syzbot

 sign-in | mailing list | source | docs
🐞 Open [717]
🐞 Fixed [181]
🐞 Invalid [640]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
💬 Send us feedback

BUG: unable to handle kernel NULL pointer dereference in event_handler

Status: upstream: reported C repro on 2020/10/03 08:25
Reported-by: syzbot+5c11c5a041e12da1e271@syzkaller.appspotmail.com
First crash: 1545d, last: 676d
Fix bisection attempts (25)
Created Duration User Patch Repo Result
2023/02/19 03:40 35m bisect fix linux-4.14.y OK (0) job log log
2023/01/19 21:26 26m bisect fix linux-4.14.y OK (0) job log log
2022/10/26 18:35 38m bisect fix linux-4.14.y OK (0) job log log
2022/09/17 07:21 25m bisect fix linux-4.14.y OK (0) job log log
2022/08/18 06:00 35m bisect fix linux-4.14.y OK (0) job log log
2022/07/19 05:25 34m bisect fix linux-4.14.y OK (0) job log log
2022/06/19 04:50 34m bisect fix linux-4.14.y OK (0) job log log
2022/05/20 04:25 24m bisect fix linux-4.14.y OK (0) job log log
2022/04/20 04:01 24m bisect fix linux-4.14.y OK (0) job log log
2022/03/20 19:54 34m bisect fix linux-4.14.y OK (0) job log log
2022/02/18 16:40 25m bisect fix linux-4.14.y OK (0) job log log
2022/01/19 16:14 25m bisect fix linux-4.14.y OK (0) job log log
2021/12/20 15:46 27m bisect fix linux-4.14.y OK (0) job log log
2021/11/20 15:20 25m bisect fix linux-4.14.y OK (0) job log log
2021/10/21 14:53 26m bisect fix linux-4.14.y OK (0) job log log
2021/09/21 14:22 30m bisect fix linux-4.14.y OK (0) job log log
2021/08/22 06:31 27m bisect fix linux-4.14.y OK (0) job log log
2021/07/23 05:11 29m bisect fix linux-4.14.y OK (0) job log log
2021/06/23 04:20 19m bisect fix linux-4.14.y OK (0) job log log
2021/05/24 03:57 22m bisect fix linux-4.14.y OK (0) job log log
2021/04/23 17:24 33m bisect fix linux-4.14.y OK (0) job log log
2021/03/24 16:52 30m bisect fix linux-4.14.y OK (0) job log log
2021/02/22 16:23 29m bisect fix linux-4.14.y OK (0) job log log
2021/02/18 19:51 18m bisect fix linux-4.14.y error job log
2021/02/14 18:27 0m bisect fix linux-4.14.y error job log

Sample crash report:
vhci_hcd vhci_hcd.0: port 2 already used
vhci_hcd vhci_hcd.0: port 1 already used
vhci_hcd vhci_hcd.0: pdev(0) rhport(3) sockfd(5)
vhci_hcd vhci_hcd.0: port 3 already used
vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
BUG: unable to handle kernel NULL pointer dereference at 000000000000001c
vhci_hcd vhci_hcd.0: port 0 already used
IP: atomic_inc arch/x86/include/asm/atomic.h:92 [inline]
IP: kthread_stop+0x47/0x640 kernel/kthread.c:525
PGD aa6df067 P4D aa6df067 PUD aa6d4067 PMD 0 
Oops: 0002 [#1] PREEMPT SMP KASAN
Modules linked in:
CPU: 1 PID: 364 Comm: kworker/u4:3 Not tainted 4.14.202-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Workqueue: usbip_event event_handler
task: ffff8880b493e080 task.stack: ffff8880b4948000
RIP: 0010:atomic_inc arch/x86/include/asm/atomic.h:92 [inline]
RIP: 0010:kthread_stop+0x47/0x640 kernel/kthread.c:525
RSP: 0018:ffff8880b494fc70 EFLAGS: 00010297
vhci_hcd vhci_hcd.0: port 2 already used
RAX: ffff8880b493e080 RBX: 0000000000000001 RCX: 0000000000000000
RDX: 0000000000000000 RSI: 00000000ffffffff RDI: 0000000000000282
RBP: fffffffffffffffc R08: ffffffff8ae0a060 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: ffff8880a9c88e98
R13: ffff8880a9c88e88 R14: fffffbfff1923f40 R15: ffffffff89859260
