syzbot

 sign-in | mailing list | source | docs
🐞 Open [993] Subsystems 🐞 Fixed [5244] 🐞 Invalid [12515] Missing Backports [83] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

KMSAN: uninit-value in ieee802154_subif_start_xmit

Status: fixed on 2023/10/12 12:47
Subsystems: bpf
[Documentation on labels]
Reported-by: syzbot+d61b595e9205573133b3@syzkaller.appspotmail.com
Fix commit: db2baf82b098 bpf: Fix an incorrect verification success with movsx insn
First crash: 892d, last: 268d
Cause bisection: introduced by (bisect log) :
commit 8100928c881482a73ed8bd499d602bab0fe55608
Author: Yonghong Song <yonghong.song@linux.dev>
Date: Fri Jul 28 01:12:02 2023 +0000

  bpf: Support new sign-extension mov insns

Crash: BUG: unable to handle kernel paging request in strnchr (log)
Repro: C syz .config
  
Discussions (2)
Title Replies (including bot) Last reply
[PATCH bpf-next 1/2] bpf: Fix an incorrect verification success with movsx insn 3 (3) 2023/08/07 23:50
[syzbot] [bpf?] KMSAN: uninit-value in ieee802154_subif_start_xmit 6 (7) 2023/08/07 18:09
Similar bugs (8)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KMSAN: uninit-value in irqtime_account_irq (2) mm cgroups C 7 728d 861d 0/26 auto-closed as invalid on 2022/09/02 15:33
upstream KMSAN: uninit-value in number (4) kernel C 7189 521d 899d 0/26 closed as invalid on 2022/11/28 10:01
upstream KMSAN: uninit-value in stack_trace_consume_entry net C 706 630d 626d 0/26 auto-obsoleted due to no activity on 2022/12/04 06:07
upstream KMSAN: uninit-value in preempt_count_add kernel C 6657 565d 565d 0/26 closed as invalid on 2022/10/10 13:29
upstream KMSAN: kernel-infoleak in _copy_to_iter (7) net C 138977 427d 779d 22/26 fixed on 2023/02/24 13:50
upstream KMSAN: uninit-value in exit_to_user_mode_loop (3) kernel C 2558 682d 941d 0/26 auto-closed as invalid on 2022/09/22 19:06
upstream KMSAN: uninit-value in do_user_addr_fault (3) net C 680 715d 764d 0/26 closed as invalid on 2022/05/12 12:08
upstream KMSAN: uninit-value in strnchr bpf C 45 8h06m 50d 0/26 closed as dup on 2024/04/09 05:30
Last patch testing requests (10)
Created Duration User Patch Repo Result
2023/07/01 22:17 22m retest repro https://github.com/google/kmsan.git master log
2023/07/01 22:17 18m retest repro https://github.com/google/kmsan.git master report log
2023/07/01 22:17 21m retest repro https://github.com/google/kmsan.git master log
2023/03/22 13:32 20m retest repro https://github.com/google/kmsan.git master log
2023/03/22 09:32 21m retest repro https://github.com/google/kmsan.git master log
2023/03/22 05:32 21m retest repro https://github.com/google/kmsan.git master report log
2022/12/12 13:31 20m retest repro https://github.com/google/kmsan.git master OK log
2022/12/12 10:31 19m retest repro https://github.com/google/kmsan.git master log
2022/12/12 07:31 19m retest repro https://github.com/google/kmsan.git master log
2022/12/12 02:31 16m retest repro https://github.com/google/kmsan.git master report log

