===================================================== BUG: KMSAN: uninit-value in nf_reject_ip6_tcphdr_put+0x688/0x6c0 net/ipv6/netfilter/nf_reject_ipv6.c:255 nf_reject_ip6_tcphdr_put+0x688/0x6c0 net/ipv6/netfilter/nf_reject_ipv6.c:255 nf_send_reset6+0xd84/0x15b0 net/ipv6/netfilter/nf_reject_ipv6.c:344 nft_reject_inet_eval+0x3c1/0x880 net/netfilter/nft_reject_inet.c:48 expr_call_ops_eval net/netfilter/nf_tables_core.c:240 [inline] nft_do_chain+0x426/0x2290 net/netfilter/nf_tables_core.c:288 nft_do_chain_inet+0x41a/0x4f0 net/netfilter/nft_chain_filter.c:161 nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline] nf_hook_slow+0xf4/0x400 net/netfilter/core.c:626 nf_hook include/linux/netfilter.h:269 [inline] NF_HOOK include/linux/netfilter.h:312 [inline] ip6_xmit+0x2488/0x25d0 net/ipv6/ip6_output.c:366 tcp_v6_send_synack+0xa7c/0xeb0 net/ipv6/tcp_ipv6.c:565 tcp_conn_request+0x3cb6/0x4b00 net/ipv4/tcp_input.c:7301 tcp_v6_conn_request+0x2f5/0x3d0 net/ipv6/tcp_ipv6.c:1325 tcp_rcv_state_process+0x2f1/0x4c10 net/ipv4/tcp_input.c:6723 tcp_v6_do_rcv+0xc9b/0x1c30 net/ipv6/tcp_ipv6.c:1666 tcp_v6_rcv+0x43f1/0x4fa0 net/ipv6/tcp_ipv6.c:1903 ip6_protocol_deliver_rcu+0x1ad5/0x2cb0 net/ipv6/ip6_input.c:436 ip6_input_finish net/ipv6/ip6_input.c:481 [inline] NF_HOOK include/linux/netfilter.h:314 [inline] ip6_input+0x161/0x430 net/ipv6/ip6_input.c:490 dst_input include/net/dst.h:460 [inline] ip6_rcv_finish+0x617/0x970 net/ipv6/ip6_input.c:79 NF_HOOK include/linux/netfilter.h:314 [inline] ipv6_rcv+0xde/0x390 net/ipv6/ip6_input.c:309 __netif_receive_skb_one_core net/core/dev.c:5662 [inline] __netif_receive_skb+0x1da/0xa00 net/core/dev.c:5775 netif_receive_skb_internal net/core/dev.c:5861 [inline] netif_receive_skb+0x58/0x660 net/core/dev.c:5920 tun_rx_batched+0x3ee/0x980 drivers/net/tun.c:1550 tun_get_user+0x5783/0x6c60 drivers/net/tun.c:2007 tun_chr_write_iter+0x3ac/0x5d0 drivers/net/tun.c:2053 new_sync_write fs/read_write.c:590 [inline] vfs_write+0xb28/0x1540 fs/read_write.c:683 ksys_write+0x20f/0x4c0 fs/read_write.c:736 __do_sys_write fs/read_write.c:748 [inline] __se_sys_write fs/read_write.c:745 [inline] __x64_sys_write+0x93/0xe0 fs/read_write.c:745 x64_sys_call+0x306a/0x3ba0 arch/x86/include/generated/asm/syscalls_64.h:2 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f Uninit was stored to memory at: nf_reject_ip6_tcphdr_put+0x60c/0x6c0 net/ipv6/netfilter/nf_reject_ipv6.c:249 nf_send_reset6+0xd84/0x15b0 net/ipv6/netfilter/nf_reject_ipv6.c:344 nft_reject_inet_eval+0x3c1/0x880 net/netfilter/nft_reject_inet.c:48 expr_call_ops_eval net/netfilter/nf_tables_core.c:240 [inline] nft_do_chain+0x426/0x2290 net/netfilter/nf_tables_core.c:288 nft_do_chain_inet+0x41a/0x4f0 net/netfilter/nft_chain_filter.c:161 nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline] nf_hook_slow+0xf4/0x400 net/netfilter/core.c:626 nf_hook include/linux/netfilter.h:269 [inline] NF_HOOK include/linux/netfilter.h:312 [inline] ip6_xmit+0x2488/0x25d0 net/ipv6/ip6_output.c:366 tcp_v6_send_synack+0xa7c/0xeb0 net/ipv6/tcp_ipv6.c:565 tcp_conn_request+0x3cb6/0x4b00 