syzbot

 sign-in | mailing list | source | docs
🐞 Open [1498]
Subsystems
🐞 Fixed [6511]
🐞 Invalid [16556]
Missing Backports [204]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

KMSAN: uninit-value in hfsplus_rename_cat

Status: upstream: reported C repro on 2023/10/11 11:48
Subsystems: hfs
[Documentation on labels]
Reported-by: syzbot+93f4402297a457fc6895@syzkaller.appspotmail.com
First crash: 714d, last: 4h16m
Cause bisection: the issue happens on the oldest tested release (bisect log)
Crash: BUG: unable to handle kernel NULL pointer dereference in hfsplus_rename_cat (log)
Repro: C syz .config
  
Discussions (1)
Title Replies (including bot) Last reply
[syzbot] [hfs?] KMSAN: uninit-value in hfsplus_rename_cat 0 (2) 2024/12/12 08:22
Similar bugs (2)
Kernel Title Rank 🛈 Repro Cause bisect Fix bisect Count Last Reported Patched Status
linux-5.15 BUG: unable to handle kernel paging request in hfsplus_rename_cat origin:upstream 8 C 7 12d 103d 0/3 upstream: reported C repro on 2025/05/04 21:53
linux-6.1 BUG: unable to handle kernel paging request in hfsplus_rename_cat origin:upstream missing-backport 8 C inconclusive 6 223d 279d 0/3 upstream: reported C repro on 2024/11/09 17:58
Last patch testing requests (4)
Created Duration User Patch Repo Result
2024/12/12 08:22 1h12m dmantipov@yandex.ru patch https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git 231825b2e1ff6ba799c5eaf396d3ab2354e37c6b OK log
2024/02/13 14:10 16m retest repro upstream report log
2024/02/13 03:30 19m retest repro upstream OK log
2023/10/24 00:56 21m retest repro upstream report log

Sample crash report:
=====================================================
BUG: KMSAN: uninit-value in hfsplus_subfolders_dec fs/hfsplus/catalog.c:248 [inline]
BUG: KMSAN: uninit-value in hfsplus_rename_cat+0x10e5/0x16f0 fs/hfsplus/catalog.c:513
 hfsplus_subfolders_dec fs/hfsplus/catalog.c:248 [inline]
 hfsplus_rename_cat+0x10e5/0x16f0 fs/hfsplus/catalog.c:513
 hfsplus_rename+0x209/0x2e0 fs/hfsplus/dir.c:552
 vfs_rename+0x1d9d/0x2280 fs/namei.c:5069
 do_renameat2+0x18d0/0x1d50 fs/namei.c:5226
 __do_sys_renameat2 fs/namei.c:5260 [inline]
 __se_sys_renameat2 fs/namei.c:5257 [inline]
 __x64_sys_renameat2+0x154/0x1f0 fs/namei.c:5257
 x64_sys_call+0x204b/0x3c30 arch/x86/include/generated/asm/syscalls_64.h:317
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

Uninit was stored to memory at:
 hfsplus_subfolders_inc fs/hfsplus/catalog.c:232 [inline]
 hfsplus_create_cat+0x17f6/0x1800 fs/hfsplus/catalog.c:314
 hfsplus_mknod+0x201/0x560 fs/hfsplus/dir.c:494
 hfsplus_mkdir+0x58/0x70 fs/hfsplus/dir.c:529
 vfs_mkdir+0x4a0/0x780 fs/namei.c:4313
 do_mkdirat+0x529/0x820 fs/namei.c:4336
 __do_sys_mkdirat fs/namei.c:4351 [inline]
 __se_sys_mkdirat fs/namei.c:4349 [inline]
 __x64_sys_mkdirat+0xc6/0x120 fs/namei.c:4349
 x64_sys_call+0x1fad/0x3c30 arch/x86/include/generated/asm/syscalls_64.h:259
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

