syzbot

 sign-in | mailing list | source | docs
🐞 Open [1516]
Subsystems
🐞 Fixed [6488]
🐞 Invalid [16483]
Missing Backports [199]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

KMSAN: uninit-value in sctp_inq_pop (2)

Status: upstream: reported C repro on 2022/01/08 08:00
Subsystems: sctp
[Documentation on labels]
Reported-by: syzbot+70a42f45e76bede082be@syzkaller.appspotmail.com
First crash: 1356d, last: 2d18h
Discussions (5)
Title Replies (including bot) Last reply
[syzbot] Monthly sctp report (Jun 2025) 0 (1) 2025/06/16 09:59
[syzbot] Monthly sctp report (May 2025) 0 (1) 2025/05/15 07:46
[syzbot] Monthly sctp report (Apr 2025) 0 (1) 2025/04/14 10:17
[PATCH net] sctp: fix uninit-value in sctp_inq_pop() 4 (4) 2023/09/08 04:48
[syzbot] KMSAN: uninit-value in sctp_inq_pop (2) 0 (1) 2022/01/08 08:00
Similar bugs (6)
Kernel Title Rank 🛈 Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KMSAN: uninit-value in sctp_inq_pop sctp 7 3 1502d 1541d 0/29 auto-closed as invalid on 2021/10/24 08:36
upstream KMSAN: kernel-infoleak in copyout (2) net 17 C 6723 790d 1958d 22/29 fixed on 2023/06/08 14:41
upstream KMSAN: uninit-value in nf_nat_setup_info (2) netfilter 7 C 764 1226d 1306d 0/29 auto-obsoleted due to no activity on 2022/09/28 07:28
upstream KMSAN: kernel-infoleak in __skb_datagram_iter net 9 68 679d 784d 23/29 fixed on 2023/09/28 17:51
upstream KMSAN: uninit-value in eth_type_trans (2) net 7 C 7429 6h37m 2022d 0/29 upstream: reported C repro on 2020/01/22 16:47
upstream KMSAN: kernel-infoleak in move_addr_to_user (6) tipc 9 C 4 1286d 1324d 20/29 fixed on 2022/03/08 16:11
Last patch testing requests (12)
Created Duration User Patch Repo Result
2024/06/30 07:40 30m retest repro upstream error
2024/06/29 07:43 23m retest repro upstream OK log
2024/06/29 07:43 23m retest repro upstream OK log
2024/06/29 07:43 23m retest repro upstream log
2024/06/29 07:43 26m retest repro upstream OK log
2024/06/29 07:43 23m retest repro upstream OK log
2023/08/28 16:57 25m n.zhandarovich@fintech.ru patch https://github.com/google/kmsan.git master OK log
2023/08/14 18:13 17m andrew.kanner@gmail.com patch https://github.com/google/kmsan.git master report log
2023/08/14 17:41 20m andrew.kanner@gmail.com patch https://github.com/google/kmsan.git master report log
2023/08/01 16:24 22m andrew.kanner@gmail.com https://github.com/google/kmsan.git master report log
2022/05/11 02:41 20m k.kahurani@gmail.com patch https://github.com/google/kmsan.git master OK
2022/05/08 15:20 12m (78) k.kahurani@gmail.com patch https://github.com/google/kmsan.git master report log

