syzbot

 sign-in | mailing list | source | docs
🐞 Open [962] Subsystems 🐞 Fixed [4564] 🐞 Invalid [10526] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

WARNING in media_create_pad_link

Status: upstream: reported C repro on 2020/05/14 20:18
Labels: usb media (incorrect?)
Reported-by: syzbot+dd320d114deb3f5bb79b@syzkaller.appspotmail.com
First crash: 1117d, last: 4d10h

Cause bisection: introduced by (bisect log) :
commit f2c2e717642c66f7fe7e5dd69b2e8ff5849f4d10
Author: Andrey Konovalov <andreyknvl@google.com>
Date: Mon Feb 24 16:13:03 2020 +0000

  usb: gadget: add raw-gadget interface

Crash: KASAN: use-after-free Read in __media_entity_remove_links (log)
Repro: C syz .config

Fix bisection: fixed by (bisect log) :
commit adb6e6ac20eedcf1dce19dc75b224e63c0828ea1
Author: Bastien Nocera <hadess@hadess.net>
Date: Tue Aug 18 11:04:43 2020 +0000

  USB: Also match device drivers using the ->match vfunc

Discussions (3)
Title Replies (including bot) Last reply
[syzbot] Monthly media report (May 2023) 0 (1) 2023/05/31 12:40
[syzbot] Monthly media report 0 (1) 2023/03/30 09:59
WARNING in media_create_pad_link 0 (3) 2020/09/13 23:28
Similar bugs (2)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
linux-5.15 WARNING in media_create_pad_link origin:upstream C 7 28d 77d 0/3 upstream: reported C repro on 2023/03/20 02:06
linux-6.1 WARNING in media_create_pad_link origin:upstream C 2 27d 77d 0/3 upstream: reported C repro on 2023/03/20 05:39
Last patch testing requests (7)
Created Duration User Patch Repo Result
2023/05/31 02:30 12m retest repro upstream report log
2023/05/31 02:30 13m retest repro upstream report log
2023/05/31 02:30 23m retest repro upstream report log
2023/05/31 02:30 13m retest repro upstream report log
2023/05/31 02:31 11m retest repro upstream report log
2023/05/31 02:30 13m retest repro upstream report log
2023/05/31 02:31 12m retest repro upstream report log

