Re: [syzbot] [bcachefs?] KMSAN: uninit-value in bch2_bucket_alloc_trans

All of lore.kernel.org
 help / color / mirror / Atom feed

From: syzbot <syzbot+c761143a86b1640bc485@syzkaller.appspotmail.com>
To: kent.overstreet@linux.dev, linux-bcachefs@vger.kernel.org,
	 linux-kernel@vger.kernel.org, syzkaller-bugs@googlegroups.com
Subject: Re: [syzbot] [bcachefs?] KMSAN: uninit-value in bch2_bucket_alloc_trans
Date: Wed, 26 Mar 2025 14:13:28 -0700	[thread overview]
Message-ID: <67e46df8.050a0220.2f068f.000f.GAE@google.com> (raw)
In-Reply-To: <6755b44c.050a0220.2477f.002a.GAE@google.com>

syzbot has found a reproducer for the following issue on:

HEAD commit:    2df0c02dab82 x86 boot build: make git ignore stale 'tools'..
git tree:       upstream
console+strace: https://syzkaller.appspot.com/x/log.txt?x=135c6a4c580000
kernel config:  https://syzkaller.appspot.com/x/.config?x=afd286fb06ecc311
dashboard link: https://syzkaller.appspot.com/bug?extid=c761143a86b1640bc485
compiler:       Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
syz repro:      https://syzkaller.appspot.com/x/repro.syz?x=10355804580000
C reproducer:   https://syzkaller.appspot.com/x/repro.c?x=16c86198580000

Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/4df46ef3da39/disk-2df0c02d.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/7585a408245b/vmlinux-2df0c02d.xz
kernel image: https://storage.googleapis.com/syzbot-assets/2f16d3f20d29/bzImage-2df0c02d.xz
mounted in repro: https://storage.googleapis.com/syzbot-assets/e2708f9fb487/mount_5.gz

IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+c761143a86b1640bc485@syzkaller.appspotmail.com

  fragmentation     0
  bp_start          8
  incorrectly set at freespace:0:31:0 (free 0, genbits 0 should be 0), fixing
=====================================================
BUG: KMSAN: uninit-value in try_alloc_bucket fs/bcachefs/alloc_foreground.c:297 [inline]
BUG: KMSAN: uninit-value in bch2_bucket_alloc_freelist fs/bcachefs/alloc_foreground.c:442 [inline]
BUG: KMSAN: uninit-value in bch2_bucket_alloc_trans+0x2191/0x3280 fs/bcachefs/alloc_foreground.c:574
 try_alloc_bucket fs/bcachefs/alloc_foreground.c:297 [inline]
 bch2_bucket_alloc_freelist fs/bcachefs/alloc_foreground.c:442 [inline]
 bch2_bucket_alloc_trans+0x2191/0x3280 fs/bcachefs/alloc_foreground.c:574
 bch2_bucket_alloc_set_trans+0x935/0x1620 fs/bcachefs/alloc_foreground.c:730
 __open_bucket_add_buckets+0x1e98/0x3130 fs/bcachefs/alloc_foreground.c:973
 open_bucket_add_buckets+0x32b/0x530 fs/bcachefs/alloc_foreground.c:1017
 bch2_alloc_sectors_start_trans+0x1839/0x32d0
 __bch2_btree_node_alloc fs/bcachefs/btree_update_interior.c:322 [inline]
 bch2_btree_reserve_get+0x9eb/0x22b0 fs/bcachefs/btree_update_interior.c:532
 bch2_btree_update_start+0x22b8/0x2ec0 fs/bcachefs/btree_update_interior.c:1232
 bch2_btree_node_rewrite+0x1da/0x1af0 fs/bcachefs/btree_update_interior.c:2144
 async_btree_node_rewrite_trans fs/bcachefs/btree_update_interior.c:2217 [inline]
 async_btree_node_rewrite_work+0x74c/0x1aa0 fs/bcachefs/btree_update_interior.c:2253
 process_one_work kernel/workqueue.c:3238 [inline]
 process_scheduled_works+0xc1d/0x1e80 kernel/workqueue.c:3319
 worker_thread+0xea7/0x14f0 kernel/workqueue.c:3400
 kthread+0x6b9/0xef0 kernel/kthread.c:464
 ret_from_fork+0x6d/0x90 arch/x86/kernel/process.c:153
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245

Local variable gen.i.i created at:
 bch2_bucket_alloc_freelist fs/bcachefs/alloc_foreground.c:442 [inline]
 bch2_bucket_alloc_trans+0x1fb2/0x3280 fs/bcachefs/alloc_foreground.c:574
 bch2_bucket_alloc_set_trans+0x935/0x1620 fs/bcachefs/alloc_foreground.c:730

CPU: 1 UID: 0 PID: 4283 Comm: kworker/u8:21 Not tainted 6.14.0-syzkaller-01103-g2df0c02dab82 #0 PREEMPT(undef) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
Workqueue: btree_node_rewrite async_btree_node_rewrite_work
=====================================================


---
If you want syzbot to run the reproducer, reply with:
#syz test: git://repo/address.git branch-or-commit-hash
If you attach or paste a git patch, syzbot will apply it before testing.

next prev parent reply	other threads:[~2025-03-26 21:13 UTC|newest]

Thread overview: 3+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2024-12-08 14:59 [syzbot] [bcachefs?] KMSAN: uninit-value in bch2_bucket_alloc_trans syzbot
2025-03-26 21:13 ` syzbot [this message]
2025-04-01  3:53 ` [syzbot] Re: your mail syzbot

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=67e46df8.050a0220.2f068f.000f.GAE@google.com \
    --to=syzbot+c761143a86b1640bc485@syzkaller.appspotmail.com \
    --cc=kent.overstreet@linux.dev \
    --cc=linux-bcachefs@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=syzkaller-bugs@googlegroups.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.