syzbot

 sign-in | mailing list | source | docs
🐞 Open [1563]
Subsystems
🐞 Fixed [6341]
🐞 Invalid [16164]
Missing Backports [193]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

KCSAN: data-race in tomoyo_check_path_acl / tomoyo_merge_path_acl (3)

Status: auto-closed as invalid on 2021/03/03 19:29
Subsystems: tomoyo
[Documentation on labels]
First crash: 1616d, last: 1616d
Similar bugs (2)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KCSAN: data-race in tomoyo_check_path_acl / tomoyo_merge_path_acl tomoyo 10 1971d 2074d 0/29 auto-closed as invalid on 2020/04/17 02:14
upstream KCSAN: data-race in tomoyo_check_path_acl / tomoyo_merge_path_acl (2) tomoyo 2 1689d 1667d 0/29 auto-closed as invalid on 2020/12/21 11:51

Sample crash report:
==================================================================
BUG: KCSAN: data-race in tomoyo_check_path_acl / tomoyo_merge_path_acl

write to 0xffff88812968e9da of 2 bytes by task 8425 on cpu 0:
 tomoyo_merge_path_acl+0x4c/0x70 security/tomoyo/file.c:372
 tomoyo_update_domain+0x337/0x3a0 security/tomoyo/domain.c:131
 tomoyo_update_path_acl security/tomoyo/file.c:398 [inline]
 tomoyo_write_file+0x210/0x910 security/tomoyo/file.c:1022
 tomoyo_write_domain2 security/tomoyo/common.c:1152 [inline]
 tomoyo_add_entry security/tomoyo/common.c:2042 [inline]
 tomoyo_supervisor+0xaad/0xb20 security/tomoyo/common.c:2103
 tomoyo_audit_path_log security/tomoyo/file.c:168 [inline]
 tomoyo_path_permission security/tomoyo/file.c:587 [inline]
 tomoyo_path_perm+0x261/0x330 security/tomoyo/file.c:838
 tomoyo_path_truncate+0x18/0x20 security/tomoyo/tomoyo.c:135
 security_path_truncate+0x7f/0xd0 security/security.c:1146
 do_sys_ftruncate+0x38d/0x530 fs/open.c:193
 __do_sys_ftruncate fs/open.c:205 [inline]
 __se_sys_ftruncate fs/open.c:203 [inline]
 __x64_sys_ftruncate+0x2f/0x40 fs/open.c:203
 do_syscall_64+0x39/0x80 arch/x86/entry/common.c:46
 entry_SYSCALL_64_after_hwframe+0x44/0xa9

read to 0xffff88812968e9da of 2 bytes by task 8446 on cpu 1:
 tomoyo_check_path_acl+0x1e/0xe0 security/tomoyo/file.c:258
 tomoyo_check_acl+0xcc/0x200 security/tomoyo/domain.c:175
 tomoyo_execute_permission+0xa1/0x190 security/tomoyo/file.c:615
 tomoyo_find_next_domain+0x213/0x10a0 security/tomoyo/domain.c:752
 tomoyo_bprm_check_security+0x96/0xd0 security/tomoyo/tomoyo.c:101
 security_bprm_check+0x3f/0x90 security/security.c:842
 search_binary_handler fs/exec.c:1704 [inline]
 exec_binprm+0x143/0x720 fs/exec.c:1757
 bprm_execve+0x37e/0x4f0 fs/exec.c:1826
 do_execveat_common+0x60c/0x6c0 fs/exec.c:1915
 do_execve fs/exec.c:1983 [inline]
 __do_sys_execve fs/exec.c:2059 [inline]
 __se_sys_execve fs/exec.c:2054 [inline]
 __x64_sys_execve+0x56/0x70 fs/exec.c:2054
 do_syscall_64+0x39/0x80 arch/x86/entry/common.c:46
 entry_SYSCALL_64_after_hwframe+0x44/0xa9

Reported by Kernel Concurrency Sanitizer on:
CPU: 1 PID: 8446 Comm: syz-fuzzer Not tainted 5.11.0-rc5-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
==================================================================

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2021/01/27 19:26 upstream 2ab38c17aac1 a57db36f .config console log report info ci2-upstream-kcsan-gce KCSAN: data-race in tomoyo_check_path_acl / tomoyo_merge_path_acl
* Struck through repros no longer work on HEAD.