Re: [syzbot] [hfs?] KMSAN: uninit-value in __hfs_ext_cache_extent (2)

From: Gianfranco Trad
Date: Tue Oct 22 2024 - 13:06:03 EST


#syz test

// test if KMSAN bug was truly fixed and only BUG() happens nowFrom 006092e8500107e41704cc4c13268a8d3a91deb6 Mon Sep 17 00:00:00 2001
From: Gianfranco Trad <gianf.trad@xxxxxxxxx>
Date: Tue, 22 Oct 2024 19:01:55 +0200
Subject: [PATCH] hfs: zero-initialize ptr, handle no root and comment BUG()

Signed-off-by: Gianfranco Trad <gianf.trad@xxxxxxxxx>
---
fs/hfs/bfind.c | 2 +-
fs/hfs/extent.c | 2 ++
fs/hfs/inode.c | 2 +-
3 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/fs/hfs/bfind.c b/fs/hfs/bfind.c
index ef9498a6e88a..c74d864bc29e 100644
--- a/fs/hfs/bfind.c
+++ b/fs/hfs/bfind.c
@@ -18,7 +18,7 @@ int hfs_find_init(struct hfs_btree *tree, struct hfs_find_data *fd)

fd->tree = tree;
fd->bnode = NULL;
- ptr = kmalloc(tree->max_key_len * 2 + 4, GFP_KERNEL);
+ ptr = kzalloc(tree->max_key_len * 2 + 4, GFP_KERNEL);
if (!ptr)
return -ENOMEM;
fd->search_key = ptr;
diff --git a/fs/hfs/extent.c b/fs/hfs/extent.c
index 4a0ce131e233..14fd0a7bca14 100644
--- a/fs/hfs/extent.c
+++ b/fs/hfs/extent.c
@@ -160,6 +160,8 @@ static inline int __hfs_ext_read_extent(struct hfs_find_data *fd, struct hfs_ext
if (fd->key->ext.FNum != fd->search_key->ext.FNum ||
fd->key->ext.FkType != fd->search_key->ext.FkType)
return -ENOENT;
+ if (!fd->tree->root && res == -ENOENT)
+ return -ENOENT;
if (fd->entrylength != sizeof(hfs_extent_rec))
return -EIO;
hfs_bnode_read(fd->bnode, extent, fd->entryoffset, sizeof(hfs_extent_rec));
diff --git a/fs/hfs/inode.c b/fs/hfs/inode.c
index a81ce7a740b9..a3bc43dbbe14 100644
--- a/fs/hfs/inode.c
+++ b/fs/hfs/inode.c
@@ -441,7 +441,7 @@ int hfs_write_inode(struct inode *inode, struct writeback_control *wbc)
hfs_btree_write(HFS_SB(inode->i_sb)->cat_tree);
return 0;
default:
- BUG();
+ //BUG();
return -EIO;
}
}
--
2.43.0