syzbot

 sign-in | mailing list | source | docs
🐞 Open [1155] 🐞 Fixed [4318] 🐞 Invalid [9656] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes

BUG: corrupted list in p9_fd_cancelled (2)

Status: upstream: reported syz repro on 2019/08/29 03:58
Reported-by: syzbot+1d26c4ed77bc6c5ed5e6@syzkaller.appspotmail.com
First crash: 1257d, last: 7h08m

Cause bisection: failed (bisect log)

Fix bisection: failed (bisect log)
similar bugs (12):
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
android-5-10 BUG: corrupted list in p9_fd_cancelled 1 424d 424d 0/2 closed as invalid on 2022/03/01 11:24
linux-4.14 BUG: corrupted list in p9_fd_cancelled syz done 2 1157d 1203d 1/1 fixed on 2020/01/03 09:37
android-5-10 BUG: corrupted list in p9_fd_cancelled (2) 3 297d 332d 0/2 auto-closed as invalid on 2022/07/10 10:51
android-54 BUG: corrupted list in p9_fd_cancelled 3 585d 793d 0/2 auto-closed as invalid on 2021/10/25 12:29
linux-4.19 BUG: corrupted list in p9_fd_cancelled syz done 2 1177d 1240d 1/1 fixed on 2019/12/18 17:42
android-5-15 BUG: corrupted list in p9_fd_cancelled 1 4d10h 4d10h 0/2 premoderation: reported on 2023/01/29 05:13
upstream BUG: corrupted list in p9_fd_cancelled 16 1561d 1661d 0/24 auto-closed as invalid on 2019/04/23 06:51
linux-4.19 BUG: corrupted list in p9_fd_cancelled (3) 1 392d 392d 0/1 auto-closed as invalid on 2022/05/05 22:32
android-54 BUG: corrupted list in p9_fd_cancelled (2) 10 13d 436d 0/2 upstream: reported on 2021/11/23 15:00
linux-4.19 BUG: corrupted list in p9_fd_cancelled (4) 1 6d08h 6d08h 0/1 upstream: reported on 2023/01/27 06:50
linux-4.19 BUG: corrupted list in p9_fd_cancelled (2) 1 706d 706d 0/1 auto-closed as invalid on 2021/06/25 15:45
android-5-10 BUG: corrupted list in p9_fd_cancelled (3) 5 15d 161d 0/2 premoderation: reported on 2022/08/25 12:46

