syzbot


WARNING in u32_change (2)

Status: upstream: reported C repro on 2026/03/04 11:04
Subsystems: net
[Documentation on labels]
Reported-by: syzbot+d5ace703ed883df56e42@syzkaller.appspotmail.com
Fix commit: 34bd3c6b0bd3 net: sched: cls_u32: Avoid memcpy() false-positive warning in u32_init_knode()
Patched on: [ci-qemu-gce-upstream-auto ci-qemu-upstream ci-qemu-upstream-386 ci-qemu2-arm32 ci-qemu2-arm64 ci-qemu2-arm64-compat ci-qemu2-arm64-mte ci-snapshot-upstream-root ci-upstream-bpf-kasan-gce ci-upstream-bpf-next-kasan-gce ci-upstream-gce-leak ci-upstream-kasan-badwrites-root ci-upstream-kasan-gce ci-upstream-kasan-gce-386 ci-upstream-kasan-gce-root ci-upstream-kasan-gce-selinux-root ci-upstream-kasan-gce-smack-root ci-upstream-kmsan-gce-386-root ci-upstream-kmsan-gce-root ci-upstream-linux-next-kasan-gce-root ci-upstream-net-kasan-gce ci-upstream-net-this-kasan-gce ci-upstream-rust-kasan-gce ci2-upstream-fs ci2-upstream-kcsan-gce ci2-upstream-usb], missing on: [ci-qemu-native-arm64-kvm ci-qemu2-riscv64 ci-upstream-gce-arm64]
First crash: 62d, last: 9d13h
Cause bisection: failed (error log, bisect log)
  
Discussions (4)
Title Replies (including bot) Last reply
[PATCH AUTOSEL 7.0-6.1] net: sched: cls_u32: Avoid memcpy() false-positive warning in u32_init_knode() 1 (1) 2026/04/20 13:20
[PATCH net-next v2] net: sched: cls_u32: Avoid memcpy() false-positive warning in u32_init_knode() 2 (2) 2026/03/11 03:00
[PATCH net-next v1] net: sched: cls_u32: Avoid memcpy() false-positive warning in u32_init_knode() 5 (5) 2026/03/09 12:12
[syzbot] [net?] WARNING in u32_change (2) 0 (2) 2026/03/05 11:41
Similar bugs (3)
Kernel Title Rank 🛈 Repro Cause bisect Fix bisect Count Last Reported Patched Status
linux-6.6 WARNING in u32_change origin:upstream -1 C 94 5h32m 60d 0/2 upstream: reported C repro on 2026/02/22 20:25
upstream WARNING in u32_change net -1 C 28 1209d 1307d 22/29 fixed on 2023/02/24 13:50
linux-6.1 WARNING in u32_change -1 C 139 18h23m 60d 0/3 upstream: reported C repro on 2026/02/22 19:31
Last patch testing requests (1)
Created Duration User Patch Repo Result
2026/03/05 11:41 27m zlatistiv@gmail.com patch upstream OK log

