syzbot


KCSAN: data-race in generic_fillattr / inode_add_bytes

Status: moderation: reported on 2024/07/10 12:20
Subsystems: fs
[Documentation on labels]
Reported-by: syzbot+a088f9d6bf95dc66a923@syzkaller.appspotmail.com
First crash: 2d22h, last: 2d22h

Sample crash report:
==================================================================
BUG: KCSAN: data-race in generic_fillattr / inode_add_bytes

read-write to 0xffff888113c40cd0 of 8 bytes by task 7488 on cpu 1:
 __inode_add_bytes fs/stat.c:805 [inline]
 inode_add_bytes+0x45/0xd0 fs/stat.c:818
 __dquot_alloc_space+0x181/0x8a0 fs/quota/dquot.c:1695
 dquot_alloc_space_nodirty include/linux/quotaops.h:299 [inline]
 dquot_alloc_block_nodirty include/linux/quotaops.h:326 [inline]
 shmem_inode_acct_blocks+0x124/0x230 mm/shmem.c:225
 shmem_alloc_and_add_folio mm/shmem.c:1693 [inline]
 shmem_get_folio_gfp+0x5d3/0xb70 mm/shmem.c:2055
 shmem_get_folio mm/shmem.c:2160 [inline]
 shmem_write_begin+0xa0/0x1c0 mm/shmem.c:2743
 generic_perform_write+0x1d5/0x410 mm/filemap.c:4015
 shmem_file_write_iter+0xc8/0xf0 mm/shmem.c:2919
 __kernel_write_iter+0x24f/0x4e0 fs/read_write.c:523
 dump_emit_page fs/coredump.c:893 [inline]
 dump_user_range+0x3a7/0x550 fs/coredump.c:954
 elf_core_dump+0x1aeb/0x1c30 fs/binfmt_elf.c:2083
 do_coredump+0xff6/0x1860 fs/coredump.c:767
 get_signal+0xdc1/0x1080 kernel/signal.c:2894
 arch_do_signal_or_restart+0x95/0x4b0 arch/x86/kernel/signal.c:310
 exit_to_user_mode_loop kernel/entry/common.c:111 [inline]
 exit_to_user_mode_prepare include/linux/entry-common.h:328 [inline]
 irqentry_exit_to_user_mode+0x94/0x130 kernel/entry/common.c:231
 irqentry_exit+0x12/0x50 kernel/entry/common.c:334
 exc_general_protection+0x33d/0x4d0 arch/x86/kernel/traps.c:644
 asm_exc_general_protection+0x26/0x30 arch/x86/include/asm/idtentry.h:617

read to 0xffff888113c40cd0 of 8 bytes by task 3080 on cpu 0:
 generic_fillattr+0x233/0x2f0 fs/stat.c:64
 shmem_getattr+0x17b/0x200 mm/shmem.c:1139
 vfs_getattr_nosec fs/stat.c:135 [inline]
 vfs_getattr+0x19b/0x1e0 fs/stat.c:176
 vfs_statx+0x140/0x320 fs/stat.c:248
 vfs_fstatat+0xcd/0x100 fs/stat.c:304
 __do_sys_newfstatat fs/stat.c:468 [inline]
 __se_sys_newfstatat+0x58/0x260 fs/stat.c:462
 __x64_sys_newfstatat+0x55/0x70 fs/stat.c:462
 x64_sys_call+0x1451/0x2d70 arch/x86/include/generated/asm/syscalls_64.h:263
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xc9/0x1c0 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

value changed: 0x0000000000000ad0 -> 0x0000000000000ae8

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 PID: 3080 Comm: syz-executor Not tainted 6.10.0-rc7-syzkaller-00012-g34afb82a3c67 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
==================================================================

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2024/07/10 12:19 upstream 34afb82a3c67 bc144f9a .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in generic_fillattr / inode_add_bytes
* Struck through repros no longer work on HEAD.