syzbot

=====================================================
BUG: KMSAN: kernel-infoleak-after-free in instrument_copy_to_user include/linux/instrumented.h:114 [inline]
BUG: KMSAN: kernel-infoleak-after-free in _inline_copy_to_user include/linux/uaccess.h:205 [inline]
BUG: KMSAN: kernel-infoleak-after-free in _copy_to_user+0xcc/0x120 lib/usercopy.c:26
 instrument_copy_to_user include/linux/instrumented.h:114 [inline]
 _inline_copy_to_user include/linux/uaccess.h:205 [inline]
 _copy_to_user+0xcc/0x120 lib/usercopy.c:26
 copy_to_user include/linux/uaccess.h:236 [inline]
 copy_siginfo_to_user+0x3f/0x140 kernel/signal.c:3501
 x64_setup_rt_frame+0x1392/0x2590 arch/x86/kernel/signal_64.c:194
 setup_rt_frame arch/x86/kernel/signal.c:250 [inline]
 handle_signal arch/x86/kernel/signal.c:294 [inline]
 arch_do_signal_or_restart+0x63c/0xc00 arch/x86/kernel/signal.c:339
 __exit_to_user_mode_loop kernel/entry/common.c:41 [inline]
 exit_to_user_mode_loop+0x118/0x1b70 kernel/entry/common.c:75
 __exit_to_user_mode_prepare include/linux/irq-entry-common.h:226 [inline]
 syscall_exit_to_user_mode_prepare include/linux/irq-entry-common.h:256 [inline]
 syscall_exit_to_user_mode_work include/linux/entry-common.h:159 [inline]
 syscall_exit_to_user_mode include/linux/entry-common.h:194 [inline]
 do_syscall_64+0x1e5/0xf80 arch/x86/entry/syscall_64.c:100
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

Uninit was stored to memory at:
 copy_siginfo include/linux/signal.h:18 [inline]
 collect_signal kernel/signal.c:575 [inline]
 __dequeue_signal+0x4d6/0x970 kernel/signal.c:609
 dequeue_signal+0x1c0/0x840 kernel/signal.c:632
 get_signal+0xbf6/0x2a20 kernel/signal.c:2914
 arch_do_signal_or_restart+0x53/0xc00 arch/x86/kernel/signal.c:337
 __exit_to_user_mode_loop kernel/entry/common.c:41 [inline]
 exit_to_user_mode_loop+0x118/0x1b70 kernel/entry/common.c:75
 __exit_to_user_mode_prepare include/linux/irq-entry-common.h:226 [inline]
 syscall_exit_to_user_mode_prepare include/linux/irq-entry-common.h:256 [inline]
 syscall_exit_to_user_mode_work include/linux/entry-common.h:159 [inline]
 syscall_exit_to_user_mode include/linux/entry-common.h:194 [inline]
 do_syscall_64+0x1e5/0xf80 arch/x86/entry/syscall_64.c:100
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

Uninit was created at:
 slab_free_hook mm/slub.c:2466 [inline]
 slab_free mm/slub.c:6670 [inline]
 kmem_cache_free+0x2c9/0x13c0 mm/slub.c:6781
 __sigqueue_free+0x23a/0x270 kernel/signal.c:475
 collect_signal kernel/signal.c:587 [inline]
 __dequeue_signal+0x66b/0x970 kernel/signal.c:609
 dequeue_signal+0x1c0/0x840 kernel/signal.c:632
 get_signal+0xbf6/0x2a20 kernel/signal.c:2914
 arch_do_signal_or_restart+0x53/0xc00 arch/x86/kernel/signal.c:337
 __exit_to_user_mode_loop kernel/entry/common.c:41 [inline]
 exit_to_user_mode_loop+0x118/0x1b70 kernel/entry/common.c:75
 __exit_to_user_mode_prepare include/linux/irq-entry-common.h:226 [inline]
 syscall_exit_to_user_mode_prepare include/linux/irq-entry-common.h:256 [inline]
 syscall_exit_to_user_mode_work include/linux/entry-common.h:159 [inline]
 syscall_exit_to_user_mode include/linux/entry-common.h:194 [inline]
 do_syscall_64+0x1e5/0xf80 arch/x86/entry/syscall_64.c:100
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

Bytes 12-15 of 48 are uninitialized
Memory access of size 48 starts at ffff88811b01bd10
Data copied to user address 00007ffdbdfd1ef0

CPU: 0 UID: 0 PID: 6684 Comm: syz.0.518 Not tainted syzkaller #0 PREEMPT(none) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
=====================================================