syzbot

 sign-in | mailing list | source | docs | 🏰
🐞 Open [1347]
Subsystems
🐞 Fixed [7082]
🐞 Invalid [18649]
Missing Backports [221]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
✨ AI
💬 Send us feedback

KMSAN: uninit-value in bpf_prog_run_generic_xdp

Status: upstream: reported C repro on 2022/11/18 11:39
Subsystems: net
[Documentation on labels]
Reported-by: syzbot+0e6ddb1ef80986bdfe64@syzkaller.appspotmail.com
First crash: 1610d, last: 16h09m
Discussions (22)
Title Replies (including bot) Last reply
[syzbot] Monthly net report (Apr 2026) 0 (1) 2026/04/22 09:08
[syzbot] Monthly net report (Mar 2026) 0 (1) 2026/03/23 09:11
[syzbot] Monthly net report (Feb 2026) 0 (1) 2026/02/18 13:21
[syzbot] Monthly net report (Jan 2026) 2 (3) 2026/01/20 11:17
[syzbot] Monthly net report (Nov 2025) 0 (1) 2025/11/17 07:50
[syzbot] Monthly net report (Oct 2025) 0 (1) 2025/10/16 08:36
[syzbot] Monthly net report (Sep 2025) 0 (1) 2025/09/15 06:54
[syzbot] Monthly net report (Aug 2025) 0 (1) 2025/08/14 12:42
[syzbot] Monthly net report (Jul 2025) 0 (1) 2025/07/14 07:23
[PATCH bpf v2 0/2] bpf, xdp: clean adjust_{head,meta} memory when offset < 0 8 (8) 2025/04/04 00:29
[PATCH net v1] net: Fix tuntap uninitialized value 5 (5) 2025/03/31 11:47
[PATCH v2] can: fix skb reference counting in j1939_session_new() 11 (11) 2024/11/29 13:25
[syzbot] KMSAN: uninit-value in bpf_prog_run_generic_xdp 0 (3) 2024/07/01 10:19
[syzbot] Monthly can report (May 2024) 0 (1) 2024/05/31 06:49
[syzbot] Monthly bpf report (Mar 2024) 0 (1) 2024/03/11 10:18
[syzbot] Monthly bpf report (Feb 2024) 0 (1) 2024/02/08 21:48
[syzbot] Monthly can report (Jan 2024) 0 (1) 2024/01/16 07:55
Re: [syzbot] KMSAN: uninit-value in bpf_prog_run_generic_xdp 1 (1) 2023/12/21 11:22
[syzbot] Monthly can report (Dec 2023) 0 (1) 2023/12/02 14:45
[syzbot] Monthly bpf report (Nov 2023) 0 (1) 2023/11/07 04:52
[syzbot] Monthly can report (Nov 2023) 0 (1) 2023/11/01 10:13
[syzbot] Monthly batman report (Oct 2023) 0 (1) 2023/10/09 09:23
Similar bugs (18)
Kernel Title Rank 🛈 Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KMSAN: uninit-value in skb_release_data (3) net 7 C 10 1385d 2064d 0/29 auto-obsoleted due to no activity on 2022/11/17 07:20
upstream KMSAN: uninit-value in hsr_register_frame_in net 7 C 197 1018d 2639d 0/29 auto-obsoleted due to no activity on 2024/02/18 18:09
upstream KMSAN: kernel-infoleak in copyout (2) net 17 C 6723 1062d 2230d 22/29 fixed on 2023/06/08 14:41
upstream KMSAN: uninit-value in ipv6_find_tlv net 7 C 271 1103d 2456d 22/29 fixed on 2023/06/08 14:41
upstream KMSAN: uninit-value in ax25cmp (2) hams 7 C 51 1322d 1582d 0/29 closed as invalid on 2022/11/18 11:50
upstream KMSAN: uninit-value in virtqueue_add (3) virt 7 13 1278d 1570d 0/29 auto-obsoleted due to no activity on 2023/02/12 03:53
upstream KMSAN: kernel-infoleak in _copy_to_iter (7) net 21 C 138977 1166d 1518d 22/29 fixed on 2023/02/24 13:50
upstream KMSAN: kernel-infoleak in __skb_datagram_iter net 9 68 951d 1056d 23/29 fixed on 2023/09/28 17:51
upstream KMSAN: uninit-value in can_send can 7 C 630 1260d 1278d 22/29 fixed on 2023/02/24 13:50
upstream KMSAN: uninit-value in IP6_ECN_decapsulate net 7 C 981 867d 2783d 25/29 fixed on 2023/12/21 03:45
upstream KMSAN: uninit-value in inet_frag_find (2) net 7 2 1574d 1582d 0/29 auto-closed as invalid on 2022/04/11 17:13
upstream KMSAN: kernel-infoleak in _copy_to_iter (6) net 9 C 748 1518d 1607d 20/29 fixed on 2022/03/08 16:11
upstream KMSAN: uninit-value in eth_type_trans (2) net 7 C 8571 1h27m 2294d 0/29 upstream: reported C repro on 2020/01/22 16:47
upstream KMSAN: uninit-value in hsr_fill_frame_info (2) net 7 C 65 1017d 1300d 0/29 auto-obsoleted due to no activity on 2023/10/30 13:38
upstream KMSAN: uninit-value in erspan_build_header net 7 40 1211d 1300d 0/29 auto-obsoleted due to no activity on 2023/05/10 10:26
upstream KMSAN: uninit-value in ip_tunnel_xmit (3) net 7 C 1516 1306d 1994d 0/29 closed as invalid on 2022/10/12 18:48
upstream KMSAN: uninit-value in br_dev_xmit bridge 7 C 537 1205d 2262d 0/29 auto-obsoleted due to no activity on 2023/05/15 13:28
upstream KMSAN: uninit-value in batadv_get_vid batman 7 C 1947 1157d 2262d 0/29 auto-obsoleted due to no activity on 2023/07/23 05:56
Last patch testing requests (8)
Created Duration User Patch Repo Result
2026/04/29 11:09 2h24m retest repro upstream report log
2026/04/02 20:38 26m retest repro upstream report log
2026/04/02 20:38 19m retest repro upstream report log
2025/06/06 14:17 25m retest repro upstream report log
2025/06/06 14:17 25m retest repro upstream report log
2025/06/06 14:17 29m retest repro upstream OK log
2024/07/03 03:13 33m retest repro upstream error
2024/07/01 10:19 19m wojciech.gladysz@infogain.com patch https://linux.googlesource.com/linux/kernel/git/torvalds/linux e478cf26c556e4ab572ab0ab2306c986901dcd61 report log

