-to;
bh=53tpjewSWu0Vresc93uaKcyJznO8Iz9abIky6N2xuK8=;
b=Lemjv6aYFA/ePK7C2eMHpA3UmYM2ypJnPjfwM478q1hTiEXhT6RDJ1EonEMBjWLavM
gKCvS9crJbn2WxMn6E9+xnzWhBbRxNQ34VluwhgRjQPr8sjckRnwvgkuju6ZxRZ0O+2L
NeG/VgZyzjiIv7e3eCn8xLNYlpZhGPk4HEfHtu+OBXU5cLBCI/i3P7IFn2xjm9u4ai8O
y+tGs2BbALLn9GEKvUmaTxaGU0J7/3Bu0atXrxyKY2OWzFXk5ux/++8X90FNkM+RleQB
S7XCRlRPtZ0GGSPOK9Gw4Ik02d5Atbm4VlH09mzd0xkpEsEusleFBKlWtB11EsyEUQDT
fgFg==
X-Forwarded-Encrypted: i=1; AJvYcCV/6QrjSwqi4gGxUzVso4hdZRNXb19ibQKeEqVeXP7Vn/YecPpcxyILHoESrkx9g+WincGJTOSMpdG9Hocm4nat1ibCplm0
X-Gm-Message-State: AOJu0YxX8znVuVSNHyk4q7Qg/juCPMbuw6f4ConwHSvpxphntVCtBzky
zJ9fQcBUj+PNO0N195aTQOE3w8s5t/AtYx9/UFenDRIVdEfHi8jE3CJuH1D9G0b+m/8SCFSQwdt
+AjmnSadxsSAK8axoefcYjIHJrRr5MR1uiBEZRFiQSojfmiP5LaHNtTQ=
X-Google-Smtp-Source: AGHT+IHv69JzOfvTT29TShFoM/iodtSW6dmhPzDpDQg2zztHr8hSEYTmewIQpE/qHaWyeJ9BmGXrYmPL7FCNH6qlTCEmh8lPzblN
Precedence: bulk
X-Mailing-List: netdev@vger.kernel.org
List-Id: <netdev.vger.kernel.org>
List-Subscribe: <mailto:netdev+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:netdev+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
X-Received: by 2002:a05:6e02:1985:b0:368:8135:4559 with SMTP id
g5-20020a056e02198500b0036881354559mr352355ilf.6.1711796545698; Sat, 30 Mar
2024 04:02:25 -0700 (PDT)
Date: Sat, 30 Mar 2024 04:02:25 -0700
X-Google-Appengine-App-Id: s~syzkaller
X-Google-Appengine-App-Id-Alias: syzkaller
Message-ID: <00000000000008cd6e0614deb1db@google.com>
Subject: [syzbot] [nfc?] [net?] WARNING: locking bug in nci_close_device (2)
From: syzbot <syzbot+e29c204bd2e3906fe69c@syzkaller.appspotmail.com>
To: <davem@davemloft.net>, <edumazet@google.com>,
<krzysztof.kozlowski@linaro.org>, <kuba@kernel.org>,
<linux-kernel@vger.kernel.org>, <netdev@vger.kernel.org>,
<pabeni@redhat.com>, <syzkaller-bugs@googlegroups.com>
Content-Type: text/plain; charset="UTF-8"
Return-Path: netdev+bounces-83500-steffen.klassert=secunet.com@vger.kernel.org
X-MS-Exchange-Organization-OriginalArrivalTime: 30 Mar 2024 11:02:38.3244
(UTC)
X-MS-Exchange-Organization-Network-Message-Id: 0f717a41-2bff-429e-aa5c-08dc50a8e993
X-MS-Exchange-Organization-OriginalClientIPAddress: 62.96.220.37
X-MS-Exchange-Organization-OriginalServerIPAddress: 10.53.40.202
X-MS-Exchange-Organization-Cross-Premises-Headers-Processed: cas-essen-02.secunet.de
X-MS-Exchange-Organization-OrderedPrecisionLatencyInProgress: LSRV=mbx-dresden-01.secunet.de:TOTAL-HUB=0.399|SMR=0.341(SMRDE=0.035|SMRC=0.305(SMRCL=0.102|X-SMRCR=0.306))|CAT=0.057(CATOS=0.012
(CATSM=0.011(CATSM-Malware
Agent=0.011))|CATRESL=0.022(CATRESLP2R=0.001)|CATORES=0.021
(CATRS=0.021(CATRS-Index Routing Agent=0.020)));2024-03-30T11:02:38.758Z
X-MS-Exchange-Forest-ArrivalHubServer: mbx-dresden-01.secunet.de
X-MS-Exchange-Organization-AuthSource: cas-essen-02.secunet.de
X-MS-Exchange-Organization-AuthAs: Anonymous
X-MS-Exchange-Organization-FromEntityHeader: Internet
X-MS-Exchange-Organization-OriginalSize: 15532
X-MS-Exchange-Organization-HygienePolicy: Standard
X-MS-Exchange-Organization-MessageLatency: SRV=cas-essen-02.secunet.de:TOTAL-FE=0.035|SMR=0.024(SMRPI=0.022(SMRPI-FrontendProxyAgent=0.022))|SMS=0.010
X-MS-Exchange-Organization-AVStamp-Enterprise: 1.0
X-MS-Exchange-Organization-Recipient-Limit-Verified: True
X-MS-Exchange-Organization-TotalRecipientCount: 1
X-MS-Exchange-Organization-Rules-Execution-History: 0b0cf904-14ac-4724-8bdf-482ee6223cf2%%%fd34672d-751c-45ae-a963-ed177fcabe23%%%d8080257-b0c3-47b4-b0db-23bc0c8ddb3c%%%95e591a2-5d7d-4afa-b1d0-7573d6c0a5d9%%%f7d0f6bc-4dcc-4876-8c5d-b3d6ddbb3d55%%%16355082-c50b-4214-9c7d-d39575f9f79b
X-MS-Exchange-Forest-RulesExecuted: mbx-dresden-01
X-MS-Exchange-Organization-RulesExecuted: mbx-dresden-01
X-MS-Exchange-Forest-IndexAgent-0: AQ0CZW4AAd4OAAAPAAADH4sIAAAAAAAEAO1Z+XPbRpYGSfGU6HgcJ1
u1u1XTVa6p2BuRBEACPCqeGVlWHO3EssqSJ7vrcrFAoElhBQIMAOrw
nzp/zX6vGwTBw0fi/WlXKIkEur93v37dj/jH4U/c84L9eq1ei27fj4
KYjYO577D4guMOU9euP2FuFM05C/wB4X46OnjO7GA6deMBw9VVu2pP
