syzbot

 sign-in | mailing list | source | docs
🐞 Open [1586]
Subsystems
🐞 Fixed [6383]
🐞 Invalid [16250]
Missing Backports [196]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

BUG: unable to handle kernel paging request in subdev_8255_io

Status: upstream: reported C repro on 2025/07/07 16:31
Subsystems: kernel
[Documentation on labels]
Reported-by: syzbot+f7ad508e3c76c097483f@syzkaller.appspotmail.com
First crash: 7d11h, last: 13h29m
Discussions (1)
Title Replies (including bot) Last reply
[syzbot] [kernel?] BUG: unable to handle kernel paging request in subdev_8255_io 0 (1) 2025/07/07 16:31

Sample crash report:
8<--- cut here ---
Unable to handle kernel paging request at virtual address fee0000f when write
[fee0000f] *pgd=80000080007003, *pmd=00000000
Internal error: Oops: a06 [#1] SMP ARM
Modules linked in:
CPU: 1 UID: 0 PID: 4085 Comm: syz.2.16 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT 
Hardware name: ARM-Versatile Express
PC is at __raw_writeb arch/arm/include/asm/io.h:88 [inline]
PC is at subdev_8255_io drivers/comedi/drivers/comedi_8255.c:47 [inline]
PC is at subdev_8255_io+0x60/0x6c drivers/comedi/drivers/comedi_8255.c:43
LR is at subdev_8255_io drivers/comedi/drivers/comedi_8255.c:47 [inline]
LR is at subdev_8255_io+0x4c/0x6c drivers/comedi/drivers/comedi_8255.c:43
pc : [<813a5ab0>]    lr : [<813a5a9c>]    psr: 60000013
sp : dfc95cc0  ip : dfc95cc0  fp : dfc95cdc
r10: 00000000  r9 : 00000000  r8 : 00000084
r7 : 0000000c  r6 : 0000009b  r5 : 84064900  r4 : 0000000f
r3 : 0000009b  r2 : fee0000f  r1 : 00000001  r0 : 84064900
Flags: nZCv  IRQs on  FIQs on  Mode SVC_32  ISA ARM  Segment none
Control: 30c5387d  Table: 848edb00  DAC: 00000000
Register r0 information: slab kmalloc-192 start 84064900 pointer offset 0 size 192
Register r1 information: non-paged memory
Register r2 information: 0-page vmalloc region starting at 0xfee00000 allocated at pci_reserve_io+0x0/0x38 arch/arm/mm/mmu.c:1055
Register r3 information: non-paged memory
Register r4 information: non-paged memory
Register r5 information: slab kmalloc-192 start 84064900 pointer offset 0 size 192
Register r6 information: non-paged memory
Register r7 information: non-paged memory
Register r8 information: non-paged memory
Register r9 information: NULL pointer
Register r10 information: NULL pointer
Register r11 information: 2-page vmalloc region starting at 0xdfc94000 allocated at kernel_clone+0xac/0x3e4 kernel/fork.c:2599
Register r12 information: 2-page vmalloc region starting at 0xdfc94000 allocated at kernel_clone+0xac/0x3e4 kernel/fork.c:2599
Process syz.2.16 (pid: 4085, stack limit = 0xdfc94000)
Stack: (0xdfc95cc0 to 0xdfc96000)
5cc0: 813a5a50 84064900 0000000c 0000000c dfc95cfc dfc95ce0 813a5788 813a5a5c
5ce0: 0000000c 80508714 85761800 85761800 dfc95d1c dfc95d00 813a5b48 813a573c
5d00: 85761800 84064900 dfc95dac 0000000c dfc95d5c dfc95d20 813a5d3c 813a5ac8
5d20: 20000013 8543a780 82822670 00000000 00000000 829c52b0 84064900 00000000
5d40: dfc95d98 84064900 00000000 82b15078 dfc95d94 dfc95d60 81394c60 813a5c8c
5d60: 20000140 00000000 dfc95d84 20000140 84064900 b5403587 20000140 85400c00
5d80: 40946400 00000003 dfc95e4c dfc95d98 813908f0 81394b68 35353238 00000000
5da0: 00000000 00000000 00000000 0000000c 00002166 00000002 00000010 000088d6
5dc0: 00000b45 00000008 00000010 00000000 ffffffff 00000200 00000fff 00000344
5de0: 00000001 00000002 00000200 00000009 00000003 00000003 00000001 00000004
5e00: 00000000 00000080 00000004 00000001 00000001 0000b0c4 000007df 00000008
5e20: 000000f3 00000001 00000000 4c54bfda 00000000 8497b000 84064900 20000140
5e40: dfc95f14 dfc95e50 813918a4 81390824 00000000 00000000 00000000 4c54bfda
5e60: 00000000 00000000 8246a3fc 0000005f 83ec1858 84064930 842b4174 85400c00
