=====================================================
BUG: KMSAN: kernel-infoleak in instrument_copy_to_user include/linux/instrumented.h:121 [inline]
BUG: KMSAN: kernel-infoleak in copyout lib/iov_iter.c:154 [inline]
BUG: KMSAN: kernel-infoleak in _copy_to_iter+0x6ef/0x25a0 lib/iov_iter.c:668
 instrument_copy_to_user include/linux/instrumented.h:121 [inline]
 copyout lib/iov_iter.c:154 [inline]
 _copy_to_iter+0x6ef/0x25a0 lib/iov_iter.c:668
 copy_to_iter include/linux/uio.h:162 [inline]
 simple_copy_to_iter+0xf3/0x140 net/core/datagram.c:519
 __skb_datagram_iter+0x2d5/0x11b0 net/core/datagram.c:425
 skb_copy_datagram_iter+0xdc/0x270 net/core/datagram.c:533
 tun_put_user drivers/net/tun.c:2109 [inline]
 tun_do_read+0x28bf/0x3820 drivers/net/tun.c:2188
 tun_chr_read_iter+0x458/0x710 drivers/net/tun.c:2212
 call_read_iter include/linux/fs.h:2068 [inline]
 new_sync_read fs/read_write.c:400 [inline]
 vfs_read+0x1631/0x1980 fs/read_write.c:481
 ksys_read+0x28b/0x510 fs/read_write.c:619
 __do_sys_read fs/read_write.c:629 [inline]
 __se_sys_read fs/read_write.c:627 [inline]
 __x64_sys_read+0xdb/0x120 fs/read_write.c:627
 do_syscall_x64 arch/x86/entry/common.c:51 [inline]
 do_syscall_64+0x54/0xd0 arch/x86/entry/common.c:82
 entry_SYSCALL_64_after_hwframe+0x44/0xae

Uninit was stored to memory at:
 pskb_expand_head+0x3c9/0x1ca0 net/core/skbuff.c:1708
 __skb_cow include/linux/skbuff.h:3324 [inline]
 skb_cow_head include/linux/skbuff.h:3358 [inline]
 ip_tunnel_xmit+0x2fd4/0x3b30 net/ipv4/ip_tunnel.c:803
 __gre_xmit net/ipv4/ip_gre.c:471 [inline]
 erspan_xmit+0x1920/0x2970 net/ipv4/ip_gre.c:713
 __netdev_start_xmit include/linux/netdevice.h:4683 [inline]
 netdev_start_xmit include/linux/netdevice.h:4697 [inline]
 xmit_one+0x2f4/0x840 net/core/dev.c:3473
 dev_hard_start_xmit+0x186/0x440 net/core/dev.c:3489
 sch_direct_xmit+0x5f5/0x1400 net/sched/sch_generic.c:342
 __dev_xmit_skb+0x18a4/0x2900 net/core/dev.c:3700
 __dev_queue_xmit+0x1599/0x3310 net/core/dev.c:4081
 dev_queue_xmit+0x4b/0x60 net/core/dev.c:4149
 neigh_resolve_output+0xc0f/0xca0 net/core/neighbour.c:1528
 neigh_output include/net/neighbour.h:549 [inline]
 ip_finish_output2+0x1a4c/0x1c00 net/ipv4/ip_output.c:228
 __ip_finish_output+0x35e/0x970
 ip_finish_output+0x15c/0x4e0 net/ipv4/ip_output.c:316
 NF_HOOK_COND include/linux/netfilter.h:296 [inline]
 ip_output+0x333/0x6d0 net/ipv4/ip_output.c:430
 dst_output include/net/dst.h:451 [inline]
 ip_local_out net/ipv4/ip_output.c:126 [inline]
 ip_send_skb+0x197/0x350 net/ipv4/ip_output.c:1570
 udp_send_skb+0x15cd/0x1c20 net/ipv4/udp.c:967
 udp_sendmsg+0x3d50/0x4260 net/ipv4/udp.c:1254
 udpv6_sendmsg+0x150b/0x4f40
 inet6_sendmsg+0x15b/0x1d0 net/ipv6/af_inet6.c:643
 sock_sendmsg_nosec net/socket.c:705 [inline]
 sock_sendmsg net/socket.c:725 [inline]
 ____sys_sendmsg+0xe11/0x12c0 net/socket.c:2413
 ___sys_sendmsg net/socket.c:2467 [inline]
 __sys_sendmmsg+0xac2/0xf60 net/socket.c:2553
 __do_sys_sendmmsg net/socket.c:2582 [inline]
 __se_sys_sendmmsg net/socket.c:2579 [inline]
 __x64_sys_sendmmsg+0x11c/0x170 net/socket.c:2579
 do_syscall_x64 arch/x86/entry/common.c:51 [inline]
 do_syscall_64+0x54/0xd0 arch/x86/entry/common.c:82
 entry_SYSCALL_64_after_hwframe+0x44/0xae

