syzbot


KASAN: stack-out-of-bounds Write in ath9k_hif_usb_rx_cb
Status: upstream: reported C repro on 2020/03/30 18:21
Reported-by: syzbot+d403396d4df67ad0bd5f@syzkaller.appspotmail.com
Fix commit: ath9x: Fix stack-out-of-bounds Write in ath9k_hif_usb_rx_cb
Patched on: [ci-upstream-bpf-next-kasan-gce ci-upstream-linux-next-kasan-gce-root ci-upstream-net-kasan-gce], missing on: [ci-qemu-upstream ci-qemu-upstream-386 ci-upstream-bpf-kasan-gce ci-upstream-gce-leak ci-upstream-kasan-gce ci-upstream-kasan-gce-386 ci-upstream-kasan-gce-root ci-upstream-kasan-gce-selinux-root ci-upstream-kasan-gce-smack-root ci-upstream-kmsan-gce ci-upstream-kmsan-gce-386 ci-upstream-net-this-kasan-gce ci2-upstream-kcsan-gce ci2-upstream-usb]
First crash: 64d, last: 20h53m
Patch testing requests:
Created Duration User Patch Repo Result
2020/04/03 20:41 17m anenbupt@gmail.com patch https://github.com/google/kasan.git usb-fuzzer OK
2020/03/31 02:54 12m anenbupt@gmail.com patch https://github.com/google/kasan.git usb-fuzzer report log
2020/03/31 02:38 5m anenbupt@gmail.com patch https://github.com/google/kasan.git usb-fuzzer error

Sample crash report:

Crashes (40):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro Maintainers
ci2-upstream-usb 2020/05/28 23:43 https://github.com/google/kasan.git usb-fuzzer d19c64b3 c7192a2f .config log report syz C ath9k-devel@qca.qualcomm.com, davem@davemloft.net, kuba@kernel.org, kvalo@codeaurora.org, linux-kernel@vger.kernel.org, linux-wireless@vger.kernel.org, netdev@vger.kernel.org
ci2-upstream-usb 2020/03/30 17:45 https://github.com/google/kasan.git usb-fuzzer 0fa84af8 c8d1cc20 .config log report syz C ath9k-devel@qca.qualcomm.com, davem@davemloft.net, kvalo@codeaurora.org, linux-kernel@vger.kernel.org, linux-wireless@vger.kernel.org, netdev@vger.kernel.org
ci2-upstream-usb 2020/06/02 07:54 https://github.com/google/kasan.git usb-fuzzer 2089c6ed a0331e89 .config log report ath9k-devel@qca.qualcomm.com, davem@davemloft.net, kuba@kernel.org, kvalo@codeaurora.org, linux-kernel@vger.kernel.org, linux-wireless@vger.kernel.org, netdev@vger.kernel.org
ci2-upstream-usb 2020/05/31 17:01 https://github.com/google/kasan.git usb-fuzzer 2089c6ed a0331e89 .config log report ath9k-devel@qca.qualcomm.com, davem@davemloft.net, kuba@kernel.org, kvalo@codeaurora.org, linux-kernel@vger.kernel.org, linux-wireless@vger.kernel.org, netdev@vger.kernel.org
ci2-upstream-usb 2020/05/31 06:21 https://github.com/google/kasan.git usb-fuzzer 2089c6ed 6f3e1c7c .config log report ath9k-devel@qca.qualcomm.com, davem@davemloft.net, kuba@kernel.org, kvalo@codeaurora.org, linux-kernel@vger.kernel.org, linux-wireless@vger.kernel.org, netdev@vger.kernel.org
ci2-upstream-usb 2020/05/30 12:07 https://github.com/google/kasan.git usb-fuzzer 2089c6ed 954bd312 .config log report ath9k-devel@qca.qualcomm.com, davem@davemloft.net, kuba@kernel.org, kvalo@codeaurora.org, linux-kernel@vger.kernel.org, linux-wireless@vger.kernel.org, netdev@vger.kernel.org
