===================================================== BUG: KMSAN: uninit-value in __arch_swab32 arch/x86/include/uapi/asm/swab.h:10 [inline] BUG: KMSAN: uninit-value in __fswab32 include/uapi/linux/swab.h:60 [inline] BUG: KMSAN: uninit-value in __swab32p include/uapi/linux/swab.h:189 [inline] BUG: KMSAN: uninit-value in __be32_to_cpup include/uapi/linux/byteorder/little_endian.h:82 [inline] BUG: KMSAN: uninit-value in get_unaligned_be32 include/linux/unaligned/access_ok.h:30 [inline] BUG: KMSAN: uninit-value in ____bpf_skb_load_helper_32 net/core/filter.c:272 [inline] BUG: KMSAN: uninit-value in bpf_skb_load_helper_32+0x1fc/0x360 net/core/filter.c:258 CPU: 0 PID: 15828 Comm: syz-executor.3 Not tainted 5.9.0-rc4-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x21c/0x280 lib/dump_stack.c:118 kmsan_report+0xf7/0x1e0 mm/kmsan/kmsan_report.c:122 __msan_warning+0x58/0xa0 mm/kmsan/kmsan_instr.c:219 __arch_swab32 arch/x86/include/uapi/asm/swab.h:10 [inline] __fswab32 include/uapi/linux/swab.h:60 [inline] __swab32p include/uapi/linux/swab.h:189 [inline] __be32_to_cpup include/uapi/linux/byteorder/little_endian.h:82 [inline] get_unaligned_be32 include/linux/unaligned/access_ok.h:30 [inline] ____bpf_skb_load_helper_32 net/core/filter.c:272 [inline] bpf_skb_load_helper_32+0x1fc/0x360 net/core/filter.c:258 ___bpf_prog_run+0x4498/0x98e0 kernel/bpf/core.c:1516 __bpf_prog_run32+0x12e/0x190 kernel/bpf/core.c:1692 bpf_dispatcher_nop_func include/linux/bpf.h:586 [inline] bpf_prog_run_pin_on_cpu include/linux/filter.h:597 [inline] bpf_prog_run_clear_cb include/linux/filter.h:719 [inline] run_filter net/packet/af_packet.c:2014 [inline] packet_rcv+0x770/0x2360 net/packet/af_packet.c:2087 deliver_skb net/core/dev.c:2253 [inline] dev_queue_xmit_nit+0x92b/0x1380 net/core/dev.c:2323 xmit_one+0x13d/0x750 net/core/dev.c:3557 dev_hard_start_xmit net/core/dev.c:3577 [inline] __dev_queue_xmit+0x3aad/0x4470 net/core/dev.c:4136 dev_queue_xmit+0x4b/0x60 net/core/dev.c:4169 can_send+0xaf9/0xfb0 net/can/af_can.c:277 j1939_send_one+0x565/0x670 net/can/j1939/main.c:340 j1939_xtp_do_tx_ctl net/can/j1939/transport.c:645 [inline] j1939_tp_tx_ctl net/can/j1939/transport.c:653 [inline] j1939_session_tx_rts net/can/j1939/transport.c:721 [inline] j1939_xtp_txnext_transmiter net/can/j1939/transport.c:853 [inline] j1939_tp_txtimer+0x4928/0x7960 net/can/j1939/transport.c:1116 __run_hrtimer+0x7cd/0xf00 kernel/time/hrtimer.c:1524 __hrtimer_run_queues kernel/time/hrtimer.c:1588 [inline] hrtimer_run_softirq+0x3bf/0x690 kernel/time/hrtimer.c:1605 __do_softirq+0x2ea/0x7f5 kernel/softirq.c:299 asm_call_on_stack+0xf/0x20 arch/x86/entry/entry_64.S:706 __run_on_irqstack arch/x86/include/asm/irq_stack.h:23 [inline] run_on_irqstack_cond arch/x86/include/asm/irq_stack.h:50 [inline] do_softirq_own_stack+0x7c/0xa0 arch/x86/kernel/irq_64.c:77 invoke_softirq kernel/softirq.c:396 [inline] __irq_exit_rcu+0x226/0x270 kernel/softirq.c:426 irq_exit_rcu+0xe/0x10 kernel/softirq.c:438 sysvec_apic_timer_interrupt+0x118/0x140 arch/x86/kernel/apic/apic.c:1091 asm_sysvec_apic_timer_interrupt+0x12/0x20 arch/x86/include/asm/idtentry.h:599 RIP: 