syzbot


KMSAN: uninit-value in hsr_fill_frame_info (2)

Status: upstream: reported C repro on 2022/10/12 19:10
Reported-by: syzbot+b11c500e990cac6ba129@syzkaller.appspotmail.com
First crash: 358d, last: 58d
similar bugs (10):
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KMSAN: uninit-value in hsr_fill_frame_info C 249 498d 796d 22/24 fixed on 2021/11/10 00:50
upstream KMSAN: uninit-value in skb_release_data (3) C 10 129d 808d 0/24 auto-obsoleted due to no activity on 2022/11/17 07:20
upstream KMSAN: uninit-value in ipv6_find_tlv C 92 1d17h 1201d 0/24 upstream: reported C repro on 2019/08/13 14:48
upstream KMSAN: uninit-value in bpf_prog_run_generic_xdp 102 11d 8d14h 0/24 upstream: reported on 2022/11/18 11:39
upstream KMSAN: uninit-value in ax25cmp (2) C 51 66d 327d 0/24 closed as invalid on 2022/11/18 11:50
upstream KMSAN: kernel-infoleak in _copy_to_iter (7) C 57078 now 262d 23/24 internal: reported C repro on 2022/03/09 07:32
upstream KMSAN: uninit-value in can_send C 630 5d12h 23d 23/24 upstream: reported C repro on 2022/11/03 16:22
upstream KMSAN: uninit-value in inet_frag_find (2) 2 319d 327d 0/24 auto-closed as invalid on 2022/04/11 17:13
upstream KMSAN: kernel-infoleak in _copy_to_iter (6) C 748 263d 352d 22/24 fixed on 2022/03/08 16:11
upstream KMSAN: uninit-value in eth_type_trans (2) C 2987 9h03m 1039d 0/24 upstream: reported C repro on 2020/01/22 16:47
Patch testing requests:
Created Duration User Patch Repo Result
2022/09/29 01:30 13m https://github.com/google/kmsan.git master report log

Sample crash report:
hsr0: VLAN not yet supported
=====================================================
BUG: KMSAN: uninit-value in hsr_fill_frame_info+0x495/0x770 net/hsr/hsr_forward.c:526
 hsr_fill_frame_info+0x495/0x770 net/hsr/hsr_forward.c:526
 fill_frame_info net/hsr/hsr_forward.c:605 [inline]
 hsr_forward_skb+0x7c4/0x3630 net/hsr/hsr_forward.c:619
 hsr_dev_xmit+0x23a/0x530 net/hsr/hsr_device.c:222
 __netdev_start_xmit include/linux/netdevice.h:4778 [inline]
 netdev_start_xmit include/linux/netdevice.h:4792 [inline]
 xmit_one+0x2f4/0x840 net/core/dev.c:3532
 dev_hard_start_xmit+0x186/0x440 net/core/dev.c:3548
 __dev_queue_xmit+0x22ee/0x3500 net/core/dev.c:4176
 dev_queue_xmit+0x4b/0x60 net/core/dev.c:4209
 packet_snd net/packet/af_packet.c:3063 [inline]
 packet_sendmsg+0x6671/0x7d60 net/packet/af_packet.c:3094
 sock_sendmsg_nosec net/socket.c:705 [inline]
 sock_sendmsg net/socket.c:725 [inline]
 __sys_sendto+0x9ef/0xc70 net/socket.c:2040
 __do_sys_sendto net/socket.c:2052 [inline]
 __se_sys_sendto net/socket.c:2048 [inline]
 __x64_sys_sendto+0x19c/0x210 net/socket.c:2048
 do_syscall_x64 arch/x86/entry/common.c:51 [inline]
 do_syscall_64+0x51/0xa0 arch/x86/entry/common.c:81
 entry_SYSCALL_64_after_hwframe+0x44/0xae

Uninit was created at:
 slab_post_alloc_hook mm/slab.h:754 [inline]
 slab_alloc_node mm/slub.c:3231 [inline]
 __kmalloc_node_track_caller+0xde3/0x14f0 mm/slub.c:4962
 kmalloc_reserve net/core/skbuff.c:354 [inline]
 __alloc_skb+0x545/0xf90 net/core/skbuff.c:426
 alloc_skb include/linux/skbuff.h:1300 [inline]
 alloc_skb_with_frags+0x1df/0xd60 net/core/skbuff.c:5995
 sock_alloc_send_pskb+0xdf4/0xfc0 net/core/sock.c:2600
 packet_alloc_skb net/packet/af_packet.c:2911 [inline]
 packet_snd net/packet/af_packet.c:3006 [inline]
 packet_sendmsg+0x506f/0x7d60 net/packet/af_packet.c:3094
 sock_sendmsg_nosec net/socket.c:705 [inline]
 sock_sendmsg net/socket.c:725 [inline]
