syzbot

 sign-in | mailing list | source | docs
🐞 Open [987] Subsystems 🐞 Fixed [5238] 🐞 Invalid [12509] Missing Backports [83] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

KMSAN: uninit-value in do_user_addr_fault (2)

Status: closed as invalid on 2021/09/27 07:07
Subsystems: bpf
[Documentation on labels]
First crash: 948d, last: 947d
Similar bugs (2)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KMSAN: uninit-value in exit_to_user_mode_loop (3) kernel C 2558 681d 939d 0/26 auto-closed as invalid on 2022/09/22 19:06
upstream KMSAN: uninit-value in do_user_addr_fault (3) net C 680 714d 763d 0/26 closed as invalid on 2022/05/12 12:08

Sample crash report:
=====================================================
BUG: KMSAN: uninit-value in do_user_addr_fault+0x7ff/0x1f80 arch/x86/mm/fault.c:1333
 do_user_addr_fault+0x7ff/0x1f80 arch/x86/mm/fault.c:1333
 handle_page_fault arch/x86/mm/fault.c:1495 [inline]
 __exc_page_fault+0x92/0x1c0 arch/x86/mm/fault.c:1551
 exc_page_fault+0x25/0x30 arch/x86/mm/fault.c:1507
 asm_exc_page_fault+0x1e/0x30 arch/x86/include/asm/idtentry.h:605

Local variable ----regs@__bpf_prog_run32 created at:
 __bpf_prog_run32+0x84/0x180 kernel/bpf/core.c:1741
 bpf_dispatcher_nop_func include/linux/bpf.h:684 [inline]
 __bpf_trace_run kernel/trace/bpf_trace.c:1780 [inline]
 bpf_trace_run2+0x123/0x370 kernel/trace/bpf_trace.c:1817
=====================================================
Kernel panic - not syncing: panic_on_kmsan set ...
CPU: 1 PID: 10099 Comm: syz-executor.5 Tainted: G    B             5.13.0-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:79 [inline]
 dump_stack+0x25a/0x2f6 lib/dump_stack.c:120
 panic+0x4c7/0xe98 kernel/panic.c:231
 kmsan_report+0x2ee/0x300 mm/kmsan/report.c:179
 __msan_warning+0xd7/0x150 mm/kmsan/instrumentation.c:208
 do_user_addr_fault+0x7ff/0x1f80 arch/x86/mm/fault.c:1333
 handle_page_fault arch/x86/mm/fault.c:1495 [inline]
 __exc_page_fault+0x92/0x1c0 arch/x86/mm/fault.c:1551
 exc_page_fault+0x25/0x30 arch/x86/mm/fault.c:1507
 asm_exc_page_fault+0x1e/0x30 arch/x86/include/asm/idtentry.h:605
RIP: 0023:0xf6eb5800
Code: Unable to access opcode bytes at RIP 0xf6eb57d6.
RSP: 002b:00000000ffcbc4bc EFLAGS: 00010286
RAX: 0000000000000000 RBX: 00000000f6fa8000 RCX: 00000000f6eb5800
RDX: 00000000577bf3f0 RSI: 0000000000000000 RDI: 00000000f6e99c80
RBP: 00000000f6fa8000 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
Kernel Offset: disabled
Rebooting in 86400 seconds..

Crashes (15):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2021/09/22 01:36 https://github.com/google/kmsan.git master 1e72fa33ea66 169724fe .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in do_user_addr_fault
2021/09/22 01:10 https://github.com/google/kmsan.git master 1e72fa33ea66 169724fe .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in do_user_addr_fault
2021/09/22 01:08 https://github.com/google/kmsan.git master 1e72fa33ea66 169724fe .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in do_user_addr_fault
2021/09/22 00:14 https://github.com/google/kmsan.git master 1e72fa33ea66 169724fe .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in do_user_addr_fault
2021/09/21 22:09 https://github.com/google/kmsan.git master 1e72fa33ea66 169724fe .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in do_user_addr_fault
2021/09/21 21:19 https://github.com/google/kmsan.git master 1e72fa33ea66 169724fe .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in do_user_addr_fault
2021/09/21 18:03 https://github.com/google/kmsan.git master 1e72fa33ea66 169724fe .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in do_user_addr_fault
2021/09/21 17:38 https://github.com/google/kmsan.git master 1e72fa33ea66 169724fe .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in do_user_addr_fault
2021/09/21 17:02 https://github.com/google/kmsan.git master 1e72fa33ea66 169724fe .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in do_user_addr_fault
2021/09/21 14:19 https://github.com/google/kmsan.git master 1e72fa33ea66 169724fe .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in do_user_addr_fault
2021/09/21 07:26 https://github.com/google/kmsan.git master be0f0dd6a24b af796c18 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in do_user_addr_fault
2021/09/21 05:19 https://github.com/google/kmsan.git master be0f0dd6a24b af796c18 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in do_user_addr_fault
2021/09/21 04:42 https://github.com/google/kmsan.git master be0f0dd6a24b af796c18 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in do_user_addr_fault
2021/09/21 03:25 https://github.com/google/kmsan.git master be0f0dd6a24b af796c18 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in do_user_addr_fault
2021/09/21 03:23 https://github.com/google/kmsan.git master be0f0dd6a24b af796c18 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in do_user_addr_fault
* Struck through repros no longer work on HEAD.