syzbot


KMSAN: uninit-value in exit_to_user_mode_loop (3)

Status: auto-closed as invalid on 2022/09/22 19:06
Reported-by: syzbot+@syzkaller.appspotmail.com
First crash: 435d, last: 177d
similar bugs (11):
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KMSAN: uninit-value in exit_to_user_mode_loop (2) 1 436d 436d 0/24 closed as invalid on 2021/09/28 12:42
upstream KMSAN: uninit-value in irqtime_account_irq (2) C 7 223d 356d 0/24 auto-closed as invalid on 2022/09/02 15:33
upstream KMSAN: uninit-value in number (4) C 7189 15d 393d 0/24 closed as invalid on 2022/11/28 10:01
upstream KMSAN: uninit-value in stack_trace_consume_entry C 706 124d 120d 0/24 auto-obsoleted due to no activity on 2022/12/04 06:07
upstream KMSAN: uninit-value in preempt_count_add C 6657 60d 60d 0/24 closed as invalid on 2022/10/10 13:29
upstream KMSAN: kernel-infoleak in _copy_to_iter (7) C 75581 now 274d 23/24 internal: reported C repro on 2022/03/09 07:32
upstream KMSAN: uninit-value in do_user_addr_fault (3) C 680 210d 259d 2/24 closed as invalid on 2022/05/12 12:08
upstream KMSAN: uninit-value in kcov_remote_stop (2) 3 1093d 1093d 0/24 auto-closed as invalid on 2020/03/10 13:04
upstream KMSAN: uninit-value in rt6_score_route (2) 1 374d 367d 0/24 closed as invalid on 2021/12/06 16:49
upstream KMSAN: uninit-value in do_user_addr_fault (2) 15 442d 443d 0/24 closed as invalid on 2021/09/27 07:07
upstream KMSAN: uninit-value in vmacache_find 29 924d 1016d 0/24 auto-closed as invalid on 2020/08/26 17:07
Patch testing requests:
Created Duration User Patch Repo Result
2022/09/22 16:29 22m retest repro https://github.com/google/kmsan.git master OK log
2022/09/22 13:29 22m retest repro https://github.com/google/kmsan.git master OK log

Sample crash report:
=====================================================
BUG: KMSAN: uninit-value in exit_to_user_mode_loop+0x3a3/0x3d0 kernel/entry/common.c:152
 exit_to_user_mode_loop+0x3a3/0x3d0 kernel/entry/common.c:152
 exit_to_user_mode_prepare kernel/entry/common.c:201 [inline]
 __syscall_exit_to_user_mode_work kernel/entry/common.c:283 [inline]
 syscall_exit_to_user_mode+0x7e/0xc0 kernel/entry/common.c:294
 do_syscall_64+0x5d/0xa0 arch/x86/entry/common.c:87
 entry_SYSCALL_64_after_hwframe+0x44/0xae

Local variable regs created at:
 __bpf_prog_run32+0x84/0x180 kernel/bpf/core.c:2073
 bpf_dispatcher_nop_func include/linux/bpf.h:804 [inline]
 __bpf_prog_run include/linux/filter.h:628 [inline]
 bpf_prog_run include/linux/filter.h:635 [inline]
 __bpf_trace_run kernel/trace/bpf_trace.c:2022 [inline]
 bpf_trace_run2+0x129/0x380 kernel/trace/bpf_trace.c:2059

CPU: 1 PID: 3878 Comm: udevd Not tainted 5.18.0-rc4-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
=====================================================
Kernel panic - not syncing: kmsan.panic set ...
