=====================================================
BUG: KMSAN: kernel-infoleak-after-free in instrument_copy_to_user include/linux/instrumented.h:114 [inline]
BUG: KMSAN: kernel-infoleak-after-free in copy_to_user_iter lib/iov_iter.c:24 [inline]
BUG: KMSAN: kernel-infoleak-after-free in iterate_ubuf include/linux/iov_iter.h:29 [inline]
BUG: KMSAN: kernel-infoleak-after-free in iterate_and_advance2 include/linux/iov_iter.h:245 [inline]
BUG: KMSAN: kernel-infoleak-after-free in iterate_and_advance include/linux/iov_iter.h:271 [inline]
BUG: KMSAN: kernel-infoleak-after-free in _copy_to_iter+0x364/0x2520 lib/iov_iter.c:186
 instrument_copy_to_user include/linux/instrumented.h:114 [inline]
 copy_to_user_iter lib/iov_iter.c:24 [inline]
 iterate_ubuf include/linux/iov_iter.h:29 [inline]
 iterate_and_advance2 include/linux/iov_iter.h:245 [inline]
 iterate_and_advance include/linux/iov_iter.h:271 [inline]
 _copy_to_iter+0x364/0x2520 lib/iov_iter.c:186
 copy_to_iter include/linux/uio.h:197 [inline]
 iterate_tty_read drivers/tty/tty_io.c:882 [inline]
 tty_read+0x41e/0xde0 drivers/tty/tty_io.c:937
 call_read_iter include/linux/fs.h:2014 [inline]
 aio_read+0x4b4/0x680 fs/aio.c:1551
 io_submit_one+0x25f9/0x3550 fs/aio.c:2001
 __do_sys_io_submit fs/aio.c:2060 [inline]
 __se_sys_io_submit+0x275/0x6f0 fs/aio.c:2030
 __x64_sys_io_submit+0x96/0xe0 fs/aio.c:2030
 do_syscall_x64 arch/x86/entry/common.c:51 [inline]
 do_syscall_64+0x44/0x110 arch/x86/entry/common.c:82
 entry_SYSCALL_64_after_hwframe+0x63/0x6b

Uninit was stored to memory at:
 copy_from_read_buf drivers/tty/n_tty.c:1972 [inline]
 n_tty_read+0x2054/0x31c0 drivers/tty/n_tty.c:2299
 iterate_tty_read drivers/tty/tty_io.c:862 [inline]
 tty_read+0x31b/0xde0 drivers/tty/tty_io.c:937
 call_read_iter include/linux/fs.h:2014 [inline]
 aio_read+0x4b4/0x680 fs/aio.c:1551
 io_submit_one+0x25f9/0x3550 fs/aio.c:2001
 __do_sys_io_submit fs/aio.c:2060 [inline]
 __se_sys_io_submit+0x275/0x6f0 fs/aio.c:2030
 __x64_sys_io_submit+0x96/0xe0 fs/aio.c:2030
 do_syscall_x64 arch/x86/entry/common.c:51 [inline]
 do_syscall_64+0x44/0x110 arch/x86/entry/common.c:82
 entry_SYSCALL_64_after_hwframe+0x63/0x6b

Uninit was stored to memory at:
 put_tty_queue drivers/tty/n_tty.c:308 [inline]
 n_tty_receive_buf_raw drivers/tty/n_tty.c:1556 [inline]
 __receive_buf drivers/tty/n_tty.c:1625 [inline]
 n_tty_receive_buf_common+0x11e6/0x2320 drivers/tty/n_tty.c:1734
 n_tty_receive_buf2+0x4c/0x60 drivers/tty/n_tty.c:1780
 tty_ldisc_receive_buf+0xce/0x270 drivers/tty/tty_buffer.c:387
 tty_port_default_receive_buf+0xdf/0x190 drivers/tty/tty_port.c:37
 receive_buf drivers/tty/tty_buffer.c:445 [inline]
 flush_to_ldisc+0x4b7/0xdc0 drivers/tty/tty_buffer.c:495
 process_one_work kernel/workqueue.c:2630 [inline]
 process_scheduled_works+0x104e/0x1e70 kernel/workqueue.c:2703
 worker_thread+0xf45/0x1490 kernel/workqueue.c:2784
 kthread+0x3ed/0x540 kernel/kthread.c:388
 ret_from_fork+0x66/0x80 arch/x86/kernel/process.c:147
 ret_from_fork_asm+0x11/0x20 arch/x86/entry/entry_64.S:242

Uninit was created at:
 slab_free_hook mm/slub.c:1770 [inline]
 slab_free_freelist_hook mm/slub.c:1826 [inline]
 slab_free mm/slub.c:3809 [inline]
 __kmem_cache_free+0x59f/0xe80 mm/slub.c:3822
 kfree+0x173/0x420 mm/slab_common.c:1056
 skb_kfree_head net/core/skbuff.c:950 [inline]
 skb_free_head net/core/skbuff.c:962 [inline]
 skb_release_data+0xda9/0x1010 net/core/skbuff.c:992
 skb_release_all net/core/skbuff.c:1058 [inline]
 __kfree_skb+0x6d/0x250 net/core/skbuff.c:1072
 consume_skb+0xa8/0x2d0 net/core/skbuff.c:1288
 batadv_forw_packet_free+0x70/0x370 net/batman-adv/send.c:471
 batadv_iv_send_outstanding_bat_ogm_packet+0xd3b/0xe50 net/batman-adv/bat_iv_ogm.c:1718
 process_one_work kernel/workqueue.c:2630 [inline]
 process_scheduled_works+0x104e/0x1e70 kernel/workqueue.c:2703
 worker_thread+0xf45/0x1490 kernel/workqueue.c:2784
 kthread+0x3ed/0x540 kernel/kthread.c:388
 ret_from_fork+0x66/0x80 arch/x86/kernel/process.c:147
 ret_from_fork_asm+0x11/0x20 arch/x86/entry/entry_64.S:242

Byte 0 of 64 is uninitialized
Memory access of size 64 starts at ffff8880ba6ffb10
Data copied to user address 00000000200001c0

CPU: 0 PID: 8333 Comm: syz-executor.3 Not tainted 6.6.0-syzkaller-05843-g89ed67ef126c #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/09/2023
=====================================================