KMSAN: uninit-value in nci_dev

===================================================== BUG: KMSAN: uninit-value in nci_init_req net/nfc/nci/core.c:177 [inline] BUG: KMSAN: uninit-value in __nci_request net/nfc/nci/core.c:108 [inline] BUG: KMSAN: uninit-value in nci_open_device net/nfc/nci/core.c:521 [inline] BUG: KMSAN: uninit-value in nci_dev_up+0x13a2/0x1ba0 net/nfc/nci/core.c:632 nci_init_req net/nfc/nci/core.c:177 [inline] __nci_request net/nfc/nci/core.c:108 [inline] nci_open_device net/nfc/nci/core.c:521 [inline] nci_dev_up+0x13a2/0x1ba0 net/nfc/nci/core.c:632 nfc_dev_up+0x201/0x3d0 net/nfc/core.c:118 nfc_genl_dev_up+0xe9/0x1c0 net/nfc/netlink.c:775 genl_family_rcv_msg_doit+0x335/0x3f0 net/netlink/genetlink.c:1115 genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline] genl_rcv_msg+0xacf/0xc10 net/netlink/genetlink.c:1210 netlink_rcv_skb+0x54a/0x680 net/netlink/af_netlink.c:2552 genl_rcv+0x41/0x60 net/netlink/genetlink.c:1219 netlink_unicast_kernel net/netlink/af_netlink.c:1320 [inline] netlink_unicast+0xf04/0x12b0 net/netlink/af_netlink.c:1346 netlink_sendmsg+0x10b3/0x1250 net/netlink/af_netlink.c:1896 sock_sendmsg_nosec net/socket.c:714 [inline] __sock_sendmsg+0x333/0x3d0 net/socket.c:729 ____sys_sendmsg+0x7e0/0xd80 net/socket.c:2614 ___sys_sendmsg+0x271/0x3b0 net/socket.c:2668 __sys_sendmsg net/socket.c:2700 [inline] __do_sys_sendmsg net/socket.c:2705 [inline] __se_sys_sendmsg net/socket.c:2703 [inline] __x64_sys_sendmsg+0x211/0x3e0 net/socket.c:2703 x64_sys_call+0x1dfd/0x3e20 arch/x86/include/generated/asm/syscalls_64.h:47 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline] do_syscall_64+0xd9/0x210 arch/x86/entry/syscall_64.c:94 entry_SYSCALL_64_after_hwframe+0x77/0x7f Uninit was stored to memory at: ------------[ cut here ]------------ WARNING: CPU: 1 PID: 6169 at kernel/stacktrace.c:29 stack_trace_print+0xd4/0xf0 kernel/stacktrace.c:29 Modules linked in: CPU: 1 UID: 0 PID: 6169 Comm: syz-executor421 Not tainted 6.16.0-syzkaller-10499-g89748acdf226 #0 PREEMPT(none) Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 RIP: 0010:stack_trace_print+0xd4/0xf0 kernel/stacktrace.c:29 Code: 8f bc 03 92 89 de ba 20 00 00 00 4c 89 e1 e8 c3 5d 4d ff 49 83 c6 08 49 ff cd 0f 85 6e ff ff ff eb 0b e8 ff 26 c3 00 eb d4 90 <0f> 0b 90 5b 41 5c 41 5d 41 5e 41 5f 5d e9 9a 33 07 0f cc 66 0f 1f RSP: 0018:ffff8881343b31c8 EFLAGS: 00010246 RAX: ffff888114afac20 RBX: 0000000000000000 RCX: 0000000000000000 RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 RBP: ffff8881343b31f0 R08: 0000000000000000 R09: 0000000000000000 R10: ffff888133bb3208 R11: 0000000000000001 R12: 0000000000000000 R13: 00000000abcd0100 R14: 0000000000000000 R15: 0000000000000000 FS: 00007f0c264ae6c0(0000) GS:ffff8881aa9a5000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007f0c26531650 CR3: 00000001193c6000 CR4: 00000000003526f0 Call Trace: <TASK> kmsan_print_origin+0xb0/0x340 mm/kmsan/report.c:133 kmsan_report+0x1d3/0x320 mm/kmsan/report.c:196 __msan_warning+0x1b/0x30 mm/kmsan/instrumentation.c:315 nci_init_req net/nfc/nci/core.c:177 [inline] __nci_request net/nfc/nci/core.c:108 [inline] nci_open_device net/nfc/nci/core.c:521 [inline] nci_dev_up+0x13a2/0x1ba0 net/nfc/nci/core.c:632 nfc_dev_up+0x201/0x3d0 net/nfc/core.c:118 nfc_genl_dev_up+0xe9/0x1c0 net/nfc/netlink.c:775 genl_family_rcv_msg_doit+0x335/0x3f0 net/netlink/genetlink.c:1115 genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline] genl_rcv_msg+0xacf/0xc10 net/netlink/genetlink.c:1210 netlink_rcv_skb+0x54a/0x680 net/netlink/af_netlink.c:2552 genl_rcv+0x41/0x60 net/netlink/genetlink.c:1219 netlink_unicast_kernel net/netlink/af_netlink.c:1320 [inline] netlink_unicast+0xf04/0x12b0 net/netlink/af_netlink.c:1346 netlink_sendmsg+0x10b3/0x1250 net/netlink/af_netlink.c:1896 sock_sendmsg_nosec net/socket.c:714 [inline] __sock_sendmsg+0x333/0x3d0 net/socket.c:729 ____sys_sendmsg+0x7e0/0xd80 net/socket.c:2614 ___sys_sendmsg+0x271/0x3b0 net/socket.c:2668 __sys_sendmsg net/socket.c:2700 [inline] __do_sys_sendmsg net/socket.c:2705 [inline] __se_sys_sendmsg net/socket.c:2703 [inline] __x64_sys_sendmsg+0x211/0x3e0 net/socket.c:2703 x64_sys_call+0x1dfd/0x3e20 arch/x86/include/generated/asm/syscalls_64.h:47 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline] do_syscall_64+0xd9/0x210 arch/x86/entry/syscall_64.c:94 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0033:0x7f0c264f62c9 Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 01 1a 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007f0c264ae218 EFLAGS: 00000246 ORIG_RAX: 000000000000002e RAX: ffffffffffffffda RBX: 00007f0c2657f368 RCX: 00007f0c264f62c9 RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000000000000004 RBP: 00007f0c2657f360 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0c2654c074 R13: 0000200000000150 R14: 00002000000000c0 R15: 0000200000000300 </TASK> ---[ end trace 0000000000000000 ]--- Uninit was stored to memory at: nci_core_reset_ntf_packet net/nfc/nci/ntf.c:36 [inline] nci_ntf_packet+0x179d/0x42b0 net/nfc/nci/ntf.c:812 nci_rx_work+0x403/0x750 net/nfc/nci/core.c:1555 process_one_work kernel/workqueue.c:3236 [inline] process_scheduled_works+0xb8e/0x1d80 kernel/workqueue.c:3319 worker_thread+0xedf/0x1590 kernel/workqueue.c:3400 kthread+0xd5c/0xf00 kernel/kthread.c:464 ret_from_fork+0x1e0/0x310 arch/x86/kernel/process.c:148 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245 Uninit was created at: slab_post_alloc_hook mm/slub.c:4186 [inline] slab_alloc_node mm/slub.c:4229 [inline] kmem_cache_alloc_node_noprof+0x818/0xf00 mm/slub.c:4281 kmalloc_reserve+0x13c/0x4b0 net/core/skbuff.c:578 __alloc_skb+0x347/0x7d0 net/core/skbuff.c:669 alloc_skb include/linux/skbuff.h:1336 [inline] virtual_ncidev_write+0x6b/0x430 drivers/nfc/virtual_ncidev.c:120 vfs_write+0x463/0x1580 fs/read_write.c:684 ksys_write fs/read_write.c:738 [inline] __do_sys_write fs/read_write.c:749 [inline] __se_sys_write fs/read_write.c:746 [inline] __x64_sys_write+0x1fb/0x4d0 fs/read_write.c:746 x64_sys_call+0x3014/0x3e20 arch/x86/include/generated/asm/syscalls_64.h:2 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline] do_syscall_64+0xd9/0x210 arch/x86/entry/syscall_64.c:94 entry_SYSCALL_64_after_hwframe+0x77/0x7f CPU: 1 UID: 0 PID: 6169 Comm: syz-executor421 Tainted: G W 6.16.0-syzkaller-10499-g89748acdf226 #0 PREEMPT(none) Tainted: [W]=WARN Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025 =====================================================