Sample crash report:
=====================================================
BUG: KMSAN: uninit-value in check_pointer lib/vsprintf.c:710 [inline]
BUG: KMSAN: uninit-value in string+0x3cf/0x6f0 lib/vsprintf.c:722
 check_pointer lib/vsprintf.c:710 [inline]
 string+0x3cf/0x6f0 lib/vsprintf.c:722
 vsnprintf+0x2222/0x3650 lib/vsprintf.c:2806
 vprintk_store+0x537/0x2150 kernel/printk/printk.c:2158
 vprintk_emit+0x28b/0xab0 kernel/printk/printk.c:2256
 dev_vprintk_emit+0x5ef/0x6d0 drivers/base/core.c:4604
 dev_printk_emit+0x1dd/0x21f drivers/base/core.c:4615
 __netdev_printk+0x7e9/0xae0 net/core/dev.c:11117
 netdev_warn+0x1ea/0x22f net/core/dev.c:11170
 ieee802154_subif_start_xmit+0x1f4/0x260 net/mac802154/tx.c:125
 __netdev_start_xmit include/linux/netdevice.h:4778 [inline]
 netdev_start_xmit include/linux/netdevice.h:4792 [inline]
 xmit_one+0x2f4/0x840 net/core/dev.c:3532
 dev_hard_start_xmit+0x186/0x440 net/core/dev.c:3548
 sch_direct_xmit+0x5f5/0x1400 net/sched/sch_generic.c:342
 __dev_xmit_skb+0x18a4/0x2920 net/core/dev.c:3759
 __dev_queue_xmit+0x1599/0x3500 net/core/dev.c:4141
 dev_queue_xmit+0x4b/0x60 net/core/dev.c:4209
 tx+0xc6/0x320 drivers/block/aoe/aoenet.c:63
 kthread+0x1d5/0x440 drivers/block/aoe/aoecmd.c:1229
 kthread+0x3c7/0x500 kernel/kthread.c:376
 ret_from_fork+0x1f/0x30

Local variable regs created at:
 __bpf_prog_run32+0x84/0x180 kernel/bpf/core.c:2073
 bpf_dispatcher_nop_func include/linux/bpf.h:804 [inline]
 __bpf_prog_run include/linux/filter.h:628 [inline]
 bpf_prog_run include/linux/filter.h:635 [inline]
 bpf_prog_run_pin_on_cpu include/linux/filter.h:652 [inline]
 bpf_prog_run_clear_cb include/linux/filter.h:786 [inline]
 run_filter net/packet/af_packet.c:2077 [inline]
 packet_rcv+0x7fd/0x2570 net/packet/af_packet.c:2150

CPU: 0 PID: 1192 Comm: aoe_tx0 Not tainted 5.18.0-rc4-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
=====================================================

