syzbot

 sign-in | mailing list | source | docs
🐞 Open [1596]
Subsystems
🐞 Fixed [6224]
🐞 Invalid [15742]
Missing Backports [183]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

KMSAN: uninit-value in hfsplus_rename_cat

Status: upstream: reported C repro on 2023/10/11 11:48
Subsystems: hfs
[Documentation on labels]
Reported-by: syzbot+93f4402297a457fc6895@syzkaller.appspotmail.com
First crash: 619d, last: 4h05m
Cause bisection: the issue happens on the oldest tested release (bisect log)
Crash: BUG: unable to handle kernel NULL pointer dereference in hfsplus_rename_cat (log)
Repro: C syz .config
  
Discussions (1)
Title Replies (including bot) Last reply
[syzbot] [hfs?] KMSAN: uninit-value in hfsplus_rename_cat 0 (2) 2024/12/12 08:22
Similar bugs (2)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
linux-5.15 BUG: unable to handle kernel paging request in hfsplus_rename_cat origin:upstream C 5 7d07h 7d13h 0/3 upstream: reported C repro on 2025/05/04 21:53
linux-6.1 BUG: unable to handle kernel paging request in hfsplus_rename_cat origin:upstream missing-backport C inconclusive 6 128d 183d 0/3 upstream: reported C repro on 2024/11/09 17:58
Last patch testing requests (4)
Created Duration User Patch Repo Result
2024/12/12 08:22 1h12m dmantipov@yandex.ru patch https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git 231825b2e1ff6ba799c5eaf396d3ab2354e37c6b OK log
2024/02/13 14:10 16m retest repro upstream report log
2024/02/13 03:30 19m retest repro upstream OK log
2023/10/24 00:56 21m retest repro upstream report log

Sample crash report:
=====================================================
BUG: KMSAN: uninit-value in hfsplus_subfolders_dec fs/hfsplus/catalog.c:248 [inline]
BUG: KMSAN: uninit-value in hfsplus_rename_cat+0x10e5/0x16f0 fs/hfsplus/catalog.c:513
 hfsplus_subfolders_dec fs/hfsplus/catalog.c:248 [inline]
 hfsplus_rename_cat+0x10e5/0x16f0 fs/hfsplus/catalog.c:513
 hfsplus_rename+0x209/0x2e0 fs/hfsplus/dir.c:552
 vfs_rename+0x1d9d/0x2280 fs/namei.c:5069
 do_renameat2+0x18d0/0x1d50 fs/namei.c:5226
 __do_sys_renameat2 fs/namei.c:5260 [inline]
 __se_sys_renameat2 fs/namei.c:5257 [inline]
 __x64_sys_renameat2+0x154/0x1f0 fs/namei.c:5257
 x64_sys_call+0x204b/0x3c30 arch/x86/include/generated/asm/syscalls_64.h:317
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

Uninit was stored to memory at:
 hfsplus_subfolders_inc fs/hfsplus/catalog.c:232 [inline]
 hfsplus_create_cat+0x17f6/0x1800 fs/hfsplus/catalog.c:314
 hfsplus_mknod+0x201/0x560 fs/hfsplus/dir.c:494
 hfsplus_mkdir+0x58/0x70 fs/hfsplus/dir.c:529
 vfs_mkdir+0x4a0/0x780 fs/namei.c:4313
 do_mkdirat+0x529/0x820 fs/namei.c:4336
 __do_sys_mkdirat fs/namei.c:4351 [inline]
 __se_sys_mkdirat fs/namei.c:4349 [inline]
 __x64_sys_mkdirat+0xc6/0x120 fs/namei.c:4349
 x64_sys_call+0x1fad/0x3c30 arch/x86/include/generated/asm/syscalls_64.h:259
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

Uninit was stored to memory at:
 hfsplus_subfolders_inc fs/hfsplus/catalog.c:232 [inline]
 hfsplus_create_cat+0x17f6/0x1800 fs/hfsplus/catalog.c:314
 hfsplus_fill_super+0x2236/0x26e0 fs/hfsplus/super.c:561
 get_tree_bdev_flags+0x6ec/0x910 fs/super.c:1636
 get_tree_bdev+0x37/0x50 fs/super.c:1659
 hfsplus_get_tree+0x34/0x40 fs/hfsplus/super.c:640
 vfs_get_tree+0xb1/0x5a0 fs/super.c:1814
 do_new_mount+0x71f/0x15e0 fs/namespace.c:3560
 path_mount+0x742/0x1f10 fs/namespace.c:3887
 do_mount fs/namespace.c:3900 [inline]
 __do_sys_mount fs/namespace.c:4111 [inline]
 __se_sys_mount+0x71f/0x800 fs/namespace.c:4088
 __x64_sys_mount+0xe4/0x150 fs/namespace.c:4088
 x64_sys_call+0x39bf/0x3c30 arch/x86/include/generated/asm/syscalls_64.h:166
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

