syzbot


KMSAN: uninit-value in ax25cmp (2)

Status: closed as invalid on 2022/11/18 11:50
Reported-by: syzbot+@syzkaller.appspotmail.com
First crash: 405d, last: 128d
similar bugs (12):
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KMSAN: uninit-value in ax25cmp 11 563d 636d 0/24 auto-closed as invalid on 2021/11/10 00:57
upstream KMSAN: uninit-value in skb_release_data (3) C 10 191d 870d 0/24 auto-obsoleted due to no activity on 2022/11/17 07:20
upstream KMSAN: uninit-value in ipv6_find_tlv C 215 17h25m 1263d 0/24 upstream: reported C repro on 2019/08/13 14:48
upstream KMSAN: uninit-value in bpf_prog_run_generic_xdp 109 3d14h 70d 0/24 upstream: reported on 2022/11/18 11:39
upstream KMSAN: kernel-infoleak in _copy_to_iter (7) btrfs ntfs3 erofs udf C 135431 11m 324d 23/24 internal: reported C repro on 2022/03/09 07:32
upstream KMSAN: uninit-value in can_send C 630 67d 85d 23/24 upstream: reported C repro on 2022/11/03 16:22
upstream KMSAN: uninit-value in inet_frag_find (2) 2 381d 389d 0/24 auto-closed as invalid on 2022/04/11 17:13
upstream KMSAN: kernel-infoleak in _copy_to_iter (6) C 748 325d 414d 22/24 fixed on 2022/03/08 16:11
upstream KMSAN: uninit-value in eth_type_trans (2) C 3392 34m 1101d 0/24 upstream: reported C repro on 2020/01/22 16:47
upstream KMSAN: uninit-value in hsr_fill_frame_info (2) C 63 20d 107d 0/24 upstream: reported C repro on 2022/10/12 19:10
upstream KMSAN: uninit-value in INET_ECN_decapsulate (2) 2 598d 668d 22/24 fixed on 2021/11/10 00:50
upstream KMSAN: uninit-value in INET_ECN_decapsulate 3 755d 788d 21/24 fixed on 2021/03/10 01:48

Sample crash report:
netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
=====================================================
BUG: KMSAN: uninit-value in ax25cmp+0x4a2/0x5f0 net/ax25/ax25_addr.c:119
 ax25cmp+0x4a2/0x5f0 net/ax25/ax25_addr.c:119
 nr_dev_get+0x1c1/0x420 net/netrom/nr_route.c:601
 nr_route_frame+0x233/0x1470 net/netrom/nr_route.c:774
 nr_xmit+0x9c/0x280 net/netrom/nr_dev.c:144
 __netdev_start_xmit include/linux/netdevice.h:4994 [inline]
 netdev_start_xmit include/linux/netdevice.h:5008 [inline]
 xmit_one+0x2f4/0x840 net/core/dev.c:3590
 dev_hard_start_xmit+0x186/0x440 net/core/dev.c:3606
 __dev_queue_xmit+0x2104/0x3290 net/core/dev.c:4229
 dev_queue_xmit+0x4b/0x60 net/core/dev.c:4262
 raw_sendmsg+0x819/0xcd0 net/ieee802154/socket.c:294
 ieee802154_sock_sendmsg+0xec/0x130 net/ieee802154/socket.c:96
 sock_sendmsg_nosec net/socket.c:704 [inline]
 sock_sendmsg net/socket.c:724 [inline]
 ____sys_sendmsg+0xe11/0x12c0 net/socket.c:2409
 ___sys_sendmsg net/socket.c:2463 [inline]
 __sys_sendmmsg+0x845/0xf60 net/socket.c:2542
 __compat_sys_sendmmsg net/compat.c:361 [inline]
 __do_compat_sys_sendmmsg net/compat.c:368 [inline]
 __se_compat_sys_sendmmsg net/compat.c:365 [inline]
 __ia32_compat_sys_sendmmsg+0x127/0x180 net/compat.c:365
 do_syscall_32_irqs_on arch/x86/entry/common.c:114 [inline]
 __do_fast_syscall_32+0x96/0xf0 arch/x86/entry/common.c:180
 do_fast_syscall_32+0x34/0x70 arch/x86/entry/common.c:205
 do_SYSENTER_32+0x1b/0x20 arch/x86/entry/common.c:248
 entry_SYSENTER_compat_after_hwframe+0x4d/0x5c

Uninit was created at:
 slab_post_alloc_hook mm/slab.h:524 [inline]
 slab_alloc_node mm/slub.c:3251 [inline]