Sample crash report:
=====================================================
BUG: KMSAN: uninit-value in sctp_inq_pop+0x15b7/0x1920 net/sctp/inqueue.c:211
 sctp_inq_pop+0x15b7/0x1920 net/sctp/inqueue.c:211
 sctp_assoc_bh_rcv+0x1a7/0xc50 net/sctp/associola.c:998
 sctp_inq_push+0x2ef/0x380 net/sctp/inqueue.c:88
 sctp_backlog_rcv+0x397/0xdb0 net/sctp/input.c:331
 sk_backlog_rcv+0x13b/0x420 include/net/sock.h:1122
 __release_sock+0x1da/0x330 net/core/sock.c:3106
 release_sock+0x6b/0x250 net/core/sock.c:3660
 sctp_wait_for_connect+0x487/0x820 net/sctp/socket.c:9360
 sctp_sendmsg_to_asoc+0x1ec1/0x1f00 net/sctp/socket.c:1885
 sctp_sendmsg+0x32b9/0x4a80 net/sctp/socket.c:2031
 inet_sendmsg+0x25a/0x280 net/ipv4/af_inet.c:851
 sock_sendmsg_nosec net/socket.c:718 [inline]
 __sock_sendmsg+0x267/0x380 net/socket.c:733
 __sys_sendto+0x594/0x750 net/socket.c:2187
 __do_sys_sendto net/socket.c:2194 [inline]
 __se_sys_sendto net/socket.c:2190 [inline]
 __x64_sys_sendto+0x125/0x1d0 net/socket.c:2190
 x64_sys_call+0x346a/0x3c30 arch/x86/include/generated/asm/syscalls_64.h:45
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

Uninit was stored to memory at:
 sctp_inq_pop+0x153e/0x1920 net/sctp/inqueue.c:207
 sctp_assoc_bh_rcv+0x1a7/0xc50 net/sctp/associola.c:998
 sctp_inq_push+0x2ef/0x380 net/sctp/inqueue.c:88
 sctp_backlog_rcv+0x397/0xdb0 net/sctp/input.c:331
 sk_backlog_rcv+0x13b/0x420 include/net/sock.h:1122
 __release_sock+0x1da/0x330 net/core/sock.c:3106
 release_sock+0x6b/0x250 net/core/sock.c:3660
 sctp_wait_for_connect+0x487/0x820 net/sctp/socket.c:9360
 sctp_sendmsg_to_asoc+0x1ec1/0x1f00 net/sctp/socket.c:1885
 sctp_sendmsg+0x32b9/0x4a80 net/sctp/socket.c:2031
 inet_sendmsg+0x25a/0x280 net/ipv4/af_inet.c:851
 sock_sendmsg_nosec net/socket.c:718 [inline]
 __sock_sendmsg+0x267/0x380 net/socket.c:733
 __sys_sendto+0x594/0x750 net/socket.c:2187
 __do_sys_sendto net/socket.c:2194 [inline]
 __se_sys_sendto net/socket.c:2190 [inline]
 __x64_sys_sendto+0x125/0x1d0 net/socket.c:2190
 x64_sys_call+0x346a/0x3c30 arch/x86/include/generated/asm/syscalls_64.h:45
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

Uninit was created at:
 slab_post_alloc_hook mm/slub.c:4121 [inline]
 slab_alloc_node mm/slub.c:4164 [inline]
 __do_kmalloc_node mm/slub.c:4293 [inline]
 __kmalloc_node_track_caller_noprof+0x945/0x1240 mm/slub.c:4313
 kmalloc_reserve+0x23e/0x4a0 net/core/skbuff.c:609
 __alloc_skb+0x363/0x7b0 net/core/skbuff.c:678
 alloc_skb include/linux/skbuff.h:1331 [inline]
 sctp_packet_pack net/sctp/output.c:472 [inline]
 sctp_packet_transmit+0x17fa/0x43a0 net/sctp/output.c:621
 sctp_outq_flush_transports net/sctp/outqueue.c:1173 [inline]
 sctp_outq_flush+0x1b2f/0x6590 net/sctp/outqueue.c:1221
 sctp_outq_uncork+0x9c/0xb0 net/sctp/outqueue.c:764
 sctp_side_effects net/sctp/sm_sideeffect.c:1198 [inline]
 sctp_do_sm+0x8c49/0x93d0 net/sctp/sm_sideeffect.c:1169
 sctp_assoc_bh_rcv+0x8fe/0xc50 net/sctp/associola.c:1052
 sctp_inq_push+0x2ef/0x380 net/sctp/inqueue.c:88
 sctp_backlog_rcv+0x397/0xdb0 net/sctp/input.c:331
 sk_backlog_rcv+0x13b/0x420 include/net/sock.h:1122
 __release_sock+0x1da/0x330 net/core/sock.c:3106
 release_sock+0x6b/0x250 net/core/sock.c:3660
 sctp_wait_for_connect+0x487/0x820 net/sctp/socket.c:9360
 sctp_sendmsg_to_asoc+0x1ec1/0x1f00 net/sctp/socket.c:1885
 sctp_sendmsg+0x32b9/0x4a80 net/sctp/socket.c:2031
 inet_sendmsg+0x25a/0x280 net/ipv4/af_inet.c:851
 sock_sendmsg_nosec net/socket.c:718 [inline]
 __sock_sendmsg+0x267/0x380 net/socket.c:733
 __sys_sendto+0x594/0x750 net/socket.c:2187
 __do_sys_sendto net/socket.c:2194 [inline]
 __se_sys_sendto net/socket.c:2190 [inline]
 __x64_sys_sendto+0x125/0x1d0 net/socket.c:2190
 x64_sys_call+0x346a/0x3c30 arch/x86/include/generated/asm/syscalls_64.h:45
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

