From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mail-vk1-f180.google.com (mail-vk1-f180.google.com [209.85.221.180]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 2C0403BFAE8 for ; Fri, 26 Jun 2026 21:27:37 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.221.180 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1782509258; cv=none; b=h6/Mxu3dcQV+7Y7nFN+CL5I10R5DhDZmC/loeclwv2p9Ia0Ja3OuazdfwcutQRyltSfuw6wbW3h7f23EQSJHAHK2OII6ghU+fXW533fcj22ukqUzl4Y+o0L2jbMiyJD1aUsh67w4nSgT/5Hn9o4TefjAqD75haj4IHlBDmKJfdE= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1782509258; c=relaxed/simple; bh=sjXlq4swBE4gW7jyiGs/HsKppgmtDIXTjRONm6DkCTY=; h=Message-ID:Date:Subject:To:Cc:Content-Type:MIME-Version:From; b=FqYyc4PyPzwlHvODd8sSepJIVEOB5uxghDDRgS9JX/AR9QLlDDNJJbRhLhOiUMSSbL5v1V6OUBSSHQ7ogZrAgRddQhjja59LmeOhTb57005B/5sTY+T/YClGL8ukdN+xvuQCOEqWlBaNl+zxQjwAvy7iTZlmvP0Mwr57fRMsSiY= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=h0hhpcxb; arc=none smtp.client-ip=209.85.221.180 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="h0hhpcxb" Received: by mail-vk1-f180.google.com with SMTP id 71dfb90a1353d-5bd6991ba0aso39098e0c.1 for ; Fri, 26 Jun 2026 14:27:37 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20251104; t=1782509256; x=1783114056; darn=vger.kernel.org; h=from:mime-version:content-transfer-encoding:content-type:cc:to :subject:date:message-id:from:to:cc:subject:date:message-id:reply-to :content-type; bh=1qEvGNvhR3zUhQwFuSIxHyIogEMSf9YKfoUcDsxQ5Pc=; b=h0hhpcxbPq9ZFj6GuGpEzv2EUyMKWdI91pU5QiO3hDI/80BOl1vYO0oBnMyh1o8Wyj G4dtMh1vJrQjeqQ17I89MKT3eWVh5M+2qa/+6qhRSpvrMjbTXKte18XTcmSBpWQfUlD+ zGlhJixisrDFvOgc7OLMZQZARn7NxD0S/WzQs1BOeUenOuhmKsBePUJOHIMLLSxVyEpL 93zmqTbFGZE3lfWKTvjX0ho7eHFXnIx7qAU36tBBLjNi+tmSu2x/K0M5U8gIq5AMIXXr X6slOKxKZGqo6CYbEkhSl0CmQ1Q5IuE68WHY+JBWRv7Uj0S5RphcXFTSYBcEHVlXEAwA AWaQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1782509256; x=1783114056; h=from:mime-version:content-transfer-encoding:content-type:cc:to :subject:date:message-id:x-gm-gg:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to:content-type; bh=1qEvGNvhR3zUhQwFuSIxHyIogEMSf9YKfoUcDsxQ5Pc=; b=O38Ch2MXK/FnykTIgTnIT27zLTXscQVsm3CuKtyIRng/EdM/dRI+3chZv6j96zZZOZ BhTzlDg5J6NcJviravk42j9TVtelpW4U+RzUfJsyFX1BnlV6WKTfbKk9hJJ0Ebeiunpu edN96bcahtsa4ZktxQx6vZcYrqLVmOEtV9e9bGsxnNEaY/VD2UJZFFlTRO+pfU43zkPy bh686S6TPlIzz5QrJWTtesXxyn48Rzu3rVAc7t9cs2BqqkLRxdq4irWCks05LQJ6tKa8 