CPU: 1 PID: 3878 Comm: udevd Tainted: G    B             5.18.0-rc4-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 <TASK>
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0x1ff/0x28e lib/dump_stack.c:106
 dump_stack+0x25/0x28 lib/dump_stack.c:113
 panic+0x4fe/0xc73 kernel/panic.c:250
 kmsan_report+0x2e6/0x2f0 mm/kmsan/report.c:208
 __msan_warning+0x94/0x110 mm/kmsan/instrumentation.c:252
 exit_to_user_mode_loop+0x3a3/0x3d0 kernel/entry/common.c:152
 exit_to_user_mode_prepare kernel/entry/common.c:201 [inline]
 __syscall_exit_to_user_mode_work kernel/entry/common.c:283 [inline]
 syscall_exit_to_user_mode+0x7e/0xc0 kernel/entry/common.c:294
 do_syscall_64+0x5d/0xa0 arch/x86/entry/common.c:87
 entry_SYSCALL_64_after_hwframe+0x44/0xae
RIP: 0033:0x7f0d0d32a467
Code: 44 00 00 48 8b 15 11 aa 0c 00 f7 d8 64 89 02 b8 ff ff ff ff eb bc 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 8b 15 e1 a9 0c 00 f7 d8 64 89 02 b8
RSP: 002b:00007ffcd63413c8 EFLAGS: 00000202 ORIG_RAX: 0000000000000003
RAX: 0000000000000000 RBX: 000055b8d45533a0 RCX: 00007f0d0d32a467
RDX: 00007f0d0d3f1780 RSI: 000055b8d45f4ce0 RDI: 0000000000000008
RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000001
R10: 0000000000001000 R11: 0000000000000202 R12: 00007f0d0d3f2380
R13: 0000000000000004 R14: 00007ffcd634145c R15: 000055b8d452c910
 </TASK>
Kernel Offset: disabled
Rebooting in 86400 seconds..

Crashes (2558):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Title
ci-upstream-kmsan-gce-386 2022/05/12 04:43 https://github.com/google/kmsan.git master d6e2c8c7eb40 beb0b407 .config log report syz C KMSAN: uninit-value in exit_to_user_mode_loop
ci-upstream-kmsan-gce-386 2021/12/15 01:19 https://github.com/google/kmsan.git master b1e1bb6f7a2e d018dd31 .config log report syz C KMSAN: uninit-value in exit_to_user_mode_loop
ci-upstream-kmsan-gce-386 2022/05/25 19:11 https://github.com/google/kmsan.git master c5c93da9af13 647c0e27 .config log report info KMSAN: uninit-value in exit_to_user_mode_loop
ci-upstream-kmsan-gce-386 2022/05/25 10:41 https://github.com/google/kmsan.git master c5c93da9af13 647c0e27 .config log report info KMSAN: uninit-value in exit_to_user_mode_loop
ci-upstream-kmsan-gce-386 2022/05/25 08:25 https://github.com/google/kmsan.git master c5c93da9af13 647c0e27 .config log report info KMSAN: uninit-value in exit_to_user_mode_loop
ci-upstream-kmsan-gce-386 2022/05/23 23:14 https://github.com/google/kmsan.git master c5c93da9af13 4c7657cb .config log report info KMSAN: uninit-value in exit_to_user_mode_loop
ci-upstream-kmsan-gce-386 2021/09/29 06:47 https://github.com/google/kmsan.git master 90f502f5d016 d82cb927 .config log report info KMSAN: uninit-value in exit_to_user_mode_loop
ci-upstream-kmsan-gce-386 2022/06/14 13:09 https://github.com/google/kmsan.git master 2f3064574275 0f087040 .config log report info KMSAN: uninit-value in bpf_get_branch_snapshot
ci-upstream-kmsan-gce-386 2022/06/13 20:14 https://github.com/google/kmsan.git master 2f3064574275 0d5abf15 .config log report info KMSAN: uninit-value in bpf_get_branch_snapshot
ci-upstream-kmsan-gce-386 2022/06/13 16:51 https://github.com/google/kmsan.git master 2f3064574275 0d5abf15 .config log report info KMSAN: uninit-value in bpf_get_branch_snapshot
ci-upstream-kmsan-gce-386 2022/06/13 14:18 https://github.com/google/kmsan.git master 2f3064574275 0d5abf15 .config log report info KMSAN: uninit-value in bpf_get_branch_snapshot
ci-upstream-kmsan-gce-386 2022/05/25 22:01 https://github.com/google/kmsan.git master c5c93da9af13 647c0e27 .config log report info KMSAN: uninit-value in do_user_addr_fault
ci-upstream-kmsan-gce-386 2022/05/25 20:59 https://github.com/google/kmsan.git master c5c93da9af13 647c0e27 .config log report info KMSAN: uninit-value in do_user_addr_fault
