syzbot

 sign-in | mailing list | source | docs
🐞 Open [1645]
Subsystems
🐞 Fixed [6009]
🐞 Invalid [14804]
Missing Backports [135]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

KMSAN: uninit-value in __skb_checksum_complete (5)

Status: auto-obsoleted due to no activity on 2024/02/04 15:28
Subsystems: net
[Documentation on labels]
Reported-by: syzbot+b024befb3ca7990fea37@syzkaller.appspotmail.com
First crash: 1628d, last: 515d
Discussions (2)
Title Replies (including bot) Last reply
[syzbot] Monthly net report (Jul 2023) 0 (1) 2023/08/01 12:53
KMSAN: uninit-value in __skb_checksum_complete (5) 0 (2) 2020/12/02 12:11
Similar bugs (5)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KMSAN: uninit-value in __skb_checksum_complete (3) netfilter 7 2108d 2275d 0/28 auto-closed as invalid on 2019/10/19 05:22
upstream KMSAN: uninit-value in __skb_checksum_complete (2) net 2 2400d 2401d 0/28 closed as invalid on 2018/09/05 16:20
upstream KMSAN: uninit-value in __skb_checksum_complete (4) netfilter C 420 1651d 1893d 0/28 closed as invalid on 2020/07/22 16:42
upstream KMSAN: uninit-value in __skb_checksum_complete net C 5 2473d 2474d 0/28 closed as invalid on 2018/04/22 15:44
upstream KMSAN: uninit-value in __skb_checksum_complete (6) net 3 59d 72d 0/28 closed as invalid on 2025/01/15 13:14
Last patch testing requests (5)
Created Duration User Patch Repo Result
2024/02/04 14:56 31m retest repro upstream OK log
2023/11/24 22:54 16m retest repro upstream report log
2023/09/15 18:34 38m retest repro upstream report log
2023/09/15 18:34 31m retest repro upstream OK log
2023/09/15 16:16 27m retest repro git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci OK log

