syzbot


WARNING in corrupted (3)

Status: fixed on 2023/10/12 12:47
Subsystems: usb
[Documentation on labels]
Reported-by: syzbot+27b0b464864741b18b99@syzkaller.appspotmail.com
Fix commit: 6f489a966fbe media: usb: siano: Fix warning due to null work_func_t function pointer
First crash: 315d, last: 264d
Cause bisection: introduced by (bisect log) :
commit ebad8e731c1c06adf04621d6fd327b860c0861b5
Author: Duoming Zhou <duoming@zju.edu.cn>
Date: Mon Jan 23 02:04:38 2023 +0000

  media: usb: siano: Fix use after free bugs caused by do_submit_urb

Crash: WARNING in smsusb_term_device (log)
Repro: C syz .config
  
Discussions (2)
Title Replies (including bot) Last reply
[PATCH RESEND] media: usb: siano: Fix warning due to null work_func_t function pointer 1 (1) 2023/05/22 23:59
[syzbot] [usb?] WARNING in corrupted (3) 0 (1) 2023/05/22 21:06
Similar bugs (8)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
linux-4.19 WARNING in corrupted (2) C done 1 1309d 1309d 1/1 fixed on 2020/09/28 07:49
upstream WARNING in corrupted (2) kernel C done 40 375d 1578d 0/26 closed as dup on 2020/06/28 17:00
linux-4.19 WARNING in corrupted syz done 25 1635d 1787d 1/1 fixed on 2019/12/17 20:23
linux-4.14 WARNING in corrupted gfs2 C inconclusive 70 389d 1754d 0/1 upstream: reported C repro on 2019/06/10 00:20
linux-5.15 WARNING in corrupted C done 3 261d 376d 3/3 fixed on 2023/09/23 10:19
android-414 WARNING in corrupted C 5 1702d 1749d 0/1 public: reported C repro on 2019/06/14 15:02
linux-6.1 WARNING in corrupted C done 3 257d 376d 3/3 fixed on 2023/09/27 12:10
upstream WARNING in corrupted fs usb C 2 1722d 1722d 0/26 closed as invalid on 2019/08/01 15:17

Sample crash report:
usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
usb 1-1: Product: syz
usb 1-1: Manufacturer: syz
usb 1-1: SerialNumber: syz
usb 1-1: config 0 descriptor??
smsusb:smsusb_probe: board id=8, interface number 0
------------[ cut here ]------------
WARNING: CPU: 0 PID: 7 at kernel/workqueue.c:3182 __flush_work+0x946/0xb60 kernel/workqueue.c:3182
Modules linked in:
CPU: 0 PID: 7 Comm: kworker/0:0 Not tainted 6.4.0-rc5-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
Workqueue: usb_hub_wq hub_event
RIP: 0010:__flush_work+0x946/0xb60 kernel/workqueue.c:3182
Code: 00 48 c7 c6 0b f8 53 81 48 c7 c7 c0 90 79 8c e8 d0 ef 11 00 e9 6f fc ff ff e8 06 4e 30 00 0f 0b e9 63 fc ff ff e8 fa 4d 30 00 <0f> 0b 45 31 ed e9 54 fc ff ff e8 cb 16 83 00 e9 3e fb ff ff e8 e1
RSP: 0018:ffffc900000c6c08 EFLAGS: 00010293
RAX: 0000000000000000 RBX: ffff88802bed40e8 RCX: 0000000000000000
RDX: ffff88801627bb80 RSI: ffffffff8153f846 RDI: 0000000000000001
RBP: ffffc900000c6da0 R08: 0000000000000001 R09: 0000000000000000
R10: 0000000000000001 R11: ffffffff810055ef R12: ffff88802bed40e8
R13: 0000000000000001 R14: 0000000000000001 R15: ffff88802bed4100
FS:  0000000000000000(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000055d72c82ab40 CR3: 00000000274f9000 CR4: 0000000000350ef0
Call Trace:
 <TASK>

Crashes (19):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2023/06/05 17:11 upstream 9561de3a55be a4ae4f42 .config strace log report syz C [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root WARNING in corrupted
2023/06/05 16:25 upstream 9561de3a55be a4ae4f42 .config strace log report syz C [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root WARNING in corrupted
2023/05/23 05:27 upstream 421ca22e3138 4bce1a3e .config strace log report syz C ci-upstream-kasan-gce-root WARNING in corrupted
2023/05/23 05:05 upstream 421ca22e3138 4bce1a3e .config strace log report syz C ci-upstream-kasan-gce-root WARNING in corrupted
2023/05/23 04:54 upstream 421ca22e3138 4bce1a3e .config strace log report syz C ci-upstream-kasan-gce-root WARNING in corrupted
2023/05/23 04:33 upstream 421ca22e3138 4bce1a3e .config strace log report syz C ci-upstream-kasan-gce-root WARNING in corrupted
2023/05/23 04:15 upstream 421ca22e3138 4bce1a3e .config strace log report syz C ci-upstream-kasan-gce-root WARNING in corrupted
2023/05/19 00:40 upstream 4d6d4c7f541d 3bb7af1d .config strace log report syz C [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root WARNING in corrupted
2023/05/18 22:23 upstream 4d6d4c7f541d 3bb7af1d .config strace log report syz C [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root WARNING in corrupted
2023/05/18 21:02 upstream 4d6d4c7f541d 3bb7af1d .config strace log report syz C [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root WARNING in corrupted
2023/07/09 08:06 linux-next 123212f53f3e 668cb1fa .config console log report syz C [disk image] [vmlinux] [kernel image] ci-upstream-linux-next-kasan-gce-root WARNING in corrupted
2023/06/08 20:02 linux-next 715abedee4cd 7086cdb9 .config strace log report syz C [disk image] [vmlinux] [kernel image] ci-upstream-linux-next-kasan-gce-root WARNING in corrupted
2023/06/08 19:39 linux-next 715abedee4cd 7086cdb9 .config strace log report syz C [disk image] [vmlinux] [kernel image] ci-upstream-linux-next-kasan-gce-root WARNING in corrupted
2023/06/08 19:17 linux-next 715abedee4cd 7086cdb9 .config strace log report syz C [disk image] [vmlinux] [kernel image] ci-upstream-linux-next-kasan-gce-root WARNING in corrupted
2023/06/08 18:52 linux-next 715abedee4cd 7086cdb9 .config strace log report syz C [disk image] [vmlinux] [kernel image] ci-upstream-linux-next-kasan-gce-root WARNING in corrupted
2023/06/08 18:25 linux-next 715abedee4cd 7086cdb9 .config strace log report syz C [disk image] [vmlinux] [kernel image] ci-upstream-linux-next-kasan-gce-root WARNING in corrupted
2023/06/05 19:43 linux-next 715abedee4cd a4ae4f42 .config strace log report syz C [disk image] [vmlinux] [kernel image] ci-upstream-linux-next-kasan-gce-root WARNING in corrupted
2023/06/05 15:31 linux-next 715abedee4cd a4ae4f42 .config strace log report syz C [disk image] [vmlinux] [kernel image] ci-upstream-linux-next-kasan-gce-root WARNING in corrupted
2023/06/05 13:43 linux-next 715abedee4cd a4ae4f42 .config strace log report syz C [disk image] [vmlinux] [kernel image] ci-upstream-linux-next-kasan-gce-root WARNING in corrupted
* Struck through repros no longer work on HEAD.