syzbot

 sign-in | mailing list | source | docs
🐞 Open [978] Subsystems 🐞 Fixed [5235] 🐞 Invalid [12492] Missing Backports [83] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

KMSAN: uninit-value in x86_pmu_stop

Status: auto-closed as invalid on 2020/11/27 13:06
Subsystems: perf
[Documentation on labels]
First crash: 1333d, last: 1333d

Sample crash report:
usb 4-1: config 0 descriptor??
asix 4-1:0.0 (unnamed net_device) (uninitialized): invalid hw address, using random
=====================================================
BUG: KMSAN: uninit-value in x86_pmu_stop+0x6eb/0x780 arch/x86/events/core.c:1476
CPU: 0 PID: 3225 Comm: kworker/0:2 Not tainted 5.8.0-rc5-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Workqueue: usb_hub_wq hub_event
Call Trace:
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x21c/0x280 lib/dump_stack.c:118
 kmsan_report+0xf7/0x1e0 mm/kmsan/kmsan_report.c:121
 __msan_warning+0x58/0xa0 mm/kmsan/kmsan_instr.c:215
 x86_pmu_stop+0x6eb/0x780 arch/x86/events/core.c:1476
 __exc_page_fault+0xac/0x450 arch/x86/mm/fault.c:1428
 exc_page_fault+0x45/0x50 arch/x86/mm/fault.c:1390
 asm_exc_page_fault+0x1e/0x30 arch/x86/include/asm/idtentry.h:550
RIP: 0010:x86_schedule_events+0xf78/0x14d0 arch/x86/events/core.c:994
Code: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 <00> 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
RSP: 0018:ffff888120d464b0 EFLAGS: 00010086
RAX: 00000000ffffffff RBX: 0000000000000000 RCX: 000000021fe51cd8
RDX: ffff88821fe51cd8 RSI: ffff8881ca0e9e80 RDI: ffff888126c13d00
RBP: ffff888120d46510 R08: ffffea000000000f R09: ffff88812fffa000
R10: 0000000000000004 R11: 0000000000000000 R12: ffff88812fc94cd8
R13: ffff888126c146d8 R14: ffff888126c13d00 R15: ffff888126c140f0
 schedule+0x260/0x330 kernel/sched/core.c:4270
 schedule_timeout+0x3d9/0x610 kernel/time/timer.c:1897
 do_wait_for_common kernel/sched/completion.c:85 [inline]
 __wait_for_common kernel/sched/completion.c:106 [inline]
 wait_for_common+0x2d1/0x600 kernel/sched/completion.c:117
 wait_for_completion_timeout+0x34/0x40 kernel/sched/completion.c:157
 usb_start_wait_urb+0x292/0x4c0 drivers/usb/core/message.c:63
 usb_internal_control_msg drivers/usb/core/message.c:102 [inline]
 usb_control_msg+0x4dc/0x820 drivers/usb/core/message.c:153
 __usbnet_read_cmd+0x2b6/0x4c0 drivers/net/usb/usbnet.c:1997
 usbnet_read_cmd+0x1c9/0x260 drivers/net/usb/usbnet.c:2055
 asix_read_cmd drivers/net/usb/asix_common.c:25 [inline]
 asix_read_phy_addr drivers/net/usb/asix_common.c:295 [inline]
 asix_get_phy_addr+0xc5/0x290 drivers/net/usb/asix_common.c:314
 ax88772_bind+0x535/0x1400 drivers/net/usb/asix_devices.c:720
 usbnet_probe+0x1152/0x3f90 drivers/net/usb/usbnet.c:1737
 usb_probe_interface+0xece/0x1550 drivers/usb/core/driver.c:374
 really_probe+0xf20/0x20b0 drivers/base/dd.c:529
 driver_probe_device+0x293/0x390 drivers/base/dd.c:701
 __device_attach_driver+0x63f/0x830 drivers/base/dd.c:807
 bus_for_each_drv+0x2ca/0x3f0 drivers/base/bus.c:431
 __device_attach+0x4e2/0x7f0 drivers/base/dd.c:873
 device_initial_probe+0x4a/0x60 drivers/base/dd.c:920
 bus_probe_device+0x177/0x3d0 drivers/base/bus.c:491
 device_add+0x3b0e/0x40d0 drivers/base/core.c:2680
 usb_set_configuration+0x380f/0x3f10 drivers/usb/core/message.c:2032
 usb_generic_driver_probe+0x138/0x300 drivers/usb/core/generic.c:241
 usb_probe_device+0x311/0x490 drivers/usb/core/driver.c:272
 really_probe+0xf20/0x20b0 drivers/base/dd.c:529
 driver_probe_device+0x293/0x390 drivers/base/dd.c:701
 __device_attach_driver+0x63f/0x830 drivers/base/dd.c:807
 bus_for_each_drv+0x2ca/0x3f0 drivers/base/bus.c:431
 __device_attach+0x4e2/0x7f0 drivers/base/dd.c:873
 device_initial_probe+0x4a/0x60 drivers/base/dd.c:920
 bus_probe_device+0x177/0x3d0 drivers/base/bus.c:491
 device_add+0x3b0e/0x40d0 drivers/base/core.c:2680
 usb_new_device+0x1bd4/0x2a30 drivers/usb/core/hub.c:2554
 hub_port_connect drivers/usb/core/hub.c:5208 [inline]
 hub_port_connect_change drivers/usb/core/hub.c:5348 [inline]
 port_event drivers/usb/core/hub.c:5494 [inline]
 hub_event+0x5e7b/0x8a70 drivers/usb/core/hub.c:5576
 process_one_work+0x1688/0x2140 kernel/workqueue.c:2269
 worker_thread+0x10bc/0x2730 kernel/workqueue.c:2415
 kthread+0x551/0x590 kernel/kthread.c:292
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:293

------------[ cut here ]------------
slab index 15616 out of bounds (409) for stack id 26c13d00
WARNING: CPU: 0 PID: 3225 at lib/stackdepot.c:235 stack_depot_fetch+0x2d/0x60 lib/stackdepot.c:234

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2020/08/29 13:06 https://github.com/google/kmsan.git master 3b3ea6028136 d5a3ae1f .config console log report ci-upstream-kmsan-gce
* Struck through repros no longer work on HEAD.