syzbot

 sign-in | mailing list | source | docs
🐞 Open [969] Subsystems 🐞 Fixed [4558] 🐞 Invalid [10510] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

KMSAN: uninit-value in hfsplus_listxattr

Status: upstream: reported on 2023/03/06 18:06
Labels: hfs (incorrect?)
Reported-by: syzbot+92ef9ee419803871020e@syzkaller.appspotmail.com
First crash: 141d, last: 34d
Discussions (3)
Title Replies (including bot) Last reply
Re: [syzbot] [hfs?] KMSAN: uninit-value in hfsplus_listxattr 1 (1) 2023/05/22 10:56
[PATCH] fs: hfsplus: fix uninit-value bug in hfsplus_listxattr 2 (2) 2023/05/11 04:36
[syzbot] [hfs?] KMSAN: uninit-value in hfsplus_listxattr 0 (1) 2023/03/06 18:06

Sample crash report:
loop3: detected capacity change from 0 to 1024
hfsplus: Filesystem was not cleanly unmounted, running fsck.hfsplus is recommended.  mounting read-only.
=====================================================
BUG: KMSAN: uninit-value in strncmp+0x11e/0x180 lib/string.c:307
 strncmp+0x11e/0x180 lib/string.c:307
 is_known_namespace fs/hfsplus/xattr.c:45 [inline]
 name_len fs/hfsplus/xattr.c:397 [inline]
 hfsplus_listxattr+0xe61/0x1aa0 fs/hfsplus/xattr.c:746
 vfs_listxattr fs/xattr.c:473 [inline]
 listxattr+0x700/0x780 fs/xattr.c:820
 path_listxattr fs/xattr.c:844 [inline]
 __do_sys_llistxattr fs/xattr.c:862 [inline]
 __se_sys_llistxattr fs/xattr.c:859 [inline]
 __ia32_sys_llistxattr+0x171/0x300 fs/xattr.c:859
 do_syscall_32_irqs_on arch/x86/entry/common.c:112 [inline]
 __do_fast_syscall_32+0xa2/0x100 arch/x86/entry/common.c:178
 do_fast_syscall_32+0x37/0x80 arch/x86/entry/common.c:203
 do_SYSENTER_32+0x1f/0x30 arch/x86/entry/common.c:246
 entry_SYSENTER_compat_after_hwframe+0x70/0x82

Uninit was created at:
 slab_post_alloc_hook+0x12d/0xb60 mm/slab.h:774
 slab_alloc_node mm/slub.c:3452 [inline]
 __kmem_cache_alloc_node+0x518/0x920 mm/slub.c:3491
 kmalloc_trace+0x51/0x200 mm/slab_common.c:1061
 kmalloc include/linux/slab.h:580 [inline]
 hfsplus_listxattr+0x4e0/0x1aa0 fs/hfsplus/xattr.c:701
 vfs_listxattr fs/xattr.c:473 [inline]
 listxattr+0x700/0x780 fs/xattr.c:820
 path_listxattr fs/xattr.c:844 [inline]
 __do_sys_llistxattr fs/xattr.c:862 [inline]
 __se_sys_llistxattr fs/xattr.c:859 [inline]
 __ia32_sys_llistxattr+0x171/0x300 fs/xattr.c:859
 do_syscall_32_irqs_on arch/x86/entry/common.c:112 [inline]
 __do_fast_syscall_32+0xa2/0x100 arch/x86/entry/common.c:178
 do_fast_syscall_32+0x37/0x80 arch/x86/entry/common.c:203
 do_SYSENTER_32+0x1f/0x30 arch/x86/entry/common.c:246
 entry_SYSENTER_compat_after_hwframe+0x70/0x82

CPU: 1 PID: 7070 Comm: syz-executor.3 Not tainted 6.3.0-syzkaller-g81af97bdef5e #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/14/2023
=====================================================

Crashes (2):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets Manager Title
2023/04/29 13:35 https://github.com/google/kmsan.git master 81af97bdef5e 62df2017 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in hfsplus_listxattr
2023/01/11 23:37 https://github.com/google/kmsan.git master 80383273f7a0 96166539 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in hfsplus_listxattr
* Struck through repros no longer work on HEAD.