Sample crash report:
usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
usb 5-1: New USB device found, idVendor=0bd3, idProduct=0555, bcdDevice=69.6a
usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
usb 5-1: config 0 descriptor??
usb 5-1: string descriptor 0 read error: -71
usb 5-1: Found UVC 0.00 device <unnamed> (0bd3:0555)
uvcvideo 5-1:0.0: Entity type for entity Output 255 was not initialized!
------------[ cut here ]------------
WARNING: CPU: 1 PID: 4582 at drivers/media/mc/mc-entity.c:1092 media_create_pad_link+0x500/0x650 drivers/media/mc/mc-entity.c:1092
Modules linked in:
CPU: 1 PID: 4582 Comm: kworker/1:2 Not tainted 6.4.0-rc4-syzkaller-00051-g48b1320a674e #0
Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014
Workqueue: usb_hub_wq hub_event
RIP: 0010:media_create_pad_link+0x500/0x650 drivers/media/mc/mc-entity.c:1092
Code: bc ea ff ff ff eb da e8 0e 7c d6 fa 0f 0b 41 bc ea ff ff ff eb cb e8 ff 7b d6 fa 0f 0b 41 bc ea ff ff ff eb bc e8 f0 7b d6 fa <0f> 0b 41 bc ea ff ff ff eb ad e8 e1 7b d6 fa 0f 0b 41 bc ea ff ff
RSP: 0018:ffffc900016e6ef8 EFLAGS: 00010293
RAX: 0000000000000000 RBX: ffff888023c4d080 RCX: 0000000000000000
RDX: ffff888023ef8a80 RSI: ffffffff86ace950 RDI: 0000000000000007
RBP: ffff8880254cf880 R08: 0000000000000007 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000005 R12: 0000000000000000
R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000000
FS:  0000000000000000(0000) GS:ffff88806b700000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007ffe6a8ecff8 CR3: 000000000c571000 CR4: 0000000000350ee0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <TASK>
 uvc_mc_create_links drivers/media/usb/uvc/uvc_entity.c:50 [inline]
 uvc_mc_register_entities+0x629/0xaa0 drivers/media/usb/uvc/uvc_entity.c:151
 uvc_register_chains drivers/media/usb/uvc/uvc_driver.c:2047 [inline]
 uvc_probe+0x2616/0x80a0 drivers/media/usb/uvc/uvc_driver.c:2184
 usb_probe_interface+0x30f/0x960 drivers/usb/core/driver.c:396
 call_driver_probe drivers/base/dd.c:579 [inline]
 really_probe+0x240/0xca0 drivers/base/dd.c:658
 __driver_probe_device+0x1df/0x4b0 drivers/base/dd.c:800
 driver_probe_device+0x4c/0x1a0 drivers/base/dd.c:830
 __device_attach_driver+0x1d4/0x2e0 drivers/base/dd.c:958
 bus_for_each_drv+0x149/0x1d0 drivers/base/bus.c:457
 __device_attach+0x1e4/0x4b0 drivers/base/dd.c:1030
 bus_probe_device+0x17c/0x1c0 drivers/base/bus.c:532
 device_add+0x112d/0x1a40 drivers/base/core.c:3625
 usb_set_configuration+0x1196/0x1bc0 drivers/usb/core/message.c:2211
 usb_generic_driver_probe+0xcf/0x130 drivers/usb/core/generic.c:238
 usb_probe_device+0xd8/0x2c0 drivers/usb/core/driver.c:293
 call_driver_probe drivers/base/dd.c:579 [inline]
 really_probe+0x240/0xca0 drivers/base/dd.c:658
 __driver_probe_device+0x1df/0x4b0 drivers/base/dd.c:800
 driver_probe_device+0x4c/0x1a0 drivers/base/dd.c:830
 __device_attach_driver+0x1d4/0x2e0 drivers/base/dd.c:958
 bus_for_each_drv+0x149/0x1d0 drivers/base/bus.c:457
 __device_attach+0x1e4/0x4b0 drivers/base/dd.c:1030
 bus_probe_device+0x17c/0x1c0 drivers/base/bus.c:532
 device_add+0x112d/0x1a40 drivers/base/core.c:3625
 usb_new_device+0xcb2/0x19d0 drivers/usb/core/hub.c:2575
 hub_port_connect drivers/usb/core/hub.c:5407 [inline]
 hub_port_connect_change drivers/usb/core/hub.c:5551 [inline]
 port_event drivers/usb/core/hub.c:5711 [inline]
 hub_event+0x2d9e/0x4e40 drivers/usb/core/hub.c:5793
 process_one_work+0x99a/0x15e0 kernel/workqueue.c:2405
 worker_thread+0x67d/0x10c0 kernel/workqueue.c:2552
 kthread+0x344/0x440 kernel/kthread.c:379
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:308
 </TASK>