ci-upstream-kmsan-gce-386 2022/05/25 20:29 https://github.com/google/kmsan.git master c5c93da9af13 647c0e27 .config log report info KMSAN: uninit-value in vmacache_find
ci-upstream-kmsan-gce-386 2022/05/25 18:48 https://github.com/google/kmsan.git master c5c93da9af13 647c0e27 .config log report info KMSAN: uninit-value in do_user_addr_fault
ci-upstream-kmsan-gce-386 2022/05/25 17:25 https://github.com/google/kmsan.git master c5c93da9af13 647c0e27 .config log report info KMSAN: uninit-value in do_user_addr_fault
ci-upstream-kmsan-gce-386 2022/05/25 16:25 https://github.com/google/kmsan.git master c5c93da9af13 647c0e27 .config log report info KMSAN: uninit-value in do_user_addr_fault
ci-upstream-kmsan-gce-386 2022/05/25 15:57 https://github.com/google/kmsan.git master c5c93da9af13 647c0e27 .config log report info KMSAN: uninit-value in do_user_addr_fault
ci-upstream-kmsan-gce-386 2022/05/25 14:35 https://github.com/google/kmsan.git master c5c93da9af13 647c0e27 .config log report info KMSAN: uninit-value in do_user_addr_fault
ci-upstream-kmsan-gce-386 2022/05/25 13:19 https://github.com/google/kmsan.git master c5c93da9af13 647c0e27 .config log report info KMSAN: uninit-value in do_user_addr_fault
ci-upstream-kmsan-gce-386 2022/05/25 12:12 https://github.com/google/kmsan.git master c5c93da9af13 647c0e27 .config log report info KMSAN: uninit-value in do_user_addr_fault
ci-upstream-kmsan-gce-386 2022/05/25 10:33 https://github.com/google/kmsan.git master c5c93da9af13 647c0e27 .config log report info KMSAN: uninit-value in do_user_addr_fault
ci-upstream-kmsan-gce-386 2022/05/25 09:29 https://github.com/google/kmsan.git master c5c93da9af13 647c0e27 .config log report info KMSAN: uninit-value in do_user_addr_fault
ci-upstream-kmsan-gce-386 2022/05/25 08:13 https://github.com/google/kmsan.git master c5c93da9af13 647c0e27 .config log report info KMSAN: uninit-value in do_user_addr_fault
ci-upstream-kmsan-gce-386 2022/05/25 07:10 https://github.com/google/kmsan.git master c5c93da9af13 647c0e27 .config log report info KMSAN: uninit-value in do_user_addr_fault
ci-upstream-kmsan-gce-386 2022/05/25 06:07 https://github.com/google/kmsan.git master c5c93da9af13 647c0e27 .config log report info KMSAN: uninit-value in do_user_addr_fault
ci-upstream-kmsan-gce-386 2022/05/25 05:41 https://github.com/google/kmsan.git master c5c93da9af13 647c0e27 .config log report info KMSAN: uninit-value in do_user_addr_fault
ci-upstream-kmsan-gce-386 2022/05/25 04:27 https://github.com/google/kmsan.git master c5c93da9af13 647c0e27 .config log report info KMSAN: uninit-value in do_user_addr_fault
ci-upstream-kmsan-gce-386 2022/05/25 02:55 https://github.com/google/kmsan.git master c5c93da9af13 647c0e27 .config log report info KMSAN: uninit-value in do_user_addr_fault
ci-upstream-kmsan-gce-386 2022/05/25 01:21 https://github.com/google/kmsan.git master c5c93da9af13 647c0e27 .config log report info KMSAN: uninit-value in do_user_addr_fault
ci-upstream-kmsan-gce-386 2022/05/24 23:55 https://github.com/google/kmsan.git master c5c93da9af13 647c0e27 .config log report info KMSAN: uninit-value in do_user_addr_fault
ci-upstream-kmsan-gce-386 2022/05/24 23:00 https://github.com/google/kmsan.git master c5c93da9af13 fcfad4ff .config log report info KMSAN: uninit-value in do_user_addr_fault
ci-upstream-kmsan-gce-386 2022/05/24 20:53 https://github.com/google/kmsan.git master c5c93da9af13 fcfad4ff .config log report info KMSAN: uninit-value in do_user_addr_fault
ci-upstream-kmsan-gce-386 2022/05/24 17:56 https://github.com/google/kmsan.git master c5c93da9af13 fcfad4ff .config log report info KMSAN: uninit-value in do_user_addr_fault
ci-upstream-kmsan-gce-386 2022/05/24 15:44 https://github.com/google/kmsan.git master c5c93da9af13 fcfad4ff .config log report info KMSAN: uninit-value in do_user_addr_fault
