===================================================== BUG: KMSAN: uninit-value in __flush_smp_call_function_queue+0x362/0x18e0 kernel/smp.c:535 __flush_smp_call_function_queue+0x362/0x18e0 kernel/smp.c:535 generic_smp_call_function_single_interrupt+0x1c/0x30 kernel/smp.c:463 __sysvec_call_function_single+0x4b/0x3e0 arch/x86/kernel/smp.c:271 instr_sysvec_call_function_single arch/x86/kernel/smp.c:266 [inline] sysvec_call_function_single+0x7c/0x90 arch/x86/kernel/smp.c:266 asm_sysvec_call_function_single+0x1f/0x30 arch/x86/include/asm/idtentry.h:704 bit_spin_lock include/linux/bit_spinlock.h:40 [inline] slab_lock mm/slub.c:623 [inline] __update_freelist_slow mm/slub.c:650 [inline] slab_update_freelist mm/slub.c:707 [inline] get_freelist_nofreeze mm/slub.c:4217 [inline] __refill_objects_node+0x130a/0x1f30 mm/slub.c:6950 refill_objects+0xae/0xd20 mm/slub.c:7078 refill_sheaf mm/slub.c:2787 [inline] __prefill_sheaf_pfmemalloc mm/slub.c:4853 [inline] kmem_cache_prefill_sheaf+0xd47/0x1440 mm/slub.c:4942 mt_get_sheaf lib/maple_tree.c:189 [inline] mas_alloc_nodes+0x365/0x5a0 lib/maple_tree.c:1140 mas_preallocate+0x716/0xca0 lib/maple_tree.c:5194 vma_iter_prealloc mm/vma.h:505 [inline] vma_link mm/vma.c:1823 [inline] insert_vm_struct+0x3d5/0xfb0 mm/vma.c:3288 __install_special_mapping mm/mmap.c:1460 [inline] _install_special_mapping+0x1e6/0x6d0 mm/mmap.c:1496 vdso_install_vvar_mapping+0x47/0x60 lib/vdso/datastore.c:101 map_vdso+0x469/0xa60 arch/x86/entry/vdso/vma.c:168 arch_setup_additional_pages+0x7f/0xc0 arch/x86/entry/vdso/vma.c:238 load_elf_binary+0x466f/0x5650 fs/binfmt_elf.c:1291 search_binary_handler fs/exec.c:1664 [inline] exec_binprm fs/exec.c:1696 [inline] bprm_execve+0xb1f/0x19a0 fs/exec.c:1748 kernel_execve+0xf61/0x1120 fs/exec.c:1892 call_usermodehelper_exec_async+0x4a0/0x6f0 kernel/umh.c:109 ret_from_fork+0x20f/0x910 arch/x86/kernel/process.c:158 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245 Uninit was stored to memory at: mas_topiary_replace lib/maple_tree.c:2411 [inline] mas_wmb_replace+0x369d/0x4260 lib/maple_tree.c:2433 mas_split lib/maple_tree.c:3052 [inline] mas_commit_b_node lib/maple_tree.c:3072 [inline] mas_wr_bnode lib/maple_tree.c:3739 [inline] mas_wr_store_entry+0x30fe/0x96d0 lib/maple_tree.c:3771 mas_store_prealloc+0x1834/0x1e60 lib/maple_tree.c:5169 vma_iter_store_overwrite mm/vma.h:544 [inline] vma_iter_store_new mm/vma.h:551 [inline] __mmap_new_vma mm/vma.c:2546 [inline] __mmap_region mm/vma.c:2752 [inline] mmap_region+0x473b/0x5b80 mm/vma.c:2830 do_mmap+0x17aa/0x1d70 mm/mmap.c:558 vm_mmap_pgoff+0x40c/0x760 mm/util.c:581 vm_mmap+0xdb/0x120 mm/util.c:617 __x86_set_memory_region+0x52c/0x830 arch/x86/kvm/x86.c:13336 kvm_alloc_apic_access_page+0xc0/0x1c0 arch/x86/kvm/lapic.c:2861 vmx_vcpu_create+0x5ef/0x1470 arch/x86/kvm/vmx/vmx.c:7830 kvm_arch_vcpu_create+0x9d1/0xc60 arch/x86/kvm/x86.c:12804 kvm_vm_ioctl_create_vcpu+0x525/0xdf0 virt/kvm/kvm_main.c:4223 kvm_vm_ioctl+0xaa4/0x1680 virt/kvm/kvm_main.c:5180 kvm_vm_compat_ioctl+0x347/0x630 virt/kvm/kvm_main.c:5482 __do_compat_sys_ioctl fs/ioctl.c:695 [inline] __se_compat_sys_ioctl fs/ioctl.c:638 [inline] __ia32_compat_sys_ioctl+0x7f9/0x1270 fs/ioctl.c:638 ia32_sys_call+0x2854/0x4360 arch/x86/include/generated/asm/syscalls_32.h:55 do_syscall_32_irqs_on arch/x86/entry/syscall_32.c:83 [inline] __do_fast_syscall_32+0x17f/0x3f0 arch/x86/entry/syscall_32.c:307 do_fast_syscall_32+0x37/0x80 arch/x86/entry/syscall_32.c:332 do_SYSENTER_32+0x1f/0x30 arch/x86/entry/syscall_32.c:370 entry_SYSENTER_compat_after_hwframe+0x84/0x8e Local variable tmp_next.i created at: mas_topiary_replace lib/maple_tree.c:2335 [inline] mas_wmb_replace+0x66/0x4260 lib/maple_tree.c:2433 mas_split lib/maple_tree.c:3052 [inline] mas_commit_b_node lib/maple_tree.c:3072 [inline] mas_wr_bnode lib/maple_tree.c:3739 [inline] mas_wr_store_entry+0x30fe/0x96d0 lib/maple_tree.c:3771 CPU: 1 UID: 0 PID: 13786 Comm: modprobe Tainted: G W L syzkaller #0 PREEMPT(full) Tainted: [W]=WARN, [L]=SOFTLOCKUP Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026 =====================================================