Sample crash report:
=====================================================
BUG: KMSAN: uninit-value in bpf_prog_run_generic_xdp+0x19a5/0x20d0 net/core/dev.c:5493
 bpf_prog_run_generic_xdp+0x19a5/0x20d0 net/core/dev.c:5493
 netif_receive_generic_xdp net/core/dev.c:5576 [inline]
 do_xdp_generic+0xe07/0x17f0 net/core/dev.c:5638
 tun_get_user+0x525a/0x7830 drivers/net/tun.c:1872
 tun_chr_write_iter+0x3e9/0x5c0 drivers/net/tun.c:1999
 new_sync_write fs/read_write.c:595 [inline]
 vfs_write+0xbe1/0x15c0 fs/read_write.c:688
 ksys_write+0x1d9/0x470 fs/read_write.c:740
 __do_sys_write fs/read_write.c:751 [inline]
 __se_sys_write fs/read_write.c:748 [inline]
 __x64_sys_write+0x97/0xf0 fs/read_write.c:748
 x64_sys_call+0x2ff0/0x3ea0 arch/x86/include/generated/asm/syscalls_64.h:2
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0x134/0xf80 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

Uninit was stored to memory at:
 pskb_expand_head+0x4a0/0x1fb0 net/core/skbuff.c:2323
 netif_skb_check_for_xdp net/core/dev.c:5539 [inline]
 netif_receive_generic_xdp net/core/dev.c:5570 [inline]
 do_xdp_generic+0xb30/0x17f0 net/core/dev.c:5638
 tun_get_user+0x525a/0x7830 drivers/net/tun.c:1872
 tun_chr_write_iter+0x3e9/0x5c0 drivers/net/tun.c:1999
 new_sync_write fs/read_write.c:595 [inline]
 vfs_write+0xbe1/0x15c0 fs/read_write.c:688
 ksys_write+0x1d9/0x470 fs/read_write.c:740
 __do_sys_write fs/read_write.c:751 [inline]
 __se_sys_write fs/read_write.c:748 [inline]
 __x64_sys_write+0x97/0xf0 fs/read_write.c:748
 x64_sys_call+0x2ff0/0x3ea0 arch/x86/include/generated/asm/syscalls_64.h:2
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0x134/0xf80 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

