=====================================================
BUG: KMSAN: use-after-free in check_template lib/842/842_compress.c:391 [inline]
BUG: KMSAN: use-after-free in process_next lib/842/842_compress.c:456 [inline]
BUG: KMSAN: use-after-free in sw842_compress+0x1731/0x5a90 lib/842/842_compress.c:545
 check_template lib/842/842_compress.c:391 [inline]
 process_next lib/842/842_compress.c:456 [inline]
 sw842_compress+0x1731/0x5a90 lib/842/842_compress.c:545
 crypto842_scompress+0x4f/0x70 crypto/842.c:50
 scomp_acomp_comp_decomp+0xa8d/0xd90 crypto/scompress.c:-1
 scomp_acomp_chain crypto/scompress.c:297 [inline]
 scomp_acomp_compress+0x3c/0x1f0 crypto/scompress.c:308
 acomp_do_req_chain+0x39a/0x9f0 crypto/acompress.c:353
 crypto_acomp_compress+0x5f/0x80 crypto/acompress.c:372
 zswap_compress mm/zswap.c:977 [inline]
 zswap_store_page mm/zswap.c:1495 [inline]
 zswap_store+0x20a1/0x4720 mm/zswap.c:1604
 swap_writepage+0xa7f/0x1980 mm/page_io.c:278
 shmem_writepage+0x25e2/0x2840 mm/shmem.c:1649
 pageout mm/vmscan.c:711 [inline]
 shrink_folio_list+0x6049/0x8490 mm/vmscan.c:1436
 evict_folios+0x93a4/0xb930 mm/vmscan.c:4698
 try_to_shrink_lruvec+0xc6a/0x1090 mm/vmscan.c:4859
 lru_gen_shrink_lruvec mm/vmscan.c:5008 [inline]
 shrink_lruvec+0x4b2/0x49f0 mm/vmscan.c:5753
 shrink_node_memcgs mm/vmscan.c:5989 [inline]
 shrink_node+0x1064/0x5220 mm/vmscan.c:6030
 shrink_zones mm/vmscan.c:6274 [inline]
 do_try_to_free_pages+0x81d/0x2450 mm/vmscan.c:6336
 try_to_free_mem_cgroup_pages+0x3fd/0xa60 mm/vmscan.c:6664
 try_charge_memcg+0x8bd/0x17f0 mm/memcontrol.c:2305
 try_charge mm/memcontrol.c:2447 [inline]
 charge_memcg+0xda/0x2b0 mm/memcontrol.c:4593
 __mem_cgroup_charge+0x73/0x2c0 mm/memcontrol.c:4610
 mem_cgroup_charge include/linux/memcontrol.h:642 [inline]
 shmem_alloc_and_add_folio+0xdc5/0x1b90 mm/shmem.c:1903
 shmem_get_folio_gfp+0xacd/0x1f30 mm/shmem.c:2533
 shmem_read_folio_gfp+0x82/0x140 mm/shmem.c:5929
 drm_gem_get_pages+0x3cc/0x1450 drivers/gpu/drm/drm_gem.c:594
 drm_gem_shmem_get_pages drivers/gpu/drm/drm_gem_shmem_helper.c:199 [inline]
 drm_gem_shmem_vmap+0x30f/0xd90 drivers/gpu/drm/drm_gem_shmem_helper.c:359
 drm_gem_shmem_object_vmap+0x35/0x40 include/drm/drm_gem_shmem_helper.h:232
 drm_gem_vmap drivers/gpu/drm/drm_gem.c:1228 [inline]
 drm_gem_vmap_unlocked+0xc6/0x200 drivers/gpu/drm/drm_gem.c:1270
 drm_gem_fb_vmap+0x119/0x5c0 drivers/gpu/drm/drm_gem_framebuffer_helper.c:365
 vkms_prepare_fb+0x12f/0x170 drivers/gpu/drm/vkms/vkms_plane.c:166
 drm_atomic_helper_prepare_planes+0x43c/0x10c0 drivers/gpu/drm/drm_atomic_helper.c:2638
 drm_atomic_helper_commit+0x1f3/0xe80 drivers/gpu/drm/drm_atomic_helper.c:2067
 drm_atomic_commit+0x316/0x390 drivers/gpu/drm/drm_atomic.c:1518
 drm_atomic_helper_update_plane+0x42b/0x600 drivers/gpu/drm/drm_atomic_helper.c:3226
 __setplane_atomic+0x33d/0x3f0 drivers/gpu/drm/drm_plane.c:1074
 drm_mode_cursor_universal drivers/gpu/drm/drm_plane.c:1229 [inline]
 drm_mode_cursor_common+0x171a/0x1e80 drivers/gpu/drm/drm_plane.c:1288
 drm_mode_cursor_ioctl+0xa2/0xd0 drivers/gpu/drm/drm_plane.c:1338
 drm_ioctl_kernel+0x4e4/0x560 drivers/gpu/drm/drm_ioctl.c:796
 drm_ioctl+0xd0d/0x15a0 drivers/gpu/drm/drm_ioctl.c:893
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:906 [inline]
 __se_sys_ioctl+0x241/0x430 fs/ioctl.c:892
 __x64_sys_ioctl+0x96/0xe0 fs/ioctl.c:892
 x64_sys_call+0x1a16/0x3c80 arch/x86/include/generated/asm/syscalls_64.h:17
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xcd/0x1e0 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

