KMSAN: uninit-value in __skb_checksum

Kernel	Title	Repro	Count	Last	Reported	Patched	Status
upstream	KMSAN: uninit-value in __skb_checksum_complete (3) netfilter		7	2101d	2267d	0/28	auto-closed as invalid on 2019/10/19 05:22
upstream	KMSAN: uninit-value in __skb_checksum_complete (5) net	C	1497	507d	1620d	0/28	auto-obsoleted due to no activity on 2024/02/04 15:28
upstream	KMSAN: uninit-value in __skb_checksum_complete (2) net		2	2392d	2394d	0/28	closed as invalid on 2018/09/05 16:20
upstream	KMSAN: uninit-value in __skb_checksum_complete (4) netfilter	C	420	1643d	1885d	0/28	closed as invalid on 2020/07/22 16:42
upstream	KMSAN: uninit-value in __skb_checksum_complete net	C	5	2465d	2466d	0/28	closed as invalid on 2018/04/22 15:44

===================================================== BUG: KMSAN: uninit-value in __skb_checksum_complete+0x349/0x490 net/core/skbuff.c:3704 __skb_checksum_complete+0x349/0x490 net/core/skbuff.c:3704 __skb_checksum_validate_complete include/linux/skbuff.h:4673 [inline] icmp_rcv+0xc5e/0x2790 net/ipv4/icmp.c:1229 ip_protocol_deliver_rcu+0xb51/0x13d0 net/ipv4/ip_input.c:205 ip_local_deliver_finish+0x336/0x500 net/ipv4/ip_input.c:233 NF_HOOK include/linux/netfilter.h:314 [inline] ip_local_deliver+0x21f/0x490 net/ipv4/ip_input.c:254 dst_input include/net/dst.h:460 [inline] ip_rcv_finish+0x4a2/0x520 net/ipv4/ip_input.c:447 NF_HOOK include/linux/netfilter.h:314 [inline] ip_rcv+0xcd/0x380 net/ipv4/ip_input.c:567 __netif_receive_skb_one_core net/core/dev.c:5672 [inline] __netif_receive_skb+0x319/0xa00 net/core/dev.c:5785 process_backlog+0x4ad/0xa50 net/core/dev.c:6117 __napi_poll+0xe7/0x980 net/core/dev.c:6877 napi_poll net/core/dev.c:6946 [inline] net_rx_action+0xa5a/0x19b0 net/core/dev.c:7068 handle_softirqs+0x1a0/0x7c0 kernel/softirq.c:554 __do_softirq+0x14/0x1a kernel/softirq.c:588 do_softirq+0x9a/0x100 kernel/softirq.c:455 __local_bh_enable_ip+0x9f/0xb0 kernel/softirq.c:382 local_bh_enable include/linux/bottom_half.h:33 [inline] rcu_read_unlock_bh include/linux/rcupdate.h:919 [inline] __dev_queue_xmit+0x2758/0x57d0 net/core/dev.c:4461 dev_queue_xmit include/linux/netdevice.h:3168 [inline] neigh_hh_output include/net/neighbour.h:523 [inline] neigh_output include/net/neighbour.h:537 [inline] ip_finish_output2+0x187c/0x1b70 net/ipv4/ip_output.c:236 __ip_finish_output+0x287/0x810 ip_finish_output+0x4b/0x600 net/ipv4/ip_output.c:324 NF_HOOK_COND include/linux/netfilter.h:303 [inline] ip_output+0x15f/0x3f0 net/ipv4/ip_output.c:434 dst_output include/net/dst.h:450 [inline] ip_local_out net/ipv4/ip_output.c:130 [inline] __ip_queue_xmit+0x1f2a/0x20d0 net/ipv4/ip_output.c:536 ip_queue_xmit+0x60/0x80 net/ipv4/ip_output.c:550 __tcp_transmit_skb+0x3cea/0x4900 net/ipv4/tcp_output.c:1466 tcp_transmit_skb net/ipv4/tcp_output.c:1484 [inline] tcp_write_xmit+0x3b90/0x9070 net/ipv4/tcp_output.c:2827 __tcp_push_pending_frames+0xc4/0x380 net/ipv4/tcp_output.c:3010 tcp_push+0x755/0x7a0 net/ipv4/tcp.c:751 tcp_sendmsg_locked+0x6288/0x6e60 net/ipv4/tcp.c:1326 tcp_sendmsg+0x49/0x90 net/ipv4/tcp.c:1358 inet_sendmsg+0x142/0x280 net/ipv4/af_inet.c:851 sock_sendmsg_nosec net/socket.c:711 [inline] __sock_sendmsg+0x267/0x380 net/socket.c:726 