===================================================== BUG: KMSAN: kernel-infoleak in instrument_copy_to_user include/linux/instrumented.h:121 [inline] BUG: KMSAN: kernel-infoleak in copyout lib/iov_iter.c:154 [inline] BUG: KMSAN: kernel-infoleak in _copy_to_iter+0x6ef/0x25a0 lib/iov_iter.c:668 instrument_copy_to_user include/linux/instrumented.h:121 [inline] copyout lib/iov_iter.c:154 [inline] _copy_to_iter+0x6ef/0x25a0 lib/iov_iter.c:668 copy_to_iter include/linux/uio.h:162 [inline] simple_copy_to_iter+0xf3/0x140 net/core/datagram.c:519 __skb_datagram_iter+0x2d5/0x11b0 net/core/datagram.c:425 skb_copy_datagram_iter+0xdc/0x270 net/core/datagram.c:533 skb_copy_datagram_msg include/linux/skbuff.h:3696 [inline] nr_recvmsg+0x3f6/0x800 net/netrom/af_netrom.c:1175 ____sys_recvmsg+0x590/0xb00 ___sys_recvmsg net/socket.c:2674 [inline] do_recvmmsg+0x16f4/0x2120 net/socket.c:2760 __sys_recvmmsg+0x51c/0x6f0 net/socket.c:2847 __do_compat_sys_recvmmsg_time32 net/compat.c:419 [inline] __se_compat_sys_recvmmsg_time32 net/compat.c:415 [inline] __ia32_compat_sys_recvmmsg_time32+0x16e/0x1d0 net/compat.c:415 do_syscall_32_irqs_on arch/x86/entry/common.c:114 [inline] __do_fast_syscall_32+0x96/0xf0 arch/x86/entry/common.c:180 do_fast_syscall_32+0x34/0x70 arch/x86/entry/common.c:205 do_SYSENTER_32+0x1b/0x20 arch/x86/entry/common.c:248 entry_SYSENTER_compat_after_hwframe+0x4d/0x5c Uninit was stored to memory at: skb_copy_from_linear_data include/linux/skbuff.h:3817 [inline] nr_loopback_queue+0x1c4/0x410 net/netrom/nr_loopback.c:35 nr_route_frame+0x292/0x1470 net/netrom/nr_route.c:776 nr_transmit_buffer+0x237/0x370 net/netrom/nr_out.c:209 nr_write_internal+0xc70/0x1050 net/netrom/nr_subr.c:205 nr_establish_data_link+0x8b/0x100 net/netrom/nr_out.c:227 nr_connect+0x14ed/0x1e80 net/netrom/af_netrom.c:713 __sys_connect_file net/socket.c:1900 [inline] __sys_connect+0x7bb/0x830 net/socket.c:1917 __do_sys_connect net/socket.c:1927 [inline] __se_sys_connect net/socket.c:1924 [inline] __ia32_sys_connect+0xdb/0x130 net/socket.c:1924 do_syscall_32_irqs_on arch/x86/entry/common.c:114 [inline] __do_fast_syscall_32+0x96/0xf0 arch/x86/entry/common.c:180 do_fast_syscall_32+0x34/0x70 arch/x86/entry/common.c:205 do_SYSENTER_32+0x1b/0x20 arch/x86/entry/common.c:248 entry_SYSENTER_compat_after_hwframe+0x4d/0x5c Uninit was created at: slab_post_alloc_hook mm/slab.h:737 [inline] slab_alloc_node mm/slub.c:3247 [inline] __kmalloc_node_track_caller+0xe0c/0x1510 mm/slub.c:4975 kmalloc_reserve net/core/skbuff.c:354 [inline] __alloc_skb+0x545/0xf90 net/core/skbuff.c:426 alloc_skb include/linux/skbuff.h:1158 [inline] nr_write_internal+0x184/0x1050 net/netrom/nr_subr.c:144 nr_establish_data_link+0x8b/0x100 net/netrom/nr_out.c:227 nr_connect+0x14ed/0x1e80 net/netrom/af_netrom.c:713 __sys_connect_file net/socket.c:1900 [inline] __sys_connect+0x7bb/0x830 net/socket.c:1917 __do_sys_connect net/socket.c:1927 [inline] __se_sys_connect net/socket.c:1924 [inline] __ia32_sys_connect+0xdb/0x130 net/socket.c:1924 do_syscall_32_irqs_on arch/x86/entry/common.c:114 [inline] __do_fast_syscall_32+0x96/0xf0 arch/x86/entry/common.c:180 do_fast_syscall_32+0x34/0x70 arch/x86/entry/common.c:205 do_SYSENTER_32+0x1b/0x20 arch/x86/entry/common.c:248 entry_SYSENTER_compat_after_hwframe+0x4d/0x5c Bytes 37-191 of 192 are uninitialized Memory access of size 192 starts at ffff8880837ff400 Data copied to user address 0000000020001680 CPU: 0 PID: 7135 Comm: syz-executor.1 Not tainted 5.17.0-rc4-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 =====================================================