net/ipv4/tcp_input.c:7301 tcp_v6_conn_request+0x2f5/0x3d0 net/ipv6/tcp_ipv6.c:1325 tcp_rcv_state_process+0x2f1/0x4c10 net/ipv4/tcp_input.c:6723 tcp_v6_do_rcv+0xc9b/0x1c30 net/ipv6/tcp_ipv6.c:1666 tcp_v6_rcv+0x43f1/0x4fa0 net/ipv6/tcp_ipv6.c:1903 ip6_protocol_deliver_rcu+0x1ad5/0x2cb0 net/ipv6/ip6_input.c:436 ip6_input_finish net/ipv6/ip6_input.c:481 [inline] NF_HOOK include/linux/netfilter.h:314 [inline] ip6_input+0x161/0x430 net/ipv6/ip6_input.c:490 dst_input include/net/dst.h:460 [inline] ip6_rcv_finish+0x617/0x970 net/ipv6/ip6_input.c:79 NF_HOOK include/linux/netfilter.h:314 [inline] ipv6_rcv+0xde/0x390 net/ipv6/ip6_input.c:309 __netif_receive_skb_one_core net/core/dev.c:5662 [inline] __netif_receive_skb+0x1da/0xa00 net/core/dev.c:5775 netif_receive_skb_internal net/core/dev.c:5861 [inline] netif_receive_skb+0x58/0x660 net/core/dev.c:5920 tun_rx_batched+0x3ee/0x980 drivers/net/tun.c:1550 tun_get_user+0x5783/0x6c60 drivers/net/tun.c:2007 tun_chr_write_iter+0x3ac/0x5d0 drivers/net/tun.c:2053 new_sync_write fs/read_write.c:590 [inline] vfs_write+0xb28/0x1540 fs/read_write.c:683 ksys_write+0x20f/0x4c0 fs/read_write.c:736 __do_sys_write fs/read_write.c:748 [inline] __se_sys_write fs/read_write.c:745 [inline] __x64_sys_write+0x93/0xe0 fs/read_write.c:745 x64_sys_call+0x306a/0x3ba0 arch/x86/include/generated/asm/syscalls_64.h:2 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f Uninit was stored to memory at: nf_reject_ip6_tcphdr_put+0x2ca/0x6c0 net/ipv6/netfilter/nf_reject_ipv6.c:231 nf_send_reset6+0xd84/0x15b0 net/ipv6/netfilter/nf_reject_ipv6.c:344 nft_reject_inet_eval+0x3c1/0x880 net/netfilter/nft_reject_inet.c:48 expr_call_ops_eval net/netfilter/nf_tables_core.c:240 [inline] nft_do_chain+0x426/0x2290 net/netfilter/nf_tables_core.c:288 nft_do_chain_inet+0x41a/0x4f0 net/netfilter/nft_chain_filter.c:161 nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline] nf_hook_slow+0xf4/0x400 net/netfilter/core.c:626 nf_hook include/linux/netfilter.h:269 [inline] NF_HOOK include/linux/netfilter.h:312 [inline] ip6_xmit+0x2488/0x25d0 net/ipv6/ip6_output.c:366 tcp_v6_send_synack+0xa7c/0xeb0 net/ipv6/tcp_ipv6.c:565 tcp_conn_request+0x3cb6/0x4b00 net/ipv4/tcp_input.c:7301 tcp_v6_conn_request+0x2f5/0x3d0 net/ipv6/tcp_ipv6.c:1325 tcp_rcv_state_process+0x2f1/0x4c10 net/ipv4/tcp_input.c:6723 tcp_v6_do_rcv+0xc9b/0x1c30 net/ipv6/tcp_ipv6.c:1666 tcp_v6_rcv+0x43f1/0x4fa0 net/ipv6/tcp_ipv6.c:1903 ip6_protocol_deliver_rcu+0x1ad5/0x2cb0 net/ipv6/ip6_input.c:436 ip6_input_finish net/ipv6/ip6_input.c:481 [inline] NF_HOOK include/linux/netfilter.h:314 [inline] ip6_input+0x161/0x430 net/ipv6/ip6_input.c:490 dst_input include/net/dst.h:460 [inline] ip6_rcv_finish+0x617/0x970 net/ipv6/ip6_input.c:79 NF_HOOK include/linux/netfilter.h:314 [inline] ipv6_rcv+0xde/0x390 net/ipv6/ip6_input.c:309 __netif_receive_skb_one_core net/core/dev.c:5662 [inline] __netif_receive_skb+0x1da/0xa00 net/core/dev.c:5775 netif_receive_skb_internal net/core/dev.c:5861 [inline] netif_receive_skb+0x58/0x660 net/core/dev.c:5920 tun_rx_batched+0x3ee/0x980 drivers/net/tun.c:1550 