syzbot

 sign-in | mailing list | source | docs
🐞 Open [707]
🐞 Fixed [106]
🐞 Invalid [623]
Missing Backports [57]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
💬 Send us feedback

kernel BUG in reiserfs_rename

Status: upstream: reported C repro on 2023/09/29 12:23
Bug presence: origin:upstream
Labels: missing-backport
[Documentation on labels]
Reported-by: syzbot+a89eaa265d749c0ffb2e@syzkaller.appspotmail.com
First crash: 487d, last: 140d
Fix commit to backport (bisect log) :
tree: upstream
commit 18048c1af7836b8e31739d9eaefebc2bf76261f7
Author: Gulam Mohamed <gulam.mohamed@oracle.com>
Date: Tue Jun 18 16:40:42 2024 +0000

  loop: Fix a race between loop detach and loop open

  
Fix bisection: the issue occurs on the latest tested release (bisect log)
Crash: kernel BUG in drop_new_inode (log)
Repro: C syz .config
  
Bug presence (3)
Date Name Commit Repro Result
2024/08/10 linux-6.1.y (ToT) 48d525b0e463 C [report] INFO: rcu detected stall in corrupted
2023/09/29 upstream (ToT) 9ed22ae6be81 C [report] kernel BUG in reiserfs_rename
2024/08/10 upstream (ToT) 34ac1e82e5a7 C Didn't crash
Similar bugs (2)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
linux-5.15 kernel BUG in reiserfs_rename origin:upstream missing-backport C error 1 33d 372d 0/3 upstream: reported C repro on 2024/01/22 10:19
upstream kernel BUG in reiserfs_rename reiserfs C unreliable done 6 375d 550d 0/28 auto-obsoleted due to no activity on 2024/04/28 17:48
Fix bisection attempts (11)
Created Duration User Patch Repo Result
2024/09/13 14:26 8h39m fix candidate upstream OK (1) job log
2024/09/10 19:51 3h33m bisect fix linux-6.1.y OK (0) job log log
2024/08/07 09:02 3h25m bisect fix linux-6.1.y OK (0) job log log
2024/06/28 00:55 2h16m bisect fix linux-6.1.y OK (0) job log log
2024/05/19 20:23 2h22m bisect fix linux-6.1.y OK (0) job log log
2024/04/14 15:07 3h36m bisect fix linux-6.1.y OK (0) job log log
2024/03/12 14:48 2h27m bisect fix linux-6.1.y OK (0) job log log
2024/02/03 14:01 2h26m (2) bisect fix linux-6.1.y OK (0) job log log
2023/12/31 01:10 2h17m bisect fix linux-6.1.y OK (0) job log log
2023/11/30 20:50 2h20m bisect fix linux-6.1.y OK (0) job log log
2023/10/30 19:17 2h28m bisect fix linux-6.1.y OK (0) job log log

Sample crash report:
REISERFS (device loop5): Remounting filesystem read-only
REISERFS panic (device loop5): vs-7050 reiserfs_rename: new entry is found, new inode == 0
------------[ cut here ]------------
kernel BUG at fs/reiserfs/prints.c:390!
Internal error: Oops - BUG: 00000000f2000800 [#1] PREEMPT SMP
Modules linked in:
CPU: 1 PID: 5482 Comm: syz-executor227 Not tainted 6.1.55-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023
pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
pc : __reiserfs_panic+0x150/0x154 fs/reiserfs/prints.c:384
lr : __reiserfs_panic+0x150/0x154 fs/reiserfs/prints.c:384
sp : ffff80001ee57140
x29: ffff80001ee57200 x28: ffff80001ee574c0 x27: ffff80001ee577d0
x26: ffff0000e2210858 x25: ffff0000e2210830 x24: ffff80001ee571c0
x23: ffff80001ee57180 x22: ffff80001237ce60 x21: ffff0000d89f0000
x20: ffff80001237ce40 x19: ffff800014ff2735 x18: 1fffe000368adf76
x17: ffff8000158ad000 x16: ffff80001211ccf4 x15: ffff0001b456fbbc
x14: 1ffff00002b160b0 x13: dfff800000000000 x12: 0000000000000001
x11: ff808000083456f8 x10: 0000000000000000 x9 : c41c279a4e83cf00
x8 : c41c279a4e83cf00 x7 : ffff80000827cb3c x6 : 0000000000000000
x5 : 0000000000000080 x4 : 0000000000000001 x3 : ffff80000aa80ecc
x2 : ffff0001b456fcd0 x1 : 0000000100000000 x0 : 000000000000005a
Call trace:
 __reiserfs_panic+0x150/0x154 fs/reiserfs/prints.c:384
 reiserfs_rename+0x19d8/0x1c88 fs/reiserfs/namei.c:1427
 vfs_rename+0x8b8/0xd04 fs/namei.c:4785
 do_renameat2+0x980/0x1040 fs/namei.c:4935
 __do_sys_renameat fs/namei.c:4975 [inline]
 __se_sys_renameat fs/namei.c:4972 [inline]
 __arm64_sys_renameat+0xc8/0xe4 fs/namei.c:4972
 __invoke_syscall arch/arm64/kernel/syscall.c:38 [inline]
 invoke_syscall+0x98/0x2c0 arch/arm64/kernel/syscall.c:52
 el0_svc_common+0x138/0x258 arch/arm64/kernel/syscall.c:142
 do_el0_svc+0x64/0x218 arch/arm64/kernel/syscall.c:206
 el0_svc+0x58/0x168 arch/arm64/kernel/entry-common.c:637
 el0t_64_sync_handler+0x84/0xf0 arch/arm64/kernel/entry-common.c:655
 el0t_64_sync+0x18c/0x190 arch/arm64/kernel/entry.S:581
Code: d0086765 912180a5 aa1303e4 95c68c3f (d4210000) 
---[ end trace 0000000000000000 ]---

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2023/09/29 12:22 linux-6.1.y d23900f974e0 d265efd8 .config console log report syz C [disk image] [vmlinux] [kernel image] [mounted in repro] ci2-linux-6-1-kasan-arm64 kernel BUG in reiserfs_rename
* Struck through repros no longer work on HEAD.