[ OK ] Reached target Graphical Interface. Starting Update UTMP about System Runlevel Changes... [ OK ] Started Load/Save RF Kill Switch Status. [ OK ] Started Update UTMP about System Runlevel Changes. Debian GNU/Linux 9 syzkaller ttyS0 syzkaller login: [ 56.390785] can: request_module (can-proto-0) failed. [ 56.405488] can: request_module (can-proto-0) failed. Warning: Permanently added '10.128.10.5' (ECDSA) to the list of known hosts. 2021/07/25 13:54:12 parsed 1 programs 2021/07/25 13:54:12 executed programs: 0 [ 65.955392] chnl_net:caif_netlink_parms(): no params data found [ 65.995649] chnl_net:caif_netlink_parms(): no params data found [ 66.106091] chnl_net:caif_netlink_parms(): no params data found [ 66.118359] chnl_net:caif_netlink_parms(): no params data found [ 66.250479] bridge0: port 1(bridge_slave_0) entered blocking state [ 66.257640] bridge0: port 1(bridge_slave_0) entered disabled state [ 66.266167] device bridge_slave_0 entered promiscuous mode [ 66.363266] bridge0: port 2(bridge_slave_1) entered blocking state [ 66.370025] bridge0: port 2(bridge_slave_1) entered disabled state [ 66.378706] device bridge_slave_1 entered promiscuous mode [ 66.401226] chnl_net:caif_netlink_parms(): no params data found [ 66.455847] bridge0: port 1(bridge_slave_0) entered blocking state [ 66.462863] bridge0: port 1(bridge_slave_0) entered disabled state [ 66.471278] device bridge_slave_0 entered promiscuous mode [ 66.535176] bridge0: port 1(bridge_slave_0) entered blocking state [ 66.542088] bridge0: port 1(bridge_slave_0) entered disabled state [ 66.550487] device bridge_slave_0 entered promiscuous mode [ 66.584171] bridge0: port 2(bridge_slave_1) entered blocking state [ 66.590667] bridge0: port 2(bridge_slave_1) entered disabled state [ 66.599283] device bridge_slave_1 entered promiscuous mode [ 66.635157] bridge0: port 2(bridge_slave_1) entered blocking state [ 66.642006] bridge0: port 2(bridge_slave_1) entered disabled state [ 66.649562] device bridge_slave_1 entered promiscuous mode [ 66.661504] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 66.690173] chnl_net:caif_netlink_parms(): no params data found [ 66.702602] bridge0: port 1(bridge_slave_0) entered blocking state [ 66.710022] bridge0: port 1(bridge_slave_0) entered disabled state [ 66.719024] device bridge_slave_0 entered promiscuous mode [ 66.738923] bridge0: port 2(bridge_slave_1) entered blocking state [ 66.746075] bridge0: port 2(bridge_slave_1) entered disabled state [ 66.754611] device bridge_slave_1 entered promiscuous mode [ 66.770098] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 66.875697] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 66.913351] team0: Port device team_slave_0 added [ 66.934249] team0: Port device team_slave_1 added [ 66.945125] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 66.958518] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 66.984557] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 67.008961] bridge0: port 1(bridge_slave_0) entered blocking state [ 67.016347] bridge0: port 1(bridge_slave_0) entered disabled state [ 67.024784] device bridge_slave_0 entered promiscuous mode [ 67.039100] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 67.048591] bridge0: port 2(bridge_slave_1) entered blocking state [ 67.048774] bridge0: port 2(bridge_slave_1) entered disabled state [ 67.064099] device bridge_slave_1 entered promiscuous mode [ 67.102186] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 67.189710] bridge0: port 1(bridge_slave_0) entered blocking state [ 67.196989] bridge0: port 1(bridge_slave_0) entered disabled state [ 67.205585] device bridge_slave_0 entered promiscuous mode [ 67.219838] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 67.243772] team0: Port device team_slave_0 added [ 67.253739] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 67.282671] team0: Port device team_slave_1 added [ 67.290879] team0: Port device team_slave_0 added [ 67.328508] team0: Port device team_slave_0 added [ 67.334966] bridge0: port 2(bridge_slave_1) entered blocking state [ 67.341527] bridge0: port 2(bridge_slave_1) entered disabled state [ 67.350334] device bridge_slave_1 entered promiscuous mode [ 67.387989] device hsr_slave_0 entered promiscuous mode [ 67.432493] device hsr_slave_1 entered promiscuous mode [ 67.478946] team0: Port device team_slave_1 added [ 67.488324] team0: Port device team_slave_1 added [ 67.555606] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 67.569599] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 67.584509] team0: Port device team_slave_0 added [ 67.606203] team0: Port device team_slave_1 added [ 67.717461] device hsr_slave_0 entered promiscuous mode [ 67.752699] device hsr_slave_1 entered promiscuous mode [ 67.792074] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 67.799619] Cannot create hsr debugfs directory [ 67.917443] device hsr_slave_0 entered promiscuous mode [ 67.963787] device hsr_slave_1 entered promiscuous mode [ 68.002560] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 68.009532] Cannot create hsr debugfs directory [ 68.020485] team0: Port device team_slave_0 added [ 68.030423] team0: Port device team_slave_1 added [ 68.088361] device hsr_slave_0 entered promiscuous mode [ 68.143383] device hsr_slave_1 entered promiscuous mode [ 68.182300] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 68.189296] Cannot create hsr debugfs directory [ 68.258299] device hsr_slave_0 entered promiscuous mode [ 68.302670] device hsr_slave_1 entered promiscuous mode [ 68.342128] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 68.349170] Cannot create hsr debugfs directory [ 68.487218] device hsr_slave_0 entered promiscuous mode [ 68.533224] device hsr_slave_1 entered promiscuous mode [ 68.572242] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 68.579207] Cannot create hsr debugfs directory [ 68.719396] 8021q: adding VLAN 0 to HW filter on device bond0 [ 68.796898] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 68.805272] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 68.836838] 8021q: adding VLAN 0 to HW filter on device team0 [ 68.882473] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 68.894701] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 68.904712] bridge0: port 1(bridge_slave_0) entered blocking state [ 68.911327] bridge0: port 1(bridge_slave_0) entered forwarding state [ 68.928428] 8021q: adding VLAN 0 to HW filter on device bond0 [ 68.935681] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 68.957863] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 68.966745] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 68.975229] bridge0: port 2(bridge_slave_1) entered blocking state [ 68.981742] bridge0: port 2(bridge_slave_1) entered forwarding state [ 69.006663] 8021q: adding VLAN 0 to HW filter on device bond0 [ 69.025480] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 69.042798] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 69.050744] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 69.069450] 8021q: adding VLAN 0 to HW filter on device team0 [ 69.077191] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 69.085180] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 69.110509] 8021q: adding VLAN 0 to HW filter on device bond0 [ 69.122867] 8021q: adding VLAN 0 to HW filter on device team0 [ 69.151756] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 69.161766] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 69.170734] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 69.179005] bridge0: port 1(bridge_slave_0) entered blocking state [ 69.185660] bridge0: port 1(bridge_slave_0) entered forwarding state [ 69.194352] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 69.203081] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 69.211106] bridge0: port 1(bridge_slave_0) entered blocking state [ 69.217723] bridge0: port 1(bridge_slave_0) entered forwarding state [ 69.229355] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 69.237859] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 69.246207] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 69.255608] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 69.308847] 8021q: adding VLAN 0 to HW filter on device bond0 [ 69.324794] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 69.333514] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 69.341356] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 69.349519] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 69.358320] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 69.366777] bridge0: port 2(bridge_slave_1) entered blocking state [ 69.373422] bridge0: port 2(bridge_slave_1) entered forwarding state [ 69.380873] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 69.390408] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 69.399320] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 69.407844] bridge0: port 2(bridge_slave_1) entered blocking state [ 69.414547] bridge0: port 2(bridge_slave_1) entered forwarding state [ 69.427266] 8021q: adding VLAN 0 to HW filter on device team0 [ 69.443912] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 69.453900] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 69.483917] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 69.493558] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 69.503053] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 69.511595] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 69.533276] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 69.541715] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 69.550642] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 69.560335] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 69.569614] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 69.590667] 8021q: adding VLAN 0 to HW filter on device team0 [ 69.605340] 8021q: adding VLAN 0 to HW filter on device bond0 [ 69.616655] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 69.633126] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 69.641707] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 69.651208] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 69.659711] bridge0: port 1(bridge_slave_0) entered blocking state [ 69.666522] bridge0: port 1(bridge_slave_0) entered forwarding state [ 69.674919] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 69.682973] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 69.690414] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 69.699837] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 69.709111] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 69.718451] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 69.728746] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 69.737239] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 69.756786] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 69.766486] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 69.791218] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 69.801660] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 69.817706] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 69.826589] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 69.835972] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 69.844780] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 69.881054] 8021q: adding VLAN 0 to HW filter on device team0 [ 69.893162] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 69.901042] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 69.910124] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 69.918689] bridge0: port 2(bridge_slave_1) entered blocking state [ 69.925410] bridge0: port 2(bridge_slave_1) entered forwarding state [ 69.933791] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 69.942482] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 69.950638] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 69.960331] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 69.969206] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 69.977736] bridge0: port 1(bridge_slave_0) entered blocking state [ 69.984475] bridge0: port 1(bridge_slave_0) entered forwarding state [ 69.992113] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 69.999826] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 70.007822] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 70.022216] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 70.030409] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 70.039135] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 70.068619] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 70.125751] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 70.134927] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 70.143403] bridge0: port 1(bridge_slave_0) entered blocking state [ 70.149934] bridge0: port 1(bridge_slave_0) entered forwarding state [ 70.158286] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 70.167221] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 70.175619] bridge0: port 2(bridge_slave_1) entered blocking state [ 70.182345] bridge0: port 2(bridge_slave_1) entered forwarding state [ 70.190873] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 70.200368] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 70.209761] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 70.218518] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 70.227812] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 70.236677] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 70.245228] bridge0: port 2(bridge_slave_1) entered blocking state [ 70.252299] bridge0: port 2(bridge_slave_1) entered forwarding state [ 70.259744] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 70.269621] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready [ 70.279356] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 70.290447] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 70.299301] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 70.311178] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 70.324682] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 70.357810] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 70.366599] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 70.375417] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 70.384301] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 70.393026] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 70.402737] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 70.412133] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 70.421411] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 70.436084] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 