syzbot

 sign-in | mailing list | source | docs
🐞 Open [968] Subsystems 🐞 Fixed [4559] 🐞 Invalid [10508] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

KMSAN: uninit-value in btrfs_clean_tree_block (2)

Status: fixed on 2023/02/24 13:50
Labels: nilfs (incorrect?)
Reported-by: syzbot+fba8e2116a12609b6c59@syzkaller.appspotmail.com
Fix commit: cbddcc4fa344 btrfs: set generation before calling btrfs_clean_tree_block in btrfs_init_new_buffer
First crash: 562d, last: 97d
Discussions (4)
Title Replies (including bot) Last reply
[PATCH 5.15 000/530] 5.15.75-rc1 review 542 (542) 2023/01/10 15:19
[PATCH 5.19 000/717] 5.19.17-rc1 review 732 (732) 2022/10/24 19:01
[PATCH 6.0 000/862] 6.0.3-rc1 review 899 (899) 2022/10/21 09:08
[syzbot] KMSAN: uninit-value in btrfs_clean_tree_block (2) 0 (1) 2021/11/20 10:47
Similar bugs (8)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KMSAN: uninit-value in btrfs_clean_tree_block 18531 664d 986d 0/24 auto-closed as invalid on 2021/11/04 13:33
upstream KMSAN: uninit-value in aes_encrypt (4) net C 10 9d20h 994d 0/24 upstream: reported C repro on 2020/09/10 14:09
upstream KMSAN: uninit-value in virtqueue_add (3) 13 210d 502d 0/24 auto-obsoleted due to no activity on 2023/02/12 03:53
upstream KMSAN: uninit-value in post_read_mst_fixup 199 487d 926d 0/24 auto-closed as invalid on 2022/05/31 07:12
upstream KMSAN: kernel-infoleak in _copy_to_iter (7) net C 138977 97d 450d 24/24 fixed on 2023/02/24 13:50
upstream KMSAN: uninit-value in __crc32c_le_base (2) crypto C 6207 60d 1132d 0/24 closed as invalid on 2023/04/06 23:31
upstream KMSAN: kernel-infoleak in _copy_to_iter (8) C 16725 now 88d 23/24 internal: reported C repro on 2023/03/06 07:23
upstream KMSAN: uninit-value in nilfs_add_checksums_on_logs nilfs 1076 2h33m 87d 23/24 upstream: reported on 2023/03/06 17:55

Sample crash report:
=====================================================
BUG: KMSAN: uninit-value in btrfs_clean_tree_block+0x245/0x2d0 fs/btrfs/disk-io.c:959
 btrfs_clean_tree_block+0x245/0x2d0 fs/btrfs/disk-io.c:959
 btrfs_init_new_buffer fs/btrfs/extent-tree.c:4899 [inline]
 btrfs_alloc_tree_block+0x800/0x1ea0 fs/btrfs/extent-tree.c:4976
 __btrfs_cow_block+0x580/0x1cd0 fs/btrfs/ctree.c:417
 btrfs_cow_block+0x7ca/0x9d0 fs/btrfs/ctree.c:572
 commit_cowonly_roots+0x1b2/0x1110 fs/btrfs/transaction.c:1285
 btrfs_commit_transaction+0x2241/0x5980 fs/btrfs/transaction.c:2366
 btrfs_commit_super+0x138/0x180 fs/btrfs/disk-io.c:4426
 close_ctree+0x377/0x9f1 fs/btrfs/disk-io.c:4550
 btrfs_put_super+0x38/0x50 fs/btrfs/super.c:392
 generic_shutdown_super+0x184/0x570 fs/super.c:491
 kill_anon_super+0x39/0x70 fs/super.c:1085
 btrfs_kill_super+0x39/0x60 fs/btrfs/super.c:2440
 deactivate_locked_super+0xb1/0x120 fs/super.c:332
 deactivate_super+0x13a/0x150 fs/super.c:363
 cleanup_mnt+0x703/0x780 fs/namespace.c:1186
 __cleanup_mnt+0x1e/0x30 fs/namespace.c:1193
 task_work_run+0x13c/0x280 kernel/task_work.c:177
 resume_user_mode_work include/linux/resume_user_mode.h:49 [inline]
 exit_to_user_mode_loop+0x2a9/0x320 kernel/entry/common.c:171
 exit_to_user_mode_prepare+0x16e/0x220 kernel/entry/common.c:203
 __syscall_exit_to_user_mode_work kernel/entry/common.c:285 [inline]
 syscall_exit_to_user_mode+0x23/0x40 kernel/entry/common.c:296
 __do_fast_syscall_32+0xb1/0x100 arch/x86/entry/common.c:181
 do_fast_syscall_32+0x33/0x70 arch/x86/entry/common.c:203
 do_SYSENTER_32+0x1b/0x20 arch/x86/entry/common.c:246
 entry_SYSENTER_compat_after_hwframe+0x70/0x82

