From: syzbot <syzbot+6f5ecd144854c0d8580b@syzkaller.appspotmail.com> To: Larry.Finger@lwfinger.net, devel@driverdev.osuosl.org, florian.c.schilhabel@googlemail.com, glider@google.com, gregkh@linuxfoundation.org, kai.heng.feng@canonical.com, linux-kernel@vger.kernel.org, straube.linux@gmail.com, syzkaller-bugs@googlegroups.com Subject: KMSAN: uninit-value in r871xu_drv_init Date: Thu, 06 Jun 2019 06:52:10 -0700 [thread overview] Message-ID: <000000000000417702058aa80506@google.com> (raw) Hello, syzbot found the following crash on: HEAD commit: f75e4cfe kmsan: use kmsan_handle_urb() in urb.c git tree: kmsan console output: https://syzkaller.appspot.com/x/log.txt?x=153453dea00000 kernel config: https://syzkaller.appspot.com/x/.config?x=602468164ccdc30a dashboard link: https://syzkaller.appspot.com/bug?extid=6f5ecd144854c0d8580b compiler: clang version 9.0.0 (/home/glider/llvm/clang 06d00afa61eef8f7f501ebdb4e8612ea43ec2d78) syz repro: https://syzkaller.appspot.com/x/repro.syz?x=161892c1a00000 C reproducer: https://syzkaller.appspot.com/x/repro.c?x=11b20986a00000 IMPORTANT: if you fix the bug, please add the following tag to the commit: Reported-by: syzbot+6f5ecd144854c0d8580b@syzkaller.appspotmail.com usb 1-1: config 0 has no interface number 0 usb 1-1: New USB device found, idVendor=050d, idProduct=945a, bcdDevice=f1.a1 usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 usb 1-1: config 0 descriptor?? r8712u: register rtl8712_netdev_ops to netdev_ops usb 1-1: r8712u: USB_SPEED_LOW with 0 endpoints usb 1-1: r8712u: Boot from EFUSE: Autoload Failed ================================================================== BUG: KMSAN: uninit-value in r871xu_drv_init+0x17c6/0x2ad0 drivers/staging/rtl8712/usb_intf.c:409 CPU: 1 PID: 17 Comm: kworker/1:0 Not tainted 5.1.0+ #1 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Workqueue: usb_hub_wq hub_event Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x191/0x1f0 lib/dump_stack.c:113 kmsan_report+0x130/0x2a0 mm/kmsan/kmsan.c:622 __msan_warning+0x75/0xe0 mm/kmsan/kmsan_instr.c:310 r871xu_drv_init+0x17c6/0x2ad0 drivers/staging/rtl8712/usb_intf.c:409 usb_probe_interface+0xd66/0x1320 drivers/usb/core/driver.c:361 really_probe+0xdae/0x1d80 drivers/base/dd.c:513 driver_probe_device+0x1b3/0x4f0 drivers/base/dd.c:671 __device_attach_driver+0x5b8/0x790 drivers/base/dd.c:778 bus_for_each_drv+0x28e/0x3b0 drivers/base/bus.c:454 __device_attach+0x454/0x730 drivers/base/dd.c:844 device_initial_probe+0x4a/0x60 drivers/base/dd.c:891 bus_probe_device+0x137/0x390 drivers/base/bus.c:514 device_add+0x288d/0x30e0 drivers/base/core.c:2106 usb_set_configuration+0x30dc/0x3750 drivers/usb/core/message.c:2027 generic_probe+0xe7/0x280 drivers/usb/core/generic.c:210 usb_probe_device+0x14c/0x200 drivers/usb/core/driver.c:266 really_probe+0xdae/0x1d80 drivers/base/dd.c:513 driver_probe_device+0x1b3/0x4f0 drivers/base/dd.c:671 __device_attach_driver+0x5b8/0x790 drivers/base/dd.c:778 bus_for_each_drv+0x28e/0x3b0 drivers/base/bus.c:454 __device_attach+0x454/0x730 drivers/base/dd.c:844 device_initial_probe+0x4a/0x60 drivers/base/dd.c:891 bus_probe_device+0x137/0x390 drivers/base/bus.c:514 device_add+0x288d/0x30e0 drivers/base/core.c:2106 