syzbot

 sign-in | mailing list | source | docs
🐞 Open [955] 🐞 Fixed [4037] 🐞 Invalid [8978] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes

KMSAN: uninit-value in btrfs_clean_tree_block (2)

Status: upstream: reported on 2021/11/20 10:47
Reported-by: syzbot+fba8e2116a12609b6c59@syzkaller.appspotmail.com
Fix commit: btrfs: set generation before calling btrfs_clean_tree_block in btrfs_init_new_buffer
Patched on: [], missing on: [ci-qemu-upstream ci-qemu-upstream-386 ci-qemu2-arm32 ci-qemu2-arm64 ci-qemu2-arm64-compat ci-qemu2-arm64-mte ci-qemu2-riscv64 ci-upstream-bpf-kasan-gce ci-upstream-bpf-next-kasan-gce ci-upstream-gce-arm64 ci-upstream-gce-leak ci-upstream-kasan-gce ci-upstream-kasan-gce-386 ci-upstream-kasan-gce-root ci-upstream-kasan-gce-selinux-root ci-upstream-kasan-gce-smack-root ci-upstream-kmsan-gce ci-upstream-kmsan-gce-386 ci-upstream-linux-next-kasan-gce-root ci-upstream-net-kasan-gce ci-upstream-net-this-kasan-gce ci2-upstream-fs ci2-upstream-kcsan-gce ci2-upstream-usb]
First crash: 321d, last: 29m
similar bugs (2):
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KMSAN: uninit-value in btrfs_clean_tree_block 18531 423d 744d 0/24 auto-closed as invalid on 2021/11/04 13:33
upstream KMSAN: uninit-value in post_read_mst_fixup 199 245d 685d 0/24 auto-closed as invalid on 2022/05/31 07:12

Sample crash report:
BTRFS warning (device loop1): the 'inode_cache' option is deprecated and has no effect since 5.11
BTRFS info (device loop1): enabling auto defrag
BTRFS info (device loop1): using free space tree
BTRFS info (device loop1): enabling ssd optimizations
BTRFS info (device loop1): creating free space tree
=====================================================
BUG: KMSAN: uninit-value in btrfs_clean_tree_block+0x245/0x2d0 fs/btrfs/disk-io.c:959
 btrfs_clean_tree_block+0x245/0x2d0 fs/btrfs/disk-io.c:959
 btrfs_init_new_buffer fs/btrfs/extent-tree.c:4899 [inline]
 btrfs_alloc_tree_block+0x800/0x1ea0 fs/btrfs/extent-tree.c:4976
 btrfs_create_tree+0x257/0xe80 fs/btrfs/disk-io.c:1200
 btrfs_create_free_space_tree+0x144/0x1ca0 fs/btrfs/free-space-tree.c:1169
 btrfs_start_pre_rw_mount+0x868/0xb50 fs/btrfs/disk-io.c:3242
 open_ctree+0x4fb1/0x5ee5 fs/btrfs/disk-io.c:3732
 btrfs_fill_super+0x21a/0x550 fs/btrfs/super.c:1456
 btrfs_mount_root+0x10cb/0x1310 fs/btrfs/super.c:1824
 legacy_get_tree+0x10c/0x280 fs/fs_context.c:610
 vfs_get_tree+0xa1/0x500 fs/super.c:1530
 fc_mount fs/namespace.c:1043 [inline]
 vfs_kern_mount+0x29d/0x3a0 fs/namespace.c:1073
 btrfs_mount+0x6c8/0x18c0 fs/btrfs/super.c:1884
 legacy_get_tree+0x10c/0x280 fs/fs_context.c:610
 vfs_get_tree+0xa1/0x500 fs/super.c:1530
 do_new_mount+0x694/0x1580 fs/namespace.c:3040
 path_mount+0x71a/0x1f00 fs/namespace.c:3370
 do_mount fs/namespace.c:3383 [inline]
 __do_sys_mount fs/namespace.c:3591 [inline]
 __se_sys_mount+0x734/0x840 fs/namespace.c:3568
 __ia32_sys_mount+0xdf/0x140 fs/namespace.c:3568
 do_syscall_32_irqs_on arch/x86/entry/common.c:112 [inline]
 __do_fast_syscall_32+0xa2/0x100 arch/x86/entry/common.c:178
 do_fast_syscall_32+0x33/0x70 arch/x86/entry/common.c:203
 do_SYSENTER_32+0x1b/0x20 arch/x86/entry/common.c:246
 entry_SYSENTER_compat_after_hwframe+0x70/0x82