5e80: dfc95ee4 dfc95e90 8079688c 8078cb7c 00000064 00000001 00000000 dfc95eac
5ea0: 85639850 8342b5d8 00006400 0000000b dfc95ea0 00000000 00000000 4c54bfda
5ec0: 8497b000 40946400 20000140 20000140 00000003 8497b000 dfc95ef4 dfc95ee8
5ee0: 807969ac 4c54bfda dfc95f14 40946400 00000000 8497b000 20000140 00000003
5f00: 8497b000 85400c00 dfc95fa4 dfc95f18 8056f16c 813912d4 dfc95f4c dfc95f28
5f20: 80349a98 8034cdb4 81a2db68 81a2da38 dfc95f54 dfc95f40 8026203c 7edec920
5f40: dfc95fa4 dfc95f50 8034a2e0 803499a4 00000000 7edec920 ffffffff 80234128
5f60: 00000000 00000000 00000000 00000000 00000000 4c54bfda dfc95fac 00000000
5f80: 00000000 002f6300 00000036 8020029c 85400c00 00000036 00000000 dfc95fa8
5fa0: 80200060 8056f048 00000000 00000000 00000003 40946400 20000140 00000000
5fc0: 00000000 00000000 002f6300 00000036 00000000 002f62d4 0000047b 00000000
5fe0: 7edec780 7edec770 000193a4 00131f40 60000010 00000003 00000000 00000000
Call trace: 
[<813a5a50>] (subdev_8255_io) from [<813a5788>] (subdev_8255_do_config+0x58/0x60 drivers/comedi/drivers/comedi_8255.c:115)
 r7:0000000c r6:0000000c r5:84064900 r4:813a5a50
[<813a5730>] (subdev_8255_do_config) from [<813a5b48>] (__subdev_8255_init drivers/comedi/drivers/comedi_8255.c:172 [inline])
[<813a5730>] (subdev_8255_do_config) from [<813a5b48>] (subdev_8255_io_init+0x8c/0x9c drivers/comedi/drivers/comedi_8255.c:192)
 r4:85761800
[<813a5abc>] (subdev_8255_io_init) from [<813a5d3c>] (dev_8255_attach drivers/comedi/drivers/8255.c:83 [inline])
[<813a5abc>] (subdev_8255_io_init) from [<813a5d3c>] (dev_8255_attach+0xbc/0x114 drivers/comedi/drivers/8255.c:46)
 r7:0000000c r6:dfc95dac r5:84064900 r4:85761800
[<813a5c80>] (dev_8255_attach) from [<81394c60>] (comedi_device_attach+0x104/0x240 drivers/comedi/drivers.c:996)
 r10:82b15078 r9:00000000 r8:84064900 r7:dfc95d98 r6:00000000 r5:84064900
 r4:829c52b0
[<81394b5c>] (comedi_device_attach) from [<813908f0>] (do_devconfig_ioctl+0xd8/0x1e0 drivers/comedi/comedi_fops.c:855)
 r10:00000003 r9:40946400 r8:85400c00 r7:20000140 r6:b5403587 r5:84064900
 r4:20000140
[<81390818>] (do_devconfig_ioctl) from [<813918a4>] (comedi_unlocked_ioctl+0x5dc/0x1b94 drivers/comedi/comedi_fops.c:2136)
 r6:20000140 r5:84064900 r4:8497b000
[<813912c8>] (comedi_unlocked_ioctl) from [<8056f16c>] (vfs_ioctl fs/ioctl.c:51 [inline])
[<813912c8>] (comedi_unlocked_ioctl) from [<8056f16c>] (do_vfs_ioctl fs/ioctl.c:861 [inline])
[<813912c8>] (comedi_unlocked_ioctl) from [<8056f16c>] (__do_sys_ioctl fs/ioctl.c:905 [inline])
[<813912c8>] (comedi_unlocked_ioctl) from [<8056f16c>] (sys_ioctl+0x130/0xdc8 fs/ioctl.c:893)
 r10:85400c00 r9:8497b000 r8:00000003 r7:20000140 r6:8497b000 r5:00000000
 r4:40946400
[<8056f03c>] (sys_ioctl) from [<80200060>] (ret_fast_syscall+0x0/0x1c arch/arm/mm/proc-v7.S:67)
Exception stack(0xdfc95fa8 to 0xdfc95ff0)
5fa0:                   00000000 00000000 00000003 40946400 20000140 00000000
5fc0: 00000000 00000000 002f6300 00000036 00000000 002f62d4 0000047b 00000000
5fe0: 7edec780 7edec770 000193a4 00131f40
 r10:00000036 r9:85400c00 r8:8020029c r7:00000036 r6:002f6300 r5:00000000
 r4:00000000
Code: e6ef3076 e0842002 e7f32052 e2422612 (e5c23000) 
---[ end trace 0000000000000000 ]---
----------------
Code disassembly (best guess):
   0:	e6ef3076 	uxtb	r3, r6
   4:	e0842002 	add	r2, r4, r2
   8:	e7f32052 	ubfx	r2, r2, #0, #20
   c:	e2422612 	sub	r2, r2, #18874368	@ 0x1200000
* 10:	e5c23000 	strb	r3, [r2] <-- trapping instruction

Crashes (103):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2025/07/05 12:20 upstream a79a588fc176 4f67c4ae .config console log report syz / log C [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu2-arm32 BUG: unable to handle kernel paging request in subdev_8255_io
