syzbot

 sign-in | mailing list | source | docs
🐞 Open [1569]
Subsystems
🐞 Fixed [5936]
🐞 Invalid [14430]
Missing Backports [102]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

KCSAN: data-race in _copy_to_iter / set_overhead (2)

Status: moderation: reported on 2024/12/20 15:25
Subsystems: ext4
[Documentation on labels]
Reported-by: syzbot+5337104f1251590e4d0d@syzkaller.appspotmail.com
First crash: 22h18m, last: 22h18m
Similar bugs (1)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KCSAN: data-race in _copy_to_iter / set_overhead ext4 1 858d 858d 0/28 auto-closed as invalid on 2022/09/20 11:39

Sample crash report:
==================================================================
BUG: KCSAN: data-race in _copy_to_iter / set_overhead

write to 0xffff88812d74b648 of 4 bytes by task 4122 on cpu 0:
 set_overhead+0x28/0x40 fs/ext4/ioctl.c:1701
 ext4_update_backup_sb fs/ext4/ioctl.c:152 [inline]
 ext4_update_superblocks_fn+0x6af/0xc40 fs/ext4/ioctl.c:240
 ext4_update_overhead+0xdc/0xf0 fs/ext4/ioctl.c:1714
 ext4_fill_super+0x990/0x3a10 fs/ext4/super.c:5754
 get_tree_bdev_flags+0x29f/0x310 fs/super.c:1636
 get_tree_bdev+0x1f/0x30 fs/super.c:1659
 ext4_get_tree+0x1c/0x30 fs/ext4/super.c:5765
 vfs_get_tree+0x56/0x1e0 fs/super.c:1814
 do_new_mount+0x227/0x690 fs/namespace.c:3507
 path_mount+0x49b/0xb30 fs/namespace.c:3834
 do_mount fs/namespace.c:3847 [inline]
 __do_sys_mount fs/namespace.c:4057 [inline]
 __se_sys_mount+0x27c/0x2d0 fs/namespace.c:4034
 __x64_sys_mount+0x67/0x80 fs/namespace.c:4034
 x64_sys_call+0x2c84/0x2dc0 arch/x86/include/generated/asm/syscalls_64.h:166
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xc9/0x1c0 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

read to 0xffff88812d74b400 of 1024 bytes by task 3869 on cpu 1:
 instrument_copy_to_user include/linux/instrumented.h:113 [inline]
 copy_to_user_iter lib/iov_iter.c:24 [inline]
 iterate_ubuf include/linux/iov_iter.h:30 [inline]
 iterate_and_advance2 include/linux/iov_iter.h:300 [inline]
 iterate_and_advance include/linux/iov_iter.h:328 [inline]
 _copy_to_iter+0x130/0xd00 lib/iov_iter.c:185
 copy_page_to_iter+0x171/0x2b0 lib/iov_iter.c:362
 copy_folio_to_iter include/linux/uio.h:189 [inline]
 filemap_read+0x42d/0x6a0 mm/filemap.c:2697
 blkdev_read_iter+0x20e/0x2c0 block/fops.c:770
 new_sync_read fs/read_write.c:484 [inline]
 vfs_read+0x5dc/0x700 fs/read_write.c:565
 ksys_read+0xe8/0x1b0 fs/read_write.c:708
 __do_sys_read fs/read_write.c:717 [inline]
 __se_sys_read fs/read_write.c:715 [inline]
 __x64_sys_read+0x42/0x50 fs/read_write.c:715
 x64_sys_call+0x2874/0x2dc0 arch/x86/include/generated/asm/syscalls_64.h:1
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xc9/0x1c0 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

Reported by Kernel Concurrency Sanitizer on:
CPU: 1 UID: 0 PID: 3869 Comm: udevd Not tainted 6.13.0-rc3-syzkaller-00136-g8faabc041a00 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
==================================================================

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2024/12/20 15:24 upstream 8faabc041a00 0f61b415 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in _copy_to_iter / set_overhead
* Struck through repros no longer work on HEAD.