Sample crash report:
netlink: 44 bytes leftover after parsing attributes in process `syz.0.17'.
------------[ cut here ]------------
memcpy: detected field-spanning write (size 32) of single field "&new->sel" at net/sched/cls_u32.c:855 (size 16)
WARNING: net/sched/cls_u32.c:855 at u32_init_knode net/sched/cls_u32.c:855 [inline], CPU#0: syz.0.17/5487
WARNING: net/sched/cls_u32.c:855 at u32_change+0x1da0/0x2720 net/sched/cls_u32.c:921, CPU#0: syz.0.17/5487
Modules linked in:
CPU: 0 UID: 0 PID: 5487 Comm: syz.0.17 Not tainted syzkaller #0 PREEMPT(full) 
Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
RIP: 0010:u32_init_knode net/sched/cls_u32.c:855 [inline]
RIP: 0010:u32_change+0x1daf/0x2720 net/sched/cls_u32.c:921
Code: 3d 4c eb 42 06 01 75 33 e8 0e 0e 0d f8 eb 50 e8 07 0e 0d f8 48 8d 3d 00 1f 68 06 b9 10 00 00 00 4c 89 f6 48 c7 c2 00 64 e1 8c <67> 48 0f b9 3a e9 af ee ff ff e8 e2 0d 0d f8 eb 24 e8 db 0d 0d f8
RSP: 0018:ffffc90004976fc0 EFLAGS: 00010293
RAX: ffffffff89b88e29 RBX: ffff888038a7c800 RCX: 0000000000000010
RDX: ffffffff8ce16400 RSI: 0000000000000020 RDI: ffffffff9020ad30
RBP: ffffc90004977178 R08: 0000000000000dc0 R09: 00000000ffffffff
R10: dffffc0000000000 R11: fffffbfff20232f7 R12: ffff888033a63ce8
R13: 0000000000000001 R14: 0000000000000020 R15: 0000000000000001
FS:  00005555621f5500(0000) GS:ffff88808ca5b000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007ffe0048eff8 CR3: 000000005563f000 CR4: 0000000000352ef0
Call Trace:
 <TASK>
 tc_new_tfilter+0xe1c/0x1630 net/sched/cls_api.c:2423
 rtnetlink_rcv_msg+0x7d5/0xbe0 net/core/rtnetlink.c:6958
 netlink_rcv_skb+0x232/0x4b0 net/netlink/af_netlink.c:2550
 netlink_unicast_kernel net/netlink/af_netlink.c:1318 [inline]
 netlink_unicast+0x80f/0x9b0 net/netlink/af_netlink.c:1344
 netlink_sendmsg+0x813/0xb40 net/netlink/af_netlink.c:1894
 sock_sendmsg_nosec net/socket.c:727 [inline]
 __sock_sendmsg net/socket.c:742 [inline]
 ____sys_sendmsg+0xa68/0xad0 net/socket.c:2592
 ___sys_sendmsg+0x2a5/0x360 net/socket.c:2646
 __sys_sendmmsg+0x27c/0x4e0 net/socket.c:2735
 __do_sys_sendmmsg net/socket.c:2762 [inline]
 __se_sys_sendmmsg net/socket.c:2759 [inline]
 __x64_sys_sendmmsg+0xa0/0xc0 net/socket.c:2759
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0x14d/0xf80 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f78ead9c629
Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007fff46c64d98 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
RAX: ffffffffffffffda RBX: 00007f78eb015fa0 RCX: 00007f78ead9c629
RDX: 04000000000001f2 RSI: 0000200000000000 RDI: 0000000000000004
RBP: 00007f78eae32b39 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007f78eb015fac R14: 00007f78eb015fa0 R15: 00007f78eb015fa0
 </TASK>
----------------
Code disassembly (best guess):
   0:	3d 4c eb 42 06       	cmp    $0x642eb4c,%eax
   5:	01 75 33             	add    %esi,0x33(%rbp)
   8:	e8 0e 0e 0d f8       	call   0xf80d0e1b
   d:	eb 50                	jmp    0x5f
   f:	e8 07 0e 0d f8       	call   0xf80d0e1b
  14:	48 8d 3d 00 1f 68 06 	lea    0x6681f00(%rip),%rdi        # 0x6681f1b
  1b:	b9 10 00 00 00       	mov    $0x10,%ecx
  20:	4c 89 f6             	mov    %r14,%rsi
  23:	48 c7 c2 00 64 e1 8c 	mov    $0xffffffff8ce16400,%rdx
* 2a:	67 48 0f b9 3a       	ud1    (%edx),%rdi <-- trapping instruction
  2f:	e9 af ee ff ff       	jmp    0xffffeee3
  34:	e8 e2 0d 0d f8       	call   0xf80d0e1b
  39:	eb 24                	jmp    0x5f
  3b:	e8 db 0d 0d f8       	call   0xf80d0e1b

