syzbot

 sign-in | mailing list | source | docs
🐞 Open [534] 🐞 Fixed [32] 🐞 Invalid [294] Missing Backports [43] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

WARNING in amradio_set_mute/usb_submit_urb

Status: upstream: reported C repro on 2023/05/14 10:18
Bug presence: origin:upstream
[Documentation on labels]
Reported-by: syzbot+b3459a4baae267c6671b@syzkaller.appspotmail.com
First crash: 341d, last: 341d
Fix bisection: failed (error log, bisect log)
  
Bug presence (1)
Date Name Commit Repro Result
2023/05/15 upstream (ToT) f1fcbaa18b28 C [report] WARNING in amradio_set_mute/usb_submit_urb
Similar bugs (2)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream WARNING in amradio_set_mute/usb_submit_urb usb C 3 12d 344d 0/26 upstream: reported C repro on 2023/05/12 02:38
linux-6.1 WARNING in amradio_set_mute/usb_submit_urb origin:upstream C 2 21d 348d 0/3 upstream: reported C repro on 2023/05/08 04:01

Sample crash report:
usb 1-1: New USB device found, idVendor=07ca, idProduct=b800, bcdDevice=b9.c5
usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
------------[ cut here ]------------
usb 1-1: BOGUS urb xfer, pipe 1 != type 3
WARNING: CPU: 0 PID: 1531 at drivers/usb/core/urb.c:503 usb_submit_urb+0xa44/0x1588 drivers/usb/core/urb.c:502
Modules linked in:
CPU: 0 PID: 1531 Comm: kworker/0:2 Not tainted 5.15.111-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/14/2023
Workqueue: usb_hub_wq hub_event
pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : usb_submit_urb+0xa44/0x1588 drivers/usb/core/urb.c:502
lr : usb_submit_urb+0xa44/0x1588 drivers/usb/core/urb.c:502
sp : ffff800020a06780
x29: ffff800020a067c0 x28: 0000000000000001 x27: ffff800012b18868
x26: ffff0000cf3df000 x25: ffff0000da9b3000 x24: 0000000000000008
x23: ffff800012b1f080 x22: dfff800000000000 x21: 0000000000000002
x20: 0000000000000c00 x19: ffff0000c0846800 x18: 0000000000000001
x17: ff808000083359dc x16: ffff800011948074 x15: ffff8000083359dc
x14: 00000000ffffffff x13: ffffffffffffffff x12: 0000000000000000
x11: ff8080000832c484 x10: 0000000000000000 x9 : a923e5d27f9c1e00
x8 : a923e5d27f9c1e00 x7 : 0000000000000001 x6 : 0000000000000001
x5 : ffff800020a05ef8 x4 : ffff8000149afce0 x3 : ffff80000854d4e0
x2 : 0000000000000001 x1 : 0000000100000000 x0 : 0000000000000029
Call trace:
 usb_submit_urb+0xa44/0x1588 drivers/usb/core/urb.c:502
 usb_start_wait_urb+0xec/0x414 drivers/usb/core/message.c:58
 usb_bulk_msg+0x2dc/0x3f0 drivers/usb/core/message.c:387
 amradio_send_cmd drivers/media/radio/radio-mr800.c:150 [inline]
 amradio_set_mute+0x1d4/0x428 drivers/media/radio/radio-mr800.c:182
 usb_amradio_init drivers/media/radio/radio-mr800.c:411 [inline]
 usb_amradio_probe+0x388/0x6f8 drivers/media/radio/radio-mr800.c:554
 usb_probe_interface+0x500/0x984 drivers/usb/core/driver.c:396
 really_probe+0x26c/0xaec drivers/base/dd.c:595
 __driver_probe_device+0x194/0x3b4 drivers/base/dd.c:755
 driver_probe_device+0x78/0x34c drivers/base/dd.c:785
 __device_attach_driver+0x28c/0x4d8 drivers/base/dd.c:907
 bus_for_each_drv+0x158/0x1e0 drivers/base/bus.c:427
 __device_attach+0x2f0/0x480 drivers/base/dd.c:979
 device_initial_probe+0x24/0x34 drivers/base/dd.c:1028
 bus_probe_device+0xbc/0x1c8 drivers/base/bus.c:487
 device_add+0xae0/0xef4 drivers/base/core.c:3394
 usb_set_configuration+0x15e0/0x1b60 drivers/usb/core/message.c:2170
 usb_generic_driver_probe+0x8c/0x148 drivers/usb/core/generic.c:238
 usb_probe_device+0x120/0x25c drivers/usb/core/driver.c:293
 really_probe+0x26c/0xaec drivers/base/dd.c:595
 __driver_probe_device+0x194/0x3b4 drivers/base/dd.c:755
 driver_probe_device+0x78/0x34c drivers/base/dd.c:785
 __device_attach_driver+0x28c/0x4d8 drivers/base/dd.c:907
 bus_for_each_drv+0x158/0x1e0 drivers/base/bus.c:427
 __device_attach+0x2f0/0x480 drivers/base/dd.c:979
 device_initial_probe+0x24/0x34 drivers/base/dd.c:1028
 bus_probe_device+0xbc/0x1c8 drivers/base/bus.c:487
 device_add+0xae0/0xef4 drivers/base/core.c:3394
 usb_new_device+0x8fc/0x1448 drivers/usb/core/hub.c:2568
 hub_port_connect drivers/usb/core/hub.c:5358 [inline]
 hub_port_connect_change drivers/usb/core/hub.c:5502 [inline]
 port_event drivers/usb/core/hub.c:5648 [inline]
 hub_event+0x22e4/0x48c4 drivers/usb/core/hub.c:5730
 process_one_work+0x790/0x11b8 kernel/workqueue.c:2307
 worker_thread+0x910/0x1034 kernel/workqueue.c:2454
 kthread+0x37c/0x45c kernel/kthread.c:319
 ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:870
irq event stamp: 44560
hardirqs last  enabled at (44559): [<ffff80000832a61c>] __up_console_sem+0xb4/0x100 kernel/printk/printk.c:257
hardirqs last disabled at (44560): [<ffff800011943708>] el1_dbg+0x24/0x80 arch/arm64/kernel/entry-common.c:387
softirqs last  enabled at (42206): [<ffff800008020ccc>] softirq_handle_end kernel/softirq.c:401 [inline]
softirqs last  enabled at (42206): [<ffff800008020ccc>] __do_softirq+0xb5c/0xe20 kernel/softirq.c:587
softirqs last disabled at (42197): [<ffff8000081b573c>] do_softirq_own_stack include/asm-generic/softirq_stack.h:10 [inline]
softirqs last disabled at (42197): [<ffff8000081b573c>] invoke_softirq kernel/softirq.c:439 [inline]
softirqs last disabled at (42197): [<ffff8000081b573c>] __irq_exit_rcu+0x28c/0x534 kernel/softirq.c:636
---[ end trace dbacb356e512b0f7 ]---
 (null): radio-mr800 - initialization failed
radio-mr800: probe of 1-1:6.199 failed with error -71
usbhid 1-1:6.199: couldn't find an input interrupt endpoint

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2023/05/14 10:17 linux-5.15.y b0ece631f84a 2b9ba477 .config console log report syz C [disk image] [vmlinux] [kernel image] ci2-linux-5-15-kasan-arm64 WARNING in amradio_set_mute/usb_submit_urb
* Struck through repros no longer work on HEAD.