Sample crash report:
list_del corruption, ffff88808ecdbfb0->next is LIST_POISON1 (dead000000000100)
------------[ cut here ]------------
kernel BUG at lib/list_debug.c:45!
invalid opcode: 0000 [#1] PREEMPT SMP KASAN
CPU: 0 PID: 20174 Comm: syz-executor.1 Not tainted 5.3.0-rc5+ #125
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:__list_del_entry_valid.cold+0x23/0x4f lib/list_debug.c:45
Code: e8 d5 06 1e fe 0f 0b 4c 89 f6 48 c7 c7 e0 26 c6 87 e8 c4 06 1e fe 0f 0b 4c 89 ea 4c 89 f6 48 c7 c7 20 26 c6 87 e8 b0 06 1e fe <0f> 0b 4c 89 e2 4c 89 f6 48 c7 c7 80 26 c6 87 e8 9c 06 1e fe 0f 0b
RSP: 0018:ffff8880994076d8 EFLAGS: 00010286
RAX: 000000000000004e RBX: 1ffff11013280ee9 RCX: 0000000000000000
RDX: 0000000000000000 RSI: ffffffff815c2526 RDI: ffffed1013280ecd
RBP: ffff8880994076f0 R08: 000000000000004e R09: ffffed1015d060d1
R10: ffffed1015d060d0 R11: ffff8880ae830687 R12: dead000000000122
R13: dead000000000100 R14: ffff88808ecdbfb0 R15: ffff88808ecdbfb8
FS:  00007fb2aca54700(0000) GS:ffff8880ae800000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007ffee6574f58 CR3: 00000000a8e6d000 CR4: 00000000001406f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 __list_del_entry include/linux/list.h:131 [inline]
 list_del include/linux/list.h:139 [inline]
 p9_fd_cancelled+0x3c/0x1c0 net/9p/trans_fd.c:710
 p9_client_flush+0x1b7/0x1f0 net/9p/client.c:674
 p9_client_rpc+0x112f/0x12a0 net/9p/client.c:781
 p9_client_version net/9p/client.c:952 [inline]
 p9_client_create+0xb7f/0x1430 net/9p/client.c:1052
 v9fs_session_init+0x1e7/0x18c0 fs/9p/v9fs.c:406
 v9fs_mount+0x7d/0x920 fs/9p/vfs_super.c:120
 legacy_get_tree+0x108/0x220 fs/fs_context.c:661
 vfs_get_tree+0x8e/0x390 fs/super.c:1413
 do_new_mount fs/namespace.c:2791 [inline]
 do_mount+0x13b3/0x1c30 fs/namespace.c:3111
 ksys_mount+0xdb/0x150 fs/namespace.c:3320
 __do_sys_mount fs/namespace.c:3334 [inline]
 __se_sys_mount fs/namespace.c:3331 [inline]
 __x64_sys_mount+0xbe/0x150 fs/namespace.c:3331
 do_syscall_64+0xfd/0x6a0 arch/x86/entry/common.c:296
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x459879
Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
RSP: 002b:00007fb2aca53c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000459879
RDX: 00000000200002c0 RSI: 0000000020000040 RDI: 0000000000000000
RBP: 000000000075bfc8 R08: 0000000020000400 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb2aca546d4
R13: 00000000004c5e2f R14: 00000000004da930 R15: 00000000ffffffff
Modules linked in:
---[ end trace c76f5f29f0af3347 ]---
RIP: 0010:__list_del_entry_valid.cold+0x23/0x4f lib/list_debug.c:45
Code: e8 d5 06 1e fe 0f 0b 4c 89 f6 48 c7 c7 e0 26 c6 87 e8 c4 06 1e fe 0f 0b 4c 89 ea 4c 89 f6 48 c7 c7 20 26 c6 87 e8 b0 06 1e fe <0f> 0b 4c 89 e2 4c 89 f6 48 c7 c7 80 26 c6 87 e8 9c 06 1e fe 0f 0b
RSP: 0018:ffff8880994076d8 EFLAGS: 00010286
RAX: 000000000000004e RBX: 1ffff11013280ee9 RCX: 0000000000000000
RDX: 0000000000000000 RSI: ffffffff815c2526 RDI: ffffed1013280ecd
RBP: ffff8880994076f0 R08: 000000000000004e R09: ffffed1015d060d1
R10: ffffed1015d060d0 R11: ffff8880ae830687 R12: dead000000000122
R13: dead000000000100 R14: ffff88808ecdbfb0 R15: ffff88808ecdbfb8
FS:  00007fb2aca54700(0000) GS:ffff8880ae800000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007ffee6574f58 CR3: 00000000a8e6d000 CR4: 00000000001406f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400

