syzbot

device nr0
 entered promiscuous mode
=====================================================
BUG: KMSAN: uninit-value in __netif_receive_skb_core+0x3547/0x51a0 net/core/dev.c:4852
CPU: 0 PID: 11272 Comm: syz-executor796 Not tainted 5.4.0-rc8-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x1c9/0x220 lib/dump_stack.c:118
 kmsan_report+0x128/0x220 mm/kmsan/kmsan_report.c:108
 __msan_warning+0x64/0xc0 mm/kmsan/kmsan_instr.c:245
 __netif_receive_skb_core+0x3547/0x51a0 net/core/dev.c:4852
 __netif_receive_skb_one_core net/core/dev.c:4927 [inline]
 __netif_receive_skb net/core/dev.c:5043 [inline]
 netif_receive_skb_internal+0x3cc/0xc20 net/core/dev.c:5133
 netif_receive_skb+0x1da/0x3a0 net/core/dev.c:5192
 tun_rx_batched drivers/net/tun.c:1553 [inline]
 tun_get_user+0x6d8c/0x70c0 drivers/net/tun.c:1993
 tun_chr_write_iter+0x1f2/0x360 drivers/net/tun.c:2022
 call_write_iter include/linux/fs.h:1895 [inline]
 new_sync_write fs/read_write.c:483 [inline]
 __vfs_write+0xa2c/0xcb0 fs/read_write.c:496
 vfs_write+0x481/0x920 fs/read_write.c:558
 ksys_write+0x265/0x430 fs/read_write.c:611
 __do_sys_write fs/read_write.c:623 [inline]
 __se_sys_write+0x92/0xb0 fs/read_write.c:620
 __x64_sys_write+0x4a/0x70 fs/read_write.c:620
 do_syscall_64+0xb6/0x160 arch/x86/entry/common.c:291
 entry_SYSCALL_64_after_hwframe+0x44/0xa9
RIP: 0033:0x441799
Code: e8 ac e8 ff ff 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb 08 fc ff c3 66 2e 0f 1f 84 00 00 00 00
RSP: 002b:00007ffdcabedfc8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000441799
RDX: 000000000000fdef RSI: 00000000200000c0 RDI: 0000000000000003
RBP: 0000000000000000 R08: 00000000004025a0 R09: 00000000004025a0
R10: 00000000004025a0 R11: 0000000000000246 R12: 0000000000402510
R13: 00000000004025a0 R14: 0000000000000000 R15: 0000000000000000

Uninit was stored to memory at:
 kmsan_save_stack_with_flags mm/kmsan/kmsan.c:149 [inline]
 kmsan_internal_chain_origin+0xbd/0x180 mm/kmsan/kmsan.c:317
 __msan_chain_origin+0x5c/0xc0 mm/kmsan/kmsan_instr.c:179
 vlan_set_encap_proto include/linux/skbuff.h:1600 [inline]
 skb_vlan_untag+0x6bc/0xd20 net/core/skbuff.c:5329
 __netif_receive_skb_core+0x833/0x51a0 net/core/dev.c:4774
 __netif_receive_skb_one_core net/core/dev.c:4927 [inline]
 __netif_receive_skb net/core/dev.c:5043 [inline]
 netif_receive_skb_internal+0x3cc/0xc20 net/core/dev.c:5133
 netif_receive_skb+0x1da/0x3a0 net/core/dev.c:5192
 tun_rx_batched drivers/net/tun.c:1553 [inline]
 tun_get_user+0x6d8c/0x70c0 drivers/net/tun.c:1993
 tun_chr_write_iter+0x1f2/0x360 drivers/net/tun.c:2022
 call_write_iter include/linux/fs.h:1895 [inline]
 new_sync_write fs/read_write.c:483 [inline]
 __vfs_write+0xa2c/0xcb0 fs/read_write.c:496
 vfs_write+0x481/0x920 fs/read_write.c:558
 ksys_write+0x265/0x430 fs/read_write.c:611
 __do_sys_write fs/read_write.c:623 [inline]
 __se_sys_write+0x92/0xb0 fs/read_write.c:620
 __x64_sys_write+0x4a/0x70 fs/read_write.c:620
 do_syscall_64+0xb6/0x160 arch/x86/entry/common.c:291
 entry_SYSCALL_64_after_hwframe+0x44/0xa9

Uninit was created at:
 kmsan_save_stack_with_flags mm/kmsan/kmsan.c:149 [inline]
 kmsan_internal_poison_shadow+0x60/0x120 mm/kmsan/kmsan.c:132
 kmsan_slab_alloc+0x97/0x100 mm/kmsan/kmsan_hooks.c:86
 slab_alloc_node mm/slub.c:2773 [inline]
 __kmalloc_node_track_caller+0xe27/0x11a0 mm/slub.c:4381
 __kmalloc_reserve net/core/skbuff.c:141 [inline]
 __alloc_skb+0x306/0xa10 net/core/skbuff.c:209
 alloc_skb include/linux/skbuff.h:1049 [inline]
 alloc_skb_with_frags+0x18c/0xa80 net/core/skbuff.c:5662
 sock_alloc_send_pskb+0xafd/0x10a0 net/core/sock.c:2244
 tun_alloc_skb drivers/net/tun.c:1529 [inline]
 tun_get_user+0x125e/0x70c0 drivers/net/tun.c:1843
 tun_chr_write_iter+0x1f2/0x360 drivers/net/tun.c:2022
 call_write_iter include/linux/fs.h:1895 [inline]
 new_sync_write fs/read_write.c:483 [inline]
 __vfs_write+0xa2c/0xcb0 fs/read_write.c:496
 vfs_write+0x481/0x920 fs/read_write.c:558
 ksys_write+0x265/0x430 fs/read_write.c:611
 __do_sys_write fs/read_write.c:623 [inline]
 __se_sys_write+0x92/0xb0 fs/read_write.c:620
 __x64_sys_write+0x4a/0x70 fs/read_write.c:620
 do_syscall_64+0xb6/0x160 arch/x86/entry/common.c:291
 entry_SYSCALL_64_after_hwframe+0x44/0xa9
=====================================================