syzbot


KMSAN: kernel-infoleak in filemap_read

Status: upstream: reported C repro on 2024/01/13 16:02
Subsystems: block
[Documentation on labels]
Reported-by: syzbot+905d785c4923bea2c1db@syzkaller.appspotmail.com
First crash: 228d, last: 6h39m
Discussions (4)
Title Replies (including bot) Last reply
[syzbot] Monthly block report (Apr 2024) 0 (1) 2024/04/12 13:18
[syzbot] Monthly block report (Mar 2024) 0 (1) 2024/03/12 09:29
[syzbot] Monthly block report (Feb 2024) 0 (1) 2024/02/09 20:57
[syzbot] [block?] KMSAN: kernel-infoleak in filemap_read 0 (1) 2024/01/13 16:02

Sample crash report:
=====================================================
BUG: KMSAN: kernel-infoleak in instrument_copy_to_user include/linux/instrumented.h:114 [inline]
BUG: KMSAN: kernel-infoleak in copy_to_user_iter lib/iov_iter.c:24 [inline]
BUG: KMSAN: kernel-infoleak in iterate_ubuf include/linux/iov_iter.h:29 [inline]
BUG: KMSAN: kernel-infoleak in iterate_and_advance2 include/linux/iov_iter.h:245 [inline]
BUG: KMSAN: kernel-infoleak in iterate_and_advance include/linux/iov_iter.h:271 [inline]
BUG: KMSAN: kernel-infoleak in _copy_to_iter+0x366/0x2520 lib/iov_iter.c:185
 instrument_copy_to_user include/linux/instrumented.h:114 [inline]
 copy_to_user_iter lib/iov_iter.c:24 [inline]
 iterate_ubuf include/linux/iov_iter.h:29 [inline]
 iterate_and_advance2 include/linux/iov_iter.h:245 [inline]
 iterate_and_advance include/linux/iov_iter.h:271 [inline]
 _copy_to_iter+0x366/0x2520 lib/iov_iter.c:185
 copy_page_to_iter+0x419/0x870 lib/iov_iter.c:362
 copy_folio_to_iter include/linux/uio.h:180 [inline]
 filemap_read+0xbf4/0x14d0 mm/filemap.c:2654
 blkdev_read_iter+0x6c0/0x8e0 block/fops.c:757
 call_read_iter include/linux/fs.h:2081 [inline]
 new_sync_read fs/read_write.c:395 [inline]
 vfs_read+0xd8a/0xed0 fs/read_write.c:476
 ksys_read+0x20f/0x4c0 fs/read_write.c:619
 __do_sys_read fs/read_write.c:629 [inline]
 __se_sys_read fs/read_write.c:627 [inline]
 __x64_sys_read+0x93/0xd0 fs/read_write.c:627
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xcf/0x1e0 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x63/0x6b

Uninit was stored to memory at:
 memcpy_to_iter lib/iov_iter.c:65 [inline]
 iterate_bvec include/linux/iov_iter.h:122 [inline]
 iterate_and_advance2 include/linux/iov_iter.h:249 [inline]
 iterate_and_advance include/linux/iov_iter.h:271 [inline]
 _copy_to_iter+0xe43/0x2520 lib/iov_iter.c:185
 copy_page_to_iter+0x419/0x870 lib/iov_iter.c:362
 shmem_file_read_iter+0xa0a/0x12b0 mm/shmem.c:2839
 do_iter_readv_writev+0x655/0x7a0
 vfs_iter_read+0x275/0x6f0 fs/read_write.c:830
 lo_read_simple drivers/block/loop.c:286 [inline]
 do_req_filebacked drivers/block/loop.c:496 [inline]
 loop_handle_cmd drivers/block/loop.c:1909 [inline]
 loop_process_work+0x204a/0x3430 drivers/block/loop.c:1944
 loop_rootcg_workfn+0x2b/0x30 drivers/block/loop.c:1975
 process_one_work kernel/workqueue.c:2633 [inline]
 process_scheduled_works+0x1132/0x1f40 kernel/workqueue.c:2706
 worker_thread+0xea4/0x1560 kernel/workqueue.c:2787
 kthread+0x3ed/0x550 kernel/kthread.c:388
 ret_from_fork+0x66/0x80 arch/x86/kernel/process.c:147
 ret_from_fork_asm+0x11/0x20 arch/x86/entry/entry_64.S:243

