===================================================== BUG: KMSAN: uninit-value in __list_del_entry_valid+0x403/0x410 lib/list_debug.c:54 CPU: 1 PID: 30974 Comm: syz-executor.0 Not tainted 5.12.0-rc6-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:79 [inline] dump_stack+0x24c/0x2e0 lib/dump_stack.c:120 kmsan_report+0xfb/0x1e0 mm/kmsan/kmsan_report.c:121 __msan_warning+0x5c/0xa0 mm/kmsan/kmsan_instr.c:197 __list_del_entry_valid+0x403/0x410 lib/list_debug.c:54 __list_del_entry include/linux/list.h:132 [inline] list_move_tail include/linux/list.h:227 [inline] rwsem_mark_wake+0x436/0xd00 kernel/locking/rwsem.c:482 rwsem_wake kernel/locking/rwsem.c:1176 [inline] __up_write kernel/locking/rwsem.c:1322 [inline] up_write+0x1a6/0x220 kernel/locking/rwsem.c:1459 anon_vma_unlock_write include/linux/rmap.h:124 [inline] split_huge_page_to_list+0x1c3e/0x22c0 mm/huge_memory.c:2787 shrink_page_list+0x28c4/0x7840 mm/vmscan.c:1279 shrink_inactive_list+0x83f/0x14f0 mm/vmscan.c:1948 shrink_list mm/vmscan.c:2170 [inline] shrink_lruvec+0x738/0x1480 mm/vmscan.c:2465 shrink_node_memcgs+0x5a3/0xc60 mm/vmscan.c:2653 shrink_node+0x1a02/0x3400 mm/vmscan.c:2770 shrink_zones+0x98e/0xfb0 mm/vmscan.c:2973 do_try_to_free_pages+0x2fa/0x15a0 mm/vmscan.c:3028 try_to_free_pages+0xb66/0x1860 mm/vmscan.c:3267 __perform_reclaim mm/page_alloc.c:4399 [inline] __alloc_pages_direct_reclaim mm/page_alloc.c:4420 [inline] __alloc_pages_slowpath+0x1f46/0x3af0 mm/page_alloc.c:4824 __alloc_pages_nodemask+0xbbb/0xf90 mm/page_alloc.c:5034 alloc_pages_current+0x7b6/0xb60 mm/mempolicy.c:2277 alloc_pages include/linux/gfp.h:561 [inline] __vmalloc_area_node mm/vmalloc.c:2524 [inline] __vmalloc_node_range+0x987/0x1310 mm/vmalloc.c:2590 vmalloc_user+0xd7/0xf0 mm/vmalloc.c:2702 vb2_vmalloc_alloc+0x1fa/0x490 drivers/media/common/videobuf2/videobuf2-vmalloc.c:48 __vb2_buf_mem_alloc drivers/media/common/videobuf2/videobuf2-core.c:233 [inline] __vb2_queue_alloc+0xf54/0x2660 drivers/media/common/videobuf2/videobuf2-core.c:438 vb2_core_create_bufs+0xa29/0x1260 drivers/media/common/videobuf2/videobuf2-core.c:920 vb2_create_bufs+0xd8a/0x1320 drivers/media/common/videobuf2/videobuf2-v4l2.c:799 v4l2_m2m_create_bufs drivers/media/v4l2-core/v4l2-mem2mem.c:810 [inline] v4l2_m2m_ioctl_create_bufs+0x195/0x1e0 drivers/media/v4l2-core/v4l2-mem2mem.c:1325 v4l_create_bufs+0x4eb/0x620 drivers/media/v4l2-core/v4l2-ioctl.c:2094 __video_do_ioctl+0x15cd/0x1d20 drivers/media/v4l2-core/v4l2-ioctl.c:2993 video_usercopy+0x2428/0x3e70 drivers/media/v4l2-core/v4l2-ioctl.c:3339 video_ioctl2+0x9f/0xb0 drivers/media/v4l2-core/v4l2-ioctl.c:3387 v4l2_ioctl+0x255/0x290 drivers/media/v4l2-core/v4l2-dev.c:365 vfs_ioctl fs/ioctl.c:48 [inline] __do_sys_ioctl fs/ioctl.c:753 [inline] __se_sys_ioctl+0x311/0x4d0 fs/ioctl.c:739 __x64_sys_ioctl+0x4a/0x70 fs/ioctl.c:739 do_syscall_64+0x9f/0x140 arch/x86/entry/common.c:48 entry_SYSCALL_64_after_hwframe+0x44/0xae RIP: 0033:0x4665d9 Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 bc ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007fa8bf710188 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 RAX: ffffffffffffffda RBX: 000000000056c0f0 RCX: 00000000004665d9 RDX: 00000000200002c0 RSI: 00000000c100565c RDI: 0000000000000003 RBP: 00000000004bfcb9 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 000000000056c0f0 R13: 0000000000a9fb1f R14: 00007fa8bf710300 R15: 0000000000022000 Local variable ----pvmw@remove_migration_pte created at: remove_migration_pte+0xbe/0x1920 mm/migrate.c:204 remove_migration_pte+0xbe/0x1920 mm/migrate.c:204 =====================================================