syzbot

 sign-in | mailing list | source | docs
🐞 Open [1162] Subsystems 🐞 Fixed [4400] 🐞 Invalid [9888] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

KMSAN: uninit-value in bpf_prog_run_generic_xdp

Status: upstream: reported on 2022/11/18 11:39
Subsystems: net (incorrect?)
Reported-by: syzbot+0e6ddb1ef80986bdfe64@syzkaller.appspotmail.com
First crash: 470d, last: 20d
similar bugs (17):
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KMSAN: uninit-value in __skb_checksum_complete (5) net C 1186 1d14h 949d 0/24 upstream: reported C repro on 2020/08/14 15:09
upstream KMSAN: uninit-value in skb_release_data (3) C 10 244d 923d 0/24 auto-obsoleted due to no activity on 2022/11/17 07:20
upstream KMSAN: uninit-value in hsr_register_frame_in net C 197 34d 1499d 0/24 upstream: reported C repro on 2019/02/11 21:53
upstream KMSAN: kernel-infoleak in copyout (2) net C 6587 7h57m 1090d 19/24 upstream: reported C repro on 2020/03/26 17:19
upstream KMSAN: uninit-value in ipv6_find_tlv net C 251 9d05h 1316d 0/24 upstream: reported C repro on 2019/08/13 14:48
upstream KMSAN: uninit-value in ax25cmp (2) C 51 181d 442d 0/24 closed as invalid on 2022/11/18 11:50
upstream KMSAN: uninit-value in virtqueue_add (3) 13 137d 430d 0/24 auto-obsoleted due to no activity on 2023/02/12 03:53
upstream KMSAN: kernel-infoleak in _copy_to_iter (7) net hfs ext4 C 138977 25d 377d 24/24 fixed on 2023/02/24 13:50
upstream KMSAN: uninit-value in can_send can C 630 120d 138d 24/24 fixed on 2023/02/24 13:50
upstream KMSAN: uninit-value in inet_frag_find (2) 2 434d 442d 0/24 auto-closed as invalid on 2022/04/11 17:13
upstream KMSAN: kernel-infoleak in _copy_to_iter (6) net C 748 378d 467d 22/24 fixed on 2022/03/08 16:11
upstream KMSAN: uninit-value in eth_type_trans (2) net C 3608 11h36m 1154d 0/24 upstream: reported C repro on 2020/01/22 16:47
upstream KMSAN: uninit-value in hsr_fill_frame_info (2) net C 65 34d 160d 0/24 upstream: reported C repro on 2022/10/12 19:10
upstream KMSAN: uninit-value in erspan_build_header net 40 70d 160d 0/24 upstream: reported on 2022/10/12 16:59
upstream KMSAN: uninit-value in ip_tunnel_xmit (3) C 1516 165d 853d 0/24 closed as invalid on 2022/10/12 18:48
upstream KMSAN: uninit-value in br_dev_xmit bridge C 537 65d 1121d 0/24 upstream: reported C repro on 2020/02/24 08:38
upstream KMSAN: uninit-value in batadv_get_vid batman C 1947 17d 1121d 0/24 upstream: reported C repro on 2020/02/24 08:38

Sample crash report:
=====================================================
BUG: KMSAN: uninit-value in bpf_prog_run_generic_xdp+0x10c4/0x1b90 net/core/dev.c:4767
 bpf_prog_run_generic_xdp+0x10c4/0x1b90 net/core/dev.c:4767
 netif_receive_generic_xdp net/core/dev.c:4830 [inline]
 do_xdp_generic+0x6e8/0xb90 net/core/dev.c:4889
 __netif_receive_skb_core+0x27a2/0x65a0 net/core/dev.c:5295
 __netif_receive_skb_one_core net/core/dev.c:5472 [inline]
 __netif_receive_skb+0xcd/0x5e0 net/core/dev.c:5588
 process_backlog+0x480/0x8b0 net/core/dev.c:5916
 __napi_poll+0xe4/0x950 net/core/dev.c:6477
 napi_poll net/core/dev.c:6544 [inline]
 net_rx_action+0x934/0x1a40 net/core/dev.c:6655
 __do_softirq+0x1c9/0x7c5 kernel/softirq.c:571
 run_ksoftirqd+0x30/0x50 kernel/softirq.c:934
 smpboot_thread_fn+0x558/0x9f0 kernel/smpboot.c:164