CPU: 1 UID: 0 PID: 5785 Comm: syz-executor966 Not tainted 6.14.0-rc2-syzkaller-00056-gab68d7eb7b1a #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
=====================================================

Crashes (4079):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2025/02/14 06:36 upstream ab68d7eb7b1a d9a046cf .config strace log report syz / log C [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in sctp_inq_pop
2024/02/26 10:50 upstream 70ff1fe626a1 8d446f15 .config strace log report syz C [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in sctp_inq_pop
2023/07/10 03:00 https://github.com/google/kmsan.git master 257152fe29be 668cb1fa .config strace log report syz C [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce KMSAN: uninit-value in sctp_inq_pop
2023/10/22 16:19 upstream 1acfd2bd3f0d 361b23dc .config strace log report syz C [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce KMSAN: uninit-value in sctp_inq_pop
2022/08/22 05:50 https://github.com/google/kmsan.git master 1b070a5d1a2c 26a13b38 .config strace log report syz C ci-upstream-kmsan-gce KMSAN: uninit-value in sctp_inq_pop
2022/05/13 22:16 https://github.com/google/kmsan.git master d6e2c8c7eb40 107f6434 .config strace log report syz C ci-upstream-kmsan-gce KMSAN: uninit-value in sctp_inq_pop
2022/01/04 02:03 https://github.com/google/kmsan.git master 81c325bbf94e 4a3f34f2 .config console log report syz C ci-upstream-kmsan-gce KMSAN: uninit-value in sctp_inq_pop
2025/07/27 15:32 upstream ec2df4364666 fb8f743d .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in sctp_inq_pop
2025/07/25 03:28 upstream 25fae0b93d1d fb8f743d .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in sctp_inq_pop
2025/07/24 22:41 upstream 25fae0b93d1d fb8f743d .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in sctp_inq_pop
2025/07/22 07:13 upstream 89be9a83ccf1 1555463b .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in sctp_inq_pop
2025/07/20 03:51 upstream bf61759db409 7117feec .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in sctp_inq_pop
2025/07/20 02:20 upstream bf61759db409 7117feec .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in sctp_inq_pop
2025/07/19 13:24 upstream 4871b7cb27f4 7117feec .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in sctp_inq_pop
2025/07/19 10:29 upstream 4871b7cb27f4 7117feec .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in sctp_inq_pop
2025/07/19 03:03 upstream d786aba32000 f550e092 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in sctp_inq_pop
2025/07/18 23:14 upstream d786aba32000 f550e092 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in sctp_inq_pop
2025/07/17 04:43 upstream e2291551827f 44f8051e .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in sctp_inq_pop
2025/07/16 03:39 upstream 155a3c003e55 03fcfc4b .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in sctp_inq_pop
2025/07/12 01:34 upstream 40f92e79b0aa 3cda49cf .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in sctp_inq_pop
2025/07/11 04:33 upstream bc9ff192a6c9 3cda49cf .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in sctp_inq_pop
2025/07/11 04:33 upstream bc9ff192a6c9 3cda49cf .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in sctp_inq_pop
2025/07/10 14:13 upstream 8c2e52ebbe88 19d4829f .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in sctp_inq_pop
2025/07/10 00:51 upstream 8c2e52ebbe88 f4e5e155 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in sctp_inq_pop
2025/07/09 01:24 upstream d006330be3f7 abade794 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in sctp_inq_pop
2025/07/08 21:28 upstream d006330be3f7 abade794 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in sctp_inq_pop
2025/07/03 15:40 upstream b4911fb0b060 115ceea7 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in sctp_inq_pop
2025/07/02 15:22 upstream 66701750d556 0cd59a8f .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in sctp_inq_pop
