From: syzbot <syzbot+f0fae482604e6d9a87c9@syzkaller.appspotmail.com>
To: gregkh@linuxfoundation.org, linux-kernel@vger.kernel.org,
linux-usb@vger.kernel.org, oneukum@suse.com,
pavel.hofman@ivitera.com, rob@robgreener.com,
stern@rowland.harvard.edu, syzkaller-bugs@googlegroups.com
Subject: Re: [syzbot] memory leak in usb_get_configuration
Date: Thu, 10 Mar 2022 06:36:10 -0800 [thread overview]
Message-ID: <000000000000a2d7be05d9de2250@google.com> (raw)
In-Reply-To: <b7bd6b82-03e3-eac8-21f5-1b05c97c98a3@suse.com>
Hello,
syzbot tried to test the proposed patch but the build/boot failed:
1] usbcore: registered new interface driver ftdi_sio
[ 5.441302][ T1] usbserial: USB Serial support registered for FTDI USB Serial Device
[ 5.442817][ T1] usbcore: registered new interface driver garmin_gps
[ 5.444351][ T1] usbserial: USB Serial support registered for Garmin GPS usb/tty
[ 5.446230][ T1] usbcore: registered new interface driver ipaq
[ 5.447590][ T1] usbserial: USB Serial support registered for PocketPC PDA
[ 5.448887][ T1] usbcore: registered new interface driver ipw
[ 5.450507][ T1] usbserial: USB Serial support registered for IPWireless converter
[ 5.452018][ T1] usbcore: registered new interface driver ir_usb
[ 5.453200][ T1] usbserial: USB Serial support registered for IR Dongle
[ 5.454435][ T1] usbcore: registered new interface driver iuu_phoenix
[ 5.455836][ T1] usbserial: USB Serial support registered for iuu_phoenix
[ 5.457168][ T1] usbcore: registered new interface driver keyspan
[ 5.458324][ T1] usbserial: USB Serial support registered for Keyspan - (without firmware)
[ 5.460443][ T1] usbserial: USB Serial support registered for Keyspan 1 port adapter
[ 5.461726][ T1] usbserial: USB Serial support registered for Keyspan 2 port adapter
[ 5.463474][ T1] usbserial: USB Serial support registered for Keyspan 4 port adapter
[ 5.464949][ T1] usbcore: registered new interface driver keyspan_pda
[ 5.466125][ T1] usbserial: USB Serial support registered for Keyspan PDA
[ 5.467341][ T1] usbserial: USB Serial support registered for Keyspan PDA - (prerenumeration)
[ 5.468789][ T1] usbcore: registered new interface driver kl5kusb105
[ 5.470271][ T1] usbserial: USB Serial support registered for KL5KUSB105D / PalmConnect
[ 5.471764][ T1] usbcore: registered new interface driver kobil_sct
[ 5.472861][ T1] usbserial: USB Serial support registered for KOBIL USB smart card terminal
[ 5.474462][ T1] usbcore: registered new interface driver mct_u232
[ 5.475760][ T1] usbserial: USB Serial support registered for MCT U232
[ 5.476978][ T1] usbcore: registered new interface driver metro_usb
[ 5.478278][ T1] usbserial: USB Serial support registered for Metrologic USB to Serial
[ 5.479903][ T1] usbcore: registered new interface driver mos7720
[ 5.481270][ T1] usbserial: USB Serial support registered for Moschip 2 port adapter
[ 5.482519][ T1] usbcore: registered new interface driver mos7840
[ 5.483564][ T1] usbserial: USB Serial support registered for Moschip 7840/7820 USB Serial Driver
[ 5.485397][ T1] usbcore: registered new interface driver mxuport
[ 5.486484][ T1] usbserial: USB Serial support registered for MOXA UPort
[ 5.487661][ T1] usbcore: registered new interface driver navman
[ 5.488684][ T1] usbserial: USB Serial support registered for navman
[ 5.489779][ T1] usbcore: registered new interface driver omninet
