syzbot


BUG: corrupted list in p9_fd_cancelled (2)

Status: auto-obsoleted due to no activity on 2024/06/03 04:59
Subsystems: v9fs
[Documentation on labels]
Reported-by: syzbot+1d26c4ed77bc6c5ed5e6@syzkaller.appspotmail.com
First crash: 1936d, last: 276d
Cause bisection: failed (error log, bisect log)
  
Discussions (13)
Title Replies (including bot) Last reply
[syzbot] Monthly v9fs report (Mar 2024) 0 (1) 2024/03/19 07:26
[syzbot] Monthly v9fs report (Feb 2024) 0 (1) 2024/02/16 13:23
[syzbot] Monthly net report (Jan 2024) 0 (1) 2024/01/26 21:54
[syzbot] Monthly net report (Nov 2023) 5 (6) 2023/11/28 15:05
[syzbot] Monthly v9fs report (Nov 2023) 0 (1) 2023/11/22 09:42
[syzbot] Monthly v9fs report (Oct 2023) 0 (1) 2023/10/11 14:38
[syzbot] Monthly v9fs report (Sep 2023) 0 (1) 2023/09/11 08:39
[syzbot] Monthly v9fs report (Aug 2023) 0 (1) 2023/08/09 12:33
[syzbot] Monthly 9p report (Jul 2023) 0 (1) 2023/07/10 09:36
[syzbot] Monthly 9p report (Jun 2023) 0 (1) 2023/06/07 13:47
[syzbot] Monthly 9p report (May 2023) 0 (1) 2023/05/07 06:35
[syzbot] Monthly 9p report 0 (1) 2023/04/06 08:17
BUG: corrupted list in p9_fd_cancelled (2) 0 (1) 2019/08/29 03:58
Similar bugs (21)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
android-5-10 BUG: corrupted list in p9_fd_cancelled 1 1102d 1102d 0/2 closed as invalid on 2022/03/01 11:24
linux-5.15 BUG: corrupted list in p9_fd_cancelled (2) 4 378d 463d 0/3 auto-obsoleted due to no activity on 2024/03/09 04:25
linux-4.14 BUG: corrupted list in p9_fd_cancelled syz done 2 1836d 1882d 1/1 fixed on 2020/01/03 09:37
android-6-1 BUG: corrupted list in p9_fd_cancelled 27 203d 575d 0/2 auto-obsoleted due to no activity on 2024/08/20 17:39
android-5-10 BUG: corrupted list in p9_fd_cancelled (2) 3 975d 1011d 0/2 auto-closed as invalid on 2022/07/10 10:51
android-6-1 BUG: corrupted list in p9_fd_cancelled (2) 6 2d05h 103d 0/2 premoderation: reported on 2024/08/31 06:31
android-54 BUG: corrupted list in p9_fd_cancelled 3 1263d 1472d 0/2 auto-closed as invalid on 2021/10/25 12:29
linux-5.15 BUG: corrupted list in p9_fd_cancelled (3) origin:lts-only syz 2 32d 91d 0/3 upstream: reported syz repro on 2024/09/11 14:53
linux-4.19 BUG: corrupted list in p9_fd_cancelled syz done 2 1856d 1919d 1/1 fixed on 2019/12/18 17:42
linux-6.1 BUG: corrupted list in p9_fd_cancelled 56 257d 641d 0/3 auto-obsoleted due to no activity on 2024/07/04 11:58
linux-6.1 BUG: corrupted list in p9_fd_cancelled (2) 1 87d 87d 0/3 upstream: reported on 2024/09/15 10:47
android-5-15 BUG: corrupted list in p9_fd_cancelled origin:upstream missing-backport syz done error 30 28d 683d 0/2 premoderation: reported syz repro on 2023/01/29 05:13
upstream BUG: corrupted list in p9_fd_cancelled v9fs 16 2240d 2340d 0/28 auto-closed as invalid on 2019/04/23 06:51
linux-4.19 BUG: corrupted list in p9_fd_cancelled (3) 1 1071d 1071d 0/1 auto-closed as invalid on 2022/05/05 22:32
linux-5.15 BUG: corrupted list in p9_fd_cancelled 1 628d 628d 0/3 auto-obsoleted due to no activity on 2023/07/23 04:06
android-54 BUG: corrupted list in p9_fd_cancelled (2) syz 25 250d 1114d 0/2 auto-obsoleted due to no activity on 2024/07/14 15:48
upstream BUG: corrupted list in p9_fd_cancelled (3) v9fs 9 19d 89d 0/28 upstream: reported on 2024/09/14 04:00
android-5-10 BUG: corrupted list in p9_fd_cancelled (4) 4 78d 188d 0/2 premoderation: reported on 2024/06/07 05:15
linux-4.19 BUG: corrupted list in p9_fd_cancelled (4) 1 685d 685d 0/1 upstream: reported on 2023/01/27 06:50
linux-4.19 BUG: corrupted list in p9_fd_cancelled (2) 1 1385d 1385d 0/1 auto-closed as invalid on 2021/06/25 15:45
android-5-10 BUG: corrupted list in p9_fd_cancelled (3) C done unreliable 38 318d 403d 0/2 auto-obsoleted due to no activity on 2024/05/07 18:52
Last patch testing requests (2)
Created Duration User Patch Repo Result
2024/02/05 22:52 21m retest repro upstream OK log
2024/02/05 04:54 25m retest repro linux-next OK log
