| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <68a02313.050a0220.e29e5.003f.GAE@google.com>
Date: Fri, 15 Aug 2025 23:20:03 -0700
From: syzbot <syzbot+ec9fab8b7f0386b98a17@...kaller.appspotmail.com>
To: hdanton@...a.com, linux-kernel@...r.kernel.org,
syzkaller-bugs@...glegroups.com
Subject: Re: [syzbot] [overlayfs?] WARNING in shmem_unlink
Hello,
syzbot has tested the proposed patch but the reproducer is still triggering an issue:
WARNING in shmem_unlink
------------[ cut here ]------------
WARNING: CPU: 0 PID: 8916 at fs/inode.c:417 drop_nlink+0xc5/0x110 fs/inode.c:417
Modules linked in:
CPU: 0 UID: 0 PID: 8916 Comm: syz.3.1059 Tainted: G W 6.17.0-rc1-syzkaller-00199-gdfd4b508c8c6-dirty #0 PREEMPT_{RT,(full)}
Tainted: [W]=WARN
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
RIP: 0010:drop_nlink+0xc5/0x110 fs/inode.c:417
Code: c8 08 00 00 be 08 00 00 00 e8 b7 90 ec ff f0 48 ff 83 c8 08 00 00 5b 41 5c 41 5e 41 5f 5d e9 82 bf c8 08 cc e8 dc 5a 8d ff 90 <0f> 0b 90 eb 81 44 89 f1 80 e1 07 80 c1 03 38 c1 0f 8c 5b ff ff ff
RSP: 0018:ffffc9000dc77600 EFLAGS: 00010293
RAX: ffffffff82310064 RBX: ffff8880269664e0 RCX: ffff888034871dc0
RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
R10: dffffc0000000000 R11: fffff52001b8eeb5 R12: 1ffff11004d2cca5
R13: 0000000068a021d6 R14: ffff888026966528 R15: dffffc0000000000
FS: 00007fe36dd9e6c0(0000) GS:ffff8881268c5000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000200000001000 CR3: 0000000028cea000 CR4: 00000000003526f0
Call Trace:
<TASK>
shmem_unlink+0x1f5/0x2d0 mm/shmem.c:4041
vfs_unlink+0x39a/0x660 fs/namei.c:4586
ovl_do_unlink fs/overlayfs/overlayfs.h:218 [inline]
ovl_cleanup_locked fs/overlayfs/dir.c:36 [inline]
ovl_cleanup+0x151/0x230 fs/overlayfs/dir.c:56
ovl_check_rename_whiteout fs/overlayfs/super.c:607 [inline]
ovl_make_workdir fs/overlayfs/super.c:704 [inline]
ovl_get_workdir+0xae2/0x1800 fs/overlayfs/super.c:829
ovl_fill_super+0x1365/0x35b0 fs/overlayfs/super.c:1408
vfs_get_super fs/super.c:1325 [inline]
get_tree_nodev+0xbb/0x150 fs/super.c:1344
vfs_get_tree+0x8f/0x2b0 fs/super.c:1815
do_new_mount+0x2a2/0x9e0 fs/namespace.c:3805
do_mount fs/namespace.c:4133 [inline]
__do_sys_mount fs/namespace.c:4344 [inline]
__se_sys_mount+0x317/0x410 fs/namespace.c:4321
do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
do_syscall_64+0xfa/0x3b0 arch/x86/entry/syscall_64.c:94
entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7fe36e72ebe9
Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007fe36dd9e038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
RAX: ffffffffffffffda RBX: 00007fe36e955fa0 RCX: 00007fe36e72ebe9
RDX: 0000200000000200 RSI: 0000200000000000 RDI: 0000000000000000
RBP: 00007fe36e7b1e19 R08: 0000200000000140 R09: 0000000000000000
R10: 00000000000000d4 R11: 0000000000000246 R12: 0000000000000000
R13: 00007fe36e956038 R14: 00007fe36e955fa0 R15: 00007ffe0cf24ac8
</TASK>
Tested on:
commit: dfd4b508 Merge tag 'drm-fixes-2025-08-16' of https://g..
git tree: upstream
console output: https://syzkaller.appspot.com/x/log.txt?x=129cf3a2580000
kernel config: https://syzkaller.appspot.com/x/.config?x=98e114f4eb77e551
dashboard link: https://syzkaller.appspot.com/bug?extid=ec9fab8b7f0386b98a17
compiler: Debian clang version 20.1.7 (++20250616065708+6146a88f6049-1~exp1~20250616065826.132), Debian LLD 20.1.7
patch: https://syzkaller.appspot.com/x/patch.diff?x=170cf3a2580000
Powered by blists - more mailing lists