| Title | Replies (including bot) | Last reply |
|---|---|---|
| [syzbot] [net?] KMSAN: uninit-value in netif_skb_features (4) | 0 (1) | 2025/10/07 06:40 |
syzbot |
sign-in | mailing list | source | docs |
| Title | Replies (including bot) | Last reply |
|---|---|---|
| [syzbot] [net?] KMSAN: uninit-value in netif_skb_features (4) | 0 (1) | 2025/10/07 06:40 |
| Kernel | Title | Rank 🛈 | Repro | Cause bisect | Fix bisect | Count | Last | Reported | Patched | Status |
|---|---|---|---|---|---|---|---|---|---|---|
| upstream | KMSAN: kernel-infoleak in copyout (2) net | 17 | C | 6723 | 899d | 2068d | 22/29 | fixed on 2023/06/08 14:41 | ||
| upstream | KMSAN: uninit-value in netif_skb_features (2) net | 7 | C | 9 | 706d | 795d | 25/29 | fixed on 2024/01/30 15:47 | ||
| upstream | KMSAN: kernel-infoleak in _copy_to_iter (7) net | 23 | C | 138977 | 1003d | 1355d | 22/29 | fixed on 2023/02/24 13:50 | ||
| upstream | KMSAN: uninit-value in netif_skb_features (3) net | 7 | 1 | 276d | 276d | 0/29 | auto-obsoleted due to no activity on 2025/05/29 13:17 | |||
| upstream | KMSAN: uninit-value in netif_skb_features net | 7 | C | 119 | 2756d | 2782d | 5/29 | fixed on 2018/05/08 18:30 |
===================================================== BUG: KMSAN: uninit-value in netif_skb_features+0x115b/0x2160 net/core/dev.c:3825 netif_skb_features+0x115b/0x2160 net/core/dev.c:3825 validate_xmit_skb+0xb6/0x1d50 net/core/dev.c:3985 __dev_queue_xmit+0x23f8/0x5e60 net/core/dev.c:4755 dev_queue_xmit include/linux/netdevice.h:3365 [inline] br_dev_queue_push_xmit+0xa12/0xc20 net/bridge/br_forward.c:53 NF_HOOK include/linux/netfilter.h:318 [inline] br_forward_finish+0xfe/0x330 net/bridge/br_forward.c:66 NF_HOOK include/linux/netfilter.h:318 [inline] __br_forward+0x8cc/0xb30 net/bridge/br_forward.c:115 deliver_clone net/bridge/br_forward.c:131 [inline] maybe_deliver+0x3e0/0x5c0 net/bridge/br_forward.c:191 br_flood+0x45b/0xb70 net/bridge/br_forward.c:238 br_handle_frame_finish+0x2b7a/0x2f70 net/bridge/br_input.c:229 nf_hook_bridge_pre net/bridge/br_input.c:313 [inline] br_handle_frame+0x179f/0x2180 net/bridge/br_input.c:442 __netif_receive_skb_core+0x2043/0x7150 net/core/dev.c:5966 __netif_receive_skb_list_core+0x2f1/0x16b0 net/core/dev.c:6154 __netif_receive_skb_list net/core/dev.c:6221 [inline] netif_receive_skb_list_internal+0xee7/0x1530 net/core/dev.c:6312 gro_normal_list include/net/gro.h:524 [inline] gro_flush_normal include/net/gro.h:532 [inline] napi_complete_done+0x3fb/0x7d0 net/core/dev.c:6681 gro_cell_poll+0x2c9/0x310 net/core/gro_cells.c:74 __napi_poll+0xdd/0x8a0 net/core/dev.c:7594 napi_poll net/core/dev.c:7657 [inline] net_rx_action+0xbc8/0x1c30 net/core/dev.c:7784 handle_softirqs+0x169/0x6e0 kernel/softirq.c:622 __do_softirq+0x14/0x1b kernel/softirq.c:656 do_softirq+0x99/0x100 kernel/softirq.c:523 __local_bh_enable_ip+0xa1/0xb0 kernel/softirq.c:450 local_bh_enable include/linux/bottom_half.h:33 [inline] tun_rx_batched+0x889/0x980 drivers/net/tun.c:-1 tun_get_user+0x5d62/0x6d70 drivers/net/tun.c:1953 tun_chr_write_iter+0x3e9/0x5c0 drivers/net/tun.c:1999 new_sync_write fs/read_write.c:593 [inline] vfs_write+0xbe2/0x15d0 fs/read_write.c:686 ksys_write fs/read_write.c:738 [inline] __do_sys_write fs/read_write.c:749 [inline] __se_sys_write fs/read_write.c:746 [inline] __x64_sys_write+0x1fb/0x4d0 fs/read_write.c:746 x64_sys_call+0x3014/0x3e30 arch/x86/include/generated/asm/syscalls_64.h:2 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline] do_syscall_64+0xd9/0xfa0 arch/x86/entry/syscall_64.c:94 entry_SYSCALL_64_after_hwframe+0x77/0x7f Uninit was created at: slab_post_alloc_hook mm/slub.c:4985 [inline] slab_alloc_node mm/slub.c:5288 [inline] kmem_cache_alloc_node_noprof+0x989/0x16b0 mm/slub.c:5340 kmalloc_reserve+0x13c/0x4b0 net/core/skbuff.c:579 __alloc_skb+0x347/0x7d0 net/core/skbuff.c:670 alloc_skb include/linux/skbuff.h:1383 [inline] alloc_skb_with_frags+0xc5/0xa60 net/core/skbuff.c:6671 sock_alloc_send_pskb+0xacc/0xc60 net/core/sock.c:2965 tun_alloc_skb drivers/net/tun.c:1461 [inline] tun_get_user+0x1142/0x6d70 drivers/net/tun.c:1794 tun_chr_write_iter+0x3e9/0x5c0 drivers/net/tun.c:1999 new_sync_write fs/read_write.c:593 [inline] vfs_write+0xbe2/0x15d0 fs/read_write.c:686 ksys_write fs/read_write.c:738 [inline] __do_sys_write fs/read_write.c:749 [inline] __se_sys_write fs/read_write.c:746 [inline] __x64_sys_write+0x1fb/0x4d0 fs/read_write.c:746 x64_sys_call+0x3014/0x3e30 arch/x86/include/generated/asm/syscalls_64.h:2 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline] do_syscall_64+0xd9/0xfa0 arch/x86/entry/syscall_64.c:94 entry_SYSCALL_64_after_hwframe+0x77/0x7f CPU: 1 UID: 0 PID: 9652 Comm: syz.2.1678 Not tainted syzkaller #0 PREEMPT(none) Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 =====================================================
| Time | Kernel | Commit | Syzkaller | Config | Log | Report | Syz repro | C repro | VM info | Assets (help?) | Manager | Title |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2025/11/15 22:45 | upstream | f824272b6e3f | f7988ea4 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kmsan-gce-root | KMSAN: uninit-value in netif_skb_features | ||
| 2025/10/03 06:32 | upstream | e406d57be7bd | 49379ee0 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kmsan-gce-root | KMSAN: uninit-value in netif_skb_features |