sock_write_iter+0x365/0x3d0 net/socket.c:1147 new_sync_write fs/read_write.c:586 [inline] vfs_write+0xb2b/0x1540 fs/read_write.c:679 ksys_write+0x240/0x4b0 fs/read_write.c:731 __do_sys_write fs/read_write.c:742 [inline] __se_sys_write fs/read_write.c:739 [inline] __x64_sys_write+0x93/0xe0 fs/read_write.c:739 x64_sys_call+0x3161/0x3c30 arch/x86/include/generated/asm/syscalls_64.h:2 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f <Zero or more stacks not recorded to save memory> Uninit was stored to memory at: pskb_expand_head+0x305/0x1a60 net/core/skbuff.c:2283 __skb_cow include/linux/skbuff.h:3740 [inline] skb_cow_head include/linux/skbuff.h:3774 [inline] erspan_xmit+0x8e2/0x1cd0 net/ipv4/ip_gre.c:715 __netdev_start_xmit include/linux/netdevice.h:5002 [inline] netdev_start_xmit include/linux/netdevice.h:5011 [inline] xmit_one net/core/dev.c:3590 [inline] dev_hard_start_xmit+0x247/0xa20 net/core/dev.c:3606 sch_direct_xmit+0x399/0xd40 net/sched/sch_generic.c:343 qdisc_restart net/sched/sch_generic.c:408 [inline] __qdisc_run+0x14da/0x35d0 net/sched/sch_generic.c:416 __dev_xmit_skb net/core/dev.c:3829 [inline] __dev_queue_xmit+0x3154/0x57d0 net/core/dev.c:4400 bond_start_xmit+0x1c61/0x24f0 drivers/net/bonding/bond_main.c:5605 __netdev_start_xmit include/linux/netdevice.h:5002 [inline] netdev_start_xmit include/linux/netdevice.h:5011 [inline] xmit_one net/core/dev.c:3590 [inline] dev_hard_start_xmit+0x247/0xa20 net/core/dev.c:3606 __dev_queue_xmit+0x366a/0x57d0 net/core/dev.c:4434 dev_queue_xmit include/linux/netdevice.h:3168 [inline] neigh_hh_output include/net/neighbour.h:523 [inline] neigh_output include/net/neighbour.h:537 [inline] ip_finish_output2+0x187c/0x1b70 net/ipv4/ip_output.c:236 __ip_finish_output+0x287/0x810 ip_finish_output+0x4b/0x600 net/ipv4/ip_output.c:324 NF_HOOK_COND include/linux/netfilter.h:303 [inline] ip_output+0x15f/0x3f0 net/ipv4/ip_output.c:434 dst_output include/net/dst.h:450 [inline] ip_local_out net/ipv4/ip_output.c:130 [inline] __ip_queue_xmit+0x1f2a/0x20d0 net/ipv4/ip_output.c:536 ip_queue_xmit+0x60/0x80 net/ipv4/ip_output.c:550 __tcp_transmit_skb+0x3cea/0x4900 net/ipv4/tcp_output.c:1466 tcp_transmit_skb net/ipv4/tcp_output.c:1484 [inline] tcp_write_xmit+0x3b90/0x9070 net/ipv4/tcp_output.c:2827 __tcp_push_pending_frames+0xc4/0x380 net/ipv4/tcp_output.c:3010 tcp_push+0x755/0x7a0 net/ipv4/tcp.c:751 tcp_sendmsg_locked+0x6288/0x6e60 net/ipv4/tcp.c:1326 tcp_sendmsg+0x49/0x90 net/ipv4/tcp.c:1358 inet_sendmsg+0x142/0x280 net/ipv4/af_inet.c:851 sock_sendmsg_nosec net/socket.c:711 [inline] __sock_sendmsg+0x267/0x380 net/socket.c:726 sock_write_iter+0x365/0x3d0 net/socket.c:1147 new_sync_write fs/read_write.c:586 [inline] vfs_write+0xb2b/0x1540 fs/read_write.c:679 ksys_write+0x240/0x4b0 fs/read_write.c:731 __do_sys_write fs/read_write.c:742 [inline] __se_sys_write fs/read_write.c:739 [inline] __x64_sys_write+0x93/0xe0 fs/read_write.c:739 x64_sys_call+0x3161/0x3c30 arch/x86/include/generated/asm/syscalls_64.h:2 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f Uninit was stored to memory at: pskb_expand_head+0x305/0x1a60 net/core/skbuff.c:2283 __skb_cow include/linux/skbuff.h:3740 [inline] skb_cow_head