2025/07/01 20:24 upstream 66701750d556 ffe4b334 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in sctp_inq_pop
2025/06/30 23:03 upstream d0b3b7b22dfa 6e83b42d .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in sctp_inq_pop
2025/06/30 15:33 upstream d0b3b7b22dfa fc9d8ee5 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in sctp_inq_pop
2025/06/30 07:21 upstream d0b3b7b22dfa fc9d8ee5 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in sctp_inq_pop
2025/06/30 01:41 upstream d0b3b7b22dfa fc9d8ee5 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in sctp_inq_pop
2025/06/29 16:45 upstream dfba48a70cb6 fc9d8ee5 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in sctp_inq_pop
2025/06/29 12:43 upstream dfba48a70cb6 fc9d8ee5 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in sctp_inq_pop
2025/06/28 13:31 upstream 35e261cd95dd fc9d8ee5 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in sctp_inq_pop
2025/06/27 18:18 upstream 67a993863163 803ce19b .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in sctp_inq_pop
2023/12/19 03:10 upstream 2cf4f94d8e86 3ad490ea .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce KMSAN: uninit-value in sctp_inq_pop
2025/08/03 17:18 upstream 186f3edfdd41 7368264b .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in sctp_inq_pop
2025/08/03 07:48 upstream eacf91b0c78a 7368264b .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in sctp_inq_pop
2025/07/31 18:17 upstream 260f6f4fda93 0c075d67 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in sctp_inq_pop
2025/07/29 00:47 upstream 038d61fd6422 c4a95487 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in sctp_inq_pop
2025/07/28 01:14 upstream ec2df4364666 fb8f743d .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in sctp_inq_pop
2025/07/25 00:35 upstream 25fae0b93d1d fb8f743d .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in sctp_inq_pop
2025/07/17 18:17 upstream e2291551827f 0d1223f1 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in sctp_inq_pop
2025/07/17 07:30 upstream e2291551827f 44f8051e .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in sctp_inq_pop
2025/07/15 20:06 upstream 155a3c003e55 03fcfc4b .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in sctp_inq_pop
2025/07/15 07:27 upstream 155a3c003e55 03fcfc4b .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in sctp_inq_pop
2025/07/15 01:39 upstream 347e9f5043c8 03fcfc4b .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in sctp_inq_pop
2025/07/13 09:24 upstream 3f31a806a62e 3cda49cf .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in sctp_inq_pop
2025/07/13 04:02 upstream 3f31a806a62e 3cda49cf .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in sctp_inq_pop
2025/07/06 14:30 upstream 1f988d0788f5 4f67c4ae .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in sctp_inq_pop
2025/07/05 11:37 upstream a79a588fc176 4f67c4ae .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in sctp_inq_pop
2025/07/05 04:09 upstream 4c06e63b9203 d869b261 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in sctp_inq_pop
2025/07/03 05:26 upstream b4911fb0b060 0cd59a8f .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in sctp_inq_pop
2025/06/28 17:45 upstream aaf724ed6926 fc9d8ee5 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in sctp_inq_pop
2025/06/28 14:53 upstream aaf724ed6926 fc9d8ee5 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in sctp_inq_pop
2025/06/26 04:41 upstream 92ca6c498a5e 26d77996 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in sctp_inq_pop
2023/12/20 03:38 upstream 55cb5f43689d 3ad490ea .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in sctp_inq_pop
2021/11/19 07:31 https://github.com/google/kmsan.git master 412af9cd936d 31a30fc0 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in sctp_inq_pop
* Struck through repros no longer work on HEAD.