lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CAOQ4uxisEzWmAWE8HfTRSe32ANZ4ov+i43Ts86DEA0sEXCC17A@mail.gmail.com>
Date: Mon, 1 Dec 2025 12:05:37 +0100
From: Amir Goldstein <amir73il@...il.com>
To: Aleksandr Nogikh <nogikh@...gle.com>
Cc: syzbot <syzbot+b74150fd2ef40e716ca2@...kaller.appspotmail.com>, 
	NeilBrown <neil@...wn.name>, brauner@...nel.org, jack@...e.cz, 
	linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org, 
	linux-unionfs@...r.kernel.org, miklos@...redi.hu, 
	syzkaller-bugs@...glegroups.com, viro@...iv.linux.org.uk
Subject: Re: [syzbot] [overlayfs?] WARNING in fast_dput

On Mon, Dec 1, 2025 at 10:08 AM Aleksandr Nogikh <nogikh@...gle.com> wrote:
>
> On Mon, Dec 1, 2025 at 9:58 AM Amir Goldstein <amir73il@...il.com> wrote:
> >
> > On Sat, Nov 29, 2025 at 2:05 PM syzbot
> > <syzbot+b74150fd2ef40e716ca2@...kaller.appspotmail.com> wrote:
> > >
> > > Hello,
> > >
> > > syzbot found the following issue on:
> > >
> > > HEAD commit:    7d31f578f323 Add linux-next specific files for 20251128
> > > git tree:       linux-next
> > > console output: https://syzkaller.appspot.com/x/log.txt?x=14db5f42580000
> > > kernel config:  https://syzkaller.appspot.com/x/.config?x=6336d8e94a7c517d
> > > dashboard link: https://syzkaller.appspot.com/bug?extid=b74150fd2ef40e716ca2
> > > compiler:       Debian clang version 20.1.8 (++20250708063551+0c9f909b7976-1~exp1~20250708183702.136), Debian LLD 20.1.8
> > > syz repro:      https://syzkaller.appspot.com/x/repro.syz?x=1780a112580000
> > > C reproducer:   https://syzkaller.appspot.com/x/repro.c?x=10f6be92580000
> > >
> > > Downloadable assets:
> > > disk image: https://storage.googleapis.com/syzbot-assets/6b49d8ad90de/disk-7d31f578.raw.xz
> > > vmlinux: https://storage.googleapis.com/syzbot-assets/dbe2d4988ca7/vmlinux-7d31f578.xz
> > > kernel image: https://storage.googleapis.com/syzbot-assets/fc0448ab2411/bzImage-7d31f578.xz
> > >
> > > IMPORTANT: if you fix the issue, please add the following tag to the commit:
> > > Reported-by: syzbot+b74150fd2ef40e716ca2@...kaller.appspotmail.com
> > >
> > > ------------[ cut here ]------------
> > > WARNING: fs/dcache.c:829 at fast_dput+0x334/0x430 fs/dcache.c:829, CPU#1: syz.0.17/6053
> > > Modules linked in:
> > > CPU: 1 UID: 0 PID: 6053 Comm: syz.0.17 Not tainted syzkaller #0 PREEMPT(full)
> > > Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
> > > RIP: 0010:fast_dput+0x334/0x430 fs/dcache.c:829
> > > Code: e3 81 ff 48 b8 00 00 00 00 00 fc ff df 41 0f b6 44 05 00 84 c0 0f 85 e2 00 00 00 41 80 0e 40 e9 fd fe ff ff e8 4d e3 81 ff 90 <0f> 0b 90 e9 ef fe ff ff 44 89 e6 81 e6 00 00 04 00 31 ff e8 74 e7
> > > RSP: 0018:ffffc90003407cd8 EFLAGS: 00010293
> > > RAX: ffffffff823fcfe3 RBX: ffff88806c44ac78 RCX: ffff88802e41bd00
> > > RDX: 0000000000000000 RSI: 00000000ffffff80 RDI: 0000000000000001
> > > RBP: 00000000ffffff80 R08: 0000000000000003 R09: 0000000000000004
> > > R10: dffffc0000000000 R11: fffff52000680f8c R12: dffffc0000000000
> > > R13: 1ffff1100d889597 R14: ffff88806c44abc0 R15: ffff88806c44acb8
> > > FS:  00005555820e4500(0000) GS:ffff888125f4f000(0000) knlGS:0000000000000000
> > > CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
> > > CR2: 0000001b31b63fff CR3: 0000000072c78000 CR4: 00000000003526f0
> > > Call Trace:
> > >  <TASK>
> > >  dput+0xe8/0x1a0 fs/dcache.c:924
> > >  __fput+0x68e/0xa70 fs/file_table.c:476
> > >  task_work_run+0x1d4/0x260 kernel/task_work.c:233
> > >  resume_user_mode_work include/linux/resume_user_mode.h:50 [inline]
> > >  __exit_to_user_mode_loop kernel/entry/common.c:44 [inline]
> > >  exit_to_user_mode_loop+0xff/0x4f0 kernel/entry/common.c:75
> > >  __exit_to_user_mode_prepare include/linux/irq-entry-common.h:226 [inline]
> > >  syscall_exit_to_user_mode_prepare include/linux/irq-entry-common.h:256 [inline]
> > >  syscall_exit_to_user_mode_work include/linux/entry-common.h:159 [inline]
> > >  syscall_exit_to_user_mode include/linux/entry-common.h:194 [inline]
> > >  do_syscall_64+0x2e3/0xf80 arch/x86/entry/syscall_64.c:100
> > >  entry_SYSCALL_64_after_hwframe+0x77/0x7f
> > > RIP: 0033:0x7f4966f8f749
> > > Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
> > > RSP: 002b:00007ffc01c51258 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
> > > RAX: 0000000000000000 RBX: 000000000001a7a1 RCX: 00007f4966f8f749
> > > RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
> > > RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000201c5154f
> > > R10: 0000001b30f20000 R11: 0000000000000246 R12: 00007f49671e5fac
> > > R13: 00007f49671e5fa0 R14: ffffffffffffffff R15: 0000000000000004
> > >  </TASK>
> > >
> >
> > Any idea why this was tagged as overlayfs?
> > I do not see overlayfs anywhere in the repro, logs, or stack trace.
>
> Looks like the crash title is too generic, so we ended up with a
> collection of unrelated crashes here. However, several issues are
> indeed related to overlayfs:
> https://syzkaller.appspot.com/text?tag=CrashReport&x=143464b4580000
> https://syzkaller.appspot.com/text?tag=CrashReport&x=1683a112580000
>

OK but which repo, if any, are those crashes related to?
I am not exactly sure how to process this information.

Thanks,
Amir.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