syzbot

 sign-in | mailing list | source | docs
🐞 Open [1161] Subsystems 🐞 Fixed [4413] 🐞 Invalid [9934] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

KMSAN: uninit-value in strstr

Status: upstream: reported C repro on 2020/07/25 18:13
Subsystems: tipc (incorrect?)
Reported-by: syzbot+a73d24a22eeeebe5f244@syzkaller.appspotmail.com
First crash: 979d, last: 3d06h
similar bugs (4):
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KMSAN: uninit-value in fib_get_nhs net C 14 405d 476d 22/24 fixed on 2022/03/08 16:11
upstream KMSAN: kernel-infoleak in _copy_to_iter (7) net C 138977 34d 386d 24/24 fixed on 2023/02/24 13:50
upstream KMSAN: uninit-value in __tipc_nl_bearer_enable tipc C 1288 35d 1563d 24/24 fixed on 2023/02/24 13:50
upstream KMSAN: uninit-value in tipc_nl_compat_name_table_dump (3) tipc C 65 131d 147d 24/24 fixed on 2023/02/24 13:51
Last patch testing requests:
Created Duration User Patch Repo Result
2021/05/08 22:57 20m phil@philpotter.co.uk patch https://github.com/google/kmsan.git master OK
2021/05/04 23:48 25m phil@philpotter.co.uk https://github.com/google/kmsan.git master report log
2021/04/15 09:21 14m phil@philpotter.co.uk https://github.com/google/kmsan.git master report log
2020/10/31 23:48 15m anant.thazhemadam@gmail.com https://github.com/google/kmsan.git master report log
2020/09/04 01:06 12m dragonjetli@gmail.com patch https://github.com/google/kmsan.git master report log
2020/09/02 23:45 12m dragonjetli@gmail.com https://github.com/google/kmsan.git master report log

Sample crash report:
netlink: 12 bytes leftover after parsing attributes in process `syz-executor391'.
=====================================================
BUG: KMSAN: uninit-value in strlen lib/string.c:418 [inline]
BUG: KMSAN: uninit-value in strstr+0xb4/0x2e0 lib/string.c:758
 strlen lib/string.c:418 [inline]
 strstr+0xb4/0x2e0 lib/string.c:758
 tipc_nl_node_reset_link_stats+0x41e/0xba0 net/tipc/node.c:2595
 genl_family_rcv_msg_doit net/netlink/genetlink.c:968 [inline]
 genl_family_rcv_msg net/netlink/genetlink.c:1048 [inline]
 genl_rcv_msg+0x1447/0x14e0 net/netlink/genetlink.c:1065
 netlink_rcv_skb+0x3f1/0x750 net/netlink/af_netlink.c:2564
 genl_rcv+0x3c/0x50 net/netlink/genetlink.c:1076
 netlink_unicast_kernel net/netlink/af_netlink.c:1330 [inline]
 netlink_unicast+0xf3b/0x1270 net/netlink/af_netlink.c:1356
 netlink_sendmsg+0x127d/0x1430 net/netlink/af_netlink.c:1932
 sock_sendmsg_nosec net/socket.c:714 [inline]
 sock_sendmsg net/socket.c:734 [inline]
 ____sys_sendmsg+0xa8e/0xe70 net/socket.c:2476
 ___sys_sendmsg+0x2a1/0x3f0 net/socket.c:2530
 __sys_sendmsg net/socket.c:2559 [inline]
 __do_sys_sendmsg net/socket.c:2568 [inline]
 __se_sys_sendmsg net/socket.c:2566 [inline]
 __x64_sys_sendmsg+0x367/0x540 net/socket.c:2566
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x3d/0xb0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x63/0xcd

Uninit was created at:
 slab_post_alloc_hook mm/slab.h:766 [inline]
 slab_alloc_node mm/slub.c:3452 [inline]
 __kmem_cache_alloc_node+0x71f/0xce0 mm/slub.c:3491
 __do_kmalloc_node mm/slab_common.c:967 [inline]
 __kmalloc_node_track_caller+0x114/0x3b0 mm/slab_common.c:988
 kmalloc_reserve net/core/skbuff.c:492 [inline]
 __alloc_skb+0x3af/0x8f0 net/core/skbuff.c:565
 alloc_skb include/linux/skbuff.h:1270 [inline]
 netlink_alloc_large_skb net/netlink/af_netlink.c:1202 [inline]
 netlink_sendmsg+0xb66/0x1430 net/netlink/af_netlink.c:1907
 sock_sendmsg_nosec net/socket.c:714 [inline]
 sock_sendmsg net/socket.c:734 [inline]
 ____sys_sendmsg+0xa8e/0xe70 net/socket.c:2476
 ___sys_sendmsg+0x2a1/0x3f0 net/socket.c:2530
 __sys_sendmsg net/socket.c:2559 [inline]
 __do_sys_sendmsg net/socket.c:2568 [inline]
 __se_sys_sendmsg net/socket.c:2566 [inline]
 __x64_sys_sendmsg+0x367/0x540 net/socket.c:2566
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x3d/0xb0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x63/0xcd

