syzbot

 sign-in | mailing list | source | docs
🐞 Open [1139] 🐞 Fixed [4217] 🐞 Invalid [9348] πŸ“ˆ Kernel Health πŸ“ˆ Bug Lifetimes πŸ“ˆ Fuzzing πŸ“ˆ Crashes

WARNING in media_create_pad_link

Status: upstream: reported C repro on 2020/05/14 20:18
Reported-by: syzbot+dd320d114deb3f5bb79b@syzkaller.appspotmail.com
First crash: 937d, last: 18d

Cause bisection: introduced by (bisect log) :
commit f2c2e717642c66f7fe7e5dd69b2e8ff5849f4d10
Author: Andrey Konovalov <andreyknvl@google.com>
Date: Mon Feb 24 16:13:03 2020 +0000

  usb: gadget: add raw-gadget interface

Crash: KASAN: use-after-free Read in __media_entity_remove_links (log)
Repro: C syz .config

Fix bisection: fixed by (bisect log) :
commit adb6e6ac20eedcf1dce19dc75b224e63c0828ea1
Author: Bastien Nocera <hadess@hadess.net>
Date: Tue Aug 18 11:04:43 2020 +0000

  USB: Also match device drivers using the ->match vfunc


Sample crash report:
usb 1-1: New USB device strings: Mfr=64, Product=0, SerialNumber=0
usb 1-1: Manufacturer: syz
usb 1-1: config 0 descriptor??
usb 1-1: Found UVC 0.00 device <unnamed> (0bd3:0d55)
uvcvideo 1-1:0.0: Entity type for entity ΣΏ was not initialized!
------------[ cut here ]------------
WARNING: CPU: 1 PID: 25 at drivers/media/mc/mc-entity.c:1021 media_create_pad_link+0x4de/0x650 drivers/media/mc/mc-entity.c:1021
Modules linked in:
CPU: 1 PID: 25 Comm: kworker/1:1 Not tainted 6.1.0-rc4-syzkaller-00015-gf141df371335 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
Workqueue: usb_hub_wq hub_event
RIP: 0010:media_create_pad_link+0x4de/0x650 drivers/media/mc/mc-entity.c:1021
Code: 38 a4 68 fb 44 89 e0 48 83 c4 18 5b 5d 41 5c 41 5d 41 5e 41 5f c3 e8 21 a4 68 fb 0f 0b 41 bc ea ff ff ff eb da e8 12 a4 68 fb <0f> 0b 41 bc ea ff ff ff eb cb e8 03 a4 68 fb 0f 0b 41 bc ea ff ff
RSP: 0018:ffffc90000c1eeb8 EFLAGS: 00010293
RAX: 0000000000000000 RBX: ffff8880733ca880 RCX: 0000000000000000
RDX: ffff888016ea4100 RSI: ffffffff8613305e RDI: 0000000000000002
RBP: ffff8880733ca080 R08: 0000000000000002 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
R13: 0000000000000000 R14: 0000000000000000 R15: ffff8880733ca080
FS:  0000000000000000(0000) GS:ffff8880b9b00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f2feb625111 CR3: 000000007ce86000 CR4: 00000000003506e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <TASK>
 uvc_mc_create_links drivers/media/usb/uvc/uvc_entity.c:50 [inline]
 uvc_mc_register_entities+0x5cd/0x910 drivers/media/usb/uvc/uvc_entity.c:151
 uvc_register_chains drivers/media/usb/uvc/uvc_driver.c:2063 [inline]
 uvc_probe.cold+0x1e40/0x2583 drivers/media/usb/uvc/uvc_driver.c:2200

