syzbot

 sign-in | mailing list | source | docs
🐞 Open [1500]
Subsystems
🐞 Fixed [6662]
🐞 Invalid [17067]
Missing Backports [214]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

BUG: sleeping function called from invalid context in dummy_dequeue

Status: upstream: reported C repro on 2025/08/25 08:51
Subsystems: usb
[Documentation on labels]
Reported-by: syzbot+8baacc4139f12fa77909@syzkaller.appspotmail.com
Fix commit: 8d63c83d8eb9 USB: gadget: dummy-hcd: Fix locking bug in RT-enabled kernels
Patched on: [ci-qemu-gce-upstream-auto ci-qemu-upstream ci-qemu-upstream-386 ci-qemu2-arm32 ci-qemu2-arm64 ci-qemu2-arm64-compat ci-qemu2-arm64-mte ci-qemu2-riscv64 ci-snapshot-upstream-root ci-upstream-bpf-kasan-gce ci-upstream-bpf-next-kasan-gce ci-upstream-gce-arm64 ci-upstream-gce-leak ci-upstream-kasan-badwrites-root ci-upstream-kasan-gce ci-upstream-kasan-gce-386 ci-upstream-kasan-gce-root ci-upstream-kasan-gce-selinux-root ci-upstream-kasan-gce-smack-root ci-upstream-kmsan-gce-386-root ci-upstream-kmsan-gce-root ci-upstream-linux-next-kasan-gce-root ci-upstream-net-kasan-gce ci-upstream-net-this-kasan-gce ci-upstream-rust-kasan-gce ci2-upstream-fs ci2-upstream-kcsan-gce ci2-upstream-usb], missing on: [ci-qemu-native-arm64-kvm]
First crash: 57d, last: 35d
Cause bisection: failed (error log, bisect log)
  
Discussions (2)
Title Replies (including bot) Last reply
[syzbot] [usb?] BUG: sleeping function called from invalid context in dummy_dequeue 3 (7) 2025/08/26 03:14
[PATCH] USB: gadget: dummy-hcd: Fix locking bug in RT-enabled kernels 2 (2) 2025/08/25 16:05
Last patch testing requests (3)
Created Duration User Patch Repo Result
2025/08/26 01:58 26m hdanton@sina.com patch upstream OK log
2025/08/25 14:18 26m stern@rowland.harvard.edu patch https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/ 8d245acc1e88 OK log
2025/08/25 10:27 20m hdanton@sina.com patch upstream report log

Sample crash report:
BUG: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:48
in_atomic(): 0, irqs_disabled(): 1, non_block: 0, pid: 6118, name: syz.0.17
preempt_count: 0, expected: 0
RCU nest depth: 0, expected: 0
1 lock held by syz.0.17/6118:
 #0: ffff888144724058 (&dum_hcd->dum->lock){+.+.}-{3:3}, at: spin_lock include/linux/spinlock_rt.h:44 [inline]
 #0: ffff888144724058 (&dum_hcd->dum->lock){+.+.}-{3:3}, at: dummy_dequeue+0x164/0x480 drivers/usb/gadget/udc/dummy_hcd.c:769
irq event stamp: 5054
hardirqs last  enabled at (5053): [<ffffffff8af9b343>] __raw_spin_unlock_irq include/linux/spinlock_api_smp.h:159 [inline]
hardirqs last  enabled at (5053): [<ffffffff8af9b343>] _raw_spin_unlock_irq+0x23/0x50 kernel/locking/spinlock.c:202
hardirqs last disabled at (5054): [<ffffffff86fc2471>] dummy_dequeue+0x151/0x480 drivers/usb/gadget/udc/dummy_hcd.c:768
softirqs last  enabled at (0): [<ffffffff81828ba9>] rcu_lock_acquire include/linux/rcupdate.h:331 [inline]
softirqs last  enabled at (0): [<ffffffff81828ba9>] rcu_read_lock include/linux/rcupdate.h:841 [inline]
softirqs last  enabled at (0): [<ffffffff81828ba9>] copy_process+0x979/0x3ae0 kernel/fork.c:2043
softirqs last disabled at (0): [<0000000000000000>] 0x0
CPU: 0 UID: 0 PID: 6118 Comm: syz.0.17 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
Call Trace:
 <TASK>
 dump_stack_lvl+0x189/0x250 lib/dump_stack.c:120
 __might_resched+0x44b/0x5d0 kernel/sched/core.c:8957
 __rt_spin_lock kernel/locking/spinlock_rt.c:48 [inline]
 rt_spin_lock+0xc7/0x2c0 kernel/locking/spinlock_rt.c:57
 spin_lock include/linux/spinlock_rt.h:44 [inline]
 dummy_dequeue+0x164/0x480 drivers/usb/gadget/udc/dummy_hcd.c:769
 usb_ep_dequeue+0x66/0x250 drivers/usb/gadget/udc/core.c:330
 raw_process_ep_io+0x5a3/0xaf0 drivers/usb/gadget/legacy/raw_gadget.c:1124
 raw_ioctl_ep_write drivers/usb/gadget/legacy/raw_gadget.c:1152 [inline]
 raw_ioctl+0x22dc/0x3ba0 drivers/usb/gadget/legacy/raw_gadget.c:1324
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:598 [inline]
 __se_sys_ioctl+0xfc/0x170 fs/ioctl.c:584
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xfa/0x3b0 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f1608d4e7eb
Code: 00 48 89 44 24 18 31 c0 48 8d 44 24 60 c7 04 24 10 00 00 00 48 89 44 24 08 48 8d 44 24 20 48 89 44 24 10 b8 10 00 00 00 0f 05 <89> c2 3d 00 f0 ff ff 77 1c 48 8b 44 24 18 64 48 2b 04 25 28 00 00
RSP: 002b:00007ffdcd9fcf80 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 0000000000000044 RCX: 00007f1608d4e7eb
RDX: 00007ffdcd9fd000 RSI: 0000000040085507 RDI: 0000000000000003
RBP: 0000000000000003 R08: 00007f16090a0320 R09: 0000000000000000
R10: 0000000000000003 R11: 0000000000000246 R12: 0000200000000080
R13: 000000000000000a R14: 00007f1608f75fa0 R15: 0000000000000004
 </TASK>