CPU: 0 PID: 5025 Comm: syz-executor391 Not tainted 6.2.0-rc5-syzkaller-80200-g41c66f470616 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/12/2023
=====================================================

Crashes (114):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets Title
ci-upstream-kmsan-gce 2023/01/31 18:35 https://github.com/google/kmsan.git master 41c66f470616 9dfcf09c .config strace log report syz C [disk image] [vmlinux] [kernel image] KMSAN: uninit-value in strstr
ci-upstream-kmsan-gce 2022/10/15 10:20 https://github.com/google/kmsan.git master 968c2729e576 67cb024c .config strace log report syz C [disk image] [vmlinux] KMSAN: uninit-value in strstr
ci-upstream-kmsan-gce 2022/06/26 19:57 https://github.com/google/kmsan.git master 4b28366af7d9 a371c43c .config strace log report syz C KMSAN: uninit-value in strstr
ci-upstream-kmsan-gce 2020/07/26 21:42 https://github.com/google/kmsan.git master 93f54a72361a 51265195 .config console log report syz C
ci-upstream-kmsan-gce 2023/03/24 00:24 https://github.com/google/kmsan.git master 90ea0df61c98 f94b4a29 .config console log report info [disk image] [vmlinux] [kernel image] KMSAN: uninit-value in strstr
ci-upstream-kmsan-gce 2023/03/21 19:31 https://github.com/google/kmsan.git master 90ea0df61c98 03fb9538 .config console log report info [disk image] [vmlinux] [kernel image] KMSAN: uninit-value in strstr
ci-upstream-kmsan-gce 2023/03/13 07:18 https://github.com/google/kmsan.git master e61893130d87 5205ef30 .config console log report info [disk image] [vmlinux] [kernel image] KMSAN: uninit-value in strstr
ci-upstream-kmsan-gce 2023/03/12 16:24 https://github.com/google/kmsan.git master e61893130d87 5205ef30 .config console log report info [disk image] [vmlinux] [kernel image] KMSAN: uninit-value in strstr
ci-upstream-kmsan-gce 2023/03/02 23:39 https://github.com/google/kmsan.git master 944070199c5e f8902b57 .config console log report info [disk image] [vmlinux] [kernel image] KMSAN: uninit-value in strstr
ci-upstream-kmsan-gce 2023/02/07 04:36 https://github.com/google/kmsan.git master eda666ff2276 0a9c11b6 .config console log report info [disk image] [vmlinux] [kernel image] KMSAN: uninit-value in strstr
ci-upstream-kmsan-gce 2023/02/03 06:52 https://github.com/google/kmsan.git master eda666ff2276 16d19e30 .config console log report info [disk image] [vmlinux] [kernel image] KMSAN: uninit-value in strstr
ci-upstream-kmsan-gce 2023/01/31 17:34 https://github.com/google/kmsan.git master 41c66f470616 9dfcf09c .config console log report info [disk image] [vmlinux] [kernel image] KMSAN: uninit-value in strstr
ci-upstream-kmsan-gce 2023/01/17 10:04 https://github.com/google/kmsan.git master e919e2b1bc1c a63719e7 .config console log report info [disk image] [vmlinux] [kernel image] KMSAN: uninit-value in strstr
ci-upstream-kmsan-gce 2023/01/16 04:19 https://github.com/google/kmsan.git master e919e2b1bc1c a63719e7 .config console log report info [disk image] [vmlinux] [kernel image] KMSAN: uninit-value in strstr
ci-upstream-kmsan-gce 2023/01/11 20:44 https://github.com/google/kmsan.git master 80383273f7a0 96166539 .config console log report info [disk image] [vmlinux] [kernel image] KMSAN: uninit-value in strstr
ci-upstream-kmsan-gce 2022/10/17 12:14 https://github.com/google/kmsan.git master 968c2729e576 67cb024c .config console log report info [disk image] [vmlinux] KMSAN: uninit-value in strstr
ci-upstream-kmsan-gce 2022/10/15 09:34 https://github.com/google/kmsan.git master 968c2729e576 67cb024c .config console log report info [disk image] [vmlinux] KMSAN: uninit-value in strstr