70.478976] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 70.503505] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 70.512271] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 70.520666] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready [ 70.530745] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready [ 70.540041] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 70.558957] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 70.570933] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 70.615155] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready [ 70.624241] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 70.632924] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 70.642132] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready [ 70.651429] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 70.660663] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 70.669328] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 70.689045] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 70.701701] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready [ 70.744457] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 70.751534] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 70.760500] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 70.777083] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 70.794725] 8021q: adding VLAN 0 to HW filter on device batadv0 2021/07/25 13:54:18 executed programs: 6 [ 70.934861] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 73.883663] ===================================================== [ 73.889953] BUG: KMSAN: uninit-value in ip6_parse_tlv+0x85e/0xc90 [ 73.896217] CPU: 0 PID: 6590 Comm: syz-executor.4 Not tainted 5.13.0-syzkaller #0 [ 73.903855] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 73.913221] Call Trace: [ 73.915809] dump_stack+0x1ff/0x280 [ 73.919466] kmsan_report+0xfb/0x1e0 [ 73.923204] __msan_warning+0x5c/0xa0 [ 73.927294] ip6_parse_tlv+0x85e/0xc90 [ 73.931214] ipv6_destopt_rcv+0x5c4/0xdb0 [ 73.935481] ip6_protocol_deliver_rcu+0x18c3/0x23b0 [ 73.940537] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 73.945668] ip6_sublist_rcv_finish+0x4fd/0x780 [ 73.950363] ? ip6_input+0x340/0x340 [ 73.954134] ip6_sublist_rcv+0x12af/0x1320 [ 73.958399] ? local_bh_enable+0x40/0x40 [ 73.962504] ipv6_list_rcv+0x914/0x980 [ 73.966597] ? ip6_rcv_core+0x1ed0/0x1ed0 [ 73.970765] __netif_receive_skb_list_core+0xfd7/0x14c0 [ 73.976149] ? kmsan_get_metadata+0x11d/0x180 [ 73.980694] netif_receive_skb_list_internal+0xfd1/0x1680 [ 73.986269] ? __list_add_valid+0xb8/0x420 [ 73.990620] ? kmsan_get_metadata+0x11d/0x180 [ 73.995145] napi_gro_frags+0x14bc/0x23a0 [ 73.999324] tun_get_user+0x59f9/0x7420 [ 74.003357] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 74.008842] ? futex_wait_queue_me+0x621/0x6c0 [ 74.013497] ? kmsan_get_metadata+0x11d/0x180 [ 74.018014] tun_chr_write_iter+0x34e/0x400 [ 74.022353] ? tun_chr_read_iter+0x530/0x530 [ 74.026776] do_iter_readv_writev+0x867/0xaa0 [ 74.031299] ? tun_chr_read_iter+0x530/0x530 [ 74.035722] do_iter_write+0x2f2/0xe20 [ 74.039625] ? import_iovec+0x1d3/0x1f0 [ 74.043626] do_writev+0x4bf/0xb70 [ 74.047195] ? kmsan_get_metadata+0x11d/0x180 [ 74.051707] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 74.056820] ? kmsan_get_metadata+0x4f/0x180 [ 74.061237] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 74.066357] __x64_sys_writev+0xe5/0x120 [ 74.070429] do_syscall_64+0xcc/0x180 [ 74.074498] ? syscall_exit_to_user_mode+0x3a/0x220 [ 74.079532] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 74.084743] RIP: 0033:0x4601ed [ 74.088016] Code: 28 89 54 24 1c 48 89 74 24 10 89 7c 24 08 e8 0a 2b 02 00 8b 54 24 1c 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 14 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 33 44 89 c7 48 89 44 24 08 e8 3e 2b 02 00 48 [ 74.107014] RSP: 002b:00007fa8c79230a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000014 [ 74.114880] RAX: ffffffffffffffda RBX: 000000000052bf00 RCX: 00000000004601ed [ 74.122519] RDX: 0000000000000001 RSI: 00007fa8c7923110 RDI: 00000000000000f0 [ 74.129810] RBP: 0000000020000180 R08: 0000000000000000 R09: 0000000000000000 [ 74.137092] R10: 0000000000000049 R11: 0000000000000293 R12: 00000000ffffffff [ 74.144379] R13: 0000000000000003 R14: 000000000000004e R15: 00007fa8c79236bc [ 74.151671] [ 74.153294] Uninit was stored to memory at: [ 74.157606] kmsan_internal_chain_origin+0xad/0x130 [ 74.162641] kmsan_memcpy_memmove_metadata+0x25e/0x2d0 [ 74.167939] kmsan_memcpy_metadata+0xb/0x10 [ 74.172362] __msan_memcpy+0x46/0x60 [ 74.176091] pskb_expand_head+0x381/0x1ad0 [ 74.180346] inet_frag_reasm_prepare+0xa69/0x1440 [ 74.185206] nf_ct_frag6_gather+0x2815/0x3950 [ 74.189720] ipv6_defrag+0x538/0x650 [ 74.193442] nf_hook_slow_list+0x34f/0xaf0 [ 74.197692] ip6_sublist_rcv+0x1b2/0x1320 [ 74.201857] ipv6_list_rcv+0x914/0x980 [ 74.205844] __netif_receive_skb_list_core+0xfd7/0x14c0 [ 74.211226] netif_receive_skb_list_internal+0xfd1/0x1680 [ 74.216771] napi_gro_frags+0x14bc/0x23a0 [ 74.220917] tun_get_user+0x59f9/0x7420 [ 74.225013] tun_chr_write_iter+0x34e/0x400 [ 74.229334] do_iter_readv_writev+0x867/0xaa0 [ 74.233843] do_iter_write+0x2f2/0xe20 [ 74.237722] do_writev+0x4bf/0xb70 [ 74.241253] __x64_sys_writev+0xe5/0x120 [ 74.245308] do_syscall_64+0xcc/0x180 [ 74.249191] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 74.254377] [ 74.255998] Uninit was created at: [ 74.259515] kmsan_internal_poison_memory+0x66/0xd0 [ 74.264528] kmsan_slab_alloc+0x8e/0xe0 [ 74.268494] __kmalloc_node_track_caller+0xaf3/0x1520 [ 74.273685] __alloc_skb+0x438/0xd80 [ 74.277395] __napi_alloc_skb+0x34c/0xbc0 [ 74.281535] napi_get_frags+0xd1/0x2a0 [ 74.285418] tun_get_user+0x14b0/0x7420 [ 74.289385] tun_chr_write_iter+0x34e/0x400 [ 74.293699] do_iter_readv_writev+0x867/0xaa0 [ 74.298185] do_iter_write+0x2f2/0xe20 [ 74.302062] do_writev+0x4bf/0xb70 [ 74.305593] __x64_sys_writev+0xe5/0x120 [ 74.309644] do_syscall_64+0xcc/0x180 [ 74.313435] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 74.318621] ===================================================== [ 74.324844] Disabling lock debugging due to kernel taint [ 74.330847] ===================================================== [ 74.337071] BUG: KMSAN: uninit-value in ip6_parse_tlv+0x884/0xc90 [ 74.343330] CPU: 0 PID: 6590 Comm: syz-executor.4 Tainted: G B 5.13.0-syzkaller #0 [ 74.352355] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 74.361720] Call Trace: [ 74.364310] dump_stack+0x1ff/0x280 [ 74.367977] kmsan_report+0xfb/0x1e0 [ 74.371714] __msan_warning+0x5c/0xa0 [ 74.375548] ip6_parse_tlv+0x884/0xc90 [ 74.379463] ipv6_destopt_rcv+0x5c4/0xdb0 [ 74.383651] ip6_protocol_deliver_rcu+0x18c3/0x23b0 [ 74.388699] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 74.394146] ip6_sublist_rcv_finish+0x4fd/0x780 [ 74.398842] ? ip6_input+0x340/0x340 [ 74.402587] ip6_sublist_rcv+0x12af/0x1320 [ 74.406846] ? local_bh_enable+0x40/0x40 [ 74.410920] ipv6_list_rcv+0x914/0x980 [ 74.414829] ? ip6_rcv_core+0x1ed0/0x1ed0 [ 74.418984] __netif_receive_skb_list_core+0xfd7/0x14c0 [ 74.424346] ? kmsan_get_metadata+0x11d/0x180 [ 74.428846] netif_receive_skb_list_internal+0xfd1/0x1680 [ 74.434386] ? __list_add_valid+0xb8/0x420 [ 74.438621] ? kmsan_get_metadata+0x11d/0x180 [ 74.443118] napi_gro_frags+0x14bc/0x23a0 [ 74.447271] tun_get_user+0x59f9/0x7420 [ 74.451236] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 74.456683] ? futex_wait_queue_me+0x621/0x6c0 [ 74.461269] ? kmsan_get_metadata+0x11d/0x180 [ 74.465762] tun_chr_write_iter+0x34e/0x400 [ 74.470089] ? tun_chr_read_iter+0x530/0x530 [ 74.474497] do_iter_readv_writev+0x867/0xaa0 [ 74.478994] ? tun_chr_read_iter+0x530/0x530 [ 74.483397] do_iter_write+0x2f2/0xe20 [ 74.487282] ? import_iovec+0x1d3/0x1f0 [ 74.491256] do_writev+0x4bf/0xb70 [ 74.494798] ? kmsan_get_metadata+0x11d/0x180 [ 74.499305] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 74.504405] ? kmsan_get_metadata+0x4f/0x180 [ 74.508813] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 74.513953] __x64_sys_writev+0xe5/0x120 [ 74.518448] do_syscall_64+0xcc/0x180 [ 74.522505] ? syscall_exit_to_user_mode+0x3a/0x220 [ 74.527717] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 74.533019] RIP: 0033:0x4601ed [ 74.536204] Code: 28 89 54 24 1c 48 89 74 24 10 89 7c 24 08 e8 0a 2b 02 00 8b 54 24 1c 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 14 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 33 44 89 c7 48 89 44 24 08 e8 3e 2b 02 00 48 [ 74.555121] RSP: 002b:00007fa8c79230a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000014 [ 74.562827] RAX: ffffffffffffffda RBX: 000000000052bf00 RCX: 00000000004601ed [ 74.570349] RDX: 0000000000000001 RSI: 00007fa8c7923110 RDI: 00000000000000f0 [ 74.577611] RBP: 0000000020000180 R08: 0000000000000000 R09: 0000000000000000 [ 74.584872] R10: 0000000000000049 R11: 0000000000000293 R12: 00000000ffffffff [ 74.592133] R13: 0000000000000003 R14: 000000000000004e R15: 00007fa8c79236bc [ 74.599412] [ 74.601065] Uninit was stored to memory at: [ 74.605367] kmsan_internal_chain_origin+0xad/0x130 [ 74.610383] kmsan_memcpy_memmove_metadata+0x25e/0x2d0 [ 74.615655] kmsan_memcpy_metadata+0xb/0x10 [ 74.620076] __msan_memcpy+0x46/0x60 [ 74.623881] pskb_expand_head+0x381/0x1ad0 [ 74.628115] inet_frag_reasm_prepare+0xa69/0x1440 [ 74.632990] nf_ct_frag6_gather+0x2815/0x3950 [ 74.637479] ipv6_defrag+0x538/0x650 [ 74.641183] nf_hook_slow_list+0x34f/0xaf0 [ 74.645414] ip6_sublist_rcv+0x1b2/0x1320 [ 74.649555] ipv6_list_rcv+0x914/0x980 [ 74.653436] __netif_receive_skb_list_core+0xfd7/0x14c0 [ 74.658924] netif_receive_skb_list_internal+0xfd1/0x1680 [ 74.664472] napi_gro_frags+0x14bc/0x23a0 [ 74.668615] tun_get_user+0x59f9/0x7420 [ 74.672587] tun_chr_write_iter+0x34e/0x400 [ 74.676910] do_iter_readv_writev+0x867/0xaa0 [ 74.681410] do_iter_write+0x2f2/0xe20 [ 74.685288] do_writev+0x4bf/0xb70 [ 74.688888] __x64_sys_writev+0xe5/0x120 [ 74.693125] do_syscall_64+0xcc/0x180 [ 74.697019] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 74.702321] [ 74.703961] Uninit was created at: [ 74.707498] kmsan_internal_poison_memory+0x66/0xd0 [ 74.712700] kmsan_slab_alloc+0x8e/0xe0 [ 74.716716] __kmalloc_node_track_caller+0xaf3/0x1520 [ 74.721905] __alloc_skb+0x438/0xd80 [ 74.725632] __napi_alloc_skb+0x34c/0xbc0 [ 74.729786] napi_get_frags+0xd1/0x2a0 [ 74.733679] tun_get_user+0x14b0/0x7420 [ 74.737658] tun_chr_write_iter+0x34e/0x400 [ 74.741973] do_iter_readv_writev+0x867/0xaa0 [ 74.746471] do_iter_write+0x2f2/0xe20 [ 74.750348] do_writev+0x4bf/0xb70 [ 74.753965] __x64_sys_writev+0xe5/0x120 [ 74.758032] do_syscall_64+0xcc/0x180 [ 74.761831] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 74.767016] ===================================================== [ 74.773410] ===================================================== [ 74.779634] BUG: KMSAN: uninit-value in ip6_parse_tlv+0xa12/0xc90 [ 74.785889] CPU: 0 PID: 6590 Comm: syz-executor.4 Tainted: G B 5.13.0-syzkaller #0 [ 74.794910] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 74.804291] Call Trace: [ 74.806890] dump_stack+0x1ff/0x280 [ 74.810541] kmsan_report+0xfb/0x1e0 [ 74.814454] __msan_warning+0x5c/0xa0 [ 74.818282] ip6_parse_tlv+0xa12/0xc90 [ 74.822199] ipv6_destopt_rcv+0x5c4/0xdb0 [ 74.826381] ip6_protocol_deliver_rcu+0x18c3/0x23b0 [ 74.831432] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 74.836566] ip6_sublist_rcv_finish+0x4fd/0x780 [ 74.842654] ? ip6_input+0x340/0x340 [ 74.846390] ip6_sublist_rcv+0x12af/0x1320 [ 74.850739] ? local_bh_enable+0x40/0x40 [ 74.854912] ipv6_list_rcv+0x914/0x980 [ 74.858831] ? ip6_rcv_core+0x1ed0/0x1ed0 [ 74.863004] __netif_receive_skb_list_core+0xfd7/0x14c0 [ 74.868739] ? kmsan_get_metadata+0x11d/0x180 [ 74.873354] netif_receive_skb_list_internal+0xfd1/0x1680 [ 74.878923] ? __list_add_valid+0xb8/0x420 [ 74.883182] ? kmsan_get_metadata+0x11d/0x180 [ 74.887707] napi_gro_frags+0x14bc/0x23a0 [ 74.891891] tun_get_user+0x59f9/0x7420 [ 74.895881] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 74.901354] ? futex_wait_queue_me+0x621/0x6c0 [ 74.905971] ? kmsan_get_metadata+0x11d/0x180 [ 74.910490] tun_chr_write_iter+0x34e/0x400 [ 74.914837] ? tun_chr_read_iter+0x530/0x530 [ 74.919273] do_iter_readv_writev+0x867/0xaa0 [ 74.923805] ? tun_chr_read_iter+0x530/0x530 [ 74.928256] do_iter_write+0x2f2/0xe20 [ 74.932171] ? import_iovec+0x1d3/0x1f0 [ 74.936174] do_writev+0x4bf/0xb70 [ 74.939739] ? kmsan_get_metadata+0x11d/0x180 [ 74.945035] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 74.950168] ? kmsan_get_metadata+0x4f/0x180 [ 74.954685] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 74.959814] __x64_sys_writev+0xe5/0x120 [ 74.963896] do_syscall_64+0xcc/0x180 [ 74.967718] ? syscall_exit_to_user_mode+0x3a/0x220 [ 74.972761] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 74.977972] RIP: 0033:0x4601ed [ 74.981266] Code: 28 89 54 24 1c 48 89 74 24 10 89 7c 24 08 e8 0a 2b 02 00 8b 54 24 1c 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 14 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 33 44 89 c7 48 89 44 24 08 e8 3e 2b 02 00 48 [ 75.000796] RSP: 002b:00007fa8c79230a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000014 [ 75.008531] RAX: ffffffffffffffda RBX: 000000000052bf00 RCX: 00000000004601ed [ 75.015814] RDX: 0000000000000001 RSI: 00007fa8c7923110 RDI: 00000000000000f0 [ 75.023095] RBP: 0000000020000180 R08: 0000000000000000 R09: 0000000000000000 [ 75.030385] R10: 0000000000000049 R11: 0000000000000293 R12: 00000000ffffffff [ 75.037665] R13: 0000000000000003 R14: 000000000000004e R15: 00007fa8c79236bc [ 75.044961] [ 75.046587] Uninit was stored to memory at: [ 75.051008] kmsan_internal_chain_origin+0xad/0x130 [ 75.056046] kmsan_memcpy_memmove_metadata+0x25e/0x2d0 [ 75.061345] kmsan_memcpy_metadata+0xb/0x10 [ 75.065688] __msan_memcpy+0x46/0x60 [ 75.069417] pskb_expand_head+0x381/0x1ad0 [ 75.073701] inet_frag_reasm_prepare+0xa69/0x1440 [ 75.078563] nf_ct_frag6_gather+0x2815/0x3950 [ 75.083136] ipv6_defrag+0x538/0x650 [ 75.086854] nf_hook_slow_list+0x34f/0xaf0 [ 75.091083] ip6_sublist_rcv+0x1b2/0x1320 [ 75.095230] ipv6_list_rcv+0x914/0x980 [ 75.099112] __netif_receive_skb_list_core+0xfd7/0x14c0 [ 75.104471] netif_receive_skb_list_internal+0xfd1/0x1680 [ 75.110036] napi_gro_frags+0x14bc/0x23a0 [ 75.114183] tun_get_user+0x59f9/0x7420 [ 75.118152] tun_chr_write_iter+0x34e/0x400 [ 75.122472] do_iter_readv_writev+0x867/0xaa0 [ 75.127049] do_iter_write+0x2f2/0xe20 [ 75.130928] do_writev+0x4bf/0xb70 [ 75.134462] __x64_sys_writev+0xe5/0x120 [ 75.138518] do_syscall_64+0xcc/0x180 [ 75.142312] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 75.147508] [ 75.149116] Uninit was created at: [ 75.152633] kmsan_internal_poison_memory+0x66/0xd0 [ 