G5maZpjsJQ8nnI1Cy7cv2HfjIGz4/CZu2UHIv9tnIZ8GMW/EoWVfgm
+zWa9N3JjFIeeCFS48D1otfDYveehzrxmEk9ZsPmpF9rTluf78piUn
CNOywqnZkcNN4kQC5bTt1mt24EeBB8Xn8WwOZS/ieBaBOyy9tDyPh0
1rNotmQdyEOa2blhdMmvFN/Jebp5pu8bbWM7SeiqtekzxhtT92J1D1
U5yaEglOtsUtuz1uG6YxUo2uVa85VnQxCqzQYdD78lNajeaTv8CDrv
OU631bVzsjR+ftvmqOudm3ycbpzAXRwn/P+ci1fGZ7FuJ2xcPIDXym
GU21ae6zFydvmOewx/T9DE6LXS8inyVUT5je7MDaeQS6mWVzZoX2xY
AJL1Po3/gAx3Pfirl3u8+OmRP438XswroC1L9FfGdh4MxtHgqu8YUb
Jblzy+MmcXgeXPteYDnWCHGxoojHEZLKcaNL5k6tCc+4Iw5CDDQnQT
DxuDVzI+EPmaUNSdoybcsxe6Nx12jrLeLSWGRjM7Sumzfv67WrqUiP
38hYs/QuNzqq2u32WgmLJW/im6TE79K664xto901DEdtHRODJevJe8
G9Xjt+efrq9fnByfmAuWN2G8zZ2L0R61J4dJ/NwD+CE5311Rpb+A/E
YLJM67XXfIbIcacxuh0wqc332xLqrxtZOLVcj2wgnRqZ6y2z5wg9Dz
l7lx1HjI+evXkx/PnV4d/Ohr8cvD4Zvjp5rD2p1+j++OTFgB2evhkw
lZ0ePx8wTe2hbFgxS1a1F4jSIL4dPmvaA72tM/uC25fDa8uNh1hZMR
bEh/GdbrfN3ro+YsbffZHU4ZCeh5b969wN+ffqTbdnt/Bptu0PExpq
r1uvvcQy8Hgkljh3mEulc1OBQ4RHhKPBbzjcGYRNjZ2gCMeWCysdZj
Z7TbUR2t1GGpfGZKXgPsJ6/QnF5NpCIHxrilx8IXJv8QUZKH6cHfkT
OKS1dXSfPTt+dbagUPWW3m/pqo41P4tiLPYBM1WsBdU22GP/vw6vmG
Md/8i+Pz04YY03B69Y4/wQH8+Pz1nj7OzZGXt2/p+nR08bDQR9ZrPB
l4RP0H9BILwQ9BeCHDUxij4e8aVcQfcFegv6LXqrn6l3NAP9GBftQP
3+yOrqVJpv9P7asKGq7EbvyVHarZzu2DQsMdpdHTU7Y8HCRP5hmGNY
s8bctvscYGMdbPQw2kHKrl4asWhvDLcB1tdGba2LUS2jsa63zY4ttF
A3WEBlrb+hcgejvaXGbbOLu74JFlp3KwtzKa+H7WGk9m2MGlsN0TpZ
zmK31wHeNI8YwzwnYby4iIW2Au4k4FXzdN1uO+ymj6BaY3vMR/rIdP
rjviVY9Ng2ed3NUY3dmFtGwcJYSxdz1Eb4OpnRHnd6UAOM29lR1RhZ
WltEZKs8bTmqLXVTt2iMCocKxeh0x1HuvmT1fMmKZ2uUeltQah8j7B
odIXTszaOL4XUQXv4653Oi1jpErWl2Z0GezoKwrXWQiMy3XVSXIOJD
h1+5tqSjlW6Mesznccsf2y2AxDmY5JndhAr4oYMzESgkQWcb3mz3CT
+2U3yKShCaqWXdR9BwfOl63hAnjuGITE2N0R11g7xLArZRCLe3u7ag
kIAFUVvYnhCNg9nwOnRjst3AmQkeb3e2ECHVDFBdjaMU3rbJchuRHU
etkFuOnCE/9XrAXka3S7BmCBPMTbDZaYsYOsEwJdgEGcZqmiFmH0Pr
q2hxEh5m9emSOn11G6mgcP2r4FLIsGlx0IE66VqSdEpmhD+zwlYJIa
lPTtWRUB/j0SGHcU8dRlf2kE5/AaUWnN4SC+GjtFqbHAj3JfSUkyTT
+LhITVi6pDE6tGDMbUTcj8PbhlQLlF0toYyHwqu+PbywfAeHHLDpEZ
vxNo3XuVDxWuFCFvfJYq3f+RB982xg9OEsN/yV8SsMMZx0prMB0/Ue
3HCBIxWmcICzopgx7lPD4tCJ8TEBngzY2x+WJVTvd23L/vM7hqZjGM
1cfxj+Opz7ohCRgIXPUBEd+dm8gLv73UzAf6fEseu7KFlCVHTtxvYF
rB+JmsU7q4IXxUejYrcqDq3Tijh9VZzFO2a314E4LBjihbMtVVYhR+
+MtgsyTR1LPQrG8QfsMjrmmllqWzMNMgv2WN5wdDGUeIooBRRLxPVt
b+7w5LcA9DFxMEXaeGO4tK2vy1sxzOh0tsjTe1l5CcFnCtT6oil6C7
McufFt7uPvRFP0RthBfZlM8cRjbGZNqGcLObYU6As1r1y02JZHjV3I
cWBdPXJoyNm/HZwdnAyYP/e8xiwOGw6asDH0RPr5E87eqjerKthqY2
Ooi5R7yafMGqEvBO04oC2bHZ29Zk/ZEt03xZch5g7FFB0Unx88O2eP
7XkY0so5+vnJPjv+GbM4Qo/cOCL02dE5wffZj/7f6UZwOJBDZ9rp+S
+LwR/PJF8VfD0sRY9p5Eo/8qyYfrwYW3MvRldpxda6tsdnf5cMj8/O
smobYkRfsYTwhy8l/Bf/tbw5958nN9bkwLbJ3YlWLw7P5MyrKx561q
18eI7Y3D5zY/n0Hwn67XqI3qXBG/H4mnOf0U8qDIFfhH0xLyIGfx3j
fBT6iDoPwyAcsFfBLFqesBZRYG8fae/Y6eujo5en5+zs5ekXNZrnss
lEw5j8dsR+Yel113lu7zwNs3fXef5f7TzXauT/y85T6911nr9zxd91
nned513nedd5fl7neRg4ON60qWpzDp0tbay2cdPX0JVoWps57U57zG
HO43aP22Zf7T353G6jsXZJaaIbiiI+HXm37PGI+o0Juo7oiThMM5Xe
Iab6JJc9ei++r3v7OExrji2gHYKmGifXNLgS3zeA3rwPBbBHwNSi5K
JXVgKo9fcF+hEWYUfgbcKnhieXF4VLxkTzCOnyb0yTCie+ScFOGI0S
hd9KCv0d+6HRII/NZuJ1th/F4dym7oLeagl31Wvn9LYyFO/JGO4m3O
ehRS9hRrfMYuj7muw4ZlO0ArSn4Owsz+pRs1474zx9AzgJgubEa+Fh
evTv4jXoFPVH9CzhVHY06GLmcfIWrpm+eOfiQMzDiNmWj8YBuljUTl
NPmJ7B/ypfLE7CYD4TrxabmVf316h22Cv4TCTHJQvGmVewTQYtEeit
ej6iw/Zcvgu+CK6pTaUsn/uuDReAcXyx1Bfdyli8XVw6y/KoBN0u2h
ru7KOVW5jILn2wHInXw94tBYD4QZVHmKe3mgPGbyw7bsi3lY3YjT2e
iKH3ntcWekxoFKATk9VSCv4uYtF8hHIQ82m0L7mvsI5IhRSBhplfN9
Lneu0xhY3s8FysBDgrnRPtTMQQKpq+5iOWvrR/st1+5sxnnnQWGFl+
gPkQDPg2vYBdmAyR/83xHYwbCVFDct1i/9x3AubwhSRk0jbmQM1nRK
0oRaVWUspFpVRQdqpKDTd5pbyjFEvK7p5Sx2NJqRRySkXZweCOUi7l
lK+UckXZK9DIHqaeClowwaf8E1RleSM5A7an7FSUWlmpgGExp/SUSl
U8Yjan5CUhbu4p90FbUqrADFYwBYwDcF95gMEdcM4pP2QAUtxD5duK
4ID7cq6SV5R8DsKVXC5Pn0oBsLwAV5QqqZ2r7CgKuCU8lWpd+QpSQA
57Aagpu8LSojCkAp9AN/FYhgInSgXSJUaoXQYAs5I5BJWFIS+3wTAC
WF6MfIQb5ApYIU9K7uaFCQt7y6nbob+QWBC01UpO2ZXMc4qhlB8q3w
CwS1H7RpjzEOK+FtGBtomLhLaFXFHc53FTpPRAPpDny0I3uLGgKCQ6
pzwQtCKgy1npTCjwuaxyO/eUvOQj02aTmxSRRzg2GGI2Sa1cNZmCFb
nKMuJJ3EGi/IvwUj33lcyECsVxKTFzUxH5XwZlDX/k+YJAIl41sQqQ