Uninit was stored to memory at:
 hfsplus_subfolders_inc fs/hfsplus/catalog.c:232 [inline]
 hfsplus_create_cat+0x17f6/0x1800 fs/hfsplus/catalog.c:314
 hfsplus_fill_super+0x2236/0x26e0 fs/hfsplus/super.c:561
 get_tree_bdev_flags+0x6ec/0x910 fs/super.c:1636
 get_tree_bdev+0x37/0x50 fs/super.c:1659
 hfsplus_get_tree+0x34/0x40 fs/hfsplus/super.c:640
 vfs_get_tree+0xb1/0x5a0 fs/super.c:1814
 do_new_mount+0x71f/0x15e0 fs/namespace.c:3560
 path_mount+0x742/0x1f10 fs/namespace.c:3887
 do_mount fs/namespace.c:3900 [inline]
 __do_sys_mount fs/namespace.c:4111 [inline]
 __se_sys_mount+0x71f/0x800 fs/namespace.c:4088
 __x64_sys_mount+0xe4/0x150 fs/namespace.c:4088
 x64_sys_call+0x39bf/0x3c30 arch/x86/include/generated/asm/syscalls_64.h:166
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

Uninit was created at:
 __alloc_frozen_pages_noprof+0x9a7/0xe00 mm/page_alloc.c:4763
 alloc_pages_mpol+0x4cd/0x890 mm/mempolicy.c:2270
 alloc_frozen_pages_noprof+0x1bf/0x1e0 mm/mempolicy.c:2341
 alloc_slab_page mm/slub.c:2423 [inline]
 allocate_slab+0x23a/0x1110 mm/slub.c:2587
 new_slab mm/slub.c:2640 [inline]
 ___slab_alloc+0x1287/0x3540 mm/slub.c:3826
 __slab_alloc mm/slub.c:3916 [inline]
 __slab_alloc_node mm/slub.c:3991 [inline]
 slab_alloc_node mm/slub.c:4152 [inline]
 kmem_cache_alloc_lru_noprof+0x855/0xe20 mm/slub.c:4183
 hfsplus_alloc_inode+0x5a/0xd0 fs/hfsplus/super.c:627
 alloc_inode+0x86/0x460 fs/inode.c:336
 iget_locked+0x250/0x1290 fs/inode.c:1487
 hfsplus_iget+0x59/0xae0 fs/hfsplus/super.c:65
 hfsplus_btree_open+0x13e/0x1ed0 fs/hfsplus/btree.c:150
 hfsplus_fill_super+0x1113/0x26e0 fs/hfsplus/super.c:474
 get_tree_bdev_flags+0x6ec/0x910 fs/super.c:1636
 get_tree_bdev+0x37/0x50 fs/super.c:1659
 hfsplus_get_tree+0x34/0x40 fs/hfsplus/super.c:640
 vfs_get_tree+0xb1/0x5a0 fs/super.c:1814
 do_new_mount+0x71f/0x15e0 fs/namespace.c:3560
 path_mount+0x742/0x1f10 fs/namespace.c:3887
 do_mount fs/namespace.c:3900 [inline]
 __do_sys_mount fs/namespace.c:4111 [inline]
 __se_sys_mount+0x71f/0x800 fs/namespace.c:4088
 __x64_sys_mount+0xe4/0x150 fs/namespace.c:4088
 x64_sys_call+0x39bf/0x3c30 arch/x86/include/generated/asm/syscalls_64.h:166
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

CPU: 1 UID: 0 PID: 5779 Comm: syz-executor256 Not tainted 6.14.0-rc7-syzkaller-00205-g586de92313fc #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
=====================================================

