syzbot

 sign-in | mailing list | source | docs
🐞 Open [1032] Subsystems 🐞 Fixed [5264] 🐞 Invalid [12592] Missing Backports [85] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

KMSAN: uninit-value in worker_thread (3)

Status: auto-closed as invalid on 2021/12/30 14:37
Subsystems: ext4
[Documentation on labels]
First crash: 1032d, last: 949d
Similar bugs (5)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KMSAN: uninit-value in worker_thread (2) usb media C 1 1719d 1719d 0/26 closed as invalid on 2019/10/08 12:18
android-5-15 KASAN: use-after-free Read in worker_thread missing-backport origin:downstream C unreliable error 26 7d22h 569d 0/2 upstream: reported C repro on 2022/10/16 06:28
upstream general protection fault in worker_thread kernel 1 584d 580d 0/26 auto-obsoleted due to no activity on 2022/12/30 10:32
upstream general protection fault in worker_thread (2) io-uring syz 1 321d 317d 0/26 auto-obsoleted due to no activity on 2023/09/29 13:47
android-6-1 KASAN: use-after-free Read in worker_thread missing-backport origin:lts C error 21 7d14h 328d 0/2 upstream: reported C repro on 2023/06/14 05:51

Sample crash report:
=====================================================
BUG: KMSAN: uninit-value in __list_del_entry_valid+0x373/0x410 lib/list_debug.c:54
 __list_del_entry_valid+0x373/0x410 lib/list_debug.c:54
 __list_del_entry include/linux/list.h:132 [inline]
 list_move_tail include/linux/list.h:227 [inline]
 move_linked_works kernel/workqueue.c:1084 [inline]
 worker_thread+0x1292/0x22b0 kernel/workqueue.c:2448
 kthread+0x66b/0x780 kernel/kthread.c:319
 ret_from_fork+0x1f/0x30

Local variable ----newes@ext4_es_insert_extent created at:
 ext4_es_insert_extent+0xb1/0x6280 fs/ext4/extents_status.c:819
 ext4_ext_put_gap_in_cache fs/ext4/extents.c:2254 [inline]
 ext4_ext_map_blocks+0x4a47/0x66e0 fs/ext4/extents.c:4155
=====================================================
Kernel panic - not syncing: panic_on_kmsan set ...
CPU: 0 PID: 16014 Comm: kworker/0:2 Tainted: G    B             5.15.0-rc2-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Workqueue:  0x0 (events)
Call Trace:
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0x1ff/0x28e lib/dump_stack.c:106
 dump_stack+0x25/0x28 lib/dump_stack.c:113
 panic+0x44f/0xdeb kernel/panic.c:232
 kmsan_report+0x2ee/0x300 mm/kmsan/report.c:186
 __msan_warning+0xd7/0x150 mm/kmsan/instrumentation.c:208
 __list_del_entry_valid+0x373/0x410 lib/list_debug.c:54
 __list_del_entry include/linux/list.h:132 [inline]
 list_move_tail include/linux/list.h:227 [inline]
 move_linked_works kernel/workqueue.c:1084 [inline]
 worker_thread+0x1292/0x22b0 kernel/workqueue.c:2448
 kthread+0x66b/0x780 kernel/kthread.c:319
 ret_from_fork+0x1f/0x30
Kernel Offset: disabled
Rebooting in 86400 seconds..

Crashes (2):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2021/10/01 14:28 https://github.com/google/kmsan.git master 90f502f5d016 1d849ab4 .config console log report info ci-upstream-kmsan-gce KMSAN: uninit-value in worker_thread
2021/07/10 13:58 https://github.com/google/kmsan.git master 57b5797c8013 8f5a7b8c .config console log report info ci-upstream-kmsan-gce KMSAN: uninit-value in worker_thread
* Struck through repros no longer work on HEAD.