syzbot

 sign-in | mailing list | source | docs
🐞 Open [868] Subsystems 🐞 Fixed [4877] 🐞 Invalid [11657] Missing Backports [69] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

KMSAN: uninit-value in p9pdu_vwritef

Status: auto-obsoleted due to no activity on 2022/11/22 23:51
Subsystems: net v9fs
[Documentation on labels]
Reported-by: syzbot+99f920ef970b8c366bfe@syzkaller.appspotmail.com
First crash: 717d, last: 467d
Discussions (1)
Title Replies (including bot) Last reply
[syzbot] KMSAN: uninit-value in p9pdu_vwritef 0 (1) 2022/01/07 12:50
Similar bugs (9)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KMSAN: uninit-value in stack_trace_consume_entry net C 706 485d 481d 0/25 auto-obsoleted due to no activity on 2022/12/04 06:07
upstream KMSAN: uninit-value in number (4) kernel C 7189 377d 755d 0/25 closed as invalid on 2022/11/28 10:01
upstream KMSAN: uninit-value in snd_pcm_hw_rule_add (2) sound 18 536d 803d 0/25 auto-closed as invalid on 2022/09/15 02:38
upstream KMSAN: uninit-value in seq_printf (2) fs C 99 537d 804d 0/25 auto-closed as invalid on 2022/09/30 02:43
upstream KMSAN: uninit-value in nsim_udp_tunnel_unset_port kernel C 114 668d 748d 0/25 auto-closed as invalid on 2022/09/27 06:37
upstream KMSAN: uninit-value in __vmalloc_node_range block 5 686d 731d 0/25 auto-closed as invalid on 2022/04/17 19:38
upstream KMSAN: uninit-value in ptr_to_id fs C 5 693d 714d 0/25 auto-closed as invalid on 2022/09/27 03:12
upstream KMSAN: kernel-infoleak in _copy_to_iter (6) net C 748 636d 725d 22/25 fixed on 2022/03/08 16:11
upstream KMSAN: uninit-value in esp6_init_state net 2 687d 736d 0/25 auto-closed as invalid on 2022/04/16 22:31

Sample crash report:
=====================================================
BUG: KMSAN: uninit-value in check_copy_size include/linux/thread_info.h:233 [inline]
BUG: KMSAN: uninit-value in copy_from_iter include/linux/uio.h:168 [inline]
BUG: KMSAN: uninit-value in copy_from_iter_full include/linux/uio.h:177 [inline]
BUG: KMSAN: uninit-value in pdu_write_u net/9p/protocol.c:68 [inline]
BUG: KMSAN: uninit-value in p9pdu_vwritef+0x457a/0x4cf0 net/9p/protocol.c:439
 check_copy_size include/linux/thread_info.h:233 [inline]
 copy_from_iter include/linux/uio.h:168 [inline]
 copy_from_iter_full include/linux/uio.h:177 [inline]
 pdu_write_u net/9p/protocol.c:68 [inline]
 p9pdu_vwritef+0x457a/0x4cf0 net/9p/protocol.c:439
 p9_client_prepare_req+0xf0a/0x1710 net/9p/client.c:703
 p9_client_rpc+0x295/0x14a0 net/9p/client.c:734
 p9_client_write+0x670/0xf70 net/9p/client.c:1667
 v9fs_fid_xattr_set+0x3aa/0x530 fs/9p/xattr.c:130
 v9fs_xattr_set fs/9p/xattr.c:100 [inline]
 v9fs_xattr_handler_set+0x1b8/0x220 fs/9p/xattr.c:159
 __vfs_setxattr+0x8d4/0x920 fs/xattr.c:180
 __vfs_setxattr_noperm+0x38c/0xe80 fs/xattr.c:214
 __vfs_setxattr_locked+0x627/0x690 fs/xattr.c:275
 vfs_setxattr+0x444/0x7b0 fs/xattr.c:301
 setxattr+0x43a/0x800 fs/xattr.c:576
 path_setxattr+0x30e/0x540 fs/xattr.c:596
 __do_sys_setxattr fs/xattr.c:612 [inline]
 __se_sys_setxattr fs/xattr.c:608 [inline]
 __ia32_sys_setxattr+0x15f/0x1c0 fs/xattr.c:608
 do_syscall_32_irqs_on arch/x86/entry/common.c:112 [inline]
 __do_fast_syscall_32+0x95/0xf0 arch/x86/entry/common.c:178
 do_fast_syscall_32+0x33/0x70 arch/x86/entry/common.c:203
 do_SYSENTER_32+0x1b/0x20 arch/x86/entry/common.c:246
 entry_SYSENTER_compat_after_hwframe+0x4d/0x5c