CcX0TyQD4lL8pE/yueInjZV8dkVoNtxeJCb/e4KwlAr0+YfM5+pIDp
8KDSY3q8jPGUw5rDxuB0uV8ovBjZsH+SXs02ARl+onfJWrfcpR5R1K
sASwFhQC5Mp/EOVCFk/JAfcpORLv/qIkLuuh+IPcRWSTNC4kZbYoi8
/HYRuzSI8aAA8X1ViKSyVm+ZRIq3VMSVT+z8Sk1lUzAFoptGSoWqZ8
0pEPYnIlREHWrg8wKcpIfRIjYyEx0o1bxd1X8jKOsrDLe8zSfkE21m
D7vQxgGwzlCJidQlLAS5swaX5e1JDCanA3YeBWXmCyrIoUcbrJ+vNh
rih0KMjUXWO7lWQvQ7KmbdaHSbhzZblAZJGEiHxuR4xU7ytfQ9VvhZ
6ynmc9kK1CW2lLtB7lAaOcVSCTVFIo7aEZwm/wmK6vbfhEkLCiAkFF
OqgkO450TrLGqbomOSzDnRWXJb8vyFP3foC8KnbDkqg5/yT2qYJUUs
ZXcigTzwdFUUzuLZyMKYw8yCl/Ur5+IPZlYRcYlh4o3+bFRpPYRXt0
Gj6cx0rJYSa5oVk5UpR7H4koiTOSBOSx9RcXDicRKQelVFP2sJBryr
2UyQb/QjW3l7BdjJRztWQbze3KmwX5DiyVJssale6qIoLwgPBV7uuE
Dx3eir9pi8fRAlUnJ+Xe7fJ3u/zdLn+3y9/t8r9ll5ebJipqRVHoRq
mha85sZE9AtSs62eKi8gsAdiJgamsjhaThKgpuNFigiEBKdRVWkjCh
IRS4X5RbGzmETgu7yrdJTcaOo9TwKRq6oswHsbTlbqt8I1r+9PghtN
0TZlblwpSzcv+FEv+s1NBKF0RxSH248BI40I8J/5rhmbbVeNyl/ZF+
D1k012XJubro02X6iY1G/hCRlG7h86qkkpgq+blaE6ouwDs18StKnb
atvTR/JFgquWjw72UVgGeki+QGmmFI0v+YHBsKwmm1rA74rCtfpfji
/wAptyhd3zMAAAEKjgI8P3htbCB2ZXJzaW9uPSIxLjAiIGVuY29kaW
5nPSJ1dGYtMTYiPz4NCjxFbWFpbFNldD4NCiAgPFZlcnNpb24+MTUu
MC4wLjA8L1ZlcnNpb24+DQogIDxFbWFpbHM+DQogICAgPEVtYWlsIF
N0YXJ0SW5kZXg9IjEwMTIiIFBvc2l0aW9uPSJPdGhlciI+DQogICAg
ICA8RW1haWxTdHJpbmc+c3l6Ym90K2UyOWMyMDRiZDJlMzkwNmZlNj
ljQHN5emthbGxlci5hcHBzcG90bWFpbC5jb208L0VtYWlsU3RyaW5n
Pg0KICAgIDwvRW1haWw+DQogIDwvRW1haWxzPg0KPC9FbWFpbFNldD
4BC9kIPD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTE2
Ij8+DQo8VXJsU2V0Pg0KICA8VmVyc2lvbj4xNS4wLjAuMDwvVmVyc2
lvbj4NCiAgPFVybHM+DQogICAgPFVybCBTdGFydEluZGV4PSIyMzYi
IFBvc2l0aW9uPSJPdGhlciIgVHlwZT0iVXJsIj4NCiAgICAgIDxVcm
xTdHJpbmc+aHR0cHM6Ly9zeXprYWxsZXIuYXBwc3BvdC5jb20veC9s
b2cudHh0P3g9MTJhZTMxODUxODAwMDA8L1VybFN0cmluZz4NCiAgIC
A8L1VybD4NCiAgICA8VXJsIFN0YXJ0SW5kZXg9IjMxMCIgUG9zaXRp
b249Ik90aGVyIiBUeXBlPSJVcmwiPg0KICAgICAgPFVybFN0cmluZz
5odHRwczovL3N5emthbGxlci5hcHBzcG90LmNvbS94Ly5jb25maWc/
eD1jYWVhYzNmMzU2NWIwNTdhPC9VcmxTdHJpbmc+DQogICAgPC9Vcm
w+DQogICAgPFVybCBTdGFydEluZGV4PSIzODYiIFBvc2l0aW9uPSJP
dGhlciIgVHlwZT0iVXJsIj4NCiAgICAgIDxVcmxTdHJpbmc+aHR0cH
M6Ly9zeXprYWxsZXIuYXBwc3BvdC5jb20vYnVnP2V4dGlkPWUyOWMy
MDRiZDJlMzkwNmZlNjljPC9VcmxTdHJpbmc+DQogICAgPC9Vcmw+DQ
ogICAgPFVybCBTdGFydEluZGV4PSI2NTciIFBvc2l0aW9uPSJPdGhl
ciIgVHlwZT0iVXJsIj4NCiAgICAgIDxVcmxTdHJpbmc+aHR0cHM6Ly
9zdG9yYWdlLmdvb2dsZWFwaXMuY29tL3N5emJvdC1hc3NldHMvNmNh
ZDY4YmY3NTMyL2Rpc2stNzA3MDgxYjYucmF3Lnh6PC9VcmxTdHJpbm
c+DQogICAgPC9Vcmw+DQogICAgPFVybCBTdGFydEluZGV4PSI3NDYi
IFBvc2l0aW9uPSJPdGhlciIgVHlwZT0iVXJsIj4NCiAgICAgIDxVcm
xTdHJpbmc+aHR0cHM6Ly9zdG9yYWdlLmdvb2dsZWFwaXMuY29tL3N5
emJvdC1hc3NldHMvMWEyN2U1NDAwNzc4L3ZtbGludXgtNzA3MDgxYj
YueHo8L1VybFN0cmluZz4NCiAgICA8L1VybD4NCiAgICA8VXJsIFN0
YXJ0SW5kZXg9IjgzOSIgUG9zaXRpb249Ik90aGVyIiBUeXBlPSJVcm
wiPg0KICAgICAgPFVybFN0cmluZz5odHRwczovL3N0b3JhZ2UuZ29v
Z2xlYXBpcy5jb20vc3l6Ym90LWFzc2V0cy82N2RmYzUzNzU1ZDAvSW
1hZ2UtNzA3MDgxYjYuZ3oueHo8L1VybFN0cmluZz4NCiAgICA8L1Vy
bD4NCiAgPC9VcmxzPg0KPC9VcmxTZXQ+AQ7OAVJldHJpZXZlck9wZX
JhdG9yLDEwLDE7UmV0cmlldmVyT3BlcmF0b3IsMTEsMTtQb3N0RG9j
UGFyc2VyT3BlcmF0b3IsMTAsMDtQb3N0RG9jUGFyc2VyT3BlcmF0b3
IsMTEsMDtQb3N0V29yZEJyZWFrZXJEaWFnbm9zdGljT3BlcmF0b3Is
MTAsNDtQb3N0V29yZEJyZWFrZXJEaWFnbm9zdGljT3BlcmF0b3IsMT
EsMDtUcmFuc3BvcnRXcml0ZXJQcm9kdWNlciwyMCw2
X-MS-Exchange-Forest-IndexAgent: 1 5418
X-MS-Exchange-Forest-EmailMessageHash: 58B4AA6D
X-MS-Exchange-Forest-Language: en
X-MS-Exchange-Organization-Processed-By-Journaling: Journal Agent
Hello,
syzbot found the following issue on:
HEAD commit: 707081b61156 Merge branch 'for-next/core', remote-tracking..
git tree: git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci
console output: https://syzkaller.appspot.com/x/log.txt?x=12ae3185180000
kernel config: https://syzkaller.appspot.com/x/.config?x=caeac3f3565b057a
dashboard link: https://syzkaller.appspot.com/bug?extid=e29c204bd2e3906fe69c
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
userspace arch: arm64
Unfortunately, I don't have any reproducer for this issue yet.
