syzbot

 sign-in | mailing list | source | docs
🐞 Open [976] Subsystems 🐞 Fixed [5235] 🐞 Invalid [12491] Missing Backports [83] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

KMSAN: uninit-value in unix_find_other

Status: fixed on 2020/11/16 12:12
Subsystems: net
[Documentation on labels]
Reported-by: syzbot+75d51fe5bf4ebe988518@syzkaller.appspotmail.com
Fix commit: 7ca1db21ef8e net: 9p: initialize sun_server.sun_path to have addr's value only when addr is valid
First crash: 2115d, last: 1298d
Discussions (17)
Title Replies (including bot) Last reply
[PATCH 4.19 000/191] 4.19.155-rc1 review 218 (218) 2020/11/18 18:02
[PATCH 4.4 00/86] 4.4.242-rc1 review 91 (91) 2020/11/10 10:36
[PATCH 4.9 000/117] 4.9.242-rc1 review 121 (121) 2020/11/10 10:27
[PATCH AUTOSEL 4.19 01/60] powerpc/powernv/smp: Fix spurious DBG() warning 62 (62) 2020/11/06 05:26
[PATCH AUTOSEL 5.9 001/147] powerpc/vmemmap: Fix memory leak with vmemmap list allocation failures. 154 (154) 2020/11/05 21:18
[PATCH 5.9 000/391] 5.9.4-rc1 review 406 (406) 2020/11/05 16:26
[PATCH 5.4 000/214] 5.4.75-rc1 review 219 (219) 2020/11/04 17:50
[PATCH 4.14 000/125] 4.14.204-rc1 review 129 (129) 2020/11/04 17:49
[PATCH AUTOSEL 5.4 01/80] powerpc/powernv/smp: Fix spurious DBG() warning 81 (81) 2020/10/27 12:01
[PATCH AUTOSEL 5.8 001/132] powerpc/powernv/smp: Fix spurious DBG() warning 133 (133) 2020/10/27 11:40
[PATCH AUTOSEL 4.4 01/25] powerpc/powernv/smp: Fix spurious DBG() warning 25 (25) 2020/10/27 00:11
[PATCH AUTOSEL 4.9 01/30] powerpc/powernv/smp: Fix spurious DBG() warning 30 (30) 2020/10/27 00:10
[PATCH AUTOSEL 4.14 01/46] powerpc/powernv/smp: Fix spurious DBG() warning 46 (46) 2020/10/27 00:09
[PATCH net] net: 9p: initialize sun_server.sun_path to have addr's value only when addr is valid 4 (4) 2020/10/12 10:40
Reminder: 18 open syzbot bugs in "fs/9p" subsystem 1 (1) 2019/07/24 01:46
Reminder: 18 open syzbot bugs in "fs/9p" subsystem 1 (1) 2019/07/02 06:29
KMSAN: uninit-value in unix_find_other 1 (2) 2018/07/09 05:59
Last patch testing requests (4)
Created Duration User Patch Repo Result
2020/10/11 14:47 16m anant.thazhemadam@gmail.com patch https://github.com/google/kmsan.git master OK
2020/10/11 10:26 15m anant.thazhemadam@gmail.com https://github.com/google/kmsan.git master report log
2020/09/26 02:19 9m anant.thazhemadam@gmail.com https://github.com/google/kmsan.git master report log
2020/09/25 23:34 16m anant.thazhemadam@gmail.com patch https://github.com/google/kmsan.git master OK

Sample crash report:
random: sshd: uninitialized urandom read (32 bytes read)
random: sshd: uninitialized urandom read (32 bytes read)
random: sshd: uninitialized urandom read (32 bytes read)
random: sshd: uninitialized urandom read (32 bytes read)
==================================================================
BUG: KMSAN: uninit-value in __unix_find_socket_byname net/unix/af_unix.c:280 [inline]
BUG: KMSAN: uninit-value in unix_find_socket_byname net/unix/af_unix.c:303 [inline]
BUG: KMSAN: uninit-value in unix_find_other+0x315/0xc60 net/unix/af_unix.c:932
CPU: 1 PID: 4574 Comm: syz-executor354 Not tainted 4.17.0+ #22
