syzbot

 sign-in | mailing list | source | docs
🐞 Open [1282]
Subsystems
🐞 Fixed [5729]
🐞 Invalid [13965]
Missing Backports [95]
Kernel Health Bugs/Month Bug Lifetimes Fuzzing Crashes
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

KCSAN: data-race in __d_lookup_rcu / __dentry_kill

Status: moderation: reported on 2024/10/14 13:44
Subsystems: fs
[Documentation on labels]
Reported-by: syzbot+3c1097664a705fd81b39@syzkaller.appspotmail.com
First crash: 1d10h, last: 1d10h

Sample crash report:
==================================================================
BUG: KCSAN: data-race in __d_lookup_rcu / __dentry_kill

read to 0xffff888113d9e3d0 of 8 bytes by task 6465 on cpu 1:
 hlist_bl_unhashed include/linux/list_bl.h:54 [inline]
 d_unhashed include/linux/dcache.h:354 [inline]
 __d_lookup_rcu+0x105/0x2a0 fs/dcache.c:2240
 lookup_fast+0x8e/0x2a0 fs/namei.c:1667
 lookup_fast_for_open fs/namei.c:3632 [inline]
 open_last_lookups fs/namei.c:3665 [inline]
 path_openat+0x41e/0x1fa0 fs/namei.c:3930
 do_filp_open+0xf7/0x200 fs/namei.c:3960
 io_openat2+0x280/0x3a0 io_uring/openclose.c:140
 io_issue_sqe+0x181/0xcc0 io_uring/io_uring.c:1739
 io_queue_sqe io_uring/io_uring.c:1953 [inline]
 io_submit_sqe io_uring/io_uring.c:2209 [inline]
 io_submit_sqes+0x6c3/0x1090 io_uring/io_uring.c:2324
 __do_sys_io_uring_enter io_uring/io_uring.c:3343 [inline]
 __se_sys_io_uring_enter+0x1ce/0x17b0 io_uring/io_uring.c:3279
 __x64_sys_io_uring_enter+0x78/0x90 io_uring/io_uring.c:3279
 x64_sys_call+0x2567/0x2d60 arch/x86/include/generated/asm/syscalls_64.h:427
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xc9/0x1c0 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

write to 0xffff888113d9e3d0 of 8 bytes by task 6466 on cpu 0:
 __d_drop fs/dcache.c:521 [inline]
 __dentry_kill+0x13e/0x4c0 fs/dcache.c:613
 dput+0x5c/0xd0 fs/dcache.c:857
 handle_mounts fs/namei.c:1579 [inline]
 step_into+0x21a/0x810 fs/namei.c:1891
 open_last_lookups fs/namei.c:3721 [inline]
 path_openat+0x1234/0x1fa0 fs/namei.c:3930
 do_filp_open+0xf7/0x200 fs/namei.c:3960
 io_openat2+0x280/0x3a0 io_uring/openclose.c:140
 io_issue_sqe+0x181/0xcc0 io_uring/io_uring.c:1739
 io_wq_submit_work+0x474/0x5f0 io_uring/io_uring.c:1848
 io_worker_handle_work+0x486/0x9d0 io_uring/io-wq.c:601
 io_wq_worker+0x286/0x820 io_uring/io-wq.c:655
 ret_from_fork+0x4b/0x60 arch/x86/kernel/process.c:147
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:244

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 UID: 0 PID: 6466 Comm: iou-wrk-6465 Not tainted 6.12.0-rc3-syzkaller-00007-g6485cf5ea253 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
==================================================================

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2024/10/14 13:43 upstream 6485cf5ea253 084d8178 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in __d_lookup_rcu / __dentry_kill
* Struck through repros no longer work on HEAD.