Sample crash report:
=====================================================
BUG: KMSAN: uninit-value in ip_tunnel_xmit+0x8f1/0x4230 net/ipv4/ip_tunnel.c:661
 ip_tunnel_xmit+0x8f1/0x4230 net/ipv4/ip_tunnel.c:661
 __gre_xmit net/ipv4/ip_gre.c:469 [inline]
 ipgre_xmit+0xd29/0xe30 net/ipv4/ip_gre.c:661
 __netdev_start_xmit include/linux/netdevice.h:4884 [inline]
 netdev_start_xmit include/linux/netdevice.h:4898 [inline]
 xmit_one net/core/dev.c:3581 [inline]
 dev_hard_start_xmit+0x253/0xa20 net/core/dev.c:3597
 __dev_queue_xmit+0x3c7f/0x5ac0 net/core/dev.c:4247
 dev_queue_xmit include/linux/netdevice.h:3054 [inline]
 garp_queue_xmit net/802/garp.c:272 [inline]
 garp_join_timer+0x18e/0x2e0 net/802/garp.c:423
 call_timer_fn+0x45/0x4e0 kernel/time/timer.c:1700
 expire_timers kernel/time/timer.c:1751 [inline]
 __run_timers+0x861/0xf90 kernel/time/timer.c:2022
 run_timer_softirq+0x68/0xe0 kernel/time/timer.c:2035
 __do_softirq+0x1c9/0x7c5 kernel/softirq.c:571
 invoke_softirq kernel/softirq.c:445 [inline]
 __irq_exit_rcu+0xe5/0x220 kernel/softirq.c:650
 irq_exit_rcu+0x12/0x20 kernel/softirq.c:662
 sysvec_apic_timer_interrupt+0x9e/0xc0 arch/x86/kernel/apic/apic.c:1107
 asm_sysvec_apic_timer_interrupt+0x1f/0x30 arch/x86/include/asm/idtentry.h:645
 smap_restore arch/x86/include/asm/smap.h:56 [inline]
 get_shadow_origin_ptr mm/kmsan/instrumentation.c:37 [inline]
 __msan_metadata_ptr_for_store_8+0x2f/0x40 mm/kmsan/instrumentation.c:92
 update_stack_state+0x183/0x1e0
 unwind_next_frame+0x11d/0x360 arch/x86/kernel/unwind_frame.c:315
 arch_stack_walk+0x1bd/0x290 arch/x86/kernel/stacktrace.c:25
 stack_trace_save+0xb6/0x100 kernel/stacktrace.c:122
 kmsan_save_stack_with_flags mm/kmsan/core.c:76 [inline]
 kmsan_internal_poison_memory+0x49/0xa0 mm/kmsan/core.c:60
 kmsan_slab_alloc+0xdd/0x150 mm/kmsan/hooks.c:68
 slab_post_alloc_hook+0x12d/0xb60 mm/slab.h:774
 slab_alloc_node mm/slub.c:3452 [inline]
 kmem_cache_alloc_node+0x543/0xab0 mm/slub.c:3497
 kmalloc_reserve+0x148/0x470 net/core/skbuff.c:520
 __alloc_skb+0x3a7/0x850 net/core/skbuff.c:606
 alloc_skb_fclone include/linux/skbuff.h:1328 [inline]
 tcp_stream_alloc_skb+0x54/0x5c0 net/ipv4/tcp.c:863
 tcp_sendmsg_locked+0x1842/0x6360 net/ipv4/tcp.c:1326
 tcp_sendmsg+0x49/0x80 net/ipv4/tcp.c:1484
 inet_sendmsg+0x105/0x190 net/ipv4/af_inet.c:825
 sock_sendmsg_nosec net/socket.c:724 [inline]
 sock_sendmsg net/socket.c:747 [inline]
 sock_write_iter+0x4b0/0x660 net/socket.c:1138
 call_write_iter include/linux/fs.h:1851 [inline]
 new_sync_write fs/read_write.c:491 [inline]
 vfs_write+0x834/0x1580 fs/read_write.c:584
 ksys_write+0x21f/0x4f0 fs/read_write.c:637
 __do_sys_write fs/read_write.c:649 [inline]
 __se_sys_write fs/read_write.c:646 [inline]
 __x64_sys_write+0x93/0xd0 fs/read_write.c:646
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x41/0xc0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x63/0xcd

Uninit was created at:
 slab_post_alloc_hook+0x12d/0xb60 mm/slab.h:774
 slab_alloc_node mm/slub.c:3452 [inline]
 __kmem_cache_alloc_node+0x518/0x920 mm/slub.c:3491
 __do_kmalloc_node mm/slab_common.c:966 [inline]
 __kmalloc_node_track_caller+0x118/0x3c0 mm/slab_common.c:987
 kmalloc_reserve+0x248/0x470 net/core/skbuff.c:537
 __alloc_skb+0x3a7/0x850 net/core/skbuff.c:606
 alloc_skb include/linux/skbuff.h:1278 [inline]
 garp_pdu_init net/802/garp.c:225 [inline]
 garp_pdu_append_attr+0x299/0x1170 net/802/garp.c:296
 garp_attr_event+0x146/0x280 net/802/garp.c:338
 garp_gid_event net/802/garp.c:402 [inline]
 garp_join_timer+0xc5/0x2e0 net/802/garp.c:419
 call_timer_fn+0x45/0x4e0 kernel/time/timer.c:1700
 expire_timers kernel/time/timer.c:1751 [inline]
 __run_timers+0x861/0xf90 kernel/time/timer.c:2022
 run_timer_softirq+0x68/0xe0 kernel/time/timer.c:2035
 __do_softirq+0x1c9/0x7c5 kernel/softirq.c:571

CPU: 0 PID: 4951 Comm: sshd Not tainted 6.3.0-syzkaller-g81af97bdef5e #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/14/2023
=====================================================

