[syzbot] WARNING: ODEBUG bug in corrupted (2)
13 views
Skip to first unread message
syzbot
May 31, 2021, 1:25:24 PM5/31/21
to kees...@chromium.org, linux-...@vger.kernel.org, miaoqi...@huawei.com, qiang...@windriver.com, swb...@chromium.org, syzkall...@googlegroups.com, tg...@linutronix.de
Hello,
syzbot found the following issue on:
HEAD commit: d7c5303f Merge tag 'net-5.13-rc4' of git://git.kernel.org/..
git tree: upstream
console output: https://syzkaller.appspot.com/x/log.txt?x=122fa2b5d00000
kernel config: https://syzkaller.appspot.com/x/.config?x=770708ea7cfd4916
dashboard link: https://syzkaller.appspot.com/bug?extid=a437546ec71b04dfb5ac
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=155e106bd00000
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+a43754...@syzkaller.appspotmail.com
smsmdtv:smscore_start_device: set device mode failed , rc -22
smsusb:smsusb_init_device: smscore_start_device(...) failed
------------[ cut here ]------------
ODEBUG: free active (active state 0) object type: work_struct hint: do_submit_urb+0x0/0x3e0 drivers/media/usb/siano/smsusb.c:146
WARNING: CPU: 1 PID: 27 at lib/debugobjects.c:505 debug_print_object+0x16e/0x250 lib/debugobjects.c:505
Modules linked in:
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot can test patches for this issue, for details see:
https://goo.gl/tpsmEJ#testing-patches
syzbot found the following issue on:
HEAD commit: d7c5303f Merge tag 'net-5.13-rc4' of git://git.kernel.org/..
git tree: upstream
console output: https://syzkaller.appspot.com/x/log.txt?x=122fa2b5d00000
kernel config: https://syzkaller.appspot.com/x/.config?x=770708ea7cfd4916
dashboard link: https://syzkaller.appspot.com/bug?extid=a437546ec71b04dfb5ac
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=155e106bd00000
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+a43754...@syzkaller.appspotmail.com
smsmdtv:smscore_start_device: set device mode failed , rc -22
smsusb:smsusb_init_device: smscore_start_device(...) failed
------------[ cut here ]------------
ODEBUG: free active (active state 0) object type: work_struct hint: do_submit_urb+0x0/0x3e0 drivers/media/usb/siano/smsusb.c:146
WARNING: CPU: 1 PID: 27 at lib/debugobjects.c:505 debug_print_object+0x16e/0x250 lib/debugobjects.c:505
Modules linked in:
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot can test patches for this issue, for details see:
https://goo.gl/tpsmEJ#testing-patches
syzbot
Dec 28, 2021, 7:16:29 PM12/28/21
to hda...@sina.com, kees...@chromium.org, linux-...@vger.kernel.org, miaoqi...@huawei.com, qiang...@windriver.com, swb...@chromium.org, syzkall...@googlegroups.com, tg...@linutronix.de
syzbot has found a reproducer for the following issue on:
HEAD commit: ea586a076e8a Add linux-next specific files for 20211224
git tree: linux-next
console output: https://syzkaller.appspot.com/x/log.txt?x=12bb71a5b00000
kernel config: https://syzkaller.appspot.com/x/.config?x=a9c4e3dde2c568fb
dashboard link: https://syzkaller.appspot.com/bug?extid=a437546ec71b04dfb5ac
compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=1246b50db00000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=124c902db00000
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+a43754...@syzkaller.appspotmail.com
magicmouse 0003:05AC:0265.0001: hidraw0: USB HID v0.00 Device [HID 05ac:0265] on usb-dummy_hcd.0-1/input0
magicmouse 0003:05AC:0265.0001: magicmouse input not registered
magicmouse: probe of 0003:05AC:0265.0001 failed with error -12
------------[ cut here ]------------
ODEBUG: free active (active state 0) object type: timer_list hint: magicmouse_battery_timer_tick+0x0/0x360 include/linux/device.h:693
WARNING: CPU: 1 PID: 25 at lib/debugobjects.c:505 debug_print_object+0x16e/0x250 lib/debugobjects.c:505
Modules linked in:
CPU: 1 PID: 25 Comm: kworker/1:1 Not tainted 5.16.0-rc6-next-20211224-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Workqueue: usb_hub_wq hub_event
RIP: 0010:debug_print_object+0x16e/0x250 lib/debugobjects.c:505
Code: ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 af 00 00 00 48 8b 14 dd 80 c1 05 8a 4c 89 ee 48 c7 c7 80 b5 05 8a e8 1e 28 25 05 <0f> 0b 83 05 35 9d a6 09 01 48 83 c4 18 5b 5d 41 5c 41 5d 41 5e c3
