syzbot

 sign-in | mailing list | source | docs
🐞 Open [993] Subsystems 🐞 Fixed [5244] 🐞 Invalid [12515] Missing Backports [83] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

KMSAN: uninit-value in hsr_get_node (2)

Status: fixed on 2024/04/10 03:59
Subsystems: net
[Documentation on labels]
Reported-by: syzbot+2ef3a8ce8e91b5a50098@syzkaller.appspotmail.com
Fix commit: ddbec99f5857 hsr: Fix uninit-value access in hsr_get_node()
First crash: 126d, last: 17d
Discussions (10)
Title Replies (including bot) Last reply
[PATCH 4.19 143/148] hsr: Fix uninit-value access in hsr_get_node() 1 (1) 2024/03/24 23:50
[PATCH 5.4 171/183] hsr: Fix uninit-value access in hsr_get_node() 1 (1) 2024/03/24 23:46
[PATCH 5.10 222/238] hsr: Fix uninit-value access in hsr_get_node() 1 (1) 2024/03/24 23:40
[PATCH 5.15 292/317] hsr: Fix uninit-value access in hsr_get_node() 1 (1) 2024/03/24 23:34
[PATCH 6.1 409/451] hsr: Fix uninit-value access in hsr_get_node() 1 (1) 2024/03/24 23:11
[PATCH 6.6 591/638] hsr: Fix uninit-value access in hsr_get_node() 1 (1) 2024/03/24 23:00
[PATCH 6.7 662/713] hsr: Fix uninit-value access in hsr_get_node() 1 (1) 2024/03/24 22:46
[PATCH 6.8 656/715] hsr: Fix uninit-value access in hsr_get_node() 1 (1) 2024/03/24 22:33
[PATCH net] hsr: Fix uninit-value access in hsr_get_node() 2 (2) 2024/03/14 12:10
[syzbot] [net?] KMSAN: uninit-value in hsr_get_node (2) 1 (5) 2024/03/12 14:33
Similar bugs (5)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KMSAN: kernel-infoleak in copyout (2) net C 6723 324d 1492d 22/26 fixed on 2023/06/08 14:41
upstream KMSAN: uninit-value in hsr_get_node (3) net C 4 3d04h 9d03h 0/26 upstream: reported C repro on 2024/04/18 04:08
upstream KMSAN: uninit-value in hsr_get_node net 304 1114d 1355d 0/26 auto-closed as invalid on 2021/07/08 06:23
upstream KMSAN: kernel-infoleak in _copy_to_iter (7) net C 138977 427d 780d 22/26 fixed on 2023/02/24 13:50
upstream KMSAN: uninit-value in IP6_ECN_decapsulate net C 981 129d 2045d 25/26 fixed on 2023/12/21 03:45
Last patch testing requests (4)
Created Duration User Patch Repo Result
2024/03/12 14:33 24m syoshida@redhat.com patch git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git 9f8413c4a66f2fb776d3dc3c9ed20bf435eb305e OK log
2024/03/12 13:52 22m syoshida@redhat.com patch upstream error OK
2024/02/14 04:00 20m retest repro upstream error OK
2024/01/15 12:57 1h30m eadavis@qq.com patch https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git 9f8413c4a66f report log

Sample crash report:
=====================================================
BUG: KMSAN: uninit-value in hsr_get_node+0xa2e/0xa40 net/hsr/hsr_framereg.c:246
 hsr_get_node+0xa2e/0xa40 net/hsr/hsr_framereg.c:246
 fill_frame_info net/hsr/hsr_forward.c:577 [inline]
 hsr_forward_skb+0xe12/0x30e0 net/hsr/hsr_forward.c:615
 hsr_dev_xmit+0x1a1/0x270 net/hsr/hsr_device.c:223
 __netdev_start_xmit include/linux/netdevice.h:4940 [inline]
 netdev_start_xmit include/linux/netdevice.h:4954 [inline]
 xmit_one net/core/dev.c:3548 [inline]
 dev_hard_start_xmit+0x247/0xa10 net/core/dev.c:3564
 __dev_queue_xmit+0x33b8/0x5130 net/core/dev.c:4349
 dev_queue_xmit include/linux/netdevice.h:3134 [inline]
 packet_xmit+0x9c/0x6b0 net/packet/af_packet.c:276
 packet_snd net/packet/af_packet.c:3087 [inline]
 packet_sendmsg+0x8b1d/0x9f30 net/packet/af_packet.c:3119
 sock_sendmsg_nosec net/socket.c:730 [inline]
 __sock_sendmsg net/socket.c:745 [inline]
 __sys_sendto+0x735/0xa10 net/socket.c:2191
 __do_sys_sendto net/socket.c:2203 [inline]
 __se_sys_sendto net/socket.c:2199 [inline]
 __x64_sys_sendto+0x125/0x1c0 net/socket.c:2199
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0x6d/0x140 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x63/0x6b