include/linux/skbuff.h:3774 [inline] erspan_xmit+0x8e2/0x1cd0 net/ipv4/ip_gre.c:715 __netdev_start_xmit include/linux/netdevice.h:5002 [inline] netdev_start_xmit include/linux/netdevice.h:5011 [inline] xmit_one net/core/dev.c:3590 [inline] dev_hard_start_xmit+0x247/0xa20 net/core/dev.c:3606 sch_direct_xmit+0x399/0xd40 net/sched/sch_generic.c:343 qdisc_restart net/sched/sch_generic.c:408 [inline] __qdisc_run+0x14da/0x35d0 net/sched/sch_generic.c:416 __dev_xmit_skb net/core/dev.c:3829 [inline] __dev_queue_xmit+0x3154/0x57d0 net/core/dev.c:4400 bond_start_xmit+0x1c61/0x24f0 drivers/net/bonding/bond_main.c:5605 __netdev_start_xmit include/linux/netdevice.h:5002 [inline] netdev_start_xmit include/linux/netdevice.h:5011 [inline] xmit_one net/core/dev.c:3590 [inline] dev_hard_start_xmit+0x247/0xa20 net/core/dev.c:3606 __dev_queue_xmit+0x366a/0x57d0 net/core/dev.c:4434 dev_queue_xmit include/linux/netdevice.h:3168 [inline] neigh_hh_output include/net/neighbour.h:523 [inline] neigh_output include/net/neighbour.h:537 [inline] ip_finish_output2+0x187c/0x1b70 net/ipv4/ip_output.c:236 __ip_finish_output+0x287/0x810 ip_finish_output+0x4b/0x600 net/ipv4/ip_output.c:324 NF_HOOK_COND include/linux/netfilter.h:303 [inline] ip_output+0x15f/0x3f0 net/ipv4/ip_output.c:434 dst_output include/net/dst.h:450 [inline] ip_local_out net/ipv4/ip_output.c:130 [inline] __ip_queue_xmit+0x1f2a/0x20d0 net/ipv4/ip_output.c:536 ip_queue_xmit+0x60/0x80 net/ipv4/ip_output.c:550 __tcp_transmit_skb+0x3cea/0x4900 net/ipv4/tcp_output.c:1466 tcp_transmit_skb net/ipv4/tcp_output.c:1484 [inline] tcp_write_xmit+0x3b90/0x9070 net/ipv4/tcp_output.c:2827 __tcp_push_pending_frames+0xc4/0x380 net/ipv4/tcp_output.c:3010 tcp_push+0x755/0x7a0 net/ipv4/tcp.c:751 tcp_sendmsg_locked+0x6288/0x6e60 net/ipv4/tcp.c:1326 tcp_sendmsg+0x49/0x90 net/ipv4/tcp.c:1358 inet_sendmsg+0x142/0x280 net/ipv4/af_inet.c:851 sock_sendmsg_nosec net/socket.c:711 [inline] __sock_sendmsg+0x267/0x380 net/socket.c:726 sock_write_iter+0x365/0x3d0 net/socket.c:1147 new_sync_write fs/read_write.c:586 [inline] vfs_write+0xb2b/0x1540 fs/read_write.c:679 ksys_write+0x240/0x4b0 fs/read_write.c:731 __do_sys_write fs/read_write.c:742 [inline] __se_sys_write fs/read_write.c:739 [inline] __x64_sys_write+0x93/0xe0 fs/read_write.c:739 x64_sys_call+0x3161/0x3c30 arch/x86/include/generated/asm/syscalls_64.h:2 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f Uninit was stored to memory at: pskb_expand_head+0x305/0x1a60 net/core/skbuff.c:2283 __skb_cow include/linux/skbuff.h:3740 [inline] skb_cow_head include/linux/skbuff.h:3774 [inline] ip_tunnel_xmit+0x3644/0x3ec0 net/ipv4/ip_tunnel.c:849 __gre_xmit+0x19f/0x220 net/ipv4/ip_gre.c:484 erspan_xmit+0x12cb/0x1cd0 net/ipv4/ip_gre.c:743 __netdev_start_xmit include/linux/netdevice.h:5002 [inline] netdev_start_xmit include/linux/netdevice.h:5011 [inline] xmit_one net/core/dev.c:3590 [inline] dev_hard_start_xmit+0x247/0xa20 net/core/dev.c:3606 sch_direct_xmit+0x399/0xd40 net/sched/sch_generic.c:343 qdisc_restart net/sched/sch_generic.c:408 [inline] __qdisc_run+0x14da/0x35d0 net/sched/sch_generic.c:416 __dev_xmit_skb net/core/dev.c:3829 [inline] __dev_queue_xmit+0x3154/0x57d0 