syzbot

 sign-in | mailing list | source | docs
🐞 Open [1442]
Subsystems
🐞 Fixed [6934]
🐞 Invalid [18062]
Missing Backports [223]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

KCSAN: data-race in search_nested_keyrings / search_nested_keyrings (2)

Status: auto-obsoleted due to no activity on 2024/05/25 15:41
Subsystems: lsm keyrings
[Documentation on labels]
Reported-by: syzbot+fa18fbb9fd5f5972bd99@syzkaller.appspotmail.com
First crash: 672d, last: 672d
Similar bugs (3)
Kernel Title Rank 🛈 Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KCSAN: data-race in search_nested_keyrings / search_nested_keyrings (4) keyrings lsm 6 2 61d 86d 0/29 auto-obsoleted due to no activity on 2026/02/16 21:51
upstream KCSAN: data-race in search_nested_keyrings / search_nested_keyrings (3) keyrings lsm 6 1 165d 165d 0/29 auto-obsoleted due to no activity on 2025/11/05 05:48
upstream KCSAN: data-race in search_nested_keyrings / search_nested_keyrings lsm keyrings 6 3 2291d 2303d 0/29 auto-closed as invalid on 2020/01/23 16:46

Sample crash report:
==================================================================
BUG: KCSAN: data-race in search_nested_keyrings / search_nested_keyrings

write to 0xffff8881146e9d60 of 8 bytes by task 30432 on cpu 0:
 search_nested_keyrings+0x7f7/0x9d0 security/keys/keyring.c:856
 keyring_search_rcu+0xf8/0x190 security/keys/keyring.c:922
 get_user_session_keyring_rcu security/keys/process_keys.c:208 [inline]
 search_cred_keyrings_rcu+0x290/0x3b0 security/keys/process_keys.c:500
 search_process_keyrings_rcu+0x1e/0x190 security/keys/process_keys.c:544
 request_key_and_link+0x158/0xcf0 security/keys/request_key.c:618
 __do_sys_request_key security/keys/keyctl.c:222 [inline]
 __se_sys_request_key+0x1d7/0x290 security/keys/keyctl.c:167
 __x64_sys_request_key+0x55/0x70 security/keys/keyctl.c:167
 x64_sys_call+0x975/0x2d30 arch/x86/include/generated/asm/syscalls_64.h:250
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xcd/0x1d0 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

write to 0xffff8881146e9d60 of 8 bytes by task 30431 on cpu 1:
 search_nested_keyrings+0x7f7/0x9d0 security/keys/keyring.c:856
 keyring_search_rcu+0xf8/0x190 security/keys/keyring.c:922
 keyring_search+0x12e/0x1a0 security/keys/keyring.c:964
 look_up_user_keyrings+0x281/0x400 security/keys/process_keys.c:124
 lookup_user_key+0x5da/0xdf0 security/keys/process_keys.c:704
 keyctl_revoke_key security/keys/keyctl.c:385 [inline]
 __do_sys_keyctl security/keys/keyctl.c:1890 [inline]
 __se_sys_keyctl+0x48e/0xbb0 security/keys/keyctl.c:1873
 __x64_sys_keyctl+0x67/0x80 security/keys/keyctl.c:1873
 x64_sys_call+0x2bc7/0x2d30 arch/x86/include/generated/asm/syscalls_64.h:251
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xcd/0x1d0 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

value changed: 0x0000000077359564 -> 0x0000000077359568

Reported by Kernel Concurrency Sanitizer on:
CPU: 1 PID: 30431 Comm: syz-executor.0 Tainted: G        W          6.9.0-rc4-syzkaller-00214-g13a2e429f644 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
==================================================================

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2024/04/20 15:40 upstream 13a2e429f644 af24b050 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in search_nested_keyrings / search_nested_keyrings
* Struck through repros no longer work on HEAD.