syzbot

 sign-in | mailing list | source | docs
🐞 Open [982] Subsystems 🐞 Fixed [5216] 🐞 Invalid [12474] Missing Backports [82] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

KMSAN: uninit-value in ucma_connect

Status: fixed on 2020/09/16 22:51
Subsystems: rdma
[Documentation on labels]
Reported-by: syzbot+7446526858b83c8828b2@syzkaller.appspotmail.com
Fix commit: 31142a4ba617 RDMA/cm: Add min length checks to user structure copies
First crash: 1371d, last: 1315d
Discussions (2)
Title Replies (including bot) Last reply
[Linux-kernel-mentees] [PATCH] infiniband: Fix uninit-value in ucma_connect() 4 (4) 2020/07/27 14:58
KMSAN: uninit-value in ucma_connect 0 (1) 2020/07/22 05:53
Last patch testing requests (1)
Created Duration User Patch Repo Result
2020/07/25 13:09 19m yepeilin.cs@gmail.com patch https://github.com/google/kmsan.git master OK

Sample crash report:
=====================================================
BUG: KMSAN: uninit-value in ucma_connect+0x2aa/0xab0 drivers/infiniband/core/ucma.c:1091
CPU: 0 PID: 8457 Comm: syz-executor069 Not tainted 5.8.0-rc5-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x1df/0x240 lib/dump_stack.c:118
 kmsan_report+0xf7/0x1e0 mm/kmsan/kmsan_report.c:121
 __msan_warning+0x58/0xa0 mm/kmsan/kmsan_instr.c:215
 ucma_connect+0x2aa/0xab0 drivers/infiniband/core/ucma.c:1091
 ucma_write+0x5c5/0x630 drivers/infiniband/core/ucma.c:1764
 do_loop_readv_writev fs/read_write.c:737 [inline]
 do_iter_write+0x710/0xdc0 fs/read_write.c:1020
 vfs_writev fs/read_write.c:1091 [inline]
 do_writev+0x42d/0x8f0 fs/read_write.c:1134
 __do_sys_writev fs/read_write.c:1207 [inline]
 __se_sys_writev+0x9b/0xb0 fs/read_write.c:1204
 __x64_sys_writev+0x4a/0x70 fs/read_write.c:1204
 do_syscall_64+0xb0/0x150 arch/x86/entry/common.c:386
 entry_SYSCALL_64_after_hwframe+0x44/0xa9
RIP: 0033:0x4402a9
Code: Bad RIP value.
RSP: 002b:00007ffd6e4541e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 00000000004402a9
RDX: 0000000000000001 RSI: 00000000200000c0 RDI: 0000000000000005
RBP: 00000000006ca018 R08: 00000000004002c8 R09: 00000000004002c8
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000401ab0
R13: 0000000000401b40 R14: 0000000000000000 R15: 0000000000000000

Local variable ----cmd@ucma_connect created at:
 ucma_connect+0xe1/0xab0 drivers/infiniband/core/ucma.c:1082
 ucma_connect+0xe1/0xab0 drivers/infiniband/core/ucma.c:1082
=====================================================