 __kmalloc_node_track_caller+0xe0c/0x1510 mm/slub.c:4974
 kmalloc_reserve net/core/skbuff.c:354 [inline]
 __alloc_skb+0x545/0xf90 net/core/skbuff.c:426
 alloc_skb include/linux/skbuff.h:1126 [inline]
 alloc_skb_with_frags+0x1db/0xbc0 net/core/skbuff.c:6078
 sock_alloc_send_pskb+0xdf4/0xfc0 net/core/sock.c:2575
 sock_alloc_send_skb+0xca/0xe0 net/core/sock.c:2592
 raw_sendmsg+0x4cf/0xcd0 net/ieee802154/socket.c:277
 ieee802154_sock_sendmsg+0xec/0x130 net/ieee802154/socket.c:96
 sock_sendmsg_nosec net/socket.c:704 [inline]
 sock_sendmsg net/socket.c:724 [inline]
 ____sys_sendmsg+0xe11/0x12c0 net/socket.c:2409
 ___sys_sendmsg net/socket.c:2463 [inline]
 __sys_sendmmsg+0x845/0xf60 net/socket.c:2542
 __compat_sys_sendmmsg net/compat.c:361 [inline]
 __do_compat_sys_sendmmsg net/compat.c:368 [inline]
 __se_compat_sys_sendmmsg net/compat.c:365 [inline]
 __ia32_compat_sys_sendmmsg+0x127/0x180 net/compat.c:365
 do_syscall_32_irqs_on arch/x86/entry/common.c:114 [inline]
 __do_fast_syscall_32+0x96/0xf0 arch/x86/entry/common.c:180
 do_fast_syscall_32+0x34/0x70 arch/x86/entry/common.c:205
 do_SYSENTER_32+0x1b/0x20 arch/x86/entry/common.c:248
 entry_SYSENTER_compat_after_hwframe+0x4d/0x5c

CPU: 1 PID: 3481 Comm: syz-executor365 Not tainted 5.16.0-rc5-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
=====================================================

Crashes (51):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets Title
ci-upstream-kmsan-gce-386 2022/01/05 02:54 https://github.com/google/kmsan.git master 81c325bbf94e 0a2584dd .config console log report syz C KMSAN: uninit-value in ax25cmp
ci-upstream-kmsan-gce-386 2022/09/21 07:04 https://github.com/google/kmsan.git master 523d2ce66d07 c4b8ccfd .config console log report info [disk image] [vmlinux] KMSAN: uninit-value in ax25cmp
ci-upstream-kmsan-gce-386 2022/09/16 11:15 https://github.com/google/kmsan.git master 8f4ae27df775 dd9a85ff .config console log report info [disk image] [vmlinux] KMSAN: uninit-value in ax25cmp
ci-upstream-kmsan-gce-386 2022/07/18 03:59 https://github.com/google/kmsan.git master 97117d69c353 95cb00d1 .config console log report info KMSAN: uninit-value in ax25cmp
ci-upstream-kmsan-gce-386 2022/06/25 14:58 https://github.com/google/kmsan.git master 4b28366af7d9 a371c43c .config console log report info KMSAN: uninit-value in ax25cmp
ci-upstream-kmsan-gce-386 2022/06/25 09:45 https://github.com/google/kmsan.git master 4b28366af7d9 a371c43c .config console log report info KMSAN: uninit-value in ax25cmp
ci-upstream-kmsan-gce-386 2022/06/14 11:37 https://github.com/google/kmsan.git master 2f3064574275 0f087040 .config console log report info KMSAN: uninit-value in ax25cmp
ci-upstream-kmsan-gce-386 2022/05/23 05:50 https://github.com/google/kmsan.git master c5c93da9af13 7268fa62 .config console log report info KMSAN: uninit-value in ax25cmp
ci-upstream-kmsan-gce-386 2022/05/21 12:26 https://github.com/google/kmsan.git master c5c93da9af13 7268fa62 .config console log report info KMSAN: uninit-value in ax25cmp
ci-upstream-kmsan-gce-386 2022/05/15 17:48 https://github.com/google/kmsan.git master d6e2c8c7eb40 744a39e2 .config console log report info KMSAN: uninit-value in ax25cmp