Crashes (1497):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2023/04/28 18:52 https://github.com/google/kmsan.git master 81af97bdef5e 457a6e0a .config strace log report syz C [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce KMSAN: uninit-value in ip_tunnel_xmit
2020/12/02 12:10 https://github.com/google/kmsan.git master 73d62e81b476 c42a35e9 .config console log report syz C ci-upstream-kmsan-gce
2023/06/20 19:48 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 177239177378 09ffe269 .config console log report syz C [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 KASAN: slab-use-after-free Read in __xfrm_decode_session
2023/04/09 11:30 https://github.com/google/kmsan.git master 9189d4cb6980 71147e29 .config console log report info ci-upstream-kmsan-gce KMSAN: uninit-value in __skb_checksum_complete
2023/08/31 21:36 upstream b97d64c72259 696ea0d2 .config console log report info ci-upstream-kmsan-gce KMSAN: uninit-value in ip_tunnel_xmit
2023/08/30 16:13 upstream 6c1b980a7e79 84803932 .config console log report info ci-upstream-kmsan-gce KMSAN: uninit-value in __xfrm_decode_session
2023/09/01 06:38 upstream b97d64c72259 696ea0d2 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in ipgre_xmit
2023/08/22 03:06 upstream f7757129e3de 6b415825 .config console log report info ci-upstream-kmsan-gce KMSAN: uninit-value in __xfrm_decode_session
2023/08/18 21:46 upstream 8abd7287db92 d216d8a0 .config console log report info ci-upstream-kmsan-gce KMSAN: uninit-value in ip_tunnel_xmit
2023/08/14 01:25 upstream 4c75bf7e4a0e 39990d51 .config console log report info ci-upstream-kmsan-gce KMSAN: uninit-value in ip_tunnel_xmit
2023/08/12 09:07 upstream f8de32cc060b 39990d51 .config console log report info ci-upstream-kmsan-gce KMSAN: uninit-value in __xfrm_decode_session
2023/08/11 21:15 upstream 9106536c1aa3 39990d51 .config console log report info ci-upstream-kmsan-gce KMSAN: uninit-value in ip_tunnel_xmit
2023/08/07 20:20 upstream a027b2eca0b7 0ef3dfda .config console log report info ci-upstream-kasan-gce-smack-root KASAN: slab-out-of-bounds Read in __xfrm_decode_session
2023/08/05 14:05 upstream 024ff300db33 4ffcc9ef .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce KMSAN: uninit-value in __xfrm_decode_session
2023/08/03 11:35 upstream ec351c8f2e62 39a91c18 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce KMSAN: uninit-value in ip_tunnel_xmit
2023/07/30 05:16 upstream 12214540ad87 92476829 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce KMSAN: uninit-value in __xfrm_decode_session
2023/07/26 20:51 upstream 5f0bc0b042fc 41fe1bae .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce KMSAN: uninit-value in __xfrm_decode_session
2023/07/26 01:24 upstream 0b5547c51827 6756545c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce KMSAN: uninit-value in __xfrm_decode_session
2023/07/19 02:57 upstream 74f1456c4a5f 022df2bb .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce KMSAN: uninit-value in __xfrm_decode_session
2023/07/19 01:33 upstream 74f1456c4a5f 022df2bb .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce KMSAN: uninit-value in __xfrm_decode_session
2023/07/17 21:40 upstream fdf0eaf11452 e5f10889 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce KMSAN: uninit-value in __xfrm_decode_session
2023/07/15 14:53 upstream b6e6cc1f78c7 35d9ecc5 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce KMSAN: uninit-value in ip_tunnel_xmit
2023/07/13 22:09 upstream eb26cbb1a754 55eda22f .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce KMSAN: uninit-value in __xfrm_decode_session
2023/08/28 21:51 upstream 2dde18cd1d8f 7ba13a15 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in ip_tunnel_xmit
2023/08/28 16:40 upstream 2dde18cd1d8f 03d9c195 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in ipgre_xmit
2023/08/28 04:46 upstream 85eb043618bb 03d9c195 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in ipgre_xmit
2023/08/26 12:16 upstream 7d2f353b2682 03d9c195 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in ip_tunnel_xmit
