syzbot

 sign-in | mailing list | source | docs
🐞 Open [989] Subsystems 🐞 Fixed [5238] 🐞 Invalid [12509] Missing Backports [83] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

KMSAN: uninit-value in gue_err

Status: fixed on 2019/03/06 07:43
Subsystems: net
[Documentation on labels]
Fix commit: 26fc181e6cac fou, fou6: do not assume linear skbs
First crash: 1932d, last: 1878d
Similar bugs (1)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KMSAN: uninit-value in gue_err (2) net C 1617 1855d 1877d 11/26 fixed on 2019/03/28 12:00

Sample crash report:
==================================================================
BUG: KMSAN: uninit-value in gue_err+0x482/0xb00 net/ipv4/fou.c:1031
CPU: 1 PID: 16 Comm: ksoftirqd/1 Not tainted 5.0.0-rc1+ #9
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x173/0x1d0 lib/dump_stack.c:113
 kmsan_report+0x12e/0x2a0 mm/kmsan/kmsan.c:600
 __msan_warning+0x82/0xf0 mm/kmsan/kmsan_instr.c:313
 gue_err+0x482/0xb00 net/ipv4/fou.c:1031
 __udp4_lib_err_encap_no_sk net/ipv4/udp.c:569 [inline]
 __udp4_lib_err_encap net/ipv4/udp.c:624 [inline]
 __udp4_lib_err+0x12e6/0x1d40 net/ipv4/udp.c:663
 udp_err+0x74/0x90 net/ipv4/udp.c:735
 icmp_socket_deliver net/ipv4/icmp.c:766 [inline]
 icmp_unreach+0xb65/0x1070 net/ipv4/icmp.c:883
 icmp_rcv+0x11a1/0x1950 net/ipv4/icmp.c:1065
 ip_protocol_deliver_rcu+0x584/0xba0 net/ipv4/ip_input.c:208
 ip_local_deliver_finish net/ipv4/ip_input.c:234 [inline]
 NF_HOOK include/linux/netfilter.h:289 [inline]
 ip_local_deliver+0x624/0x7b0 net/ipv4/ip_input.c:255
 dst_input include/net/dst.h:450 [inline]
 ip_rcv_finish net/ipv4/ip_input.c:414 [inline]
 NF_HOOK include/linux/netfilter.h:289 [inline]
 ip_rcv+0x6b6/0x740 net/ipv4/ip_input.c:523
 __netif_receive_skb_one_core net/core/dev.c:4973 [inline]
 __netif_receive_skb net/core/dev.c:5083 [inline]
 process_backlog+0x756/0x10e0 net/core/dev.c:5923
 napi_poll net/core/dev.c:6346 [inline]
 net_rx_action+0x78b/0x1a60 net/core/dev.c:6412
 __do_softirq+0x53f/0x93a kernel/softirq.c:293
 run_ksoftirqd+0x26/0x50 kernel/softirq.c:658
 smpboot_thread_fn+0x4d0/0x9f0 kernel/smpboot.c:164
 kthread+0x4a1/0x4e0 kernel/kthread.c:247
 ret_from_fork+0x35/0x40 arch/x86/entry/entry_64.S:355