Fix bisection attempts (1)
Created Duration User Patch Repo Result
2019/09/24 03:09 17m bisect fix upstream error job log
marked invalid by web-security-scanner@google.com
Cause bisection attempts (2)
Created Duration User Patch Repo Result
2024/01/16 15:46 7m bisect linux-next error job log
2019/08/25 02:04 17m bisect upstream error job log
marked invalid by web-security-scanner@google.com

Sample crash report:
list_del corruption, ffff88808ecdbfb0->next is LIST_POISON1 (dead000000000100)
------------[ cut here ]------------
kernel BUG at lib/list_debug.c:45!
invalid opcode: 0000 [#1] PREEMPT SMP KASAN
CPU: 0 PID: 20174 Comm: syz-executor.1 Not tainted 5.3.0-rc5+ #125
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:__list_del_entry_valid.cold+0x23/0x4f lib/list_debug.c:45
Code: e8 d5 06 1e fe 0f 0b 4c 89 f6 48 c7 c7 e0 26 c6 87 e8 c4 06 1e fe 0f 0b 4c 89 ea 4c 89 f6 48 c7 c7 20 26 c6 87 e8 b0 06 1e fe <0f> 0b 4c 89 e2 4c 89 f6 48 c7 c7 80 26 c6 87 e8 9c 06 1e fe 0f 0b
RSP: 0018:ffff8880994076d8 EFLAGS: 00010286
RAX: 000000000000004e RBX: 1ffff11013280ee9 RCX: 0000000000000000
RDX: 0000000000000000 RSI: ffffffff815c2526 RDI: ffffed1013280ecd
RBP: ffff8880994076f0 R08: 000000000000004e R09: ffffed1015d060d1
R10: ffffed1015d060d0 R11: ffff8880ae830687 R12: dead000000000122
R13: dead000000000100 R14: ffff88808ecdbfb0 R15: ffff88808ecdbfb8
FS:  00007fb2aca54700(0000) GS:ffff8880ae800000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007ffee6574f58 CR3: 00000000a8e6d000 CR4: 00000000001406f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 __list_del_entry include/linux/list.h:131 [inline]
 list_del include/linux/list.h:139 [inline]
 p9_fd_cancelled+0x3c/0x1c0 net/9p/trans_fd.c:710
 p9_client_flush+0x1b7/0x1f0 net/9p/client.c:674
 p9_client_rpc+0x112f/0x12a0 net/9p/client.c:781
 p9_client_version net/9p/client.c:952 [inline]
 p9_client_create+0xb7f/0x1430 net/9p/client.c:1052
 v9fs_session_init+0x1e7/0x18c0 fs/9p/v9fs.c:406
 v9fs_mount+0x7d/0x920 fs/9p/vfs_super.c:120
 legacy_get_tree+0x108/0x220 fs/fs_context.c:661
 vfs_get_tree+0x8e/0x390 fs/super.c:1413
 do_new_mount fs/namespace.c:2791 [inline]
 do_mount+0x13b3/0x1c30 fs/namespace.c:3111
 ksys_mount+0xdb/0x150 fs/namespace.c:3320
 __do_sys_mount fs/namespace.c:3334 [inline]
 __se_sys_mount fs/namespace.c:3331 [inline]
 __x64_sys_mount+0xbe/0x150 fs/namespace.c:3331
 do_syscall_64+0xfd/0x6a0 arch/x86/entry/common.c:296
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x459879
Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
RSP: 002b:00007fb2aca53c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000459879
RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
RBP: 000000000075bfc8 R08: 0000000020000400 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb2aca546d4
R13: 00000000004c5e2f R14: 00000000004da930 R15: 00000000ffffffff
Modules linked in:
---[ end trace c76f5f29f0af3347 ]---
RIP: 0010:__list_del_entry_valid.cold+0x23/0x4f lib/list_debug.c:45
Code: e8 d5 06 1e fe 0f 0b 4c 89 f6 48 c7 c7 e0 26 c6 87 e8 c4 06 1e fe 0f 0b 4c 89 ea 4c 89 f6 48 c7 c7 20 26 c6 87 e8 b0 06 1e fe <0f> 0b 4c 89 e2 4c 89 f6 48 c7 c7 80 26 c6 87 e8 9c 06 1e fe 0f 0b
RSP: 0018:ffff8880994076d8 EFLAGS: 00010286
RAX: 000000000000004e RBX: 1ffff11013280ee9 RCX: 0000000000000000
RDX: 0000000000000000 RSI: ffffffff815c2526 RDI: ffffed1013280ecd
RBP: ffff8880994076f0 R08: 000000000000004e R09: ffffed1015d060d1
R10: ffffed1015d060d0 R11: ffff8880ae830687 R12: dead000000000122
R13: dead000000000100 R14: ffff88808ecdbfb0 R15: ffff88808ecdbfb8
FS:  00007fb2aca54700(0000) GS:ffff8880ae800000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007ffee6574f58 CR3: 00000000a8e6d000 CR4: 00000000001406f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400

Crashes (273):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2019/08/25 02:04 upstream 361469211f87 d21c5d9d .config console log report syz ci-upstream-kasan-gce-root
