syzbot


KASAN: wild-memory-access Read in copyout

Status: auto-closed as invalid on 2021/07/03 03:34
Subsystems: net
[Documentation on labels]
First crash: 1100d, last: 1087d
Similar bugs (1)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KMSAN: kernel-infoleak in copyout (2) net C 6723 322d 1490d 22/26 fixed on 2023/06/08 14:41

Sample crash report:
==================================================================
BUG: KASAN: wild-memory-access in instrument_copy_to_user include/linux/instrumented.h:118 [inline]
BUG: KASAN: wild-memory-access in copyout.part.0+0xd7/0x110 lib/iov_iter.c:145
Read of size 64 at addr 108548c02b4b095e by task syz-fuzzer/8417

CPU: 1 PID: 8417 Comm: syz-fuzzer Not tainted 5.12.0-rc7-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:79 [inline]
 dump_stack+0x141/0x1d7 lib/dump_stack.c:120
 __kasan_report mm/kasan/report.c:403 [inline]
 kasan_report.cold+0x5f/0xd8 mm/kasan/report.c:416
 check_region_inline mm/kasan/generic.c:180 [inline]
 kasan_check_range+0x13d/0x180 mm/kasan/generic.c:186
 instrument_copy_to_user include/linux/instrumented.h:118 [inline]
 copyout.part.0+0xd7/0x110 lib/iov_iter.c:145
 copyout lib/iov_iter.c:621 [inline]
 _copy_to_iter+0x28a/0xf80 lib/iov_iter.c:621
 copy_to_iter include/linux/uio.h:137 [inline]
 simple_copy_to_iter+0x4c/0x70 net/core/datagram.c:519
 __skb_datagram_iter+0x4a7/0x770 net/core/datagram.c:448
 skb_copy_datagram_iter+0x40/0x50 net/core/datagram.c:533
 skb_copy_datagram_msg include/linux/skbuff.h:3602 [inline]
 tcp_recvmsg_locked+0x1048/0x22f0 net/ipv4/tcp.c:2472
 tcp_recvmsg+0x134/0x550 net/ipv4/tcp.c:2550
 inet_recvmsg+0x11b/0x5d0 net/ipv4/af_inet.c:852
 sock_recvmsg_nosec net/socket.c:888 [inline]
 sock_recvmsg net/socket.c:906 [inline]
 sock_recvmsg net/socket.c:902 [inline]
 sock_read_iter+0x33c/0x470 net/socket.c:979
 call_read_iter include/linux/fs.h:1971 [inline]
 new_sync_read+0x5b7/0x6e0 fs/read_write.c:415
 vfs_read+0x35c/0x570 fs/read_write.c:496
 ksys_read+0x1ee/0x250 fs/read_write.c:634
 do_syscall_64+0x2d/0x70 arch/x86/entry/common.c:46
 entry_SYSCALL_64_after_hwframe+0x44/0xae
RIP: 0033:0x4af19b
Code: fb ff eb bd e8 a6 b6 fb ff e9 61 ff ff ff cc e8 9b 82 fb ff 48 8b 7c 24 10 48 8b 74 24 18 48 8b 54 24 20 48 8b 44 24 08 0f 05 <48> 3d 01 f0 ff ff 76 20 48 c7 44 24 28 ff ff ff ff 48 c7 44 24 30
RSP: 002b:000000c00003b828 EFLAGS: 00000212 ORIG_RAX: 0000000000000000
RAX: ffffffffffffffda RBX: 000000c00001c000 RCX: 00000000004af19b
RDX: 0000000000001000 RSI: 000000c000066000 RDI: 0000000000000006
RBP: 000000c00003b878 R08: 0000000000000001 R09: 0000000000000002
R10: 0000000000005f07 R11: 0000000000000212 R12: 0000000000005f03
R13: 0000000000000400 R14: 0000000000000004 R15: 0000000000000002
==================================================================