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/6cad68bf7532/disk-707081b6.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/1a27e5400778/vmlinux-707081b6.xz
kernel image: https://storage.googleapis.com/syzbot-assets/67dfc53755d0/Image-707081b6.gz.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+e29c204bd2e3906fe69c@syzkaller.appspotmail.com
------------[ cut here ]------------
DEBUG_LOCKS_WARN_ON(1)
WARNING: CPU: 0 PID: 10856 at kernel/locking/lockdep.c:232 check_wait_context kernel/locking/lockdep.c:4773 [inline]
WARNING: CPU: 0 PID: 10856 at kernel/locking/lockdep.c:232 __lock_acquire+0x78c/0x763c kernel/locking/lockdep.c:5087
Modules linked in:
CPU: 0 PID: 10856 Comm: syz-executor.1 Not tainted 6.8.0-rc7-syzkaller-g707081b61156 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/29/2024
pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : check_wait_context kernel/locking/lockdep.c:4773 [inline]
pc : __lock_acquire+0x78c/0x763c kernel/locking/lockdep.c:5087
lr : hlock_class kernel/locking/lockdep.c:232 [inline]
lr : check_wait_context kernel/locking/lockdep.c:4773 [inline]
lr : __lock_acquire+0x780/0x763c kernel/locking/lockdep.c:5087
sp : ffff800099ba7240
x29: ffff800099ba7500 x28: ffff0000d7f65a00 x27: ffff0000d7f664f0
x26: 1fffe0001afecc9e x25: ffff0000d7f66458 x24: 0000000000000001
x23: 0000000000000003 x22: 0000000000000c17 x21: ffff8000922364c0
x20: 0000000000000000 x19: ffff0000d7f664f4 x18: 1fffe000367fff96
x17: 0000000000000000 x16: ffff80008ad6b09c x15: 0000000000000001
x14: 1fffe00036800002 x13: 0000000000000000 x12: dfff800000000000
x11: 0000000000040000 x10: 0000000000022c3d x9 : afcfeb2b6d9f9a00
x8 : 0000000000000000 x7 : 0000000000000001 x6 : 0000000000000001
x5 : ffff800099ba6b38 x4 : ffff80008ed822c0 x3 : ffff8000805ba130
x2 : 0000000000000001 x1 : 0000000100000000 x0 : 0000000000000000
Call trace:
check_wait_context kernel/locking/lockdep.c:4773 [inline]
__lock_acquire+0x78c/0x763c kernel/locking/lockdep.c:5087
lock_acquire+0x23c/0x71c kernel/locking/lockdep.c:5754
__flush_workqueue+0x14c/0x11c4 kernel/workqueue.c:3146
nci_close_device+0x140/0x5b8 net/nfc/nci/core.c:567
nci_dev_down+0x40/0x54 net/nfc/nci/core.c:639
nfc_dev_down net/nfc/core.c:161 [inline]
nfc_rfkill_set_block+0x14c/0x2d0 net/nfc/core.c:179
rfkill_set_block+0x18c/0x37c net/rfkill/core.c:346
rfkill_fop_write+0x578/0x734 net/rfkill/core.c:1305
vfs_write+0x3c0/0xc3c fs/read_write.c:588
ksys_write+0x15c/0x26c fs/read_write.c:643
__do_sys_write fs/read_write.c:655 [inline]
__se_sys_write fs/read_write.c:652 [inline]
__arm64_sys_write+0x7c/0x90 fs/read_write.c:652
__invoke_syscall arch/arm64/kernel/syscall.c:34 [inline]
invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:48
el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:133
do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:152
el0_svc+0x54/0x168 arch/arm64/kernel/entry-common.c:712
el0t_64_sync_handler+0x84/0xfc arch/arm64/kernel/entry-common.c:730
el0t_64_sync+0x190/0x194 arch/arm64/kernel/entry.S:598
irq event stamp: 2283
hardirqs last enabled at (2283): [<ffff800080297cac>] raw_spin_rq_unlock_irq kernel/sched/sched.h:1397 [inline]
hardirqs last enabled at (2283): [<ffff800080297cac>] finish_lock_switch+0xbc/0x1e4 kernel/sched/core.c:5154
hardirqs last disabled at (2282): [<ffff80008ae46784>] __schedule+0x2bc/0x24b4 kernel/sched/core.c:6625
softirqs last enabled at (546): [<ffff80008003165c>] local_bh_enable+0x10/0x34 include/linux/bottom_half.h:32
softirqs last disabled at (544): [<ffff800080031628>] local_bh_disable+0x10/0x34 include/linux/bottom_half.h:19
---[ end trace 0000000000000000 ]---
Unable to handle kernel paging request at virtual address dfff800000000018
KASAN: null-ptr-deref in range [0x00000000000000c0-0x00000000000000c7]
Mem abort info:
ESR = 0x0000000096000005
EC = 0x25: DABT (current EL), IL = 32 bits
SET = 0, FnV = 0
EA = 0, S1PTW = 0
FSC = 0x05: level 1 translation fault
Data abort info:
ISV = 0, ISS = 0x00000005, ISS2 = 0x00000000
CM = 0, WnR = 0, TnD = 0, TagAccess = 0
GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0
[dfff800000000018] address between user and kernel address ranges
Internal error: Oops: 0000000096000005 [#1] PREEMPT SMP
Modules linked in:
CPU: 0 PID: 10856 Comm: syz-executor.1 Tainted: G W 6.8.0-rc7-syzkaller-g707081b61156 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/29/2024
pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : check_wait_context kernel/locking/lockdep.c:4773 [inline]
pc : __lock_acquire+0x568/0x763c kernel/locking/lockdep.c:5087
lr : hlock_class kernel/locking/lockdep.c:232 [inline]
lr : check_wait_context kernel/locking/lockdep.c:4773 [inline]
lr : __lock_acquire+0x780/0x763c kernel/locking/lockdep.c:5087
sp : ffff800099ba7240
x29: ffff800099ba7500 x28: ffff0000d7f65a00 x27: ffff0000d7f664f0
x26: 1fffe0001afecc9e x25: ffff0000d7f66458 x24: 0000000000000001
x23: 0000000000000003 x22: 0000000000000c17 x21: ffff8000922364c0
x20: 0000000000000000 x19: 00000000000000c4 x18: 1fffe000367fff96
x17: 0000000000000000 x16: ffff80008ad6b09c x15: 0000000000000001
x14: 1fffe00036800002 x13: 0000000000000000 x12: dfff800000000000
x11: 0000000000040000 x10: 0000000000022c3d x9 : afcfeb2b6d9f9a00
x8 : 0000000000000018 x7 : 0000000000000001 x6 : 0000000000000001
x5 : ffff800099ba6b38 x4 : ffff80008ed822c0 x3 : ffff8000805ba130
x2 : 0000000000000001 x1 : 0000000100000000 x0 : 0000000000000000
Call trace:
check_wait_context kernel/locking/lockdep.c:4773 [inline]
__lock_acquire+0x568/0x763c kernel/locking/lockdep.c:5087
lock_acquire+0x23c/0x71c kernel/locking/lockdep.c:5754
__flush_workqueue+0x14c/0x11c4 kernel/workqueue.c:3146
nci_close_device+0x140/0x5b8 net/nfc/nci/core.c:567
nci_dev_down+0x40/0x54 net/nfc/nci/core.c:639
nfc_dev_down net/nfc/core.c:161 [inline]
nfc_rfkill_set_block+0x14c/0x2d0 net/nfc/core.c:179
rfkill_set_block+0x18c/0x37c net/rfkill/core.c:346
rfkill_fop_write+0x578/0x734 net/rfkill/core.c:1305
vfs_write+0x3c0/0xc3c fs/read_write.c:588
ksys_write+0x15c/0x26c fs/read_write.c:643
__do_sys_write fs/read_write.c:655 [inline]
__se_sys_write fs/read_write.c:652 [inline]
__arm64_sys_write+0x7c/0x90 fs/read_write.c:652
__invoke_syscall arch/arm64/kernel/syscall.c:34 [inline]
invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:48
el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:133
do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:152
el0_svc+0x54/0x168 arch/arm64/kernel/entry-common.c:712
el0t_64_sync_handler+0x84/0xfc arch/arm64/kernel/entry-common.c:730
el0t_64_sync+0x190/0x194 arch/arm64/kernel/entry.S:598
Code: 34000ee8 aa1f03e8 91031113 d343fe68 (38ec6908)
---[ end trace 0000000000000000 ]---
----------------
Code disassembly (best guess):
0: 34000ee8 cbz w8, 0x1dc
4: aa1f03e8 mov x8, xzr
8: 91031113 add x19, x8, #0xc4
c: d343fe68 lsr x8, x19, #3
* 10: 38ec6908 ldrsb w8, [x8, x12] <-- trapping instruction
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzkaller@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
If the report is already addressed, let syzbot know by replying with:
#syz fix: exact-commit-title
If you want to overwrite report's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)
If the report is a duplicate of another one, reply with:
#syz dup: exact-subject-of-another-report
If you want to undo deduplication, reply with:
#syz undup
WARNING: multiple messages have this Message-ID (diff)
From: syzbot <syzbot+e29c204bd2e3906fe69c@syzkaller.appspotmail.com>
To: <davem@davemloft.net>, <edumazet@google.com>,
<krzysztof.kozlowski@linaro.org>, <kuba@kernel.org>,
<linux-kernel@vger.kernel.org>, <netdev@vger.kernel.org>,
<pabeni@redhat.com>, <syzkaller-bugs@googlegroups.com>
Subject: [syzbot] [nfc?] [net?] WARNING: locking bug in nci_close_device (2)
Date: Sat, 30 Mar 2024 04:02:25 -0700 [thread overview]
Message-ID: <00000000000008cd6e0614deb1db@google.com> (raw)
Message-ID: <20240330110225.lRosQmz9FwUG-TOqHq6mw3a9oyutZiXCmVP2Vb2tGpQ@z> (raw)
Hello,
syzbot found the following issue on:
HEAD commit: 707081b61156 Merge branch 'for-next/core', remote-tracking..