2019/10/16 13:10 linux-next 0e9d28bc6c81 d4ea592f .config console log report syz ci-upstream-linux-next-kasan-gce-root
2024/03/10 21:58 upstream 137e0ec05aeb 6ee49f2e .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root BUG: corrupted list in p9_fd_cancelled
2024/03/10 03:51 upstream 005f6f34bd47 6ee49f2e .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root BUG: corrupted list in p9_fd_cancelled
2024/03/03 04:19 upstream 04b8076df253 25905f5d .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root BUG: corrupted list in p9_fd_cancelled
2024/03/02 13:42 upstream 5ad3cb0ed525 25905f5d .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root BUG: corrupted list in p9_fd_cancelled
2024/02/24 05:23 upstream 603c04e27c3e 8d446f15 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root BUG: corrupted list in p9_fd_cancelled
2024/02/24 03:00 upstream 603c04e27c3e 8d446f15 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root BUG: corrupted list in p9_fd_cancelled
2024/02/22 11:50 upstream 39133352cbed 345111b5 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root BUG: corrupted list in p9_fd_cancelled
2024/02/07 05:27 upstream 99bd3cb0d12e 6404acf9 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root BUG: corrupted list in p9_fd_cancelled
2024/01/21 23:49 upstream 6613476e225e 9bd8dcda .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root BUG: corrupted list in p9_fd_cancelled
2024/01/21 12:49 upstream 7a396820222d 9bd8dcda .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root BUG: corrupted list in p9_fd_cancelled
2024/01/09 13:23 upstream 9f8413c4a66f 4807fb37 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root BUG: corrupted list in p9_fd_cancelled
2024/01/09 10:35 upstream 9f8413c4a66f 4c0fd4bb .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root BUG: corrupted list in p9_fd_cancelled
2024/01/07 00:01 upstream 52b1853b080a d0304e9c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root BUG: corrupted list in p9_fd_cancelled
2024/01/05 21:04 upstream 6d0dc8559c84 d0304e9c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root BUG: corrupted list in p9_fd_cancelled
2023/12/31 15:15 upstream 453f5db0619e fb427a07 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root BUG: corrupted list in p9_fd_cancelled
2023/12/30 23:29 upstream 453f5db0619e fb427a07 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root BUG: corrupted list in p9_fd_cancelled
2023/12/29 00:33 upstream 505e701c0b2c fb427a07 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root BUG: corrupted list in p9_fd_cancelled
2023/12/23 20:22 upstream 5254c0cbc92d fb427a07 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root BUG: corrupted list in p9_fd_cancelled
2023/12/22 21:53 upstream 5414aea7b750 fb427a07 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root BUG: corrupted list in p9_fd_cancelled
2023/12/22 19:44 upstream 5414aea7b750 fb427a07 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root BUG: corrupted list in p9_fd_cancelled
2023/12/18 23:45 upstream 2cf4f94d8e86 3222d10c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root BUG: corrupted list in p9_fd_cancelled
2023/12/15 14:08 upstream 3f7168591ebf 3222d10c .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root BUG: corrupted list in p9_fd_cancelled
2023/12/12 05:35 upstream 26aff849438c 28b24332 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root BUG: corrupted list in p9_fd_cancelled
2023/12/09 05:38 upstream f2e8a57ee903 28b24332 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root BUG: corrupted list in p9_fd_cancelled
2023/12/07 23:57 upstream 9ace34a8e446 28b24332 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root BUG: corrupted list in p9_fd_cancelled
2023/12/06 17:21 upstream bee0e7762ad2 e3299f55 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root BUG: corrupted list in p9_fd_cancelled
