Received: by 2002:ab2:3350:0:b0:1f4:6588:b3a7 with SMTP id o16csp1974342lqe;
        Tue, 9 Apr 2024 06:22:04 -0700 (PDT)
X-Forwarded-Encrypted: i=3; AJvYcCXXWmdlSNVdwkanCcz9JQKLy1A/J72YqcGjEupRccLSuzbYxF3w4GtqDrSM5x5IrsYW3UfEXUzwqp4seYPpDb2elNZg8Ypt08BCO+0xCw==
X-Google-Smtp-Source: AGHT+IFFvK4EoNdf8RJBhiOcx3b2CgtM8NIGRY450kKlmGPErUN66EpcK/SVoNn/7q/l2W0X6hRZ
X-Received: by 2002:a17:902:d34c:b0:1e4:346e:74d8 with SMTP id l12-20020a170902d34c00b001e4346e74d8mr4475722plk.61.1712668924421;
        Tue, 09 Apr 2024 06:22:04 -0700 (PDT)
ARC-Seal: i=2; a=rsa-sha256; t=1712668924; cv=pass;
        d=google.com; s=arc-20160816;
        b=EwAF1tm6C1HTI57YNcZKLEGk8ZMNQK/HA6isQ9aoYG6VvRZ9UgbEd1nI/YCi/ldvEo
         iDu4hoFHEWmx2uWrBsHU8VIdDKf5Sm5vbtkiab+BPVef/SBGluDVty6tG9AveMN+kLx5
         XByFPG+PfJXqHJrMbHLf8gzMYRTcFADOy5Pwx3RJQjK0GyUDJiSUGQLunePbv6wjA7g7
         f+qPvt0SZYA3BfpVvZoGMiWHukVG3psY4baZEgr8+9gL6zfB6HzTn+lRiRXnKhCUZBWc
         nS1HOJvKN4SvjLOpewM9G1hNcSzSH9sLEMttSS8Yf0Z7GG2HudcUIKbSZ4vJx8SsU89q
         R7Pw==
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=content-transfer-encoding:mime-version:list-unsubscribe
         :list-subscribe:list-id:precedence:references:in-reply-to:date
         :subject:cc:to:from:message-id:dkim-signature;
        bh=YUtGez/XnDNg5xUU7tPR+7JYoTfIuuLZrutUQBX7E4w=;
        fh=QNGXHtBg2g+M/kcYTUOT4wwIGiA6LUw6V9VQsY8ZZuw=;
        b=HVQ/1Fgkt3MRPIIYDqXVbtOW1yBje1ZwuvTqwYeLuc6FzeysO357j5gyGumE5mAFnv
         ZqV6Ak1yEBJnnBgHj4Vbo27VmjamCCGW2rK8RuNqDsqeUqJHnTpBkRYpzVT4/f+483gR
         F1Q/Cq6AxysPVstf2znTy+WDyDaCzMX4NPUenQPq6WZJVuoSio3wmOodNU1esTn0QYCK
         NdcFLADZs6FtdGwcVMahESCTzCSHYjHNNq2mgRtT5qFBE6hXvVHN4JL5vHdIa0zyf6eU
         28/Bj4D2+ESXdsRNravTTkj/o4u+KGWAThm2uOp45ax75lFr9BWnb+nmgE15/6IALR8g
         TSdA==;
        dara=google.com
ARC-Authentication-Results: i=2; mx.google.com;
       dkim=pass header.i=@qq.com header.s=s201512 header.b=bRNsxKJO;
       arc=pass (i=1 spf=pass spfdomain=qq.com dkim=pass dkdomain=qq.com dmarc=pass fromdomain=qq.com);
       spf=pass (google.com: domain of linux-kernel+bounces-136930-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-136930-linux.lists.archive=gmail.com@vger.kernel.org";
       dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=qq.com
Return-Path: <linux-kernel+bounces-136930-linux.lists.archive=gmail.com@vger.kernel.org>
Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org. [2604:1380:45e3:2400::1])
        by mx.google.com with ESMTPS id c8-20020a170902d48800b001e3e6fe310bsi5940916plg.118.2024.04.09.06.22.04
