Description of problem: I'm fighting with bluetoothd problems. Since some time the deamon freezes and it even hangs at shutdown, giving me as the only option tht of perform a hard shutdown. Additional info: reporter: libreport-2.17.10 BUG: kernel NULL pointer dereference, address: 0000000000000688 #PF: supervisor read access in kernel mode #PF: error_code(0x0000) - not-present page PGD 0 P4D 0 Oops: 0000 [#1] PREEMPT SMP NOPTI CPU: 4 PID: 2400 Comm: wireplumber Not tainted 6.2.15-300.fc38.x86_64 #1 Hardware name: LENOVO 20XXS3HC0G/20XXS3HC0G, BIOS N32ET83W (1.59 ) 02/09/2023 RIP: 0010:hci_send_sco+0x13/0xb0 [bluetooth] Code: e3 eb cf 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 44 00 00 41 56 49 89 fe 41 55 41 54 55 53 48 89 f3 <4c> 8b af 88 06 00 00 66 90 48 89 df be 03 00 00 00 45 0f b7 66 32 RSP: 0018:ffffb11582247c78 EFLAGS: 00010216 RAX: 0000000000000001 RBX: ffff9e383926db00 RCX: 0000000000000000 RDX: 0000000000000001 RSI: ffff9e383926db00 RDI: 0000000000000000 RBP: ffff9e38131d0c00 R08: ffffb11582247b08 R09: 0000000000000000 R10: 0000000000000038 R11: 0000000000000000 R12: ffff9e37c3f77080 R13: ffffb11582247d30 R14: 0000000000000000 R15: ffffb11582247d20 FS: 00007f49c125d6c0(0000) GS:ffff9e3ebf700000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000000000688 CR3: 00000001a5ffe005 CR4: 0000000000770ee0 PKRU: 55555554 Call Trace: <TASK> sco_sock_sendmsg+0x231/0x2e0 [bluetooth] sock_sendmsg+0x5c/0x70 __sys_sendto+0x11c/0x170 __x64_sys_sendto+0x20/0x30 do_syscall_64+0x59/0x90 ? vfs_read+0x239/0x310 ? ksys_read+0xd4/0xf0 ? syscall_exit_to_user_mode+0x17/0x40 ? do_syscall_64+0x68/0x90 entry_SYSCALL_64_after_hwframe+0x72/0xdc RIP: 0033:0x7f49cf13184a Code: e0 89 7d e8 89 4d d4 e8 54 42 f7 ff 44 8b 55 d4 48 8b 55 d8 45 31 c9 89 c3 48 8b 75 e0 8b 7d e8 45 31 c0 b8 2c 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 36 89 df 48 89 45 e8 e8 a3 42 f7 ff 48 8b 45 RSP: 002b:00007f49c125c900 EFLAGS: 00000246 ORIG_RAX: 000000000000002c RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f49cf13184a RDX: 000000000000003c RSI: 0000557ed6edfe6c RDI: 0000000000000038 RBP: 00007f49c125c930 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000004040 R11: 0000000000000246 R12: 000000000000003c R13: 0000557ed6edfe6c R14: 0000557ed6ef8fa0 R15: 0000000000000060 </TASK> Modules linked in: uinput rfcomm snd_seq_dummy snd_hrtimer nf_conntrack_netbios_ns nf_conntrack_broadcast nft_fib_inet nft_fib_ipv4 nft_fib_ipv6 nft_fib nft_reject_inet nf_reject_ipv4 nf_reject_ipv6 nft_reject nft_ct nft_chain_nat nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 ip_set nf_tables nfnetlink qrtr bnep sunrpc snd_ctl_led snd_soc_skl_hda_dsp snd_soc_intel_hda_dsp_common snd_soc_hdac_hdmi snd_sof_probes binfmt_misc vfat fat snd_hda_codec_hdmi snd_hda_codec_realtek snd_hda_codec_generic snd_soc_dmic snd_sof_pci_intel_tgl snd_sof_intel_hda_common soundwire_intel soundwire_generic_allocation soundwire_cadence snd_sof_intel_hda snd_sof_pci snd_sof_xtensa_dsp snd_sof snd_sof_utils snd_soc_hdac_hda iwlmvm snd_hda_ext_core intel_tcc_cooling snd_soc_acpi_intel_match iTCO_wdt snd_soc_acpi intel_pmc_bxt x86_pkg_temp_thermal mei_hdcp mei_pxp intel_powerclamp mei_wdt iTCO_vendor_support intel_rapl_msr