 kthread+0x31f/0x430 kernel/kthread.c:376
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:308

Uninit was stored to memory at:
 pskb_expand_head+0x328/0x19b0 net/core/skbuff.c:1907
 netif_receive_generic_xdp net/core/dev.c:4822 [inline]
 do_xdp_generic+0x56f/0xb90 net/core/dev.c:4889
 __netif_receive_skb_core+0x27a2/0x65a0 net/core/dev.c:5295
 __netif_receive_skb_one_core net/core/dev.c:5472 [inline]
 __netif_receive_skb+0xcd/0x5e0 net/core/dev.c:5588
 process_backlog+0x480/0x8b0 net/core/dev.c:5916
 __napi_poll+0xe4/0x950 net/core/dev.c:6477
 napi_poll net/core/dev.c:6544 [inline]
 net_rx_action+0x934/0x1a40 net/core/dev.c:6655
 __do_softirq+0x1c9/0x7c5 kernel/softirq.c:571

Uninit was created at:
 slab_post_alloc_hook+0x12d/0xb60 mm/slab.h:766
 slab_alloc_node mm/slub.c:3452 [inline]
 __kmem_cache_alloc_node+0x518/0x920 mm/slub.c:3491
 __do_kmalloc_node mm/slab_common.c:967 [inline]
 __kmalloc_node_track_caller+0x118/0x3c0 mm/slab_common.c:988
 kmalloc_reserve net/core/skbuff.c:492 [inline]
 __alloc_skb+0x3b8/0x900 net/core/skbuff.c:565
 alloc_skb include/linux/skbuff.h:1270 [inline]
 alloc_skb_with_frags+0xbd/0xbb0 net/core/skbuff.c:6194
 sock_alloc_send_pskb+0xaad/0xc30 net/core/sock.c:2743
 sock_alloc_send_skb include/net/sock.h:1888 [inline]
 j1939_sk_alloc_skb net/can/j1939/socket.c:864 [inline]
 j1939_sk_send_loop net/can/j1939/socket.c:1121 [inline]
 j1939_sk_sendmsg+0xd2e/0x25b0 net/can/j1939/socket.c:1256
 sock_sendmsg_nosec net/socket.c:714 [inline]
 sock_sendmsg net/socket.c:734 [inline]
 ____sys_sendmsg+0xa8f/0xe70 net/socket.c:2479
 ___sys_sendmsg+0x2a1/0x3f0 net/socket.c:2533
 __sys_sendmsg+0x25c/0x440 net/socket.c:2562
 __compat_sys_sendmsg net/compat.c:345 [inline]
 __do_compat_sys_sendmsg net/compat.c:352 [inline]
 __se_compat_sys_sendmsg net/compat.c:349 [inline]
 __ia32_compat_sys_sendmsg+0x9d/0xe0 net/compat.c:349
 do_syscall_32_irqs_on arch/x86/entry/common.c:112 [inline]
 __do_fast_syscall_32+0xa2/0x100 arch/x86/entry/common.c:178
 do_fast_syscall_32+0x37/0x80 arch/x86/entry/common.c:203
 do_SYSENTER_32+0x1f/0x30 arch/x86/entry/common.c:246
 entry_SYSENTER_compat_after_hwframe+0x70/0x82

CPU: 0 PID: 13 Comm: ksoftirqd/0 Not tainted 6.2.0-syzkaller-81152-g97e36f4aa06f #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/16/2023
=====================================================

Crashes (118):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets Title
ci-upstream-kmsan-gce-386 2023/03/01 12:51 https://github.com/google/kmsan.git master 97e36f4aa06f f8902b57 .config console log report info [disk image] [vmlinux] [kernel image] KMSAN: uninit-value in bpf_prog_run_generic_xdp
ci-upstream-kmsan-gce-386 2023/02/22 00:37 https://github.com/google/kmsan.git master 224e1375d540 42a4d508 .config console log report info [disk image] [vmlinux] [kernel image] KMSAN: uninit-value in bpf_prog_run_generic_xdp
ci-upstream-kmsan-gce-386 2023/02/14 14:58 https://github.com/google/kmsan.git master da13c00eebfb 1d6b4af7 .config console log report info [disk image] [vmlinux] [kernel image] KMSAN: uninit-value in bpf_prog_run_generic_xdp
ci-upstream-kmsan-gce-386 2023/02/13 23:30 https://github.com/google/kmsan.git master da13c00eebfb 93ae7e0a .config console log report info [disk image] [vmlinux] [kernel image] KMSAN: uninit-value in bpf_prog_run_generic_xdp
