syzbot

 sign-in | mailing list | source | docs
🐞 Open [569] 🐞 Fixed [66] 🐞 Invalid [207] Missing Backports [40] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

WARNING in smsusb_start_streaming/usb_submit_urb

Status: upstream: reported C repro on 2024/04/12 23:31
Bug presence: origin:upstream
[Documentation on labels]
Reported-by: syzbot+a60cbb12f2c32b40cee2@syzkaller.appspotmail.com
First crash: 20d, last: 20d
Bug presence (1)
Date Name Commit Repro Result
2024/04/14 upstream (ToT) 7efd0a74039f C [report] WARNING in smsusb_start_streaming/usb_submit_urb
Similar bugs (1)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream WARNING in smsusb_start_streaming/usb_submit_urb usb media C error inconclusive 89 5d01h 1717d 0/26 upstream: reported C repro on 2019/08/21 12:58

Sample crash report:
smsusb:smsusb_probe: board id=9, interface number 0
smsusb:siano_media_device_register: media controller created
------------[ cut here ]------------
usb 1-1: BOGUS urb xfer, pipe 3 != type 1
WARNING: CPU: 0 PID: 3356 at drivers/usb/core/urb.c:505 usb_submit_urb+0xa44/0x1588 drivers/usb/core/urb.c:504
Modules linked in:
CPU: 0 PID: 3356 Comm: kworker/0:2 Not tainted 6.1.85-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
Workqueue: usb_hub_wq hub_event
pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : usb_submit_urb+0xa44/0x1588 drivers/usb/core/urb.c:504
lr : usb_submit_urb+0xa44/0x1588 drivers/usb/core/urb.c:504
sp : ffff80001e9f6860
x29: ffff80001e9f68a0 x28: 0000000000000003 x27: ffff800013584ecc
x26: ffff0000c2f07a00 x25: ffff0000c44c3000 x24: 0000000000000020
x23: ffff80001358b740 x22: dfff800000000000 x21: 0000000000000003
x20: 0000000000000a20 x19: ffff0000d4e2e030 x18: ffff80001e9f63c0
x17: 0000000000000000 x16: ffff800012152bd4 x15: 0000000000000000
x14: 00000000ffffffff x13: 0000000000000001 x12: 0000000000000001
x11: 0000000000ff0100 x10: 0000000000000000 x9 : 9047e4532b7a9b00
x8 : 9047e4532b7a9b00 x7 : 0000000000000001 x6 : 0000000000000001
x5 : ffff80001e9f6158 x4 : ffff800015922b00 x3 : ffff8000085888dc
x2 : 0000000000000001 x1 : 0000000100000000 x0 : 0000000000000000
Call trace:
 usb_submit_urb+0xa44/0x1588 drivers/usb/core/urb.c:504
 smsusb_submit_urb drivers/media/usb/siano/smsusb.c:173 [inline]
 smsusb_start_streaming+0x244/0x450 drivers/media/usb/siano/smsusb.c:197
 smsusb_init_device drivers/media/usb/siano/smsusb.c:472 [inline]
 smsusb_probe+0x1324/0x1a04 drivers/media/usb/siano/smsusb.c:569
 usb_probe_interface+0x500/0x984 drivers/usb/core/driver.c:396
 really_probe+0x394/0xacc drivers/base/dd.c:639
 __driver_probe_device+0x194/0x3b4 drivers/base/dd.c:785
 driver_probe_device+0x78/0x330 drivers/base/dd.c:815
 __device_attach_driver+0x2a8/0x4f4 drivers/base/dd.c:943
 bus_for_each_drv+0x158/0x1e0 drivers/base/bus.c:427
 __device_attach+0x2f0/0x480 drivers/base/dd.c:1015
 device_initial_probe+0x24/0x34 drivers/base/dd.c:1064
 bus_probe_device+0xbc/0x1c8 drivers/base/bus.c:487
 device_add+0xae0/0xef4 drivers/base/core.c:3686
 usb_set_configuration+0x15c0/0x1b40 drivers/usb/core/message.c:2165
 usb_generic_driver_probe+0x8c/0x148 drivers/usb/core/generic.c:238
 usb_probe_device+0x120/0x25c drivers/usb/core/driver.c:293
 really_probe+0x394/0xacc drivers/base/dd.c:639
 __driver_probe_device+0x194/0x3b4 drivers/base/dd.c:785
 driver_probe_device+0x78/0x330 drivers/base/dd.c:815
 __device_attach_driver+0x2a8/0x4f4 drivers/base/dd.c:943
 bus_for_each_drv+0x158/0x1e0 drivers/base/bus.c:427
 __device_attach+0x2f0/0x480 drivers/base/dd.c:1015
 device_initial_probe+0x24/0x34 drivers/base/dd.c:1064
 bus_probe_device+0xbc/0x1c8 drivers/base/bus.c:487
 device_add+0xae0/0xef4 drivers/base/core.c:3686
 usb_new_device+0x908/0x1440 drivers/usb/core/hub.c:2614
 hub_port_connect drivers/usb/core/hub.c:5465 [inline]
 hub_port_connect_change drivers/usb/core/hub.c:5605 [inline]
 port_event drivers/usb/core/hub.c:5761 [inline]
 hub_event+0x243c/0x42e4 drivers/usb/core/hub.c:5843
 process_one_work+0x7ac/0x1404 kernel/workqueue.c:2292
 worker_thread+0x8e4/0xfec kernel/workqueue.c:2439
 kthread+0x250/0x2d8 kernel/kthread.c:376
 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:864
irq event stamp: 48132
hardirqs last  enabled at (48131): [<ffff800008343d04>] __up_console_sem+0xb4/0x100 kernel/printk/printk.c:261
hardirqs last disabled at (48132): [<ffff80001214e88c>] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:405
softirqs last  enabled at (43972): [<ffff800008020d7c>] softirq_handle_end kernel/softirq.c:414 [inline]
softirqs last  enabled at (43972): [<ffff800008020d7c>] __do_softirq+0xc1c/0xe38 kernel/softirq.c:600
softirqs last disabled at (43961): [<ffff80000802a99c>] ____do_softirq+0x14/0x20 arch/arm64/kernel/irq.c:80
---[ end trace 0000000000000000 ]---
smsusb:smsusb_start_streaming: smsusb_submit_urb(...) failed
smsusb:smsusb_init_device: smsusb_start_streaming(...) failed

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2024/04/12 23:30 linux-6.1.y bf1e3b1cb1e0 c8349e48 .config console log report syz C [disk image] [vmlinux] [kernel image] ci2-linux-6-1-kasan-arm64 WARNING in smsusb_start_streaming/usb_submit_urb
* Struck through repros no longer work on HEAD.