syzbot

=====================================================
BUG: KMSAN: kernel-usb-infoleak in kmsan_handle_urb+0x28/0x40 mm/kmsan/kmsan_hooks.c:303
CPU: 1 PID: 8218 Comm: syz-executor502 Not tainted 5.12.0-rc6-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:79 [inline]
 dump_stack+0x24c/0x2e0 lib/dump_stack.c:120
 kmsan_report+0xfb/0x1e0 mm/kmsan/kmsan_report.c:118
 kmsan_internal_check_memory+0x48c/0x520 mm/kmsan/kmsan.c:437
 kmsan_handle_urb+0x28/0x40 mm/kmsan/kmsan_hooks.c:303
 usb_submit_urb+0x89f/0x2590 drivers/usb/core/urb.c:421
 hid_submit_ctrl+0xbe2/0x11e0 drivers/hid/usbhid/hid-core.c:416
 usbhid_restart_ctrl_queue+0x3e9/0x5c0 drivers/hid/usbhid/hid-core.c:258
 __usbhid_submit_report drivers/hid/usbhid/hid-core.c:603 [inline]
 usbhid_submit_report+0xa6c/0x13a0 drivers/hid/usbhid/hid-core.c:640
 usbhid_init_reports+0xf1/0x5b0 drivers/hid/usbhid/hid-core.c:780
 hiddev_ioctl+0x1167/0x3a80 drivers/hid/usbhid/hiddev.c:689
 vfs_ioctl fs/ioctl.c:48 [inline]
 __do_sys_ioctl fs/ioctl.c:753 [inline]
 __se_sys_ioctl+0x311/0x4d0 fs/ioctl.c:739
 __x64_sys_ioctl+0x4a/0x70 fs/ioctl.c:739
 do_syscall_64+0x9f/0x140 arch/x86/entry/common.c:48
 entry_SYSCALL_64_after_hwframe+0x44/0xae
RIP: 0033:0x445269
Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 b1 14 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007fffe87f8be8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 00000000004004a0 RCX: 0000000000445269
RDX: 0000000000000000 RSI: 0000000000004805 RDI: 0000000000000004
RBP: 0000000000000000 R08: 0000000000000001 R09: 00007fffe87f8d88
R10: 000000000000000f R11: 0000000000000246 R12: 00000000004042c0
R13: 431bde82d7b634db R14: 00000000004b3018 R15: 00000000004004a0

Uninit was created at:
 kmsan_save_stack_with_flags+0x3c/0x90 mm/kmsan/kmsan.c:121
 kmsan_alloc_page+0xd0/0x1e0 mm/kmsan/kmsan_shadow.c:274
 __alloc_pages_nodemask+0x827/0xf90 mm/page_alloc.c:5044
 alloc_pages_current+0x7b6/0xb60 mm/mempolicy.c:2277
 alloc_pages include/linux/gfp.h:561 [inline]
 kmalloc_order+0xaa/0x3e0 mm/slab_common.c:902
 kmalloc_order_trace+0x80/0x1f0 mm/slab_common.c:918
 kmalloc_large include/linux/slab.h:483 [inline]
 __kmalloc+0x416/0x550 mm/slub.c:4061
 kmalloc include/linux/slab.h:559 [inline]
 hcd_buffer_alloc+0x276/0x5e0 drivers/usb/core/buffer.c:134
 usb_alloc_coherent+0x11a/0x190 drivers/usb/core/usb.c:929
 hid_alloc_buffers drivers/hid/usbhid/hid-core.c:864 [inline]
 usbhid_start+0x106c/0x3ee0 drivers/hid/usbhid/hid-core.c:1090
 hid_hw_start+0xa6/0x2a0 drivers/hid/hid-core.c:2051
 cmhid_probe+0x218/0x3e0 drivers/hid/hid-cmedia.c:123
 hid_device_probe+0x480/0x940 drivers/hid/hid-core.c:2284
 really_probe+0xd16/0x24d0 drivers/base/dd.c:557
 driver_probe_device+0x29d/0x3a0 drivers/base/dd.c:743
 __device_attach_driver+0x63f/0x830 drivers/base/dd.c:849
 bus_for_each_drv+0x2c8/0x3f0 drivers/base/bus.c:431
 __device_attach+0x56a/0x890 drivers/base/dd.c:917
 device_initial_probe+0x4a/0x60 drivers/base/dd.c:964
 bus_probe_device+0x17e/0x3d0 drivers/base/bus.c:491
 device_add+0x2c15/0x31d0 drivers/base/core.c:3242
 hid_add_device+0x15f0/0x1760 drivers/hid/hid-core.c:2440
 usbhid_probe+0x153e/0x1860 drivers/hid/usbhid/hid-core.c:1409
 usb_probe_interface+0xfcc/0x1520 drivers/usb/core/driver.c:396
 really_probe+0xe15/0x24d0 drivers/base/dd.c:561
 driver_probe_device+0x29d/0x3a0 drivers/base/dd.c:743
 __device_attach_driver+0x63f/0x830 drivers/base/dd.c:849
 bus_for_each_drv+0x2c8/0x3f0 drivers/base/bus.c:431
 __device_attach+0x56a/0x890 drivers/base/dd.c:917
 device_initial_probe+0x4a/0x60 drivers/base/dd.c:964
 bus_probe_device+0x17e/0x3d0 drivers/base/bus.c:491
 device_add+0x2c15/0x31d0 drivers/base/core.c:3242
 usb_set_configuration+0x3872/0x3eb0 drivers/usb/core/message.c:2164
 usb_generic_driver_probe+0x138/0x300 drivers/usb/core/generic.c:238
 usb_probe_device+0x317/0x570 drivers/usb/core/driver.c:293
 really_probe+0xe15/0x24d0 drivers/base/dd.c:561
 driver_probe_device+0x29d/0x3a0 drivers/base/dd.c:743
 __device_attach_driver+0x63f/0x830 drivers/base/dd.c:849
 bus_for_each_drv+0x2c8/0x3f0 drivers/base/bus.c:431
 __device_attach+0x56a/0x890 drivers/base/dd.c:917
 device_initial_probe+0x4a/0x60 drivers/base/dd.c:964
 bus_probe_device+0x17e/0x3d0 drivers/base/bus.c:491
 device_add+0x2c15/0x31d0 drivers/base/core.c:3242
 usb_new_device+0x1bd4/0x2a30 drivers/usb/core/hub.c:2555
 hub_port_connect drivers/usb/core/hub.c:5223 [inline]
 hub_port_connect_change drivers/usb/core/hub.c:5363 [inline]
 port_event drivers/usb/core/hub.c:5509 [inline]
 hub_event+0x5b99/0x8870 drivers/usb/core/hub.c:5591
 process_one_work+0x1219/0x1fe0 kernel/workqueue.c:2275
 worker_thread+0x10ec/0x2340 kernel/workqueue.c:2421
 kthread+0x521/0x560 kernel/kthread.c:292
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:294

Bytes 0-16383 of 16384 are uninitialized
Memory access of size 16384 starts at ffff88811ec2c000
=====================================================