KMSAN: uninit-value in br_mdb_ip

Title	Replies (including bot)	Last reply
KASAN: use-after-free Read in br_mdb_ip_get	8 (9)	2019/05/31 11:31
KMSAN: uninit-value in br_mdb_ip_get	2 (3)	2019/05/31 11:28

================================================================== BUG: KMSAN: uninit-value in __rhashtable_lookup include/linux/rhashtable.h:505 [inline] BUG: KMSAN: uninit-value in rhashtable_lookup include/linux/rhashtable.h:534 [inline] BUG: KMSAN: uninit-value in br_mdb_ip_get+0x52b/0x740 net/bridge/br_multicast.c:99 CPU: 0 PID: 9 Comm: ksoftirqd/0 Not tainted 5.1.0-rc2+ #20 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x173/0x1d0 lib/dump_stack.c:113 kmsan_report+0x131/0x2a0 mm/kmsan/kmsan.c:624 __msan_warning+0x7a/0xf0 mm/kmsan/kmsan_instr.c:310 __rhashtable_lookup include/linux/rhashtable.h:505 [inline] rhashtable_lookup include/linux/rhashtable.h:534 [inline] br_mdb_ip_get+0x52b/0x740 net/bridge/br_multicast.c:99 br_multicast_new_group+0xa7/0x1640 net/bridge/br_multicast.c:469 br_multicast_add_group+0x23f/0xf40 net/bridge/br_multicast.c:554 br_ip4_multicast_add_group net/bridge/br_multicast.c:608 [inline] br_ip4_multicast_igmp3_report net/bridge/br_multicast.c:974 [inline] br_multicast_ipv4_rcv net/bridge/br_multicast.c:1631 [inline] br_multicast_rcv+0x5049/0x8030 net/bridge/br_multicast.c:1741 br_handle_frame_finish+0x692/0x1bc0 net/bridge/br_input.c:108 br_nf_hook_thresh net/bridge/br_netfilter_hooks.c:1005 [inline] br_nf_pre_routing_finish+0x188d/0x2500 net/bridge/br_netfilter_hooks.c:410 NF_HOOK include/linux/netfilter.h:289 [inline] br_nf_pre_routing+0x1655/0x17a0 net/bridge/br_netfilter_hooks.c:506 nf_hook_entry_hookfn include/linux/netfilter.h:119 [inline] nf_hook_slow+0x176/0x3d0 net/netfilter/core.c:511 nf_hook include/linux/netfilter.h:244 [inline] NF_HOOK include/linux/netfilter.h:287 [inline] br_handle_frame+0xe4e/0x2020 net/bridge/br_input.c:305 __netif_receive_skb_core+0x1edd/0x5030 net/core/dev.c:4902 __netif_receive_skb_one_core net/core/dev.c:4971 [inline] __netif_receive_skb net/core/dev.c:5083 [inline] process_backlog+0x683/0x10e0 net/core/dev.c:5923 napi_poll net/core/dev.c:6346 [inline] net_rx_action+0x78b/0x1a60 net/core/dev.c:6412 __do_softirq+0x53f/0x93a kernel/softirq.c:294 run_ksoftirqd+0x26/0x50 kernel/softirq.c:659 smpboot_thread_fn+0x4d0/0x9f0 kernel/smpboot.c:164 kthread+0x4a1/0x4e0 kernel/kthread.c:254 ret_from_fork+0x35/0x40 arch/x86/entry/entry_64.S:355 Local variable description: ----br_group.i.i@br_multicast_rcv Variable was created at: br_multicast_rcv+0x1f2/0x8030 net/bridge/br_multicast.c:1730 br_handle_frame_finish+0x692/0x1bc0 net/bridge/br_input.c:108 ==================================================================

Crashes (5):
Time	Kernel	Commit	Syzkaller	Config	Log	Report	Manager
2019/03/28 12:26	https://github.com/google/kmsan.git master	35def5ce9fa7	f94f56fe	.config	console log	report	ci-upstream-kmsan-gce
2019/01/11 16:14	https://github.com/google/kmsan.git master	02f2d5aea531	c3f3344c	.config	console log	report	ci-upstream-kmsan-gce
2019/01/11 14:12	https://github.com/google/kmsan.git master	02f2d5aea531	c3f3344c	.config	console log	report	ci-upstream-kmsan-gce
2019/01/11 08:59	https://github.com/google/kmsan.git master	02f2d5aea531	80dde172	.config	console log	report	ci-upstream-kmsan-gce
2019/01/11 02:28	https://github.com/google/kmsan.git master	02f2d5aea531	80dde172	.config	console log	report	ci-upstream-kmsan-gce

Crashes (5):

Assets (help?)