Uninit was created at:
 slab_post_alloc_hook+0x129/0xa70 mm/slab.h:768
 slab_alloc_node mm/slub.c:3478 [inline]
 kmem_cache_alloc_node+0x5e9/0xb10 mm/slub.c:3523
 kmalloc_reserve+0x13d/0x4a0 net/core/skbuff.c:560
 __alloc_skb+0x318/0x740 net/core/skbuff.c:651
 alloc_skb include/linux/skbuff.h:1286 [inline]
 alloc_skb_with_frags+0xc8/0xbd0 net/core/skbuff.c:6334
 sock_alloc_send_pskb+0xa80/0xbf0 net/core/sock.c:2787
 packet_alloc_skb net/packet/af_packet.c:2936 [inline]
 packet_snd net/packet/af_packet.c:3030 [inline]
 packet_sendmsg+0x70e8/0x9f30 net/packet/af_packet.c:3119
 sock_sendmsg_nosec net/socket.c:730 [inline]
 __sock_sendmsg net/socket.c:745 [inline]
 __sys_sendto+0x735/0xa10 net/socket.c:2191
 __do_sys_sendto net/socket.c:2203 [inline]
 __se_sys_sendto net/socket.c:2199 [inline]
 __x64_sys_sendto+0x125/0x1c0 net/socket.c:2199
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0x6d/0x140 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x63/0x6b

CPU: 1 PID: 5033 Comm: syz-executor334 Not tainted 6.7.0-syzkaller-00562-g9f8413c4a66f #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023
=====================================================

Crashes (49):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2024/01/10 07:45 upstream 9f8413c4a66f b438bd66 .config strace log report syz C [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hsr_get_node
2024/04/09 08:33 upstream 20cb38a7af88 53df08b6 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hsr_get_node
2024/04/07 08:50 upstream f2f80ac80987 ca620dd8 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hsr_get_node
2024/03/22 06:27 upstream 241590e5a1d1 7a239ce7 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hsr_get_node
2024/03/06 20:06 upstream 5847c9777c30 f39a7eed .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hsr_get_node
2024/02/28 10:33 upstream cf1182944c7c d367cbe5 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hsr_get_node
2024/02/28 09:53 upstream cf1182944c7c d367cbe5 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hsr_get_node
2024/02/22 04:31 upstream 39133352cbed 345111b5 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hsr_get_node
2024/02/18 21:49 upstream c02197fc9076 578f7538 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hsr_get_node
2024/02/17 04:11 upstream 0f1dd5e91e2b 578f7538 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hsr_get_node
2024/01/30 07:24 upstream 9f8413c4a66f 991a98f4 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hsr_get_node
2024/01/29 07:19 upstream 9f8413c4a66f cc4a4020 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hsr_get_node
2024/01/29 07:19 upstream 9f8413c4a66f cc4a4020 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hsr_get_node
2024/01/29 00:32 upstream 9f8413c4a66f cc4a4020 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hsr_get_node
2024/01/26 21:04 upstream 9f8413c4a66f cc4a4020 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hsr_get_node
2024/01/26 20:56 upstream 9f8413c4a66f cc4a4020 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hsr_get_node
2024/01/26 13:08 upstream 9f8413c4a66f cc4a4020 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hsr_get_node
2024/01/24 08:57 upstream 9f8413c4a66f 1e153dc8 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hsr_get_node
2024/01/24 08:57 upstream 9f8413c4a66f 1e153dc8 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hsr_get_node
2024/01/24 08:47 upstream 9f8413c4a66f 1e153dc8 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hsr_get_node
2024/01/24 08:43 upstream 9f8413c4a66f 1e153dc8 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hsr_get_node
2024/01/24 08:40 upstream 9f8413c4a66f 1e153dc8 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hsr_get_node
2024/01/24 08:38 upstream 9f8413c4a66f 1e153dc8 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hsr_get_node
2024/01/24 08:38 upstream 9f8413c4a66f 1e153dc8 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hsr_get_node
2024/01/24 08:38 upstream 9f8413c4a66f 1e153dc8 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hsr_get_node
2024/01/24 08:33 upstream 9f8413c4a66f 1e153dc8 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hsr_get_node
2024/01/12 12:59 upstream 9f8413c4a66f dda5a988 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hsr_get_node
2024/01/12 12:54 upstream 9f8413c4a66f dda5a988 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hsr_get_node
2024/01/10 05:27 upstream 9f8413c4a66f b438bd66 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hsr_get_node
2024/01/07 21:08 upstream 52b1853b080a d0304e9c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hsr_get_node
2024/01/07 18:04 upstream 52b1853b080a d0304e9c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hsr_get_node
2023/12/29 07:06 upstream 505e701c0b2c fb427a07 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hsr_get_node
2023/12/22 17:45 upstream 24e0d2e527a3 4f9530a3 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hsr_get_node
2023/12/22 17:45 upstream 24e0d2e527a3 4f9530a3 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hsr_get_node
2024/03/20 15:57 upstream a4145ce1e7bc 5b7d42ae .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in hsr_get_node
2024/02/22 17:44 upstream 39133352cbed 345111b5 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in hsr_get_node
2024/01/26 21:00 upstream 9f8413c4a66f cc4a4020 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in hsr_get_node
2024/01/26 20:51 upstream 9f8413c4a66f cc4a4020 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in hsr_get_node
2024/01/24 08:53 upstream 9f8413c4a66f 1e153dc8 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in hsr_get_node
2024/01/24 08:43 upstream 9f8413c4a66f 1e153dc8 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in hsr_get_node
2024/01/12 13:32 upstream 9f8413c4a66f dda5a988 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in hsr_get_node
2024/01/12 12:59 upstream 9f8413c4a66f dda5a988 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in hsr_get_node
2024/01/10 05:26 upstream 9f8413c4a66f b438bd66 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in hsr_get_node
2023/12/29 07:00 upstream 505e701c0b2c fb427a07 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in hsr_get_node
2023/12/22 17:46 upstream 24e0d2e527a3 4f9530a3 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in hsr_get_node
* Struck through repros no longer work on HEAD.