2025/07/12 08:09 upstream 40f92e79b0aa 3cda49cf .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu2-arm32 BUG: unable to handle kernel paging request in subdev_8255_io
2025/07/11 06:55 upstream bc9ff192a6c9 3cda49cf .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu2-arm32 BUG: unable to handle kernel paging request in subdev_8255_io
2025/07/11 05:57 upstream bc9ff192a6c9 3cda49cf .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu2-arm32 BUG: unable to handle kernel paging request in subdev_8255_io
2025/07/10 16:35 upstream 8c2e52ebbe88 d7384b6d .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu2-arm32 BUG: unable to handle kernel paging request in subdev_8255_io
2025/07/10 04:00 upstream 8c2e52ebbe88 956bd956 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu2-arm32 BUG: unable to handle kernel paging request in subdev_8255_io
2025/07/09 00:53 upstream d006330be3f7 4d9fdfa4 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu2-arm32 BUG: unable to handle kernel paging request in subdev_8255_io
2025/07/09 00:52 upstream d006330be3f7 4d9fdfa4 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu2-arm32 BUG: unable to handle kernel paging request in subdev_8255_io
2025/07/08 12:05 upstream d7b8f8e20813 4f67c4ae .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu2-arm32 BUG: unable to handle kernel paging request in subdev_8255_io
2025/07/07 23:36 upstream d7b8f8e20813 4f67c4ae .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu2-arm32 BUG: unable to handle kernel paging request in subdev_8255_io
2025/07/07 23:35 upstream d7b8f8e20813 4f67c4ae .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu2-arm32 BUG: unable to handle kernel paging request in subdev_8255_io
2025/07/07 11:54 upstream d7b8f8e20813 4f67c4ae .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu2-arm32 BUG: unable to handle kernel paging request in subdev_8255_io
2025/07/07 08:22 upstream d7b8f8e20813 4f67c4ae .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu2-arm32 BUG: unable to handle kernel paging request in subdev_8255_io
2025/07/06 22:01 upstream 1f988d0788f5 4f67c4ae .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu2-arm32 BUG: unable to handle kernel paging request in subdev_8255_io
2025/07/06 19:41 upstream 1f988d0788f5 4f67c4ae .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu2-arm32 BUG: unable to handle kernel paging request in subdev_8255_io
2025/07/06 19:40 upstream 1f988d0788f5 4f67c4ae .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu2-arm32 BUG: unable to handle kernel paging request in subdev_8255_io
2025/07/06 19:39 upstream 1f988d0788f5 4f67c4ae .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu2-arm32 BUG: unable to handle kernel paging request in subdev_8255_io
2025/07/06 19:39 upstream 1f988d0788f5 4f67c4ae .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu2-arm32 BUG: unable to handle kernel paging request in subdev_8255_io
2025/07/06 06:34 upstream 05df91921da6 4f67c4ae .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu2-arm32 BUG: unable to handle kernel paging request in subdev_8255_io
2025/07/06 06:33 upstream 05df91921da6 4f67c4ae .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu2-arm32 BUG: unable to handle kernel paging request in subdev_8255_io
2025/07/06 06:32 upstream 05df91921da6 4f67c4ae .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu2-arm32 BUG: unable to handle kernel paging request in subdev_8255_io
2025/07/06 06:30 upstream 05df91921da6 4f67c4ae .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu2-arm32 BUG: unable to handle kernel paging request in subdev_8255_io
2025/07/06 06:17 upstream 05df91921da6 4f67c4ae .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu2-arm32 BUG: unable to handle kernel paging request in subdev_8255_io
