From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id C803EC4345F for ; Sat, 13 Apr 2024 02:27:28 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 532226B009A; Fri, 12 Apr 2024 22:27:28 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 4BB026B009B; Fri, 12 Apr 2024 22:27:28 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 35BA66B009C; Fri, 12 Apr 2024 22:27:28 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0014.hostedemail.com [216.40.44.14]) by kanga.kvack.org (Postfix) with ESMTP id 106ED6B009A for ; Fri, 12 Apr 2024 22:27:28 -0400 (EDT) Received: from smtpin23.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay06.hostedemail.com (Postfix) with ESMTP id A214CA1D6F for ; Sat, 13 Apr 2024 02:27:27 +0000 (UTC) X-FDA: 82002922134.23.ACE83A1 Received: from mail-io1-f71.google.com (mail-io1-f71.google.com [209.85.166.71]) by imf29.hostedemail.com (Postfix) with ESMTP id E5C23120002 for ; Sat, 13 Apr 2024 02:27:25 +0000 (UTC) Authentication-Results: imf29.hostedemail.com; dkim=none; spf=pass (imf29.hostedemail.com: domain of 3je0ZZgkbAAg067sittmzixxql.owwotm20mzkwv1mv1.kwu@M3KW2WVRGUFZ5GODRSRYTGD7.apphosting.bounces.google.com designates 209.85.166.71 as permitted sender) smtp.mailfrom=3je0ZZgkbAAg067sittmzixxql.owwotm20mzkwv1mv1.kwu@M3KW2WVRGUFZ5GODRSRYTGD7.apphosting.bounces.google.com; dmarc=fail reason="SPF not aligned (relaxed), No valid DKIM" header.from=appspotmail.com (policy=none) ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1712975246; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding:in-reply-to: references; bh=JGpFiZMoct/gTKw486CudPM82VeVmjUMnBJvMxioOug=; b=7veGnSGyNTBEjHhYzvspZxFyMUxWAw+RMuwYKunmHrXAKa1+5YCO9M1KGOwb7iyZ4T/sqr SOPouXc6BMZGnR1vU3XQKvviW0AIl1EnbdnAWXwGbePl5s2tm81o2Oc7osTa5xCTOi8kmk JmHZ4g12pmsQ7CMNjAghczkIzDGS7HU= ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1712975246; a=rsa-sha256; cv=none; b=QyPN+8oOSDYRPuDGvH1QLJf0RtRbQCk0WgzF2R5Xu7uJ7GSXEW6YxHYVS+dwh2w9H/ScxO 5gd6zFgGuEcDJ3Q+nHkb8pkKNj765mwxoV+/seoVvYTUGqLDq2HgSKU3fAoxQ1UOMx/Vq4 fdud1T9H6PJC75TFbToE1y6mO0RKQJI= ARC-Authentication-Results: i=1; imf29.hostedemail.com; dkim=none; spf=pass (imf29.hostedemail.com: domain of 3je0ZZgkbAAg067sittmzixxql.owwotm20mzkwv1mv1.kwu@M3KW2WVRGUFZ5GODRSRYTGD7.apphosting.bounces.google.com designates 209.85.166.71 as permitted sender) smtp.mailfrom=3je0ZZgkbAAg067sittmzixxql.owwotm20mzkwv1mv1.kwu@M3KW2WVRGUFZ5GODRSRYTGD7.apphosting.bounces.google.com; dmarc=fail reason="SPF not aligned (relaxed), No valid DKIM" header.from=appspotmail.com (policy=none) Received: by mail-io1-f71.google.com with SMTP id ca18e2360f4ac-7d5e2b1cfabso149207039f.0 for ; Fri, 12 Apr 2024 19:27:25 