syzbot

 sign-in | mailing list | source | docs
🐞 Open [980] Subsystems 🐞 Fixed [4543] 🐞 Invalid [10482] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

WARNING in carl9170_usb_submit_cmd_urb/usb_submit_urb

Status: upstream: reported C repro on 2020/05/14 20:18
Labels: usb wireless (incorrect?)
Reported-by: syzbot+9468df99cb63a4a4c4e1@syzkaller.appspotmail.com
First crash: 1110d, last: 12d

Cause bisection: introduced by (bisect log) :
commit 6a66a7ded12baa6ebbb2e3e82f8cb91382814839
Author: zhangyi (F) <yi.zhang@huawei.com>
Date: Thu Feb 13 06:38:20 2020 +0000

  jbd2: move the clearing of b_modified flag to the journal_unmap_buffer()

Crash: SYZFAIL: wrong response packet (log)
Repro: C syz .config
Discussions (1)
Title Replies (including bot) Last reply
WARNING in carl9170_usb_submit_cmd_urb/usb_submit_urb 0 (2) 2021/03/04 14:29
Similar bugs (2)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
linux-6.1 WARNING in carl9170_usb_submit_cmd_urb/usb_submit_urb origin:upstream C 2 1d05h 58d 0/3 upstream: reported C repro on 2023/04/01 12:52
linux-5.15 WARNING in carl9170_usb_submit_cmd_urb/usb_submit_urb origin:upstream C 2 7d01h 58d 0/3 upstream: reported C repro on 2023/04/01 13:22
Last patch testing requests (1)
Created Duration User Patch Repo Result
2020/09/15 02:15 16m brookebasile@gmail.com upstream OK
Fix bisection attempts (13)
Created Duration User Patch Repo Result
2023/03/29 12:51 26m bisect fix upstream job log (0) log
2023/02/27 12:13 25m bisect fix upstream job log (0) log
2023/01/27 07:02 27m bisect fix upstream job log (0) log
2022/07/13 17:56 21m bisect fix upstream job log (0) log
2022/06/13 17:35 20m bisect fix upstream job log (0) log
2022/05/14 13:43 18m bisect fix upstream job log (0) log
2021/12/07 09:10 21m bisect fix upstream job log (0) log
2021/10/30 22:29 20m bisect fix upstream job log (0) log
2021/09/28 20:17 22m bisect fix upstream job log (0) log
2021/07/02 05:45 21m bisect fix upstream job log (0) log
2021/06/02 05:22 22m bisect fix upstream job log (0) log
2021/05/03 04:54 21m bisect fix upstream job log (0) log
2021/04/03 04:30 23m bisect fix upstream job log (0) log