ci-upstream-kmsan-gce-386 2022/05/15 17:32 https://github.com/google/kmsan.git master d6e2c8c7eb40 744a39e2 .config console log report info KMSAN: uninit-value in ax25cmp
ci-upstream-kmsan-gce-386 2022/05/14 16:13 https://github.com/google/kmsan.git master d6e2c8c7eb40 744a39e2 .config console log report info KMSAN: uninit-value in ax25cmp
ci-upstream-kmsan-gce-386 2022/05/14 16:12 https://github.com/google/kmsan.git master d6e2c8c7eb40 744a39e2 .config console log report info KMSAN: uninit-value in ax25cmp
ci-upstream-kmsan-gce-386 2022/05/13 22:42 https://github.com/google/kmsan.git master d6e2c8c7eb40 107f6434 .config console log report info KMSAN: uninit-value in ax25cmp
ci-upstream-kmsan-gce-386 2022/05/11 08:01 https://github.com/google/kmsan.git master d6e2c8c7eb40 8d7b3b67 .config console log report info KMSAN: uninit-value in ax25cmp
ci-upstream-kmsan-gce-386 2022/04/27 09:47 https://github.com/google/kmsan.git master d6e2c8c7eb40 1fa34c1b .config console log report info KMSAN: uninit-value in ax25cmp
ci-upstream-kmsan-gce-386 2022/04/20 08:40 https://github.com/google/kmsan.git master 33d9269ef6e0 7d7bc738 .config console log report info KMSAN: uninit-value in ax25cmp
ci-upstream-kmsan-gce-386 2022/04/14 20:43 https://github.com/google/kmsan.git master 33d9269ef6e0 b17b2923 .config console log report info KMSAN: uninit-value in ax25cmp
ci-upstream-kmsan-gce-386 2022/03/30 18:12 https://github.com/google/kmsan.git master 1978a14f70af 42718dd6 .config console log report info KMSAN: uninit-value in ax25cmp
ci-upstream-kmsan-gce-386 2022/03/30 17:22 https://github.com/google/kmsan.git master 1978a14f70af 42718dd6 .config console log report info KMSAN: uninit-value in ax25cmp
ci-upstream-kmsan-gce-386 2022/03/30 17:22 https://github.com/google/kmsan.git master 1978a14f70af 42718dd6 .config console log report info KMSAN: uninit-value in ax25cmp
ci-upstream-kmsan-gce-386 2022/03/30 06:46 https://github.com/google/kmsan.git master 1978a14f70af 6bdac766 .config console log report info KMSAN: uninit-value in ax25cmp
ci-upstream-kmsan-gce-386 2022/02/05 01:43 https://github.com/google/kmsan.git master 85cfd6e539bd e13a05ed .config console log report info KMSAN: uninit-value in ax25cmp
ci-upstream-kmsan-gce-386 2022/02/01 07:02 https://github.com/google/kmsan.git master 85cfd6e539bd 6b7c57fe .config console log report info KMSAN: uninit-value in ax25cmp
ci-upstream-kmsan-gce-386 2022/02/01 06:51 https://github.com/google/kmsan.git master 85cfd6e539bd 6b7c57fe .config console log report info KMSAN: uninit-value in ax25cmp
ci-upstream-kmsan-gce-386 2022/01/30 11:15 https://github.com/google/kmsan.git master 85cfd6e539bd 495e00c5 .config console log report info KMSAN: uninit-value in ax25cmp
ci-upstream-kmsan-gce-386 2022/01/27 10:03 https://github.com/google/kmsan.git master 85cfd6e539bd 2cbffd88 .config console log report info KMSAN: uninit-value in ax25cmp
ci-upstream-kmsan-gce-386 2022/01/27 09:54 https://github.com/google/kmsan.git master 85cfd6e539bd 2cbffd88 .config console log report info KMSAN: uninit-value in ax25cmp
ci-upstream-kmsan-gce-386 2022/01/27 07:29 https://github.com/google/kmsan.git master 85cfd6e539bd 2cbffd88 .config console log report info KMSAN: uninit-value in ax25cmp
