Received: by 2002:a05:6358:16cd:b0:dc:6189:e246 with SMTP id r13csp1063854rwl; Fri, 4 Nov 2022 09:20:42 -0700 (PDT) X-Google-Smtp-Source: AMsMyM5gnc3yZjRA0hlP/lpMJCN0oXh0tvuZ4i+Qbq/dko5L/3l18bkqx5k+IFkQGfjAvvPPkENt X-Received: by 2002:a17:902:8e84:b0:178:71f2:113c with SMTP id bg4-20020a1709028e8400b0017871f2113cmr36006729plb.79.1667578842069; Fri, 04 Nov 2022 09:20:42 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1667578842; cv=none; d=google.com; s=arc-20160816; b=xvTHrCOL7C7GqZFw19X2tjmVcxjN2ruGuoDLrimEMeTRb6Am6Awdw0bXbX0A1vA3MW Q41Eux2VdgIMrajy+DifyRxabm8/DeliRvwNbk/pIS9IEnv2UGXuFepc7pyKIayvBYeS VrW7xK53NeoS99UgvYYbwnS5CKOElH4UNiXJEo70Z657jTVapDC2KK0jZOlzNW8OWAvv NYEwcAP9TL7fI5GCUFXGhOEsMoiss4DLeapDLgjN3QVXqW4hH2oj1HPGwfHmDCVH69eJ BB45q2iir5bT+Mmt5HXhUZBTL1eMwLWeHm+4vKqdX1RZWwCnKQVqmq5F/3KrIP8nr+t1 DYgA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=iGFzmiGQlUlHm0R4DDnnBk35cJc4UPbmyhgnCQR1pYw=; b=snn8uECKWAq1BQwkPecPFwYlTqPoHAOAWuiOkv9MN21H0XuDFKPXVMxgxPspL6hNZS hKOfdCkpELsO3LngcBtqo0OHNG8ZaKbruxLo0V14qx9KBpdzxERc0pjfIUsdpcJ08w6f /Uso/ZajnLmZDbK7VEj2lSD1LL5wP7rHOZe3W7rnBG8OzwhLD52ez/1RDNskQLScNhor yM9nIYJ51RIdfF1iONPUu2ccY2vplqhQYh/zVMkjXVmsXH9MwcuqAW3ZbWCyW0/TkcaK bSoQD4uDOu1mysc2oQO2DjmJgcsXPRpQAZ5FaFdVrM8InqHif2FuQEYdwL63eig072yd sm4A== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20210112 header.b=VYKLuhUd; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id j33-20020a632321000000b0046eb96c4f90si5190052pgj.549.2022.11.04.09.20.29; Fri, 04 Nov 2022 09:20:42 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20210112 header.b=VYKLuhUd; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232683AbiKDPjW (ORCPT + 96 others); Fri, 4 Nov 2022 11:39:22 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:49108 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232657AbiKDPjU (ORCPT ); Fri, 4 Nov 2022 11:39:20 -0400 Received: from mail-oa1-x2c.google.com (mail-oa1-x2c.google.com [IPv6:2001:4860:4864:20::2c]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id CC732627D; Fri, 4 Nov 2022 08:39:18 -0700 (PDT) Received: by mail-oa1-x2c.google.com with SMTP id 586e51a60fabf-13b103a3e5dso5938950fac.2; Fri, 04 Nov 2022 08:39:18 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=iGFzmiGQlUlHm0R4DDnnBk35cJc4UPbmyhgnCQR1pYw=; b=VYKLuhUdBoVVirbMpoctEQ55/+wcR0nvbLTAcsMh3SSl6lZsTPiFtT1qp8mHyZsSBH 2Sfw8kCzxZylZb6HwzCmumiuf9JPdEKr4gx+5YKG0DxsFAI5Q9dRZrxkX2FRygAvi0R6 tXhTSAEu6aFvZST6NaXnEZSKMkGsYyirkaeSgUKbKKaF6ORI36eCKZ2LZourXaiGf9AQ Hs/DDyisj7330ly2FN6r2qi1FphUkEg5l8ibdiMT+9La5oD4T12KZT4Ns3y0OvE6suU3 Z6hrYG2/D8c6lxBMM5yLgcIwEo6zqecvg8liwjIFaGFEADcRG/vq7D1HVTrnwQtAMiuI iVkA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=iGFzmiGQlUlHm0R4DDnnBk35cJc4UPbmyhgnCQR1pYw=; b=1alcAv1eS82BU4s8Smt+nv5hIJ+5otEF1uZ7vr3X0oY5FRKCWlHM6OMQSCK2Y5BGS0 