Uninit was created at:
 slab_post_alloc_hook mm/slab.h:754 [inline]
 slab_alloc_node mm/slub.c:3231 [inline]
 slab_alloc mm/slub.c:3239 [inline]
 kmem_cache_alloc_trace+0xa8e/0x10f0 mm/slub.c:3270
 kmalloc include/linux/slab.h:581 [inline]
 p9_fid_create+0x81/0x470 net/9p/client.c:892
 p9_client_walk+0x161/0xe30 net/9p/client.c:1180
 clone_fid fs/9p/fid.h:21 [inline]
 v9fs_fid_xattr_set+0x248/0x530 fs/9p/xattr.c:118
 v9fs_xattr_set fs/9p/xattr.c:100 [inline]
 v9fs_xattr_handler_set+0x1b8/0x220 fs/9p/xattr.c:159
 __vfs_setxattr+0x8d4/0x920 fs/xattr.c:180
 __vfs_setxattr_noperm+0x38c/0xe80 fs/xattr.c:214
 __vfs_setxattr_locked+0x627/0x690 fs/xattr.c:275
 vfs_setxattr+0x444/0x7b0 fs/xattr.c:301
 setxattr+0x43a/0x800 fs/xattr.c:576
 path_setxattr+0x30e/0x540 fs/xattr.c:596
 __do_sys_setxattr fs/xattr.c:612 [inline]
 __se_sys_setxattr fs/xattr.c:608 [inline]
 __ia32_sys_setxattr+0x15f/0x1c0 fs/xattr.c:608
 do_syscall_32_irqs_on arch/x86/entry/common.c:112 [inline]
 __do_fast_syscall_32+0x95/0xf0 arch/x86/entry/common.c:178
 do_fast_syscall_32+0x33/0x70 arch/x86/entry/common.c:203
 do_SYSENTER_32+0x1b/0x20 arch/x86/entry/common.c:246
 entry_SYSENTER_compat_after_hwframe+0x4d/0x5c

CPU: 0 PID: 14039 Comm: syz-executor.2 Not tainted 5.18.0-syzkaller-16253-g2f3064574275 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
=====================================================