ci-upstream-kmsan-gce-386 2022/01/27 07:29 https://github.com/google/kmsan.git master 85cfd6e539bd 2cbffd88 .config console log report info KMSAN: uninit-value in ax25cmp
ci-upstream-kmsan-gce-386 2022/01/27 07:29 https://github.com/google/kmsan.git master 85cfd6e539bd 2cbffd88 .config console log report info KMSAN: uninit-value in ax25cmp
ci-upstream-kmsan-gce-386 2022/01/26 10:41 https://github.com/google/kmsan.git master 85cfd6e539bd 2cbffd88 .config console log report info KMSAN: uninit-value in ax25cmp
ci-upstream-kmsan-gce-386 2022/01/22 01:46 https://github.com/google/kmsan.git master 85cfd6e539bd 214351e1 .config console log report info KMSAN: uninit-value in ax25cmp
ci-upstream-kmsan-gce-386 2022/01/21 11:31 https://github.com/google/kmsan.git master 85cfd6e539bd ab3d9f17 .config console log report info KMSAN: uninit-value in ax25cmp
ci-upstream-kmsan-gce-386 2022/01/21 11:21 https://github.com/google/kmsan.git master 85cfd6e539bd ab3d9f17 .config console log report info KMSAN: uninit-value in ax25cmp
ci-upstream-kmsan-gce-386 2022/01/20 03:35 https://github.com/google/kmsan.git master fa3879a274df 5da9499f .config console log report info KMSAN: uninit-value in ax25cmp
ci-upstream-kmsan-gce-386 2022/01/20 02:56 https://github.com/google/kmsan.git master fa3879a274df 5da9499f .config console log report info KMSAN: uninit-value in ax25cmp
ci-upstream-kmsan-gce-386 2022/01/09 16:37 https://github.com/google/kmsan.git master 81c325bbf94e 2ca0d385 .config console log report info KMSAN: uninit-value in ax25cmp
ci-upstream-kmsan-gce-386 2022/01/08 21:06 https://github.com/google/kmsan.git master 81c325bbf94e 2ca0d385 .config console log report info KMSAN: uninit-value in ax25cmp
ci-upstream-kmsan-gce-386 2022/01/08 14:59 https://github.com/google/kmsan.git master 81c325bbf94e 2ca0d385 .config console log report info KMSAN: uninit-value in ax25cmp
ci-upstream-kmsan-gce-386 2022/01/06 00:26 https://github.com/google/kmsan.git master 81c325bbf94e 6acc789a .config console log report info KMSAN: uninit-value in ax25cmp
ci-upstream-kmsan-gce-386 2022/01/05 02:21 https://github.com/google/kmsan.git master 81c325bbf94e 0a2584dd .config console log report info KMSAN: uninit-value in ax25cmp
ci-upstream-kmsan-gce-386 2022/01/03 11:35 https://github.com/google/kmsan.git master 81c325bbf94e e1768e9c .config console log report info KMSAN: uninit-value in ax25cmp
ci-upstream-kmsan-gce-386 2021/12/21 20:28 https://github.com/google/kmsan.git master 81c325bbf94e a938f0b8 .config console log report info KMSAN: uninit-value in ax25cmp
ci-upstream-kmsan-gce-386 2021/12/19 00:11 https://github.com/google/kmsan.git master b0a8b5053e8b 44068e19 .config console log report info KMSAN: uninit-value in ax25cmp
ci-upstream-kmsan-gce-386 2021/12/18 12:27 https://github.com/google/kmsan.git master b0a8b5053e8b 44068e19 .config console log report info KMSAN: uninit-value in ax25cmp
ci-upstream-kmsan-gce-386 2021/12/18 12:22 https://github.com/google/kmsan.git master b0a8b5053e8b 44068e19 .config console log report info KMSAN: uninit-value in ax25cmp
ci-upstream-kmsan-gce 2022/03/21 01:03 https://github.com/google/kmsan.git master 97c7732c2bb6 e2d91b1d .config console log report info KMSAN: uninit-value in INET_ECN_decapsulate
* Struck through repros no longer work on HEAD.