syzbot


KMSAN: uninit-value in radix_tree_lookup

Status: auto-obsoleted due to no activity on 2022/09/19 14:00
Reported-by: syzbot+bcc3c6bd745b87e32d3e@syzkaller.appspotmail.com
First crash: 712d, last: 491d
Patch testing requests:
Created Duration User Patch Repo Result
2022/09/19 11:29 22m https://github.com/google/kmsan.git master OK log
2022/09/19 07:29 22m https://github.com/google/kmsan.git master OK log
2020/10/31 23:49 16m anant.thazhemadam@gmail.com https://github.com/google/kmsan.git master error

Sample crash report:
=====================================================
BUG: KMSAN: uninit-value in __radix_tree_lookup lib/radix-tree.c:757 [inline]
BUG: KMSAN: uninit-value in radix_tree_lookup+0x409/0x420 lib/radix-tree.c:817
CPU: 0 PID: 8246 Comm: syz-executor439 Not tainted 5.10.0-rc4-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x21c/0x280 lib/dump_stack.c:118
 kmsan_report+0xf7/0x1e0 mm/kmsan/kmsan_report.c:118
 __msan_warning+0x5f/0xa0 mm/kmsan/kmsan_instr.c:197
 __radix_tree_lookup lib/radix-tree.c:757 [inline]
 radix_tree_lookup+0x409/0x420 lib/radix-tree.c:817
 qrtr_tx_resume net/qrtr/qrtr.c:224 [inline]
 qrtr_endpoint_post+0x1172/0x1740 net/qrtr/qrtr.c:498
 qrtr_tun_write_iter+0x216/0x370 net/qrtr/tun.c:92
 call_write_iter include/linux/fs.h:1903 [inline]
 new_sync_write fs/read_write.c:518 [inline]
 vfs_write+0x1087/0x1b10 fs/read_write.c:605
 ksys_write+0x2af/0x4d0 fs/read_write.c:658
 __do_sys_write fs/read_write.c:670 [inline]
 __se_sys_write+0x92/0xb0 fs/read_write.c:667
 __x64_sys_write+0x4a/0x70 fs/read_write.c:667
 do_syscall_64+0x9f/0x140 arch/x86/entry/common.c:48
 entry_SYSCALL_64_after_hwframe+0x44/0xa9
RIP: 0033:0x441239
Code: e8 fc ab 02 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 1b 09 fc ff c3 66 2e 0f 1f 84 00 00 00 00
RSP: 002b:00007ffe07a074e8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000441239
RDX: 00000000000000e4 RSI: 0000000020000000 RDI: 0000000000000003
RBP: 00000000006cb018 R08: 00000000004002c8 R09: 00000000004002c8
R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000401fe0
R13: 0000000000402070 R14: 0000000000000000 R15: 0000000000000000

Uninit was created at:
 kmsan_save_stack_with_flags+0x3c/0x90 mm/kmsan/kmsan.c:121
 kmsan_alloc_page+0xd3/0x1f0 mm/kmsan/kmsan_shadow.c:274
 __alloc_pages_nodemask+0x84e/0xfb0 mm/page_alloc.c:4989
 __alloc_pages include/linux/gfp.h:511 [inline]
 __alloc_pages_node include/linux/gfp.h:524 [inline]
 alloc_pages_node include/linux/gfp.h:538 [inline]
 __page_frag_cache_refill mm/page_alloc.c:5065 [inline]
 page_frag_alloc+0x35b/0x890 mm/page_alloc.c:5095
 __napi_alloc_skb+0x1c0/0xab0 net/core/skbuff.c:519
 napi_alloc_skb include/linux/skbuff.h:2870 [inline]
 page_to_skb+0x142/0x1640 drivers/net/virtio_net.c:389
 receive_mergeable+0xee6/0x5be0 drivers/net/virtio_net.c:949
 receive_buf+0x2db/0x2ba0 drivers/net/virtio_net.c:1059
 virtnet_receive drivers/net/virtio_net.c:1351 [inline]
 virtnet_poll+0xa51/0x1d10 drivers/net/virtio_net.c:1456
 napi_poll+0x420/0x1010 net/core/dev.c:6763
 net_rx_action+0x35c/0xd40 net/core/dev.c:6833
 __do_softirq+0x1a9/0x6fa kernel/softirq.c:298
=====================================================

