syzbot

 sign-in | mailing list | source | docs
🐞 Open [1159] 🐞 Fixed [4315] 🐞 Invalid [9651] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes

KMSAN: uninit-value in IP6_ECN_decapsulate

Status: upstream: reported C repro on 2018/09/20 20:54
Reported-by: syzbot+bf7e6250c7ce248f3ec9@syzkaller.appspotmail.com
First crash: 1691d, last: 44d
similar bugs (3):
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KMSAN: uninit-value in hsr_register_frame_in C 195 231d 1450d 0/24 upstream: reported C repro on 2019/02/11 21:53
upstream KMSAN: uninit-value in aes_encrypt (4) C 6 69d 874d 0/24 upstream: reported C repro on 2020/09/10 14:09
upstream KMSAN: kernel-infoleak in _copy_to_iter (7) btrfs ntfs3 erofs udf C 135779 1h56m 329d 23/24 internal: reported C repro on 2022/03/09 07:32
Last patch testing requests:
Created Duration User Patch Repo Result
2022/12/19 03:31 15m retest repro https://github.com/google/kmsan.git master report log

Sample crash report:
=====================================================
BUG: KMSAN: uninit-value in ip_tunnel_rcv+0x13fb/0x3a40
 ip_tunnel_rcv+0x13fb/0x3a40
 __ipgre_rcv+0xaf0/0xe50
 gre_rcv+0x4ca/0x1e50
 gre_rcv+0x323/0x420
 ip_protocol_deliver_rcu+0x643/0xe30
 ip_local_deliver_finish+0x36c/0x500
 ip_local_deliver+0x34c/0x590
 ip_rcv+0x5b2/0x840
 __netif_receive_skb+0x1f1/0x640
 netif_receive_skb_internal+0x1b7/0x3d0
 netif_receive_skb+0x4d/0x360
 tun_rx_batched+0xa93/0xd00
 tun_get_user+0x4344/0x4e90
 tun_chr_write_iter+0x459/0x610
 vfs_write+0x10ab/0x1d40
 ksys_write+0x28f/0x510
 __x64_sys_write+0xdb/0x120
 do_syscall_64+0x3d/0xb0
 entry_SYSCALL_64_after_hwframe+0x44/0xae

Uninit was created at:
 __alloc_pages+0x8ae/0x1040
 alloc_pages+0x98c/0xca0
 skb_page_frag_refill+0x35f/0x8f0
 tun_build_skb+0x244/0x19c0
 tun_get_user+0x1055/0x4e90
 tun_chr_write_iter+0x459/0x610
 vfs_write+0x10ab/0x1d40
 ksys_write+0x28f/0x510
 __x64_sys_write+0xdb/0x120
 do_syscall_64+0x3d/0xb0
 entry_SYSCALL_64_after_hwframe+0x44/0xae

CPU: 1 PID: 3508 Comm: syz-executor343 Not tainted 5.18.0-syzkaller-16253-g2f3064574275 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
=====================================================