git tree: git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci
console output: https://syzkaller.appspot.com/x/log.txt?x=12ae3185180000
kernel config: https://syzkaller.appspot.com/x/.config?x=caeac3f3565b057a
dashboard link: https://syzkaller.appspot.com/bug?extid=e29c204bd2e3906fe69c
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
userspace arch: arm64
Unfortunately, I don't have any reproducer for this issue yet.
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/6cad68bf7532/disk-707081b6.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/1a27e5400778/vmlinux-707081b6.xz
kernel image: https://storage.googleapis.com/syzbot-assets/67dfc53755d0/Image-707081b6.gz.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+e29c204bd2e3906fe69c@syzkaller.appspotmail.com
------------[ cut here ]------------
DEBUG_LOCKS_WARN_ON(1)
WARNING: CPU: 0 PID: 10856 at kernel/locking/lockdep.c:232 check_wait_context kernel/locking/lockdep.c:4773 [inline]
WARNING: CPU: 0 PID: 10856 at kernel/locking/lockdep.c:232 __lock_acquire+0x78c/0x763c kernel/locking/lockdep.c:5087
Modules linked in:
CPU: 0 PID: 10856 Comm: syz-executor.1 Not tainted 6.8.0-rc7-syzkaller-g707081b61156 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/29/2024
pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : check_wait_context kernel/locking/lockdep.c:4773 [inline]
pc : __lock_acquire+0x78c/0x763c kernel/locking/lockdep.c:5087
lr : hlock_class kernel/locking/lockdep.c:232 [inline]
lr : check_wait_context kernel/locking/lockdep.c:4773 [inline]
lr : __lock_acquire+0x780/0x763c kernel/locking/lockdep.c:5087
sp : ffff800099ba7240
x29: ffff800099ba7500 x28: ffff0000d7f65a00 x27: ffff0000d7f664f0
x26: 1fffe0001afecc9e x25: ffff0000d7f66458 x24: 0000000000000001
x23: 0000000000000003 x22: 0000000000000c17 x21: ffff8000922364c0
x20: 0000000000000000 x19: ffff0000d7f664f4 x18: 1fffe000367fff96
x17: 0000000000000000 x16: ffff80008ad6b09c x15: 0000000000000001
x14: 1fffe00036800002 x13: 0000000000000000 x12: dfff800000000000
x11: 0000000000040000 x10: 0000000000022c3d x9 : afcfeb2b6d9f9a00
x8 : 0000000000000000 x7 : 0000000000000001 x6 : 0000000000000001
x5 : ffff800099ba6b38 x4 : ffff80008ed822c0 x3 : ffff8000805ba130
x2 : 0000000000000001 x1 : 0000000100000000 x0 : 0000000000000000
Call trace:
check_wait_context kernel/locking/lockdep.c:4773 [inline]
__lock_acquire+0x78c/0x763c kernel/locking/lockdep.c:5087
lock_acquire+0x23c/0x71c kernel/locking/lockdep.c:5754
__flush_workqueue+0x14c/0x11c4 kernel/workqueue.c:3146
nci_close_device+0x140/0x5b8 net/nfc/nci/core.c:567
nci_dev_down+0x40/0x54 net/nfc/nci/core.c:639
nfc_dev_down net/nfc/core.c:161 [inline]
nfc_rfkill_set_block+0x14c/0x2d0 net/nfc/core.c:179
rfkill_set_block+0x18c/0x37c net/rfkill/core.c:346
rfkill_fop_write+0x578/0x734 net/rfkill/core.c:1305
vfs_write+0x3c0/0xc3c fs/read_write.c:588
ksys_write+0x15c/0x26c fs/read_write.c:643
__do_sys_write fs/read_write.c:655 [inline]
__se_sys_write fs/read_write.c:652 [inline]
__arm64_sys_write+0x7c/0x90 fs/read_write.c:652
__invoke_syscall arch/arm64/kernel/syscall.c:34 [inline]
invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:48
el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:133
do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:152
el0_svc+0x54/0x168 arch/arm64/kernel/entry-common.c:712
el0t_64_sync_handler+0x84/0xfc arch/arm64/kernel/entry-common.c:730
el0t_64_sync+0x190/0x194 arch/arm64/kernel/entry.S:598
irq event stamp: 2283
hardirqs last enabled at (2283): [<ffff800080297cac>] raw_spin_rq_unlock_irq kernel/sched/sched.h:1397 [inline]
hardirqs last enabled at (2283): [<ffff800080297cac>] finish_lock_switch+0xbc/0x1e4 kernel/sched/core.c:5154
hardirqs last disabled at (2282): [<ffff80008ae46784>] __schedule+0x2bc/0x24b4 kernel/sched/core.c:6625
softirqs last enabled at (546): [<ffff80008003165c>] local_bh_enable+0x10/0x34 include/linux/bottom_half.h:32
softirqs last disabled at (544): [<ffff800080031628>] local_bh_disable+0x10/0x34 include/linux/bottom_half.h:19
---[ end trace 0000000000000000 ]---
Unable to handle kernel paging request at virtual address dfff800000000018
KASAN: null-ptr-deref in range [0x00000000000000c0-0x00000000000000c7]
Mem abort info:
ESR = 0x0000000096000005
EC = 0x25: DABT (current EL), IL = 32 bits
SET = 0, FnV = 0
EA = 0, S1PTW = 0
FSC = 0x05: level 1 translation fault
Data abort info:
ISV = 0, ISS = 0x00000005, ISS2 = 0x00000000
CM = 0, WnR = 0, TnD = 0, TagAccess = 0
GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0
[dfff800000000018] address between user and kernel address ranges
Internal error: Oops: 0000000096000005 [#1] PREEMPT SMP
Modules linked in:
CPU: 0 PID: 10856 Comm: syz-executor.1 Tainted: G W 6.8.0-rc7-syzkaller-g707081b61156 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/29/2024
pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : check_wait_context kernel/locking/lockdep.c:4773 [inline]
pc : __lock_acquire+0x568/0x763c kernel/locking/lockdep.c:5087
lr : hlock_class kernel/locking/lockdep.c:232 [inline]
lr : check_wait_context kernel/locking/lockdep.c:4773 [inline]
lr : __lock_acquire+0x780/0x763c kernel/locking/lockdep.c:5087
sp : ffff800099ba7240
x29: ffff800099ba7500 x28: ffff0000d7f65a00 x27: ffff0000d7f664f0