ci-upstream-kmsan-gce-386 2023/02/10 20:25 https://github.com/google/kmsan.git master 8c89ecf5c13b 95871dcc .config console log report info [disk image] [vmlinux] [kernel image] KMSAN: uninit-value in bpf_prog_run_generic_xdp
ci-upstream-kmsan-gce-386 2023/02/06 18:21 https://github.com/google/kmsan.git master eda666ff2276 0a9c11b6 .config console log report info [disk image] [vmlinux] [kernel image] KMSAN: uninit-value in bpf_prog_run_generic_xdp
ci-upstream-kmsan-gce-386 2023/02/03 19:50 https://github.com/google/kmsan.git master eda666ff2276 1b2f701a .config console log report info [disk image] [vmlinux] [kernel image] KMSAN: uninit-value in bpf_prog_run_generic_xdp
ci-upstream-kmsan-gce-386 2023/02/03 16:01 https://github.com/google/kmsan.git master eda666ff2276 1b2f701a .config console log report info [disk image] [vmlinux] [kernel image] KMSAN: uninit-value in bpf_prog_run_generic_xdp
ci-upstream-kmsan-gce-386 2023/02/01 15:57 https://github.com/google/kmsan.git master eda666ff2276 9dfcf09c .config console log report info [disk image] [vmlinux] [kernel image] KMSAN: uninit-value in bpf_prog_run_generic_xdp
ci-upstream-kmsan-gce-386 2023/01/24 09:37 https://github.com/google/kmsan.git master 41c66f470616 9dfcf09c .config console log report info [disk image] [vmlinux] [kernel image] KMSAN: uninit-value in bpf_prog_run_generic_xdp
ci-upstream-kmsan-gce-386 2023/01/23 20:28 https://github.com/google/kmsan.git master 41c66f470616 9dfcf09c .config console log report info [disk image] [vmlinux] [kernel image] KMSAN: uninit-value in bpf_prog_run_generic_xdp
ci-upstream-kmsan-gce-386 2023/01/21 16:04 https://github.com/google/kmsan.git master e919e2b1bc1c 559a440a .config console log report info [disk image] [vmlinux] [kernel image] KMSAN: uninit-value in bpf_prog_run_generic_xdp
ci-upstream-kmsan-gce-386 2023/01/19 12:59 https://github.com/google/kmsan.git master e919e2b1bc1c 1b826a2f .config console log report info [disk image] [vmlinux] [kernel image] KMSAN: uninit-value in bpf_prog_run_generic_xdp
ci-upstream-kmsan-gce-386 2023/01/17 19:30 https://github.com/google/kmsan.git master e919e2b1bc1c aedf5331 .config console log report info [disk image] [vmlinux] [kernel image] KMSAN: uninit-value in bpf_prog_run_generic_xdp
ci-upstream-kmsan-gce-386 2022/12/05 20:21 https://github.com/google/kmsan.git master 0b9b391069d5 045cbb84 .config console log report info [disk image] [vmlinux] [kernel image] KMSAN: uninit-value in bpf_prog_run_generic_xdp
ci-upstream-kmsan-gce-386 2022/11/29 17:00 https://github.com/google/kmsan.git master 49a9a20768f5 05dc7993 .config console log report info [disk image] [vmlinux] [kernel image] KMSAN: uninit-value in bpf_prog_run_generic_xdp
ci-upstream-kmsan-gce-386 2022/11/15 12:56 https://github.com/google/kmsan.git master cb231e2f67ec 97de9cfc .config console log report info [disk image] [vmlinux] [kernel image] KMSAN: uninit-value in bpf_prog_run_generic_xdp
ci-upstream-kmsan-gce-386 2022/11/09 10:49 https://github.com/google/kmsan.git master b1376a14297d 5fa28208 .config console log report info [disk image] [vmlinux] [kernel image] KMSAN: uninit-value in bpf_prog_run_generic_xdp
