syzbot

 sign-in | mailing list | source | docs
🐞 Open [1137] 🐞 Fixed [4221] 🐞 Invalid [9375] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes

KCSAN: data-race in lookup_fast / shrink_dentry_list (3)

Status: auto-closed as invalid on 2021/03/08 10:39
Reported-by: syzbot+@syzkaller.appspotmail.com
First crash: 706d, last: 676d
similar bugs (6):
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KCSAN: data-race in lookup_fast / shrink_dentry_list (6) 1 148d 148d 0/24 auto-closed as invalid on 2022/08/18 12:57
upstream KCSAN: data-race in lookup_fast / shrink_dentry_list (4) 1 620d 620d 0/24 auto-closed as invalid on 2021/05/04 09:30
upstream KCSAN: data-race in lookup_fast / shrink_dentry_list (2) 1 769d 769d 0/24 auto-closed as invalid on 2020/12/05 11:21
upstream KCSAN: data-race in lookup_fast / shrink_dentry_list (7) 1 111d 111d 0/24 auto-closed as invalid on 2022/09/24 23:48
upstream KCSAN: data-race in lookup_fast / shrink_dentry_list (5) 1 469d 469d 0/24 auto-closed as invalid on 2021/10/01 10:16
upstream KCSAN: data-race in lookup_fast / shrink_dentry_list 3 827d 853d 0/24 auto-closed as invalid on 2020/10/08 14:19

Sample crash report:
==================================================================
BUG: KCSAN: data-race in lookup_fast / shrink_dentry_list

write to 0xffff88812f2c7780 of 4 bytes by task 13051 on cpu 1:
 d_lru_del fs/dcache.c:410 [inline]
 __dput_to_list fs/dcache.c:898 [inline]
 shrink_dentry_list+0x2e5/0x540 fs/dcache.c:1147
 shrink_dcache_parent+0x4d/0x3f0 fs/dcache.c:1575
 d_invalidate+0x6e/0x1a0 fs/dcache.c:1684
 lookup_fast+0x2ed/0x370 fs/namei.c:1509
 walk_component+0x5c/0x350 fs/namei.c:1857
 link_path_walk+0x491/0x760 fs/namei.c:2182
 path_openat+0x19c/0x20a0 fs/namei.c:3367
 do_filp_open+0xbd/0x1d0 fs/namei.c:3398
 do_sys_openat2+0xa3/0x250 fs/open.c:1172
 do_sys_open fs/open.c:1188 [inline]
 __do_sys_open fs/open.c:1196 [inline]
 __se_sys_open fs/open.c:1192 [inline]
 __x64_sys_open+0xe2/0x110 fs/open.c:1192
 do_syscall_64+0x39/0x80 arch/x86/entry/common.c:46
 entry_SYSCALL_64_after_hwframe+0x44/0xa9

read to 0xffff88812f2c7780 of 4 bytes by task 13045 on cpu 0:
 d_revalidate fs/namei.c:767 [inline]
 lookup_fast+0x7b/0x370 fs/namei.c:1505
 walk_component+0x5c/0x350 fs/namei.c:1857
 link_path_walk+0x491/0x760 fs/namei.c:2182
 path_openat+0x19c/0x20a0 fs/namei.c:3367
 do_filp_open+0xbd/0x1d0 fs/namei.c:3398
 do_sys_openat2+0xa3/0x250 fs/open.c:1172
 do_sys_open fs/open.c:1188 [inline]
 __do_sys_open fs/open.c:1196 [inline]
 __se_sys_open fs/open.c:1192 [inline]
 __x64_sys_open+0xe2/0x110 fs/open.c:1192
 do_syscall_64+0x39/0x80 arch/x86/entry/common.c:46
 entry_SYSCALL_64_after_hwframe+0x44/0xa9

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 PID: 13045 Comm: systemd-udevd Not tainted 5.11.0-rc6-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
==================================================================

Crashes (2):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Title
ci2-upstream-kcsan-gce 2021/02/01 10:34 upstream 1048ba83fb1c fc9fd31e .config log report info KCSAN: data-race in lookup_fast / shrink_dentry_list
ci2-upstream-kcsan-gce 2021/01/03 07:45 upstream 3516bd729358 79264ae3 .config log report info
* Struck through repros no longer work on HEAD.