syzbot |
sign-in | mailing list | source | docs |
syzkaller0: entered promiscuous mode syzkaller0: entered allmulticast mode ===================================================== BUG: KMSAN: uninit-value in __rht_ptr_rcu include/linux/rhashtable.h:390 [inline] BUG: KMSAN: uninit-value in __rhashtable_lookup include/linux/rhashtable.h:631 [inline] BUG: KMSAN: uninit-value in rhashtable_lookup include/linux/rhashtable.h:670 [inline] BUG: KMSAN: uninit-value in rhashtable_lookup_fast include/linux/rhashtable.h:707 [inline] BUG: KMSAN: uninit-value in __fl_lookup+0x6e3/0x960 net/sched/cls_flower.c:273 __rht_ptr_rcu include/linux/rhashtable.h:390 [inline] __rhashtable_lookup include/linux/rhashtable.h:631 [inline] rhashtable_lookup include/linux/rhashtable.h:670 [inline] rhashtable_lookup_fast include/linux/rhashtable.h:707 [inline] __fl_lookup+0x6e3/0x960 net/sched/cls_flower.c:273 fl_mask_lookup+0x304/0xd50 net/sched/cls_flower.c:306 fl_classify+0x36c/0x790 net/sched/cls_flower.c:353 tc_classify include/net/tc_wrapper.h:197 [inline] __tcf_classify net/sched/cls_api.c:1764 [inline] tcf_classify+0x855/0x1ca0 net/sched/cls_api.c:1860 multiq_classify net/sched/sch_multiq.c:39 [inline] multiq_enqueue+0x82/0x590 net/sched/sch_multiq.c:66 dev_qdisc_enqueue net/core/dev.c:4147 [inline] __dev_xmit_skb net/core/dev.c:4262 [inline] __dev_queue_xmit+0x227c/0x58c0 net/core/dev.c:4798 dev_queue_xmit include/linux/netdevice.h:3381 [inline] packet_xmit+0x8f/0x710 net/packet/af_packet.c:275 packet_snd net/packet/af_packet.c:3076 [inline] packet_sendmsg+0x9173/0xa2a0 net/packet/af_packet.c:3108 sock_sendmsg_nosec net/socket.c:727 [inline] __sock_sendmsg+0x333/0x3d0 net/socket.c:742 ____sys_sendmsg+0x7f5/0xcf0 net/socket.c:2592 ___sys_sendmsg+0x271/0x3b0 net/socket.c:2646 __sys_sendmsg+0x1aa/0x300 net/socket.c:2678 __compat_sys_sendmsg net/compat.c:346 [inline] __do_compat_sys_sendmsg net/compat.c:353 [inline] __se_compat_sys_sendmsg net/compat.c:350 [inline] __ia32_compat_sys_sendmsg+0xa4/0x100 net/compat.c:350 ia32_sys_call+0x35f2/0x4340 arch/x86/include/generated/asm/syscalls_32.h:371 do_syscall_32_irqs_on arch/x86/entry/syscall_32.c:83 [inline] __do_fast_syscall_32+0x154/0x320 arch/x86/entry/syscall_32.c:307 do_fast_syscall_32+0x38/0x80 arch/x86/entry/syscall_32.c:332 do_SYSENTER_32+0x1f/0x30 arch/x86/entry/syscall_32.c:370 entry_SYSENTER_compat_after_hwframe+0x84/0x8e Uninit was stored to memory at: fl_set_masked_key net/sched/cls_flower.c:198 [inline] fl_mask_lookup+0x253/0xd50 net/sched/cls_flower.c:302 fl_classify+0x36c/0x790 net/sched/cls_flower.c:353 tc_classify include/net/tc_wrapper.h:197 [inline] __tcf_classify net/sched/cls_api.c:1764 [inline] tcf_classify+0x855/0x1ca0 net/sched/cls_api.c:1860 multiq_classify net/sched/sch_multiq.c:39 [inline] multiq_enqueue+0x82/0x590 net/sched/sch_multiq.c:66 dev_qdisc_enqueue net/core/dev.c:4147 [inline] __dev_xmit_skb net/core/dev.c:4262 [inline] __dev_queue_xmit+0x227c/0x58c0 net/core/dev.c:4798 dev_queue_xmit include/linux/netdevice.h:3381 [inline] packet_xmit+0x8f/0x710 net/packet/af_packet.c:275 packet_snd net/packet/af_packet.c:3076 [inline] packet_sendmsg+0x9173/0xa2a0 net/packet/af_packet.c:3108 sock_sendmsg_nosec net/socket.c:727 [inline] __sock_sendmsg+0x333/0x3d0 net/socket.c:742 ____sys_sendmsg+0x7f5/0xcf0 net/socket.c:2592 ___sys_sendmsg+0x271/0x3b0 net/socket.c:2646 __sys_sendmsg+0x1aa/0x300 net/socket.c:2678 __compat_sys_sendmsg net/compat.c:346 [inline] __do_compat_sys_sendmsg net/compat.c:353 [inline] __se_compat_sys_sendmsg net/compat.c:350 [inline] __ia32_compat_sys_sendmsg+0xa4/0x100 net/compat.c:350 ia32_sys_call+0x35f2/0x4340 arch/x86/include/generated/asm/syscalls_32.h:371 do_syscall_32_irqs_on arch/x86/entry/syscall_32.c:83 [inline] __do_fast_syscall_32+0x154/0x320 arch/x86/entry/syscall_32.c:307 