net/core/dev.c:4400 bond_start_xmit+0x1c61/0x24f0 drivers/net/bonding/bond_main.c:5605 __netdev_start_xmit include/linux/netdevice.h:5002 [inline] netdev_start_xmit include/linux/netdevice.h:5011 [inline] xmit_one net/core/dev.c:3590 [inline] dev_hard_start_xmit+0x247/0xa20 net/core/dev.c:3606 __dev_queue_xmit+0x366a/0x57d0 net/core/dev.c:4434 dev_queue_xmit include/linux/netdevice.h:3168 [inline] neigh_hh_output include/net/neighbour.h:523 [inline] neigh_output include/net/neighbour.h:537 [inline] ip_finish_output2+0x187c/0x1b70 net/ipv4/ip_output.c:236 __ip_finish_output+0x287/0x810 ip_finish_output+0x4b/0x600 net/ipv4/ip_output.c:324 NF_HOOK_COND include/linux/netfilter.h:303 [inline] ip_output+0x15f/0x3f0 net/ipv4/ip_output.c:434 dst_output include/net/dst.h:450 [inline] ip_local_out net/ipv4/ip_output.c:130 [inline] __ip_queue_xmit+0x1f2a/0x20d0 net/ipv4/ip_output.c:536 ip_queue_xmit+0x60/0x80 net/ipv4/ip_output.c:550 __tcp_transmit_skb+0x3cea/0x4900 net/ipv4/tcp_output.c:1466 tcp_transmit_skb net/ipv4/tcp_output.c:1484 [inline] tcp_write_xmit+0x3b90/0x9070 net/ipv4/tcp_output.c:2827 __tcp_push_pending_frames+0xc4/0x380 net/ipv4/tcp_output.c:3010 tcp_push+0x755/0x7a0 net/ipv4/tcp.c:751 tcp_sendmsg_locked+0x6288/0x6e60 net/ipv4/tcp.c:1326 tcp_sendmsg+0x49/0x90 net/ipv4/tcp.c:1358 inet_sendmsg+0x142/0x280 net/ipv4/af_inet.c:851 sock_sendmsg_nosec net/socket.c:711 [inline] __sock_sendmsg+0x267/0x380 net/socket.c:726 sock_write_iter+0x365/0x3d0 net/socket.c:1147 new_sync_write fs/read_write.c:586 [inline] vfs_write+0xb2b/0x1540 fs/read_write.c:679 ksys_write+0x240/0x4b0 fs/read_write.c:731 __do_sys_write fs/read_write.c:742 [inline] __se_sys_write fs/read_write.c:739 [inline] __x64_sys_write+0x93/0xe0 fs/read_write.c:739 x64_sys_call+0x3161/0x3c30 arch/x86/include/generated/asm/syscalls_64.h:2 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f Uninit was stored to memory at: pskb_expand_head+0x305/0x1a60 net/core/skbuff.c:2283 __skb_cow include/linux/skbuff.h:3740 [inline] skb_cow_head include/linux/skbuff.h:3774 [inline] ip_tunnel_xmit+0x3644/0x3ec0 net/ipv4/ip_tunnel.c:849 __gre_xmit+0x19f/0x220 net/ipv4/ip_gre.c:484 erspan_xmit+0x12cb/0x1cd0 net/ipv4/ip_gre.c:743 __netdev_start_xmit include/linux/netdevice.h:5002 [inline] netdev_start_xmit include/linux/netdevice.h:5011 [inline] xmit_one net/core/dev.c:3590 [inline] dev_hard_start_xmit+0x247/0xa20 net/core/dev.c:3606 sch_direct_xmit+0x399/0xd40 net/sched/sch_generic.c:343 qdisc_restart net/sched/sch_generic.c:408 [inline] __qdisc_run+0x14da/0x35d0 net/sched/sch_generic.c:416 __dev_xmit_skb net/core/dev.c:3829 [inline] __dev_queue_xmit+0x3154/0x57d0 net/core/dev.c:4400 bond_start_xmit+0x1c61/0x24f0 drivers/net/bonding/bond_main.c:5605 __netdev_start_xmit include/linux/netdevice.h:5002 [inline] netdev_start_xmit include/linux/netdevice.h:5011 [inline] xmit_one net/core/dev.c:3590 [inline] dev_hard_start_xmit+0x247/0xa20 net/core/dev.c:3606 __dev_queue_xmit+0x366a/0x57d0 net/core/dev.c:4434 dev_queue_xmit include/linux/netdevice.h:3168 [inline] neigh_hh_output include/net/neighbour.h:523 [inline] neigh_output include/net/neighbour.h:537 [inline] ip_finish_output2+0x187c/0x1b70 