Reminder: 9 open syzbot bugs in sound subsystem
From: Eric Biggers
Date: Mon Jun 24 2019 - 01:07:33 EST
[This email was generated by a script. Let me know if you have any suggestions
to make it better.]
Of the currently open syzbot reports against the upstream kernel, I've manually
marked 9 of them as possibly being bugs in the sound subsystem. I've listed
these reports below, sorted by an algorithm that tries to list first the reports
most likely to be still valid, important, and actionable.
Of these 9 bugs, 1 was bisected to a commit from the following person:
Takashi Iwai <tiwai@xxxxxxx>
If you believe a bug is no longer valid, please close the syzbot report by
sending a '#syz fix', '#syz dup', or '#syz invalid' command in reply to the
original thread, as explained at https://goo.gl/tpsmEJ#status
If you believe I misattributed a bug to the sound subsystem, please let me know,
and if possible forward the report to the correct people or mailing list.
Here are the bugs:
--------------------------------------------------------------------------------
Title: KASAN: slab-out-of-bounds Write in default_read_copy_kernel
Last occurred: 119 days ago
Reported: 195 days ago
Branches: Mainline
Dashboard link: https://syzkaller.appspot.com/bug?id=04933ddeeb1b542edf54b88ceccdac34de747a40
Original thread: https://lkml.kernel.org/lkml/0000000000004a6256057ca3b6bd@xxxxxxxxxx/T/#u
This bug has a C reproducer.
This bug was bisected to:
commit 65766ee0bf7fe8b3be80e2e1c3ef54ad59b29476
Author: Takashi Iwai <tiwai@xxxxxxx>
Date: Fri Nov 9 10:59:45 2018 +0000
ALSA: oss: Use kvzalloc() for local buffer allocations
The original thread for this bug received 1 reply, 96 days ago.
If you fix this bug, please add the following tag to the commit:
Reported-by: syzbot+12f17c177de05efea72d@xxxxxxxxxxxxxxxxxxxxxxxxx
If you send any email or patch for this bug, please consider replying to the
original thread. For the git send-email command to use, or tips on how to reply
if the thread isn't in your mailbox, see the "Reply instructions" at
https://lkml.kernel.org/r/0000000000004a6256057ca3b6bd@xxxxxxxxxx
--------------------------------------------------------------------------------
Title: WARNING: proc registration bug in snd_info_card_register
Last occurred: 27 days ago
Reported: 72 days ago
Branches: Mainline (with usb-fuzzer patches)
Dashboard link: https://syzkaller.appspot.com/bug?id=0cf36d8457554bf03c3cacc44d31ff145a0c1a11
Original thread: https://lkml.kernel.org/lkml/0000000000007f693a058653d90c@xxxxxxxxxx/T/#u
This bug has a C reproducer.
No one has replied to the original thread for this bug yet.
This looks like a bug in a sound USB driver.
If you fix this bug, please add the following tag to the commit:
Reported-by: syzbot+2e782bf6a60d0fcb932d@xxxxxxxxxxxxxxxxxxxxxxxxx
If you send any email or patch for this bug, please consider replying to the
original thread. For the git send-email command to use, or tips on how to reply
if the thread isn't in your mailbox, see the "Reply instructions" at
https://lkml.kernel.org/r/0000000000007f693a058653d90c@xxxxxxxxxx
--------------------------------------------------------------------------------
Title: WARNING in snd_usb_motu_microbookii_communicate/usb_submit_urb
Last occurred: 15 days ago
Reported: 12 days ago
Branches: Mainline (with usb-fuzzer patches)
Dashboard link: https://syzkaller.appspot.com/bug?id=125081d1f7eba4b9b25f53aaae53176cd4abb2b7
Original thread: https://lkml.kernel.org/lkml/000000000000acb99a058b0d5741@xxxxxxxxxx/T/#u
This bug has a syzkaller reproducer only.
No one has replied to the original thread for this bug yet.
This looks like a bug in a sound USB driver.
If you fix this bug, please add the following tag to the commit:
Reported-by: syzbot+d952e5e28f5fb7718d23@xxxxxxxxxxxxxxxxxxxxxxxxx
If you send any email or patch for this bug, please reply to the original
thread. For the git send-email command to use, or tips on how to reply if the
thread isn't in your mailbox, see the "Reply instructions" at
https://lkml.kernel.org/r/000000000000acb99a058b0d5741@xxxxxxxxxx
--------------------------------------------------------------------------------
Title: INFO: rcu detected stall in snd_seq_write
Last occurred: 57 days ago
Reported: 300 days ago
Branches: Mainline and others
Dashboard link: https://syzkaller.appspot.com/bug?id=33501520944e11adedf1c454eec4cb818bee16c8
Original thread: https://lkml.kernel.org/lkml/000000000000e5050205746dcbb0@xxxxxxxxxx/T/#u
This bug has a syzkaller reproducer only.
The original thread for this bug received 1 reply, 300 days ago.