Crashes (1674):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2025/03/23 23:20 upstream 586de92313fc 4e8d3850 .config strace log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hfsplus_rename_cat
2025/07/21 15:45 upstream 89be9a83ccf1 56d87229 .config strace log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-upstream-fs general protection fault in hfsplus_rename_cat
2024/12/12 22:46 upstream 150b567e0d57 530e80f8 .config strace log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-upstream-fs general protection fault in hfsplus_rename_cat
2024/11/06 23:56 upstream 7758b206117d df3dc63b .config strace log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-upstream-fs general protection fault in hfsplus_rename_cat
2024/10/16 06:18 upstream 2f87d0916ce0 bde2d81c .config strace log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-upstream-fs general protection fault in hfsplus_rename_cat
2024/07/07 23:57 upstream c6653f49e4fd 2a40360c .config strace log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-upstream-fs general protection fault in hfsplus_rename_cat
2024/05/01 20:57 upstream 18daea77cca6 3ba885bc .config strace log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] ci-upstream-kasan-gce-smack-root general protection fault in hfsplus_rename_cat
2024/04/14 17:56 upstream fe46a7dd189e c8349e48 .config strace log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-upstream-fs general protection fault in hfsplus_rename_cat
2024/01/19 06:06 upstream 296455ade1fd 239abf84 .config strace log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] ci-upstream-kasan-badwrites-root general protection fault in hfsplus_rename_cat
2025/06/04 08:13 upstream 5abc7438f1e9 a30356b7 .config console log report syz / log C [disk image (non-bootable)] [vmlinux] [kernel image] [mounted in repro] ci-snapshot-upstream-root general protection fault in hfsplus_rename_cat
2024/05/14 20:07 linux-next 26dd54d03cd9 fdb4c10c .config strace log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] ci-upstream-linux-next-kasan-gce-root general protection fault in hfsplus_rename_cat
2023/10/07 12:34 upstream 82714078aee4 5e837c76 .config strace log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-upstream-fs general protection fault in hfsplus_rename_cat
2025/08/15 22:01 upstream d7ee5bdce789 1804e95e .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hfsplus_rename_cat
2025/08/15 16:35 upstream d7ee5bdce789 1804e95e .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hfsplus_rename_cat
2025/08/15 11:42 upstream 24ea63ea3877 dcc075fb .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hfsplus_rename_cat
2025/08/14 14:11 upstream 0cc53520e68b dcc075fb .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hfsplus_rename_cat
2025/08/14 06:23 upstream 91325f31afc1 22ec1469 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hfsplus_rename_cat
2025/08/13 16:44 upstream 8742b2d8935f 22ec1469 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hfsplus_rename_cat
2025/08/13 02:34 upstream 8742b2d8935f 22ec1469 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hfsplus_rename_cat
2025/08/12 12:34 upstream 53e760d89498 c06e8995 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hfsplus_rename_cat
2025/08/12 02:37 upstream 8f5ae30d69d7 32a0e5ed .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hfsplus_rename_cat
2025/08/12 01:21 upstream 8f5ae30d69d7 32a0e5ed .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hfsplus_rename_cat
2025/08/11 22:21 upstream 8f5ae30d69d7 32a0e5ed .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hfsplus_rename_cat
2025/08/11 20:16 upstream 8f5ae30d69d7 32a0e5ed .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hfsplus_rename_cat
2025/08/11 15:04 upstream 8f5ae30d69d7 32a0e5ed .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hfsplus_rename_cat
2025/08/11 03:34 upstream 8f5ae30d69d7 32a0e5ed .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hfsplus_rename_cat
2025/08/10 20:42 upstream 8f5ae30d69d7 32a0e5ed .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hfsplus_rename_cat
2025/08/09 05:16 upstream 37816488247d 32a0e5ed .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hfsplus_rename_cat
2025/08/09 03:29 upstream 37816488247d 32a0e5ed .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hfsplus_rename_cat
2025/08/08 19:11 upstream bec077162bd0 987b750d .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hfsplus_rename_cat
2025/08/08 17:55 upstream bec077162bd0 987b750d .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hfsplus_rename_cat
2025/08/08 14:53 upstream bec077162bd0 987b750d .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hfsplus_rename_cat
