syzbot

 sign-in | mailing list | source | docs
🐞 Open [971] 🐞 Fixed [3882] 🐞 Invalid [8372] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes

KMSAN: uninit-value in batadv_get_vid

Status: upstream: reported C repro on 2020/02/24 08:38
Reported-by: syzbot+0adb190024de0a0e265b@syzkaller.appspotmail.com
First crash: 866d, last: 6d07h
similar bugs (3):
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KMSAN: uninit-value in __skb_checksum_complete (5) C 112 32m 691d 0/22 upstream: reported C repro on 2020/08/14 15:09
upstream KMSAN: uninit-value in br_dev_xmit C 536 56d 863d 0/22 upstream: reported C repro on 2020/02/24 08:38
upstream KMSAN: uninit-value in eth_type_trans (2) C 1914 4h23m 896d 0/22 upstream: reported C repro on 2020/01/22 16:47

Sample crash report:
=====================================================
BUG: KMSAN: uninit-value in batadv_get_vid+0x1fd/0x340 net/batman-adv/main.c:650
CPU: 0 PID: 12317 Comm: syz-executor026 Not tainted 5.6.0-rc2-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x1c9/0x220 lib/dump_stack.c:118
 kmsan_report+0xf7/0x1e0 mm/kmsan/kmsan_report.c:118
 __msan_warning+0x58/0xa0 mm/kmsan/kmsan_instr.c:215
 batadv_get_vid+0x1fd/0x340 net/batman-adv/main.c:650
 batadv_interface_tx+0x30a/0x2450 net/batman-adv/soft-interface.c:212
 __netdev_start_xmit include/linux/netdevice.h:4524 [inline]
 netdev_start_xmit include/linux/netdevice.h:4538 [inline]
 xmit_one net/core/dev.c:3470 [inline]
 dev_hard_start_xmit+0x531/0xab0 net/core/dev.c:3486
 __dev_queue_xmit+0x37de/0x4220 net/core/dev.c:4063
 dev_queue_xmit+0x4b/0x60 net/core/dev.c:4096
 __bpf_tx_skb net/core/filter.c:2061 [inline]
 __bpf_redirect_common net/core/filter.c:2100 [inline]
 __bpf_redirect+0x11d5/0x1440 net/core/filter.c:2107
 ____bpf_clone_redirect net/core/filter.c:2140 [inline]
 bpf_clone_redirect+0x466/0x620 net/core/filter.c:2112
 bpf_prog_bb15b996d00816f9+0x7a4/0x1000
 bpf_dispatcher_nopfunc include/linux/bpf.h:521 [inline]
 bpf_test_run+0x60c/0xe50 net/bpf/test_run.c:48
 bpf_prog_test_run_skb+0xcab/0x24a0 net/bpf/test_run.c:388
 bpf_prog_test_run kernel/bpf/syscall.c:2572 [inline]
 __do_sys_bpf+0xa684/0x13510 kernel/bpf/syscall.c:3414
 __se_sys_bpf kernel/bpf/syscall.c:3355 [inline]
 __ia32_sys_bpf+0xdb/0x120 kernel/bpf/syscall.c:3355
 do_syscall_32_irqs_on arch/x86/entry/common.c:339 [inline]
 do_fast_syscall_32+0x3c7/0x6e0 arch/x86/entry/common.c:410
 entry_SYSENTER_compat+0x68/0x77 arch/x86/entry/entry_64_compat.S:139
RIP: 0023:0xf7fc8d99
Code: 90 e8 0b 00 00 00 f3 90 0f ae e8 eb f9 8d 74 26 00 89 3c 24 c3 90 90 90 90 90 90 90 90 90 90 90 90 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
RSP: 002b:00000000ff9adc0c EFLAGS: 00000246 ORIG_RAX: 0000000000000165
RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000020000280
RDX: 0000000000000040 RSI: 0000000000000000 RDI: 000000000000005b
RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000

Uninit was created at:
 kmsan_save_stack_with_flags mm/kmsan/kmsan.c:144 [inline]
 kmsan_internal_poison_shadow+0x66/0xd0 mm/kmsan/kmsan.c:127
 kmsan_slab_alloc+0x8a/0xe0 mm/kmsan/kmsan_hooks.c:82
 slab_alloc_node mm/slub.c:2793 [inline]
 __kmalloc_node_track_caller+0xb40/0x1200 mm/slub.c:4401
 __kmalloc_reserve net/core/skbuff.c:142 [inline]
 pskb_expand_head+0x20b/0x1b00 net/core/skbuff.c:1629