ci-upstream-kmsan-gce-386 2022/11/04 13:57 https://github.com/google/kmsan.git master 02b1fb26100c 6d752409 .config console log report info [disk image] [vmlinux] [kernel image] KMSAN: uninit-value in bpf_prog_run_generic_xdp
ci-upstream-kmsan-gce-386 2022/10/20 18:41 https://github.com/google/kmsan.git master 968c2729e576 a0fd4dab .config console log report info [disk image] [vmlinux] KMSAN: uninit-value in bpf_prog_run_generic_xdp
ci-upstream-kmsan-gce-386 2022/10/13 03:31 https://github.com/google/kmsan.git master 968c2729e576 3f6b40a1 .config console log report info [disk image] [vmlinux] KMSAN: uninit-value in bpf_prog_run_generic_xdp
ci-upstream-kmsan-gce-386 2022/10/07 20:05 https://github.com/google/kmsan.git master 968c2729e576 0de35f24 .config console log report info [disk image] [vmlinux] KMSAN: uninit-value in bpf_prog_run_generic_xdp
ci-upstream-kmsan-gce-386 2022/10/05 00:30 https://github.com/google/kmsan.git master 968c2729e576 eab8f949 .config console log report info [disk image] [vmlinux] KMSAN: uninit-value in bpf_prog_run_generic_xdp
ci-upstream-kmsan-gce-386 2022/09/29 09:53 https://github.com/google/kmsan.git master 968c2729e576 1d385642 .config console log report info KMSAN: uninit-value in bpf_prog_run_generic_xdp
ci-upstream-kmsan-gce-386 2022/09/27 23:55 https://github.com/google/kmsan.git master 466a27efa4f0 75c78242 .config console log report info [disk image] [vmlinux] KMSAN: uninit-value in bpf_prog_run_generic_xdp
ci-upstream-kmsan-gce-386 2022/09/20 11:36 https://github.com/google/kmsan.git master 523d2ce66d07 7c41a9ba .config console log report info [disk image] [vmlinux] KMSAN: uninit-value in bpf_prog_run_generic_xdp
ci-upstream-kmsan-gce-386 2022/09/15 02:59 https://github.com/google/kmsan.git master 8f4ae27df775 b884348d .config console log report info KMSAN: uninit-value in bpf_prog_run_generic_xdp
ci-upstream-kmsan-gce-386 2022/09/15 01:44 https://github.com/google/kmsan.git master 8f4ae27df775 b884348d .config console log report info KMSAN: uninit-value in bpf_prog_run_generic_xdp
ci-upstream-kmsan-gce-386 2022/09/09 18:17 https://github.com/google/kmsan.git master 4367d178d9eb 356d8217 .config console log report info KMSAN: uninit-value in bpf_prog_run_generic_xdp
ci-upstream-kmsan-gce-386 2022/09/09 14:33 https://github.com/google/kmsan.git master 4367d178d9eb 356d8217 .config console log report info KMSAN: uninit-value in bpf_prog_run_generic_xdp
ci-upstream-kmsan-gce-386 2022/09/07 12:32 https://github.com/google/kmsan.git master 4367d178d9eb c5b7bc57 .config console log report info KMSAN: uninit-value in bpf_prog_run_generic_xdp
ci-upstream-kmsan-gce-386 2022/09/05 13:56 https://github.com/google/kmsan.git master 4367d178d9eb 922294ab .config console log report info KMSAN: uninit-value in bpf_prog_run_generic_xdp
ci-upstream-kmsan-gce-386 2022/09/03 14:39 https://github.com/google/kmsan.git master ad8e4e812ba8 28811d0a .config console log report info KMSAN: uninit-value in bpf_prog_run_generic_xdp
ci-upstream-kmsan-gce-386 2022/09/02 12:37 https://github.com/google/kmsan.git master 717d319242de a805568e .config console log report info [disk image] [vmlinux] KMSAN: uninit-value in bpf_prog_run_generic_xdp
ci-upstream-kmsan-gce-386 2022/08/31 13:52 https://github.com/google/kmsan.git master e23a6cc335d5 51e54e30 .config console log report info KMSAN: uninit-value in bpf_prog_run_generic_xdp