Crashes (138):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2020/07/19 04:45 https://github.com/google/kmsan.git master 14525656779e 9c812472 .config console log report syz C ci-upstream-kmsan-gce
2020/08/18 03:16 https://github.com/google/kmsan.git master ce8056d1f79e 424dd8e7 .config console log report syz ci-upstream-kmsan-gce-386
2020/07/19 22:12 https://github.com/google/kmsan.git master 14525656779e 9c812472 .config console log report syz ci-upstream-kmsan-gce-386
2020/09/12 00:12 https://github.com/google/kmsan.git master 3b3ea6028136 79fb24e2 .config console log report ci-upstream-kmsan-gce
2020/09/11 12:07 https://github.com/google/kmsan.git master 3b3ea6028136 adfb8b4e .config console log report ci-upstream-kmsan-gce
2020/09/10 21:07 https://github.com/google/kmsan.git master 3b3ea6028136 409809d8 .config console log report ci-upstream-kmsan-gce
2020/09/10 17:03 https://github.com/google/kmsan.git master 3b3ea6028136 409809d8 .config console log report ci-upstream-kmsan-gce
2020/09/10 01:30 https://github.com/google/kmsan.git master 3b3ea6028136 409809d8 .config console log report ci-upstream-kmsan-gce
2020/09/09 18:28 https://github.com/google/kmsan.git master 3b3ea6028136 0ea7a887 .config console log report ci-upstream-kmsan-gce
2020/09/09 04:37 https://github.com/google/kmsan.git master 3b3ea6028136 abf9ba4f .config console log report ci-upstream-kmsan-gce
2020/09/08 16:39 https://github.com/google/kmsan.git master 3b3ea6028136 abf9ba4f .config console log report ci-upstream-kmsan-gce
2020/09/07 20:50 https://github.com/google/kmsan.git master 3b3ea6028136 abf9ba4f .config console log report ci-upstream-kmsan-gce
2020/09/02 18:57 https://github.com/google/kmsan.git master 3b3ea6028136 abf9ba4f .config console log report ci-upstream-kmsan-gce
2020/09/02 13:42 https://github.com/google/kmsan.git master 3b3ea6028136 abf9ba4f .config console log report ci-upstream-kmsan-gce
2020/09/02 07:56 https://github.com/google/kmsan.git master 3b3ea6028136 abf9ba4f .config console log report ci-upstream-kmsan-gce
2020/09/01 18:42 https://github.com/google/kmsan.git master 3b3ea6028136 d5a3ae1f .config console log report ci-upstream-kmsan-gce
2020/09/01 05:51 https://github.com/google/kmsan.git master 3b3ea6028136 d5a3ae1f .config console log report ci-upstream-kmsan-gce
2020/08/31 01:59 https://github.com/google/kmsan.git master 3b3ea6028136 d5a3ae1f .config console log report ci-upstream-kmsan-gce
2020/08/29 12:01 https://github.com/google/kmsan.git master 3b3ea6028136 d5a3ae1f .config console log report ci-upstream-kmsan-gce
2020/08/29 08:02 https://github.com/google/kmsan.git master 3b3ea6028136 d5a3ae1f .config console log report ci-upstream-kmsan-gce
2020/08/29 06:52 https://github.com/google/kmsan.git master 3b3ea6028136 d5a3ae1f .config console log report ci-upstream-kmsan-gce
2020/08/29 04:26 https://github.com/google/kmsan.git master 3b3ea6028136 d5a3ae1f .config console log report ci-upstream-kmsan-gce
2020/08/27 17:30 https://github.com/google/kmsan.git master ce8056d1f79e 816e0689 .config console log report ci-upstream-kmsan-gce
2020/08/27 02:54 https://github.com/google/kmsan.git master ce8056d1f79e 318430cb .config console log report ci-upstream-kmsan-gce
2020/08/26 14:53 https://github.com/google/kmsan.git master ce8056d1f79e 318430cb .config console log report ci-upstream-kmsan-gce
2020/08/25 23:44 https://github.com/google/kmsan.git master ce8056d1f79e 344da168 .config console log report ci-upstream-kmsan-gce
2020/08/25 12:02 https://github.com/google/kmsan.git master ce8056d1f79e 344da168 .config console log report ci-upstream-kmsan-gce
2020/08/25 00:33 https://github.com/google/kmsan.git master ce8056d1f79e 67b599d1 .config console log report ci-upstream-kmsan-gce
2020/07/18 00:03 https://github.com/google/kmsan.git master 14525656779e 9c812472 .config console log report ci-upstream-kmsan-gce
2020/07/17 23:21 https://github.com/google/kmsan.git master 14525656779e 9c812472 .config console log report ci-upstream-kmsan-gce
2020/09/11 01:39 https://github.com/google/kmsan.git master 3b3ea6028136 409809d8 .config console log report ci-upstream-kmsan-gce-386
2020/09/10 05:32 https://github.com/google/kmsan.git master 3b3ea6028136 409809d8 .config console log report ci-upstream-kmsan-gce-386
2020/09/09 17:19 https://github.com/google/kmsan.git master 3b3ea6028136 0ea7a887 .config console log report ci-upstream-kmsan-gce-386
2020/09/07 16:21 https://github.com/google/kmsan.git master 3b3ea6028136 abf9ba4f .config console log report ci-upstream-kmsan-gce-386
2020/09/07 15:33 https://github.com/google/kmsan.git master 3b3ea6028136 abf9ba4f .config console log report ci-upstream-kmsan-gce-386
2020/09/05 15:03 https://github.com/google/kmsan.git master 3b3ea6028136 abf9ba4f .config console log report ci-upstream-kmsan-gce-386
2020/09/05 09:49 https://github.com/google/kmsan.git master 3b3ea6028136 abf9ba4f .config console log report ci-upstream-kmsan-gce-386
2020/09/05 01:34 https://github.com/google/kmsan.git master 3b3ea6028136 abf9ba4f .config console log report ci-upstream-kmsan-gce-386
2020/09/04 06:24 https://github.com/google/kmsan.git master 3b3ea6028136 abf9ba4f .config console log report ci-upstream-kmsan-gce-386
2020/09/03 13:39 https://github.com/google/kmsan.git master 3b3ea6028136 abf9ba4f .config console log report ci-upstream-kmsan-gce-386
2020/09/03 07:38 https://github.com/google/kmsan.git master 3b3ea6028136 abf9ba4f .config console log report ci-upstream-kmsan-gce-386
2020/09/02 12:27 https://github.com/google/kmsan.git master 3b3ea6028136 abf9ba4f .config console log report ci-upstream-kmsan-gce-386
2020/09/01 15:58 https://github.com/google/kmsan.git master 3b3ea6028136 d5a3ae1f .config console log report ci-upstream-kmsan-gce-386
2020/09/01 05:45 https://github.com/google/kmsan.git master 3b3ea6028136 d5a3ae1f .config console log report ci-upstream-kmsan-gce-386
2020/08/31 03:57 https://github.com/google/kmsan.git master 3b3ea6028136 d5a3ae1f .config console log report ci-upstream-kmsan-gce-386
2020/08/30 22:20 https://github.com/google/kmsan.git master 3b3ea6028136 d5a3ae1f .config console log report ci-upstream-kmsan-gce-386
2020/08/29 19:54 https://github.com/google/kmsan.git master 3b3ea6028136 d5a3ae1f .config console log report ci-upstream-kmsan-gce-386
2020/08/28 05:31 https://github.com/google/kmsan.git master ce8056d1f79e 816e0689 .config console log report ci-upstream-kmsan-gce-386
2020/08/28 00:06 https://github.com/google/kmsan.git master ce8056d1f79e 816e0689 .config console log report ci-upstream-kmsan-gce-386
2020/08/26 05:25 https://github.com/google/kmsan.git master ce8056d1f79e 344da168 .config console log report ci-upstream-kmsan-gce-386
2020/08/25 22:16 https://github.com/google/kmsan.git master ce8056d1f79e 344da168 .config console log report ci-upstream-kmsan-gce-386
2020/08/25 19:57 https://github.com/google/kmsan.git master ce8056d1f79e 344da168 .config console log report ci-upstream-kmsan-gce-386
* Struck through repros no longer work on HEAD.