syzbot

 sign-in | mailing list | source | docs
🐞 Open [1481]
Subsystems
🐞 Fixed [6786]
🐞 Invalid [17529]
Missing Backports [221]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

KMSAN: uninit-value in hfs_cat_keycmp (2)

Status: auto-obsoleted due to no activity on 2025/11/29 05:09
Subsystems: hfs
[Documentation on labels]
Reported-by: syzbot+04486d87f6240a004c85@syzkaller.appspotmail.com
First crash: 709d, last: 113d
Discussions (2)
Title Replies (including bot) Last reply
[PATCH] hfs: fix uninit-value in hfs_cat_keycmp 1 (1) 2024/03/03 04:14
[syzbot] [hfs?] KMSAN: uninit-value in hfs_cat_keycmp (2) 1 (4) 2024/03/03 03:58
Similar bugs (3)
Kernel Title Rank 🛈 Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KMSAN: uninit-value in hfs_cat_keycmp hfs 7 5 782d 880d 0/29 closed as invalid on 2023/12/22 16:00
upstream KASAN: slab-out-of-bounds Read in hfs_cat_keycmp hfs 17 C error done 2 1025d 1091d 22/29 fixed on 2023/02/24 13:50
linux-4.19 KASAN: slab-out-of-bounds Read in hfs_cat_keycmp 17 C error 1 1106d 1106d 0/1 upstream: reported C repro on 2022/12/02 03:19
Last patch testing requests (11)
Created Duration User Patch Repo Result
2025/10/30 05:54 29m retest repro upstream OK log
2025/10/16 01:22 26m retest repro upstream OK log
2025/08/21 04:48 20m retest repro upstream report log
2025/08/06 22:24 26m retest repro upstream report log
2025/06/12 02:57 52m retest repro upstream report log
2025/05/28 19:00 21m retest repro upstream report log
2025/04/03 02:03 26m retest repro upstream report log
2025/03/19 13:29 24m retest repro upstream report log
2025/03/19 13:20 20m retest repro upstream report log
2025/01/08 12:41 22m retest repro upstream report log
2024/03/03 03:09 26m eadavis@qq.com patch https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master OK log

Sample crash report:
loop2: detected capacity change from 0 to 64
=====================================================
BUG: KMSAN: uninit-value in hfs_cat_keycmp+0x130/0x220 fs/hfs/catalog.c:178
 hfs_cat_keycmp+0x130/0x220 fs/hfs/catalog.c:178
 __hfs_brec_find+0x260/0x8b0 fs/hfs/bfind.c:75
 hfs_brec_find+0x4c4/0x9f0 fs/hfs/bfind.c:138
 hfs_brec_read+0x3f/0x1f0 fs/hfs/bfind.c:165
 hfs_cat_find_brec+0xe9/0x430 fs/hfs/catalog.c:194
 hfs_fill_super+0x536/0xb80 fs/hfs/super.c:350
 get_tree_bdev_flags+0x6e3/0x920 fs/super.c:1636
 get_tree_bdev+0x38/0x50 fs/super.c:1659
 hfs_get_tree+0x35/0x40 fs/hfs/super.c:388
 vfs_get_tree+0xb0/0x5c0 fs/super.c:1759
 do_new_mount+0x73c/0x1620 fs/namespace.c:3881
 path_mount+0x6db/0x1e90 fs/namespace.c:4208
 do_mount fs/namespace.c:4221 [inline]
 __do_sys_mount fs/namespace.c:4432 [inline]
 __se_sys_mount+0x6eb/0x7d0 fs/namespace.c:4409
 __x64_sys_mount+0xe4/0x150 fs/namespace.c:4409
 x64_sys_call+0xfa7/0x3db0 arch/x86/include/generated/asm/syscalls_64.h:166
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xd9/0x1b0 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