Sample crash report:
usb 1-1: string descriptor 0 read error: -71
------------[ cut here ]------------
usb 1-1: BOGUS urb xfer, pipe 1 != type 3
WARNING: CPU: 0 PID: 901 at drivers/usb/core/urb.c:504 usb_submit_urb+0xed6/0x1880 drivers/usb/core/urb.c:504
Modules linked in:
CPU: 0 PID: 901 Comm: kworker/0:2 Not tainted 6.3.0-rc4-syzkaller-00199-g7b50567bdcad #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/02/2023
Workqueue: usb_hub_wq hub_event
RIP: 0010:usb_submit_urb+0xed6/0x1880 drivers/usb/core/urb.c:504
Code: 7c 24 18 e8 5c 9e 64 fb 48 8b 7c 24 18 e8 72 db f2 fe 41 89 d8 44 89 e1 4c 89 ea 48 89 c6 48 c7 c7 60 39 fb 8a e8 da 24 2d fb <0f> 0b e9 58 f8 ff ff e8 2e 9e 64 fb 48 81 c5 c0 05 00 00 e9 84 f7
RSP: 0018:ffffc900046e6e78 EFLAGS: 00010282
RAX: 0000000000000000 RBX: 0000000000000003 RCX: 0000000000000000
RDX: ffff88801efc1d40 RSI: ffffffff814b5fe7 RDI: 0000000000000001
RBP: ffff888025da4140 R08: 0000000000000001 R09: 0000000000000000
R10: 0000000000000001 R11: 0000000000000000 R12: 0000000000000001
R13: ffff88802a5e9118 R14: 0000000000000002 R15: ffff888019324a00
FS:  0000000000000000(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007ff0947f7490 CR3: 000000002ab9e000 CR4: 00000000003506f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <TASK>
 carl9170_usb_submit_cmd_urb+0x7e/0x130 drivers/net/wireless/ath/carl9170/usb.c:229
 __carl9170_exec_cmd+0x30f/0x5c0 drivers/net/wireless/ath/carl9170/usb.c:643
 carl9170_reboot+0xaf/0xf0 drivers/net/wireless/ath/carl9170/cmd.c:141
 carl9170_usb_disconnect+0xf2/0x130 drivers/net/wireless/ath/carl9170/usb.c:1116
 usb_unbind_interface+0x1dc/0x8e0 drivers/usb/core/driver.c:458
 device_remove drivers/base/dd.c:542 [inline]
 device_remove+0x11f/0x170 drivers/base/dd.c:534
 __device_release_driver drivers/base/dd.c:1240 [inline]
 device_release_driver_internal+0x443/0x610 drivers/base/dd.c:1263
 usb_driver_release_interface drivers/usb/core/driver.c:627 [inline]
 usb_forced_unbind_intf+0x13a/0x210 drivers/usb/core/driver.c:1118
 usb_reset_device+0x43b/0xac0 drivers/usb/core/hub.c:6185
 carl9170_usb_probe+0x4c/0xd40 drivers/net/wireless/ath/carl9170/usb.c:1044
 usb_probe_interface+0x30f/0x960 drivers/usb/core/driver.c:396
 call_driver_probe drivers/base/dd.c:552 [inline]
 really_probe+0x240/0xca0 drivers/base/dd.c:631
 __driver_probe_device+0x1df/0x4d0 drivers/base/dd.c:768
 driver_probe_device+0x4c/0x1a0 drivers/base/dd.c:798
 __device_attach_driver+0x1d4/0x2e0 drivers/base/dd.c:926
 bus_for_each_drv+0x149/0x1d0 drivers/base/bus.c:457
 __device_attach+0x1e4/0x4b0 drivers/base/dd.c:998
 bus_probe_device+0x17c/0x1c0 drivers/base/bus.c:532
 device_add+0x11c4/0x1c50 drivers/base/core.c:3589
 usb_set_configuration+0x10ee/0x1af0 drivers/usb/core/message.c:2171
 usb_generic_driver_probe+0xcf/0x130 drivers/usb/core/generic.c:238
 usb_probe_device+0xd8/0x2c0 drivers/usb/core/driver.c:293
 call_driver_probe drivers/base/dd.c:552 [inline]
 really_probe+0x240/0xca0 drivers/base/dd.c:631
 __driver_probe_device+0x1df/0x4d0 drivers/base/dd.c:768
 driver_probe_device+0x4c/0x1a0 drivers/base/dd.c:798
 __device_attach_driver+0x1d4/0x2e0 drivers/base/dd.c:926
 bus_for_each_drv+0x149/0x1d0 drivers/base/bus.c:457
 __device_attach+0x1e4/0x4b0 drivers/base/dd.c:998
 bus_probe_device+0x17c/0x1c0 drivers/base/bus.c:532
 device_add+0x11c4/0x1c50 drivers/base/core.c:3589
 usb_new_device+0xcb2/0x19d0 drivers/usb/core/hub.c:2575
 hub_port_connect drivers/usb/core/hub.c:5407 [inline]
 hub_port_connect_change drivers/usb/core/hub.c:5551 [inline]
 port_event drivers/usb/core/hub.c:5711 [inline]
 hub_event+0x2d9e/0x4e40 drivers/usb/core/hub.c:5793
 process_one_work+0x991/0x15c0 kernel/workqueue.c:2390
 worker_thread+0x669/0x1090 kernel/workqueue.c:2537
 kthread+0x2e8/0x3a0 kernel/kthread.c:376
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:308
 </TASK>

