=====================================================
BUG: KMSAN: kernel-infoleak in kmsan_copy_to_user+0x9c/0xb0 mm/kmsan/kmsan_hooks.c:249
CPU: 1 PID: 29386 Comm: syz-executor.1 Not tainted 5.12.0-rc6-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Call Trace:
 __dump_stack lib/dump_stack.c:79 [inline]
 dump_stack+0x24c/0x2e0 lib/dump_stack.c:120
 kmsan_report+0xfb/0x1e0 mm/kmsan/kmsan_report.c:121
 kmsan_internal_check_memory+0x469/0x500 mm/kmsan/kmsan.c:433
 kmsan_copy_to_user+0x9c/0xb0 mm/kmsan/kmsan_hooks.c:249
 instrument_copy_to_user include/linux/instrumented.h:121 [inline]
 _copy_to_user+0x1ac/0x270 lib/usercopy.c:33
 copy_to_user include/linux/uaccess.h:209 [inline]
 fb_cmap_to_user+0x40a/0x990 drivers/video/fbdev/core/fbcmap.c:208
 do_fb_ioctl+0xc53/0x1090 drivers/video/fbdev/core/fbmem.c:1136
 fb_ioctl+0x1e4/0x210 drivers/video/fbdev/core/fbmem.c:1185
 vfs_ioctl fs/ioctl.c:48 [inline]
 __do_sys_ioctl fs/ioctl.c:753 [inline]
 __se_sys_ioctl+0x311/0x4d0 fs/ioctl.c:739
 __x64_sys_ioctl+0x4a/0x70 fs/ioctl.c:739
 do_syscall_64+0x9f/0x140 arch/x86/entry/common.c:48
 entry_SYSCALL_64_after_hwframe+0x44/0xae
RIP: 0033:0x4665d9
Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007f64dbb07188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
RAX: ffffffffffffffda RBX: 000000000056bf80 RCX: 00000000004665d9
RDX: 00000000200001c0 RSI: 0000000000004604 RDI: 0000000000000004
RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056bf80
R13: 0000000000a9fb1f R14: 00007f64dbb07300 R15: 0000000000022000

Uninit was created at:
 kmsan_save_stack_with_flags mm/kmsan/kmsan.c:120 [inline]
 kmsan_internal_poison_shadow+0x66/0xd0 mm/kmsan/kmsan.c:103
 kmsan_slab_alloc+0x8e/0xe0 mm/kmsan/kmsan_hooks.c:76
 slab_alloc_node mm/slub.c:2922 [inline]
 slab_alloc mm/slub.c:2931 [inline]
 __kmalloc+0x387/0x550 mm/slub.c:4068
 kmalloc include/linux/slab.h:559 [inline]
 fb_alloc_cmap_gfp+0x39b/0xa70 drivers/video/fbdev/core/fbcmap.c:104
 fb_alloc_cmap+0x95/0xb0 drivers/video/fbdev/core/fbcmap.c:135
 drm_fb_helper_alloc_fbi+0x106/0x3f0 drivers/gpu/drm/drm_fb_helper.c:563
 drm_fb_helper_generic_probe+0x4f3/0xc70 drivers/gpu/drm/drm_fb_helper.c:2330
 drm_fb_helper_single_fb_probe drivers/gpu/drm/drm_fb_helper.c:1668 [inline]
 __drm_fb_helper_initial_config_and_unlock+0x1cac/0x26c0 drivers/gpu/drm/drm_fb_helper.c:1826
 drm_fb_helper_initial_config drivers/gpu/drm/drm_fb_helper.c:1921 [inline]
 drm_fbdev_client_hotplug+0xbb8/0xd70 drivers/gpu/drm/drm_fb_helper.c:2423
 drm_fbdev_generic_setup+0x39d/0xa00 drivers/gpu/drm/drm_fb_helper.c:2510
 vkms_create drivers/gpu/drm/vkms/vkms_drv.c:178 [inline]
 vkms_init+0x9d6/0xc43 drivers/gpu/drm/vkms/vkms_drv.c:202
 do_one_initcall+0x362/0x8d0 init/main.c:1229
 do_initcall_level+0x1e7/0x35a init/main.c:1302
 do_initcalls+0x127/0x1cb init/main.c:1318
 do_basic_setup+0x33/0x36 init/main.c:1338
 kernel_init_freeable+0x287/0x3cc init/main.c:1540
 kernel_init+0x1f/0x840 init/main.c:1427
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:294

Bytes 0-11 of 12 are uninitialized
Memory access of size 12 starts at ffff888103dab8fe
Data copied to user address 00000000200000c0
=====================================================