2023/08/25 23:27 upstream 4f9e7fabf864 03d9c195 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in ipgre_xmit
2023/08/25 20:40 upstream 4f9e7fabf864 03d9c195 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in ip_tunnel_xmit
2023/08/25 07:20 upstream b5cc3833f13a 49be837e .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in ipgre_xmit
2023/08/23 09:06 upstream 53663f4103ff b81ca3f6 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in ip_tunnel_xmit
2023/08/23 07:12 upstream 53663f4103ff b81ca3f6 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in ipgre_xmit
2023/08/23 06:08 upstream 53663f4103ff b81ca3f6 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in ipgre_xmit
2023/08/21 08:55 upstream 706a74159504 d216d8a0 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in ipgre_xmit
2023/08/19 20:41 upstream 12e6ccedb311 d216d8a0 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in __xfrm_decode_session
2023/08/18 20:32 upstream 0e8860d2125f d216d8a0 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in ip_tunnel_xmit
2023/08/17 09:49 upstream 4853c74bd7ab 74b106b6 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in ip_tunnel_xmit
2023/08/16 12:31 upstream 4853c74bd7ab 39990d51 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in ipgre_xmit
2023/08/15 14:13 upstream 91aa6c412d7f 39990d51 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in ip_tunnel_xmit
2023/08/15 07:43 upstream 2ccdd1b13c59 39990d51 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in ip_tunnel_xmit
2023/08/14 13:35 upstream 2ccdd1b13c59 39990d51 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in ipgre_xmit
2023/08/14 07:13 upstream 4c75bf7e4a0e 39990d51 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in ipgre_xmit
2023/08/13 10:38 upstream a785fd28d31f 39990d51 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in ipgre_xmit
2023/08/13 08:27 upstream a785fd28d31f 39990d51 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in ipgre_xmit
2023/08/12 12:50 upstream f8de32cc060b 39990d51 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in __xfrm_decode_session
2023/08/11 09:39 upstream 25aa0bebba72 da3c3ef8 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in ipgre_xmit
2023/08/09 03:25 upstream 14f9643dc90a 3c27dfcd .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in ip_tunnel_xmit
2023/08/06 07:49 upstream f6a691685962 4ffcc9ef .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in ipgre_xmit
2023/07/26 02:45 upstream af2e19389c2c 6756545c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in ipgre_xmit
2023/07/25 06:43 upstream 0b5547c51827 9a0ddda3 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in ipgre_xmit
2023/07/24 03:05 upstream 269f4a4b85a1 27cbe77f .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in ipgre_xmit
2023/07/23 06:19 upstream 725d444db6b0 27cbe77f .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in ip_tunnel_xmit
2023/07/21 05:57 upstream 46670259519f 28847498 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in ipgre_xmit
2023/07/15 18:33 upstream b6e6cc1f78c7 35d9ecc5 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in ipgre_xmit
2023/07/13 13:26 upstream eb26cbb1a754 86081196 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in __xfrm_decode_session
2023/05/08 00:35 https://github.com/google/kmsan.git master 81af97bdef5e 90c93c40 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce KMSAN: uninit-value in __ip_make_skb
2021/01/13 14:17 https://github.com/google/kmsan.git master 73d62e81b476 a945f0a3 .config console log report info ci-upstream-kmsan-gce
2020/08/14 06:17 https://github.com/google/kmsan.git master ce8056d1f79e 54ce1ed6 .config console log report ci-upstream-kmsan-gce
2023/07/17 12:33 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci e40939bbfc68 e5f10889 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 KASAN: slab-use-after-free Read in __xfrm_decode_session
2023/07/10 04:23 https://github.com/google/kmsan.git master 257152fe29be 668cb1fa .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in erspan_build_header
* Struck through repros no longer work on HEAD.