lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <000000000000e39e0e06079abd8e@google.com>
Date:   Fri, 13 Oct 2023 08:30:52 -0700
From:   syzbot <syzbot+b015897b5913b3aa2ecd@...kaller.appspotmail.com>
To:     brauner@...nel.org, linux-fsdevel@...r.kernel.org,
        linux-kernel@...r.kernel.org, syzkaller-bugs@...glegroups.com,
        viro@...iv.linux.org.uk
Subject: [syzbot] [fs?] KCSAN: data-race in __d_lookup_rcu / dont_mount

Hello,

syzbot found the following issue on:

HEAD commit:    94f6f0550c62 Linux 6.6-rc5
git tree:       upstream
console output: https://syzkaller.appspot.com/x/log.txt?x=152d6bee680000
kernel config:  https://syzkaller.appspot.com/x/.config?x=70d8e328e7a4e377
dashboard link: https://syzkaller.appspot.com/bug?extid=b015897b5913b3aa2ecd
compiler:       Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40

Unfortunately, I don't have any reproducer for this issue yet.

Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/6a29ef1a56e4/disk-94f6f055.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/24e09ea50a82/vmlinux-94f6f055.xz
kernel image: https://storage.googleapis.com/syzbot-assets/1365bbf9b381/bzImage-94f6f055.xz

IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+b015897b5913b3aa2ecd@...kaller.appspotmail.com

==================================================================
BUG: KCSAN: data-race in __d_lookup_rcu / dont_mount

read to 0xffff8881382e76c0 of 4 bytes by task 3386 on cpu 0:
 __d_lookup_rcu+0x42/0x290 fs/dcache.c:2360
 lookup_fast+0x8e/0x290 fs/namei.c:1628
 walk_component+0x3f/0x230 fs/namei.c:1997
 lookup_last fs/namei.c:2458 [inline]
 path_lookupat+0x10a/0x2a0 fs/namei.c:2482
 filename_lookup+0x126/0x300 fs/namei.c:2511
 vfs_statx+0xa2/0x430 fs/stat.c:240
 vfs_fstatat+0xcd/0x100 fs/stat.c:295
 __do_sys_newfstatat fs/stat.c:459 [inline]
 __se_sys_newfstatat+0x58/0x260 fs/stat.c:453
 __x64_sys_newfstatat+0x55/0x60 fs/stat.c:453
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x41/0xc0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x63/0xcd

read-write to 0xffff8881382e76c0 of 4 bytes by task 3374 on cpu 1:
 dont_mount+0x27/0x40 include/linux/dcache.h:351
 vfs_rmdir+0x2a9/0x2f0 fs/namei.c:4209
 do_rmdir+0x194/0x310 fs/namei.c:4262
 __do_sys_rmdir fs/namei.c:4281 [inline]
 __se_sys_rmdir fs/namei.c:4279 [inline]
 __x64_sys_rmdir+0x30/0x40 fs/namei.c:4279
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x41/0xc0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x63/0xcd

Reported by Kernel Concurrency Sanitizer on:
CPU: 1 PID: 3374 Comm: udevd Not tainted 6.6.0-rc5-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023
==================================================================


---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzkaller@...glegroups.com.

syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.

If the bug is already fixed, let syzbot know by replying with:
#syz fix: exact-commit-title

If you want to overwrite bug's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)

If the bug is a duplicate of another bug, reply with:
#syz dup: exact-subject-of-another-report

If you want to undo deduplication, reply with:
#syz undup

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