syzbot

 sign-in | mailing list | source | docs
🐞 Open [1222]
Subsystems
🐞 Fixed [5630]
🐞 Invalid [13644]
Missing Backports [100]
Kernel Health Bugs/Month Bug Lifetimes Fuzzing Crashes
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

KCSAN: data-race in fsnotify_detach_mark / fsnotify_handle_inode_event (3)

Status: moderation: reported on 2024/08/29 19:59
Subsystems: fs
[Documentation on labels]
Reported-by: syzbot+07ed107b248ae165aa4f@syzkaller.appspotmail.com
First crash: 16d, last: 5d04h
Similar bugs (2)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KCSAN: data-race in fsnotify_detach_mark / fsnotify_handle_inode_event (2) fs 3 61d 69d 0/28 auto-obsoleted due to no activity on 2024/08/19 04:23
upstream KCSAN: data-race in fsnotify_detach_mark / fsnotify_handle_inode_event fs 226 147d 281d 0/28 auto-obsoleted due to no activity on 2024/05/18 20:42

Sample crash report:
loop0: detected capacity change from 0 to 512
journal_path: Lookup failure for './bus'
EXT4-fs: error: could not find journal device path
==================================================================
BUG: KCSAN: data-race in fsnotify_detach_mark / fsnotify_handle_inode_event

write to 0xffff888104124454 of 4 bytes by task 17256 on cpu 1:
 fsnotify_detach_mark+0xe1/0x190 fs/notify/mark.c:537
 fsnotify_destroy_mark+0x9a/0x1a0 fs/notify/mark.c:579
 __do_sys_inotify_rm_watch fs/notify/inotify/inotify_user.c:816 [inline]
 __se_sys_inotify_rm_watch+0xfd/0x180 fs/notify/inotify/inotify_user.c:793
 __x64_sys_inotify_rm_watch+0x31/0x40 fs/notify/inotify/inotify_user.c:793
 x64_sys_call+0x1ae0/0x2d60 arch/x86/include/generated/asm/syscalls_64.h:256
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xc9/0x1c0 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

read to 0xffff888104124454 of 4 bytes by task 27188 on cpu 0:
 fsnotify_handle_inode_event+0xf6/0x1f0 fs/notify/fsnotify.c:287
 fsnotify_handle_event fs/notify/fsnotify.c:347 [inline]
 send_to_group fs/notify/fsnotify.c:395 [inline]
 fsnotify+0x10ba/0x11a0 fs/notify/fsnotify.c:604
 __fsnotify_parent+0x285/0x380 fs/notify/fsnotify.c:261
 fsnotify_parent include/linux/fsnotify.h:96 [inline]
 fsnotify_file include/linux/fsnotify.h:131 [inline]
 fsnotify_close include/linux/fsnotify.h:412 [inline]
 __fput+0x5ca/0x6f0 fs/file_table.c:408
 __fput_sync+0x44/0x60 fs/file_table.c:507
 __do_sys_close fs/open.c:1566 [inline]
 __se_sys_close+0x101/0x1b0 fs/open.c:1551
 __x64_sys_close+0x1f/0x30 fs/open.c:1551
 x64_sys_call+0x25cb/0x2d60 arch/x86/include/generated/asm/syscalls_64.h:4
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xc9/0x1c0 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

value changed: 0x00000003 -> 0x00000000

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 UID: 0 PID: 27188 Comm: syz.0.6692 Not tainted 6.11.0-rc7-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
==================================================================

Crashes (3):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2024/09/09 17:28 upstream da3ea35007d0 073f8be2 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in fsnotify_detach_mark / fsnotify_handle_inode_event
2024/08/31 02:08 upstream 20371ba12063 1eda0d14 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in fsnotify_detach_mark / fsnotify_handle_inode_event
2024/08/29 19:58 upstream d5d547aa7b51 9bd464fc .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in fsnotify_detach_mark / fsnotify_handle_inode_event
* Struck through repros no longer work on HEAD.