syzbot


KCSAN: data-race in __lookup_mnt / __se_sys_pivot_root (5)

Status: moderation: reported on 2024/03/10 19:06
Subsystems: fs
[Documentation on labels]
Reported-by: syzbot+7bf44f051505e4d8256d@syzkaller.appspotmail.com
First crash: 33d, last: 33d
Similar bugs (4)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KCSAN: data-race in __lookup_mnt / __se_sys_pivot_root (2) fs 1 590d 590d 0/26 auto-closed as invalid on 2022/10/06 11:23
upstream KCSAN: data-race in __lookup_mnt / __se_sys_pivot_root (3) fs 1 319d 319d 0/26 auto-obsoleted due to no activity on 2023/07/04 03:34
upstream KCSAN: data-race in __lookup_mnt / __se_sys_pivot_root (4) fs 1 104d 104d 0/26 auto-obsoleted due to no activity on 2024/02/04 14:49
upstream KCSAN: data-race in __lookup_mnt / __se_sys_pivot_root fs 1 845d 845d 0/26 auto-closed as invalid on 2022/01/23 16:01

Sample crash report:
==================================================================
BUG: KCSAN: data-race in __lookup_mnt / __se_sys_pivot_root

write to 0xffff8881862fbc98 of 8 bytes by task 21637 on cpu 0:
 unhash_mnt fs/namespace.c:892 [inline]
 umount_mnt fs/namespace.c:906 [inline]
 __do_sys_pivot_root fs/namespace.c:4246 [inline]
 __se_sys_pivot_root+0x66c/0x1090 fs/namespace.c:4179
 __x64_sys_pivot_root+0x31/0x40 fs/namespace.c:4179
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xcd/0x1d0 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x63/0x6b

read to 0xffff8881862fbc98 of 8 bytes by task 21636 on cpu 1:
 __lookup_mnt+0xa0/0xf0 fs/namespace.c:701
 __follow_mount_rcu fs/namei.c:1507 [inline]
 handle_mounts fs/namei.c:1537 [inline]
 step_into+0x430/0x800 fs/namei.c:1843
 walk_component+0x164/0x230 fs/namei.c:2011
 lookup_last fs/namei.c:2462 [inline]
 path_lookupat+0x10a/0x2a0 fs/namei.c:2486
 filename_lookup+0x126/0x300 fs/namei.c:2515
 user_path_at_empty+0x42/0x120 fs/namei.c:2924
 user_path_at include/linux/namei.h:57 [inline]
 __do_sys_pivot_root fs/namespace.c:4195 [inline]
 __se_sys_pivot_root+0x113/0x1090 fs/namespace.c:4179
 __x64_sys_pivot_root+0x31/0x40 fs/namespace.c:4179
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xcd/0x1d0 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x63/0x6b

value changed: 0xffff88816c14e000 -> 0xffff8881004400c0

Reported by Kernel Concurrency Sanitizer on:
CPU: 1 PID: 21636 Comm: syz-executor.4 Not tainted 6.8.0-rc7-syzkaller-00238-g005f6f34bd47 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/29/2024
==================================================================

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2024/03/10 19:05 upstream 005f6f34bd47 6ee49f2e .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in __lookup_mnt / __se_sys_pivot_root
* Struck through repros no longer work on HEAD.