Crashes (52):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets Title
ci-upstream-kasan-gce-root 2019/08/25 02:04 upstream 361469211f87 d21c5d9d .config console log report syz
ci-upstream-linux-next-kasan-gce-root 2019/10/16 13:10 linux-next 0e9d28bc6c81 d4ea592f .config console log report syz
ci-upstream-kasan-gce-root 2023/02/02 04:31 upstream 9f266ccaa2f5 9dfcf09c .config console log report info [disk image] [vmlinux] [kernel image] BUG: corrupted list in p9_fd_cancelled
ci-upstream-kasan-gce-smack-root 2023/01/30 13:31 upstream 6d796c50f84c 9dfcf09c .config console log report info [disk image] [vmlinux] [kernel image] BUG: corrupted list in p9_fd_cancelled
ci-upstream-kasan-gce-selinux-root 2023/01/28 17:58 upstream 5af6ce704936 9dfcf09c .config console log report info [disk image] [vmlinux] [kernel image] BUG: corrupted list in p9_fd_cancelled
ci-upstream-kasan-gce-smack-root 2023/01/28 15:33 upstream 5af6ce704936 9dfcf09c .config console log report info [disk image] [vmlinux] [kernel image] BUG: corrupted list in p9_fd_cancelled
ci-upstream-kasan-gce-selinux-root 2023/01/26 10:40 upstream 7c46948a6e9c 9dfcf09c .config console log report info [disk image] [vmlinux] [kernel image] BUG: corrupted list in p9_fd_cancelled
ci-upstream-kasan-gce-selinux-root 2023/01/25 15:17 upstream 948ef7bb70c4 9dfcf09c .config console log report info [disk image] [vmlinux] [kernel image] BUG: corrupted list in p9_fd_cancelled
ci-upstream-kasan-gce-smack-root 2023/01/23 07:48 upstream 2475bf0250de 44388686 .config console log report info [disk image] [vmlinux] [kernel image] BUG: corrupted list in p9_fd_cancelled
ci-upstream-kasan-gce-selinux-root 2023/01/18 08:53 upstream c1649ec55708 42660d9e .config console log report info [disk image] [vmlinux] [kernel image] BUG: corrupted list in p9_fd_cancelled
ci-upstream-kasan-gce-root 2023/01/15 03:55 upstream 7c6984405241 a63719e7 .config console log report info [disk image] [vmlinux] [kernel image] BUG: corrupted list in p9_fd_cancelled
ci-upstream-kasan-gce-root 2023/01/13 05:42 upstream c757fc92a3f7 96166539 .config console log report info [disk image] [vmlinux] [kernel image] BUG: corrupted list in p9_fd_cancelled
ci-upstream-kasan-gce-selinux-root 2023/01/12 06:53 upstream e8f60cd7db24 96166539 .config console log report info [disk image] [vmlinux] [kernel image] BUG: corrupted list in p9_fd_cancelled
ci-upstream-kasan-gce-smack-root 2023/01/10 02:45 upstream 5a41237ad1d4 1dac8c7a .config console log report info [disk image] [vmlinux] [kernel image] BUG: corrupted list in p9_fd_cancelled
ci-upstream-kasan-gce-selinux-root 2023/01/07 15:58 upstream a689b938df39 1dac8c7a .config console log report info [disk image] [vmlinux] [kernel image] BUG: corrupted list in p9_fd_cancelled
ci-upstream-kasan-gce-smack-root 2023/01/06 03:47 upstream 1f5abbd77e2c 1dac8c7a .config console log report info [disk image] [vmlinux] [kernel image] BUG: corrupted list in p9_fd_cancelled
ci-upstream-kasan-gce-smack-root 2023/01/05 12:37 upstream 512dee0c00ad 1dac8c7a .config console log report info [disk image] [vmlinux] [kernel image] BUG: corrupted list in p9_fd_cancelled
ci-upstream-kasan-gce-root 2023/01/03 20:41 upstream 69b41ac87e4a 1dac8c7a .config console log report info [disk image] [vmlinux] [kernel image] BUG: corrupted list in p9_fd_cancelled
ci-upstream-kasan-gce-smack-root 2023/01/03 19:43 upstream 69b41ac87e4a 1dac8c7a .config console log report info [disk image] [vmlinux] [kernel image] BUG: corrupted list in p9_fd_cancelled
ci-upstream-kasan-gce-root 2023/01/02 14:03 upstream 150aae354b81 ab32d508 .config console log report info [disk image] [vmlinux] [kernel image] BUG: corrupted list in p9_fd_cancelled
ci-upstream-kasan-gce-smack-root 2023/01/02 06:30 upstream 150aae354b81 ab32d508 .config console log report info [disk image] [vmlinux] [kernel image] BUG: corrupted list in p9_fd_cancelled
ci-upstream-kasan-gce-smack-root 2022/12/27 19:56 upstream 1b929c02afd3 44712fbc .config console log report info [disk image] [vmlinux] [kernel image] BUG: corrupted list in p9_fd_cancelled
ci-upstream-kasan-gce-smack-root 2022/12/22 14:43 upstream 9d2f6060fe4c c692fab1 .config console log report info [disk image] [vmlinux] [kernel image] BUG: corrupted list in p9_fd_cancelled
ci-upstream-kasan-gce-smack-root 2022/12/16 05:08 upstream 851f657a8642 6f9c033e .config console log report info [disk image] [vmlinux] [kernel image] BUG: corrupted list in p9_fd_cancelled