net/ipv4/ip_output.c:236 __ip_finish_output+0x287/0x810 ip_finish_output+0x4b/0x600 net/ipv4/ip_output.c:324 NF_HOOK_COND include/linux/netfilter.h:303 [inline] ip_output+0x15f/0x3f0 net/ipv4/ip_output.c:434 dst_output include/net/dst.h:450 [inline] ip_local_out net/ipv4/ip_output.c:130 [inline] __ip_queue_xmit+0x1f2a/0x20d0 net/ipv4/ip_output.c:536 ip_queue_xmit+0x60/0x80 net/ipv4/ip_output.c:550 __tcp_transmit_skb+0x3cea/0x4900 net/ipv4/tcp_output.c:1466 tcp_transmit_skb net/ipv4/tcp_output.c:1484 [inline] tcp_write_xmit+0x3b90/0x9070 net/ipv4/tcp_output.c:2827 __tcp_push_pending_frames+0xc4/0x380 net/ipv4/tcp_output.c:3010 tcp_push+0x755/0x7a0 net/ipv4/tcp.c:751 tcp_sendmsg_locked+0x6288/0x6e60 net/ipv4/tcp.c:1326 tcp_sendmsg+0x49/0x90 net/ipv4/tcp.c:1358 inet_sendmsg+0x142/0x280 net/ipv4/af_inet.c:851 sock_sendmsg_nosec net/socket.c:711 [inline] __sock_sendmsg+0x267/0x380 net/socket.c:726 sock_write_iter+0x365/0x3d0 net/socket.c:1147 new_sync_write fs/read_write.c:586 [inline] vfs_write+0xb2b/0x1540 fs/read_write.c:679 ksys_write+0x240/0x4b0 fs/read_write.c:731 __do_sys_write fs/read_write.c:742 [inline] __se_sys_write fs/read_write.c:739 [inline] __x64_sys_write+0x93/0xe0 fs/read_write.c:739 x64_sys_call+0x3161/0x3c30 arch/x86/include/generated/asm/syscalls_64.h:2 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f Uninit was stored to memory at: pskb_expand_head+0x305/0x1a60 net/core/skbuff.c:2283 __skb_cow include/linux/skbuff.h:3740 [inline] skb_cow_head include/linux/skbuff.h:3774 [inline] erspan_xmit+0x8e2/0x1cd0 net/ipv4/ip_gre.c:715 __netdev_start_xmit include/linux/netdevice.h:5002 [inline] netdev_start_xmit include/linux/netdevice.h:5011 [inline] xmit_one net/core/dev.c:3590 [inline] dev_hard_start_xmit+0x247/0xa20 net/core/dev.c:3606 sch_direct_xmit+0x399/0xd40 net/sched/sch_generic.c:343 qdisc_restart net/sched/sch_generic.c:408 [inline] __qdisc_run+0x14da/0x35d0 net/sched/sch_generic.c:416 __dev_xmit_skb net/core/dev.c:3829 [inline] __dev_queue_xmit+0x3154/0x57d0 net/core/dev.c:4400 bond_start_xmit+0x1c61/0x24f0 drivers/net/bonding/bond_main.c:5605 __netdev_start_xmit include/linux/netdevice.h:5002 [inline] netdev_start_xmit include/linux/netdevice.h:5011 [inline] xmit_one net/core/dev.c:3590 [inline] dev_hard_start_xmit+0x247/0xa20 net/core/dev.c:3606 __dev_queue_xmit+0x366a/0x57d0 net/core/dev.c:4434 dev_queue_xmit include/linux/netdevice.h:3168 [inline] neigh_hh_output include/net/neighbour.h:523 [inline] neigh_output include/net/neighbour.h:537 [inline] ip_finish_output2+0x187c/0x1b70 net/ipv4/ip_output.c:236 __ip_finish_output+0x287/0x810 ip_finish_output+0x4b/0x600 net/ipv4/ip_output.c:324 NF_HOOK_COND include/linux/netfilter.h:303 [inline] ip_output+0x15f/0x3f0 net/ipv4/ip_output.c:434 dst_output include/net/dst.h:450 [inline] ip_local_out net/ipv4/ip_output.c:130 [inline] __ip_queue_xmit+0x1f2a/0x20d0 net/ipv4/ip_output.c:536 ip_queue_xmit+0x60/0x80 net/ipv4/ip_output.c:550 __tcp_transmit_skb+0x3cea/0x4900 net/ipv4/tcp_output.c:1466 tcp_transmit_skb net/ipv4/tcp_output.c:1484 [inline] tcp_write_xmit+0x3b90/0x9070 net/ipv4/tcp_output.c:2827 __tcp_push_pending_frames+0xc4/0x380 