syzbot

 sign-in | mailing list | source | docs
🐞 Open [1501]
Subsystems
🐞 Fixed [6533]
🐞 Invalid [16697]
Missing Backports [202]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

divide error in comedi_buf_write_free

Status: upstream: reported on 2025/07/09 17:38
Subsystems: comedi
[Documentation on labels]
Reported-by: syzbot+f6c3c066162d2c43a66c@syzkaller.appspotmail.com
First crash: 54d, last: 1d02h
Discussions (3)
Title Replies (including bot) Last reply
[syzbot] Monthly comedi report (Aug 2025) 0 (1) 2025/08/25 08:44
[syzbot] Monthly comedi report (Jul 2025) 0 (1) 2025/07/24 09:32
[syzbot] [kernel?] divide error in comedi_buf_write_free 0 (1) 2025/07/09 17:38
Similar bugs (1)
Kernel Title Rank 🛈 Repro Cause bisect Fix bisect Count Last Reported Patched Status
linux-5.15 divide error in comedi_buf_write_free 2 1 54d 54d 0/3 upstream: reported on 2025/07/09 05:29

Sample crash report:
Oops: divide error: 0000 [#1] SMP KASAN PTI
CPU: 0 UID: 0 PID: 3220 Comm: irq/7-das16m1 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
RIP: 0010:comedi_buf_munge drivers/comedi/comedi_buf.c:347 [inline]
RIP: 0010:comedi_buf_write_free+0x3c8/0x7e0 drivers/comedi/comedi_buf.c:391
Code: 41 03 45 00 48 8b 4c 24 78 42 0f b6 0c 21 84 c9 4c 8b bc 24 90 00 00 00 44 8b 74 24 54 0f 85 02 01 00 00 31 d2 48 8b 4c 24 30 <f7> 31 41 89 55 00 48 8b 44 24 70 42 0f b6 04 20 84 c0 0f 85 09 01
RSP: 0018:ffffc90004b87a18 EFLAGS: 00010246
RAX: 0000000000000001 RBX: dffffc0000000000 RCX: ffff8880650cd080
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
RBP: 0000000000000002 R08: 0000000000000000 R09: 0000000000000000
R10: dffffc0000000000 R11: ffffffff886ac6f0 R12: dffffc0000000000
R13: ffff8880650cd038 R14: 0000000000000000 R15: ffff8880650cd000
FS:  0000000000000000(0000) GS:ffff8881268c2000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007fff2e8d2b18 CR3: 000000002f5ea000 CR4: 00000000003526f0
Call Trace:
 <TASK>
 comedi_buf_write_samples+0x369/0x5a0 drivers/comedi/comedi_buf.c:602
 das16m1_handler+0x213/0x4b0 drivers/comedi/drivers/das16m1.c:413
 das16m1_interrupt+0xaf/0x180 drivers/comedi/drivers/das16m1.c:470
 irq_thread_fn kernel/irq/manage.c:1131 [inline]
 irq_forced_thread_fn+0x98/0x120 kernel/irq/manage.c:1153
 irq_thread+0x427/0x690 kernel/irq/manage.c:1256
 kthread+0x711/0x8a0 kernel/kthread.c:463
 ret_from_fork+0x3f9/0x770 arch/x86/kernel/process.c:148
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245
 </TASK>
Modules linked in:
---[ end trace 0000000000000000 ]---
RIP: 0010:comedi_buf_munge drivers/comedi/comedi_buf.c:347 [inline]
RIP: 0010:comedi_buf_write_free+0x3c8/0x7e0 drivers/comedi/comedi_buf.c:391
Code: 41 03 45 00 48 8b 4c 24 78 42 0f b6 0c 21 84 c9 4c 8b bc 24 90 00 00 00 44 8b 74 24 54 0f 85 02 01 00 00 31 d2 48 8b 4c 24 30 <f7> 31 41 89 55 00 48 8b 44 24 70 42 0f b6 04 20 84 c0 0f 85 09 01
RSP: 0018:ffffc90004b87a18 EFLAGS: 00010246
RAX: 0000000000000001 RBX: dffffc0000000000 RCX: ffff8880650cd080
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
RBP: 0000000000000002 R08: 0000000000000000 R09: 0000000000000000
R10: dffffc0000000000 R11: ffffffff886ac6f0 R12: dffffc0000000000
R13: ffff8880650cd038 R14: 0000000000000000 R15: ffff8880650cd000
FS:  0000000000000000(0000) GS:ffff8881268c2000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007fff2e8d2b18 CR3: 000000002f5ea000 CR4: 00000000003526f0
----------------
Code disassembly (best guess):
   0:	41 03 45 00          	add    0x0(%r13),%eax
   4:	48 8b 4c 24 78       	mov    0x78(%rsp),%rcx
   9:	42 0f b6 0c 21       	movzbl (%rcx,%r12,1),%ecx
   e:	84 c9                	test   %cl,%cl
  10:	4c 8b bc 24 90 00 00 	mov    0x90(%rsp),%r15
  17:	00
  18:	44 8b 74 24 54       	mov    0x54(%rsp),%r14d
  1d:	0f 85 02 01 00 00    	jne    0x125
  23:	31 d2                	xor    %edx,%edx
  25:	48 8b 4c 24 30       	mov    0x30(%rsp),%rcx
* 2a:	f7 31                	divl   (%rcx) <-- trapping instruction
  2c:	41 89 55 00          	mov    %edx,0x0(%r13)
  30:	48 8b 44 24 70       	mov    0x70(%rsp),%rax
  35:	42 0f b6 04 20       	movzbl (%rax,%r12,1),%eax
  3a:	84 c0                	test   %al,%al
  3c:	0f                   	.byte 0xf
  3d:	85 09                	test   %ecx,(%rcx)
  3f:	01                   	.byte 0x1

