syzbot


KMSAN: uninit-value in nf_flow_table_offload_setup

Status: auto-obsoleted due to no activity on 2022/09/09 19:21
Subsystems: netfilter
[Documentation on labels]
Reported-by: syzbot+8fbe17d9bdd5c8815211@syzkaller.appspotmail.com
First crash: 1490d, last: 1463d
Discussions (1)
Title Replies (including bot) Last reply
KMSAN: uninit-value in nf_flow_table_offload_setup 0 (1) 2020/02/22 16:18
Last patch testing requests (3)
Created Duration User Patch Repo Result
2022/09/09 16:27 20m retest repro https://github.com/google/kmsan.git master OK log
2020/09/15 11:33 19m anant.thazhemadam@gmail.com https://github.com/google/kmsan.git master OK
2020/09/14 12:55 19m anant.thazhemadam@gmail.com patch https://github.com/google/kmsan.git master OK

Sample crash report:
batman_adv: batadv0: Interface activated: batadv_slave_1
=====================================================
BUG: KMSAN: uninit-value in list_splice include/linux/list.h:437 [inline]
BUG: KMSAN: uninit-value in nf_flow_table_block_setup net/netfilter/nf_flow_table_offload.c:826 [inline]
BUG: KMSAN: uninit-value in nf_flow_table_offload_setup+0x964/0xac0 net/netfilter/nf_flow_table_offload.c:883
CPU: 1 PID: 11672 Comm: syz-executor942 Not tainted 5.6.0-rc2-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x1c9/0x220 lib/dump_stack.c:118
 kmsan_report+0xf7/0x1e0 mm/kmsan/kmsan_report.c:118
 __msan_warning+0x58/0xa0 mm/kmsan/kmsan_instr.c:215
 list_splice include/linux/list.h:437 [inline]
 nf_flow_table_block_setup net/netfilter/nf_flow_table_offload.c:826 [inline]
 nf_flow_table_offload_setup+0x964/0xac0 net/netfilter/nf_flow_table_offload.c:883
 nft_register_flowtable_net_hooks net/netfilter/nf_tables_api.c:6185 [inline]
 nf_tables_newflowtable+0x233c/0x3e30 net/netfilter/nf_tables_api.c:6302
 nfnetlink_rcv_batch net/netfilter/nfnetlink.c:433 [inline]
 nfnetlink_rcv_skb_batch net/netfilter/nfnetlink.c:543 [inline]
 nfnetlink_rcv+0x155e/0x3ab0 net/netfilter/nfnetlink.c:561
 netlink_unicast_kernel net/netlink/af_netlink.c:1302 [inline]
 netlink_unicast+0xf9e/0x1100 net/netlink/af_netlink.c:1328
 netlink_sendmsg+0x1246/0x14d0 net/netlink/af_netlink.c:1917
 sock_sendmsg_nosec net/socket.c:652 [inline]
 sock_sendmsg net/socket.c:672 [inline]
 ____sys_sendmsg+0x12b6/0x1350 net/socket.c:2343
 ___sys_sendmsg net/socket.c:2397 [inline]
 __sys_sendmsg+0x451/0x5f0 net/socket.c:2430
 __do_sys_sendmsg net/socket.c:2439 [inline]
 __se_sys_sendmsg+0x97/0xb0 net/socket.c:2437
 __x64_sys_sendmsg+0x4a/0x70 net/socket.c:2437
 do_syscall_64+0xb8/0x160 arch/x86/entry/common.c:296
 entry_SYSCALL_64_after_hwframe+0x44/0xa9
RIP: 0033:0x443709
Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b 10 fc ff c3 66 2e 0f 1f 84 00 00 00 00
RSP: 002b:00007fffe96ae538 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000443709
RDX: 0000000000000000 RSI: 0000000020003e00 RDI: 0000000000000003
RBP: 00007fffe96ae550 R08: 0000000001bbbbbb R09: 0000000001bbbbbb
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 0000000000404ca0 R14: 0000000000000000 R15: 0000000000000000