x26: 1fffe0001afecc9e x25: ffff0000d7f66458 x24: 0000000000000001
x23: 0000000000000003 x22: 0000000000000c17 x21: ffff8000922364c0
x20: 0000000000000000 x19: 00000000000000c4 x18: 1fffe000367fff96
x17: 0000000000000000 x16: ffff80008ad6b09c x15: 0000000000000001
x14: 1fffe00036800002 x13: 0000000000000000 x12: dfff800000000000
x11: 0000000000040000 x10: 0000000000022c3d x9 : afcfeb2b6d9f9a00
x8 : 0000000000000018 x7 : 0000000000000001 x6 : 0000000000000001
x5 : ffff800099ba6b38 x4 : ffff80008ed822c0 x3 : ffff8000805ba130
x2 : 0000000000000001 x1 : 0000000100000000 x0 : 0000000000000000
Call trace:
check_wait_context kernel/locking/lockdep.c:4773 [inline]
__lock_acquire+0x568/0x763c kernel/locking/lockdep.c:5087
lock_acquire+0x23c/0x71c kernel/locking/lockdep.c:5754
__flush_workqueue+0x14c/0x11c4 kernel/workqueue.c:3146
nci_close_device+0x140/0x5b8 net/nfc/nci/core.c:567
nci_dev_down+0x40/0x54 net/nfc/nci/core.c:639
nfc_dev_down net/nfc/core.c:161 [inline]
nfc_rfkill_set_block+0x14c/0x2d0 net/nfc/core.c:179
rfkill_set_block+0x18c/0x37c net/rfkill/core.c:346
rfkill_fop_write+0x578/0x734 net/rfkill/core.c:1305
vfs_write+0x3c0/0xc3c fs/read_write.c:588
ksys_write+0x15c/0x26c fs/read_write.c:643
__do_sys_write fs/read_write.c:655 [inline]
__se_sys_write fs/read_write.c:652 [inline]
__arm64_sys_write+0x7c/0x90 fs/read_write.c:652
__invoke_syscall arch/arm64/kernel/syscall.c:34 [inline]
invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:48
el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:133
do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:152
el0_svc+0x54/0x168 arch/arm64/kernel/entry-common.c:712
el0t_64_sync_handler+0x84/0xfc arch/arm64/kernel/entry-common.c:730
el0t_64_sync+0x190/0x194 arch/arm64/kernel/entry.S:598
Code: 34000ee8 aa1f03e8 91031113 d343fe68 (38ec6908)
---[ end trace 0000000000000000 ]---
----------------
Code disassembly (best guess):
0: 34000ee8 cbz w8, 0x1dc
4: aa1f03e8 mov x8, xzr
8: 91031113 add x19, x8, #0xc4
c: d343fe68 lsr x8, x19, #3
* 10: 38ec6908 ldrsb w8, [x8, x12] <-- trapping instruction
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzkaller@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
If the report is already addressed, let syzbot know by replying with:
#syz fix: exact-commit-title
If you want to overwrite report's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)
If the report is a duplicate of another one, reply with:
#syz dup: exact-subject-of-another-report
If you want to undo deduplication, reply with:
#syz undup
X-sender: <netdev+bounces-83500-steffen.klassert=secunet.com@vger.kernel.org>
X-Receiver: <steffen.klassert@secunet.com> ORCPT=rfc822;steffen.klassert@secunet.com
X-CreatedBy: MSExchange15
X-HeloDomain: mbx-dresden-01.secunet.de
X-ExtendedProps: BQBjAAoAnoqmlidQ3AgFADcAAgAADwA8AAAATWljcm9zb2Z0LkV4Y2hhbmdlLlRyYW5zcG9ydC5NYWlsUmVjaXBpZW50Lk9yZ2FuaXphdGlvblNjb3BlEQAAAAAAAAAAAAAAAAAAAAAADwA/AAAATWljcm9zb2Z0LkV4Y2hhbmdlLlRyYW5zcG9ydC5EaXJlY3RvcnlEYXRhLk1haWxEZWxpdmVyeVByaW9yaXR5DwADAAAATG93
X-Source: SMTP:Default MBX-ESSEN-02
X-SourceIPAddress: 10.53.40.199
X-EndOfInjectedXHeaders: 16081
Received: from mbx-dresden-01.secunet.de (10.53.40.199) by
mbx-essen-02.secunet.de (10.53.40.198) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
15.1.2507.37; Sat, 30 Mar 2024 12:02:38 +0100
Received: from b.mx.secunet.com (62.96.220.37) by cas-essen-02.secunet.de
(10.53.40.202) with Microsoft SMTP Server (version=TLS1_2,
cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35 via Frontend
Transport; Sat, 30 Mar 2024 12:02:38 +0100
Received: from localhost (localhost [127.0.0.1])
by b.mx.secunet.com (Postfix) with ESMTP id 45C052025D
for <steffen.klassert@secunet.com>; Sat, 30 Mar 2024 12:02:38 +0100 (CET)
X-Virus-Scanned: by secunet
X-Spam-Flag: NO
X-Spam-Score: -2.446
X-Spam-Level:
X-Spam-Status: No, score=-2.446 tagged_above=-999 required=2.1
tests=[BAYES_00=-1.9, FROM_LOCAL_HEX=0.006,
HEADER_FROM_DIFFERENT_DOMAINS=0.249, MAILING_LIST_MULTI=-1,
RCVD_IN_DNSWL_MED=-2.3, SORTED_RECIPS=2.499, SPF_HELO_NONE=0.001,
SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from b.mx.secunet.com ([127.0.0.1])
by localhost (a.mx.secunet.com [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id U_HQH-_t2Beg for <steffen.klassert@secunet.com>;
Sat, 30 Mar 2024 12:02:37 +0100 (CET)
Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=139.178.88.99; helo=sv.mirrors.kernel.org; envelope-from=netdev+bounces-83500-steffen.klassert=secunet.com@vger.kernel.org; receiver=steffen.klassert@secunet.com
DKIM-Filter: OpenDKIM Filter v2.11.0 b.mx.secunet.com A9F0D20322
Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org [139.178.88.99])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
(No client certificate requested)
by b.mx.secunet.com (Postfix) with ESMTPS id A9F0D20322
for <steffen.klassert@secunet.com>; Sat, 30 Mar 2024 12:02:36 +0100 (CET)
Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
(No client certificate requested)
by sv.mirrors.kernel.org (Postfix) with ESMTPS id B88E52832B5
for <steffen.klassert@secunet.com>; Sat, 30 Mar 2024 11:02:34 +0000 (UTC)
Received: from localhost.localdomain (localhost.localdomain [127.0.0.1])
by smtp.subspace.kernel.org (Postfix) with ESMTP id 88C3A2BAF6;
Sat, 30 Mar 2024 11:02:28 +0000 (UTC)
