syzbot


KCSAN: data-race in __d_lookup / __d_rehash (8)

Status: moderation: reported on 2024/04/20 12:09
Subsystems: fs
[Documentation on labels]
Reported-by: syzbot+da75324df105e629d3e7@syzkaller.appspotmail.com
First crash: 34d, last: 2d13h
Similar bugs (7)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KCSAN: data-race in __d_lookup / __d_rehash (6) fs 1 273d 273d 0/26 auto-obsoleted due to no activity on 2023/09/29 22:29
upstream KCSAN: data-race in __d_lookup / __d_rehash (4) ext4 1 391d 391d 0/26 auto-obsoleted due to no activity on 2023/06/04 03:50
upstream KCSAN: data-race in __d_lookup / __d_rehash fs 1 1652d 1652d 0/26 auto-closed as invalid on 2020/01/24 17:56
upstream KCSAN: data-race in __d_lookup / __d_rehash (3) fs 1 562d 562d 0/26 auto-obsoleted due to no activity on 2022/12/14 23:50
upstream KCSAN: data-race in __d_lookup / __d_rehash (2) fs 1 755d 755d 0/26 auto-closed as invalid on 2022/06/04 08:25
upstream KCSAN: data-race in __d_lookup / __d_rehash (5) ext4 2 331d 333d 0/26 auto-obsoleted due to no activity on 2023/08/02 16:55
upstream KCSAN: data-race in __d_lookup / __d_rehash (7) ext4 1 226d 226d 0/26 auto-obsoleted due to no activity on 2023/11/15 16:47

Sample crash report:
==================================================================
BUG: KCSAN: data-race in __d_lookup / __d_rehash

write to 0xffff888106570190 of 8 bytes by task 3117 on cpu 0:
 hlist_bl_add_head_rcu include/linux/rculist_bl.h:81 [inline]
 __d_rehash+0xc4/0x220 fs/dcache.c:2403
 __d_add+0x36d/0x4a0 fs/dcache.c:2618
 d_splice_alias+0xd6/0x270 fs/dcache.c:3009
 proc_sys_lookup+0x386/0x440 fs/proc/proc_sysctl.c:536
 __lookup_slow+0x184/0x250 fs/namei.c:1692
 lookup_slow+0x3c/0x60 fs/namei.c:1709
 walk_component fs/namei.c:2004 [inline]
 link_path_walk+0x621/0x810 fs/namei.c:2331
 path_openat+0x1a1/0x1da0 fs/namei.c:3803
 do_filp_open+0xf7/0x200 fs/namei.c:3834
 do_sys_openat2+0xab/0x120 fs/open.c:1406
 do_sys_open fs/open.c:1421 [inline]
 __do_sys_openat fs/open.c:1437 [inline]
 __se_sys_openat fs/open.c:1432 [inline]
 __x64_sys_openat+0xf3/0x120 fs/open.c:1432
 x64_sys_call+0x2cad/0x2d30 arch/x86/include/generated/asm/syscalls_64.h:258
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xcd/0x1d0 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

read to 0xffff888106570190 of 8 bytes by task 3127 on cpu 1:
 hlist_bl_unhashed include/linux/list_bl.h:54 [inline]
 d_unhashed include/linux/dcache.h:347 [inline]
 __d_lookup+0x10e/0x390 fs/dcache.c:2315
 lookup_fast+0x4c/0x2a0 fs/namei.c:1650
 walk_component fs/namei.c:2000 [inline]
 link_path_walk+0x403/0x810 fs/namei.c:2331
 path_openat+0x1a1/0x1da0 fs/namei.c:3803
 do_filp_open+0xf7/0x200 fs/namei.c:3834
 do_sys_openat2+0xab/0x120 fs/open.c:1406
 do_sys_open fs/open.c:1421 [inline]
 __do_sys_openat fs/open.c:1437 [inline]
 __se_sys_openat fs/open.c:1432 [inline]
 __x64_sys_openat+0xf3/0x120 fs/open.c:1432
 x64_sys_call+0x2cad/0x2d30 arch/x86/include/generated/asm/syscalls_64.h:258
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xcd/0x1d0 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

value changed: 0xffff888237b04598 -> 0xffff888106570848

Reported by Kernel Concurrency Sanitizer on:
CPU: 1 PID: 3127 Comm: syz-executor.3 Not tainted 6.9.0-syzkaller-10713-g2a8120d7b482 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
==================================================================

Crashes (2):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2024/05/22 18:26 upstream 2a8120d7b482 4d098039 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in __d_lookup / __d_rehash
2024/04/20 12:08 upstream 13a2e429f644 af24b050 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in __d_lookup / __d_rehash
* Struck through repros no longer work on HEAD.