 __sys_sendto+0x9ef/0xc70 net/socket.c:2040
 __do_sys_sendto net/socket.c:2052 [inline]
 __se_sys_sendto net/socket.c:2048 [inline]
 __x64_sys_sendto+0x19c/0x210 net/socket.c:2048
 do_syscall_x64 arch/x86/entry/common.c:51 [inline]
 do_syscall_64+0x51/0xa0 arch/x86/entry/common.c:81
 entry_SYSCALL_64_after_hwframe+0x44/0xae

CPU: 1 PID: 3506 Comm: syz-executor134 Not tainted 5.18.0-rc4-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
=====================================================

Crashes (63):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Title
ci-upstream-kmsan-gce 2022/05/12 19:26 https://github.com/google/kmsan.git master d6e2c8c7eb40 9ad6612a .config log report syz C KMSAN: uninit-value in hsr_fill_frame_info
ci-upstream-kmsan-gce 2021/12/30 20:06 https://github.com/google/kmsan.git master 81c325bbf94e 2e49f10d .config log report syz C KMSAN: uninit-value in hsr_fill_frame_info
ci-upstream-kmsan-gce 2022/04/13 01:35 https://github.com/google/kmsan.git master 33d9269ef6e0 dacb3f1c .config log report info KMSAN: uninit-value in hsr_fill_frame_info
ci-upstream-kmsan-gce 2022/04/11 09:55 https://github.com/google/kmsan.git master 33d9269ef6e0 e22c3da3 .config log report info KMSAN: uninit-value in hsr_fill_frame_info
ci-upstream-kmsan-gce 2022/03/26 11:54 https://github.com/google/kmsan.git master 97c7732c2bb6 89bc8608 .config log report info KMSAN: uninit-value in hsr_fill_frame_info
ci-upstream-kmsan-gce 2022/03/16 08:55 https://github.com/google/kmsan.git master 724946410067 9e8eaa75 .config log report info KMSAN: uninit-value in hsr_fill_frame_info
ci-upstream-kmsan-gce 2022/03/15 10:31 https://github.com/google/kmsan.git master 724946410067 9e8eaa75 .config log report info KMSAN: uninit-value in hsr_fill_frame_info
ci-upstream-kmsan-gce 2022/03/07 12:28 https://github.com/google/kmsan.git master 724946410067 7bdd8b2c .config log report info KMSAN: uninit-value in hsr_fill_frame_info
ci-upstream-kmsan-gce 2022/03/06 21:23 https://github.com/google/kmsan.git master 724946410067 7bdd8b2c .config log report info KMSAN: uninit-value in hsr_fill_frame_info
ci-upstream-kmsan-gce 2022/03/06 13:54 https://github.com/google/kmsan.git master 724946410067 7bdd8b2c .config log report info KMSAN: uninit-value in hsr_fill_frame_info
ci-upstream-kmsan-gce 2022/03/03 14:57 https://github.com/google/kmsan.git master 724946410067 45a13a73 .config log report info KMSAN: uninit-value in hsr_fill_frame_info
ci-upstream-kmsan-gce 2022/03/01 04:43 https://github.com/google/kmsan.git master 724946410067 45a13a73 .config log report info KMSAN: uninit-value in hsr_fill_frame_info
ci-upstream-kmsan-gce 2022/02/23 19:18 https://github.com/google/kmsan.git master 724946410067 6e821dbf .config log report info KMSAN: uninit-value in hsr_fill_frame_info
ci-upstream-kmsan-gce 2022/02/22 13:16 https://github.com/google/kmsan.git master 724946410067 6e821dbf .config log report info KMSAN: uninit-value in hsr_fill_frame_info
ci-upstream-kmsan-gce 2022/02/22 05:04 https://github.com/google/kmsan.git master 724946410067 6e821dbf .config log report info KMSAN: uninit-value in hsr_fill_frame_info
ci-upstream-kmsan-gce 2022/02/21 14:46 https://github.com/google/kmsan.git master 724946410067 3cd800e4 .config log report info KMSAN: uninit-value in hsr_fill_frame_info
ci-upstream-kmsan-gce 2022/02/19 19:01 https://github.com/google/kmsan.git master 724946410067 3cd800e4 .config log report info KMSAN: uninit-value in hsr_fill_frame_info
