syzbot

 sign-in | mailing list | source | docs
🐞 Open [1463]
Subsystems
🐞 Fixed [6819]
🐞 Invalid [17667]
Missing Backports [225]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

KMSAN: uninit-value in swap_writeout

Status: upstream: reported on 2025/12/22 12:18
Subsystems: mm
[Documentation on labels]
Reported-by: syzbot+178fff6149127421c2cc@syzkaller.appspotmail.com
First crash: 13d, last: 2d11h
Discussions (2)
Title Replies (including bot) Last reply
[PATCH] mm/shmem: fix uninitialized folio in shmem_symlink 5 (5) 2025/12/28 04:29
[syzbot] [mm?] KMSAN: uninit-value in swap_writeout 5 (7) 2025/12/24 03:53

Sample crash report:
=====================================================
BUG: KMSAN: uninit-value in is_folio_zero_filled mm/page_io.c:188 [inline]
BUG: KMSAN: uninit-value in swap_writeout+0x468/0x1390 mm/page_io.c:263
 is_folio_zero_filled mm/page_io.c:188 [inline]
 swap_writeout+0x468/0x1390 mm/page_io.c:263
 shmem_writeout+0x1abb/0x1f60 mm/shmem.c:1662
 writeout mm/vmscan.c:649 [inline]
 pageout mm/vmscan.c:698 [inline]
 shrink_folio_list+0x5920/0x7fc0 mm/vmscan.c:1418
 evict_folios+0x999d/0xbf30 mm/vmscan.c:4711
 try_to_shrink_lruvec+0x12b6/0x17e0 mm/vmscan.c:4874
 lru_gen_shrink_lruvec mm/vmscan.c:5023 [inline]
 shrink_lruvec+0x46f/0x4f10 mm/vmscan.c:5784
 shrink_node_memcgs mm/vmscan.c:6020 [inline]
 shrink_node+0xf1e/0x51e0 mm/vmscan.c:6061
 shrink_zones mm/vmscan.c:6300 [inline]
 do_try_to_free_pages+0x849/0x26b0 mm/vmscan.c:6362
 try_to_free_mem_cgroup_pages+0x3ae/0x950 mm/vmscan.c:6690
 try_charge_memcg+0x80f/0x1c50 mm/memcontrol.c:2388
 obj_cgroup_charge_pages+0x2ed/0x600 mm/memcontrol.c:2823
 __memcg_kmem_charge_page+0x14a/0x4c0 mm/memcontrol.c:2867
 __alloc_frozen_pages_noprof+0x3ba/0xab0 mm/page_alloc.c:5227
 alloc_pages_preferred_many mm/mempolicy.c:2426 [inline]
 alloc_pages_mpol+0x588/0x860 mm/mempolicy.c:2450
 alloc_frozen_pages_noprof mm/mempolicy.c:2557 [inline]
 alloc_pages_noprof+0x102/0x280 mm/mempolicy.c:2577
 vm_area_alloc_pages mm/vmalloc.c:3718 [inline]
 __vmalloc_area_node mm/vmalloc.c:3863 [inline]
 __vmalloc_node_range_noprof+0x1577/0x2d90 mm/vmalloc.c:4051
 __bpf_map_area_alloc kernel/bpf/syscall.c:401 [inline]
 bpf_map_area_alloc+0x1cd/0x260 kernel/bpf/syscall.c:408
 sock_map_alloc+0x2cc/0x460 net/core/sock_map.c:57
 map_create+0x1255/0x2500 kernel/bpf/syscall.c:1514
 __sys_bpf+0x968/0xeb0 kernel/bpf/syscall.c:6146
 __do_sys_bpf kernel/bpf/syscall.c:6274 [inline]
 __se_sys_bpf kernel/bpf/syscall.c:6272 [inline]
 __x64_sys_bpf+0xa4/0xf0 kernel/bpf/syscall.c:6272
 x64_sys_call+0x31c3/0x3e70 arch/x86/include/generated/asm/syscalls_64.h:322
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xd3/0xf80 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

Uninit was created at:
 __alloc_frozen_pages_noprof+0x421/0xab0 mm/page_alloc.c:5233
 alloc_pages_mpol+0x328/0x860 mm/mempolicy.c:2486
 folio_alloc_mpol_noprof+0x56/0x1d0 mm/mempolicy.c:2505
 shmem_alloc_folio mm/shmem.c:1890 [inline]
 shmem_alloc_and_add_folio+0xc56/0x1bd0 mm/shmem.c:1932
 shmem_get_folio_gfp+0xad3/0x1fc0 mm/shmem.c:2556
 shmem_get_folio mm/shmem.c:2662 [inline]
 shmem_symlink+0x562/0xad0 mm/shmem.c:4129
 vfs_symlink+0x42f/0x4c0 fs/namei.c:5514
 do_symlinkat+0x2ae/0xbb0 fs/namei.c:5541
 __do_sys_symlink fs/namei.c:5567 [inline]
 __se_sys_symlink fs/namei.c:5565 [inline]
 __x64_sys_symlink+0xcf/0x140 fs/namei.c:5565
 x64_sys_call+0x2c72/0x3e70 arch/x86/include/generated/asm/syscalls_64.h:89
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xd3/0xf80 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

CPU: 0 UID: 0 PID: 12506 Comm: syz.2.1876 Tainted: G        W    L      syzkaller #0 PREEMPT(none) 
Tainted: [W]=WARN, [L]=SOFTLOCKUP
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
=====================================================

Crashes (3):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2025/12/29 07:31 upstream c875a6c32467 d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in swap_writeout
2025/12/23 00:16 upstream 9448598b22c5 d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in swap_writeout
2025/12/18 12:15 upstream ea1013c15392 d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in swap_writeout
* Struck through repros no longer work on HEAD.