syzbot

 sign-in | mailing list | source | docs
🐞 Open [1453]
Subsystems
🐞 Fixed [6885]
🐞 Invalid [17900]
Missing Backports [224]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

WARNING in lookup_slow (4)

Status: moderation: reported on 2025/05/26 09:57
Subsystems: fs
[Documentation on labels]
Reported-by: syzbot+2b8d9d5c6bae92cffb1d@syzkaller.appspotmail.com
First crash: 251d, last: 12d
Similar bugs (8)
Kernel Title Rank 🛈 Repro Cause bisect Fix bisect Count Last Reported Patched Status
linux-5.15 WARNING in lookup_slow (2) -1 1 819d 819d 0/3 auto-obsoleted due to no activity on 2024/02/09 08:58
upstream WARNING in lookup_slow (2) fs -1 8 593d 625d 0/29 auto-obsoleted due to no activity on 2024/09/12 01:16
linux-6.6 WARNING in lookup_slow -1 1 21d 21d 0/2 upstream: reported on 2026/01/07 12:20
linux-6.1 WARNING in lookup_slow origin:upstream missing-backport -1 C inconclusive 9 167d 787d 0/3 upstream: reported C repro on 2023/12/02 22:03
upstream WARNING in lookup_slow (3) fs -1 1 401d 397d 0/29 auto-obsoleted due to no activity on 2025/02/21 12:31
linux-5.15 WARNING in lookup_slow (3) origin:lts-only -1 C error 8 28d 669d 0/3 upstream: reported C repro on 2024/03/30 12:27
upstream WARNING in lookup_slow ntfs3 -1 C error inconclusive 34 735d 1136d 0/29 auto-obsoleted due to no activity on 2024/05/02 19:30
linux-5.15 WARNING in lookup_slow -1 1 978d 978d 0/3 auto-obsoleted due to no activity on 2023/09/02 18:27