Crashes (36):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2025/08/31 19:39 upstream 5c3b3264e585 807a3b61 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root divide error in comedi_buf_write_free
2025/08/30 20:05 upstream c8bc81a52d5a 807a3b61 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root divide error in comedi_buf_write_free
2025/08/28 09:40 upstream 07d9df80082b e12e5ba4 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root divide error in comedi_buf_write_free
2025/08/23 14:10 upstream 038d61fd6422 bf27483f .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root divide error in comedi_buf_write_free
2025/08/23 00:49 upstream 038d61fd6422 bf27483f .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root divide error in comedi_buf_write_free
2025/08/21 23:38 upstream 038d61fd6422 bf27483f .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root divide error in comedi_buf_write_free
2025/08/21 10:43 upstream 41cd3fd15263 0b9605c8 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root divide error in comedi_buf_write_free
2025/08/20 12:21 upstream b19a97d57c15 bd178e57 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root divide error in comedi_buf_write_free
2025/08/19 22:32 upstream 038d61fd6422 79512909 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root divide error in comedi_buf_write_free
2025/08/16 16:18 upstream 038d61fd6422 1804e95e .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root divide error in comedi_buf_write_free
2025/08/16 01:59 upstream d7ee5bdce789 1804e95e .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root divide error in comedi_buf_write_free
2025/07/31 02:58 upstream 038d61fd6422 f8f2b4da .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root divide error in comedi_buf_write_free
2025/07/31 02:55 upstream 038d61fd6422 f8f2b4da .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root divide error in comedi_buf_write_free
2025/07/30 17:38 upstream 4b290aae788e f8f2b4da .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root divide error in comedi_buf_write_free
2025/07/30 16:49 upstream 4b290aae788e f8f2b4da .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root divide error in comedi_buf_write_free
2025/07/23 04:11 upstream 89be9a83ccf1 85deaf45 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root divide error in comedi_buf_write_free
2025/07/22 23:46 upstream 89be9a83ccf1 85deaf45 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root divide error in comedi_buf_write_free
2025/08/31 15:39 linux-next 7fa4d8dc380f 807a3b61 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-rust-kasan-gce divide error in comedi_buf_write_free
2025/08/24 23:29 linux-next 7fa4d8dc380f bf27483f .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-rust-kasan-gce divide error in comedi_buf_write_free
2025/08/24 12:32 linux-next 7fa4d8dc380f bf27483f .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-rust-kasan-gce divide error in comedi_buf_write_free
2025/08/20 03:22 linux-next 886e5e7b0432 79512909 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-rust-kasan-gce divide error in comedi_buf_write_free
2025/08/16 14:58 linux-next 931e46dcbc7e 1804e95e .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-rust-kasan-gce divide error in comedi_buf_write_free
2025/08/15 13:18 linux-next 931e46dcbc7e 1804e95e .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-rust-kasan-gce divide error in comedi_buf_write_free
2025/08/13 19:08 linux-next 2674d1eadaa2 22ec1469 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-rust-kasan-gce divide error in comedi_buf_write_free
2025/08/13 07:54 linux-next 2674d1eadaa2 22ec1469 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-rust-kasan-gce divide error in comedi_buf_write_free
2025/08/12 00:07 linux-next b1549501188c 32a0e5ed .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-linux-next-kasan-gce-root divide error in comedi_buf_write_free
2025/08/05 08:02 linux-next afec768a6a8f abdcb213 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-rust-kasan-gce divide error in comedi_buf_write_free
2025/08/04 14:20 linux-next 5c5a10f0be96 7368264b .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-rust-kasan-gce divide error in comedi_buf_write_free
2025/08/01 07:55 linux-next 84b92a499e7e 0c075d67 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-rust-kasan-gce divide error in comedi_buf_write_free
2025/07/30 07:57 linux-next d086c886ceb9 f8f2b4da .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-rust-kasan-gce divide error in comedi_buf_write_free
2025/07/27 07:48 linux-next d086c886ceb9 fb8f743d .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-rust-kasan-gce divide error in comedi_buf_write_free
2025/07/24 05:52 linux-next d086c886ceb9 0c1d6ded .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-rust-kasan-gce divide error in comedi_buf_write_free
2025/07/23 20:03 linux-next d086c886ceb9 e1dd4f22 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-rust-kasan-gce divide error in comedi_buf_write_free
2025/07/09 09:36 linux-next 58ba80c47402 abade794 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-linux-next-kasan-gce-root divide error in comedi_buf_write_free
2025/07/09 06:13 linux-next 58ba80c47402 abade794 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-linux-next-kasan-gce-root divide error in comedi_buf_write_free
2025/07/09 04:56 linux-next 58ba80c47402 abade794 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-rust-kasan-gce divide error in comedi_buf_write_free
* Struck through repros no longer work on HEAD.