syzbot

 sign-in | mailing list | source | docs
🐞 Open [970] 🐞 Fixed [3880] 🐞 Invalid [8364] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes

KMSAN: uninit-value in p9pdu_vwritef

Status: upstream: reported on 2022/01/07 12:50
Reported-by: syzbot+99f920ef970b8c366bfe@syzkaller.appspotmail.com
First crash: 199d, last: 15h30m
similar bugs (3):
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KMSAN: uninit-value in __vmalloc_node_range 5 168d 213d 0/22 auto-closed as invalid on 2022/04/17 19:38
upstream KMSAN: kernel-infoleak in _copy_to_iter (6) C 748 118d 207d 22/22 fixed on 2022/03/08 16:11
upstream KMSAN: uninit-value in esp6_init_state 2 169d 217d 0/22 auto-closed as invalid on 2022/04/16 22:31

Sample crash report:
=====================================================
BUG: KMSAN: uninit-value in check_copy_size include/linux/thread_info.h:233 [inline]
BUG: KMSAN: uninit-value in copy_from_iter include/linux/uio.h:168 [inline]
BUG: KMSAN: uninit-value in copy_from_iter_full include/linux/uio.h:177 [inline]
BUG: KMSAN: uninit-value in pdu_write_u net/9p/protocol.c:68 [inline]
BUG: KMSAN: uninit-value in p9pdu_vwritef+0x457a/0x4cf0 net/9p/protocol.c:439
 check_copy_size include/linux/thread_info.h:233 [inline]
 copy_from_iter include/linux/uio.h:168 [inline]
 copy_from_iter_full include/linux/uio.h:177 [inline]
 pdu_write_u net/9p/protocol.c:68 [inline]
 p9pdu_vwritef+0x457a/0x4cf0 net/9p/protocol.c:439
 p9_client_prepare_req+0xf0a/0x1710 net/9p/client.c:703
 p9_client_rpc+0x295/0x14a0 net/9p/client.c:734
 p9_client_write+0x670/0xf70 net/9p/client.c:1667
 v9fs_fid_xattr_set+0x3aa/0x530 fs/9p/xattr.c:130
 v9fs_xattr_set fs/9p/xattr.c:100 [inline]
 v9fs_xattr_handler_set+0x1b8/0x220 fs/9p/xattr.c:159
 __vfs_setxattr+0x8d4/0x920 fs/xattr.c:180
 __vfs_setxattr_noperm+0x38c/0xe80 fs/xattr.c:214
 __vfs_setxattr_locked+0x627/0x690 fs/xattr.c:275
 vfs_setxattr+0x444/0x7b0 fs/xattr.c:301
 setxattr+0x43a/0x800 fs/xattr.c:576
 path_setxattr+0x30e/0x540 fs/xattr.c:596
 __do_sys_setxattr fs/xattr.c:612 [inline]
 __se_sys_setxattr fs/xattr.c:608 [inline]
 __ia32_sys_setxattr+0x15f/0x1c0 fs/xattr.c:608
 do_syscall_32_irqs_on arch/x86/entry/common.c:112 [inline]
 __do_fast_syscall_32+0x95/0xf0 arch/x86/entry/common.c:178
 do_fast_syscall_32+0x33/0x70 arch/x86/entry/common.c:203
 do_SYSENTER_32+0x1b/0x20 arch/x86/entry/common.c:246
 entry_SYSENTER_compat_after_hwframe+0x4d/0x5c

