syzbot

 sign-in | mailing list | source | docs | 🏰
🐞 Open [1354]
Subsystems
🐞 Fixed [7089]
🐞 Invalid [18681]
Missing Backports [221]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
✨ AI
💬 Send us feedback

KMSAN: uninit-value in __flush_smp_call_function_queue

Status: upstream: reported C repro on 2026/02/15 08:48
Subsystems: kernel
[Documentation on labels]
Reported-by: syzbot+4b1bd55fba6260160779@syzkaller.appspotmail.com
First crash: 89d, last: 14h40m
Discussions (2)
Title Replies (including bot) Last reply
[PATCH] sched/psi: initialize *flags in psi_memstall_enter when PSI is disabled 5 (5) 2026/04/08 16:58
[syzbot] [kernel?] KMSAN: uninit-value in __flush_smp_call_function_queue 1 (4) 2026/03/10 07:17
Last patch testing requests (5)
Created Duration User Patch Repo Result
2026/04/29 17:23 46m retest repro upstream report log
2026/04/29 17:23 30m retest repro upstream report log
2026/04/29 17:23 38m retest repro upstream report log
2026/04/29 17:23 40m retest repro upstream report log
2026/03/10 06:48 27m wangqing7171@gmail.com patch upstream report log

Sample crash report:
=====================================================
BUG: KMSAN: uninit-value in __flush_smp_call_function_queue+0x362/0x18e0 kernel/smp.c:535
 __flush_smp_call_function_queue+0x362/0x18e0 kernel/smp.c:535
 generic_smp_call_function_single_interrupt+0x1c/0x30 kernel/smp.c:463
 __sysvec_call_function_single+0x4b/0x3e0 arch/x86/kernel/smp.c:271
 instr_sysvec_call_function_single arch/x86/kernel/smp.c:266 [inline]
 sysvec_call_function_single+0x7c/0x90 arch/x86/kernel/smp.c:266
 asm_sysvec_call_function_single+0x1f/0x30 arch/x86/include/asm/idtentry.h:704
 smap_save mm/kmsan/instrumentation.c:94 [inline]
 get_shadow_origin_ptr mm/kmsan/instrumentation.c:35 [inline]
 __msan_metadata_ptr_for_load_8+0x14/0x40 mm/kmsan/instrumentation.c:94
 find_next_bit include/linux/find.h:69 [inline]
 __for_each_wrap include/linux/find.h:477 [inline]
 steal_cookie_task kernel/sched/core.c:6305 [inline]
 sched_core_balance+0x17f2/0x2010 kernel/sched/core.c:6333
 do_balance_callbacks kernel/sched/core.c:4929 [inline]
 __balance_callbacks kernel/sched/core.c:4985 [inline]
 finish_lock_switch kernel/sched/core.c:5034 [inline]
 finish_task_switch+0x3e4/0x8b0 kernel/sched/core.c:5153
 context_switch kernel/sched/core.c:5301 [inline]
 __schedule+0x2607/0x8640 kernel/sched/core.c:6911
 schedule_idle+0x5a/0x90 kernel/sched/core.c:7034
 do_idle+0x859/0x870 kernel/sched/idle.c:369
 cpu_startup_entry+0x5f/0x80 kernel/sched/idle.c:439
 rest_init+0x1df/0x260 init/main.c:760
 start_kernel+0x6d1/0x8b0 init/main.c:1210
 x86_64_start_reservations+0x28/0x30 arch/x86/kernel/head64.c:310
 x86_64_start_kernel+0x139/0x140 arch/x86/kernel/head64.c:291
 common_startup_64+0x13e/0x147

Local variable pflags created at:
 try_charge_memcg+0x63/0x1c20 mm/memcontrol.c:2367
 try_charge mm/memcontrol.c:2556 [inline]
 charge_memcg mm/memcontrol.c:4744 [inline]
 __mem_cgroup_charge+0x114/0x5c0 mm/memcontrol.c:4761

CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted syzkaller #0 PREEMPT(full) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
=====================================================

