================================================================== BUG: KMSAN: uninit-value in __list_del_entry_valid+0x2cd/0x410 lib/list_debug.c:51 CPU: 0 PID: 17395 Comm: syz-executor.3 Not tainted 5.0.0+ #16 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x173/0x1d0 lib/dump_stack.c:113 kmsan_report+0x131/0x2a0 mm/kmsan/kmsan.c:636 __msan_warning+0x7a/0xf0 mm/kmsan/kmsan_instr.c:310 __list_del_entry_valid+0x2cd/0x410 lib/list_debug.c:51 __list_del_entry include/linux/list.h:117 [inline] list_del include/linux/list.h:125 [inline] cma_cancel_listens+0x6a/0x7a0 drivers/infiniband/core/cma.c:1722 cma_cancel_operation drivers/infiniband/core/cma.c:1750 [inline] rdma_destroy_id+0x7b5/0x1e20 drivers/infiniband/core/cma.c:1814 ucma_close+0x3bb/0x590 drivers/infiniband/core/ucma.c:1770 __fput+0x4d1/0xbb0 fs/file_table.c:278 ____fput+0x37/0x40 fs/file_table.c:309 task_work_run+0x22e/0x2a0 kernel/task_work.c:113 tracehook_notify_resume include/linux/tracehook.h:188 [inline] exit_to_usermode_loop arch/x86/entry/common.c:166 [inline] prepare_exit_to_usermode+0x321/0x420 arch/x86/entry/common.c:197 syscall_return_slowpath+0xb2/0x650 arch/x86/entry/common.c:268 do_syscall_64+0xe2/0xf0 arch/x86/entry/common.c:294 entry_SYSCALL_64_after_hwframe+0x63/0xe7 RIP: 0033:0x411fc1 Code: 75 14 b8 03 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 e4 1a 00 00 c3 48 83 ec 08 e8 0a fc ff ff 48 89 04 24 b8 03 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fc ff ff 48 89 d0 48 83 c4 08 48 3d 01 RSP: 002b:0000000000a4fd70 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 RAX: 0000000000000000 RBX: 0000000000000005 RCX: 0000000000411fc1 RDX: 0000000000000000 RSI: 00000000007411b0 RDI: 0000000000000004 RBP: 0000000000000000 R08: 00000000007411a8 R09: 000000000008e791 R10: 0000000000a4fc90 R11: 0000000000000293 R12: 0000000000000001 R13: 0000000000a4fdb0 R14: 0000000000000000 R15: 0000000000a4fdc0 Uninit was created at: kmsan_save_stack_with_flags mm/kmsan/kmsan.c:205 [inline] kmsan_internal_poison_shadow+0x92/0x150 mm/kmsan/kmsan.c:159 kmsan_kmalloc+0xa6/0x130 mm/kmsan/kmsan_hooks.c:173 kmsan_slab_alloc+0xe/0x10 mm/kmsan/kmsan_hooks.c:182 slab_post_alloc_hook mm/slab.h:445 [inline] slab_alloc_node mm/slub.c:2773 [inline] __kmalloc_node_track_caller+0xe9e/0xff0 mm/slub.c:4398 __kmalloc_reserve net/core/skbuff.c:140 [inline] __alloc_skb+0x309/0xa20 net/core/skbuff.c:208 alloc_skb_fclone include/linux/skbuff.h:1054 [inline] sk_stream_alloc_skb+0x177/0xcb0 net/ipv4/tcp.c:874 do_tcp_sendpages+0x157c/0x38c0 net/ipv4/tcp.c:977 tcp_sendpage_locked net/ipv4/tcp.c:1080 [inline] tcp_sendpage+0x1e0/0x240 net/ipv4/tcp.c:1090 inet_sendpage+0x5e4/0x870 net/ipv4/af_inet.c:815 kernel_sendpage net/socket.c:3405 [inline] sock_sendpage+0x1f1/0x2e0 net/socket.c:847 pipe_to_sendpage+0x33c/0x460 fs/splice.c:452 splice_from_pipe_feed fs/splice.c:503 [inline] __splice_from_pipe+0x48c/0xf10 fs/splice.c:627 splice_from_pipe fs/splice.c:662 [inline] generic_splice_sendpage+0x1d5/0x2d0 fs/splice.c:832 do_splice_from fs/splice.c:851 [inline] direct_splice_actor+0x19e/0x200 fs/splice.c:1023 splice_direct_to_actor+0x852/0x1140 fs/splice.c:978 do_splice_direct+0x342/0x580 fs/splice.c:1066 do_sendfile+0x1010/0x1d20 fs/read_write.c:1436 __do_sys_sendfile64 fs/read_write.c:1497 [inline] __se_sys_sendfile64+0x2b1/0x360 fs/read_write.c:1483 __x64_sys_sendfile64+0x56/0x70 fs/read_write.c:1483 do_syscall_64+0xbc/0xf0 arch/x86/entry/common.c:291 entry_SYSCALL_64_after_hwframe+0x63/0xe7 ==================================================================