KMSAN: uninit-value in tipc_sk

Kernel	Title	Repro	Cause bisect	Fix bisect	Count	Last	Reported	Patched	Status
upstream	KMSAN: kernel-infoleak in copyout (2) net	C			6723	322d	1491d	22/26	fixed on 2023/06/08 14:41
upstream	KMSAN: uninit-value in bcmp net	C	error	done	907	462d	1783d	22/26	fixed on 2023/02/24 13:50
upstream	KMSAN: kernel-infoleak in _copy_to_iter (7) net	C			138977	426d	778d	22/26	fixed on 2023/02/24 13:50
upstream	KMSAN: kernel-infoleak in _copy_to_iter (6) net	C			748	779d	868d	20/26	fixed on 2022/03/08 16:11

===================================================== BUG: KMSAN: uninit-value in rht_ptr_rcu include/linux/rhashtable.h:369 [inline] BUG: KMSAN: uninit-value in __rhashtable_lookup include/linux/rhashtable.h:599 [inline] BUG: KMSAN: uninit-value in rhashtable_lookup include/linux/rhashtable.h:638 [inline] BUG: KMSAN: uninit-value in tipc_sk_lookup+0x6ad/0xa10 net/tipc/socket.c:2995 rht_ptr_rcu include/linux/rhashtable.h:369 [inline] __rhashtable_lookup include/linux/rhashtable.h:599 [inline] rhashtable_lookup include/linux/rhashtable.h:638 [inline] tipc_sk_lookup+0x6ad/0xa10 net/tipc/socket.c:2995 tipc_sk_rcv+0x5db/0x2990 net/tipc/socket.c:2489 tipc_topsrv_kern_evt net/tipc/topsrv.c:616 [inline] tipc_conn_send_to_sock net/tipc/topsrv.c:283 [inline] tipc_conn_send_work+0x9de/0x1030 net/tipc/topsrv.c:303 process_one_work+0xdb9/0x1820 kernel/workqueue.c:2298 worker_thread+0x10bc/0x21f0 kernel/workqueue.c:2445 kthread+0x721/0x850 kernel/kthread.c:327 ret_from_fork+0x1f/0x30 Uninit was stored to memory at: msg_set_word net/tipc/msg.h:212 [inline] msg_set_destport net/tipc/msg.h:619 [inline] tipc_msg_create+0x8ad/0x920 net/tipc/msg.c:112 tipc_topsrv_kern_evt net/tipc/topsrv.c:607 [inline] tipc_conn_send_to_sock net/tipc/topsrv.c:283 [inline] tipc_conn_send_work+0x6d6/0x1030 net/tipc/topsrv.c:303 process_one_work+0xdb9/0x1820 kernel/workqueue.c:2298 worker_thread+0x10bc/0x21f0 kernel/workqueue.c:2445 kthread+0x721/0x850 kernel/kthread.c:327 ret_from_fork+0x1f/0x30 Uninit was stored to memory at: tipc_topsrv_queue_evt+0x3b9/0x770 net/tipc/topsrv.c:329 tipc_sub_send_event net/tipc/subscr.c:63 [inline] tipc_sub_report_overlap+0xab5/0xc80 net/tipc/subscr.c:102 tipc_service_insert_publ net/tipc/name_table.c:366 [inline] tipc_nametbl_insert_publ+0x2315/0x25e0 net/tipc/name_table.c:491 tipc_nametbl_publish+0x29a/0x5a0 net/tipc/name_table.c:776 tipc_sk_publish+0x36d/0x740 net/tipc/socket.c:2912 tipc_sk_join+0x6ef/0xa10 net/tipc/socket.c:3090 tipc_setsockopt+0xd3f/0x10c0 net/tipc/socket.c:3197 __sys_setsockopt+0x9d7/0xdc0 net/socket.c:2176 __do_sys_setsockopt net/socket.c:2187 [inline] __se_sys_setsockopt net/socket.c:2184 [inline] __ia32_sys_setsockopt+0x15d/0x1c0 net/socket.c:2184 do_syscall_32_irqs_on arch/x86/entry/common.c:114 [inline] __do_fast_syscall_32+0x96/0xf0 arch/x86/entry/common.c:180 do_fast_syscall_32+0x34/0x70 arch/x86/entry/common.c:205 do_SYSENTER_32+0x1b/0x20 arch/x86/entry/common.c:248 entry_SYSENTER_compat_after_hwframe+0x4d/0x5c Uninit was stored to memory at: tipc_sub_subscribe+0x4b7/0xc60 net/tipc/subscr.c:156 tipc_conn_rcv_sub+0x2d7/0x7e0 net/tipc/topsrv.c:375 tipc_topsrv_kern_subscr+0x44a/0x550 net/tipc/topsrv.c:579 tipc_group_create+0x65b/0x9b0 net/tipc/group.c:190 tipc_sk_join+0x392/0xa10 net/tipc/socket.c:3080 tipc_setsockopt+0xd3f/0x10c0 net/tipc/socket.c:3197 __sys_setsockopt+0x9d7/0xdc0 net/socket.c:2176 __do_sys_setsockopt net/socket.c:2187 [inline] __se_sys_setsockopt net/socket.c:2184 [inline] __ia32_sys_setsockopt+0x15d/0x1c0 net/socket.c:2184 do_syscall_32_irqs_on arch/x86/entry/common.c:114 [inline] __do_fast_syscall_32+0x96/0xf0 arch/x86/entry/common.c:180 do_fast_syscall_32+0x34/0x70 arch/x86/entry/common.c:205 do_SYSENTER_32+0x1b/0x20 arch/x86/entry/common.c:248 entry_SYSENTER_compat_after_hwframe+0x4d/0x5c Local variable sub created at: tipc_topsrv_kern_subscr+0xd9/0x550 net/tipc/topsrv.c:562 tipc_group_create+0x65b/0x9b0 net/tipc/group.c:190 CPU: 1 PID: 19621 Comm: kworker/u4:13 Not tainted 5.16.0-rc5-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Workqueue: tipc_send tipc_conn_send_work =====================================================