ci-upstream-kmsan-gce 2022/02/19 18:12 https://github.com/google/kmsan.git master 724946410067 3cd800e4 .config log report info KMSAN: uninit-value in hsr_fill_frame_info
ci-upstream-kmsan-gce 2022/02/19 18:12 https://github.com/google/kmsan.git master 724946410067 3cd800e4 .config log report info KMSAN: uninit-value in hsr_fill_frame_info
ci-upstream-kmsan-gce 2022/02/19 18:06 https://github.com/google/kmsan.git master 724946410067 3cd800e4 .config log report info KMSAN: uninit-value in hsr_fill_frame_info
ci-upstream-kmsan-gce 2022/02/19 18:04 https://github.com/google/kmsan.git master 724946410067 3cd800e4 .config log report info KMSAN: uninit-value in hsr_fill_frame_info
ci-upstream-kmsan-gce 2022/02/19 18:04 https://github.com/google/kmsan.git master 724946410067 3cd800e4 .config log report info KMSAN: uninit-value in hsr_fill_frame_info
ci-upstream-kmsan-gce 2022/02/17 19:35 https://github.com/google/kmsan.git master 85cfd6e539bd 3cd800e4 .config log report info KMSAN: uninit-value in hsr_fill_frame_info
ci-upstream-kmsan-gce 2022/02/17 19:35 https://github.com/google/kmsan.git master 85cfd6e539bd 3cd800e4 .config log report info KMSAN: uninit-value in hsr_fill_frame_info
ci-upstream-kmsan-gce 2022/02/17 19:33 https://github.com/google/kmsan.git master 85cfd6e539bd 3cd800e4 .config log report info KMSAN: uninit-value in hsr_fill_frame_info
ci-upstream-kmsan-gce 2022/02/17 19:12 https://github.com/google/kmsan.git master 85cfd6e539bd 3cd800e4 .config log report info KMSAN: uninit-value in hsr_fill_frame_info
ci-upstream-kmsan-gce 2022/02/17 13:25 https://github.com/google/kmsan.git master 85cfd6e539bd 2bea8a27 .config log report info KMSAN: uninit-value in hsr_fill_frame_info
ci-upstream-kmsan-gce 2022/02/17 13:15 https://github.com/google/kmsan.git master 85cfd6e539bd 2bea8a27 .config log report info KMSAN: uninit-value in hsr_fill_frame_info
ci-upstream-kmsan-gce 2022/02/17 13:14 https://github.com/google/kmsan.git master 85cfd6e539bd 2bea8a27 .config log report info KMSAN: uninit-value in hsr_fill_frame_info
ci-upstream-kmsan-gce 2022/02/17 13:04 https://github.com/google/kmsan.git master 85cfd6e539bd 2bea8a27 .config log report info KMSAN: uninit-value in hsr_fill_frame_info
ci-upstream-kmsan-gce 2022/02/17 13:04 https://github.com/google/kmsan.git master 85cfd6e539bd 2bea8a27 .config log report info KMSAN: uninit-value in hsr_fill_frame_info
ci-upstream-kmsan-gce 2022/02/09 13:07 https://github.com/google/kmsan.git master 85cfd6e539bd 0b33604d .config log report info KMSAN: uninit-value in hsr_fill_frame_info
ci-upstream-kmsan-gce 2022/02/07 03:04 https://github.com/google/kmsan.git master 85cfd6e539bd a7dab638 .config log report info KMSAN: uninit-value in hsr_fill_frame_info
ci-upstream-kmsan-gce 2022/02/07 03:04 https://github.com/google/kmsan.git master 85cfd6e539bd a7dab638 .config log report info KMSAN: uninit-value in hsr_fill_frame_info
ci-upstream-kmsan-gce 2022/01/23 18:22 https://github.com/google/kmsan.git master 85cfd6e539bd 214351e1 .config log report info KMSAN: uninit-value in hsr_fill_frame_info
ci-upstream-kmsan-gce 2022/01/23 17:24 https://github.com/google/kmsan.git master 85cfd6e539bd 214351e1 .config log report info KMSAN: uninit-value in hsr_fill_frame_info
ci-upstream-kmsan-gce 2022/01/15 11:31 https://github.com/google/kmsan.git master fa3879a274df 723cfaf0 .config log report info KMSAN: uninit-value in hsr_fill_frame_info
