syzbot

 sign-in | mailing list | source | docs
🐞 Open [976] Subsystems 🐞 Fixed [5215] 🐞 Invalid [12469] Missing Backports [82] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

KMSAN: uninit-value in expire_timers (4)

Status: auto-closed as invalid on 2022/02/08 07:20
Subsystems: kernel
[Documentation on labels]
First crash: 890d, last: 890d
Similar bugs (8)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KMSAN: uninit-value in expire_timers (2) kernel 2 1117d 1153d 0/26 auto-closed as invalid on 2021/06/26 09:57
upstream KMSAN: uninit-value in expire_timers (3) ext4 1 1018d 1018d 0/26 auto-closed as invalid on 2021/10/02 12:28
upstream KMSAN: uninit-value in expire_timers kernel 15 1345d 1349d 0/26 auto-closed as invalid on 2020/10/11 00:10
upstream KASAN: slab-use-after-free Write in expire_timers mm acpi batman 7 349d 350d 0/26 auto-obsoleted due to no activity on 2023/08/23 09:02
upstream KASAN: use-after-free Write in expire_timers arm 1 514d 513d 0/26 auto-obsoleted due to no activity on 2023/03/20 12:09
android-54 BUG: unable to handle kernel paging request in expire_timers 3 1105d 1197d 0/2 auto-closed as invalid on 2021/08/07 04:23
android-54 BUG: unable to handle kernel paging request in expire_timers (2) 6 452d 703d 0/2 auto-obsoleted due to no activity on 2023/05/22 09:21
android-54 general protection fault in expire_timers 1 1112d 1112d 0/2 auto-closed as invalid on 2021/07/30 19:44

Sample crash report:
=====================================================
BUG: KMSAN: uninit-value in expire_timers+0x3d3/0x650 kernel/time/timer.c:1459
 expire_timers+0x3d3/0x650 kernel/time/timer.c:1459
 __run_timers+0x6a4/0xa30 kernel/time/timer.c:1734
 run_timer_softirq+0x2d/0x50 kernel/time/timer.c:1747
 __do_softirq+0x1c9/0x6ec kernel/softirq.c:558
 run_ksoftirqd+0x20/0x40 kernel/softirq.c:920
 smpboot_thread_fn+0x4c7/0x980 kernel/smpboot.c:164
 kthread+0x66b/0x780 kernel/kthread.c:319
 ret_from_fork+0x1f/0x30

Local variable pmde.sroa.0 created at:
 page_vma_mapped_walk+0xcf/0x35a0 mm/page_vma_mapped.c:164
 page_referenced_one+0x754/0xc10 mm/rmap.c:783
=====================================================
Kernel panic - not syncing: panic_on_kmsan set ...
CPU: 1 PID: 17 Comm: ksoftirqd/1 Tainted: G    B             5.15.0-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:88 [inline]
 dump_stack_lvl+0x1ff/0x28e lib/dump_stack.c:106
 dump_stack+0x25/0x28 lib/dump_stack.c:113
 panic+0x44f/0xdeb kernel/panic.c:232
 kmsan_report+0x2e9/0x2f0 mm/kmsan/report.c:200
 __msan_warning+0xb4/0x100 mm/kmsan/instrumentation.c:224
 expire_timers+0x3d3/0x650 kernel/time/timer.c:1459
 __run_timers+0x6a4/0xa30 kernel/time/timer.c:1734
 run_timer_softirq+0x2d/0x50 kernel/time/timer.c:1747
 __do_softirq+0x1c9/0x6ec kernel/softirq.c:558
 run_ksoftirqd+0x20/0x40 kernel/softirq.c:920
 smpboot_thread_fn+0x4c7/0x980 kernel/smpboot.c:164
 kthread+0x66b/0x780 kernel/kthread.c:319
 ret_from_fork+0x1f/0x30
Kernel Offset: disabled
Rebooting in 86400 seconds..

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2021/11/10 07:07 https://github.com/google/kmsan.git master a3e5c559028e 55fa030c .config console log report info ci-upstream-kmsan-gce KMSAN: uninit-value in expire_timers
* Struck through repros no longer work on HEAD.