syzbot


KCSAN: data-race in copy_folio_from_iter_atomic / fat12_ent_put (5)

Status: upstream: reported on 2026/07/03 00:49
Subsystems: exfat
Labels: prio:high race:harmful
[Documentation on labels]
Reported-by: syzbot+e9aa2f4bc3623d1be5cf@syzkaller.appspotmail.com
First crash: 2d07h, last: 1d21h
✨ AI Jobs (3)
ID Workflow Result Correct Bug Created Started Finished Revision Error
af7dcb91-50e3-48d8-8669-a01ffd4baef2 assessment-kcsan Benign: ❌ KCSAN: data-race in copy_folio_from_iter_atomic / fat12_ent_put (5) 2026/07/03 00:01 2026/07/03 00:01 2026/07/03 00:48 93f579545ae410f5bccfa141d2e7bf03178f036c

			
		
274d5f62-adcf-4294-aa03-26632d2068a0 assessment-security DenialOfService: ❌ Exploitable: ❌ FilesystemTrigger: ✅ NetworkTrigger: ❌ PeripheralTrigger: ✅ RemoteTrigger: ❌ Unprivileged: ✅ UserNamespace: ✅ VMGuestTrigger: ✅ VMHostTrigger: ❌ KCSAN: data-race in copy_folio_from_iter_atomic / fat12_ent_put (5) 2026/07/03 00:01 2026/07/03 00:01 2026/07/03 00:36 93f579545ae410f5bccfa141d2e7bf03178f036c

			
		
d6204973-b8d2-4da1-91f3-222dcbb9bbe1 assessment-kcsan 💥 KCSAN: data-race in copy_folio_from_iter_atomic / fat12_ent_put (5) 2026/07/01 06:54 2026/07/01 06:54 2026/07/01 06:54 93f579545ae410f5bccfa141d2e7bf03178f036c
failed to run ["git" "-c" "core.hooksPath=/dev/null" "fetch" "--force" "--tags" "f569e972c8e9057ee9c286220c83a480ebf30cc5" "665159e246749578d4e4bfe106ee3b74edcdab18"]: exit status 128
error: insuffici...
truncated to first 200 bytes; open job for full error
Discussions (1)
Title Replies (including bot) Last reply
[syzbot] [exfat?] KCSAN: data-race in copy_folio_from_iter_atomic / fat12_ent_put (5) 1 (2) 2026/07/03 05:51
Similar bugs (4)
Kernel Title Rank 🛈 Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KCSAN: data-race in copy_folio_from_iter_atomic / fat12_ent_put (3) exfat 6 1 165d 165d 0/29 auto-obsoleted due to no activity on 2026/03/16 09:27
upstream KCSAN: data-race in copy_folio_from_iter_atomic / fat12_ent_put exfat 6 1 298d 298d 0/29 auto-obsoleted due to no activity on 2025/11/03 05:53
upstream KCSAN: data-race in copy_folio_from_iter_atomic / fat12_ent_put (2) exfat 6 1 223d 223d 0/29 auto-obsoleted due to no activity on 2026/01/16 21:35
upstream KCSAN: data-race in copy_folio_from_iter_atomic / fat12_ent_put (4) prio:low exfat 6 4 62d 78d 0/29 auto-obsoleted due to no activity on 2026/06/27 03:58

Sample crash report:
==================================================================
BUG: KCSAN: data-race in copy_folio_from_iter_atomic / fat12_ent_put

write to 0xffff888121f76082 of 1 bytes by task 6014 on cpu 1:
 fat12_ent_put+0x74/0x180 fs/fat/fatent.c:168
 fat_alloc_clusters+0x55e/0xc40 fs/fat/fatent.c:508
 fat_add_cluster fs/fat/inode.c:108 [inline]
 __fat_get_block fs/fat/inode.c:155 [inline]
 fat_get_block+0x252/0x5e0 fs/fat/inode.c:190
 __block_write_begin_int+0x400/0xf90 fs/buffer.c:2123
 block_write_begin fs/buffer.c:2234 [inline]
 cont_write_begin+0x5bf/0x920 fs/buffer.c:2596
 fat_write_begin+0x52/0xe0 fs/fat/inode.c:230
 cont_expand_zero fs/buffer.c:2524 [inline]
 cont_write_begin+0x18d/0x920 fs/buffer.c:2586
 fat_write_begin+0x52/0xe0 fs/fat/inode.c:230
 generic_cont_expand_simple+0xb0/0x150 fs/buffer.c:2487
 fat_cont_expand+0x3e/0x170 fs/fat/file.c:227
 fat_fallocate+0x177/0x1c0 fs/fat/file.c:305
 vfs_fallocate+0x3ac/0x400 fs/open.c:338
 ksys_fallocate fs/open.c:362 [inline]
 __do_sys_fallocate fs/open.c:367 [inline]
 __se_sys_fallocate fs/open.c:365 [inline]
 __x64_sys_fallocate+0x7a/0xd0 fs/open.c:365
 x64_sys_call+0x298e/0x3020 arch/x86/include/generated/asm/syscalls_64.h:286
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0x136/0x3c0 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

read to 0xffff888121f76000 of 512 bytes by task 49 on cpu 0:
 memcpy_from_iter lib/iov_iter.c:85 [inline]
 iterate_bvec include/linux/iov_iter.h:123 [inline]
 iterate_and_advance2 include/linux/iov_iter.h:306 [inline]
 iterate_and_advance include/linux/iov_iter.h:330 [inline]
 __copy_from_iter lib/iov_iter.c:261 [inline]
 copy_folio_from_iter_atomic+0x728/0x10a0 lib/iov_iter.c:491
 generic_perform_write+0x2c4/0x490 mm/filemap.c:4376
 shmem_file_write_iter+0xc5/0xf0 mm/shmem.c:3414
 lo_rw_aio+0x6a9/0x760 drivers/block/loop.c:-1
 do_req_filebacked drivers/block/loop.c:-1 [inline]
 loop_handle_cmd drivers/block/loop.c:1921 [inline]
 loop_process_work+0x567/0xac0 drivers/block/loop.c:1956
 loop_workfn+0x31/0x40 drivers/block/loop.c:1980
 process_one_work kernel/workqueue.c:3322 [inline]
 process_scheduled_works+0x4d4/0x9a0 kernel/workqueue.c:3405
 worker_thread+0x569/0x750 kernel/workqueue.c:3486
 kthread+0x221/0x270 kernel/kthread.c:436
 ret_from_fork+0x146/0x330 arch/x86/kernel/process.c:158
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:245

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 UID: 0 PID: 49 Comm: kworker/u8:3 Tainted: G        W           syzkaller #0 PREEMPT(lazy) 
Tainted: [W]=WARN
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
Workqueue: loop6 loop_workfn
==================================================================

Crashes (2):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2026/07/01 17:23 upstream 665159e24674 27192279 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in copy_folio_from_iter_atomic / fat12_ent_put
2026/07/01 06:54 upstream 665159e24674 00a5cf1c .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in copy_folio_from_iter_atomic / fat12_ent_put
* Struck through repros no longer work on HEAD.