Sample crash report:
------------[ cut here ]------------
DEBUG_RWSEMS_WARN_ON(!is_rwsem_reader_owned(sem)): count = 0x0, magic = 0xffff888047995058, owner = 0x0, curr 0xffff88800025c980, list empty
WARNING: kernel/locking/rwsem.c:1354 at __up_read+0x4f9/0x670 kernel/locking/rwsem.c:1354, CPU#0: syz.0.0/5343
Modules linked in:
CPU: 0 UID: 0 PID: 5343 Comm: syz.0.0 Not tainted syzkaller #0 PREEMPT(full) 
Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
RIP: 0010:__up_read+0x5df/0x670 kernel/locking/rwsem.c:1354
Code: 23 6b 8b 49 c7 c2 c0 23 6b 8b 4c 0f 44 d0 48 8b 7c 24 28 48 c7 c6 60 23 6b 8b 4c 89 ea 48 8b 4c 24 20 4d 89 f0 4d 89 f9 41 52 <67> 48 0f b9 3a 48 83 c4 08 e8 93 a2 ee 02 e9 6e fb ff ff 48 c7 c1
RSP: 0018:ffffc9000df67a18 EFLAGS: 00010246
RAX: ffffffff8b6b23a0 RBX: ffff888047995058 RCX: ffff888047995058
RDX: 0000000000000000 RSI: ffffffff8b6b2360 RDI: ffffffff8f858520
RBP: ffffc9000df67ae8 R08: 0000000000000000 R09: ffff88800025c980
R10: ffffffff8b6b23a0 R11: ffffed1008f32a0d R12: ffff8880479950b0
R13: 0000000000000000 R14: 0000000000000000 R15: ffff88800025c980
FS:  00007f71f41cc6c0(0000) GS:ffff88808d414000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007f71f41aafc8 CR3: 00000000377e7000 CR4: 0000000000352ef0
Call Trace:
 <TASK>
 inode_unlock_shared include/linux/fs.h:1052 [inline]
 lookup_slow+0x5e/0x70 fs/namei.c:1876
 walk_component fs/namei.c:2221 [inline]
 lookup_last fs/namei.c:2722 [inline]
 path_lookupat+0x3f5/0x8c0 fs/namei.c:2746
 filename_lookup+0x212/0x570 fs/namei.c:2775
 user_path_at+0x3a/0x60 fs/namei.c:3567
 do_fchownat+0x105/0x270 fs/open.c:813
 __do_sys_lchown fs/open.c:844 [inline]
 __se_sys_lchown fs/open.c:842 [inline]
 __x64_sys_lchown+0x85/0xa0 fs/open.c:842
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xec/0xf80 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f
RIP: 0033:0x7f71f7d8f7c9
Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
RSP: 002b:00007f71f41cc038 EFLAGS: 00000246 ORIG_RAX: 000000000000005e
RAX: ffffffffffffffda RBX: 00007f71f7fe6090 RCX: 00007f71f7d8f7c9
RDX: 0000000000000000 RSI: 000000000000ee00 RDI: 00002000000000c0
RBP: 00007f71f7e13f91 R08: 0000000000000000 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
R13: 00007f71f7fe6128 R14: 00007f71f7fe6090 R15: 00007fffef7848b8
 </TASK>
----------------
Code disassembly (best guess):
   0:	23 6b 8b             	and    -0x75(%rbx),%ebp
   3:	49 c7 c2 c0 23 6b 8b 	mov    $0xffffffff8b6b23c0,%r10
   a:	4c 0f 44 d0          	cmove  %rax,%r10
   e:	48 8b 7c 24 28       	mov    0x28(%rsp),%rdi
  13:	48 c7 c6 60 23 6b 8b 	mov    $0xffffffff8b6b2360,%rsi
  1a:	4c 89 ea             	mov    %r13,%rdx
  1d:	48 8b 4c 24 20       	mov    0x20(%rsp),%rcx
  22:	4d 89 f0             	mov    %r14,%r8
  25:	4d 89 f9             	mov    %r15,%r9
  28:	41 52                	push   %r10
* 2a:	67 48 0f b9 3a       	ud1    (%edx),%rdi <-- trapping instruction
  2f:	48 83 c4 08          	add    $0x8,%rsp
  33:	e8 93 a2 ee 02       	call   0x2eea2cb
  38:	e9 6e fb ff ff       	jmp    0xfffffbab
  3d:	48                   	rex.W
  3e:	c7                   	.byte 0xc7
  3f:	c1                   	.byte 0xc1

Crashes (14):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2026/01/16 01:43 upstream 54e82e93ca93 d1b870e1 .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root WARNING in lookup_slow
2026/01/14 17:04 upstream 54e82e93ca93 d1b870e1 .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root WARNING in lookup_slow
2026/01/12 05:41 upstream 54e82e93ca93 d1b870e1 .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root WARNING in lookup_slow
2026/01/06 00:06 upstream 54e82e93ca93 d1b870e1 .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root WARNING in lookup_slow
2025/12/05 11:58 upstream 2061f18ad76e d1b870e1 .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root WARNING in lookup_slow
2025/10/13 21:30 upstream 3a8660878839 b6605ba8 .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root WARNING in lookup_slow
2025/09/08 17:33 upstream 76eeb9b8de98 d291dd2d .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root WARNING in lookup_slow
2025/08/10 12:23 upstream 561c80369df0 32a0e5ed .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root WARNING in lookup_slow
2025/07/22 23:02 upstream 89be9a83ccf1 af30dea9 .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root WARNING in lookup_slow
2025/07/11 14:08 upstream bc9ff192a6c9 3cda49cf .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root WARNING in lookup_slow
2025/06/25 14:44 upstream 7595b66ae9de 26d77996 .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root WARNING in lookup_slow
2025/06/19 09:02 upstream fb4d33ab452e ed3e87f7 .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root WARNING in lookup_slow
2025/05/30 12:38 upstream f66bc387efbe 3d2f584d .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root WARNING in lookup_slow
2025/05/22 09:52 upstream d608703fcdd9 0919b50b .config console log report [disk image (non-bootable)] [vmlinux] [kernel image] ci-snapshot-upstream-root WARNING in lookup_slow
* Struck through repros no longer work on HEAD.