syzbot

 sign-in | mailing list | source | docs
🐞 Open [1165] 🐞 Fixed [4323] 🐞 Invalid [9667] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes

KMSAN: uninit-value in pagecache_write

Status: upstream: reported on 2022/11/07 09:10
Reported-by: syzbot+9767be679ef5016b6082@syzkaller.appspotmail.com
Fix commit: 956510c0c743 fs: ext4: initialize fsdata in pagecache_write()
Patched on: [ci-qemu-upstream ci-qemu-upstream-386 ci-qemu2-arm32 ci-qemu2-arm64 ci-qemu2-arm64-compat ci-qemu2-arm64-mte ci-upstream-bpf-kasan-gce ci-upstream-bpf-next-kasan-gce ci-upstream-gce-arm64 ci-upstream-gce-leak ci-upstream-kasan-gce ci-upstream-kasan-gce-386 ci-upstream-kasan-gce-root ci-upstream-kasan-gce-selinux-root ci-upstream-kasan-gce-smack-root ci-upstream-kmsan-gce ci-upstream-kmsan-gce-386 ci-upstream-linux-next-kasan-gce-root ci-upstream-net-kasan-gce ci-upstream-net-this-kasan-gce ci2-upstream-fs ci2-upstream-kcsan-gce ci2-upstream-usb], missing on: [ci-qemu2-riscv64]
First crash: 129d, last: 108d

Sample crash report:
=====================================================
BUG: KMSAN: uninit-value in pagecache_write+0x655/0x720 fs/ext4/verity.c:91
 pagecache_write+0x655/0x720 fs/ext4/verity.c:91
 ext4_write_merkle_tree_block+0x84/0xa0 fs/ext4/verity.c:389
 build_merkle_tree_level+0x972/0x1250 fs/verity/enable.c:121
 build_merkle_tree fs/verity/enable.c:182 [inline]
 enable_verity+0xede/0x1920 fs/verity/enable.c:268
 fsverity_ioctl_enable+0x895/0xab0 fs/verity/enable.c:392
 __ext4_ioctl fs/ext4/ioctl.c:1572 [inline]
 ext4_ioctl+0x26dd/0x8c50 fs/ext4/ioctl.c:1606
 ext4_compat_ioctl+0x702/0x800 fs/ext4/ioctl.c:1682
 __do_compat_sys_ioctl fs/ioctl.c:968 [inline]
 __se_compat_sys_ioctl+0x781/0xfa0 fs/ioctl.c:910
 __ia32_compat_sys_ioctl+0x8f/0xd0 fs/ioctl.c:910
 do_syscall_32_irqs_on arch/x86/entry/common.c:112 [inline]
 __do_fast_syscall_32+0xa2/0x100 arch/x86/entry/common.c:178
 do_fast_syscall_32+0x33/0x70 arch/x86/entry/common.c:203
 do_SYSENTER_32+0x1b/0x20 arch/x86/entry/common.c:246
 entry_SYSENTER_compat_after_hwframe+0x70/0x82

Local variable fsdata created at:
 pagecache_write+0x21c/0x720 fs/ext4/verity.c:85
 ext4_write_merkle_tree_block+0x84/0xa0 fs/ext4/verity.c:389

CPU: 1 PID: 15121 Comm: syz-executor.3 Not tainted 6.0.0-rc5-syzkaller-48543-g968c2729e576 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
=====================================================

Crashes (5):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets Title
ci-upstream-kmsan-gce-386 2022/10/21 16:21 https://github.com/google/kmsan.git master 968c2729e576 4bfd3c27 .config console log report info [disk image] [vmlinux] KMSAN: uninit-value in pagecache_write
ci-upstream-kmsan-gce-386 2022/10/18 16:06 https://github.com/google/kmsan.git master 968c2729e576 b31320fc .config console log report info [disk image] [vmlinux] KMSAN: uninit-value in pagecache_write
ci-upstream-kmsan-gce-386 2022/10/05 13:56 https://github.com/google/kmsan.git master 968c2729e576 267e3bb1 .config console log report info [disk image] [vmlinux] KMSAN: uninit-value in pagecache_write
ci-upstream-kmsan-gce-386 2022/10/05 11:12 https://github.com/google/kmsan.git master 968c2729e576 267e3bb1 .config console log report info [disk image] [vmlinux] KMSAN: uninit-value in pagecache_write
ci-upstream-kmsan-gce-386 2022/09/30 17:22 https://github.com/google/kmsan.git master 968c2729e576 feb56351 .config console log report info [disk image] [vmlinux] KMSAN: uninit-value in pagecache_write
* Struck through repros no longer work on HEAD.