syzbot

 sign-in | mailing list | source | docs
🐞 Open [1651]
Subsystems
🐞 Fixed [6000]
🐞 Invalid [14793]
Missing Backports [135]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

KMSAN: uninit-value in tipc_nl_compat_bearer_enable

Status: fixed on 2019/03/06 07:43
Subsystems: tipc
[Documentation on labels]
Reported-by: syzbot+b33d5cae0efd35dbfe77@syzkaller.appspotmail.com
Fix commit: 0762216c0ad2 tipc: fix uninit-value in tipc_nl_compat_bearer_enable
First crash: 2287d, last: 2156d
Discussions (7)
Title Replies (including bot) Last reply
[PATCH 4.19 00/99] 4.19.17-stable review 109 (109) 2019/04/22 19:40
[PATCH 4.4 000/104] 4.4.172-stable review 111 (111) 2019/01/30 07:30
[PATCH 4.14 00/59] 4.14.95-stable review 65 (65) 2019/01/23 12:55
[PATCH 4.9 00/51] 4.9.152-stable review 56 (56) 2019/01/23 09:06
[PATCH 4.20 000/111] 4.20.4-stable review 120 (120) 2019/01/23 06:43
[net 0/6] tipc: fix uninit-value issues reported by syzbot 8 (8) 2019/01/16 04:29
KMSAN: uninit-value in tipc_nl_compat_bearer_enable 0 (1) 2018/10/30 16:18
Similar bugs (1)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KMSAN: uninit-value in tipc_nl_compat_bearer_enable (2) tipc C 51 2120d 2133d 12/28 fixed on 2019/04/12 08:05

Sample crash report:
==================================================================
BUG: KMSAN: uninit-value in strlen+0x3b/0xa0 lib/string.c:484
CPU: 1 PID: 6371 Comm: syz-executor652 Not tainted 4.19.0-rc8+ #70
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x306/0x460 lib/dump_stack.c:113
 kmsan_report+0x1a2/0x2e0 mm/kmsan/kmsan.c:917
 __msan_warning+0x7c/0xe0 mm/kmsan/kmsan_instr.c:500
 strlen+0x3b/0xa0 lib/string.c:484
 nla_put_string include/net/netlink.h:1011 [inline]
 tipc_nl_compat_bearer_enable+0x238/0x7b0 net/tipc/netlink_compat.c:389
 __tipc_nl_compat_doit net/tipc/netlink_compat.c:311 [inline]
 tipc_nl_compat_doit+0x39f/0xae0 net/tipc/netlink_compat.c:344
 tipc_nl_compat_recv+0x147c/0x2760 net/tipc/netlink_compat.c:1107
 genl_family_rcv_msg net/netlink/genetlink.c:601 [inline]
 genl_rcv_msg+0x185c/0x1a20 net/netlink/genetlink.c:626
 netlink_rcv_skb+0x394/0x640 net/netlink/af_netlink.c:2454
 genl_rcv+0x63/0x80 net/netlink/genetlink.c:637
 netlink_unicast_kernel net/netlink/af_netlink.c:1317 [inline]
 netlink_unicast+0x166d/0x1720 net/netlink/af_netlink.c:1343
 netlink_sendmsg+0x1391/0x1420 net/netlink/af_netlink.c:1908
 sock_sendmsg_nosec net/socket.c:621 [inline]
 sock_sendmsg net/socket.c:631 [inline]
 ___sys_sendmsg+0xe47/0x1200 net/socket.c:2116
 __sys_sendmsg net/socket.c:2154 [inline]
 __do_sys_sendmsg net/socket.c:2163 [inline]
 __se_sys_sendmsg+0x307/0x460 net/socket.c:2161
 __x64_sys_sendmsg+0x4a/0x70 net/socket.c:2161
 do_syscall_64+0xbe/0x100 arch/x86/entry/common.c:291
 entry_SYSCALL_64_after_hwframe+0x63/0xe7
RIP: 0033:0x440179
Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 fb 13 fc ff c3 66 2e 0f 1f 84 00 00 00 00
RSP: 002b:00007fffef7beee8 EFLAGS: 00000213 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 0000000000440179
RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000003
RBP: 00000000006ca018 R08: 0000000000000000 R09: 00000000004002c8
R10: 0000000000000000 R11: 0000000000000213 R12: 0000000000401a00
R13: 0000000000401a90 R14: 0000000000000000 R15: 0000000000000000