Uninit was created at:
 __alloc_pages+0x9f1/0xe80 mm/page_alloc.c:5556
 alloc_pages+0xaae/0xd80 mm/mempolicy.c:2270
 folio_alloc+0x3e/0x120 mm/mempolicy.c:2280
 filemap_alloc_folio mm/filemap.c:970 [inline]
 __filemap_get_folio+0xe59/0x1b00 mm/filemap.c:1970
 pagecache_get_page+0x4a/0x4d0 mm/folio-compat.c:104
 find_or_create_page include/linux/pagemap.h:613 [inline]
 alloc_extent_buffer+0x731/0x2770 fs/btrfs/extent_io.c:6207
 btrfs_find_create_tree_block+0x42/0x50 fs/btrfs/disk-io.c:920
 btrfs_init_new_buffer fs/btrfs/extent-tree.c:4860 [inline]
 btrfs_alloc_tree_block+0x36d/0x1ea0 fs/btrfs/extent-tree.c:4976
 btrfs_create_tree+0x257/0xe80 fs/btrfs/disk-io.c:1200
 btrfs_create_free_space_tree+0x144/0x1ca0 fs/btrfs/free-space-tree.c:1169
 btrfs_start_pre_rw_mount+0x868/0xb50 fs/btrfs/disk-io.c:3242
 open_ctree+0x4fb1/0x5ee5 fs/btrfs/disk-io.c:3732
 btrfs_fill_super+0x21a/0x550 fs/btrfs/super.c:1456
 btrfs_mount_root+0x10cb/0x1310 fs/btrfs/super.c:1824
 legacy_get_tree+0x10c/0x280 fs/fs_context.c:610
 vfs_get_tree+0xa1/0x500 fs/super.c:1530
 fc_mount fs/namespace.c:1043 [inline]
 vfs_kern_mount+0x29d/0x3a0 fs/namespace.c:1073
 btrfs_mount+0x6c8/0x18c0 fs/btrfs/super.c:1884
 legacy_get_tree+0x10c/0x280 fs/fs_context.c:610
 vfs_get_tree+0xa1/0x500 fs/super.c:1530
 do_new_mount+0x694/0x1580 fs/namespace.c:3040
 path_mount+0x71a/0x1f00 fs/namespace.c:3370
 do_mount fs/namespace.c:3383 [inline]
 __do_sys_mount fs/namespace.c:3591 [inline]
 __se_sys_mount+0x734/0x840 fs/namespace.c:3568
 __ia32_sys_mount+0xdf/0x140 fs/namespace.c:3568
 do_syscall_32_irqs_on arch/x86/entry/common.c:112 [inline]
 __do_fast_syscall_32+0xa2/0x100 arch/x86/entry/common.c:178
 do_fast_syscall_32+0x33/0x70 arch/x86/entry/common.c:203
 do_SYSENTER_32+0x1b/0x20 arch/x86/entry/common.c:246
 entry_SYSENTER_compat_after_hwframe+0x70/0x82

CPU: 1 PID: 17493 Comm: syz-executor.1 Not tainted 6.0.0-rc5-syzkaller-48543-g968c2729e576 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/22/2022
=====================================================

