syzbot

=====================================================
BUG: KMSAN: kernel-infoleak in instrument_copy_to_user include/linux/instrumented.h:114 [inline]
BUG: KMSAN: kernel-infoleak in copy_to_user_iter lib/iov_iter.c:24 [inline]
BUG: KMSAN: kernel-infoleak in iterate_ubuf include/linux/iov_iter.h:30 [inline]
BUG: KMSAN: kernel-infoleak in iterate_and_advance2 include/linux/iov_iter.h:300 [inline]
BUG: KMSAN: kernel-infoleak in iterate_and_advance include/linux/iov_iter.h:328 [inline]
BUG: KMSAN: kernel-infoleak in _copy_to_iter+0x305/0x2e70 lib/iov_iter.c:185
 instrument_copy_to_user include/linux/instrumented.h:114 [inline]
 copy_to_user_iter lib/iov_iter.c:24 [inline]
 iterate_ubuf include/linux/iov_iter.h:30 [inline]
 iterate_and_advance2 include/linux/iov_iter.h:300 [inline]
 iterate_and_advance include/linux/iov_iter.h:328 [inline]
 _copy_to_iter+0x305/0x2e70 lib/iov_iter.c:185
 copy_page_to_iter+0x419/0x880 lib/iov_iter.c:362
 copy_folio_to_iter include/linux/uio.h:198 [inline]
 filemap_read+0xc61/0x1be0 mm/filemap.c:2752
 blkdev_read_iter+0x80b/0x970 block/fops.c:796
 new_sync_read fs/read_write.c:489 [inline]
 vfs_read+0xc25/0xf70 fs/read_write.c:570
 ksys_read+0x240/0x4b0 fs/read_write.c:713
 __do_sys_read fs/read_write.c:722 [inline]
 __se_sys_read fs/read_write.c:720 [inline]
 __x64_sys_read+0x93/0xe0 fs/read_write.c:720
 x64_sys_call+0x34c9/0x3c80 arch/x86/include/generated/asm/syscalls_64.h:1
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xcd/0x1e0 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

Uninit was stored to memory at:
 memcpy_to_iter lib/iov_iter.c:65 [inline]
 iterate_bvec include/linux/iov_iter.h:123 [inline]
 iterate_and_advance2 include/linux/iov_iter.h:304 [inline]
 iterate_and_advance include/linux/iov_iter.h:328 [inline]
 _copy_to_iter+0xecc/0x2e70 lib/iov_iter.c:185
 copy_page_to_iter+0x419/0x880 lib/iov_iter.c:362
 copy_folio_to_iter include/linux/uio.h:198 [inline]
 shmem_file_read_iter+0x861/0xf80 mm/shmem.c:3425
 do_iter_readv_writev+0x93d/0xbc0 fs/read_write.c:-1
 vfs_iter_read+0x273/0x770 fs/read_write.c:914
 lo_read_simple drivers/block/loop.c:285 [inline]
 do_req_filebacked drivers/block/loop.c:525 [inline]
 loop_handle_cmd drivers/block/loop.c:1929 [inline]
 loop_process_work+0x2121/0x3780 drivers/block/loop.c:1964
 loop_rootcg_workfn+0x2b/0x40 drivers/block/loop.c:1995
 process_one_work kernel/workqueue.c:3238 [inline]
 process_scheduled_works+0xc1d/0x1e80 kernel/workqueue.c:3319
 worker_thread+0xea7/0x14f0 kernel/workqueue.c:3400
 kthread+0x6b9/0xef0 kernel/kthread.c:464
 ret_from_fork+0x6d/0x90 arch/x86/kernel/process.c:153
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245

Uninit was stored to memory at:
 memcpy_from_iter lib/iov_iter.c:73 [inline]
 iterate_bvec include/linux/iov_iter.h:123 [inline]
 iterate_and_advance2 include/linux/iov_iter.h:304 [inline]
 iterate_and_advance include/linux/iov_iter.h:328 [inline]
 __copy_from_iter lib/iov_iter.c:249 [inline]
 copy_page_from_iter_atomic+0x1313/0x3450 lib/iov_iter.c:483
 copy_folio_from_iter_atomic include/linux/uio.h:210 [inline]
 generic_perform_write+0x83f/0x1060 mm/filemap.c:4120
 shmem_file_write_iter+0x2ba/0x2f0 mm/shmem.c:3477
 do_iter_readv_writev+0x93d/0xbc0 fs/read_write.c:-1
 vfs_iter_write+0x44d/0xd60 fs/read_write.c:979
 lo_write_bvec drivers/block/loop.c:245 [inline]
 lo_write_simple drivers/block/loop.c:266 [inline]
 do_req_filebacked drivers/block/loop.c:520 [inline]
 loop_handle_cmd drivers/block/loop.c:1929 [inline]
 loop_process_work+0x1603/0x3780 drivers/block/loop.c:1964
 loop_rootcg_workfn+0x2b/0x40 drivers/block/loop.c:1995
 process_one_work kernel/workqueue.c:3238 [inline]
 process_scheduled_works+0xc1d/0x1e80 kernel/workqueue.c:3319
 worker_thread+0xea7/0x14f0 kernel/workqueue.c:3400
 kthread+0x6b9/0xef0 kernel/kthread.c:464
 ret_from_fork+0x6d/0x90 arch/x86/kernel/process.c:153
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245