        for <linux.lists.archive@gmail.com>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 09 Apr 2024 06:22:04 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel+bounces-136930-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) client-ip=2604:1380:45e3:2400::1;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@qq.com header.s=s201512 header.b=bRNsxKJO;
       arc=pass (i=1 spf=pass spfdomain=qq.com dkim=pass dkdomain=qq.com dmarc=pass fromdomain=qq.com);
       spf=pass (google.com: domain of linux-kernel+bounces-136930-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-136930-linux.lists.archive=gmail.com@vger.kernel.org";
       dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=qq.com
Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by sv.mirrors.kernel.org (Postfix) with ESMTPS id 1AC352830E1
	for <linux.lists.archive@gmail.com>; Tue,  9 Apr 2024 13:22:04 +0000 (UTC)
Received: from localhost.localdomain (localhost.localdomain [127.0.0.1])
	by smtp.subspace.kernel.org (Postfix) with ESMTP id 1413812F5A0;
	Tue,  9 Apr 2024 13:21:49 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (1024-bit key) header.d=qq.com header.i=@qq.com header.b="bRNsxKJO"
Received: from out162-62-63-194.mail.qq.com (out162-62-63-194.mail.qq.com [162.62.63.194])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 10E6C12F585
	for <linux-kernel@vger.kernel.org>; Tue,  9 Apr 2024 13:21:44 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=162.62.63.194
ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1712668908; cv=none; b=uiC7yXh56AuuVXhov8pKYyhYfNgO9I6Sz+0klrAotiXBqq/Oa1PjYVoAc8ToS8L43nvR3W9MM/N6LugWf7U7mb24nZVtrKOgtN/jq2DOs7O4J0HiTUJy0n6AxMSA7KLjgZ+JwjPKKTpyV96kEb/Cxelk8/LPPEnfI4gqSMGBNs0=
ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1712668908; c=relaxed/simple;
	bh=BIXtQbP9MP9nqx4vsOYb5xY/BLcCRo0aS7pkb/Oy9M4=;
	h=Message-ID:From:To:Cc:Subject:Date:In-Reply-To:References:
	 MIME-Version; b=nUt0QxcBvvyyOhdC+/uxKcBaRoCR4QalFmyB4EC5NnQj3C5AZB4VFqeyDH5afgM3OtsCzjuii4hNSiH49oJA9sQTkmiSExadZLYXiooopgdLFUfiXp40IwbHw9hO0zAtfZuLsd7IUIoPA5ekYmZ1Kb96RNCkjW5RbdJ8RlRaBWM=
ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=qq.com; spf=pass smtp.mailfrom=qq.com; dkim=pass (1024-bit key) header.d=qq.com header.i=@qq.com header.b=bRNsxKJO; arc=none smtp.client-ip=162.62.63.194
Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=qq.com
Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=qq.com
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=qq.com; s=s201512;
	t=1712668895; bh=YUtGez/XnDNg5xUU7tPR+7JYoTfIuuLZrutUQBX7E4w=;
	h=From:To:Cc:Subject:Date:In-Reply-To:References;
	b=bRNsxKJOljO5gDXhx6JeJ7EgfIrKkNy1wlrEml8OwkdMFWtKpUXIyHPf5Xt56FLdu