 skb_ensure_writable+0x3ea/0x490 net/core/skbuff.c:5453
 __bpf_try_make_writable net/core/filter.c:1635 [inline]
 bpf_try_make_writable net/core/filter.c:1641 [inline]
 bpf_try_make_head_writable net/core/filter.c:1649 [inline]
 ____bpf_clone_redirect net/core/filter.c:2134 [inline]
 bpf_clone_redirect+0x251/0x620 net/core/filter.c:2112
 bpf_prog_bb15b996d00816f9+0x7a4/0x1000
 bpf_dispatcher_nopfunc include/linux/bpf.h:521 [inline]
 bpf_test_run+0x60c/0xe50 net/bpf/test_run.c:48
 bpf_prog_test_run_skb+0xcab/0x24a0 net/bpf/test_run.c:388
 bpf_prog_test_run kernel/bpf/syscall.c:2572 [inline]
 __do_sys_bpf+0xa684/0x13510 kernel/bpf/syscall.c:3414
 __se_sys_bpf kernel/bpf/syscall.c:3355 [inline]
 __ia32_sys_bpf+0xdb/0x120 kernel/bpf/syscall.c:3355
 do_syscall_32_irqs_on arch/x86/entry/common.c:339 [inline]
 do_fast_syscall_32+0x3c7/0x6e0 arch/x86/entry/common.c:410
 entry_SYSENTER_compat+0x68/0x77 arch/x86/entry/entry_64_compat.S:139
=====================================================

Crashes (1929):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Title
ci-upstream-kmsan-gce-386 2020/02/22 06:30 https://github.com/google/kmsan.git master 8bbbc5cf3dca 2ffa6679 .config log report syz C
ci-upstream-kmsan-gce-386 2022/06/30 11:54 https://github.com/google/kmsan.git master ec1cbf8b060e 1434eec0 .config log report info KMSAN: uninit-value in batadv_get_vid
ci-upstream-kmsan-gce-386 2022/06/29 04:49 https://github.com/google/kmsan.git master ec1cbf8b060e 496a8536 .config log report info KMSAN: uninit-value in batadv_get_vid
ci-upstream-kmsan-gce-386 2022/06/28 07:58 https://github.com/google/kmsan.git master d60755a5e2cb ef82eb2c .config log report info KMSAN: uninit-value in batadv_get_vid
ci-upstream-kmsan-gce-386 2022/06/24 21:58 https://github.com/google/kmsan.git master 4b28366af7d9 a5dbd430 .config log report info KMSAN: uninit-value in batadv_get_vid
ci-upstream-kmsan-gce-386 2022/06/22 01:51 https://github.com/google/kmsan.git master 4b28366af7d9 0fc5c330 .config log report info KMSAN: uninit-value in batadv_get_vid
ci-upstream-kmsan-gce-386 2022/06/17 22:26 https://github.com/google/kmsan.git master 2d0ce79ea812 cb58b3b2 .config log report info KMSAN: uninit-value in batadv_get_vid
ci-upstream-kmsan-gce-386 2022/06/14 10:28 https://github.com/google/kmsan.git master 2f3064574275 0f087040 .config log report info KMSAN: uninit-value in batadv_get_vid
ci-upstream-kmsan-gce-386 2022/06/13 21:05 https://github.com/google/kmsan.git master 2f3064574275 0d5abf15 .config log report info KMSAN: uninit-value in batadv_get_vid
ci-upstream-kmsan-gce-386 2022/06/13 16:31 https://github.com/google/kmsan.git master 2f3064574275 0d5abf15 .config log report info KMSAN: uninit-value in batadv_get_vid
ci-upstream-kmsan-gce-386 2022/06/13 14:01 https://github.com/google/kmsan.git master 2f3064574275 0d5abf15 .config log report info KMSAN: uninit-value in batadv_get_vid
ci-upstream-kmsan-gce-386 2022/05/25 17:59 https://github.com/google/kmsan.git master c5c93da9af13 647c0e27 .config log report info KMSAN: uninit-value in batadv_get_vid
ci-upstream-kmsan-gce-386 2022/05/23 02:38 https://github.com/google/kmsan.git master c5c93da9af13 7268fa62 .config log report info KMSAN: uninit-value in batadv_get_vid
