syzbot

 sign-in | mailing list | source | docs
🐞 Open [1039] 🐞 Fixed [3420] 🐞 Invalid [6674]

KASAN: out-of-bounds Read in ath9k_hif_usb_rx_cb (3)
Status: upstream: reported C repro on 2021/01/05 16:03
Reported-by: syzbot+3f1ca6a6fec34d601788@syzkaller.appspotmail.com
First crash: 302d, last: 4d23h

Cause bisection: introduced by (bisect log) [no-op commit]:
commit 7e49afc03212010d0ee27532a75cfeb0125bd868
Author: Masahiro Yamada <masahiroy@kernel.org>
Date: Fri Apr 17 18:04:55 2020 +0000

  um: do not evaluate compiler's library path when cleaning

Crash: KASAN: use-after-free Read in ath9k_hif_usb_rx_cb (log)
Repro: C syz .config
similar bugs (5):
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KASAN: out-of-bounds Read in ath9k_hif_usb_rx_cb (2) 1 448d 448d 0/22 auto-closed as invalid on 2020/11/25 16:55
upstream KASAN: out-of-bounds Read in ath9k_hif_usb_rx_cb 8 462d 503d 0/22 closed as dup on 2020/06/12 13:00
upstream KASAN: slab-out-of-bounds Read in ath9k_hif_usb_rx_cb (2) C error 295 2h41m 446d 0/22 closed as dup on 2021/01/13 11:30
upstream KASAN: use-after-free Read in ath9k_hif_usb_rx_cb (2) C done 6333 now 337d 0/22 upstream: reported C repro on 2020/11/16 17:09
upstream general protection fault in ath9k_hif_usb_rx_cb (2) C error 1209 3h26m 459d 0/22 upstream: reported C repro on 2020/07/17 18:56
Patch testing requests:
Created Duration User Patch Repo Result
2021/06/14 18:35 14m chouhan.shreyansh630@gmail.com upstream report log

Sample crash report:

Fix bisection attempts:
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Title
ci-upstream-kasan-gce-root 2021/09/21 13:50 upstream d9fb678414c0 500c2339 .config log report syz C
ci-upstream-kasan-gce-root 2021/08/22 08:13 upstream 9ff50bf2f2ff 500c2339 .config log report syz C
ci-upstream-kasan-gce-root 2021/07/22 21:28 upstream 9f42f674a892 500c2339 .config log report syz C
Crashes (7):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Title
ci-upstream-kasan-gce-root 2021/06/06 21:15 upstream f5b6eb1e0182 500c2339 .config log report syz C KASAN: out-of-bounds Read in ath9k_hif_usb_rx_cb
ci2-upstream-usb 2021/10/15 03:35 https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing 660a92a59b9e 7aa5fe41 .config log report info KASAN: out-of-bounds Read in ath9k_hif_usb_rx_cb
ci2-upstream-usb 2021/06/21 19:07 https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing cfb0276373df aba2b2fb .config log report info KASAN: out-of-bounds Read in ath9k_hif_usb_rx_cb
ci2-upstream-usb 2021/04/09 00:03 https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing e9fcb07704fc 6a81331a .config log report info KASAN: out-of-bounds Read in ath9k_hif_usb_rx_cb
ci2-upstream-usb 2021/03/13 02:24 https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing 14b02f023c09 429d8a6b .config log report info KASAN: out-of-bounds Read in ath9k_hif_usb_rx_cb
ci2-upstream-usb 2021/03/02 13:27 https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing 5bb9cdb320a5 92ead296 .config log report info KASAN: out-of-bounds Read in ath9k_hif_usb_rx_cb
ci2-upstream-usb 2020/12/21 06:19 https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing 3644e2d2dda7 04201c06 .config log report info