syzbot

 sign-in | mailing list | source | docs | 🏰
🐞 Open [1354]
Subsystems
🐞 Fixed [7076]
🐞 Invalid [18611]
Missing Backports [221]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
✨ AI
💬 Send us feedback

KMSAN: uninit-value in tcp_v6_do_rcv

Status: closed as invalid on 2026/04/01 02:38
Subsystems: net
[Documentation on labels]
First crash: 55d, last: 55d

Sample crash report:
=====================================================
BUG: KMSAN: uninit-value in __sk_rx_queue_set include/net/sock.h:2061 [inline]
BUG: KMSAN: uninit-value in sk_rx_queue_update include/net/sock.h:2075 [inline]
BUG: KMSAN: uninit-value in sk_mark_napi_id include/net/busy_poll.h:155 [inline]
BUG: KMSAN: uninit-value in tcp_v6_do_rcv+0xf67/0x25d0 net/ipv6/tcp_ipv6.c:1585
 __sk_rx_queue_set include/net/sock.h:2061 [inline]
 sk_rx_queue_update include/net/sock.h:2075 [inline]
 sk_mark_napi_id include/net/busy_poll.h:155 [inline]
 tcp_v6_do_rcv+0xf67/0x25d0 net/ipv6/tcp_ipv6.c:1585
 sk_backlog_rcv include/net/sock.h:1185 [inline]
 __release_sock+0x271/0x7d0 net/core/sock.c:3213
 release_sock+0x6b/0x260 net/core/sock.c:3795
 tcp_sendmsg+0x65/0x90 net/ipv4/tcp.c:1465
 inet6_sendmsg+0x134/0x290 net/ipv6/af_inet6.c:659
 sock_sendmsg_nosec net/socket.c:727 [inline]
 __sock_sendmsg net/socket.c:742 [inline]
 sock_sendmsg+0x27f/0x5c0 net/socket.c:765
 rds_tcp_xmit+0x8b9/0x1220 net/rds/tcp_send.c:125
 rds_send_xmit+0x1006/0x43c0 net/rds/send.c:425
 rds_send_worker+0xa5/0x3f0 net/rds/threads.c:200
 process_one_work kernel/workqueue.c:3275 [inline]
 process_scheduled_works+0xb21/0x1e30 kernel/workqueue.c:3358
 worker_thread+0xede/0x1580 kernel/workqueue.c:3439
 kthread+0x53f/0x600 kernel/kthread.c:436
 ret_from_fork+0x20f/0x910 arch/x86/kernel/process.c:158
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245

Uninit was created at:
 __alloc_frozen_pages_noprof+0x6f7/0x1020 mm/page_alloc.c:5273
 alloc_slab_page mm/slub.c:3269 [inline]
 allocate_slab+0x1a8/0x2420 mm/slub.c:3458
 new_slab mm/slub.c:3516 [inline]
 refill_objects+0xab3/0xd20 mm/slub.c:7153
 refill_sheaf+0xd7/0x230 mm/slub.c:2818
 alloc_full_sheaf mm/slub.c:2839 [inline]
 __pcs_replace_empty_main+0xb0a/0x1320 mm/slub.c:4602
 alloc_from_pcs mm/slub.c:4695 [inline]
 slab_alloc_node mm/slub.c:4829 [inline]
 kmem_cache_alloc_noprof+0x912/0x1270 mm/slub.c:4851
 sk_prot_alloc+0x9a/0x430 net/core/sock.c:2239
 sk_alloc+0x57/0xb70 net/core/sock.c:2301
 inet6_create+0x9f5/0x1ac0 net/ipv6/af_inet6.c:193
 __sock_create+0x75f/0xec0 net/socket.c:1605
 sock_create net/socket.c:1663 [inline]
 __sys_socket_create net/socket.c:1700 [inline]
 __sys_socket+0x133/0x400 net/socket.c:1747
 __do_sys_socket net/socket.c:1761 [inline]
 __se_sys_socket net/socket.c:1759 [inline]
 __x64_sys_socket+0x95/0x100 net/socket.c:1759
 x64_sys_call+0x154c/0x3ea0 arch/x86/include/generated/asm/syscalls_64.h:42
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0x134/0xf80 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

CPU: 1 UID: 0 PID: 74 Comm: kworker/u8:5 Not tainted syzkaller #0 PREEMPT(full) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
Workqueue: krds_cp_wq#1/0 rds_send_worker
=====================================================

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2026/03/05 18:56 upstream c107785c7e8d d20b04c8 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in tcp_v6_do_rcv
* Struck through repros no longer work on HEAD.