FS:  0000000000000000(0000) GS:ffff8880ba500000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000000000000001c CR3: 00000000ac0db000 CR4: 00000000001406e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 vhci_shutdown_connection+0x12a/0x240 drivers/usb/usbip/vhci_hcd.c:1035
vhci_hcd vhci_hcd.0: port 1 already used
 event_handler+0x1c3/0x4a0 drivers/usb/usbip/usbip_event.c:92
vhci_hcd vhci_hcd.0: port 2 already used
 process_one_work+0x793/0x14a0 kernel/workqueue.c:2116
 worker_thread+0x5cc/0xff0 kernel/workqueue.c:2250
 kthread+0x30d/0x420 kernel/kthread.c:232
vhci_hcd vhci_hcd.0: port 0 already used
 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:404
Code: 00 65 8b 
vhci_hcd vhci_hcd.0: port 1 already used
1d 2c 1a c9 7e 83 fb 07 0f 87 5b 04 00 00 e8 8e d5 1e 00 89 db 48 0f a3 1d 3c 55 d0 08 0f 82 a2 03 00 
vhci_hcd vhci_hcd.0: port 3 already used
00 e8 79 d5 1e 00 <f0> ff 45 20 48 8d 7d 24 48 b8 00 00 00 00 00 fc ff df 48 89 fa 
RIP: atomic_inc arch/x86/include/asm/atomic.h:92 [inline] RSP: ffff8880b494fc70
RIP: kthread_stop+0x47/0x640 kernel/kthread.c:525 RSP: ffff8880b494fc70
CR2: 000000000000001c
---[ end trace 496bf0aa11fcfd44 ]---

Crashes (1376):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2020/10/26 15:27 linux-4.14.y 5b7a52cd2eef a7aac492 .config console log report syz C ci2-linux-4-14
2020/10/15 14:10 linux-4.14.y cbfa1702aaf6 63869021 .config console log report syz C ci2-linux-4-14
2020/12/13 09:41 linux-4.14.y 3f2ecb86cb90 bca53db9 .config console log report syz ci2-linux-4-14
2020/12/08 12:37 linux-4.14.y c196b3a9c83a 9af51e31 .config console log report syz ci2-linux-4-14
2020/12/08 03:16 linux-4.14.y c196b3a9c83a 51a9082e .config console log report syz ci2-linux-4-14
2020/12/07 00:57 linux-4.14.y c196b3a9c83a c521566d .config console log report syz ci2-linux-4-14
2020/12/05 18:17 linux-4.14.y c196b3a9c83a 0ef84591 .config console log report syz ci2-linux-4-14
2020/12/05 10:20 linux-4.14.y c196b3a9c83a 0ef84591 .config console log report syz ci2-linux-4-14
2020/12/05 06:28 linux-4.14.y c196b3a9c83a 20366b87 .config console log report syz ci2-linux-4-14
2020/12/03 19:40 linux-4.14.y c196b3a9c83a 59ad4022 .config console log report syz ci2-linux-4-14
2020/12/03 07:32 linux-4.14.y c196b3a9c83a 8c9190ef .config console log report syz ci2-linux-4-14
2020/12/02 20:58 linux-4.14.y c196b3a9c83a eff43e99 .config console log report syz ci2-linux-4-14
2020/12/01 22:28 linux-4.14.y 87335852c5d9 07bfe8a5 .config console log report syz ci2-linux-4-14
2020/12/01 17:49 linux-4.14.y 87335852c5d9 07bfe8a5 .config console log report syz ci2-linux-4-14
2020/11/28 14:47 linux-4.14.y 87335852c5d9 3c7136c0 .config console log report syz ci2-linux-4-14
2020/11/26 17:02 linux-4.14.y 87335852c5d9 2f1cec62 .config console log report syz ci2-linux-4-14
2020/11/17 09:07 linux-4.14.y 27ce4f2a6817 1bf9a662 .config console log report syz ci2-linux-4-14
2020/11/17 07:26 linux-4.14.y 27ce4f2a6817 1bf9a662 .config console log report syz ci2-linux-4-14
2020/11/15 18:58 linux-4.14.y 27ce4f2a6817 1bf9a662 .config console log report syz ci2-linux-4-14
2020/11/13 14:51 linux-4.14.y 27ce4f2a6817 4a7fa9b4 .config console log report syz ci2-linux-4-14
2020/11/13 07:18 linux-4.14.y 27ce4f2a6817 16fca0c8 .config console log report syz ci2-linux-4-14
2020/11/12 17:06 linux-4.14.y 27ce4f2a6817 77a55c8e .config console log report syz ci2-linux-4-14
2020/11/08 00:29 linux-4.14.y 6b6446efedb2 cba33199 .config console log report syz ci2-linux-4-14
2020/11/08 00:18 linux-4.14.y 6b6446efedb2 cba33199 .config console log report syz ci2-linux-4-14
