| Title | Replies (including bot) | Last reply |
|---|---|---|
| [syzbot] [net?] KMSAN: uninit-value in netif_skb_features (4) | 0 (1) | 2025/10/07 06:40 |
syzbot |
sign-in | mailing list | source | docs |
| Title | Replies (including bot) | Last reply |
|---|---|---|
| [syzbot] [net?] KMSAN: uninit-value in netif_skb_features (4) | 0 (1) | 2025/10/07 06:40 |
| Kernel | Title | Rank 🛈 | Repro | Cause bisect | Fix bisect | Count | Last | Reported | Patched | Status |
|---|---|---|---|---|---|---|---|---|---|---|
| upstream | KMSAN: kernel-infoleak in copyout (2) net | 17 | C | 6723 | 952d | 2121d | 22/29 | fixed on 2023/06/08 14:41 | ||
| upstream | KMSAN: uninit-value in netif_skb_features (2) net | 7 | C | 9 | 759d | 848d | 25/29 | fixed on 2024/01/30 15:47 | ||
| upstream | KMSAN: kernel-infoleak in _copy_to_iter (7) net | 23 | C | 138977 | 1056d | 1408d | 22/29 | fixed on 2023/02/24 13:50 | ||
| upstream | KMSAN: uninit-value in netif_skb_features (3) net | 7 | 1 | 329d | 329d | 0/29 | auto-obsoleted due to no activity on 2025/05/29 13:17 | |||
| upstream | KMSAN: uninit-value in netif_skb_features net | 7 | C | 119 | 2809d | 2835d | 5/29 | fixed on 2018/05/08 18:30 |
===================================================== BUG: KMSAN: uninit-value in netif_skb_features+0x115b/0x2160 net/core/dev.c:3833 netif_skb_features+0x115b/0x2160 net/core/dev.c:3833 validate_xmit_skb+0xb6/0x2400 net/core/dev.c:3993 __dev_queue_xmit+0x172a/0x58e0 net/core/dev.c:4811 dev_queue_xmit include/linux/netdevice.h:3381 [inline] br_dev_queue_push_xmit+0xa12/0xc20 net/bridge/br_forward.c:53 NF_HOOK include/linux/netfilter.h:318 [inline] br_forward_finish+0xfe/0x330 net/bridge/br_forward.c:66 NF_HOOK include/linux/netfilter.h:318 [inline] __br_forward+0x847/0xab0 net/bridge/br_forward.c:115 deliver_clone net/bridge/br_forward.c:131 [inline] maybe_deliver+0x3e0/0x5c0 net/bridge/br_forward.c:191 br_flood+0x45b/0xb70 net/bridge/br_forward.c:238 br_handle_frame_finish+0x2a34/0x2dd0 net/bridge/br_input.c:229 nf_hook_bridge_pre net/bridge/br_input.c:313 [inline] br_handle_frame+0x179f/0x2180 net/bridge/br_input.c:442 __netif_receive_skb_core+0xf8c/0x4d10 net/core/dev.c:6026 __netif_receive_skb_list_core+0x2f1/0x16b0 net/core/dev.c:6214 __netif_receive_skb_list net/core/dev.c:6281 [inline] netif_receive_skb_list_internal+0xee7/0x1530 net/core/dev.c:6372 gro_normal_list include/net/gro.h:524 [inline] gro_flush_normal include/net/gro.h:532 [inline] napi_complete_done+0x403/0x790 net/core/dev.c:6741 gro_cell_poll+0x2c9/0x310 net/core/gro_cells.c:74 __napi_poll+0xd8/0x880 net/core/dev.c:7668 napi_poll net/core/dev.c:7731 [inline] net_rx_action+0xa3f/0x1c90 net/core/dev.c:7883 handle_softirqs+0x169/0x6e0 kernel/softirq.c:622 __do_softirq+0x14/0x1b kernel/softirq.c:656 do_softirq+0x58/0x90 kernel/softirq.c:523 __local_bh_enable_ip+0xa1/0xb0 kernel/softirq.c:450 local_bh_enable include/linux/bottom_half.h:33 [inline] tun_rx_batched+0x889/0x980 