KMSAN: uninit-value in ieee802154_hdr

KMSAN: uninit-value in ieee802154_hdr_push
Status: upstream: reported on 2021/03/02 09:29
Reported-by: syzbot+4f6e279a71100e94ae65@syzkaller.appspotmail.com
First crash: 160d, last: 21d

Sample crash report:

=====================================================
BUG: KMSAN: uninit-value in ieee802154_hdr_push+0x5d7/0xdd0 net/ieee802154/header_ops.c:96
CPU: 1 PID: 14198 Comm: syz-executor.4 Not tainted 5.12.0-rc6-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:79 [inline]
 dump_stack+0x24c/0x2e0 lib/dump_stack.c:120
 kmsan_report+0xfb/0x1e0 mm/kmsan/kmsan_report.c:121
 __msan_warning+0x5c/0xa0 mm/kmsan/kmsan_instr.c:197
 ieee802154_hdr_push+0x5d7/0xdd0 net/ieee802154/header_ops.c:96
 ieee802154_header_create+0xd07/0x1070 net/mac802154/iface.c:404
 wpan_dev_hard_header include/net/cfg802154.h:374 [inline]
 dgram_sendmsg+0xf4b/0x15d0 net/ieee802154/socket.c:670
 ieee802154_sock_sendmsg+0xec/0x130 net/ieee802154/socket.c:97
 sock_sendmsg_nosec net/socket.c:654 [inline]
 sock_sendmsg net/socket.c:674 [inline]
 ____sys_sendmsg+0xcfc/0x12f0 net/socket.c:2350
 ___sys_sendmsg net/socket.c:2404 [inline]
 __sys_sendmsg+0x714/0x830 net/socket.c:2433
 __compat_sys_sendmsg net/compat.c:347 [inline]
 __do_compat_sys_sendmsg net/compat.c:354 [inline]
 __se_compat_sys_sendmsg+0xa7/0xc0 net/compat.c:351
 __ia32_compat_sys_sendmsg+0x4a/0x70 net/compat.c:351
 do_syscall_32_irqs_on arch/x86/entry/common.c:79 [inline]
 __do_fast_syscall_32+0x127/0x180 arch/x86/entry/common.c:142
 do_fast_syscall_32+0x77/0xd0 arch/x86/entry/common.c:168
 do_SYSENTER_32+0x73/0x90 arch/x86/entry/common.c:211
 entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
RIP: 0023:0xf7fb1549
Code: 03 74 c0 01 10 05 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
RSP: 002b:00000000f55ab5fc EFLAGS: 00000296 ORIG_RAX: 0000000000000172
RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000740
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000

Uninit was stored to memory at:
 kmsan_save_stack_with_flags mm/kmsan/kmsan.c:120 [inline]
 kmsan_internal_chain_origin+0xad/0x130 mm/kmsan/kmsan.c:288
 kmsan_memcpy_memmove_metadata+0x25e/0x2d0 mm/kmsan/kmsan.c:225
 kmsan_memcpy_metadata+0xb/0x10 mm/kmsan/kmsan.c:245
 __msan_memcpy+0x46/0x60 mm/kmsan/kmsan_instr.c:110
 ieee802154_header_create+0xcd1/0x1070 net/mac802154/iface.c:402
 wpan_dev_hard_header include/net/cfg802154.h:374 [inline]
 dgram_sendmsg+0xf4b/0x15d0 net/ieee802154/socket.c:670
 ieee802154_sock_sendmsg+0xec/0x130 net/ieee802154/socket.c:97
 sock_sendmsg_nosec net/socket.c:654 [inline]
 sock_sendmsg net/socket.c:674 [inline]
 ____sys_sendmsg+0xcfc/0x12f0 net/socket.c:2350
 ___sys_sendmsg net/socket.c:2404 [inline]
 __sys_sendmsg+0x714/0x830 net/socket.c:2433
 __compat_sys_sendmsg net/compat.c:347 [inline]
 __do_compat_sys_sendmsg net/compat.c:354 [inline]
 __se_compat_sys_sendmsg+0xa7/0xc0 net/compat.c:351
 __ia32_compat_sys_sendmsg+0x4a/0x70 net/compat.c:351
 do_syscall_32_irqs_on arch/x86/entry/common.c:79 [inline]
 __do_fast_syscall_32+0x127/0x180 arch/x86/entry/common.c:142
 do_fast_syscall_32+0x77/0xd0 arch/x86/entry/common.c:168
 do_SYSENTER_32+0x73/0x90 arch/x86/entry/common.c:211
 entry_SYSENTER_compat_after_hwframe+0x4d/0x5c