Crashes (88):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets Manager Title
2023/05/31 20:15 upstream 48b1320a674e e2a77acd .config console log report syz C [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream WARNING in media_create_pad_link
2023/03/20 02:10 upstream 5cdfdd6da323 7939252e .config strace log report syz C [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce WARNING in media_create_pad_link
2023/03/20 01:36 upstream 5cdfdd6da323 7939252e .config strace log report syz C [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root WARNING in media_create_pad_link
2022/11/10 01:20 upstream f141df371335 5fa28208 .config strace log report syz C [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING in media_create_pad_link
2022/11/10 00:46 upstream f141df371335 5fa28208 .config strace log report syz C [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root WARNING in media_create_pad_link
2022/10/10 20:39 upstream 4899a36f91a9 aea5da89 .config strace log report syz C [disk image] [vmlinux] ci-upstream-kasan-gce-smack-root WARNING in media_create_pad_link
2022/10/10 18:54 upstream 4899a36f91a9 aea5da89 .config strace log report syz C [disk image] [vmlinux] ci-upstream-kasan-gce-smack-root WARNING in media_create_pad_link
2022/10/10 18:22 upstream 4899a36f91a9 aea5da89 .config strace log report syz C [disk image] [vmlinux] ci-upstream-kasan-gce-smack-root WARNING in media_create_pad_link
2022/08/07 12:51 upstream 200e340f2196 88e3a122 .config strace log report syz C ci-upstream-kasan-gce-root WARNING in media_create_pad_link
2022/08/07 11:06 upstream 200e340f2196 88e3a122 .config strace log report syz C ci-upstream-kasan-gce-root WARNING in media_create_pad_link
2022/08/07 10:36 upstream 200e340f2196 88e3a122 .config strace log report syz C ci-upstream-kasan-gce-root WARNING in media_create_pad_link
2022/07/09 14:40 upstream e5524c2a1fc4 b5765a15 .config strace log report syz C ci-upstream-kasan-gce WARNING in media_create_pad_link
2022/07/09 08:11 upstream a471da3100ef b5765a15 .config strace log report syz C ci-upstream-kasan-gce WARNING in media_create_pad_link
2022/07/09 01:01 upstream a471da3100ef b5765a15 .config strace log report syz C ci-upstream-kasan-gce-selinux-root WARNING in media_create_pad_link
2022/07/09 00:31 upstream a471da3100ef b5765a15 .config strace log report syz C ci-upstream-kasan-gce-root WARNING in media_create_pad_link
2022/07/09 00:30 upstream a471da3100ef b5765a15 .config strace log report syz C ci-upstream-kasan-gce WARNING in media_create_pad_link
2022/03/13 08:21 upstream aad611a868d1 9e8eaa75 .config console log report syz C ci-qemu-upstream WARNING in media_create_pad_link
2022/03/04 20:07 upstream 38f80f42147f 45a13a73 .config console log report syz C ci-qemu-upstream WARNING in media_create_pad_link
2022/02/21 18:41 upstream cfb92440ee71 3cd800e4 .config console log report syz C ci-upstream-kasan-gce-selinux-root WARNING in media_create_pad_link
2022/01/06 05:43 upstream 49ef78e59b07 6acc789a .config console log report syz C ci-upstream-kasan-gce-smack-root WARNING in media_create_pad_link
2021/12/20 17:08 upstream a7904a538933 021b36cb .config console log report syz C ci-upstream-kasan-gce-root WARNING in media_create_pad_link
2021/07/08 07:00 upstream 3dbdb38e2869 95793bce .config console log report syz C ci-upstream-kasan-gce-selinux-root WARNING in media_create_pad_link
2021/06/20 17:36 upstream 913ec3c22ef4 aba2b2fb .config console log report syz C ci-upstream-kasan-gce WARNING in media_create_pad_link
2021/05/29 07:46 upstream 5ff2756afde0 858ea628 .config console log report syz C ci-upstream-kasan-gce-smack-root WARNING in media_create_pad_link
2021/05/26 11:56 upstream ad9f25d33860 54f0bcf1 .config console log report syz C ci-upstream-kasan-gce-root WARNING in media_create_pad_link
2022/09/17 01:11 linux-next e47eb90a0a9a dd9a85ff .config strace log report syz C [disk image] [vmlinux] ci-upstream-linux-next-kasan-gce-root WARNING in media_create_pad_link
2022/09/16 23:30 linux-next e47eb90a0a9a dd9a85ff .config strace log report syz C [disk image] [vmlinux] ci-upstream-linux-next-kasan-gce-root WARNING in media_create_pad_link
