Re: [syzbot] [ntfs3?] WARNING in indx_insert_into_buffer (3)

All of lore.kernel.org
 help / color / mirror / Atom feed

From: syzbot <syzbot+3a1878433bc1cb97b42a@syzkaller.appspotmail.com>
To: jkoolstra@xs4all.nl, linux-kernel@vger.kernel.org,
	 syzkaller-bugs@googlegroups.com
Subject: Re: [syzbot] [ntfs3?] WARNING in indx_insert_into_buffer (3)
Date: Tue, 07 Oct 2025 16:29:02 -0700	[thread overview]
Message-ID: <68e5a23e.050a0220.256323.002d.GAE@google.com> (raw)
In-Reply-To: <1296925405.322110.1759873945068@kpc.webmail.kpnmail.nl>

Hello,

syzbot has tested the proposed patch but the reproducer is still triggering an issue:
WARNING in indx_insert_into_buffer

loop0: detected capacity change from 0 to 4096
------------[ cut here ]------------
memcpy: detected field-spanning write (size 3656) of single field "&n1->index->blk" at fs/ntfs3/index.c:1927 (size 16)
WARNING: CPU: 1 PID: 6418 at fs/ntfs3/index.c:1927 indx_insert_into_buffer.isra.0+0x109a/0x1320 fs/ntfs3/index.c:1927
Modules linked in:
CPU: 1 UID: 0 PID: 6418 Comm: syz.0.17 Not tainted syzkaller #0 PREEMPT(full) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
RIP: 0010:indx_insert_into_buffer.isra.0+0x109a/0x1320 fs/ntfs3/index.c:1927
Code: 0c d5 a3 fe c6 05 3a ad 30 0d 01 90 48 8b 74 24 68 b9 10 00 00 00 48 c7 c2 60 68 a7 8b 48 c7 c7 c0 68 a7 8b e8 87 5b 62 fe 90 <0f> 0b 90 90 e9 b0 fd ff ff e8 38 56 0b ff e9 f4 f3 ff ff e8 2e 56
RSP: 0018:ffffc90003a0f748 EFLAGS: 00010282
RAX: 0000000000000000 RBX: 00000000ffffffe4 RCX: ffffffff817a4b08
RDX: ffff888025980000 RSI: ffffffff817a4b15 RDI: 0000000000000001
RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000
R10: 0000000000000001 R11: 0000000000000000 R12: ffff88807927e800
R13: ffff88805862a800 R14: dffffc0000000000 R15: 0000000000000e48
FS:  00007f94fb6426c0(0000) GS:ffff888124f62000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f3ee058dd30 CR3: 00000000616dd000 CR4: 0000000000350ef0
Call Trace:
 <TASK>
 indx_insert_entry+0x1a0/0x460 fs/ntfs3/index.c:1996
 ni_add_name+0x4dd/0x820 fs/ntfs3/frecord.c:2995
 ni_rename+0x98/0x170 fs/ntfs3/frecord.c:3026
 ntfs_rename+0xab9/0xf00 fs/ntfs3/namei.c:332
 vfs_rename+0xfa3/0x2290 fs/namei.c:5216
 do_renameat2+0x7d8/0xc20 fs/namei.c:5364
 __do_sys_rename fs/namei.c:5411 [inline]
 __se_sys_rename fs/namei.c:5409 [inline]
 __x64_sys_rename+0x7d/0xa0 fs/namei.c:5409
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xcd/0x4e0 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f94fa78eec9
Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007f94fb642038 EFLAGS: 00000246 ORIG_RAX: 0000000000000052
RAX: ffffffffffffffda RBX: 00007f94fa9e5fa0 RCX: 00007f94fa78eec9
RDX: 0000000000000000 RSI: 0000200000000f40 RDI: 00002000000003c0
RBP: 00007f94fa811f91 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007f94fa9e6038 R14: 00007f94fa9e5fa0 R15: 00007ffce10dde88
 </TASK>


Tested on:

commit:         a8cdf51c Merge tag 'hardening-fix1-v6.18-rc1' of git:/..
git tree:       upstream
console output: https://syzkaller.appspot.com/x/log.txt?x=16277334580000
kernel config:  https://syzkaller.appspot.com/x/.config?x=7e89ecd5e8107dd4
dashboard link: https://syzkaller.appspot.com/bug?extid=3a1878433bc1cb97b42a
compiler:       gcc (Debian 12.2.0-14+deb12u1) 12.2.0, GNU ld (GNU Binutils for Debian) 2.40
patch:          https://syzkaller.appspot.com/x/patch.diff?x=14a8e892580000

next      parent reply	other threads:[~2025-10-07 23:29 UTC|newest]

Thread overview: 3+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
     [not found] <1296925405.322110.1759873945068@kpc.webmail.kpnmail.nl>
2025-10-07 23:29 ` syzbot [this message]
2025-10-05 23:30 [syzbot] [ntfs3?] WARNING in indx_insert_into_buffer (3) syzbot
2025-10-06 10:47 ` syzbot

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=68e5a23e.050a0220.256323.002d.GAE@google.com \
    --to=syzbot+3a1878433bc1cb97b42a@syzkaller.appspotmail.com \
    --cc=jkoolstra@xs4all.nl \
    --cc=linux-kernel@vger.kernel.org \
    --cc=syzkaller-bugs@googlegroups.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.