usb_new_device+0x23e5/0x2ff0 drivers/usb/core/hub.c:2534 hub_port_connect drivers/usb/core/hub.c:5089 [inline] hub_port_connect_change drivers/usb/core/hub.c:5204 [inline] port_event drivers/usb/core/hub.c:5350 [inline] hub_event+0x48d1/0x7290 drivers/usb/core/hub.c:5432 process_one_work+0x1572/0x1f00 kernel/workqueue.c:2269 worker_thread+0x111b/0x2460 kernel/workqueue.c:2415 kthread+0x4b5/0x4f0 kernel/kthread.c:254 ret_from_fork+0x35/0x40 arch/x86/entry/entry_64.S:355 Local variable description: ----data@usb_read8 Variable was created at: usb_read8+0x5d/0x130 drivers/staging/rtl8712/usb_ops.c:33 r8712_read8+0xaa/0xd0 drivers/staging/rtl8712/rtl8712_io.c:29 ================================================================== --- This bug is generated by a bot. It may contain errors. See https://goo.gl/tpsmEJ for more information about syzbot. syzbot engineers can be reached at syzkaller@googlegroups.com. syzbot will keep track of this bug report. See: https://goo.gl/tpsmEJ#status for how to communicate with syzbot. syzbot can test patches for this bug, for details see: https://goo.gl/tpsmEJ#testing-patches
WARNING: multiple messages have this Message-ID (diff)
From: syzbot <syzbot+6f5ecd144854c0d8580b@syzkaller.appspotmail.com> To: Larry.Finger@lwfinger.net, devel@driverdev.osuosl.org, florian.c.schilhabel@googlemail.com, glider@google.com, gregkh@linuxfoundation.org, kai.heng.feng@canonical.com, linux-kernel@vger.kernel.org, straube.linux@gmail.com, syzkaller-bugs@googlegroups.com Subject: KMSAN: uninit-value in r871xu_drv_init Date: Thu, 06 Jun 2019 06:52:10 -0700 [thread overview] Message-ID: <000000000000417702058aa80506@google.com> (raw) Hello, syzbot found the following crash on: HEAD commit: f75e4cfe kmsan: use kmsan_handle_urb() in urb.c git tree: kmsan console output: https://syzkaller.appspot.com/x/log.txt?x=153453dea00000 kernel config: https://syzkaller.appspot.com/x/.config?x=602468164ccdc30a dashboard link: https://syzkaller.appspot.com/bug?extid=6f5ecd144854c0d8580b compiler: clang version 9.0.0 (/home/glider/llvm/clang 06d00afa61eef8f7f501ebdb4e8612ea43ec2d78) syz repro: https://syzkaller.appspot.com/x/repro.syz?x=161892c1a00000 C reproducer: https://syzkaller.appspot.com/x/repro.c?x=11b20986a00000 IMPORTANT: if you fix the bug, please add the following tag to the commit: Reported-by: syzbot+6f5ecd144854c0d8580b@syzkaller.appspotmail.com usb 1-1: config 0 has no interface number 0 usb 1-1: New USB device found, idVendor=050d, idProduct=945a, bcdDevice=f1.a1 usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 usb 1-1: config 0 descriptor?? r8712u: register rtl8712_netdev_ops to netdev_ops usb 1-1: r8712u: USB_SPEED_LOW with 0 endpoints usb 1-1: r8712u: Boot from EFUSE: Autoload Failed ================================================================== BUG: KMSAN: uninit-value in r871xu_drv_init+0x17c6/0x2ad0 drivers/staging/rtl8712/usb_intf.c:409 CPU: 1 PID: 17 Comm: kworker/1:0 Not tainted 5.1.0+ #1 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Workqueue: usb_hub_wq hub_event Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x191/0x1f0 lib/dump_stack.c:113 kmsan_report+0x130/0x2a0 mm/kmsan/kmsan.c:622 __msan_warning+0x75/0xe0 