Uninit was created at:
 slab_post_alloc_hook mm/slub.c:4167 [inline]
 slab_alloc_node mm/slub.c:4210 [inline]
 __do_kmalloc_node mm/slub.c:4340 [inline]
 __kmalloc_noprof+0x95f/0x1310 mm/slub.c:4353
 kmalloc_noprof include/linux/slab.h:909 [inline]
 hfs_find_init+0x93/0x260 fs/hfs/bfind.c:21
 hfs_fill_super+0x4ce/0xb80 fs/hfs/super.c:347
 get_tree_bdev_flags+0x6e3/0x920 fs/super.c:1636
 get_tree_bdev+0x38/0x50 fs/super.c:1659
 hfs_get_tree+0x35/0x40 fs/hfs/super.c:388
 vfs_get_tree+0xb0/0x5c0 fs/super.c:1759
 do_new_mount+0x73c/0x1620 fs/namespace.c:3881
 path_mount+0x6db/0x1e90 fs/namespace.c:4208
 do_mount fs/namespace.c:4221 [inline]
 __do_sys_mount fs/namespace.c:4432 [inline]
 __se_sys_mount+0x6eb/0x7d0 fs/namespace.c:4409
 __x64_sys_mount+0xe4/0x150 fs/namespace.c:4409
 x64_sys_call+0xfa7/0x3db0 arch/x86/include/generated/asm/syscalls_64.h:166
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xd9/0x1b0 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

CPU: 1 UID: 0 PID: 9982 Comm: syz.2.788 Not tainted 6.15.0-rc3-syzkaller-00094-g02ddfb981de8 #0 PREEMPT(undef) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
=====================================================

Crashes (27):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2025/05/14 05:05 upstream 02ddfb981de8 7344edeb .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hfs_cat_keycmp
2025/05/13 10:04 upstream 02ddfb981de8 f6671af7 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hfs_cat_keycmp
2025/05/13 10:04 upstream 02ddfb981de8 f6671af7 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hfs_cat_keycmp
2025/05/10 03:14 upstream 02ddfb981de8 bb813bcc .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hfs_cat_keycmp
2025/02/17 05:49 upstream 0ad2507d5d93 40a34ec9 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hfs_cat_keycmp
2025/02/17 05:49 upstream 0ad2507d5d93 40a34ec9 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hfs_cat_keycmp
2025/02/15 13:58 upstream 7ff71e6d9239 40a34ec9 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hfs_cat_keycmp
2025/02/15 13:58 upstream 7ff71e6d9239 40a34ec9 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hfs_cat_keycmp
2024/12/25 01:21 upstream 9b2ffa6148b1 444551c4 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hfs_cat_keycmp
2024/12/25 01:20 upstream 9b2ffa6148b1 444551c4 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hfs_cat_keycmp
2024/12/14 16:38 upstream a446e965a188 7cbfbb3a .config strace log report syz / log C [disk image] [vmlinux] [kernel image] [mounted in repro] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hfs_cat_keycmp
2024/12/14 14:21 upstream a446e965a188 7cbfbb3a .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hfs_cat_keycmp
2024/12/14 14:21 upstream a446e965a188 7cbfbb3a .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hfs_cat_keycmp
2024/03/02 23:33 upstream 5ad3cb0ed525 25905f5d .config strace log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hfs_cat_keycmp
2024/01/30 23:15 upstream 9f8413c4a66f 7f400fcb .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-root KMSAN: uninit-value in hfs_cat_keycmp
2025/05/13 11:08 upstream 02ddfb981de8 f6671af7 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in hfs_cat_keycmp
2025/05/13 11:08 upstream 02ddfb981de8 f6671af7 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in hfs_cat_keycmp
2025/02/17 09:01 upstream 0ad2507d5d93 40a34ec9 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in hfs_cat_keycmp
2025/02/17 09:01 upstream 0ad2507d5d93 40a34ec9 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in hfs_cat_keycmp
2025/02/15 18:10 upstream 7ff71e6d9239 40a34ec9 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in hfs_cat_keycmp
2025/02/15 18:09 upstream 7ff71e6d9239 40a34ec9 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in hfs_cat_keycmp
2024/12/25 04:57 upstream 9b2ffa6148b1 444551c4 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in hfs_cat_keycmp
2024/12/25 04:56 upstream 9b2ffa6148b1 444551c4 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in hfs_cat_keycmp
2024/12/14 19:17 upstream a446e965a188 7cbfbb3a .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in hfs_cat_keycmp
2024/12/14 19:17 upstream a446e965a188 7cbfbb3a .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in hfs_cat_keycmp
2024/01/03 03:43 upstream 610a9b8f49fb fb427a07 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in hfs_cat_keycmp
2024/01/03 03:17 upstream 610a9b8f49fb fb427a07 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386-root KMSAN: uninit-value in hfs_cat_keycmp
* Struck through repros no longer work on HEAD.