ci2-upstream-usb 2020/05/29 19:44 https://github.com/google/kasan.git usb-fuzzer d19c64b3 bed08304 .config log report ath9k-devel@qca.qualcomm.com, davem@davemloft.net, kuba@kernel.org, kvalo@codeaurora.org, linux-kernel@vger.kernel.org, linux-wireless@vger.kernel.org, netdev@vger.kernel.org
ci2-upstream-usb 2020/05/29 15:33 https://github.com/google/kasan.git usb-fuzzer d19c64b3 bed08304 .config log report ath9k-devel@qca.qualcomm.com, davem@davemloft.net, kuba@kernel.org, kvalo@codeaurora.org, linux-kernel@vger.kernel.org, linux-wireless@vger.kernel.org, netdev@vger.kernel.org
ci2-upstream-usb 2020/05/29 07:21 https://github.com/google/kasan.git usb-fuzzer d19c64b3 d19ed305 .config log report ath9k-devel@qca.qualcomm.com, davem@davemloft.net, kuba@kernel.org, kvalo@codeaurora.org, linux-kernel@vger.kernel.org, linux-wireless@vger.kernel.org, netdev@vger.kernel.org
ci2-upstream-usb 2020/05/28 17:48 https://github.com/google/kasan.git usb-fuzzer d19c64b3 c7192a2f .config log report ath9k-devel@qca.qualcomm.com, davem@davemloft.net, kuba@kernel.org, kvalo@codeaurora.org, linux-kernel@vger.kernel.org, linux-wireless@vger.kernel.org, netdev@vger.kernel.org
ci2-upstream-usb 2020/05/28 11:13 https://github.com/google/kasan.git usb-fuzzer d19c64b3 9072c126 .config log report ath9k-devel@qca.qualcomm.com, davem@davemloft.net, kuba@kernel.org, kvalo@codeaurora.org, linux-kernel@vger.kernel.org, linux-wireless@vger.kernel.org, netdev@vger.kernel.org
ci2-upstream-usb 2020/05/27 21:26 https://github.com/google/kasan.git usb-fuzzer d19c64b3 9072c126 .config log report ath9k-devel@qca.qualcomm.com, davem@davemloft.net, kuba@kernel.org, kvalo@codeaurora.org, linux-kernel@vger.kernel.org, linux-wireless@vger.kernel.org, netdev@vger.kernel.org
ci2-upstream-usb 2020/05/26 08:27 https://github.com/google/kasan.git usb-fuzzer 806d8acc 8ca3b7d2 .config log report ath9k-devel@qca.qualcomm.com, davem@davemloft.net, kvalo@codeaurora.org, linux-kernel@vger.kernel.org, linux-wireless@vger.kernel.org, netdev@vger.kernel.org
ci2-upstream-usb 2020/05/25 23:33 https://github.com/google/kasan.git usb-fuzzer 806d8acc 73964a9b .config log report ath9k-devel@qca.qualcomm.com, davem@davemloft.net, kvalo@codeaurora.org, linux-kernel@vger.kernel.org, linux-wireless@vger.kernel.org, netdev@vger.kernel.org
ci2-upstream-usb 2020/05/25 15:56 https://github.com/google/kasan.git usb-fuzzer 806d8acc 73964a9b .config log report ath9k-devel@qca.qualcomm.com, davem@davemloft.net, kvalo@codeaurora.org, linux-kernel@vger.kernel.org, linux-wireless@vger.kernel.org, netdev@vger.kernel.org
ci2-upstream-usb 2020/05/24 14:54 https://github.com/google/kasan.git usb-fuzzer 806d8acc ce7ca010 .config log report ath9k-devel@qca.qualcomm.com, davem@davemloft.net, kvalo@codeaurora.org, linux-kernel@vger.kernel.org, linux-wireless@vger.kernel.org, netdev@vger.kernel.org
ci2-upstream-usb 2020/05/24 14:53 https://github.com/google/kasan.git usb-fuzzer 806d8acc ce7ca010 .config log report ath9k-devel@qca.qualcomm.com, davem@davemloft.net, kvalo@codeaurora.org, linux-kernel@vger.kernel.org, linux-wireless@vger.kernel.org, netdev@vger.kernel.org
