Received: by 2002:a05:7412:e794:b0:fa:551:50a7 with SMTP id o20csp880650rdd;
        Wed, 10 Jan 2024 02:16:39 -0800 (PST)
X-Google-Smtp-Source: AGHT+IG2gvKpDJGs6yBChOcZBkxwIL1nlE8vgcgs3HF/ePkCIROBSz5W7LLsge25JVQ6EbsJuocA
X-Received: by 2002:a05:6808:114a:b0:3bb:f349:a3ef with SMTP id u10-20020a056808114a00b003bbf349a3efmr844930oiu.45.1704881798872;
        Wed, 10 Jan 2024 02:16:38 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1704881798; cv=none;
        d=google.com; s=arc-20160816;
        b=K/mpi5yusiasxnMtAhplQGONvvKsGHRgwBIGZXoEzrR8iG3YZVL+shzJj1wooi9g6H
         hXyoPqHjmCE3l3a8APxOQPfv3nvQgMwrxxpfcEgsn1rpuq8VhiSDisOxjrXzCEe7BA3Z
         yHT2fEWgyBcJsYNQL6tY8F91s9BjUuqFQ2RwIKD4oZyKq3OCGe+9e3syOnJpfMuLHVkC
         Y0GKiXg2ekq4KGC5N4pZA9HzhOBVHtXY3b6K0My0An5WlB2HqRKCtglMwpyItX4uvQkg
         O4C1q4ctaLlEAO0rfgfWEzCvOXf7rdwxi8RSnudnc+5hTwaSm/oUpqd4tbI0tsqQPWwT
         ogtQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=to:from:subject:message-id:date:mime-version:list-unsubscribe
         :list-subscribe:list-id:precedence;
        bh=A5/j67+kQ+bcaF7cSN8tiUBI+F9SoIb7yqu3oMXsr0w=;
        fh=n8yPjRbETdsPfD611YoXSDtOyw2rxYTTeo4lQ47FNHM=;
        b=lBtXWhc86utXjtx3qM9nH3m8/fFcDpN2Rh1sj01I1jU9yg6zJSqH9Kw2CA7ud1KxOF
         xHDY18ewcc+Drn1rPL/0nEQrpHJUMdLEYK5coy2I0ttOA79PZyheHRWAUumPVcOAtUcm
         BtltX+Hp5CdW02RmlYj0fMBuPoOCfbY6y/41JR17z0Qb+E1tim6iXpR6EOnFWkHmatFn
         /9boLxCZbM9yUr+AD+CkVfo8hOTpjbRk+BPWvCo7qazqsgJ1BNy4lR0Bg6MJkF0Jkkfb
         1Ll37EKcNuo2wJ3yKQCkW7A8ymtgr6Qrx/f0lgN83SkelNTC2/L0NBNKHCWzM8SUV1e1
         Jjtw==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: domain of linux-kernel+bounces-21957-linux.lists.archive=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) smtp.mailfrom="linux-kernel+bounces-21957-linux.lists.archive=gmail.com@vger.kernel.org";
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=appspotmail.com
Return-Path: <linux-kernel+bounces-21957-linux.lists.archive=gmail.com@vger.kernel.org>
Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org. [139.178.88.99])
        by mx.google.com with ESMTPS id g16-20020a056a000b9000b006dab362a565si3394093pfj.117.2024.01.10.02.16.38
        for <linux.lists.archive@gmail.com>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Wed, 10 Jan 2024 02:16:38 -0800 (PST)
Received-SPF: pass (google.com: domain of linux-kernel+bounces-21957-linux.lists.archive=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) client-ip=139.178.88.99;
Authentication-Results: mx.google.com;