2022/09/16 22:58 linux-next e47eb90a0a9a dd9a85ff .config strace log report syz C [disk image] [vmlinux] ci-upstream-linux-next-kasan-gce-root WARNING in media_create_pad_link
2021/06/20 00:46 linux-next a1f92694393a aba2b2fb .config console log report syz C ci-upstream-linux-next-kasan-gce-root WARNING in media_create_pad_link
2023/03/20 02:05 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci fe15c26ee26e 7939252e .config console log report syz C [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 WARNING in media_create_pad_link
2020/05/29 22:00 upstream 75caf310d16c 3905eaae .config console log report syz C ci-upstream-kasan-gce-root
2020/05/28 22:06 upstream b0c3ba31be3e 0d951763 .config console log report syz C ci-upstream-kasan-gce
2020/05/21 21:34 upstream b85051e755b0 1f30020f .config console log report syz C ci-upstream-kasan-gce-selinux-root
2020/05/21 19:55 upstream b85051e755b0 1f30020f .config console log report syz C ci-upstream-kasan-gce-root
2020/05/21 16:00 upstream b85051e755b0 1f30020f .config console log report syz C ci-upstream-kasan-gce-smack-root
2020/12/08 06:16 https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing 08a02f954b0d 51a9082e .config console log report syz C ci2-upstream-usb
2020/05/28 22:01 linux-next ff387fc20c69 0d951763 .config console log report syz C ci-upstream-linux-next-kasan-gce-root
2020/05/28 21:37 https://github.com/google/kasan.git usb-fuzzer d19c64b3d097 c7192a2f .config console log report syz C ci2-upstream-usb
2020/05/14 03:16 https://github.com/google/kasan.git usb-fuzzer 059e7e0ff26c a885920d .config console log report syz C ci2-upstream-usb
2020/05/28 22:10 upstream b0c3ba31be3e 0d951763 .config console log report syz ci-upstream-kasan-gce-386
2023/03/22 02:30 upstream 2faac9a98f01 8b4eb097 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root WARNING in media_create_pad_link
2023/03/20 08:47 upstream e8d018dd0257 7939252e .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root WARNING in media_create_pad_link
2023/03/20 01:00 upstream 5cdfdd6da323 7939252e .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root WARNING in media_create_pad_link
2022/07/17 05:52 upstream c658cabbfd32 95cb00d1 .config console log report info ci-upstream-kasan-gce-selinux-root WARNING in media_create_pad_link
2022/07/09 04:23 upstream a471da3100ef b5765a15 .config console log report info ci-qemu-upstream WARNING in media_create_pad_link
2022/07/09 00:03 upstream a471da3100ef b5765a15 .config console log report info ci-upstream-kasan-gce WARNING in media_create_pad_link
2022/02/22 18:19 upstream 038101e6b2cd 6e821dbf .config console log report info ci-upstream-kasan-gce WARNING in media_create_pad_link
2021/12/16 04:04 upstream 2b14864acbaa 572bcb40 .config console log report info ci-upstream-kasan-gce-root WARNING in media_create_pad_link
2021/04/12 23:31 upstream d434405aaab7 bfeda1b1 .config console log report info ci-upstream-kasan-gce-root WARNING in media_create_pad_link
2021/04/02 18:15 upstream 1678e493d530 6a81331a .config console log report info ci-upstream-kasan-gce-smack-root WARNING in media_create_pad_link
2021/04/02 13:53 upstream 1678e493d530 6a81331a .config console log report info ci-upstream-kasan-gce WARNING in media_create_pad_link
2021/04/02 11:00 upstream ffd9fb546d49 6a81331a .config console log report info ci-upstream-kasan-gce WARNING in media_create_pad_link
2022/07/09 03:21 upstream a471da3100ef b5765a15 .config console log report info ci-upstream-kasan-gce-386 WARNING in media_create_pad_link
2022/01/15 11:18 upstream 112450df61b7 723cfaf0 .config console log report info ci-upstream-kasan-gce-386 WARNING in media_create_pad_link
2021/05/13 23:57 upstream c06a2ba62fc4 80f9b418 .config console log report info ci-upstream-kasan-gce-386 WARNING in media_create_pad_link
2021/05/10 05:38 upstream 6efb943b8616 bc5434be .config console log report info ci-upstream-kasan-gce-386 WARNING in media_create_pad_link
2021/05/07 05:05 upstream d2b6f8a17919 06585184 .config console log report info ci-upstream-kasan-gce-386 WARNING in media_create_pad_link
2021/04/02 16:11 upstream 1678e493d530 6a81331a .config console log report info ci-upstream-kasan-gce-386 WARNING in media_create_pad_link