X-Original-To: netdev@vger.kernel.org
Received: from mail-il1-f200.google.com (mail-il1-f200.google.com [209.85.166.200])
(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
(No client certificate requested)
by smtp.subspace.kernel.org (Postfix) with ESMTPS id 7D0C217745
for <netdev@vger.kernel.org>; Sat, 30 Mar 2024 11:02:26 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.166.200
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
t=1711796548; cv=none; b=PosxYqb1zAY/YDAhdASyjwR3d02h4pA4RJzdPR+plZUs9RfH5g8OtO2sBS2TnFf98Yce0jYp5FEJEnmSSnp3KZ9sxciz2ioegNK09cd1ej9m3RbtAYYwQtRYnT1F9Ky3qPpFAh/LSW+6jZrDm7xL/XdWDYJOLr3zo4Dv18vK3yw=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
s=arc-20240116; t=1711796548; c=relaxed/simple;
bh=yPcfTvipI2/+vcDGEXJhfS40amnwmytukAZNlZ00LQs=;
h=MIME-Version:Date:Message-ID:Subject:From:To:Content-Type; b=qExrOcNVU+859vmsVDqF7BLLwYxKZvZLmhoT5Y0laDAa2J2Qoqzq78Zfk4THLzVX2U/bVN3peeWOLWmacwbOfwVSJnao0hUTzj7M5P6/PMHiPae567nKqCCXvLko87onfk5ZXpnPV4Ij1btQLoTlM8k6FKrOu+nho0M+nol+jVQ=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=fail (p=none dis=none) header.from=syzkaller.appspotmail.com; spf=pass smtp.mailfrom=M3KW2WVRGUFZ5GODRSRYTGD7.apphosting.bounces.google.com; arc=none smtp.client-ip=209.85.166.200
Authentication-Results: smtp.subspace.kernel.org; dmarc=fail (p=none dis=none) header.from=syzkaller.appspotmail.com
Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=M3KW2WVRGUFZ5GODRSRYTGD7.apphosting.bounces.google.com
Received: by mail-il1-f200.google.com with SMTP id e9e14a558f8ab-36854f4e9b3so25783045ab.2
for <netdev@vger.kernel.org>; Sat, 30 Mar 2024 04:02:26 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20230601; t=1711796545; x=1712401345;
h=to:from:subject:message-id:date:mime-version:x-gm-message-state
:from:to:cc:subject:date:message-id:reply-to;
bh=53tpjewSWu0Vresc93uaKcyJznO8Iz9abIky6N2xuK8=;
b=Lemjv6aYFA/ePK7C2eMHpA3UmYM2ypJnPjfwM478q1hTiEXhT6RDJ1EonEMBjWLavM
gKCvS9crJbn2WxMn6E9+xnzWhBbRxNQ34VluwhgRjQPr8sjckRnwvgkuju6ZxRZ0O+2L
NeG/VgZyzjiIv7e3eCn8xLNYlpZhGPk4HEfHtu+OBXU5cLBCI/i3P7IFn2xjm9u4ai8O
y+tGs2BbALLn9GEKvUmaTxaGU0J7/3Bu0atXrxyKY2OWzFXk5ux/++8X90FNkM+RleQB
S7XCRlRPtZ0GGSPOK9Gw4Ik02d5Atbm4VlH09mzd0xkpEsEusleFBKlWtB11EsyEUQDT
fgFg==
X-Forwarded-Encrypted: i=1; AJvYcCV/6QrjSwqi4gGxUzVso4hdZRNXb19ibQKeEqVeXP7Vn/YecPpcxyILHoESrkx9g+WincGJTOSMpdG9Hocm4nat1ibCplm0
X-Gm-Message-State: AOJu0YxX8znVuVSNHyk4q7Qg/juCPMbuw6f4ConwHSvpxphntVCtBzky
zJ9fQcBUj+PNO0N195aTQOE3w8s5t/AtYx9/UFenDRIVdEfHi8jE3CJuH1D9G0b+m/8SCFSQwdt
+AjmnSadxsSAK8axoefcYjIHJrRr5MR1uiBEZRFiQSojfmiP5LaHNtTQ=
X-Google-Smtp-Source: AGHT+IHv69JzOfvTT29TShFoM/iodtSW6dmhPzDpDQg2zztHr8hSEYTmewIQpE/qHaWyeJ9BmGXrYmPL7FCNH6qlTCEmh8lPzblN
Precedence: bulk
X-Mailing-List: netdev@vger.kernel.org
List-Id: <netdev.vger.kernel.org>
List-Subscribe: <mailto:netdev+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:netdev+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
X-Received: by 2002:a05:6e02:1985:b0:368:8135:4559 with SMTP id
g5-20020a056e02198500b0036881354559mr352355ilf.6.1711796545698; Sat, 30 Mar
2024 04:02:25 -0700 (PDT)
Date: Sat, 30 Mar 2024 04:02:25 -0700
X-Google-Appengine-App-Id: s~syzkaller
X-Google-Appengine-App-Id-Alias: syzkaller
Message-ID: <00000000000008cd6e0614deb1db@google.com>
Subject: [syzbot] [nfc?] [net?] WARNING: locking bug in nci_close_device (2)
From: syzbot <syzbot+e29c204bd2e3906fe69c@syzkaller.appspotmail.com>
To: davem@davemloft.net, edumazet@google.com, krzysztof.kozlowski@linaro.org,
kuba@kernel.org, linux-kernel@vger.kernel.org, netdev@vger.kernel.org,
pabeni@redhat.com, syzkaller-bugs@googlegroups.com
Content-Type: text/plain; charset="UTF-8"
Return-Path: netdev+bounces-83500-steffen.klassert=secunet.com@vger.kernel.org
X-MS-Exchange-Organization-OriginalArrivalTime: 30 Mar 2024 11:02:38.3244
(UTC)
X-MS-Exchange-Organization-Network-Message-Id: 0f717a41-2bff-429e-aa5c-08dc50a8e993
X-MS-Exchange-Organization-OriginalClientIPAddress: 62.96.220.37
X-MS-Exchange-Organization-OriginalServerIPAddress: 10.53.40.202
X-MS-Exchange-Organization-Cross-Premises-Headers-Processed: cas-essen-02.secunet.de
X-MS-Exchange-Organization-OrderedPrecisionLatencyInProgress: LSRV=cas-essen-02.secunet.de:TOTAL-FE=0.025|SMR=0.024(SMRPI=0.022(SMRPI-FrontendProxyAgent=0.022));2024-03-30T11:02:38.349Z
X-MS-Exchange-Forest-ArrivalHubServer: mbx-essen-02.secunet.de
X-MS-Exchange-Organization-AuthSource: cas-essen-02.secunet.de
X-MS-Exchange-Organization-AuthAs: Anonymous
X-MS-Exchange-Organization-OriginalSize: 15532
X-MS-Exchange-Organization-Transport-Properties: DeliveryPriority=Low
X-MS-Exchange-Organization-Prioritization: 2:ShadowRedundancy
X-MS-Exchange-Organization-IncludeInSla: False:ShadowRedundancy
Hello,
syzbot found the following issue on:
HEAD commit: 707081b61156 Merge branch 'for-next/core', remote-tracking..
git tree: git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci
console output: https://syzkaller.appspot.com/x/log.txt?x=12ae3185180000
kernel config: https://syzkaller.appspot.com/x/.config?x=caeac3f3565b057a
dashboard link: https://syzkaller.appspot.com/bug?extid=e29c204bd2e3906fe69c
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
userspace arch: arm64
Unfortunately, I don't have any reproducer for this issue yet.
