[REGRESSION] RIP: 0010:hidinput_setup_battery.isra.0+0x6d/0x370 [hid]
From: Tj <hidden>
Date: 2026-06-02 10:24:24
Also in:
linux-bluetooth, lkml, regressions
Hitting this repeatedly with v7.1-rc6. Do not have time right now to bisect it (and there are two other regressions at the same time). Symptom is unable to use the Bluetooth keyboard. It *seems* to be related to the Bluetooth keyboard - trying to shutdown hangs for 6 minutes whilst systemd tries to kill bluetooth.service but fails and then fails to power-off (see end of log extracts). I'm not sure why I see 'samsung_probe' in the call trace since neither the Bluetooth host adapter nor the keyboard are Samsung but maybe some change related to that is causing this. Jun 02 09:25:54 sunny kernel: BUG: unable to handle page fault for address: ffffffffffffffe4 Jun 02 09:25:54 sunny kernel: #PF: supervisor read access in kernel mode Jun 02 09:25:54 sunny kernel: #PF: error_code(0x0000) - not-present page Jun 02 09:25:54 sunny kernel: Oops: Oops: 0000 [#1] SMP NOPTI Jun 02 09:25:54 sunny kernel: CPU: 11 UID: 0 PID: 4009 Comm: (udev-worker) Tainted: G W OE 7.1.0-rc6+debian+tj #446 PREEMPT(lazy) Jun 02 09:25:54 sunny kernel: Tainted: [W]=WARN, [O]=OOT_MODULE, [E]=UNSIGNED_MODULE Jun 02 09:25:54 sunny kernel: Hardware name: System manufacturer System Product Name/PRIME X370-PRO, BIOS 6254 01/05/2026 Jun 02 09:25:54 sunny kernel: RIP: 0010:hidinput_setup_battery.isra.0+0x6d/0x370 [hid] Jun 02 09:25:54 sunny kernel: Code: 48 ab 48 8b 42 68 48 8b 95 18 1c 00 00 8b 48 30 48 39 d3 74 45 48 8d 42 c8 eb 0f 66 90 48 8b 50 38 48 8d 42 c8 48 39 d3 74 30 <3b> 48 1c 75 ee 48 85 c0 74 26> Jun 02 09:25:54 sunny kernel: RSP: 0018:ffffceacce2c7628 EFLAGS: 00010286 Jun 02 09:25:54 sunny kernel: RAX: ffffffffffffffc8 RBX: ffff8b4856a83c18 RCX: 0000000000000003 Jun 02 09:25:54 sunny kernel: RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffceacce2c7680 Jun 02 09:25:54 sunny kernel: RBP: ffff8b4856a82000 R08: ffffceacce2c7730 R09: ffffceacce2c772c Jun 02 09:25:54 sunny kernel: R10: ffff8b488f290488 R11: ffff8b478bec9000 R12: ffffceacce2c7650 Jun 02 09:25:54 sunny kernel: R13: 0000000000000000 R14: 0000000000000000 R15: ffff8b47e6307b00 Jun 02 09:25:54 sunny kernel: FS: 00007f6ee16439c0(0000) GS:ffff8b4ed8fd0000(0000) knlGS:0000000000000000 Jun 02 09:25:54 sunny kernel: CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 Jun 02 09:25:54 sunny kernel: CR2: ffffffffffffffe4 CR3: 000000010b1c1000 CR4: 0000000000350ef0 Jun 02 09:25:54 sunny kernel: Call Trace: Jun 02 09:25:54 sunny kernel: <TASK> Jun 02 09:25:54 sunny kernel: ? srso_return_thunk+0x5/0x5f Jun 02 09:25:54 sunny kernel: ? dev_set_name+0x5c/0x80 Jun 02 09:25:54 sunny kernel: hidinput_connect+0x935/0x5fb0 [hid] Jun 02 09:25:54 sunny kernel: hid_connect+0x3d5/0x6a0 [hid] Jun 02 09:25:54 