ci-upstream-kmsan-gce-386 2022/08/26 13:30 https://github.com/google/kmsan.git master ac3859c02d7f e5a303f1 .config console log report info KMSAN: uninit-value in bpf_prog_run_generic_xdp
ci-upstream-kmsan-gce-386 2022/08/19 18:30 https://github.com/google/kmsan.git master 1b070a5d1a2c 26a13b38 .config console log report info KMSAN: uninit-value in bpf_prog_run_generic_xdp
ci-upstream-kmsan-gce-386 2022/08/18 05:51 https://github.com/google/kmsan.git master 1b070a5d1a2c d58e263f .config console log report info KMSAN: uninit-value in bpf_prog_run_generic_xdp
ci-upstream-kmsan-gce-386 2022/08/16 06:42 https://github.com/google/kmsan.git master 1b070a5d1a2c 7a7cb304 .config console log report info KMSAN: uninit-value in bpf_prog_run_generic_xdp
ci-upstream-kmsan-gce-386 2022/08/13 08:58 https://github.com/google/kmsan.git master 1b070a5d1a2c 8dfcaa3d .config console log report info KMSAN: uninit-value in bpf_prog_run_generic_xdp
ci-upstream-kmsan-gce-386 2022/08/11 16:48 https://github.com/google/kmsan.git master 1b070a5d1a2c 787ed7e0 .config console log report info KMSAN: uninit-value in bpf_prog_run_generic_xdp
ci-upstream-kmsan-gce-386 2022/08/10 18:25 https://github.com/google/kmsan.git master 1b070a5d1a2c a6201f11 .config console log report info KMSAN: uninit-value in bpf_prog_run_generic_xdp
ci-upstream-kmsan-gce-386 2022/08/03 09:03 https://github.com/google/kmsan.git master 82224c6104a8 1c9013ac .config console log report info KMSAN: uninit-value in bpf_prog_run_generic_xdp
ci-upstream-kmsan-gce-386 2022/08/01 05:12 https://github.com/google/kmsan.git master 3ea9edba19ef fef302b1 .config console log report info KMSAN: uninit-value in bpf_prog_run_generic_xdp
ci-upstream-kmsan-gce-386 2022/07/25 08:20 https://github.com/google/kmsan.git master 97117d69c353 22343af4 .config console log report info KMSAN: uninit-value in bpf_prog_run_generic_xdp
ci-upstream-kmsan-gce-386 2022/07/22 07:34 https://github.com/google/kmsan.git master 97117d69c353 5e6028b9 .config console log report info KMSAN: uninit-value in bpf_prog_run_generic_xdp
ci-upstream-kmsan-gce-386 2022/07/21 14:40 https://github.com/google/kmsan.git master 97117d69c353 6e67af9d .config console log report info KMSAN: uninit-value in bpf_prog_run_generic_xdp
ci-upstream-kmsan-gce-386 2022/07/20 06:45 https://github.com/google/kmsan.git master 97117d69c353 775344bc .config console log report info KMSAN: uninit-value in bpf_prog_run_generic_xdp
ci-upstream-kmsan-gce-386 2022/07/13 12:29 https://github.com/google/kmsan.git master 97117d69c353 5d921b08 .config console log report info KMSAN: uninit-value in bpf_prog_run_generic_xdp
ci-upstream-kmsan-gce-386 2022/07/12 16:59 https://github.com/google/kmsan.git master 97117d69c353 d91dd8ea .config console log report info KMSAN: uninit-value in bpf_prog_run_generic_xdp
ci-upstream-kmsan-gce-386 2022/01/03 16:49 https://github.com/google/kmsan.git master 81c325bbf94e 4a3f34f2 .config console log report info KMSAN: uninit-value in bpf_prog_run_generic_xdp
ci-upstream-kmsan-gce-386 2021/12/06 12:45 https://github.com/google/kmsan.git master cdfb223e7e63 579a8754 .config console log report info KMSAN: uninit-value in bpf_prog_run_generic_xdp
* Struck through repros no longer work on HEAD.