RSP: 0018:ffffc90000dfeb10 EFLAGS: 00010286
RAX: 0000000000000000 RBX: 0000000000000003 RCX: 0000000000000000
RDX: ffff8880157d3a80 RSI: ffffffff815f4208 RDI: fffff520001bfd54
RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000001
R10: ffffffff815edf6e R11: 0000000000000000 R12: ffffffff89adf420
R13: ffffffff8a05bbc0 R14: ffffffff81666980 R15: dffffc0000000000
FS: 0000000000000000(0000) GS:ffff8880b9d00000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007fff4e854bf0 CR3: 000000000b88e000 CR4: 00000000003506e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
HEAD commit: ea586a076e8a Add linux-next specific files for 20211224
git tree: linux-next
console output: https://syzkaller.appspot.com/x/log.txt?x=12bb71a5b00000
kernel config: https://syzkaller.appspot.com/x/.config?x=a9c4e3dde2c568fb
dashboard link: https://syzkaller.appspot.com/bug?extid=a437546ec71b04dfb5ac
compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
syz repro: https://syzkaller.appspot.com/x/repro.syz?x=1246b50db00000
C reproducer: https://syzkaller.appspot.com/x/repro.c?x=124c902db00000
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+a43754...@syzkaller.appspotmail.com
magicmouse 0003:05AC:0265.0001: magicmouse input not registered
magicmouse: probe of 0003:05AC:0265.0001 failed with error -12
------------[ cut here ]------------
ODEBUG: free active (active state 0) object type: timer_list hint: magicmouse_battery_timer_tick+0x0/0x360 include/linux/device.h:693
WARNING: CPU: 1 PID: 25 at lib/debugobjects.c:505 debug_print_object+0x16e/0x250 lib/debugobjects.c:505
Modules linked in:
CPU: 1 PID: 25 Comm: kworker/1:1 Not tainted 5.16.0-rc6-next-20211224-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Workqueue: usb_hub_wq hub_event
RIP: 0010:debug_print_object+0x16e/0x250 lib/debugobjects.c:505
Code: ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 af 00 00 00 48 8b 14 dd 80 c1 05 8a 4c 89 ee 48 c7 c7 80 b5 05 8a e8 1e 28 25 05 <0f> 0b 83 05 35 9d a6 09 01 48 83 c4 18 5b 5d 41 5c 41 5d 41 5e c3
RSP: 0018:ffffc90000dfeb10 EFLAGS: 00010286
RAX: 0000000000000000 RBX: 0000000000000003 RCX: 0000000000000000
RDX: ffff8880157d3a80 RSI: ffffffff815f4208 RDI: fffff520001bfd54
RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000001
R10: ffffffff815edf6e R11: 0000000000000000 R12: ffffffff89adf420
R13: ffffffff8a05bbc0 R14: ffffffff81666980 R15: dffffc0000000000
FS: 0000000000000000(0000) GS:ffff8880b9d00000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007fff4e854bf0 CR3: 000000000b88e000 CR4: 00000000003506e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
Stephen Boyd
Dec 29, 2021, 12:41:19 AM12/29/21
to hda...@sina.com, kees...@chromium.org, linux-...@vger.kernel.org, miaoqi...@huawei.com, qiang...@windriver.com, syzbot, syzkall...@googlegroups.com, tg...@linutronix.de, Christophe JAILLET
Quoting syzbot (2021-12-28 16:16:28)
---8<---
diff --git a/drivers/hid/hid-magicmouse.c b/drivers/hid/hid-magicmouse.c
index eba1e8087bfd..b8b08f0a8c54 100644
--- a/drivers/hid/hid-magicmouse.c
+++ b/drivers/hid/hid-magicmouse.c
@@ -873,6 +873,7 @@ static int magicmouse_probe(struct hid_device *hdev,
return 0;
err_stop_hw:
+ del_timer_sync(&msc->battery_timer);
hid_hw_stop(hdev);
return ret;
> syzbot has found a reproducer for the following issue on:
>
> HEAD commit: ea586a076e8a Add linux-next specific files for 20211224
> git tree: linux-next
> console output: https://syzkaller.appspot.com/x/log.txt?x=12bb71a5b00000
> kernel config: https://syzkaller.appspot.com/x/.config?x=a9c4e3dde2c568fb
> dashboard link: https://syzkaller.appspot.com/bug?extid=a437546ec71b04dfb5ac
> compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
> syz repro: https://syzkaller.appspot.com/x/repro.syz?x=1246b50db00000
> C reproducer: https://syzkaller.appspot.com/x/repro.c?x=124c902db00000
>
> IMPORTANT: if you fix the issue, please add the following tag to the commit:
> Reported-by: syzbot+a43754...@syzkaller.appspotmail.com
I see a fix has been sent[1] already. Here it is inline.