ci-upstream-kasan-gce-root 2022/12/08 03:37 upstream 479174d402bc d88f3abb .config console log report info [disk image] [vmlinux] [kernel image] BUG: corrupted list in p9_fd_cancelled
ci-upstream-kasan-gce-selinux-root 2022/12/02 12:10 upstream a4412fdd49dc e080de16 .config console log report info [disk image] [vmlinux] [kernel image] BUG: corrupted list in p9_fd_cancelled
ci-upstream-kasan-gce-selinux-root 2022/11/30 12:02 upstream 01f856ae6d0c 4c2a66e8 .config console log report info [disk image] [vmlinux] [kernel image] BUG: corrupted list in p9_fd_cancelled
ci-upstream-kasan-gce-smack-root 2022/11/14 06:47 upstream af7a05689189 3ead01ad .config console log report info [disk image] [vmlinux] [kernel image] BUG: corrupted list in p9_fd_cancelled
ci-upstream-kasan-gce-selinux-root 2022/10/03 16:04 upstream 4fe89d07dcc2 feb56351 .config console log report info [disk image] [vmlinux] BUG: corrupted list in p9_fd_cancelled
ci-upstream-kasan-gce-smack-root 2022/07/01 23:40 upstream a175eca0f3d7 1434eec0 .config console log report info BUG: corrupted list in p9_fd_cancelled
ci-upstream-kasan-gce-selinux-root 2022/05/16 03:01 upstream bc403203d65a 744a39e2 .config console log report info BUG: corrupted list in p9_fd_cancelled
ci-upstream-kasan-gce-smack-root 2022/04/22 10:58 upstream 59f0c2447e25 2738b391 .config console log report info BUG: corrupted list in p9_fd_cancelled
ci-upstream-kasan-gce-root 2021/12/02 22:38 upstream a51e3ac43ddb 61f86278 .config console log report info BUG: corrupted list in p9_fd_cancelled
ci-upstream-kasan-gce-root 2021/11/20 11:48 upstream 9539ba4308ad 3a9d0024 .config console log report info BUG: corrupted list in p9_fd_cancelled
ci-qemu-upstream-386 2022/09/11 20:25 upstream 4ed9c1e971b1 356d8217 .config console log report info BUG: corrupted list in p9_fd_cancelled
ci-upstream-linux-next-kasan-gce-root 2023/02/02 08:29 linux-next ea4dabbb4ad7 9dfcf09c .config console log report info [disk image] [vmlinux] [kernel image] BUG: corrupted list in p9_fd_cancelled
ci-upstream-linux-next-kasan-gce-root 2023/02/01 06:18 linux-next 66eee64b2354 9dfcf09c .config console log report info [disk image] [vmlinux] [kernel image] BUG: corrupted list in p9_fd_cancelled
ci-upstream-linux-next-kasan-gce-root 2023/01/23 21:46 linux-next 691781f561e9 9dfcf09c .config console log report info [disk image] [vmlinux] [kernel image] BUG: corrupted list in p9_fd_cancelled
ci-upstream-linux-next-kasan-gce-root 2023/01/20 20:31 linux-next d514392f17fd 559a440a .config console log report info [disk image] [vmlinux] [kernel image] BUG: corrupted list in p9_fd_cancelled
ci-upstream-linux-next-kasan-gce-root 2023/01/05 16:15 linux-next cc3c08b41a9c 1dac8c7a .config console log report info [disk image] [vmlinux] [kernel image] BUG: corrupted list in p9_fd_cancelled
ci-upstream-linux-next-kasan-gce-root 2023/01/04 08:20 linux-next c76083fac3ba 1dac8c7a .config console log report info [disk image] [vmlinux] [kernel image] BUG: corrupted list in p9_fd_cancelled
ci-upstream-linux-next-kasan-gce-root 2022/12/21 12:30 linux-next e45fb347b630 4067838e .config console log report info [disk image] [vmlinux] [kernel image] BUG: corrupted list in p9_fd_cancelled
ci-upstream-linux-next-kasan-gce-root 2022/12/05 19:10 linux-next 9e46a7996732 045cbb84 .config console log report info [disk image] [vmlinux] [kernel image] BUG: corrupted list in p9_fd_cancelled
ci-upstream-linux-next-kasan-gce-root 2022/05/16 23:06 linux-next 3f7bdc402fb0 744a39e2 .config console log report info BUG: corrupted list in p9_fd_cancelled
ci-upstream-linux-next-kasan-gce-root 2022/05/14 08:35 linux-next 1e1b28b936ae 744a39e2 .config console log report info BUG: corrupted list in p9_fd_cancelled
ci-upstream-linux-next-kasan-gce-root 2022/05/11 10:26 linux-next 38a288f5941e 8d7b3b67 .config console log report info BUG: corrupted list in p9_fd_cancelled
ci-upstream-linux-next-kasan-gce-root 2022/05/08 02:42 linux-next 38a288f5941e e60b1103 .config console log report info BUG: corrupted list in p9_fd_cancelled
ci-upstream-linux-next-kasan-gce-root 2022/05/06 22:35 linux-next 38a288f5941e e60b1103 .config console log report info BUG: corrupted list in p9_fd_cancelled
ci-upstream-linux-next-kasan-gce-root 2022/04/30 23:15 linux-next 5469f0c06732 2df221f6 .config console log report info BUG: corrupted list in p9_fd_cancelled
ci-upstream-linux-next-kasan-gce-root 2022/04/24 05:34 linux-next f1244c81da13 131df97d .config console log report info BUG: corrupted list in p9_fd_cancelled
* Struck through repros no longer work on HEAD.