===================================================== BUG: KMSAN: uninit-value in sctp_inq_pop+0x15c0/0x1930 net/sctp/inqueue.c:211 sctp_inq_pop+0x15c0/0x1930 net/sctp/inqueue.c:211 sctp_assoc_bh_rcv+0x1a7/0xc50 net/sctp/associola.c:998 sctp_inq_push+0x2ef/0x380 net/sctp/inqueue.c:88 sctp_rcv+0x3834/0x3b20 net/sctp/input.c:243 sctp6_rcv+0x4a/0xc0 net/sctp/ipv6.c:1126 ip6_protocol_deliver_rcu+0x1d2a/0x2cc0 net/ipv6/ip6_input.c:436 ip6_input_finish net/ipv6/ip6_input.c:480 [inline] NF_HOOK include/linux/netfilter.h:314 [inline] ip6_input+0x151/0x440 net/ipv6/ip6_input.c:491 dst_input include/net/dst.h:469 [inline] ip6_rcv_finish+0x617/0x970 net/ipv6/ip6_input.c:79 NF_HOOK include/linux/netfilter.h:314 [inline] ipv6_rcv+0xde/0x390 net/ipv6/ip6_input.c:309 __netif_receive_skb_one_core net/core/dev.c:5891 [inline] __netif_receive_skb+0x1da/0xa00 net/core/dev.c:6004 process_backlog+0x4ad/0xa50 net/core/dev.c:6356 __napi_poll+0xe7/0x980 net/core/dev.c:7328 napi_poll net/core/dev.c:7392 [inline] net_rx_action+0xa5a/0x19b0 net/core/dev.c:7514 handle_softirqs+0x1a0/0x7c0 kernel/softirq.c:561 __do_softirq kernel/softirq.c:595 [inline] invoke_softirq kernel/softirq.c:435 [inline] __irq_exit_rcu+0x68/0x180 kernel/softirq.c:662 irq_exit_rcu+0x12/0x20 kernel/softirq.c:678 instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1049 [inline] sysvec_apic_timer_interrupt+0x83/0x90 arch/x86/kernel/apic/apic.c:1049 asm_sysvec_apic_timer_interrupt+0x1f/0x30 arch/x86/include/asm/idtentry.h:702 __msan_metadata_ptr_for_load_8+0x5/0x40 mm/kmsan/instrumentation.c:94 stack_depot_save_flags+0x2c/0x750 lib/stackdepot.c:609 stack_depot_save+0x12/0x20 lib/stackdepot.c:686 __msan_poison_alloca+0x106/0x1b0 mm/kmsan/instrumentation.c:286 native_set_pte arch/x86/include/asm/pgtable_64.h:65 [inline] set_ptes include/linux/pgtable.h:292 [inline] __copy_present_ptes mm/memory.c:967 [inline] copy_present_ptes mm/memory.c:1050 [inline] copy_pte_range mm/memory.c:1173 [inline] copy_pmd_range mm/memory.c:1261 [inline] copy_pud_range mm/memory.c:1298 [inline] copy_p4d_range mm/memory.c:1322 [inline] copy_page_range+0x3ae6/0xe3d0 mm/memory.c:1420 dup_mmap kernel/fork.c:748 [inline] dup_mm kernel/fork.c:1700 [inline] copy_mm+0x264a/0x3ea0 kernel/fork.c:1752 copy_process+0x26e5/0x5c40 kernel/fork.c:2395 kernel_clone+0x402/0x1040 kernel/fork.c:2810 __do_sys_clone kernel/fork.c:2953 [inline] __se_sys_clone kernel/fork.c:2937 [inline] __x64_sys_clone+0x25c/0x360 kernel/fork.c:2937 x64_sys_call+0x3c16/0x3c80 arch/x86/include/generated/asm/syscalls_64.h:57 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline] do_syscall_64+0xcd/0x1e0 arch/x86/entry/syscall_64.c:94 entry_SYSCALL_64_after_hwframe+0x77/0x7f Uninit was stored to memory at: sctp_inq_pop+0x1547/0x1930 net/sctp/inqueue.c:207 sctp_assoc_bh_rcv+0x1a7/0xc50 net/sctp/associola.c:998 sctp_inq_push+0x2ef/0x380 net/sctp/inqueue.c:88 sctp_rcv+0x3834/0x3b20 net/sctp/input.c:243 sctp6_rcv+0x4a/0xc0 net/sctp/ipv6.c:1126 ip6_protocol_deliver_rcu+0x1d2a/0x2cc0 net/ipv6/ip6_input.c:436 ip6_input_finish