Crashes (726):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2021/04/23 20:52 net-next-old cad4162a90ae 17f0b706 .config console log report info ci-upstream-net-kasan-gce KASAN: wild-memory-access Read in copyout
2021/05/04 03:30 linux-next e3d35712f85a ad61f371 .config console log report info ci-upstream-linux-next-kasan-gce-root KASAN: wild-memory-access Read in copyout
2021/05/04 02:01 linux-next e3d35712f85a ad61f371 .config console log report info ci-upstream-linux-next-kasan-gce-root KASAN: wild-memory-access Read in copyout
2021/05/04 00:52 linux-next e3d35712f85a ad61f371 .config console log report info ci-upstream-linux-next-kasan-gce-root KASAN: wild-memory-access Read in copyout
2021/05/03 23:33 linux-next e3d35712f85a ad61f371 .config console log report info ci-upstream-linux-next-kasan-gce-root KASAN: wild-memory-access Read in copyout
2021/05/03 21:30 linux-next e3d35712f85a ad61f371 .config console log report info ci-upstream-linux-next-kasan-gce-root KASAN: wild-memory-access Read in copyout
2021/05/03 18:33 linux-next e3d35712f85a ad61f371 .config console log report info ci-upstream-linux-next-kasan-gce-root KASAN: wild-memory-access Read in copyout
2021/05/03 17:22 linux-next e3d35712f85a ad61f371 .config console log report info ci-upstream-linux-next-kasan-gce-root KASAN: wild-memory-access Read in copyout
2021/05/03 13:25 linux-next e3d35712f85a 77e2b668 .config console log report info ci-upstream-linux-next-kasan-gce-root KASAN: wild-memory-access Read in copyout
2021/05/03 11:57 linux-next e3d35712f85a 77e2b668 .config console log report info ci-upstream-linux-next-kasan-gce-root KASAN: wild-memory-access Read in copyout
2021/05/03 10:17 linux-next e3d35712f85a 77e2b668 .config console log report info ci-upstream-linux-next-kasan-gce-root KASAN: wild-memory-access Read in copyout
2021/05/03 09:31 linux-next e3d35712f85a 77e2b668 .config console log report info ci-upstream-linux-next-kasan-gce-root KASAN: wild-memory-access Read in copyout
2021/05/03 07:18 linux-next e3d35712f85a 77e2b668 .config console log report info ci-upstream-linux-next-kasan-gce-root KASAN: wild-memory-access Read in copyout
2021/05/03 05:45 linux-next e3d35712f85a 77e2b668 .config console log report info ci-upstream-linux-next-kasan-gce-root KASAN: wild-memory-access Read in copyout
2021/05/03 04:16 linux-next e3d35712f85a 77e2b668 .config console log report info ci-upstream-linux-next-kasan-gce-root KASAN: wild-memory-access Read in copyout
2021/05/03 02:39 linux-next e3d35712f85a 77e2b668 .config console log report info ci-upstream-linux-next-kasan-gce-root KASAN: wild-memory-access Read in copyout
2021/05/03 01:35 linux-next e3d35712f85a 77e2b668 .config console log report info ci-upstream-linux-next-kasan-gce-root KASAN: wild-memory-access Read in copyout
2021/05/02 23:48 linux-next e3d35712f85a 77e2b668 .config console log report info ci-upstream-linux-next-kasan-gce-root KASAN: wild-memory-access Read in copyout
2021/05/02 23:03 linux-next e3d35712f85a 77e2b668 .config console log report info ci-upstream-linux-next-kasan-gce-root KASAN: wild-memory-access Read in copyout
2021/05/02 21:34 linux-next e3d35712f85a 77e2b668 .config console log report info ci-upstream-linux-next-kasan-gce-root KASAN: wild-memory-access Read in copyout
2021/05/02 20:31 linux-next e3d35712f85a 77e2b668 .config console log report info ci-upstream-linux-next-kasan-gce-root KASAN: wild-memory-access Read in copyout
2021/05/02 18:28 linux-next e3d35712f85a 77e2b668 .config console log report info ci-upstream-linux-next-kasan-gce-root KASAN: wild-memory-access Read in copyout