ci2-upstream-usb 2020/05/24 07:01 https://github.com/google/kasan.git usb-fuzzer 806d8acc 96c92ad3 .config log report ath9k-devel@qca.qualcomm.com, davem@davemloft.net, kvalo@codeaurora.org, linux-kernel@vger.kernel.org, linux-wireless@vger.kernel.org, netdev@vger.kernel.org
ci2-upstream-usb 2020/05/24 04:55 https://github.com/google/kasan.git usb-fuzzer 806d8acc 96c92ad3 .config log report ath9k-devel@qca.qualcomm.com, davem@davemloft.net, kvalo@codeaurora.org, linux-kernel@vger.kernel.org, linux-wireless@vger.kernel.org, netdev@vger.kernel.org
ci2-upstream-usb 2020/05/23 21:10 https://github.com/google/kasan.git usb-fuzzer 806d8acc 4afdfa20 .config log report ath9k-devel@qca.qualcomm.com, davem@davemloft.net, kvalo@codeaurora.org, linux-kernel@vger.kernel.org, linux-wireless@vger.kernel.org, netdev@vger.kernel.org
ci2-upstream-usb 2020/05/23 09:58 https://github.com/google/kasan.git usb-fuzzer 806d8acc 4afdfa20 .config log report ath9k-devel@qca.qualcomm.com, davem@davemloft.net, kvalo@codeaurora.org, linux-kernel@vger.kernel.org, linux-wireless@vger.kernel.org, netdev@vger.kernel.org
ci2-upstream-usb 2020/05/23 09:41 https://github.com/google/kasan.git usb-fuzzer 806d8acc 4afdfa20 .config log report ath9k-devel@qca.qualcomm.com, davem@davemloft.net, kvalo@codeaurora.org, linux-kernel@vger.kernel.org, linux-wireless@vger.kernel.org, netdev@vger.kernel.org
ci2-upstream-usb 2020/05/23 00:48 https://github.com/google/kasan.git usb-fuzzer 806d8acc 4afdfa20 .config log report ath9k-devel@qca.qualcomm.com, davem@davemloft.net, kvalo@codeaurora.org, linux-kernel@vger.kernel.org, linux-wireless@vger.kernel.org, netdev@vger.kernel.org
ci2-upstream-usb 2020/05/22 09:24 https://github.com/google/kasan.git usb-fuzzer 806d8acc 4afdfa20 .config log report ath9k-devel@qca.qualcomm.com, davem@davemloft.net, kvalo@codeaurora.org, linux-kernel@vger.kernel.org, linux-wireless@vger.kernel.org, netdev@vger.kernel.org
ci2-upstream-usb 2020/05/22 07:39 https://github.com/google/kasan.git usb-fuzzer 806d8acc 4afdfa20 .config log report ath9k-devel@qca.qualcomm.com, davem@davemloft.net, kvalo@codeaurora.org, linux-kernel@vger.kernel.org, linux-wireless@vger.kernel.org, netdev@vger.kernel.org
ci2-upstream-usb 2020/05/21 07:39 https://github.com/google/kasan.git usb-fuzzer 806d8acc 4afdfa20 .config log report ath9k-devel@qca.qualcomm.com, davem@davemloft.net, kvalo@codeaurora.org, linux-kernel@vger.kernel.org, linux-wireless@vger.kernel.org, netdev@vger.kernel.org
ci2-upstream-usb 2020/05/19 01:02 https://github.com/google/kasan.git usb-fuzzer 806d8acc 684d3606 .config log report ath9k-devel@qca.qualcomm.com, davem@davemloft.net, kvalo@codeaurora.org, linux-kernel@vger.kernel.org, linux-wireless@vger.kernel.org, netdev@vger.kernel.org
ci2-upstream-usb 2020/05/18 12:17 https://github.com/google/kasan.git usb-fuzzer 806d8acc 24d91142 .config log report ath9k-devel@qca.qualcomm.com, davem@davemloft.net, kvalo@codeaurora.org, linux-kernel@vger.kernel.org, linux-wireless@vger.kernel.org, netdev@vger.kernel.org
ci2-upstream-usb 2020/05/12 14:06 https://github.com/google/kasan.git usb-fuzzer 059e7e0f a497a5b4 .config log report ath9k-devel@qca.qualcomm.com, davem@davemloft.net, kvalo@codeaurora.org, linux-kernel@vger.kernel.org, linux-wireless@vger.kernel.org, netdev@vger.kernel.org