Uninit was created at:
 __alloc_frozen_pages_noprof+0x9a7/0xe00 mm/page_alloc.c:4763
 alloc_pages_mpol+0x4cd/0x890 mm/mempolicy.c:2270
 alloc_frozen_pages_noprof+0x1bf/0x1e0 mm/mempolicy.c:2341
 alloc_slab_page mm/slub.c:2423 [inline]
 allocate_slab+0x23a/0x1110 mm/slub.c:2587
 new_slab mm/slub.c:2640 [inline]
 ___slab_alloc+0x1287/0x3540 mm/slub.c:3826
 __slab_alloc mm/slub.c:3916 [inline]
 __slab_alloc_node mm/slub.c:3991 [inline]
 slab_alloc_node mm/slub.c:4152 [inline]
 kmem_cache_alloc_lru_noprof+0x855/0xe20 mm/slub.c:4183
 hfsplus_alloc_inode+0x5a/0xd0 fs/hfsplus/super.c:627
 alloc_inode+0x86/0x460 fs/inode.c:336
 iget_locked+0x250/0x1290 fs/inode.c:1487
 hfsplus_iget+0x59/0xae0 fs/hfsplus/super.c:65
 hfsplus_btree_open+0x13e/0x1ed0 fs/hfsplus/btree.c:150
 hfsplus_fill_super+0x1113/0x26e0 fs/hfsplus/super.c:474
 get_tree_bdev_flags+0x6ec/0x910 fs/super.c:1636
 get_tree_bdev+0x37/0x50 fs/super.c:1659
 hfsplus_get_tree+0x34/0x40 fs/hfsplus/super.c:640
 vfs_get_tree+0xb1/0x5a0 fs/super.c:1814
 do_new_mount+0x71f/0x15e0 fs/namespace.c:3560
 path_mount+0x742/0x1f10 fs/namespace.c:3887
 do_mount fs/namespace.c:3900 [inline]
 __do_sys_mount fs/namespace.c:4111 [inline]
 __se_sys_mount+0x71f/0x800 fs/namespace.c:4088
 __x64_sys_mount+0xe4/0x150 fs/namespace.c:4088
 x64_sys_call+0x39bf/0x3c30 arch/x86/include/generated/asm/syscalls_64.h:166
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xcd/0x1e0 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

CPU: 1 UID: 0 PID: 5779 Comm: syz-executor256 Not tainted 6.14.0-rc7-syzkaller-00205-g586de92313fc #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
=====================================================

