syzbot

 sign-in | mailing list | source | docs
🐞 Open [1542]
Subsystems
🐞 Fixed [6203]
🐞 Invalid [15581]
Missing Backports [181]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

KASAN: slab-out-of-bounds Read in search_by_key (2)

Status: fixed on 2024/01/30 15:47
Subsystems: reiserfs
[Documentation on labels]
Reported-by: syzbot+b3b14fb9f8a14c5d0267@syzkaller.appspotmail.com
Fix commit: dd8f87f21dc3 reiserfs: fix uninit-value in comp_keys
First crash: 901d, last: 469d
Discussions (9)
Title Replies (including bot) Last reply
[PATCH] reiserfs: fix uninit-value in comp_keys 2 (2) 2023/12/28 10:57
[syzbot] KASAN: slab-out-of-bounds Read in search_by_key (2) 1 (4) 2023/12/26 02:07
[syzbot] Monthly reiserfs report (Dec 2023) 0 (1) 2023/12/04 12:39
[syzbot] Monthly reiserfs report (Nov 2023) 0 (1) 2023/11/03 10:22
[syzbot] Monthly reiserfs report (Aug 2023) 0 (1) 2023/08/30 09:54
[syzbot] Monthly reiserfs report (Jul 2023) 0 (1) 2023/07/30 13:16
[syzbot] Monthly reiserfs report (May 2023) 0 (1) 2023/05/29 08:47
[syzbot] Monthly reiserfs report (Apr 2023) 0 (1) 2023/04/27 10:49
[syzbot] Monthly reiserfs report 0 (1) 2023/03/27 11:03
Similar bugs (2)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KASAN: slab-out-of-bounds Read in search_by_key reiserfs 1 1123d 1119d 0/28 auto-closed as invalid on 2022/06/23 17:15
upstream KMSAN: uninit-value in search_by_key reiserfs 1549 1622d 1673d 15/28 fixed on 2020/11/16 12:12
Last patch testing requests (1)
Created Duration User Patch Repo Result
2023/12/26 00:11 1h54m eadavis@qq.com patch https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git 861deac3b092 OK log

Sample crash report:
reiserfs: enabling write barrier flush mode
REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage.
=====================================================
BUG: KMSAN: uninit-value in comp_keys fs/reiserfs/stree.c:83 [inline]
BUG: KMSAN: uninit-value in bin_search fs/reiserfs/stree.c:173 [inline]
BUG: KMSAN: uninit-value in search_by_key+0x3293/0x6780 fs/reiserfs/stree.c:770
 comp_keys fs/reiserfs/stree.c:83 [inline]
 bin_search fs/reiserfs/stree.c:173 [inline]
 search_by_key+0x3293/0x6780 fs/reiserfs/stree.c:770
 reiserfs_delete_solid_item+0x4ec/0xe90 fs/reiserfs/stree.c:1419
 remove_save_link+0x2ed/0x420 fs/reiserfs/super.c:540
 reiserfs_truncate_file+0xd00/0x1b70 fs/reiserfs/inode.c:2314
 reiserfs_setattr+0x1b79/0x1ee0 fs/reiserfs/inode.c:3388
 notify_change+0x19fd/0x1af0 fs/attr.c:499
 do_truncate+0x22a/0x2a0 fs/open.c:66
 do_sys_ftruncate+0x81c/0xb30 fs/open.c:194
 __do_sys_ftruncate fs/open.c:205 [inline]
 __se_sys_ftruncate fs/open.c:203 [inline]
 __x64_sys_ftruncate+0x71/0xa0 fs/open.c:203
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0x44/0x110 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x63/0x6b

Local variable cpu_key created at:
 reiserfs_delete_solid_item+0xbf/0xe90 fs/reiserfs/stree.c:1410
 remove_save_link+0x2ed/0x420 fs/reiserfs/super.c:540

CPU: 0 PID: 5009 Comm: syz-executor196 Not tainted 6.7.0-rc8-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023
=====================================================