Crashes (5):
Time	Kernel	Commit	Syzkaller	Config	Log	Report	Syz repro	C repro	VM info	Assets (help?)	Manager	Title
2025/08/03 22:00	upstream	89748acdf226	7368264b	.config	strace log	report	syz / log	C		[disk image] [vmlinux] [kernel image]	ci-upstream-kmsan-gce-root	KMSAN: uninit-value in nci_dev_up
2025/08/03 20:18	upstream	89748acdf226	7368264b	.config	strace log	report	syz / log	C		[disk image] [vmlinux] [kernel image]	ci-upstream-kmsan-gce-root	KMSAN: uninit-value in nci_dev_up
2025/08/03 18:41	upstream	89748acdf226	7368264b	.config	strace log	report	syz / log	C		[disk image] [vmlinux] [kernel image]	ci-upstream-kmsan-gce-root	KMSAN: uninit-value in nci_dev_up
2025/08/18 01:59	upstream	8d561baae505	1804e95e	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci-upstream-kmsan-gce-root	KMSAN: uninit-value in nci_dev_up
2025/08/03 16:58	upstream	89748acdf226	7368264b	.config	console log	report			info	[disk image] [vmlinux] [kernel image]	ci-upstream-kmsan-gce-root	KMSAN: uninit-value in nci_dev_up

Crashes (5):

Time

Assets (help?)