syzbot

 sign-in | mailing list | source | docs
🐞 Open [979] Subsystems 🐞 Fixed [5236] 🐞 Invalid [12499] Missing Backports [83] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

KMSAN: uninit-value in erspan_xmit

Status: closed as invalid on 2022/10/12 18:26
Subsystems: net
[Documentation on labels]
First crash: 1515d, last: 1013d
Last patch testing requests (1)
Created Duration User Patch Repo Result
2022/09/01 21:27 7m retest repro https://github.com/google/kmsan.git master error OK

Sample crash report:
=====================================================
BUG: KMSAN: uninit-value in erspan_build_header include/net/erspan.h:179 [inline]
BUG: KMSAN: uninit-value in erspan_xmit+0x1b65/0x2ae0 net/ipv4/ip_gre.c:669
CPU: 1 PID: 11469 Comm: syz-executor600 Not tainted 5.6.0-rc2-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x1c9/0x220 lib/dump_stack.c:118
 kmsan_report+0xf7/0x1e0 mm/kmsan/kmsan_report.c:118
 __msan_warning+0x58/0xa0 mm/kmsan/kmsan_instr.c:215
 erspan_build_header include/net/erspan.h:179 [inline]
 erspan_xmit+0x1b65/0x2ae0 net/ipv4/ip_gre.c:669
 __netdev_start_xmit include/linux/netdevice.h:4524 [inline]
 netdev_start_xmit include/linux/netdevice.h:4538 [inline]
 xmit_one net/core/dev.c:3470 [inline]
 dev_hard_start_xmit+0x531/0xab0 net/core/dev.c:3486
 sch_direct_xmit+0x512/0x18b0 net/sched/sch_generic.c:314
 __dev_xmit_skb net/core/dev.c:3671 [inline]
 __dev_queue_xmit+0x1fc3/0x4220 net/core/dev.c:4032
 dev_queue_xmit+0x4b/0x60 net/core/dev.c:4096
 __bpf_tx_skb net/core/filter.c:2061 [inline]
 __bpf_redirect_common net/core/filter.c:2100 [inline]
 __bpf_redirect+0x11d5/0x1440 net/core/filter.c:2107
 ____bpf_clone_redirect net/core/filter.c:2140 [inline]
 bpf_clone_redirect+0x466/0x620 net/core/filter.c:2112
 bpf_prog_79bab0a1566dd526+0xbd0/0x1000
 bpf_dispatcher_nopfunc include/linux/bpf.h:521 [inline]
 bpf_test_run+0x60c/0xe50 net/bpf/test_run.c:48
 bpf_prog_test_run_skb+0xcab/0x24a0 net/bpf/test_run.c:388
 bpf_prog_test_run kernel/bpf/syscall.c:2572 [inline]
 __do_sys_bpf+0xa684/0x13510 kernel/bpf/syscall.c:3414
 __se_sys_bpf kernel/bpf/syscall.c:3355 [inline]
 __ia32_sys_bpf+0xdb/0x120 kernel/bpf/syscall.c:3355
 do_syscall_32_irqs_on arch/x86/entry/common.c:339 [inline]
 do_fast_syscall_32+0x3c7/0x6e0 arch/x86/entry/common.c:410
 entry_SYSENTER_compat+0x68/0x77 arch/x86/entry/entry_64_compat.S:139
RIP: 0023:0xf7ff0d99
Code: 90 e8 0b 00 00 00 f3 90 0f ae e8 eb f9 8d 74 26 00 89 3c 24 c3 90 90 90 90 90 90 90 90 90 90 90 90 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
RSP: 002b:00000000ffbc489c EFLAGS: 00000246 ORIG_RAX: 0000000000000165
RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000020000140
RDX: 0000000000000040 RSI: 00000000f7ff028c RDI: 0000000000000004
RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000