Uninit was created at:
 slab_post_alloc_hook mm/slub.c:4545 [inline]
 slab_alloc_node mm/slub.c:4866 [inline]
 __do_kmalloc_node mm/slub.c:5259 [inline]
 __kmalloc_node_track_caller_noprof+0x4f6/0x1750 mm/slub.c:5368
 kmalloc_reserve net/core/skbuff.c:635 [inline]
 __alloc_skb+0x90d/0x1190 net/core/skbuff.c:713
 alloc_skb include/linux/skbuff.h:1383 [inline]
 alloc_skb_with_frags+0xc5/0xa60 net/core/skbuff.c:6763
 sock_alloc_send_pskb+0xacb/0xc60 net/core/sock.c:2995
 tun_alloc_skb drivers/net/tun.c:1461 [inline]
 tun_get_user+0xcfc/0x7830 drivers/net/tun.c:1794
 tun_chr_write_iter+0x3e9/0x5c0 drivers/net/tun.c:1999
 new_sync_write fs/read_write.c:595 [inline]
 vfs_write+0xbe1/0x15c0 fs/read_write.c:688
 ksys_write+0x1d9/0x470 fs/read_write.c:740
 __do_sys_write fs/read_write.c:751 [inline]
 __se_sys_write fs/read_write.c:748 [inline]
 __x64_sys_write+0x97/0xf0 fs/read_write.c:748
 x64_sys_call+0x2ff0/0x3ea0 arch/x86/include/generated/asm/syscalls_64.h:2
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0x134/0xf80 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

CPU: 0 UID: 0 PID: 5983 Comm: syz.0.17 Not tainted syzkaller #0 PREEMPT(full) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
=====================================================