Uninit was stored to memory at:
 get_next_data lib/842/842_compress.c:416 [inline]
 sw842_compress+0xe71/0x5a90 lib/842/842_compress.c:522
 crypto842_scompress+0x4f/0x70 crypto/842.c:50
 scomp_acomp_comp_decomp+0xa8d/0xd90 crypto/scompress.c:-1
 scomp_acomp_chain crypto/scompress.c:297 [inline]
 scomp_acomp_compress+0x3c/0x1f0 crypto/scompress.c:308
 acomp_do_req_chain+0x39a/0x9f0 crypto/acompress.c:353
 crypto_acomp_compress+0x5f/0x80 crypto/acompress.c:372
 zswap_compress mm/zswap.c:977 [inline]
 zswap_store_page mm/zswap.c:1495 [inline]
 zswap_store+0x20a1/0x4720 mm/zswap.c:1604
 swap_writepage+0xa7f/0x1980 mm/page_io.c:278
 shmem_writepage+0x25e2/0x2840 mm/shmem.c:1649
 pageout mm/vmscan.c:711 [inline]
 shrink_folio_list+0x6049/0x8490 mm/vmscan.c:1436
 evict_folios+0x93a4/0xb930 mm/vmscan.c:4698
 try_to_shrink_lruvec+0xc6a/0x1090 mm/vmscan.c:4859
 lru_gen_shrink_lruvec mm/vmscan.c:5008 [inline]
 shrink_lruvec+0x4b2/0x49f0 mm/vmscan.c:5753
 shrink_node_memcgs mm/vmscan.c:5989 [inline]
 shrink_node+0x1064/0x5220 mm/vmscan.c:6030
 shrink_zones mm/vmscan.c:6274 [inline]
 do_try_to_free_pages+0x81d/0x2450 mm/vmscan.c:6336
 try_to_free_mem_cgroup_pages+0x3fd/0xa60 mm/vmscan.c:6664
 try_charge_memcg+0x8bd/0x17f0 mm/memcontrol.c:2305
 try_charge mm/memcontrol.c:2447 [inline]
 charge_memcg+0xda/0x2b0 mm/memcontrol.c:4593
 __mem_cgroup_charge+0x73/0x2c0 mm/memcontrol.c:4610
 mem_cgroup_charge include/linux/memcontrol.h:642 [inline]
 shmem_alloc_and_add_folio+0xdc5/0x1b90 mm/shmem.c:1903
 shmem_get_folio_gfp+0xacd/0x1f30 mm/shmem.c:2533
 shmem_read_folio_gfp+0x82/0x140 mm/shmem.c:5929
 drm_gem_get_pages+0x3cc/0x1450 drivers/gpu/drm/drm_gem.c:594
 drm_gem_shmem_get_pages drivers/gpu/drm/drm_gem_shmem_helper.c:199 [inline]
 drm_gem_shmem_vmap+0x30f/0xd90 drivers/gpu/drm/drm_gem_shmem_helper.c:359
 drm_gem_shmem_object_vmap+0x35/0x40 include/drm/drm_gem_shmem_helper.h:232
 drm_gem_vmap drivers/gpu/drm/drm_gem.c:1228 [inline]
 drm_gem_vmap_unlocked+0xc6/0x200 drivers/gpu/drm/drm_gem.c:1270
 drm_gem_fb_vmap+0x119/0x5c0 drivers/gpu/drm/drm_gem_framebuffer_helper.c:365
 vkms_prepare_fb+0x12f/0x170 drivers/gpu/drm/vkms/vkms_plane.c:166
 drm_atomic_helper_prepare_planes+0x43c/0x10c0 drivers/gpu/drm/drm_atomic_helper.c:2638
 drm_atomic_helper_commit+0x1f3/0xe80 drivers/gpu/drm/drm_atomic_helper.c:2067
 drm_atomic_commit+0x316/0x390 drivers/gpu/drm/drm_atomic.c:1518
 drm_atomic_helper_update_plane+0x42b/0x600 drivers/gpu/drm/drm_atomic_helper.c:3226
 __setplane_atomic+0x33d/0x3f0 drivers/gpu/drm/drm_plane.c:1074
 drm_mode_cursor_universal drivers/gpu/drm/drm_plane.c:1229 [inline]
 drm_mode_cursor_common+0x171a/0x1e80 drivers/gpu/drm/drm_plane.c:1288
 drm_mode_cursor_ioctl+0xa2/0xd0 drivers/gpu/drm/drm_plane.c:1338
 drm_ioctl_kernel+0x4e4/0x560 drivers/gpu/drm/drm_ioctl.c:796
 drm_ioctl+0xd0d/0x15a0 drivers/gpu/drm/drm_ioctl.c:893
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:906 [inline]
 __se_sys_ioctl+0x241/0x430 fs/ioctl.c:892
 __x64_sys_ioctl+0x96/0xe0 fs/ioctl.c:892
 x64_sys_call+0x1a16/0x3c80 arch/x86/include/generated/asm/syscalls_64.h:17
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xcd/0x1e0 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

Uninit was created at:
 slab_free_hook mm/slub.c:2315 [inline]
 slab_free mm/slub.c:4646 [inline]
 kmem_cache_free+0x293/0xe00 mm/slub.c:4748
 putname+0x18d/0x1d0 fs/namei.c:297
 kernel_execve+0x7b3/0x11f0 fs/exec.c:2032
 call_usermodehelper_exec_async+0x495/0x6b0 kernel/umh.c:109
 ret_from_fork+0x6d/0x90 arch/x86/kernel/process.c:153
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245

CPU: 1 UID: 0 PID: 6191 Comm: syz.0.16 Not tainted 6.15.0-rc1-syzkaller-g7cdabafc0012 #0 PREEMPT(undef) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
=====================================================