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x185/0x1d0 lib/dump_stack.c:113
 kmsan_report+0x188/0x2a0 mm/kmsan/kmsan.c:990
 __msan_warning_32+0x70/0xc0 mm/kmsan/kmsan_instr.c:640
 __unix_find_socket_byname net/unix/af_unix.c:280 [inline]
 unix_find_socket_byname net/unix/af_unix.c:303 [inline]
 unix_find_other+0x315/0xc60 net/unix/af_unix.c:932
 unix_stream_connect+0x84e/0x26b0 net/unix/af_unix.c:1241
 p9_fd_create_unix+0x36b/0x5f0 net/9p/trans_fd.c:1019
 p9_client_create+0x1333/0x20e0 net/9p/client.c:1065
 v9fs_session_init+0x313/0x2830 fs/9p/v9fs.c:405
 v9fs_mount+0x107/0x11b0 fs/9p/vfs_super.c:135
 mount_fs+0x29b/0x780 fs/super.c:1277
 vfs_kern_mount+0x222/0x990 fs/namespace.c:1037
 do_new_mount fs/namespace.c:2518 [inline]
 do_mount+0xca5/0x4ed0 fs/namespace.c:2848
 ksys_mount+0x32e/0x3d0 fs/namespace.c:3064
 __do_sys_mount fs/namespace.c:3078 [inline]
 __se_sys_mount fs/namespace.c:3075 [inline]
 __x64_sys_mount+0x157/0x1c0 fs/namespace.c:3075
 do_syscall_64+0x15b/0x230 arch/x86/entry/common.c:287
 entry_SYSCALL_64_after_hwframe+0x63/0xe7
RIP: 0033:0x4400d9
RSP: 002b:00007fff30dec578 EFLAGS: 00000217 ORIG_RAX: 00000000000000a5
RAX: ffffffffffffffda RBX: 0030656c69662f2e RCX: 00000000004400d9
RDX: 00000000200000c0 RSI: 0000000020000040 RDI: 0000000020000000
RBP: 00000000006ca018 R08: 0000000020000100 R09: 00000000004002c8
R10: 0000000000000000 R11: 0000000000000217 R12: 0000000000401960
R13: 00000000004019f0 R14: 0000000000000000 R15: 0000000000000000

Local variable description: ----sun_server@p9_fd_create_unix
Variable was created at:
 p9_fd_create_unix+0x7a/0x5f0 net/9p/trans_fd.c:996
 p9_client_create+0x1333/0x20e0 net/9p/client.c:1065
==================================================================

Crashes (57):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2018/07/09 02:33 https://github.com/google/kmsan.git master a00de5aa4da3 f25e5770 .config console log report syz C ci-upstream-kmsan-gce
2018/07/10 11:51 https://github.com/google/kmsan.git master 85c225c088f5 9fa03fa5 .config console log report ci-upstream-kmsan-gce
2018/07/09 21:01 https://github.com/google/kmsan.git master 85c225c088f5 f25e5770 .config console log report ci-upstream-kmsan-gce
2018/07/08 21:41 https://github.com/google/kmsan.git master a00de5aa4da3 f25e5770 .config console log report ci-upstream-kmsan-gce
2020/10/02 14:24 https://github.com/google/kmsan.git master 5edb1df295b9 9602ddf4 .config console log report info ci-upstream-kmsan-gce-386
2020/09/30 05:57 https://github.com/google/kmsan.git master 5edb1df295b9 5abc3f1a .config console log report info ci-upstream-kmsan-gce-386
2020/09/27 15:39 https://github.com/google/kmsan.git master c5a13b33ec11 5dd8aee8 .config console log report info ci-upstream-kmsan-gce-386
2020/09/27 04:22 https://github.com/google/kmsan.git master c5a13b33ec11 2d5ea0cb .config console log report info ci-upstream-kmsan-gce-386
2020/09/23 09:06 https://github.com/google/kmsan.git master c5a13b33ec11 3e8f6c27 .config console log report info ci-upstream-kmsan-gce-386
