syzbot

 sign-in | mailing list | source | docs
🐞 Open [1599]
Subsystems
🐞 Fixed [6226]
🐞 Invalid [15750]
Missing Backports [184]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

KMSAN: uninit-value in io_req_cqe_overflow

Status: auto-obsoleted due to no activity on 2023/11/10 01:07
Subsystems: io-uring
[Documentation on labels]
Reported-by: syzbot+12dde80bf174ac8ae285@syzkaller.appspotmail.com
First crash: 989d, last: 620d
Discussions (4)
Title Replies (including bot) Last reply
KMSAN: uninit-value in io_rw_fail 4 (4) 2023/12/23 14:56
[syzbot] Monthly io-uring report (Apr 2023) 0 (1) 2023/04/27 17:19
[syzbot] Monthly io-uring report 9 (10) 2023/03/27 20:21
[syzbot] KMSAN: uninit-value in io_req_cqe_overflow 0 (1) 2022/09/06 13:22
Similar bugs (2)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KMSAN: uninit-value in io_req_cqe_overflow (3) io-uring C 16 333d 334d 26/28 fixed on 2024/07/26 05:36
upstream KMSAN: uninit-value in io_req_cqe_overflow (2) io-uring C 48 336d 360d 0/28 closed as dup on 2024/05/30 20:10
Last patch testing requests (4)
Created Duration User Patch Repo Result
2023/09/16 02:12 28m retest repro upstream OK log
2023/07/18 07:32 23m retest repro upstream OK log
2023/07/18 07:32 24m retest repro upstream OK log
2023/07/18 07:32 27m retest repro upstream OK log

Sample crash report:
=====================================================
BUG: KMSAN: uninit-value in io_req_cqe_overflow+0x1f8/0x220 io_uring/io_uring.c:687
 io_req_cqe_overflow+0x1f8/0x220 io_uring/io_uring.c:687
 __io_fill_cqe_req+0x4ad/0x830 io_uring/io_uring.h:121
 __io_submit_flush_completions io_uring/io_uring.c:1192 [inline]
 io_submit_flush_completions+0x11c/0x390 io_uring/io_uring.c:166
 io_submit_state_end io_uring/io_uring.c:2025 [inline]
 io_submit_sqes+0x7d3/0xd50 io_uring/io_uring.c:2137
 __do_sys_io_uring_enter io_uring/io_uring.c:3053 [inline]
 __se_sys_io_uring_enter+0x597/0x1d30 io_uring/io_uring.c:2983
 __x64_sys_io_uring_enter+0x117/0x190 io_uring/io_uring.c:2983
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x3d/0xb0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x63/0xcd

Uninit was stored to memory at:
 io_req_set_res io_uring/io_uring.h:156 [inline]
 io_recv_finish io_uring/net.c:537 [inline]
 io_recv+0x18ee/0x1d00 io_uring/net.c:845
 io_issue_sqe+0x3b1/0x11d0 io_uring/io_uring.c:1576
 io_queue_sqe io_uring/io_uring.c:1753 [inline]
 io_submit_sqe+0xb40/0x1be0 io_uring/io_uring.c:2011
 io_submit_sqes+0x542/0xd50 io_uring/io_uring.c:2122
 __do_sys_io_uring_enter io_uring/io_uring.c:3053 [inline]
 __se_sys_io_uring_enter+0x597/0x1d30 io_uring/io_uring.c:2983
 __x64_sys_io_uring_enter+0x117/0x190 io_uring/io_uring.c:2983
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x3d/0xb0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x63/0xcd

Local variable msg created at:
 io_recv+0x4b/0x1d00 io_uring/net.c:763
 io_issue_sqe+0x3b1/0x11d0 io_uring/io_uring.c:1576

CPU: 0 PID: 3487 Comm: syz-executor126 Not tainted 6.0.0-rc2-syzkaller-47461-gac3859c02d7f #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022
=====================================================

