syzbot

 sign-in | mailing list | source | docs
🐞 Open [987] Subsystems 🐞 Fixed [5236] 🐞 Invalid [12505] Missing Backports [83] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

KMSAN: uninit-value in __request_module (3)

Status: fixed on 2020/02/18 14:31
Subsystems: kernel
[Documentation on labels]
Fix commit: 36d79af7fb59 net-backports: net_sched: use validated TCA_KIND attribute in tc_new_tfilter()
First crash: 1567d, last: 1528d
Similar bugs (3)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KMSAN: uninit-value in __request_module (4) kernel 3 1378d 1393d 0/26 auto-closed as invalid on 2020/11/13 14:58
upstream KMSAN: uninit-value in __request_module kernel C 13 1663d 1683d 13/26 fixed on 2019/10/15 23:40
upstream KMSAN: uninit-value in __request_module (2) kernel 3 1588d 1600d 15/26 fixed on 2020/01/08 01:07

Sample crash report:
IPVS: ftp: loaded support on port[0] = 21
netlink: 4 bytes leftover after parsing attributes in process `syz-executor362'.
=====================================================
BUG: KMSAN: uninit-value in string_nocheck lib/vsprintf.c:608 [inline]
BUG: KMSAN: uninit-value in string+0x522/0x690 lib/vsprintf.c:689
CPU: 0 PID: 10971 Comm: syz-executor362 Not tainted 5.5.0-rc5-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x1c9/0x220 lib/dump_stack.c:118
 kmsan_report+0xf7/0x1e0 mm/kmsan/kmsan_report.c:118
 __msan_warning+0x58/0xa0 mm/kmsan/kmsan_instr.c:215
 string_nocheck lib/vsprintf.c:608 [inline]
 string+0x522/0x690 lib/vsprintf.c:689
 vsnprintf+0x207d/0x31b0 lib/vsprintf.c:2574
 __request_module+0x2ad/0x11c0 kernel/kmod.c:143
 tcf_proto_lookup_ops+0x241/0x720 net/sched/cls_api.c:139
 tcf_proto_create net/sched/cls_api.c:262 [inline]
 tc_new_tfilter+0x2a4e/0x5010 net/sched/cls_api.c:2058
 rtnetlink_rcv_msg+0xcb7/0x1570 net/core/rtnetlink.c:5415
 netlink_rcv_skb+0x451/0x650 net/netlink/af_netlink.c:2477
 rtnetlink_rcv+0x50/0x60 net/core/rtnetlink.c:5442
 netlink_unicast_kernel net/netlink/af_netlink.c:1302 [inline]
 netlink_unicast+0xf9e/0x1100 net/netlink/af_netlink.c:1328
 netlink_sendmsg+0x1248/0x14d0 net/netlink/af_netlink.c:1917
 sock_sendmsg_nosec net/socket.c:639 [inline]
 sock_sendmsg net/socket.c:659 [inline]
 ____sys_sendmsg+0x12b6/0x1350 net/socket.c:2330
 ___sys_sendmsg net/socket.c:2384 [inline]
 __sys_sendmsg+0x451/0x5f0 net/socket.c:2417
 __do_sys_sendmsg net/socket.c:2426 [inline]
 __se_sys_sendmsg+0x97/0xb0 net/socket.c:2424
 __x64_sys_sendmsg+0x4a/0x70 net/socket.c:2424
 do_syscall_64+0xb8/0x160 arch/x86/entry/common.c:296
 entry_SYSCALL_64_after_hwframe+0x44/0xa9
RIP: 0033:0x440c59
Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b 10 fc ff c3 66 2e 0f 1f 84 00 00 00 00
RSP: 002b:00007ffd16db4888 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
RAX: ffffffffffffffda RBX: 00000000004a24f0 RCX: 0000000000440c59
RDX: 0000000000000000 RSI: 00000000200001c0 RDI: 0000000000000003
RBP: 00000000004a24f0 R08: 0000000120080522 R09: 0000000120080522
R10: 0000000120080522 R11: 0000000000000246 R12: 0000000000402160
R13: 00000000004021f0 R14: 0000000000000000 R15: 0000000000000000

