=====================================================
BUG: KMSAN: kernel-infoleak in kmsan_copy_to_user+0x81/0x90 mm/kmsan/kmsan_hooks.c:253
CPU: 0 PID: 10503 Comm: syz-executor.3 Not tainted 5.9.0-rc4-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x21c/0x280 lib/dump_stack.c:118
 kmsan_report+0xf7/0x1e0 mm/kmsan/kmsan_report.c:122
 kmsan_internal_check_memory+0x358/0x3d0 mm/kmsan/kmsan.c:459
 kmsan_copy_to_user+0x81/0x90 mm/kmsan/kmsan_hooks.c:253
 instrument_copy_to_user include/linux/instrumented.h:91 [inline]
 _copy_to_user+0x18e/0x260 lib/usercopy.c:30
 copy_to_user include/linux/uaccess.h:177 [inline]
 keyctl_dh_compute_kdf security/keys/dh.c:219 [inline]
 __keyctl_dh_compute+0x24ea/0x2fa0 security/keys/dh.c:386
 compat_keyctl_dh_compute+0x34b/0x3e0 security/keys/compat_dh.c:35
 __do_compat_sys_keyctl security/keys/compat.c:127 [inline]
 __se_compat_sys_keyctl+0xb35/0xd90 security/keys/compat.c:50
 __ia32_compat_sys_keyctl+0x62/0x80 security/keys/compat.c:50
 do_syscall_32_irqs_on arch/x86/entry/common.c:80 [inline]
 __do_fast_syscall_32+0x129/0x180 arch/x86/entry/common.c:139
 do_fast_syscall_32+0x6a/0xc0 arch/x86/entry/common.c:162
 do_SYSENTER_32+0x73/0x90 arch/x86/entry/common.c:205
 entry_SYSENTER_compat_after_hwframe+0x4d/0x5c
RIP: 0023:0xf7fd4549
Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90
RSP: 002b:00000000f55ce0cc EFLAGS: 00000296 ORIG_RAX: 0000000000000120
RAX: ffffffffffffffda RBX: 0000000000000017 RCX: 00000000200000c0
RDX: 0000000020000340 RSI: 000000000000008c RDI: 0000000020000300
RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000

Uninit was created at:
 kmsan_save_stack_with_flags mm/kmsan/kmsan.c:143 [inline]
 kmsan_internal_poison_shadow+0x66/0xd0 mm/kmsan/kmsan.c:126
 kmsan_slab_alloc+0x8a/0xe0 mm/kmsan/kmsan_hooks.c:80
 slab_alloc_node mm/slub.c:2907 [inline]
 slab_alloc mm/slub.c:2916 [inline]
 __kmalloc+0x2bb/0x4b0 mm/slub.c:3982
 kmalloc include/linux/slab.h:559 [inline]
 keyctl_dh_compute_kdf security/keys/dh.c:208 [inline]
 __keyctl_dh_compute+0x1f82/0x2fa0 security/keys/dh.c:386
 compat_keyctl_dh_compute+0x34b/0x3e0 security/keys/compat_dh.c:35
 __do_compat_sys_keyctl security/keys/compat.c:127 [inline]
 __se_compat_sys_keyctl+0xb35/0xd90 security/keys/compat.c:50
 __ia32_compat_sys_keyctl+0x62/0x80 security/keys/compat.c:50
 do_syscall_32_irqs_on arch/x86/entry/common.c:80 [inline]
 __do_fast_syscall_32+0x129/0x180 arch/x86/entry/common.c:139
 do_fast_syscall_32+0x6a/0xc0 arch/x86/entry/common.c:162
 do_SYSENTER_32+0x73/0x90 arch/x86/entry/common.c:205
 entry_SYSENTER_compat_after_hwframe+0x4d/0x5c

Bytes 0-139 of 140 are uninitialized
Memory access of size 140 starts at ffff8880283f43c0
Data copied to user address 0000000020000340
=====================================================