sunny kernel: ? srso_return_thunk+0x5/0x5f Jun 02 09:25:54 sunny kernel: ? __wake_up_common+0x78/0xa0 Jun 02 09:25:54 sunny kernel: hid_hw_start+0x40/0x70 [hid] Jun 02 09:25:54 sunny kernel: samsung_probe+0x31/0x70 [hid_samsung] Jun 02 09:25:54 sunny kernel: ? srso_return_thunk+0x5/0x5f Jun 02 09:25:54 sunny kernel: hid_device_probe+0x18d/0x220 [hid] Jun 02 09:25:54 sunny kernel: ? __pfx___device_attach_driver+0x10/0x10 Jun 02 09:25:54 sunny kernel: really_probe+0xde/0x380 Jun 02 09:25:54 sunny kernel: ? srso_return_thunk+0x5/0x5f Jun 02 09:25:54 sunny kernel: __driver_probe_device+0x84/0x150 Jun 02 09:25:54 sunny kernel: driver_probe_device+0x1f/0xa0 Jun 02 09:25:54 sunny kernel: __device_attach_driver+0x89/0x130 Jun 02 09:25:54 sunny kernel: bus_for_each_drv+0x97/0xf0 Jun 02 09:25:54 sunny kernel: __device_attach+0xaf/0x1c0 Jun 02 09:25:54 sunny kernel: ? __pfx___hid_bus_reprobe_drivers+0x10/0x10 [hid] Jun 02 09:25:54 sunny kernel: device_reprobe+0x4e/0x90 Jun 02 09:25:54 sunny kernel: ? __hid_bus_reprobe_drivers+0x3c/0x60 [hid] Jun 02 09:25:54 sunny kernel: bus_for_each_dev+0x8e/0xe0 Jun 02 09:25:54 sunny kernel: ? __pfx___hid_bus_driver_added+0x10/0x10 [hid] Jun 02 09:25:54 sunny kernel: __hid_bus_driver_added+0x2f/0x40 [hid] Jun 02 09:25:54 sunny kernel: bus_for_each_drv+0x97/0xf0 Jun 02 09:25:54 sunny kernel: __hid_register_driver+0x74/0x80 [hid] Jun 02 09:25:54 sunny kernel: ? __pfx_samsung_driver_init+0x10/0x10 [hid_samsung] Jun 02 09:25:54 sunny kernel: do_one_initcall+0x5c/0x320 Jun 02 09:25:54 sunny kernel: do_init_module+0x60/0x250 Jun 02 09:25:54 sunny kernel: init_module_from_file+0xd6/0x130 Jun 02 09:25:54 sunny kernel: idempotent_init_module+0x114/0x310 Jun 02 09:25:54 sunny kernel: __x64_sys_finit_module+0x71/0xe0 Jun 02 09:25:54 sunny kernel: do_syscall_64+0xea/0x640 Jun 02 09:25:54 sunny kernel: ? srso_return_thunk+0x5/0x5f Jun 02 09:25:54 sunny kernel: ? do_fault+0x341/0x530 Jun 02 09:25:54 sunny kernel: ? srso_return_thunk+0x5/0x5f Jun 02 09:25:54 sunny kernel: ? __handle_mm_fault+0x977/0xf80 Jun 02 09:25:54 sunny kernel: ? __memcg_slab_free_hook+0x16d/0x1c0 Jun 02 09:25:54 sunny kernel: ? srso_return_thunk+0x5/0x5f Jun 02 09:25:54 sunny kernel: ? count_memcg_events+0xe5/0x1b0 Jun 02 09:25:54 sunny kernel: ? srso_return_thunk+0x5/0x5f Jun 02 09:25:54 sunny kernel: ? __seccomp_filter+0x42/0x5d0 Jun 02 09:25:54 sunny kernel: ? handle_mm_fault+0x1e2/0x2e0 Jun 02 09:25:54 sunny kernel: ? srso_return_thunk+0x5/0x5f Jun 02 09:25:54 sunny kernel: ? do_syscall_64+0x9f/0x640 Jun 02 09:25:54 sunny kernel: entry_SYSCALL_64_after_hwframe+0x76/0x7e Jun 02 09:25:54 sunny kernel: RIP: 0033:0x7f6ee111a7b9 Jun 02 09:25:54 sunny kernel: Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48> Jun 02 09:25:54 sunny kernel: RSP: 002b:00007ffe6dd96398 EFLAGS: 00000246 ORIG_RAX: 