tun_get_user+0x5783/0x6c60 drivers/net/tun.c:2007 tun_chr_write_iter+0x3ac/0x5d0 drivers/net/tun.c:2053 new_sync_write fs/read_write.c:590 [inline] vfs_write+0xb28/0x1540 fs/read_write.c:683 ksys_write+0x20f/0x4c0 fs/read_write.c:736 __do_sys_write fs/read_write.c:748 [inline] __se_sys_write fs/read_write.c:745 [inline] __x64_sys_write+0x93/0xe0 fs/read_write.c:745 x64_sys_call+0x306a/0x3ba0 arch/x86/include/generated/asm/syscalls_64.h:2 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f Uninit was created at: slab_post_alloc_hook mm/slub.c:4092 [inline] slab_alloc_node mm/slub.c:4135 [inline] kmem_cache_alloc_node_noprof+0x6bf/0xb80 mm/slub.c:4187 kmalloc_reserve+0x13d/0x4a0 net/core/skbuff.c:587 __alloc_skb+0x363/0x7b0 net/core/skbuff.c:678 alloc_skb include/linux/skbuff.h:1322 [inline] nf_send_reset6+0x98d/0x15b0 net/ipv6/netfilter/nf_reject_ipv6.c:327 nft_reject_inet_eval+0x3c1/0x880 net/netfilter/nft_reject_inet.c:48 expr_call_ops_eval net/netfilter/nf_tables_core.c:240 [inline] nft_do_chain+0x426/0x2290 net/netfilter/nf_tables_core.c:288 nft_do_chain_inet+0x41a/0x4f0 net/netfilter/nft_chain_filter.c:161 nf_hook_entry_hookfn include/linux/netfilter.h:154 [inline] nf_hook_slow+0xf4/0x400 net/netfilter/core.c:626 nf_hook include/linux/netfilter.h:269 [inline] NF_HOOK include/linux/netfilter.h:312 [inline] ip6_xmit+0x2488/0x25d0 net/ipv6/ip6_output.c:366 tcp_v6_send_synack+0xa7c/0xeb0 net/ipv6/tcp_ipv6.c:565 tcp_conn_request+0x3cb6/0x4b00 net/ipv4/tcp_input.c:7301 tcp_v6_conn_request+0x2f5/0x3d0 net/ipv6/tcp_ipv6.c:1325 tcp_rcv_state_process+0x2f1/0x4c10 net/ipv4/tcp_input.c:6723 tcp_v6_do_rcv+0xc9b/0x1c30 net/ipv6/tcp_ipv6.c:1666 tcp_v6_rcv+0x43f1/0x4fa0 net/ipv6/tcp_ipv6.c:1903 ip6_protocol_deliver_rcu+0x1ad5/0x2cb0 net/ipv6/ip6_input.c:436 ip6_input_finish net/ipv6/ip6_input.c:481 [inline] NF_HOOK include/linux/netfilter.h:314 [inline] ip6_input+0x161/0x430 net/ipv6/ip6_input.c:490 dst_input include/net/dst.h:460 [inline] ip6_rcv_finish+0x617/0x970 net/ipv6/ip6_input.c:79 NF_HOOK include/linux/netfilter.h:314 [inline] ipv6_rcv+0xde/0x390 net/ipv6/ip6_input.c:309 __netif_receive_skb_one_core net/core/dev.c:5662 [inline] __netif_receive_skb+0x1da/0xa00 net/core/dev.c:5775 netif_receive_skb_internal net/core/dev.c:5861 [inline] netif_receive_skb+0x58/0x660 net/core/dev.c:5920 tun_rx_batched+0x3ee/0x980 drivers/net/tun.c:1550 tun_get_user+0x5783/0x6c60 drivers/net/tun.c:2007 tun_chr_write_iter+0x3ac/0x5d0 drivers/net/tun.c:2053 new_sync_write fs/read_write.c:590 [inline] vfs_write+0xb28/0x1540 fs/read_write.c:683 ksys_write+0x20f/0x4c0 fs/read_write.c:736 __do_sys_write fs/read_write.c:748 [inline] __se_sys_write fs/read_write.c:745 [inline] __x64_sys_write+0x93/0xe0 fs/read_write.c:745 x64_sys_call+0x306a/0x3ba0 arch/x86/include/generated/asm/syscalls_64.h:2 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f CPU: 1 UID: 0 PID: 26821 Comm: syz.4.5547 Tainted: G W 6.11.0-syzkaller-08829-gaf9c191ac2a0 #0 Tainted: [W]=WARN Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024 =====================================================