lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Sat, 10 Jun 2023 19:09:26 +0900
From:   Tetsuo Handa <penguin-kernel@...ove.SAKURA.ne.jp>
To:     Sean Young <sean@...s.org>,
        Mauro Carvalho Chehab <mchehab@...nel.org>,
        linux-media@...r.kernel.org
Cc:     linux-usb@...r.kernel.org,
        syzbot <syzbot+96127c74434e19e4609d@...kaller.appspotmail.com>,
        syzkaller-bugs@...glegroups.com
Subject: Re: [syzbot] [tomoyo?] [fs?] INFO: rcu detected stall in newfstatat
 (3)

Regarding drivers/media/rc/ directory, igorplugusb_callback() and irtoy_in_callback() and
mceusb_dev_recv() are handling -EPROTO error, by calling usb_unlink_urb() and returning
instead of calling usb_submit_urb() again. This indicates that lack of -EPROTO (and some
other error codes) handling in usb_rx_callback_intf0() is causing infinite resubmit loop.
So, which error codes does usb_rx_callback_intf0() need to handle?

static void usb_rx_callback_intf0(struct urb *urb)
{
	dev_warn(ictx->dev, "imon %s: status(%d): ignored\n",
		__func__, urb->status);
	usb_submit_urb(ictx->rx_urb_intf0, GFP_ATOMIC);
}

#syz set subsystems: usb

On 2023/06/10 18:07, syzbot wrote:
> Hello,
> 
> syzbot found the following issue on:
> 
> HEAD commit:    d37537a1f7cf Merge 6.4-rc5 into usb-next
> git tree:       https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing
> console output: https://syzkaller.appspot.com/x/log.txt?x=15d9b771280000
> kernel config:  https://syzkaller.appspot.com/x/.config?x=9e12d6d7f5296037
> dashboard link: https://syzkaller.appspot.com/bug?extid=96127c74434e19e4609d
> compiler:       gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
> syz repro:      https://syzkaller.appspot.com/x/repro.syz?x=153d7959280000
> C reproducer:   https://syzkaller.appspot.com/x/repro.c?x=15bcb6b5280000
> 
> Downloadable assets:
> disk image: https://storage.googleapis.com/syzbot-assets/752b1860c3b6/disk-d37537a1.raw.xz
> vmlinux: https://storage.googleapis.com/syzbot-assets/6f9c9f2751b2/vmlinux-d37537a1.xz
> kernel image: https://storage.googleapis.com/syzbot-assets/bf7433b7dd12/bzImage-d37537a1.xz
> 
> IMPORTANT: if you fix the issue, please add the following tag to the commit:
> Reported-by: syzbot+96127c74434e19e4609d@...kaller.appspotmail.com

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