[ 5.491003][ T1] usbserial: USB Serial support registered for ZyXEL - omni.net usb
[ 5.492731][ T1] usbcore: registered new interface driver opticon
[ 5.494396][ T1] usbserial: USB Serial support registered for opticon
[ 5.495708][ T1] usbcore: registered new interface driver option
[ 5.496818][ T1] usbserial: USB Serial support registered for GSM modem (1-port)
[ 5.498671][ T1] usbcore: registered new interface driver oti6858
[ 5.499976][ T1] usbserial: USB Serial support registered for oti6858
[ 5.501237][ T1] usbcore: registered new interface driver pl2303
[ 5.502576][ T1] usbserial: USB Serial support registered for pl2303
[ 5.503913][ T1] usbcore: registered new interface driver qcaux
[ 5.505349][ T1] usbserial: USB Serial support registered for qcaux
[ 5.506983][ T1] usbcore: registered new interface driver qcserial
[ 5.508283][ T1] usbserial: USB Serial support registered for Qualcomm USB modem
[ 5.510280][ T1] usbcore: registered new interface driver quatech2
[ 5.511377][ T1] usbserial: USB Serial support registered for Quatech 2nd gen USB to Serial Driver
[ 5.513067][ T1] usbcore: registered new interface driver safe_serial
[ 5.514766][ T1] usbserial: USB Serial support registered for safe_serial
[ 5.516333][ T1] usbcore: registered new interface driver sierra
[ 5.517494][ T1] usbserial: USB Serial support registered for Sierra USB modem
[ 5.519626][ T1] usbcore: registered new interface driver usb_serial_simple
[ 5.521363][ T1] usbserial: USB Serial support registered for carelink
[ 5.522901][ T1] usbserial: USB Serial support registered for zio
[ 5.524620][ T1] usbserial: USB Serial support registered for funsoft
[ 5.525949][ T1] usbserial: USB Serial support registered for flashloader
[ 5.527179][ T1] usbserial: USB Serial support registered for google
[ 5.528746][ T1] usbserial: USB Serial support registered for libtransistor
[ 5.530414][ T1] usbserial: USB Serial support registered for vivopay
[ 5.531429][ T1] usbserial: USB Serial support registered for moto_modem
[ 5.533174][ T1] usbserial: USB Serial support registered for motorola_tetra
[ 5.535259][ T1] usbserial: USB Serial support registered for novatel_gps
[ 5.536637][ T1] usbserial: USB Serial support registered for hp4x
[ 5.537967][ T1] usbserial: USB Serial support registered for suunto
[ 5.539315][ T1] usbserial: USB Serial support registered for siemens_mpi
[ 5.540670][ T1] usbcore: registered new interface driver spcp8x5
[ 5.541718][ T1] usbserial: USB Serial support registered for SPCP8x5
[ 5.543047][ T1] usbcore: registered new interface driver ssu100
[ 5.544124][ T1] usbserial: USB Serial support registered for Quatech SSU-100 USB to Serial Driver
[ 5.546410][ T1] usbcore: registered new interface driver symbolserial
[ 5.547622][ T1] usbserial: USB Serial support registered for symbol
[ 5.548926][ T1] usbcore: registered new interface driver ti_usb_3410_5052
[ 5.550176][ T1] usbserial: USB Serial support registered for TI USB 3410 1 port adapter
[ 5.551822][ T1] usbserial: USB Serial support registered for TI USB 5052 2 port adapter
[ 5.553865][ T1] usbcore: registered new interface driver upd78f0730
[ 5.555511][ T1] usbserial: USB Serial support registered for upd78f0730
[ 5.557254][ T1] usbcore: registered new interface driver visor
[ 5.558590][ T1] usbserial: USB Serial support registered for Handspring Visor / Palm OS