Uninit was stored to memory at:
 memcpy_from_iter lib/iov_iter.c:73 [inline]
 iterate_bvec include/linux/iov_iter.h:122 [inline]
 iterate_and_advance2 include/linux/iov_iter.h:249 [inline]
 iterate_and_advance include/linux/iov_iter.h:271 [inline]
 __copy_from_iter lib/iov_iter.c:249 [inline]
 copy_page_from_iter_atomic+0x12b2/0x2b60 lib/iov_iter.c:481
 generic_perform_write+0x4ae/0xc40 mm/filemap.c:3938
 shmem_file_write_iter+0x2b5/0x2e0 mm/shmem.c:2893
 do_iter_readv_writev+0x655/0x7a0
 vfs_iter_write+0x455/0xd00 fs/read_write.c:895
 lo_write_bvec drivers/block/loop.c:246 [inline]
 lo_write_simple drivers/block/loop.c:267 [inline]
 do_req_filebacked drivers/block/loop.c:491 [inline]
 loop_handle_cmd drivers/block/loop.c:1909 [inline]
 loop_process_work+0x14f9/0x3430 drivers/block/loop.c:1944
 loop_rootcg_workfn+0x2b/0x30 drivers/block/loop.c:1975
 process_one_work kernel/workqueue.c:2633 [inline]
 process_scheduled_works+0x1132/0x1f40 kernel/workqueue.c:2706
 worker_thread+0xea4/0x1560 kernel/workqueue.c:2787
 kthread+0x3ed/0x550 kernel/kthread.c:388
 ret_from_fork+0x66/0x80 arch/x86/kernel/process.c:147
 ret_from_fork_asm+0x11/0x20 arch/x86/entry/entry_64.S:243

Uninit was stored to memory at:
 memcpy_to_page include/linux/highmem.h:427 [inline]
 hfsplus_bnode_write+0xee/0x2e0 fs/hfsplus/bnode.c:83
 hfsplus_brec_insert+0xa9d/0x1400 fs/hfsplus/brec.c:133
 hfsplus_create_cat+0x1309/0x1810 fs/hfsplus/catalog.c:308
 hfsplus_link+0x7de/0xc00 fs/hfsplus/dir.c:342
 vfs_link+0x936/0xb60 fs/namei.c:4608
 do_linkat+0x6e1/0x1160 fs/namei.c:4679
 __do_sys_link fs/namei.c:4713 [inline]
 __se_sys_link fs/namei.c:4711 [inline]
 __x64_sys_link+0xec/0x140 fs/namei.c:4711
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xcf/0x1e0 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x63/0x6b

Uninit was stored to memory at:
 hfsplus_cat_build_record fs/hfsplus/catalog.c:167 [inline]
 hfsplus_create_cat+0x11d1/0x1810 fs/hfsplus/catalog.c:300
 hfsplus_link+0x7de/0xc00 fs/hfsplus/dir.c:342
 vfs_link+0x936/0xb60 fs/namei.c:4608
 do_linkat+0x6e1/0x1160 fs/namei.c:4679
 __do_sys_link fs/namei.c:4713 [inline]
 __se_sys_link fs/namei.c:4711 [inline]
 __x64_sys_link+0xec/0x140 fs/namei.c:4711
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xcf/0x1e0 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x63/0x6b

Uninit was created at:
 __alloc_pages+0x9a6/0xe00 mm/page_alloc.c:4592
 __alloc_pages_node include/linux/gfp.h:238 [inline]
 alloc_pages_node include/linux/gfp.h:261 [inline]
 alloc_slab_page mm/slub.c:2190 [inline]
 allocate_slab mm/slub.c:2354 [inline]
 new_slab+0x2d7/0x1400 mm/slub.c:2407
 ___slab_alloc+0x16b5/0x3970 mm/slub.c:3540
 __slab_alloc mm/slub.c:3625 [inline]
 __slab_alloc_node mm/slub.c:3678 [inline]
 slab_alloc_node mm/slub.c:3850 [inline]
 kmem_cache_alloc_lru+0x64d/0xb30 mm/slub.c:3879
 alloc_inode_sb include/linux/fs.h:3018 [inline]
 hfsplus_alloc_inode+0x5a/0xc0 fs/hfsplus/super.c:633
 alloc_inode+0x83/0x440 fs/inode.c:260
 iget_locked+0x2c2/0xef0 fs/inode.c:1278
 hfsplus_iget+0x59/0xaf0 fs/hfsplus/super.c:64
 hfsplus_btree_open+0x13e/0x1d00 fs/hfsplus/btree.c:150
 hfsplus_fill_super+0x1113/0x26f0 fs/hfsplus/super.c:479
 mount_bdev+0x38f/0x510 fs/super.c:1658
 hfsplus_mount+0x4d/0x60 fs/hfsplus/super.c:647
 legacy_get_tree+0x110/0x290 fs/fs_context.c:662
 vfs_get_tree+0xa5/0x560 fs/super.c:1779
 do_new_mount+0x71f/0x15e0 fs/namespace.c:3352
 path_mount+0x73d/0x1f20 fs/namespace.c:3679
 do_mount fs/namespace.c:3692 [inline]
 __do_sys_mount fs/namespace.c:3898 [inline]
 __se_sys_mount+0x725/0x810 fs/namespace.c:3875
 __x64_sys_mount+0xe4/0x140 fs/namespace.c:3875
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xcf/0x1e0 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x63/0x6b

Bytes 3258-3261 of 4096 are uninitialized
Memory access of size 4096 starts at ffff888118bf8000
Data copied to user address 0000557df4acb168

CPU: 1 PID: 5031 Comm: udevd Not tainted 6.8.0-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/29/2024
=====================================================