Crashes (119):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2022/04/27 18:38 https://github.com/google/kmsan.git master d6e2c8c7eb40 1fa34c1b .config console log report syz C ci-upstream-kmsan-gce-386 KMSAN: uninit-value in ieee802154_subif_start_xmit
2022/02/23 23:41 https://github.com/google/kmsan.git master 724946410067 6e821dbf .config console log report syz C ci-upstream-kmsan-gce-386 KMSAN: uninit-value in ieee802154_subif_start_xmit
2021/12/18 21:04 https://github.com/google/kmsan.git master b0a8b5053e8b 44068e19 .config console log report syz C ci-upstream-kmsan-gce-386 KMSAN: uninit-value in ieee802154_subif_start_xmit
2023/08/03 00:17 bpf-next 25ad10658dc1 39a91c18 .config strace log report syz C ci-upstream-bpf-next-kasan-gce general protection fault in strnchr
2022/05/13 06:40 https://github.com/google/kmsan.git master d6e2c8c7eb40 9ad6612a .config console log report syz ci-upstream-kmsan-gce KMSAN: uninit-value in ieee802154_subif_start_xmit
2022/04/14 14:29 https://github.com/google/kmsan.git master 33d9269ef6e0 b17b2923 .config console log report syz ci-upstream-kmsan-gce KMSAN: uninit-value in ieee802154_subif_start_xmit
2022/03/08 00:05 https://github.com/google/kmsan.git master 724946410067 7bdd8b2c .config console log report syz ci-upstream-kmsan-gce KMSAN: uninit-value in ieee802154_subif_start_xmit
2022/03/25 07:27 https://github.com/google/kmsan.git master 97c7732c2bb6 89bc8608 .config console log report syz ci-upstream-kmsan-gce-386 KMSAN: uninit-value in ieee802154_subif_start_xmit
2022/05/15 04:33 https://github.com/google/kmsan.git master d6e2c8c7eb40 744a39e2 .config console log report info ci-upstream-kmsan-gce KMSAN: uninit-value in ieee802154_subif_start_xmit
2022/05/11 23:13 https://github.com/google/kmsan.git master d6e2c8c7eb40 beb0b407 .config console log report info ci-upstream-kmsan-gce KMSAN: uninit-value in ieee802154_subif_start_xmit
2022/04/28 00:36 https://github.com/google/kmsan.git master d6e2c8c7eb40 8a1f1f07 .config console log report info ci-upstream-kmsan-gce KMSAN: uninit-value in ieee802154_subif_start_xmit
2022/04/24 12:11 https://github.com/google/kmsan.git master b834db009dc5 131df97d .config console log report info ci-upstream-kmsan-gce KMSAN: uninit-value in ieee802154_subif_start_xmit
2022/04/23 13:52 https://github.com/google/kmsan.git master b834db009dc5 131df97d .config console log report info ci-upstream-kmsan-gce KMSAN: uninit-value in ieee802154_subif_start_xmit
2022/04/23 12:32 https://github.com/google/kmsan.git master b834db009dc5 131df97d .config console log report info ci-upstream-kmsan-gce KMSAN: uninit-value in ieee802154_subif_start_xmit
2022/04/21 15:06 https://github.com/google/kmsan.git master 33d9269ef6e0 2738b391 .config console log report info ci-upstream-kmsan-gce KMSAN: uninit-value in ieee802154_subif_start_xmit
2022/04/17 13:30 https://github.com/google/kmsan.git master 33d9269ef6e0 8bcc32a6 .config console log report info ci-upstream-kmsan-gce KMSAN: uninit-value in ieee802154_subif_start_xmit
2022/04/14 01:07 https://github.com/google/kmsan.git master 33d9269ef6e0 b17b2923 .config console log report info ci-upstream-kmsan-gce KMSAN: uninit-value in ieee802154_subif_start_xmit
2022/04/12 04:10 https://github.com/google/kmsan.git master 33d9269ef6e0 af01ee7d .config console log report info ci-upstream-kmsan-gce KMSAN: uninit-value in ieee802154_subif_start_xmit
2022/04/09 21:08 https://github.com/google/kmsan.git master 33d9269ef6e0 e22c3da3 .config console log report info ci-upstream-kmsan-gce KMSAN: uninit-value in ieee802154_subif_start_xmit
2022/04/09 19:45 https://github.com/google/kmsan.git master 33d9269ef6e0 e22c3da3 .config console log report info ci-upstream-kmsan-gce KMSAN: uninit-value in ieee802154_subif_start_xmit
2022/04/07 21:37 https://github.com/google/kmsan.git master 33d9269ef6e0 c6ff3e05 .config console log report info ci-upstream-kmsan-gce KMSAN: uninit-value in ieee802154_subif_start_xmit
2022/04/05 05:30 https://github.com/google/kmsan.git master 33d9269ef6e0 5915c2cb .config console log report info ci-upstream-kmsan-gce KMSAN: uninit-value in ieee802154_subif_start_xmit
2022/04/04 08:30 https://github.com/google/kmsan.git master 1978a14f70af 79a2a8fc .config console log report info ci-upstream-kmsan-gce KMSAN: uninit-value in ieee802154_subif_start_xmit
2022/04/01 18:50 https://github.com/google/kmsan.git master 1978a14f70af 20955a24 .config console log report info ci-upstream-kmsan-gce KMSAN: uninit-value in ieee802154_subif_start_xmit
2022/03/25 10:34 https://github.com/google/kmsan.git master 97c7732c2bb6 89bc8608 .config console log report info ci-upstream-kmsan-gce KMSAN: uninit-value in ieee802154_subif_start_xmit
2022/03/10 02:40 https://github.com/google/kmsan.git master 724946410067 9e8eaa75 .config console log report info ci-upstream-kmsan-gce KMSAN: uninit-value in ieee802154_subif_start_xmit
2022/02/22 17:17 https://github.com/google/kmsan.git master 724946410067 6e821dbf .config console log report info ci-upstream-kmsan-gce KMSAN: uninit-value in ieee802154_subif_start_xmit