Crashes (544):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2022/06/16 03:41 https://github.com/google/kmsan.git master 2f3064574275 1719ee24 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in p9pdu_vwritef
2022/01/04 18:44 https://github.com/google/kmsan.git master 81c325bbf94e 0a2584dd .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in p9pdu_vwritef
2021/12/31 19:16 https://github.com/google/kmsan.git master 81c325bbf94e e1768e9c .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in p9pdu_vwritef
2021/12/17 11:06 https://github.com/google/kmsan.git master b0a8b5053e8b 44068e19 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in p9pdu_vwritef
2022/08/24 23:43 https://github.com/google/kmsan.git master 1b070a5d1a2c 514514f6 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in p9_client_read_once
2022/08/24 19:49 https://github.com/google/kmsan.git master 1b070a5d1a2c 514514f6 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in p9_client_write
2022/08/24 01:41 https://github.com/google/kmsan.git master 1b070a5d1a2c cea8b0f7 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in p9_client_write
2022/08/23 18:19 https://github.com/google/kmsan.git master 1b070a5d1a2c cea8b0f7 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in p9_client_write
2022/08/22 15:58 https://github.com/google/kmsan.git master 1b070a5d1a2c 26a13b38 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in p9_client_write
2022/08/21 05:31 https://github.com/google/kmsan.git master 1b070a5d1a2c 26a13b38 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in p9_client_write
2022/08/20 07:51 https://github.com/google/kmsan.git master 1b070a5d1a2c 26a13b38 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in p9_client_write
2022/08/20 04:55 https://github.com/google/kmsan.git master 1b070a5d1a2c 26a13b38 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in p9_client_write
2022/08/20 03:31 https://github.com/google/kmsan.git master 1b070a5d1a2c 26a13b38 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in p9_client_write
2022/08/20 02:21 https://github.com/google/kmsan.git master 1b070a5d1a2c 26a13b38 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in p9_client_write
2022/08/19 15:01 https://github.com/google/kmsan.git master 1b070a5d1a2c 26a13b38 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in p9_client_write
2022/08/19 14:55 https://github.com/google/kmsan.git master 1b070a5d1a2c 26a13b38 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in p9_client_write
2022/08/19 07:23 https://github.com/google/kmsan.git master 1b070a5d1a2c 26a13b38 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in p9_client_write
2022/08/19 03:48 https://github.com/google/kmsan.git master 1b070a5d1a2c 26a13b38 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in p9_client_write
2022/08/18 20:49 https://github.com/google/kmsan.git master 1b070a5d1a2c 26a13b38 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in p9_client_write
2022/08/18 13:17 https://github.com/google/kmsan.git master 1b070a5d1a2c d58e263f .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in p9_client_write
2022/08/18 10:00 https://github.com/google/kmsan.git master 1b070a5d1a2c d58e263f .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in p9_client_read_once
2022/08/17 18:08 https://github.com/google/kmsan.git master 1b070a5d1a2c 4e72d229 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in p9_client_write
2022/08/16 15:00 https://github.com/google/kmsan.git master 1b070a5d1a2c 7a7cb304 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in p9_client_write
2022/08/15 19:04 https://github.com/google/kmsan.git master 1b070a5d1a2c 8dfcaa3d .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in p9_client_write
2022/08/15 17:48 https://github.com/google/kmsan.git master 1b070a5d1a2c 8dfcaa3d .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in p9_client_write
2022/08/14 06:40 https://github.com/google/kmsan.git master 1b070a5d1a2c 8dfcaa3d .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in p9_client_write
2022/08/14 02:15 https://github.com/google/kmsan.git master 1b070a5d1a2c 8dfcaa3d .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in p9_client_write
2022/08/13 12:51 https://github.com/google/kmsan.git master 1b070a5d1a2c 8dfcaa3d .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in p9_client_write
2022/08/13 11:48 https://github.com/google/kmsan.git master 1b070a5d1a2c 8dfcaa3d .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in p9_client_write
2022/08/13 09:54 https://github.com/google/kmsan.git master 1b070a5d1a2c 8dfcaa3d .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in p9_client_write
2022/08/12 17:45 https://github.com/google/kmsan.git master 1b070a5d1a2c 402cd70d .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in p9_client_read_once
2022/08/12 16:30 https://github.com/google/kmsan.git master 1b070a5d1a2c 402cd70d .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in p9_client_write
2022/08/12 13:09 https://github.com/google/kmsan.git master 1b070a5d1a2c 402cd70d .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in p9_client_write
2022/08/12 03:26 https://github.com/google/kmsan.git master 1b070a5d1a2c 787ed7e0 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in p9_client_write
2022/08/11 17:58 https://github.com/google/kmsan.git master 1b070a5d1a2c 787ed7e0 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in p9_client_write
2022/08/11 06:04 https://github.com/google/kmsan.git master 1b070a5d1a2c a6201f11 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in p9_client_write
2022/08/11 00:21 https://github.com/google/kmsan.git master 1b070a5d1a2c a6201f11 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in p9_client_write
2022/08/10 06:16 https://github.com/google/kmsan.git master 1b070a5d1a2c c2a623d6 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in p9_client_write
2022/08/10 03:29 https://github.com/google/kmsan.git master 1b070a5d1a2c c2a623d6 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in p9_client_write
2022/08/10 01:08 https://github.com/google/kmsan.git master 1b070a5d1a2c c2a623d6 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in p9_client_write
2022/08/10 01:08 https://github.com/google/kmsan.git master 1b070a5d1a2c c2a623d6 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in p9_client_write
2022/08/09 23:39 https://github.com/google/kmsan.git master 1b070a5d1a2c c2a623d6 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in p9_client_write
2022/08/09 14:56 https://github.com/google/kmsan.git master 1b070a5d1a2c da700653 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in p9_client_write
2022/08/09 09:51 https://github.com/google/kmsan.git master 1b070a5d1a2c da700653 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in p9_client_write
2022/08/09 08:03 https://github.com/google/kmsan.git master 1b070a5d1a2c da700653 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in p9_client_write
2022/08/08 04:43 https://github.com/google/kmsan.git master 168a92de0739 88e3a122 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in p9_client_write
2022/08/07 22:49 https://github.com/google/kmsan.git master 168a92de0739 88e3a122 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in p9_client_write
2022/08/07 01:24 https://github.com/google/kmsan.git master bba47a4b6421 88e3a122 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in p9_client_write
* Struck through repros no longer work on HEAD.