ci-upstream-kmsan-gce-386 2022/05/11 11:40 https://github.com/google/kmsan.git master d6e2c8c7eb40 8d7b3b67 .config log report info KMSAN: uninit-value in batadv_get_vid
ci-upstream-kmsan-gce-386 2022/05/11 06:33 https://github.com/google/kmsan.git master d6e2c8c7eb40 8d7b3b67 .config log report info KMSAN: uninit-value in batadv_get_vid
ci-upstream-kmsan-gce-386 2022/04/29 23:01 https://github.com/google/kmsan.git master d6e2c8c7eb40 44a5ca63 .config log report info KMSAN: uninit-value in batadv_get_vid
ci-upstream-kmsan-gce-386 2022/04/29 02:14 https://github.com/google/kmsan.git master d6e2c8c7eb40 e9076525 .config log report info KMSAN: uninit-value in batadv_get_vid
ci-upstream-kmsan-gce-386 2022/04/26 20:52 https://github.com/google/kmsan.git master e8cbf4e6e3e8 1fa34c1b .config log report info KMSAN: uninit-value in batadv_get_vid
ci-upstream-kmsan-gce-386 2022/04/26 19:12 https://github.com/google/kmsan.git master e8cbf4e6e3e8 1fa34c1b .config log report info KMSAN: uninit-value in batadv_get_vid
ci-upstream-kmsan-gce-386 2022/04/09 18:46 https://github.com/google/kmsan.git master 33d9269ef6e0 e22c3da3 .config log report info KMSAN: uninit-value in batadv_get_vid
ci-upstream-kmsan-gce-386 2022/04/09 09:42 https://github.com/google/kmsan.git master 33d9269ef6e0 e22c3da3 .config log report info KMSAN: uninit-value in batadv_get_vid
ci-upstream-kmsan-gce-386 2022/04/07 13:53 https://github.com/google/kmsan.git master 33d9269ef6e0 c6ff3e05 .config log report info KMSAN: uninit-value in batadv_get_vid
ci-upstream-kmsan-gce-386 2022/03/25 00:38 https://github.com/google/kmsan.git master 97c7732c2bb6 89bc8608 .config log report info KMSAN: uninit-value in batadv_get_vid
ci-upstream-kmsan-gce-386 2022/03/23 15:52 https://github.com/google/kmsan.git master 97c7732c2bb6 5ff41e94 .config log report info KMSAN: uninit-value in batadv_get_vid
ci-upstream-kmsan-gce-386 2022/03/23 00:06 https://github.com/google/kmsan.git master 97c7732c2bb6 d88ef0c5 .config log report info KMSAN: uninit-value in batadv_get_vid
ci-upstream-kmsan-gce-386 2022/03/15 19:26 https://github.com/google/kmsan.git master 724946410067 9e8eaa75 .config log report info KMSAN: uninit-value in batadv_get_vid
ci-upstream-kmsan-gce-386 2022/03/08 13:09 https://github.com/google/kmsan.git master 724946410067 7bdd8b2c .config log report info KMSAN: uninit-value in batadv_get_vid
ci-upstream-kmsan-gce-386 2022/02/25 08:27 https://github.com/google/kmsan.git master 724946410067 7c337266 .config log report info KMSAN: uninit-value in batadv_get_vid
ci-upstream-kmsan-gce-386 2022/02/25 08:06 https://github.com/google/kmsan.git master 724946410067 7c337266 .config log report info KMSAN: uninit-value in batadv_get_vid
ci-upstream-kmsan-gce-386 2022/02/22 01:50 https://github.com/google/kmsan.git master 724946410067 6e821dbf .config log report info KMSAN: uninit-value in batadv_get_vid
ci-upstream-kmsan-gce-386 2022/02/18 23:24 https://github.com/google/kmsan.git master 724946410067 3cd800e4 .config log report info KMSAN: uninit-value in batadv_get_vid
ci-upstream-kmsan-gce-386 2022/02/17 06:23 https://github.com/google/kmsan.git master 85cfd6e539bd 2bea8a27 .config log report info KMSAN: uninit-value in batadv_get_vid
ci-upstream-kmsan-gce-386 2022/02/08 17:23 https://github.com/google/kmsan.git master 85cfd6e539bd 0b33604d .config log report info KMSAN: uninit-value in batadv_get_vid