	 Yh4CdBaXsOEmotMF9CW5zrSWv8agAviPGaa7gi8R8/Qza3a6u3R2HSizC51hGOEwpv
	 hVVa71o44xjd1eH5nofJx0bOjWh8EuWIZ/xJgr4k=
Received: from pek-lxu-l1.wrs.com ([111.198.228.153])
	by newxmesmtplogicsvrszb9-1.qq.com (NewEsmtp) with SMTP
	id 356A180B; Tue, 09 Apr 2024 21:13:22 +0800
X-QQ-mid: xmsmtpt1712668402t5chgs1d7
Message-ID: <tencent_66764A0C74FD776567343C4D36D6971A3609@qq.com>
X-QQ-XMAILINFO: OXHA96V41vMDBwhYwn7+OjcGgzli3xXJ2XDxO3wfyTlv9jhUGCma8gVWdIuDuN
	 q8gbpT2OeHrZgo4KnPTxPoOXTrr+jLmUXj0dn/aqJHpzPeqeMTjHBAuN0Ppaas2adCVyxYG8CzzP
	 aShYl/WjyuH6yN1aND/6KraaC/HtUP6aeTos6AFQLq8581MSBKOMLifVxFwoo0dY5wb9+3wNgRZR
	 mWMTEqAHfhLji65ddxmzut9n3WMYXg6xtwqo2EhKBTJirEEM7gWwnufhWF+rqn1El5waws8qzkD3
	 v2iK2Uqx+7gDtlujVJsnZxgHj9CR2QIGXagyWTqYrQOab6SikTD0YFAqmRqGZIbggb8tdEA3XVYt
	 sEM38BH5O0DeCrmU2e/XAZi3TXVDp1DSopwHTFDH6453LvFAPr1yxp1+Hb8iVNflHkldj1TIGKWk
	 JBE/tFj+itxDdiMcNZdGAJyfW24sif6QqDgu9hhhUcULarS641sNTtVkNHaLrhS4P0QqG7JM+Dl0
	 1A7110ENLuwaAXUlw3v5kKQlOqyWSrLHVMxgNQBv37PiItIccuQOi3WlnpJgJG4sHge6V53Dv14Q
	 oRMWgwZzeBHOs4T90fZkUumAEvwqvXDhJGmtQ3vylWnYIc5q3q6/TS7DIQ+U1ouG0UjLLk2Yda+D
	 Ep1HJMpcBzjIrC11nLztBM1QPf3Ulj0x9Nymjk3UxP9iAkaDKQVYe1fpCSafoCQE62+oUJ1LkAyw
	 gqCMrpHc3xP3aPnFaYcOept/8i+vSNNpkbhG4z2eLam1B74/1EVRkRG/B29iKOfo2sTw/K/7iGTV
	 4+iHzcS8Cw7OTRiUIbJQ83l54qY+i+UsnOW4zCetBiHCXeP+tq3wY4zkFHrScqMpgM1jNG6HkcSd
	 rNT7gzJQcJDXWp0Zg4Ozbfls9tpNK2l2UVodLKdc2dDNZzLZXUQRU3edWQE2YB91oofgXma5d7oJ
	 fGCC6//qsNs39ZvJXBNUPWLsza0clge7u8p3J1b85BJQ5wD5bN5astSCfIYgB5RJR39hNQaEgYF2
	 i2EQItu4zNgv6BoCSO
X-QQ-XMRINFO: M/715EihBoGSf6IYSX1iLFg=
From: Edward Adam Davis <eadavis@qq.com>
To: syzbot+9b8be5e35747291236c8@syzkaller.appspotmail.com
Cc: linux-kernel@vger.kernel.org,
	syzkaller-bugs@googlegroups.com
Subject: Re: [syzbot] [bpf?] KMSAN: uninit-value in strnchr
Date: Tue,  9 Apr 2024 21:13:23 +0800
X-OQ-MSGID: <20240409131322.4166944-2-eadavis@qq.com>
X-Mailer: git-send-email 2.43.0
In-Reply-To: <0000000000009e2ff406130de279@google.com>
References: <0000000000009e2ff406130de279@google.com>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

please test uini in strnchr

#syz test https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git 04b8076df253

diff --git a/kernel/bpf/helpers.c b/kernel/bpf/helpers.c
index 449b9a5d3fe3..54abc67c48c7 100644
--- a/kernel/bpf/helpers.c
+++ b/kernel/bpf/helpers.c
@@ -826,7 +826,8 @@ int bpf_bprintf_prepare(char *fmt, u32 fmt_size, const u64 *raw_args,
 	u64 cur_arg;
 	char fmt_ptype, cur_ip[16], ip_spec[] = "%pXX";
 
-	fmt_end = strnchr(fmt, fmt_size, 0);
+	kmsan_unpoison_memory(fmt, fmt_size);
+	fmt_end = strnchrnul(fmt, fmt_size, 0);
 	if (!fmt_end)
 		return -EINVAL;
 	fmt_size = fmt_end - fmt;
-- 
2.43.0