ci-upstream-kmsan-gce 2022/10/03 15:16 https://github.com/google/kmsan.git master 968c2729e576 feb56351 .config console log report info KMSAN: uninit-value in strstr
ci-upstream-kmsan-gce 2022/10/01 05:14 https://github.com/google/kmsan.git master 968c2729e576 feb56351 .config console log report info KMSAN: uninit-value in strstr
ci-upstream-kmsan-gce 2022/09/19 23:22 https://github.com/google/kmsan.git master 8f4ae27df775 dd9a85ff .config console log report info KMSAN: uninit-value in strstr
ci-upstream-kmsan-gce 2022/09/14 09:06 https://github.com/google/kmsan.git master faf04f9bcf05 b884348d .config console log report info KMSAN: uninit-value in strstr
ci-upstream-kmsan-gce 2022/08/22 12:59 https://github.com/google/kmsan.git master 1b070a5d1a2c 26a13b38 .config console log report info KMSAN: uninit-value in strstr
ci-upstream-kmsan-gce 2022/08/22 07:03 https://github.com/google/kmsan.git master 1b070a5d1a2c 26a13b38 .config console log report info KMSAN: uninit-value in strstr
ci-upstream-kmsan-gce 2022/08/21 23:55 https://github.com/google/kmsan.git master 1b070a5d1a2c 26a13b38 .config console log report info KMSAN: uninit-value in strstr
ci-upstream-kmsan-gce 2022/08/14 01:11 https://github.com/google/kmsan.git master 1b070a5d1a2c 8dfcaa3d .config console log report info KMSAN: uninit-value in strstr
ci-upstream-kmsan-gce 2022/08/11 05:05 https://github.com/google/kmsan.git master 1b070a5d1a2c a6201f11 .config console log report info KMSAN: uninit-value in strstr
ci-upstream-kmsan-gce 2022/08/07 06:25 https://github.com/google/kmsan.git master bba47a4b6421 88e3a122 .config console log report info KMSAN: uninit-value in strstr
ci-upstream-kmsan-gce 2022/07/12 09:08 https://github.com/google/kmsan.git master 97117d69c353 da3d6955 .config console log report info KMSAN: uninit-value in strstr
ci-upstream-kmsan-gce 2022/06/26 18:50 https://github.com/google/kmsan.git master 4b28366af7d9 a371c43c .config console log report info KMSAN: uninit-value in strstr
ci-upstream-kmsan-gce 2023/03/28 00:25 https://github.com/google/kmsan.git master 90ea0df61c98 47f3aaf1 .config console log report info [disk image] [vmlinux] [kernel image] KMSAN: uninit-value in __tipc_nl_bearer_enable
ci-upstream-kmsan-gce 2023/03/24 05:37 https://github.com/google/kmsan.git master 90ea0df61c98 f94b4a29 .config console log report info [disk image] [vmlinux] [kernel image] KMSAN: uninit-value in __tipc_nl_bearer_enable
ci-upstream-kmsan-gce 2023/03/22 13:02 https://github.com/google/kmsan.git master 90ea0df61c98 d846e076 .config console log report info [disk image] [vmlinux] [kernel image] KMSAN: uninit-value in __tipc_nl_bearer_enable
ci-upstream-kmsan-gce 2023/03/20 20:58 https://github.com/google/kmsan.git master 90ea0df61c98 7939252e .config console log report info [disk image] [vmlinux] [kernel image] KMSAN: uninit-value in __tipc_nl_bearer_enable
ci-upstream-kmsan-gce 2023/03/20 19:08 https://github.com/google/kmsan.git master 90ea0df61c98 7939252e .config console log report info [disk image] [vmlinux] [kernel image] KMSAN: uninit-value in __tipc_nl_bearer_enable
ci-upstream-kmsan-gce 2023/03/20 06:05 https://github.com/google/kmsan.git master 34add094f9de 7939252e .config console log report info [disk image] [vmlinux] [kernel image] KMSAN: uninit-value in __tipc_nl_bearer_enable
ci-upstream-kmsan-gce 2023/03/19 08:26 https://github.com/google/kmsan.git master 34add094f9de 7939252e .config console log report info [disk image] [vmlinux] [kernel image] KMSAN: uninit-value in __tipc_nl_bearer_enable
