================================================================== BUG: KMSAN: uninit-value in ip_vs_lblcr_check_expire+0x1551/0x1600 net/netfilter/ipvs/ip_vs_lblcr.c:479 CPU: 0 PID: 5345 Comm: syz-executor1 Not tainted 4.17.0+ #22 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x185/0x1d0 lib/dump_stack.c:113 kmsan_report+0x188/0x2a0 mm/kmsan/kmsan.c:990 __msan_warning_32+0x70/0xc0 mm/kmsan/kmsan_instr.c:640 ip_vs_lblcr_check_expire+0x1551/0x1600 net/netfilter/ipvs/ip_vs_lblcr.c:479 call_timer_fn+0x280/0x5d0 kernel/time/timer.c:1326 expire_timers kernel/time/timer.c:1363 [inline] __run_timers+0xd96/0x11b0 kernel/time/timer.c:1666 run_timer_softirq+0x43/0x70 kernel/time/timer.c:1692 __do_softirq+0x592/0x979 kernel/softirq.c:285 invoke_softirq kernel/softirq.c:366 [inline] irq_exit+0x207/0x240 kernel/softirq.c:407 exiting_irq+0xe/0x10 arch/x86/include/asm/apic.h:525 smp_apic_timer_interrupt+0x64/0x90 arch/x86/kernel/apic/apic.c:1055 apic_timer_interrupt+0xf/0x20 arch/x86/entry/entry_64.S:868 RIP: 0010:lowmem_page_address include/linux/mm.h:1098 [inline] RIP: 0010:msan_get_shadow_origin_ptr+0x1f5/0x2e0 mm/kmsan/kmsan_instr.c:314 RSP: 0018:ffff8800a0ccf0e0 EFLAGS: 00000202 ORIG_RAX: ffffffffffffff13 RAX: ffff8801fcdf44fc RBX: ffffffff8b5ff000 RCX: 00000000005f5ddc RDX: ffff880000000000 RSI: aaaaaaaaaaaab000 RDI: ffffea0000443b80 RBP: ffff8800a0ccf130 R08: ffffffff7fffffff R09: ffff8800a829f338 R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000004 R13: 00000000000004fc R14: ffffffff8b5fe000 R15: 00000000000004fc __msan_metadata_ptr_for_load_4+0x10/0x20 mm/kmsan/kmsan_instr.c:349 cpusets_enabled include/linux/cpuset.h:38 [inline] prepare_alloc_pages mm/page_alloc.c:4315 [inline] __alloc_pages_nodemask+0x35f/0x5cc0 mm/page_alloc.c:4367 not chained 1180000 origins alloc_pages_current+0x6b1/0x970 mm/mempolicy.c:2093 alloc_pages include/linux/gfp.h:494 [inline] __vmalloc_area_node mm/vmalloc.c:1702 [inline] __vmalloc_node_range+0x8bf/0x1170 mm/vmalloc.c:1767 __vmalloc_node mm/vmalloc.c:1812 [inline] __vmalloc+0xe2/0x100 mm/vmalloc.c:1818 _snd_pcm_lib_alloc_vmalloc_buffer+0x1df/0x3c0 sound/core/pcm_memory.c:411 snd_pcm_lib_alloc_vmalloc_buffer include/sound/pcm.h:1233 [inline] loopback_hw_params+0x8d/0xb0 sound/drivers/aloop.c:591 snd_pcm_hw_params+0x815/0x21b0 sound/core/pcm_native.c:681 snd_pcm_kernel_ioctl+0x1ec/0x2080 sound/core/pcm_native.c:3005 snd_pcm_oss_change_params_locked+0x48a9/0x6940 sound/core/oss/pcm_oss.c:993 snd_pcm_oss_change_params sound/core/oss/pcm_oss.c:1101 [inline] snd_pcm_oss_make_ready+0x184/0x4f0 sound/core/oss/pcm_oss.c:1160 snd_pcm_oss_sync+0x433/0x1120 sound/core/oss/pcm_oss.c:1721 snd_pcm_oss_release+0x13a/0x4c0 sound/core/oss/pcm_oss.c:2560 __fput+0x458/0xa30 fs/file_table.c:209 ____fput+0x37/0x40 fs/file_table.c:243 task_work_run+0x22e/0x2b0 kernel/task_work.c:113 