===================================================== BUG: KMSAN: uninit-value in ath9k_wmi_ctrl_rx+0x344/0x590 drivers/net/wireless/ath/ath9k/wmi.c:227 ath9k_wmi_ctrl_rx+0x344/0x590 drivers/net/wireless/ath/ath9k/wmi.c:227 ath9k_htc_rx_msg+0x5a5/0xac0 drivers/net/wireless/ath/ath9k/htc_hst.c:479 ath9k_hif_usb_rx_stream drivers/net/wireless/ath/ath9k/hif_usb.c:653 [inline] ath9k_hif_usb_rx_cb+0x1a9e/0x20c0 drivers/net/wireless/ath/ath9k/hif_usb.c:686 __usb_hcd_giveback_urb+0x522/0x740 drivers/usb/core/hcd.c:1671 usb_hcd_giveback_urb+0x154/0x670 drivers/usb/core/hcd.c:1754 dummy_timer+0xd3f/0x4f20 drivers/usb/gadget/udc/dummy_hcd.c:1988 call_timer_fn+0x43/0x480 kernel/time/timer.c:1474 expire_timers+0x272/0x610 kernel/time/timer.c:1519 __run_timers+0x5bd/0x8c0 kernel/time/timer.c:1790 run_timer_softirq+0x64/0xe0 kernel/time/timer.c:1803 __do_softirq+0x1cc/0x7fb kernel/softirq.c:571 invoke_softirq+0x8f/0x100 kernel/softirq.c:445 __irq_exit_rcu+0x5a/0x110 kernel/softirq.c:650 irq_exit_rcu+0xe/0x10 kernel/softirq.c:662 sysvec_apic_timer_interrupt+0x9a/0xc0 arch/x86/kernel/apic/apic.c:1106 asm_sysvec_apic_timer_interrupt+0x1b/0x20 kmsan_get_shadow_origin_ptr+0x6/0xa0 mm/kmsan/shadow.c:84 get_shadow_origin_ptr mm/kmsan/instrumentation.c:35 [inline] __msan_metadata_ptr_for_load_4+0x20/0x30 mm/kmsan/instrumentation.c:76 preempt_count_add+0x71/0x290 kernel/sched/core.c:5646 __raw_spin_lock include/linux/spinlock_api_smp.h:132 [inline] _raw_spin_lock+0x1f/0x50 kernel/locking/spinlock.c:154 spin_lock include/linux/spinlock.h:349 [inline] filemap_map_pages+0x677/0x2230 mm/filemap.c:3347 do_fault_around mm/memory.c:4489 [inline] do_read_fault mm/memory.c:4515 [inline] do_fault+0x971/0x2110 mm/memory.c:4649 handle_pte_fault mm/memory.c:4913 [inline] __handle_mm_fault mm/memory.c:5055 [inline] handle_mm_fault+0x313f/0x3a90 mm/memory.c:5153 faultin_page mm/gup.c:990 [inline] __get_user_pages+0x75d/0x20c0 mm/gup.c:1219 populate_vma_page_range mm/gup.c:1576 [inline] __mm_populate+0x6e3/0xa40 mm/gup.c:1689 mm_populate include/linux/mm.h:2663 [inline] vm_mmap_pgoff+0x2e8/0x450 mm/util.c:557 ksys_mmap_pgoff+0x166/0x760 mm/mmap.c:1586 __do_sys_mmap arch/x86/kernel/sys_x86_64.c:93 [inline] __se_sys_mmap arch/x86/kernel/sys_x86_64.c:86 [inline] __x64_sys_mmap+0x169/0x200 arch/x86/kernel/sys_x86_64.c:86 do_syscall_x64 arch/x86/entry/common.c:50 [inline] do_syscall_64+0x3d/0xb0 arch/x86/entry/common.c:80 entry_SYSCALL_64_after_hwframe+0x63/0xcd Uninit was created at: slab_post_alloc_hook mm/slab.h:732 [inline] slab_alloc_node mm/slub.c:3258 [inline] __kmalloc_node_track_caller+0x814/0x1250 mm/slub.c:4970 kmalloc_reserve net/core/skbuff.c:358 [inline] __alloc_skb+0x346/0xcf0 net/core/skbuff.c:430 __netdev_alloc_skb+0x126/0x780 net/core/skbuff.c:496 __dev_alloc_skb include/linux/skbuff.h:3136 [inline] ath9k_hif_usb_rx_stream drivers/net/wireless/ath/ath9k/hif_usb.c:635 [inline] ath9k_hif_usb_rx_cb+0xd59/0x20c0 drivers/net/wireless/ath/ath9k/hif_usb.c:686 __usb_hcd_giveback_urb+0x522/0x740 drivers/usb/core/hcd.c:1671 usb_hcd_giveback_urb+0x154/0x670 drivers/usb/core/hcd.c:1754 dummy_timer+0xd3f/0x4f20 drivers/usb/gadget/udc/dummy_hcd.c:1988 call_timer_fn+0x43/0x480 kernel/time/timer.c:1474 expire_timers+0x272/0x610 kernel/time/timer.c:1519 __run_timers+0x5bd/0x8c0 kernel/time/timer.c:1790 run_timer_softirq+0x64/0xe0 kernel/time/timer.c:1803 __do_softirq+0x1cc/0x7fb kernel/softirq.c:571 CPU: 0 PID: 4549 Comm: syz-executor.5 Not tainted 6.0.0-rc3-syzkaller-47816-gad8e4e812ba8 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/26/2022 =====================================================