KMSAN: uninit-value in nl80211_send_pmsr

ID	Workflow	Result	Correct	Bug	Created	Started	Finished	Revision	Error
6b131bd8-87e7-4beb-93bf-61f4b5e45628	assessment-security		💥	KMSAN: uninit-value in nl80211_send_pmsr_capa	2026/05/14 10:58	2026/05/14 10:58	2026/05/14 10:59	6ccb967e465e832a7bfd7a116ad00d52a0923a5d	failed to run ["git" "pull" "origin" "HEAD" "--depth=1" "--allow-unrelated-histories"]: exit status 128 From /app/workdir/repo/linux * branch HEAD -> FETCH_HEAD Updating files: 22% (20660/93016) Updating files: 23% (21394/93016) Updating files: 24% (22324/93016) Updating files: 25% (23254/93016) Updating files: 26% (24185/93016) Updating files: 27% (25115/93016) Updating files: 28% (26045/93016) Updating files: 29% (26975/93016) Updating files: 30% (27905/93016) Updating files: 31% (28835/93016) Updating files: 32% (29766/93016) Updating files: 32% (29801/93016) Updating files: 33% (30696/93016) Updating files: 34% (31626/93016) Updating files: 35% (32556/93016) error: unable to write file drivers/crypto/allwinner/sun8i-ss/sun8i-ss-prng.c error: unable to write file drivers/crypto/allwinner/sun8i-ss/sun8i-ss.h fatal: cannot create directory at 'drivers/crypto/amcc': No space left on device

Title	Replies (including bot)	Last reply
[PATCH wireless] wifi: mac80211_hwsim: fully initialise PMSR capabilities	1 (1)	2026/03/03 11:37
[syzbot] [wireless?] KMSAN: uninit-value in nl80211_send_pmsr_capa	0 (1)	2026/03/03 06:07

Title

Replies (including bot)

Last reply

[PATCH wireless] wifi: mac80211_hwsim: fully initialise PMSR capabilities

1 (1)

2026/03/03 11:37

[syzbot] [wireless?] KMSAN: uninit-value in nl80211_send_pmsr_capa

0 (1)

2026/03/03 06:07

===================================================== BUG: KMSAN: uninit-value in nl80211_send_pmsr_ftm_capa net/wireless/nl80211.c:2302 [inline] BUG: KMSAN: uninit-value in nl80211_send_pmsr_capa+0x6fe/0x1b50 net/wireless/nl80211.c:2404 nl80211_send_pmsr_ftm_capa net/wireless/nl80211.c:2302 [inline] nl80211_send_pmsr_capa+0x6fe/0x1b50 net/wireless/nl80211.c:2404 nl80211_send_wiphy+0x1464/0x96d0 net/wireless/nl80211.c:3302 nl80211_dump_wiphy+0x5b6/0xc80 net/wireless/nl80211.c:3447 genl_dumpit+0x14e/0x2a0 net/netlink/genetlink.c:1026 netlink_dump+0xbaa/0x1800 net/netlink/af_netlink.c:2325 netlink_recvmsg+0xc8a/0xfe0 net/netlink/af_netlink.c:1976 sock_recvmsg_nosec+0x1e2/0x270 net/socket.c:1078 ____sys_recvmsg+0x4e5/0x620 net/socket.c:2810 ___sys_recvmsg+0x20b/0x850 net/socket.c:2854 do_recvmmsg+0x40e/0xdf0 net/socket.c:2949 __sys_recvmmsg net/socket.c:3023 [inline] __do_sys_recvmmsg net/socket.c:3046 [inline] __se_sys_recvmmsg net/socket.c:3039 [inline] __x64_sys_recvmmsg+0x383/0x500 net/socket.c:3039 x64_sys_call+0x96d/0x3ea0 arch/x86/include/generated/asm/syscalls_64.h:300 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline] do_syscall_64+0x134/0xf80 arch/x86/entry/syscall_64.c:94 entry_SYSCALL_64_after_hwframe+0x77/0x7f Uninit was stored to memory at: mac80211_hwsim_new_radio+0x60b8/0x7e20 drivers/net/wireless/virtual/mac80211_hwsim.c:5837 hwsim_new_radio_nl+0x1839/0x3160 drivers/net/wireless/virtual/mac80211_hwsim.c:6504 genl_family_rcv_msg_doit+0x338/0x3f0 net/netlink/genetlink.c:1114 genl_family_rcv_msg net/netlink/genetlink.c:1194 [inline] genl_rcv_msg+0xac5/0xc00 net/netlink/genetlink.c:1209 netlink_rcv_skb+0x54d/0x680 net/netlink/af_netlink.c:2550 genl_rcv+0x41/0x60 net/netlink/genetlink.c:1218 netlink_unicast_kernel net/netlink/af_netlink.c:1318 [inline] netlink_unicast+0xf04/0x12b0 net/netlink/af_netlink.c:1344 netlink_sendmsg+0x10b2/0x1250 net/netlink/af_netlink.c:1894 sock_sendmsg_nosec net/socket.c:727 [inline] __sock_sendmsg net/socket.c:742 [inline] ____sys_sendmsg+0xf37/0xfd0 net/socket.c:2592 ___sys_sendmsg+0x271/0x3b0 net/socket.c:2646 __sys_sendmsg net/socket.c:2678 [inline] __do_sys_sendmsg net/socket.c:2683 [inline] __se_sys_sendmsg net/socket.c:2681 [inline] __x64_sys_sendmsg+0x211/0x3e0 net/socket.c:2681 x64_sys_call+0x1e20/0x3ea0 arch/x86/include/generated/asm/syscalls_64.h:47 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline] do_syscall_64+0x134/0xf80 arch/x86/entry/syscall_64.c:94 entry_SYSCALL_64_after_hwframe+0x77/0x7f Uninit was created at: slab_post_alloc_hook mm/slub.c:4545 [inline] slab_alloc_node mm/slub.c:4866 [inline] __kmalloc_cache_noprof+0x35e/0x1260 mm/slub.c:5375 kmalloc_noprof include/linux/slab.h:950 [inline] hwsim_new_radio_nl+0x1705/0x3160 drivers/net/wireless/virtual/mac80211_hwsim.c:6492 genl_family_rcv_msg_doit+0x338/0x3f0 net/netlink/genetlink.c:1114 genl_family_rcv_msg net/netlink/genetlink.c:1194 [inline] genl_rcv_msg+0xac5/0xc00 net/netlink/genetlink.c:1209 netlink_rcv_skb+0x54d/0x680 net/netlink/af_netlink.c:2550 genl_rcv+0x41/0x60 net/netlink/genetlink.c:1218 netlink_unicast_kernel net/netlink/af_netlink.c:1318 [inline] netlink_unicast+0xf04/0x12b0 net/netlink/af_netlink.c:1344 netlink_sendmsg+0x10b2/0x1250 net/netlink/af_netlink.c:1894 sock_sendmsg_nosec net/socket.c:727 [inline] __sock_sendmsg net/socket.c:742 [inline] ____sys_sendmsg+0xf37/0xfd0 net/socket.c:2592 ___sys_sendmsg+0x271/0x3b0 net/socket.c:2646 __sys_sendmsg net/socket.c:2678 [inline] __do_sys_sendmsg net/socket.c:2683 [inline] __se_sys_sendmsg net/socket.c:2681 [inline] __x64_sys_sendmsg+0x211/0x3e0 net/socket.c:2681 x64_sys_call+0x1e20/0x3ea0 arch/x86/include/generated/asm/syscalls_64.h:47 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline] do_syscall_64+0x134/0xf80 arch/x86/entry/syscall_64.c:94 entry_SYSCALL_64_after_hwframe+0x77/0x7f CPU: 1 UID: 0 PID: 32655 Comm: syz.3.10887 Tainted: G L syzkaller #0 PREEMPT(full) Tainted: [L]=SOFTLOCKUP Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026 =====================================================