CLSyPU+VlL9fZngISZ0e1JzDLVgaAH6Y0j0ptsxws9AdZCgf+lhyyYOl8UfG6fVfaaSB QgyfHqNfNFriY6zIZ/fw1MCSb7TGv8UcqhbBjvXv0kSsl8wjbY0k2eQIStZhuCIa5TcT UrkPNZEADWvTm/je/9vdZCRUR7jMyTqZ026eU4C8C76l80NjPXeM+8M8u51/mkKuXDyz eiNOZufvQ5wF0PsxaiCCsqvHhj3AVgY/IPmdEpu65CsLkRsREk7wsCu11P1lBwq+pdTv 85NQ== X-Gm-Message-State: ACrzQf0a5mvPrlWwIuDzGXxqho9tJ6YYFE9eGl95n6ljaIo3n351ar9N kq2Bb/KdZGtgeyF5u4vPdOcGiT83/j7DKL2MQyI= X-Received: by 2002:a05:6870:9614:b0:11d:3906:18fc with SMTP id d20-20020a056870961400b0011d390618fcmr31716276oaq.190.1667576358139; Fri, 04 Nov 2022 08:39:18 -0700 (PDT) MIME-Version: 1.0 References: <000000000000d285ef05ec935d9e@google.com> In-Reply-To: <000000000000d285ef05ec935d9e@google.com> From: Xin Long Date: Fri, 4 Nov 2022 11:38:51 -0400 Message-ID: Subject: Re: [syzbot] KMSAN: uninit-value in tipc_nl_compat_name_table_dump (3) To: syzbot Cc: davem@davemloft.net, edumazet@google.com, glider@google.com, jmaloy@redhat.com, kuba@kernel.org, linux-kernel@vger.kernel.org, netdev@vger.kernel.org, pabeni@redhat.com, syzkaller-bugs@googlegroups.com, tipc-discussion@lists.sourceforge.net, ying.xue@windriver.com Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM, RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, Nov 3, 2022 at 12:28 PM syzbot wrote: > > Hello, > > syzbot found the following issue on: > > HEAD commit: 8f4ae27df775 Revert "Revert "crypto: kmsan: disable accele.. > git tree: https://github.com/google/kmsan.git master > console+strace: https://syzkaller.appspot.com/x/log.txt?x=142d16cf080000 > kernel config: https://syzkaller.appspot.com/x/.config?x=121c7ef28ec597bd > dashboard link: https://syzkaller.appspot.com/bug?extid=e5dbaaa238680ce206ea > compiler: clang version 15.0.0 (https://github.com/llvm/llvm-project.git 610139d2d9ce6746b3c617fb3e2f7886272d26ff), GNU ld (GNU Binutils for Debian) 2.35.2 > syz repro: https://syzkaller.appspot.com/x/repro.syz?x=176a716f080000 > C reproducer: https://syzkaller.appspot.com/x/repro.c?x=140256a0880000 > > IMPORTANT: if you fix the issue, please add the following tag to the commit: > Reported-by: syzbot+e5dbaaa238680ce206ea@syzkaller.appspotmail.com > > ===================================================== > BUG: KMSAN: uninit-value in tipc_nl_compat_name_table_dump+0x841/0xea0 net/tipc/netlink_compat.c:934 looks we need this: @@ -880,7 +880,7 @@ static int tipc_nl_compat_name_table_dump_header(struct tipc_nl_compat_msg *msg) }; ntq = (struct tipc_name_table_query *)TLV_DATA(msg->req); - if (TLV_GET_DATA_LEN(msg->req) < sizeof(struct tipc_name_table_query)) + if (TLV_GET_DATA_LEN(msg->req) < (int)sizeof(struct tipc_name_table_query)) return -EINVAL; depth = ntohl(ntq->depth); as a follow-up of: commit 974cb0e3e7c963ced06c4e32c5b2884173fa5e01 Author: Ying Xue Date: Mon Jan 14 17:22:28 2019 +0800 tipc: fix uninit-value in tipc_nl_compat_name_table_dump > tipc_nl_compat_name_table_dump+0x841/0xea0 net/tipc/netlink_compat.c:934 > __tipc_nl_compat_dumpit+0xab2/0x1320 net/tipc/netlink_compat.c:238 > tipc_nl_compat_dumpit+0x991/0xb50 net/tipc/netlink_compat.c:321 > tipc_nl_compat_recv+0xb6e/0x1640 net/tipc/netlink_compat.c:1324 > genl_family_rcv_msg_doit net/netlink/genetlink.c:731 [inline] > genl_family_rcv_msg net/netlink/genetlink.c:775 [inline] > genl_rcv_msg+0x103f/0x1260 net/netlink/genetlink.c:792 > netlink_rcv_skb+0x3a5/0x6c0 net/netlink/af_netlink.c:2501 > genl_rcv+0x3c/0x50 net/netlink/genetlink.c:803 > netlink_unicast_kernel net/netlink/af_netlink.c:1319 [inline] > netlink_unicast+0xf3b/0x1270 net/netlink/af_netlink.c:1345 > netlink_sendmsg+0x1288/0x1440 net/netlink/af_netlink.c:1921 > sock_sendmsg_nosec net/socket.c:714 [inline] > sock_sendmsg net/socket.c:734 [inline] > ____sys_sendmsg+0xabc/0xe90 net/socket.c:2482 > ___sys_sendmsg+0x2a1/0x3f0 net/socket.c:2536 > __sys_sendmsg net/socket.c:2565 [inline] > __do_sys_sendmsg net/socket.c:2574 [inline] > __se_sys_sendmsg net/socket.c:2572 [inline] > __x64_sys_sendmsg+0x367/0x540 net/socket.c:2572 > do_syscall_x64 arch/x86/entry/common.c:50 [inline] > do_syscall_64+0x3d/0xb0 arch/x86/entry/common.c:80 > entry_SYSCALL_64_after_hwframe+0x63/0xcd > > Uninit was created at: > slab_post_alloc_hook mm/slab.h:732 [inline] > slab_alloc_node mm/slub.c:3258 [inline] > __kmalloc_node_track_caller+0x814/0x1250 mm/slub.c:4970 > kmalloc_reserve net/core/skbuff.c:362 [inline] > __alloc_skb+0x346/0xcf0 net/core/skbuff.c:434 > alloc_skb include/linux/skbuff.h:1257 [inline] > netlink_alloc_large_skb net/netlink/af_netlink.c:1191 [inline] > netlink_sendmsg+0xb71/0x1440 net/netlink/af_netlink.c:1896 > sock_sendmsg_nosec net/socket.c:714 [inline] > sock_sendmsg net/socket.c:734 [inline] > ____sys_sendmsg+0xabc/0xe90 net/socket.c:2482 > ___sys_sendmsg+0x2a1/0x3f0 net/socket.c:2536 > __sys_sendmsg net/socket.c:2565 [inline] > __do_sys_sendmsg net/socket.c:2574 [inline] > __se_sys_sendmsg net/socket.c:2572 [inline] > __x64_sys_sendmsg+0x367/0x540 net/socket.c:2572 > do_syscall_x64 arch/x86/entry/common.c:50 [inline] > do_syscall_64+0x3d/0xb0 arch/x86/entry/common.c:80 > entry_SYSCALL_64_after_hwframe+0x63/0xcd > > CPU: 1 PID: 3490 Comm: syz-executor155 Not tainted 6.0.0-rc5-syzkaller-48538-g8f4ae27df775 #0 > Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022 > ===================================================== > > > --- > This report is generated by a bot. It may contain errors. > See https://goo.gl/tpsmEJ for more information about syzbot. > syzbot engineers can be reached at syzkaller@googlegroups.com. > > syzbot will keep track of this issue. See: > https://goo.gl/tpsmEJ#status for how to communicate with syzbot. > syzbot can test patches for this issue, for details see: > https://goo.gl/tpsmEJ#testing-patches