syzbot


KCSAN: data-race in __lookup_mnt / umount_tree (6)

Status: auto-obsoleted due to no activity on 2023/12/27 23:51
Subsystems: fs
[Documentation on labels]
Reported-by: syzbot+13bd49aa14031230b4a9@syzkaller.appspotmail.com
First crash: 123d, last: 92d
Similar bugs (5)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KCSAN: data-race in __lookup_mnt / umount_tree (4) fs 1 535d 535d 0/26 auto-obsoleted due to no activity on 2022/10/10 17:50
upstream KCSAN: data-race in __lookup_mnt / umount_tree (3) fs 1 689d 689d 0/26 auto-closed as invalid on 2022/05/09 13:18
upstream KCSAN: data-race in __lookup_mnt / umount_tree (2) fs 1 836d 836d 0/26 auto-closed as invalid on 2021/12/13 12:07
upstream KCSAN: data-race in __lookup_mnt / umount_tree fs 1 1008d 1008d 0/26 auto-closed as invalid on 2021/06/25 00:51
upstream KCSAN: data-race in __lookup_mnt / umount_tree (5) fs 1 170d 170d 0/26 auto-obsoleted due to no activity on 2023/10/10 19:57

Sample crash report:
==================================================================
BUG: KCSAN: data-race in __lookup_mnt / umount_tree

write to 0xffff888135a3e510 of 8 bytes by task 3129 on cpu 0:
 unhash_mnt fs/namespace.c:905 [inline]
 umount_mnt fs/namespace.c:920 [inline]
 umount_tree+0x574/0x860 fs/namespace.c:1675
 path_umount+0x928/0x9a0 fs/namespace.c:1896
 ksys_umount fs/namespace.c:1919 [inline]
 __do_sys_umount fs/namespace.c:1924 [inline]
 __se_sys_umount fs/namespace.c:1922 [inline]
 __x64_sys_umount+0xb9/0xe0 fs/namespace.c:1922
 do_syscall_x64 arch/x86/entry/common.c:51 [inline]
 do_syscall_64+0x44/0x110 arch/x86/entry/common.c:82
 entry_SYSCALL_64_after_hwframe+0x63/0x6b

read to 0xffff888135a3e510 of 8 bytes by task 15045 on cpu 1:
 __lookup_mnt+0x83/0xf0 fs/namespace.c:696
 __follow_mount_rcu fs/namei.c:1508 [inline]
 handle_mounts fs/namei.c:1538 [inline]
 step_into+0x430/0x800 fs/namei.c:1840
 walk_component fs/namei.c:2008 [inline]
 link_path_walk+0x4d8/0x7e0 fs/namei.c:2329
 path_parentat fs/namei.c:2530 [inline]
 __filename_parentat+0x13b/0x3c0 fs/namei.c:2554
 filename_parentat fs/namei.c:2572 [inline]
 do_renameat2+0x32e/0xa40 fs/namei.c:4912
 __do_sys_rename fs/namei.c:5042 [inline]
 __se_sys_rename fs/namei.c:5040 [inline]
 __x64_sys_rename+0x5c/0x70 fs/namei.c:5040
 do_syscall_x64 arch/x86/entry/common.c:51 [inline]
 do_syscall_64+0x44/0x110 arch/x86/entry/common.c:82
 entry_SYSCALL_64_after_hwframe+0x63/0x6b

value changed: 0xffff8881330dcc80 -> 0xffff888135a3e500

Reported by Kernel Concurrency Sanitizer on:
CPU: 1 PID: 15045 Comm: udevd Not tainted 6.7.0-rc2-syzkaller-00029-g9b6de136b5f0 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023
==================================================================

Crashes (3):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2023/11/22 23:50 upstream 9b6de136b5f0 03e12510 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in __lookup_mnt / umount_tree
2023/11/16 08:48 upstream c42d9eeef8e5 cb976f63 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in __lookup_mnt / umount_tree
2023/10/23 04:14 upstream 05d3ef8bba77 361b23dc .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in __lookup_mnt / umount_tree
* Struck through repros no longer work on HEAD.