       spf=pass (google.com: domain of linux-kernel+bounces-21957-linux.lists.archive=gmail.com@vger.kernel.org designates 139.178.88.99 as permitted sender) smtp.mailfrom="linux-kernel+bounces-21957-linux.lists.archive=gmail.com@vger.kernel.org";
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=appspotmail.com
Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by sv.mirrors.kernel.org (Postfix) with ESMTPS id 6A585282641
	for <linux.lists.archive@gmail.com>; Wed, 10 Jan 2024 10:16:38 +0000 (UTC)
Received: from localhost.localdomain (localhost.localdomain [127.0.0.1])
	by smtp.subspace.kernel.org (Postfix) with ESMTP id B5BA53FB17;
	Wed, 10 Jan 2024 10:16:29 +0000 (UTC)
Received: from mail-il1-f197.google.com (mail-il1-f197.google.com [209.85.166.197])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id D9BDC3EA71
	for <linux-kernel@vger.kernel.org>; Wed, 10 Jan 2024 10:16:27 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org; dmarc=fail (p=none dis=none) header.from=syzkaller.appspotmail.com
Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=M3KW2WVRGUFZ5GODRSRYTGD7.apphosting.bounces.google.com
Received: by mail-il1-f197.google.com with SMTP id e9e14a558f8ab-360a416bb22so8871415ab.0
        for <linux-kernel@vger.kernel.org>; Wed, 10 Jan 2024 02:16:27 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1704881787; x=1705486587;
        h=to:from:subject:message-id:date:mime-version:x-gm-message-state
         :from:to:cc:subject:date:message-id:reply-to;
        bh=A5/j67+kQ+bcaF7cSN8tiUBI+F9SoIb7yqu3oMXsr0w=;
        b=tE6UjnM4ls5EaCCsqfUc1k8ttBNh2/lffIMLl5djqnak/eVb1Eh0UDeRXDdZ/wqsDc
         H9wNDEsVK7xrTa4LvH4+R9IUesEt0qdxI3IXtT1ERXUp0Y/IO8uXdITfY0hK/x5r6Jzl
         Qvgp9S6n6yeDqn0ncUGvZmlzGvhP8tLtDkRPKVCvFQdOfaLRZe7fGCA+FYmWtbYEGnyl
         zkyLK0eG6RyLS90mrAJxVUax09AbNxnUHjawFjhVdo9mKT6vuEfpfTrJ98irgq5WICRT
         4NzxOcb0Z49MdGKLHR54U2ILyxbomovcG/wZhM8fwgpRekbg9StJB6cQVutBvNZ3gI8E
         jSfg==
X-Gm-Message-State: AOJu0YzmkS8/VhurenuY1bwIn/rIKREDymvsDeS5ss3Pxg7VVMSKvB+R
	44skq2TmmpI+kpFfYfCVvOjhc5skEbOG97bMtil0B3Q9Buay
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
X-Received: by 2002:a05:6e02:216b:b0:360:795e:a6b3 with SMTP id
 s11-20020a056e02216b00b00360795ea6b3mr69756ilv.4.1704881787065; Wed, 10 Jan
 2024 02:16:27 -0800 (PST)
Date: Wed, 10 Jan 2024 02:16:27 -0800
X-Google-Appengine-App-Id: s~syzkaller
X-Google-Appengine-App-Id-Alias: syzkaller
Message-ID: <0000000000004d5e29060e94b998@google.com>
Subject: [syzbot] [hfs?] KMSAN: uninit-value in hfs_cat_keycmp (2)
From: syzbot <syzbot+04486d87f6240a004c85@syzkaller.appspotmail.com>
To: linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org, 
	syzkaller-bugs@googlegroups.com
Content-Type: text/plain; charset="UTF-8"

