syzbot

 sign-in | mailing list | source | docs
🐞 Open [1165] 🐞 Fixed [4324] 🐞 Invalid [9670] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes

KMSAN: uninit-value in p9pdu_readf

Status: fixed on 2022/03/08 16:11
Reported-by: syzbot+06472778c97ed94af66d@syzkaller.appspotmail.com
Fix commit: 27eb4c3144f7 9p/net: fix missing error check in p9_check_errors
First crash: 489d, last: 371d
similar bugs (7):
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KMSAN: uninit-value in kallsyms_lookup_buildid C 232 130d 406d 0/24 closed as invalid on 2022/11/03 10:09
upstream KMSAN: uninit-value in seq_printf (2) C 99 237d 503d 0/24 auto-closed as invalid on 2022/09/30 02:43
upstream KMSAN: uninit-value in hid_connect C 176 97d 447d 0/24 closed as invalid on 2022/11/03 08:52
upstream KMSAN: uninit-value in number (4) C 7189 76d 454d 0/24 closed as invalid on 2022/11/28 10:01
upstream KMSAN: uninit-value in preempt_count_add C 6657 121d 121d 0/24 closed as invalid on 2022/10/10 13:29
upstream KMSAN: kernel-infoleak in _copy_to_iter (7) btrfs ntfs3 erofs udf C 137386 22m 335d 23/24 internal: reported C repro on 2022/03/09 07:32
upstream KMSAN: uninit-value in asix_mdio_read (3) C 1582 266d 331d 23/24 upstream: reported C repro on 2022/03/13 07:35

Sample crash report:
=====================================================
BUG: KMSAN: uninit-value in p9pdu_vreadf net/9p/protocol.c:135 [inline]
BUG: KMSAN: uninit-value in p9pdu_readf+0x463f/0x4f70 net/9p/protocol.c:526
 p9pdu_vreadf net/9p/protocol.c:135 [inline]
 p9pdu_readf+0x463f/0x4f70 net/9p/protocol.c:526
 p9pdu_vreadf net/9p/protocol.c:312 [inline]
 p9pdu_readf+0x1cbe/0x4f70 net/9p/protocol.c:526
 p9_client_getattr_dotl+0x2da/0x7f0 net/9p/client.c:1768
 v9fs_mount+0xf11/0x1460 fs/9p/vfs_super.c:160
 legacy_get_tree+0x163/0x2e0 fs/fs_context.c:610
 vfs_get_tree+0xd8/0x5d0 fs/super.c:1500
 do_new_mount+0x7b5/0x16f0 fs/namespace.c:2988
 path_mount+0x1021/0x28b0 fs/namespace.c:3318
 do_mount fs/namespace.c:3331 [inline]
 __do_sys_mount fs/namespace.c:3539 [inline]
 __se_sys_mount+0x8a8/0x9d0 fs/namespace.c:3516
 __ia32_sys_mount+0x157/0x1b0 fs/namespace.c:3516
 do_syscall_32_irqs_on arch/x86/entry/common.c:114 [inline]
 __do_fast_syscall_32+0x96/0xf0 arch/x86/entry/common.c:180
 do_fast_syscall_32+0x34/0x70 arch/x86/entry/common.c:205
 do_SYSENTER_32+0x1b/0x20 arch/x86/entry/common.c:248
 entry_SYSENTER_compat_after_hwframe+0x4d/0x5c

Local variable rf created at:
 __schedule+0x53/0x20a0 kernel/sched/core.c:6136
 schedule+0x269/0x350 kernel/sched/core.c:6326

CPU: 1 PID: 6099 Comm: syz-executor.4 Not tainted 5.16.0-rc5-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
=====================================================

Crashes (14):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets Title
ci-upstream-kmsan-gce-386 2022/02/01 14:51 https://github.com/google/kmsan.git master 85cfd6e539bd c1c1631d .config console log report info KMSAN: uninit-value in p9pdu_readf
ci-upstream-kmsan-gce-386 2022/01/18 13:02 https://github.com/google/kmsan.git master fa3879a274df 731a2d23 .config console log report info KMSAN: uninit-value in p9pdu_readf
ci-upstream-kmsan-gce-386 2022/01/12 18:40 https://github.com/google/kmsan.git master fa3879a274df 44d1319a .config console log report info KMSAN: uninit-value in p9pdu_readf
ci-upstream-kmsan-gce-386 2022/01/09 08:28 https://github.com/google/kmsan.git master 81c325bbf94e 2ca0d385 .config console log report info KMSAN: uninit-value in p9pdu_readf
ci-upstream-kmsan-gce-386 2022/01/04 13:01 https://github.com/google/kmsan.git master 81c325bbf94e 7f723fbe .config console log report info KMSAN: uninit-value in p9pdu_readf
ci-upstream-kmsan-gce-386 2021/12/31 23:32 https://github.com/google/kmsan.git master 81c325bbf94e e1768e9c .config console log report info KMSAN: uninit-value in p9pdu_readf
ci-upstream-kmsan-gce-386 2021/12/22 22:24 https://github.com/google/kmsan.git master 81c325bbf94e 6caa12e4 .config console log report info KMSAN: uninit-value in p9pdu_readf
ci-upstream-kmsan-gce-386 2021/12/20 08:12 https://github.com/google/kmsan.git master b0a8b5053e8b 021b36cb .config console log report info KMSAN: uninit-value in p9pdu_readf
ci-upstream-kmsan-gce-386 2021/12/17 11:00 https://github.com/google/kmsan.git master b0a8b5053e8b 44068e19 .config console log report info KMSAN: uninit-value in p9pdu_readf
ci-upstream-kmsan-gce-386 2021/12/10 01:56 https://github.com/google/kmsan.git master 8b936c96768e 4d4ce9bc .config console log report info KMSAN: uninit-value in p9pdu_readf
ci-upstream-kmsan-gce-386 2021/10/25 22:28 https://github.com/google/kmsan.git master 0f36cda66082 4f0000ee .config console log report info KMSAN: uninit-value in p9pdu_readf
ci-upstream-kmsan-gce-386 2021/10/17 07:31 https://github.com/google/kmsan.git master d6493d2046c4 0c5d9412 .config console log report info KMSAN: uninit-value in p9pdu_readf
ci-upstream-kmsan-gce-386 2021/10/15 07:22 https://github.com/google/kmsan.git master c7f84f4e1147 aab7690b .config console log report info KMSAN: uninit-value in p9pdu_readf
ci-upstream-kmsan-gce-386 2021/10/05 22:19 https://github.com/google/kmsan.git master c7f84f4e1147 0a63fd36 .config console log report info KMSAN: uninit-value in p9pdu_readf
* Struck through repros no longer work on HEAD.