===================================================== BUG: KMSAN: kernel-infoleak in instrument_copy_to_user include/linux/instrumented.h:114 [inline] BUG: KMSAN: kernel-infoleak in _inline_copy_to_user include/linux/uaccess.h:196 [inline] BUG: KMSAN: kernel-infoleak in _copy_to_user+0xcc/0x120 lib/usercopy.c:26 instrument_copy_to_user include/linux/instrumented.h:114 [inline] _inline_copy_to_user include/linux/uaccess.h:196 [inline] _copy_to_user+0xcc/0x120 lib/usercopy.c:26 copy_to_user include/linux/uaccess.h:225 [inline] move_addr_to_user+0x29c/0x410 net/socket.c:293 ____sys_recvmsg+0x232/0x610 net/socket.c:2841 ___sys_recvmsg+0x20b/0x850 net/socket.c:2876 do_recvmmsg+0x50b/0xdf0 net/socket.c:2963 __sys_recvmmsg+0xf3/0x460 net/socket.c:3045 __do_compat_sys_recvmmsg_time32 net/compat.c:418 [inline] __se_compat_sys_recvmmsg_time32 net/compat.c:414 [inline] __ia32_compat_sys_recvmmsg_time32+0x102/0x1b0 net/compat.c:414 ia32_sys_call+0x2970/0x4310 arch/x86/include/generated/asm/syscalls_32.h:338 do_syscall_32_irqs_on arch/x86/entry/syscall_32.c:83 [inline] __do_fast_syscall_32+0xb0/0x150 arch/x86/entry/syscall_32.c:306 do_fast_syscall_32+0x38/0x80 arch/x86/entry/syscall_32.c:331 do_SYSENTER_32+0x1f/0x30 arch/x86/entry/syscall_32.c:369 entry_SYSENTER_compat_after_hwframe+0x84/0x8e Uninit was stored to memory at: ieee802154_addr_to_sa include/net/ieee802154_netdev.h:369 [inline] dgram_recvmsg+0xa17/0xbe0 net/ieee802154/socket.c:739 sock_common_recvmsg+0xd5/0x1d0 net/core/sock.c:3909 sock_recvmsg_nosec net/socket.c:1065 [inline] sock_recvmsg+0x2dc/0x390 net/socket.c:1087 ____sys_recvmsg+0x193/0x610 net/socket.c:2834 ___sys_recvmsg+0x20b/0x850 net/socket.c:2876 do_recvmmsg+0x50b/0xdf0 net/socket.c:2963 __sys_recvmmsg+0xf3/0x460 net/socket.c:3045 __do_compat_sys_recvmmsg_time32 net/compat.c:418 [inline] __se_compat_sys_recvmmsg_time32 net/compat.c:414 [inline] __ia32_compat_sys_recvmmsg_time32+0x102/0x1b0 net/compat.c:414 ia32_sys_call+0x2970/0x4310 arch/x86/include/generated/asm/syscalls_32.h:338 do_syscall_32_irqs_on arch/x86/entry/syscall_32.c:83 [inline] __do_fast_syscall_32+0xb0/0x150 arch/x86/entry/syscall_32.c:306 do_fast_syscall_32+0x38/0x80 arch/x86/entry/syscall_32.c:331 do_SYSENTER_32+0x1f/0x30 arch/x86/entry/syscall_32.c:369 entry_SYSENTER_compat_after_hwframe+0x84/0x8e Uninit was stored to memory at: __copy_skb_header+0xa3/0x840 net/core/skbuff.c:1494 __skb_clone+0x57/0x650 net/core/skbuff.c:1546 skb_clone+0x473/0x580 net/core/skbuff.c:2056 __ieee802154_rx_handle_packet net/mac802154/rx.c:363 [inline] ieee802154_rx+0xdeb/0x3460 net/mac802154/rx.c:431 ieee802154_tasklet_handler+0x139/0x2b0 net/mac802154/main.c:35 tasklet_action_common+0x35f/0xd70 kernel/softirq.c:829 tasklet_action+0x2d/0x40 kernel/softirq.c:855 handle_softirqs+0x166/0x6e0 kernel/softirq.c:579 __do_softirq+0x14/0x1b kernel/softirq.c:613 Uninit was stored to memory at: ieee802154_parse_frame_start net/mac802154/rx.c:299 [inline] __ieee802154_rx_handle_packet net/mac802154/rx.c:343 [inline] ieee802154_rx+0xb4d/0x3460 net/mac802154/rx.c:431 ieee802154_tasklet_handler+0x139/0x2b0 net/mac802154/main.c:35 tasklet_action_common+0x35f/0xd70 kernel/softirq.c:829 tasklet_action+0x2d/0x40 kernel/softirq.c:855 handle_softirqs+0x166/0x6e0 kernel/softirq.c:579 __do_softirq+0x14/0x1b kernel/softirq.c:613 Local variable hdr.i created at: __ieee802154_rx_handle_packet net/mac802154/rx.c:340 [inline] ieee802154_rx+0x96e/0x3460 net/mac802154/rx.c:431 ieee802154_tasklet_handler+0x139/0x2b0 net/mac802154/main.c:35 Bytes 8-9 of 20 are uninitialized Memory access of size 20 starts at ffff8880290879b8 Data copied to user address 0000000080000580 CPU: 0 UID: 0 PID: 947 Comm: syz.1.8431 Tainted: G W syzkaller #0 PREEMPT(none) Tainted: [W]=WARN Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 =====================================================