syzbot

 exit_to_usermode_loop arch/x86/entry/common.c:162 [inline]
 prepare_exit_to_usermode+0x271/0x3a0 arch/x86/entry/common.c:196
 syscall_return_slowpath+0xe9/0x710 arch/x86/entry/common.c:265
 do_syscall_64+0x1ad/0x230 arch/x86/entry/common.c:290
 entry_SYSCALL_64_after_hwframe+0x44/0xa9
==================================================================
BUG: KMSAN: uninit-value in inet_gro_receive+0x166c/0x1950 net/ipv4/af_inet.c:1418
CPU: 0 PID: 8 Comm: ksoftirqd/0 Not tainted 4.17.0+ #9
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x185/0x1d0 lib/dump_stack.c:113
 kmsan_report+0x188/0x2a0 mm/kmsan/kmsan.c:1125
 __msan_warning_32+0x70/0xc0 mm/kmsan/kmsan_instr.c:620
 inet_gro_receive+0x166c/0x1950 net/ipv4/af_inet.c:1418
 dev_gro_receive+0x214c/0x32e0 net/core/dev.c:4989
 napi_gro_receive+0x624/0xb60 net/core/dev.c:5124
 gro_cell_poll+0x28e/0x410 net/core/gro_cells.c:46
 napi_poll net/core/dev.c:5735 [inline]
 net_rx_action+0x766/0x1a80 net/core/dev.c:5801
 __do_softirq+0x592/0x979 kernel/softirq.c:285
 run_ksoftirqd+0x1f/0x40 kernel/softirq.c:646
 smpboot_thread_fn+0x4ac/0x9a0 kernel/smpboot.c:164
 kthread+0x4db/0x6c0 kernel/kthread.c:241
 ret_from_fork+0x35/0x40 arch/x86/entry/entry_64.S:413

Uninit was stored to memory at:
 kmsan_save_stack_with_flags mm/kmsan/kmsan.c:282 [inline]
 kmsan_save_stack mm/kmsan/kmsan.c:297 [inline]
 kmsan_internal_chain_origin+0x12b/0x210 mm/kmsan/kmsan.c:689
 kmsan_memcpy_origins+0x11d/0x170 mm/kmsan/kmsan.c:530
 __msan_memcpy+0x109/0x160 mm/kmsan/kmsan_instr.c:413
 pskb_expand_head+0x3a6/0x1a70 net/core/skbuff.c:1470
 __skb_cow include/linux/skbuff.h:2899 [inline]
 skb_cow_head include/linux/skbuff.h:2933 [inline]
 ip_tunnel_xmit+0x3117/0x37c0 net/ipv4/ip_tunnel.c:771
 ipip_tunnel_xmit+0x32b/0x4c0 net/ipv4/ipip.c:308
 __netdev_start_xmit include/linux/netdevice.h:4087 [inline]
 netdev_start_xmit include/linux/netdevice.h:4096 [inline]
 xmit_one net/core/dev.c:3053 [inline]
 dev_hard_start_xmit+0x5f6/0xc80 net/core/dev.c:3069
 __dev_queue_xmit+0x2ad2/0x3540 net/core/dev.c:3584
 dev_queue_xmit+0x4b/0x60 net/core/dev.c:3617
 neigh_direct_output+0x42/0x50 net/core/neighbour.c:1398
 neigh_output include/net/neighbour.h:482 [inline]
 ip_finish_output2+0x1354/0x1480 net/ipv4/ip_output.c:229
 ip_finish_output+0xcbc/0x1000 net/ipv4/ip_output.c:317
 NF_HOOK_COND include/linux/netfilter.h:277 [inline]
 ip_output+0x505/0x5d0 net/ipv4/ip_output.c:405
 dst_output include/net/dst.h:444 [inline]
 ip_local_out net/ipv4/ip_output.c:124 [inline]
 ip_queue_xmit+0x1b0f/0x1d00 net/ipv4/ip_output.c:504
 tcp_transmit_skb+0x3db5/0x5350 net/ipv4/tcp_output.c:1176
 __tcp_retransmit_skb+0x2fd6/0x4100 net/ipv4/tcp_output.c:2906
 tcp_send_loss_probe+0xc79/0xf10 net/ipv4/tcp_output.c:2518
 tcp_write_timer_handler+0x726/0xef0 net/ipv4/tcp_timer.c:569
 tcp_write_timer+0x12b/0x280 net/ipv4/tcp_timer.c:593
 call_timer_fn+0x280/0x5d0 kernel/time/timer.c:1326
 expire_timers kernel/time/timer.c:1363 [inline]
 __run_timers+0xd96/0x11b0 kernel/time/timer.c:1666
 run_timer_softirq+0x43/0x70 kernel/time/timer.c:1692
 __do_softirq+0x592/0x979 kernel/softirq.c:285