Crashes (80):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Title
ci-upstream-kasan-gce-selinux-root 2022/11/10 01:20 upstream f141df371335 5fa28208 .config log report syz C WARNING in media_create_pad_link
ci-upstream-kasan-gce-selinux-root 2022/11/10 00:46 upstream f141df371335 5fa28208 .config log report syz C WARNING in media_create_pad_link
ci-upstream-kasan-gce-smack-root 2022/10/10 20:39 upstream 4899a36f91a9 aea5da89 .config log report syz C WARNING in media_create_pad_link
ci-upstream-kasan-gce-smack-root 2022/10/10 18:54 upstream 4899a36f91a9 aea5da89 .config log report syz C WARNING in media_create_pad_link
ci-upstream-kasan-gce-smack-root 2022/10/10 18:22 upstream 4899a36f91a9 aea5da89 .config log report syz C WARNING in media_create_pad_link
ci-upstream-kasan-gce-root 2022/08/07 12:51 upstream 200e340f2196 88e3a122 .config log report syz C WARNING in media_create_pad_link
ci-upstream-kasan-gce-root 2022/08/07 11:06 upstream 200e340f2196 88e3a122 .config log report syz C WARNING in media_create_pad_link
ci-upstream-kasan-gce-root 2022/08/07 10:36 upstream 200e340f2196 88e3a122 .config log report syz C WARNING in media_create_pad_link
ci-upstream-kasan-gce 2022/07/09 14:40 upstream e5524c2a1fc4 b5765a15 .config log report syz C WARNING in media_create_pad_link
ci-upstream-kasan-gce 2022/07/09 08:11 upstream a471da3100ef b5765a15 .config log report syz C WARNING in media_create_pad_link
ci-upstream-kasan-gce-selinux-root 2022/07/09 01:01 upstream a471da3100ef b5765a15 .config log report syz C WARNING in media_create_pad_link
ci-upstream-kasan-gce-root 2022/07/09 00:31 upstream a471da3100ef b5765a15 .config log report syz C WARNING in media_create_pad_link
ci-upstream-kasan-gce 2022/07/09 00:30 upstream a471da3100ef b5765a15 .config log report syz C WARNING in media_create_pad_link
ci-qemu-upstream 2022/03/13 08:21 upstream aad611a868d1 9e8eaa75 .config log report syz C WARNING in media_create_pad_link
ci-qemu-upstream 2022/03/04 20:07 upstream 38f80f42147f 45a13a73 .config log report syz C WARNING in media_create_pad_link
ci-upstream-kasan-gce-selinux-root 2022/02/21 18:41 upstream cfb92440ee71 3cd800e4 .config log report syz C WARNING in media_create_pad_link
ci-upstream-kasan-gce-smack-root 2022/01/06 05:43 upstream 49ef78e59b07 6acc789a .config log report syz C WARNING in media_create_pad_link
ci-upstream-kasan-gce-root 2021/12/20 17:08 upstream a7904a538933 021b36cb .config log report syz C WARNING in media_create_pad_link
ci-upstream-kasan-gce-selinux-root 2021/07/08 07:00 upstream 3dbdb38e2869 95793bce .config log report syz C WARNING in media_create_pad_link
ci-upstream-kasan-gce 2021/06/20 17:36 upstream 913ec3c22ef4 aba2b2fb .config log report syz C WARNING in media_create_pad_link
ci-upstream-kasan-gce-smack-root 2021/05/29 07:46 upstream 5ff2756afde0 858ea628 .config log report syz C WARNING in media_create_pad_link
ci-upstream-kasan-gce-root 2021/05/26 11:56 upstream ad9f25d33860 54f0bcf1 .config log report syz C WARNING in media_create_pad_link
ci-upstream-linux-next-kasan-gce-root 2022/09/17 01:11 linux-next e47eb90a0a9a dd9a85ff .config log report syz C WARNING in media_create_pad_link
ci-upstream-linux-next-kasan-gce-root 2022/09/16 23:30 linux-next e47eb90a0a9a dd9a85ff .config log report syz C WARNING in media_create_pad_link
ci-upstream-linux-next-kasan-gce-root 2022/09/16 22:58 linux-next e47eb90a0a9a dd9a85ff .config log report syz C WARNING in media_create_pad_link
ci-upstream-linux-next-kasan-gce-root 2021/06/20 00:46 linux-next a1f92694393a aba2b2fb .config log report syz C WARNING in media_create_pad_link
ci-upstream-kasan-gce-root 2020/05/29 22:00 upstream 75caf310d16c 3905eaae .config log report syz C
ci-upstream-kasan-gce 2020/05/28 22:06 upstream b0c3ba31be3e 0d951763 .config log report syz C
ci-upstream-kasan-gce-selinux-root 2020/05/21 21:34 upstream b85051e755b0 1f30020f .config log report syz C
ci-upstream-kasan-gce-root 2020/05/21 19:55 upstream b85051e755b0 1f30020f .config log report syz C
ci-upstream-kasan-gce-smack-root 2020/05/21 16:00 upstream b85051e755b0 1f30020f .config log report syz C
ci2-upstream-usb 2020/12/08 06:16 https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing 08a02f954b0d 51a9082e .config log report syz C
ci-upstream-linux-next-kasan-gce-root 2020/05/28 22:01 linux-next ff387fc20c69 0d951763 .config log report syz C
ci2-upstream-usb 2020/05/28 21:37 https://github.com/google/kasan.git usb-fuzzer d19c64b3d097 c7192a2f .config log report syz C
ci2-upstream-usb 2020/05/14 03:16 https://github.com/google/kasan.git usb-fuzzer 059e7e0ff26c a885920d .config log report syz C
ci-upstream-kasan-gce-386 2020/05/28 22:10 upstream b0c3ba31be3e 0d951763 .config log report syz
ci-upstream-kasan-gce-selinux-root 2022/07/17 05:52 upstream c658cabbfd32 95cb00d1 .config log report info WARNING in media_create_pad_link
ci-qemu-upstream 2022/07/09 04:23 upstream a471da3100ef b5765a15 .config log report info WARNING in media_create_pad_link
ci-upstream-kasan-gce 2022/07/09 00:03 upstream a471da3100ef b5765a15 .config log report info WARNING in media_create_pad_link
ci-upstream-kasan-gce 2022/02/22 18:19 upstream 038101e6b2cd 6e821dbf .config log report info WARNING in media_create_pad_link