ci-upstream-kmsan-gce 2022/01/01 01:55 https://github.com/google/kmsan.git master 81c325bbf94e e1768e9c .config log report info KMSAN: uninit-value in hsr_fill_frame_info
ci-upstream-kmsan-gce 2021/12/30 18:59 https://github.com/google/kmsan.git master 81c325bbf94e 2e49f10d .config log report info KMSAN: uninit-value in hsr_fill_frame_info
ci-upstream-kmsan-gce 2021/12/30 09:22 https://github.com/google/kmsan.git master 81c325bbf94e 6cc879d4 .config log report info KMSAN: uninit-value in hsr_fill_frame_info
ci-upstream-kmsan-gce 2021/12/03 17:27 https://github.com/google/kmsan.git master 093998ececa3 c7c20675 .config log report info KMSAN: uninit-value in hsr_fill_frame_info
ci-upstream-kmsan-gce-386 2022/03/19 05:43 https://github.com/google/kmsan.git master 97c7732c2bb6 e2d91b1d .config log report info KMSAN: uninit-value in hsr_fill_frame_info
ci-upstream-kmsan-gce-386 2022/03/15 11:47 https://github.com/google/kmsan.git master 724946410067 9e8eaa75 .config log report info KMSAN: uninit-value in hsr_fill_frame_info
ci-upstream-kmsan-gce-386 2022/03/10 06:05 https://github.com/google/kmsan.git master 724946410067 9e8eaa75 .config log report info KMSAN: uninit-value in hsr_fill_frame_info
ci-upstream-kmsan-gce-386 2022/02/21 14:55 https://github.com/google/kmsan.git master 724946410067 3cd800e4 .config log report info KMSAN: uninit-value in hsr_fill_frame_info
ci-upstream-kmsan-gce-386 2022/02/19 18:15 https://github.com/google/kmsan.git master 724946410067 3cd800e4 .config log report info KMSAN: uninit-value in hsr_fill_frame_info
ci-upstream-kmsan-gce-386 2022/02/17 19:44 https://github.com/google/kmsan.git master 85cfd6e539bd 3cd800e4 .config log report info KMSAN: uninit-value in hsr_fill_frame_info
ci-upstream-kmsan-gce-386 2022/02/17 19:39 https://github.com/google/kmsan.git master 85cfd6e539bd 3cd800e4 .config log report info KMSAN: uninit-value in hsr_fill_frame_info
ci-upstream-kmsan-gce-386 2022/02/17 19:25 https://github.com/google/kmsan.git master 85cfd6e539bd 3cd800e4 .config log report info KMSAN: uninit-value in hsr_fill_frame_info
ci-upstream-kmsan-gce-386 2022/02/17 19:25 https://github.com/google/kmsan.git master 85cfd6e539bd 3cd800e4 .config log report info KMSAN: uninit-value in hsr_fill_frame_info
ci-upstream-kmsan-gce-386 2022/02/17 19:15 https://github.com/google/kmsan.git master 85cfd6e539bd 3cd800e4 .config log report info KMSAN: uninit-value in hsr_fill_frame_info
ci-upstream-kmsan-gce-386 2022/02/17 13:23 https://github.com/google/kmsan.git master 85cfd6e539bd 2bea8a27 .config log report info KMSAN: uninit-value in hsr_fill_frame_info
ci-upstream-kmsan-gce-386 2022/02/17 13:18 https://github.com/google/kmsan.git master 85cfd6e539bd 2bea8a27 .config log report info KMSAN: uninit-value in hsr_fill_frame_info
ci-upstream-kmsan-gce-386 2022/02/09 12:55 https://github.com/google/kmsan.git master 85cfd6e539bd 0b33604d .config log report info KMSAN: uninit-value in hsr_fill_frame_info
ci-upstream-kmsan-gce-386 2022/01/23 18:14 https://github.com/google/kmsan.git master 85cfd6e539bd 214351e1 .config log report info KMSAN: uninit-value in hsr_fill_frame_info
ci-upstream-kmsan-gce-386 2022/01/01 02:08 https://github.com/google/kmsan.git master 81c325bbf94e e1768e9c .config log report info KMSAN: uninit-value in hsr_fill_frame_info
ci-upstream-kmsan-gce-386 2021/12/30 19:05 https://github.com/google/kmsan.git master 81c325bbf94e 2e49f10d .config log report info KMSAN: uninit-value in hsr_fill_frame_info
* Struck through repros no longer work on HEAD.