lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Sat, 4 Dec 2021 11:18:35 +0100
From:   Dmitry Vyukov <dvyukov@...gle.com>
To:     Oliver Neukum <oneukum@...e.com>
Cc:     syzbot <syzbot+63ee658b9a100ffadbe2@...kaller.appspotmail.com>,
        davem@...emloft.net, kuba@...nel.org, linux-kernel@...r.kernel.org,
        linux-usb@...r.kernel.org, netdev@...r.kernel.org,
        syzkaller-bugs@...glegroups.com,
        Aleksandr Nogikh <nogikh@...gle.com>,
        Andrey Konovalov <andreyknvl@...gle.com>
Subject: Re: [syzbot] WARNING in usbnet_start_xmit/usb_submit_urb

On Mon, 15 Nov 2021 at 15:31, 'Oliver Neukum' via syzkaller-bugs
<syzkaller-bugs@...glegroups.com> wrote:
>
>
> On 15.11.21 08:28, syzbot wrote:
> > Hello,
> >
> > syzbot found the following issue on:
> >
> > HEAD commit:    048ff8629e11 Merge tag 'usb-5.16-rc1' of git://git.kernel...
> > git tree:       https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb.git usb-testing
> > console output: https://syzkaller.appspot.com/x/log.txt?x=1480ade1b00000
> > kernel config:  https://syzkaller.appspot.com/x/.config?x=d6b387bc5d3e50f3
> > dashboard link: https://syzkaller.appspot.com/bug?extid=63ee658b9a100ffadbe2
> > compiler:       gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2
> > syz repro:      https://syzkaller.appspot.com/x/repro.syz?x=1313cb7cb00000
> > C reproducer:   https://syzkaller.appspot.com/x/repro.c?x=16a2f676b00000
> >
> > IMPORTANT: if you fix the issue, please add the following tag to the commit:
> > Reported-by: syzbot+63ee658b9a100ffadbe2@...kaller.appspotmail.com
> >
> > ------------[ cut here ]------------
> > usb 5-1: BOGUS urb xfer, pipe 3 != type 1
> > WARNING: CPU: 0 PID: 1291 at drivers/usb/core/urb.c:502 usb_submit_urb+0xed2/0x18a0 drivers/usb/core/urb.c:502
>
> Hi,
>
> here I understand what is happening, but not why it can happen. Usbnet
> checks the endpoint type.
>
> May I request an addition to syzbot? Could you include the output of
> "lsusb -v" at the time
> of the error condition for USB bugs?

Hi Oliver,

Aleksandr filed https://github.com/google/syzkaller/issues/2889 for
this request.
But so far we did not find a good solution. syzbot collects some info
about the machine after boot, but that's obviously wrong moment. After
the bug it's also too late -- the kernel is dead/corrupted. It's also
unclear what exactly is "usb bug".
It may be easier to do from the kernel by hooking into panic. Would
also benefit all other kernel testing as this is not really
syzbot-specific, so better belongs to kernel. Is it possible to do it
from the kernel? If not, maybe the kernel could at least log
connect/disconnect events to the console.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