syzbot

 sign-in | mailing list | source | docs
🐞 Open [909] Subsystems 🐞 Fixed [4781] 🐞 Invalid [11289] Missing Backports [32] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

BUG: corrupted list in p9_fd_cancelled (2)

Status: upstream: reported syz repro on 2019/08/29 03:58
Subsystems: net v9fs
[Documentation on labels]
Reported-by: syzbot+1d26c4ed77bc6c5ed5e6@syzkaller.appspotmail.com
First crash: 1499d, last: 1d23h
Cause bisection: failed (error log, bisect log)
  
Fix bisection: failed (error log, bisect log)
  
Discussions (7)
Title Replies (including bot) Last reply
[syzbot] Monthly v9fs report (Sep 2023) 0 (1) 2023/09/11 08:39
[syzbot] Monthly v9fs report (Aug 2023) 0 (1) 2023/08/09 12:33
[syzbot] Monthly 9p report (Jul 2023) 0 (1) 2023/07/10 09:36
[syzbot] Monthly 9p report (Jun 2023) 0 (1) 2023/06/07 13:47
[syzbot] Monthly 9p report (May 2023) 0 (1) 2023/05/07 06:35
[syzbot] Monthly 9p report 0 (1) 2023/04/06 08:17
BUG: corrupted list in p9_fd_cancelled (2) 0 (1) 2019/08/29 03:58
Similar bugs (16)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
android-5-10 BUG: corrupted list in p9_fd_cancelled 1 666d 666d 0/2 closed as invalid on 2022/03/01 11:24
linux-5.15 BUG: corrupted list in p9_fd_cancelled (2) 2 25d 26d 0/3 upstream: reported on 2023/09/05 22:05
linux-4.14 BUG: corrupted list in p9_fd_cancelled syz done 2 1399d 1445d 1/1 fixed on 2020/01/03 09:37
android-6-1 BUG: corrupted list in p9_fd_cancelled 10 5d15h 138d 0/2 premoderation: reported on 2023/05/16 17:03
android-5-10 BUG: corrupted list in p9_fd_cancelled (2) 3 539d 574d 0/2 auto-closed as invalid on 2022/07/10 10:51
android-54 BUG: corrupted list in p9_fd_cancelled 3 826d 1035d 0/2 auto-closed as invalid on 2021/10/25 12:29
linux-4.19 BUG: corrupted list in p9_fd_cancelled syz done 2 1419d 1482d 1/1 fixed on 2019/12/18 17:42
linux-6.1 BUG: corrupted list in p9_fd_cancelled 29 3d18h 204d 0/3 upstream: reported on 2023/03/12 02:32
android-5-15 BUG: corrupted list in p9_fd_cancelled origin:downstream syz done 17 14d 246d 0/2 premoderation: reported syz repro on 2023/01/29 05:13
upstream BUG: corrupted list in p9_fd_cancelled net v9fs 16 1803d 1903d 0/25 auto-closed as invalid on 2019/04/23 06:51
linux-4.19 BUG: corrupted list in p9_fd_cancelled (3) 1 634d 634d 0/1 auto-closed as invalid on 2022/05/05 22:32
linux-5.15 BUG: corrupted list in p9_fd_cancelled 1 191d 191d 0/3 auto-obsoleted due to no activity on 2023/07/23 04:06
android-54 BUG: corrupted list in p9_fd_cancelled (2) syz 19 4d22h 677d 0/2 upstream: reported syz repro on 2021/11/23 15:00
linux-4.19 BUG: corrupted list in p9_fd_cancelled (4) 1 248d 248d 0/1 upstream: reported on 2023/01/27 06:50
linux-4.19 BUG: corrupted list in p9_fd_cancelled (2) 1 948d 948d 0/1 auto-closed as invalid on 2021/06/25 15:45
android-5-10 BUG: corrupted list in p9_fd_cancelled (3) syz done 26 11d 402d 0/2 premoderation: reported syz repro on 2022/08/25 12:46