2020/11/04 05:24 linux-4.14.y 2b7915014161 cba33199 .config console log report syz ci2-linux-4-14
2020/11/02 08:00 linux-4.14.y 2b7915014161 8bc4594f .config console log report syz ci2-linux-4-14
2020/10/26 22:56 linux-4.14.y 5b7a52cd2eef 8b3eaf58 .config console log report syz ci2-linux-4-14
2020/10/26 21:01 linux-4.14.y 5b7a52cd2eef a7aac492 .config console log report syz ci2-linux-4-14
2020/10/26 20:38 linux-4.14.y 5b7a52cd2eef a7aac492 .config console log report syz ci2-linux-4-14
2020/10/26 20:00 linux-4.14.y 5b7a52cd2eef a7aac492 .config console log report syz ci2-linux-4-14
2020/10/26 17:45 linux-4.14.y 5b7a52cd2eef a7aac492 .config console log report syz ci2-linux-4-14
2020/10/26 16:35 linux-4.14.y 5b7a52cd2eef a7aac492 .config console log report syz ci2-linux-4-14
2020/10/26 15:08 linux-4.14.y 5b7a52cd2eef a7aac492 .config console log report syz ci2-linux-4-14
2020/10/26 12:25 linux-4.14.y 5b7a52cd2eef a7aac492 .config console log report syz ci2-linux-4-14
2020/10/26 12:14 linux-4.14.y 5b7a52cd2eef a7aac492 .config console log report syz ci2-linux-4-14
2020/10/26 12:04 linux-4.14.y 5b7a52cd2eef a7aac492 .config console log report syz ci2-linux-4-14
2020/10/26 09:01 linux-4.14.y 5b7a52cd2eef a1839e81 .config console log report syz ci2-linux-4-14
2020/10/26 08:50 linux-4.14.y 5b7a52cd2eef a1839e81 .config console log report syz ci2-linux-4-14
2020/10/26 08:24 linux-4.14.y 5b7a52cd2eef a1839e81 .config console log report syz ci2-linux-4-14
2020/10/26 08:13 linux-4.14.y 5b7a52cd2eef a1839e81 .config console log report syz ci2-linux-4-14
2020/10/26 06:48 linux-4.14.y 5b7a52cd2eef a1839e81 .config console log report syz ci2-linux-4-14
2020/10/26 01:09 linux-4.14.y 5b7a52cd2eef a1839e81 .config console log report syz ci2-linux-4-14
2020/10/03 09:04 linux-4.14.y cbfa1702aaf6 2653fa43 .config console log report syz ci2-linux-4-14
2020/12/16 17:42 linux-4.14.y 3f2ecb86cb90 649595c6 .config console log report info ci2-linux-4-14
2020/12/16 16:33 linux-4.14.y 3f2ecb86cb90 649595c6 .config console log report info ci2-linux-4-14
2020/12/16 10:48 linux-4.14.y 3f2ecb86cb90 649595c6 .config console log report info ci2-linux-4-14
2020/12/16 07:43 linux-4.14.y 3f2ecb86cb90 649595c6 .config console log report info ci2-linux-4-14
2020/12/16 04:59 linux-4.14.y 3f2ecb86cb90 f213e07e .config console log report info ci2-linux-4-14
2020/12/12 08:48 linux-4.14.y 3f2ecb86cb90 bca53db9 .config console log report info ci2-linux-4-14
2020/12/11 17:29 linux-4.14.y 3f2ecb86cb90 ba24ffcd .config console log report info ci2-linux-4-14
2020/12/09 19:43 linux-4.14.y 47cbf4cc32db 99917735 .config console log report info ci2-linux-4-14
2020/12/09 18:24 linux-4.14.y 47cbf4cc32db 99917735 .config console log report info ci2-linux-4-14
2020/12/09 18:14 linux-4.14.y 47cbf4cc32db 99917735 .config console log report info ci2-linux-4-14
2020/12/09 11:41 linux-4.14.y 47cbf4cc32db 99917735 .config console log report info ci2-linux-4-14
2020/12/09 10:22 linux-4.14.y 47cbf4cc32db 99917735 .config console log report info ci2-linux-4-14
2020/12/09 06:03 linux-4.14.y 47cbf4cc32db 40cc414d .config console log report info ci2-linux-4-14
2020/12/09 04:06 linux-4.14.y 47cbf4cc32db 40cc414d .config console log report info ci2-linux-4-14
2020/12/08 23:37 linux-4.14.y 47cbf4cc32db 40cc414d .config console log report info ci2-linux-4-14
2020/12/08 19:19 linux-4.14.y 47cbf4cc32db 9af51e31 .config console log report info ci2-linux-4-14