75.157657] kmsan_slab_alloc+0x8e/0xe0 [ 75.161885] __kmalloc_node_track_caller+0xaf3/0x1520 [ 75.167079] __alloc_skb+0x438/0xd80 [ 75.170788] __napi_alloc_skb+0x34c/0xbc0 [ 75.174927] napi_get_frags+0xd1/0x2a0 [ 75.178810] tun_get_user+0x14b0/0x7420 [ 75.182774] tun_chr_write_iter+0x34e/0x400 [ 75.187176] do_iter_readv_writev+0x867/0xaa0 [ 75.191675] do_iter_write+0x2f2/0xe20 [ 75.195550] do_writev+0x4bf/0xb70 [ 75.199080] __x64_sys_writev+0xe5/0x120 [ 75.203130] do_syscall_64+0xcc/0x180 [ 75.206924] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 75.212108] ===================================================== [ 75.218648] ===================================================== [ 75.224878] BUG: KMSAN: uninit-value in ip6_parse_tlv+0x85e/0xc90 [ 75.231127] CPU: 0 PID: 6590 Comm: syz-executor.4 Tainted: G B 5.13.0-syzkaller #0 [ 75.240152] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 75.249515] Call Trace: [ 75.252196] dump_stack+0x1ff/0x280 [ 75.255845] kmsan_report+0xfb/0x1e0 [ 75.259578] __msan_warning+0x5c/0xa0 [ 75.263386] ip6_parse_tlv+0x85e/0xc90 [ 75.267278] ipv6_destopt_rcv+0x5c4/0xdb0 [ 75.271428] ip6_protocol_deliver_rcu+0x18c3/0x23b0 [ 75.276445] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 75.281562] ip6_sublist_rcv_finish+0x4fd/0x780 [ 75.286231] ? ip6_input+0x340/0x340 [ 75.289948] ip6_sublist_rcv+0x12af/0x1320 [ 75.294209] ? local_bh_enable+0x40/0x40 [ 75.298272] ipv6_list_rcv+0x914/0x980 [ 75.302174] ? ip6_rcv_core+0x1ed0/0x1ed0 [ 75.306327] __netif_receive_skb_list_core+0xfd7/0x14c0 [ 75.311694] ? kmsan_get_metadata+0x11d/0x180 [ 75.316193] netif_receive_skb_list_internal+0xfd1/0x1680 [ 75.321732] ? __list_add_valid+0xb8/0x420 [ 75.325980] ? kmsan_get_metadata+0x11d/0x180 [ 75.330472] napi_gro_frags+0x14bc/0x23a0 [ 75.334632] tun_get_user+0x59f9/0x7420 [ 75.338603] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 75.344050] ? futex_wait_queue_me+0x621/0x6c0 [ 75.348638] ? kmsan_get_metadata+0x11d/0x180 [ 75.353131] tun_chr_write_iter+0x34e/0x400 [ 75.357449] ? tun_chr_read_iter+0x530/0x530 [ 75.361871] do_iter_readv_writev+0x867/0xaa0 [ 75.366368] ? tun_chr_read_iter+0x530/0x530 [ 75.370774] do_iter_write+0x2f2/0xe20 [ 75.374684] ? import_iovec+0x1d3/0x1f0 [ 75.378659] do_writev+0x4bf/0xb70 [ 75.382199] ? kmsan_get_metadata+0x11d/0x180 [ 75.386783] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 75.392156] ? kmsan_get_metadata+0x4f/0x180 [ 75.396583] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 75.401701] __x64_sys_writev+0xe5/0x120 [ 75.405763] do_syscall_64+0xcc/0x180 [ 75.409579] ? syscall_exit_to_user_mode+0x3a/0x220 [ 75.414610] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 75.419823] RIP: 0033:0x4601ed [ 75.423381] Code: 28 89 54 24 1c 48 89 74 24 10 89 7c 24 08 e8 0a 2b 02 00 8b 54 24 1c 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 14 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 33 44 89 c7 48 89 44 24 08 e8 3e 2b 02 00 48 [ 75.443036] RSP: 002b:00007fa8c79230a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000014 [ 75.450758] RAX: ffffffffffffffda RBX: 000000000052bf00 RCX: 00000000004601ed [ 75.458020] RDX: 0000000000000001 RSI: 00007fa8c7923110 RDI: 00000000000000f0 [ 75.465458] RBP: 0000000020000180 R08: 0000000000000000 R09: 0000000000000000 [ 75.472719] R10: 0000000000000049 R11: 0000000000000293 R12: 00000000ffffffff [ 75.480088] R13: 0000000000000003 R14: 000000000000004e R15: 00007fa8c79236bc [ 75.487370] [ 75.489009] Uninit was stored to memory at: [ 75.493310] kmsan_internal_chain_origin+0xad/0x130 [ 75.498328] kmsan_memcpy_memmove_metadata+0x25e/0x2d0 [ 75.503600] kmsan_memcpy_metadata+0xb/0x10 [ 75.507926] __msan_memcpy+0x46/0x60 [ 75.511632] pskb_expand_head+0x381/0x1ad0 [ 75.515861] inet_frag_reasm_prepare+0xa69/0x1440 [ 75.520699] nf_ct_frag6_gather+0x2815/0x3950 [ 75.525361] ipv6_defrag+0x538/0x650 [ 75.529064] nf_hook_slow_list+0x34f/0xaf0 [ 75.533305] ip6_sublist_rcv+0x1b2/0x1320 [ 75.537474] ipv6_list_rcv+0x914/0x980 [ 75.541352] __netif_receive_skb_list_core+0xfd7/0x14c0 [ 75.546709] netif_receive_skb_list_internal+0xfd1/0x1680 [ 75.552245] napi_gro_frags+0x14bc/0x23a0 [ 75.556390] tun_get_user+0x59f9/0x7420 [ 75.560355] tun_chr_write_iter+0x34e/0x400 [ 75.564669] do_iter_readv_writev+0x867/0xaa0 [ 75.569158] do_iter_write+0x2f2/0xe20 [ 75.573034] do_writev+0x4bf/0xb70 [ 75.576565] __x64_sys_writev+0xe5/0x120 [ 75.580615] do_syscall_64+0xcc/0x180 [ 75.584408] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 75.589693] [ 75.591300] Uninit was created at: [ 75.594991] kmsan_internal_poison_memory+0x66/0xd0 [ 75.600002] kmsan_slab_alloc+0x8e/0xe0 [ 75.603971] __kmalloc_node_track_caller+0xaf3/0x1520 [ 75.609166] __alloc_skb+0x438/0xd80 [ 75.612870] __napi_alloc_skb+0x34c/0xbc0 [ 75.617011] napi_get_frags+0xd1/0x2a0 [ 75.620913] tun_get_user+0x14b0/0x7420 [ 75.624878] tun_chr_write_iter+0x34e/0x400 [ 75.629192] do_iter_readv_writev+0x867/0xaa0 [ 75.633679] do_iter_write+0x2f2/0xe20 [ 75.637565] do_writev+0x4bf/0xb70 [ 75.641099] __x64_sys_writev+0xe5/0x120 [ 75.645153] do_syscall_64+0xcc/0x180 [ 75.649039] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 75.654226] ===================================================== [ 75.660578] ===================================================== [ 75.666803] BUG: KMSAN: uninit-value in ip6_parse_tlv+0x884/0xc90 [ 75.673061] CPU: 0 PID: 6590 Comm: syz-executor.4 Tainted: G B 5.13.0-syzkaller #0 [ 75.682087] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 75.691463] Call Trace: [ 75.694086] dump_stack+0x1ff/0x280 [ 75.697742] kmsan_report+0xfb/0x1e0 [ 75.701479] __msan_warning+0x5c/0xa0 [ 75.705341] ip6_parse_tlv+0x884/0xc90 [ 75.709781] ipv6_destopt_rcv+0x5c4/0xdb0 [ 75.714087] ip6_protocol_deliver_rcu+0x18c3/0x23b0 [ 75.719227] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 75.724458] ip6_sublist_rcv_finish+0x4fd/0x780 [ 75.729154] ? ip6_input+0x340/0x340 [ 75.732884] ip6_sublist_rcv+0x12af/0x1320 [ 75.737683] ? local_bh_enable+0x40/0x40 [ 75.741781] ipv6_list_rcv+0x914/0x980 [ 75.745690] ? ip6_rcv_core+0x1ed0/0x1ed0 [ 75.749943] __netif_receive_skb_list_core+0xfd7/0x14c0 [ 75.755339] ? kmsan_get_metadata+0x11d/0x180 [ 75.759866] netif_receive_skb_list_internal+0xfd1/0x1680 [ 75.765431] ? __list_add_valid+0xb8/0x420 [ 75.769688] ? kmsan_get_metadata+0x11d/0x180 [ 75.774206] napi_gro_frags+0x14bc/0x23a0 [ 75.778386] tun_get_user+0x59f9/0x7420 [ 75.782383] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 75.787857] ? futex_wait_queue_me+0x621/0x6c0 [ 75.792469] ? kmsan_get_metadata+0x11d/0x180 [ 75.796985] tun_chr_write_iter+0x34e/0x400 [ 75.802193] ? tun_chr_read_iter+0x530/0x530 [ 75.806704] do_iter_readv_writev+0x867/0xaa0 [ 75.811246] ? tun_chr_read_iter+0x530/0x530 [ 75.815659] do_iter_write+0x2f2/0xe20 [ 75.819664] ? import_iovec+0x1d3/0x1f0 [ 75.823664] do_writev+0x4bf/0xb70 [ 75.827210] ? kmsan_get_metadata+0x11d/0x180 [ 75.831716] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 75.837117] ? kmsan_get_metadata+0x4f/0x180 [ 75.841541] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 75.846648] __x64_sys_writev+0xe5/0x120 [ 75.850713] do_syscall_64+0xcc/0x180 [ 75.854515] ? syscall_exit_to_user_mode+0x3a/0x220 [ 75.859626] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 75.864824] RIP: 0033:0x4601ed [ 75.868012] Code: 28 89 54 24 1c 48 89 74 24 10 89 7c 24 08 e8 0a 2b 02 00 8b 54 24 1c 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 14 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 33 44 89 c7 48 89 44 24 08 e8 3e 2b 02 00 48 [ 75.886924] RSP: 002b:00007fa8c79230a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000014 [ 75.894819] RAX: ffffffffffffffda RBX: 000000000052bf00 RCX: 00000000004601ed [ 75.902089] RDX: 0000000000000001 RSI: 00007fa8c7923110 RDI: 00000000000000f0 [ 75.909410] RBP: 0000000020000180 R08: 0000000000000000 R09: 0000000000000000 [ 75.916671] R10: 0000000000000049 R11: 0000000000000293 R12: 00000000ffffffff [ 75.923949] R13: 0000000000000003 R14: 000000000000004e R15: 00007fa8c79236bc [ 75.931304] [ 75.932914] Uninit was stored to memory at: [ 75.937215] kmsan_internal_chain_origin+0xad/0x130 [ 75.942234] kmsan_memcpy_memmove_metadata+0x25e/0x2d0 [ 75.947514] kmsan_memcpy_metadata+0xb/0x10 [ 75.951839] __msan_memcpy+0x46/0x60 [ 75.955548] pskb_expand_head+0x381/0x1ad0 [ 75.959778] inet_frag_reasm_prepare+0xa69/0x1440 [ 75.964704] nf_ct_frag6_gather+0x2815/0x3950 [ 75.969192] ipv6_defrag+0x538/0x650 [ 75.972897] nf_hook_slow_list+0x34f/0xaf0 [ 75.977127] ip6_sublist_rcv+0x1b2/0x1320 [ 75.981275] ipv6_list_rcv+0x914/0x980 [ 75.985154] __netif_receive_skb_list_core+0xfd7/0x14c0 [ 75.990523] netif_receive_skb_list_internal+0xfd1/0x1680 [ 75.996163] napi_gro_frags+0x14bc/0x23a0 [ 76.000325] tun_get_user+0x59f9/0x7420 [ 76.004299] tun_chr_write_iter+0x34e/0x400 [ 76.008615] do_iter_readv_writev+0x867/0xaa0 [ 76.013116] do_iter_write+0x2f2/0xe20 [ 76.017016] do_writev+0x4bf/0xb70 [ 76.020559] __x64_sys_writev+0xe5/0x120 [ 76.024710] do_syscall_64+0xcc/0x180 [ 76.028504] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 76.033694] [ 76.035331] Uninit was created at: [ 76.038851] kmsan_internal_poison_memory+0x66/0xd0 [ 76.043866] kmsan_slab_alloc+0x8e/0xe0 [ 76.047837] __kmalloc_node_track_caller+0xaf3/0x1520 [ 76.053022] __alloc_skb+0x438/0xd80 [ 76.056749] __napi_alloc_skb+0x34c/0xbc0 [ 76.060895] napi_get_frags+0xd1/0x2a0 [ 76.064779] tun_get_user+0x14b0/0x7420 [ 76.068755] tun_chr_write_iter+0x34e/0x400 [ 76.073129] do_iter_readv_writev+0x867/0xaa0 [ 76.077644] do_iter_write+0x2f2/0xe20 [ 76.081541] do_writev+0x4bf/0xb70 [ 76.085093] __x64_sys_writev+0xe5/0x120 [ 76.089147] do_syscall_64+0xcc/0x180 [ 76.092948] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 76.098311] ===================================================== [ 76.104723] ===================================================== [ 76.110951] BUG: KMSAN: uninit-value in ip6_parse_tlv+0xa12/0xc90 [ 76.117216] CPU: 0 PID: 6590 Comm: syz-executor.4 Tainted: G B 5.13.0-syzkaller #0 [ 76.126327] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 76.135690] Call Trace: [ 76.138285] dump_stack+0x1ff/0x280 [ 76.141937] kmsan_report+0xfb/0x1e0 [ 76.145672] __msan_warning+0x5c/0xa0 [ 76.149579] ip6_parse_tlv+0xa12/0xc90 [ 76.153494] ipv6_destopt_rcv+0x5c4/0xdb0 [ 76.157680] ip6_protocol_deliver_rcu+0x18c3/0x23b0 [ 76.162719] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 76.167853] ip6_sublist_rcv_finish+0x4fd/0x780 [ 76.172582] ? ip6_input+0x340/0x340 [ 76.176320] ip6_sublist_rcv+0x12af/0x1320 [ 76.180596] ? local_bh_enable+0x40/0x40 [ 76.184674] ipv6_list_rcv+0x914/0x980 [ 76.188582] ? ip6_rcv_core+0x1ed0/0x1ed0 [ 76.192741] __netif_receive_skb_list_core+0xfd7/0x14c0 [ 76.198158] ? kmsan_get_metadata+0x11d/0x180 [ 76.202686] netif_receive_skb_list_internal+0xfd1/0x1680 [ 76.208252] ? __list_add_valid+0xb8/0x420 [ 76.212508] ? kmsan_get_metadata+0x11d/0x180 [ 76.217050] napi_gro_frags+0x14bc/0x23a0 [ 76.221234] tun_get_user+0x59f9/0x7420 [ 76.225239] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 76.230692] ? futex_wait_queue_me+0x621/0x6c0 [ 76.235284] ? kmsan_get_metadata+0x11d/0x180 [ 76.239778] tun_chr_write_iter+0x34e/0x400 [ 76.244116] ? tun_chr_read_iter+0x530/0x530 [ 76.248525] do_iter_readv_writev+0x867/0xaa0 [ 76.253031] ? tun_chr_read_iter+0x530/0x530 [ 76.257439] do_iter_write+0x2f2/0xe20 [ 76.261412] ? import_iovec+0x1d3/0x1f0 [ 76.265388] do_writev+0x4bf/0xb70 [ 76.268933] ? kmsan_get_metadata+0x11d/0x180 [ 76.273428] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 76.278531] ? kmsan_get_metadata+0x4f/0x180 [ 76.282941] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 76.288318] __x64_sys_writev+0xe5/0x120 [ 76.292376] do_syscall_64+0xcc/0x180 [ 76.296191] ? syscall_exit_to_user_mode+0x3a/0x220 [ 76.301209] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 76.306430] RIP: 0033:0x4601ed [ 76.309614] Code: 28 89 54 24 1c 48 89 74 24 10 89 7c 24 08 e8 0a 2b 02 00 8b 54 24 1c 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 14 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 33 44 89 c7 48 89 44 24 08 e8 3e 2b 02 00 48 [ 76.328515] RSP: 002b:00007fa8c79230a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000014 [ 76.336235] RAX: ffffffffffffffda RBX: 000000000052bf00 RCX: 00000000004601ed [ 76.343508] RDX: 0000000000000001 RSI: 00007fa8c7923110 RDI: 00000000000000f0 [ 76.350774] RBP: 0000000020000180 R08: 0000000000000000 R09: 0000000000000000 [ 76.358033] R10: 0000000000000049 R11: 0000000000000293 R12: 00000000ffffffff [ 76.365319] R13: 0000000000000003 R14: 000000000000004e R15: 00007fa8c79236bc [ 76.372588] [ 76.374199] Uninit was stored to memory at: [ 76.378502] kmsan_internal_chain_origin+0xad/0x130 [ 76.383519] kmsan_memcpy_memmove_metadata+0x25e/0x2d0 [ 76.388794] kmsan_memcpy_metadata+0xb/0x10 [ 76.393110] __msan_memcpy+0x46/0x60 [ 76.396819] pskb_expand_head+0x381/0x1ad0 [ 76.401311] inet_frag_reasm_prepare+0xa69/0x1440 [ 76.406149] nf_ct_frag6_gather+0x2815/0x3950 [ 76.410640] ipv6_defrag+0x538/0x650 [ 76.414360] nf_hook_slow_list+0x34f/0xaf0 [ 76.418781] ip6_sublist_rcv+0x1b2/0x1320 [ 76.422927] ipv6_list_rcv+0x914/0x980 [ 76.426807] __netif_receive_skb_list_core+0xfd7/0x14c0 [ 76.432168] netif_receive_skb_list_internal+0xfd1/0x1680 [ 76.437713] napi_gro_frags+0x14bc/0x23a0 [ 76.441861] tun_get_user+0x59f9/0x7420 [ 76.445828] tun_chr_write_iter+0x34e/0x400 [ 76.450154] do_iter_readv_writev+0x867/0xaa0 [ 76.454643] do_iter_write+0x2f2/0xe20 [ 76.458903] do_writev+0x4bf/0xb70 [ 76.462437] __x64_sys_writev+0xe5/0x120 [ 76.466690] do_syscall_64+0xcc/0x180 [ 76.470493] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 76.475681] [ 76.477292] Uninit was created at: [ 76.480810] kmsan_internal_poison_memory+0x66/0xd0 [ 76.485824] kmsan_slab_alloc+0x8e/0xe0 [ 76.489794] __kmalloc_node_track_caller+0xaf3/0x1520 [ 76.494982] __alloc_skb+0x438/0xd80 [ 76.498691] __napi_alloc_skb+0x34c/0xbc0 [ 76.502834] napi_get_frags+0xd1/0x2a0 [ 76.506735] tun_get_user+0x14b0/0x7420 [ 76.510702] tun_chr_write_iter+0x34e/0x400 [ 76.515015] do_iter_readv_writev+0x867/0xaa0 [ 76.519554] do_iter_write+0x2f2/0xe20 [ 76.523454] do_writev+0x4bf/0xb70 [ 76.526992] __x64_sys_writev+0xe5/0x120 [ 76.531078] do_syscall_64+0xcc/0x180 [ 76.534884] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 76.540163] ===================================================== [ 76.546637] ===================================================== [ 76.552874] BUG: KMSAN: uninit-value in ip6_parse_tlv+0x85e/0xc90 [ 76.559131] CPU: 0 PID: 6590 Comm: syz-executor.4 Tainted: G B 5.13.0-syzkaller #0 [ 76.568157] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 76.577531] Call Trace: [ 76.580208] dump_stack+0x1ff/0x280 [ 