syzbot

 sign-in | mailing list | source | docs
🐞 Open [1227]
Subsystems
🐞 Fixed [5639]
🐞 Invalid [13738]
Missing Backports [100]
Kernel Health Bugs/Month Bug Lifetimes Fuzzing Crashes
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

KMSAN: uninit-value in udf_get_fileshortad

Status: upstream: reported C repro on 2024/09/17 14:52
Subsystems: udf
[Documentation on labels]
Reported-by: syzbot+8901c4560b7ab5c2f9df@syzkaller.appspotmail.com
First crash: 7d10h, last: 5d11h
Discussions (2)
Title Replies (including bot) Last reply
[PATCH] udf: fix uninit-value use in udf_get_fileshortad 1 (1) 2024/09/19 19:52
[syzbot] [udf?] KMSAN: uninit-value in udf_get_fileshortad 0 (2) 2024/09/19 15:42
Last patch testing requests (1)
Created Duration User Patch Repo Result
2024/09/19 15:42 29m gianf.trad@gmail.com patch upstream OK log

Sample crash report:
loop0: detected capacity change from 2048 to 2047
=====================================================
BUG: KMSAN: uninit-value in udf_get_fileshortad+0x174/0x1c0 fs/udf/directory.c:504
 udf_get_fileshortad+0x174/0x1c0 fs/udf/directory.c:504
 udf_current_aext+0x6cb/0x950 fs/udf/inode.c:2225
 udf_next_aext+0x94/0x500 fs/udf/inode.c:2171
 udf_discard_prealloc+0x47c/0x830 fs/udf/truncate.c:135
 udf_release_file+0xfd/0x160 fs/udf/file.c:184
 __fput+0x344/0x1160 fs/file_table.c:422
 __fput_sync+0x74/0x90 fs/file_table.c:507
 __do_sys_close fs/open.c:1566 [inline]
 __se_sys_close+0x290/0x4d0 fs/open.c:1551
 __x64_sys_close+0x48/0x60 fs/open.c:1551
 x64_sys_call+0x2c26/0x3ba0 arch/x86/include/generated/asm/syscalls_64.h:4
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

Uninit was created at:
 __alloc_pages_noprof+0x9d6/0xe70 mm/page_alloc.c:4725
 alloc_pages_mpol_noprof+0x299/0x990 mm/mempolicy.c:2263
 alloc_pages_noprof mm/mempolicy.c:2343 [inline]
 folio_alloc_noprof+0x1db/0x310 mm/mempolicy.c:2350
 filemap_alloc_folio_noprof+0xa6/0x440 mm/filemap.c:1008
 __filemap_get_folio+0xa05/0x14b0 mm/filemap.c:1950
 grow_dev_folio fs/buffer.c:1047 [inline]
 grow_buffers fs/buffer.c:1113 [inline]
 __getblk_slow fs/buffer.c:1139 [inline]
 bdev_getblk+0x2c9/0xab0 fs/buffer.c:1441
 __bread_gfp+0x93/0x730 fs/buffer.c:1495
 sb_bread include/linux/buffer_head.h:347 [inline]
 udf_next_aext+0x302/0x500 fs/udf/inode.c:2186
 udf_discard_prealloc+0x47c/0x830 fs/udf/truncate.c:135
 udf_release_file+0xfd/0x160 fs/udf/file.c:184
 __fput+0x344/0x1160 fs/file_table.c:422
 __fput_sync+0x74/0x90 fs/file_table.c:507
 __do_sys_close fs/open.c:1566 [inline]
 __se_sys_close+0x290/0x4d0 fs/open.c:1551
 __x64_sys_close+0x48/0x60 fs/open.c:1551
 x64_sys_call+0x2c26/0x3ba0 arch/x86/include/generated/asm/syscalls_64.h:4
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

CPU: 1 UID: 0 PID: 5181 Comm: syz-executor248 Not tainted 6.11.0-rc7-syzkaller-00149-g0babf683783d #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
=====================================================

Crashes (3):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2024/09/15 13:50 upstream 0babf683783d 08d8a733 .config strace log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro] ci-upstream-kmsan-gce-root KMSAN: uninit-value in udf_get_fileshortad
2024/09/13 14:40 upstream 196145c606d0 73e8a465 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in udf_get_fileshortad
2024/09/13 14:40 upstream 196145c606d0 73e8a465 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in udf_get_fileshortad
* Struck through repros no longer work on HEAD.