Uninit was created at:
 slab_post_alloc_hook mm/slab.h:754 [inline]
 slab_alloc_node mm/slub.c:3231 [inline]
 slab_alloc mm/slub.c:3239 [inline]
 kmem_cache_alloc_trace+0xa8e/0x10f0 mm/slub.c:3270
 kmalloc include/linux/slab.h:581 [inline]
 p9_fid_create+0x81/0x470 net/9p/client.c:892
 p9_client_walk+0x161/0xe30 net/9p/client.c:1180
 clone_fid fs/9p/fid.h:21 [inline]
 v9fs_fid_xattr_set+0x248/0x530 fs/9p/xattr.c:118
 v9fs_xattr_set fs/9p/xattr.c:100 [inline]
 v9fs_xattr_handler_set+0x1b8/0x220 fs/9p/xattr.c:159
 __vfs_setxattr+0x8d4/0x920 fs/xattr.c:180
 __vfs_setxattr_noperm+0x38c/0xe80 fs/xattr.c:214
 __vfs_setxattr_locked+0x627/0x690 fs/xattr.c:275
 vfs_setxattr+0x444/0x7b0 fs/xattr.c:301
 setxattr+0x43a/0x800 fs/xattr.c:576
 path_setxattr+0x30e/0x540 fs/xattr.c:596
 __do_sys_setxattr fs/xattr.c:612 [inline]
 __se_sys_setxattr fs/xattr.c:608 [inline]
 __ia32_sys_setxattr+0x15f/0x1c0 fs/xattr.c:608
 do_syscall_32_irqs_on arch/x86/entry/common.c:112 [inline]
 __do_fast_syscall_32+0x95/0xf0 arch/x86/entry/common.c:178
 do_fast_syscall_32+0x33/0x70 arch/x86/entry/common.c:203
 do_SYSENTER_32+0x1b/0x20 arch/x86/entry/common.c:246
 entry_SYSENTER_compat_after_hwframe+0x4d/0x5c

CPU: 0 PID: 14039 Comm: syz-executor.2 Not tainted 5.18.0-syzkaller-16253-g2f3064574275 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
=====================================================