76.583950] kmsan_report+0xfb/0x1e0 [ 76.587866] __msan_warning+0x5c/0xa0 [ 76.592237] ip6_parse_tlv+0x85e/0xc90 [ 76.596951] ipv6_destopt_rcv+0x5c4/0xdb0 [ 76.601129] ip6_protocol_deliver_rcu+0x18c3/0x23b0 [ 76.606170] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 76.611300] ip6_sublist_rcv_finish+0x4fd/0x780 [ 76.615995] ? ip6_input+0x340/0x340 [ 76.619728] ip6_sublist_rcv+0x12af/0x1320 [ 76.623987] ? local_bh_enable+0x40/0x40 [ 76.628069] ipv6_list_rcv+0x914/0x980 [ 76.632003] ? ip6_rcv_core+0x1ed0/0x1ed0 [ 76.636163] __netif_receive_skb_list_core+0xfd7/0x14c0 [ 76.641555] ? kmsan_get_metadata+0x11d/0x180 [ 76.646095] netif_receive_skb_list_internal+0xfd1/0x1680 [ 76.651660] ? __list_add_valid+0xb8/0x420 [ 76.655923] ? kmsan_get_metadata+0x11d/0x180 [ 76.660445] napi_gro_frags+0x14bc/0x23a0 [ 76.664624] tun_get_user+0x59f9/0x7420 [ 76.668612] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 76.674090] ? futex_wait_queue_me+0x621/0x6c0 [ 76.678945] ? kmsan_get_metadata+0x11d/0x180 [ 76.683699] tun_chr_write_iter+0x34e/0x400 [ 76.688110] ? tun_chr_read_iter+0x530/0x530 [ 76.692519] do_iter_readv_writev+0x867/0xaa0 [ 76.697016] ? tun_chr_read_iter+0x530/0x530 [ 76.701421] do_iter_write+0x2f2/0xe20 [ 76.705303] ? import_iovec+0x1d3/0x1f0 [ 76.709276] do_writev+0x4bf/0xb70 [ 76.712820] ? kmsan_get_metadata+0x11d/0x180 [ 76.717312] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 76.722413] ? kmsan_get_metadata+0x4f/0x180 [ 76.726823] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 76.732186] __x64_sys_writev+0xe5/0x120 [ 76.736251] do_syscall_64+0xcc/0x180 [ 76.740050] ? syscall_exit_to_user_mode+0x3a/0x220 [ 76.745155] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 76.750343] RIP: 0033:0x4601ed [ 76.753533] Code: 28 89 54 24 1c 48 89 74 24 10 89 7c 24 08 e8 0a 2b 02 00 8b 54 24 1c 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 14 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 33 44 89 c7 48 89 44 24 08 e8 3e 2b 02 00 48 [ 76.772442] RSP: 002b:00007fa8c79230a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000014 [ 76.780150] RAX: ffffffffffffffda RBX: 000000000052bf00 RCX: 00000000004601ed [ 76.787418] RDX: 0000000000000001 RSI: 00007fa8c7923110 RDI: 00000000000000f0 [ 76.794679] RBP: 0000000020000180 R08: 0000000000000000 R09: 0000000000000000 [ 76.801947] R10: 0000000000000049 R11: 0000000000000293 R12: 00000000ffffffff [ 76.809212] R13: 0000000000000003 R14: 000000000000004e R15: 00007fa8c79236bc [ 76.816477] [ 76.818083] Uninit was stored to memory at: [ 76.822385] kmsan_internal_chain_origin+0xad/0x130 [ 76.827409] kmsan_memcpy_memmove_metadata+0x25e/0x2d0 [ 76.832682] kmsan_memcpy_metadata+0xb/0x10 [ 76.836998] __msan_memcpy+0x46/0x60 [ 76.840725] pskb_expand_head+0x381/0x1ad0 [ 76.844951] inet_frag_reasm_prepare+0xa69/0x1440 [ 76.849802] nf_ct_frag6_gather+0x2815/0x3950 [ 76.854309] ipv6_defrag+0x538/0x650 [ 76.858021] nf_hook_slow_list+0x34f/0xaf0 [ 76.862338] ip6_sublist_rcv+0x1b2/0x1320 [ 76.866565] ipv6_list_rcv+0x914/0x980 [ 76.870639] __netif_receive_skb_list_core+0xfd7/0x14c0 [ 76.876004] netif_receive_skb_list_internal+0xfd1/0x1680 [ 76.881629] napi_gro_frags+0x14bc/0x23a0 [ 76.886037] tun_get_user+0x59f9/0x7420 [ 76.890099] tun_chr_write_iter+0x34e/0x400 [ 76.894415] do_iter_readv_writev+0x867/0xaa0 [ 76.898906] do_iter_write+0x2f2/0xe20 [ 76.902784] do_writev+0x4bf/0xb70 [ 76.906403] __x64_sys_writev+0xe5/0x120 [ 76.910454] do_syscall_64+0xcc/0x180 [ 76.914248] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 76.919434] [ 76.921040] Uninit was created at: [ 76.924646] kmsan_internal_poison_memory+0x66/0xd0 [ 76.929659] kmsan_slab_alloc+0x8e/0xe0 [ 76.933715] __kmalloc_node_track_caller+0xaf3/0x1520 [ 76.938906] __alloc_skb+0x438/0xd80 [ 76.942622] __napi_alloc_skb+0x34c/0xbc0 [ 76.946767] napi_get_frags+0xd1/0x2a0 [ 76.950737] tun_get_user+0x14b0/0x7420 [ 76.954701] tun_chr_write_iter+0x34e/0x400 [ 76.959041] do_iter_readv_writev+0x867/0xaa0 [ 76.963532] do_iter_write+0x2f2/0xe20 [ 76.967410] do_writev+0x4bf/0xb70 [ 76.970940] __x64_sys_writev+0xe5/0x120 [ 76.974994] do_syscall_64+0xcc/0x180 [ 76.978788] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 76.983975] ===================================================== [ 76.990359] ===================================================== [ 76.996583] BUG: KMSAN: uninit-value in ip6_parse_tlv+0x884/0xc90 [ 77.002840] CPU: 0 PID: 6590 Comm: syz-executor.4 Tainted: G B 5.13.0-syzkaller #0 [ 77.012033] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 77.021480] Call Trace: [ 77.024071] dump_stack+0x1ff/0x280 [ 77.027718] kmsan_report+0xfb/0x1e0 [ 77.031484] __msan_warning+0x5c/0xa0 [ 77.035434] ip6_parse_tlv+0x884/0xc90 [ 77.039355] ipv6_destopt_rcv+0x5c4/0xdb0 [ 77.043541] ip6_protocol_deliver_rcu+0x18c3/0x23b0 [ 77.048594] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 77.054200] ip6_sublist_rcv_finish+0x4fd/0x780 [ 77.058907] ? ip6_input+0x340/0x340 [ 77.062639] ip6_sublist_rcv+0x12af/0x1320 [ 77.066901] ? local_bh_enable+0x40/0x40 [ 77.070980] ipv6_list_rcv+0x914/0x980 [ 77.074983] ? ip6_rcv_core+0x1ed0/0x1ed0 [ 77.079163] __netif_receive_skb_list_core+0xfd7/0x14c0 [ 77.084619] ? kmsan_get_metadata+0x11d/0x180 [ 77.089144] netif_receive_skb_list_internal+0xfd1/0x1680 [ 77.094710] ? __list_add_valid+0xb8/0x420 [ 77.099317] ? kmsan_get_metadata+0x11d/0x180 [ 77.103840] napi_gro_frags+0x14bc/0x23a0 [ 77.108797] tun_get_user+0x59f9/0x7420 [ 77.112789] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 77.118246] ? futex_wait_queue_me+0x621/0x6c0 [ 77.122835] ? kmsan_get_metadata+0x11d/0x180 [ 77.127332] tun_chr_write_iter+0x34e/0x400 [ 77.131655] ? tun_chr_read_iter+0x530/0x530 [ 77.136057] do_iter_readv_writev+0x867/0xaa0 [ 77.140563] ? tun_chr_read_iter+0x530/0x530 [ 77.145020] do_iter_write+0x2f2/0xe20 [ 77.148906] ? import_iovec+0x1d3/0x1f0 [ 77.152882] do_writev+0x4bf/0xb70 [ 77.156421] ? kmsan_get_metadata+0x11d/0x180 [ 77.160918] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 77.166018] ? kmsan_get_metadata+0x4f/0x180 [ 77.170424] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 77.175527] __x64_sys_writev+0xe5/0x120 [ 77.179588] do_syscall_64+0xcc/0x180 [ 77.183390] ? syscall_exit_to_user_mode+0x3a/0x220 [ 77.188411] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 77.193597] RIP: 0033:0x4601ed [ 77.196786] Code: 28 89 54 24 1c 48 89 74 24 10 89 7c 24 08 e8 0a 2b 02 00 8b 54 24 1c 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 14 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 33 44 89 c7 48 89 44 24 08 e8 3e 2b 02 00 48 [ 77.215772] RSP: 002b:00007fa8c79230a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000014 [ 77.223478] RAX: ffffffffffffffda RBX: 000000000052bf00 RCX: 00000000004601ed [ 77.230740] RDX: 0000000000000001 RSI: 00007fa8c7923110 RDI: 00000000000000f0 [ 77.238003] RBP: 0000000020000180 R08: 0000000000000000 R09: 0000000000000000 [ 77.245266] R10: 0000000000000049 R11: 0000000000000293 R12: 00000000ffffffff [ 77.252614] R13: 0000000000000003 R14: 000000000000004e R15: 00007fa8c79236bc [ 77.259882] [ 77.261493] Uninit was stored to memory at: [ 77.265796] kmsan_internal_chain_origin+0xad/0x130 [ 77.270926] kmsan_memcpy_memmove_metadata+0x25e/0x2d0 [ 77.276200] kmsan_memcpy_metadata+0xb/0x10 [ 77.280520] __msan_memcpy+0x46/0x60 [ 77.284236] pskb_expand_head+0x381/0x1ad0 [ 77.288481] inet_frag_reasm_prepare+0xa69/0x1440 [ 77.293341] nf_ct_frag6_gather+0x2815/0x3950 [ 77.297844] ipv6_defrag+0x538/0x650 [ 77.301652] nf_hook_slow_list+0x34f/0xaf0 [ 77.305885] ip6_sublist_rcv+0x1b2/0x1320 [ 77.310039] ipv6_list_rcv+0x914/0x980 [ 77.313920] __netif_receive_skb_list_core+0xfd7/0x14c0 [ 77.319277] netif_receive_skb_list_internal+0xfd1/0x1680 [ 77.324812] napi_gro_frags+0x14bc/0x23a0 [ 77.328956] tun_get_user+0x59f9/0x7420 [ 77.332926] tun_chr_write_iter+0x34e/0x400 [ 77.337241] do_iter_readv_writev+0x867/0xaa0 [ 77.341727] do_iter_write+0x2f2/0xe20 [ 77.345606] do_writev+0x4bf/0xb70 [ 77.349136] __x64_sys_writev+0xe5/0x120 [ 77.353188] do_syscall_64+0xcc/0x180 [ 77.356983] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 77.362169] [ 77.363780] Uninit was created at: [ 77.367299] kmsan_internal_poison_memory+0x66/0xd0 [ 77.372311] kmsan_slab_alloc+0x8e/0xe0 [ 77.376280] __kmalloc_node_track_caller+0xaf3/0x1520 [ 77.381463] __alloc_skb+0x438/0xd80 [ 77.385169] __napi_alloc_skb+0x34c/0xbc0 [ 77.389310] napi_get_frags+0xd1/0x2a0 [ 77.393193] tun_get_user+0x14b0/0x7420 [ 77.397161] tun_chr_write_iter+0x34e/0x400 [ 77.401473] do_iter_readv_writev+0x867/0xaa0 [ 77.405960] do_iter_write+0x2f2/0xe20 [ 77.409839] do_writev+0x4bf/0xb70 [ 77.413370] __x64_sys_writev+0xe5/0x120 [ 77.417420] do_syscall_64+0xcc/0x180 [ 77.421220] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 77.426408] ===================================================== [ 77.432801] ===================================================== [ 77.439037] BUG: KMSAN: uninit-value in ip6_parse_tlv+0xa12/0xc90 [ 77.445304] CPU: 0 PID: 6590 Comm: syz-executor.4 Tainted: G B 5.13.0-syzkaller #0 [ 77.454334] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 77.463704] Call Trace: [ 77.466291] dump_stack+0x1ff/0x280 [ 77.469941] kmsan_report+0xfb/0x1e0 [ 77.473681] __msan_warning+0x5c/0xa0 [ 77.477500] ip6_parse_tlv+0xa12/0xc90 [ 77.481417] ipv6_destopt_rcv+0x5c4/0xdb0 [ 77.485600] ip6_protocol_deliver_rcu+0x18c3/0x23b0 [ 77.490638] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 77.495765] ip6_sublist_rcv_finish+0x4fd/0x780 [ 77.500453] ? ip6_input+0x340/0x340 [ 77.504182] ip6_sublist_rcv+0x12af/0x1320 [ 77.508433] ? local_bh_enable+0x40/0x40 [ 77.512498] ipv6_list_rcv+0x914/0x980 [ 77.516386] ? ip6_rcv_core+0x1ed0/0x1ed0 [ 77.520528] __netif_receive_skb_list_core+0xfd7/0x14c0 [ 77.525889] ? kmsan_get_metadata+0x11d/0x180 [ 77.530394] netif_receive_skb_list_internal+0xfd1/0x1680 [ 77.535983] ? __list_add_valid+0xb8/0x420 [ 77.540217] ? kmsan_get_metadata+0x11d/0x180 [ 77.544711] napi_gro_frags+0x14bc/0x23a0 [ 77.549477] tun_get_user+0x59f9/0x7420 [ 77.553448] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 77.558901] ? futex_wait_queue_me+0x621/0x6c0 [ 77.563491] ? kmsan_get_metadata+0x11d/0x180 [ 77.567985] tun_chr_write_iter+0x34e/0x400 [ 77.572302] ? tun_chr_read_iter+0x530/0x530 [ 77.576712] do_iter_readv_writev+0x867/0xaa0 [ 77.581209] ? tun_chr_read_iter+0x530/0x530 [ 77.585629] do_iter_write+0x2f2/0xe20 [ 77.589511] ? import_iovec+0x1d3/0x1f0 [ 77.593489] do_writev+0x4bf/0xb70 [ 77.597034] ? kmsan_get_metadata+0x11d/0x180 [ 77.601613] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 77.606824] ? kmsan_get_metadata+0x4f/0x180 [ 77.611228] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 77.616337] __x64_sys_writev+0xe5/0x120 [ 77.620397] do_syscall_64+0xcc/0x180 [ 77.624194] ? syscall_exit_to_user_mode+0x3a/0x220 [ 77.629212] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 77.634491] RIP: 0033:0x4601ed [ 77.637675] Code: 28 89 54 24 1c 48 89 74 24 10 89 7c 24 08 e8 0a 2b 02 00 8b 54 24 1c 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 14 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 33 44 89 c7 48 89 44 24 08 e8 3e 2b 02 00 48 [ 77.656573] RSP: 002b:00007fa8c79230a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000014 [ 77.664277] RAX: ffffffffffffffda RBX: 000000000052bf00 RCX: 00000000004601ed [ 77.671550] RDX: 0000000000000001 RSI: 00007fa8c7923110 RDI: 00000000000000f0 [ 77.678814] RBP: 0000000020000180 R08: 0000000000000000 R09: 0000000000000000 [ 77.686084] R10: 0000000000000049 R11: 0000000000000293 R12: 00000000ffffffff [ 77.693363] R13: 0000000000000003 R14: 000000000000004e R15: 00007fa8c79236bc [ 77.700653] [ 77.702264] Uninit was stored to memory at: [ 77.706564] kmsan_internal_chain_origin+0xad/0x130 [ 77.711580] kmsan_memcpy_memmove_metadata+0x25e/0x2d0 [ 77.716850] kmsan_memcpy_metadata+0xb/0x10 [ 77.721164] __msan_memcpy+0x46/0x60 [ 77.724869] pskb_expand_head+0x381/0x1ad0 [ 77.729100] inet_frag_reasm_prepare+0xa69/0x1440 [ 77.733963] nf_ct_frag6_gather+0x2815/0x3950 [ 77.738627] ipv6_defrag+0x538/0x650 [ 77.742331] nf_hook_slow_list+0x34f/0xaf0 [ 77.746571] ip6_sublist_rcv+0x1b2/0x1320 [ 77.750713] ipv6_list_rcv+0x914/0x980 [ 77.754595] __netif_receive_skb_list_core+0xfd7/0x14c0 [ 77.759955] netif_receive_skb_list_internal+0xfd1/0x1680 [ 77.765491] napi_gro_frags+0x14bc/0x23a0 [ 77.769643] tun_get_user+0x59f9/0x7420 [ 77.773639] tun_chr_write_iter+0x34e/0x400 [ 77.777952] do_iter_readv_writev+0x867/0xaa0 [ 77.782525] do_iter_write+0x2f2/0xe20 [ 77.786443] do_writev+0x4bf/0xb70 [ 77.789976] __x64_sys_writev+0xe5/0x120 [ 77.794036] do_syscall_64+0xcc/0x180 [ 77.797829] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 77.803014] [ 77.804620] Uninit was created at: [ 77.808231] kmsan_internal_poison_memory+0x66/0xd0 [ 77.813243] kmsan_slab_alloc+0x8e/0xe0 [ 77.817211] __kmalloc_node_track_caller+0xaf3/0x1520 [ 77.822848] __alloc_skb+0x438/0xd80 [ 77.826554] __napi_alloc_skb+0x34c/0xbc0 [ 77.830694] napi_get_frags+0xd1/0x2a0 [ 77.834607] tun_get_user+0x14b0/0x7420 [ 77.838574] tun_chr_write_iter+0x34e/0x400 [ 77.842886] do_iter_readv_writev+0x867/0xaa0 [ 77.847375] do_iter_write+0x2f2/0xe20 [ 77.851274] do_writev+0x4bf/0xb70 [ 77.854804] __x64_sys_writev+0xe5/0x120 [ 77.858853] do_syscall_64+0xcc/0x180 [ 77.862647] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 77.868012] ===================================================== [ 77.874515] ===================================================== [ 77.880752] BUG: KMSAN: uninit-value in ip6_parse_tlv+0x85e/0xc90 [ 77.887035] CPU: 0 PID: 6590 Comm: syz-executor.4 Tainted: G B 5.13.0-syzkaller #0 [ 77.896489] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 77.906048] Call Trace: [ 77.909153] dump_stack+0x1ff/0x280 [ 77.912815] kmsan_report+0xfb/0x1e0 [ 77.916546] __msan_warning+0x5c/0xa0 [ 77.920358] ip6_parse_tlv+0x85e/0xc90 [ 77.924273] ipv6_destopt_rcv+0x5c4/0xdb0 [ 77.928437] ip6_protocol_deliver_rcu+0x18c3/0x23b0 [ 77.933474] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 77.938618] ip6_sublist_rcv_finish+0x4fd/0x780 [ 77.943317] ? ip6_input+0x340/0x340 [ 77.947028] ip6_sublist_rcv+0x12af/0x1320 [ 77.951266] ? local_bh_enable+0x40/0x40 [ 77.955323] ipv6_list_rcv+0x914/0x980 [ 77.959210] ? ip6_rcv_core+0x1ed0/0x1ed0 [ 77.963353] __netif_receive_skb_list_core+0xfd7/0x14c0 [ 77.968715] ? kmsan_get_metadata+0x11d/0x180 [ 77.973309] netif_receive_skb_list_internal+0xfd1/0x1680 [ 77.978854] ? __list_add_valid+0xb8/0x420 [ 77.983085] ? kmsan_get_metadata+0x11d/0x180 [ 77.987578] napi_gro_frags+0x14bc/0x23a0 [ 77.991742] tun_get_user+0x59f9/0x7420 [ 77.995711] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 78.001163] ? futex_wait_queue_me+0x621/0x6c0 [ 78.005748] ? kmsan_get_metadata+0x11d/0x180 [ 78.010241] tun_chr_write_iter+0x34e/0x400 [ 78.014562] ? tun_chr_read_iter+0x530/0x530 [ 78.018965] do_iter_readv_writev+0x867/0xaa0 [ 78.023463] ? tun_chr_read_iter+0x530/0x530 [ 78.027876] do_iter_write+0x2f2/0xe20 [ 78.031762] ? import_iovec+0x1d3/0x1f0 [ 78.035748] do_writev+0x4bf/0xb70 [ 78.039290] ? kmsan_get_metadata+0x11d/0x180 [ 78.043783] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 78.048887] ? kmsan_get_metadata+0x4f/0x180 [ 78.053291] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 78.058531] __x64_sys_writev+0xe5/0x120 [ 78.062603] do_syscall_64+0xcc/0x180 [ 78.066409] ? syscall_exit_to_user_mode+0x3a/0x220 [ 78.071439] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 78.076642] RIP: 0033:0x4601ed [ 78.079836] Code: 28 89 54 24 1c 48 89 74 24 10 89 7c 24 08 e8 0a 2b 02 00 8b 54 24 1c 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 14 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 33 44 89 c7 48 89 44 24 08 e8 3e 2b 02 00 48 [ 78.103341] RSP: 002b:00007fa8c79230a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000014 [ 78.111050] RAX: ffffffffffffffda RBX: 000000000052bf00 RCX: 00000000004601ed [ 78.118315] RDX: 0000000000000001 RSI: 00007fa8c7923110 RDI: 00000000000000f0 [ 78.125592] RBP: 0000000020000180 R08: 0000000000000000 R09: 0000000000000000 [ 78.132969] R10: 0000000000000049 R11: 0000000000000293 R12: 00000000ffffffff [ 78.140229] R13: 0000000000000003 R14: 000000000000004e R15: 00007fa8c79236bc [ 78.147500] [ 78.149106] Uninit was stored to memory at: [ 78.153413] kmsan_internal_chain_origin+0xad/0x130 [ 78.158528] kmsan_memcpy_memmove_metadata+0x25e/0x2d0 [ 78.163799] kmsan_memcpy_metadata+0xb/0x10 [ 78.168114] __msan_memcpy+0x46/0x60 [ 78.171817] pskb_expand_head+0x381/0x1ad0 [ 78.176045] inet_frag_reasm_prepare+0xa69/0x1440 [ 78.180880] nf_ct_frag6_gather+0x2815/0x3950 [ 78.185375] ipv6_defrag+0x538/0x650 [ 78.189083] nf_hook_slow_list+0x34f/0xaf0 [ 78.193317] ip6_sublist_rcv+0x1b2/0x1320 [ 78.197459] ipv6_list_rcv+0x914/0x980 [ 78.201337] __netif_receive_skb_list_core+0xfd7/0x14c0 [ 78.206695] netif_receive_skb_list_internal+0xfd1/0x1680 [ 78.212232] napi_gro_frags+0x14bc/0x23a0 [ 78.216375] tun_get_user+0x59f9/0x7420 [ 78.220339] tun_chr_write_iter+0x34e/0x400 [ 78.224649] do_iter_readv_writev+0x867/0xaa0 [ 78.229137] do_iter_write+0x2f2/0xe20 [ 78.233112] do_writev+0x4bf/0xb70 [ 78.236680] __x64_sys_writev+0xe5/0x120 [ 78.240731] do_syscall_64+0xcc/0x180 [ 78.244528] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 78.249730] [ 78.251346] Uninit was created at: [ 78.254872] kmsan_internal_poison_memory+0x66/0xd0 [ 78.259899] kmsan_slab_alloc+0x8e/0xe0 [ 78.263881] __kmalloc_node_track_caller+0xaf3/0x1520 [ 78.269072] __alloc_skb+0x438/0xd80 [ 78.272795] __napi_alloc_skb+0x34c/0xbc0 [ 78.276941] napi_get_frags+0xd1/0x2a0 [ 78.280825] tun_get_user+0x14b0/0x7420 [ 78.284790] tun_chr_write_iter+0x34e/0x400 [ 78.289103] do_iter_readv_writev+0x867/0xaa0 [ 78.293590] do_iter_write+0x2f2/0xe20 [ 78.297468] do_writev+0x4bf/0xb70 [ 78.301000] __x64_sys_writev+0xe5/0x120 [ 78.305053] do_syscall_64+0xcc/0x180 [ 78.308860] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 78.314063] ===================================================== [ 78.320432] ===================================================== [ 78.326657] BUG: KMSAN: uninit-value in ip6_parse_tlv+0x884/0xc90 [ 78.332909] CPU: 0 PID: 6590 Comm: syz-executor.4 Tainted: G B 5.13.0-syzkaller #0 [ 78.341955] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 78.351314] Call Trace: [ 78.353897] dump_stack+0x1ff/0x280 [ 78.357554] kmsan_report+0xfb/0x1e0 [ 78.361284] __msan_warning+0x5c/0xa0 [ 78.365098] ip6_parse_tlv+0x884/0xc90 [ 78.369005] ipv6_destopt_rcv+0x5c4/0xdb0 [ 78.373180] ip6_protocol_deliver_rcu+0x18c3/0x23b0 [ 78.378218] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 78.383353] ip6_sublist_rcv_finish+0x4fd/0x780 [ 78.388048] ? ip6_input+0x340/0x340 [ 78.391758] ip6_sublist_rcv+0x12af/0x1320 [ 78.396022] ? local_bh_enable+0x40/0x40 [ 78.400080] ipv6_list_rcv+0x914/0x980 [ 78.403980] ? ip6_rcv_core+0x1ed0/0x1ed0 [ 78.408121] __netif_receive_skb_list_core+0xfd7/0x14c0 [ 78.413485] ? kmsan_get_metadata+0x11d/0x180 [ 78.417987] netif_receive_skb_list_internal+0xfd1/0x1680 [ 78.423526] ? __list_add_valid+0xb8/0x420 [ 78.427754] ? kmsan_get_metadata+0x11d/0x180 [ 78.432419] napi_gro_frags+0x14bc/0x23a0 [ 78.436576] tun_get_user+0x59f9/0x7420 [ 78.440546] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 78.445993] ? futex_wait_queue_me+0x621/0x6c0 [ 78.450584] ? kmsan_get_metadata+0x11d/0x180 [ 78.455103] tun_chr_write_iter+0x34e/0x400 [ 78.459425] ? tun_chr_read_iter+0x530/0x530 [ 78.463931] do_iter_readv_writev+0x867/0xaa0 [ 78.468434] ? tun_chr_read_iter+0x530/0x530 [ 78.472846] do_iter_write+0x2f2/0xe20 [ 78.476737] ? import_iovec+0x1d3/0x1f0 [ 78.480738] do_writev+0x4bf/0xb70 [ 78.484280] ? kmsan_get_metadata+0x11d/0x180 [ 78.488869] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 78.493972] ? kmsan_get_metadata+0x4f/0x180 [ 78.498663] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 78.503781] __x64_sys_writev+0xe5/0x120 [ 78.508013] do_syscall_64+0xcc/0x180 [ 78.511808] ? syscall_exit_to_user_mode+0x3a/0x220 [ 78.516852] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 78.522041] RIP: 0033:0x4601ed [ 78.525250] Code: 28 89 54 24 1c 48 89 74 24 10 89 7c 24 08 e8 0a 2b 02 00 8b 54 24 1c 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 14 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 33 44 89 c7 48 89 44 24 08 e8 3e 2b 02 00 48 [ 78.544148] RSP: 002b:00007fa8c79230a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000014 [ 78.551866] RAX: ffffffffffffffda RBX: 000000000052bf00 RCX: 00000000004601ed [ 78.559137] RDX: 0000000000000001 RSI: 00007fa8c7923110 RDI: 00000000000000f0 [ 78.566507] RBP: 0000000020000180 R08: 0000000000000000 R09: 0000000000000000 [ 78.573856] R10: 0000000000000049 R11: 0000000000000293 R12: 00000000ffffffff [ 78.581119] R13: 0000000000000003 R14: 000000000000004e R15: 00007fa8c79236bc [ 78.588471] [ 78.590081] Uninit was stored to memory at: [ 78.594381] kmsan_internal_chain_origin+0xad/0x130 [ 78.599394] kmsan_memcpy_memmove_metadata+0x25e/0x2d0 [ 78.604665] kmsan_memcpy_metadata+0xb/0x10 [ 78.608980] __msan_memcpy+0x46/0x60 [ 78.612690] pskb_expand_head+0x381/0x1ad0 [ 78.616931] inet_frag_reasm_prepare+0xa69/0x1440 [ 78.621795] nf_ct_frag6_gather+0x2815/0x3950 [ 78.626285] ipv6_defrag+0x538/0x650 [ 78.629992] nf_hook_slow_list+0x34f/0xaf0 [ 78.634223] ip6_sublist_rcv+0x1b2/0x1320 [ 78.638371] ipv6_list_rcv+0x914/0x980 [ 78.642252] __netif_receive_skb_list_core+0xfd7/0x14c0 [ 78.647612] netif_receive_skb_list_internal+0xfd1/0x1680 [ 78.653154] napi_gro_frags+0x14bc/0x23a0 [ 78.657307] tun_get_user+0x59f9/0x7420 [ 78.661290] tun_chr_write_iter+0x34e/0x400 [ 78.665614] do_iter_readv_writev+0x867/0xaa0 [ 78.670134] do_iter_write+0x2f2/0xe20 [ 78.674022] do_writev+0x4bf/0xb70 [ 78.677556] __x64_sys_writev+0xe5/0x120 [ 78.681629] do_syscall_64+0xcc/0x180 [ 78.685428] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 78.690615] [ 78.692226] Uninit was created at: [ 78.695747] kmsan_internal_poison_memory+0x66/0xd0 [ 78.700760] kmsan_slab_alloc+0x8e/0xe0 [ 78.704729] __kmalloc_node_track_caller+0xaf3/0x1520 [ 78.709918] __alloc_skb+0x438/0xd80 [ 78.713625] __napi_alloc_skb+0x34c/0xbc0 [ 78.717766] napi_get_frags+0xd1/0x2a0 [ 78.721649] tun_get_user+0x14b0/0x7420 [ 78.725617] tun_chr_write_iter+0x34e/0x400 [ 78.729933] do_iter_readv_writev+0x867/0xaa0 [ 78.734510] do_iter_write+0x2f2/0xe20 [ 78.738388] do_writev+0x4bf/0xb70 [ 78.741934] __x64_sys_writev+0xe5/0x120 [ 78.745991] do_syscall_64+0xcc/0x180 [ 78.749873] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 78.755148] ===================================================== [ 78.761539] ===================================================== [ 78.767764] BUG: KMSAN: uninit-value in ip6_parse_tlv+0xa12/0xc90 [ 78.774015] CPU: 0 PID: 6590 Comm: syz-executor.4 Tainted: G B 5.13.0-syzkaller #0 [ 78.783038] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 78.792402] Call Trace: [ 78.794984] dump_stack+0x1ff/0x280 [ 78.798745] kmsan_report+0xfb/0x1e0 [ 78.802569] __msan_warning+0x5c/0xa0 [ 78.806379] ip6_parse_tlv+0xa12/0xc90 [ 78.810287] ipv6_destopt_rcv+0x5c4/0xdb0 [ 78.814456] ip6_protocol_deliver_rcu+0x18c3/0x23b0 [ 78.819492] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 78.824622] ip6_sublist_rcv_finish+0x4fd/0x780 [ 78.829534] ? ip6_input+0x340/0x340 [ 78.833264] ip6_sublist_rcv+0x12af/0x1320 [ 78.837511] ? local_bh_enable+0x40/0x40 [ 78.841587] ipv6_list_rcv+0x914/0x980 [ 78.845502] ? ip6_rcv_core+0x1ed0/0x1ed0 [ 78.849652] __netif_receive_skb_list_core+0xfd7/0x14c0 [ 78.855015] ? kmsan_get_metadata+0x11d/0x180 [ 78.859519] netif_receive_skb_list_internal+0xfd1/0x1680 [ 78.865066] ? __list_add_valid+0xb8/0x420 [ 78.869304] ? kmsan_get_metadata+0x11d/0x180 [ 78.873803] napi_gro_frags+0x14bc/0x23a0 [ 78.877962] tun_get_user+0x59f9/0x7420 [ 78.881933] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 78.887383] ? futex_wait_queue_me+0x621/0x6c0 [ 78.892117] ? kmsan_get_metadata+0x11d/0x180 [ 78.896650] tun_chr_write_iter+0x34e/0x400 [ 78.900986] ? tun_chr_read_iter+0x530/0x530 [ 78.905401] do_iter_readv_writev+0x867/0xaa0 [ 78.909916] ? tun_chr_read_iter+0x530/0x530 [ 78.914320] do_iter_write+0x2f2/0xe20 [ 78.918215] ? import_iovec+0x1d3/0x1f0 [ 78.922206] do_writev+0x4bf/0xb70 [ 78.925758] ? kmsan_get_metadata+0x11d/0x180 [ 78.930261] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 78.935372] ? kmsan_get_metadata+0x4f/0x180 [ 78.939783] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 78.944891] __x64_sys_writev+0xe5/0x120 [ 78.948951] do_syscall_64+0xcc/0x180 [ 78.952768] ? syscall_exit_to_user_mode+0x3a/0x220 [ 78.957902] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 78.963102] RIP: 0033:0x4601ed [ 78.966294] Code: 28 89 54 24 1c 48 89 74 24 10 89 7c 24 08 e8 0a 2b 02 00 8b 54 24 1c 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 14 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 33 44 89 c7 48 89 44 24 08 e8 3e 2b 02 00 48 [ 78.985212] RSP: 002b:00007fa8c79230a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000014 [ 78.992921] RAX: ffffffffffffffda RBX: 000000000052bf00 RCX: 00000000004601ed [ 79.000189] RDX: 0000000000000001 RSI: 00007fa8c7923110 RDI: 00000000000000f0 [ 79.007464] RBP: 0000000020000180 R08: 0000000000000000 R09: 0000000000000000 [ 79.014726] R10: 0000000000000049 R11: 0000000000000293 R12: 00000000ffffffff [ 79.021987] R13: 0000000000000003 R14: 000000000000004e R15: 00007fa8c79236bc [ 79.029280] [ 79.030890] Uninit was stored to memory at: [ 79.035294] kmsan_internal_chain_origin+0xad/0x130 [ 79.040331] kmsan_memcpy_memmove_metadata+0x25e/0x2d0 [ 79.045620] kmsan_memcpy_metadata+0xb/0x10 [ 79.049941] __msan_memcpy+0x46/0x60 [ 79.053651] pskb_expand_head+0x381/0x1ad0 [ 79.057887] inet_frag_reasm_prepare+0xa69/0x1440 [ 79.062728] nf_ct_frag6_gather+0x2815/0x3950 [ 79.067263] ipv6_defrag+0x538/0x650 [ 79.070987] nf_hook_slow_list+0x34f/0xaf0 [ 79.075237] ip6_sublist_rcv+0x1b2/0x1320 [ 79.079380] ipv6_list_rcv+0x914/0x980 [ 79.083500] __netif_receive_skb_list_core+0xfd7/0x14c0 [ 79.088894] netif_receive_skb_list_internal+0xfd1/0x1680 [ 79.094451] napi_gro_frags+0x14bc/0x23a0 [ 79.098602] tun_get_user+0x59f9/0x7420 [ 79.102678] tun_chr_write_iter+0x34e/0x400 [ 79.106994] do_iter_readv_writev+0x867/0xaa0 [ 79.111484] do_iter_write+0x2f2/0xe20 [ 79.115363] do_writev+0x4bf/0xb70 [ 79.118896] __x64_sys_writev+0xe5/0x120 [ 79.122949] do_syscall_64+0xcc/0x180 [ 79.126745] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 79.131947] [ 79.133558] Uninit was created at: [ 79.137082] kmsan_internal_poison_memory+0x66/0xd0 [ 79.142111] kmsan_slab_alloc+0x8e/0xe0 [ 79.146081] __kmalloc_node_track_caller+0xaf3/0x1520 [ 79.151274] __alloc_skb+0x438/0xd80 [ 79.154983] __napi_alloc_skb+0x34c/0xbc0 [ 79.159132] napi_get_frags+0xd1/0x2a0 [ 79.163041] tun_get_user+0x14b0/0x7420 [ 79.167097] tun_chr_write_iter+0x34e/0x400 [ 79.171514] do_iter_readv_writev+0x867/0xaa0 [ 79.176003] do_iter_write+0x2f2/0xe20 [ 79.179901] do_writev+0x4bf/0xb70 [ 79.183433] __x64_sys_writev+0xe5/0x120 [ 79.187489] do_syscall_64+0xcc/0x180 [ 79.191285] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 79.196477] ===================================================== [ 79.202953] ===================================================== [ 79.209185] BUG: KMSAN: uninit-value in ip6_parse_tlv+0x85e/0xc90 [ 79.215441] CPU: 0 PID: 6590 Comm: syz-executor.4 Tainted: G B 5.13.0-syzkaller #0 [ 79.224553] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 79.233913] Call Trace: [ 79.236498] dump_stack+0x1ff/0x280 [ 79.240145] kmsan_report+0xfb/0x1e0 [ 79.243877] __msan_warning+0x5c/0xa0 [ 79.247692] ip6_parse_tlv+0x85e/0xc90 [ 79.251600] ipv6_destopt_rcv+0x5c4/0xdb0 [ 79.255787] ip6_protocol_deliver_rcu+0x18c3/0x23b0 [ 79.260832] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 79.266001] ip6_sublist_rcv_finish+0x4fd/0x780 [ 79.270697] ? ip6_input+0x340/0x340 [ 79.274428] ip6_sublist_rcv+0x12af/0x1320 [ 79.278686] ? local_bh_enable+0x40/0x40 [ 79.282763] ipv6_list_rcv+0x914/0x980 [ 79.286670] ? ip6_rcv_core+0x1ed0/0x1ed0 [ 79.290830] __netif_receive_skb_list_core+0xfd7/0x14c0 [ 79.296209] ? kmsan_get_metadata+0x11d/0x180 [ 79.300725] netif_receive_skb_list_internal+0xfd1/0x1680 [ 79.306279] ? __list_add_valid+0xb8/0x420 [ 79.310514] ? kmsan_get_metadata+0x11d/0x180 [ 79.315186] napi_gro_frags+0x14bc/0x23a0 [ 79.319343] tun_get_user+0x59f9/0x7420 [ 79.323314] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 79.328767] ? futex_wait_queue_me+0x621/0x6c0 [ 79.333358] ? kmsan_get_metadata+0x11d/0x180 [ 79.337864] tun_chr_write_iter+0x34e/0x400 [ 79.342187] ? tun_chr_read_iter+0x530/0x530 [ 79.346765] do_iter_readv_writev+0x867/0xaa0 [ 79.351264] ? tun_chr_read_iter+0x530/0x530 [ 79.355671] do_iter_write+0x2f2/0xe20 [ 79.359560] ? import_iovec+0x1d3/0x1f0 [ 79.363558] do_writev+0x4bf/0xb70 [ 79.367103] ? kmsan_get_metadata+0x11d/0x180 [ 79.371608] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 79.376714] ? kmsan_get_metadata+0x4f/0x180 [ 79.381121] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 79.386245] __x64_sys_writev+0xe5/0x120 [ 79.390570] do_syscall_64+0xcc/0x180 [ 79.394366] ? syscall_exit_to_user_mode+0x3a/0x220 [ 79.399381] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 79.404572] RIP: 0033:0x4601ed [ 79.407756] Code: 28 89 54 24 1c 48 89 74 24 10 89 7c 24 08 e8 0a 2b 02 00 8b 54 24 1c 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 14 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 33 44 89 c7 48 