Uninit was created at:
 kmsan_save_stack_with_flags mm/kmsan/kmsan.c:205 [inline]
 kmsan_internal_poison_shadow+0x92/0x150 mm/kmsan/kmsan.c:159
 kmsan_kmalloc+0xa6/0x130 mm/kmsan/kmsan_hooks.c:176
 kmsan_slab_alloc+0xe/0x10 mm/kmsan/kmsan_hooks.c:185
 slab_post_alloc_hook mm/slab.h:446 [inline]
 slab_alloc_node mm/slub.c:2754 [inline]
 __kmalloc_node_track_caller+0xe9e/0xff0 mm/slub.c:4377
 __kmalloc_reserve net/core/skbuff.c:140 [inline]
 __alloc_skb+0x309/0xa20 net/core/skbuff.c:208
 alloc_skb include/linux/skbuff.h:1012 [inline]
 alloc_skb_with_frags+0x1c7/0xac0 net/core/skbuff.c:5288
 sock_alloc_send_pskb+0xafd/0x10a0 net/core/sock.c:2091
 sock_alloc_send_skb+0xca/0xe0 net/core/sock.c:2108
 __ip_append_data+0x34cd/0x5000 net/ipv4/ip_output.c:998
 ip_append_data+0x324/0x480 net/ipv4/ip_output.c:1220
 icmp_push_reply+0x23d/0x7e0 net/ipv4/icmp.c:375
 icmp_send+0x2e74/0x30c0 net/ipv4/icmp.c:736
 __udp4_lib_rcv+0x36c9/0x4b70 net/ipv4/udp.c:2313
 udp_rcv+0x5c/0x70 net/ipv4/udp.c:2472
 ip_protocol_deliver_rcu+0x584/0xba0 net/ipv4/ip_input.c:208
 ip_local_deliver_finish net/ipv4/ip_input.c:234 [inline]
 NF_HOOK include/linux/netfilter.h:289 [inline]
 ip_local_deliver+0x624/0x7b0 net/ipv4/ip_input.c:255
 dst_input include/net/dst.h:450 [inline]
 ip_rcv_finish net/ipv4/ip_input.c:414 [inline]
 NF_HOOK include/linux/netfilter.h:289 [inline]
 ip_rcv+0x6b6/0x740 net/ipv4/ip_input.c:523
 __netif_receive_skb_one_core net/core/dev.c:4973 [inline]
 __netif_receive_skb net/core/dev.c:5083 [inline]
 process_backlog+0x756/0x10e0 net/core/dev.c:5923
 napi_poll net/core/dev.c:6346 [inline]
 net_rx_action+0x78b/0x1a60 net/core/dev.c:6412
 __do_softirq+0x53f/0x93a kernel/softirq.c:293
==================================================================