Crashes (809):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2026/03/20 05:41 upstream 8a30aeb0d1b4 bd6dcb30 .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in __flush_smp_call_function_queue
2026/03/20 03:49 upstream 8a30aeb0d1b4 bd6dcb30 .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in __flush_smp_call_function_queue
2026/03/20 02:18 upstream 8a30aeb0d1b4 bd6dcb30 .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in __flush_smp_call_function_queue
2026/02/15 19:04 upstream ca4ee40bf13d 1e62d198 .config console log report syz / log C [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in __flush_smp_call_function_queue
2026/05/11 06:53 upstream aa54b1d27fe0 29233ece .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in __flush_smp_call_function_queue
2026/05/10 09:30 upstream 1bfaee9d3351 29233ece .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in __flush_smp_call_function_queue
2026/05/10 07:29 upstream 1bfaee9d3351 29233ece .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in __flush_smp_call_function_queue
2026/05/10 02:57 upstream 1bfaee9d3351 29233ece .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in __flush_smp_call_function_queue
2026/05/09 22:20 upstream 70390501d194 29233ece .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in __flush_smp_call_function_queue
2026/05/09 20:32 upstream 70390501d194 29233ece .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in __flush_smp_call_function_queue
2026/05/09 12:47 upstream 70390501d194 29233ece .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in __flush_smp_call_function_queue
2026/05/09 06:23 upstream 81d6f7807536 0c5a8d8f .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in __flush_smp_call_function_queue
2026/05/09 05:06 upstream 81d6f7807536 0c5a8d8f .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in __flush_smp_call_function_queue
2026/05/08 23:10 upstream 81d6f7807536 0c5a8d8f .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in __flush_smp_call_function_queue
2026/05/08 02:07 upstream 19cbc75c56c0 e358bca5 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in __flush_smp_call_function_queue
2026/05/07 15:21 upstream 5862221fdded f250db59 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in __flush_smp_call_function_queue
2026/05/07 12:40 upstream 5862221fdded f250db59 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in __flush_smp_call_function_queue
2026/05/07 11:36 upstream 5862221fdded f250db59 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in __flush_smp_call_function_queue
2026/05/07 01:18 upstream 74fe02ce122a cbcd9ea0 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in __flush_smp_call_function_queue
2026/05/06 21:28 upstream 74fe02ce122a cbcd9ea0 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in __flush_smp_call_function_queue
2026/05/06 11:26 upstream 9207d47f966b 26da2c66 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in __flush_smp_call_function_queue
2026/05/06 06:10 upstream 9207d47f966b 26da2c66 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in __flush_smp_call_function_queue
2026/05/05 19:21 upstream a293ec25d59d 06e69a27 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in __flush_smp_call_function_queue
2026/05/05 09:04 upstream c7e4e4d5f7dc a898ba9c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in __flush_smp_call_function_queue
2026/05/05 07:33 upstream c7e4e4d5f7dc a898ba9c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in __flush_smp_call_function_queue
2026/05/04 15:53 upstream 6d35786de281 85f1bcf2 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in __flush_smp_call_function_queue
2026/05/04 12:44 upstream 6d35786de281 85f1bcf2 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in __flush_smp_call_function_queue
2026/05/04 05:37 upstream f377d0025eb0 a0d91488 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in __flush_smp_call_function_queue
2026/05/04 00:37 upstream f377d0025eb0 a0d91488 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in __flush_smp_call_function_queue
2026/05/03 22:29 upstream f377d0025eb0 a0d91488 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in __flush_smp_call_function_queue
2026/05/03 09:23 upstream 66edb901bf87 a0d91488 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in __flush_smp_call_function_queue
2026/05/03 08:02 upstream 66edb901bf87 a0d91488 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in __flush_smp_call_function_queue
2026/05/02 21:50 upstream f1a5e78a55eb a0d91488 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in __flush_smp_call_function_queue
2026/05/02 20:47 upstream f1a5e78a55eb a0d91488 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in __flush_smp_call_function_queue
2026/05/02 07:51 upstream 6fe0be6dc7fa 753c55b9 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in __flush_smp_call_function_queue
2026/05/02 02:06 upstream 6fe0be6dc7fa 753c55b9 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in __flush_smp_call_function_queue
2026/02/15 07:56 upstream ca4ee40bf13d 1e62d198 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in __flush_smp_call_function_queue
2026/02/11 08:40 upstream dc855b77719f 441e25b7 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in __flush_smp_call_function_queue
2026/05/11 14:18 upstream 5d6919055dec e6eb7c0b .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in __flush_smp_call_function_queue
2026/05/11 05:23 upstream aa54b1d27fe0 29233ece .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in __flush_smp_call_function_queue
2026/05/10 16:14 upstream 1bfaee9d3351 29233ece .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in __flush_smp_call_function_queue
2026/05/10 10:35 upstream 1bfaee9d3351 29233ece .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in __flush_smp_call_function_queue
2026/05/09 17:51 upstream 70390501d194 29233ece .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in __flush_smp_call_function_queue
2026/05/09 03:42 upstream 81d6f7807536 0c5a8d8f .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in __flush_smp_call_function_queue
2026/05/08 17:09 upstream 917719c412c4 5633175a .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in __flush_smp_call_function_queue
2026/05/06 12:37 upstream 9207d47f966b 26da2c66 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in __flush_smp_call_function_queue
2026/05/06 09:19 upstream 9207d47f966b 26da2c66 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in __flush_smp_call_function_queue
2026/05/06 07:55 upstream 9207d47f966b 26da2c66 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in __flush_smp_call_function_queue
2026/05/05 20:22 upstream a293ec25d59d 06e69a27 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in __flush_smp_call_function_queue
2026/05/05 06:23 upstream c7e4e4d5f7dc a898ba9c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in __flush_smp_call_function_queue
2026/05/03 14:58 upstream 66edb901bf87 a0d91488 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in __flush_smp_call_function_queue
2026/05/03 12:30 upstream 66edb901bf87 a0d91488 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in __flush_smp_call_function_queue
2026/05/03 10:46 upstream 66edb901bf87 a0d91488 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in __flush_smp_call_function_queue
2026/05/02 19:18 upstream f1a5e78a55eb a0d91488 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in __flush_smp_call_function_queue
2026/05/02 17:23 upstream f1a5e78a55eb a0d91488 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in __flush_smp_call_function_queue
2026/05/01 22:54 upstream 26fd6bff2c05 753c55b9 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in __flush_smp_call_function_queue
* Struck through repros no longer work on HEAD.