Uninit was stored to memory at:
 memcpy_to_page include/linux/highmem.h:433 [inline]
 hfsplus_bnode_write+0x139/0x3f0 fs/hfsplus/bnode.c:83
 hfsplus_brec_insert+0xaa1/0x1400 fs/hfsplus/brec.c:133
 hfsplus_create_cat+0x1312/0x1810 fs/hfsplus/catalog.c:308
 hfsplus_link+0x7d8/0xbf0 fs/hfsplus/dir.c:342
 vfs_link+0x94c/0xb70 fs/namei.c:4812
 do_linkat+0x526/0x1050 fs/namei.c:4882
 __do_sys_link fs/namei.c:4916 [inline]
 __se_sys_link fs/namei.c:4914 [inline]
 __x64_sys_link+0xe8/0x140 fs/namei.c:4914
 x64_sys_call+0x3b44/0x3c80 arch/x86/include/generated/asm/syscalls_64.h:87
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xcd/0x1e0 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

Uninit was stored to memory at:
 hfsplus_cat_build_record fs/hfsplus/catalog.c:167 [inline]
 hfsplus_create_cat+0x11da/0x1810 fs/hfsplus/catalog.c:300
 hfsplus_link+0x7d8/0xbf0 fs/hfsplus/dir.c:342
 vfs_link+0x94c/0xb70 fs/namei.c:4812
 do_linkat+0x526/0x1050 fs/namei.c:4882
 __do_sys_link fs/namei.c:4916 [inline]
 __se_sys_link fs/namei.c:4914 [inline]
 __x64_sys_link+0xe8/0x140 fs/namei.c:4914
 x64_sys_call+0x3b44/0x3c80 arch/x86/include/generated/asm/syscalls_64.h:87
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xcd/0x1e0 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

Uninit was created at:
 __alloc_frozen_pages_noprof+0x9a7/0xe00 mm/page_alloc.c:4763
 alloc_pages_mpol+0x4cd/0x890 mm/mempolicy.c:2301
 alloc_frozen_pages_noprof+0x1bf/0x1e0 mm/mempolicy.c:2372
 alloc_slab_page mm/slub.c:2446 [inline]
 allocate_slab+0x23a/0x1110 mm/slub.c:2610
 new_slab mm/slub.c:2663 [inline]
 ___slab_alloc+0x128a/0x3550 mm/slub.c:3849
 __slab_alloc mm/slub.c:3939 [inline]
 __slab_alloc_node mm/slub.c:4014 [inline]
 slab_alloc_node mm/slub.c:4175 [inline]
 kmem_cache_alloc_lru_noprof+0x866/0xe30 mm/slub.c:4206
 hfsplus_alloc_inode+0x5a/0xd0 fs/hfsplus/super.c:627
 alloc_inode+0x8a/0x470 fs/inode.c:346
 iget_locked+0x254/0x1240 fs/inode.c:1439
 hfsplus_iget+0x59/0xae0 fs/hfsplus/super.c:65
 hfsplus_btree_open+0x13e/0x1ed0 fs/hfsplus/btree.c:150
 hfsplus_fill_super+0x1113/0x26e0 fs/hfsplus/super.c:474
 get_tree_bdev_flags+0x6ec/0x910 fs/super.c:1636
 get_tree_bdev+0x37/0x50 fs/super.c:1659
 hfsplus_get_tree+0x34/0x40 fs/hfsplus/super.c:640
 vfs_get_tree+0xb1/0x5a0 fs/super.c:1759
 do_new_mount+0x71f/0x15e0 fs/namespace.c:3878
 path_mount+0x742/0x1f10 fs/namespace.c:4205
 do_mount fs/namespace.c:4218 [inline]
 __do_sys_mount fs/namespace.c:4429 [inline]
 __se_sys_mount+0x71f/0x800 fs/namespace.c:4406
 __x64_sys_mount+0xe4/0x150 fs/namespace.c:4406
 x64_sys_call+0xed5/0x3c80 arch/x86/include/generated/asm/syscalls_64.h:166
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xcd/0x1e0 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

Bytes 3310-3313 of 4096 are uninitialized
Memory access of size 4096 starts at ffff888127471000
Data copied to user address 000055ba70a197e8

CPU: 0 UID: 0 PID: 5779 Comm: udevd Not tainted 6.14.0-syzkaller-03576-g1e1ba8d23dae #0 PREEMPT(undef) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
=====================================================