>
> HEAD commit: ea586a076e8a Add linux-next specific files for 20211224
> git tree: linux-next
> console output: https://syzkaller.appspot.com/x/log.txt?x=12bb71a5b00000
> kernel config: https://syzkaller.appspot.com/x/.config?x=a9c4e3dde2c568fb
> dashboard link: https://syzkaller.appspot.com/bug?extid=a437546ec71b04dfb5ac
> compiler: gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
> syz repro: https://syzkaller.appspot.com/x/repro.syz?x=1246b50db00000
> C reproducer: https://syzkaller.appspot.com/x/repro.c?x=124c902db00000
>
> IMPORTANT: if you fix the issue, please add the following tag to the commit:
> Reported-by: syzbot+a43754...@syzkaller.appspotmail.com
---8<---
diff --git a/drivers/hid/hid-magicmouse.c b/drivers/hid/hid-magicmouse.c
index eba1e8087bfd..b8b08f0a8c54 100644
--- a/drivers/hid/hid-magicmouse.c
+++ b/drivers/hid/hid-magicmouse.c
@@ -873,6 +873,7 @@ static int magicmouse_probe(struct hid_device *hdev,
return 0;
err_stop_hw:
+ del_timer_sync(&msc->battery_timer);
hid_hw_stop(hdev);
return ret;
}
>
> magicmouse 0003:05AC:0265.0001: hidraw0: USB HID v0.00 Device [HID 05ac:0265] on usb-dummy_hcd.0-1/input0
> magicmouse 0003:05AC:0265.0001: magicmouse input not registered
> magicmouse: probe of 0003:05AC:0265.0001 failed with error -12
> ------------[ cut here ]------------
> ODEBUG: free active (active state 0) object type: timer_list hint: magicmouse_battery_timer_tick+0x0/0x360 include/linux/device.h:693
> WARNING: CPU: 1 PID: 25 at lib/debugobjects.c:505 debug_print_object+0x16e/0x250 lib/debugobjects.c:505
> Modules linked in:
> CPU: 1 PID: 25 Comm: kworker/1:1 Not tainted 5.16.0-rc6-next-20211224-syzkaller #0
> Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
> Workqueue: usb_hub_wq hub_event
> RIP: 0010:debug_print_object+0x16e/0x250 lib/debugobjects.c:505
> Code: ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 af 00 00 00 48 8b 14 dd 80 c1 05 8a 4c 89 ee 48 c7 c7 80 b5 05 8a e8 1e 28 25 05 <0f> 0b 83 05 35 9d a6 09 01 48 83 c4 18 5b 5d 41 5c 41 5d 41 5e c3
> RSP: 0018:ffffc90000dfeb10 EFLAGS: 00010286
> RAX: 0000000000000000 RBX: 0000000000000003 RCX: 0000000000000000
> RDX: ffff8880157d3a80 RSI: ffffffff815f4208 RDI: fffff520001bfd54
> RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000001
> R10: ffffffff815edf6e R11: 0000000000000000 R12: ffffffff89adf420
> R13: ffffffff8a05bbc0 R14: ffffffff81666980 R15: dffffc0000000000
> FS: 0000000000000000(0000) GS:ffff8880b9d00000(0000) knlGS:0000000000000000
> CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
> CR2: 00007fff4e854bf0 CR3: 000000000b88e000 CR4: 00000000003506e0
> DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
>
[1] https://lore.kernel.org/r/b0777c29fb4c59f27a726f62680b4c7f04c5c...@wanadoo.fr
>
> magicmouse 0003:05AC:0265.0001: hidraw0: USB HID v0.00 Device [HID 05ac:0265] on usb-dummy_hcd.0-1/input0
> magicmouse 0003:05AC:0265.0001: magicmouse input not registered
> magicmouse: probe of 0003:05AC:0265.0001 failed with error -12
> ------------[ cut here ]------------
> ODEBUG: free active (active state 0) object type: timer_list hint: magicmouse_battery_timer_tick+0x0/0x360 include/linux/device.h:693
> WARNING: CPU: 1 PID: 25 at lib/debugobjects.c:505 debug_print_object+0x16e/0x250 lib/debugobjects.c:505
> Modules linked in:
> CPU: 1 PID: 25 Comm: kworker/1:1 Not tainted 5.16.0-rc6-next-20211224-syzkaller #0
> Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
> Workqueue: usb_hub_wq hub_event
> RIP: 0010:debug_print_object+0x16e/0x250 lib/debugobjects.c:505
> Code: ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 af 00 00 00 48 8b 14 dd 80 c1 05 8a 4c 89 ee 48 c7 c7 80 b5 05 8a e8 1e 28 25 05 <0f> 0b 83 05 35 9d a6 09 01 48 83 c4 18 5b 5d 41 5c 41 5d 41 5e c3
> RSP: 0018:ffffc90000dfeb10 EFLAGS: 00010286
> RAX: 0000000000000000 RBX: 0000000000000003 RCX: 0000000000000000
> RDX: ffff8880157d3a80 RSI: ffffffff815f4208 RDI: fffff520001bfd54
> RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000001
> R10: ffffffff815edf6e R11: 0000000000000000 R12: ffffffff89adf420
> R13: ffffffff8a05bbc0 R14: ffffffff81666980 R15: dffffc0000000000
> FS: 0000000000000000(0000) GS:ffff8880b9d00000(0000) knlGS:0000000000000000
> CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
> CR2: 00007fff4e854bf0 CR3: 000000000b88e000 CR4: 00000000003506e0
> DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
>
Reply all
Reply to author
Forward
0 new messages