Uninit was created at:
 kmsan_save_stack_with_flags mm/kmsan/kmsan.c:144 [inline]
 kmsan_internal_poison_shadow+0x66/0xd0 mm/kmsan/kmsan.c:127
 kmsan_slab_alloc+0x8a/0xe0 mm/kmsan/kmsan_hooks.c:82
 slab_alloc_node mm/slub.c:2774 [inline]
 __kmalloc_node_track_caller+0xb40/0x1200 mm/slub.c:4382
 __kmalloc_reserve net/core/skbuff.c:141 [inline]
 __alloc_skb+0x2fd/0xac0 net/core/skbuff.c:209
 alloc_skb include/linux/skbuff.h:1049 [inline]
 netlink_alloc_large_skb net/netlink/af_netlink.c:1174 [inline]
 netlink_sendmsg+0x7d3/0x14d0 net/netlink/af_netlink.c:1892
 sock_sendmsg_nosec net/socket.c:639 [inline]
 sock_sendmsg net/socket.c:659 [inline]
 ____sys_sendmsg+0x12b6/0x1350 net/socket.c:2330
 ___sys_sendmsg net/socket.c:2384 [inline]
 __sys_sendmsg+0x451/0x5f0 net/socket.c:2417
 __do_sys_sendmsg net/socket.c:2426 [inline]
 __se_sys_sendmsg+0x97/0xb0 net/socket.c:2424
 __x64_sys_sendmsg+0x4a/0x70 net/socket.c:2424
 do_syscall_64+0xb8/0x160 arch/x86/entry/common.c:296
 entry_SYSCALL_64_after_hwframe+0x44/0xa9
=====================================================