Crashes (622):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2022/08/28 15:47 https://github.com/google/kmsan.git master ac3859c02d7f 07177916 .config strace log report syz C ci-upstream-kmsan-gce KMSAN: uninit-value in io_req_cqe_overflow
2023/08/03 04:18 upstream 5d0c230f1de8 39a91c18 .config strace log report syz C ci-upstream-kmsan-gce KMSAN: uninit-value in io_rw_fail
2023/03/17 11:30 https://github.com/google/kmsan.git master 34add094f9de 18b58603 .config strace log report syz C [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce KMSAN: uninit-value in io_rw_fail
2022/12/07 07:08 https://github.com/google/kmsan.git master 30d2727189c5 d88f3abb .config strace log report syz C [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce KMSAN: uninit-value in io_rw_fail
2023/01/08 23:31 https://github.com/google/kmsan.git master 5c6259d6d19f 1dac8c7a .config console log report info ci-upstream-kmsan-gce KMSAN: uninit-value in io_req_cqe_overflow
2022/08/28 14:49 https://github.com/google/kmsan.git master ac3859c02d7f 07177916 .config console log report info ci-upstream-kmsan-gce KMSAN: uninit-value in io_req_cqe_overflow
2023/09/01 00:44 upstream b97d64c72259 696ea0d2 .config console log report info ci-upstream-kmsan-gce KMSAN: uninit-value in io_rw_fail
2023/09/01 00:38 upstream b97d64c72259 696ea0d2 .config console log report info ci-upstream-kmsan-gce KMSAN: uninit-value in io_rw_fail
2023/08/25 14:59 upstream 4f9e7fabf864 03d9c195 .config console log report info ci-upstream-kmsan-gce KMSAN: uninit-value in io_rw_fail
2023/08/22 09:55 upstream f7757129e3de 6b415825 .config console log report info ci-upstream-kmsan-gce KMSAN: uninit-value in io_rw_fail
2023/08/21 06:33 upstream 706a74159504 d216d8a0 .config console log report info ci-upstream-kmsan-gce KMSAN: uninit-value in io_rw_fail
2023/08/19 05:18 upstream 8abd7287db92 d216d8a0 .config console log report info ci-upstream-kmsan-gce KMSAN: uninit-value in io_rw_fail
2023/08/19 03:12 upstream 8abd7287db92 d216d8a0 .config console log report info ci-upstream-kmsan-gce KMSAN: uninit-value in io_rw_fail
2023/08/15 13:58 upstream 91aa6c412d7f 39990d51 .config console log report info ci-upstream-kmsan-gce KMSAN: uninit-value in io_rw_fail
2023/08/14 03:13 upstream 4c75bf7e4a0e 39990d51 .config console log report info ci-upstream-kmsan-gce KMSAN: uninit-value in io_rw_fail
2023/08/12 15:10 upstream f8de32cc060b 39990d51 .config console log report info ci-upstream-kmsan-gce KMSAN: uninit-value in io_rw_fail
2023/08/08 03:16 upstream a027b2eca0b7 b1b6ae3d .config console log report info ci-upstream-kmsan-gce KMSAN: uninit-value in io_rw_fail
2023/08/03 02:21 upstream 5d0c230f1de8 39a91c18 .config console log report info ci-upstream-kmsan-gce KMSAN: uninit-value in io_rw_fail
2023/07/31 03:21 upstream d31e3792919e 2a0d0f29 .config console log report info ci-upstream-kmsan-gce KMSAN: uninit-value in io_rw_fail
2023/02/18 13:25 upstream 38f8ccde04a3 d02e9a70 .config console log report info ci2-upstream-fs general protection fault in __io_uring_show_fdinfo
2022/10/17 00:00 upstream 55be6084c8e0 67cb024c .config console log report info [disk image] [vmlinux] ci-upstream-kasan-gce-smack-root KASAN: use-after-free Read in __io_uring_show_fdinfo
2023/05/09 07:06 https://github.com/google/kmsan.git master 81af97bdef5e f4168103 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce KMSAN: uninit-value in io_rw_fail
2023/05/08 14:59 https://github.com/google/kmsan.git master 81af97bdef5e 90c93c40 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce KMSAN: uninit-value in io_rw_fail
2023/05/08 12:32 https://github.com/google/kmsan.git master 81af97bdef5e 90c93c40 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce KMSAN: uninit-value in io_submit_flush_completions
2023/05/06 21:17 https://github.com/google/kmsan.git master 81af97bdef5e 90c93c40 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce KMSAN: uninit-value in io_submit_flush_completions
2023/05/05 16:21 https://github.com/google/kmsan.git master 81af97bdef5e 518a39a6 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce KMSAN: uninit-value in io_rw_fail
2023/05/05 03:49 https://github.com/google/kmsan.git master 81af97bdef5e 518a39a6 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce KMSAN: uninit-value in io_rw_fail
2023/05/03 08:38 https://github.com/google/kmsan.git master 81af97bdef5e 48e0a81d .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce KMSAN: uninit-value in io_submit_flush_completions
