syzbot

 sign-in | mailing list | source | docs
🐞 Open [973] Subsystems 🐞 Fixed [5226] 🐞 Invalid [12479] Missing Backports [82] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

general protection fault in device_del

Status: closed as invalid on 2019/05/14 12:46
Subsystems: usb
[Documentation on labels]
First crash: 1803d, last: 1803d
Similar bugs (2)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream general protection fault in device_del (2) usb C 1 1802d 1802d 0/26 closed as invalid on 2019/05/14 21:06
upstream general protection fault in device_del (3) usb C 286 1740d 1802d 0/26 closed as invalid on 2019/11/19 13:44

Sample crash report:
usb 1-1: USB disconnect, device number 2
kasan: CONFIG_KASAN_INLINE enabled
kasan: GPF could be caused by NULL-ptr deref or user memory access
general protection fault: 0000 [#1] SMP KASAN PTI
CPU: 0 PID: 2531 Comm: kworker/0:2 Not tainted 5.1.0-rc3+ #7
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Workqueue: usb_hub_wq hub_event
RIP: 0010:device_del+0x76/0xb90
Code: f1 f1 f1 f1 c7 40 04 00 07 f3 f3 65 48 8b 04 25 28 00 00 00 48 89 84 24 88 00 00 00 31 c0 e8 61 0a d6 fe 48 89 d8 48 c1 e8 03 <80> 3c 28 00 0f 85 82 0a 00 00 48 8b 03 4c 8d 63 60 31 f6 4c 8d 7b
RSP: 0018:ffff8881d19af7c0 EFLAGS: 00010246
RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
RDX: 0000000000000000 RSI: ffffffff82665dff RDI: 0000000000000000
RBP: dffffc0000000000 R08: ffff8881d193e000 R09: ffffed1039858b26
R10: ffffed1039858b25 R11: ffff8881cc2c592f R12: ffff8881cc2a4528
R13: ffff8881cc2c5860 R14: ffff8881cc2a4430 R15: 0000000000000000
FS:  0000000000000000(0000) GS:ffff8881db200000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00000000006cc0a0 CR3: 0000000006c26000 CR4: 00000000001406f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 device_unregister+0x11/0x30
 hdm_disconnect+0xdf/0x200
 usb_unbind_interface+0x1c4/0x8b0
 device_release_driver_internal+0x431/0x4f0
 bus_remove_device+0x2ee/0x4c0
 device_del+0x462/0xb90
 usb_disable_device+0x211/0x690
 usb_disconnect+0x284/0x840
 hub_event+0x13f8/0x35a0
 process_one_work+0x90a/0x1580
 worker_thread+0x96/0xe20
 kthread+0x30e/0x420
 ret_from_fork+0x3a/0x50
Modules linked in:
---[ end trace f7bd3ef06325c00e ]---
RIP: 0010:device_del+0x76/0xb90
Code: f1 f1 f1 f1 c7 40 04 00 07 f3 f3 65 48 8b 04 25 28 00 00 00 48 89 84 24 88 00 00 00 31 c0 e8 61 0a d6 fe 48 89 d8 48 c1 e8 03 <80> 3c 28 00 0f 85 82 0a 00 00 48 8b 03 4c 8d 63 60 31 f6 4c 8d 7b
RSP: 0018:ffff8881d19af7c0 EFLAGS: 00010246
RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
RDX: 0000000000000000 RSI: ffffffff82665dff RDI: 0000000000000000
RBP: dffffc0000000000 R08: ffff8881d193e000 R09: ffffed1039858b26
R10: ffffed1039858b25 R11: ffff8881cc2c592f R12: ffff8881cc2a4528
R13: ffff8881cc2c5860 R14: ffff8881cc2a4430 R15: 0000000000000000
FS:  0000000000000000(0000) GS:ffff8881db200000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00000000006cc0a0 CR3: 0000000006c26000 CR4: 00000000001406f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400

Crashes (4):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2019/05/13 23:28 https://github.com/google/kasan.git usb-fuzzer 43151d6c3fce 7c305b44 .config console log report syz C ci2-upstream-usb
2019/05/14 08:49 https://github.com/google/kasan.git usb-fuzzer 43151d6c3fce ada3c44c .config console log report ci2-upstream-usb
2019/05/13 23:18 https://github.com/google/kasan.git usb-fuzzer 43151d6c3fce 7c305b44 .config console log report ci2-upstream-usb
2019/05/13 23:10 https://github.com/google/kasan.git usb-fuzzer 43151d6c3fce 7c305b44 .config console log report ci2-upstream-usb
* Struck through repros no longer work on HEAD.