Uninit was created at:
 kmsan_save_stack_with_flags mm/kmsan/kmsan.c:144 [inline]
 kmsan_internal_poison_shadow+0x66/0xd0 mm/kmsan/kmsan.c:127
 kmsan_slab_alloc+0x8a/0xe0 mm/kmsan/kmsan_hooks.c:82
 slab_alloc_node mm/slub.c:2793 [inline]
 __kmalloc_node_track_caller+0xb40/0x1200 mm/slub.c:4401
 __kmalloc_reserve net/core/skbuff.c:142 [inline]
 pskb_expand_head+0x20b/0x1b00 net/core/skbuff.c:1629
 __skb_cow include/linux/skbuff.h:3139 [inline]
 skb_cow_head include/linux/skbuff.h:3173 [inline]
 erspan_xmit+0xc60/0x2ae0 net/ipv4/ip_gre.c:659
 __netdev_start_xmit include/linux/netdevice.h:4524 [inline]
 netdev_start_xmit include/linux/netdevice.h:4538 [inline]
 xmit_one net/core/dev.c:3470 [inline]
 dev_hard_start_xmit+0x531/0xab0 net/core/dev.c:3486
 sch_direct_xmit+0x512/0x18b0 net/sched/sch_generic.c:314
 __dev_xmit_skb net/core/dev.c:3671 [inline]
 __dev_queue_xmit+0x1fc3/0x4220 net/core/dev.c:4032
 dev_queue_xmit+0x4b/0x60 net/core/dev.c:4096
 __bpf_tx_skb net/core/filter.c:2061 [inline]
 __bpf_redirect_common net/core/filter.c:2100 [inline]
 __bpf_redirect+0x11d5/0x1440 net/core/filter.c:2107
 ____bpf_clone_redirect net/core/filter.c:2140 [inline]
 bpf_clone_redirect+0x466/0x620 net/core/filter.c:2112
 bpf_prog_79bab0a1566dd526+0xbd0/0x1000
 bpf_dispatcher_nopfunc include/linux/bpf.h:521 [inline]
 bpf_test_run+0x60c/0xe50 net/bpf/test_run.c:48
 bpf_prog_test_run_skb+0xcab/0x24a0 net/bpf/test_run.c:388
 bpf_prog_test_run kernel/bpf/syscall.c:2572 [inline]
 __do_sys_bpf+0xa684/0x13510 kernel/bpf/syscall.c:3414
 __se_sys_bpf kernel/bpf/syscall.c:3355 [inline]
 __ia32_sys_bpf+0xdb/0x120 kernel/bpf/syscall.c:3355
 do_syscall_32_irqs_on arch/x86/entry/common.c:339 [inline]
 do_fast_syscall_32+0x3c7/0x6e0 arch/x86/entry/common.c:410
 entry_SYSENTER_compat+0x68/0x77 arch/x86/entry/entry_64_compat.S:139
=====================================================