Uninit was created at:
 __alloc_pages+0x9f1/0xe80 mm/page_alloc.c:5556
 alloc_pages+0xaae/0xd80 mm/mempolicy.c:2270
 folio_alloc+0x3e/0x120 mm/mempolicy.c:2280
 filemap_alloc_folio mm/filemap.c:970 [inline]
 __filemap_get_folio+0xe59/0x1b00 mm/filemap.c:1970
 pagecache_get_page+0x4a/0x4d0 mm/folio-compat.c:104
 find_or_create_page include/linux/pagemap.h:613 [inline]
 alloc_extent_buffer+0x731/0x2770 fs/btrfs/extent_io.c:6207
 btrfs_find_create_tree_block+0x42/0x50 fs/btrfs/disk-io.c:920
 btrfs_init_new_buffer fs/btrfs/extent-tree.c:4860 [inline]
 btrfs_alloc_tree_block+0x36d/0x1ea0 fs/btrfs/extent-tree.c:4976
 __btrfs_cow_block+0x580/0x1cd0 fs/btrfs/ctree.c:417
 btrfs_cow_block+0x7ca/0x9d0 fs/btrfs/ctree.c:572
 commit_cowonly_roots+0x1b2/0x1110 fs/btrfs/transaction.c:1285
 btrfs_commit_transaction+0x2241/0x5980 fs/btrfs/transaction.c:2366
 btrfs_commit_super+0x138/0x180 fs/btrfs/disk-io.c:4426
 close_ctree+0x377/0x9f1 fs/btrfs/disk-io.c:4550
 btrfs_put_super+0x38/0x50 fs/btrfs/super.c:392
 generic_shutdown_super+0x184/0x570 fs/super.c:491
 kill_anon_super+0x39/0x70 fs/super.c:1085
 btrfs_kill_super+0x39/0x60 fs/btrfs/super.c:2440
 deactivate_locked_super+0xb1/0x120 fs/super.c:332
 deactivate_super+0x13a/0x150 fs/super.c:363
 cleanup_mnt+0x703/0x780 fs/namespace.c:1186
 __cleanup_mnt+0x1e/0x30 fs/namespace.c:1193
 task_work_run+0x13c/0x280 kernel/task_work.c:177
 resume_user_mode_work include/linux/resume_user_mode.h:49 [inline]
 exit_to_user_mode_loop+0x2a9/0x320 kernel/entry/common.c:171
 exit_to_user_mode_prepare+0x16e/0x220 kernel/entry/common.c:203
 __syscall_exit_to_user_mode_work kernel/entry/common.c:285 [inline]
 syscall_exit_to_user_mode+0x23/0x40 kernel/entry/common.c:296
 __do_fast_syscall_32+0xb1/0x100 arch/x86/entry/common.c:181
 do_fast_syscall_32+0x33/0x70 arch/x86/entry/common.c:203
 do_SYSENTER_32+0x1b/0x20 arch/x86/entry/common.c:246
 entry_SYSENTER_compat_after_hwframe+0x70/0x82

CPU: 0 PID: 3511 Comm: syz-executor.3 Not tainted 6.0.0-rc5-syzkaller-48543-g968c2729e576 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/11/2022
=====================================================

