syzbot


KMSAN: uninit-value in reiserfs_security_init

Status: upstream: reported on 2023/05/10 21:49
Labels: reiserfs (incorrect?)
Reported-by: syzbot+00a3779539a23cbee38c@syzkaller.appspotmail.com
Fix commit: reiserfs: Initialize sec->length in reiserfs_security_init().
Patched on: [], missing on: [ci-qemu-upstream ci-qemu-upstream-386 ci-qemu2-arm32 ci-qemu2-arm64 ci-qemu2-arm64-compat ci-qemu2-arm64-mte ci-qemu2-riscv64 ci-upstream-bpf-kasan-gce ci-upstream-bpf-next-kasan-gce ci-upstream-gce-arm64 ci-upstream-gce-leak ci-upstream-kasan-gce ci-upstream-kasan-gce-386 ci-upstream-kasan-gce-root ci-upstream-kasan-gce-selinux-root ci-upstream-kasan-gce-smack-root ci-upstream-kmsan-gce ci-upstream-kmsan-gce-386 ci-upstream-linux-next-kasan-gce-root ci-upstream-net-kasan-gce ci-upstream-net-this-kasan-gce ci2-upstream-fs ci2-upstream-kcsan-gce ci2-upstream-usb]
First crash: 21d, last: 1h13m
Discussions (2)
Title Replies (including bot) Last reply
[PATCH] reiserfs: Initialize sec->length in reiserfs_security_init(). 3 (3) 2023/05/25 21:49
[syzbot] [reiserfs?] KMSAN: uninit-value in reiserfs_security_init 0 (1) 2023/05/10 21:49
Similar bugs (1)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream general protection fault in reiserfs_security_init reiserfs C done 26311 790d 982d 22/24 fixed on 2021/11/10 00:50

Sample crash report:
REISERFS (device loop5): journal params: device loop5, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
REISERFS (device loop5): checking transaction log (loop5)
REISERFS (device loop5): Using r5 hash to sort names
REISERFS (device loop5): using 3.5.x disk format
=====================================================
BUG: KMSAN: uninit-value in reiserfs_security_init+0x663/0x750 fs/reiserfs/xattr_security.c:84
 reiserfs_security_init+0x663/0x750 fs/reiserfs/xattr_security.c:84
 reiserfs_mkdir+0x418/0xfc0 fs/reiserfs/namei.c:823
 xattr_mkdir fs/reiserfs/xattr.c:77 [inline]
 create_privroot fs/reiserfs/xattr.c:890 [inline]
 reiserfs_xattr_init+0x47e/0xc00 fs/reiserfs/xattr.c:1006
 reiserfs_fill_super+0x3896/0x39d0 fs/reiserfs/super.c:2175
 mount_bdev+0x4e1/0x7f0 fs/super.c:1380
 get_super_block+0x4d/0x60 fs/reiserfs/super.c:2601
 legacy_get_tree+0x110/0x290 fs/fs_context.c:610
 vfs_get_tree+0xa5/0x500 fs/super.c:1510
 do_new_mount+0x68d/0x1540 fs/namespace.c:3039
 path_mount+0x725/0x1ee0 fs/namespace.c:3369
 do_mount fs/namespace.c:3382 [inline]
 __do_sys_mount fs/namespace.c:3591 [inline]
 __se_sys_mount+0x725/0x810 fs/namespace.c:3568
 __ia32_sys_mount+0xe3/0x150 fs/namespace.c:3568
 do_syscall_32_irqs_on arch/x86/entry/common.c:112 [inline]
 __do_fast_syscall_32+0xa2/0x100 arch/x86/entry/common.c:178
 do_fast_syscall_32+0x37/0x80 arch/x86/entry/common.c:203
 do_SYSENTER_32+0x1f/0x30 arch/x86/entry/common.c:246
 entry_SYSENTER_compat_after_hwframe+0x70/0x82

Local variable security created at:
 reiserfs_mkdir+0x5f/0xfc0 fs/reiserfs/namei.c:791
 xattr_mkdir fs/reiserfs/xattr.c:77 [inline]
 create_privroot fs/reiserfs/xattr.c:890 [inline]
 reiserfs_xattr_init+0x47e/0xc00 fs/reiserfs/xattr.c:1006

CPU: 1 PID: 5583 Comm: syz-executor.5 Not tainted 6.4.0-rc4-syzkaller-g2741f1b02117 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
=====================================================