soundwire_bus mac80211 coretemp pmt_telemetry pmt_class snd_soc_core kvm_intel snd_compress ac97_bus snd_pcm_dmaengine libarc4 uvcvideo kvm snd_hda_intel snd_intel_dspcfg snd_intel_sdw_acpi snd_hda_codec videobuf2_vmalloc btusb snd_hda_core irqbypass videobuf2_memops iwlwifi videobuf2_v4l2 rapl snd_hwdep btrtl btbcm processor_thermal_device_pci_legacy intel_cstate processor_thermal_device btintel snd_seq videobuf2_common processor_thermal_rfim snd_seq_device btmtk processor_thermal_mbox intel_uncore videodev snd_pcm pcspkr cfg80211 think_lmi mc firmware_attributes_class thinkpad_acpi bluetooth processor_thermal_rapl wmi_bmof i2c_i801 mei_me thunderbolt ledtrig_audio idma64 snd_timer platform_profile mei intel_rapl_common snd i2c_smbus rfkill intel_vsec igen6_edac intel_soc_dts_iosf soundcore int3403_thermal soc_button_array int340x_thermal_zone intel_hid sparse_keymap int3400_thermal acpi_thermal_rel acpi_tad acpi_pad joydev loop zram dm_crypt hid_logitech_hidpp i915 drm_buddy hid_logitech_dj crct10dif_pclmul drm_display_helper crc32_pclmul nvme crc32c_intel polyval_clmulni ucsi_acpi hid_multitouch polyval_generic ghash_clmulni_intel nvme_core cec typec_ucsi sha512_ssse3 typec i2c_hid_acpi ttm nvme_common i2c_hid video pinctrl_tigerlake wmi serio_raw ip6_tables ip_tables fuse CR2: 0000000000000688
Created attachment 1965382 [details] File: dmesg
Hi, Thank you for reporting the issue. This issue was caused by an uncompleted sync command when powering off the device. Some of the sync commands take a long time to finish their tasks. So, those commands should be canceled before powering off the device to prevent the NULL pointer access. I've applied the upstream patch to the F38 kernel and made a scratch build for you to test. Once the build task is done, you could download the rpm package through the following URL: https://koji.fedoraproject.org/koji/taskinfo?taskID=101329198 If it works for you, I'll submit those patches to the Fedora kernel. :)
Description of problem: audio stopped working. it's somehow related to bluetooth. and the bluetooth deamon stops and halts the shutdown, having an unbound graceperiod Version-Release number of selected component: kernel-core-6.2.15-300.fc38 Additional info: reporter: libreport-2.17.10 kernel: 6.2.15-300.fc38.x86_64 crash_function: sco_sock_sendmsg reason: BUG: kernel NULL pointer dereference, address: 0000000000000688 [bluetooth] type: Kerneloops cmdline: BOOT_IMAGE=(hd0,gpt2)/vmlinuz-6.2.15-300.fc38.x86_64 root=UUID=e5a64610-0f60-4ed6-95c0-be750705362e ro rootflags=subvol=root rd.luks.uuid=luks-5e01c370-74a9-441e-bb48-8e9690fd830b rhgb quiet package: kernel-core-6.2.15-300.fc38 runlevel: N 5 comment: audio stopped working. it's somehow related to bluetooth. and the bluetooth deamon stops and halts the shutdown, having an unbound graceperiod Truncated backtrace: #1 [TASK] sco_sock_sendmsg in bluetooth #2 [TASK] sock_sendmsg #3 [TASK] __sys_sendto #4 [TASK] __x64_sys_sendto #5 [TASK] do_syscall_64 #6 [TASK] ? __do_softirq #7 [TASK] ? __irq_exit_rcu #8 [TASK] entry_SYSCALL_64_after_hwframe
