Hello,
syzbot found the following issue on:
HEAD commit: 58717b2a1365 Merge tag 'sound-7.2-rc4' of git://git.kernel..
git tree: upstream
console output:
https://syzkaller.appspot.com/x/log.txt?x=16f378b9580000
kernel config:
https://syzkaller.appspot.com/x/.config?x=c2842025f4a17812
dashboard link:
https://syzkaller.appspot.com/bug?extid=6c23bcc14437c2fecd4f
compiler: Debian clang version 22.1.8 (++20260613092233+e80beda6e255-1~exp1~20260613092250.77), Debian LLD 22.1.8
Downloadable assets:
disk image:
https://storage.googleapis.com/syzbot-assets/2f3dab040325/disk-58717b2a.raw.xz
vmlinux:
https://storage.googleapis.com/syzbot-assets/a67db2fa7c32/vmlinux-58717b2a.xz
kernel image:
https://storage.googleapis.com/syzbot-assets/21584b582063/bzImage-58717b2a.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by:
syzbot+6c23bc...@syzkaller.appspotmail.com
=====================================================
BUG: KMSAN: kernel-infoleak in rseq_exit_user_update include/linux/rseq_entry.h:626 [inline]
BUG: KMSAN: kernel-infoleak in __rseq_exit_to_user_mode_restart include/linux/rseq_entry.h:674 [inline]
BUG: KMSAN: kernel-infoleak in rseq_exit_to_user_mode_restart include/linux/rseq_entry.h:703 [inline]
BUG: KMSAN: kernel-infoleak in exit_to_user_mode_loop kernel/entry/common.c:103 [inline]
BUG: KMSAN: kernel-infoleak in __exit_to_user_mode_prepare include/linux/irq-entry-common.h:207 [inline]
BUG: KMSAN: kernel-infoleak in irqentry_exit_to_user_mode_prepare include/linux/irq-entry-common.h:244 [inline]
BUG: KMSAN: kernel-infoleak in irqentry_exit_to_user_mode include/linux/irq-entry-common.h:315 [inline]
BUG: KMSAN: kernel-infoleak in irqentry_exit+0x34f/0xa40 kernel/entry/common.c:165
rseq_exit_user_update include/linux/rseq_entry.h:626 [inline]
__rseq_exit_to_user_mode_restart include/linux/rseq_entry.h:674 [inline]
rseq_exit_to_user_mode_restart include/linux/rseq_entry.h:703 [inline]
exit_to_user_mode_loop kernel/entry/common.c:103 [inline]
__exit_to_user_mode_prepare include/linux/irq-entry-common.h:207 [inline]
irqentry_exit_to_user_mode_prepare include/linux/irq-entry-common.h:244 [inline]
irqentry_exit_to_user_mode include/linux/irq-entry-common.h:315 [inline]
irqentry_exit+0x34f/0xa40 kernel/entry/common.c:165
exc_page_fault+0x7e/0xb0 arch/x86/mm/fault.c:1539
asm_exc_page_fault+0x2b/0x30 arch/x86/include/asm/idtentry.h:595
Local variable end_time.i.i created at:
__do_sys_poll fs/select.c:1063 [inline]
__se_sys_poll fs/select.c:1060 [inline]
__x64_sys_poll+0x87/0x540 fs/select.c:1060
x64_sys_call+0x3130/0x3ea0 arch/x86/include/generated/asm/syscalls_64.h:8
Bytes 0-3 of 4 are uninitialized
Memory access of size 4 starts at ffff888129eefe8c
Data copied to user address 00007f173fec6adc
CPU: 1 UID: 0 PID: 5434 Comm: dhcpcd-run-hook Not tainted syzkaller #0 PREEMPT(lazy)
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/25/2026
=====================================================
---
This report is generated by a bot. It may contain errors.
See
https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at
syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
If the report is already addressed, let syzbot know by replying with:
#syz fix: exact-commit-title
If you want to overwrite report's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)
If the report is a duplicate of another one, reply with:
#syz dup: exact-subject-of-another-report
If you want to undo deduplication, reply with:
#syz undup