Crashes (58):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2020/01/21 12:43 https://github.com/google/kmsan.git master 686a4f77cb0c 8eda0b95 .config console log report syz C ci-upstream-kmsan-gce
2020/02/17 22:49 https://github.com/google/kmsan.git master 686a4f77cb0c 2b411596 .config console log report ci-upstream-kmsan-gce
2020/02/17 14:56 https://github.com/google/kmsan.git master 686a4f77cb0c 2b411596 .config console log report ci-upstream-kmsan-gce
2020/02/16 14:34 https://github.com/google/kmsan.git master 686a4f77cb0c cf914200 .config console log report ci-upstream-kmsan-gce
2020/02/16 04:09 https://github.com/google/kmsan.git master 686a4f77cb0c 5d7b90f1 .config console log report ci-upstream-kmsan-gce
2020/02/15 13:51 https://github.com/google/kmsan.git master 686a4f77cb0c 5d7b90f1 .config console log report ci-upstream-kmsan-gce
2020/02/15 08:47 https://github.com/google/kmsan.git master 686a4f77cb0c 5d7b90f1 .config console log report ci-upstream-kmsan-gce
2020/02/15 07:44 https://github.com/google/kmsan.git master 686a4f77cb0c 5d7b90f1 .config console log report ci-upstream-kmsan-gce
2020/02/14 18:44 https://github.com/google/kmsan.git master 686a4f77cb0c 5d7b90f1 .config console log report ci-upstream-kmsan-gce
2020/02/13 19:15 https://github.com/google/kmsan.git master 686a4f77cb0c c5ed587f .config console log report ci-upstream-kmsan-gce
2020/02/13 04:33 https://github.com/google/kmsan.git master 686a4f77cb0c 84f4fc8a .config console log report ci-upstream-kmsan-gce
2020/02/13 01:01 https://github.com/google/kmsan.git master 686a4f77cb0c 84f4fc8a .config console log report ci-upstream-kmsan-gce
2020/02/12 21:59 https://github.com/google/kmsan.git master 686a4f77cb0c 84f4fc8a .config console log report ci-upstream-kmsan-gce
2020/02/11 20:33 https://github.com/google/kmsan.git master 686a4f77cb0c 4d1ab643 .config console log report ci-upstream-kmsan-gce
2020/02/09 15:01 https://github.com/google/kmsan.git master 686a4f77cb0c 6ece2ea5 .config console log report ci-upstream-kmsan-gce
2020/02/07 05:29 https://github.com/google/kmsan.git master 686a4f77cb0c 06150bf1 .config console log report ci-upstream-kmsan-gce
2020/02/06 23:30 https://github.com/google/kmsan.git master 686a4f77cb0c c91cbc9d .config console log report ci-upstream-kmsan-gce
2020/02/06 21:21 https://github.com/google/kmsan.git master 686a4f77cb0c c91cbc9d .config console log report ci-upstream-kmsan-gce
2020/02/06 16:52 https://github.com/google/kmsan.git master 686a4f77cb0c c91cbc9d .config console log report ci-upstream-kmsan-gce
2020/02/06 06:09 https://github.com/google/kmsan.git master 686a4f77cb0c 662cf49a .config console log report ci-upstream-kmsan-gce
2020/02/05 11:56 https://github.com/google/kmsan.git master 686a4f77cb0c 93e5e335 .config console log report ci-upstream-kmsan-gce
2020/02/05 07:43 https://github.com/google/kmsan.git master 686a4f77cb0c 93e5e335 .config console log report ci-upstream-kmsan-gce
2020/02/05 05:42 https://github.com/google/kmsan.git master 686a4f77cb0c 93e5e335 .config console log report ci-upstream-kmsan-gce
2020/02/04 02:23 https://github.com/google/kmsan.git master 686a4f77cb0c 93e5e335 .config console log report ci-upstream-kmsan-gce
2020/02/04 02:11 https://github.com/google/kmsan.git master 686a4f77cb0c 93e5e335 .config console log report ci-upstream-kmsan-gce
2020/02/03 05:57 https://github.com/google/kmsan.git master 686a4f77cb0c 93e5e335 .config console log report ci-upstream-kmsan-gce
2020/02/02 20:12 https://github.com/google/kmsan.git master 686a4f77cb0c 93e5e335 .config console log report ci-upstream-kmsan-gce
2020/02/02 10:12 https://github.com/google/kmsan.git master 686a4f77cb0c 2274ad39 .config console log report ci-upstream-kmsan-gce
2020/02/02 09:08 https://github.com/google/kmsan.git master 686a4f77cb0c 2274ad39 .config console log report ci-upstream-kmsan-gce
2020/02/01 05:36 https://github.com/google/kmsan.git master 686a4f77cb0c c30117b2 .config console log report ci-upstream-kmsan-gce
2020/02/01 01:34 https://github.com/google/kmsan.git master 686a4f77cb0c c30117b2 .config console log report ci-upstream-kmsan-gce
2020/01/31 17:14 https://github.com/google/kmsan.git master 686a4f77cb0c 5ed23f9a .config console log report ci-upstream-kmsan-gce
2020/01/31 06:22 https://github.com/google/kmsan.git master 686a4f77cb0c 5ed23f9a .config console log report ci-upstream-kmsan-gce
2020/01/30 15:27 https://github.com/google/kmsan.git master 686a4f77cb0c 5ed23f9a .config console log report ci-upstream-kmsan-gce
2020/01/30 12:10 https://github.com/google/kmsan.git master 686a4f77cb0c 5ed23f9a .config console log report ci-upstream-kmsan-gce
2020/01/30 11:34 https://github.com/google/kmsan.git master 686a4f77cb0c 5ed23f9a .config console log report ci-upstream-kmsan-gce
2020/01/30 06:36 https://github.com/google/kmsan.git master 686a4f77cb0c 5ed23f9a .config console log report ci-upstream-kmsan-gce
2020/01/29 09:23 https://github.com/google/kmsan.git master 686a4f77cb0c c8e81ce4 .config console log report ci-upstream-kmsan-gce
2020/01/28 04:36 https://github.com/google/kmsan.git master 686a4f77cb0c 56cd6c9b .config console log report ci-upstream-kmsan-gce
2020/01/27 11:31 https://github.com/google/kmsan.git master 686a4f77cb0c dd56146d .config console log report ci-upstream-kmsan-gce
2020/01/27 07:55 https://github.com/google/kmsan.git master 686a4f77cb0c dd56146d .config console log report ci-upstream-kmsan-gce
2020/01/26 13:46 https://github.com/google/kmsan.git master 686a4f77cb0c f4e7270e .config console log report ci-upstream-kmsan-gce
2020/01/26 13:38 https://github.com/google/kmsan.git master 686a4f77cb0c f4e7270e .config console log report ci-upstream-kmsan-gce
2020/01/26 12:25 https://github.com/google/kmsan.git master 686a4f77cb0c f4e7270e .config console log report ci-upstream-kmsan-gce
2020/01/26 05:23 https://github.com/google/kmsan.git master 686a4f77cb0c f4e7270e .config console log report ci-upstream-kmsan-gce
2020/01/26 01:01 https://github.com/google/kmsan.git master 686a4f77cb0c f4e7270e .config console log report ci-upstream-kmsan-gce
2020/01/25 20:15 https://github.com/google/kmsan.git master 686a4f77cb0c 2e95ab33 .config console log report ci-upstream-kmsan-gce
2020/01/25 09:03 https://github.com/google/kmsan.git master 686a4f77cb0c 2e95ab33 .config console log report ci-upstream-kmsan-gce
2020/01/25 08:32 https://github.com/google/kmsan.git master 686a4f77cb0c 2e95ab33 .config console log report ci-upstream-kmsan-gce
2020/01/25 03:20 https://github.com/google/kmsan.git master 686a4f77cb0c 2e95ab33 .config console log report ci-upstream-kmsan-gce
2020/01/24 12:29 https://github.com/google/kmsan.git master 686a4f77cb0c 2e95ab33 .config console log report ci-upstream-kmsan-gce
2020/01/23 17:26 https://github.com/google/kmsan.git master 686a4f77cb0c 3334d684 .config console log report ci-upstream-kmsan-gce
2020/01/21 10:37 https://github.com/google/kmsan.git master 686a4f77cb0c 8eda0b95 .config console log report ci-upstream-kmsan-gce
2020/01/21 03:38 https://github.com/google/kmsan.git master 686a4f77cb0c d2557fb5 .config console log report ci-upstream-kmsan-gce
2020/01/20 07:34 https://github.com/google/kmsan.git master 686a4f77cb0c 0342f8c7 .config console log report ci-upstream-kmsan-gce
2020/01/09 20:43 https://github.com/google/kmsan.git master 178db004661b 4de4e9f0 .config console log report ci-upstream-kmsan-gce
* Struck through repros no longer work on HEAD.