Crashes (320):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Title
ci-upstream-kmsan-gce-386 2022/06/16 03:41 https://github.com/google/kmsan.git master 2f3064574275 1719ee24 .config log report info KMSAN: uninit-value in p9pdu_vwritef
ci-upstream-kmsan-gce-386 2022/06/16 01:33 https://github.com/google/kmsan.git master 2f3064574275 1719ee24 .config log report info KMSAN: uninit-value in p9pdu_vwritef
ci-upstream-kmsan-gce-386 2022/06/15 13:35 https://github.com/google/kmsan.git master 2f3064574275 127d1faf .config log report info KMSAN: uninit-value in p9pdu_vwritef
ci-upstream-kmsan-gce-386 2022/06/14 23:20 https://github.com/google/kmsan.git master 2f3064574275 127d1faf .config log report info KMSAN: uninit-value in p9pdu_vwritef
ci-upstream-kmsan-gce-386 2022/06/14 20:13 https://github.com/google/kmsan.git master 2f3064574275 127d1faf .config log report info KMSAN: uninit-value in p9pdu_vwritef
ci-upstream-kmsan-gce-386 2022/06/14 13:39 https://github.com/google/kmsan.git master 2f3064574275 0f087040 .config log report info KMSAN: uninit-value in p9pdu_vwritef
ci-upstream-kmsan-gce-386 2022/06/14 10:11 https://github.com/google/kmsan.git master 2f3064574275 0f087040 .config log report info KMSAN: uninit-value in p9pdu_vwritef
ci-upstream-kmsan-gce-386 2022/01/04 18:44 https://github.com/google/kmsan.git master 81c325bbf94e 0a2584dd .config log report info KMSAN: uninit-value in p9pdu_vwritef
ci-upstream-kmsan-gce-386 2021/12/31 19:16 https://github.com/google/kmsan.git master 81c325bbf94e e1768e9c .config log report info KMSAN: uninit-value in p9pdu_vwritef
ci-upstream-kmsan-gce-386 2021/12/17 11:06 https://github.com/google/kmsan.git master b0a8b5053e8b 44068e19 .config log report info KMSAN: uninit-value in p9pdu_vwritef
ci-upstream-kmsan-gce-386 2022/07/04 08:50 https://github.com/google/kmsan.git master ec1cbf8b060e 1434eec0 .config log report info KMSAN: uninit-value in p9_client_write
ci-upstream-kmsan-gce-386 2022/07/03 22:18 https://github.com/google/kmsan.git master ec1cbf8b060e 1434eec0 .config log report info KMSAN: uninit-value in p9_client_write
ci-upstream-kmsan-gce-386 2022/07/03 16:44 https://github.com/google/kmsan.git master ec1cbf8b060e 1434eec0 .config log report info KMSAN: uninit-value in p9_client_write
ci-upstream-kmsan-gce-386 2022/07/03 15:00 https://github.com/google/kmsan.git master ec1cbf8b060e 1434eec0 .config log report info KMSAN: uninit-value in p9_client_write
ci-upstream-kmsan-gce-386 2022/07/02 10:46 https://github.com/google/kmsan.git master ec1cbf8b060e 1434eec0 .config log report info KMSAN: uninit-value in p9_client_write
ci-upstream-kmsan-gce-386 2022/07/02 00:51 https://github.com/google/kmsan.git master ec1cbf8b060e 1434eec0 .config log report info KMSAN: uninit-value in p9_client_write
ci-upstream-kmsan-gce-386 2022/07/01 20:57 https://github.com/google/kmsan.git master ec1cbf8b060e 1434eec0 .config log report info KMSAN: uninit-value in p9_client_write
ci-upstream-kmsan-gce-386 2022/07/01 12:11 https://github.com/google/kmsan.git master ec1cbf8b060e 1434eec0 .config log report info KMSAN: uninit-value in p9_client_read_once
ci-upstream-kmsan-gce-386 2022/07/01 10:34 https://github.com/google/kmsan.git master ec1cbf8b060e 1434eec0 .config log report info KMSAN: uninit-value in p9_client_write
ci-upstream-kmsan-gce-386 2022/07/01 05:30 https://github.com/google/kmsan.git master ec1cbf8b060e 1434eec0 .config log report info KMSAN: uninit-value in p9_client_write
ci-upstream-kmsan-gce-386 2022/07/01 04:25 https://github.com/google/kmsan.git master ec1cbf8b060e 1434eec0 .config log report info KMSAN: uninit-value in p9_client_read_once
ci-upstream-kmsan-gce-386 2022/06/30 23:10 https://github.com/google/kmsan.git master ec1cbf8b060e 1434eec0 .config log report info KMSAN: uninit-value in p9_client_write
ci-upstream-kmsan-gce-386 2022/06/30 18:38 https://github.com/google/kmsan.git master ec1cbf8b060e 1434eec0 .config log report info KMSAN: uninit-value in p9_client_write
ci-upstream-kmsan-gce-386 2022/06/30 12:23 https://github.com/google/kmsan.git master ec1cbf8b060e 1434eec0 .config log report info KMSAN: uninit-value in p9_client_write
ci-upstream-kmsan-gce-386 2022/06/30 10:13 https://github.com/google/kmsan.git master ec1cbf8b060e 1434eec0 .config log report info KMSAN: uninit-value in p9_client_write
ci-upstream-kmsan-gce-386 2022/06/29 22:56 https://github.com/google/kmsan.git master ec1cbf8b060e 1434eec0 .config log report info KMSAN: uninit-value in p9_client_write
ci-upstream-kmsan-gce-386 2022/06/29 12:51 https://github.com/google/kmsan.git master ec1cbf8b060e 496a8536 .config log report info KMSAN: uninit-value in p9_client_read_once
ci-upstream-kmsan-gce-386 2022/06/29 00:12 https://github.com/google/kmsan.git master ec1cbf8b060e 496a8536 .config log report info KMSAN: uninit-value in p9_client_write