drivers/net/tun.c:-1 tun_get_user+0x5c0e/0x6c60 drivers/net/tun.c:1953 tun_chr_write_iter+0x3e9/0x5c0 drivers/net/tun.c:1999 new_sync_write fs/read_write.c:593 [inline] vfs_write+0xbe2/0x15d0 fs/read_write.c:686 ksys_write fs/read_write.c:738 [inline] __do_sys_write fs/read_write.c:749 [inline] __se_sys_write fs/read_write.c:746 [inline] __x64_sys_write+0x1fb/0x4d0 fs/read_write.c:746 x64_sys_call+0x30ab/0x3e70 arch/x86/include/generated/asm/syscalls_64.h:2 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline] do_syscall_64+0xd3/0xf80 arch/x86/entry/syscall_64.c:94 entry_SYSCALL_64_after_hwframe+0x77/0x7f Uninit was created at: slab_post_alloc_hook mm/slub.c:4960 [inline] slab_alloc_node mm/slub.c:5263 [inline] kmem_cache_alloc_node_noprof+0x9e7/0x17a0 mm/slub.c:5315 kmalloc_reserve+0x13c/0x4b0 net/core/skbuff.c:586 __alloc_skb+0x805/0x1040 net/core/skbuff.c:690 alloc_skb include/linux/skbuff.h:1383 [inline] alloc_skb_with_frags+0xc5/0xa60 net/core/skbuff.c:6712 sock_alloc_send_pskb+0xacc/0xc60 net/core/sock.c:2995 tun_alloc_skb drivers/net/tun.c:1461 [inline] tun_get_user+0x1142/0x6c60 drivers/net/tun.c:1794 tun_chr_write_iter+0x3e9/0x5c0 drivers/net/tun.c:1999 new_sync_write fs/read_write.c:593 [inline] vfs_write+0xbe2/0x15d0 fs/read_write.c:686 ksys_write fs/read_write.c:738 [inline] __do_sys_write fs/read_write.c:749 [inline] __se_sys_write fs/read_write.c:746 [inline] __x64_sys_write+0x1fb/0x4d0 fs/read_write.c:746 x64_sys_call+0x30ab/0x3e70 arch/x86/include/generated/asm/syscalls_64.h:2 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline] do_syscall_64+0xd3/0xf80 arch/x86/entry/syscall_64.c:94 entry_SYSCALL_64_after_hwframe+0x77/0x7f CPU: 0 UID: 0 PID: 9405 Comm: syz.4.740 Tainted: G L syzkaller #0 PREEMPT(none) Tainted: [L]=SOFTLOCKUP Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 =====================================================
| Time | Kernel | Commit | Syzkaller | Config | Log | Report | Syz repro | C repro | VM info | Assets (help?) | Manager | Title |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2026/01/04 16:15 | upstream | aacb0a6d604a | d6526ea3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kmsan-gce-root | KMSAN: uninit-value in netif_skb_features | ||
| 2026/01/04 16:07 | upstream | aacb0a6d604a | d6526ea3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kmsan-gce-root | KMSAN: uninit-value in netif_skb_features | ||
| 2026/01/04 16:01 | upstream | aacb0a6d604a | d6526ea3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kmsan-gce-root | KMSAN: uninit-value in netif_skb_features | ||
| 2025/11/15 22:45 | upstream | f824272b6e3f | f7988ea4 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kmsan-gce-root | KMSAN: uninit-value in netif_skb_features | ||
| 2025/10/03 06:32 | upstream | e406d57be7bd | 49379ee0 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kmsan-gce-root | KMSAN: uninit-value in netif_skb_features |