Description of problem: something related to bluetooth daemon that halted Version-Release number of selected component: kernel-core-6.2.15-300.fc38 Additional info: reporter: libreport-2.17.10 kernel: 6.2.15-300.fc38.x86_64 crash_function: sco_sock_sendmsg reason: BUG: kernel NULL pointer dereference, address: 0000000000000688 [bluetooth] type: Kerneloops cmdline: BOOT_IMAGE=(hd0,gpt2)/vmlinuz-6.2.15-300.fc38.x86_64 root=UUID=e5a64610-0f60-4ed6-95c0-be750705362e ro rootflags=subvol=root rd.luks.uuid=luks-5e01c370-74a9-441e-bb48-8e9690fd830b rhgb quiet package: kernel-core-6.2.15-300.fc38 runlevel: N 5 comment: something related to bluetooth daemon that halted Truncated backtrace: #1 [TASK] sco_sock_sendmsg in bluetooth #2 [TASK] sock_sendmsg #3 [TASK] __sys_sendto #4 [TASK] __x64_sys_sendto #5 [TASK] do_syscall_64 #6 [TASK] ? switch_fpu_return #7 [TASK] ? exit_to_user_mode_prepare #8 [TASK] ? syscall_exit_to_user_mode #9 [TASK] ? do_syscall_64 #10 [TASK] ? do_syscall_64 #11 [TASK] ? exc_page_fault #12 [TASK] entry_SYSCALL_64_after_hwframe
Description of problem: I *suspect* that this has something to do with bluetooth. The laptop crashed now 2x, each time I was trying to get a bluetooth device connected. So far I have not been able to reproduce reliably. Version-Release number of selected component: kernel-core-6.3.8-200.fc38 Additional info: reporter: libreport-2.17.10 cmdline: BOOT_IMAGE=(hd0,gpt2)/vmlinuz-6.3.8-200.fc38.x86_64 root=/dev/mapper/fedora_localhost--live-root ro resume=/dev/mapper/fedora_localhost--live-swap rd.lvm.lv=fedora_localhost-live/root rd.lvm.lv=fedora_localhost-live/swap rhgb quiet crash_function: __die kernel: 6.3.8-200.fc38.x86_64 package: kernel-core-6.3.8-200.fc38 type: Kerneloops reason: BUG: kernel NULL pointer dereference, address: 00000000000006a8 runlevel: N 5 Truncated backtrace: #1 [TASK] ? __die #2 [TASK] ? page_fault_oops #3 [TASK] ? exc_page_fault #4 [TASK] ? asm_exc_page_fault #5 [TASK] ? hci_send_sco in bluetooth #6 [TASK] sco_sock_sendmsg in bluetooth #7 [TASK] sock_sendmsg #8 [TASK] ? sockfd_lookup_light #9 [TASK] __sys_sendto #10 [TASK] __x64_sys_sendto #11 [TASK] do_syscall_64 #12 [TASK] ? handle_mm_fault #13 [TASK] ? do_user_addr_fault #14 [TASK] ? exc_page_fault #15 [TASK] entry_SYSCALL_64_after_hwframe
Description of problem: al reiniciar el equipo luego de una actualizacion se provoco el error Version-Release number of selected component: kernel-core-6.3.12-200.fc38 Additional info: reporter: libreport-2.17.11 runlevel: N 5 kernel: 6.3.12-200.fc38.x86_64 type: Kerneloops package: kernel-core-6.3.12-200.fc38 reason: BUG: kernel NULL pointer dereference, address: 00000000000006a8 cmdline: BOOT_IMAGE=(hd0,gpt5)/boot/vmlinuz-6.3.12-200.fc38.x86_64 root=UUID=07f333bb-2ec6-4bab-8b72-c8722192b1b5 ro resume=UUID=715299b5-c3cc-460f-b16b-d2c24ec53805 rhgb quiet comment: al reiniciar el equipo luego de una actualizacion se provoco el error crash_function: __die Truncated backtrace: #1 [TASK] ? __die #2 [TASK] ? page_fault_oops #3 [TASK] ? exc_page_fault #4 [TASK] ? asm_exc_page_fault #5 [TASK] ? hci_send_sco in bluetooth #6 [TASK] sco_sock_sendmsg in bluetooth #7 [TASK] sock_sendmsg #8 [TASK] ? sockfd_lookup_light #9 [TASK] __sys_sendto #10 [TASK] __x64_sys_sendto #11 [TASK] do_syscall_64 #12 [TASK] ? do_syscall_64 #13 [TASK] ? exc_page_fault #14 [TASK] entry_SYSCALL_64_after_hwframe