89 44 24 08 e8 3e 2b 02 00 48 [ 79.426657] RSP: 002b:00007fa8c79230a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000014 [ 79.434458] RAX: ffffffffffffffda RBX: 000000000052bf00 RCX: 00000000004601ed [ 79.441732] RDX: 0000000000000001 RSI: 00007fa8c7923110 RDI: 00000000000000f0 [ 79.448995] RBP: 0000000020000180 R08: 0000000000000000 R09: 0000000000000000 [ 79.456258] R10: 0000000000000049 R11: 0000000000000293 R12: 00000000ffffffff [ 79.463539] R13: 0000000000000003 R14: 000000000000004e R15: 00007fa8c79236bc [ 79.470924] [ 79.472535] Uninit was stored to memory at: [ 79.476838] kmsan_internal_chain_origin+0xad/0x130 [ 79.481853] kmsan_memcpy_memmove_metadata+0x25e/0x2d0 [ 79.487127] kmsan_memcpy_metadata+0xb/0x10 [ 79.491443] __msan_memcpy+0x46/0x60 [ 79.495163] pskb_expand_head+0x381/0x1ad0 [ 79.499398] inet_frag_reasm_prepare+0xa69/0x1440 [ 79.504237] nf_ct_frag6_gather+0x2815/0x3950 [ 79.508814] ipv6_defrag+0x538/0x650 [ 79.512518] nf_hook_slow_list+0x34f/0xaf0 [ 79.516760] ip6_sublist_rcv+0x1b2/0x1320 [ 79.520902] ipv6_list_rcv+0x914/0x980 [ 79.524782] __netif_receive_skb_list_core+0xfd7/0x14c0 [ 79.530141] netif_receive_skb_list_internal+0xfd1/0x1680 [ 79.535684] napi_gro_frags+0x14bc/0x23a0 [ 79.539847] tun_get_user+0x59f9/0x7420 [ 79.543822] tun_chr_write_iter+0x34e/0x400 [ 79.548135] do_iter_readv_writev+0x867/0xaa0 [ 79.552633] do_iter_write+0x2f2/0xe20 [ 79.556513] do_writev+0x4bf/0xb70 [ 79.560045] __x64_sys_writev+0xe5/0x120 [ 79.564098] do_syscall_64+0xcc/0x180 [ 79.567894] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 79.573082] [ 79.574690] Uninit was created at: [ 79.578207] kmsan_internal_poison_memory+0x66/0xd0 [ 79.583219] kmsan_slab_alloc+0x8e/0xe0 [ 79.587190] __kmalloc_node_track_caller+0xaf3/0x1520 [ 79.592390] __alloc_skb+0x438/0xd80 [ 79.596098] __napi_alloc_skb+0x34c/0xbc0 [ 79.600248] napi_get_frags+0xd1/0x2a0 [ 79.604155] tun_get_user+0x14b0/0x7420 [ 79.608139] tun_chr_write_iter+0x34e/0x400 [ 79.612719] do_iter_readv_writev+0x867/0xaa0 [ 79.617298] do_iter_write+0x2f2/0xe20 [ 79.621263] do_writev+0x4bf/0xb70 [ 79.624801] __x64_sys_writev+0xe5/0x120 [ 79.628854] do_syscall_64+0xcc/0x180 [ 79.632652] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 79.637864] ===================================================== [ 79.644342] ===================================================== [ 79.650664] BUG: KMSAN: uninit-value in ip6_parse_tlv+0x85e/0xc90 [ 79.656938] CPU: 0 PID: 6590 Comm: syz-executor.4 Tainted: G B 5.13.0-syzkaller #0 [ 79.665965] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 79.675326] Call Trace: [ 79.677909] dump_stack+0x1ff/0x280 [ 79.681558] kmsan_report+0xfb/0x1e0 [ 79.685305] __msan_warning+0x5c/0xa0 [ 79.689127] ip6_parse_tlv+0x85e/0xc90 [ 79.693038] ipv6_destopt_rcv+0x5c4/0xdb0 [ 79.697218] ip6_protocol_deliver_rcu+0x18c3/0x23b0 [ 79.702275] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 79.707419] ip6_sublist_rcv_finish+0x4fd/0x780 [ 79.712097] ? ip6_input+0x340/0x340 [ 79.715814] ip6_sublist_rcv+0x12af/0x1320 [ 79.720057] ? local_bh_enable+0x40/0x40 [ 79.724142] ipv6_list_rcv+0x914/0x980 [ 79.728468] ? ip6_rcv_core+0x1ed0/0x1ed0 [ 79.732631] __netif_receive_skb_list_core+0xfd7/0x14c0 [ 79.738000] ? kmsan_get_metadata+0x11d/0x180 [ 79.742503] netif_receive_skb_list_internal+0xfd1/0x1680 [ 79.748047] ? __list_add_valid+0xb8/0x420 [ 79.752281] ? kmsan_get_metadata+0x11d/0x180 [ 79.756952] napi_gro_frags+0x14bc/0x23a0 [ 79.761107] tun_get_user+0x59f9/0x7420 [ 79.765079] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 79.770617] ? futex_wait_queue_me+0x621/0x6c0 [ 79.775294] ? kmsan_get_metadata+0x11d/0x180 [ 79.779794] tun_chr_write_iter+0x34e/0x400 [ 79.784115] ? tun_chr_read_iter+0x530/0x530 [ 79.788532] do_iter_readv_writev+0x867/0xaa0 [ 79.793032] ? tun_chr_read_iter+0x530/0x530 [ 79.797436] do_iter_write+0x2f2/0xe20 [ 79.801338] ? import_iovec+0x1d3/0x1f0 [ 79.805317] do_writev+0x4bf/0xb70 [ 79.808885] ? kmsan_get_metadata+0x11d/0x180 [ 79.813380] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 79.818482] ? kmsan_get_metadata+0x4f/0x180 [ 79.822892] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 79.827996] __x64_sys_writev+0xe5/0x120 [ 79.832053] do_syscall_64+0xcc/0x180 [ 79.835854] ? syscall_exit_to_user_mode+0x3a/0x220 [ 79.840973] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 79.846161] RIP: 0033:0x4601ed [ 79.849350] Code: 28 89 54 24 1c 48 89 74 24 10 89 7c 24 08 e8 0a 2b 02 00 8b 54 24 1c 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 14 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 33 44 89 c7 48 89 44 24 08 e8 3e 2b 02 00 48 [ 79.868528] RSP: 002b:00007fa8c79230a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000014 [ 79.876247] RAX: ffffffffffffffda RBX: 000000000052bf00 RCX: 00000000004601ed [ 79.883512] RDX: 0000000000000001 RSI: 00007fa8c7923110 RDI: 00000000000000f0 [ 79.890790] RBP: 0000000020000180 R08: 0000000000000000 R09: 0000000000000000 [ 79.898049] R10: 0000000000000049 R11: 0000000000000293 R12: 00000000ffffffff [ 79.905321] R13: 0000000000000003 R14: 000000000000004e R15: 00007fa8c79236bc [ 79.912593] [ 79.914285] Uninit was stored to memory at: [ 79.918591] kmsan_internal_chain_origin+0xad/0x130 [ 79.923623] kmsan_memcpy_memmove_metadata+0x25e/0x2d0 [ 79.928912] kmsan_memcpy_metadata+0xb/0x10 [ 79.933236] __msan_memcpy+0x46/0x60 [ 79.936952] pskb_expand_head+0x381/0x1ad0 [ 79.941186] inet_frag_reasm_prepare+0xa69/0x1440 [ 79.946040] nf_ct_frag6_gather+0x2815/0x3950 [ 79.950527] ipv6_defrag+0x538/0x650 [ 79.954234] nf_hook_slow_list+0x34f/0xaf0 [ 79.958464] ip6_sublist_rcv+0x1b2/0x1320 [ 79.962607] ipv6_list_rcv+0x914/0x980 [ 79.967181] __netif_receive_skb_list_core+0xfd7/0x14c0 [ 79.972540] netif_receive_skb_list_internal+0xfd1/0x1680 [ 79.978079] napi_gro_frags+0x14bc/0x23a0 [ 79.982311] tun_get_user+0x59f9/0x7420 [ 79.986289] tun_chr_write_iter+0x34e/0x400 [ 79.990604] do_iter_readv_writev+0x867/0xaa0 [ 79.995095] do_iter_write+0x2f2/0xe20 [ 79.998972] do_writev+0x4bf/0xb70 [ 80.002501] __x64_sys_writev+0xe5/0x120 [ 80.006726] do_syscall_64+0xcc/0x180 [ 80.010518] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 80.015733] [ 80.017341] Uninit was created at: [ 80.021296] kmsan_internal_poison_memory+0x66/0xd0 [ 80.026314] kmsan_slab_alloc+0x8e/0xe0 [ 80.030372] __kmalloc_node_track_caller+0xaf3/0x1520 [ 80.035557] __alloc_skb+0x438/0xd80 [ 80.039268] __napi_alloc_skb+0x34c/0xbc0 [ 80.043419] napi_get_frags+0xd1/0x2a0 [ 80.047325] tun_get_user+0x14b0/0x7420 [ 80.051314] tun_chr_write_iter+0x34e/0x400 [ 80.055638] do_iter_readv_writev+0x867/0xaa0 [ 80.060134] do_iter_write+0x2f2/0xe20 [ 80.064029] do_writev+0x4bf/0xb70 [ 80.067563] __x64_sys_writev+0xe5/0x120 [ 80.071619] do_syscall_64+0xcc/0x180 [ 80.075440] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 80.080635] ===================================================== [ 80.087007] ===================================================== [ 80.093321] BUG: KMSAN: uninit-value in ip6_parse_tlv+0x884/0xc90 [ 80.099574] CPU: 0 PID: 6590 Comm: syz-executor.4 Tainted: G B 5.13.0-syzkaller #0 [ 80.108683] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 80.118740] Call Trace: [ 80.121325] dump_stack+0x1ff/0x280 [ 80.124983] kmsan_report+0xfb/0x1e0 [ 80.128718] __msan_warning+0x5c/0xa0 [ 80.132552] ip6_parse_tlv+0x884/0xc90 [ 80.136475] ipv6_destopt_rcv+0x5c4/0xdb0 [ 80.140731] ip6_protocol_deliver_rcu+0x18c3/0x23b0 [ 80.145771] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 80.150895] ip6_sublist_rcv_finish+0x4fd/0x780 [ 80.155569] ? ip6_input+0x340/0x340 [ 80.159287] ip6_sublist_rcv+0x12af/0x1320 [ 80.163527] ? local_bh_enable+0x40/0x40 [ 80.167586] ipv6_list_rcv+0x914/0x980 [ 80.171480] ? ip6_rcv_core+0x1ed0/0x1ed0 [ 80.175628] __netif_receive_skb_list_core+0xfd7/0x14c0 [ 80.180992] ? kmsan_get_metadata+0x11d/0x180 [ 80.185493] netif_receive_skb_list_internal+0xfd1/0x1680 [ 80.191037] ? __list_add_valid+0xb8/0x420 [ 80.195274] ? kmsan_get_metadata+0x11d/0x180 [ 80.199774] napi_gro_frags+0x14bc/0x23a0 [ 80.203927] tun_get_user+0x59f9/0x7420 [ 80.207905] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 80.213356] ? futex_wait_queue_me+0x621/0x6c0 [ 80.217945] ? kmsan_get_metadata+0x11d/0x180 [ 80.222441] tun_chr_write_iter+0x34e/0x400 [ 80.226777] ? tun_chr_read_iter+0x530/0x530 [ 80.231179] do_iter_readv_writev+0x867/0xaa0 [ 80.235679] ? tun_chr_read_iter+0x530/0x530 [ 80.240091] do_iter_write+0x2f2/0xe20 [ 80.244062] ? import_iovec+0x1d3/0x1f0 [ 80.248045] do_writev+0x4bf/0xb70 [ 80.251604] ? kmsan_get_metadata+0x11d/0x180 [ 80.256102] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 80.261205] ? kmsan_get_metadata+0x4f/0x180 [ 80.265704] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 80.270808] __x64_sys_writev+0xe5/0x120 [ 80.274866] do_syscall_64+0xcc/0x180 [ 80.278669] ? syscall_exit_to_user_mode+0x3a/0x220 [ 80.283686] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 80.288922] RIP: 0033:0x4601ed [ 80.292106] Code: 28 89 54 24 1c 48 89 74 24 10 89 7c 24 08 e8 0a 2b 02 00 8b 54 24 1c 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 14 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 33 44 89 c7 48 89 44 24 08 e8 3e 2b 02 00 48 [ 80.311100] RSP: 002b:00007fa8c79230a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000014 [ 80.318809] RAX: ffffffffffffffda RBX: 000000000052bf00 RCX: 00000000004601ed [ 80.326073] RDX: 0000000000000001 RSI: 00007fa8c7923110 RDI: 00000000000000f0 [ 80.333351] RBP: 0000000020000180 R08: 0000000000000000 R09: 0000000000000000 [ 80.340787] R10: 0000000000000049 R11: 0000000000000293 R12: 00000000ffffffff [ 80.348068] R13: 0000000000000003 R14: 000000000000004e R15: 00007fa8c79236bc [ 80.355444] [ 80.357068] Uninit was stored to memory at: [ 80.361369] kmsan_internal_chain_origin+0xad/0x130 [ 80.366400] kmsan_memcpy_memmove_metadata+0x25e/0x2d0 [ 80.371673] kmsan_memcpy_metadata+0xb/0x10 [ 80.375989] __msan_memcpy+0x46/0x60 [ 80.379696] pskb_expand_head+0x381/0x1ad0 [ 80.383934] inet_frag_reasm_prepare+0xa69/0x1440 [ 80.388771] nf_ct_frag6_gather+0x2815/0x3950 [ 80.393260] ipv6_defrag+0x538/0x650 [ 80.396975] nf_hook_slow_list+0x34f/0xaf0 [ 80.401203] ip6_sublist_rcv+0x1b2/0x1320 [ 80.405356] ipv6_list_rcv+0x914/0x980 [ 80.409235] __netif_receive_skb_list_core+0xfd7/0x14c0 [ 80.414704] netif_receive_skb_list_internal+0xfd1/0x1680 [ 80.420256] napi_gro_frags+0x14bc/0x23a0 [ 80.424426] tun_get_user+0x59f9/0x7420 [ 80.428402] tun_chr_write_iter+0x34e/0x400 [ 80.432888] do_iter_readv_writev+0x867/0xaa0 [ 80.437378] do_iter_write+0x2f2/0xe20 [ 80.441284] do_writev+0x4bf/0xb70 [ 80.444815] __x64_sys_writev+0xe5/0x120 [ 80.448865] do_syscall_64+0xcc/0x180 [ 80.452674] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 80.457872] [ 80.459493] Uninit was created at: [ 80.463012] kmsan_internal_poison_memory+0x66/0xd0 [ 80.468029] kmsan_slab_alloc+0x8e/0xe0 [ 80.471997] __kmalloc_node_track_caller+0xaf3/0x1520 [ 80.477201] __alloc_skb+0x438/0xd80 [ 80.480916] __napi_alloc_skb+0x34c/0xbc0 [ 80.485147] napi_get_frags+0xd1/0x2a0 [ 80.489029] tun_get_user+0x14b0/0x7420 [ 80.492992] tun_chr_write_iter+0x34e/0x400 [ 80.497305] do_iter_readv_writev+0x867/0xaa0 [ 80.501793] do_iter_write+0x2f2/0xe20 [ 80.505669] do_writev+0x4bf/0xb70 [ 80.509203] __x64_sys_writev+0xe5/0x120 [ 80.513265] do_syscall_64+0xcc/0x180 [ 80.517069] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 80.522254] ===================================================== [ 80.528626] ===================================================== [ 80.534856] BUG: KMSAN: uninit-value in ip6_parse_tlv+0xa12/0xc90 [ 80.541101] CPU: 0 PID: 6590 Comm: syz-executor.4 Tainted: G B 5.13.0-syzkaller #0 [ 80.550117] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 80.559477] Call Trace: [ 80.562059] dump_stack+0x1ff/0x280 [ 80.565712] kmsan_report+0xfb/0x1e0 [ 80.569457] __msan_warning+0x5c/0xa0 [ 80.573286] ip6_parse_tlv+0xa12/0xc90 [ 80.577198] ipv6_destopt_rcv+0x5c4/0xdb0 [ 80.581365] ip6_protocol_deliver_rcu+0x18c3/0x23b0 [ 80.586400] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 80.591969] ip6_sublist_rcv_finish+0x4fd/0x780 [ 80.596665] ? ip6_input+0x340/0x340 [ 80.600507] ip6_sublist_rcv+0x12af/0x1320 [ 80.604764] ? local_bh_enable+0x40/0x40 [ 80.608842] ipv6_list_rcv+0x914/0x980 [ 80.612753] ? ip6_rcv_core+0x1ed0/0x1ed0 [ 80.616923] __netif_receive_skb_list_core+0xfd7/0x14c0 [ 80.622283] ? kmsan_get_metadata+0x11d/0x180 [ 80.626802] netif_receive_skb_list_internal+0xfd1/0x1680 [ 80.632362] ? __list_add_valid+0xb8/0x420 [ 80.636611] ? kmsan_get_metadata+0x11d/0x180 [ 80.641119] napi_gro_frags+0x14bc/0x23a0 [ 80.645355] tun_get_user+0x59f9/0x7420 [ 80.649335] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 80.654809] ? futex_wait_queue_me+0x621/0x6c0 [ 80.659487] ? kmsan_get_metadata+0x11d/0x180 [ 80.663978] tun_chr_write_iter+0x34e/0x400 [ 80.668306] ? tun_chr_read_iter+0x530/0x530 [ 80.672735] do_iter_readv_writev+0x867/0xaa0 [ 80.677251] ? tun_chr_read_iter+0x530/0x530 [ 80.681661] do_iter_write+0x2f2/0xe20 [ 80.685541] ? import_iovec+0x1d3/0x1f0 [ 80.689509] do_writev+0x4bf/0xb70 [ 80.693055] ? kmsan_get_metadata+0x11d/0x180 [ 80.697560] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 80.702672] ? kmsan_get_metadata+0x4f/0x180 [ 80.707160] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 80.712468] __x64_sys_writev+0xe5/0x120 [ 80.716549] do_syscall_64+0xcc/0x180 [ 80.720369] ? syscall_exit_to_user_mode+0x3a/0x220 [ 80.725391] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 80.730662] RIP: 0033:0x4601ed [ 80.733861] Code: 28 89 54 24 1c 48 89 74 24 10 89 7c 24 08 e8 0a 2b 02 00 8b 54 24 1c 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 14 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 33 44 89 c7 48 89 44 24 08 e8 3e 2b 02 00 48 [ 80.752940] RSP: 002b:00007fa8c79230a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000014 [ 80.760689] RAX: ffffffffffffffda RBX: 000000000052bf00 RCX: 00000000004601ed [ 80.767950] RDX: 0000000000000001 RSI: 00007fa8c7923110 RDI: 00000000000000f0 [ 80.775444] RBP: 0000000020000180 R08: 0000000000000000 R09: 0000000000000000 [ 80.783940] R10: 0000000000000049 R11: 0000000000000293 R12: 00000000ffffffff [ 80.791476] R13: 0000000000000003 R14: 000000000000004e R15: 00007fa8c79236bc [ 80.798749] [ 80.800362] Uninit was stored to memory at: [ 80.804756] kmsan_internal_chain_origin+0xad/0x130 [ 80.809793] kmsan_memcpy_memmove_metadata+0x25e/0x2d0 [ 80.815071] kmsan_memcpy_metadata+0xb/0x10 [ 80.819389] __msan_memcpy+0x46/0x60 [ 80.823473] pskb_expand_head+0x381/0x1ad0 [ 80.827713] inet_frag_reasm_prepare+0xa69/0x1440 [ 80.832551] nf_ct_frag6_gather+0x2815/0x3950 [ 80.837053] ipv6_defrag+0x538/0x650 [ 80.840755] nf_hook_slow_list+0x34f/0xaf0 [ 80.844979] ip6_sublist_rcv+0x1b2/0x1320 [ 80.849115] ipv6_list_rcv+0x914/0x980 [ 80.853030] __netif_receive_skb_list_core+0xfd7/0x14c0 [ 80.858405] netif_receive_skb_list_internal+0xfd1/0x1680 [ 80.864055] napi_gro_frags+0x14bc/0x23a0 [ 80.868218] tun_get_user+0x59f9/0x7420 [ 80.872180] tun_chr_write_iter+0x34e/0x400 [ 80.876521] do_iter_readv_writev+0x867/0xaa0 [ 80.881007] do_iter_write+0x2f2/0xe20 [ 80.884884] do_writev+0x4bf/0xb70 [ 80.888428] __x64_sys_writev+0xe5/0x120 [ 80.892492] do_syscall_64+0xcc/0x180 [ 80.896298] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 80.901477] [ 80.903107] Uninit was created at: [ 80.906623] kmsan_internal_poison_memory+0x66/0xd0 [ 80.911636] kmsan_slab_alloc+0x8e/0xe0 [ 80.915625] __kmalloc_node_track_caller+0xaf3/0x1520 [ 80.920806] __alloc_skb+0x438/0xd80 [ 80.924527] __napi_alloc_skb+0x34c/0xbc0 [ 80.928663] napi_get_frags+0xd1/0x2a0 [ 80.932542] tun_get_user+0x14b0/0x7420 [ 80.936616] tun_chr_write_iter+0x34e/0x400 [ 80.940921] do_iter_readv_writev+0x867/0xaa0 [ 80.945403] do_iter_write+0x2f2/0xe20 [ 80.949541] do_writev+0x4bf/0xb70 [ 80.953169] __x64_sys_writev+0xe5/0x120 [ 80.957271] do_syscall_64+0xcc/0x180 [ 80.961075] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 80.966373] ===================================================== [ 80.972874] ===================================================== [ 80.979107] BUG: KMSAN: uninit-value in ip6_parse_tlv+0x85e/0xc90 [ 80.985362] CPU: 0 PID: 6590 Comm: syz-executor.4 Tainted: G B 5.13.0-syzkaller #0 [ 80.994383] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 81.003751] Call Trace: [ 81.006336] dump_stack+0x1ff/0x280 [ 81.009987] kmsan_report+0xfb/0x1e0 [ 81.013725] __msan_warning+0x5c/0xa0 [ 81.017542] ip6_parse_tlv+0x85e/0xc90 [ 81.021464] ipv6_destopt_rcv+0x5c4/0xdb0 [ 81.025820] ip6_protocol_deliver_rcu+0x18c3/0x23b0 [ 81.030866] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 81.036004] ip6_sublist_rcv_finish+0x4fd/0x780 [ 81.040700] ? ip6_input+0x340/0x340 [ 81.044427] ip6_sublist_rcv+0x12af/0x1320 [ 81.049359] ? local_bh_enable+0x40/0x40 [ 81.053447] ipv6_list_rcv+0x914/0x980 [ 81.057366] ? ip6_rcv_core+0x1ed0/0x1ed0 [ 81.061524] __netif_receive_skb_list_core+0xfd7/0x14c0 [ 81.066980] ? kmsan_get_metadata+0x11d/0x180 [ 81.071512] netif_receive_skb_list_internal+0xfd1/0x1680 [ 81.077253] ? __list_add_valid+0xb8/0x420 [ 81.081496] ? kmsan_get_metadata+0x11d/0x180 [ 81.086095] napi_gro_frags+0x14bc/0x23a0 [ 81.090359] tun_get_user+0x59f9/0x7420 [ 81.094333] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 81.099918] ? futex_wait_queue_me+0x621/0x6c0 [ 81.104507] ? kmsan_get_metadata+0x11d/0x180 [ 81.109007] tun_chr_write_iter+0x34e/0x400 [ 81.113326] ? tun_chr_read_iter+0x530/0x530 [ 81.117725] do_iter_readv_writev+0x867/0xaa0 [ 81.122222] ? tun_chr_read_iter+0x530/0x530 [ 81.126638] do_iter_write+0x2f2/0xe20 [ 81.130551] ? import_iovec+0x1d3/0x1f0 [ 81.134527] do_writev+0x4bf/0xb70 [ 81.138078] ? kmsan_get_metadata+0x11d/0x180 [ 81.142568] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 81.147681] ? kmsan_get_metadata+0x4f/0x180 [ 81.152347] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 81.157776] __x64_sys_writev+0xe5/0x120 [ 81.161830] do_syscall_64+0xcc/0x180 [ 81.165627] ? syscall_exit_to_user_mode+0x3a/0x220 [ 81.170648] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 81.175852] RIP: 0033:0x4601ed [ 81.179136] Code: 28 89 54 24 1c 48 89 74 24 10 89 7c 24 08 e8 0a 2b 02 00 8b 54 24 1c 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 14 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 33 44 89 c7 48 89 44 24 08 e8 3e 2b 02 00 48 [ 81.198054] RSP: 002b:00007fa8c79230a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000014 [ 81.205785] RAX: ffffffffffffffda RBX: 000000000052bf00 RCX: 00000000004601ed [ 81.213055] RDX: 0000000000000001 RSI: 00007fa8c7923110 RDI: 00000000000000f0 [ 81.220418] RBP: 0000000020000180 R08: 0000000000000000 R09: 0000000000000000 [ 81.227723] R10: 0000000000000049 R11: 0000000000000293 R12: 00000000ffffffff [ 81.234988] R13: 0000000000000003 R14: 000000000000004e R15: 00007fa8c79236bc [ 81.242373] [ 81.243991] Uninit was stored to memory at: [ 81.248319] kmsan_internal_chain_origin+0xad/0x130 [ 81.253346] kmsan_memcpy_memmove_metadata+0x25e/0x2d0 [ 81.258895] kmsan_memcpy_metadata+0xb/0x10 [ 81.263296] __msan_memcpy+0x46/0x60 [ 81.267052] pskb_expand_head+0x381/0x1ad0 [ 81.271452] inet_frag_reasm_prepare+0xa69/0x1440 [ 81.276286] nf_ct_frag6_gather+0x2815/0x3950 [ 81.280771] ipv6_defrag+0x538/0x650 [ 81.284471] nf_hook_slow_list+0x34f/0xaf0 [ 81.288693] ip6_sublist_rcv+0x1b2/0x1320 [ 81.292832] ipv6_list_rcv+0x914/0x980 [ 81.296727] __netif_receive_skb_list_core+0xfd7/0x14c0 [ 81.302107] netif_receive_skb_list_internal+0xfd1/0x1680 [ 81.307653] napi_gro_frags+0x14bc/0x23a0 [ 81.311798] tun_get_user+0x59f9/0x7420 [ 81.315774] tun_chr_write_iter+0x34e/0x400 [ 81.320086] do_iter_readv_writev+0x867/0xaa0 [ 81.324571] do_iter_write+0x2f2/0xe20 [ 81.328459] do_writev+0x4bf/0xb70 [ 81.332074] __x64_sys_writev+0xe5/0x120 [ 81.336141] do_syscall_64+0xcc/0x180 [ 81.340039] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 81.345227] [ 81.346829] Uninit was created at: [ 81.350357] kmsan_internal_poison_memory+0x66/0xd0 [ 81.355364] kmsan_slab_alloc+0x8e/0xe0 [ 81.359327] __kmalloc_node_track_caller+0xaf3/0x1520 [ 81.364535] __alloc_skb+0x438/0xd80 [ 81.368323] __napi_alloc_skb+0x34c/0xbc0 [ 81.372650] napi_get_frags+0xd1/0x2a0 [ 81.376550] tun_get_user+0x14b0/0x7420 [ 81.380515] tun_chr_write_iter+0x34e/0x400 [ 81.384834] do_iter_readv_writev+0x867/0xaa0 [ 81.389332] do_iter_write+0x2f2/0xe20 [ 81.393204] do_writev+0x4bf/0xb70 [ 81.396902] __x64_sys_writev+0xe5/0x120 [ 81.400956] do_syscall_64+0xcc/0x180 [ 81.404835] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 81.410016] ===================================================== [ 81.416563] ===================================================== [ 81.422791] BUG: KMSAN: uninit-value in ip6_parse_tlv+0x884/0xc90 [ 81.429045] CPU: 0 PID: 6590 Comm: syz-executor.4 Tainted: G B 5.13.0-syzkaller #0 [ 81.438064] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 81.447435] Call Trace: [ 81.450024] dump_stack+0x1ff/0x280 [ 81.453678] kmsan_report+0xfb/0x1e0 [ 81.457414] __msan_warning+0x5c/0xa0 [ 81.461243] ip6_parse_tlv+0x884/0xc90 [ 81.465166] ipv6_destopt_rcv+0x5c4/0xdb0 [ 81.469338] ip6_protocol_deliver_rcu+0x18c3/0x23b0 [ 81.474386] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 81.479532] ip6_sublist_rcv_finish+0x4fd/0x780 [ 81.484223] ? ip6_input+0x340/0x340 [ 81.487947] ip6_sublist_rcv+0x12af/0x1320 [ 81.492191] ? local_bh_enable+0x40/0x40 [ 81.496260] ipv6_list_rcv+0x914/0x980 [ 81.500149] ? ip6_rcv_core+0x1ed0/0x1ed0 [ 81.504304] __netif_receive_skb_list_core+0xfd7/0x14c0 [ 81.509660] ? kmsan_get_metadata+0x11d/0x180 [ 81.514154] netif_receive_skb_list_internal+0xfd1/0x1680 [ 81.519692] ? __list_add_valid+0xb8/0x420 [ 81.523948] ? kmsan_get_metadata+0x11d/0x180 [ 81.528438] napi_gro_frags+0x14bc/0x23a0 [ 81.532594] tun_get_user+0x59f9/0x7420 [ 81.536598] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 81.542053] ? futex_wait_queue_me+0x621/0x6c0 [ 81.546648] ? kmsan_get_metadata+0x11d/0x180 [ 81.551135] tun_chr_write_iter+0x34e/0x400 [ 81.555551] ? tun_chr_read_iter+0x530/0x530 [ 81.559959] do_iter_readv_writev+0x867/0xaa0 [ 81.564455] ? tun_chr_read_iter+0x530/0x530 [ 81.568850] do_iter_write+0x2f2/0xe20 [ 81.573079] ? import_iovec+0x1d3/0x1f0 [ 81.577160] do_writev+0x4bf/0xb70 [ 81.580695] ? kmsan_get_metadata+0x11d/0x180 [ 81.585198] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 81.590309] ? kmsan_get_metadata+0x4f/0x180 [ 81.594726] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 81.599838] __x64_sys_writev+0xe5/0x120 [ 81.603910] do_syscall_64+0xcc/0x180 [ 81.607705] ? syscall_exit_to_user_mode+0x3a/0x220 [ 81.612726] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 81.617933] RIP: 0033:0x4601ed [ 81.621124] Code: 28 89 54 24 1c 48 89 74 24 10 89 7c 24 08 e8 0a 2b 02 00 8b 54 24 1c 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 14 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 33 44 89 c7 48 89 44 24 08 e8 3e 2b 02 00 48 [ 81.640027] RSP: 002b:00007fa8c79230a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000014 [ 81.648364] RAX: ffffffffffffffda RBX: 000000000052bf00 RCX: 00000000004601ed [ 81.655638] RDX: 0000000000000001 RSI: 00007fa8c7923110 RDI: 00000000000000f0 [ 81.662919] RBP: 0000000020000180 R08: 0000000000000000 R09: 0000000000000000 [ 81.670189] R10: 0000000000000049 R11: 0000000000000293 R12: 00000000ffffffff [ 81.677465] R13: 0000000000000003 R14: 000000000000004e R15: 00007fa8c79236bc [ 81.685025] [ 81.686776] Uninit was stored to memory at: [ 81.691524] kmsan_internal_chain_origin+0xad/0x130 [ 81.696561] kmsan_memcpy_memmove_metadata+0x25e/0x2d0 [ 81.701851] kmsan_memcpy_metadata+0xb/0x10 [ 81.706742] __msan_memcpy+0x46/0x60 [ 81.710462] pskb_expand_head+0x381/0x1ad0 [ 81.714697] inet_frag_reasm_prepare+0xa69/0x1440 [ 81.719556] nf_ct_frag6_gather+0x2815/0x3950 [ 81.724045] ipv6_defrag+0x538/0x650 [ 81.727750] nf_hook_slow_list+0x34f/0xaf0 [ 81.732070] ip6_sublist_rcv+0x1b2/0x1320 [ 81.736220] ipv6_list_rcv+0x914/0x980 [ 81.740533] __netif_receive_skb_list_core+0xfd7/0x14c0 [ 81.745900] netif_receive_skb_list_internal+0xfd1/0x1680 [ 81.751972] napi_gro_frags+0x14bc/0x23a0 [ 81.756128] tun_get_user+0x59f9/0x7420 [ 81.760127] tun_chr_write_iter+0x34e/0x400 [ 81.764466] do_iter_readv_writev+0x867/0xaa0 [ 81.768951] do_iter_write+0x2f2/0xe20 [ 81.772829] do_writev+0x4bf/0xb70 [ 81.776373] __x64_sys_writev+0xe5/0x120 [ 81.780424] do_syscall_64+0xcc/0x180 [ 81.784221] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 81.789399] [ 81.791023] Uninit was created at: [ 81.794554] kmsan_internal_poison_memory+0x66/0xd0 [ 81.799560] kmsan_slab_alloc+0x8e/0xe0 [ 81.803527] __kmalloc_node_track_caller+0xaf3/0x1520 [ 81.808726] __alloc_skb+0x438/0xd80 [ 81.812441] __napi_alloc_skb+0x34c/0xbc0 [ 81.816590] napi_get_frags+0xd1/0x2a0 [ 81.820497] tun_get_user+0x14b0/0x7420 [ 81.824456] tun_chr_write_iter+0x34e/0x400 [ 81.828859] do_iter_readv_writev+0x867/0xaa0 [ 81.833373] do_iter_write+0x2f2/0xe20 [ 81.837280] do_writev+0x4bf/0xb70 [ 81.840834] __x64_sys_writev+0xe5/0x120 [ 81.845022] do_syscall_64+0xcc/0x180 [ 81.848918] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 81.854171] ===================================================== [ 81.860650] ===================================================== [ 81.866877] BUG: KMSAN: uninit-value in ip6_parse_tlv+0xa12/0xc90 [ 81.873130] CPU: 0 PID: 6590 Comm: syz-executor.4 Tainted: G B 5.13.0-syzkaller #0 [ 81.882271] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 81.891631] Call Trace: [ 81.894217] dump_stack+0x1ff/0x280 [ 81.898111] kmsan_report+0xfb/0x1e0 [ 81.901846] __msan_warning+0x5c/0xa0 [ 81.905668] ip6_parse_tlv+0xa12/0xc90 [ 81.909584] ipv6_destopt_rcv+0x5c4/0xdb0 [ 81.913756] ip6_protocol_deliver_rcu+0x18c3/0x23b0 [ 81.918894] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 81.924024] ip6_sublist_rcv_finish+0x4fd/0x780 [ 81.928723] ? ip6_input+0x340/0x340 [ 81.932454] ip6_sublist_rcv+0x12af/0x1320 [ 81.936719] ? local_bh_enable+0x40/0x40 [ 81.940898] ipv6_list_rcv+0x914/0x980 [ 81.945127] ? ip6_rcv_core+0x1ed0/0x1ed0 [ 81.950046] __netif_receive_skb_list_core+0xfd7/0x14c0 [ 81.955546] ? kmsan_get_metadata+0x11d/0x180 [ 81.960207] netif_receive_skb_list_internal+0xfd1/0x1680 [ 81.965886] ? __list_add_valid+0xb8/0x420 [ 81.970553] ? kmsan_get_metadata+0x11d/0x180 [ 81.975052] napi_gro_frags+0x14bc/0x23a0 [ 81.979218] tun_get_user+0x59f9/0x7420 [ 81.983295] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 81.988741] ? futex_wait_queue_me+0x621/0x6c0 [ 81.993375] ? kmsan_get_metadata+0x11d/0x180 [ 81.997874] tun_chr_write_iter+0x34e/0x400 [ 82.002329] ? tun_chr_read_iter+0x530/0x530 [ 82.006752] do_iter_readv_writev+0x867/0xaa0 [ 82.011255] ? tun_chr_read_iter+0x530/0x530 [ 82.015659] do_iter_write+0x2f2/0xe20 [ 82.019556] ? import_iovec+0x1d3/0x1f0 [ 82.023562] do_writev+0x4bf/0xb70 [ 82.027127] ? kmsan_get_metadata+0x11d/0x180 [ 82.031631] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 82.036734] ? kmsan_get_metadata+0x4f/0x180 [ 82.041261] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 82.046470] __x64_sys_writev+0xe5/0x120 [ 82.050536] do_syscall_64+0xcc/0x180 [ 82.054353] ? syscall_exit_to_user_mode+0x3a/0x220 [ 82.059427] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 82.064617] RIP: 0033:0x4601ed [ 82.067810] Code: 28 89 54 24 1c 48 89 74 24 10 89 7c 24 08 e8 0a 2b 02 00 8b 54 24 1c 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 14 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 33 44 89 c7 48 89 44 24 08 e8 3e 2b 02 00 48 [ 82.086720] RSP: 002b:00007fa8c79230a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000014 [ 82.094789] RAX: ffffffffffffffda RBX: 000000000052bf00 RCX: 00000000004601ed [ 82.102053] RDX: 0000000000000001 RSI: 00007fa8c7923110 RDI: 00000000000000f0 [ 82.109344] RBP: 0000000020000180 R08: 0000000000000000 R09: 0000000000000000 [ 82.116608] R10: 0000000000000049 R11: 0000000000000293 R12: 00000000ffffffff [ 82.123880] R13: 0000000000000003 R14: 000000000000004e R15: 00007fa8c79236bc [ 82.131140] [ 82.132751] Uninit was stored to memory at: [ 82.137060] kmsan_internal_chain_origin+0xad/0x130 [ 82.142072] kmsan_memcpy_memmove_metadata+0x25e/0x2d0 [ 82.147360] kmsan_memcpy_metadata+0xb/0x10 [ 82.151684] __msan_memcpy+0x46/0x60 [ 82.155383] pskb_expand_head+0x381/0x1ad0 [ 82.159611] inet_frag_reasm_prepare+0xa69/0x1440 [ 82.164529] nf_ct_frag6_gather+0x2815/0x3950 [ 82.169039] ipv6_defrag+0x538/0x650 [ 82.172758] nf_hook_slow_list+0x34f/0xaf0 [ 82.177005] ip6_sublist_rcv+0x1b2/0x1320 [ 82.181158] ipv6_list_rcv+0x914/0x980 [ 82.185033] __netif_receive_skb_list_core+0xfd7/0x14c0 [ 82.190576] netif_receive_skb_list_internal+0xfd1/0x1680 [ 82.196110] napi_gro_frags+0x14bc/0x23a0 [ 82.200352] tun_get_user+0x59f9/0x7420 [ 82.204315] tun_chr_write_iter+0x34e/0x400 [ 82.208622] do_iter_readv_writev+0x867/0xaa0 [ 82.213109] do_iter_write+0x2f2/0xe20 [ 82.216996] do_writev+0x4bf/0xb70 [ 82.220546] __x64_sys_writev+0xe5/0x120 [ 82.224681] do_syscall_64+0xcc/0x180 [ 82.228485] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 82.233681] [ 82.235289] Uninit was created at: [ 82.238820] kmsan_internal_poison_memory+0x66/0xd0 [ 82.243845] kmsan_slab_alloc+0x8e/0xe0 [ 82.247811] __kmalloc_node_track_caller+0xaf3/0x1520 [ 82.252992] __alloc_skb+0x438/0xd80 [ 82.256710] __napi_alloc_skb+0x34c/0xbc0 [ 82.260855] napi_get_frags+0xd1/0x2a0 [ 82.264753] tun_get_user+0x14b0/0x7420 [ 