Crashes (1683):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2024/03/11 17:41 upstream e8f897f4afef 6ee49f2e .config strace log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in filemap_read
2023/12/25 20:50 upstream 861deac3b092 fb427a07 .config strace log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in filemap_read
2024/04/21 02:07 upstream 977b1ef51866 af24b050 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in filemap_read
2024/04/20 21:52 upstream 13a2e429f644 af24b050 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in filemap_read
2024/04/20 16:33 upstream 13a2e429f644 af24b050 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in filemap_read
2024/04/20 14:40 upstream 13a2e429f644 af24b050 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in filemap_read
2024/04/20 11:33 upstream 13a2e429f644 af24b050 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in filemap_read
2024/04/20 08:36 upstream 3cdb45594619 af24b050 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in filemap_read
2024/04/19 12:00 upstream 2668e3ae2ef3 af24b050 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in filemap_read
2024/04/19 09:38 upstream 2668e3ae2ef3 af24b050 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in filemap_read
2024/04/17 23:35 upstream 96fca68c4fbf bd38b692 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in filemap_read
2024/04/17 22:02 upstream 96fca68c4fbf bd38b692 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in filemap_read
2024/04/17 14:41 upstream 96fca68c4fbf 18f6e127 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in filemap_read
2024/04/17 05:21 upstream 96fca68c4fbf 18f6e127 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in filemap_read
2024/04/16 22:30 upstream 96fca68c4fbf 18f6e127 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in filemap_read
2024/04/16 18:55 upstream 96fca68c4fbf 0d592ce4 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in filemap_read
2024/04/16 09:15 upstream cef27048e5c2 0d592ce4 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in filemap_read
2024/04/16 08:39 upstream cef27048e5c2 0d592ce4 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in filemap_read
2024/04/16 07:35 upstream cef27048e5c2 0d592ce4 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in filemap_read
2024/04/16 01:48 upstream 0bbac3facb5d 0d592ce4 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in filemap_read
2024/04/15 19:29 upstream 0bbac3facb5d 0d592ce4 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in filemap_read
2024/04/15 17:01 upstream 0bbac3facb5d c8349e48 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in filemap_read
2024/04/15 14:35 upstream 0bbac3facb5d c8349e48 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in filemap_read
2024/04/15 11:39 upstream 0bbac3facb5d c8349e48 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in filemap_read
2024/04/15 10:32 upstream 0bbac3facb5d c8349e48 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in filemap_read
2024/04/14 16:16 upstream 7efd0a74039f c8349e48 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in filemap_read
2024/04/13 20:25 upstream 8f2c057754b2 c8349e48 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in filemap_read
2024/01/09 15:35 upstream 9f8413c4a66f 4807fb37 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in filemap_read
2024/01/08 12:57 upstream 0dd3ee311255 4c0fd4bb .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: kernel-infoleak in filemap_read
2024/04/20 22:21 upstream 13a2e429f644 af24b050 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: kernel-infoleak in filemap_read
2024/04/20 19:44 upstream 13a2e429f644 af24b050 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: kernel-infoleak in filemap_read
2024/04/20 18:12 upstream 13a2e429f644 af24b050 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: kernel-infoleak in filemap_read
2024/04/19 17:54 upstream 2668e3ae2ef3 af24b050 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: kernel-infoleak in filemap_read
2024/04/19 17:50 upstream 2668e3ae2ef3 af24b050 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: kernel-infoleak in filemap_read
2024/04/19 13:21 upstream 2668e3ae2ef3 af24b050 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: kernel-infoleak in filemap_read
2024/04/19 07:25 upstream 2668e3ae2ef3 af24b050 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: kernel-infoleak in filemap_read
2024/04/19 04:37 upstream 8cd26fd90c1a af24b050 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: kernel-infoleak in filemap_read
2024/04/19 01:17 upstream 8cd26fd90c1a af24b050 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: kernel-infoleak in filemap_read
2024/04/18 21:49 upstream 8cd26fd90c1a af24b050 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: kernel-infoleak in filemap_read
2024/04/18 20:39 upstream 8cd26fd90c1a af24b050 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: kernel-infoleak in filemap_read
2024/04/18 04:21 upstream 4b6b51322118 bd38b692 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: kernel-infoleak in filemap_read
2024/04/17 12:56 upstream 96fca68c4fbf 18f6e127 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: kernel-infoleak in filemap_read
2024/04/15 23:26 upstream 0bbac3facb5d 0d592ce4 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: kernel-infoleak in filemap_read
2024/04/15 22:09 upstream 0bbac3facb5d 0d592ce4 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: kernel-infoleak in filemap_read
2024/04/15 08:18 upstream 0bbac3facb5d c8349e48 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: kernel-infoleak in filemap_read
2024/04/14 21:28 upstream 7efd0a74039f c8349e48 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: kernel-infoleak in filemap_read
2024/04/14 01:50 upstream fa4022cb7361 c8349e48 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: kernel-infoleak in filemap_read
2024/04/13 18:07 upstream 8f2c057754b2 c8349e48 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: kernel-infoleak in filemap_read
2023/12/20 10:49 upstream 55cb5f43689d 3ad490ea .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: kernel-infoleak in filemap_read
* Struck through repros no longer work on HEAD.