Uninit was stored to memory at:
 kmsan_save_stack_with_flags mm/kmsan/kmsan.c:282 [inline]
 kmsan_save_stack mm/kmsan/kmsan.c:297 [inline]
 kmsan_internal_chain_origin+0x12b/0x210 mm/kmsan/kmsan.c:689
 kmsan_memcpy_origins+0x11d/0x170 mm/kmsan/kmsan.c:530
 __msan_memcpy+0x109/0x160 mm/kmsan/kmsan_instr.c:413
 pskb_expand_head+0x3a6/0x1a70 net/core/skbuff.c:1470
 skb_unclone include/linux/skbuff.h:1441 [inline]
 __tcp_retransmit_skb+0xfdb/0x4100 net/ipv4/tcp_output.c:2864
 tcp_send_loss_probe+0xc79/0xf10 net/ipv4/tcp_output.c:2518
 tcp_write_timer_handler+0x726/0xef0 net/ipv4/tcp_timer.c:569
 tcp_write_timer+0x12b/0x280 net/ipv4/tcp_timer.c:593
 call_timer_fn+0x280/0x5d0 kernel/time/timer.c:1326
 expire_timers kernel/time/timer.c:1363 [inline]
 __run_timers+0xd96/0x11b0 kernel/time/timer.c:1666
 run_timer_softirq+0x43/0x70 kernel/time/timer.c:1692
 __do_softirq+0x592/0x979 kernel/softirq.c:285

Uninit was created at:
 kmsan_save_stack_with_flags mm/kmsan/kmsan.c:282 [inline]
 kmsan_internal_poison_shadow+0xb8/0x1b0 mm/kmsan/kmsan.c:192
 kmsan_kmalloc+0x94/0x100 mm/kmsan/kmsan.c:318
 kmsan_slab_alloc+0x10/0x20 mm/kmsan/kmsan.c:325
 slab_post_alloc_hook mm/slab.h:446 [inline]
 slab_alloc_node mm/slub.c:2753 [inline]
 __kmalloc_node_track_caller+0xb35/0x11b0 mm/slub.c:4395
 __kmalloc_reserve net/core/skbuff.c:138 [inline]
 __alloc_skb+0x2cb/0x9e0 net/core/skbuff.c:206
 alloc_skb_fclone include/linux/skbuff.h:1030 [inline]
 sk_stream_alloc_skb+0x17c/0xcf0 net/ipv4/tcp.c:875
 tcp_fragment+0x425/0x20e0 net/ipv4/tcp_output.c:1316
 tcp_write_wakeup+0x1505/0x1ea0 net/ipv4/tcp_output.c:3694
 tcp_send_probe0+0x7c/0x680 net/ipv4/tcp_output.c:3723
 tcp_probe_timer net/ipv4/tcp_timer.c:359 [inline]
 tcp_write_timer_handler+0xe76/0xef0 net/ipv4/tcp_timer.c:577
 tcp_write_timer+0x12b/0x280 net/ipv4/tcp_timer.c:593
 call_timer_fn+0x280/0x5d0 kernel/time/timer.c:1326
 expire_timers kernel/time/timer.c:1363 [inline]
 __run_timers+0xd96/0x11b0 kernel/time/timer.c:1666
 run_timer_softirq+0x43/0x70 kernel/time/timer.c:1692
 __do_softirq+0x592/0x979 kernel/softirq.c:285
==================================================================