Crashes (311):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets Title
ci-upstream-kmsan-gce 2022/06/13 20:33 https://github.com/google/kmsan.git master 2f3064574275 0d5abf15 .config strace log report syz C KMSAN: uninit-value in ip_tunnel_rcv
ci-upstream-kmsan-gce 2018/06/17 13:07 https://github.com/google/kmsan.git master 88e0e95b30f1 27c5f59f .config console log report syz C
ci-upstream-kmsan-gce 2018/06/16 08:29 https://github.com/google/kmsan.git master 88e0e95b30f1 27c5f59f .config console log report syz
ci-upstream-kmsan-gce 2022/09/10 02:53 https://github.com/google/kmsan.git master 4367d178d9eb 356d8217 .config console log report info KMSAN: uninit-value in IP6_ECN_decapsulate
ci-upstream-kmsan-gce 2022/08/02 06:02 https://github.com/google/kmsan.git master 97117d69c353 fef302b1 .config console log report info KMSAN: uninit-value in IP6_ECN_decapsulate
ci-upstream-kmsan-gce 2022/07/22 08:09 https://github.com/google/kmsan.git master 97117d69c353 5e6028b9 .config console log report info KMSAN: uninit-value in IP6_ECN_decapsulate
ci-upstream-kmsan-gce 2022/04/19 11:26 https://github.com/google/kmsan.git master 33d9269ef6e0 c334415e .config console log report info KMSAN: uninit-value in IP6_ECN_decapsulate
ci-upstream-kmsan-gce 2022/04/18 15:15 https://github.com/google/kmsan.git master 33d9269ef6e0 8bcc32a6 .config console log report info KMSAN: uninit-value in IP6_ECN_decapsulate
ci-upstream-kmsan-gce 2022/04/17 20:11 https://github.com/google/kmsan.git master 33d9269ef6e0 8bcc32a6 .config console log report info KMSAN: uninit-value in IP6_ECN_decapsulate
ci-upstream-kmsan-gce 2022/04/17 09:31 https://github.com/google/kmsan.git master 33d9269ef6e0 8bcc32a6 .config console log report info KMSAN: uninit-value in IP6_ECN_decapsulate
ci-upstream-kmsan-gce 2022/04/16 22:27 https://github.com/google/kmsan.git master 33d9269ef6e0 8bcc32a6 .config console log report info KMSAN: uninit-value in IP6_ECN_decapsulate
ci-upstream-kmsan-gce 2022/04/16 07:24 https://github.com/google/kmsan.git master 33d9269ef6e0 8bcc32a6 .config console log report info KMSAN: uninit-value in IP6_ECN_decapsulate
ci-upstream-kmsan-gce 2022/04/15 17:42 https://github.com/google/kmsan.git master 33d9269ef6e0 8bcc32a6 .config console log report info KMSAN: uninit-value in IP6_ECN_decapsulate
ci-upstream-kmsan-gce 2022/01/30 12:54 https://github.com/google/kmsan.git master 85cfd6e539bd 495e00c5 .config console log report info KMSAN: uninit-value in IP6_ECN_decapsulate
ci-upstream-kmsan-gce 2021/02/11 04:10 https://github.com/google/kmsan.git master 73d62e81b476 a52ee10a .config console log report info KMSAN: uninit-value in IP6_ECN_decapsulate
ci-upstream-kmsan-gce 2022/06/13 19:32 https://github.com/google/kmsan.git master 2f3064574275 0d5abf15 .config console log report info KMSAN: uninit-value in ip_tunnel_rcv
ci-upstream-kmsan-gce 2021/01/14 05:26 https://github.com/google/kmsan.git master 73d62e81b476 269d24e8 .config console log report info
ci-upstream-kmsan-gce 2021/01/10 07:44 https://github.com/google/kmsan.git master 73d62e81b476 2c1f2513 .config console log report info
ci-upstream-kmsan-gce 2020/09/20 17:58 https://github.com/google/kmsan.git master c5a13b33ec11 9564d2e9 .config console log report info
ci-upstream-kmsan-gce 2020/09/11 16:19 https://github.com/google/kmsan.git master 3b3ea6028136 adfb8b4e .config console log report
ci-upstream-kmsan-gce 2020/09/10 17:52 https://github.com/google/kmsan.git master 3b3ea6028136 409809d8 .config console log report
ci-upstream-kmsan-gce 2020/09/03 01:54 https://github.com/google/kmsan.git master 3b3ea6028136 abf9ba4f .config console log report
ci-upstream-kmsan-gce 2020/08/23 16:54 https://github.com/google/kmsan.git master ce8056d1f79e cef5ae68 .config console log report
