From: syzbot <syzbot+8689d10f1894eedf774d@syzkaller.appspotmail.com>
To: kent.overstreet@linux.dev, linux-bcachefs@vger.kernel.org,
linux-kernel@vger.kernel.org, surajsonawane0215@gmail.com,
syzkaller-bugs@googlegroups.com
Subject: Re: [syzbot] [bcachefs?] KMSAN: uninit-value in bch2_copygc
Date: Sun, 10 Nov 2024 02:29:02 -0800 [thread overview]
Message-ID: <67308aee.050a0220.138bd5.004d.GAE@google.com> (raw)
In-Reply-To: <CAHiZj8jPNG+_4CHjud8qYxGkzXYsCXNxCw6ejQ0wCeFcKxBR3w@mail.gmail.com>
Hello,
syzbot has tested the proposed patch but the reproducer is still triggering an issue:
KMSAN: uninit-value in bch2_copygc
=====================================================
BUG: KMSAN: uninit-value in rht_ptr_rcu include/linux/rhashtable.h:376 [inline]
BUG: KMSAN: uninit-value in __rhashtable_lookup include/linux/rhashtable.h:607 [inline]
BUG: KMSAN: uninit-value in rhashtable_lookup include/linux/rhashtable.h:646 [inline]
BUG: KMSAN: uninit-value in rhashtable_lookup_fast include/linux/rhashtable.h:672 [inline]
BUG: KMSAN: uninit-value in bucket_in_flight fs/bcachefs/movinggc.c:144 [inline]
BUG: KMSAN: uninit-value in bch2_copygc_get_buckets fs/bcachefs/movinggc.c:184 [inline]
BUG: KMSAN: uninit-value in bch2_copygc+0x20b9/0x5970 fs/bcachefs/movinggc.c:235
rht_ptr_rcu include/linux/rhashtable.h:376 [inline]
__rhashtable_lookup include/linux/rhashtable.h:607 [inline]
rhashtable_lookup include/linux/rhashtable.h:646 [inline]
rhashtable_lookup_fast include/linux/rhashtable.h:672 [inline]
bucket_in_flight fs/bcachefs/movinggc.c:144 [inline]
bch2_copygc_get_buckets fs/bcachefs/movinggc.c:184 [inline]
bch2_copygc+0x20b9/0x5970 fs/bcachefs/movinggc.c:235
bch2_copygc_thread+0x7f7/0xfa0 fs/bcachefs/movinggc.c:395
kthread+0x3e2/0x540 kernel/kthread.c:389
ret_from_fork+0x6d/0x90 arch/x86/kernel/process.c:147
ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244
Local variable b232.i created at:
bch2_copygc_get_buckets fs/bcachefs/movinggc.c:184 [inline]
bch2_copygc+0x1925/0x5970 fs/bcachefs/movinggc.c:235
bch2_copygc_thread+0x7f7/0xfa0 fs/bcachefs/movinggc.c:395
CPU: 0 UID: 0 PID: 6614 Comm: bch-copygc/loop Not tainted 6.12.0-rc6-syzkaller-00279-gde2f378f2b77-dirty #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
=====================================================
Kernel panic - not syncing: kmsan.panic set ...
CPU: 0 UID: 0 PID: 6614 Comm: bch-copygc/loop Tainted: G B 6.12.0-rc6-syzkaller-00279-gde2f378f2b77-dirty #0
Tainted: [B]=BAD_PAGE
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
Call Trace:
<TASK>
__dump_stack lib/dump_stack.c:94 [inline]
dump_stack_lvl+0x216/0x2d0 lib/dump_stack.c:120
dump_stack+0x1e/0x30 lib/dump_stack.c:129
panic+0x4e2/0xcf0 kernel/panic.c:354
kmsan_report+0x2c7/0x2d0 mm/kmsan/report.c:218
__msan_warning+0x95/0x120 mm/kmsan/instrumentation.c:318
rht_ptr_rcu include/linux/rhashtable.h:376 [inline]
__rhashtable_lookup include/linux/rhashtable.h:607 [inline]
rhashtable_lookup include/linux/rhashtable.h:646 [inline]
rhashtable_lookup_fast include/linux/rhashtable.h:672 [inline]
bucket_in_flight fs/bcachefs/movinggc.c:144 [inline]
bch2_copygc_get_buckets fs/bcachefs/movinggc.c:184 [inline]
bch2_copygc+0x20b9/0x5970 fs/bcachefs/movinggc.c:235
bch2_copygc_thread+0x7f7/0xfa0 fs/bcachefs/movinggc.c:395
kthread+0x3e2/0x540 kernel/kthread.c:389
ret_from_fork+0x6d/0x90 arch/x86/kernel/process.c:147
ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244
</TASK>
Kernel Offset: disabled
Rebooting in 86400 seconds..
Tested on:
commit: de2f378f Merge tag 'nfsd-6.12-4' of git://git.kernel.o..
git tree: upstream
console output: https://syzkaller.appspot.com/x/log.txt?x=16a994e8580000
kernel config: https://syzkaller.appspot.com/x/.config?x=e4580d62ee1893a5
dashboard link: https://syzkaller.appspot.com/bug?extid=8689d10f1894eedf774d
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
patch: https://syzkaller.appspot.com/x/patch.diff?x=1715635f980000
next prev parent reply other threads:[~2024-11-10 10:29 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-11-09 2:42 [syzbot] [bcachefs?] KMSAN: uninit-value in bch2_copygc syzbot
2024-11-09 11:39 ` [syzbot] " syzbot
2024-11-09 14:31 ` Suraj Sonawane
2024-11-09 15:38 ` syzbot
2024-11-10 5:47 ` Suraj Sonawane
2024-11-10 6:18 ` syzbot
2024-11-10 10:06 ` Suraj Sonawane
2024-11-10 10:29 ` syzbot [this message]
2024-11-11 0:31 ` [syzbot] " syzbot
2024-11-11 14:01 ` syzbot
2024-11-11 14:25 ` [syzbot] [bcachefs?] " Suraj Sonawane
2024-11-11 14:55 ` syzbot
2024-11-11 23:24 ` [syzbot] " syzbot
2024-11-14 21:56 ` syzbot
[not found] <CAHiZj8jg7wD9ppGg8yT_XPY3+SRo6ibbHEwvpoQUvNPaJONQiQ@mail.gmail.com>
2024-11-09 12:18 ` [syzbot] [bcachefs?] " syzbot
[not found] <2a46b846-9279-4cde-91c9-b01fc77e9052@gmail.com>
2024-11-11 0:54 ` syzbot
[not found] <dd56ff53-672b-47c6-b831-78f1c4b22e17@gmail.com>
2024-11-11 14:34 ` syzbot
[not found] <cdcb0458-9e94-44c6-9864-ce6de521b32c@gmail.com>
2024-11-12 4:19 ` syzbot
[not found] <55018f1d-5871-4f13-aa03-bd06bda0f90f@gmail.com>
2024-11-14 22:27 ` syzbot
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=67308aee.050a0220.138bd5.004d.GAE@google.com \
--to=syzbot+8689d10f1894eedf774d@syzkaller.appspotmail.com \
--cc=kent.overstreet@linux.dev \
--cc=linux-bcachefs@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=surajsonawane0215@gmail.com \
--cc=syzkaller-bugs@googlegroups.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.