If you fix this bug, please add the following tag to the commit:
Reported-by: syzbot+97aae04ce27e39cbfca9@xxxxxxxxxxxxxxxxxxxxxxxxx
If you send any email or patch for this bug, please consider replying to the
original thread. For the git send-email command to use, or tips on how to reply
if the thread isn't in your mailbox, see the "Reply instructions" at
https://lkml.kernel.org/r/000000000000e5050205746dcbb0@xxxxxxxxxx
--------------------------------------------------------------------------------
Title: KASAN: use-after-free Write in check_and_subscribe_port
Last occurred: 54 days ago
Reported: 47 days ago
Branches: Mainline
Dashboard link: https://syzkaller.appspot.com/bug?id=2c039ed96840fcfe469c2c5c5fc0bef92e5c9a23
Original thread: https://lkml.kernel.org/lkml/0000000000008af53105884907e9@xxxxxxxxxx/T/#u
Unfortunately, this bug does not have a reproducer.
No one has replied to the original thread for this bug yet.
If you fix this bug, please add the following tag to the commit:
Reported-by: syzbot+20ab495fadf081e8a2b0@xxxxxxxxxxxxxxxxxxxxxxxxx
If you send any email or patch for this bug, please consider replying to the
original thread. For the git send-email command to use, or tips on how to reply
if the thread isn't in your mailbox, see the "Reply instructions" at
https://lkml.kernel.org/r/0000000000008af53105884907e9@xxxxxxxxxx
--------------------------------------------------------------------------------
Title: WARNING: suspicious RCU usage in line6_pcm_acquire
Last occurred: 28 days ago
Reported: 59 days ago
Branches: Mainline (with usb-fuzzer patches)
Dashboard link: https://syzkaller.appspot.com/bug?id=a0ea128a37bfe56208042c02d080873dcbdf69a0
Original thread: https://lkml.kernel.org/lkml/0000000000007cb1ee0587591549@xxxxxxxxxx/T/#u
Unfortunately, this bug does not have a reproducer.
No one has replied to the original thread for this bug yet.
This looks like a bug in a sound USB driver.
If you fix this bug, please add the following tag to the commit:
Reported-by: syzbot+06b7a5a8c4acc0445995@xxxxxxxxxxxxxxxxxxxxxxxxx
If you send any email or patch for this bug, please consider replying to the
original thread. For the git send-email command to use, or tips on how to reply
if the thread isn't in your mailbox, see the "Reply instructions" at
https://lkml.kernel.org/r/0000000000007cb1ee0587591549@xxxxxxxxxx
--------------------------------------------------------------------------------
Title: KASAN: use-after-free Read in wake_up_if_idle
Last occurred: 101 days ago
Reported: 237 days ago
Branches: Mainline and others
Dashboard link: https://syzkaller.appspot.com/bug?id=b1e300cd7b124fc83dd4199d4d1df26310111b0f
Original thread: https://lkml.kernel.org/lkml/00000000000066ab7105795f245e@xxxxxxxxxx/T/#u
Unfortunately, this bug does not have a reproducer.
No one replied to the original thread for this bug.
If you fix this bug, please add the following tag to the commit:
Reported-by: syzbot+2c1253bc508adef78a7f@xxxxxxxxxxxxxxxxxxxxxxxxx
If you send any email or patch for this bug, please consider replying to the
original thread. For the git send-email command to use, or tips on how to reply
if the thread isn't in your mailbox, see the "Reply instructions" at
https://lkml.kernel.org/r/00000000000066ab7105795f245e@xxxxxxxxxx
--------------------------------------------------------------------------------
Title: INFO: task hung in snd_seq_write
Last occurred: 95 days ago
Reported: 300 days ago
Branches: Mainline and others
Dashboard link: https://syzkaller.appspot.com/bug?id=9366cef8455b032553567ce096a5b31d8307b7dc
Original thread: https://lkml.kernel.org/lkml/0000000000001f74de0574710d3e@xxxxxxxxxx/T/#u
Unfortunately, this bug does not have a reproducer.
No one replied to the original thread for this bug.
If you fix this bug, please add the following tag to the commit:
Reported-by: syzbot+4c595632b98bb8ffcc66@xxxxxxxxxxxxxxxxxxxxxxxxx
If you send any email or patch for this bug, please consider replying to the
original thread. For the git send-email command to use, or tips on how to reply
if the thread isn't in your mailbox, see the "Reply instructions" at
https://lkml.kernel.org/r/0000000000001f74de0574710d3e@xxxxxxxxxx
--------------------------------------------------------------------------------
Title: KASAN: slab-out-of-bounds Read in linear_transfer (2)
Last occurred: 70 days ago
Reported: 61 days ago
Branches: linux-next
Dashboard link: https://syzkaller.appspot.com/bug?id=e76ec5e68d0556a5eed9c0565fd5535ecc60300b
Original thread: https://lkml.kernel.org/lkml/0000000000000f7c8105873507b5@xxxxxxxxxx/T/#u
Unfortunately, this bug does not have a reproducer.
No one has replied to the original thread for this bug yet.
If you fix this bug, please add the following tag to the commit:
Reported-by: syzbot+e28a58bb80f4c67a2b89@xxxxxxxxxxxxxxxxxxxxxxxxx
If you send any email or patch for this bug, please consider replying to the
original thread. For the git send-email command to use, or tips on how to reply
if the thread isn't in your mailbox, see the "Reply instructions" at
https://lkml.kernel.org/r/0000000000000f7c8105873507b5@xxxxxxxxxx