Local variable ----bo@nf_flow_table_offload_setup created at:
 nf_flow_table_offload_setup+0xba/0xac0 net/netfilter/nf_flow_table_offload.c:876
 nf_flow_table_offload_setup+0xba/0xac0 net/netfilter/nf_flow_table_offload.c:876
=====================================================

Crashes (345):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2020/02/18 21:35 https://github.com/google/kmsan.git master 8bbbc5cf3dca 012fbc32 .config console log report syz C ci-upstream-kmsan-gce
2020/03/16 13:33 https://github.com/google/kmsan.git master 8bbbc5cf3dca 749688d2 .config console log report ci-upstream-kmsan-gce
2020/03/16 11:47 https://github.com/google/kmsan.git master 8bbbc5cf3dca 749688d2 .config console log report ci-upstream-kmsan-gce
2020/03/16 08:16 https://github.com/google/kmsan.git master 8bbbc5cf3dca 749688d2 .config console log report ci-upstream-kmsan-gce
2020/03/15 05:21 https://github.com/google/kmsan.git master 8bbbc5cf3dca 749688d2 .config console log report ci-upstream-kmsan-gce
2020/03/15 02:39 https://github.com/google/kmsan.git master 8bbbc5cf3dca 749688d2 .config console log report ci-upstream-kmsan-gce
2020/03/14 23:44 https://github.com/google/kmsan.git master 8bbbc5cf3dca 749688d2 .config console log report ci-upstream-kmsan-gce
2020/03/14 22:34 https://github.com/google/kmsan.git master 8bbbc5cf3dca 749688d2 .config console log report ci-upstream-kmsan-gce
2020/03/14 21:02 https://github.com/google/kmsan.git master 8bbbc5cf3dca 749688d2 .config console log report ci-upstream-kmsan-gce
2020/03/14 17:59 https://github.com/google/kmsan.git master 8bbbc5cf3dca 749688d2 .config console log report ci-upstream-kmsan-gce
2020/03/14 16:50 https://github.com/google/kmsan.git master 8bbbc5cf3dca 749688d2 .config console log report ci-upstream-kmsan-gce
2020/03/14 12:48 https://github.com/google/kmsan.git master 8bbbc5cf3dca 749688d2 .config console log report ci-upstream-kmsan-gce
2020/03/14 11:42 https://github.com/google/kmsan.git master 8bbbc5cf3dca 749688d2 .config console log report ci-upstream-kmsan-gce
2020/03/14 10:42 https://github.com/google/kmsan.git master 8bbbc5cf3dca 749688d2 .config console log report ci-upstream-kmsan-gce
2020/03/14 09:41 https://github.com/google/kmsan.git master 8bbbc5cf3dca 749688d2 .config console log report ci-upstream-kmsan-gce
2020/03/14 06:46 https://github.com/google/kmsan.git master 8bbbc5cf3dca 749688d2 .config console log report ci-upstream-kmsan-gce
2020/03/14 04:26 https://github.com/google/kmsan.git master 8bbbc5cf3dca 749688d2 .config console log report ci-upstream-kmsan-gce
2020/03/14 01:50 https://github.com/google/kmsan.git master 8bbbc5cf3dca 749688d2 .config console log report ci-upstream-kmsan-gce
2020/03/14 00:23 https://github.com/google/kmsan.git master 8bbbc5cf3dca d850e9d0 .config console log report ci-upstream-kmsan-gce
2020/03/13 10:23 https://github.com/google/kmsan.git master 8bbbc5cf3dca d850e9d0 .config console log report ci-upstream-kmsan-gce
2020/03/13 08:03 https://github.com/google/kmsan.git master 8bbbc5cf3dca d850e9d0 .config console log report ci-upstream-kmsan-gce
2020/03/13 06:56 https://github.com/google/kmsan.git master 8bbbc5cf3dca d850e9d0 .config console log report ci-upstream-kmsan-gce
2020/03/13 03:30 https://github.com/google/kmsan.git master 8bbbc5cf3dca d850e9d0 .config console log report ci-upstream-kmsan-gce
2020/03/13 01:13 https://github.com/google/kmsan.git master 8bbbc5cf3dca d850e9d0 .config console log report ci-upstream-kmsan-gce