Crashes (39):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets Manager Title
2023/04/01 23:32 upstream 7b50567bdcad f325deb0 .config strace log report syz C [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce WARNING in carl9170_usb_submit_cmd_urb/usb_submit_urb
2022/11/19 06:34 upstream 84368d882b96 5bb70014 .config strace log report syz C [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING in carl9170_usb_submit_cmd_urb/usb_submit_urb
2022/10/17 12:21 upstream 55be6084c8e0 67cb024c .config strace log report syz C [disk image] [vmlinux] ci-upstream-kasan-gce-smack-root WARNING in carl9170_usb_submit_cmd_urb/usb_submit_urb
2022/08/12 17:56 upstream 7ebfc85e2cd7 402cd70d .config strace log report syz C ci-upstream-kasan-gce-root WARNING in carl9170_usb_submit_cmd_urb/usb_submit_urb
2022/07/15 23:49 upstream 9b59ec8d50a1 95cb00d1 .config strace log report syz C ci-upstream-kasan-gce WARNING in carl9170_usb_submit_cmd_urb/usb_submit_urb
2022/03/05 07:12 upstream 07ebd38a0da2 45a13a73 .config console log report syz C ci-qemu-upstream WARNING in carl9170_usb_submit_cmd_urb/usb_submit_urb
2021/08/29 20:17 upstream 3f5ad13cb012 be2c130d .config console log report syz C ci-upstream-kasan-gce-selinux-root WARNING in carl9170_usb_submit_cmd_urb/usb_submit_urb
2021/07/21 12:51 upstream 8cae8cd89f05 1b201b48 .config console log report syz C ci-upstream-kasan-gce-smack-root WARNING in carl9170_usb_submit_cmd_urb/usb_submit_urb
2021/07/12 08:32 upstream e73f0f0ee754 a4869c92 .config console log report syz C ci-upstream-kasan-gce-root WARNING in carl9170_usb_submit_cmd_urb/usb_submit_urb
2021/03/04 02:33 upstream f69d02e37a85 06ed56cd .config console log report syz C ci-upstream-kasan-gce WARNING in carl9170_usb_submit_cmd_urb/usb_submit_urb
2023/04/01 08:52 https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing d629c0e221cd f325deb0 .config console log report syz C [disk image] [vmlinux] [kernel image] ci2-upstream-usb WARNING in carl9170_usb_submit_cmd_urb/usb_submit_urb
2022/09/25 22:20 linux-next aaa11ce2ffc8 0042f2b4 .config strace log report syz C ci-upstream-linux-next-kasan-gce-root WARNING in carl9170_usb_submit_cmd_urb/usb_submit_urb
2022/07/15 20:43 https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing f31a8702cd36 5d921b08 .config console log report syz C ci2-upstream-usb WARNING in carl9170_usb_submit_cmd_urb/usb_submit_urb
2021/08/08 22:20 linux-next 7999516e20bd 6972b106 .config console log report syz C ci-upstream-linux-next-kasan-gce-root WARNING in carl9170_usb_submit_cmd_urb/usb_submit_urb
2023/04/01 13:03 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 59caa87f9dfb f325deb0 .config console log report syz C [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 WARNING in carl9170_usb_submit_cmd_urb/usb_submit_urb
2021/01/10 18:30 https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing 841081d89d5a 2c1f2513 .config console log report syz C ci2-upstream-usb
2020/05/14 07:54 https://github.com/google/kasan.git usb-fuzzer 059e7e0ff26c a885920d .config console log report syz C ci2-upstream-usb
2022/04/14 13:43 upstream a19944809fe9 b17b2923 .config console log report info ci-upstream-kasan-gce-selinux-root WARNING in carl9170_usb_submit_cmd_urb/usb_submit_urb
2022/03/14 16:56 upstream 09688c0166e7 9e8eaa75 .config console log report info ci-upstream-kasan-gce WARNING in carl9170_usb_submit_cmd_urb/usb_submit_urb
2023/05/17 08:03 https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing a4422ff22142 11c89444 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-usb WARNING in carl9170_usb_submit_cmd_urb/usb_submit_urb
2023/05/10 02:23 https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing 986866c3dfb0 30aa2a7e .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-usb WARNING in carl9170_usb_submit_cmd_urb/usb_submit_urb
