syzbot

 sign-in | mailing list | source | docs
🐞 Open [1139] 🐞 Fixed [4217] 🐞 Invalid [9347] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes

WARNING in smsusb_start_streaming/usb_submit_urb

Status: upstream: reported C repro on 2019/08/21 12:58
Reported-by: syzbot+12002a39b8c60510f8fb@syzkaller.appspotmail.com
First crash: 1204d, last: 7d09h

Cause bisection: failed (bisect log)

Fix bisection: the fix commit could be any of (bisect log):
  3dbdb38e2869 Merge branch 'for-5.14' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/cgroup
  70664fc10c0d Merge tag 'riscv-for-linus-5.19-rc8' of git://git.kernel.org/pub/scm/linux/kernel/git/riscv/linux
Patch testing requests:
Created Duration User Patch Repo Result
2022/09/30 21:30 10m retest repro https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing report log
2022/09/30 21:30 23m retest repro upstream report log

Sample crash report:
smsusb:smsusb_probe: board id=2, interface number 0
smsusb:siano_media_device_register: media controller created
------------[ cut here ]------------
usb 5-1: BOGUS urb xfer, pipe 3 != type 1
WARNING: CPU: 1 PID: 967 at drivers/usb/core/urb.c:502 usb_submit_urb+0xed2/0x18a0 drivers/usb/core/urb.c:502
Modules linked in:
CPU: 1 PID: 967 Comm: kworker/1:2 Not tainted 5.17.0-syzkaller-10734-gcb7cbaae7fd9 #0
Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014
Workqueue: usb_hub_wq hub_event
RIP: 0010:usb_submit_urb+0xed2/0x18a0 drivers/usb/core/urb.c:502
Code: 7c 24 18 e8 80 a4 01 fc 48 8b 7c 24 18 e8 d6 b3 05 ff 41 89 d8 44 89 e1 4c 89 ea 48 89 c6 48 c7 c7 e0 f3 6a 8a e8 8e 45 a3 03 <0f> 0b e9 58 f8 ff ff e8 52 a4 01 fc 48 81 c5 48 06 00 00 e9 84 f7
RSP: 0018:ffffc90004d7ee18 EFLAGS: 00010282
RAX: 0000000000000000 RBX: 0000000000000001 RCX: 0000000000000000
RDX: ffff88801b5c8280 RSI: ffffffff815f4e58 RDI: fffff520009afdb5
RBP: ffff888013f7a050 R08: 0000000000000000 R09: 0000000000000001
R10: ffffffff815ef81e R11: 0000000000000000 R12: 0000000000000003
R13: ffff888019130700 R14: 0000000000000003 R15: ffff888024398030
FS:  0000000000000000(0000) GS:ffff88802cb00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f37316956a8 CR3: 0000000025fbc000 CR4: 0000000000150ee0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <TASK>
 smsusb_submit_urb drivers/media/usb/siano/smsusb.c:173 [inline]
 smsusb_start_streaming+0x2b2/0x329 drivers/media/usb/siano/smsusb.c:195
 smsusb_init_device+0x9a3/0xb07 drivers/media/usb/siano/smsusb.c:475
 smsusb_probe+0xd8f/0xe2c drivers/media/usb/siano/smsusb.c:566
 usb_probe_interface+0x315/0x7f0 drivers/usb/core/driver.c:396
 call_driver_probe drivers/base/dd.c:517 [inline]
 really_probe+0x245/0xcc0 drivers/base/dd.c:596
 __driver_probe_device+0x338/0x4d0 drivers/base/dd.c:755
 driver_probe_device+0x4c/0x1a0 drivers/base/dd.c:785
 __device_attach_driver+0x20b/0x2f0 drivers/base/dd.c:902
 bus_for_each_drv+0x15f/0x1e0 drivers/base/bus.c:427
 __device_attach+0x228/0x4a0 drivers/base/dd.c:973
 bus_probe_device+0x1e4/0x290 drivers/base/bus.c:487
 device_add+0xb83/0x1e20 drivers/base/core.c:3405
 usb_set_configuration+0x101e/0x1900 drivers/usb/core/message.c:2170
 usb_generic_driver_probe+0xba/0x100 drivers/usb/core/generic.c:238
 usb_probe_device+0xd9/0x2c0 drivers/usb/core/driver.c:293
 call_driver_probe drivers/base/dd.c:517 [inline]
 really_probe+0x245/0xcc0 drivers/base/dd.c:596
 __driver_probe_device+0x338/0x4d0 drivers/base/dd.c:755
 driver_probe_device+0x4c/0x1a0 drivers/base/dd.c:785
 __device_attach_driver+0x20b/0x2f0 drivers/base/dd.c:902
 bus_for_each_drv+0x15f/0x1e0 drivers/base/bus.c:427
 __device_attach+0x228/0x4a0 drivers/base/dd.c:973
 bus_probe_device+0x1e4/0x290 drivers/base/bus.c:487
 device_add+0xb83/0x1e20 drivers/base/core.c:3405
 usb_new_device.cold+0x641/0x1091 drivers/usb/core/hub.c:2566
 hub_port_connect drivers/usb/core/hub.c:5358 [inline]
 hub_port_connect_change drivers/usb/core/hub.c:5502 [inline]
 port_event drivers/usb/core/hub.c:5660 [inline]
 hub_event+0x25c6/0x4680 drivers/usb/core/hub.c:5742
 process_one_work+0x996/0x1610 kernel/workqueue.c:2289
 worker_thread+0x665/0x1080 kernel/workqueue.c:2436
 kthread+0x2e9/0x3a0 kernel/kthread.c:376
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:295
 </TASK>