Crashes (219):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2020/03/13 04:10 https://github.com/google/kmsan.git master 8bbbc5cf3dca d850e9d0 .config console log report syz C ci-upstream-kmsan-gce-386
2021/07/16 06:14 https://github.com/google/kmsan.git master 57b5797c8013 f115ae98 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in erspan_xmit
2021/07/07 12:52 https://github.com/google/kmsan.git master 57b5797c8013 4846d5c1 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in erspan_xmit
2021/07/04 08:20 https://github.com/google/kmsan.git master 57b5797c8013 55aa55c2 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in erspan_xmit
2021/07/01 23:29 https://github.com/google/kmsan.git master 57b5797c8013 658ebc66 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in erspan_xmit
2021/07/01 15:16 https://github.com/google/kmsan.git master 57b5797c8013 658ebc66 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in erspan_xmit
2021/06/27 00:05 https://github.com/google/kmsan.git master 57b5797c8013 9d2ab5df .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in erspan_xmit
2021/06/21 06:17 https://github.com/google/kmsan.git master 6a6a67f21dec aba2b2fb .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in erspan_xmit
2021/06/19 01:12 https://github.com/google/kmsan.git master bfeba8b4c158 aba2b2fb .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in erspan_xmit
2021/06/14 14:29 https://github.com/google/kmsan.git master 6099c9da2f7d 1ba81399 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in erspan_xmit
2021/06/11 23:06 https://github.com/google/kmsan.git master 6099c9da2f7d 1ba81399 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in erspan_xmit
2021/06/10 20:36 https://github.com/google/kmsan.git master 6099c9da2f7d 1ba81399 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in erspan_xmit
2021/06/09 21:30 https://github.com/google/kmsan.git master 6099c9da2f7d 84fe5d96 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in erspan_xmit
2021/06/05 16:45 https://github.com/google/kmsan.git master 6099c9da2f7d 500c2339 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in erspan_xmit
2021/05/31 23:27 https://github.com/google/kmsan.git master 6099c9da2f7d 032639db .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in erspan_xmit
2021/05/30 13:54 https://github.com/google/kmsan.git master 6099c9da2f7d 325a8dab .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in erspan_xmit
2021/05/29 08:23 https://github.com/google/kmsan.git master 6099c9da2f7d 858ea628 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in erspan_xmit
2021/05/29 02:41 https://github.com/google/kmsan.git master 6099c9da2f7d 858ea628 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in erspan_xmit
2021/05/29 02:26 https://github.com/google/kmsan.git master 6099c9da2f7d 858ea628 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in erspan_xmit
2021/05/28 23:23 https://github.com/google/kmsan.git master 6099c9da2f7d 858ea628 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in erspan_xmit
2021/05/24 09:25 https://github.com/google/kmsan.git master 6099c9da2f7d 3c7fef33 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in erspan_xmit
2021/05/21 22:36 https://github.com/google/kmsan.git master 6099c9da2f7d 3c7fef33 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in erspan_xmit
2021/05/21 12:19 https://github.com/google/kmsan.git master 6099c9da2f7d 3c7fef33 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in erspan_xmit
2021/05/21 11:02 https://github.com/google/kmsan.git master 6099c9da2f7d 3c7fef33 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in erspan_xmit
2021/05/18 05:56 https://github.com/google/kmsan.git master bdefec9ab855 a343ba6b .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in erspan_xmit
2021/05/16 23:03 https://github.com/google/kmsan.git master bdefec9ab855 f54a5c09 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in erspan_xmit
2021/05/16 19:23 https://github.com/google/kmsan.git master bdefec9ab855 f54a5c09 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in erspan_xmit
2021/05/16 15:42 https://github.com/google/kmsan.git master bdefec9ab855 f54a5c09 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in erspan_xmit
2021/05/15 00:38 https://github.com/google/kmsan.git master bdefec9ab855 8bdd5343 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in erspan_xmit
2021/05/13 09:55 https://github.com/google/kmsan.git master bdefec9ab855 ed7d41c5 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in erspan_xmit
2021/05/12 20:22 https://github.com/google/kmsan.git master bdefec9ab855 da958a4d .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in erspan_xmit
2021/05/12 18:14 https://github.com/google/kmsan.git master bdefec9ab855 da958a4d .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in erspan_xmit
2021/05/12 07:13 https://github.com/google/kmsan.git master bdefec9ab855 b3c3bb8e .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in erspan_xmit
2021/05/11 14:02 https://github.com/google/kmsan.git master 4ebaab5fb428 ca873091 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in erspan_xmit
2021/05/11 13:06 https://github.com/google/kmsan.git master 4ebaab5fb428 ca873091 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in erspan_xmit
2021/05/09 06:52 https://github.com/google/kmsan.git master 4ebaab5fb428 bc5434be .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in erspan_xmit
2021/05/09 05:28 https://github.com/google/kmsan.git master 4ebaab5fb428 bc5434be .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in erspan_xmit
2021/05/07 16:27 https://github.com/google/kmsan.git master 4ebaab5fb428 f6da8120 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in erspan_xmit
2021/05/04 14:42 https://github.com/google/kmsan.git master 4ebaab5fb428 09efdd63 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in erspan_xmit
2021/04/30 08:49 https://github.com/google/kmsan.git master 4ebaab5fb428 77e2b668 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in erspan_xmit
2021/04/29 23:56 https://github.com/google/kmsan.git master 4ebaab5fb428 77e2b668 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in erspan_xmit
2021/04/29 10:24 https://github.com/google/kmsan.git master 4ebaab5fb428 77e2b668 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in erspan_xmit
2021/04/29 05:02 https://github.com/google/kmsan.git master 4ebaab5fb428 77e2b668 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in erspan_xmit
2021/04/28 08:07 https://github.com/google/kmsan.git master 4ebaab5fb428 805b5003 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in erspan_xmit
2021/04/28 06:37 https://github.com/google/kmsan.git master 4ebaab5fb428 805b5003 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in erspan_xmit
2021/04/26 06:17 https://github.com/google/kmsan.git master 4ebaab5fb428 2a82f1b3 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in erspan_xmit
2021/04/25 17:47 https://github.com/google/kmsan.git master 4ebaab5fb428 36c88236 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in erspan_xmit
2021/04/25 03:41 https://github.com/google/kmsan.git master 4ebaab5fb428 17f0b706 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in erspan_xmit
2021/04/21 02:48 https://github.com/google/kmsan.git master 4ebaab5fb428 c0ced557 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in erspan_xmit
2021/01/15 15:33 https://github.com/google/kmsan.git master 73d62e81b476 65a7a854 .config console log report info ci-upstream-kmsan-gce-386
2020/03/01 06:34 https://github.com/google/kmsan.git master 8bbbc5cf3dca c88c7b75 .config console log report ci-upstream-kmsan-gce-386
* Struck through repros no longer work on HEAD.