net/ipv4/tcp_output.c:3010 tcp_push+0x755/0x7a0 net/ipv4/tcp.c:751 tcp_sendmsg_locked+0x6288/0x6e60 net/ipv4/tcp.c:1326 tcp_sendmsg+0x49/0x90 net/ipv4/tcp.c:1358 inet_sendmsg+0x142/0x280 net/ipv4/af_inet.c:851 sock_sendmsg_nosec net/socket.c:711 [inline] __sock_sendmsg+0x267/0x380 net/socket.c:726 sock_write_iter+0x365/0x3d0 net/socket.c:1147 new_sync_write fs/read_write.c:586 [inline] vfs_write+0xb2b/0x1540 fs/read_write.c:679 ksys_write+0x240/0x4b0 fs/read_write.c:731 __do_sys_write fs/read_write.c:742 [inline] __se_sys_write fs/read_write.c:739 [inline] __x64_sys_write+0x93/0xe0 fs/read_write.c:739 x64_sys_call+0x3161/0x3c30 arch/x86/include/generated/asm/syscalls_64.h:2 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f Uninit was stored to memory at: pskb_expand_head+0x305/0x1a60 net/core/skbuff.c:2283 __skb_cow include/linux/skbuff.h:3740 [inline] skb_cow_head include/linux/skbuff.h:3774 [inline] erspan_xmit+0x8e2/0x1cd0 net/ipv4/ip_gre.c:715 __netdev_start_xmit include/linux/netdevice.h:5002 [inline] netdev_start_xmit include/linux/netdevice.h:5011 [inline] xmit_one net/core/dev.c:3590 [inline] dev_hard_start_xmit+0x247/0xa20 net/core/dev.c:3606 sch_direct_xmit+0x399/0xd40 net/sched/sch_generic.c:343 qdisc_restart net/sched/sch_generic.c:408 [inline] __qdisc_run+0x14da/0x35d0 net/sched/sch_generic.c:416 __dev_xmit_skb net/core/dev.c:3829 [inline] __dev_queue_xmit+0x3154/0x57d0 net/core/dev.c:4400 bond_start_xmit+0x1c61/0x24f0 drivers/net/bonding/bond_main.c:5605 __netdev_start_xmit include/linux/netdevice.h:5002 [inline] netdev_start_xmit include/linux/netdevice.h:5011 [inline] xmit_one net/core/dev.c:3590 [inline] dev_hard_start_xmit+0x247/0xa20 net/core/dev.c:3606 __dev_queue_xmit+0x366a/0x57d0 net/core/dev.c:4434 dev_queue_xmit include/linux/netdevice.h:3168 [inline] neigh_hh_output include/net/neighbour.h:523 [inline] neigh_output include/net/neighbour.h:537 [inline] ip_finish_output2+0x187c/0x1b70 net/ipv4/ip_output.c:236 __ip_finish_output+0x287/0x810 ip_finish_output+0x4b/0x600 net/ipv4/ip_output.c:324 NF_HOOK_COND include/linux/netfilter.h:303 [inline] ip_output+0x15f/0x3f0 net/ipv4/ip_output.c:434 dst_output include/net/dst.h:450 [inline] ip_local_out net/ipv4/ip_output.c:130 [inline] __ip_queue_xmit+0x1f2a/0x20d0 net/ipv4/ip_output.c:536 ip_queue_xmit+0x60/0x80 net/ipv4/ip_output.c:550 __tcp_transmit_skb+0x3cea/0x4900 net/ipv4/tcp_output.c:1466 tcp_transmit_skb net/ipv4/tcp_output.c:1484 [inline] tcp_write_xmit+0x3b90/0x9070 net/ipv4/tcp_output.c:2827 __tcp_push_pending_frames+0xc4/0x380 net/ipv4/tcp_output.c:3010 tcp_push+0x755/0x7a0 net/ipv4/tcp.c:751 tcp_sendmsg_locked+0x6288/0x6e60 net/ipv4/tcp.c:1326 tcp_sendmsg+0x49/0x90 net/ipv4/tcp.c:1358 inet_sendmsg+0x142/0x280 net/ipv4/af_inet.c:851 sock_sendmsg_nosec net/socket.c:711 [inline] __sock_sendmsg+0x267/0x380 net/socket.c:726 sock_write_iter+0x365/0x3d0 net/socket.c:1147 new_sync_write fs/read_write.c:586 [inline] vfs_write+0xb2b/0x1540 fs/read_write.c:679 ksys_write+0x240/0x4b0 fs/read_write.c:731 __do_sys_write fs/read_write.c:742 [inline] __se_sys_write fs/read_write.c:739 [inline] __x64_sys_write+0x93/0xe0 fs/read_write.c:739 x64_sys_call+0x3161/0x3c30 