[ 5.559852][ T1] usbserial: USB Serial support registered for Sony Clie 5.0
[ 5.561053][ T1] usbserial: USB Serial support registered for Sony Clie 3.5
[ 5.562196][ T1] usbcore: registered new interface driver wishbone_serial
[ 5.563411][ T1] usbserial: USB Serial support registered for wishbone_serial
[ 5.564868][ T1] usbcore: registered new interface driver whiteheat
[ 5.566295][ T1] usbserial: USB Serial support registered for Connect Tech - WhiteHEAT - (prerenumeration)
[ 5.568057][ T1] usbserial: USB Serial support registered for Connect Tech - WhiteHEAT
[ 5.569588][ T1] usbcore: registered new interface driver xr_serial
[ 5.570749][ T1] usbserial: USB Serial support registered for xr_serial
[ 5.572449][ T1] usbcore: registered new interface driver xsens_mt
[ 5.573995][ T1] usbserial: USB Serial support registered for xsens_mt
[ 5.575599][ T1] usbcore: registered new interface driver adutux
[ 5.576912][ T1] usbcore: registered new interface driver appledisplay
[ 5.578299][ T1] usbcore: registered new interface driver cypress_cy7c63
[ 5.579875][ T1] usbcore: registered new interface driver cytherm
[ 5.581096][ T1] usbcore: registered new interface driver emi26 - firmware loader
[ 5.582351][ T1] usbcore: registered new interface driver emi62 - firmware loader
[ 5.583692][ T1] ftdi_elan: driver ftdi-elan
[ 5.584986][ T1] usbcore: registered new interface driver ftdi-elan
[ 5.586395][ T1] usbcore: registered new interface driver idmouse
[ 5.587912][ T1] usbcore: registered new interface driver iowarrior
[ 5.589125][ T1] usbcore: registered new interface driver isight_firmware
[ 5.590448][ T1] usbcore: registered new interface driver usblcd
[ 5.591723][ T1] usbcore: registered new interface driver ldusb
[ 5.592857][ T1] usbcore: registered new interface driver legousbtower
[ 5.594328][ T1] usbcore: registered new interface driver usbtest
[ 5.595531][ T1] usbcore: registered new interface driver usb_ehset_test
[ 5.596704][ T1] usbcore: registered new interface driver trancevibrator
[ 5.597994][ T1] usbcore: registered new interface driver uss720
[ 5.599467][ T1] uss720: USB Parport Cable driver for Cables using the Lucent Technologies USS720 Chip
[ 5.601116][ T1] uss720: NOTE: this is a special purpose driver to allow nonstandard
[ 5.602633][ T1] uss720: protocols (eg. bitbang) over USS720 usb to parallel cables
[ 5.604271][ T1] uss720: If you just want to connect to a printer, use usblp instead
[ 5.605764][ T1] usbcore: registered new interface driver usbsevseg
[ 5.607103][ T1] usbcore: registered new interface driver yurex
[ 5.608598][ T1] usbcore: registered new interface driver chaoskey
[ 5.609880][ T1] usbcore: registered new interface driver sisusb
[ 5.611270][ T1] usbcore: registered new interface driver lvs
[ 5.612432][ T1] usbcore: registered new interface driver cxacru
[ 5.613741][ T1] usbcore: registered new interface driver speedtch
[ 5.615224][ T1] usbcore: registered new interface driver ueagle-atm
[ 5.616318][ T1] xusbatm: malformed module parameters
[ 5.618076][ T1] dummy_hcd dummy_hcd.0: USB Host+Gadget Emulator, driver 02 May 2005
[ 5.619418][ T1] dummy_hcd dummy_hcd.0: Dummy host controller
[ 5.620801][ T1] dummy_hcd dummy_hcd.0: new USB bus registered, assigned bus number 1
[ 5.622385][ T1] usb usb1: New USB device found, idVendor=1d6b, idProduct=0002, bcdDevice= 5.17
