syzbot

 sign-in | mailing list | source | docs
🐞 Open [987] Subsystems 🐞 Fixed [5238] 🐞 Invalid [12509] Missing Backports [83] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

KMSAN: uninit-value in irqtime_account_irq (2)

Status: auto-closed as invalid on 2022/09/02 15:33
Subsystems: mm cgroups
[Documentation on labels]
First crash: 860d, last: 727d
Similar bugs (7)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KMSAN: uninit-value in ieee802154_subif_start_xmit bpf C done 119 267d 263d 23/26 fixed on 2023/10/12 12:47
upstream KMSAN: uninit-value in number (4) kernel C 7189 520d 898d 0/26 closed as invalid on 2022/11/28 10:01
upstream KMSAN: uninit-value in stack_trace_consume_entry net C 706 628d 624d 0/26 auto-obsoleted due to no activity on 2022/12/04 06:07
upstream KMSAN: uninit-value in preempt_count_add kernel C 6657 564d 564d 0/26 closed as invalid on 2022/10/10 13:29
upstream KMSAN: kernel-infoleak in _copy_to_iter (7) net C 138977 426d 778d 22/26 fixed on 2023/02/24 13:50
upstream KMSAN: uninit-value in exit_to_user_mode_loop (3) kernel C 2558 681d 939d 0/26 auto-closed as invalid on 2022/09/22 19:06
upstream KMSAN: uninit-value in do_user_addr_fault (3) net C 680 714d 763d 0/26 closed as invalid on 2022/05/12 12:08
Last patch testing requests (1)
Created Duration User Patch Repo Result
2022/09/02 12:27 21m retest repro https://github.com/google/kmsan.git master OK log

Sample crash report:
=====================================================
BUG: KMSAN: uninit-value in irqtime_account_irq+0x387/0x520 kernel/sched/cputime.c:71 kernel/sched/cputime.c:71
 irqtime_account_irq+0x387/0x520 kernel/sched/cputime.c:71 kernel/sched/cputime.c:71
 account_softirq_exit include/linux/vtime.h:147 [inline]
 account_softirq_exit include/linux/vtime.h:147 [inline] kernel/softirq.c:585
 __do_softirq+0x707/0x7c5 kernel/softirq.c:585 kernel/softirq.c:585
 invoke_softirq+0xa4/0x130 kernel/softirq.c:432 kernel/softirq.c:432
 __irq_exit_rcu kernel/softirq.c:637 [inline]
 __irq_exit_rcu kernel/softirq.c:637 [inline] kernel/softirq.c:649
 irq_exit_rcu+0x76/0x130 kernel/softirq.c:649 kernel/softirq.c:649
 sysvec_apic_timer_interrupt+0xa2/0xc0 arch/x86/kernel/apic/apic.c:1097 arch/x86/kernel/apic/apic.c:1097
 asm_sysvec_apic_timer_interrupt+0x12/0x20
 kmsan_get_metadata+0x20f/0x220 mm/kmsan/shadow.c:186 mm/kmsan/shadow.c:186
 get_shadow_origin_ptr mm/kmsan/instrumentation.c:30 [inline]
 get_shadow_origin_ptr mm/kmsan/instrumentation.c:30 [inline] mm/kmsan/instrumentation.c:65
 __msan_metadata_ptr_for_load_4+0x20/0x30 mm/kmsan/instrumentation.c:65 mm/kmsan/instrumentation.c:65
 __rcu_read_unlock+0x82/0xf0 kernel/rcu/tree_plugin.h:421 kernel/rcu/tree_plugin.h:421
 rcu_read_unlock include/linux/rcupdate.h:720 [inline]
 __folio_memcg_unlock mm/memcontrol.c:2060 [inline]
 rcu_read_unlock include/linux/rcupdate.h:720 [inline] mm/memcontrol.c:2073
 __folio_memcg_unlock mm/memcontrol.c:2060 [inline] mm/memcontrol.c:2073
 folio_memcg_unlock+0x1a2/0x240 mm/memcontrol.c:2073 mm/memcontrol.c:2073
 __folio_start_writeback+0xc33/0xde0 mm/page-writeback.c:2897 mm/page-writeback.c:2897
 set_page_writeback+0xce/0x100 mm/folio-compat.c:77 mm/folio-compat.c:77
 ext4_bio_write_page+0x4a1/0x3150 fs/ext4/page-io.c:455 fs/ext4/page-io.c:455
 mpage_submit_page fs/ext4/inode.c:2095 [inline]
 mpage_map_and_submit_buffers fs/ext4/inode.c:2343 [inline]
 mpage_map_and_submit_extent fs/ext4/inode.c:2482 [inline]
 mpage_submit_page fs/ext4/inode.c:2095 [inline] fs/ext4/inode.c:2795
 mpage_map_and_submit_buffers fs/ext4/inode.c:2343 [inline] fs/ext4/inode.c:2795
 mpage_map_and_submit_extent fs/ext4/inode.c:2482 [inline] fs/ext4/inode.c:2795
 ext4_writepages+0x369d/0x6610 fs/ext4/inode.c:2795 fs/ext4/inode.c:2795
 do_writepages+0x60e/0xb90 mm/page-writeback.c:2364 mm/page-writeback.c:2364
 __writeback_single_inode+0x17b/0xe60 fs/fs-writeback.c:1616 fs/fs-writeback.c:1616
 writeback_sb_inodes+0x14f3/0x2ef0 fs/fs-writeback.c:1881 fs/fs-writeback.c:1881
 __writeback_inodes_wb+0x1e4/0x860 fs/fs-writeback.c:1951 fs/fs-writeback.c:1951
 wb_writeback+0x714/0x1190 fs/fs-writeback.c:2056 fs/fs-writeback.c:2056
 wb_check_old_data_flush fs/fs-writeback.c:2156 [inline]
 wb_check_old_data_flush fs/fs-writeback.c:2156 [inline] fs/fs-writeback.c:2209
 wb_do_writeback+0x117c/0x1500 fs/fs-writeback.c:2209 fs/fs-writeback.c:2209
 wb_workfn+0x1e1/0x790 fs/fs-writeback.c:2238 fs/fs-writeback.c:2238
 process_one_work+0xdb9/0x1820 kernel/workqueue.c:2298 kernel/workqueue.c:2298
 worker_thread+0x10bc/0x21f0 kernel/workqueue.c:2445 kernel/workqueue.c:2445
 kthread+0x721/0x850 kernel/kthread.c:327 kernel/kthread.c:327
 ret_from_fork+0x1f/0x30

