| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 20 Jun 2024 01:23:22 -0700 From: syzbot <syzbot+5757df85a1c108693de1@...kaller.appspotmail.com> To: adilger.kernel@...ger.ca, linux-ext4@...r.kernel.org, linux-kernel@...r.kernel.org, syzkaller-bugs@...glegroups.com, tytso@....edu Subject: [syzbot] [ext4?] KCSAN: data-race in __d_instantiate / lookup_fast (7) Hello, syzbot found the following issue on: HEAD commit: e5b3efbe1ab1 Merge tag 'probes-fixes-v6.10-rc4' of git://g.. git tree: upstream console output: https://syzkaller.appspot.com/x/log.txt?x=11f67fca980000 kernel config: https://syzkaller.appspot.com/x/.config?x=704451bc2941bcb0 dashboard link: https://syzkaller.appspot.com/bug?extid=5757df85a1c108693de1 compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40 Unfortunately, I don't have any reproducer for this issue yet. Downloadable assets: disk image: https://storage.googleapis.com/syzbot-assets/aba434953b89/disk-e5b3efbe.raw.xz vmlinux: https://storage.googleapis.com/syzbot-assets/6c615db72106/vmlinux-e5b3efbe.xz kernel image: https://storage.googleapis.com/syzbot-assets/ec51cef20784/bzImage-e5b3efbe.xz IMPORTANT: if you fix the issue, please add the following tag to the commit: Reported-by: syzbot+5757df85a1c108693de1@...kaller.appspotmail.com ================================================================== BUG: KCSAN: data-race in __d_instantiate / lookup_fast read-write to 0xffff8881207d1d80 of 4 bytes by task 25805 on cpu 1: __d_instantiate+0x2cd/0x3c0 fs/dcache.c:1855 d_instantiate_new+0x5c/0xf0 fs/dcache.c:1899 ext4_mkdir+0x5e6/0x740 fs/ext4/namei.c:3047 vfs_mkdir+0x1f4/0x320 fs/namei.c:4131 do_mkdirat+0x12f/0x2a0 fs/namei.c:4154 __do_sys_mkdir fs/namei.c:4174 [inline] __se_sys_mkdir fs/namei.c:4172 [inline] __x64_sys_mkdir+0x44/0x50 fs/namei.c:4172 x64_sys_call+0x10d4/0x2d70 arch/x86/include/generated/asm/syscalls_64.h:84 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xc9/0x1c0 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f read to 0xffff8881207d1d80 of 4 bytes by task 25807 on cpu 0: d_revalidate fs/namei.c:860 [inline] lookup_fast+0xd9/0x2a0 fs/namei.c:1641 walk_component fs/namei.c:2000 [inline] link_path_walk+0x403/0x810 fs/namei.c:2331 path_lookupat+0x72/0x2b0 fs/namei.c:2492 filename_lookup+0x127/0x300 fs/namei.c:2522 user_path_at_empty+0x42/0x120 fs/namei.c:2929 user_path_at include/linux/namei.h:58 [inline] path_setxattr+0x60/0x1a0 fs/xattr.c:666 __do_sys_setxattr fs/xattr.c:687 [inline] __se_sys_setxattr fs/xattr.c:683 [inline] __x64_sys_setxattr+0x6d/0x80 fs/xattr.c:683 x64_sys_call+0x2957/0x2d70 arch/x86/include/generated/asm/syscalls_64.h:189 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xc9/0x1c0 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f value changed: 0x00000000 -> 0x00280040 Reported by Kernel Concurrency Sanitizer on: CPU: 0 PID: 25807 Comm: syz-executor.4 Tainted: G W 6.10.0-rc4-syzkaller-00052-ge5b3efbe1ab1 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 ================================================================== --- This report is generated by a bot. It may contain errors. See https://goo.gl/tpsmEJ for more information about syzbot. syzbot engineers can be reached at syzkaller@...glegroups.com. syzbot will keep track of this issue. See: https://goo.gl/tpsmEJ#status for how to communicate with syzbot. If the report is already addressed, let syzbot know by replying with: #syz fix: exact-commit-title If you want to overwrite report's subsystems, reply with: #syz set subsystems: new-subsystem (See the list of subsystem names on the web dashboard) If the report is a duplicate of another one, reply with: #syz dup: exact-subject-of-another-report If you want to undo deduplication, reply with: #syz undup
Powered by blists - more mailing lists