Crashes (4435):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2024/01/03 02:06 upstream 610a9b8f49fb fb427a07 .config strace log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] ci-upstream-kmsan-gce-root KMSAN: uninit-value in search_by_key
2023/12/25 20:27 upstream 861deac3b092 fb427a07 .config strace log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] ci-upstream-kmsan-gce-root KMSAN: uninit-value in search_by_key
2022/11/03 05:18 upstream b229b6ca5abb 7a2ebf95 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-fs KASAN: slab-out-of-bounds Read in search_by_key
2024/01/08 20:45 upstream 0dd3ee311255 4c0fd4bb .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in search_by_key
2024/01/08 17:36 upstream 0dd3ee311255 4c0fd4bb .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in search_by_key
2024/01/08 17:04 upstream 0dd3ee311255 4c0fd4bb .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in search_by_key
2024/01/08 16:03 upstream 0dd3ee311255 4c0fd4bb .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in search_by_key
2024/01/08 15:02 upstream 0dd3ee311255 4c0fd4bb .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in search_by_key
2024/01/08 09:25 upstream 0dd3ee311255 d0304e9c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in search_by_key
2024/01/08 05:37 upstream 0dd3ee311255 d0304e9c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in search_by_key
2024/01/07 18:24 upstream 52b1853b080a d0304e9c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in search_by_key
2024/01/07 13:53 upstream 52b1853b080a d0304e9c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in search_by_key
2024/01/07 11:35 upstream 52b1853b080a d0304e9c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in search_by_key
2024/01/07 09:45 upstream 52b1853b080a d0304e9c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in search_by_key
2024/01/07 08:32 upstream 52b1853b080a d0304e9c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in search_by_key
2024/01/06 22:51 upstream 95c8a35f1c01 d0304e9c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in search_by_key
2024/01/06 20:58 upstream 95c8a35f1c01 d0304e9c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in search_by_key
2024/01/06 19:38 upstream 95c8a35f1c01 d0304e9c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in search_by_key
2024/01/06 16:50 upstream 95c8a35f1c01 d0304e9c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in search_by_key
2024/01/06 16:50 upstream 95c8a35f1c01 d0304e9c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in search_by_key
2024/01/06 09:44 upstream 6d0dc8559c84 d0304e9c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in search_by_key
2024/01/06 05:17 upstream 6d0dc8559c84 d0304e9c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in search_by_key
2024/01/06 02:22 upstream 6d0dc8559c84 d0304e9c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in search_by_key
2024/01/06 01:02 upstream 6d0dc8559c84 d0304e9c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in search_by_key
2024/01/05 17:16 upstream 1f874787ed9a 28c42cff .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in search_by_key
2024/01/05 10:27 upstream 5eff55d725a4 28c42cff .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in search_by_key
2024/01/05 09:24 upstream 5eff55d725a4 28c42cff .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in search_by_key
2024/01/05 09:00 upstream 5eff55d725a4 28c42cff .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in search_by_key
2024/01/05 07:44 upstream 5eff55d725a4 28c42cff .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in search_by_key
2024/01/05 06:26 upstream 5eff55d725a4 28c42cff .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in search_by_key
2024/01/05 05:43 upstream 5eff55d725a4 28c42cff .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in search_by_key
2024/01/05 04:55 upstream 5eff55d725a4 28c42cff .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in search_by_key
2024/01/05 02:58 upstream 5eff55d725a4 28c42cff .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in search_by_key
2024/01/05 02:53 upstream 5eff55d725a4 28c42cff .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in search_by_key
2024/01/04 18:36 upstream ac865f00af29 28c42cff .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in search_by_key
2024/01/08 10:31 upstream 0dd3ee311255 d0304e9c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in search_by_key
2024/01/08 09:24 upstream 0dd3ee311255 d0304e9c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in search_by_key
2024/01/08 04:36 upstream 0dd3ee311255 d0304e9c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in search_by_key
2024/01/07 14:15 upstream 52b1853b080a d0304e9c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in search_by_key
2024/01/07 10:12 upstream 52b1853b080a d0304e9c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in search_by_key
2024/01/07 00:51 upstream 95c8a35f1c01 d0304e9c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in search_by_key
2024/01/06 20:46 upstream 95c8a35f1c01 d0304e9c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in search_by_key
2024/01/06 17:53 upstream 95c8a35f1c01 d0304e9c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in search_by_key
2024/01/06 04:14 upstream 6d0dc8559c84 d0304e9c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in search_by_key
2024/01/05 13:00 upstream 1f874787ed9a 28c42cff .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in search_by_key
2024/01/05 11:28 upstream 5eff55d725a4 28c42cff .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in search_by_key
2024/01/04 07:48 upstream ac865f00af29 28c42cff .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in search_by_key
2023/12/20 07:26 upstream 55cb5f43689d 3ad490ea .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in search_by_key
* Struck through repros no longer work on HEAD.