Uninit was created at:
 kmsan_save_stack_with_flags mm/kmsan/kmsan.c:255 [inline]
 kmsan_internal_poison_shadow+0xc8/0x1d0 mm/kmsan/kmsan.c:180
 kmsan_kmalloc+0xa4/0x120 mm/kmsan/kmsan_hooks.c:104
 kmsan_slab_alloc+0x10/0x20 mm/kmsan/kmsan_hooks.c:113
 slab_post_alloc_hook mm/slab.h:446 [inline]
 slab_alloc_node mm/slub.c:2727 [inline]
 __kmalloc_node_track_caller+0xb43/0x1400 mm/slub.c:4360
 __kmalloc_reserve net/core/skbuff.c:138 [inline]
 __alloc_skb+0x422/0xe90 net/core/skbuff.c:206
 alloc_skb include/linux/skbuff.h:996 [inline]
 netlink_alloc_large_skb net/netlink/af_netlink.c:1189 [inline]
 netlink_sendmsg+0xcaf/0x1420 net/netlink/af_netlink.c:1883
 sock_sendmsg_nosec net/socket.c:621 [inline]
 sock_sendmsg net/socket.c:631 [inline]
 ___sys_sendmsg+0xe47/0x1200 net/socket.c:2116
 __sys_sendmsg net/socket.c:2154 [inline]
 __do_sys_sendmsg net/socket.c:2163 [inline]
 __se_sys_sendmsg+0x307/0x460 net/socket.c:2161
 __x64_sys_sendmsg+0x4a/0x70 net/socket.c:2161
 do_syscall_64+0xbe/0x100 arch/x86/entry/common.c:291
 entry_SYSCALL_64_after_hwframe+0x63/0xe7
==================================================================