Uninit was stored to memory at:
 kmsan_save_stack_with_flags mm/kmsan/kmsan.c:120 [inline]
 kmsan_internal_chain_origin+0xad/0x130 mm/kmsan/kmsan.c:288
 __msan_chain_origin+0x54/0xa0 mm/kmsan/kmsan_instr.c:147
 ieee802154_addr_from_sa include/net/ieee802154_netdev.h:172 [inline]
 dgram_sendmsg+0x14bb/0x15d0 net/ieee802154/socket.c:660
 ieee802154_sock_sendmsg+0xec/0x130 net/ieee802154/socket.c:97
 sock_sendmsg_nosec net/socket.c:654 [inline]
 sock_sendmsg net/socket.c:674 [inline]
 ____sys_sendmsg+0xcfc/0x12f0 net/socket.c:2350
 ___sys_sendmsg net/socket.c:2404 [inline]
 __sys_sendmsg+0x714/0x830 net/socket.c:2433
 __compat_sys_sendmsg net/compat.c:347 [inline]
 __do_compat_sys_sendmsg net/compat.c:354 [inline]
 __se_compat_sys_sendmsg+0xa7/0xc0 net/compat.c:351
 __ia32_compat_sys_sendmsg+0x4a/0x70 net/compat.c:351
 do_syscall_32_irqs_on arch/x86/entry/common.c:79 [inline]
 __do_fast_syscall_32+0x127/0x180 arch/x86/entry/common.c:142
 do_fast_syscall_32+0x77/0xd0 arch/x86/entry/common.c:168
 do_SYSENTER_32+0x73/0x90 arch/x86/entry/common.c:211
 entry_SYSENTER_compat_after_hwframe+0x4d/0x5c

Local variable ----address.i@__sys_sendmsg created at:
 ___sys_sendmsg net/socket.c:2394 [inline]
 __sys_sendmsg+0x30e/0x830 net/socket.c:2433
 ___sys_sendmsg net/socket.c:2394 [inline]
 __sys_sendmsg+0x30e/0x830 net/socket.c:2433
=====================================================

