syzbot

 sign-in | mailing list | source | docs
🐞 Open [992] 🐞 Fixed [3273] 🐞 Invalid [6220]

KASAN: out-of-bounds Read in ath9k_hif_usb_rx_cb (3)
Status: upstream: reported C repro on 2021/01/05 16:03
Reported-by: syzbot+3f1ca6a6fec34d601788@syzkaller.appspotmail.com
First crash: 219d, last: 5d15h

Cause bisection: introduced by (bisect log) [no-op commit]:
commit 7e49afc03212010d0ee27532a75cfeb0125bd868
Author: Masahiro Yamada <masahiroy@kernel.org>
Date: Fri Apr 17 18:04:55 2020 +0000

  um: do not evaluate compiler's library path when cleaning

Crash: KASAN: use-after-free Read in ath9k_hif_usb_rx_cb (log)
Repro: C syz .config
similar bugs (5):
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KASAN: out-of-bounds Read in ath9k_hif_usb_rx_cb (2) 1 364d 364d 0/22 auto-closed as invalid on 2020/11/25 16:55
upstream KASAN: out-of-bounds Read in ath9k_hif_usb_rx_cb 8 379d 419d 0/22 closed as dup on 2020/06/12 13:00
upstream KASAN: slab-out-of-bounds Read in ath9k_hif_usb_rx_cb (2) C error 200 18h06m 363d 0/22 closed as dup on 2021/01/13 11:30
upstream KASAN: use-after-free Read in ath9k_hif_usb_rx_cb (2) C done 4150 2h09m 253d 0/22 upstream: reported C repro on 2020/11/16 17:09
upstream general protection fault in ath9k_hif_usb_rx_cb (2) C error 924 8h35m 375d 0/22 upstream: reported C repro on 2020/07/17 18:56
Patch testing requests:
Created Duration User Patch Repo Result
2021/06/14 18:35 14m chouhan.shreyansh630@gmail.com upstream report log

Sample crash report:

Fix bisection attempts:
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Title
ci-upstream-kasan-gce-root 2021/07/22 21:28 upstream 9f42f674a892 500c2339 .config log report syz C
Crashes (6):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Title
ci-upstream-kasan-gce-root 2021/06/06 21:15 upstream f5b6eb1e0182 500c2339 .config log report syz C KASAN: out-of-bounds Read in ath9k_hif_usb_rx_cb
ci2-upstream-usb 2021/06/21 19:07 https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing cfb0276373df aba2b2fb .config log report info KASAN: out-of-bounds Read in ath9k_hif_usb_rx_cb
ci2-upstream-usb 2021/04/09 00:03 https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing e9fcb07704fc 6a81331a .config log report info KASAN: out-of-bounds Read in ath9k_hif_usb_rx_cb
ci2-upstream-usb 2021/03/13 02:24 https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing 14b02f023c09 429d8a6b .config log report info KASAN: out-of-bounds Read in ath9k_hif_usb_rx_cb
ci2-upstream-usb 2021/03/02 13:27 https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing 5bb9cdb320a5 92ead296 .config log report info KASAN: out-of-bounds Read in ath9k_hif_usb_rx_cb
ci2-upstream-usb 2020/12/21 06:19 https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing 3644e2d2dda7 04201c06 .config log report info