gOt4fj+FRZ+lBMHdy1WzCgVL5yGE/AMuxdGyCtILCNzEzXCOsKRP+7JRNCqCa/4LQT2C S6Dg== X-Forwarded-Encrypted: i=1; AHgh+RpQzhWRLsJkAfF+d5usLwX71j/AgV0wAQLscnREJ4NDu3pDC2OdQOq0Q/kgwGNaYevQQZ0fiRKodUBS2+A=@vger.kernel.org X-Gm-Message-State: AOJu0Yxmb9ZSeG7wUqKDfwJ9VmPCJvZHbpc9If/Cv38jMBc0dJcSt6bz 1MKj9auXNbvt/kw1za+LoTKwrx4kwovSRRTDmSiH+noOpjQ4JowORwngBMu04PPk X-Gm-Gg: AfdE7ckyNUd+7805dy0OGwgqAwpy+9qaPw3gym7tZZLFkfGn6Nk4MnxBjvcWtYQyxt1 untj00jmQ/EncisPyd0ohyfsJPRFgHqhE6uglTjtVhUHkRXYJz1QaCkp499HxmqJgAjcRcoIr/x HJTYdqRNY2JM4HiZ3aLA6+gYjbBArhG6XRDf8OJgNGHNV/CRg7bt59ORAJFXDtj2SuCTXaBLioZ seTDX09vkbHbyMIm1j3bxu4+isfDUnwpXNLRrGbMRWa3Tt+A8N9AZNQ7gQBY8vzeKzCYYSQMPHb dBFKrHnCZgPI2/kbta7cG4ksBwrL8IKZlxd5UimbDGiJAPKknVD6ZHObwiFDDyD1JiJMKbHIhG/ q0UJDJxLKddQNmNU8ojpDhxtzXzSwPL/YXXRqPSuVppDIV6NP2KT9RScmIWpFohafePV/3eMhIS W4VmeRVc/tnEWm4GHWwa+n86wvA6eoc2Za3qo89t9msxNXQ6/ADxoApxX5bSWI5LSlH9BJJEu1Q Ev51xFV1F1e X-Received: by 2002:a05:6102:f06:b0:72f:6669:286a with SMTP id ada2fe7eead31-73433e313a9mr1481860137.2.1782509256057; Fri, 26 Jun 2026 14:27:36 -0700 (PDT) Received: from [192.168.10.115] ([132.170.207.48]) by smtp.gmail.com with ESMTPSA id a1e0cc1a2514c-9691d41f195sm1372801241.9.2026.06.26.14.27.35 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 26 Jun 2026 14:27:35 -0700 (PDT) Message-ID: <6a3eeec7.ade5411d.badf0.e138@mx.google.com> Date: Fri, 26 Jun 2026 14:27:35 -0700 (PDT) Subject: WARNING in delayed_work_timer_fn To: tj@kernel.org, jiangshanlai@gmail.com, linux-kernel@vger.kernel.org Cc: syzkaller@googlegroups.com, contact@pgazz.com Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 8bit Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: sanan.hasanou@gmail.com Good day, dear maintainers, We found a bug using a modified version of syzkaller. Kernel Branch: 7.0-rc1 Kernel Config: Unfortunately, we don't have any reproducer for this bug yet. Thank you! Best regards, Sanan Hasanov ------------[ cut here ]------------ workqueue: cannot queue hci_conn_timeout on wq hci4 WARNING: kernel/workqueue.c:2271 at __queue_work+0xd2b/0xff0 kernel/workqueue.c:2269, CPU#1: pool_workqueue_/3 Modules linked in: CPU: 1 UID: 0 PID: 3 Comm: pool_workqueue_ Tainted: G L 7.0.0-rc1 #1 PREEMPT(full) Tainted: [L]=SOFTLOCKUP Hardware name: QEMU Ubuntu 24.04 PC v2 (i440FX + PIIX, arch_caps fix, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 RIP: 0010:__queue_work+0xd57/0xff0 kernel/workqueue.c:2269 Code: