syzbot


KMSAN: uninit-value in erspan_build_header

Status: auto-obsoleted due to no activity on 2023/05/10 10:26
Subsystems: net
[Documentation on labels]
Reported-by: syzbot+d551178aab6a783dc249@syzkaller.appspotmail.com
First crash: 1037d, last: 638d
Discussions (1)
Title Replies (including bot) Last reply
[syzbot] KMSAN: uninit-value in erspan_build_header 2 (3) 2022/10/17 21:08
Similar bugs (8)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KMSAN: uninit-value in erspan_build_header (2) net C 47 1d14h 201d 1/28 upstream: reported C repro on 2024/03/22 12:17
upstream KMSAN: uninit-value in bpf_prog_run_generic_xdp net C 771 1d17h 691d 0/28 upstream: reported C repro on 2022/11/18 11:39
upstream KMSAN: uninit-value in ip_tunnel_xmit (3) net C 1516 734d 1421d 0/28 closed as invalid on 2022/10/12 18:48
upstream KMSAN: kernel-infoleak in _copy_to_iter (7) net C 138977 593d 945d 22/28 fixed on 2023/02/24 13:50
upstream KMSAN: uninit-value in IP6_ECN_decapsulate net C 981 295d 2211d 25/28 fixed on 2023/12/21 03:45
upstream KMSAN: uninit-value in br_dev_xmit bridge C 537 633d 1689d 0/28 auto-obsoleted due to no activity on 2023/05/15 13:28
upstream KMSAN: uninit-value in batadv_get_vid batman C 1947 585d 1689d 0/28 auto-obsoleted due to no activity on 2023/07/23 05:56
upstream KMSAN: uninit-value in eth_type_trans (2) net C 5598 1h51m 1722d 0/28 upstream: reported C repro on 2020/01/22 16:47

Sample crash report:
=====================================================
BUG: KMSAN: uninit-value in erspan_build_header+0x170/0x2f0 include/net/erspan.h:197
 erspan_build_header+0x170/0x2f0 include/net/erspan.h:197
 erspan_xmit+0x116c/0x1ea0 net/ipv4/ip_gre.c:701
 __netdev_start_xmit include/linux/netdevice.h:4865 [inline]
 netdev_start_xmit include/linux/netdevice.h:4879 [inline]
 xmit_one+0x14e/0x5f0 net/core/dev.c:3583
 dev_hard_start_xmit+0xe5/0x370 net/core/dev.c:3599
 sch_direct_xmit+0x3f1/0xdb0 net/sched/sch_generic.c:342
 __dev_xmit_skb+0xc22/0x1a30 net/core/dev.c:3810
 __dev_queue_xmit+0x12cb/0x31f0 net/core/dev.c:4215
 dev_queue_xmit include/linux/netdevice.h:3035 [inline]
 __bpf_tx_skb net/core/filter.c:2117 [inline]
 __bpf_redirect_common net/core/filter.c:2161 [inline]
 __bpf_redirect+0x135d/0x1470 net/core/filter.c:2168
 ____bpf_clone_redirect net/core/filter.c:2437 [inline]
 bpf_clone_redirect+0x324/0x470 net/core/filter.c:2409
 ___bpf_prog_run+0x7ed/0xaee0 kernel/bpf/core.c:1820
 __bpf_prog_run512+0xc2/0x110 kernel/bpf/core.c:2045
 bpf_dispatcher_nop_func include/linux/bpf.h:1082 [inline]
 __bpf_prog_run include/linux/filter.h:600 [inline]
 bpf_prog_run include/linux/filter.h:607 [inline]
 bpf_test_run+0x592/0xd20 net/bpf/test_run.c:402
 bpf_prog_test_run_skb+0x1623/0x2090 net/bpf/test_run.c:1187
 bpf_prog_test_run+0x6a0/0x730 kernel/bpf/syscall.c:3644
 __sys_bpf+0x8a3/0xe90 kernel/bpf/syscall.c:4997
 __do_sys_bpf kernel/bpf/syscall.c:5083 [inline]
 __se_sys_bpf kernel/bpf/syscall.c:5081 [inline]
 __ia32_sys_bpf+0x9c/0xe0 kernel/bpf/syscall.c:5081
 do_syscall_32_irqs_on arch/x86/entry/common.c:112 [inline]
 __do_fast_syscall_32+0xa2/0x100 arch/x86/entry/common.c:178
 do_fast_syscall_32+0x33/0x70 arch/x86/entry/common.c:203
 do_SYSENTER_32+0x1b/0x20 arch/x86/entry/common.c:246
 entry_SYSENTER_compat_after_hwframe+0x70/0x82