Uninit was created at:
 slab_post_alloc_hook mm/slab.h:737 [inline]
 slab_alloc_node mm/slub.c:3247 [inline]
 __kmalloc_node_track_caller+0xe0c/0x1510 mm/slub.c:4975
 kmalloc_reserve net/core/skbuff.c:354 [inline]
 __alloc_skb+0x545/0xf90 net/core/skbuff.c:426
 skb_segment+0x240a/0x76b0 net/core/skbuff.c:4112
 __udp_gso_segment+0x5ed/0x2a90 net/ipv4/udp_offload.c:290
 udp4_ufo_fragment+0xa5d/0xbd0 net/ipv4/udp_offload.c:391
 inet_gso_segment+0xe0f/0x1d90 net/ipv4/af_inet.c:1380
 skb_mac_gso_segment+0x490/0x7c0 net/core/gro.c:116
 __skb_gso_segment+0x620/0x9d0 net/core/dev.c:3295
 skb_gso_segment include/linux/netdevice.h:4633 [inline]
 validate_xmit_skb+0x1105/0x1e10 net/core/dev.c:3554
 validate_xmit_skb_list+0x15a/0x360 net/core/dev.c:3604
 sch_direct_xmit+0x1ce/0x1400 net/sched/sch_generic.c:327
 __dev_xmit_skb+0x18a4/0x2900 net/core/dev.c:3700
 __dev_queue_xmit+0x1599/0x3310 net/core/dev.c:4081
 dev_queue_xmit+0x4b/0x60 net/core/dev.c:4149
 neigh_resolve_output+0xc0f/0xca0 net/core/neighbour.c:1528
 neigh_output include/net/neighbour.h:549 [inline]
 ip_finish_output2+0x1a4c/0x1c00 net/ipv4/ip_output.c:228
 __ip_finish_output+0x35e/0x970
 ip_finish_output+0x15c/0x4e0 net/ipv4/ip_output.c:316
 NF_HOOK_COND include/linux/netfilter.h:296 [inline]
 ip_output+0x333/0x6d0 net/ipv4/ip_output.c:430
 dst_output include/net/dst.h:451 [inline]
 ip_local_out net/ipv4/ip_output.c:126 [inline]
 ip_send_skb+0x197/0x350 net/ipv4/ip_output.c:1570
 udp_send_skb+0x15cd/0x1c20 net/ipv4/udp.c:967
 udp_sendmsg+0x3d50/0x4260 net/ipv4/udp.c:1254
 udpv6_sendmsg+0x150b/0x4f40
 inet6_sendmsg+0x15b/0x1d0 net/ipv6/af_inet6.c:643
 sock_sendmsg_nosec net/socket.c:705 [inline]
 sock_sendmsg net/socket.c:725 [inline]
 ____sys_sendmsg+0xe11/0x12c0 net/socket.c:2413
 ___sys_sendmsg net/socket.c:2467 [inline]
 __sys_sendmmsg+0xac2/0xf60 net/socket.c:2553
 __do_sys_sendmmsg net/socket.c:2582 [inline]
 __se_sys_sendmmsg net/socket.c:2579 [inline]
 __x64_sys_sendmmsg+0x11c/0x170 net/socket.c:2579
 do_syscall_x64 arch/x86/entry/common.c:51 [inline]
 do_syscall_64+0x54/0xd0 arch/x86/entry/common.c:82
 entry_SYSCALL_64_after_hwframe+0x44/0xae

Bytes 38-41 of 832 are uninitialized
Memory access of size 832 starts at ffff88808f7570c0
Data copied to user address 00007fde1b5fd980

CPU: 1 PID: 25514 Comm: syz-executor.0 Tainted: G        W         5.17.0-rc4-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
=====================================================