Crashes (80):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Title
ci-qemu-upstream 2022/03/26 12:43 upstream cb7cbaae7fd9 89bc8608 .config log report syz C WARNING in smsusb_start_streaming/usb_submit_urb
ci-qemu-upstream 2022/03/04 18:58 upstream 38f80f42147f 45a13a73 .config log report syz C WARNING in smsusb_start_streaming/usb_submit_urb
ci-upstream-kasan-gce-selinux-root 2021/07/08 11:35 upstream 3dbdb38e2869 95793bce .config log report syz C WARNING in smsusb_start_streaming/usb_submit_urb
ci-upstream-kasan-gce-smack-root 2021/05/29 11:42 upstream 5ff2756afde0 858ea628 .config log report syz C WARNING in smsusb_start_streaming/usb_submit_urb
ci-upstream-kasan-gce-root 2021/05/26 15:47 upstream ad9f25d33860 54f0bcf1 .config log report syz C WARNING in smsusb_start_streaming/usb_submit_urb
ci-upstream-linux-next-kasan-gce-root 2021/06/20 05:07 linux-next a1f92694393a aba2b2fb .config log report syz C WARNING in smsusb_start_streaming/usb_submit_urb
ci2-upstream-usb 2020/12/08 10:10 https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing 08a02f954b0d 9af51e31 .config log report syz C
ci2-upstream-usb 2020/05/14 01:52 https://github.com/google/kasan.git usb-fuzzer 059e7e0ff26c a885920d .config log report syz C
ci2-upstream-usb 2020/02/29 16:23 https://github.com/google/kasan.git usb-fuzzer d6ff8147a51c c88c7b75 .config log report syz C
ci2-upstream-usb 2020/02/25 03:27 https://github.com/google/kasan.git usb-fuzzer d6ff8147a51c 59b57593 .config log report syz C
ci2-upstream-usb 2020/01/25 00:47 https://github.com/google/kasan.git usb-fuzzer cd234325a5f1 2e95ab33 .config log report syz C
ci2-upstream-usb 2019/12/16 23:26 https://github.com/google/kasan.git usb-fuzzer 4cc037ecf2cb 0ae38e44 .config log report syz C
ci2-upstream-usb 2019/12/12 23:40 https://github.com/google/kasan.git usb-fuzzer 4cc037ecf2cb 08003f64 .config log report syz C
ci2-upstream-usb 2019/11/06 23:45 https://github.com/google/kasan.git usb-fuzzer d60bbfea36c1 da505f84 .config log report syz C
ci2-upstream-usb 2019/11/06 09:03 https://github.com/google/kasan.git usb-fuzzer b1aa9d834830 bc2c6e45 .config log report syz C
ci2-upstream-usb 2019/09/21 10:56 https://github.com/google/kasan.git usb-fuzzer e0bd8d794fc9 d96e88f3 .config log report syz C
ci2-upstream-usb 2019/09/01 11:43 https://github.com/google/kasan.git usb-fuzzer eea39f24f4a5 bad3cce2 .config log report syz C
ci2-upstream-usb 2019/08/20 22:24 https://github.com/google/kasan.git usb-fuzzer eea39f24f4a5 6b8391d0 .config log report syz C
ci-upstream-kasan-gce-root 2022/10/27 17:46 upstream 98555239e4c3 86777b7f .config log report syz WARNING in smsusb_start_streaming/usb_submit_urb
ci-upstream-kasan-gce 2022/10/16 18:42 upstream 55be6084c8e0 67cb024c .config log report syz WARNING in smsusb_start_streaming/usb_submit_urb
