syzbot

 sign-in | mailing list | source | docs
🐞 Open [1006] Subsystems 🐞 Fixed [5246] 🐞 Invalid [12543] Missing Backports [83] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

WARNING in chown_common

Status: moderation: reported on 2024/04/15 18:21
Subsystems: fs
[Documentation on labels]
Reported-by: syzbot+e6005053130d288e3ad7@syzkaller.appspotmail.com
First crash: 18d, last: 7d08h
Similar bugs (1)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
linux-6.1 WARNING in chown_common 1 20d 20d 0/3 upstream: reported on 2024/04/09 23:34

Sample crash report:
DEBUG_RWSEMS_WARN_ON((rwsem_owner(sem) != current) && !rwsem_test_oflags(sem, RWSEM_NONSPINNABLE)): count = 0x0, magic = 0xffff888052628e50, owner = 0x0, curr 0xffff88802d160000, list empty
WARNING: CPU: 1 PID: 27106 at kernel/locking/rwsem.c:1370 __up_write kernel/locking/rwsem.c:1369 [inline]
WARNING: CPU: 1 PID: 27106 at kernel/locking/rwsem.c:1370 up_write+0x502/0x590 kernel/locking/rwsem.c:1632
Modules linked in:
CPU: 1 PID: 27106 Comm: syz-executor.1 Not tainted 6.9.0-rc5-syzkaller-00007-g4d2008430ce8 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
RIP: 0010:__up_write kernel/locking/rwsem.c:1369 [inline]
RIP: 0010:up_write+0x502/0x590 kernel/locking/rwsem.c:1632
Code: c7 c7 20 ac ca 8b 48 c7 c6 a0 ae ca 8b 48 8b 54 24 28 48 8b 4c 24 18 4d 89 e0 4c 8b 4c 24 30 53 e8 c3 b6 e6 ff 48 83 c4 08 90 <0f> 0b 90 90 e9 6a fd ff ff 48 c7 c1 30 e9 a7 8f 80 e1 07 80 c1 03
RSP: 0018:ffffc900094c7ba0 EFLAGS: 00010296
RAX: 44aad6163caa3d00 RBX: ffffffff8bcaad00 RCX: 0000000000040000
RDX: ffffc90018e15000 RSI: 000000000002b4c9 RDI: 000000000002b4ca
RBP: ffffc900094c7c70 R08: ffffffff81587f92 R09: 1ffffffff25df6dd
R10: dffffc0000000000 R11: fffffbfff25df6de R12: 0000000000000000
R13: ffff888052628e50 R14: 1ffff92001298f7c R15: dffffc0000000000
FS:  00007ff39754b6c0(0000) GS:ffff8880b9500000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000001b2e62f000 CR3: 000000007c870000 CR4: 00000000003506f0
DR0: 0000000000002800 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 <TASK>
 inode_unlock include/linux/fs.h:800 [inline]
 chown_common+0x50e/0x850 fs/open.c:792
 do_fchownat+0x16d/0x250 fs/open.c:821
 __do_sys_chown fs/open.c:841 [inline]
 __se_sys_chown fs/open.c:839 [inline]
 __x64_sys_chown+0x82/0x90 fs/open.c:839
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xf5/0x240 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7ff39687dea9
Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007ff39754b0c8 EFLAGS: 00000246 ORIG_RAX: 000000000000005c
RAX: ffffffffffffffda RBX: 00007ff3969ac050 RCX: 00007ff39687dea9
RDX: ffffffffffffffff RSI: 0000000000000000 RDI: 0000000020000080
RBP: 00007ff3968ca4a4 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 000000000000006e R14: 00007ff3969ac050 R15: 00007ffdb55d18e8
 </TASK>

Crashes (3):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2024/04/23 08:13 upstream 4d2008430ce8 21339d7b .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root WARNING in chown_common
2024/04/22 14:18 linux-next 7b4f2bc91c15 af24b050 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-linux-next-kasan-gce-root WARNING in chown_common
2024/04/11 18:15 linux-next 4118d9533ff3 478efa7f .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-linux-next-kasan-gce-root WARNING in chown_common
* Struck through repros no longer work on HEAD.