arch/x86/include/generated/asm/syscalls_64.h:2 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f Uninit was stored to memory at: pskb_expand_head+0x305/0x1a60 net/core/skbuff.c:2283 __skb_cow include/linux/skbuff.h:3740 [inline] skb_cow_head include/linux/skbuff.h:3774 [inline] ip_tunnel_xmit+0x3644/0x3ec0 net/ipv4/ip_tunnel.c:849 __gre_xmit+0x19f/0x220 net/ipv4/ip_gre.c:484 erspan_xmit+0x12cb/0x1cd0 net/ipv4/ip_gre.c:743 __netdev_start_xmit include/linux/netdevice.h:5002 [inline] netdev_start_xmit include/linux/netdevice.h:5011 [inline] xmit_one net/core/dev.c:3590 [inline] dev_hard_start_xmit+0x247/0xa20 net/core/dev.c:3606 sch_direct_xmit+0x399/0xd40 net/sched/sch_generic.c:343 qdisc_restart net/sched/sch_generic.c:408 [inline] __qdisc_run+0x14da/0x35d0 net/sched/sch_generic.c:416 __dev_xmit_skb net/core/dev.c:3829 [inline] __dev_queue_xmit+0x3154/0x57d0 net/core/dev.c:4400 bond_start_xmit+0x1c61/0x24f0 drivers/net/bonding/bond_main.c:5605 __netdev_start_xmit include/linux/netdevice.h:5002 [inline] netdev_start_xmit include/linux/netdevice.h:5011 [inline] xmit_one net/core/dev.c:3590 [inline] dev_hard_start_xmit+0x247/0xa20 net/core/dev.c:3606 __dev_queue_xmit+0x366a/0x57d0 net/core/dev.c:4434 dev_queue_xmit include/linux/netdevice.h:3168 [inline] neigh_hh_output include/net/neighbour.h:523 [inline] neigh_output include/net/neighbour.h:537 [inline] ip_finish_output2+0x187c/0x1b70 net/ipv4/ip_output.c:236 __ip_finish_output+0x287/0x810 ip_finish_output+0x4b/0x600 net/ipv4/ip_output.c:324 NF_HOOK_COND include/linux/netfilter.h:303 [inline] ip_output+0x15f/0x3f0 net/ipv4/ip_output.c:434 dst_output include/net/dst.h:450 [inline] ip_local_out net/ipv4/ip_output.c:130 [inline] __ip_queue_xmit+0x1f2a/0x20d0 net/ipv4/ip_output.c:536 ip_queue_xmit+0x60/0x80 net/ipv4/ip_output.c:550 __tcp_transmit_skb+0x3cea/0x4900 net/ipv4/tcp_output.c:1466 tcp_transmit_skb net/ipv4/tcp_output.c:1484 [inline] tcp_write_xmit+0x3b90/0x9070 net/ipv4/tcp_output.c:2827 __tcp_push_pending_frames+0xc4/0x380 net/ipv4/tcp_output.c:3010 tcp_push+0x755/0x7a0 net/ipv4/tcp.c:751 tcp_sendmsg_locked+0x6288/0x6e60 net/ipv4/tcp.c:1326 tcp_sendmsg+0x49/0x90 net/ipv4/tcp.c:1358 inet_sendmsg+0x142/0x280 net/ipv4/af_inet.c:851 sock_sendmsg_nosec net/socket.c:711 [inline] __sock_sendmsg+0x267/0x380 net/socket.c:726 sock_write_iter+0x365/0x3d0 net/socket.c:1147 new_sync_write fs/read_write.c:586 [inline] vfs_write+0xb2b/0x1540 fs/read_write.c:679 ksys_write+0x240/0x4b0 fs/read_write.c:731 __do_sys_write fs/read_write.c:742 [inline] __se_sys_write fs/read_write.c:739 [inline] __x64_sys_write+0x93/0xe0 fs/read_write.c:739 x64_sys_call+0x3161/0x3c30 arch/x86/include/generated/asm/syscalls_64.h:2 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f Uninit was created at: slab_post_alloc_hook mm/slub.c:4110 [inline] slab_alloc_node mm/slub.c:4153 [inline] kmem_cache_alloc_node_noprof+0x907/0xe00 mm/slub.c:4205 kmalloc_reserve+0x13d/0x4a0 net/core/skbuff.c:587 __alloc_skb+0x363/0x7b0 net/core/skbuff.c:678 skb_segment+0x20df/0x7260 net/core/skbuff.c:4859 tcp_gso_segment+0x818/0x2e70 net/ipv4/tcp_offload.c:176 tcp4_gso_segment+0xbfd/0x1b90 net/ipv4/tcp_offload.c:126 