syzbot

 sign-in | mailing list | source | docs
🐞 Open [980] Subsystems 🐞 Fixed [5208] 🐞 Invalid [12468] Missing Backports [82] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

KMSAN: uninit-value in gf128mul_4k_lle (2)

Status: closed as invalid on 2018/07/17 13:23
Subsystems: crypto
[Documentation on labels]
Reported-by: syzbot+adaa00fe5d0738baf2b4@syzkaller.appspotmail.com
First crash: 2187d, last: 2106d
Similar bugs (3)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KMSAN: uninit-value in gf128mul_4k_lle (4) crypto C 6 1368d 1370d 0/26 closed as invalid on 2020/07/22 14:12
upstream KMSAN: uninit-value in gf128mul_4k_lle crypto C 11 2187d 2202d 0/26 closed as invalid on 2018/04/22 15:44
upstream KMSAN: uninit-value in gf128mul_4k_lle (3) crypto C 2958 1607d 1972d 14/26 fixed on 2019/11/29 15:48

Sample crash report:
==================================================================
BUG: KMSAN: uninit-value in gf128mul_4k_lle+0x2b6/0x320 crypto/gf128mul.c:391
CPU: 0 PID: 4464 Comm: syzkaller799785 Not tainted 4.16.0+ #87
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:17 [inline]
 dump_stack+0x185/0x1d0 lib/dump_stack.c:53
 kmsan_report+0x142/0x240 mm/kmsan/kmsan.c:1067
 __msan_warning_32+0x6c/0xb0 mm/kmsan/kmsan_instr.c:683
 gf128mul_4k_lle+0x2b6/0x320 crypto/gf128mul.c:391
 ghash_update+0xa26/0x1160 crypto/ghash-generic.c:75
 crypto_shash_update crypto/shash.c:117 [inline]
 shash_ahash_update crypto/shash.c:239 [inline]
 shash_async_update+0x290/0x360 crypto/shash.c:247
 crypto_ahash_update include/crypto/hash.h:522 [inline]
 gcm_hash_update crypto/gcm.c:235 [inline]
 gcm_hash_assoc_remain_continue crypto/gcm.c:344 [inline]
 gcm_hash_init_continue crypto/gcm.c:402 [inline]
 gcm_hash+0x8b5/0x24a0 crypto/gcm.c:430
 gcm_encrypt_continue crypto/gcm.c:455 [inline]
 crypto_gcm_encrypt+0xa13/0xaf0 crypto/gcm.c:484
 big_key_crypt+0x73d/0x780 include/crypto/aead.h:370
 big_key_preparse+0x3df/0xec0 security/keys/big_key.c:243
 key_create_or_update+0x7a8/0x1a40 security/keys/key.c:849
 SYSC_add_key+0x6c2/0x960 security/keys/keyctl.c:122
 SyS_add_key+0x77/0xa0 security/keys/keyctl.c:62
 do_syscall_64+0x309/0x430 arch/x86/entry/common.c:287
 entry_SYSCALL_64_after_hwframe+0x3d/0xa2
RIP: 0033:0x43fcd9
RSP: 002b:00007fff1f67b858 EFLAGS: 00000207 ORIG_RAX: 00000000000000f8
RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 000000000043fcd9
RDX: 0000000020000180 RSI: 0000000020000140 RDI: 0000000020000100
RBP: 00000000006ca018 R08: 00000000fffffffc R09: 00000000004002c8
R10: 00000000000004d1 R11: 0000000000000207 R12: 0000000000401600
R13: 0000000000401690 R14: 0000000000000000 R15: 0000000000000000