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1712975245; x=1713580045; h=to:from:subject:message-id:date:mime-version:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=JGpFiZMoct/gTKw486CudPM82VeVmjUMnBJvMxioOug=; b=wdSlvSVeDuPO1P9XWo4z3kAlWhB0wW9h9z3xiv2rASPuDbuRK/WKfUac0/quORurlh tsayZmdoO1OukWTfcSP/u74wIllWClva/7GX30a0PpVf9+YgH1HbM5OwG0Y9frVrSPAD 4NIMQTbjnJ9VSpZFPL0aINgGDsEzI5X/k9iHOXvBeKqcdimTDtYHd9RWJT0wMLtkpgT1 dnCVhVIUDm2MvzjIyTw9TGve/mgkdC1eCjmuwpBs5ugu7RwSY1MAV08On+1715kgvPr/ 0ydyxGTWhD+NgIKQylm5VAvmBDk0+a5qr2QttwSlZI8P74BzSnS+Vq8TR1TBDpp7vg+v q8qw== X-Forwarded-Encrypted: i=1; AJvYcCW5816YWPWOyEkckVrfQ17GLy/3q2ruJ1CZGeNvR5G8dbmIuvsjoH8YvzDW5wMZzmpbkxxPUrOT+QkURiS+IoYzFNM= X-Gm-Message-State: AOJu0YyTzvOicHOHgDXVBniE6LsU/0cVpTf0BTEEnczNWjoCdAJVbXaX t5XRnyRUuCTtcdnhpuBU/n0nVGsR0mAwwgdLHMplc8hU9k1zMOXq4DqKOHhbMwXhfDOGJTImyxi Dy2XqKLMlPpj6kRfZL/PQqvycTrjOCdPJ2a89QP0HzGHuJ2pXmLyyjnk= X-Google-Smtp-Source: AGHT+IHfcl5Kh+4PDWY92bV+Hcoj+JIhrgUf7vFKqM4wkeIxu9S/k/ExVOpCoENytMxVuej6SRqool+l6LT95MstiEbIWqKYC9kf MIME-Version: 1.0 X-Received: by 2002:a05:6638:2494:b0:47c:6d4:3e57 with SMTP id x20-20020a056638249400b0047c06d43e57mr137698jat.0.1712975245105; Fri, 12 Apr 2024 19:27:25 -0700 (PDT) Date: Fri, 12 Apr 2024 19:27:25 -0700 X-Google-Appengine-App-Id: s~syzkaller X-Google-Appengine-App-Id-Alias: syzkaller Message-ID: <000000000000fe696d0615f120bb@google.com> Subject: [syzbot] [mm?] KMSAN: kernel-infoleak in bpf_probe_write_user From: syzbot To: akpm@linux-foundation.org, linux-kernel@vger.kernel.org, linux-mm@kvack.org, syzkaller-bugs@googlegroups.com Content-Type: text/plain; charset="UTF-8" X-Rspamd-Queue-Id: E5C23120002 X-Rspam-User: X-Rspamd-Server: rspam11 X-Stat-Signature: ani7q8cspajbkysbhywzakbnqxpbiq9g X-HE-Tag: 1712975245-645124 X-HE-Meta: U2FsdGVkX1/vo7/o8xf+/gq2YwsaudXr/6vxyOiN9waLPtq/dx6ghcP78ZqXSfaK9bQFoghgu9H+DRKOC64EYveI3ee2RUdl1njc5VvlhqaJYeW17TGmOSjr35IxxZTZclkEo1j9Adibj4RAUZjZQnaXPD3Efc6eUxsgoGVGs1b59Zaw+m1of4zEPbQBBSxoS0DAAfiXoM8wDhVbBInBOtfWRxeRsc3e9Dys3NPt+zWKMz9ecFaln3IbZAYXKT8JtEIc97h6cu7AW/ncr43kLPzTbI/0N21CGwNjL5XqxhTi257VSiK7dFzNAMyfmeU4LwgfNnpcVcrQINVQ13YKCMjgiWyyOahnCZMwJR6sYVlfI1oqzsk/iDYaIQa3FZqggJANQNNoqfg/6m39Tw9cH4pwqzgSi2fswd7Bt5+le2swJTkBG6BUoh2Bjo97Pj6UD0FCgKV+oxJ92pRfDzl+nnyKrMAZk+OeKNRA6Ca/N5fIlpPdKc5JLVJ53EK0qapjoXrTYeO66fOjHlJPDG0VrqbAOwz+bHrGQOAbkXdc0p1t81AMvIw77mSygF4QaJaZ3nbBCEKxkH/dqy3wylE4sYHYHeHH0Pe9eehiWC6RiEGV88KU5hfIhIID+lKzf9vEmj2zBOwhks3tVnv90K46/DwrCqLB9Z3D4BqV4zj7CfQWwd4KvZdzBZYA8CYopWv+eXqgDVSUfpz2fYXZyl38UP7qi3khpNU69p7D9G8qvRcdMuJHqUGXe/tFYkq0SRBjVm6a5G/XU9cTygwmKhIKvVTcfyl2V9+m+VHyesLFUl9/a7TuxZnwrqKz7XwJIzP47v3GJBSRKdEX/y/iJ24bQiDFMu+Ii69vW3UdwqXR8QDSU6KZxT/hLMlQocqhHXdbXs5tvZQfK9zfaQV7M4iDfmvv0OkgMRv2SyJI0a+PLWUJzOLWfrUfs4Qnt3k02Dtt23QlyMmYqL3VHfsdk8W