ci-upstream-kmsan-gce 2020/08/23 03:41 https://github.com/google/kmsan.git master ce8056d1f79e 1da71ab0 .config console log report
ci-upstream-kmsan-gce 2020/08/22 17:47 https://github.com/google/kmsan.git master ce8056d1f79e 6436ce4b .config console log report
ci-upstream-kmsan-gce 2020/08/22 13:33 https://github.com/google/kmsan.git master ce8056d1f79e 6436ce4b .config console log report
ci-upstream-kmsan-gce 2020/08/21 02:31 https://github.com/google/kmsan.git master ce8056d1f79e 1d75fe45 .config console log report
ci-upstream-kmsan-gce 2020/08/19 10:35 https://github.com/google/kmsan.git master ce8056d1f79e e1c29030 .config console log report
ci-upstream-kmsan-gce 2020/08/17 07:28 https://github.com/google/kmsan.git master ce8056d1f79e 424dd8e7 .config console log report
ci-upstream-kmsan-gce 2020/08/17 02:54 https://github.com/google/kmsan.git master ce8056d1f79e 424dd8e7 .config console log report
ci-upstream-kmsan-gce 2020/08/17 02:24 https://github.com/google/kmsan.git master ce8056d1f79e 424dd8e7 .config console log report
ci-upstream-kmsan-gce 2020/08/14 19:57 https://github.com/google/kmsan.git master ce8056d1f79e 424dd8e7 .config console log report
ci-upstream-kmsan-gce 2020/08/13 17:32 https://github.com/google/kmsan.git master ce8056d1f79e bc15f7db .config console log report
ci-upstream-kmsan-gce 2020/06/08 00:52 https://github.com/google/kmsan.git master f0d5ec902b23 2c2b926c .config console log report
ci-upstream-kmsan-gce 2020/05/23 00:20 https://github.com/google/kmsan.git master 8b97c6271626 9682898d .config console log report
ci-upstream-kmsan-gce 2018/06/16 04:24 https://github.com/google/kmsan.git master 88e0e95b30f1 27c5f59f .config console log report
ci-upstream-kmsan-gce-386 2021/01/17 03:13 https://github.com/google/kmsan.git master 73d62e81b476 65a7a854 .config console log report info
ci-upstream-kmsan-gce-386 2021/01/10 08:45 https://github.com/google/kmsan.git master 73d62e81b476 2c1f2513 .config console log report info
ci-upstream-kmsan-gce-386 2020/09/09 08:42 https://github.com/google/kmsan.git master 3b3ea6028136 abf9ba4f .config console log report
ci-upstream-kmsan-gce-386 2020/09/09 06:42 https://github.com/google/kmsan.git master 3b3ea6028136 abf9ba4f .config console log report
ci-upstream-kmsan-gce-386 2020/09/07 05:21 https://github.com/google/kmsan.git master 3b3ea6028136 abf9ba4f .config console log report
ci-upstream-kmsan-gce-386 2020/09/05 04:11 https://github.com/google/kmsan.git master 3b3ea6028136 abf9ba4f .config console log report
ci-upstream-kmsan-gce-386 2020/09/04 09:05 https://github.com/google/kmsan.git master 3b3ea6028136 abf9ba4f .config console log report
ci-upstream-kmsan-gce-386 2020/08/28 02:48 https://github.com/google/kmsan.git master ce8056d1f79e 816e0689 .config console log report
ci-upstream-kmsan-gce-386 2020/08/26 07:22 https://github.com/google/kmsan.git master ce8056d1f79e 344da168 .config console log report
ci-upstream-kmsan-gce-386 2020/08/26 04:13 https://github.com/google/kmsan.git master ce8056d1f79e 344da168 .config console log report
ci-upstream-kmsan-gce-386 2020/08/26 04:02 https://github.com/google/kmsan.git master ce8056d1f79e 344da168 .config console log report
ci-upstream-kmsan-gce-386 2020/08/24 23:40 https://github.com/google/kmsan.git master ce8056d1f79e 67b599d1 .config console log report
ci-upstream-kmsan-gce-386 2020/08/12 21:11 https://github.com/google/kmsan.git master ce8056d1f79e bc15f7db .config console log report
ci-upstream-kmsan-gce-386 2020/08/12 18:35 https://github.com/google/kmsan.git master ce8056d1f79e bc15f7db .config console log report
* Struck through repros no longer work on HEAD.