2023/05/10 02:05 https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing 986866c3dfb0 30aa2a7e .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-usb WARNING in carl9170_usb_submit_cmd_urb/usb_submit_urb
2023/05/10 01:31 https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing 986866c3dfb0 30aa2a7e .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-usb WARNING in carl9170_usb_submit_cmd_urb/usb_submit_urb
2023/05/09 23:53 https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing 986866c3dfb0 30aa2a7e .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-usb WARNING in carl9170_usb_submit_cmd_urb/usb_submit_urb
2023/05/09 23:33 https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing 986866c3dfb0 30aa2a7e .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-usb WARNING in carl9170_usb_submit_cmd_urb/usb_submit_urb
2023/05/06 12:46 https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing 33afd4b76393 90c93c40 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-usb WARNING in carl9170_usb_submit_cmd_urb/usb_submit_urb
2023/04/23 14:56 https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing 8f40fc080813 2b32bd34 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-usb WARNING in carl9170_usb_submit_cmd_urb/usb_submit_urb
2023/04/01 08:14 https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing d629c0e221cd f325deb0 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-usb WARNING in carl9170_usb_submit_cmd_urb/usb_submit_urb
2022/10/24 17:00 https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing a6afa4199d3d faae2fda .config console log report info [disk image] [vmlinux] ci2-upstream-usb WARNING in carl9170_usb_submit_cmd_urb/usb_submit_urb
2022/10/19 22:47 https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing a6afa4199d3d b31320fc .config console log report info [disk image] [vmlinux] ci2-upstream-usb WARNING in carl9170_usb_submit_cmd_urb/usb_submit_urb
2022/10/16 13:32 https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing a6afa4199d3d 67cb024c .config console log report info [disk image] [vmlinux] ci2-upstream-usb WARNING in carl9170_usb_submit_cmd_urb/usb_submit_urb
2022/07/15 20:14 https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing f31a8702cd36 5d921b08 .config console log report info ci2-upstream-usb WARNING in carl9170_usb_submit_cmd_urb/usb_submit_urb
2022/03/23 09:31 https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing 46d2c20b0b10 5ff41e94 .config console log report info ci2-upstream-usb WARNING in carl9170_usb_submit_cmd_urb/usb_submit_urb
2022/03/07 21:17 https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing 98d107b84614 7bdd8b2c .config console log report info ci2-upstream-usb WARNING in carl9170_usb_submit_cmd_urb/usb_submit_urb
2022/02/07 05:25 https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing 2dac5d2864af a7dab638 .config console log report info ci2-upstream-usb WARNING in carl9170_usb_submit_cmd_urb/usb_submit_urb
2022/01/23 20:52 https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing e783362eb54c 214351e1 .config console log report info ci2-upstream-usb WARNING in carl9170_usb_submit_cmd_urb/usb_submit_urb
2021/12/29 12:15 https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing ce1d37cb7697 76c8cf06 .config console log report info ci2-upstream-usb WARNING in carl9170_usb_submit_cmd_urb/usb_submit_urb
2021/11/07 09:10 https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing 048ff8629e11 4c1be0be .config console log report info ci2-upstream-usb WARNING in carl9170_usb_submit_cmd_urb/usb_submit_urb
2020/10/28 06:37 https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing 3650b228f83a 96e03c1c .config console log report info ci2-upstream-usb
* Struck through repros no longer work on HEAD.