2023/12/05 01:34 upstream bee0e7762ad2 f819d6f7 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root BUG: corrupted list in p9_fd_cancelled
2023/11/28 22:18 upstream 18d46e76d7c2 1adfb6f6 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root BUG: corrupted list in p9_fd_cancelled
2023/11/28 17:11 upstream df60cee26a2e 1adfb6f6 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root BUG: corrupted list in p9_fd_cancelled
2023/11/26 14:12 upstream 090472ed9c92 5b429f39 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root BUG: corrupted list in p9_fd_cancelled
2023/11/24 04:28 upstream d3fa86b1a7b4 5b429f39 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root BUG: corrupted list in p9_fd_cancelled
2023/11/20 15:28 upstream 98b1cc82c4af cb976f63 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root BUG: corrupted list in p9_fd_cancelled
2023/11/18 08:16 upstream 791c8ab095f7 cb976f63 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root BUG: corrupted list in p9_fd_cancelled
2023/11/15 08:29 upstream 86d11b0e20c0 cb976f63 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root BUG: corrupted list in p9_fd_cancelled
2023/11/14 07:21 upstream 9bacdd8996c7 cb976f63 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root BUG: corrupted list in p9_fd_cancelled
2023/11/12 08:16 upstream 1b907d050735 6d6dbf8a .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root BUG: corrupted list in p9_fd_cancelled
2023/11/10 01:34 upstream 4bbdb725a36b 56230772 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root BUG: corrupted list in p9_fd_cancelled
2023/11/08 12:29 upstream 305230142ae0 83211397 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root BUG: corrupted list in p9_fd_cancelled
2023/11/02 12:05 upstream babe393974de b5f07fd3 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root BUG: corrupted list in p9_fd_cancelled
2023/10/29 08:00 upstream 2af9b20dbb39 3c418d72 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root BUG: corrupted list in p9_fd_cancelled
2023/10/26 23:46 upstream 3a568e3a961b 23afc60f .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root BUG: corrupted list in p9_fd_cancelled
2023/10/26 04:05 upstream 611da07b89fd 72e794c4 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-badwrites-root BUG: corrupted list in p9_fd_cancelled
2023/10/24 20:16 upstream d88520ad73b7 17e6d526 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-selinux-root BUG: corrupted list in p9_fd_cancelled
2023/10/24 14:48 upstream d88520ad73b7 af8d2e46 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root BUG: corrupted list in p9_fd_cancelled
2023/10/22 07:23 upstream 1acfd2bd3f0d 361b23dc .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-root BUG: corrupted list in p9_fd_cancelled
2023/10/21 18:25 upstream 9c5d00cb7b6b 361b23dc .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root BUG: corrupted list in p9_fd_cancelled
2023/10/20 22:31 upstream c3200081020d a42250d2 .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-kasan-gce-smack-root BUG: corrupted list in p9_fd_cancelled
2024/03/08 12:51 upstream 3aaa8ce7a335 8e75c913 .config console log report info [disk image (non-bootable)] [vmlinux] [kernel image] ci-qemu-upstream BUG: corrupted list in p9_fd_cancelled
2022/09/11 20:25 upstream 4ed9c1e971b1 356d8217 .config console log report info ci-qemu-upstream-386 BUG: corrupted list in p9_fd_cancelled
2024/01/04 08:30 linux-next d0b3c8aa5e37 28c42cff .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-linux-next-kasan-gce-root BUG: corrupted list in p9_fd_cancelled
2023/02/14 00:29 git://git.kernel.org/pub/scm/linux/kernel/git/arm64/linux.git for-kernelci 2d3827b3f393 93ae7e0a .config console log report info [disk image] [vmlinux] [kernel image] ci-upstream-gce-arm64 BUG: corrupted list in p9_fd_cancelled
* Struck through repros no longer work on HEAD.