Re: [syzbot] [net?] [nfc?] WARNING in nfc_rfkill_set_block

All of lore.kernel.org
 help / color / mirror / Atom feed

From: syzbot <syzbot+535bbe83dfc3ae8d4be3@syzkaller.appspotmail.com>
To: davem@davemloft.net, edumazet@google.com, hdanton@sina.com,
	 horms@kernel.org, krzk@kernel.org, kuba@kernel.org,
	 linux-kernel@vger.kernel.org, netdev@vger.kernel.org,
	pabeni@redhat.com,  penguin-kernel@i-love.sakura.ne.jp,
	syzkaller-bugs@googlegroups.com,  tglx@linutronix.de
Subject: Re: [syzbot] [net?] [nfc?] WARNING in nfc_rfkill_set_block
Date: Sun, 31 Aug 2025 00:02:33 -0700	[thread overview]
Message-ID: <68b3f389.a00a0220.1337b0.002e.GAE@google.com> (raw)
In-Reply-To: <689e6bba.050a0220.e29e5.0003.GAE@google.com>

syzbot has found a reproducer for the following issue on:

HEAD commit:    c8bc81a52d5a Merge tag 'arm64-fixes' of git://git.kernel.o..
git tree:       upstream
console output: https://syzkaller.appspot.com/x/log.txt?x=1508ce34580000
kernel config:  https://syzkaller.appspot.com/x/.config?x=bd9738e00c1bbfb4
dashboard link: https://syzkaller.appspot.com/bug?extid=535bbe83dfc3ae8d4be3
compiler:       Debian clang version 20.1.8 (++20250708063551+0c9f909b7976-1~exp1~20250708183702.136), Debian LLD 20.1.8
syz repro:      https://syzkaller.appspot.com/x/repro.syz?x=11019a62580000
C reproducer:   https://syzkaller.appspot.com/x/repro.c?x=1308ce34580000

Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/e617000fa273/disk-c8bc81a5.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/7ae3a3f4924d/vmlinux-c8bc81a5.xz
kernel image: https://storage.googleapis.com/syzbot-assets/d68d297e1f87/bzImage-c8bc81a5.xz

IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+535bbe83dfc3ae8d4be3@syzkaller.appspotmail.com

Bluetooth: hci0: Opcode 0x0c1a failed: -110
Bluetooth: hci0: Error when powering off device on rfkill (-110)
------------[ cut here ]------------
rtmutex deadlock detected
WARNING: CPU: 0 PID: 6084 at kernel/locking/rtmutex.c:1674 rt_mutex_handle_deadlock+0x28/0xb0 kernel/locking/rtmutex.c:1674
Modules linked in:
CPU: 0 UID: 0 PID: 6084 Comm: syz.0.17 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
RIP: 0010:rt_mutex_handle_deadlock+0x28/0xb0 kernel/locking/rtmutex.c:1674
Code: 90 90 41 57 41 56 41 55 41 54 53 83 ff dd 0f 85 8c 00 00 00 48 89 f7 e8 c6 2c 01 00 90 48 c7 c7 80 08 0b 8b e8 79 78 8a f6 90 <0f> 0b 90 90 4c 8d 3d 00 00 00 00 65 48 8b 1c 25 08 e0 f5 91 4c 8d
RSP: 0018:ffffc90003a8f950 EFLAGS: 00010246
RAX: 4a17b3cdcfcd8c00 RBX: ffffc90003a8f9e0 RCX: ffff888034b23b80
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
RBP: ffffc90003a8fb00 R08: 0000000000000000 R09: 0000000000000000
R10: dffffc0000000000 R11: ffffed1017104863 R12: 1ffff92000751f38
R13: ffffffff8af8b119 R14: ffff88802b77f098 R15: dffffc0000000000
FS:  00007f918c68e6c0(0000) GS:ffff8881268c2000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000558db6b05168 CR3: 0000000040f42000 CR4: 00000000003526f0
Call Trace:
 <TASK>
 __rt_mutex_slowlock kernel/locking/rtmutex.c:1734 [inline]
 __rt_mutex_slowlock_locked kernel/locking/rtmutex.c:1760 [inline]
 rt_mutex_slowlock+0x692/0x6e0 kernel/locking/rtmutex.c:1800
 __rt_mutex_lock kernel/locking/rtmutex.c:1815 [inline]
 __mutex_lock_common kernel/locking/rtmutex_api.c:536 [inline]
 mutex_lock_nested+0x16a/0x1d0 kernel/locking/rtmutex_api.c:547
 device_lock include/linux/device.h:911 [inline]
 nfc_dev_down net/nfc/core.c:143 [inline]
 nfc_rfkill_set_block+0x50/0x2e0 net/nfc/core.c:179
 rfkill_set_block+0x1e5/0x450 net/rfkill/core.c:346
 rfkill_fop_write+0x44e/0x580 net/rfkill/core.c:1301
 vfs_write+0x284/0xb40 fs/read_write.c:684
 ksys_write+0x14b/0x260 fs/read_write.c:738
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xfa/0x3b0 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f918d01ebe9
Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007f918c68e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
RAX: ffffffffffffffda RBX: 00007f918d255fa0 RCX: 00007f918d01ebe9
RDX: 0000000000000008 RSI: 0000200000000080 RDI: 0000000000000004
RBP: 00007f918d0a1e19 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007f918d256038 R14: 00007f918d255fa0 R15: 00007ffcb32fa318
 </TASK>


---
If you want syzbot to run the reproducer, reply with:
#syz test: git://repo/address.git branch-or-commit-hash
If you attach or paste a git patch, syzbot will apply it before testing.

next prev parent reply	other threads:[~2025-08-31  7:02 UTC|newest]

Thread overview: 8+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2025-08-14 23:05 [syzbot] [nfc?] [net?] WARNING in nfc_rfkill_set_block syzbot
2025-08-15  0:11 ` Hillf Danton
2025-08-31  7:02 ` syzbot [this message]
2025-08-31  8:19   ` [syzbot] [net?] [nfc?] " Hillf Danton
2025-08-31  8:44     ` syzbot
2025-08-31  9:59   ` Hillf Danton
2025-08-31 10:19     ` syzbot
2025-08-31 12:56     ` Yunseong Kim

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=68b3f389.a00a0220.1337b0.002e.GAE@google.com \
    --to=syzbot+535bbe83dfc3ae8d4be3@syzkaller.appspotmail.com \
    --cc=davem@davemloft.net \
    --cc=edumazet@google.com \
    --cc=hdanton@sina.com \
    --cc=horms@kernel.org \
    --cc=krzk@kernel.org \
    --cc=kuba@kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=netdev@vger.kernel.org \
    --cc=pabeni@redhat.com \
    --cc=penguin-kernel@i-love.sakura.ne.jp \
    --cc=syzkaller-bugs@googlegroups.com \
    --cc=tglx@linutronix.de \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.