syzbot

=====================================================
BUG: KMSAN: uninit-value in kmsan_check_memory+0xd/0x10 mm/kmsan/kmsan_hooks.c:428
CPU: 0 PID: 8682 Comm: syz-executor281 Not tainted 5.8.0-rc5-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x1df/0x240 lib/dump_stack.c:118
 kmsan_report+0xf7/0x1e0 mm/kmsan/kmsan_report.c:121
 kmsan_internal_check_memory+0x238/0x3d0 mm/kmsan/kmsan.c:423
 kmsan_check_memory+0xd/0x10 mm/kmsan/kmsan_hooks.c:428
 instrument_copy_to_user include/linux/instrumented.h:91 [inline]
 copyout lib/iov_iter.c:142 [inline]
 _copy_to_iter+0x3d4/0x26e0 lib/iov_iter.c:631
 copy_to_iter include/linux/uio.h:138 [inline]
 memcpy_to_msg include/linux/skbuff.h:3571 [inline]
 bcm_recvmsg+0x25a/0x740 net/can/bcm.c:1612
 sock_recvmsg_nosec net/socket.c:886 [inline]
 sock_recvmsg net/socket.c:904 [inline]
 __sys_recvfrom+0xacd/0xae0 net/socket.c:2052
 __do_sys_recvfrom net/socket.c:2070 [inline]
 __se_sys_recvfrom+0x111/0x130 net/socket.c:2066
 __x64_sys_recvfrom+0x6e/0x90 net/socket.c:2066
 do_syscall_64+0xb0/0x150 arch/x86/entry/common.c:386
 entry_SYSCALL_64_after_hwframe+0x44/0xa9
RIP: 0033:0x448cd9
Code: Bad RIP value.
RSP: 002b:00007f5fbb95fd88 EFLAGS: 00000246 ORIG_RAX: 000000000000002d
RAX: ffffffffffffffda RBX: 00000000006dec68 RCX: 0000000000448cd9
RDX: 0000000000000032 RSI: 0000000020000040 RDI: 0000000000000003
RBP: 00000000006dec60 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 00000000006dec6c
R13: ffffff7f00000001 R14: 0000000000000000 R15: 000000306e616376

Uninit was stored to memory at:
 kmsan_save_stack_with_flags mm/kmsan/kmsan.c:144 [inline]
 kmsan_internal_chain_origin+0xad/0x130 mm/kmsan/kmsan.c:310
 kmsan_memcpy_memmove_metadata+0x272/0x2e0 mm/kmsan/kmsan.c:247
 kmsan_memcpy_metadata+0xb/0x10 mm/kmsan/kmsan.c:267
 __msan_memcpy+0x43/0x50 mm/kmsan/kmsan_instr.c:116
 skb_put_data include/linux/skbuff.h:2260 [inline]
 bcm_send_to_user+0x250/0x820 net/can/bcm.c:327
 bcm_tx_timeout_handler+0x5d0/0x620 net/can/bcm.c:413
 __run_hrtimer kernel/time/hrtimer.c:1520 [inline]
 __hrtimer_run_queues+0xa61/0x1340 kernel/time/hrtimer.c:1584
 hrtimer_run_softirq+0x1b2/0x2b0 kernel/time/hrtimer.c:1601
 __do_softirq+0x311/0x83d kernel/softirq.c:293

Local variable ----msg_head@bcm_tx_timeout_handler created at:
 bcm_tx_timeout_handler+0x4f/0x620 net/can/bcm.c:398
 bcm_tx_timeout_handler+0x4f/0x620 net/can/bcm.c:398

Bytes 12-15 of 50 are uninitialized
Memory access of size 50 starts at ffff88b629809600
=====================================================