82.268828] tun_chr_write_iter+0x34e/0x400 [ 82.273354] do_iter_readv_writev+0x867/0xaa0 [ 82.277844] do_iter_write+0x2f2/0xe20 [ 82.281720] do_writev+0x4bf/0xb70 [ 82.285267] __x64_sys_writev+0xe5/0x120 [ 82.289314] do_syscall_64+0xcc/0x180 [ 82.293108] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 82.298309] ===================================================== [ 82.304790] ===================================================== [ 82.311019] BUG: KMSAN: uninit-value in ip6_parse_tlv+0x85e/0xc90 [ 82.317273] CPU: 0 PID: 6590 Comm: syz-executor.4 Tainted: G B 5.13.0-syzkaller #0 [ 82.326294] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 82.335659] Call Trace: [ 82.338244] dump_stack+0x1ff/0x280 [ 82.341894] kmsan_report+0xfb/0x1e0 [ 82.345703] __msan_warning+0x5c/0xa0 [ 82.349530] ip6_parse_tlv+0x85e/0xc90 [ 82.353448] ipv6_destopt_rcv+0x5c4/0xdb0 [ 82.357626] ip6_protocol_deliver_rcu+0x18c3/0x23b0 [ 82.362671] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 82.367802] ip6_sublist_rcv_finish+0x4fd/0x780 [ 82.372496] ? ip6_input+0x340/0x340 [ 82.376227] ip6_sublist_rcv+0x12af/0x1320 [ 82.380480] ? local_bh_enable+0x40/0x40 [ 82.384564] ipv6_list_rcv+0x914/0x980 [ 82.388477] ? ip6_rcv_core+0x1ed0/0x1ed0 [ 82.392630] __netif_receive_skb_list_core+0xfd7/0x14c0 [ 82.398003] ? kmsan_get_metadata+0x11d/0x180 [ 82.402578] netif_receive_skb_list_internal+0xfd1/0x1680 [ 82.408124] ? __list_add_valid+0xb8/0x420 [ 82.412374] ? kmsan_get_metadata+0x11d/0x180 [ 82.416879] napi_gro_frags+0x14bc/0x23a0 [ 82.421039] tun_get_user+0x59f9/0x7420 [ 82.425003] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 82.430451] ? futex_wait_queue_me+0x621/0x6c0 [ 82.435047] ? kmsan_get_metadata+0x11d/0x180 [ 82.439643] tun_chr_write_iter+0x34e/0x400 [ 82.443958] ? tun_chr_read_iter+0x530/0x530 [ 82.448362] do_iter_readv_writev+0x867/0xaa0 [ 82.452868] ? tun_chr_read_iter+0x530/0x530 [ 82.457283] do_iter_write+0x2f2/0xe20 [ 82.461170] ? import_iovec+0x1d3/0x1f0 [ 82.465156] do_writev+0x4bf/0xb70 [ 82.468689] ? kmsan_get_metadata+0x11d/0x180 [ 82.473200] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 82.478317] ? kmsan_get_metadata+0x4f/0x180 [ 82.482718] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 82.487835] __x64_sys_writev+0xe5/0x120 [ 82.491902] do_syscall_64+0xcc/0x180 [ 82.495711] ? syscall_exit_to_user_mode+0x3a/0x220 [ 82.500761] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 82.505944] RIP: 0033:0x4601ed [ 82.509125] Code: 28 89 54 24 1c 48 89 74 24 10 89 7c 24 08 e8 0a 2b 02 00 8b 54 24 1c 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 14 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 33 44 89 c7 48 89 44 24 08 e8 3e 2b 02 00 48 [ 82.528021] RSP: 002b:00007fa8c79230a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000014 [ 82.535742] RAX: ffffffffffffffda RBX: 000000000052bf00 RCX: 00000000004601ed [ 82.543020] RDX: 0000000000000001 RSI: 00007fa8c7923110 RDI: 00000000000000f0 [ 82.550295] RBP: 0000000020000180 R08: 0000000000000000 R09: 0000000000000000 [ 82.557673] R10: 0000000000000049 R11: 0000000000000293 R12: 00000000ffffffff [ 82.564945] R13: 0000000000000003 R14: 000000000000004e R15: 00007fa8c79236bc [ 82.572218] [ 82.573835] Uninit was stored to memory at: [ 82.578133] kmsan_internal_chain_origin+0xad/0x130 [ 82.583141] kmsan_memcpy_memmove_metadata+0x25e/0x2d0 [ 82.588430] kmsan_memcpy_metadata+0xb/0x10 [ 82.592831] __msan_memcpy+0x46/0x60 [ 82.596554] pskb_expand_head+0x381/0x1ad0 [ 82.600817] inet_frag_reasm_prepare+0xa69/0x1440 [ 82.605825] nf_ct_frag6_gather+0x2815/0x3950 [ 82.610328] ipv6_defrag+0x538/0x650 [ 82.614043] nf_hook_slow_list+0x34f/0xaf0 [ 82.618279] ip6_sublist_rcv+0x1b2/0x1320 [ 82.622416] ipv6_list_rcv+0x914/0x980 [ 82.626296] __netif_receive_skb_list_core+0xfd7/0x14c0 [ 82.631668] netif_receive_skb_list_internal+0xfd1/0x1680 [ 82.637214] napi_gro_frags+0x14bc/0x23a0 [ 82.641492] tun_get_user+0x59f9/0x7420 [ 82.645467] tun_chr_write_iter+0x34e/0x400 [ 82.649815] do_iter_readv_writev+0x867/0xaa0 [ 82.654303] do_iter_write+0x2f2/0xe20 [ 82.658202] do_writev+0x4bf/0xb70 [ 82.661732] __x64_sys_writev+0xe5/0x120 [ 82.665781] do_syscall_64+0xcc/0x180 [ 82.669588] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 82.674771] [ 82.676397] Uninit was created at: [ 82.679921] kmsan_internal_poison_memory+0x66/0xd0 [ 82.685279] kmsan_slab_alloc+0x8e/0xe0 [ 82.689244] __kmalloc_node_track_caller+0xaf3/0x1520 [ 82.694431] __alloc_skb+0x438/0xd80 [ 82.698167] __napi_alloc_skb+0x34c/0xbc0 [ 82.702308] napi_get_frags+0xd1/0x2a0 [ 82.706195] tun_get_user+0x14b0/0x7420 [ 82.710174] tun_chr_write_iter+0x34e/0x400 [ 82.714664] do_iter_readv_writev+0x867/0xaa0 [ 82.720012] do_iter_write+0x2f2/0xe20 [ 82.723903] do_writev+0x4bf/0xb70 [ 82.727475] __x64_sys_writev+0xe5/0x120 [ 82.731526] do_syscall_64+0xcc/0x180 [ 82.735336] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 82.740519] ===================================================== [ 82.746895] ===================================================== [ 82.753303] BUG: KMSAN: uninit-value in ip6_parse_tlv+0x884/0xc90 [ 82.759559] CPU: 0 PID: 6590 Comm: syz-executor.4 Tainted: G B 5.13.0-syzkaller #0 [ 82.768584] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 82.778040] Call Trace: [ 82.780847] dump_stack+0x1ff/0x280 [ 82.784501] kmsan_report+0xfb/0x1e0 [ 82.788240] __msan_warning+0x5c/0xa0 [ 82.792056] ip6_parse_tlv+0x884/0xc90 [ 82.795976] ipv6_destopt_rcv+0x5c4/0xdb0 [ 82.800149] ip6_protocol_deliver_rcu+0x18c3/0x23b0 [ 82.805212] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 82.810432] ip6_sublist_rcv_finish+0x4fd/0x780 [ 82.815118] ? ip6_input+0x340/0x340 [ 82.818826] ip6_sublist_rcv+0x12af/0x1320 [ 82.823174] ? local_bh_enable+0x40/0x40 [ 82.827341] ipv6_list_rcv+0x914/0x980 [ 82.831371] ? ip6_rcv_core+0x1ed0/0x1ed0 [ 82.835532] __netif_receive_skb_list_core+0xfd7/0x14c0 [ 82.840890] ? kmsan_get_metadata+0x11d/0x180 [ 82.845396] netif_receive_skb_list_internal+0xfd1/0x1680 [ 82.850957] ? __list_add_valid+0xb8/0x420 [ 82.855192] ? kmsan_get_metadata+0x11d/0x180 [ 82.859788] napi_gro_frags+0x14bc/0x23a0 [ 82.863942] tun_get_user+0x59f9/0x7420 [ 82.867933] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 82.873421] ? futex_wait_queue_me+0x621/0x6c0 [ 82.878020] ? kmsan_get_metadata+0x11d/0x180 [ 82.883051] tun_chr_write_iter+0x34e/0x400 [ 82.887385] ? tun_chr_read_iter+0x530/0x530 [ 82.891799] do_iter_readv_writev+0x867/0xaa0 [ 82.896308] ? tun_chr_read_iter+0x530/0x530 [ 82.900723] do_iter_write+0x2f2/0xe20 [ 82.904602] ? import_iovec+0x1d3/0x1f0 [ 82.908576] do_writev+0x4bf/0xb70 [ 82.912118] ? kmsan_get_metadata+0x11d/0x180 [ 82.916624] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 82.921845] ? kmsan_get_metadata+0x4f/0x180 [ 82.926247] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 82.931365] __x64_sys_writev+0xe5/0x120 [ 82.935434] do_syscall_64+0xcc/0x180 [ 82.939233] ? syscall_exit_to_user_mode+0x3a/0x220 [ 82.944270] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 82.949473] RIP: 0033:0x4601ed [ 82.952654] Code: 28 89 54 24 1c 48 89 74 24 10 89 7c 24 08 e8 0a 2b 02 00 8b 54 24 1c 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 14 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 33 44 89 c7 48 89 44 24 08 e8 3e 2b 02 00 48 [ 82.971565] RSP: 002b:00007fa8c79230a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000014 [ 82.979364] RAX: ffffffffffffffda RBX: 000000000052bf00 RCX: 00000000004601ed [ 82.986670] RDX: 0000000000000001 RSI: 00007fa8c7923110 RDI: 00000000000000f0 [ 82.993949] RBP: 0000000020000180 R08: 0000000000000000 R09: 0000000000000000 [ 83.001212] R10: 0000000000000049 R11: 0000000000000293 R12: 00000000ffffffff [ 83.008471] R13: 0000000000000003 R14: 000000000000004e R15: 00007fa8c79236bc [ 83.015759] [ 83.017399] Uninit was stored to memory at: [ 83.021701] kmsan_internal_chain_origin+0xad/0x130 [ 83.026745] kmsan_memcpy_memmove_metadata+0x25e/0x2d0 [ 83.032024] kmsan_memcpy_metadata+0xb/0x10 [ 83.036358] __msan_memcpy+0x46/0x60 [ 83.040061] pskb_expand_head+0x381/0x1ad0 [ 83.044290] inet_frag_reasm_prepare+0xa69/0x1440 [ 83.049155] nf_ct_frag6_gather+0x2815/0x3950 [ 83.053656] ipv6_defrag+0x538/0x650 [ 83.057384] nf_hook_slow_list+0x34f/0xaf0 [ 83.061617] ip6_sublist_rcv+0x1b2/0x1320 [ 83.065798] ipv6_list_rcv+0x914/0x980 [ 83.069735] __netif_receive_skb_list_core+0xfd7/0x14c0 [ 83.075120] netif_receive_skb_list_internal+0xfd1/0x1680 [ 83.080655] napi_gro_frags+0x14bc/0x23a0 [ 83.084815] tun_get_user+0x59f9/0x7420 [ 83.088801] tun_chr_write_iter+0x34e/0x400 [ 83.093118] do_iter_readv_writev+0x867/0xaa0 [ 83.097628] do_iter_write+0x2f2/0xe20 [ 83.101512] do_writev+0x4bf/0xb70 [ 83.105148] __x64_sys_writev+0xe5/0x120 [ 83.109217] do_syscall_64+0xcc/0x180 [ 83.113023] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 83.118228] [ 83.119834] Uninit was created at: [ 83.123371] kmsan_internal_poison_memory+0x66/0xd0 [ 83.128381] kmsan_slab_alloc+0x8e/0xe0 [ 83.132350] __kmalloc_node_track_caller+0xaf3/0x1520 [ 83.137570] __alloc_skb+0x438/0xd80 [ 83.141273] __napi_alloc_skb+0x34c/0xbc0 [ 83.145420] napi_get_frags+0xd1/0x2a0 [ 83.149332] tun_get_user+0x14b0/0x7420 [ 83.153316] tun_chr_write_iter+0x34e/0x400 [ 83.157625] do_iter_readv_writev+0x867/0xaa0 [ 83.162114] do_iter_write+0x2f2/0xe20 [ 83.166024] do_writev+0x4bf/0xb70 [ 83.169765] __x64_sys_writev+0xe5/0x120 [ 83.173815] do_syscall_64+0xcc/0x180 [ 83.177605] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 83.182788] ===================================================== [ 83.189229] ===================================================== [ 83.195456] BUG: KMSAN: uninit-value in ip6_parse_tlv+0xa12/0xc90 [ 83.201707] CPU: 0 PID: 6590 Comm: syz-executor.4 Tainted: G B 5.13.0-syzkaller #0 [ 83.210732] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 83.220446] Call Trace: [ 83.223032] dump_stack+0x1ff/0x280 [ 83.226685] kmsan_report+0xfb/0x1e0 [ 83.230416] __msan_warning+0x5c/0xa0 [ 83.234231] ip6_parse_tlv+0xa12/0xc90 [ 83.238145] ipv6_destopt_rcv+0x5c4/0xdb0 [ 83.242317] ip6_protocol_deliver_rcu+0x18c3/0x23b0 [ 83.247354] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 83.252495] ip6_sublist_rcv_finish+0x4fd/0x780 [ 83.257189] ? ip6_input+0x340/0x340 [ 83.260926] ip6_sublist_rcv+0x12af/0x1320 [ 83.265193] ? local_bh_enable+0x40/0x40 [ 83.269259] ipv6_list_rcv+0x914/0x980 [ 83.273160] ? ip6_rcv_core+0x1ed0/0x1ed0 [ 83.277733] __netif_receive_skb_list_core+0xfd7/0x14c0 [ 83.283099] ? kmsan_get_metadata+0x11d/0x180 [ 83.287655] netif_receive_skb_list_internal+0xfd1/0x1680 [ 83.293223] ? __list_add_valid+0xb8/0x420 [ 83.297463] ? kmsan_get_metadata+0x11d/0x180 [ 83.301952] napi_gro_frags+0x14bc/0x23a0 [ 83.306104] tun_get_user+0x59f9/0x7420 [ 83.310079] ? __msan_metadata_ptr_for_store_8+0x13/0x20 [ 83.315539] ? futex_wait_queue_me+0x621/0x6c0 [ 83.320118] ? kmsan_get_metadata+0x11d/0x180 [ 83.324695] tun_chr_write_iter+0x34e/0x400 [ 83.329121] ? tun_chr_read_iter+0x530/0x530 [ 83.333542] do_iter_readv_writev+0x867/0xaa0 [ 83.338056] ? tun_chr_read_iter+0x530/0x530 [ 83.342475] do_iter_write+0x2f2/0xe20 [ 83.346367] ? import_iovec+0x1d3/0x1f0 [ 83.350399] do_writev+0x4bf/0xb70 [ 83.353937] ? kmsan_get_metadata+0x11d/0x180 [ 83.358426] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 83.363639] ? kmsan_get_metadata+0x4f/0x180 [ 83.368042] ? kmsan_get_shadow_origin_ptr+0x84/0xb0 [ 83.373138] __x64_sys_writev+0xe5/0x120 [ 83.377197] do_syscall_64+0xcc/0x180 [ 83.381011] ? syscall_exit_to_user_mode+0x3a/0x220 [ 83.386026] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 83.391323] RIP: 0033:0x4601ed [ 83.394536] Code: 28 89 54 24 1c 48 89 74 24 10 89 7c 24 08 e8 0a 2b 02 00 8b 54 24 1c 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 14 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 33 44 89 c7 48 89 44 24 08 e8 3e 2b 02 00 48 [ 83.413451] RSP: 002b:00007fa8c79230a0 EFLAGS: 00000293 ORIG_RAX: 0000000000000014 [ 83.421213] RAX: ffffffffffffffda RBX: 000000000052bf00 RCX: 00000000004601ed [ 83.428473] RDX: 0000000000000001 RSI: 00007fa8c7923110 RDI: 00000000000000f0 [ 83.435733] RBP: 0000000020000180 R08: 0000000000000000 R09: 0000000000000000 [ 83.442994] R10: 0000000000000049 R11: 0000000000000293 R12: 00000000ffffffff [ 83.450292] R13: 0000000000000003 R14: 000000000000004e R15: 00007fa8c79236bc [ 83.457555] [ 83.459184] Uninit was stored to memory at: [ 83.463491] kmsan_internal_chain_origin+0xad/0x130 [ 83.468513] kmsan_memcpy_memmove_metadata+0x25e/0x2d0 [ 83.473795] kmsan_memcpy_metadata+0xb/0x10 [ 83.478130] __msan_memcpy+0x46/0x60 [ 83.481864] pskb_expand_head+0x381/0x1ad0 [ 83.486088] inet_frag_reasm_prepare+0xa69/0x1440 [ 83.490941] nf_ct_frag6_gather+0x2815/0x3950 [ 83.495423] ipv6_defrag+0x538/0x650 [ 83.499138] nf_hook_slow_list+0x34f/0xaf0 [ 83.503388] ip6_sublist_rcv+0x1b2/0x1320 [ 83.507524] ipv6_list_rcv+0x914/0x980 [ 83.511522] __netif_receive_skb_list_core+0xfd7/0x14c0 [ 83.516887] netif_receive_skb_list_internal+0xfd1/0x1680 [ 83.522458] napi_gro_frags+0x14bc/0x23a0 [ 83.526622] tun_get_user+0x59f9/0x7420 [ 83.530604] tun_chr_write_iter+0x34e/0x400 [ 83.535065] do_iter_readv_writev+0x867/0xaa0 [ 83.539641] do_iter_write+0x2f2/0xe20 [ 83.543526] do_writev+0x4bf/0xb70 [ 83.547161] __x64_sys_writev+0xe5/0x120 [ 83.551210] do_syscall_64+0xcc/0x180 [ 83.555007] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 83.560250] [ 83.561867] Uninit was created at: [ 83.565450] kmsan_internal_poison_memory+0x66/0xd0 [ 83.570487] kmsan_slab_alloc+0x8e/0xe0 [ 83.574451] __kmalloc_node_track_caller+0xaf3/0x1520 [ 83.579635] __alloc_skb+0x438/0xd80 [ 83.583376] __napi_alloc_skb+0x34c/0xbc0 [ 83.587528] napi_get_frags+0xd1/0x2a0 [ 83.591431] tun_get_user+0x14b0/0x7420 [ 83.595394] tun_chr_write_iter+0x34e/0x400 [ 83.599702] do_iter_readv_writev+0x867/0xaa0 [ 83.604185] do_iter_write+0x2f2/0xe20 [ 83.608061] do_writev+0x4bf/0xb70 [ 83.611589] __x64_sys_writev+0xe5/0x120 [ 83.615644] do_syscall_64+0xcc/0x180 [ 83.619452] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 83.624648] ===================================================== [ 83.632756] clocksource: timekeeping watchdog on CPU0: Marking clocksource 'tsc' as unstable because the skew is too large: [ 83.644197] clocksource: 'acpi_pm' wd_now: c7b2c0 wd_last: ba454b mask: ffffff [ 83.653709] clocksource: 'tsc' cs_now: 2f5c4fc624 cs_last: 2a35a83a4e mask: ffffffffffffffff [ 83.664433] tsc: Marking TSC unstable due to clocksource watchdog 2021/07/25 13:54:31 executed programs: 77 [ 83.708032] TSC found unstable after boot, most likely due to broken BIOS. Use 'tsc=unstable'. [ 83.717058] sched_clock: Marking unstable (83776014139, -68104911)<-(83722218111, -14191074) [ 83.744368] clocksource: Switched to clocksource acpi_pm