Local variable regs created at:
 __bpf_prog_run32+0x84/0x180 kernel/bpf/core.c:1795 kernel/bpf/core.c:1795
 bpf_dispatcher_nop_func include/linux/bpf.h:727 [inline]
 __bpf_prog_run include/linux/filter.h:626 [inline]
 bpf_prog_run include/linux/filter.h:633 [inline]
 __bpf_trace_run kernel/trace/bpf_trace.c:1937 [inline]
 bpf_dispatcher_nop_func include/linux/bpf.h:727 [inline] kernel/trace/bpf_trace.c:1973
 __bpf_prog_run include/linux/filter.h:626 [inline] kernel/trace/bpf_trace.c:1973
 bpf_prog_run include/linux/filter.h:633 [inline] kernel/trace/bpf_trace.c:1973
 __bpf_trace_run kernel/trace/bpf_trace.c:1937 [inline] kernel/trace/bpf_trace.c:1973
 bpf_trace_run1+0xda/0x310 kernel/trace/bpf_trace.c:1973 kernel/trace/bpf_trace.c:1973

CPU: 1 PID: 8 Comm: kworker/u4:0 Not tainted 5.16.0-rc5-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Workqueue: writeback wb_workfn (flush-8:0)
=====================================================

Crashes (7):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2021/12/17 15:25 https://github.com/google/kmsan.git master b0a8b5053e8b 44068e19 .config console log report syz C ci-upstream-kmsan-gce-386 KMSAN: uninit-value in irqtime_account_irq
2022/04/29 08:36 https://github.com/google/kmsan.git master d6e2c8c7eb40 e9076525 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in irqtime_account_irq
2022/04/28 22:52 https://github.com/google/kmsan.git master d6e2c8c7eb40 e9076525 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in irqtime_account_irq
2022/04/28 11:36 https://github.com/google/kmsan.git master d6e2c8c7eb40 8a1f1f07 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in irqtime_account_irq
2022/02/28 07:18 https://github.com/google/kmsan.git master 724946410067 45a13a73 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in irqtime_account_irq
2022/02/02 04:58 https://github.com/google/kmsan.git master 85cfd6e539bd 4ebb2798 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in irqtime_account_irq
2021/12/17 13:04 https://github.com/google/kmsan.git master b0a8b5053e8b 44068e19 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in irqtime_account_irq
* Struck through repros no longer work on HEAD.