Crashes (6278):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2025/08/24 03:19 upstream 8d245acc1e88 bf27483f .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root BUG: sleeping function called from invalid context in dummy_dequeue
2025/09/13 16:47 upstream 22f20375f5b7 e2beed91 .config console log report syz / log [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root BUG: sleeping function called from invalid context in dummy_dequeue
2025/09/13 14:24 upstream 22f20375f5b7 e2beed91 .config console log report syz / log [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root BUG: sleeping function called from invalid context in dummy_dequeue
2025/09/05 20:38 upstream d69eb204c255 d291dd2d .config console log report syz / log [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root BUG: sleeping function called from invalid context in dummy_dequeue
2025/08/24 06:37 upstream 8d245acc1e88 bf27483f .config console log report syz / log [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root BUG: sleeping function called from invalid context in dummy_dequeue
2025/09/14 21:46 upstream f83a4f2a4d8c e2beed91 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root BUG: sleeping function called from invalid context in dummy_dequeue
2025/09/14 20:42 upstream f83a4f2a4d8c e2beed91 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root BUG: sleeping function called from invalid context in dummy_dequeue
2025/09/14 19:28 upstream f83a4f2a4d8c e2beed91 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root BUG: sleeping function called from invalid context in dummy_dequeue
2025/09/14 18:13 upstream f83a4f2a4d8c e2beed91 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root BUG: sleeping function called from invalid context in dummy_dequeue
2025/09/14 16:44 upstream f83a4f2a4d8c e2beed91 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root BUG: sleeping function called from invalid context in dummy_dequeue
2025/09/14 15:51 upstream f83a4f2a4d8c e2beed91 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root BUG: sleeping function called from invalid context in dummy_dequeue
2025/09/14 14:51 upstream f83a4f2a4d8c e2beed91 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root BUG: sleeping function called from invalid context in dummy_dequeue
2025/09/14 14:21 upstream f83a4f2a4d8c e2beed91 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root BUG: sleeping function called from invalid context in dummy_dequeue
2025/09/14 13:14 upstream f83a4f2a4d8c e2beed91 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root BUG: sleeping function called from invalid context in dummy_dequeue
2025/09/14 12:26 upstream f83a4f2a4d8c e2beed91 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root BUG: sleeping function called from invalid context in dummy_dequeue
2025/09/14 12:23 upstream f83a4f2a4d8c e2beed91 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root BUG: sleeping function called from invalid context in dummy_dequeue
2025/09/14 10:59 upstream f83a4f2a4d8c e2beed91 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root BUG: sleeping function called from invalid context in dummy_dequeue
2025/09/14 10:52 upstream f83a4f2a4d8c e2beed91 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root BUG: sleeping function called from invalid context in dummy_dequeue
2025/09/14 09:33 upstream f83a4f2a4d8c e2beed91 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root BUG: sleeping function called from invalid context in dummy_dequeue
2025/09/14 07:04 upstream 5cd64d4f9268 e2beed91 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root BUG: sleeping function called from invalid context in dummy_dequeue
2025/09/14 06:46 upstream 5cd64d4f9268 e2beed91 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root BUG: sleeping function called from invalid context in dummy_dequeue
2025/09/14 05:17 upstream 5cd64d4f9268 e2beed91 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root BUG: sleeping function called from invalid context in dummy_dequeue
2025/09/14 05:17 upstream 5cd64d4f9268 e2beed91 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root BUG: sleeping function called from invalid context in dummy_dequeue
2025/09/14 04:15 upstream 5cd64d4f9268 e2beed91 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root BUG: sleeping function called from invalid context in dummy_dequeue
2025/09/14 04:04 upstream 5cd64d4f9268 e2beed91 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root BUG: sleeping function called from invalid context in dummy_dequeue