Sample crash report:
list_del corruption, ffff88808ecdbfb0->next is LIST_POISON1 (dead000000000100)
------------[ cut here ]------------
kernel BUG at lib/list_debug.c:45!
invalid opcode: 0000 [#1] PREEMPT SMP KASAN
CPU: 0 PID: 20174 Comm: syz-executor.1 Not tainted 5.3.0-rc5+ #125
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:__list_del_entry_valid.cold+0x23/0x4f lib/list_debug.c:45
Code: e8 d5 06 1e fe 0f 0b 4c 89 f6 48 c7 c7 e0 26 c6 87 e8 c4 06 1e fe 0f 0b 4c 89 ea 4c 89 f6 48 c7 c7 20 26 c6 87 e8 b0 06 1e fe <0f> 0b 4c 89 e2 4c 89 f6 48 c7 c7 80 26 c6 87 e8 9c 06 1e fe 0f 0b
RSP: 0018:ffff8880994076d8 EFLAGS: 00010286
RAX: 000000000000004e RBX: 1ffff11013280ee9 RCX: 0000000000000000
RDX: 0000000000000000 RSI: ffffffff815c2526 RDI: ffffed1013280ecd
RBP: ffff8880994076f0 R08: 000000000000004e R09: ffffed1015d060d1
R10: ffffed1015d060d0 R11: ffff8880ae830687 R12: dead000000000122
R13: dead000000000100 R14: ffff88808ecdbfb0 R15: ffff88808ecdbfb8
FS:  00007fb2aca54700(0000) GS:ffff8880ae800000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007ffee6574f58 CR3: 00000000a8e6d000 CR4: 00000000001406f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 __list_del_entry include/linux/list.h:131 [inline]
 list_del include/linux/list.h:139 [inline]
 p9_fd_cancelled+0x3c/0x1c0 net/9p/trans_fd.c:710
 p9_client_flush+0x1b7/0x1f0 net/9p/client.c:674
 p9_client_rpc+0x112f/0x12a0 net/9p/client.c:781
 p9_client_version net/9p/client.c:952 [inline]
 p9_client_create+0xb7f/0x1430 net/9p/client.c:1052
 v9fs_session_init+0x1e7/0x18c0 fs/9p/v9fs.c:406
 v9fs_mount+0x7d/0x920 fs/9p/vfs_super.c:120
 legacy_get_tree+0x108/0x220 fs/fs_context.c:661
 vfs_get_tree+0x8e/0x390 fs/super.c:1413
 do_new_mount fs/namespace.c:2791 [inline]
 do_mount+0x13b3/0x1c30 fs/namespace.c:3111
 ksys_mount+0xdb/0x150 fs/namespace.c:3320
 __do_sys_mount fs/namespace.c:3334 [inline]
 __se_sys_mount fs/namespace.c:3331 [inline]
 __x64_sys_mount+0xbe/0x150 fs/namespace.c:3331
 do_syscall_64+0xfd/0x6a0 arch/x86/entry/common.c:296
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x459879
Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
RSP: 002b:00007fb2aca53c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000459879
RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
RBP: 000000000075bfc8 R08: 0000000020000400 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb2aca546d4
R13: 00000000004c5e2f R14: 00000000004da930 R15: 00000000ffffffff
Modules linked in:
---[ end trace c76f5f29f0af3347 ]---
RIP: 0010:__list_del_entry_valid.cold+0x23/0x4f lib/list_debug.c:45
Code: e8 d5 06 1e fe 0f 0b 4c 89 f6 48 c7 c7 e0 26 c6 87 e8 c4 06 1e fe 0f 0b 4c 89 ea 4c 89 f6 48 c7 c7 20 26 c6 87 e8 b0 06 1e fe <0f> 0b 4c 89 e2 4c 89 f6 48 c7 c7 80 26 c6 87 e8 9c 06 1e fe 0f 0b
RSP: 0018:ffff8880994076d8 EFLAGS: 00010286
RAX: 000000000000004e RBX: 1ffff11013280ee9 RCX: 0000000000000000
RDX: 0000000000000000 RSI: ffffffff815c2526 RDI: ffffed1013280ecd
RBP: ffff8880994076f0 R08: 000000000000004e R09: ffffed1015d060d1
R10: ffffed1015d060d0 R11: ffff8880ae830687 R12: dead000000000122
R13: dead000000000100 R14: ffff88808ecdbfb0 R15: ffff88808ecdbfb8
FS:  00007fb2aca54700(0000) GS:ffff8880ae800000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007ffee6574f58 CR3: 00000000a8e6d000 CR4: 00000000001406f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400