ci-upstream-kmsan-gce 2023/03/18 12:38 https://github.com/google/kmsan.git master 34add094f9de 7939252e .config console log report info [disk image] [vmlinux] [kernel image] KMSAN: uninit-value in __tipc_nl_bearer_enable
ci-upstream-kmsan-gce 2023/03/17 16:37 https://github.com/google/kmsan.git master 34add094f9de 18b58603 .config console log report info [disk image] [vmlinux] [kernel image] KMSAN: uninit-value in __tipc_nl_bearer_enable
ci-upstream-kmsan-gce 2023/03/17 04:32 https://github.com/google/kmsan.git master 34add094f9de 18b58603 .config console log report info [disk image] [vmlinux] [kernel image] KMSAN: uninit-value in __tipc_nl_bearer_enable
ci-upstream-kmsan-gce 2023/03/15 18:46 https://github.com/google/kmsan.git master 34add094f9de 18b58603 .config console log report info [disk image] [vmlinux] [kernel image] KMSAN: uninit-value in __tipc_nl_bearer_enable
ci-upstream-kmsan-gce 2023/03/13 20:07 https://github.com/google/kmsan.git master 34add094f9de 026e2200 .config console log report info [disk image] [vmlinux] [kernel image] KMSAN: uninit-value in __tipc_nl_bearer_enable
ci-upstream-kmsan-gce 2023/03/10 19:07 https://github.com/google/kmsan.git master e61893130d87 5205ef30 .config console log report info [disk image] [vmlinux] [kernel image] KMSAN: uninit-value in __tipc_nl_bearer_enable
ci-upstream-kmsan-gce 2023/03/10 16:43 https://github.com/google/kmsan.git master e61893130d87 5205ef30 .config console log report info [disk image] [vmlinux] [kernel image] KMSAN: uninit-value in __tipc_nl_bearer_enable
ci-upstream-kmsan-gce 2023/03/08 17:29 https://github.com/google/kmsan.git master e61893130d87 d2b00170 .config console log report info [disk image] [vmlinux] [kernel image] KMSAN: uninit-value in __tipc_nl_bearer_enable
ci-upstream-kmsan-gce 2023/03/04 02:41 https://github.com/google/kmsan.git master 944070199c5e f8902b57 .config console log report info [disk image] [vmlinux] [kernel image] KMSAN: uninit-value in __tipc_nl_bearer_enable
ci-upstream-kmsan-gce 2023/03/02 11:38 https://github.com/google/kmsan.git master 944070199c5e f8902b57 .config console log report info [disk image] [vmlinux] [kernel image] KMSAN: uninit-value in __tipc_nl_bearer_enable
ci-upstream-kmsan-gce 2023/03/02 05:01 https://github.com/google/kmsan.git master 944070199c5e f8902b57 .config console log report info [disk image] [vmlinux] [kernel image] KMSAN: uninit-value in __tipc_nl_bearer_enable
ci-upstream-kmsan-gce 2023/02/26 04:03 https://github.com/google/kmsan.git master 97e36f4aa06f ee50e71c .config console log report info [disk image] [vmlinux] [kernel image] KMSAN: uninit-value in __tipc_nl_bearer_enable
ci-upstream-kmsan-gce 2020/07/24 18:02 https://github.com/google/kmsan.git master 93f54a72361a 554af388 .config console log report
ci-upstream-kmsan-gce-386 2023/03/23 10:47 https://github.com/google/kmsan.git master 90ea0df61c98 f94b4a29 .config console log report info [disk image] [vmlinux] [kernel image] KMSAN: uninit-value in bpf_sk_storage_diag_alloc
ci-upstream-kmsan-gce-386 2023/03/11 11:25 https://github.com/google/kmsan.git master e61893130d87 5205ef30 .config console log report info [disk image] [vmlinux] [kernel image] KMSAN: uninit-value in bpf_sk_storage_diag_alloc
ci-upstream-kmsan-gce-386 2023/02/27 17:31 https://github.com/google/kmsan.git master 97e36f4aa06f e792ae78 .config console log report info [disk image] [vmlinux] [kernel image] KMSAN: uninit-value in bpf_sk_storage_diag_alloc
ci-upstream-kmsan-gce-386 2021/01/04 15:52 https://github.com/google/kmsan.git master 73d62e81b476 79264ae3 .config console log report info
* Struck through repros no longer work on HEAD.