2025/09/14 03:03 upstream 5cd64d4f9268 e2beed91 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root BUG: sleeping function called from invalid context in dummy_dequeue
2025/09/14 03:02 upstream 5cd64d4f9268 e2beed91 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root BUG: sleeping function called from invalid context in dummy_dequeue
2025/09/14 01:55 upstream 5cd64d4f9268 e2beed91 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root BUG: sleeping function called from invalid context in dummy_dequeue
2025/09/14 01:06 upstream 5cd64d4f9268 e2beed91 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root BUG: sleeping function called from invalid context in dummy_dequeue
2025/09/14 00:55 upstream 5cd64d4f9268 e2beed91 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root BUG: sleeping function called from invalid context in dummy_dequeue
2025/09/13 23:48 upstream 5cd64d4f9268 e2beed91 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root BUG: sleeping function called from invalid context in dummy_dequeue
2025/09/13 23:24 upstream 5cd64d4f9268 e2beed91 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root BUG: sleeping function called from invalid context in dummy_dequeue
2025/09/13 23:03 upstream 5cd64d4f9268 e2beed91 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root BUG: sleeping function called from invalid context in dummy_dequeue
2025/09/13 22:57 upstream 5cd64d4f9268 e2beed91 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root BUG: sleeping function called from invalid context in dummy_dequeue
2025/09/13 21:53 upstream 5cd64d4f9268 e2beed91 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root BUG: sleeping function called from invalid context in dummy_dequeue
2025/09/13 21:07 upstream 5cd64d4f9268 e2beed91 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root BUG: sleeping function called from invalid context in dummy_dequeue
2025/09/13 19:57 upstream 5cd64d4f9268 e2beed91 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root BUG: sleeping function called from invalid context in dummy_dequeue
2025/09/13 18:34 upstream 22f20375f5b7 e2beed91 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root BUG: sleeping function called from invalid context in dummy_dequeue
2025/09/13 18:26 upstream 22f20375f5b7 e2beed91 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root BUG: sleeping function called from invalid context in dummy_dequeue
2025/09/13 16:26 upstream 22f20375f5b7 e2beed91 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root BUG: sleeping function called from invalid context in dummy_dequeue
2025/09/13 15:29 upstream 22f20375f5b7 e2beed91 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root BUG: sleeping function called from invalid context in dummy_dequeue
2025/09/13 14:10 upstream 22f20375f5b7 e2beed91 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root BUG: sleeping function called from invalid context in dummy_dequeue
2025/09/13 13:12 upstream 22f20375f5b7 e2beed91 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root BUG: sleeping function called from invalid context in dummy_dequeue
2025/09/13 11:49 upstream 22f20375f5b7 e2beed91 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root BUG: sleeping function called from invalid context in dummy_dequeue
2025/09/13 10:44 upstream 22f20375f5b7 e2beed91 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root BUG: sleeping function called from invalid context in dummy_dequeue
2025/09/13 09:38 upstream 22f20375f5b7 e2beed91 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root BUG: sleeping function called from invalid context in dummy_dequeue
2025/09/13 09:08 upstream 22f20375f5b7 e2beed91 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root BUG: sleeping function called from invalid context in dummy_dequeue
2025/09/13 08:03 upstream 22f20375f5b7 e2beed91 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root BUG: sleeping function called from invalid context in dummy_dequeue
2025/09/13 07:00 upstream 22f20375f5b7 e2beed91 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root BUG: sleeping function called from invalid context in dummy_dequeue
2025/09/13 06:59 upstream 22f20375f5b7 e2beed91 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root BUG: sleeping function called from invalid context in dummy_dequeue
2025/09/13 05:49 upstream 22f20375f5b7 e2beed91 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root BUG: sleeping function called from invalid context in dummy_dequeue
* Struck through repros no longer work on HEAD.