Uninit was stored to memory at:
 kmsan_save_stack_with_flags mm/kmsan/kmsan.c:278 [inline]
 kmsan_save_stack mm/kmsan/kmsan.c:293 [inline]
 kmsan_internal_chain_origin+0x12b/0x210 mm/kmsan/kmsan.c:684
 __msan_chain_origin+0x69/0xc0 mm/kmsan/kmsan_instr.c:528
 __crypto_xor+0x23c/0x16b0 crypto/algapi.c:1012
 crypto_xor include/crypto/algapi.h:210 [inline]
 ghash_update+0x9e4/0x1160 crypto/ghash-generic.c:74
 crypto_shash_update crypto/shash.c:117 [inline]
 shash_ahash_update crypto/shash.c:239 [inline]
 shash_async_update+0x290/0x360 crypto/shash.c:247
 crypto_ahash_update include/crypto/hash.h:522 [inline]
 gcm_hash_update crypto/gcm.c:235 [inline]
 gcm_hash_assoc_remain_continue crypto/gcm.c:344 [inline]
 gcm_hash_init_continue crypto/gcm.c:402 [inline]
 gcm_hash+0x8b5/0x24a0 crypto/gcm.c:430
 gcm_encrypt_continue crypto/gcm.c:455 [inline]
 crypto_gcm_encrypt+0xa13/0xaf0 crypto/gcm.c:484
 big_key_crypt+0x73d/0x780 include/crypto/aead.h:370
 big_key_preparse+0x3df/0xec0 security/keys/big_key.c:243
 key_create_or_update+0x7a8/0x1a40 security/keys/key.c:849
 SYSC_add_key+0x6c2/0x960 security/keys/keyctl.c:122
 SyS_add_key+0x77/0xa0 security/keys/keyctl.c:62
 do_syscall_64+0x309/0x430 arch/x86/entry/common.c:287
 entry_SYSCALL_64_after_hwframe+0x3d/0xa2
Uninit was stored to memory at:
 kmsan_save_stack_with_flags mm/kmsan/kmsan.c:278 [inline]
 kmsan_save_stack mm/kmsan/kmsan.c:293 [inline]
 kmsan_internal_chain_origin+0x12b/0x210 mm/kmsan/kmsan.c:684
 __msan_chain_origin+0x69/0xc0 mm/kmsan/kmsan_instr.c:528
 __crypto_xor+0x23c/0x16b0 crypto/algapi.c:1012
 crypto_xor include/crypto/algapi.h:210 [inline]
 crypto_ctr_crypt_inplace+0x29a/0x3a0 crypto/ctr.c:115
 crypto_ctr_crypt+0x54c/0x7d0 crypto/ctr.c:142
 skcipher_crypt_blkcipher crypto/skcipher.c:623 [inline]
 skcipher_encrypt_blkcipher+0x222/0x320 crypto/skcipher.c:632
 crypto_skcipher_encrypt include/crypto/skcipher.h:443 [inline]
 crypto_gcm_encrypt+0x53e/0xaf0 crypto/gcm.c:483
 big_key_crypt+0x73d/0x780 include/crypto/aead.h:370
 big_key_preparse+0x3df/0xec0 security/keys/big_key.c:243
 key_create_or_update+0x7a8/0x1a40 security/keys/key.c:849
 SYSC_add_key+0x6c2/0x960 security/keys/keyctl.c:122
 SyS_add_key+0x77/0xa0 security/keys/keyctl.c:62
 do_syscall_64+0x309/0x430 arch/x86/entry/common.c:287
 entry_SYSCALL_64_after_hwframe+0x3d/0xa2
Uninit was created at:
 kmsan_save_stack_with_flags mm/kmsan/kmsan.c:278 [inline]
 kmsan_alloc_meta_for_pages+0x161/0x3a0 mm/kmsan/kmsan.c:814
 kmsan_alloc_page+0x82/0xe0 mm/kmsan/kmsan.c:868
 __alloc_pages_nodemask+0xf5b/0x5dc0 mm/page_alloc.c:4283
 alloc_pages_current+0x6b5/0x970 mm/mempolicy.c:2055
 alloc_pages include/linux/gfp.h:494 [inline]
 big_key_alloc_buffer+0x241/0xa00 security/keys/big_key.c:178
 big_key_preparse+0x20a/0xec0 security/keys/big_key.c:227
 key_create_or_update+0x7a8/0x1a40 security/keys/key.c:849
 SYSC_add_key+0x6c2/0x960 security/keys/keyctl.c:122
 SyS_add_key+0x77/0xa0 security/keys/keyctl.c:62
 do_syscall_64+0x309/0x430 arch/x86/entry/common.c:287
 entry_SYSCALL_64_after_hwframe+0x3d/0xa2
==================================================================