Crashes (8):
Time	Kernel	Commit	Syzkaller	Config	Log	Report	VM info	Manager	Title
2022/02/02 21:05	https://github.com/google/kmsan.git master	85cfd6e539bd	4ebb2798	.config	console log	report	info	ci-upstream-kmsan-gce-386	KMSAN: uninit-value in tipc_sk_lookup
2022/01/12 01:51	https://github.com/google/kmsan.git master	fa3879a274df	44d1319a	.config	console log	report	info	ci-upstream-kmsan-gce-386	KMSAN: uninit-value in tipc_sk_lookup
2021/12/29 06:03	https://github.com/google/kmsan.git master	81c325bbf94e	76c8cf06	.config	console log	report	info	ci-upstream-kmsan-gce-386	KMSAN: uninit-value in tipc_sk_lookup
2021/12/27 20:19	https://github.com/google/kmsan.git master	81c325bbf94e	5140bd58	.config	console log	report	info	ci-upstream-kmsan-gce-386	KMSAN: uninit-value in tipc_sk_lookup
2021/12/26 21:16	https://github.com/google/kmsan.git master	81c325bbf94e	e4f103c4	.config	console log	report	info	ci-upstream-kmsan-gce-386	KMSAN: uninit-value in tipc_sk_lookup
2021/12/21 19:27	https://github.com/google/kmsan.git master	81c325bbf94e	a938f0b8	.config	console log	report	info	ci-upstream-kmsan-gce-386	KMSAN: uninit-value in tipc_sk_lookup
2021/12/13 18:01	https://github.com/google/kmsan.git master	8b936c96768e	49ca1f59	.config	console log	report	info	ci-upstream-kmsan-gce-386	KMSAN: uninit-value in tipc_sk_lookup
2021/12/11 01:00	https://github.com/google/kmsan.git master	8b936c96768e	49ca1f59	.config	console log	report	info	ci-upstream-kmsan-gce-386	KMSAN: uninit-value in tipc_sk_lookup

Crashes (8):

Assets (help?)