c5 18 4c 89 e8 48 c1 e8 03 42 80 3c 20 00 74 08 4c 89 ef e8 db 15 a0 00 49 8b 75 00 48 8b 55 a8 48 81 c2 78 01 00 00 4c 89 f7 <67> 48 0f b9 3a e9 f3 fe ff ff e8 4a cd 36 00 48 8d 3d 43 9a 06 0e RSP: 0018:ffffc900001f8bb0 EFLAGS: 00010086 RAX: 1ffff1100341314b RBX: 0000000000000100 RCX: ffff8880192f1d00 RDX: ffff88805f5fd978 RSI: ffffffff8a67ba00 RDI: ffffffff8f90ef60 RBP: ffffc900001f8c40 R08: ffffffff8f8dfdb7 R09: 1ffffffff1f1bfb6 R10: dffffc0000000000 R11: fffffbfff1f1bfb7 R12: dffffc0000000000 R13: ffff88801a098a58 R14: ffffffff8f90ef60 R15: 0000000000000008 FS: 0000000000000000(0000) GS:ffff8880ef136000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00005646cf5e23c0 CR3: 0000000060a4c000 CR4: 00000000000006f0 Call Trace: delayed_work_timer_fn+0x65/0x90 kernel/workqueue.c:2500 call_timer_fn+0x167/0x640 kernel/time/timer.c:1748 expire_timers kernel/time/timer.c:1794 [inline] __run_timers kernel/time/timer.c:2373 [inline] __run_timer_base+0x641/0x860 kernel/time/timer.c:2385 run_timer_base kernel/time/timer.c:2394 [inline] run_timer_softirq+0xc0/0x180 kernel/time/timer.c:2404 handle_softirqs+0x226/0x870 kernel/softirq.c:622 __do_softirq kernel/softirq.c:656 [inline] invoke_softirq kernel/softirq.c:496 [inline] __irq_exit_rcu+0x64/0x150 kernel/softirq.c:723 irq_exit_rcu+0xd/0x30 kernel/softirq.c:739 instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1056 [inline] sysvec_apic_timer_interrupt+0x9b/0xc0 arch/x86/kernel/apic/apic.c:1056 asm_sysvec_apic_timer_interrupt+0x1f/0x30 arch/x86/include/asm/idtentry.h:697 RIP: 0010:preempt_schedule_irq+0x4c/0xa0 kernel/sched/core.c:7234 Code: 49 be 00 00 00 00 00 fc ff df eb 09 48 f7 03 10 00 00 00 74 54 bf 01 00 00 00 e8 5f df 27 f6 e8 1a 9b 60 f6 fb bf 01 00 00 00 4f a7 ff ff 9c 58 fa a9 00 02 00 00 74 05 e8 e0 9c 60 f6 bf 01 RSP: 0018:ffffc9000014fb28 EFLAGS: 00000202 RAX: 00000000000ca7b5 RBX: ffffc9000014fbd8 RCX: 0000000000000001 RDX: 0000000000000000 RSI: ffffffff8d71009e RDI: 0000000000000001 RBP: ffffc9000014fb38 R08: ffffffff8f8dfdb7 R09: 1ffffffff1f1bfb6 R10: dffffc0000000000 R11: fffffbfff1f1bfb7 R12: 0000000000000000 R13: 0000000000000000 R14: dffffc0000000000 R15: 0000000000000000 raw_irqentry_exit_cond_resched+0x48/0x50 kernel/entry/common.c:196 irqentry_exit+0x155/0x610 kernel/entry/common.c:239 sysvec_reschedule_ipi+0xae/0xc0 arch/x86/kernel/smp.c:248 asm_sysvec_reschedule_ipi+0x1f/0x30 arch/x86/include/asm/idtentry.h:702 