Crashes (215):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2019/08/25 02:04 upstream 361469211f87 d21c5d9d .config console log report syz ci-upstream-kasan-gce-root
2019/10/16 13:10 linux-next 0e9d28bc6c81 d4ea592f .config console log report syz ci-upstream-linux-next-kasan-gce-root
2023/09/30 11:52 upstream 9f3ebbef746f 8e26a358 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root BUG: corrupted list in p9_fd_cancelled
2023/09/29 22:23 upstream 71e58659bfc0 8e26a358 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root BUG: corrupted list in p9_fd_cancelled
2023/09/28 19:39 upstream 9ed22ae6be81 c2ab1e5d .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root BUG: corrupted list in p9_fd_cancelled
2023/09/27 18:33 upstream 633b47cb009d 2895a507 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root BUG: corrupted list in p9_fd_cancelled
2023/09/23 01:07 upstream 8018e02a8703 0b6a67ac .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root BUG: corrupted list in p9_fd_cancelled
2023/09/19 01:11 upstream 2cf0f7156238 0b6a67ac .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root BUG: corrupted list in p9_fd_cancelled
2023/09/18 12:04 upstream ce9ecca0238b 0b6a67ac .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root BUG: corrupted list in p9_fd_cancelled
2023/09/17 22:45 upstream e789286468a9 0b6a67ac .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root BUG: corrupted list in p9_fd_cancelled
2023/09/14 05:24 upstream aed8aee11130 0b6a67ac .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root BUG: corrupted list in p9_fd_cancelled
2023/08/30 16:28 upstream 6c1b980a7e79 84803932 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root BUG: corrupted list in p9_fd_cancelled
2023/09/24 22:27 upstream 6465e260f487 0b6a67ac .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream BUG: corrupted list in p9_fd_cancelled
2023/08/28 23:38 upstream 727dbda16b83 7ba13a15 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root BUG: corrupted list in p9_fd_cancelled
2023/08/28 22:14 upstream 727dbda16b83 7ba13a15 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root BUG: corrupted list in p9_fd_cancelled
2023/08/28 19:52 upstream 2dde18cd1d8f 7ba13a15 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root BUG: corrupted list in p9_fd_cancelled
2023/08/28 07:24 upstream 2dde18cd1d8f 03d9c195 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root BUG: corrupted list in p9_fd_cancelled
2023/08/26 13:50 upstream 7d2f353b2682 03d9c195 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root BUG: corrupted list in p9_fd_cancelled
2023/08/20 08:00 upstream 9e6c269de404 d216d8a0 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root BUG: corrupted list in p9_fd_cancelled
2023/08/18 14:36 upstream 0e8860d2125f d216d8a0 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root BUG: corrupted list in p9_fd_cancelled
2023/08/18 09:26 upstream 0e8860d2125f 74b106b6 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root BUG: corrupted list in p9_fd_cancelled
2023/08/09 20:48 upstream cacc6e22932f 13ca4cd6 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root BUG: corrupted list in p9_fd_cancelled
2023/08/09 16:27 upstream 13b937206866 13ca4cd6 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root BUG: corrupted list in p9_fd_cancelled
2023/08/07 22:32 upstream a027b2eca0b7 b1b6ae3d .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root BUG: corrupted list in p9_fd_cancelled
2023/08/06 20:36 upstream f0ab9f34e59e 4ffcc9ef .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root BUG: corrupted list in p9_fd_cancelled
2023/08/06 14:15 upstream f0ab9f34e59e 4ffcc9ef .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root BUG: corrupted list in p9_fd_cancelled
2023/08/02 23:17 upstream 4b954598a47b 39a91c18 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root BUG: corrupted list in p9_fd_cancelled
2023/07/30 14:46 upstream d31e3792919e 2a0d0f29 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root BUG: corrupted list in p9_fd_cancelled