0000000000000139 Jun 02 09:25:54 sunny kernel: RAX: ffffffffffffffda RBX: 0000556830869b90 RCX: 00007f6ee111a7b9 Jun 02 09:25:54 sunny kernel: RDX: 0000000000000004 RSI: 00007f6ee16ed44d RDI: 0000000000000012 Jun 02 09:25:54 sunny kernel: RBP: 0000000000000004 R08: 0000000000000000 R09: 0000556830667bd0 Jun 02 09:25:54 sunny kernel: R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6ee16ed44d Jun 02 09:25:54 sunny kernel: R13: 0000000000020000 R14: 00005568307db670 R15: 0000000000000000 Jun 02 09:25:54 sunny kernel: </TASK> Jun 02 09:25:54 sunny kernel: Modules linked in: hid_samsung(+) snd_seq_dummy snd_hrtimer snd_seq snd_seq_device uinput rpcsec_gss_krb5 nfsv4 dns_resolver nfs netfs rdma_ucm ib_uverbs rdma_cm i> Jun 02 09:25:54 sunny kernel: uvcvideo wmi_bmof watchdog snd_timer igb rfkill uas mii pcspkr mxm_wmi videobuf2_vmalloc snd ccp k10temp uvc i2c_piix4 dca videobuf2_memops soundcore videobuf2_v4> Jun 02 09:25:54 sunny kernel: CR2: ffffffffffffffe4 Jun 02 09:25:54 sunny kernel: ---[ end trace 0000000000000000 ]--- Jun 02 09:25:54 sunny kernel: RIP: 0010:hidinput_setup_battery.isra.0+0x6d/0x370 [hid] Jun 02 09:25:54 sunny kernel: Code: 48 ab 48 8b 42 68 48 8b 95 18 1c 00 00 8b 48 30 48 39 d3 74 45 48 8d 42 c8 eb 0f 66 90 48 8b 50 38 48 8d 42 c8 48 39 d3 74 30 <3b> 48 1c 75 ee 48 85 c0 74 26> Jun 02 09:25:54 sunny kernel: RSP: 0018:ffffceacce2c7628 EFLAGS: 00010286 Jun 02 09:25:54 sunny kernel: RAX: ffffffffffffffc8 RBX: ffff8b4856a83c18 RCX: 0000000000000003 Jun 02 09:25:54 sunny kernel: RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffceacce2c7680 Jun 02 09:25:54 sunny kernel: RBP: ffff8b4856a82000 R08: ffffceacce2c7730 R09: ffffceacce2c772c Jun 02 09:25:54 sunny kernel: R10: ffff8b488f290488 R11: ffff8b478bec9000 R12: ffffceacce2c7650 Jun 02 09:25:54 sunny kernel: R13: 0000000000000000 R14: 0000000000000000 R15: ffff8b47e6307b00 Jun 02 09:25:54 sunny kernel: FS: 00007f6ee16439c0(0000) GS:ffff8b4ed8fd0000(0000) knlGS:0000000000000000 Jun 02 09:25:54 sunny kernel: CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 Jun 02 09:25:54 sunny kernel: CR2: ffffffffffffffe4 CR3: 000000010b1c1000 CR4: 0000000000350ef0 Jun 02 09:25:54 sunny systemd-udevd[1703]: 0005:04E8:7021.0006: Worker [4009] terminated by signal 9 (KILL). Jun 02 09:29:16 sunny rpc.idmapd[3093]: exiting on signal 15 Jun 02 09:30:45 sunny systemd[1]: bluetooth.service: State 'stop-sigterm' timed out. Killing. Jun 02 09:32:15 sunny systemd[1]: bluetooth.service: Processes still around after SIGKILL. Ignoring. Jun 02 09:33:45 sunny systemd[1]: bluetooth.service: State 'final-sigterm' timed out. Killing. Jun 02 09:35:15 sunny systemd[1]: bluetooth.service: Processes still around after final SIGKILL. Entering failed mode. Jun 02 09:35:15 sunny systemd[1]: bluetooth.service: Failed with result 'timeout'.