syzbot

 sign-in | mailing list | source | docs
🐞 Open [1665]
Subsystems
🐞 Fixed [5974]
🐞 Invalid [14659]
Missing Backports [127]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

KMSAN: uninit-value in htab_percpu_map_lookup_elem

Status: auto-obsoleted due to no activity on 2024/09/23 16:20
Subsystems: bpf
[Documentation on labels]
Reported-by: syzbot+0a079d6ef3831217a230@syzkaller.appspotmail.com
First crash: 279d, last: 253d
Discussions (2)
Title Replies (including bot) Last reply
[syzbot] [bpf?] KMSAN: uninit-value in htab_percpu_map_lookup_elem 0 (2) 2024/07/01 10:08
Re: [syzbot] [PATCH] kernel/bpf: KMSAN: uninit-value 0 (1) 2024/06/14 11:57
Last patch testing requests (5)
Created Duration User Patch Repo Result
2024/09/23 15:46 33m retest repro upstream OK log
2024/07/15 07:03 25m retest repro upstream error
2024/07/01 10:08 34m wojciech.gladysz@infogain.com patch https://linux.googlesource.com/linux/kernel/git/torvalds/linux e478cf26c556e4ab572ab0ab2306c986901dcd61 OK log
2024/06/14 11:57 3h39m wojciech.gladysz@infogain.com patch https://linux.googlesource.com/linux/kernel/git/torvalds/linux e478cf26c556e4ab572ab0ab2306c986901dcd61 OK log
2024/05/06 05:34 24m retest repro upstream report log

Sample crash report:
=====================================================
BUG: KMSAN: uninit-value in __htab_map_lookup_elem kernel/bpf/hashtab.c:691 [inline]
BUG: KMSAN: uninit-value in htab_percpu_map_lookup_elem+0x3eb/0x4f0 kernel/bpf/hashtab.c:2302
 __htab_map_lookup_elem kernel/bpf/hashtab.c:691 [inline]
 htab_percpu_map_lookup_elem+0x3eb/0x4f0 kernel/bpf/hashtab.c:2302
 ____bpf_map_lookup_elem kernel/bpf/helpers.c:42 [inline]
 bpf_map_lookup_elem+0x5c/0x80 kernel/bpf/helpers.c:38
 ___bpf_prog_run+0x13fe/0xe0f0 kernel/bpf/core.c:1997
 __bpf_prog_run32+0xb2/0xe0 kernel/bpf/core.c:2236
 bpf_dispatcher_nop_func include/linux/bpf.h:1234 [inline]
 __bpf_prog_run include/linux/filter.h:650 [inline]
 bpf_prog_run include/linux/filter.h:664 [inline]
 __bpf_trace_run kernel/trace/bpf_trace.c:2381 [inline]
 bpf_trace_run4+0x240/0x340 kernel/trace/bpf_trace.c:2422
 __bpf_trace_mm_page_alloc+0x37/0x50 include/trace/events/kmem.h:177
 trace_mm_page_alloc include/trace/events/kmem.h:177 [inline]
 __alloc_pages+0xdc0/0xe70 mm/page_alloc.c:4597
 alloc_pages_mpol+0x299/0x990 mm/mempolicy.c:2264
 alloc_pages mm/mempolicy.c:2335 [inline]
 folio_alloc+0x1d0/0x230 mm/mempolicy.c:2342
 filemap_alloc_folio+0xa6/0x440 mm/filemap.c:984
 page_cache_ra_unbounded+0x2bd/0x930 mm/readahead.c:247
 do_page_cache_ra mm/readahead.c:299 [inline]
 force_page_cache_ra+0x3fb/0x550 mm/readahead.c:330
 page_cache_sync_ra+0x22e/0x270 mm/readahead.c:684
 page_cache_sync_readahead include/linux/pagemap.h:1300 [inline]
 filemap_get_pages+0x4c5/0x2be0 mm/filemap.c:2505
 filemap_read+0x5cd/0x1500 mm/filemap.c:2601
 blkdev_read_iter+0x6c0/0x8e0 block/fops.c:754
 call_read_iter include/linux/fs.h:2104 [inline]
 new_sync_read fs/read_write.c:395 [inline]
 vfs_read+0xda3/0xef0 fs/read_write.c:476
 ksys_read+0x20f/0x4c0 fs/read_write.c:619
 __do_sys_read fs/read_write.c:629 [inline]
 __se_sys_read fs/read_write.c:627 [inline]
 __x64_sys_read+0x93/0xe0 fs/read_write.c:627
 x64_sys_call+0x304d/0x3b50 arch/x86/include/generated/asm/syscalls_64.h:1
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xcf/0x1e0 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

Local variable stack created at:
 __bpf_prog_run32+0x43/0xe0 kernel/bpf/core.c:2236
 bpf_dispatcher_nop_func include/linux/bpf.h:1234 [inline]
 __bpf_prog_run include/linux/filter.h:650 [inline]
 bpf_prog_run include/linux/filter.h:664 [inline]
 __bpf_trace_run kernel/trace/bpf_trace.c:2381 [inline]
 bpf_trace_run4+0x240/0x340 kernel/trace/bpf_trace.c:2422

CPU: 0 PID: 5206 Comm: udevd Not tainted 6.9.0-rc4-syzkaller-00274-g3b68086599f8 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
=====================================================

Crashes (6):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2024/04/22 05:26 upstream 3b68086599f8 af24b050 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in htab_percpu_map_lookup_elem
2024/04/18 23:57 upstream 8cd26fd90c1a af24b050 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in htab_percpu_map_lookup_elem
2024/04/10 12:17 upstream 2c71fdf02a95 56086b24 .config strace log report syz C [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in htab_percpu_map_lookup_elem
2024/04/10 11:01 upstream 2c71fdf02a95 56086b24 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in htab_percpu_map_lookup_elem
2024/04/22 05:31 upstream 48cf398f15fc af24b050 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in htab_percpu_map_lookup_elem
2024/04/10 11:21 upstream 2c71fdf02a95 56086b24 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in htab_percpu_map_lookup_elem
* Struck through repros no longer work on HEAD.