2022/02/22 09:52 https://github.com/google/kmsan.git master 724946410067 6e821dbf .config console log report info ci-upstream-kmsan-gce KMSAN: uninit-value in ieee802154_subif_start_xmit
2022/02/21 14:12 https://github.com/google/kmsan.git master 724946410067 3cd800e4 .config console log report info ci-upstream-kmsan-gce KMSAN: uninit-value in ieee802154_subif_start_xmit
2022/02/16 06:09 https://github.com/google/kmsan.git master 85cfd6e539bd 8b9ca619 .config console log report info ci-upstream-kmsan-gce KMSAN: uninit-value in ieee802154_subif_start_xmit
2022/02/14 02:00 https://github.com/google/kmsan.git master 85cfd6e539bd 8b9ca619 .config console log report info ci-upstream-kmsan-gce KMSAN: uninit-value in ieee802154_subif_start_xmit
2022/02/12 20:22 https://github.com/google/kmsan.git master 85cfd6e539bd 8b9ca619 .config console log report info ci-upstream-kmsan-gce KMSAN: uninit-value in ieee802154_subif_start_xmit
2022/02/12 19:04 https://github.com/google/kmsan.git master 85cfd6e539bd 8b9ca619 .config console log report info ci-upstream-kmsan-gce KMSAN: uninit-value in ieee802154_subif_start_xmit
2022/02/10 15:46 https://github.com/google/kmsan.git master 85cfd6e539bd 0b33604d .config console log report info ci-upstream-kmsan-gce KMSAN: uninit-value in ieee802154_subif_start_xmit
2022/02/06 02:27 https://github.com/google/kmsan.git master 85cfd6e539bd a7dab638 .config console log report info ci-upstream-kmsan-gce KMSAN: uninit-value in ieee802154_subif_start_xmit
2022/02/05 16:28 https://github.com/google/kmsan.git master 85cfd6e539bd a7dab638 .config console log report info ci-upstream-kmsan-gce KMSAN: uninit-value in ieee802154_subif_start_xmit
2022/02/01 16:20 https://github.com/google/kmsan.git master 85cfd6e539bd c1c1631d .config console log report info ci-upstream-kmsan-gce KMSAN: uninit-value in ieee802154_subif_start_xmit
2021/11/16 16:50 https://github.com/google/kmsan.git master beecc58f3c53 600426bd .config console log report info ci-upstream-kmsan-gce KMSAN: uninit-value in ieee802154_subif_start_xmit
2022/05/10 20:21 https://github.com/google/kmsan.git master d6e2c8c7eb40 8b277b8e .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in ieee802154_subif_start_xmit
2022/05/10 15:18 https://github.com/google/kmsan.git master d6e2c8c7eb40 8b277b8e .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in ieee802154_subif_start_xmit
2022/05/07 01:58 https://github.com/google/kmsan.git master d6e2c8c7eb40 e60b1103 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in ieee802154_subif_start_xmit
2022/04/22 16:59 https://github.com/google/kmsan.git master b834db009dc5 131df97d .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in ieee802154_subif_start_xmit
2022/04/16 12:34 https://github.com/google/kmsan.git master 33d9269ef6e0 8bcc32a6 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in ieee802154_subif_start_xmit
2022/04/12 19:23 https://github.com/google/kmsan.git master 33d9269ef6e0 dacb3f1c .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in ieee802154_subif_start_xmit
2022/04/09 16:22 https://github.com/google/kmsan.git master 33d9269ef6e0 e22c3da3 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in ieee802154_subif_start_xmit
2022/04/02 09:58 https://github.com/google/kmsan.git master 1978a14f70af 79a2a8fc .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in ieee802154_subif_start_xmit
2022/04/01 16:05 https://github.com/google/kmsan.git master 1978a14f70af 20955a24 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in ieee802154_subif_start_xmit
2022/03/21 10:30 https://github.com/google/kmsan.git master 97c7732c2bb6 e2d91b1d .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in ieee802154_subif_start_xmit
2022/02/17 12:36 https://github.com/google/kmsan.git master 85cfd6e539bd 2bea8a27 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in ieee802154_subif_start_xmit
2022/02/17 05:46 https://github.com/google/kmsan.git master 85cfd6e539bd 2bea8a27 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in ieee802154_subif_start_xmit
2022/02/14 15:25 https://github.com/google/kmsan.git master 85cfd6e539bd 8b9ca619 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in ieee802154_subif_start_xmit
2022/02/08 16:55 https://github.com/google/kmsan.git master 85cfd6e539bd 0b33604d .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in ieee802154_subif_start_xmit
2022/02/08 06:23 https://github.com/google/kmsan.git master 85cfd6e539bd a7dab638 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in ieee802154_subif_start_xmit
2022/02/04 05:49 https://github.com/google/kmsan.git master 85cfd6e539bd 30646bfe .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in ieee802154_subif_start_xmit
2022/02/01 12:02 https://github.com/google/kmsan.git master 85cfd6e539bd c1c1631d .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in ieee802154_subif_start_xmit
2023/08/02 23:16 bpf-next 25ad10658dc1 39a91c18 .config console log report info ci-upstream-bpf-next-kasan-gce BUG: unable to handle kernel paging request in strnchr
2023/04/22 18:53 https://github.com/google/kmsan.git master 0255004d2a8e 2b32bd34 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in strnchr
* Struck through repros no longer work on HEAD.