syzbot

 sign-in | mailing list | source | docs
🐞 Open [1391]
Subsystems
🐞 Fixed [7019]
🐞 Invalid [18334]
Missing Backports [223]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
✨ AI
💬 Send us feedback

KASAN: wild-memory-access Read in lookup_swap_cgroup_id (2)

Status: upstream: reported on 2026/02/06 07:24
Subsystems: mm cgroups
[Documentation on labels]
Reported-by: syzbot+e12bd9ca48157add237a@syzkaller.appspotmail.com
First crash: 58d, last: 22d
✨ AI Jobs (1)
ID Workflow Result Correct Bug Created Started Finished Revision Error
dfd1fd4b-0d7d-4922-af45-fc54b9fe20e4 repro KASAN: wild-memory-access Read in lookup_swap_cgroup_id (2) 2026/03/07 09:24 2026/03/07 09:24 2026/03/07 09:34 31e9c887f7dc24e04b3ca70d0d54fc34141844b0
Discussions (1)
Title Replies (including bot) Last reply
[syzbot] [cgroups?] [mm?] KASAN: wild-memory-access Read in lookup_swap_cgroup_id (2) 3 (4) 2026/02/13 16:04
Similar bugs (1)
Kernel Title Rank 🛈 Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KASAN: wild-memory-access Read in lookup_swap_cgroup_id cgroups mm 17 1 386d 381d 0/29 auto-obsoleted due to no activity on 2025/06/14 20:44

Sample crash report:
==================================================================
BUG: KASAN: wild-memory-access in instrument_atomic_read include/linux/instrumented.h:82 [inline]
BUG: KASAN: wild-memory-access in atomic_read include/linux/atomic/atomic-instrumented.h:32 [inline]
BUG: KASAN: wild-memory-access in __swap_cgroup_id_lookup mm/swap_cgroup.c:28 [inline]
BUG: KASAN: wild-memory-access in lookup_swap_cgroup_id+0x8b/0xf0 mm/swap_cgroup.c:127
Read of size 4 at addr 0007fffffffffffc by task syz.8.8206/31145

CPU: 1 UID: 0 PID: 31145 Comm: syz.8.8206 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
Call Trace:
 <TASK>
 dump_stack_lvl+0xe8/0x150 lib/dump_stack.c:120
 kasan_report+0x117/0x150 mm/kasan/report.c:595
 check_region_inline mm/kasan/generic.c:-1 [inline]
 kasan_check_range+0x264/0x2c0 mm/kasan/generic.c:200
 instrument_atomic_read include/linux/instrumented.h:82 [inline]
 atomic_read include/linux/atomic/atomic-instrumented.h:32 [inline]
 __swap_cgroup_id_lookup mm/swap_cgroup.c:28 [inline]
 lookup_swap_cgroup_id+0x8b/0xf0 mm/swap_cgroup.c:127
 swap_pte_batch+0x12d/0x320 mm/internal.h:460
 zap_nonpresent_ptes mm/memory.c:1762 [inline]
 do_zap_pte_range mm/memory.c:1831 [inline]
 zap_pte_range mm/memory.c:1929 [inline]
 zap_pmd_range mm/memory.c:2021 [inline]
 zap_pud_range mm/memory.c:2049 [inline]
 zap_p4d_range mm/memory.c:2070 [inline]
 unmap_page_range+0x148c/0x4540 mm/memory.c:2091
 unmap_single_vma mm/memory.c:2133 [inline]
 unmap_vmas+0x48f/0x6a0 mm/memory.c:2171
 exit_mmap+0x280/0xa10 mm/mmap.c:1302
 __mmput+0xcb/0x3d0 kernel/fork.c:1174
 exit_mm+0x168/0x220 kernel/exit.c:581
 do_exit+0x6a2/0x23c0 kernel/exit.c:964
 do_group_exit+0x21b/0x2d0 kernel/exit.c:1118
 __do_sys_exit_group kernel/exit.c:1129 [inline]
 __se_sys_exit_group kernel/exit.c:1127 [inline]
 __x64_sys_exit_group+0x3f/0x40 kernel/exit.c:1127
 x64_sys_call+0x221a/0x2240 arch/x86/include/generated/asm/syscalls_64.h:232
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0x14d/0xf80 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7fcb4dcfc799
Code: Unable to access opcode bytes at 0x7fcb4dcfc76f.
RSP: 002b:00007ffcde582f18 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fcb4dcfc799
RDX: 0000000000000064 RSI: 0000000000000000 RDI: 0000000000000000
RBP: 00007ffcde582f7c R08: 0000000000000000 R09: 00000000000927c0
R10: 0000000000000001 R11: 0000000000000246 R12: 000000000000008a
R13: 00000000000927c0 R14: 00000000001f41b8 R15: 00007ffcde582fd0
 </TASK>
==================================================================

Crashes (3):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2026/03/05 16:24 upstream c107785c7e8d d20b04c8 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root KASAN: wild-memory-access Read in lookup_swap_cgroup_id
2026/02/02 16:15 upstream 18f7fcd5e69a 018ebef2 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root KASAN: wild-memory-access Read in lookup_swap_cgroup_id
2026/01/28 07:38 upstream 1f97d9dcf536 3029c699 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root KASAN: wild-memory-access Read in lookup_swap_cgroup_id
* Struck through repros no longer work on HEAD.