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/6cad68bf7532/disk-707081b6.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/1a27e5400778/vmlinux-707081b6.xz
kernel image: https://storage.googleapis.com/syzbot-assets/67dfc53755d0/Image-707081b6.gz.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+e29c204bd2e3906fe69c@syzkaller.appspotmail.com
------------[ cut here ]------------
DEBUG_LOCKS_WARN_ON(1)
WARNING: CPU: 0 PID: 10856 at kernel/locking/lockdep.c:232 check_wait_context kernel/locking/lockdep.c:4773 [inline]
WARNING: CPU: 0 PID: 10856 at kernel/locking/lockdep.c:232 __lock_acquire+0x78c/0x763c kernel/locking/lockdep.c:5087
Modules linked in:
CPU: 0 PID: 10856 Comm: syz-executor.1 Not tainted 6.8.0-rc7-syzkaller-g707081b61156 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/29/2024
pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : check_wait_context kernel/locking/lockdep.c:4773 [inline]
pc : __lock_acquire+0x78c/0x763c kernel/locking/lockdep.c:5087
lr : hlock_class kernel/locking/lockdep.c:232 [inline]
lr : check_wait_context kernel/locking/lockdep.c:4773 [inline]
lr : __lock_acquire+0x780/0x763c kernel/locking/lockdep.c:5087
sp : ffff800099ba7240
x29: ffff800099ba7500 x28: ffff0000d7f65a00 x27: ffff0000d7f664f0
x26: 1fffe0001afecc9e x25: ffff0000d7f66458 x24: 0000000000000001
x23: 0000000000000003 x22: 0000000000000c17 x21: ffff8000922364c0
x20: 0000000000000000 x19: ffff0000d7f664f4 x18: 1fffe000367fff96
x17: 0000000000000000 x16: ffff80008ad6b09c x15: 0000000000000001
x14: 1fffe00036800002 x13: 0000000000000000 x12: dfff800000000000
x11: 0000000000040000 x10: 0000000000022c3d x9 : afcfeb2b6d9f9a00
x8 : 0000000000000000 x7 : 0000000000000001 x6 : 0000000000000001
x5 : ffff800099ba6b38 x4 : ffff80008ed822c0 x3 : ffff8000805ba130
x2 : 0000000000000001 x1 : 0000000100000000 x0 : 0000000000000000
Call trace:
check_wait_context kernel/locking/lockdep.c:4773 [inline]
__lock_acquire+0x78c/0x763c kernel/locking/lockdep.c:5087
lock_acquire+0x23c/0x71c kernel/locking/lockdep.c:5754
__flush_workqueue+0x14c/0x11c4 kernel/workqueue.c:3146
nci_close_device+0x140/0x5b8 net/nfc/nci/core.c:567
nci_dev_down+0x40/0x54 net/nfc/nci/core.c:639
nfc_dev_down net/nfc/core.c:161 [inline]
nfc_rfkill_set_block+0x14c/0x2d0 net/nfc/core.c:179
rfkill_set_block+0x18c/0x37c net/rfkill/core.c:346
rfkill_fop_write+0x578/0x734 net/rfkill/core.c:1305
vfs_write+0x3c0/0xc3c fs/read_write.c:588
ksys_write+0x15c/0x26c fs/read_write.c:643
__do_sys_write fs/read_write.c:655 [inline]
__se_sys_write fs/read_write.c:652 [inline]
__arm64_sys_write+0x7c/0x90 fs/read_write.c:652
__invoke_syscall arch/arm64/kernel/syscall.c:34 [inline]
invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:48
el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:133
do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:152
el0_svc+0x54/0x168 arch/arm64/kernel/entry-common.c:712
el0t_64_sync_handler+0x84/0xfc arch/arm64/kernel/entry-common.c:730
el0t_64_sync+0x190/0x194 arch/arm64/kernel/entry.S:598
irq event stamp: 2283
hardirqs last enabled at (2283): [<ffff800080297cac>] raw_spin_rq_unlock_irq kernel/sched/sched.h:1397 [inline]
hardirqs last enabled at (2283): [<ffff800080297cac>] finish_lock_switch+0xbc/0x1e4 kernel/sched/core.c:5154
hardirqs last disabled at (2282): [<ffff80008ae46784>] __schedule+0x2bc/0x24b4 kernel/sched/core.c:6625
softirqs last enabled at (546): [<ffff80008003165c>] local_bh_enable+0x10/0x34 include/linux/bottom_half.h:32
softirqs last disabled at (544): [<ffff800080031628>] local_bh_disable+0x10/0x34 include/linux/bottom_half.h:19
---[ end trace 0000000000000000 ]---
Unable to handle kernel paging request at virtual address dfff800000000018
KASAN: null-ptr-deref in range [0x00000000000000c0-0x00000000000000c7]
Mem abort info:
ESR = 0x0000000096000005
EC = 0x25: DABT (current EL), IL = 32 bits
SET = 0, FnV = 0
EA = 0, S1PTW = 0
FSC = 0x05: level 1 translation fault
Data abort info:
ISV = 0, ISS = 0x00000005, ISS2 = 0x00000000
CM = 0, WnR = 0, TnD = 0, TagAccess = 0
GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0
[dfff800000000018] address between user and kernel address ranges
Internal error: Oops: 0000000096000005 [#1] PREEMPT SMP
Modules linked in:
CPU: 0 PID: 10856 Comm: syz-executor.1 Tainted: G W 6.8.0-rc7-syzkaller-g707081b61156 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/29/2024
pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : check_wait_context kernel/locking/lockdep.c:4773 [inline]
pc : __lock_acquire+0x568/0x763c kernel/locking/lockdep.c:5087
lr : hlock_class kernel/locking/lockdep.c:232 [inline]
lr : check_wait_context kernel/locking/lockdep.c:4773 [inline]
lr : __lock_acquire+0x780/0x763c kernel/locking/lockdep.c:5087
sp : ffff800099ba7240
x29: ffff800099ba7500 x28: ffff0000d7f65a00 x27: ffff0000d7f664f0
x26: 1fffe0001afecc9e x25: ffff0000d7f66458 x24: 0000000000000001
x23: 0000000000000003 x22: 0000000000000c17 x21: ffff8000922364c0
x20: 0000000000000000 x19: 00000000000000c4 x18: 1fffe000367fff96
x17: 0000000000000000 x16: ffff80008ad6b09c x15: 0000000000000001
x14: 1fffe00036800002 x13: 0000000000000000 x12: dfff800000000000
x11: 0000000000040000 x10: 0000000000022c3d x9 : afcfeb2b6d9f9a00
x8 : 0000000000000018 x7 : 0000000000000001 x6 : 0000000000000001
x5 : ffff800099ba6b38 x4 : ffff80008ed822c0 x3 : ffff8000805ba130
x2 : 0000000000000001 x1 : 0000000100000000 x0 : 0000000000000000
Call trace:
check_wait_context kernel/locking/lockdep.c:4773 [inline]
__lock_acquire+0x568/0x763c kernel/locking/lockdep.c:5087
lock_acquire+0x23c/0x71c kernel/locking/lockdep.c:5754
__flush_workqueue+0x14c/0x11c4 kernel/workqueue.c:3146
nci_close_device+0x140/0x5b8 net/nfc/nci/core.c:567
nci_dev_down+0x40/0x54 net/nfc/nci/core.c:639
nfc_dev_down net/nfc/core.c:161 [inline]
nfc_rfkill_set_block+0x14c/0x2d0 net/nfc/core.c:179
rfkill_set_block+0x18c/0x37c net/rfkill/core.c:346
rfkill_fop_write+0x578/0x734 net/rfkill/core.c:1305
vfs_write+0x3c0/0xc3c fs/read_write.c:588
ksys_write+0x15c/0x26c fs/read_write.c:643
__do_sys_write fs/read_write.c:655 [inline]
__se_sys_write fs/read_write.c:652 [inline]
__arm64_sys_write+0x7c/0x90 fs/read_write.c:652
__invoke_syscall arch/arm64/kernel/syscall.c:34 [inline]
invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:48
el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:133
do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:152
el0_svc+0x54/0x168 arch/arm64/kernel/entry-common.c:712
el0t_64_sync_handler+0x84/0xfc arch/arm64/kernel/entry-common.c:730
el0t_64_sync+0x190/0x194 arch/arm64/kernel/entry.S:598
Code: 34000ee8 aa1f03e8 91031113 d343fe68 (38ec6908)
---[ end trace 0000000000000000 ]---
----------------
Code disassembly (best guess):
0: 34000ee8 cbz w8, 0x1dc
4: aa1f03e8 mov x8, xzr
8: 91031113 add x19, x8, #0xc4
c: d343fe68 lsr x8, x19, #3
* 10: 38ec6908 ldrsb w8, [x8, x12] <-- trapping instruction
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzkaller@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
If the report is already addressed, let syzbot know by replying with:
#syz fix: exact-commit-title
If you want to overwrite report's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)
If the report is a duplicate of another one, reply with:
#syz dup: exact-subject-of-another-report
If you want to undo deduplication, reply with:
#syz undup
next reply other threads:[~2024-03-30 11:02 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-03-30 11:02 syzbot [this message]
2024-03-30 11:02 ` [syzbot] [nfc?] [net?] WARNING: locking bug in nci_close_device (2) syzbot
2024-03-30 11:02 ` syzbot
2024-04-03 19:49 ` [syzbot] [net?] [nfc?] " syzbot
2024-04-04 0:00 ` Hillf Danton
2024-04-04 10:15 ` syzbot
2024-04-04 10:58 ` Hillf Danton
2024-04-04 20:23 ` syzbot
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=00000000000008cd6e0614deb1db@google.com \
--to=syzbot+e29c204bd2e3906fe69c@syzkaller.appspotmail.com \
--cc=davem@davemloft.net \
--cc=edumazet@google.com \
--cc=krzysztof.kozlowski@linaro.org \
--cc=kuba@kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=netdev@vger.kernel.org \
--cc=pabeni@redhat.com \
--cc=syzkaller-bugs@googlegroups.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.