do_fast_syscall_32+0x38/0x80 arch/x86/entry/syscall_32.c:332 do_SYSENTER_32+0x1f/0x30 arch/x86/entry/syscall_32.c:370 entry_SYSENTER_compat_after_hwframe+0x84/0x8e Uninit was stored to memory at: __skb_flow_dissect+0xfe7/0x9ed0 net/core/flow_dissector.c:1182 skb_flow_dissect include/linux/skbuff.h:1603 [inline] fl_classify+0x34a/0x790 net/sched/cls_flower.c:350 tc_classify include/net/tc_wrapper.h:197 [inline] __tcf_classify net/sched/cls_api.c:1764 [inline] tcf_classify+0x855/0x1ca0 net/sched/cls_api.c:1860 multiq_classify net/sched/sch_multiq.c:39 [inline] multiq_enqueue+0x82/0x590 net/sched/sch_multiq.c:66 dev_qdisc_enqueue net/core/dev.c:4147 [inline] __dev_xmit_skb net/core/dev.c:4262 [inline] __dev_queue_xmit+0x227c/0x58c0 net/core/dev.c:4798 dev_queue_xmit include/linux/netdevice.h:3381 [inline] packet_xmit+0x8f/0x710 net/packet/af_packet.c:275 packet_snd net/packet/af_packet.c:3076 [inline] packet_sendmsg+0x9173/0xa2a0 net/packet/af_packet.c:3108 sock_sendmsg_nosec net/socket.c:727 [inline] __sock_sendmsg+0x333/0x3d0 net/socket.c:742 ____sys_sendmsg+0x7f5/0xcf0 net/socket.c:2592 ___sys_sendmsg+0x271/0x3b0 net/socket.c:2646 __sys_sendmsg+0x1aa/0x300 net/socket.c:2678 __compat_sys_sendmsg net/compat.c:346 [inline] __do_compat_sys_sendmsg net/compat.c:353 [inline] __se_compat_sys_sendmsg net/compat.c:350 [inline] __ia32_compat_sys_sendmsg+0xa4/0x100 net/compat.c:350 ia32_sys_call+0x35f2/0x4340 arch/x86/include/generated/asm/syscalls_32.h:371 do_syscall_32_irqs_on arch/x86/entry/syscall_32.c:83 [inline] __do_fast_syscall_32+0x154/0x320 arch/x86/entry/syscall_32.c:307 do_fast_syscall_32+0x38/0x80 arch/x86/entry/syscall_32.c:332 do_SYSENTER_32+0x1f/0x30 arch/x86/entry/syscall_32.c:370 entry_SYSENTER_compat_after_hwframe+0x84/0x8e Uninit was created at: slab_post_alloc_hook mm/slub.c:4960 [inline] slab_alloc_node mm/slub.c:5263 [inline] kmem_cache_alloc_node_noprof+0x9e7/0x17a0 mm/slub.c:5315 kmalloc_reserve+0x13c/0x4b0 net/core/skbuff.c:586 __alloc_skb+0x805/0x1040 net/core/skbuff.c:690 alloc_skb include/linux/skbuff.h:1383 [inline] alloc_skb_with_frags+0xc5/0xa60 net/core/skbuff.c:6714 sock_alloc_send_pskb+0xacc/0xc60 net/core/sock.c:2995 packet_alloc_skb net/packet/af_packet.c:2926 [inline] packet_snd net/packet/af_packet.c:3019 [inline] packet_sendmsg+0x743d/0xa2a0 net/packet/af_packet.c:3108 sock_sendmsg_nosec net/socket.c:727 [inline] __sock_sendmsg+0x333/0x3d0 net/socket.c:742 ____sys_sendmsg+0x7f5/0xcf0 net/socket.c:2592 ___sys_sendmsg+0x271/0x3b0 net/socket.c:2646 __sys_sendmsg+0x1aa/0x300 net/socket.c:2678 __compat_sys_sendmsg net/compat.c:346 [inline] __do_compat_sys_sendmsg net/compat.c:353 [inline] __se_compat_sys_sendmsg net/compat.c:350 [inline] __ia32_compat_sys_sendmsg+0xa4/0x100 net/compat.c:350 ia32_sys_call+0x35f2/0x4340 arch/x86/include/generated/asm/syscalls_32.h:371 do_syscall_32_irqs_on arch/x86/entry/syscall_32.c:83 [inline] __do_fast_syscall_32+0x154/0x320 arch/x86/entry/syscall_32.c:307 do_fast_syscall_32+0x38/0x80 arch/x86/entry/syscall_32.c:332 do_SYSENTER_32+0x1f/0x30 arch/x86/entry/syscall_32.c:370 entry_SYSENTER_compat_after_hwframe+0x84/0x8e CPU: 0 UID: 0 PID: 6413 Comm: syz.4.159 Not tainted syzkaller #0 PREEMPT(none) Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 =====================================================
| Time | Kernel | Commit | Syzkaller | Config | Log | Report | Syz repro | C repro | VM info | Assets (help?) | Manager | Title |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2026/01/16 04:49 | upstream | 603c05a1639f | d6526ea3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kmsan-gce-386-root | KMSAN: uninit-value in __fl_lookup | ||
| 2026/01/16 04:49 | upstream | 603c05a1639f | d6526ea3 | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci-upstream-kmsan-gce-386-root | KMSAN: uninit-value in __fl_lookup |