ci-upstream-kmsan-gce-386 2022/02/08 14:36 https://github.com/google/kmsan.git master 85cfd6e539bd 0b33604d .config log report info KMSAN: uninit-value in batadv_get_vid
ci-upstream-kmsan-gce-386 2022/02/05 14:01 https://github.com/google/kmsan.git master 85cfd6e539bd a7dab638 .config log report info KMSAN: uninit-value in batadv_get_vid
ci-upstream-kmsan-gce-386 2022/02/05 04:36 https://github.com/google/kmsan.git master 85cfd6e539bd e13a05ed .config log report info KMSAN: uninit-value in batadv_get_vid
ci-upstream-kmsan-gce-386 2022/02/05 03:00 https://github.com/google/kmsan.git master 85cfd6e539bd e13a05ed .config log report info KMSAN: uninit-value in batadv_get_vid
ci-upstream-kmsan-gce-386 2022/02/04 08:36 https://github.com/google/kmsan.git master 85cfd6e539bd 30646bfe .config log report info KMSAN: uninit-value in batadv_get_vid
ci-upstream-kmsan-gce-386 2022/02/02 23:41 https://github.com/google/kmsan.git master 85cfd6e539bd 4ebb2798 .config log report info KMSAN: uninit-value in batadv_get_vid
ci-upstream-kmsan-gce-386 2022/02/02 09:58 https://github.com/google/kmsan.git master 85cfd6e539bd 4ebb2798 .config log report info KMSAN: uninit-value in batadv_get_vid
ci-upstream-kmsan-gce-386 2022/02/02 09:58 https://github.com/google/kmsan.git master 85cfd6e539bd 4ebb2798 .config log report info KMSAN: uninit-value in batadv_get_vid
ci-upstream-kmsan-gce-386 2022/02/02 08:30 https://github.com/google/kmsan.git master 85cfd6e539bd 4ebb2798 .config log report info KMSAN: uninit-value in batadv_get_vid
ci-upstream-kmsan-gce-386 2022/02/01 18:33 https://github.com/google/kmsan.git master 85cfd6e539bd c1c1631d .config log report info KMSAN: uninit-value in batadv_get_vid
ci-upstream-kmsan-gce-386 2022/02/01 17:33 https://github.com/google/kmsan.git master 85cfd6e539bd c1c1631d .config log report info KMSAN: uninit-value in batadv_get_vid
ci-upstream-kmsan-gce-386 2022/02/01 02:13 https://github.com/google/kmsan.git master 85cfd6e539bd 6b7c57fe .config log report info KMSAN: uninit-value in batadv_get_vid
ci-upstream-kmsan-gce-386 2022/01/31 21:26 https://github.com/google/kmsan.git master 85cfd6e539bd 6b7c57fe .config log report info KMSAN: uninit-value in batadv_get_vid
ci-upstream-kmsan-gce-386 2022/01/31 19:29 https://github.com/google/kmsan.git master 85cfd6e539bd 6b7c57fe .config log report info KMSAN: uninit-value in batadv_get_vid
ci-upstream-kmsan-gce-386 2022/01/31 18:13 https://github.com/google/kmsan.git master 85cfd6e539bd 6b7c57fe .config log report info KMSAN: uninit-value in batadv_get_vid
ci-upstream-kmsan-gce-386 2022/01/30 05:56 https://github.com/google/kmsan.git master 85cfd6e539bd 495e00c5 .config log report info KMSAN: uninit-value in batadv_get_vid
ci-upstream-kmsan-gce-386 2022/01/29 22:30 https://github.com/google/kmsan.git master 85cfd6e539bd 495e00c5 .config log report info KMSAN: uninit-value in batadv_get_vid
ci-upstream-kmsan-gce-386 2022/01/29 18:57 https://github.com/google/kmsan.git master 85cfd6e539bd 495e00c5 .config log report info KMSAN: uninit-value in batadv_get_vid
ci-upstream-kmsan-gce-386 2021/01/16 20:47 https://github.com/google/kmsan.git master 73d62e81b476 65a7a854 .config log report info
ci-upstream-kmsan-gce-386 2020/02/21 03:30 https://github.com/google/kmsan.git master 8bbbc5cf3dca bd2a74a3 .config log report