Crashes (15960):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets Manager Title
2022/10/25 05:07 https://github.com/google/kmsan.git master 968c2729e576 ff2fe65d .config console log report info [disk image] [vmlinux] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in btrfs_clean_tree_block
2021/11/20 06:45 https://github.com/google/kmsan.git master 412af9cd936d 3a9d0024 .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in btrfs_clean_tree_block
2021/11/16 10:38 https://github.com/google/kmsan.git master 386004877847 600426bd .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in btrfs_clean_tree_block
2021/11/16 10:28 https://github.com/google/kmsan.git master 386004877847 600426bd .config console log report info ci-upstream-kmsan-gce-386 KMSAN: uninit-value in btrfs_clean_tree_block
2023/02/24 13:45 https://github.com/google/kmsan.git master 97e36f4aa06f 9e2ebb3c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in nilfs_add_checksums_on_logs
2023/02/24 11:55 https://github.com/google/kmsan.git master 97e36f4aa06f 9e2ebb3c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in post_read_mst_fixup
2023/02/23 20:20 https://github.com/google/kmsan.git master 97e36f4aa06f 9e2ebb3c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in nilfs_add_checksums_on_logs
2023/02/23 19:02 https://github.com/google/kmsan.git master 97e36f4aa06f 9e2ebb3c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in nilfs_add_checksums_on_logs
2023/02/23 15:43 https://github.com/google/kmsan.git master 97e36f4aa06f 9e2ebb3c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in nilfs_add_checksums_on_logs
2023/02/23 13:50 https://github.com/google/kmsan.git master 97e36f4aa06f 9e2ebb3c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in nilfs_add_checksums_on_logs
2023/02/23 12:46 https://github.com/google/kmsan.git master 97e36f4aa06f 9e2ebb3c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in nilfs_add_checksums_on_logs
2023/02/23 11:58 https://github.com/google/kmsan.git master 97e36f4aa06f 9e2ebb3c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in nilfs_add_checksums_on_logs
2023/02/23 10:57 https://github.com/google/kmsan.git master 97e36f4aa06f 9e2ebb3c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in nilfs_add_checksums_on_logs
2023/02/23 04:02 https://github.com/google/kmsan.git master 97e36f4aa06f 409945bc .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in nilfs_add_checksums_on_logs
2023/02/23 02:10 https://github.com/google/kmsan.git master 97e36f4aa06f 409945bc .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in nilfs_add_checksums_on_logs
2023/02/23 01:53 https://github.com/google/kmsan.git master 97e36f4aa06f 409945bc .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in nilfs_add_checksums_on_logs
2023/02/22 22:11 https://github.com/google/kmsan.git master 97e36f4aa06f 409945bc .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in nilfs_add_checksums_on_logs
2023/02/22 20:51 https://github.com/google/kmsan.git master 97e36f4aa06f 409945bc .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in nilfs_add_checksums_on_logs
2023/02/22 10:23 https://github.com/google/kmsan.git master 224e1375d540 42a4d508 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in nilfs_add_checksums_on_logs
2023/02/22 08:48 https://github.com/google/kmsan.git master 224e1375d540 42a4d508 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in nilfs_add_checksums_on_logs
2023/02/22 08:27 https://github.com/google/kmsan.git master 224e1375d540 42a4d508 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in nilfs_add_checksums_on_logs
2023/02/22 06:16 https://github.com/google/kmsan.git master 224e1375d540 42a4d508 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in nilfs_add_checksums_on_logs
2023/02/22 05:15 https://github.com/google/kmsan.git master 224e1375d540 42a4d508 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in post_read_mst_fixup
2023/02/22 04:17 https://github.com/google/kmsan.git master 224e1375d540 42a4d508 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in nilfs_add_checksums_on_logs
2023/02/22 03:04 https://github.com/google/kmsan.git master 224e1375d540 42a4d508 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in nilfs_add_checksums_on_logs
2023/02/21 17:11 https://github.com/google/kmsan.git master 224e1375d540 f949448d .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in nilfs_add_checksums_on_logs
2023/02/21 17:04 https://github.com/google/kmsan.git master 224e1375d540 f949448d .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in nilfs_add_checksums_on_logs