Crashes (760):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2026/02/21 11:34 upstream a95f71ad3e2e 6e7b5511 .config console log report syz / log C [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root WARNING in u32_change
2026/02/21 10:14 upstream a95f71ad3e2e 6e7b5511 .config console log report syz / log C [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root WARNING in u32_change
2026/02/21 08:45 upstream a95f71ad3e2e 6e7b5511 .config console log report syz / log C [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root WARNING in u32_change
2026/02/21 07:25 upstream a95f71ad3e2e 6e7b5511 .config console log report syz / log C [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root WARNING in u32_change
2026/02/21 12:07 net-next 8bf22c33e7a1 6e7b5511 .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce WARNING in u32_change
2026/02/21 10:41 net-next 8bf22c33e7a1 6e7b5511 .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce WARNING in u32_change
2026/02/21 09:29 net-next 8bf22c33e7a1 6e7b5511 .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce WARNING in u32_change
2026/02/21 08:16 net-next 8bf22c33e7a1 6e7b5511 .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce WARNING in u32_change
2026/02/21 06:58 net-next 8bf22c33e7a1 6e7b5511 .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce WARNING in u32_change
2026/04/14 20:24 upstream d60bc1401583 362d1323 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce WARNING in u32_change
2026/04/14 17:52 upstream d60bc1401583 362d1323 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root WARNING in u32_change
2026/04/14 16:22 upstream d60bc1401583 362d1323 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root WARNING in u32_change
2026/04/14 01:04 upstream 0f0013213293 1a086e7c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce WARNING in u32_change
2026/04/13 20:48 upstream 0f0013213293 9530ccf9 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root WARNING in u32_change
2026/04/13 20:26 upstream 028ef9c96e96 9530ccf9 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce WARNING in u32_change
2026/04/10 11:05 upstream 9a9c8ce300cd 38c8e246 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root WARNING in u32_change
2026/04/10 08:48 upstream 9a9c8ce300cd 38c8e246 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce WARNING in u32_change
2026/04/09 22:44 upstream 8b02520ec5f7 38c8e246 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root WARNING in u32_change
2026/04/09 19:38 upstream 8b02520ec5f7 38c8e246 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce WARNING in u32_change
2026/04/09 19:20 upstream 8b02520ec5f7 38c8e246 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root WARNING in u32_change
2026/04/09 03:04 upstream 7f87a5ea75f0 38c8e246 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce WARNING in u32_change
2026/04/05 03:01 upstream 3aae9383f42f 4440e7c2 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root WARNING in u32_change
2026/04/05 01:33 upstream 3aae9383f42f 4440e7c2 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root WARNING in u32_change
2026/04/05 01:24 upstream 3aae9383f42f 4440e7c2 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce WARNING in u32_change
2026/04/04 02:14 upstream 631919fb12fe 4440e7c2 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root WARNING in u32_change
2026/04/04 00:44 upstream 631919fb12fe 4440e7c2 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce WARNING in u32_change
2026/03/31 20:27 upstream d0c3bcd5b897 aeea1c72 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce WARNING in u32_change
2026/03/31 06:57 upstream d0c3bcd5b897 d0af506e .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root WARNING in u32_change
2026/04/14 02:28 upstream 0f0013213293 1a086e7c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-386 WARNING in u32_change
2026/04/14 02:04 upstream 0f0013213293 1a086e7c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-386 WARNING in u32_change
2026/04/11 14:56 upstream e774d5f1bc27 38c8e246 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-386 WARNING in u32_change
2026/04/10 01:03 upstream 8b02520ec5f7 38c8e246 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-386 WARNING in u32_change
2026/04/09 05:16 upstream 7f87a5ea75f0 38c8e246 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-386 WARNING in u32_change
2026/03/31 06:34 upstream d0c3bcd5b897 d0af506e .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-386 WARNING in u32_change
2026/04/15 03:10 upstream 508fed679541 362d1323 .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root WARNING in u32_change
2026/04/14 21:36 upstream d60bc1401583 362d1323 .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root WARNING in u32_change
2026/04/14 13:53 upstream d60bc1401583 362d1323 .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root WARNING in u32_change
2026/04/11 13:51 upstream e774d5f1bc27 38c8e246 .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root WARNING in u32_change
2026/04/10 12:27 upstream 9a9c8ce300cd 38c8e246 .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root WARNING in u32_change
2026/04/10 09:59 upstream 9a9c8ce300cd 38c8e246 .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root WARNING in u32_change
2026/04/09 21:32 upstream a55f7f5f29b3 38c8e246 .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root WARNING in u32_change
2026/04/09 15:09 upstream 7f87a5ea75f0 38c8e246 .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root WARNING in u32_change
2026/04/04 23:57 upstream 3aae9383f42f 4440e7c2 .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root WARNING in u32_change
2026/03/31 04:49 upstream d0c3bcd5b897 d0af506e .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root WARNING in u32_change
2026/03/31 03:03 upstream d0c3bcd5b897 d0af506e .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root WARNING in u32_change
2026/03/30 10:08 upstream 7aaa8047eafd dcaebc52 .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root WARNING in u32_change
2026/03/29 20:12 upstream a3d97d1d3fa6 dcaebc52 .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root WARNING in u32_change
2026/04/11 11:04 net bf9a38803b26 38c8e246 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce WARNING in u32_change
2026/04/11 00:09 net bf9a38803b26 38c8e246 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce WARNING in u32_change
2026/04/08 18:14 net f821664dde29 d9b7f621 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce WARNING in u32_change
2026/04/08 03:14 net a9b8b18364ff 2c961e87 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce WARNING in u32_change
2026/04/07 00:52 net 1caa871bb061 4440e7c2 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce WARNING in u32_change
2026/04/06 22:39 net 1caa871bb061 4440e7c2 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce WARNING in u32_change
2026/04/05 18:49 net 1caa871bb061 4440e7c2 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce WARNING in u32_change
2026/04/05 09:20 net 1caa871bb061 4440e7c2 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce WARNING in u32_change
2026/04/05 07:07 net 1caa871bb061 4440e7c2 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce WARNING in u32_change
2026/04/03 04:45 net 51f4e090b9f8 4440e7c2 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce WARNING in u32_change
2026/04/02 12:58 net a54ecccfae62 0cb124d5 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce WARNING in u32_change
2026/04/01 23:25 net 48b3cd69265f 0285fe54 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce WARNING in u32_change
2026/04/01 16:38 net 48b3cd69265f 0285fe54 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce WARNING in u32_change
2026/03/31 21:29 net 47ab2c12c87a aeea1c72 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce WARNING in u32_change
2026/03/30 18:26 net dc9e9d61e301 458630d8 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-this-kasan-gce WARNING in u32_change
2026/03/10 17:12 net-next 89fe91c65992 4683d576 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-net-kasan-gce WARNING in u32_change
2026/03/11 07:13 linux-next 7109a2155340 86914af9 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-linux-next-kasan-gce-root WARNING in u32_change
* Struck through repros no longer work on HEAD.