syzbot

 sign-in | mailing list | source | docs
🐞 Open [993] Subsystems 🐞 Fixed [5244] 🐞 Invalid [12515] Missing Backports [83] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

KMSAN: uninit-value in tcp_recvmsg

Status: fixed on 2023/02/24 13:50
Subsystems: net
[Documentation on labels]
Fix commit: 1228b34c8d0e net: clear msg_get_inq in __sys_recvfrom() and __copy_msghdr_from_user()
First crash: 675d, last: 550d
Similar bugs (3)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KMSAN: uninit-value in tcp_recvmsg (3) net 1 119d 105d 26/26 fixed on 2024/02/09 18:39
upstream KMSAN: uninit-value in tcp_recvmsg (2) net 5 197d 210d 0/26 closed as invalid on 2023/12/22 15:49
upstream KMSAN: uninit-value in preempt_count_add kernel C 6657 566d 566d 0/26 closed as invalid on 2022/10/10 13:29

Sample crash report:
nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
=====================================================
BUG: KMSAN: uninit-value in tcp_recvmsg+0x6cf/0xb60 net/ipv4/tcp.c:2557
 tcp_recvmsg+0x6cf/0xb60 net/ipv4/tcp.c:2557
 inet_recvmsg+0x13a/0x5a0 net/ipv4/af_inet.c:850
 sock_recvmsg_nosec net/socket.c:995 [inline]
 sock_recvmsg net/socket.c:1013 [inline]
 __sys_recvfrom+0x696/0x900 net/socket.c:2176
 __do_sys_recvfrom net/socket.c:2194 [inline]
 __se_sys_recvfrom net/socket.c:2190 [inline]
 __x64_sys_recvfrom+0x122/0x1c0 net/socket.c:2190
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x3d/0xb0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x46/0xb0

Local variable msg created at:
 __sys_recvfrom+0x81/0x900 net/socket.c:2154
 __do_sys_recvfrom net/socket.c:2194 [inline]
 __se_sys_recvfrom net/socket.c:2190 [inline]
 __x64_sys_recvfrom+0x122/0x1c0 net/socket.c:2190

CPU: 0 PID: 3493 Comm: syz-executor170 Not tainted 5.19.0-rc3-syzkaller-30868-g4b28366af7d9 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
=====================================================