2021/05/02 17:11 linux-next e3d35712f85a 77e2b668 .config console log report info ci-upstream-linux-next-kasan-gce-root KASAN: wild-memory-access Read in copyout
2021/05/02 16:10 linux-next e3d35712f85a 77e2b668 .config console log report info ci-upstream-linux-next-kasan-gce-root KASAN: wild-memory-access Read in copyout
2021/05/02 14:55 linux-next e3d35712f85a 77e2b668 .config console log report info ci-upstream-linux-next-kasan-gce-root KASAN: wild-memory-access Read in copyout
2021/05/02 14:09 linux-next e3d35712f85a 77e2b668 .config console log report info ci-upstream-linux-next-kasan-gce-root KASAN: wild-memory-access Read in copyout
2021/05/02 12:42 linux-next e3d35712f85a 77e2b668 .config console log report info ci-upstream-linux-next-kasan-gce-root KASAN: wild-memory-access Read in copyout
2021/05/02 11:40 linux-next e3d35712f85a 77e2b668 .config console log report info ci-upstream-linux-next-kasan-gce-root KASAN: wild-memory-access Read in copyout
2021/05/02 10:01 linux-next e3d35712f85a 77e2b668 .config console log report info ci-upstream-linux-next-kasan-gce-root KASAN: wild-memory-access Read in copyout
2021/05/02 08:57 linux-next e3d35712f85a 77e2b668 .config console log report info ci-upstream-linux-next-kasan-gce-root KASAN: wild-memory-access Read in copyout
2021/05/02 06:25 linux-next e3d35712f85a 77e2b668 .config console log report info ci-upstream-linux-next-kasan-gce-root KASAN: wild-memory-access Read in copyout
2021/05/02 05:07 linux-next e3d35712f85a 77e2b668 .config console log report info ci-upstream-linux-next-kasan-gce-root KASAN: wild-memory-access Read in copyout
2021/05/02 03:21 linux-next e3d35712f85a 77e2b668 .config console log report info ci-upstream-linux-next-kasan-gce-root KASAN: wild-memory-access Read in copyout
2021/05/02 02:03 linux-next e3d35712f85a 77e2b668 .config console log report info ci-upstream-linux-next-kasan-gce-root KASAN: wild-memory-access Read in copyout
2021/05/02 01:01 linux-next e3d35712f85a 77e2b668 .config console log report info ci-upstream-linux-next-kasan-gce-root KASAN: wild-memory-access Read in copyout
2021/05/01 23:30 linux-next e3d35712f85a 77e2b668 .config console log report info ci-upstream-linux-next-kasan-gce-root KASAN: wild-memory-access Read in copyout
2021/05/01 20:29 linux-next e3d35712f85a 77e2b668 .config console log report info ci-upstream-linux-next-kasan-gce-root KASAN: wild-memory-access Read in copyout
2021/05/01 18:09 linux-next e3d35712f85a 77e2b668 .config console log report info ci-upstream-linux-next-kasan-gce-root KASAN: wild-memory-access Read in copyout
2021/05/01 16:40 linux-next e3d35712f85a 77e2b668 .config console log report info ci-upstream-linux-next-kasan-gce-root KASAN: wild-memory-access Read in copyout
2021/05/01 14:52 linux-next e3d35712f85a 77e2b668 .config console log report info ci-upstream-linux-next-kasan-gce-root KASAN: wild-memory-access Read in copyout
2021/05/01 14:17 linux-next e3d35712f85a 77e2b668 .config console log report info ci-upstream-linux-next-kasan-gce-root KASAN: wild-memory-access Read in copyout
2021/05/01 13:07 linux-next e3d35712f85a 77e2b668 .config console log report info ci-upstream-linux-next-kasan-gce-root KASAN: wild-memory-access Read in copyout
2021/05/01 11:40 linux-next e3d35712f85a 77e2b668 .config console log report info ci-upstream-linux-next-kasan-gce-root KASAN: wild-memory-access Read in copyout
2021/05/01 10:28 linux-next e3d35712f85a 77e2b668 .config console log report info ci-upstream-linux-next-kasan-gce-root KASAN: wild-memory-access Read in copyout
2021/05/01 09:10 linux-next e3d35712f85a 77e2b668 .config console log report info ci-upstream-linux-next-kasan-gce-root KASAN: wild-memory-access Read in copyout
* Struck through repros no longer work on HEAD.