ci-upstream-linux-next-kasan-gce-root 2022/11/29 23:54 linux-next 9e46a7996732 05dc7993 .config log report syz WARNING in smsusb_start_streaming/usb_submit_urb
ci2-upstream-usb 2022/10/16 18:24 https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing a6afa4199d3d 67cb024c .config log report syz WARNING in smsusb_start_streaming/usb_submit_urb
ci-upstream-gce-arm64 2022/10/16 19:35 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci bbed346d5a96 67cb024c .config log report syz WARNING in smsusb_start_streaming/usb_submit_urb
ci-upstream-kasan-gce-root 2021/05/14 14:00 upstream 315d99318179 8bdd5343 .config log report info WARNING in smsusb_start_streaming/usb_submit_urb
ci-upstream-kasan-gce-smack-root 2021/05/11 02:39 upstream 0aa099a312b6 ca873091 .config log report info WARNING in smsusb_start_streaming/usb_submit_urb
ci-upstream-kasan-gce-smack-root 2021/05/11 02:39 upstream 0aa099a312b6 ca873091 .config log report info WARNING in smsusb_start_streaming/usb_submit_urb
ci-upstream-kasan-gce-selinux-root 2021/05/11 02:38 upstream 0aa099a312b6 ca873091 .config log report info WARNING in smsusb_start_streaming/usb_submit_urb
ci-upstream-kasan-gce-selinux-root 2021/05/11 02:37 upstream 0aa099a312b6 ca873091 .config log report info WARNING in smsusb_start_streaming/usb_submit_urb
ci-upstream-kasan-gce-selinux-root 2021/05/11 02:36 upstream 0aa099a312b6 ca873091 .config log report info WARNING in smsusb_start_streaming/usb_submit_urb
ci-upstream-kasan-gce 2021/05/11 02:34 upstream 0aa099a312b6 ca873091 .config log report info WARNING in smsusb_start_streaming/usb_submit_urb
ci-upstream-kasan-gce 2021/05/11 02:34 upstream 0aa099a312b6 ca873091 .config log report info WARNING in smsusb_start_streaming/usb_submit_urb
ci-upstream-kasan-gce 2021/05/11 02:33 upstream 0aa099a312b6 ca873091 .config log report info WARNING in smsusb_start_streaming/usb_submit_urb
ci-upstream-kasan-gce-386 2021/05/11 02:37 upstream 0aa099a312b6 ca873091 .config log report info WARNING in smsusb_start_streaming/usb_submit_urb
ci-upstream-kasan-gce-386 2021/05/11 02:36 upstream 0aa099a312b6 ca873091 .config log report info WARNING in smsusb_start_streaming/usb_submit_urb
ci-upstream-kasan-gce-386 2021/05/11 02:36 upstream 0aa099a312b6 ca873091 .config log report info WARNING in smsusb_start_streaming/usb_submit_urb
ci2-upstream-usb 2022/10/16 17:37 https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing a6afa4199d3d 67cb024c .config log report info WARNING in smsusb_start_streaming/usb_submit_urb
ci2-upstream-usb 2022/06/22 20:51 https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing 105f3fd2f789 912f5df7 .config log report info WARNING in smsusb_start_streaming/usb_submit_urb
ci2-upstream-usb 2022/05/18 06:59 https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing 74f55a62c4c3 744a39e2 .config log report info WARNING in smsusb_start_streaming/usb_submit_urb