2022/12/11 11:44 https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing 81c25247a2a0 67be1ae7 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-usb WARNING in media_create_pad_link
2022/11/19 09:53 https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing dd65a243a915 5bb70014 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-usb WARNING in media_create_pad_link
2022/11/19 06:25 https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing dd65a243a915 5bb70014 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-usb WARNING in media_create_pad_link
2022/08/18 00:26 https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing ffcf9c5700e4 a9409d47 .config console log report info ci2-upstream-usb WARNING in media_create_pad_link
2022/07/28 15:10 https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing 8288c99fc263 fb95c74d .config console log report info ci2-upstream-usb WARNING in media_create_pad_link
2022/07/18 13:25 https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing c76d09da77d6 ff988920 .config console log report info ci2-upstream-usb WARNING in media_create_pad_link
2021/10/29 06:42 https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing 79a4479a17b8 be531bb4 .config console log report info ci2-upstream-usb WARNING in media_create_pad_link
2021/10/28 18:34 https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing 79a4479a17b8 be531bb4 .config console log report info ci2-upstream-usb WARNING in media_create_pad_link
2021/05/09 18:02 https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing 31a8503589c4 bc5434be .config console log report info ci2-upstream-usb WARNING in media_create_pad_link
2021/04/20 00:07 https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing 4b853c236c7b 4285c989 .config console log report info ci2-upstream-usb WARNING in media_create_pad_link
2021/04/15 16:07 https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing 4b853c236c7b fcdb12ba .config console log report info ci2-upstream-usb WARNING in media_create_pad_link
2021/04/11 10:51 https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing 3db53374405f 6a81331a .config console log report info ci2-upstream-usb WARNING in media_create_pad_link
2021/04/10 09:47 https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing 496960274153 6a81331a .config console log report info ci2-upstream-usb WARNING in media_create_pad_link
2021/04/02 11:44 linux-next 454c576c3f5e 6a81331a .config console log report info ci-upstream-linux-next-kasan-gce-root WARNING in media_create_pad_link
2021/04/02 11:37 https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing e5242861ec6a 6a81331a .config console log report info ci2-upstream-usb WARNING in media_create_pad_link
2021/03/24 06:21 https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing 049d3db625a6 e613994b .config console log report info ci2-upstream-usb WARNING in media_create_pad_link
2021/02/05 18:07 https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing 23e32a595e11 23a562df .config console log report info ci2-upstream-usb WARNING in media_create_pad_link
2021/02/01 01:47 https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing 3c648d3deb0f fc9fd31e .config console log report info ci2-upstream-usb WARNING in media_create_pad_link
2020/08/14 15:59 upstream a1d21081a60d 424dd8e7 .config console log report ci-upstream-kasan-gce-root
2020/07/03 14:33 upstream cd77006e01b3 bed10395 .config console log report ci-upstream-kasan-gce-selinux-root
2020/12/13 22:10 https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing a256e24021bf 8f160dd5 .config console log report info ci2-upstream-usb
2020/06/28 12:22 https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing b3a5ce874c26 a2cdad9d .config console log report ci2-upstream-usb
2020/06/16 14:49 https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing b3a9e3b9622a 4ea9d964 .config console log report ci2-upstream-usb
2020/06/12 17:08 https://github.com/google/kasan.git usb-fuzzer b791d1bdf921 3036d6fd .config console log report ci2-upstream-usb
* Struck through repros no longer work on HEAD.