Crashes (25918):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2022/06/21 22:05 https://github.com/google/kmsan.git master 4b28366af7d9 0fc5c330 .config strace log report syz C ci-upstream-kmsan-gce KMSAN: uninit-value in tcp_recvmsg
2022/08/02 11:36 https://github.com/google/kmsan.git master 97117d69c353 fef302b1 .config console log report info ci-upstream-kmsan-gce KMSAN: uninit-value in tcp_recvmsg
2022/10/25 04:24 https://github.com/google/kmsan.git master 968c2729e576 ff2fe65d .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in tcp_recvmsg
2022/10/25 03:26 https://github.com/google/kmsan.git master 968c2729e576 ff2fe65d .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in tcp_recvmsg
2022/10/25 02:30 https://github.com/google/kmsan.git master 968c2729e576 ff2fe65d .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in tcp_recvmsg
2022/10/25 01:48 https://github.com/google/kmsan.git master 968c2729e576 ff2fe65d .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in tcp_recvmsg
2022/10/25 01:25 https://github.com/google/kmsan.git master 968c2729e576 ff2fe65d .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in tcp_recvmsg
2022/10/25 00:24 https://github.com/google/kmsan.git master 968c2729e576 ff2fe65d .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in tcp_recvmsg
2022/10/25 00:04 https://github.com/google/kmsan.git master 968c2729e576 ff2fe65d .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in tcp_recvmsg
2022/10/24 23:04 https://github.com/google/kmsan.git master 968c2729e576 ff2fe65d .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in tcp_recvmsg
2022/10/24 22:35 https://github.com/google/kmsan.git master 968c2729e576 ff2fe65d .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in tcp_recvmsg
2022/10/24 20:44 https://github.com/google/kmsan.git master 968c2729e576 ff2fe65d .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in tcp_recvmsg
2022/10/24 18:37 https://github.com/google/kmsan.git master 968c2729e576 ff2fe65d .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in tcp_recvmsg
2022/10/24 15:43 https://github.com/google/kmsan.git master 968c2729e576 23bf86af .config console log report info [disk image] [vmlinux] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in tcp_recvmsg
2022/10/24 15:35 https://github.com/google/kmsan.git master 968c2729e576 23bf86af .config console log report info [disk image] [vmlinux] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in tcp_recvmsg
2022/10/24 14:33 https://github.com/google/kmsan.git master 968c2729e576 23bf86af .config console log report info [disk image] [vmlinux] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in tcp_recvmsg
2022/10/24 14:09 https://github.com/google/kmsan.git master 968c2729e576 23bf86af .config console log report info [disk image] [vmlinux] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in tcp_recvmsg
2022/10/24 13:07 https://github.com/google/kmsan.git master 968c2729e576 23bf86af .config console log report info [disk image] [vmlinux] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in tcp_recvmsg
2022/10/24 12:56 https://github.com/google/kmsan.git master 968c2729e576 23bf86af .config console log report info [disk image] [vmlinux] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in tcp_recvmsg
2022/10/24 11:55 https://github.com/google/kmsan.git master 968c2729e576 23bf86af .config console log report info [disk image] [vmlinux] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in tcp_recvmsg
2022/10/24 10:58 https://github.com/google/kmsan.git master 968c2729e576 23bf86af .config console log report info [disk image] [vmlinux] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in tcp_recvmsg
2022/10/24 10:42 https://github.com/google/kmsan.git master 968c2729e576 23bf86af .config console log report info [disk image] [vmlinux] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in tcp_recvmsg
2022/10/24 09:37 https://github.com/google/kmsan.git master 968c2729e576 23bf86af .config console log report info [disk image] [vmlinux] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in tcp_recvmsg
2022/10/24 09:15 https://github.com/google/kmsan.git master 968c2729e576 23bf86af .config console log report info [disk image] [vmlinux] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in tcp_recvmsg
2022/10/24 07:57 https://github.com/google/kmsan.git master 968c2729e576 23bf86af .config console log report info [disk image] [vmlinux] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in tcp_recvmsg
2022/10/24 06:53 https://github.com/google/kmsan.git master 968c2729e576 23bf86af .config console log report info [disk image] [vmlinux] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in tcp_recvmsg
2022/10/24 05:36 https://github.com/google/kmsan.git master 968c2729e576 23bf86af .config console log report info [disk image] [vmlinux] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in tcp_recvmsg
2022/10/24 04:12 https://github.com/google/kmsan.git master 968c2729e576 23bf86af .config console log report info [disk image] [vmlinux] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in tcp_recvmsg
2022/10/24 03:20 https://github.com/google/kmsan.git master 968c2729e576 23bf86af .config console log report info [disk image] [vmlinux] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in tcp_recvmsg
2022/10/24 02:51 https://github.com/google/kmsan.git master 968c2729e576 23bf86af .config console log report info [disk image] [vmlinux] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in tcp_recvmsg
2022/10/24 02:28 https://github.com/google/kmsan.git master 968c2729e576 23bf86af .config console log report info [disk image] [vmlinux] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in tcp_recvmsg
2022/10/24 01:25 https://github.com/google/kmsan.git master 968c2729e576 23bf86af .config console log report info [disk image] [vmlinux] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in tcp_recvmsg
2022/10/24 00:54 https://github.com/google/kmsan.git master 968c2729e576 23bf86af .config console log report info [disk image] [vmlinux] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in tcp_recvmsg
2022/10/23 23:35 https://github.com/google/kmsan.git master 968c2729e576 23bf86af .config console log report info [disk image] [vmlinux] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in tcp_recvmsg
2022/10/23 23:25 https://github.com/google/kmsan.git master 968c2729e576 23bf86af .config console log report info [disk image] [vmlinux] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in tcp_recvmsg
2022/10/23 22:11 https://github.com/google/kmsan.git master 968c2729e576 23bf86af .config console log report info [disk image] [vmlinux] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in tcp_recvmsg
2022/10/23 21:11 https://github.com/google/kmsan.git master 968c2729e576 23bf86af .config console log report info [disk image] [vmlinux] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in tcp_recvmsg
2022/10/23 20:06 https://github.com/google/kmsan.git master 968c2729e576 23bf86af .config console log report info [disk image] [vmlinux] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in tcp_recvmsg
2022/10/23 18:32 https://github.com/google/kmsan.git master 968c2729e576 23bf86af .config console log report info [disk image] [vmlinux] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in tcp_recvmsg
2022/10/23 16:34 https://github.com/google/kmsan.git master 968c2729e576 23bf86af .config console log report info [disk image] [vmlinux] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in tcp_recvmsg
2022/10/23 13:02 https://github.com/google/kmsan.git master 968c2729e576 c0b80a55 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in tcp_recvmsg
2022/10/23 11:57 https://github.com/google/kmsan.git master 968c2729e576 c0b80a55 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in tcp_recvmsg
2022/10/23 10:35 https://github.com/google/kmsan.git master 968c2729e576 c0b80a55 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in tcp_recvmsg
2022/10/23 08:47 https://github.com/google/kmsan.git master 968c2729e576 c0b80a55 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in tcp_recvmsg
2022/06/21 16:34 https://github.com/google/kmsan.git master 4b28366af7d9 0fc5c330 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in tcp_recvmsg
* Struck through repros no longer work on HEAD.