=====================================================
BUG: KMSAN: use-after-free in can_receive+0x12c/0x4a0 net/can/af_can.c:656
 can_receive+0x12c/0x4a0 net/can/af_can.c:656
 can_rcv+0x1ff/0x3b0 net/can/af_can.c:690
 __netif_receive_skb_one_core net/core/dev.c:5887 [inline]
 __netif_receive_skb+0x474/0xac0 net/core/dev.c:6000
 process_backlog+0x485/0xa00 net/core/dev.c:6352
 __napi_poll+0xda/0x9c0 net/core/dev.c:7324
 napi_poll net/core/dev.c:7388 [inline]
 net_rx_action+0xa0a/0x18f0 net/core/dev.c:7510
 handle_softirqs+0x166/0x6e0 kernel/softirq.c:579
 __do_softirq+0x14/0x1b kernel/softirq.c:613
 do_softirq+0x99/0x100 kernel/softirq.c:480
 __local_bh_enable_ip+0xa1/0xb0 kernel/softirq.c:407
 local_bh_enable include/linux/bottom_half.h:33 [inline]
 rcu_read_unlock_bh include/linux/rcupdate.h:910 [inline]
 __dev_queue_xmit+0x2e5d/0x5e20 net/core/dev.c:4656
 dev_queue_xmit include/linux/netdevice.h:3350 [inline]
 can_send+0xffa/0x1390 net/can/af_can.c:279
 isotp_sendmsg+0x1bd3/0x24e0 net/can/isotp.c:1087
 sock_sendmsg_nosec net/socket.c:712 [inline]
 __sock_sendmsg+0x330/0x3d0 net/socket.c:727
 ____sys_sendmsg+0x893/0xd80 net/socket.c:2566
 ___sys_sendmsg+0x271/0x3b0 net/socket.c:2620
 __sys_sendmmsg+0x2dc/0x7d0 net/socket.c:2709
 __do_sys_sendmmsg net/socket.c:2736 [inline]
 __se_sys_sendmmsg net/socket.c:2733 [inline]
 __x64_sys_sendmmsg+0xc6/0x150 net/socket.c:2733
 x64_sys_call+0x3ce7/0x3db0 arch/x86/include/generated/asm/syscalls_64.h:308
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xd9/0x1b0 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

Uninit was created at:
 slab_free_hook mm/slub.c:2306 [inline]
 slab_free mm/slub.c:4642 [inline]
 kfree+0x236/0xea0 mm/slub.c:4841
 ieee80211_ibss_rx_queued_mgmt+0x2f83/0x3f60 net/mac80211/ibss.c:-1
 ieee80211_iface_process_skb net/mac80211/iface.c:1625 [inline]
 ieee80211_iface_work+0x1244/0x1b50 net/mac80211/iface.c:1679
 cfg80211_wiphy_work+0x354/0x820 net/wireless/core.c:435
 process_one_work kernel/workqueue.c:3238 [inline]
 process_scheduled_works+0xb97/0x1d90 kernel/workqueue.c:3319
 worker_thread+0xedf/0x1590 kernel/workqueue.c:3400
 kthread+0xd59/0xf00 kernel/kthread.c:464
 ret_from_fork+0x6e/0x90 arch/x86/kernel/process.c:153
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245

CPU: 1 UID: 0 PID: 6911 Comm: syz.0.16 Not tainted 6.15.0-rc4-syzkaller-00296-ge8ab83e34bdc #0 PREEMPT(undef) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/29/2025
=====================================================