2020/09/13 01:33 https://github.com/google/kmsan.git master 3b3ea6028136 ce441f06 .config console log report ci-upstream-kmsan-gce-386
2020/09/11 01:18 https://github.com/google/kmsan.git master 3b3ea6028136 409809d8 .config console log report ci-upstream-kmsan-gce-386
2020/09/09 04:31 https://github.com/google/kmsan.git master 3b3ea6028136 abf9ba4f .config console log report ci-upstream-kmsan-gce-386
2020/09/07 19:20 https://github.com/google/kmsan.git master 3b3ea6028136 abf9ba4f .config console log report ci-upstream-kmsan-gce-386
2020/09/06 11:14 https://github.com/google/kmsan.git master 3b3ea6028136 abf9ba4f .config console log report ci-upstream-kmsan-gce-386
2020/09/04 21:37 https://github.com/google/kmsan.git master 3b3ea6028136 abf9ba4f .config console log report ci-upstream-kmsan-gce-386
2020/08/23 01:46 https://github.com/google/kmsan.git master ce8056d1f79e 1da71ab0 .config console log report ci-upstream-kmsan-gce-386
2020/08/17 19:59 https://github.com/google/kmsan.git master ce8056d1f79e 424dd8e7 .config console log report ci-upstream-kmsan-gce-386
2020/08/14 18:34 https://github.com/google/kmsan.git master ce8056d1f79e 424dd8e7 .config console log report ci-upstream-kmsan-gce-386
2020/08/06 18:11 https://github.com/google/kmsan.git master 93f54a72361a 1f122f88 .config console log report ci-upstream-kmsan-gce-386
2020/08/06 17:58 https://github.com/google/kmsan.git master 93f54a72361a 1f122f88 .config console log report ci-upstream-kmsan-gce-386
2020/08/06 17:48 https://github.com/google/kmsan.git master 93f54a72361a 1f122f88 .config console log report ci-upstream-kmsan-gce-386
2020/07/23 08:48 https://github.com/google/kmsan.git master 93f54a72361a 340ea530 .config console log report ci-upstream-kmsan-gce-386
2020/07/19 11:02 https://github.com/google/kmsan.git master 14525656779e 9c812472 .config console log report ci-upstream-kmsan-gce-386
2020/07/12 06:31 https://github.com/google/kmsan.git master f0d5ec902b23 18d18b59 .config console log report ci-upstream-kmsan-gce-386
2020/06/30 15:57 https://github.com/google/kmsan.git master f0d5ec902b23 a2cdad9d .config console log report ci-upstream-kmsan-gce-386
2020/06/26 22:18 https://github.com/google/kmsan.git master f0d5ec902b23 aea82c00 .config console log report ci-upstream-kmsan-gce-386
2020/06/26 22:11 https://github.com/google/kmsan.git master f0d5ec902b23 aea82c00 .config console log report ci-upstream-kmsan-gce-386
2020/06/26 22:04 https://github.com/google/kmsan.git master f0d5ec902b23 aea82c00 .config console log report ci-upstream-kmsan-gce-386
2020/06/26 22:00 https://github.com/google/kmsan.git master f0d5ec902b23 aea82c00 .config console log report ci-upstream-kmsan-gce-386
2020/06/26 18:21 https://github.com/google/kmsan.git master f0d5ec902b23 aea82c00 .config console log report ci-upstream-kmsan-gce-386
2020/06/18 22:46 https://github.com/google/kmsan.git master f0d5ec902b23 d45a4d69 .config console log report ci-upstream-kmsan-gce-386
2020/06/15 04:54 https://github.com/google/kmsan.git master f0d5ec902b23 2a22c77a .config console log report ci-upstream-kmsan-gce-386