Crashes (4686):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2019/02/28 06:30 https://github.com/google/kmsan.git master fa1981bee40f 34ec456b .config console log report syz C ci-upstream-kmsan-gce
2019/02/18 05:21 https://github.com/google/kmsan.git master fa1981bee40f 59f36113 .config console log report syz C ci-upstream-kmsan-gce
2019/02/06 22:13 https://github.com/google/kmsan.git master fa1981bee40f d25487bc .config console log report syz C ci-upstream-kmsan-gce
2019/01/14 03:36 https://github.com/google/kmsan.git master 02f2d5aea531 c3f3344c .config console log report syz C ci-upstream-kmsan-gce
2019/03/06 04:17 https://github.com/google/kmsan.git master 6c55aa96dcda 16559f86 .config console log report ci-upstream-kmsan-gce
2019/03/06 03:03 https://github.com/google/kmsan.git master 6c55aa96dcda 16559f86 .config console log report ci-upstream-kmsan-gce
2019/03/06 00:45 https://github.com/google/kmsan.git master 6c55aa96dcda 16559f86 .config console log report ci-upstream-kmsan-gce
2019/03/06 00:06 https://github.com/google/kmsan.git master 6c55aa96dcda 16559f86 .config console log report ci-upstream-kmsan-gce
2019/03/05 22:09 https://github.com/google/kmsan.git master 6c55aa96dcda 16559f86 .config console log report ci-upstream-kmsan-gce
2019/03/05 19:52 https://github.com/google/kmsan.git master 6c55aa96dcda 16559f86 .config console log report ci-upstream-kmsan-gce
2019/03/05 19:42 https://github.com/google/kmsan.git master 6c55aa96dcda 16559f86 .config console log report ci-upstream-kmsan-gce
2019/03/05 18:37 https://github.com/google/kmsan.git master 6c55aa96dcda 16559f86 .config console log report ci-upstream-kmsan-gce
2019/03/05 17:26 https://github.com/google/kmsan.git master 6c55aa96dcda bb91cf81 .config console log report ci-upstream-kmsan-gce
2019/03/05 16:15 https://github.com/google/kmsan.git master 6c55aa96dcda bb91cf81 .config console log report ci-upstream-kmsan-gce
2019/03/05 15:51 https://github.com/google/kmsan.git master 6c55aa96dcda bb91cf81 .config console log report ci-upstream-kmsan-gce
2019/03/05 14:24 https://github.com/google/kmsan.git master 6c55aa96dcda bb91cf81 .config console log report ci-upstream-kmsan-gce
2019/03/05 13:37 https://github.com/google/kmsan.git master 6c55aa96dcda bb91cf81 .config console log report ci-upstream-kmsan-gce
2019/03/05 12:25 https://github.com/google/kmsan.git master fa1981bee40f bb91cf81 .config console log report ci-upstream-kmsan-gce
2019/03/05 10:59 https://github.com/google/kmsan.git master fa1981bee40f bb91cf81 .config console log report ci-upstream-kmsan-gce
2019/03/05 09:50 https://github.com/google/kmsan.git master fa1981bee40f bb91cf81 .config console log report ci-upstream-kmsan-gce
2019/03/05 09:01 https://github.com/google/kmsan.git master fa1981bee40f bb91cf81 .config console log report ci-upstream-kmsan-gce
2019/03/05 08:36 https://github.com/google/kmsan.git master fa1981bee40f bb91cf81 .config console log report ci-upstream-kmsan-gce
2019/03/05 07:34 https://github.com/google/kmsan.git master fa1981bee40f bb91cf81 .config console log report ci-upstream-kmsan-gce
2019/03/05 06:34 https://github.com/google/kmsan.git master fa1981bee40f bb91cf81 .config console log report ci-upstream-kmsan-gce
2019/03/05 06:27 https://github.com/google/kmsan.git master fa1981bee40f bb91cf81 .config console log report ci-upstream-kmsan-gce
2019/03/05 04:22 https://github.com/google/kmsan.git master fa1981bee40f 7c693b52 .config console log report ci-upstream-kmsan-gce
2019/03/05 02:59 https://github.com/google/kmsan.git master fa1981bee40f 7c693b52 .config console log report ci-upstream-kmsan-gce
2019/03/05 01:55 https://github.com/google/kmsan.git master fa1981bee40f 7c693b52 .config console log report ci-upstream-kmsan-gce
2019/03/04 23:23 https://github.com/google/kmsan.git master fa1981bee40f 7c693b52 .config console log report ci-upstream-kmsan-gce
2019/03/04 22:11 https://github.com/google/kmsan.git master fa1981bee40f 7c693b52 .config console log report ci-upstream-kmsan-gce
2019/03/04 20:36 https://github.com/google/kmsan.git master fa1981bee40f 7c693b52 .config console log report ci-upstream-kmsan-gce
2019/03/04 19:24 https://github.com/google/kmsan.git master fa1981bee40f 7c693b52 .config console log report ci-upstream-kmsan-gce
2019/03/04 17:08 https://github.com/google/kmsan.git master fa1981bee40f 7c693b52 .config console log report ci-upstream-kmsan-gce
2019/03/04 16:25 https://github.com/google/kmsan.git master fa1981bee40f 7c693b52 .config console log report ci-upstream-kmsan-gce
2019/03/04 12:28 https://github.com/google/kmsan.git master fa1981bee40f 7c693b52 .config console log report ci-upstream-kmsan-gce
2019/03/04 11:27 https://github.com/google/kmsan.git master fa1981bee40f 7c693b52 .config console log report ci-upstream-kmsan-gce
2019/03/04 11:06 https://github.com/google/kmsan.git master fa1981bee40f 7c693b52 .config console log report ci-upstream-kmsan-gce
2019/03/04 10:00 https://github.com/google/kmsan.git master fa1981bee40f 7c693b52 .config console log report ci-upstream-kmsan-gce
2019/03/04 09:57 https://github.com/google/kmsan.git master fa1981bee40f 7c693b52 .config console log report ci-upstream-kmsan-gce
2019/03/04 08:33 https://github.com/google/kmsan.git master fa1981bee40f 7c693b52 .config console log report ci-upstream-kmsan-gce
2019/03/04 07:30 https://github.com/google/kmsan.git master fa1981bee40f 7c693b52 .config console log report ci-upstream-kmsan-gce
2019/03/04 06:27 https://github.com/google/kmsan.git master fa1981bee40f 1c0e457a .config console log report ci-upstream-kmsan-gce
2019/03/04 05:02 https://github.com/google/kmsan.git master fa1981bee40f 1c0e457a .config console log report ci-upstream-kmsan-gce
2019/03/04 04:53 https://github.com/google/kmsan.git master fa1981bee40f 1c0e457a .config console log report ci-upstream-kmsan-gce
2019/03/04 03:46 https://github.com/google/kmsan.git master fa1981bee40f 1c0e457a .config console log report ci-upstream-kmsan-gce
2019/03/04 02:25 https://github.com/google/kmsan.git master fa1981bee40f 1c0e457a .config console log report ci-upstream-kmsan-gce
2019/03/04 00:21 https://github.com/google/kmsan.git master fa1981bee40f 1c0e457a .config console log report ci-upstream-kmsan-gce
2019/01/11 02:30 https://github.com/google/kmsan.git master 02f2d5aea531 80dde172 .config console log report ci-upstream-kmsan-gce
* Struck through repros no longer work on HEAD.