Crashes (10947):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Title
ci-upstream-kmsan-gce-386 2022/10/03 20:11 https://github.com/google/kmsan.git master 968c2729e576 feb56351 .config log report info KMSAN: uninit-value in btrfs_clean_tree_block
ci-upstream-kmsan-gce-386 2022/10/03 16:49 https://github.com/google/kmsan.git master 968c2729e576 feb56351 .config log report info KMSAN: uninit-value in btrfs_clean_tree_block
ci-upstream-kmsan-gce-386 2022/10/03 11:47 https://github.com/google/kmsan.git master 968c2729e576 feb56351 .config log report info KMSAN: uninit-value in btrfs_clean_tree_block
ci-upstream-kmsan-gce-386 2022/10/03 00:09 https://github.com/google/kmsan.git master 968c2729e576 feb56351 .config log report info KMSAN: uninit-value in btrfs_clean_tree_block
ci-upstream-kmsan-gce-386 2022/10/02 21:29 https://github.com/google/kmsan.git master 968c2729e576 feb56351 .config log report info KMSAN: uninit-value in btrfs_clean_tree_block
ci-upstream-kmsan-gce-386 2022/10/02 17:21 https://github.com/google/kmsan.git master 968c2729e576 feb56351 .config log report info KMSAN: uninit-value in btrfs_clean_tree_block
ci-upstream-kmsan-gce-386 2022/10/02 14:08 https://github.com/google/kmsan.git master 968c2729e576 feb56351 .config log report info KMSAN: uninit-value in btrfs_clean_tree_block
ci-upstream-kmsan-gce-386 2022/10/02 12:49 https://github.com/google/kmsan.git master 968c2729e576 feb56351 .config log report info KMSAN: uninit-value in btrfs_clean_tree_block
ci-upstream-kmsan-gce-386 2022/10/02 08:59 https://github.com/google/kmsan.git master 968c2729e576 feb56351 .config log report info KMSAN: uninit-value in btrfs_clean_tree_block
ci-upstream-kmsan-gce-386 2022/10/02 05:18 https://github.com/google/kmsan.git master 968c2729e576 feb56351 .config log report info KMSAN: uninit-value in btrfs_clean_tree_block
ci-upstream-kmsan-gce-386 2022/10/02 03:49 https://github.com/google/kmsan.git master 968c2729e576 feb56351 .config log report info KMSAN: uninit-value in btrfs_clean_tree_block
ci-upstream-kmsan-gce-386 2022/10/01 23:45 https://github.com/google/kmsan.git master 968c2729e576 feb56351 .config log report info KMSAN: uninit-value in btrfs_clean_tree_block
ci-upstream-kmsan-gce-386 2022/10/01 20:19 https://github.com/google/kmsan.git master 968c2729e576 feb56351 .config log report info KMSAN: uninit-value in btrfs_clean_tree_block
ci-upstream-kmsan-gce-386 2022/10/01 17:21 https://github.com/google/kmsan.git master 968c2729e576 feb56351 .config log report info KMSAN: uninit-value in btrfs_clean_tree_block
ci-upstream-kmsan-gce-386 2022/10/01 16:16 https://github.com/google/kmsan.git master 968c2729e576 feb56351 .config log report info KMSAN: uninit-value in btrfs_clean_tree_block
ci-upstream-kmsan-gce-386 2022/10/01 14:30 https://github.com/google/kmsan.git master 968c2729e576 feb56351 .config log report info KMSAN: uninit-value in btrfs_clean_tree_block
ci-upstream-kmsan-gce-386 2022/10/01 11:01 https://github.com/google/kmsan.git master 968c2729e576 feb56351 .config log report info KMSAN: uninit-value in btrfs_clean_tree_block
ci-upstream-kmsan-gce-386 2022/10/01 09:49 https://github.com/google/kmsan.git master 968c2729e576 feb56351 .config log report info KMSAN: uninit-value in btrfs_clean_tree_block
ci-upstream-kmsan-gce-386 2022/10/01 08:41 https://github.com/google/kmsan.git master 968c2729e576 feb56351 .config log report info KMSAN: uninit-value in btrfs_clean_tree_block
ci-upstream-kmsan-gce-386 2022/10/01 00:12 https://github.com/google/kmsan.git master 968c2729e576 feb56351 .config log report info KMSAN: uninit-value in btrfs_clean_tree_block
ci-upstream-kmsan-gce-386 2022/09/30 23:12 https://github.com/google/kmsan.git master 968c2729e576 feb56351 .config log report info KMSAN: uninit-value in btrfs_clean_tree_block
ci-upstream-kmsan-gce-386 2022/09/30 21:58 https://github.com/google/kmsan.git master 968c2729e576 feb56351 .config log report info KMSAN: uninit-value in btrfs_clean_tree_block
ci-upstream-kmsan-gce-386 2022/09/30 20:45 https://github.com/google/kmsan.git master 968c2729e576 feb56351 .config log report info KMSAN: uninit-value in btrfs_clean_tree_block
ci-upstream-kmsan-gce-386 2022/09/30 19:05 https://github.com/google/kmsan.git master 968c2729e576 feb56351 .config log report info KMSAN: uninit-value in btrfs_clean_tree_block