Crashes (11):
Time	Kernel	Commit	Syzkaller	Config	Log	Report	VM info	Assets (help?)	Manager	Title
2026/03/19 06:03	upstream	8a30aeb0d1b4	0199f9a1	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci-upstream-kmsan-gce-root	KMSAN: uninit-value in nl80211_send_pmsr_capa
2026/03/19 06:02	upstream	8a30aeb0d1b4	0199f9a1	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci-upstream-kmsan-gce-root	KMSAN: uninit-value in nl80211_send_pmsr_capa
2026/03/19 06:02	upstream	8a30aeb0d1b4	0199f9a1	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci-upstream-kmsan-gce-root	KMSAN: uninit-value in nl80211_send_pmsr_capa
2026/03/05 00:06	upstream	ecc64d2dc9ff	a9fe5c9e	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci-upstream-kmsan-gce-root	KMSAN: uninit-value in nl80211_send_pmsr_capa
2026/03/01 11:53	upstream	eb71ab2bf722	43249bac	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci-upstream-kmsan-gce-root	KMSAN: uninit-value in nl80211_send_pmsr_capa
2026/03/01 11:52	upstream	eb71ab2bf722	43249bac	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci-upstream-kmsan-gce-root	KMSAN: uninit-value in nl80211_send_pmsr_capa
2026/02/27 06:05	upstream	a75cb869a8cc	a2f13f71	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci-upstream-kmsan-gce-root	KMSAN: uninit-value in nl80211_send_pmsr_capa
2026/03/12 11:59	upstream	80234b5ab240	4efadf07	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci-upstream-kmsan-gce-386-root	KMSAN: uninit-value in nl80211_send_pmsr_capa
2026/03/12 11:59	upstream	80234b5ab240	4efadf07	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci-upstream-kmsan-gce-386-root	KMSAN: uninit-value in nl80211_send_pmsr_capa
2026/03/08 21:52	upstream	014441d1e4b2	5cb44a80	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci-upstream-kmsan-gce-386-root	KMSAN: uninit-value in nl80211_send_pmsr_capa
2026/03/08 21:45	upstream	014441d1e4b2	5cb44a80	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci-upstream-kmsan-gce-386-root	KMSAN: uninit-value in nl80211_send_pmsr_capa

Crashes (11):

Assets (help?)