Crashes (1102):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2018/04/24 09:27 https://github.com/google/kmsan.git master d2d741e5d189 e7e85d36 .config console log report syz C ci-upstream-kmsan-gce
2018/04/23 03:46 https://github.com/google/kmsan.git master d2d741e5d189 d23fcf6c .config console log report syz C ci-upstream-kmsan-gce
2018/07/12 16:36 https://github.com/google/kmsan.git master b64f7ec04e12 06c33b3a .config console log report ci-upstream-kmsan-gce
2018/07/02 13:18 https://github.com/google/kmsan.git master 123906095e30 dba0b50e .config console log report ci-upstream-kmsan-gce
2018/07/02 13:10 https://github.com/google/kmsan.git master 123906095e30 dba0b50e .config console log report ci-upstream-kmsan-gce
2018/07/02 12:08 https://github.com/google/kmsan.git master 123906095e30 dba0b50e .config console log report ci-upstream-kmsan-gce
2018/07/02 10:44 https://github.com/google/kmsan.git master 123906095e30 dba0b50e .config console log report ci-upstream-kmsan-gce
2018/07/02 09:22 https://github.com/google/kmsan.git master 123906095e30 dba0b50e .config console log report ci-upstream-kmsan-gce
2018/07/02 07:16 https://github.com/google/kmsan.git master 123906095e30 dba0b50e .config console log report ci-upstream-kmsan-gce
2018/07/02 05:57 https://github.com/google/kmsan.git master 123906095e30 dba0b50e .config console log report ci-upstream-kmsan-gce
2018/07/02 03:45 https://github.com/google/kmsan.git master 123906095e30 dba0b50e .config console log report ci-upstream-kmsan-gce
2018/07/02 02:37 https://github.com/google/kmsan.git master 123906095e30 dba0b50e .config console log report ci-upstream-kmsan-gce
2018/07/02 01:10 https://github.com/google/kmsan.git master 123906095e30 dba0b50e .config console log report ci-upstream-kmsan-gce
2018/07/02 00:43 https://github.com/google/kmsan.git master 123906095e30 dba0b50e .config console log report ci-upstream-kmsan-gce
2018/07/01 23:09 https://github.com/google/kmsan.git master 123906095e30 dba0b50e .config console log report ci-upstream-kmsan-gce
2018/07/01 22:09 https://github.com/google/kmsan.git master 123906095e30 dba0b50e .config console log report ci-upstream-kmsan-gce
2018/07/01 21:09 https://github.com/google/kmsan.git master 123906095e30 dba0b50e .config console log report ci-upstream-kmsan-gce
2018/07/01 19:57 https://github.com/google/kmsan.git master 123906095e30 dba0b50e .config console log report ci-upstream-kmsan-gce
2018/07/01 18:11 https://github.com/google/kmsan.git master 123906095e30 dba0b50e .config console log report ci-upstream-kmsan-gce
2018/07/01 16:42 https://github.com/google/kmsan.git master 123906095e30 dba0b50e .config console log report ci-upstream-kmsan-gce
2018/07/01 16:17 https://github.com/google/kmsan.git master 123906095e30 dba0b50e .config console log report ci-upstream-kmsan-gce
2018/07/01 15:00 https://github.com/google/kmsan.git master 123906095e30 dba0b50e .config console log report ci-upstream-kmsan-gce
2018/07/01 13:06 https://github.com/google/kmsan.git master 123906095e30 dba0b50e .config console log report ci-upstream-kmsan-gce
2018/07/01 11:45 https://github.com/google/kmsan.git master 123906095e30 dba0b50e .config console log report ci-upstream-kmsan-gce
2018/07/01 10:12 https://github.com/google/kmsan.git master 123906095e30 dba0b50e .config console log report ci-upstream-kmsan-gce
2018/07/01 09:04 https://github.com/google/kmsan.git master 123906095e30 dba0b50e .config console log report ci-upstream-kmsan-gce
2018/07/01 07:16 https://github.com/google/kmsan.git master 123906095e30 dba0b50e .config console log report ci-upstream-kmsan-gce
2018/07/01 06:15 https://github.com/google/kmsan.git master 123906095e30 dba0b50e .config console log report ci-upstream-kmsan-gce
2018/07/01 04:53 https://github.com/google/kmsan.git master 123906095e30 dba0b50e .config console log report ci-upstream-kmsan-gce
2018/07/01 03:40 https://github.com/google/kmsan.git master 123906095e30 dba0b50e .config console log report ci-upstream-kmsan-gce
2018/07/01 02:31 https://github.com/google/kmsan.git master 123906095e30 dba0b50e .config console log report ci-upstream-kmsan-gce
2018/07/01 00:47 https://github.com/google/kmsan.git master 123906095e30 dba0b50e .config console log report ci-upstream-kmsan-gce
2018/06/30 23:06 https://github.com/google/kmsan.git master 123906095e30 dba0b50e .config console log report ci-upstream-kmsan-gce
2018/06/30 20:44 https://github.com/google/kmsan.git master 123906095e30 dba0b50e .config console log report ci-upstream-kmsan-gce
2018/06/30 19:38 https://github.com/google/kmsan.git master 123906095e30 dba0b50e .config console log report ci-upstream-kmsan-gce
2018/06/30 18:23 https://github.com/google/kmsan.git master 123906095e30 dba0b50e .config console log report ci-upstream-kmsan-gce
2018/06/30 18:21 https://github.com/google/kmsan.git master 123906095e30 dba0b50e .config console log report ci-upstream-kmsan-gce
2018/06/30 14:49 https://github.com/google/kmsan.git master 123906095e30 dba0b50e .config console log report ci-upstream-kmsan-gce
2018/06/30 13:35 https://github.com/google/kmsan.git master 123906095e30 dba0b50e .config console log report ci-upstream-kmsan-gce
2018/06/30 12:34 https://github.com/google/kmsan.git master 123906095e30 dba0b50e .config console log report ci-upstream-kmsan-gce
2018/06/30 10:36 https://github.com/google/kmsan.git master 123906095e30 dba0b50e .config console log report ci-upstream-kmsan-gce
2018/06/30 08:12 https://github.com/google/kmsan.git master 123906095e30 dba0b50e .config console log report ci-upstream-kmsan-gce
2018/06/30 07:10 https://github.com/google/kmsan.git master 123906095e30 dba0b50e .config console log report ci-upstream-kmsan-gce
2018/04/23 02:43 https://github.com/google/kmsan.git master d2d741e5d189 d23fcf6c .config console log report ci-upstream-kmsan-gce
* Struck through repros no longer work on HEAD.