net/ipv6/ip6_input.c:480 [inline] NF_HOOK include/linux/netfilter.h:314 [inline] ip6_input+0x151/0x440 net/ipv6/ip6_input.c:491 dst_input include/net/dst.h:469 [inline] ip6_rcv_finish+0x617/0x970 net/ipv6/ip6_input.c:79 NF_HOOK include/linux/netfilter.h:314 [inline] ipv6_rcv+0xde/0x390 net/ipv6/ip6_input.c:309 __netif_receive_skb_one_core net/core/dev.c:5891 [inline] __netif_receive_skb+0x1da/0xa00 net/core/dev.c:6004 process_backlog+0x4ad/0xa50 net/core/dev.c:6356 __napi_poll+0xe7/0x980 net/core/dev.c:7328 napi_poll net/core/dev.c:7392 [inline] net_rx_action+0xa5a/0x19b0 net/core/dev.c:7514 handle_softirqs+0x1a0/0x7c0 kernel/softirq.c:561 __do_softirq kernel/softirq.c:595 [inline] invoke_softirq kernel/softirq.c:435 [inline] __irq_exit_rcu+0x68/0x180 kernel/softirq.c:662 irq_exit_rcu+0x12/0x20 kernel/softirq.c:678 instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1049 [inline] sysvec_apic_timer_interrupt+0x83/0x90 arch/x86/kernel/apic/apic.c:1049 asm_sysvec_apic_timer_interrupt+0x1f/0x30 arch/x86/include/asm/idtentry.h:702 Uninit was created at: slab_post_alloc_hook mm/slub.c:4144 [inline] slab_alloc_node mm/slub.c:4187 [inline] __do_kmalloc_node mm/slub.c:4317 [inline] __kmalloc_node_track_caller_noprof+0x962/0x1260 mm/slub.c:4337 kmalloc_reserve+0x23e/0x4a0 net/core/skbuff.c:599 __alloc_skb+0x366/0x7b0 net/core/skbuff.c:668 alloc_skb include/linux/skbuff.h:1340 [inline] sctp_packet_pack net/sctp/output.c:472 [inline] sctp_packet_transmit+0x1811/0x4470 net/sctp/output.c:621 sctp_outq_flush_transports net/sctp/outqueue.c:1173 [inline] sctp_outq_flush+0x1b2f/0x6590 net/sctp/outqueue.c:1221 sctp_outq_uncork+0x9c/0xb0 net/sctp/outqueue.c:764 sctp_cmd_interpreter net/sctp/sm_sideeffect.c:-1 [inline] sctp_side_effects net/sctp/sm_sideeffect.c:1198 [inline] sctp_do_sm+0x8c5d/0x93e0 net/sctp/sm_sideeffect.c:1169 sctp_assoc_bh_rcv+0x8fe/0xc50 net/sctp/associola.c:1052 sctp_inq_push+0x2ef/0x380 net/sctp/inqueue.c:88 sctp_backlog_rcv+0x397/0xdb0 net/sctp/input.c:331 sk_backlog_rcv+0x13b/0x420 include/net/sock.h:1126 __release_sock+0x1da/0x330 net/core/sock.c:3158 release_sock+0x6b/0x250 net/core/sock.c:3712 sctp_wait_for_connect+0x487/0x820 net/sctp/socket.c:9360 sctp_sendmsg_to_asoc+0x1ec1/0x1f00 net/sctp/socket.c:1885 sctp_sendmsg+0x32b9/0x4a90 net/sctp/socket.c:2031 inet_sendmsg+0x25a/0x280 net/ipv4/af_inet.c:851 sock_sendmsg_nosec net/socket.c:712 [inline] __sock_sendmsg+0x267/0x380 net/socket.c:727 __sys_sendto+0x594/0x750 net/socket.c:2180 __do_sys_sendto net/socket.c:2187 [inline] __se_sys_sendto net/socket.c:2183 [inline] __x64_sys_sendto+0x125/0x1d0 net/socket.c:2183 x64_sys_call+0x37e7/0x3c80 arch/x86/include/generated/asm/syscalls_64.h:45 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline] do_syscall_64+0xcd/0x1e0 arch/x86/entry/syscall_64.c:94 entry_SYSCALL_64_after_hwframe+0x77/0x7f CPU: 0 UID: 0 PID: 7843 Comm: syz-executor Not tainted 6.14.0-syzkaller-09881-g092e335082f2 #0 PREEMPT(undef) Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025 =====================================================