syzbot


KMSAN: kernel-infoleak in bpf_prog_test_run_raw_tp

Status: closed as invalid on 2022/07/04 08:06
Reported-by: syzbot+@syzkaller.appspotmail.com
First crash: 417d, last: 167d

Sample crash report:
=====================================================
BUG: KMSAN: kernel-infoleak in instrument_copy_to_user include/linux/instrumented.h:121 [inline]
BUG: KMSAN: kernel-infoleak in _copy_to_user+0x1c9/0x270 lib/usercopy.c:33
 instrument_copy_to_user include/linux/instrumented.h:121 [inline]
 _copy_to_user+0x1c9/0x270 lib/usercopy.c:33
 copy_to_user include/linux/uaccess.h:209 [inline]
 bpf_prog_test_run_raw_tp+0xb01/0xbb0 net/bpf/test_run.c:388
 bpf_prog_test_run+0x784/0x820 kernel/bpf/syscall.c:3353
 __sys_bpf+0xadd/0x1240 kernel/bpf/syscall.c:4655
 __do_sys_bpf kernel/bpf/syscall.c:4741 [inline]
 __se_sys_bpf kernel/bpf/syscall.c:4739 [inline]
 __ia32_sys_bpf+0xe1/0x130 kernel/bpf/syscall.c:4739
 do_syscall_32_irqs_on arch/x86/entry/common.c:113 [inline]
 __do_fast_syscall_32+0x96/0xf0 arch/x86/entry/common.c:179
 do_fast_syscall_32+0x34/0x70 arch/x86/entry/common.c:204
 do_SYSENTER_32+0x1b/0x20 arch/x86/entry/common.c:247
 entry_SYSENTER_compat_after_hwframe+0x4d/0x5c

Local variable info created at:
 bpf_prog_test_run_raw_tp+0xf0/0xbb0 net/bpf/test_run.c:343
 bpf_prog_test_run+0x784/0x820 kernel/bpf/syscall.c:3353

Bytes 0-3 of 4 are uninitialized
Memory access of size 4 starts at ffff888122a0fc70
Data copied to user address 0000000020000184

CPU: 1 PID: 3479 Comm: syz-executor189 Not tainted 5.17.0-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
=====================================================

Crashes (10):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Title
ci-upstream-kmsan-gce-386 2022/04/21 13:35 https://github.com/google/kmsan.git master 33d9269ef6e0 d4befee1 .config log report syz C KMSAN: kernel-infoleak in bpf_prog_test_run_raw_tp
ci-upstream-kmsan-gce-386 2022/06/23 09:36 https://github.com/google/kmsan.git master 4b28366af7d9 912f5df7 .config log report info KMSAN: kernel-infoleak in bpf_prog_test_run_raw_tp
ci-upstream-kmsan-gce-386 2022/05/25 11:26 https://github.com/google/kmsan.git master c5c93da9af13 647c0e27 .config log report info KMSAN: kernel-infoleak in bpf_prog_test_run_raw_tp
ci-upstream-kmsan-gce-386 2022/05/06 01:35 https://github.com/google/kmsan.git master d6e2c8c7eb40 efeff0a5 .config log report info KMSAN: kernel-infoleak in bpf_prog_test_run_raw_tp
ci-upstream-kmsan-gce-386 2022/04/21 06:08 https://github.com/google/kmsan.git master 33d9269ef6e0 d4befee1 .config log report info KMSAN: kernel-infoleak in bpf_prog_test_run_raw_tp
ci-upstream-kmsan-gce-386 2022/01/28 19:45 https://github.com/google/kmsan.git master 85cfd6e539bd 495e00c5 .config log report info KMSAN: kernel-infoleak in bpf_prog_test_run_raw_tp
ci-upstream-kmsan-gce-386 2022/01/09 16:31 https://github.com/google/kmsan.git master 81c325bbf94e 2ca0d385 .config log report info KMSAN: kernel-infoleak in bpf_prog_test_run_raw_tp
ci-upstream-kmsan-gce-386 2021/11/22 23:05 https://github.com/google/kmsan.git master 7ca3114e5a48 545ab074 .config log report info KMSAN: kernel-infoleak in bpf_prog_test_run_raw_tp
ci-upstream-kmsan-gce-386 2021/11/11 15:19 https://github.com/google/kmsan.git master a3e5c559028e 75b04091 .config log report info KMSAN: kernel-infoleak in bpf_prog_test_run_raw_tp
ci-upstream-kmsan-gce-386 2021/10/16 12:19 https://github.com/google/kmsan.git master d6493d2046c4 0c5d9412 .config log report info KMSAN: kernel-infoleak in bpf_prog_test_run_raw_tp
* Struck through repros no longer work on HEAD.