0010:kmsan_slab_alloc+0xb4/0xe0 mm/kmsan/kmsan_hooks.c:83 Code: eb 0a ba 01 00 00 00 e8 1a ed ff ff be ff ff ff ff 65 0f c1 35 3d 44 ca 7d ff ce 75 1c e8 94 65 13 ff 4c 89 65 d8 ff 75 d8 9d <48> 83 c4 10 5b 41 5c 41 5e 41 5f 5d c3 0f 0b 48 c7 c7 a4 36 02 92 RSP: 0018:ffff8881031d3510 EFLAGS: 00000246 RAX: af56ab2c53ea0f00 RBX: ffff88810c191700 RCX: 0000000000000039 RDX: 0000000000000038 RSI: 0000000000000000 RDI: ffff88810c191700 RBP: ffff8881031d3540 R08: ffffea000000000f R09: ffff88812fffa000 R10: 000000000000000e R11: ffffffff914007f5 R12: 0000000000000246 R13: 0000000000000000 R14: 0000000000000cc0 R15: ffff88812d40a000 slab_alloc_node mm/slub.c:2907 [inline] kmem_cache_alloc_node+0x8fb/0xdf0 mm/slub.c:2944 __alloc_skb+0x23b/0xb30 net/core/skbuff.c:198 alloc_skb include/linux/skbuff.h:1094 [inline] alloc_skb_with_frags+0x1f2/0xc10 net/core/skbuff.c:5771 sock_alloc_send_pskb+0xc83/0xe50 net/core/sock.c:2348 sock_alloc_send_skb+0xca/0xe0 net/core/sock.c:2365 j1939_sk_alloc_skb net/can/j1939/socket.c:857 [inline] j1939_sk_send_loop net/can/j1939/socket.c:1039 [inline] j1939_sk_sendmsg+0xe11/0x2950 net/can/j1939/socket.c:1174 sock_sendmsg_nosec net/socket.c:651 [inline] sock_sendmsg net/socket.c:671 [inline] ____sys_sendmsg+0xc82/0x1240 net/socket.c:2353 ___sys_sendmsg net/socket.c:2407 [inline] __sys_sendmsg+0x6d1/0x820 net/socket.c:2440 __do_sys_sendmsg net/socket.c:2449 [inline] __se_sys_sendmsg+0x97/0xb0 net/socket.c:2447 __x64_sys_sendmsg+0x4a/0x70 net/socket.c:2447 do_syscall_64+0x9f/0x140 arch/x86/entry/common.c:48 entry_SYSCALL_64_after_hwframe+0x44/0xa9 RIP: 0033:0x45e179 Code: 3d b2 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 0b b2 fb ff c3 66 2e 0f 1f 84 00 00 00 00 RSP: 002b:00007f8820103c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e RAX: ffffffffffffffda RBX: 000000000002d080 RCX: 000000000045e179 RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000004 RBP: 000000000118cf80 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 000000000118cf4c R13: 000000000169fb6f R14: 00007f88201049c0 R15: 000000000118cf4c Uninit was created at: kmsan_save_stack_with_flags mm/kmsan/kmsan.c:143 [inline] kmsan_internal_poison_shadow+0x66/0xd0 mm/kmsan/kmsan.c:126 kmsan_slab_alloc+0x8a/0xe0 mm/kmsan/kmsan_hooks.c:80 slab_alloc_node mm/slub.c:2907 [inline] __kmalloc_node_track_caller+0x9aa/0x12f0 mm/slub.c:4511 __kmalloc_reserve net/core/skbuff.c:142 [inline] __alloc_skb+0x35f/0xb30 net/core/skbuff.c:210 alloc_skb include/linux/skbuff.h:1094 [inline] j1939_tp_tx_dat_new net/can/j1939/transport.c:575 [inline] j1939_xtp_do_tx_ctl net/can/j1939/transport.c:635 [inline] j1939_tp_tx_ctl net/can/j1939/transport.c:653 [inline] j1939_session_tx_rts net/can/j1939/transport.c:721 [inline] j1939_xtp_txnext_transmiter net/can/j1939/transport.c:853 [inline] j1939_tp_txtimer+0x4427/0x7960 net/can/j1939/transport.c:1116 __run_hrtimer+0x7cd/0xf00 kernel/time/hrtimer.c:1524 __hrtimer_run_queues kernel/time/hrtimer.c:1588 [inline] hrtimer_run_softirq+0x3bf/0x690 kernel/time/hrtimer.c:1605 __do_softirq+0x2ea/0x7f5 kernel/softirq.c:299 =====================================================