Crashes (1259):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2025/03/23 23:20 upstream 586de92313fc 4e8d3850 .config strace log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hfsplus_rename_cat
2024/12/12 22:46 upstream 150b567e0d57 530e80f8 .config strace log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-upstream-fs general protection fault in hfsplus_rename_cat
2024/11/06 23:56 upstream 7758b206117d df3dc63b .config strace log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-upstream-fs general protection fault in hfsplus_rename_cat
2024/10/16 06:18 upstream 2f87d0916ce0 bde2d81c .config strace log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-upstream-fs general protection fault in hfsplus_rename_cat
2024/07/07 23:57 upstream c6653f49e4fd 2a40360c .config strace log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-upstream-fs general protection fault in hfsplus_rename_cat
2024/05/01 20:57 upstream 18daea77cca6 3ba885bc .config strace log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] ci-upstream-kasan-gce-smack-root general protection fault in hfsplus_rename_cat
2024/04/14 17:56 upstream fe46a7dd189e c8349e48 .config strace log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-upstream-fs general protection fault in hfsplus_rename_cat
2024/01/19 06:06 upstream 296455ade1fd 239abf84 .config strace log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] ci-upstream-kasan-badwrites-root general protection fault in hfsplus_rename_cat
2024/05/14 20:07 linux-next 26dd54d03cd9 fdb4c10c .config strace log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] ci-upstream-linux-next-kasan-gce-root general protection fault in hfsplus_rename_cat
2023/10/07 12:34 upstream 82714078aee4 5e837c76 .config strace log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-upstream-fs general protection fault in hfsplus_rename_cat
2025/05/12 06:53 upstream 02ddfb981de8 77908e5f .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hfsplus_rename_cat
2025/05/11 20:43 upstream 02ddfb981de8 77908e5f .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hfsplus_rename_cat
2025/05/11 14:43 upstream 02ddfb981de8 77908e5f .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hfsplus_rename_cat
2025/05/11 13:13 upstream 02ddfb981de8 77908e5f .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hfsplus_rename_cat
2025/05/11 07:11 upstream 02ddfb981de8 77908e5f .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hfsplus_rename_cat
2025/05/11 03:53 upstream 02ddfb981de8 77908e5f .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hfsplus_rename_cat
2025/05/11 02:32 upstream 02ddfb981de8 77908e5f .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hfsplus_rename_cat
2025/05/10 21:31 upstream 02ddfb981de8 77908e5f .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hfsplus_rename_cat
2025/05/10 07:12 upstream 02ddfb981de8 77908e5f .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hfsplus_rename_cat
2025/05/09 20:30 upstream 02ddfb981de8 bb813bcc .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hfsplus_rename_cat
2025/05/09 17:28 upstream 02ddfb981de8 bb813bcc .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hfsplus_rename_cat
2025/05/09 07:20 upstream 02ddfb981de8 bb813bcc .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hfsplus_rename_cat
2025/05/09 04:04 upstream 02ddfb981de8 dbf35fa1 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hfsplus_rename_cat
2025/05/08 07:53 upstream 02ddfb981de8 dbf35fa1 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hfsplus_rename_cat
2025/05/07 07:45 upstream 02ddfb981de8 350f4ffc .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hfsplus_rename_cat
2025/05/07 06:19 upstream 02ddfb981de8 350f4ffc .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hfsplus_rename_cat
2025/05/07 03:42 upstream 02ddfb981de8 350f4ffc .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hfsplus_rename_cat
2025/05/06 18:30 upstream 02ddfb981de8 ae98e6b9 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hfsplus_rename_cat
2025/05/06 03:39 upstream 02ddfb981de8 ae98e6b9 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hfsplus_rename_cat
2025/05/05 17:30 upstream 02ddfb981de8 6ca47dd8 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hfsplus_rename_cat
2025/05/05 14:21 upstream 02ddfb981de8 6ca47dd8 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hfsplus_rename_cat
2025/05/05 11:36 upstream 02ddfb981de8 b0714e37 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hfsplus_rename_cat
2025/05/05 08:40 upstream 02ddfb981de8 b0714e37 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hfsplus_rename_cat
2025/05/05 07:21 upstream 02ddfb981de8 b0714e37 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hfsplus_rename_cat
2025/05/05 04:58 upstream 02ddfb981de8 b0714e37 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hfsplus_rename_cat
2025/05/05 02:34 upstream 02ddfb981de8 b0714e37 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hfsplus_rename_cat
2025/05/05 00:53 upstream 02ddfb981de8 b0714e37 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hfsplus_rename_cat
2025/05/04 21:41 upstream 02ddfb981de8 b0714e37 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hfsplus_rename_cat
2025/05/04 13:40 upstream 02ddfb981de8 b0714e37 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hfsplus_rename_cat
2025/05/04 11:08 upstream 02ddfb981de8 b0714e37 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hfsplus_rename_cat
2025/05/04 09:51 upstream 02ddfb981de8 b0714e37 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hfsplus_rename_cat
2025/05/03 22:16 upstream 02ddfb981de8 b0714e37 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hfsplus_rename_cat
2025/05/03 07:32 upstream 02ddfb981de8 b0714e37 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hfsplus_rename_cat
2025/05/02 14:25 upstream 02ddfb981de8 2bfec9c0 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hfsplus_rename_cat
2025/05/02 07:41 upstream 02ddfb981de8 51b137cd .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hfsplus_rename_cat
2025/05/01 12:09 upstream 02ddfb981de8 ce7952f4 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hfsplus_rename_cat
2025/05/01 04:34 upstream 02ddfb981de8 ce7952f4 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hfsplus_rename_cat
2025/05/11 22:33 upstream 02ddfb981de8 77908e5f .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in hfsplus_rename_cat
2025/05/11 11:45 upstream 02ddfb981de8 77908e5f .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in hfsplus_rename_cat
2025/05/10 08:47 upstream 02ddfb981de8 77908e5f .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in hfsplus_rename_cat
2025/05/09 21:34 upstream 02ddfb981de8 bb813bcc .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in hfsplus_rename_cat
2025/05/09 06:34 upstream 02ddfb981de8 bb813bcc .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in hfsplus_rename_cat
2025/05/08 00:34 upstream 02ddfb981de8 dbf35fa1 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in hfsplus_rename_cat
2025/05/06 14:50 upstream 02ddfb981de8 ae98e6b9 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in hfsplus_rename_cat
2025/05/06 04:56 upstream 02ddfb981de8 ae98e6b9 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in hfsplus_rename_cat
2025/05/06 04:52 upstream 02ddfb981de8 ae98e6b9 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in hfsplus_rename_cat
2025/05/05 23:22 upstream 02ddfb981de8 6ca47dd8 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in hfsplus_rename_cat
2025/05/05 21:01 upstream 02ddfb981de8 6ca47dd8 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in hfsplus_rename_cat
2025/05/01 17:39 upstream 02ddfb981de8 51b137cd .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in hfsplus_rename_cat
2023/12/12 12:03 upstream 26aff849438c 28b24332 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in hfsplus_rename_cat
2023/09/27 01:53 upstream 50768a425b46 0b6a67ac .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in hfsplus_rename_cat
2025/05/02 17:00 upstream ebd297a2affa b0714e37 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs general protection fault in hfsplus_rename_cat
2025/04/28 06:07 upstream b4432656b36e c6b4fb39 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs general protection fault in hfsplus_rename_cat
2024/11/16 22:06 upstream e8bdb3c8be08 cfe3a04a .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root general protection fault in hfsplus_rename_cat
2025/02/26 12:33 upstream ac9c34d1e45a d34966d1 .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root general protection fault in hfsplus_rename_cat
2025/05/03 12:46 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci e0f4c8dd9d2d b0714e37 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 BUG: unable to handle kernel paging request in hfsplus_rename_cat
* Struck through repros no longer work on HEAD.