RIP: 0010:lockdep_unregister_key+0x2d2/0x350 kernel/locking/lockdep.c:6616 Code: 0b fe ff ff 89 c6 48 c7 c7 10 ea d6 92 e8 a6 c6 cb 09 90 e9 66 fe ff ff e8 2b 32 c9 09 41 f7 c4 00 02 00 00 74 bc fb 45 84 ff <75> bb eb cc 90 0f 0b 90 e9 2b ff ff ff 90 0f 0b 90 e9 38 ff ff ff RSP: 0018:ffffc9000014fc80 EFLAGS: 00000246 RAX: 0000000000000046 RBX: ffff888026d8b138 RCX: 0000000000000046 RDX: ffffffff90926578 RSI: ffffffff8d723c2c RDI: ffffffff8be59a80 RBP: ffffc9000014fcc0 R08: 0000000000000000 R09: ffffffff8df5b3e0 R10: ffffffff81ab1668 R11: fffffbfff1f1bfb7 R12: 0000000000000a47 R13: 0000000000001000 R14: ffff888026d8b139 R15: ffffffff90d26500 wq_unregister_lockdep kernel/workqueue.c:4902 [inline] pwq_release_workfn+0x6e9/0x870 kernel/workqueue.c:5198 kthread_worker_fn+0x4fb/0xbe0 kernel/kthread.c:1056 kthread+0x37d/0x470 kernel/kthread.c:467 ret_from_fork+0x507/0xb90 arch/x86/kernel/process.c:158 ret_from_fork_asm+0x11/0x20 arch/x86/entry/entry_64.S:245 ---------------- Code disassembly (best guess), 1 bytes skipped: 0: 18 4c 89 e8 sbb %cl,-0x18(%rcx,%rcx,4) 4: 48 c1 e8 03 shr $0x3,%rax 8: 42 80 3c 20 00 cmpb $0x0,(%rax,%r12,1) d: 74 08 je 0x17 f: 4c 89 ef mov %r13,%rdi 12: e8 db 15 a0 00 call 0xa015f2 17: 49 8b 75 00 mov 0x0(%r13),%rsi 1b: 48 8b 55 a8 mov -0x58(%rbp),%rdx 1f: 48 81 c2 78 01 00 00 add $0x178,%rdx 26: 4c 89 f7 mov %r14,%rdi * 29: 67 48 0f b9 3a ud1 (%edx),%rdi <-- trapping instruction 2e: e9 f3 fe ff ff jmp 0xffffff26 33: e8 4a cd 36 00 call 0x36cd82 38: 48 8d 3d 43 9a 06 0e lea 0xe069a43(%rip),%rdi # 0xe069a82 <<<<<<<<<<<<<<< tail report >>>>>>>>>>>>>>> SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) <<<<<<<<<<<<<<< tail report >>>>>>>>>>>>>>> kthread_worker_fn+0x4fb/0xbe0 kthread+0x37d/0x470 ret_from_fork+0x507/0xb90 ret_from_fork_asm+0x11/0x20 Kernel panic - not syncing: kernel: panic_on_warn set ... CPU: 1 UID: 0 PID: 3 Comm: pool_workqueue_ Tainted: G L 7.0.0-rc1 #1 PREEMPT(full) Tainted: [L]=SOFTLOCKUP Hardware name: QEMU Ubuntu 24.04 PC v2 (i440FX + PIIX, arch_caps fix, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 Call Trace: __dump_stack+0x21/0x30 dump_stack_lvl+0x2b/0x150 dump_stack+0x19/0x20 vpanic+0x53e/0xa20 panic+0xb9/0xc0 __warn+0x320/0x500 __report_bug+0x28d/0x500 report_bug_entry+0x1a5/0x290 handle_bug+0xce/0x200 exc_invalid_op+0x1f/0x50 asm_exc_invalid_op+0x1f/0x30 RIP: 0010:__queue_work+0xd57/0xff0 Code: c5 18 4c 89 e8 