===================================================== BUG: KMSAN: kernel-infoleak in kmsan_copy_to_user+0x9c/0xb0 mm/kmsan/kmsan_hooks.c:249 CPU: 0 PID: 8899 Comm: syz-executor.2 Not tainted 5.12.0-rc6-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:79 [inline] dump_stack+0x24c/0x2e0 lib/dump_stack.c:120 kmsan_report+0xfb/0x1e0 mm/kmsan/kmsan_report.c:121 kmsan_internal_check_memory+0x469/0x500 mm/kmsan/kmsan.c:433 kmsan_copy_to_user+0x9c/0xb0 mm/kmsan/kmsan_hooks.c:249 instrument_copy_to_user include/linux/instrumented.h:121 [inline] _copy_to_user+0x1ac/0x270 lib/usercopy.c:33 copy_to_user include/linux/uaccess.h:209 [inline] i2cdev_read+0x23d/0x350 drivers/i2c/i2c-dev.c:153 do_loop_readv_writev fs/read_write.c:761 [inline] do_iter_read+0x6a7/0x1100 fs/read_write.c:803 vfs_readv fs/read_write.c:921 [inline] do_preadv+0x454/0x6a0 fs/read_write.c:1013 __do_sys_preadv fs/read_write.c:1063 [inline] __se_sys_preadv+0xc6/0xe0 fs/read_write.c:1058 __x64_sys_preadv+0x62/0x80 fs/read_write.c:1058 do_syscall_64+0x9f/0x140 arch/x86/entry/common.c:48 entry_SYSCALL_64_after_hwframe+0x44/0xae RIP: 0033:0x4665d9 Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007fbc6acd7188 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9 RDX: 0000000000000001 RSI: 0000000020001180 RDI: 0000000000000003 RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056bf80 R13: 0000000000a9fb1f R14: 00007fbc6acd7300 R15: 0000000000022000 Uninit was created at: kmsan_save_stack_with_flags mm/kmsan/kmsan.c:120 [inline] kmsan_internal_poison_shadow+0x66/0xd0 mm/kmsan/kmsan.c:103 kmsan_slab_alloc+0x8e/0xe0 mm/kmsan/kmsan_hooks.c:76 slab_alloc_node mm/slub.c:2922 [inline] slab_alloc mm/slub.c:2931 [inline] __kmalloc+0x387/0x550 mm/slub.c:4068 kmalloc include/linux/slab.h:559 [inline] i2cdev_read+0x128/0x350 drivers/i2c/i2c-dev.c:144 do_loop_readv_writev fs/read_write.c:761 [inline] do_iter_read+0x6a7/0x1100 fs/read_write.c:803 vfs_readv fs/read_write.c:921 [inline] do_preadv+0x454/0x6a0 fs/read_write.c:1013 __do_sys_preadv fs/read_write.c:1063 [inline] __se_sys_preadv+0xc6/0xe0 fs/read_write.c:1058 __x64_sys_preadv+0x62/0x80 fs/read_write.c:1058 do_syscall_64+0x9f/0x140 arch/x86/entry/common.c:48 entry_SYSCALL_64_after_hwframe+0x44/0xae Bytes 0-32 of 33 are uninitialized Memory access of size 33 starts at ffff8881c561e500 Data copied to user address 0000000020000040 =====================================================