Crashes (2123):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2026/04/09 14:55 upstream 7f87a5ea75f0 38c8e246 .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in bpf_prog_run_generic_xdp
2025/02/16 06:41 upstream 496659003dac 40a34ec9 .config strace log report syz / log C [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in bpf_prog_run_generic_xdp
2024/11/06 10:23 upstream 2e1b3cc9d7f7 3a465482 .config strace log report syz / log C [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in bpf_prog_run_generic_xdp
2026/05/04 18:11 upstream 6d35786de281 85f1bcf2 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in bpf_prog_run_generic_xdp
2026/05/04 17:51 upstream 6d35786de281 85f1bcf2 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in bpf_prog_run_generic_xdp
2026/05/04 13:41 upstream 6d35786de281 85f1bcf2 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in bpf_prog_run_generic_xdp
2026/05/04 01:32 upstream f377d0025eb0 a0d91488 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in bpf_prog_run_generic_xdp
2026/04/09 07:03 upstream 7f87a5ea75f0 38c8e246 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in bpf_prog_run_generic_xdp
2026/04/08 05:58 upstream 3036cd0d3328 2c961e87 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in bpf_prog_run_generic_xdp
2026/03/15 21:27 upstream 267594792a71 ee8d34d6 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in bpf_prog_run_generic_xdp
2026/03/15 03:35 upstream 69237f8c1f69 ee8d34d6 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in bpf_prog_run_generic_xdp
2026/03/14 10:30 upstream 1c9982b49613 ee8d34d6 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in bpf_prog_run_generic_xdp
2026/03/12 21:18 upstream 80234b5ab240 4efadf07 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in bpf_prog_run_generic_xdp
2026/03/06 08:25 upstream 5ee8dbf54602 31e9c887 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in bpf_prog_run_generic_xdp
2026/02/22 17:35 upstream 32a92f8c8932 6e7b5511 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in bpf_prog_run_generic_xdp
2026/02/22 06:16 upstream 3544d5ce36f4 6e7b5511 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in bpf_prog_run_generic_xdp
2026/02/15 05:29 upstream ca4ee40bf13d 1e62d198 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in bpf_prog_run_generic_xdp
2026/02/12 00:09 upstream 192c0159402e 75707236 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in bpf_prog_run_generic_xdp
2026/02/04 18:58 upstream 5fd0a1df5d05 ea10c935 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in bpf_prog_run_generic_xdp
2026/02/04 13:02 upstream de0674d9bc69 42b01fab .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in bpf_prog_run_generic_xdp
2026/02/04 11:16 upstream de0674d9bc69 42b01fab .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in bpf_prog_run_generic_xdp
2026/02/03 22:03 upstream 6bd9ed02871f 6df4c87a .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in bpf_prog_run_generic_xdp
2026/02/01 02:58 upstream ad9a728a3388 35764559 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in bpf_prog_run_generic_xdp
2024/03/16 16:19 upstream 66a27abac311 d615901c .config strace log report syz C [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in bpf_prog_run_generic_xdp
2026/05/04 19:38 upstream 6d35786de281 85f1bcf2 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in bpf_prog_run_generic_xdp
2026/05/04 06:29 upstream f377d0025eb0 a0d91488 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in bpf_prog_run_generic_xdp
2026/04/15 05:42 upstream 508fed679541 e2e976a8 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in bpf_prog_run_generic_xdp
2026/04/14 17:13 upstream d60bc1401583 362d1323 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in bpf_prog_run_generic_xdp
2026/04/14 09:04 upstream 0f0013213293 1a086e7c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in bpf_prog_run_generic_xdp
2026/04/04 03:18 upstream d8a9a4b11a13 4440e7c2 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in bpf_prog_run_generic_xdp
2026/03/19 18:14 upstream 8a30aeb0d1b4 bd6dcb30 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in bpf_prog_run_generic_xdp
2026/03/16 05:27 upstream f338e7738378 ee8d34d6 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in bpf_prog_run_generic_xdp
2026/03/15 06:15 upstream 69237f8c1f69 ee8d34d6 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in bpf_prog_run_generic_xdp
2026/03/13 06:37 upstream 0257f64bdac7 2f7f359d .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in bpf_prog_run_generic_xdp
2026/03/12 12:22 upstream 80234b5ab240 4efadf07 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in bpf_prog_run_generic_xdp
2026/03/03 04:35 upstream af4e9ef3d784 28b83e23 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in bpf_prog_run_generic_xdp
2026/03/02 01:45 upstream e2bd1b136926 43249bac .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in bpf_prog_run_generic_xdp
2026/02/25 20:10 upstream 7dff99b35460 df2e85d4 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in bpf_prog_run_generic_xdp
2026/02/25 14:58 upstream 7dff99b35460 df2e85d4 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in bpf_prog_run_generic_xdp
2026/02/22 19:21 upstream 32a92f8c8932 6e7b5511 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in bpf_prog_run_generic_xdp
2026/02/22 07:23 upstream d79526b89571 6e7b5511 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in bpf_prog_run_generic_xdp
2026/02/14 02:59 upstream cd7a5651db26 1e62d198 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in bpf_prog_run_generic_xdp
2026/02/12 11:33 upstream c22e26bd0906 76a109e2 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in bpf_prog_run_generic_xdp
2026/02/06 21:44 upstream b7ff7151e653 97745f52 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in bpf_prog_run_generic_xdp
2026/02/06 07:28 upstream 8fdb05de0e2d f03c4191 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in bpf_prog_run_generic_xdp
2026/02/05 03:57 upstream 5fd0a1df5d05 ea10c935 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in bpf_prog_run_generic_xdp
2026/01/31 08:47 upstream 283073725700 c75a2f6e .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in bpf_prog_run_generic_xdp
2026/01/29 19:40 upstream 8dfce8991b95 aeb6fdd5 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in bpf_prog_run_generic_xdp
2023/12/16 05:36 upstream 3bd7d7488169 3222d10c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in bpf_prog_run_generic_xdp
2022/11/15 12:56 https://github.com/google/kmsan.git master cb231e2f67ec 97de9cfc .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in bpf_prog_run_generic_xdp
2022/01/03 16:49 https://github.com/google/kmsan.git master 81c325bbf94e 4a3f34f2 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in bpf_prog_run_generic_xdp
2021/12/06 12:45 https://github.com/google/kmsan.git master cdfb223e7e63 579a8754 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in bpf_prog_run_generic_xdp
* Struck through repros no longer work on HEAD.