ci2-upstream-usb 2020/05/11 04:04 https://github.com/google/kasan.git usb-fuzzer 059e7e0f 8742a2b9 .config log report ath9k-devel@qca.qualcomm.com, davem@davemloft.net, kvalo@codeaurora.org, linux-kernel@vger.kernel.org, linux-wireless@vger.kernel.org, netdev@vger.kernel.org
ci2-upstream-usb 2020/05/04 06:14 https://github.com/google/kasan.git usb-fuzzer 059e7e0f 58ae5e18 .config log report ath9k-devel@qca.qualcomm.com, davem@davemloft.net, kvalo@codeaurora.org, linux-kernel@vger.kernel.org, linux-wireless@vger.kernel.org, netdev@vger.kernel.org
ci2-upstream-usb 2020/04/28 05:31 https://github.com/google/kasan.git usb-fuzzer 059e7e0f 0ce7569e .config log report ath9k-devel@qca.qualcomm.com, davem@davemloft.net, kvalo@codeaurora.org, linux-kernel@vger.kernel.org, linux-wireless@vger.kernel.org, netdev@vger.kernel.org
ci2-upstream-usb 2020/04/24 01:47 https://github.com/google/kasan.git usb-fuzzer e9010320 b9233cab .config log report ath9k-devel@qca.qualcomm.com, davem@davemloft.net, kvalo@codeaurora.org, linux-kernel@vger.kernel.org, linux-wireless@vger.kernel.org, netdev@vger.kernel.org
ci2-upstream-usb 2020/04/20 12:36 https://github.com/google/kasan.git usb-fuzzer 0fa84af8 347a5dc3 .config log report ath9k-devel@qca.qualcomm.com, davem@davemloft.net, kvalo@codeaurora.org, linux-kernel@vger.kernel.org, linux-wireless@vger.kernel.org, netdev@vger.kernel.org
ci2-upstream-usb 2020/04/20 03:05 https://github.com/google/kasan.git usb-fuzzer 0fa84af8 9f7c6d12 .config log report ath9k-devel@qca.qualcomm.com, davem@davemloft.net, kvalo@codeaurora.org, linux-kernel@vger.kernel.org, linux-wireless@vger.kernel.org, netdev@vger.kernel.org
ci2-upstream-usb 2020/04/17 02:46 https://github.com/google/kasan.git usb-fuzzer 0fa84af8 c743fcb3 .config log report ath9k-devel@qca.qualcomm.com, davem@davemloft.net, kvalo@codeaurora.org, linux-kernel@vger.kernel.org, linux-wireless@vger.kernel.org, netdev@vger.kernel.org
ci2-upstream-usb 2020/04/14 00:45 https://github.com/google/kasan.git usb-fuzzer 0fa84af8 7c54686a .config log report ath9k-devel@qca.qualcomm.com, davem@davemloft.net, kvalo@codeaurora.org, linux-kernel@vger.kernel.org, linux-wireless@vger.kernel.org, netdev@vger.kernel.org
ci2-upstream-usb 2020/04/13 16:28 https://github.com/google/kasan.git usb-fuzzer 0fa84af8 17a986e5 .config log report ath9k-devel@qca.qualcomm.com, davem@davemloft.net, kvalo@codeaurora.org, linux-kernel@vger.kernel.org, linux-wireless@vger.kernel.org, netdev@vger.kernel.org
ci2-upstream-usb 2020/04/10 19:01 https://github.com/google/kasan.git usb-fuzzer 0fa84af8 a8c6a3f8 .config log report ath9k-devel@qca.qualcomm.com, davem@davemloft.net, kvalo@codeaurora.org, linux-kernel@vger.kernel.org, linux-wireless@vger.kernel.org, netdev@vger.kernel.org
ci2-upstream-usb 2020/03/30 17:20 https://github.com/google/kasan.git usb-fuzzer 0fa84af8 c8d1cc20 .config log report ath9k-devel@qca.qualcomm.com, davem@davemloft.net, kvalo@codeaurora.org, linux-kernel@vger.kernel.org, linux-wireless@vger.kernel.org, netdev@vger.kernel.org