syzbot

 sign-in | mailing list | source | docs
🐞 Open [1658]
Subsystems
🐞 Fixed [6096]
🐞 Invalid [15190]
Missing Backports [163]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

KMSAN: uninit-value in validate_xmit_skb (3)

Status: closed as invalid on 2024/06/03 17:57
Subsystems: net
[Documentation on labels]
First crash: 296d, last: 296d
Similar bugs (5)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KMSAN: uninit-value in validate_xmit_skb net C 21 412d 430d 25/28 fixed on 2024/01/30 15:47
upstream KMSAN: kernel-infoleak in copyout (2) net C 6723 647d 1816d 22/28 fixed on 2023/06/08 14:41
upstream KMSAN: uninit-value in validate_xmit_skb (2) net 15 402d 410d 0/28 auto-obsoleted due to no activity on 2024/04/10 02:16
upstream KMSAN: kernel-infoleak in _copy_to_iter (7) net C 138977 751d 1103d 22/28 fixed on 2023/02/24 13:50
upstream KMSAN: uninit-value in IP6_ECN_decapsulate net C 981 453d 2369d 25/28 fixed on 2023/12/21 03:45
Last patch testing requests (2)
Created Duration User Patch Repo Result
2024/06/03 15:58 22m edumazet@google.com upstream error
2024/05/27 15:00 21m edumazet@google.com upstream error

Sample crash report:
=====================================================
BUG: KMSAN: uninit-value in skb_gso_segment include/net/gso.h:83 [inline]
BUG: KMSAN: uninit-value in validate_xmit_skb+0xdf0/0x1960 net/core/dev.c:3612
 skb_gso_segment include/net/gso.h:83 [inline]
 validate_xmit_skb+0xdf0/0x1960 net/core/dev.c:3612
 validate_xmit_skb_list+0xf4/0x2f0 net/core/dev.c:3662
 sch_direct_xmit+0xd0/0xd50 net/sched/sch_generic.c:328
 __dev_xmit_skb net/core/dev.c:3760 [inline]
 __dev_queue_xmit+0x2eec/0x5350 net/core/dev.c:4307
 dev_queue_xmit include/linux/netdevice.h:3091 [inline]
 packet_xmit+0x9c/0x6c0 net/packet/af_packet.c:276
 packet_snd net/packet/af_packet.c:3081 [inline]
 packet_sendmsg+0x8bb0/0x9ef0 net/packet/af_packet.c:3113
 sock_sendmsg_nosec net/socket.c:730 [inline]
 __sock_sendmsg+0x30f/0x380 net/socket.c:745
 ____sys_sendmsg+0x877/0xb60 net/socket.c:2584
 ___sys_sendmsg+0x28d/0x3c0 net/socket.c:2638
 __sys_sendmsg net/socket.c:2667 [inline]
 __do_sys_sendmsg net/socket.c:2676 [inline]
 __se_sys_sendmsg net/socket.c:2674 [inline]
 __x64_sys_sendmsg+0x307/0x4a0 net/socket.c:2674
 x64_sys_call+0xc4b/0x3b50 arch/x86/include/generated/asm/syscalls_64.h:47
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xcf/0x1e0 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

Uninit was created at:
 slab_post_alloc_hook mm/slub.c:3877 [inline]
 slab_alloc_node mm/slub.c:3918 [inline]
 __do_kmalloc_node mm/slub.c:4038 [inline]
 __kmalloc_node_track_caller+0x767/0x10c0 mm/slub.c:4059
 kmalloc_reserve+0x249/0x4a0 net/core/skbuff.c:599
 __alloc_skb+0x35b/0x7a0 net/core/skbuff.c:668
 alloc_skb include/linux/skbuff.h:1319 [inline]
 alloc_skb_with_frags+0xc8/0xbf0 net/core/skbuff.c:6527
 sock_alloc_send_pskb+0xa81/0xbf0 net/core/sock.c:2795
 packet_alloc_skb net/packet/af_packet.c:2930 [inline]
 packet_snd net/packet/af_packet.c:3024 [inline]
 packet_sendmsg+0x722d/0x9ef0 net/packet/af_packet.c:3113
 sock_sendmsg_nosec net/socket.c:730 [inline]
 __sock_sendmsg+0x30f/0x380 net/socket.c:745
 ____sys_sendmsg+0x877/0xb60 net/socket.c:2584
 ___sys_sendmsg+0x28d/0x3c0 net/socket.c:2638
 __sys_sendmsg net/socket.c:2667 [inline]
 __do_sys_sendmsg net/socket.c:2676 [inline]
 __se_sys_sendmsg net/socket.c:2674 [inline]
 __x64_sys_sendmsg+0x307/0x4a0 net/socket.c:2674
 x64_sys_call+0xc4b/0x3b50 arch/x86/include/generated/asm/syscalls_64.h:47
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xcf/0x1e0 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

CPU: 1 PID: 5078 Comm: syz-executor244 Not tainted 6.9.0-syzkaller-02707-g614da38e2f7a #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
=====================================================

Crashes (9):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2024/05/24 16:39 upstream 614da38e2f7a 8f98448e .config strace log report syz C [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in validate_xmit_skb
2024/05/24 15:26 upstream 614da38e2f7a 8f98448e .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in validate_xmit_skb
2024/05/24 15:26 upstream 614da38e2f7a 8f98448e .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in validate_xmit_skb
2024/05/24 12:36 upstream 614da38e2f7a 8f98448e .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in validate_xmit_skb
2024/05/24 12:36 upstream 614da38e2f7a 8f98448e .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in validate_xmit_skb
2024/05/24 17:00 upstream 101b7a97143a 8f98448e .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in validate_xmit_skb
2024/05/24 16:59 upstream 101b7a97143a 8f98448e .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in validate_xmit_skb
2024/05/24 13:31 upstream 101b7a97143a 8f98448e .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in validate_xmit_skb
2024/05/24 13:31 upstream 101b7a97143a 8f98448e .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in validate_xmit_skb
* Struck through repros no longer work on HEAD.