2025/07/05 16:20 upstream a79a588fc176 4f67c4ae .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu2-arm32 BUG: unable to handle kernel paging request in subdev_8255_io
2025/07/05 16:20 upstream a79a588fc176 4f67c4ae .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu2-arm32 BUG: unable to handle kernel paging request in subdev_8255_io
2025/07/05 16:19 upstream a79a588fc176 4f67c4ae .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu2-arm32 BUG: unable to handle kernel paging request in subdev_8255_io
2025/07/05 16:18 upstream a79a588fc176 4f67c4ae .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu2-arm32 BUG: unable to handle kernel paging request in subdev_8255_io
2025/07/05 16:17 upstream a79a588fc176 4f67c4ae .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu2-arm32 BUG: unable to handle kernel paging request in subdev_8255_io
2025/07/05 16:16 upstream a79a588fc176 4f67c4ae .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu2-arm32 BUG: unable to handle kernel paging request in subdev_8255_io
2025/07/05 16:16 upstream a79a588fc176 4f67c4ae .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu2-arm32 BUG: unable to handle kernel paging request in subdev_8255_io
2025/07/05 16:15 upstream a79a588fc176 4f67c4ae .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu2-arm32 BUG: unable to handle kernel paging request in subdev_8255_io
2025/07/05 16:14 upstream a79a588fc176 4f67c4ae .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu2-arm32 BUG: unable to handle kernel paging request in subdev_8255_io
2025/07/05 16:14 upstream a79a588fc176 4f67c4ae .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu2-arm32 BUG: unable to handle kernel paging request in subdev_8255_io
2025/07/05 16:12 upstream a79a588fc176 4f67c4ae .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu2-arm32 BUG: unable to handle kernel paging request in subdev_8255_io
2025/07/05 16:12 upstream a79a588fc176 4f67c4ae .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu2-arm32 BUG: unable to handle kernel paging request in subdev_8255_io
2025/07/05 16:10 upstream a79a588fc176 4f67c4ae .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu2-arm32 BUG: unable to handle kernel paging request in subdev_8255_io
2025/07/05 16:10 upstream a79a588fc176 4f67c4ae .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu2-arm32 BUG: unable to handle kernel paging request in subdev_8255_io
2025/07/05 16:10 upstream a79a588fc176 4f67c4ae .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu2-arm32 BUG: unable to handle kernel paging request in subdev_8255_io
2025/07/05 16:09 upstream a79a588fc176 4f67c4ae .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu2-arm32 BUG: unable to handle kernel paging request in subdev_8255_io
2025/07/05 16:08 upstream a79a588fc176 4f67c4ae .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu2-arm32 BUG: unable to handle kernel paging request in subdev_8255_io
2025/07/05 16:08 upstream a79a588fc176 4f67c4ae .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu2-arm32 BUG: unable to handle kernel paging request in subdev_8255_io
2025/07/05 16:07 upstream a79a588fc176 4f67c4ae .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu2-arm32 BUG: unable to handle kernel paging request in subdev_8255_io
2025/07/05 16:06 upstream a79a588fc176 4f67c4ae .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu2-arm32 BUG: unable to handle kernel paging request in subdev_8255_io
2025/07/05 16:06 upstream a79a588fc176 4f67c4ae .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu2-arm32 BUG: unable to handle kernel paging request in subdev_8255_io
* Struck through repros no longer work on HEAD.