[ 5.623968][ T1] usb usb1: New USB device strings: Mfr=3, Product=2, SerialNumber=1
[ 5.625214][ T1] usb usb1: Product: Dummy host controller
[ 5.626042][ T1] usb usb1: Manufacturer: Linux 5.17.0-rc6-syzkaller-00242-g0014404f9c18-dirty dummy_hcd
[ 5.627434][ T1] usb usb1: SerialNumber: dummy_hcd.0
[ 5.628888][ T1] BUG: kernel NULL pointer dereference, address: 0000000000000004
[ 5.630204][ T1] #PF: supervisor read access in kernel mode
[ 5.631138][ T1] #PF: error_code(0x0000) - not-present page
[ 5.632065][ T1] PGD 0 P4D 0
[ 5.632713][ T1] Oops: 0000 [#1] PREEMPT SMP
[ 5.633380][ T1] CPU: 1 PID: 1 Comm: swapper/0 Not tainted 5.17.0-rc6-syzkaller-00242-g0014404f9c18-dirty #0
[ 5.635094][ T1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 5.636772][ T1] RIP: 0010:usb_choose_configuration.part.0+0x1d0/0x4c0
[ 5.637898][ T1] Code: bf 6b fe 41 39 ed 0f 8e ae 01 00 00 49 83 c4 01 83 c5 01 48 81 c3 a8 02 00 00 48 8d 83 58 fd ff ff 48 89 04 24 e8 e0 ba 6b fe <44> 0f b6 bb 5c fd ff ff 31 ff 44 89 fe e8 9e c0 6b fe 45 84 ff 0f
[ 5.638381][ T1] RSP: 0000:ffffc90000e737d8 EFLAGS: 00010293
[ 5.638381][ T1] RAX: 0000000000000000 RBX: 00000000000002a8 RCX: 0000000000000000
[ 5.638381][ T1] RDX: ffff88810121e040 RSI: ffffffff82ca46e0 RDI: 0000000000000003
[ 5.638381][ T1] RBP: 0000000000000001 R08: 0000000000000004 R09: 0000000000000000
[ 5.638381][ T1] R10: ffffffff82ca4562 R11: 0000000000000000 R12: 0000000000000000
[ 5.638381][ T1] R13: 0000000000000001 R14: 0000000000000000 R15: 0000000000000001
[ 5.638381][ T1] FS: 0000000000000000(0000) GS:ffff88813bd00000(0000) knlGS:0000000000000000
[ 5.638381][ T1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 5.638381][ T1] CR2: 0000000000000004 CR3: 0000000005a29000 CR4: 00000000003506e0
[ 5.638381][ T1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 5.638381][ T1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 5.638381][ T1] Call Trace:
[ 5.638381][ T1] <TASK>
[ 5.638381][ T1] ? kernfs_create_link+0xb5/0xf0
[ 5.638381][ T1] usb_generic_driver_probe+0x52/0xc0
[ 5.638381][ T1] usb_probe_device+0x5c/0x140
[ 5.638381][ T1] ? unbind_marked_interfaces.isra.0+0xb0/0xb0
[ 5.638381][ T1] really_probe.part.0+0xe7/0x380
[ 5.638381][ T1] __driver_probe_device+0x10c/0x1e0
[ 5.638381][ T1] driver_probe_device+0x2a/0x120
[ 5.638381][ T1] __device_attach_driver+0xf6/0x140
[ 5.638381][ T1] ? driver_allows_async_probing+0x90/0x90
[ 5.638381][ T1] bus_for_each_drv+0xb7/0x100
[ 5.638381][ T1] __device_attach+0x122/0x260
[ 5.638381][ T1] bus_probe_device+0xc6/0xe0
[ 5.638381][ T1] device_add+0x5fb/0xdf0
[ 5.638381][ T1] ? _raw_spin_unlock_irqrestore+0x24/0x40
[ 5.638381][ T1] ? add_device_randomness+0xa8/0x2c0
[ 5.638381][ T1] usb_new_device.cold+0x10f/0x58e
[ 5.638381][ T1] usb_add_hcd.cold+0x651/0x8ec
[ 5.638381][ T1] dummy_hcd_probe+0xee/0x1d5
[ 5.638381][ T1] ? dummy_hcd_suspend.cold+0x20/0x20
[ 5.638381][ T1] platform_probe+0x81/0x120
[ 5.638381][ T1] ? platform_remove+0x50/0x50
[ 5.638381][ T1] really_probe.part.0+0xe7/0x380
[ 5.638381][ T1] __driver_probe_device+0x10c/0x1e0
[ 5.638381][ T1] driver_probe_device+0x2a/0x120
[ 5.638381][ T1] __device_attach_driver+0xf6/0x140
[ 5.638381][ T1] ? driver_allows_async_probing+0x90/0x90
[ 5.638381][ T1] bus_for_each_drv+0xb7/0x100
[ 5.638381][ T1] __device_attach+0x122/0x260
[ 5.638381][ T1] bus_probe_device+0xc6/0xe0
[ 5.638381][ T1] device_add+0x5fb/0xdf0
