===================================================== BUG: KMSAN: uninit-value in eir_get_length net/bluetooth/hci_event.c:4325 [inline] BUG: KMSAN: uninit-value in hci_extended_inquiry_result_evt net/bluetooth/hci_event.c:4375 [inline] BUG: KMSAN: uninit-value in hci_event_packet+0x153f/0x359e0 net/bluetooth/hci_event.c:6075 CPU: 1 PID: 11534 Comm: kworker/u5:1 Not tainted 5.7.0-rc4-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Workqueue: hci0 hci_rx_work Call Trace: __dump_stack lib/dump_stack.c:77 [inline] dump_stack+0x1c9/0x220 lib/dump_stack.c:118 kmsan_report+0xf7/0x1e0 mm/kmsan/kmsan_report.c:121 __msan_warning+0x58/0xa0 mm/kmsan/kmsan_instr.c:215 eir_get_length net/bluetooth/hci_event.c:4325 [inline] hci_extended_inquiry_result_evt net/bluetooth/hci_event.c:4375 [inline] hci_event_packet+0x153f/0x359e0 net/bluetooth/hci_event.c:6075 hci_rx_work+0xa8f/0xd20 net/bluetooth/hci_core.c:4686 process_one_work+0x1555/0x1f40 kernel/workqueue.c:2268 worker_thread+0xef6/0x2450 kernel/workqueue.c:2414 kthread+0x4b5/0x4f0 kernel/kthread.c:269 ret_from_fork+0x35/0x40 arch/x86/entry/entry_64.S:353 Uninit was created at: kmsan_save_stack_with_flags mm/kmsan/kmsan.c:144 [inline] kmsan_internal_poison_shadow+0x66/0xd0 mm/kmsan/kmsan.c:127 kmsan_slab_alloc+0x8a/0xe0 mm/kmsan/kmsan_hooks.c:80 slab_alloc_node mm/slub.c:2802 [inline] __kmalloc_node_track_caller+0xb40/0x1200 mm/slub.c:4436 __kmalloc_reserve net/core/skbuff.c:142 [inline] __alloc_skb+0x2fd/0xac0 net/core/skbuff.c:210 alloc_skb include/linux/skbuff.h:1083 [inline] bt_skb_alloc include/net/bluetooth/bluetooth.h:358 [inline] vhci_get_user drivers/bluetooth/hci_vhci.c:165 [inline] vhci_write+0x15b/0x800 drivers/bluetooth/hci_vhci.c:285 call_write_iter include/linux/fs.h:1907 [inline] new_sync_write fs/read_write.c:484 [inline] __vfs_write+0xa5a/0xca0 fs/read_write.c:497 vfs_write+0x444/0x8e0 fs/read_write.c:559 ksys_write+0x267/0x450 fs/read_write.c:612 __do_sys_write fs/read_write.c:624 [inline] __se_sys_write+0x92/0xb0 fs/read_write.c:621 __ia32_sys_write+0x4a/0x70 fs/read_write.c:621 do_syscall_32_irqs_on arch/x86/entry/common.c:339 [inline] do_fast_syscall_32+0x3bf/0x6d0 arch/x86/entry/common.c:398 entry_SYSENTER_compat+0x68/0x77 arch/x86/entry/entry_64_compat.S:139 =====================================================