Crashes (144):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2018/10/24 13:29 https://github.com/google/kmsan.git master 4bb25354f0b0 a8292de9 .config console log report syz C ci-upstream-kmsan-gce
2019/03/04 17:50 https://github.com/google/kmsan.git master fa1981bee40f 7c693b52 .config console log report ci-upstream-kmsan-gce
2019/02/28 15:06 https://github.com/google/kmsan.git master fa1981bee40f 09aeeba4 .config console log report ci-upstream-kmsan-gce
2019/02/27 05:39 https://github.com/google/kmsan.git master fa1981bee40f f2468c12 .config console log report ci-upstream-kmsan-gce
2019/02/22 19:15 https://github.com/google/kmsan.git master fa1981bee40f 6a5fcca4 .config console log report ci-upstream-kmsan-gce
2019/02/22 13:20 https://github.com/google/kmsan.git master fa1981bee40f 6a5fcca4 .config console log report ci-upstream-kmsan-gce
2019/02/21 20:32 https://github.com/google/kmsan.git master fa1981bee40f 3133098b .config console log report ci-upstream-kmsan-gce
2019/02/21 15:05 https://github.com/google/kmsan.git master fa1981bee40f 3133098b .config console log report ci-upstream-kmsan-gce
2019/02/20 12:48 https://github.com/google/kmsan.git master fa1981bee40f c95f0707 .config console log report ci-upstream-kmsan-gce
2019/02/19 18:18 https://github.com/google/kmsan.git master fa1981bee40f 4df543c9 .config console log report ci-upstream-kmsan-gce
2019/02/13 20:07 https://github.com/google/kmsan.git master fa1981bee40f 0a49c954 .config console log report ci-upstream-kmsan-gce
2019/02/12 18:15 https://github.com/google/kmsan.git master fa1981bee40f 6ecc6d0f .config console log report ci-upstream-kmsan-gce
2019/02/11 16:04 https://github.com/google/kmsan.git master fa1981bee40f 73f5f452 .config console log report ci-upstream-kmsan-gce
2019/02/08 21:44 https://github.com/google/kmsan.git master fa1981bee40f fa6c7b70 .config console log report ci-upstream-kmsan-gce
2019/02/08 18:08 https://github.com/google/kmsan.git master fa1981bee40f fa6c7b70 .config console log report ci-upstream-kmsan-gce
2019/02/08 06:31 https://github.com/google/kmsan.git master fa1981bee40f aa4feb03 .config console log report ci-upstream-kmsan-gce
2019/02/07 04:09 https://github.com/google/kmsan.git master fa1981bee40f d25487bc .config console log report ci-upstream-kmsan-gce
2019/02/03 20:35 https://github.com/google/kmsan.git master fa1981bee40f c198d5dd .config console log report ci-upstream-kmsan-gce
2019/01/31 20:49 https://github.com/google/kmsan.git master fa1981bee40f 0e8ea0a3 .config console log report ci-upstream-kmsan-gce
2019/01/31 16:45 https://github.com/google/kmsan.git master fa1981bee40f 0e8ea0a3 .config console log report ci-upstream-kmsan-gce
2019/01/28 19:47 https://github.com/google/kmsan.git master d16ba73bc696 629c2a27 .config console log report ci-upstream-kmsan-gce
2019/01/28 08:52 https://github.com/google/kmsan.git master 02f2d5aea531 c73f090a .config console log report ci-upstream-kmsan-gce
2019/01/25 15:52 https://github.com/google/kmsan.git master 02f2d5aea531 b5d78bce .config console log report ci-upstream-kmsan-gce
2019/01/22 22:57 https://github.com/google/kmsan.git master 02f2d5aea531 b1ff06b2 .config console log report ci-upstream-kmsan-gce
2019/01/22 12:49 https://github.com/google/kmsan.git master 02f2d5aea531 985f75cc .config console log report ci-upstream-kmsan-gce
2019/01/22 07:12 https://github.com/google/kmsan.git master 02f2d5aea531 badbbeee .config console log report ci-upstream-kmsan-gce
2019/01/20 18:16 https://github.com/google/kmsan.git master 02f2d5aea531 fd37a550 .config console log report ci-upstream-kmsan-gce
2019/01/19 02:45 https://github.com/google/kmsan.git master 02f2d5aea531 2103a236 .config console log report ci-upstream-kmsan-gce
2019/01/18 21:49 https://github.com/google/kmsan.git master 02f2d5aea531 2103a236 .config console log report ci-upstream-kmsan-gce
2019/01/18 05:34 https://github.com/google/kmsan.git master 02f2d5aea531 5bf17c30 .config console log report ci-upstream-kmsan-gce
2019/01/17 09:47 https://github.com/google/kmsan.git master 02f2d5aea531 c2faf9b2 .config console log report ci-upstream-kmsan-gce
2019/01/10 04:33 https://github.com/google/kmsan.git master a6846a32c96d 45c0c1b1 .config console log report ci-upstream-kmsan-gce
2019/01/08 12:46 https://github.com/google/kmsan.git master 48128c3ca084 37dd2683 .config console log report ci-upstream-kmsan-gce
2019/01/07 22:34 https://github.com/google/kmsan.git master 48128c3ca084 69d69aa9 .config console log report ci-upstream-kmsan-gce
2019/01/07 01:33 https://github.com/google/kmsan.git master 11587f6ee534 ee332608 .config console log report ci-upstream-kmsan-gce
2019/01/06 12:31 https://github.com/google/kmsan.git master 11587f6ee534 94f8adb5 .config console log report ci-upstream-kmsan-gce
2019/01/05 20:14 https://github.com/google/kmsan.git master 11587f6ee534 53be0a37 .config console log report ci-upstream-kmsan-gce
2019/01/05 06:22 https://github.com/google/kmsan.git master 11587f6ee534 53be0a37 .config console log report ci-upstream-kmsan-gce
2019/01/05 04:44 https://github.com/google/kmsan.git master 11587f6ee534 53be0a37 .config console log report ci-upstream-kmsan-gce
2019/01/04 15:47 https://github.com/google/kmsan.git master 11587f6ee534 0127e3ba .config console log report ci-upstream-kmsan-gce
2019/01/04 02:50 https://github.com/google/kmsan.git master 68006459ade0 7da23925 .config console log report ci-upstream-kmsan-gce
2019/01/03 22:56 https://github.com/google/kmsan.git master 68006459ade0 7da23925 .config console log report ci-upstream-kmsan-gce
2019/01/03 12:54 https://github.com/google/kmsan.git master 8ba10281f9e5 66fcd29b .config console log report ci-upstream-kmsan-gce
2019/01/03 11:00 https://github.com/google/kmsan.git master 8ba10281f9e5 66fcd29b .config console log report ci-upstream-kmsan-gce
2019/01/03 09:49 https://github.com/google/kmsan.git master 8ba10281f9e5 06a2b89f .config console log report ci-upstream-kmsan-gce
2018/10/24 07:10 https://github.com/google/kmsan.git master 4bb25354f0b0 a8292de9 .config console log report ci-upstream-kmsan-gce
* Struck through repros no longer work on HEAD.