Uninit was created at:
 slab_post_alloc_hook mm/slab.h:766 [inline]
 slab_alloc_node mm/slub.c:3452 [inline]
 __kmem_cache_alloc_node+0x71f/0xce0 mm/slub.c:3491
 __do_kmalloc_node mm/slab_common.c:967 [inline]
 __kmalloc_node_track_caller+0x114/0x3b0 mm/slab_common.c:988
 kmalloc_reserve net/core/skbuff.c:492 [inline]
 pskb_expand_head+0x27c/0x1950 net/core/skbuff.c:1899
 __skb_cow include/linux/skbuff.h:3537 [inline]
 skb_cow_head include/linux/skbuff.h:3571 [inline]
 erspan_xmit+0xa9c/0x1ea0 net/ipv4/ip_gre.c:688
 __netdev_start_xmit include/linux/netdevice.h:4865 [inline]
 netdev_start_xmit include/linux/netdevice.h:4879 [inline]
 xmit_one+0x14e/0x5f0 net/core/dev.c:3583
 dev_hard_start_xmit+0xe5/0x370 net/core/dev.c:3599
 sch_direct_xmit+0x3f1/0xdb0 net/sched/sch_generic.c:342
 __dev_xmit_skb+0xc22/0x1a30 net/core/dev.c:3810
 __dev_queue_xmit+0x12cb/0x31f0 net/core/dev.c:4215
 dev_queue_xmit include/linux/netdevice.h:3035 [inline]
 __bpf_tx_skb net/core/filter.c:2117 [inline]
 __bpf_redirect_common net/core/filter.c:2161 [inline]
 __bpf_redirect+0x135d/0x1470 net/core/filter.c:2168
 ____bpf_clone_redirect net/core/filter.c:2437 [inline]
 bpf_clone_redirect+0x324/0x470 net/core/filter.c:2409
 ___bpf_prog_run+0x7ed/0xaee0 kernel/bpf/core.c:1820
 __bpf_prog_run512+0xc2/0x110 kernel/bpf/core.c:2045
 bpf_dispatcher_nop_func include/linux/bpf.h:1082 [inline]
 __bpf_prog_run include/linux/filter.h:600 [inline]
 bpf_prog_run include/linux/filter.h:607 [inline]
 bpf_test_run+0x592/0xd20 net/bpf/test_run.c:402
 bpf_prog_test_run_skb+0x1623/0x2090 net/bpf/test_run.c:1187
 bpf_prog_test_run+0x6a0/0x730 kernel/bpf/syscall.c:3644
 __sys_bpf+0x8a3/0xe90 kernel/bpf/syscall.c:4997
 __do_sys_bpf kernel/bpf/syscall.c:5083 [inline]
 __se_sys_bpf kernel/bpf/syscall.c:5081 [inline]
 __ia32_sys_bpf+0x9c/0xe0 kernel/bpf/syscall.c:5081
 do_syscall_32_irqs_on arch/x86/entry/common.c:112 [inline]
 __do_fast_syscall_32+0xa2/0x100 arch/x86/entry/common.c:178
 do_fast_syscall_32+0x33/0x70 arch/x86/entry/common.c:203
 do_SYSENTER_32+0x1b/0x20 arch/x86/entry/common.c:246
 entry_SYSENTER_compat_after_hwframe+0x70/0x82

CPU: 0 PID: 7599 Comm: syz-executor.4 Not tainted 6.2.0-rc3-syzkaller-79340-gc9a4e3bf8138 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
=====================================================

