KMSAN: uninit-value in set_selection

KMSAN: uninit-value in set_selection_kernel
Status: upstream: reported on 2020/03/12 21:47
Reported-by: syzbot+0b81ae727db96ee52ca8@syzkaller.appspotmail.com
First crash: 149d, last: 55d

Sample crash report:

=====================================================
BUG: KMSAN: uninit-value in store_utf8 drivers/tty/vt/selection.c:136 [inline]
BUG: KMSAN: uninit-value in __set_selection_kernel drivers/tty/vt/selection.c:322 [inline]
BUG: KMSAN: uninit-value in set_selection_kernel+0x2d95/0x33d0 drivers/tty/vt/selection.c:348
CPU: 0 PID: 27713 Comm: syz-executor.5 Not tainted 5.7.0-rc4-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x1c9/0x220 lib/dump_stack.c:118
 kmsan_report+0xf7/0x1e0 mm/kmsan/kmsan_report.c:121
 __msan_warning+0x58/0xa0 mm/kmsan/kmsan_instr.c:215
 store_utf8 drivers/tty/vt/selection.c:136 [inline]
 __set_selection_kernel drivers/tty/vt/selection.c:322 [inline]
 set_selection_kernel+0x2d95/0x33d0 drivers/tty/vt/selection.c:348
 set_selection_user+0x10a/0x150 drivers/tty/vt/selection.c:185
 tioclinux+0x583/0xc40 drivers/tty/vt/vt.c:3059
 vt_ioctl+0x1ccb/0x58a0 drivers/tty/vt/vt_ioctl.c:372
 vt_compat_ioctl+0x5d5/0xf70 drivers/tty/vt/vt_ioctl.c:1242
 tty_compat_ioctl+0xa24/0x1830 drivers/tty/tty_io.c:2847
 __do_compat_sys_ioctl fs/ioctl.c:865 [inline]
 __se_compat_sys_ioctl+0x57c/0xed0 fs/ioctl.c:816
 __ia32_compat_sys_ioctl+0x4a/0x70 fs/ioctl.c:816
 do_syscall_32_irqs_on arch/x86/entry/common.c:339 [inline]
 do_fast_syscall_32+0x3bf/0x6d0 arch/x86/entry/common.c:398
 entry_SYSENTER_compat+0x68/0x77 arch/x86/entry/entry_64_compat.S:139
RIP: 0023:0xf7f9cdd9
Code: 90 e8 0b 00 00 00 f3 90 0f ae e8 eb f9 8d 74 26 00 89 3c 24 c3 90 90 90 90 90 90 90 90 90 90 90 90 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
RSP: 002b:00000000f5d970cc EFLAGS: 00000296 ORIG_RAX: 0000000000000036
RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000000541c
RDX: 0000000020000000 RSI: 0000000000000000 RDI: 0000000000000000
RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000

Uninit was created at:
 kmsan_save_stack_with_flags+0x3c/0x90 mm/kmsan/kmsan.c:144
 kmsan_internal_alloc_meta_for_pages mm/kmsan/kmsan_shadow.c:269 [inline]
 kmsan_alloc_page+0xb9/0x180 mm/kmsan/kmsan_shadow.c:293
 __alloc_pages_nodemask+0x56a2/0x5dc0 mm/page_alloc.c:4848
 alloc_pages_current+0x67d/0x990 mm/mempolicy.c:2295
 alloc_pages include/linux/gfp.h:540 [inline]
 __vmalloc_area_node mm/vmalloc.c:2511 [inline]
 __vmalloc_node_range+0x839/0x11c0 mm/vmalloc.c:2575
 __vmalloc_node mm/vmalloc.c:2630 [inline]
 __vmalloc_node_flags mm/vmalloc.c:2644 [inline]
 vmalloc+0x106/0x120 mm/vmalloc.c:2669
 vc_uniscr_alloc drivers/tty/vt/vt.c:354 [inline]
 vc_do_resize+0x632/0x3290 drivers/tty/vt/vt.c:1217
 vc_resize+0xc3/0xe0 drivers/tty/vt/vt.c:1329
 vt_ioctl+0x5729/0x58a0 drivers/tty/vt/vt_ioctl.c:901
 vt_compat_ioctl+0x5d5/0xf70 drivers/tty/vt/vt_ioctl.c:1242
 tty_compat_ioctl+0xa24/0x1830 drivers/tty/tty_io.c:2847
 __do_compat_sys_ioctl fs/ioctl.c:865 [inline]
 __se_compat_sys_ioctl+0x57c/0xed0 fs/ioctl.c:816
 __ia32_compat_sys_ioctl+0x4a/0x70 fs/ioctl.c:816
 do_syscall_32_irqs_on arch/x86/entry/common.c:339 [inline]
 do_fast_syscall_32+0x3bf/0x6d0 arch/x86/entry/common.c:398
 entry_SYSENTER_compat+0x68/0x77 arch/x86/entry/entry_64_compat.S:139
=====================================================