Crashes (1627):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets Manager Title
2023/06/01 00:35 https://github.com/google/kmsan.git master 2741f1b02117 e2a77acd .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in reiserfs_security_init
2023/05/31 23:23 https://github.com/google/kmsan.git master 2741f1b02117 e2a77acd .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in reiserfs_security_init
2023/05/31 21:47 https://github.com/google/kmsan.git master 2741f1b02117 e2a77acd .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in reiserfs_security_init
2023/05/31 21:21 https://github.com/google/kmsan.git master 2741f1b02117 e2a77acd .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in reiserfs_security_init
2023/05/31 18:38 https://github.com/google/kmsan.git master 2741f1b02117 e2a77acd .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in reiserfs_security_init
2023/05/31 15:52 https://github.com/google/kmsan.git master 2741f1b02117 e2a77acd .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in reiserfs_security_init
2023/05/31 14:22 https://github.com/google/kmsan.git master 2741f1b02117 e2a77acd .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in reiserfs_security_init
2023/05/31 13:09 https://github.com/google/kmsan.git master 2741f1b02117 09898419 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in reiserfs_security_init
2023/05/31 12:07 https://github.com/google/kmsan.git master 2741f1b02117 09898419 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in reiserfs_security_init
2023/05/31 11:04 https://github.com/google/kmsan.git master 2741f1b02117 09898419 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in reiserfs_security_init
2023/05/31 10:03 https://github.com/google/kmsan.git master 2741f1b02117 09898419 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in reiserfs_security_init
2023/05/31 08:57 https://github.com/google/kmsan.git master 2741f1b02117 09898419 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in reiserfs_security_init
2023/05/31 07:54 https://github.com/google/kmsan.git master 2741f1b02117 09898419 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in reiserfs_security_init
2023/05/31 07:34 https://github.com/google/kmsan.git master 2741f1b02117 09898419 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in reiserfs_security_init
2023/05/31 05:49 https://github.com/google/kmsan.git master 2741f1b02117 09898419 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in reiserfs_security_init
2023/05/31 02:20 https://github.com/google/kmsan.git master 2741f1b02117 09898419 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in reiserfs_security_init
2023/05/31 00:35 https://github.com/google/kmsan.git master 2741f1b02117 09898419 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in reiserfs_security_init
2023/05/30 23:03 https://github.com/google/kmsan.git master 2741f1b02117 09898419 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in reiserfs_security_init
2023/05/30 19:46 https://github.com/google/kmsan.git master 2741f1b02117 8d5c7541 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in reiserfs_security_init
2023/05/30 16:16 https://github.com/google/kmsan.git master 2741f1b02117 8d5c7541 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in reiserfs_security_init
2023/05/30 12:03 https://github.com/google/kmsan.git master 2741f1b02117 8d5c7541 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in reiserfs_security_init
2023/05/30 09:13 https://github.com/google/kmsan.git master f93f2feda5d6 8d5c7541 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in reiserfs_security_init
2023/05/30 06:50 https://github.com/google/kmsan.git master f93f2feda5d6 cf184559 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in reiserfs_security_init
2023/05/30 06:50 https://github.com/google/kmsan.git master f93f2feda5d6 cf184559 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in reiserfs_security_init
2023/05/30 03:56 https://github.com/google/kmsan.git master f93f2feda5d6 cf184559 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in reiserfs_security_init
2023/05/30 02:49 https://github.com/google/kmsan.git master f93f2feda5d6 cf184559 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in reiserfs_security_init
2023/05/30 01:46 https://github.com/google/kmsan.git master f93f2feda5d6 cf184559 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in reiserfs_security_init
2023/05/30 01:39 https://github.com/google/kmsan.git master f93f2feda5d6 cf184559 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in reiserfs_security_init
2023/05/29 23:53 https://github.com/google/kmsan.git master f93f2feda5d6 cf184559 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in reiserfs_security_init
2023/05/29 22:50 https://github.com/google/kmsan.git master f93f2feda5d6 cf184559 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in reiserfs_security_init
2023/05/29 21:28 https://github.com/google/kmsan.git master f93f2feda5d6 cf184559 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in reiserfs_security_init
2023/05/29 20:54 https://github.com/google/kmsan.git master f93f2feda5d6 cf184559 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in reiserfs_security_init
2023/05/29 19:34 https://github.com/google/kmsan.git master f93f2feda5d6 cf184559 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in reiserfs_security_init
2023/05/29 18:14 https://github.com/google/kmsan.git master f93f2feda5d6 cf184559 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in reiserfs_security_init
2023/05/29 15:48 https://github.com/google/kmsan.git master f93f2feda5d6 cf184559 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in reiserfs_security_init
2023/05/29 15:23 https://github.com/google/kmsan.git master f93f2feda5d6 cf184559 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in reiserfs_security_init
2023/05/29 14:13 https://github.com/google/kmsan.git master f93f2feda5d6 cf184559 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in reiserfs_security_init
2023/05/29 13:12 https://github.com/google/kmsan.git master f93f2feda5d6 cf184559 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in reiserfs_security_init
2023/05/29 11:44 https://github.com/google/kmsan.git master f93f2feda5d6 cf184559 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in reiserfs_security_init
2023/05/29 10:31 https://github.com/google/kmsan.git master f93f2feda5d6 cf184559 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in reiserfs_security_init
2023/05/29 07:53 https://github.com/google/kmsan.git master f93f2feda5d6 cf184559 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in reiserfs_security_init
2023/05/29 05:36 https://github.com/google/kmsan.git master f93f2feda5d6 cf184559 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in reiserfs_security_init
2023/05/29 03:54 https://github.com/google/kmsan.git master f93f2feda5d6 cf184559 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in reiserfs_security_init
2023/05/29 03:04 https://github.com/google/kmsan.git master f93f2feda5d6 cf184559 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in reiserfs_security_init
2023/05/10 21:33 https://github.com/google/kmsan.git master 46e8b6e7cfeb 0fbd49f4 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in reiserfs_security_init
2023/05/10 06:55 https://github.com/google/kmsan.git master 46e8b6e7cfeb 1964022b .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in reiserfs_security_init
2023/05/10 02:39 https://github.com/google/kmsan.git master 46e8b6e7cfeb 1964022b .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in reiserfs_security_init
* Struck through repros no longer work on HEAD.