2020/03/12 23:16 https://github.com/google/kmsan.git master 8bbbc5cf3dca d850e9d0 .config console log report ci-upstream-kmsan-gce
2020/03/12 19:45 https://github.com/google/kmsan.git master 8bbbc5cf3dca d850e9d0 .config console log report ci-upstream-kmsan-gce
2020/03/12 16:25 https://github.com/google/kmsan.git master 8bbbc5cf3dca d850e9d0 .config console log report ci-upstream-kmsan-gce
2020/03/11 23:04 https://github.com/google/kmsan.git master 8bbbc5cf3dca e7caca8e .config console log report ci-upstream-kmsan-gce
2020/03/11 04:07 https://github.com/google/kmsan.git master 8bbbc5cf3dca 35f53e45 .config console log report ci-upstream-kmsan-gce
2020/03/11 02:59 https://github.com/google/kmsan.git master 8bbbc5cf3dca 35f53e45 .config console log report ci-upstream-kmsan-gce
2020/02/18 15:59 https://github.com/google/kmsan.git master 8bbbc5cf3dca 012fbc32 .config console log report ci-upstream-kmsan-gce
2020/02/18 14:51 https://github.com/google/kmsan.git master 8bbbc5cf3dca 012fbc32 .config console log report ci-upstream-kmsan-gce
2020/03/15 23:19 https://github.com/google/kmsan.git master 8bbbc5cf3dca 749688d2 .config console log report ci-upstream-kmsan-gce-386
2020/03/15 22:10 https://github.com/google/kmsan.git master 8bbbc5cf3dca 749688d2 .config console log report ci-upstream-kmsan-gce-386
2020/03/15 21:57 https://github.com/google/kmsan.git master 8bbbc5cf3dca 749688d2 .config console log report ci-upstream-kmsan-gce-386
2020/03/15 18:58 https://github.com/google/kmsan.git master 8bbbc5cf3dca 749688d2 .config console log report ci-upstream-kmsan-gce-386
2020/03/15 17:33 https://github.com/google/kmsan.git master 8bbbc5cf3dca 749688d2 .config console log report ci-upstream-kmsan-gce-386
2020/03/15 15:48 https://github.com/google/kmsan.git master 8bbbc5cf3dca 749688d2 .config console log report ci-upstream-kmsan-gce-386
2020/03/15 13:45 https://github.com/google/kmsan.git master 8bbbc5cf3dca 749688d2 .config console log report ci-upstream-kmsan-gce-386
2020/03/15 04:18 https://github.com/google/kmsan.git master 8bbbc5cf3dca 749688d2 .config console log report ci-upstream-kmsan-gce-386
2020/03/15 02:03 https://github.com/google/kmsan.git master 8bbbc5cf3dca 749688d2 .config console log report ci-upstream-kmsan-gce-386
2020/03/15 01:02 https://github.com/google/kmsan.git master 8bbbc5cf3dca 749688d2 .config console log report ci-upstream-kmsan-gce-386
2020/03/14 20:53 https://github.com/google/kmsan.git master 8bbbc5cf3dca 749688d2 .config console log report ci-upstream-kmsan-gce-386
2020/03/14 19:07 https://github.com/google/kmsan.git master 8bbbc5cf3dca 749688d2 .config console log report ci-upstream-kmsan-gce-386
2020/03/13 22:06 https://github.com/google/kmsan.git master 8bbbc5cf3dca d850e9d0 .config console log report ci-upstream-kmsan-gce-386
2020/03/13 21:02 https://github.com/google/kmsan.git master 8bbbc5cf3dca d850e9d0 .config console log report ci-upstream-kmsan-gce-386
2020/03/13 18:40 https://github.com/google/kmsan.git master 8bbbc5cf3dca d850e9d0 .config console log report ci-upstream-kmsan-gce-386
2020/03/13 10:16 https://github.com/google/kmsan.git master 8bbbc5cf3dca d850e9d0 .config console log report ci-upstream-kmsan-gce-386
2020/03/11 19:38 https://github.com/google/kmsan.git master 8bbbc5cf3dca e7caca8e .config console log report ci-upstream-kmsan-gce-386
* Struck through repros no longer work on HEAD.