2025/08/08 10:41 upstream bec077162bd0 6a893178 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hfsplus_rename_cat
2025/08/08 01:29 upstream 6e64f4580381 6a893178 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hfsplus_rename_cat
2025/08/07 03:16 upstream cca7a0aae895 4bd24a3e .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hfsplus_rename_cat
2025/08/06 19:40 upstream a530a36bb548 4bd24a3e .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hfsplus_rename_cat
2025/08/06 17:02 upstream a530a36bb548 4bd24a3e .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hfsplus_rename_cat
2025/08/06 13:13 upstream a530a36bb548 4bd24a3e .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hfsplus_rename_cat
2025/08/06 08:44 upstream a530a36bb548 904e669c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hfsplus_rename_cat
2025/08/06 07:32 upstream a530a36bb548 904e669c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hfsplus_rename_cat
2025/08/05 16:48 upstream 5998f2bca43e 904e669c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hfsplus_rename_cat
2025/08/05 03:55 upstream d632ab86aff2 abdcb213 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hfsplus_rename_cat
2025/08/04 17:57 upstream d632ab86aff2 abdcb213 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hfsplus_rename_cat
2025/08/04 13:35 upstream 352af6a011d5 7368264b .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hfsplus_rename_cat
2025/08/04 10:15 upstream 352af6a011d5 7368264b .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hfsplus_rename_cat
2025/08/04 08:57 upstream 352af6a011d5 7368264b .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hfsplus_rename_cat
2025/08/04 06:18 upstream 352af6a011d5 7368264b .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hfsplus_rename_cat
2025/08/04 01:28 upstream 352af6a011d5 7368264b .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hfsplus_rename_cat
2025/08/03 18:04 upstream 89748acdf226 7368264b .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hfsplus_rename_cat
2025/08/03 15:53 upstream 89748acdf226 7368264b .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hfsplus_rename_cat
2025/08/03 10:36 upstream 89748acdf226 7368264b .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hfsplus_rename_cat
2025/08/15 14:36 upstream d7ee5bdce789 1804e95e .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in hfsplus_rename_cat
2025/08/14 20:03 upstream 24ea63ea3877 dcc075fb .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in hfsplus_rename_cat
2025/08/13 19:04 upstream 91325f31afc1 22ec1469 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in hfsplus_rename_cat
2025/08/13 19:00 upstream 91325f31afc1 22ec1469 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in hfsplus_rename_cat
2025/08/11 00:57 upstream 8f5ae30d69d7 32a0e5ed .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in hfsplus_rename_cat
2025/08/10 17:41 upstream 2b38afce25c4 32a0e5ed .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in hfsplus_rename_cat
2025/08/10 12:34 upstream 2b38afce25c4 32a0e5ed .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in hfsplus_rename_cat
2025/08/09 22:01 upstream 561c80369df0 32a0e5ed .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in hfsplus_rename_cat
2025/08/09 02:28 upstream 37816488247d 32a0e5ed .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in hfsplus_rename_cat
2025/08/08 02:30 upstream d2eedaa3909b 6a893178 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in hfsplus_rename_cat
2025/08/07 13:44 upstream d2eedaa3909b 04cffc22 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in hfsplus_rename_cat
2023/12/12 12:03 upstream 26aff849438c 28b24332 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in hfsplus_rename_cat
2023/09/27 01:53 upstream 50768a425b46 0b6a67ac .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in hfsplus_rename_cat
2025/07/15 21:45 upstream 155a3c003e55 03fcfc4b .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root general protection fault in hfsplus_rename_cat
2025/07/09 00:41 upstream d006330be3f7 4d9fdfa4 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs general protection fault in hfsplus_rename_cat
2025/06/20 20:52 upstream 41687a5c6f8b 804b3919 .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root general protection fault in hfsplus_rename_cat
2025/08/13 15:05 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 8f5ae30d69d7 22ec1469 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 BUG: unable to handle kernel paging request in hfsplus_rename_cat
2025/07/27 12:35 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 82af5ea7c611 fb8f743d .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 BUG: unable to handle kernel paging request in hfsplus_rename_cat
* Struck through repros no longer work on HEAD.