Crashes (10):
Manager	Time	Kernel	Commit	Syzkaller	Config	Log	Report	Maintainers
ci-upstream-kmsan-gce-386	2020/06/13 18:54	https://github.com/google/kmsan.git master	f0d5ec90	dbce178a	.config	log	report	gregkh@linuxfoundation.org, jslaby@suse.com, linux-kernel@vger.kernel.org
ci-upstream-kmsan-gce-386	2020/06/07 15:58	https://github.com/google/kmsan.git master	f0d5ec90	2c2b926c	.config	log	report	gregkh@linuxfoundation.org, jslaby@suse.com, linux-kernel@vger.kernel.org
ci-upstream-kmsan-gce-386	2020/05/03 18:49	https://github.com/google/kmsan.git master	bfa90a4a	58ae5e18	.config	log	report	gregkh@linuxfoundation.org, jslaby@suse.com, linux-kernel@vger.kernel.org
ci-upstream-kmsan-gce-386	2020/04/17 20:32	https://github.com/google/kmsan.git master	5356842d	435c6d53	.config	log	report	gregkh@linuxfoundation.org, jslaby@suse.com, linux-kernel@vger.kernel.org, okash.khawaja@gmail.com, samuel.thibault@ens-lyon.org
ci-upstream-kmsan-gce-386	2020/03/25 06:37	https://github.com/google/kmsan.git master	a58741ac	41f049cc	.config	log	report	gregkh@linuxfoundation.org, jslaby@suse.com, linux-kernel@vger.kernel.org, okash.khawaja@gmail.com, samuel.thibault@ens-lyon.org
ci-upstream-kmsan-gce-386	2020/03/24 06:41	https://github.com/google/kmsan.git master	a58741ac	33e14df3	.config	log	report	gregkh@linuxfoundation.org, jslaby@suse.com, linux-kernel@vger.kernel.org, okash.khawaja@gmail.com, samuel.thibault@ens-lyon.org
ci-upstream-kmsan-gce-386	2020/03/18 19:32	https://github.com/google/kmsan.git master	a58741ac	0a96a13c	.config	log	report	gregkh@linuxfoundation.org, jslaby@suse.com, linux-kernel@vger.kernel.org, okash.khawaja@gmail.com, samuel.thibault@ens-lyon.org
ci-upstream-kmsan-gce-386	2020/03/12 09:01	https://github.com/google/kmsan.git master	8bbbc5cf	d850e9d0	.config	log	report	gregkh@linuxfoundation.org, jslaby@suse.com, linux-kernel@vger.kernel.org, okash.khawaja@gmail.com, samuel.thibault@ens-lyon.org
ci-upstream-kmsan-gce-386	2020/03/12 08:29	https://github.com/google/kmsan.git master	8bbbc5cf	d850e9d0	.config	log	report	gregkh@linuxfoundation.org, jslaby@suse.com, linux-kernel@vger.kernel.org, okash.khawaja@gmail.com, samuel.thibault@ens-lyon.org
ci-upstream-kmsan-gce-386	2020/03/11 16:35	https://github.com/google/kmsan.git master	8bbbc5cf	e7caca8e	.config	log	report	gregkh@linuxfoundation.org, jslaby@suse.com, linux-kernel@vger.kernel.org, okash.khawaja@gmail.com, samuel.thibault@ens-lyon.org