Crashes (40):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2023/01/10 10:26 https://github.com/google/kmsan.git master c9a4e3bf8138 1dac8c7a .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in erspan_build_header
2023/01/10 10:18 https://github.com/google/kmsan.git master c9a4e3bf8138 1dac8c7a .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in erspan_build_header
2022/11/24 05:27 https://github.com/google/kmsan.git master ddce02aa9c40 12c66417 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in erspan_build_header
2022/10/09 08:16 https://github.com/google/kmsan.git master 968c2729e576 aea5da89 .config console log report info [disk image] [vmlinux] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in erspan_build_header
2022/09/06 03:25 https://github.com/google/kmsan.git master 4367d178d9eb 9dcd38fc .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in erspan_build_header
2022/08/23 19:34 https://github.com/google/kmsan.git master 1b070a5d1a2c cea8b0f7 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in erspan_build_header
2022/08/11 17:40 https://github.com/google/kmsan.git master 1b070a5d1a2c 787ed7e0 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in erspan_build_header
2022/08/06 08:17 https://github.com/google/kmsan.git master bba47a4b6421 e853abd9 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in erspan_build_header
2022/08/03 16:11 https://github.com/google/kmsan.git master 82224c6104a8 1c9013ac .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in erspan_build_header
2022/07/25 22:58 https://github.com/google/kmsan.git master 97117d69c353 664c519c .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in erspan_build_header
2022/07/21 05:47 https://github.com/google/kmsan.git master 97117d69c353 88cb1383 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in erspan_build_header
2022/07/21 05:37 https://github.com/google/kmsan.git master 97117d69c353 88cb1383 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in erspan_build_header
2022/07/20 12:32 https://github.com/google/kmsan.git master 97117d69c353 775344bc .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in erspan_build_header
2022/07/17 07:18 https://github.com/google/kmsan.git master 97117d69c353 95cb00d1 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in erspan_build_header
2022/07/14 15:59 https://github.com/google/kmsan.git master 97117d69c353 5d921b08 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in erspan_build_header
2022/07/09 03:12 https://github.com/google/kmsan.git master 97117d69c353 b5765a15 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in erspan_build_header
2022/07/03 03:27 https://github.com/google/kmsan.git master ec1cbf8b060e 1434eec0 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in erspan_build_header
2022/07/03 03:27 https://github.com/google/kmsan.git master ec1cbf8b060e 1434eec0 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in erspan_build_header
2022/06/22 00:55 https://github.com/google/kmsan.git master 4b28366af7d9 0fc5c330 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in erspan_build_header
2022/06/21 12:20 https://github.com/google/kmsan.git master 7516e1b6d801 0fc5c330 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in erspan_build_header
2022/06/19 05:57 https://github.com/google/kmsan.git master fb61e40b30d1 8f633d84 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in erspan_build_header
2022/05/19 17:38 https://github.com/google/kmsan.git master c5c93da9af13 50c53f39 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in erspan_build_header
2022/05/19 17:38 https://github.com/google/kmsan.git master c5c93da9af13 50c53f39 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in erspan_build_header
2022/05/09 19:15 https://github.com/google/kmsan.git master d6e2c8c7eb40 8b277b8e .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in erspan_build_header
2022/04/26 18:49 https://github.com/google/kmsan.git master e8cbf4e6e3e8 1fa34c1b .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in erspan_build_header
2022/04/23 01:57 https://github.com/google/kmsan.git master b834db009dc5 131df97d .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in erspan_build_header
2022/04/23 00:56 https://github.com/google/kmsan.git master b834db009dc5 131df97d .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in erspan_build_header
2022/04/20 20:32 https://github.com/google/kmsan.git master 33d9269ef6e0 160a3f31 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in erspan_build_header
2022/04/15 09:06 https://github.com/google/kmsan.git master 33d9269ef6e0 b17b2923 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in erspan_build_header
2022/04/06 23:35 https://github.com/google/kmsan.git master 33d9269ef6e0 97582466 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in erspan_build_header
2022/04/05 04:46 https://github.com/google/kmsan.git master 33d9269ef6e0 5915c2cb .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in erspan_build_header
2022/03/29 19:38 https://github.com/google/kmsan.git master 1978a14f70af 6bdac766 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in erspan_build_header
2022/03/19 11:54 https://github.com/google/kmsan.git master 97c7732c2bb6 e2d91b1d .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in erspan_build_header
2022/02/25 23:52 https://github.com/google/kmsan.git master 724946410067 45a13a73 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in erspan_build_header
2022/02/25 18:00 https://github.com/google/kmsan.git master 724946410067 7c337266 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in erspan_build_header
2022/02/01 07:46 https://github.com/google/kmsan.git master 85cfd6e539bd 6b7c57fe .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in erspan_build_header
2022/01/27 00:14 https://github.com/google/kmsan.git master 85cfd6e539bd 2cbffd88 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in erspan_build_header
2022/01/27 00:11 https://github.com/google/kmsan.git master 85cfd6e539bd 2cbffd88 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in erspan_build_header
2022/01/25 04:19 https://github.com/google/kmsan.git master 85cfd6e539bd 2cbffd88 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in erspan_build_header
2021/12/07 20:33 https://github.com/google/kmsan.git master 8b936c96768e 0230ba3e .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in erspan_build_header
* Struck through repros no longer work on HEAD.