[ 5.638381][ T1] ? dev_set_name+0x63/0x90
[ 5.638381][ T1] platform_device_add+0x1d7/0x320
[ 5.638381][ T1] init+0x323/0x5ef
[ 5.638381][ T1] ? usb_udc_init+0x78/0x78
[ 5.638381][ T1] do_one_initcall+0x63/0x2e0
[ 5.638381][ T1] kernel_init_freeable+0x255/0x2cf
[ 5.638381][ T1] ? rest_init+0xd0/0xd0
[ 5.638381][ T1] kernel_init+0x1a/0x1c0
[ 5.638381][ T1] ? rest_init+0xd0/0xd0
[ 5.638381][ T1] ret_from_fork+0x1f/0x30
[ 5.638381][ T1] </TASK>
[ 5.638381][ T1] Modules linked in:
[ 5.638381][ T1] CR2: 0000000000000004
[ 5.638381][ T1] ---[ end trace 0000000000000000 ]---
[ 5.638381][ T1] RIP: 0010:usb_choose_configuration.part.0+0x1d0/0x4c0
[ 5.638381][ T1] Code: bf 6b fe 41 39 ed 0f 8e ae 01 00 00 49 83 c4 01 83 c5 01 48 81 c3 a8 02 00 00 48 8d 83 58 fd ff ff 48 89 04 24 e8 e0 ba 6b fe <44> 0f b6 bb 5c fd ff ff 31 ff 44 89 fe e8 9e c0 6b fe 45 84 ff 0f
[ 5.638381][ T1] RSP: 0000:ffffc90000e737d8 EFLAGS: 00010293
[ 5.638381][ T1] RAX: 0000000000000000 RBX: 00000000000002a8 RCX: 0000000000000000
[ 5.638381][ T1] RDX: ffff88810121e040 RSI: ffffffff82ca46e0 RDI: 0000000000000003
[ 5.638381][ T1] RBP: 0000000000000001 R08: 0000000000000004 R09: 0000000000000000
[ 5.638381][ T1] R10: ffffffff82ca4562 R11: 0000000000000000 R12: 0000000000000000
[ 5.638381][ T1] R13: 0000000000000001 R14: 0000000000000000 R15: 0000000000000001
[ 5.638381][ T1] FS: 0000000000000000(0000) GS:ffff88813bd00000(0000) knlGS:0000000000000000
[ 5.638381][ T1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 5.638381][ T1] CR2: 0000000000000004 CR3: 0000000005a29000 CR4: 00000000003506e0
[ 5.638381][ T1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 5.638381][ T1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 5.638381][ T1] Kernel panic - not syncing: Fatal exception
[ 5.638381][ T1] Kernel Offset: disabled
[ 5.638381][ T1] Rebooting in 86400 seconds..
Error text is too large and was truncated, full error text is at:
https://syzkaller.appspot.com/x/error.txt?x=125ae129700000
Tested on:
commit: 0014404f Merge branch 'akpm' (patches from Andrew)
git tree: git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel config: https://syzkaller.appspot.com/x/.config?x=3f0a704147ec8e32
dashboard link: https://syzkaller.appspot.com/bug?extid=f0fae482604e6d9a87c9
compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
patch: https://syzkaller.appspot.com/x/patch.diff?x=10e87036700000
next prev parent reply other threads:[~2022-03-10 14:54 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-03-09 23:54 [syzbot] memory leak in usb_get_configuration syzbot
2022-03-10 9:51 ` Oliver Neukum
2022-03-10 14:36 ` syzbot [this message]
2022-03-10 15:29 ` Alan Stern
2022-03-10 11:07 ` Oliver Neukum
2022-03-10 11:07 ` syzbot
2022-03-11 21:01 ` Alan Stern
2022-03-11 21:10 ` syzbot
2022-03-12 15:08 ` Pavel Skripkin
2022-03-12 15:25 ` Alan Stern
2022-03-12 15:45 ` Pavel Skripkin
2022-03-12 16:02 ` Alan Stern
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=000000000000a2d7be05d9de2250@google.com \
--to=syzbot+f0fae482604e6d9a87c9@syzkaller.appspotmail.com \
--cc=gregkh@linuxfoundation.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-usb@vger.kernel.org \
--cc=oneukum@suse.com \
--cc=pavel.hofman@ivitera.com \
--cc=rob@robgreener.com \
--cc=stern@rowland.harvard.edu \
--cc=syzkaller-bugs@googlegroups.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.