ci-upstream-kmsan-gce-386 2022/06/28 22:18 https://github.com/google/kmsan.git master ec1cbf8b060e 496a8536 .config log report info KMSAN: uninit-value in p9_client_write
ci-upstream-kmsan-gce-386 2022/06/28 14:59 https://github.com/google/kmsan.git master ec1cbf8b060e ef82eb2c .config log report info KMSAN: uninit-value in p9_client_write
ci-upstream-kmsan-gce-386 2022/06/28 12:23 https://github.com/google/kmsan.git master d60755a5e2cb ef82eb2c .config log report info KMSAN: uninit-value in p9_client_write
ci-upstream-kmsan-gce-386 2022/06/28 10:15 https://github.com/google/kmsan.git master d60755a5e2cb ef82eb2c .config log report info KMSAN: uninit-value in p9_client_write
ci-upstream-kmsan-gce-386 2022/06/28 03:55 https://github.com/google/kmsan.git master d60755a5e2cb ef82eb2c .config log report info KMSAN: uninit-value in p9_client_write
ci-upstream-kmsan-gce-386 2022/06/28 02:53 https://github.com/google/kmsan.git master d60755a5e2cb ef82eb2c .config log report info KMSAN: uninit-value in p9_client_write
ci-upstream-kmsan-gce-386 2022/06/27 07:04 https://github.com/google/kmsan.git master 4b28366af7d9 a371c43c .config log report info KMSAN: uninit-value in p9_client_write
ci-upstream-kmsan-gce-386 2022/06/26 12:11 https://github.com/google/kmsan.git master 4b28366af7d9 a371c43c .config log report info KMSAN: uninit-value in p9_client_write
ci-upstream-kmsan-gce-386 2022/06/25 15:51 https://github.com/google/kmsan.git master 4b28366af7d9 a371c43c .config log report info KMSAN: uninit-value in p9_client_write
ci-upstream-kmsan-gce-386 2022/06/25 14:50 https://github.com/google/kmsan.git master 4b28366af7d9 a371c43c .config log report info KMSAN: uninit-value in p9_client_write
ci-upstream-kmsan-gce-386 2022/06/24 23:26 https://github.com/google/kmsan.git master 4b28366af7d9 a5dbd430 .config log report info KMSAN: uninit-value in p9_client_write
ci-upstream-kmsan-gce-386 2022/06/23 05:49 https://github.com/google/kmsan.git master 4b28366af7d9 912f5df7 .config log report info KMSAN: uninit-value in p9_client_write
ci-upstream-kmsan-gce-386 2022/06/22 08:05 https://github.com/google/kmsan.git master 4b28366af7d9 0fc5c330 .config log report info KMSAN: uninit-value in p9_client_write
ci-upstream-kmsan-gce-386 2022/06/22 02:24 https://github.com/google/kmsan.git master 4b28366af7d9 0fc5c330 .config log report info KMSAN: uninit-value in p9_client_write
ci-upstream-kmsan-gce-386 2022/06/22 02:24 https://github.com/google/kmsan.git master 4b28366af7d9 0fc5c330 .config log report info KMSAN: uninit-value in p9_client_write
ci-upstream-kmsan-gce-386 2022/06/21 12:42 https://github.com/google/kmsan.git master 7516e1b6d801 0fc5c330 .config log report info KMSAN: uninit-value in p9_client_write
ci-upstream-kmsan-gce-386 2022/06/21 00:48 https://github.com/google/kmsan.git master eb5e8c791e57 8d15e28d .config log report info KMSAN: uninit-value in p9_client_write
ci-upstream-kmsan-gce-386 2022/06/20 22:44 https://github.com/google/kmsan.git master eb5e8c791e57 8d15e28d .config log report info KMSAN: uninit-value in p9_client_write
ci-upstream-kmsan-gce-386 2022/06/18 15:36 https://github.com/google/kmsan.git master 365ac3bfacfb 8f633d84 .config log report info KMSAN: uninit-value in p9_client_write
ci-upstream-kmsan-gce-386 2022/06/18 14:32 https://github.com/google/kmsan.git master 365ac3bfacfb 8f633d84 .config log report info KMSAN: uninit-value in p9_client_write
ci-upstream-kmsan-gce-386 2022/06/18 14:27 https://github.com/google/kmsan.git master 365ac3bfacfb 8f633d84 .config log report info KMSAN: uninit-value in p9_client_write
ci-upstream-kmsan-gce-386 2022/06/18 11:55 https://github.com/google/kmsan.git master 365ac3bfacfb 8f633d84 .config log report info KMSAN: uninit-value in p9_client_write
ci-upstream-kmsan-gce-386 2022/06/18 01:57 https://github.com/google/kmsan.git master 2d0ce79ea812 cb58b3b2 .config log report info KMSAN: uninit-value in p9_client_write
ci-upstream-kmsan-gce-386 2022/06/18 00:01 https://github.com/google/kmsan.git master 2d0ce79ea812 cb58b3b2 .config log report info KMSAN: uninit-value in p9_client_write
ci-upstream-kmsan-gce-386 2022/06/17 22:28 https://github.com/google/kmsan.git master 2d0ce79ea812 cb58b3b2 .config log report info KMSAN: uninit-value in p9_client_write
ci-upstream-kmsan-gce-386 2022/06/17 20:35 https://github.com/google/kmsan.git master 2d0ce79ea812 cb58b3b2 .config log report info KMSAN: uninit-value in p9_client_write
ci-upstream-kmsan-gce-386 2022/06/17 19:03 https://github.com/google/kmsan.git master 2d0ce79ea812 cb58b3b2 .config log report info KMSAN: uninit-value in p9_client_read_once
ci-upstream-kmsan-gce-386 2022/06/17 13:02 https://github.com/google/kmsan.git master 2d0ce79ea812 cb58b3b2 .config log report info KMSAN: uninit-value in p9_client_read_once
ci-upstream-kmsan-gce-386 2022/06/15 07:54 https://github.com/google/kmsan.git master 2f3064574275 127d1faf .config log report info KMSAN: uninit-value in p9_client_read_once