ci2-upstream-usb 2021/12/21 04:48 https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing 236c9ad1f870 62bd192b .config log report info WARNING in smsusb_start_streaming/usb_submit_urb
ci-upstream-linux-next-kasan-gce-root 2021/05/14 13:58 linux-next cd557f1c605f 8bdd5343 .config log report info WARNING in smsusb_start_streaming/usb_submit_urb
ci2-upstream-usb 2021/05/11 02:34 https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing 4676be28a46e ca873091 .config log report info WARNING in smsusb_start_streaming/usb_submit_urb
ci2-upstream-usb 2021/05/11 02:34 https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing 4676be28a46e ca873091 .config log report info WARNING in smsusb_start_streaming/usb_submit_urb
ci-upstream-linux-next-kasan-gce-root 2021/05/11 02:33 linux-next e6f67ebd93ef ca873091 .config log report info WARNING in smsusb_start_streaming/usb_submit_urb
ci-upstream-linux-next-kasan-gce-root 2021/05/11 02:33 linux-next e6f67ebd93ef ca873091 .config log report info WARNING in smsusb_start_streaming/usb_submit_urb
ci-upstream-linux-next-kasan-gce-root 2021/05/11 02:33 linux-next e6f67ebd93ef ca873091 .config log report info WARNING in smsusb_start_streaming/usb_submit_urb
ci2-upstream-usb 2020/03/29 21:08 https://github.com/google/kasan.git usb-fuzzer 0fa84af850a4 05736b29 .config log report
ci2-upstream-usb 2019/12/15 01:05 https://github.com/google/kasan.git usb-fuzzer 4cc037ecf2cb eef6e580 .config log report
ci2-upstream-usb 2019/12/13 20:27 https://github.com/google/kasan.git usb-fuzzer 4cc037ecf2cb a5c1ab05 .config log report
ci2-upstream-usb 2019/11/05 04:56 https://github.com/google/kasan.git usb-fuzzer 16bfd2aef585 76630fc9 .config log report
ci2-upstream-usb 2019/09/16 10:06 https://github.com/google/kasan.git usb-fuzzer f0df5c1be1e9 55c50e70 .config log report
ci2-upstream-usb 2019/09/13 23:17 https://github.com/google/kasan.git usb-fuzzer f0df5c1be1e9 32d59357 .config log report
ci2-upstream-usb 2019/09/07 16:38 https://github.com/google/kasan.git usb-fuzzer f0df5c1be1e9 a60cb4cd .config log report
ci2-upstream-usb 2019/09/06 10:48 https://github.com/google/kasan.git usb-fuzzer f0df5c1be1e9 c16be727 .config log report
ci2-upstream-usb 2019/09/02 17:13 https://github.com/google/kasan.git usb-fuzzer eea39f24f4a5 14544a56 .config log report
ci2-upstream-usb 2019/08/29 02:04 https://github.com/google/kasan.git usb-fuzzer eea39f24f4a5 40203c15 .config log report
ci2-upstream-usb 2019/08/27 01:08 https://github.com/google/kasan.git usb-fuzzer eea39f24f4a5 d21c5d9d .config log report
ci2-upstream-usb 2019/08/21 17:03 https://github.com/google/kasan.git usb-fuzzer eea39f24f4a5 4ea67ff8 .config log report
ci2-upstream-usb 2019/08/20 22:06 https://github.com/google/kasan.git usb-fuzzer eea39f24f4a5 6b8391d0 .config log report
* Struck through repros no longer work on HEAD.