2020/12/08 18:01 linux-4.14.y 47cbf4cc32db 9af51e31 .config console log report info ci2-linux-4-14
2020/12/08 15:45 linux-4.14.y 47cbf4cc32db 9af51e31 .config console log report info ci2-linux-4-14
2020/12/07 21:27 linux-4.14.y c196b3a9c83a 51a9082e .config console log report info ci2-linux-4-14
2020/12/07 18:24 linux-4.14.y c196b3a9c83a f80ce148 .config console log report info ci2-linux-4-14
2020/12/07 17:48 linux-4.14.y c196b3a9c83a f80ce148 .config console log report info ci2-linux-4-14
2020/12/07 13:08 linux-4.14.y c196b3a9c83a f80ce148 .config console log report info ci2-linux-4-14
2020/12/07 03:44 linux-4.14.y c196b3a9c83a c521566d .config console log report info ci2-linux-4-14
2020/12/07 02:20 linux-4.14.y c196b3a9c83a c521566d .config console log report info ci2-linux-4-14
2020/12/06 21:54 linux-4.14.y c196b3a9c83a c521566d .config console log report info ci2-linux-4-14
2020/12/06 14:38 linux-4.14.y c196b3a9c83a f12ba0c5 .config console log report info ci2-linux-4-14
2020/12/06 11:57 linux-4.14.y c196b3a9c83a f12ba0c5 .config console log report info ci2-linux-4-14
2020/12/06 08:47 linux-4.14.y c196b3a9c83a f12ba0c5 .config console log report info ci2-linux-4-14
2020/12/06 05:46 linux-4.14.y c196b3a9c83a 50503117 .config console log report info ci2-linux-4-14
2020/12/06 04:19 linux-4.14.y c196b3a9c83a 50503117 .config console log report info ci2-linux-4-14
2020/12/05 23:19 linux-4.14.y c196b3a9c83a 50503117 .config console log report info ci2-linux-4-14
2020/12/05 19:40 linux-4.14.y c196b3a9c83a 50503117 .config console log report info ci2-linux-4-14
2020/12/05 17:18 linux-4.14.y c196b3a9c83a 0ef84591 .config console log report info ci2-linux-4-14
2020/12/05 14:49 linux-4.14.y c196b3a9c83a 0ef84591 .config console log report info ci2-linux-4-14
2020/12/05 08:53 linux-4.14.y c196b3a9c83a 0ef84591 .config console log report info ci2-linux-4-14
2020/12/05 04:37 linux-4.14.y c196b3a9c83a 20366b87 .config console log report info ci2-linux-4-14
2020/12/04 22:24 linux-4.14.y c196b3a9c83a 20366b87 .config console log report info ci2-linux-4-14
2020/12/03 22:17 linux-4.14.y c196b3a9c83a 59ad4022 .config console log report info ci2-linux-4-14
2020/12/03 19:45 linux-4.14.y c196b3a9c83a 59ad4022 .config console log report info ci2-linux-4-14
2020/12/03 19:06 linux-4.14.y c196b3a9c83a 59ad4022 .config console log report info ci2-linux-4-14
2020/12/03 17:31 linux-4.14.y c196b3a9c83a 59ad4022 .config console log report info ci2-linux-4-14
2020/12/03 15:59 linux-4.14.y c196b3a9c83a 59ad4022 .config console log report info ci2-linux-4-14
2020/12/03 14:02 linux-4.14.y c196b3a9c83a 59ad4022 .config console log report info ci2-linux-4-14
2020/12/03 12:50 linux-4.14.y c196b3a9c83a 59ad4022 .config console log report info ci2-linux-4-14
2020/12/03 11:44 linux-4.14.y c196b3a9c83a 8c9190ef .config console log report info ci2-linux-4-14
2020/12/03 10:26 linux-4.14.y c196b3a9c83a 8c9190ef .config console log report info ci2-linux-4-14
2020/12/03 09:13 linux-4.14.y c196b3a9c83a 8c9190ef .config console log report info ci2-linux-4-14
2020/12/03 05:47 linux-4.14.y c196b3a9c83a 8c9190ef .config console log report info ci2-linux-4-14
2020/12/03 03:11 linux-4.14.y c196b3a9c83a 8c9190ef .config console log report info ci2-linux-4-14
2020/10/03 08:25 linux-4.14.y cbfa1702aaf6 2653fa43 .config console log report info ci2-linux-4-14
* Struck through repros no longer work on HEAD.