2023/07/29 22:56 upstream 12214540ad87 92476829 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root BUG: corrupted list in p9_fd_cancelled
2023/07/25 00:40 upstream 0b5547c51827 9a0ddda3 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root BUG: corrupted list in p9_fd_cancelled
2023/07/21 01:59 upstream 57f1f9dd3abe 28847498 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root BUG: corrupted list in p9_fd_cancelled
2023/07/18 15:19 upstream fdf0eaf11452 022df2bb .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root BUG: corrupted list in p9_fd_cancelled
2023/07/18 00:49 upstream fdf0eaf11452 20f8b3c2 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root BUG: corrupted list in p9_fd_cancelled
2023/07/12 09:08 upstream 3f01e9fed845 2f19aa4f .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root BUG: corrupted list in p9_fd_cancelled
2023/07/08 01:43 upstream 4f6b6c2b2f86 668cb1fa .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root BUG: corrupted list in p9_fd_cancelled
2023/07/07 20:52 upstream 4f6b6c2b2f86 22ae5830 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root BUG: corrupted list in p9_fd_cancelled
2023/07/07 06:11 upstream a452483508d7 22ae5830 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root BUG: corrupted list in p9_fd_cancelled
2023/07/07 02:45 upstream a452483508d7 1a2f6297 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root BUG: corrupted list in p9_fd_cancelled
2023/07/06 12:40 upstream c17414a273b8 1a2f6297 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root BUG: corrupted list in p9_fd_cancelled
2023/06/30 17:52 upstream 6f612579be9d 01298212 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root BUG: corrupted list in p9_fd_cancelled
2023/06/30 06:54 upstream e8f75c0270d9 7b33cf8f .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root BUG: corrupted list in p9_fd_cancelled
2023/06/26 11:43 upstream 6995e2de6891 09ffe269 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root BUG: corrupted list in p9_fd_cancelled
2023/06/20 05:34 upstream 692b7dc87ca6 d521bc56 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root BUG: corrupted list in p9_fd_cancelled
2023/06/16 05:24 upstream 62d8779610bb f3921d4d .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root BUG: corrupted list in p9_fd_cancelled
2023/06/14 06:58 upstream b6dad5178cea d2ee9228 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root BUG: corrupted list in p9_fd_cancelled
2023/06/12 14:00 upstream 858fd168a95c 7086cdb9 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root BUG: corrupted list in p9_fd_cancelled
2023/06/11 01:17 upstream 022ce8862dff 7086cdb9 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root BUG: corrupted list in p9_fd_cancelled
2023/06/10 23:44 upstream 022ce8862dff 7086cdb9 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root BUG: corrupted list in p9_fd_cancelled
2022/09/11 20:25 upstream 4ed9c1e971b1 356d8217 .config console log report info ci-qemu-upstream-386 BUG: corrupted list in p9_fd_cancelled
2023/08/18 16:21 linux-next 7271b2a53042 d216d8a0 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-linux-next-kasan-gce-root BUG: corrupted list in p9_fd_cancelled
2023/07/25 07:08 linux-next 1e25dd777248 9a0ddda3 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-linux-next-kasan-gce-root BUG: corrupted list in p9_fd_cancelled
2023/07/12 13:56 linux-next 40b055fe7f27 979d5fe2 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-linux-next-kasan-gce-root BUG: corrupted list in p9_fd_cancelled
2023/07/10 07:25 linux-next fe57d0d86f03 668cb1fa .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-linux-next-kasan-gce-root BUG: corrupted list in p9_fd_cancelled
2023/06/28 13:22 linux-next 5c875096d590 8064cb02 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-linux-next-kasan-gce-root BUG: corrupted list in p9_fd_cancelled
2023/02/14 00:29 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 2d3827b3f393 93ae7e0a .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 BUG: corrupted list in p9_fd_cancelled
* Struck through repros no longer work on HEAD.