Received: by 2002:a25:4158:0:0:0:0:0 with SMTP id o85csp606476yba;
        Thu, 16 May 2019 06:15:42 -0700 (PDT)
X-Google-Smtp-Source: APXvYqyvkm8Z3q2jRG0d4IHNQTbj5xAxuIJa7pN3MkGbmeAjGXAZ+057Lpr5X2qzKrCYR/C4KWK4
X-Received: by 2002:a17:902:9a83:: with SMTP id w3mr50636682plp.241.1558012542101;
        Thu, 16 May 2019 06:15:42 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1558012542; cv=none;
        d=google.com; s=arc-20160816;
        b=dfCN0yIKZiekKQiFeH7OZ4GFyBDgdBhqAy0ZjT2m1vb47x8eB/i0slyjmyV0zDBds6
         UumhJ7/JvsOabocveBI1LB0ZmS8gbw62H/ljsXktps1q6zMxzsjxdP6arqAzLx8jnEcz
         ebbJbZW9utqrreyTpOGvqrqe86hQjg/5I7rXfXylCs2NQHF7fauWWk2lauiI2o0E5X98
         VnD14fjyroPiu8CKE1xp6Jv5fT2ksavQXFLCB7iPu7U8Lk+D6je+jigBL03x77bTtFel
         UJrYX95b6wBVAyfJbR2mdVRfINoNVBlPptMUXxTQKp3ZG+0R7MTCMil5QAPlxDoMoqoM
         ryMA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-transfer-encoding
         :content-language:in-reply-to:mime-version:user-agent:date
         :message-id:from:cc:references:to:subject;
        bh=H+2oza6IPpdFlu3BGsBV/FaxSu4pnREizmMiVSssIkg=;
        b=IndA1j+qByd5qqqeMWLxpdpAroI7lvFUryV92C7PHmHdFgBmrAl5l7lhR90OKZ/EMJ
         AqF+mpM19eaYzCNZyVf8xHcsAZnpjoOmNKVe6lTHe2gRksppNzESMF5eUe+ixpUA5f4Z
         wV2i+jlARdmXOISwOHbAiojU2VqQoVmfrg7vPGPsQ3bsKF+H6ysL5JIIYo9iyH6LZv0P
         z6jEz9qSPtbFc/YZ/ZLkKHep6z1AMJwoa9Q8PI/ulcJZVHAwJWSTDCvNYrTDnPVxpiOy
         UIp0iB4ZQG3jwzvDcu9gwSiYyGCT+kU5GBZhEs//a7jXVJP2fnI5LxuQnLciGPQsdBEq
         C1jw==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id u21si218830pga.151.2019.05.16.06.15.24;
        Thu, 16 May 2019 06:15:42 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1727453AbfEPNN3 (ORCPT <rfc822;ttoukan.linux@gmail.com>
        + 99 others); Thu, 16 May 2019 09:13:29 -0400
Received: from www262.sakura.ne.jp ([202.181.97.72]:53805 "EHLO
        www262.sakura.ne.jp" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1726427AbfEPNN3 (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 16 May 2019 09:13:29 -0400
Received: from fsav103.sakura.ne.jp (fsav103.sakura.ne.jp [27.133.134.230])
        by www262.sakura.ne.jp (8.15.2/8.15.2) with ESMTP id x4GDD1qd020322;
        Thu, 16 May 2019 22:13:01 +0900 (JST)
        (envelope-from penguin-kernel@i-love.sakura.ne.jp)
Received: from www262.sakura.ne.jp (202.181.97.72)
 by fsav103.sakura.ne.jp (F-Secure/fsigk_smtp/530/fsav103.sakura.ne.jp);
 Thu, 16 May 2019 22:13:01 +0900 (JST)
X-Virus-Status: clean(F-Secure/fsigk_smtp/530/fsav103.sakura.ne.jp)
Received: from [192.168.1.8] (softbank126012062002.bbtec.net [126.12.62.2])
        (authenticated bits=0)
        by www262.sakura.ne.jp (8.15.2/8.15.2) with ESMTPSA id x4GDD076020318
        (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=NO);
        Thu, 16 May 2019 22:13:01 +0900 (JST)
        (envelope-from penguin-kernel@i-love.sakura.ne.jp)
Subject: Re: KMSAN: uninit-value in tomoyo_check_inet_address
To:     syzbot <syzbot+1018d578c410f9f37261@syzkaller.appspotmail.com>
References: <00000000000032685a058900d170@google.com>
Cc:     glider@google.com, jmorris@namei.org, linux-kernel@vger.kernel.org,
        linux-security-module@vger.kernel.org, serge@hallyn.com,
        syzkaller-bugs@googlegroups.com, takedakn@nttdata.co.jp
From:   Tetsuo Handa <penguin-kernel@i-love.sakura.ne.jp>
Message-ID: <2b0b9d18-6773-f2dc-ecb2-9f8782d0962a@i-love.sakura.ne.jp>
Date:   Thu, 16 May 2019 22:13:04 +0900
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:60.0) Gecko/20100101
 Thunderbird/60.6.1
MIME-Version: 1.0
In-Reply-To: <00000000000032685a058900d170@google.com>
Content-Type: text/plain; charset=utf-8
Content-Language: en-US
Content-Transfer-Encoding: 8bit
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On 2019/05/16 21:58, syzbot wrote:
> Hello,
> 
> syzbot found the following crash on:
> 
> HEAD commit:    3b955a40 usb-fuzzer: main usb gadget fuzzer driver
> git tree:       kmsan
> console output: https://syzkaller.appspot.com/x/log.txt?x=1027e608a00000
> kernel config:  https://syzkaller.appspot.com/x/.config?x=602468164ccdc30a
> dashboard link: https://syzkaller.appspot.com/bug?extid=1018d578c410f9f37261
> compiler:       clang version 9.0.0 (/home/glider/llvm/clang 06d00afa61eef8f7f501ebdb4e8612ea43ec2d78)
> 
> Unfortunately, I don't have any reproducer for this crash yet.

This should be already fixed in linux.git.

#syz fix: tomoyo: Check address length before reading address family

commit e6193f78bb689f3f424559bb45f4a091c8b314df
Author: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Date:   Fri Apr 12 19:59:36 2019 +0900

    tomoyo: Check address length before reading address family

    KMSAN will complain if valid address length passed to bind()/connect()/
    sendmsg() is shorter than sizeof("struct sockaddr"->sa_family) bytes.

    Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
    Signed-off-by: James Morris <jamorris@linux.microsoft.com>