ci-upstream-kasan-gce-root 2021/12/16 04:04 upstream 2b14864acbaa 572bcb40 .config log report info WARNING in media_create_pad_link
ci-upstream-kasan-gce-root 2021/04/12 23:31 upstream d434405aaab7 bfeda1b1 .config log report info WARNING in media_create_pad_link
ci-upstream-kasan-gce-smack-root 2021/04/02 18:15 upstream 1678e493d530 6a81331a .config log report info WARNING in media_create_pad_link
ci-upstream-kasan-gce 2021/04/02 13:53 upstream 1678e493d530 6a81331a .config log report info WARNING in media_create_pad_link
ci-upstream-kasan-gce 2021/04/02 11:00 upstream ffd9fb546d49 6a81331a .config log report info WARNING in media_create_pad_link
ci-upstream-kasan-gce-386 2022/07/09 03:21 upstream a471da3100ef b5765a15 .config log report info WARNING in media_create_pad_link
ci-upstream-kasan-gce-386 2022/01/15 11:18 upstream 112450df61b7 723cfaf0 .config log report info WARNING in media_create_pad_link
ci-upstream-kasan-gce-386 2021/05/13 23:57 upstream c06a2ba62fc4 80f9b418 .config log report info WARNING in media_create_pad_link
ci-upstream-kasan-gce-386 2021/05/10 05:38 upstream 6efb943b8616 bc5434be .config log report info WARNING in media_create_pad_link
ci-upstream-kasan-gce-386 2021/05/07 05:05 upstream d2b6f8a17919 06585184 .config log report info WARNING in media_create_pad_link
ci-upstream-kasan-gce-386 2021/04/02 16:11 upstream 1678e493d530 6a81331a .config log report info WARNING in media_create_pad_link
ci2-upstream-usb 2022/11/19 09:53 https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing dd65a243a915 5bb70014 .config log report info WARNING in media_create_pad_link
ci2-upstream-usb 2022/11/19 06:25 https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing dd65a243a915 5bb70014 .config log report info WARNING in media_create_pad_link
ci2-upstream-usb 2022/08/18 00:26 https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing ffcf9c5700e4 a9409d47 .config log report info WARNING in media_create_pad_link
ci2-upstream-usb 2022/07/28 15:10 https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing 8288c99fc263 fb95c74d .config log report info WARNING in media_create_pad_link
ci2-upstream-usb 2022/07/18 13:25 https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing c76d09da77d6 ff988920 .config log report info WARNING in media_create_pad_link
ci2-upstream-usb 2021/10/29 06:42 https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing 79a4479a17b8 be531bb4 .config log report info WARNING in media_create_pad_link
ci2-upstream-usb 2021/10/28 18:34 https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing 79a4479a17b8 be531bb4 .config log report info WARNING in media_create_pad_link
ci2-upstream-usb 2021/05/09 18:02 https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing 31a8503589c4 bc5434be .config log report info WARNING in media_create_pad_link
ci2-upstream-usb 2021/04/20 00:07 https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing 4b853c236c7b 4285c989 .config log report info WARNING in media_create_pad_link
ci2-upstream-usb 2021/04/15 16:07 https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing 4b853c236c7b fcdb12ba .config log report info WARNING in media_create_pad_link
ci2-upstream-usb 2021/04/11 10:51 https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing 3db53374405f 6a81331a .config log report info WARNING in media_create_pad_link
ci2-upstream-usb 2021/04/10 09:47 https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing 496960274153 6a81331a .config log report info WARNING in media_create_pad_link
ci-upstream-linux-next-kasan-gce-root 2021/04/02 11:44 linux-next 454c576c3f5e 6a81331a .config log report info WARNING in media_create_pad_link
ci2-upstream-usb 2021/04/02 11:37 https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing e5242861ec6a 6a81331a .config log report info WARNING in media_create_pad_link
ci2-upstream-usb 2021/03/24 06:21 https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing 049d3db625a6 e613994b .config log report info WARNING in media_create_pad_link
ci2-upstream-usb 2021/02/05 18:07 https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing 23e32a595e11 23a562df .config log report info WARNING in media_create_pad_link
ci2-upstream-usb 2021/02/01 01:47 https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing 3c648d3deb0f fc9fd31e .config log report info WARNING in media_create_pad_link
ci-upstream-kasan-gce-root 2020/08/14 15:59 upstream a1d21081a60d 424dd8e7 .config log report
ci-upstream-kasan-gce-selinux-root 2020/07/03 14:33 upstream cd77006e01b3 bed10395 .config log report
ci2-upstream-usb 2020/12/13 22:10 https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing a256e24021bf 8f160dd5 .config log report info
ci2-upstream-usb 2020/06/28 12:22 https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing b3a5ce874c26 a2cdad9d .config log report
ci2-upstream-usb 2020/06/16 14:49 https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing b3a9e3b9622a 4ea9d964 .config log report
ci2-upstream-usb 2020/06/12 17:08 https://github.com/google/kasan.git usb-fuzzer b791d1bdf921 3036d6fd .config log report
* Struck through repros no longer work on HEAD.