inet_gso_segment+0xcae/0x1fd0 net/ipv4/af_inet.c:1420 skb_mac_gso_segment+0x435/0x800 net/core/gso.c:53 __skb_gso_segment+0x682/0x840 net/core/gso.c:124 skb_gso_segment include/net/gso.h:83 [inline] validate_xmit_skb+0xca8/0x17b0 net/core/dev.c:3675 validate_xmit_skb_list+0xf4/0x2f0 net/core/dev.c:3725 sch_direct_xmit+0xd0/0xd40 net/sched/sch_generic.c:328 __dev_xmit_skb net/core/dev.c:3827 [inline] __dev_queue_xmit+0x30b9/0x57d0 net/core/dev.c:4400 bond_start_xmit+0x1c61/0x24f0 drivers/net/bonding/bond_main.c:5605 __netdev_start_xmit include/linux/netdevice.h:5002 [inline] netdev_start_xmit include/linux/netdevice.h:5011 [inline] xmit_one net/core/dev.c:3590 [inline] dev_hard_start_xmit+0x247/0xa20 net/core/dev.c:3606 __dev_queue_xmit+0x366a/0x57d0 net/core/dev.c:4434 dev_queue_xmit include/linux/netdevice.h:3168 [inline] neigh_hh_output include/net/neighbour.h:523 [inline] neigh_output include/net/neighbour.h:537 [inline] ip_finish_output2+0x187c/0x1b70 net/ipv4/ip_output.c:236 __ip_finish_output+0x287/0x810 ip_finish_output+0x4b/0x600 net/ipv4/ip_output.c:324 NF_HOOK_COND include/linux/netfilter.h:303 [inline] ip_output+0x15f/0x3f0 net/ipv4/ip_output.c:434 dst_output include/net/dst.h:450 [inline] ip_local_out net/ipv4/ip_output.c:130 [inline] __ip_queue_xmit+0x1f2a/0x20d0 net/ipv4/ip_output.c:536 ip_queue_xmit+0x60/0x80 net/ipv4/ip_output.c:550 __tcp_transmit_skb+0x3cea/0x4900 net/ipv4/tcp_output.c:1466 tcp_transmit_skb net/ipv4/tcp_output.c:1484 [inline] tcp_write_xmit+0x3b90/0x9070 net/ipv4/tcp_output.c:2827 __tcp_push_pending_frames+0xc4/0x380 net/ipv4/tcp_output.c:3010 tcp_push+0x755/0x7a0 net/ipv4/tcp.c:751 tcp_sendmsg_locked+0x6288/0x6e60 net/ipv4/tcp.c:1326 tcp_sendmsg+0x49/0x90 net/ipv4/tcp.c:1358 inet_sendmsg+0x142/0x280 net/ipv4/af_inet.c:851 sock_sendmsg_nosec net/socket.c:711 [inline] __sock_sendmsg+0x267/0x380 net/socket.c:726 sock_write_iter+0x365/0x3d0 net/socket.c:1147 new_sync_write fs/read_write.c:586 [inline] vfs_write+0xb2b/0x1540 fs/read_write.c:679 ksys_write+0x240/0x4b0 fs/read_write.c:731 __do_sys_write fs/read_write.c:742 [inline] __se_sys_write fs/read_write.c:739 [inline] __x64_sys_write+0x93/0xe0 fs/read_write.c:739 x64_sys_call+0x3161/0x3c30 arch/x86/include/generated/asm/syscalls_64.h:2 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f CPU: 0 UID: 0 PID: 5771 Comm: syz-executor Tainted: G W 6.12.0-syzkaller-11677-g2ba9f676d0a2 #0 Tainted: [W]=WARN Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 =====================================================

Crashes (3):
Time	Kernel	Commit	Syzkaller	Config	Log	Report	VM info	Assets (help?)	Manager	Title
2024/11/30 10:29	upstream	2ba9f676d0a2	68914665	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci-upstream-kmsan-gce-root	KMSAN: uninit-value in __skb_checksum_complete
2024/11/18 12:26	upstream	adc218676eef	571351cb	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci-upstream-kmsan-gce-root	KMSAN: uninit-value in __skb_checksum_complete
2024/11/17 20:54	upstream	f66d6acccbc0	cfe3a04a	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci-upstream-kmsan-gce-root	KMSAN: uninit-value in __skb_checksum_complete

Crashes (3):

Assets (help?)