tracehook_notify_resume include/linux/tracehook.h:191 [inline] exit_to_usermode_loop arch/x86/entry/common.c:166 [inline] prepare_exit_to_usermode+0x33c/0x3a0 arch/x86/entry/common.c:196 syscall_return_slowpath+0xe9/0x710 arch/x86/entry/common.c:265 do_syscall_64+0x1ad/0x230 arch/x86/entry/common.c:290 entry_SYSCALL_64_after_hwframe+0x63/0xe7 RIP: 0033:0x40ff01 RSP: 002b:0000000000a3eab0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 RAX: 0000000000000000 RBX: 000000000000001a RCX: 000000000040ff01 RDX: 0000000000000000 RSI: 0000000000730418 RDI: 0000000000000019 RBP: 0000000000000013 R08: 0000000000a3ea30 R09: 0000000000000000 R10: 0000000000000005 R11: 0000000000000293 R12: 0000000000000000 R13: 0000000000000000 R14: 0000000000a3f160 R15: 00000000007034c0 CPU: 1 PID: 17 Comm: ksoftirqd/1 Not tainted 4.17.0+ #22 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 kmsan_save_stack_with_flags mm/kmsan/kmsan.c:256 [inline] kmsan_internal_alloc_meta_for_pages+0x146/0x700 mm/kmsan/kmsan.c:702 Call Trace: kmsan_alloc_page+0x75/0xd0 mm/kmsan/kmsan_hooks.c:250 __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x185/0x1d0 lib/dump_stack.c:113 __alloc_pages_nodemask+0xf7b/0x5cc0 mm/page_alloc.c:4404 kmsan_internal_chain_origin+0x1ff/0x210 mm/kmsan/kmsan.c:572 alloc_pages_current+0x6b1/0x970 mm/mempolicy.c:2093 alloc_pages include/linux/gfp.h:494 [inline] kmalloc_order mm/slab_common.c:1148 [inline] kmalloc_order_trace+0xbb/0x390 mm/slab_common.c:1159 kmalloc_large include/linux/slab.h:446 [inline] __kmalloc+0x335/0x350 mm/slub.c:3805 kmalloc include/linux/slab.h:517 [inline] ip_vs_lblcr_init_svc+0x57/0x310 net/netfilter/ipvs/ip_vs_lblcr.c:518 ip_vs_bind_scheduler+0xa9/0x1f0 net/netfilter/ipvs/ip_vs_sched.c:51 ip_vs_add_service+0xa9d/0x1d90 net/netfilter/ipvs/ip_vs_ctl.c:1265 do_ip_vs_set_ctl+0x2aa9/0x2cd0 net/netfilter/ipvs/ip_vs_ctl.c:2462 nf_sockopt net/netfilter/nf_sockopt.c:106 [inline] nf_setsockopt+0x47c/0x4e0 net/netfilter/nf_sockopt.c:115 __msan_chain_origin+0x69/0xc0 mm/kmsan/kmsan_instr.c:483 ip_setsockopt+0x24b/0x2b0 net/ipv4/ip_sockglue.c:1251 __skb_clone+0x7b3/0x990 net/core/skbuff.c:861 tcp_setsockopt+0x1c0/0x1f0 net/ipv4/tcp.c:2891 skb_clone+0x3e8/0x590 net/core/skbuff.c:1290 sock_common_setsockopt+0x13b/0x170 net/core/sock.c:3039 tcp_transmit_skb+0x3e4/0x5350 net/ipv4/tcp_output.c:1060 __sys_setsockopt+0x496/0x540 net/socket.c:1903 tcp_write_xmit+0x2d81/0xb200 net/ipv4/tcp_output.c:2373 __do_sys_setsockopt net/socket.c:1914 [inline] __se_sys_setsockopt net/socket.c:1911 [inline] __x64_sys_setsockopt+0x15c/0x1c0 net/socket.c:1911 tcp_tsq_handler+0x73d/0x8a0 net/ipv4/tcp_output.c:788 do_syscall_64+0x15b/0x230 arch/x86/entry/common.c:287 tcp_tasklet_func+0x733/0x900 net/ipv4/tcp_output.c:824 entry_SYSCALL_64_after_hwframe+0x63/0xe7 tasklet_action_common+0x635/0x750 kernel/softirq.c:517