syzbot

 sign-in | mailing list | source | docs | 🏰
🐞 Open [1336]
Subsystems
🐞 Fixed [7121]
🐞 Invalid [18818]
Missing Backports [220]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
✨ AI
💬 Send us feedback

KCSAN: data-race in autofs_wait / autofs_wait

Status: moderation: reported on 2026/04/27 07:55
Subsystems: autofs
Labels: prio:low
[Documentation on labels]
Reported-by: syzbot+c6d286fd51860df64d9a@syzkaller.appspotmail.com
First crash: 31d, last: 7d19h
✨ AI Jobs (2)
ID Workflow Result Correct Bug Created Started Finished Revision Error
f6659d5c-859a-4158-a7d0-649e9a022036 assessment-security DenialOfService: ❌ Exploitable: ❌ FilesystemTrigger: ❌ NetworkTrigger: ❌ PeripheralTrigger: ❌ RemoteTrigger: ❌ Unprivileged: ✅ UserNamespace: ✅ VMGuestTrigger: ❌ VMHostTrigger: ❌ KCSAN: data-race in autofs_wait / autofs_wait 2026/05/20 07:35 2026/05/20 07:35 2026/05/20 08:09 0909d65fc692e54fa1900b68b476e89207bc7f34
10dd8583-4c13-4f2d-a087-960c5c9691d0 assessment-kcsan Benign: ✅ Confident: ✅ KCSAN: data-race in autofs_wait / autofs_wait 2026/04/27 07:54 2026/04/27 07:54 2026/04/27 08:15 9c2d0995bb06e7518555bd3b755e327c89b59823

Sample crash report:
==================================================================
BUG: KCSAN: data-race in autofs_wait / autofs_wait

read to 0xffffffff86dffbd0 of 4 bytes by task 31435 on cpu 1:
 autofs_wait+0x8ad/0xbe0 fs/autofs/waitq.c:386
 autofs_mount_wait+0xc2/0x100 fs/autofs/root.c:256
 autofs_d_automount+0x3f6/0x560 fs/autofs/root.c:410
 follow_automount fs/namei.c:1560 [inline]
 __traverse_mounts+0x256/0x420 fs/namei.c:1613
 traverse_mounts fs/namei.c:1642 [inline]
 handle_mounts fs/namei.c:1744 [inline]
 step_into_slowpath+0x2d5/0x4c0 fs/namei.c:2100
 step_into fs/namei.c:2148 [inline]
 walk_component fs/namei.c:2284 [inline]
 lookup_last fs/namei.c:2785 [inline]
 path_lookupat+0x330/0x500 fs/namei.c:2809
 filename_lookup+0x190/0x390 fs/namei.c:2838
 __do_sys_fspick fs/fsopen.c:186 [inline]
 __se_sys_fspick+0xaa/0x250 fs/fsopen.c:163
 __x64_sys_fspick+0x43/0x50 fs/fsopen.c:163
 x64_sys_call+0x1ec5/0x3020 arch/x86/include/generated/asm/syscalls_64.h:434
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0x12c/0x3b0 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

write to 0xffffffff86dffbd0 of 4 bytes by task 31421 on cpu 0:
 autofs_wait+0x8d5/0xbe0 fs/autofs/waitq.c:-1
 autofs_mount_wait+0xc2/0x100 fs/autofs/root.c:256
 autofs_d_automount+0x3f6/0x560 fs/autofs/root.c:410
 follow_automount fs/namei.c:1560 [inline]
 __traverse_mounts+0x256/0x420 fs/namei.c:1613
 traverse_mounts fs/namei.c:1642 [inline]
 handle_mounts fs/namei.c:1744 [inline]
 step_into_slowpath+0x2d5/0x4c0 fs/namei.c:2100
 step_into fs/namei.c:2148 [inline]
 walk_component fs/namei.c:2284 [inline]
 lookup_last fs/namei.c:2785 [inline]
 path_lookupat+0x330/0x500 fs/namei.c:2809
 filename_lookup+0x190/0x390 fs/namei.c:2838
 __do_sys_fspick fs/fsopen.c:186 [inline]
 __se_sys_fspick+0xaa/0x250 fs/fsopen.c:163
 __x64_sys_fspick+0x43/0x50 fs/fsopen.c:163
 x64_sys_call+0x1ec5/0x3020 arch/x86/include/generated/asm/syscalls_64.h:434
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0x12c/0x3b0 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

value changed: 0x000176fb -> 0x000176fc

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 UID: 0 PID: 31421 Comm: syz.0.8159 Tainted: G        W           syzkaller #0 PREEMPT(full) 
Tainted: [W]=WARN
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
==================================================================

Crashes (12):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2026/05/21 02:18 upstream 8bc67e4db64a 41b8c833 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in autofs_wait / autofs_wait
2026/05/21 02:18 upstream 8bc67e4db64a 41b8c833 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in autofs_wait / autofs_wait
2026/05/21 02:18 upstream 8bc67e4db64a 41b8c833 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in autofs_wait / autofs_wait
2026/05/21 02:17 upstream 8bc67e4db64a 41b8c833 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in autofs_wait / autofs_wait
2026/05/18 15:57 upstream 5200f5f493f7 55156e84 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in autofs_wait / autofs_wait
2026/05/18 15:56 upstream 5200f5f493f7 55156e84 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in autofs_wait / autofs_wait
2026/05/18 03:47 upstream e5d505e3664b de5aae85 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in autofs_wait / autofs_wait
2026/05/18 03:44 upstream e5d505e3664b de5aae85 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in autofs_wait / autofs_wait
2026/05/02 22:41 upstream 66edb901bf87 a0d91488 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in autofs_wait / autofs_wait
2026/05/02 22:40 upstream 66edb901bf87 a0d91488 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in autofs_wait / autofs_wait
2026/05/01 10:15 upstream 26fd6bff2c05 753c55b9 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in autofs_wait / autofs_wait
2026/04/27 07:54 upstream 20b64cf8705a 9c2d0995 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in autofs_wait / autofs_wait
* Struck through repros no longer work on HEAD.