2023/05/03 00:39 https://github.com/google/kmsan.git master 81af97bdef5e 48e0a81d .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce KMSAN: uninit-value in io_rw_fail
2023/05/01 23:39 https://github.com/google/kmsan.git master 81af97bdef5e 62df2017 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce KMSAN: uninit-value in io_submit_flush_completions
2023/05/01 20:40 https://github.com/google/kmsan.git master 81af97bdef5e 62df2017 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce KMSAN: uninit-value in io_submit_flush_completions
2023/05/01 19:33 https://github.com/google/kmsan.git master 81af97bdef5e 62df2017 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce KMSAN: uninit-value in io_rw_fail
2023/05/01 17:05 https://github.com/google/kmsan.git master 81af97bdef5e 62df2017 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce KMSAN: uninit-value in io_submit_flush_completions
2023/05/01 03:43 https://github.com/google/kmsan.git master 81af97bdef5e 62df2017 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce KMSAN: uninit-value in io_submit_flush_completions
2023/04/30 21:28 https://github.com/google/kmsan.git master 81af97bdef5e 62df2017 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce KMSAN: uninit-value in io_submit_flush_completions
2023/04/29 09:27 https://github.com/google/kmsan.git master 81af97bdef5e 62df2017 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce KMSAN: uninit-value in io_submit_flush_completions
2023/04/29 04:53 https://github.com/google/kmsan.git master 81af97bdef5e 62df2017 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce KMSAN: uninit-value in io_rw_fail
2023/04/28 23:59 https://github.com/google/kmsan.git master 81af97bdef5e 62df2017 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce KMSAN: uninit-value in io_rw_fail
2023/04/28 07:15 https://github.com/google/kmsan.git master 81af97bdef5e 70a605de .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce KMSAN: uninit-value in io_rw_fail
2023/04/28 04:18 https://github.com/google/kmsan.git master 81af97bdef5e 70a605de .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce KMSAN: uninit-value in io_submit_flush_completions
2023/04/27 16:49 https://github.com/google/kmsan.git master 81af97bdef5e 6f5b1cc4 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce KMSAN: uninit-value in io_submit_flush_completions
2023/04/26 02:08 https://github.com/google/kmsan.git master 81af97bdef5e 7560799c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce KMSAN: uninit-value in io_rw_fail
2023/04/25 20:09 https://github.com/google/kmsan.git master 81af97bdef5e 65320f8e .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce KMSAN: uninit-value in __io_uring_show_fdinfo
2023/04/25 05:04 https://github.com/google/kmsan.git master 81af97bdef5e fdc18293 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce KMSAN: uninit-value in io_rw_fail
2023/04/24 16:11 https://github.com/google/kmsan.git master 81af97bdef5e fdc18293 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce KMSAN: uninit-value in io_submit_flush_completions
2023/04/23 22:32 https://github.com/google/kmsan.git master 0255004d2a8e 2b32bd34 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce KMSAN: uninit-value in io_rw_fail
2023/04/23 19:58 https://github.com/google/kmsan.git master 0255004d2a8e 2b32bd34 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce KMSAN: uninit-value in io_submit_flush_completions
2023/04/23 18:06 https://github.com/google/kmsan.git master 0255004d2a8e 2b32bd34 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce KMSAN: uninit-value in io_submit_flush_completions
2023/04/23 14:52 https://github.com/google/kmsan.git master 0255004d2a8e 2b32bd34 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce KMSAN: uninit-value in io_submit_flush_completions
2023/04/23 10:44 https://github.com/google/kmsan.git master 0255004d2a8e 2b32bd34 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce KMSAN: uninit-value in __io_req_complete_post
2023/04/27 07:37 https://github.com/google/kmsan.git master 81af97bdef5e 19a3dabe .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in io_rw_fail
2023/04/25 07:32 https://github.com/google/kmsan.git master 81af97bdef5e fdc18293 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in io_rw_fail
2023/04/24 06:19 https://github.com/google/kmsan.git master 0255004d2a8e 2b32bd34 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in io_submit_flush_completions
2023/04/23 13:52 https://github.com/google/kmsan.git master 0255004d2a8e 2b32bd34 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in io_rw_fail
* Struck through repros no longer work on HEAD.