mm/kmsan/kmsan_instr.c:310 r871xu_drv_init+0x17c6/0x2ad0 drivers/staging/rtl8712/usb_intf.c:409 usb_probe_interface+0xd66/0x1320 drivers/usb/core/driver.c:361 really_probe+0xdae/0x1d80 drivers/base/dd.c:513 driver_probe_device+0x1b3/0x4f0 drivers/base/dd.c:671 __device_attach_driver+0x5b8/0x790 drivers/base/dd.c:778 bus_for_each_drv+0x28e/0x3b0 drivers/base/bus.c:454 __device_attach+0x454/0x730 drivers/base/dd.c:844 device_initial_probe+0x4a/0x60 drivers/base/dd.c:891 bus_probe_device+0x137/0x390 drivers/base/bus.c:514 device_add+0x288d/0x30e0 drivers/base/core.c:2106 usb_set_configuration+0x30dc/0x3750 drivers/usb/core/message.c:2027 generic_probe+0xe7/0x280 drivers/usb/core/generic.c:210 usb_probe_device+0x14c/0x200 drivers/usb/core/driver.c:266 really_probe+0xdae/0x1d80 drivers/base/dd.c:513 driver_probe_device+0x1b3/0x4f0 drivers/base/dd.c:671 __device_attach_driver+0x5b8/0x790 drivers/base/dd.c:778 bus_for_each_drv+0x28e/0x3b0 drivers/base/bus.c:454 __device_attach+0x454/0x730 drivers/base/dd.c:844 device_initial_probe+0x4a/0x60 drivers/base/dd.c:891 bus_probe_device+0x137/0x390 drivers/base/bus.c:514 device_add+0x288d/0x30e0 drivers/base/core.c:2106 usb_new_device+0x23e5/0x2ff0 drivers/usb/core/hub.c:2534 hub_port_connect drivers/usb/core/hub.c:5089 [inline] hub_port_connect_change drivers/usb/core/hub.c:5204 [inline] port_event drivers/usb/core/hub.c:5350 [inline] hub_event+0x48d1/0x7290 drivers/usb/core/hub.c:5432 process_one_work+0x1572/0x1f00 kernel/workqueue.c:2269 worker_thread+0x111b/0x2460 kernel/workqueue.c:2415 kthread+0x4b5/0x4f0 kernel/kthread.c:254 ret_from_fork+0x35/0x40 arch/x86/entry/entry_64.S:355 Local variable description: ----data@usb_read8 Variable was created at: usb_read8+0x5d/0x130 drivers/staging/rtl8712/usb_ops.c:33 r8712_read8+0xaa/0xd0 drivers/staging/rtl8712/rtl8712_io.c:29 ================================================================== --- This bug is generated by a bot. It may contain errors. See https://goo.gl/tpsmEJ for more information about syzbot. syzbot engineers can be reached at syzkaller@googlegroups.com. syzbot will keep track of this bug report. See: https://goo.gl/tpsmEJ#status for how to communicate with syzbot. syzbot can test patches for this bug, for details see: https://goo.gl/tpsmEJ#testing-patches _______________________________________________ devel mailing list devel@linuxdriverproject.org http://driverdev.linuxdriverproject.org/mailman/listinfo/driverdev-devel
next reply other threads:[~2019-06-06 13:52 UTC|newest] Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top 2019-06-06 13:52 syzbot [this message] 2019-06-06 13:52 ` KMSAN: uninit-value in r871xu_drv_init syzbot
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=000000000000417702058aa80506@google.com \ --to=syzbot+6f5ecd144854c0d8580b@syzkaller.appspotmail.com \ --cc=Larry.Finger@lwfinger.net \ --cc=devel@driverdev.osuosl.org \ --cc=florian.c.schilhabel@googlemail.com \ --cc=glider@google.com \ --cc=gregkh@linuxfoundation.org \ --cc=kai.heng.feng@canonical.com \ --cc=linux-kernel@vger.kernel.org \ --cc=straube.linux@gmail.com \ --cc=syzkaller-bugs@googlegroups.com \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.