2020/06/14 15:20 https://github.com/google/kmsan.git master f0d5ec902b23 2a22c77a .config console log report ci-upstream-kmsan-gce-386
2020/06/10 00:03 https://github.com/google/kmsan.git master f0d5ec902b23 092934c1 .config console log report ci-upstream-kmsan-gce-386
2020/06/09 23:49 https://github.com/google/kmsan.git master f0d5ec902b23 092934c1 .config console log report ci-upstream-kmsan-gce-386
2020/06/09 23:43 https://github.com/google/kmsan.git master f0d5ec902b23 092934c1 .config console log report ci-upstream-kmsan-gce-386
2020/06/08 22:13 https://github.com/google/kmsan.git master f0d5ec902b23 7604bb03 .config console log report ci-upstream-kmsan-gce-386
2020/06/08 21:53 https://github.com/google/kmsan.git master f0d5ec902b23 7604bb03 .config console log report ci-upstream-kmsan-gce-386
2020/06/06 14:51 https://github.com/google/kmsan.git master f0d5ec902b23 e6b89e4e .config console log report ci-upstream-kmsan-gce-386
2020/06/06 14:42 https://github.com/google/kmsan.git master f0d5ec902b23 e6b89e4e .config console log report ci-upstream-kmsan-gce-386
2020/06/06 14:00 https://github.com/google/kmsan.git master f0d5ec902b23 e6b89e4e .config console log report ci-upstream-kmsan-gce-386
2020/06/06 13:38 https://github.com/google/kmsan.git master f0d5ec902b23 e6b89e4e .config console log report ci-upstream-kmsan-gce-386
2020/06/06 13:35 https://github.com/google/kmsan.git master f0d5ec902b23 e6b89e4e .config console log report ci-upstream-kmsan-gce-386
2020/06/06 13:29 https://github.com/google/kmsan.git master f0d5ec902b23 e6b89e4e .config console log report ci-upstream-kmsan-gce-386
2020/06/06 13:29 https://github.com/google/kmsan.git master f0d5ec902b23 e6b89e4e .config console log report ci-upstream-kmsan-gce-386
2020/06/06 13:29 https://github.com/google/kmsan.git master f0d5ec902b23 e6b89e4e .config console log report ci-upstream-kmsan-gce-386
2020/06/05 17:32 https://github.com/google/kmsan.git master f0d5ec902b23 2420d1bc .config console log report ci-upstream-kmsan-gce-386
2020/06/05 16:08 https://github.com/google/kmsan.git master f0d5ec902b23 2420d1bc .config console log report ci-upstream-kmsan-gce-386
2020/05/19 02:37 https://github.com/google/kmsan.git master 8b97c6271626 684d3606 .config console log report ci-upstream-kmsan-gce-386
2020/05/02 03:45 https://github.com/google/kmsan.git master bfa90a4a3f3f bc734e7a .config console log report ci-upstream-kmsan-gce-386
2020/04/30 20:19 https://github.com/google/kmsan.git master bfa90a4a3f3f 3698959a .config console log report ci-upstream-kmsan-gce-386
2020/04/28 20:22 https://github.com/google/kmsan.git master bfa90a4a3f3f e3ecea2e .config console log report ci-upstream-kmsan-gce-386
2020/04/08 12:02 https://github.com/google/kmsan.git master 75303409203b db9bcd4b .config console log report ci-upstream-kmsan-gce-386
2020/03/15 12:21 https://github.com/google/kmsan.git master 8bbbc5cf3dca 749688d2 .config console log report ci-upstream-kmsan-gce-386
2020/03/07 00:53 https://github.com/google/kmsan.git master 8bbbc5cf3dca fd2a5f28 .config console log report ci-upstream-kmsan-gce-386
* Struck through repros no longer work on HEAD.