2023/02/21 15:04 https://github.com/google/kmsan.git master 224e1375d540 f949448d .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in nilfs_add_checksums_on_logs
2023/02/21 06:24 https://github.com/google/kmsan.git master 224e1375d540 4f5f5209 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in nilfs_add_checksums_on_logs
2023/02/21 05:23 https://github.com/google/kmsan.git master 224e1375d540 4f5f5209 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in nilfs_add_checksums_on_logs
2023/02/21 03:00 https://github.com/google/kmsan.git master 224e1375d540 4f5f5209 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in nilfs_add_checksums_on_logs
2023/02/21 02:10 https://github.com/google/kmsan.git master 224e1375d540 4f5f5209 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in nilfs_add_checksums_on_logs
2023/02/20 23:16 https://github.com/google/kmsan.git master 224e1375d540 4f5f5209 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in nilfs_add_checksums_on_logs
2023/02/20 21:38 https://github.com/google/kmsan.git master 224e1375d540 4f5f5209 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in nilfs_add_checksums_on_logs
2023/02/20 19:15 https://github.com/google/kmsan.git master 224e1375d540 4f5f5209 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in nilfs_add_checksums_on_logs
2023/02/20 09:13 https://github.com/google/kmsan.git master 31b504f219a9 bcdf85f8 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in nilfs_add_checksums_on_logs
2023/02/20 05:35 https://github.com/google/kmsan.git master 31b504f219a9 bcdf85f8 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in nilfs_add_checksums_on_logs
2023/02/20 03:26 https://github.com/google/kmsan.git master 31b504f219a9 bcdf85f8 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in nilfs_add_checksums_on_logs
2023/02/19 23:45 https://github.com/google/kmsan.git master 31b504f219a9 bcdf85f8 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in nilfs_add_checksums_on_logs
2023/02/19 20:13 https://github.com/google/kmsan.git master 31b504f219a9 bcdf85f8 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in nilfs_add_checksums_on_logs
2023/02/19 19:02 https://github.com/google/kmsan.git master 31b504f219a9 bcdf85f8 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in nilfs_add_checksums_on_logs
2023/02/19 16:35 https://github.com/google/kmsan.git master 31b504f219a9 bcdf85f8 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in nilfs_add_checksums_on_logs
2023/02/19 12:48 https://github.com/google/kmsan.git master 31b504f219a9 bcdf85f8 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in nilfs_add_checksums_on_logs
2023/02/19 11:39 https://github.com/google/kmsan.git master 31b504f219a9 bcdf85f8 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in nilfs_add_checksums_on_logs
2023/02/19 08:07 https://github.com/google/kmsan.git master 31b504f219a9 bcdf85f8 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in nilfs_add_checksums_on_logs
2023/02/19 06:53 https://github.com/google/kmsan.git master 31b504f219a9 bcdf85f8 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in nilfs_add_checksums_on_logs
2023/02/19 05:40 https://github.com/google/kmsan.git master 31b504f219a9 bcdf85f8 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in nilfs_add_checksums_on_logs
2023/02/19 04:08 https://github.com/google/kmsan.git master 31b504f219a9 bcdf85f8 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in nilfs_add_checksums_on_logs
2023/02/19 01:29 https://github.com/google/kmsan.git master 31b504f219a9 bcdf85f8 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in nilfs_add_checksums_on_logs
2023/02/18 20:05 https://github.com/google/kmsan.git master 31b504f219a9 bcdf85f8 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in nilfs_add_checksums_on_logs
2023/02/18 14:46 https://github.com/google/kmsan.git master 31b504f219a9 d02e9a70 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in nilfs_add_checksums_on_logs
2023/02/18 12:40 https://github.com/google/kmsan.git master 31b504f219a9 d02e9a70 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in nilfs_add_checksums_on_logs
2023/02/18 11:32 https://github.com/google/kmsan.git master 31b504f219a9 d02e9a70 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in nilfs_add_checksums_on_logs
2023/01/20 03:56 https://github.com/google/kmsan.git master e919e2b1bc1c 559a440a .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kmsan-gce-386 KMSAN: uninit-value in ima_add_template_entry
* Struck through repros no longer work on HEAD.