Crashes (32):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Title
ci-upstream-kmsan-gce 2021/01/02 01:45 https://github.com/google/kmsan.git master 73d62e81b476 79264ae3 .config log report syz C
ci-upstream-kmsan-gce 2020/10/16 07:25 https://github.com/google/kmsan.git master e67f4ba870c2 6e262c73 .config log report syz C
ci-upstream-kmsan-gce 2021/05/24 10:01 https://github.com/google/kmsan.git master 6099c9da2f7d 3c7fef33 .config log report info KMSAN: uninit-value in radix_tree_lookup
ci-upstream-kmsan-gce 2021/05/17 21:16 https://github.com/google/kmsan.git master bdefec9ab855 a2eb125d .config log report info KMSAN: uninit-value in radix_tree_lookup
ci-upstream-kmsan-gce 2021/05/17 21:15 https://github.com/google/kmsan.git master bdefec9ab855 a2eb125d .config log report info KMSAN: uninit-value in radix_tree_lookup
ci-upstream-kmsan-gce 2021/02/14 22:34 https://github.com/google/kmsan.git master 29ad81a1074a 98682e5e .config log report info KMSAN: uninit-value in radix_tree_lookup
ci-upstream-kmsan-gce-386 2021/05/25 02:57 https://github.com/google/kmsan.git master 6099c9da2f7d 3c7fef33 .config log report info KMSAN: uninit-value in radix_tree_lookup
ci-upstream-kmsan-gce-386 2021/05/17 21:15 https://github.com/google/kmsan.git master bdefec9ab855 a2eb125d .config log report info KMSAN: uninit-value in radix_tree_lookup
ci-upstream-kmsan-gce-386 2021/05/17 21:15 https://github.com/google/kmsan.git master bdefec9ab855 a2eb125d .config log report info KMSAN: uninit-value in radix_tree_lookup
ci-upstream-kmsan-gce-386 2021/04/15 18:57 https://github.com/google/kmsan.git master 4ebaab5fb428 fcdb12ba .config log report info KMSAN: uninit-value in radix_tree_lookup
ci-upstream-kmsan-gce-386 2021/02/14 22:39 https://github.com/google/kmsan.git master 29ad81a1074a 98682e5e .config log report info KMSAN: uninit-value in radix_tree_lookup
ci-upstream-kmsan-gce 2021/01/03 06:06 https://github.com/google/kmsan.git master 73d62e81b476 79264ae3 .config log report info
ci-upstream-kmsan-gce 2020/12/14 08:07 https://github.com/google/kmsan.git master 73d62e81b476 b22a7ec3 .config log report info
ci-upstream-kmsan-gce 2020/12/14 08:07 https://github.com/google/kmsan.git master 73d62e81b476 b22a7ec3 .config log report info
ci-upstream-kmsan-gce 2020/11/27 01:59 https://github.com/google/kmsan.git master 73d62e81b476 1d2b823e .config log report info
ci-upstream-kmsan-gce 2020/11/20 03:03 https://github.com/google/kmsan.git master 73d62e81b476 0767f13f .config log report info
ci-upstream-kmsan-gce 2020/10/16 02:19 https://github.com/google/kmsan.git master e67f4ba870c2 6e262c73 .config log report info
ci-upstream-kmsan-gce 2020/10/15 23:09 https://github.com/google/kmsan.git master e67f4ba870c2 6e262c73 .config log report info
ci-upstream-kmsan-gce 2020/10/15 22:58 https://github.com/google/kmsan.git master e67f4ba870c2 6e262c73 .config log report info
ci-upstream-kmsan-gce 2020/10/15 22:40 https://github.com/google/kmsan.git master e67f4ba870c2 6e262c73 .config log report info
ci-upstream-kmsan-gce 2020/10/15 22:33 https://github.com/google/kmsan.git master e67f4ba870c2 6e262c73 .config log report info
ci-upstream-kmsan-gce 2020/10/15 22:19 https://github.com/google/kmsan.git master e67f4ba870c2 6e262c73 .config log report info
ci-upstream-kmsan-gce 2020/10/15 21:56 https://github.com/google/kmsan.git master e67f4ba870c2 6e262c73 .config log report info
ci-upstream-kmsan-gce 2020/10/15 21:03 https://github.com/google/kmsan.git master e67f4ba870c2 6e262c73 .config log report info
ci-upstream-kmsan-gce 2020/10/15 20:46 https://github.com/google/kmsan.git master e67f4ba870c2 6e262c73 .config log report info
ci-upstream-kmsan-gce-386 2021/01/03 06:06 https://github.com/google/kmsan.git master 73d62e81b476 79264ae3 .config log report info
ci-upstream-kmsan-gce-386 2020/12/05 19:48 https://github.com/google/kmsan.git master 73d62e81b476 50503117 .config log report info
ci-upstream-kmsan-gce-386 2020/11/27 02:04 https://github.com/google/kmsan.git master 73d62e81b476 1d2b823e .config log report info
ci-upstream-kmsan-gce-386 2020/10/16 02:51 https://github.com/google/kmsan.git master e67f4ba870c2 6e262c73 .config log report info
ci-upstream-kmsan-gce-386 2020/10/16 02:39 https://github.com/google/kmsan.git master e67f4ba870c2 6e262c73 .config log report info
ci-upstream-kmsan-gce-386 2020/10/16 00:34 https://github.com/google/kmsan.git master e67f4ba870c2 6e262c73 .config log report info
ci-upstream-kmsan-gce-386 2020/10/15 23:59 https://github.com/google/kmsan.git master e67f4ba870c2 6e262c73 .config log report info
* Struck through repros no longer work on HEAD.