Crashes (32):
Manager	Time	Kernel	Commit	Syzkaller	Config	Log	Report	VM info	Title
ci-upstream-kmsan-gce-386	2021/07/15 13:51	https://github.com/google/kmsan.git master	57b5797c8013	b9a2f64e	.config	log	report	info	KMSAN: uninit-value in ieee802154_hdr_push
ci-upstream-kmsan-gce-386	2021/07/15 13:51	https://github.com/google/kmsan.git master	57b5797c8013	b9a2f64e	.config	log	report	info	KMSAN: uninit-value in ieee802154_hdr_push
ci-upstream-kmsan-gce-386	2021/07/14 10:28	https://github.com/google/kmsan.git master	57b5797c8013	484502bd	.config	log	report	info	KMSAN: uninit-value in ieee802154_hdr_push
ci-upstream-kmsan-gce-386	2021/07/01 20:39	https://github.com/google/kmsan.git master	57b5797c8013	658ebc66	.config	log	report	info	KMSAN: uninit-value in ieee802154_hdr_push
ci-upstream-kmsan-gce-386	2021/06/24 18:25	https://github.com/google/kmsan.git master	6734053bbeca	ec865f6a	.config	log	report	info	KMSAN: uninit-value in ieee802154_hdr_push
ci-upstream-kmsan-gce-386	2021/06/18 04:01	https://github.com/google/kmsan.git master	bfeba8b4c158	aba2b2fb	.config	log	report	info	KMSAN: uninit-value in ieee802154_hdr_push
ci-upstream-kmsan-gce-386	2021/06/15 18:30	https://github.com/google/kmsan.git master	7bcc9a7be76b	58636922	.config	log	report	info	KMSAN: uninit-value in ieee802154_hdr_push
ci-upstream-kmsan-gce-386	2021/06/14 12:04	https://github.com/google/kmsan.git master	6099c9da2f7d	1ba81399	.config	log	report	info	KMSAN: uninit-value in ieee802154_hdr_push
ci-upstream-kmsan-gce-386	2021/06/01 07:17	https://github.com/google/kmsan.git master	6099c9da2f7d	032639db	.config	log	report	info	KMSAN: uninit-value in ieee802154_hdr_push
ci-upstream-kmsan-gce-386	2021/06/01 00:37	https://github.com/google/kmsan.git master	6099c9da2f7d	032639db	.config	log	report	info	KMSAN: uninit-value in ieee802154_hdr_push
ci-upstream-kmsan-gce-386	2021/05/25 05:23	https://github.com/google/kmsan.git master	6099c9da2f7d	3c7fef33	.config	log	report	info	KMSAN: uninit-value in ieee802154_hdr_push
ci-upstream-kmsan-gce-386	2021/05/22 21:14	https://github.com/google/kmsan.git master	6099c9da2f7d	3c7fef33	.config	log	report	info	KMSAN: uninit-value in ieee802154_hdr_push
ci-upstream-kmsan-gce-386	2021/05/21 09:10	https://github.com/google/kmsan.git master	6099c9da2f7d	3c7fef33	.config	log	report	info	KMSAN: uninit-value in ieee802154_hdr_push
ci-upstream-kmsan-gce-386	2021/05/19 23:16	https://github.com/google/kmsan.git master	6099c9da2f7d	a343ba6b	.config	log	report	info	KMSAN: uninit-value in ieee802154_hdr_push
ci-upstream-kmsan-gce-386	2021/05/09 18:40	https://github.com/google/kmsan.git master	4ebaab5fb428	bc5434be	.config	log	report	info	KMSAN: uninit-value in ieee802154_hdr_push
ci-upstream-kmsan-gce-386	2021/05/08 10:26	https://github.com/google/kmsan.git master	4ebaab5fb428	bc5434be	.config	log	report	info	KMSAN: uninit-value in ieee802154_hdr_push
ci-upstream-kmsan-gce-386	2021/04/16 01:48	https://github.com/google/kmsan.git master	4ebaab5fb428	c59079a6	.config	log	report	info	KMSAN: uninit-value in ieee802154_hdr_push
ci-upstream-kmsan-gce-386	2021/04/15 22:50	https://github.com/google/kmsan.git master	4ebaab5fb428	c59079a6	.config	log	report	info	KMSAN: uninit-value in ieee802154_hdr_push
ci-upstream-kmsan-gce-386	2021/04/15 06:16	https://github.com/google/kmsan.git master	4ebaab5fb428	fcdb12ba	.config	log	report	info	KMSAN: uninit-value in ieee802154_hdr_push
ci-upstream-kmsan-gce-386	2021/04/15 05:56	https://github.com/google/kmsan.git master	4ebaab5fb428	fcdb12ba	.config	log	report	info	KMSAN: uninit-value in ieee802154_hdr_push
ci-upstream-kmsan-gce-386	2021/04/15 02:09	https://github.com/google/kmsan.git master	4ebaab5fb428	fcdb12ba	.config	log	report	info	KMSAN: uninit-value in ieee802154_hdr_push
ci-upstream-kmsan-gce-386	2021/04/15 01:19	https://github.com/google/kmsan.git master	4ebaab5fb428	fcdb12ba	.config	log	report	info	KMSAN: uninit-value in ieee802154_hdr_push
ci-upstream-kmsan-gce-386	2021/04/14 17:50	https://github.com/google/kmsan.git master	4ebaab5fb428	3134b37f	.config	log	report	info	KMSAN: uninit-value in ieee802154_hdr_push
ci-upstream-kmsan-gce-386	2021/04/14 12:56	https://github.com/google/kmsan.git master	4ebaab5fb428	3134b37f	.config	log	report	info	KMSAN: uninit-value in ieee802154_hdr_push
ci-upstream-kmsan-gce-386	2021/04/13 22:00	https://github.com/google/kmsan.git master	4ebaab5fb428	a184b83e	.config	log	report	info	KMSAN: uninit-value in ieee802154_hdr_push
ci-upstream-kmsan-gce-386	2021/04/13 07:51	https://github.com/google/kmsan.git master	4ebaab5fb428	bfeda1b1	.config	log	report	info	KMSAN: uninit-value in ieee802154_hdr_push
ci-upstream-kmsan-gce-386	2021/04/06 15:05	https://github.com/google/kmsan.git master	29ad81a1074a	6a81331a	.config	log	report	info	KMSAN: uninit-value in ieee802154_hdr_push
ci-upstream-kmsan-gce-386	2021/04/01 22:28	https://github.com/google/kmsan.git master	29ad81a1074a	6a81331a	.config	log	report	info	KMSAN: uninit-value in ieee802154_hdr_push
ci-upstream-kmsan-gce-386	2021/03/30 08:50	https://github.com/google/kmsan.git master	29ad81a1074a	6a81331a	.config	log	report	info	KMSAN: uninit-value in ieee802154_hdr_push
ci-upstream-kmsan-gce-386	2021/03/24 04:57	https://github.com/google/kmsan.git master	29ad81a1074a	e613994b	.config	log	report	info	KMSAN: uninit-value in ieee802154_hdr_push
ci-upstream-kmsan-gce-386	2021/02/28 22:39	https://github.com/google/kmsan.git master	29ad81a1074a	4c37c133	.config	log	report	info	KMSAN: uninit-value in ieee802154_hdr_push
ci-upstream-kmsan-gce-386	2021/02/26 08:33	https://github.com/google/kmsan.git master	29ad81a1074a	76f7fc95	.config	log	report	info	KMSAN: uninit-value in ieee802154_hdr_push