ci-upstream-kmsan-gce-386 2022/05/24 13:59 https://github.com/google/kmsan.git master c5c93da9af13 fcfad4ff .config log report info KMSAN: uninit-value in do_user_addr_fault
ci-upstream-kmsan-gce-386 2022/05/24 12:19 https://github.com/google/kmsan.git master c5c93da9af13 fcfad4ff .config log report info KMSAN: uninit-value in do_user_addr_fault
ci-upstream-kmsan-gce-386 2022/05/24 10:55 https://github.com/google/kmsan.git master c5c93da9af13 e7f9308d .config log report info KMSAN: uninit-value in do_user_addr_fault
ci-upstream-kmsan-gce-386 2022/05/24 09:47 https://github.com/google/kmsan.git master c5c93da9af13 e7f9308d .config log report info KMSAN: uninit-value in vmacache_find
ci-upstream-kmsan-gce-386 2022/05/24 08:38 https://github.com/google/kmsan.git master c5c93da9af13 e7f9308d .config log report info KMSAN: uninit-value in do_user_addr_fault
ci-upstream-kmsan-gce-386 2022/05/24 07:23 https://github.com/google/kmsan.git master c5c93da9af13 e7f9308d .config log report info KMSAN: uninit-value in do_user_addr_fault
ci-upstream-kmsan-gce-386 2022/05/24 07:00 https://github.com/google/kmsan.git master c5c93da9af13 e7f9308d .config log report info KMSAN: uninit-value in do_user_addr_fault
ci-upstream-kmsan-gce-386 2022/05/24 05:59 https://github.com/google/kmsan.git master c5c93da9af13 e7f9308d .config log report info KMSAN: uninit-value in do_user_addr_fault
ci-upstream-kmsan-gce-386 2022/05/24 02:29 https://github.com/google/kmsan.git master c5c93da9af13 e7f9308d .config log report info KMSAN: uninit-value in do_user_addr_fault
ci-upstream-kmsan-gce-386 2022/05/24 01:19 https://github.com/google/kmsan.git master c5c93da9af13 e7f9308d .config log report info KMSAN: uninit-value in do_user_addr_fault
ci-upstream-kmsan-gce-386 2022/05/23 19:39 https://github.com/google/kmsan.git master c5c93da9af13 4c7657cb .config log report info KMSAN: uninit-value in vmacache_find
ci-upstream-kmsan-gce-386 2022/05/23 18:51 https://github.com/google/kmsan.git master c5c93da9af13 4c7657cb .config log report info KMSAN: uninit-value in do_user_addr_fault
ci-upstream-kmsan-gce-386 2022/05/23 17:51 https://github.com/google/kmsan.git master c5c93da9af13 4c7657cb .config log report info KMSAN: uninit-value in do_user_addr_fault
ci-upstream-kmsan-gce-386 2022/05/23 17:10 https://github.com/google/kmsan.git master c5c93da9af13 4c7657cb .config log report info KMSAN: uninit-value in do_user_addr_fault
ci-upstream-kmsan-gce-386 2022/05/23 16:09 https://github.com/google/kmsan.git master c5c93da9af13 4c7657cb .config log report info KMSAN: uninit-value in do_user_addr_fault
ci-upstream-kmsan-gce-386 2022/05/23 15:00 https://github.com/google/kmsan.git master c5c93da9af13 4c7657cb .config log report info KMSAN: uninit-value in do_user_addr_fault
ci-upstream-kmsan-gce-386 2022/05/23 13:58 https://github.com/google/kmsan.git master c5c93da9af13 4c7657cb .config log report info KMSAN: uninit-value in do_user_addr_fault
ci-upstream-kmsan-gce-386 2022/05/23 06:18 https://github.com/google/kmsan.git master c5c93da9af13 7268fa62 .config log report info KMSAN: uninit-value in bpf_get_branch_snapshot
ci-upstream-kmsan-gce-386 2022/05/16 20:10 https://github.com/google/kmsan.git master d6e2c8c7eb40 744a39e2 .config log report info KMSAN: uninit-value in kcov_task_exit
ci-upstream-kmsan-gce-386 2022/01/15 07:01 https://github.com/google/kmsan.git master fa3879a274df 723cfaf0 .config log report info KMSAN: uninit-value in rt6_score_route
ci-upstream-kmsan-gce-386 2022/01/05 15:55 https://github.com/google/kmsan.git master 81c325bbf94e 6acc789a .config log report info KMSAN: uninit-value in kcov_remote_stop
* Struck through repros no longer work on HEAD.