ci-upstream-kmsan-gce-386 2022/09/30 17:32 https://github.com/google/kmsan.git master 968c2729e576 feb56351 .config log report info KMSAN: uninit-value in btrfs_clean_tree_block
ci-upstream-kmsan-gce-386 2022/09/30 17:24 https://github.com/google/kmsan.git master 968c2729e576 feb56351 .config log report info KMSAN: uninit-value in btrfs_clean_tree_block
ci-upstream-kmsan-gce-386 2022/09/30 16:17 https://github.com/google/kmsan.git master 968c2729e576 feb56351 .config log report info KMSAN: uninit-value in btrfs_clean_tree_block
ci-upstream-kmsan-gce-386 2022/09/30 15:00 https://github.com/google/kmsan.git master 968c2729e576 feb56351 .config log report info KMSAN: uninit-value in btrfs_clean_tree_block
ci-upstream-kmsan-gce-386 2022/09/30 14:29 https://github.com/google/kmsan.git master 968c2729e576 feb56351 .config log report info KMSAN: uninit-value in btrfs_clean_tree_block
ci-upstream-kmsan-gce-386 2022/09/30 11:55 https://github.com/google/kmsan.git master 968c2729e576 1d385642 .config log report info KMSAN: uninit-value in btrfs_clean_tree_block
ci-upstream-kmsan-gce-386 2022/09/30 10:49 https://github.com/google/kmsan.git master 968c2729e576 1d385642 .config log report info KMSAN: uninit-value in btrfs_clean_tree_block
ci-upstream-kmsan-gce-386 2022/09/30 06:18 https://github.com/google/kmsan.git master 968c2729e576 1d385642 .config log report info KMSAN: uninit-value in btrfs_clean_tree_block
ci-upstream-kmsan-gce-386 2022/09/30 04:41 https://github.com/google/kmsan.git master 968c2729e576 1d385642 .config log report info KMSAN: uninit-value in btrfs_clean_tree_block
ci-upstream-kmsan-gce-386 2022/09/29 18:13 https://github.com/google/kmsan.git master 968c2729e576 1d385642 .config log report info KMSAN: uninit-value in btrfs_clean_tree_block
ci-upstream-kmsan-gce-386 2022/09/29 17:32 https://github.com/google/kmsan.git master 968c2729e576 1d385642 .config log report info KMSAN: uninit-value in btrfs_clean_tree_block
ci-upstream-kmsan-gce-386 2022/09/29 16:24 https://github.com/google/kmsan.git master 968c2729e576 1d385642 .config log report info KMSAN: uninit-value in btrfs_clean_tree_block
ci-upstream-kmsan-gce-386 2022/09/29 15:18 https://github.com/google/kmsan.git master 968c2729e576 1d385642 .config log report info KMSAN: uninit-value in btrfs_clean_tree_block
ci-upstream-kmsan-gce-386 2022/09/29 14:10 https://github.com/google/kmsan.git master 968c2729e576 1d385642 .config log report info KMSAN: uninit-value in btrfs_clean_tree_block
ci-upstream-kmsan-gce-386 2022/09/29 13:59 https://github.com/google/kmsan.git master 968c2729e576 1d385642 .config log report info KMSAN: uninit-value in btrfs_clean_tree_block
ci-upstream-kmsan-gce-386 2022/09/29 12:16 https://github.com/google/kmsan.git master 968c2729e576 1d385642 .config log report info KMSAN: uninit-value in btrfs_clean_tree_block
ci-upstream-kmsan-gce-386 2022/09/29 11:06 https://github.com/google/kmsan.git master 968c2729e576 1d385642 .config log report info KMSAN: uninit-value in btrfs_clean_tree_block
ci-upstream-kmsan-gce-386 2022/09/29 09:57 https://github.com/google/kmsan.git master 968c2729e576 1d385642 .config log report info KMSAN: uninit-value in btrfs_clean_tree_block
ci-upstream-kmsan-gce-386 2021/11/20 06:45 https://github.com/google/kmsan.git master 412af9cd936d 3a9d0024 .config log report info KMSAN: uninit-value in btrfs_clean_tree_block
ci-upstream-kmsan-gce-386 2021/11/16 10:38 https://github.com/google/kmsan.git master 386004877847 600426bd .config log report info KMSAN: uninit-value in btrfs_clean_tree_block
ci-upstream-kmsan-gce-386 2021/11/16 10:28 https://github.com/google/kmsan.git master 386004877847 600426bd .config log report info KMSAN: uninit-value in btrfs_clean_tree_block
ci-upstream-kmsan-gce-386 2022/10/03 02:04 https://github.com/google/kmsan.git master 968c2729e576 feb56351 .config log report info KMSAN: uninit-value in nilfs_add_checksums_on_logs
ci-upstream-kmsan-gce-386 2022/10/02 22:31 https://github.com/google/kmsan.git master 968c2729e576 feb56351 .config log report info KMSAN: uninit-value in nilfs_add_checksums_on_logs
ci-upstream-kmsan-gce-386 2022/09/29 02:39 https://github.com/google/kmsan.git master 879600fbb6d3 e2556bc3 .config log report info KMSAN: uninit-value in post_read_mst_fixup
ci-upstream-kmsan-gce-386 2022/09/20 07:54 https://github.com/google/kmsan.git master 8f4ae27df775 7c41a9ba .config log report info KMSAN: uninit-value in ima_add_template_entry
* Struck through repros no longer work on HEAD.