Hello,

syzbot found the following issue on:

HEAD commit:    610a9b8f49fb Linux 6.7-rc8
git tree:       upstream
console output: https://syzkaller.appspot.com/x/log.txt?x=163c9fb5e80000
kernel config:  https://syzkaller.appspot.com/x/.config?x=e51fe20c3e51ba7f
dashboard link: https://syzkaller.appspot.com/bug?extid=04486d87f6240a004c85
compiler:       Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
userspace arch: i386

Unfortunately, I don't have any reproducer for this issue yet.

Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/daced691c987/disk-610a9b8f.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/5e37367a7d1e/vmlinux-610a9b8f.xz
kernel image: https://storage.googleapis.com/syzbot-assets/013b65c960ab/bzImage-610a9b8f.xz

IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+04486d87f6240a004c85@syzkaller.appspotmail.com

hfs: filesystem is marked locked, mounting read-only.
=====================================================
BUG: KMSAN: uninit-value in hfs_cat_keycmp+0x154/0x210 fs/hfs/catalog.c:178
 hfs_cat_keycmp+0x154/0x210 fs/hfs/catalog.c:178
 __hfs_brec_find+0x250/0x820 fs/hfs/bfind.c:75
 hfs_brec_find+0x436/0x970 fs/hfs/bfind.c:138
 hfs_brec_read+0x3f/0x1a0 fs/hfs/bfind.c:165
 hfs_cat_find_brec+0xe6/0x400 fs/hfs/catalog.c:194
 hfs_fill_super+0x1f27/0x23c0 fs/hfs/super.c:419
 mount_bdev+0x3d7/0x560 fs/super.c:1650
 hfs_mount+0x4d/0x60 fs/hfs/super.c:456
 legacy_get_tree+0x110/0x290 fs/fs_context.c:662
 vfs_get_tree+0xa5/0x520 fs/super.c:1771
 do_new_mount+0x68d/0x1550 fs/namespace.c:3337
 path_mount+0x73d/0x1f20 fs/namespace.c:3664
 do_mount fs/namespace.c:3677 [inline]
 __do_sys_mount fs/namespace.c:3886 [inline]
 __se_sys_mount+0x725/0x810 fs/namespace.c:3863
 __ia32_sys_mount+0xe3/0x150 fs/namespace.c:3863
 do_syscall_32_irqs_on arch/x86/entry/common.c:165 [inline]
 __do_fast_syscall_32+0xa2/0x100 arch/x86/entry/common.c:321
 do_fast_syscall_32+0x37/0x70 arch/x86/entry/common.c:346
 do_SYSENTER_32+0x1f/0x30 arch/x86/entry/common.c:384
 entry_SYSENTER_compat_after_hwframe+0x70/0x7a

Uninit was created at:
 slab_post_alloc_hook+0x129/0xa70 mm/slab.h:768
 slab_alloc_node mm/slub.c:3478 [inline]
 __kmem_cache_alloc_node+0x5c9/0x970 mm/slub.c:3517
 __do_kmalloc_node mm/slab_common.c:1006 [inline]
 __kmalloc+0x121/0x3c0 mm/slab_common.c:1020
 kmalloc include/linux/slab.h:604 [inline]
 hfs_find_init+0x91/0x250 fs/hfs/bfind.c:21
 hfs_fill_super+0x1eb9/0x23c0 fs/hfs/super.c:416
 mount_bdev+0x3d7/0x560 fs/super.c:1650
 hfs_mount+0x4d/0x60 fs/hfs/super.c:456
 legacy_get_tree+0x110/0x290 fs/fs_context.c:662
 vfs_get_tree+0xa5/0x520 fs/super.c:1771
 do_new_mount+0x68d/0x1550 fs/namespace.c:3337
 path_mount+0x73d/0x1f20 fs/namespace.c:3664
 do_mount fs/namespace.c:3677 [inline]
 __do_sys_mount fs/namespace.c:3886 [inline]
 __se_sys_mount+0x725/0x810 fs/namespace.c:3863
 __ia32_sys_mount+0xe3/0x150 fs/namespace.c:3863
 do_syscall_32_irqs_on arch/x86/entry/common.c:165 [inline]
 __do_fast_syscall_32+0xa2/0x100 arch/x86/entry/common.c:321
 do_fast_syscall_32+0x37/0x70 arch/x86/entry/common.c:346
 do_SYSENTER_32+0x1f/0x30 arch/x86/entry/common.c:384
 entry_SYSENTER_compat_after_hwframe+0x70/0x7a

CPU: 1 PID: 7246 Comm: syz-executor.0 Not tainted 6.7.0-rc8-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023
=====================================================


---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzkaller@googlegroups.com.

syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.

If the report is already addressed, let syzbot know by replying with:
#syz fix: exact-commit-title

If you want to overwrite report's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)

If the report is a duplicate of another one, reply with:
#syz dup: exact-subject-of-another-report

If you want to undo deduplication, reply with:
#syz undup