AeIWmZDn TjgdPROI9SXWj2LFBCLaZK2UMVSDNwkXdewHUCbhy6zwOHDsZsjsve1ZrvXwZMK9WkF1/TzWG2ZZWqzPJqMCrvw41PdKCPALjDfd04uZnn+RH6z4AB940zwvqdCHCZ1JEdGuDdw2uhpBm5YaBNcfh6aocjRZj0jcxzDPfjwrJObzQpVTqAkz823FaEZrS1VVL6GJgIXX9DlSfTzF4RCU7UZo1AQf5ol7S+lM+0PmD//CxcZqh21Yw5yYMmp6l4AfJ3XlEVU+NNl9KznnH52HJyiGhaLtra1c+lk+zPbAQzzhrTlLeQaDAha6bqFLhewDoEWWOuRU0W+wRUmUbMLdbMIphElxR0+MMHtIQbe8xlBqxbThOJYnaVoyxlNsjLcSPt7Ykd2rDx02u7ZiAoKzkWGyp9lqfdPexqd1mfo+PVdbKkhxR3D6+PyxVlAM8GCS0TLUJGYl3iHCLpzYJg048PyrOuxbYDVg6rZ76OhCj8ZL+4hhZN2gPnc6JhcIGFh6A6Gnu9AlTA6EeDndg8B/jsbMVhfoLFuiH2iuah/SObKWRpWARwRvNxRysNp2ErqEfBL3XS3Q3MIWKGBmQFmIRtD0KqEGNK0QTAgxrA1x3lyd3SU3wmObzmGKwwx+TM3NydiR4SDahKcp5bpYaN6HZkOzs0Eq0P33vPTHWtJHoLoYi6e4ZAMAMHb/BrnQ9agqA1qNt52T1RMMnyYlo6ne/UkL0o2pehQHEFkr1a6J40ZQkvHRCyKizRx8epmVCvuqF5D8pnwIBI40Le500E+zttQHgyj7bPvN1JP0ba9sSHUB60A9Ac3nXrPxNIV2Xfd1Bzj3CiroUcRsOy1UqOoo16PUfiqQ5XG8MkPonjwXmG5ZDIAlod29qf2XQ3cIGFP142vWTemmt8hJqw8N3Fqn1660rkhtU0qOSjksNgBHsUIlrA2mqBne/LcV3fppnQg+xek770itTV+b4QkC8H30D/qYXOEeD bd9GcgKL 34ljXB9mvL1TT6xdkjlFKNbxmMsJODVAQWk1Bw5Rb3szqF26qd09/BnOFYVXCeJSNOYNesZYtYFoskPi3fvdmfF00S3DgHqUKvQ1fdRrO0/Edw4cml856DPzRlpDZ/HepZX+uSd1gBaaK0YAJM3iYJvfRDcEfo4piY+FR5dvLvTYa67GVPeQW7FKi17OcqVEAzzXLQPQvEn0nwI8FVqfGujbgeVoRLDm6vZ8wjVyFRaTHatH7F/HJJCSEIKrji5JY3z9wkf3XaO1CzAoCl6xiUOkh9UcDmnMUcrLw6fIzUZa4rBBqiGYypHeNKGhlKsPv5mkxlrhCpuQJHqKIWoxZSLN/ZGhavxJzhADG1rppiU= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: Hello, syzbot found the following issue on: HEAD commit: fec50db7033e Linux 6.9-rc3 git tree: upstream console+strace: https://syzkaller.appspot.com/x/log.txt?x=16509ba1180000 kernel config: https://syzkaller.appspot.com/x/.config?x=13e7da432565d94c dashboard link: https://syzkaller.appspot.com/bug?extid=79102ed905e5b2dc0fc3 compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 syz repro: https://syzkaller.appspot.com/x/repro.syz?x=10a4af9d180000 C reproducer: https://syzkaller.appspot.com/x/repro.c?x=12980f9d180000 Downloadable assets: disk image: https://storage.googleapis.com/syzbot-assets/901017b36ccc/disk-fec50db7.raw.xz vmlinux: https://storage.googleapis.com/syzbot-assets/16bfcf5618d3/vmlinux-fec50db7.xz kernel image: https://storage.googleapis.com/syzbot-assets/dc9c5a1e7d02/bzImage-fec50db7.xz IMPORTANT: if you fix the issue, please add the following tag to the commit: Reported-by: syzbot+79102ed905e5b2dc0fc3@syzkaller.appspotmail.com ===================================================== BUG: KMSAN: kernel-infoleak in instrument_copy_to_user include/linux/instrumented.h:114 [inline] BUG: KMSAN: kernel-infoleak in __copy_to_user_inatomic include/linux/uaccess.h:125 [inline] BUG: KMSAN: kernel-infoleak in copy_to_user_nofault+0x129/0x1f0 mm/maccess.c:149 instrument_copy_to_user include/linux/instrumented.h:114 [inline] __copy_to_user_inatomic include/linux/uaccess.h:125 [inline] copy_to_user_nofault+0x129/0x1f0 mm/maccess.c:149 ____bpf_probe_write_user kernel/trace/bpf_trace.c:349 [inline] bpf_probe_write_user+0x104/0x180 kernel/trace/bpf_trace.c:327 ___bpf_prog_run+0x13fe/0xe0f0 kernel/bpf/core.c:1997 __bpf_prog_run64+0xb5/0xe0 kernel/bpf/core.c:2236 bpf_dispatcher_nop_func include/linux/bpf.h:1234 [inline] __bpf_prog_run include/linux/filter.h:657 [inline] bpf_prog_run include/linux/filter.h:664 [inline] __bpf_trace_run kernel/trace/bpf_trace.c:2381 [inline] bpf_trace_run2+0x116/0x300 kernel/trace/bpf_trace.c:2420 __bpf_trace_kfree+0x29/0x40 include/trace/events/kmem.h:94 trace_kfree include/trace/events/kmem.h:94 [inline] kfree+0x6a5/0xa30 mm/slub.c:4377 vfs_writev+0x12bf/0x1450 fs/read_write.c:978 do_writev+0x251/0x5c0 fs/read_write.c:1018 __do_sys_writev fs/read_write.c:1091 [inline] __se_sys_writev fs/read_write.c:1088 [inline] __x64_sys_writev+0x98/0xe0 fs/read_write.c:1088 do_syscall_64+0xd5/0x1f0 entry_SYSCALL_64_after_hwframe+0x72/0x7a Local variable stack created at: __bpf_prog_run64+0x45/0xe0 kernel/bpf/core.c:2236 bpf_dispatcher_nop_func include/linux/bpf.h:1234 [inline] __bpf_prog_run include/linux/filter.h:657 [inline] bpf_prog_run include/linux/filter.h:664 [inline] __bpf_trace_run kernel/trace/bpf_trace.c:2381 [inline] bpf_trace_run2+0x116/0x300 kernel/trace/bpf_trace.c:2420 Bytes 0-7 of 8 are uninitialized Memory access of size 8 starts at ffff888121ec7ae8 Data copied to user address 00000000ffffffff CPU: 1 PID: 4779 Comm: dhcpcd Not tainted 6.9.0-rc3-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024 ===================================================== --- This report is generated by a bot. It may contain errors. See https://goo.gl/tpsmEJ for more information about syzbot. syzbot engineers can be reached at syzkaller@googlegroups.com. syzbot will keep track of this issue. See: https://goo.gl/tpsmEJ#status for how to communicate with syzbot. If the report is already addressed, let syzbot know by replying with: #syz fix: exact-commit-title If you want syzbot to run the reproducer, reply with: #syz test: git://repo/address.git branch-or-commit-hash If you attach or paste a git patch, syzbot will apply it before testing. If you want to overwrite report's subsystems, reply with: #syz set subsystems: new-subsystem (See the list of subsystem names on the web dashboard) If the report is a duplicate of another one, reply with: #syz dup: exact-subject-of-another-report If you want to undo deduplication, reply with: #syz undup