48 c1 e8 03 42 80 3c 20 00 74 08 4c 89 ef e8 db 15 a0 00 49 8b 75 00 48 8b 55 a8 48 81 c2 78 01 00 00 4c 89 f7 <67> 48 0f b9 3a e9 f3 fe ff ff e8 4a cd 36 00 48 8d 3d 43 9a 06 0e RSP: 0018:ffffc900001f8bb0 EFLAGS: 00010086 RAX: 1ffff1100341314b RBX: 0000000000000100 RCX: ffff8880192f1d00 RDX: ffff88805f5fd978 RSI: ffffffff8a67ba00 RDI: ffffffff8f90ef60 RBP: ffffc900001f8c40 R08: ffffffff8f8dfdb7 R09: 1ffffffff1f1bfb6 R10: dffffc0000000000 R11: fffffbfff1f1bfb7 R12: dffffc0000000000 R13: ffff88801a098a58 R14: ffffffff8f90ef60 R15: 0000000000000008 delayed_work_timer_fn+0x65/0x90 call_timer_fn+0x167/0x640 __run_timer_base+0x641/0x860 run_timer_softirq+0xc0/0x180 handle_softirqs+0x226/0x870 __irq_exit_rcu+0x64/0x150 irq_exit_rcu+0xd/0x30 sysvec_apic_timer_interrupt+0x9b/0xc0 asm_sysvec_apic_timer_interrupt+0x1f/0x30 RIP: 0010:preempt_schedule_irq+0x4c/0xa0 Code: 49 be 00 00 00 00 00 fc ff df eb 09 48 f7 03 10 00 00 00 74 54 bf 01 00 00 00 e8 5f df 27 f6 e8 1a 9b 60 f6 fb bf 01 00 00 00 4f a7 ff ff 9c 58 fa a9 00 02 00 00 74 05 e8 e0 9c 60 f6 bf 01 RSP: 0018:ffffc9000014fb28 EFLAGS: 00000202 RAX: 00000000000ca7b5 RBX: ffffc9000014fbd8 RCX: 0000000000000001 RDX: 0000000000000000 RSI: ffffffff8d71009e RDI: 0000000000000001 RBP: ffffc9000014fb38 R08: ffffffff8f8dfdb7 R09: 1ffffffff1f1bfb6 R10: dffffc0000000000 R11: fffffbfff1f1bfb7 R12: 0000000000000000 R13: 0000000000000000 R14: dffffc0000000000 R15: 0000000000000000 raw_irqentry_exit_cond_resched+0x48/0x50 irqentry_exit+0x155/0x610 sysvec_reschedule_ipi+0xae/0xc0 asm_sysvec_reschedule_ipi+0x1f/0x30 RIP: 0010:lockdep_unregister_key+0x2d2/0x350 Code: 0b fe ff ff 89 c6 48 c7 c7 10 ea d6 92 e8 a6 c6 cb 09 90 e9 66 fe ff ff e8 2b 32 c9 09 41 f7 c4 00 02 00 00 74 bc fb 45 84 ff <75> bb eb cc 90 0f 0b 90 e9 2b ff ff ff 90 0f 0b 90 e9 38 ff ff ff RSP: 0018:ffffc9000014fc80 EFLAGS: 00000246 RAX: 0000000000000046 RBX: ffff888026d8b138 RCX: 0000000000000046 RDX: ffffffff90926578 RSI: ffffffff8d723c2c RDI: ffffffff8be59a80 RBP: ffffc9000014fcc0 R08: 0000000000000000 R09: ffffffff8df5b3e0 R10: ffffffff81ab1668 R11: fffffbfff1f1bfb7 R12: 0000000000000a47 R13: 0000000000001000 R14: ffff888026d8b139 R15: ffffffff90d26500 pwq_release_workfn+0x6e9/0x870 kthread_worker_fn+0x4fb/0xbe0 kthread+0x37d/0x470 ret_from_fork+0x507/0xb90 ret_from_fork_asm+0x11/0x20 Kernel Offset: disabled Rebooting in 86400 seconds.. <<<<<<<<<<<<<<< tail report >>>>>>>>>>>>>>>