syzbot

 sign-in | mailing list | source | docs
🐞 Open [1228]
Subsystems
🐞 Fixed [5639]
🐞 Invalid [13737]
Missing Backports [100]
Kernel Health Bugs/Month Bug Lifetimes Fuzzing Crashes
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

KCSAN: data-race in has_bh_in_lru / invalidate_bh_lru (5)

Status: moderation: reported on 2024/06/25 18:23
Subsystems: ext4
[Documentation on labels]
Reported-by: syzbot+fd3d1af0dd39b0e4fed1@syzkaller.appspotmail.com
First crash: 87d, last: 12h01m
Similar bugs (4)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KCSAN: data-race in has_bh_in_lru / invalidate_bh_lru (4) ext4 80 144d 288d 0/28 auto-obsoleted due to no activity on 2024/06/03 21:44
upstream KCSAN: data-race in has_bh_in_lru / invalidate_bh_lru (3) fs 1 580d 580d 0/28 auto-obsoleted due to no activity on 2023/04/01 03:15
upstream KCSAN: data-race in has_bh_in_lru / invalidate_bh_lru fs 14 1689d 1755d 0/28 auto-closed as invalid on 2020/04/15 20:03
upstream KCSAN: data-race in has_bh_in_lru / invalidate_bh_lru (2) ext4 exfat 213 625d 1085d 0/28 auto-obsoleted due to no activity on 2023/02/08 20:39

Sample crash report:
loop1: detected capacity change from 0 to 512
==================================================================
BUG: KCSAN: data-race in has_bh_in_lru / invalidate_bh_lru

write to 0xffff888237d2bad0 of 8 bytes by task 4521 on cpu 1:
 __invalidate_bh_lrus fs/buffer.c:1505 [inline]
 invalidate_bh_lru+0x8b/0xf0 fs/buffer.c:1517
 csd_do_func kernel/smp.c:134 [inline]
 smp_call_function_many_cond+0x690/0xc20 kernel/smp.c:875
 on_each_cpu_cond_mask+0x3c/0x90 kernel/smp.c:1051
 on_each_cpu_cond include/linux/smp.h:105 [inline]
 invalidate_bh_lrus+0x2a/0x30 fs/buffer.c:1536
 invalidate_bdev+0x42/0x70 block/bdev.c:100
 ext4_put_super+0x571/0x840 fs/ext4/super.c:1348
 generic_shutdown_super+0xe5/0x220 fs/super.c:642
 kill_block_super+0x2a/0x70 fs/super.c:1696
 ext4_kill_sb+0x44/0x80 fs/ext4/super.c:7289
 deactivate_locked_super+0x7d/0x1c0 fs/super.c:473
 deactivate_super+0x9f/0xb0 fs/super.c:506
 cleanup_mnt+0x268/0x2e0 fs/namespace.c:1373
 __cleanup_mnt+0x19/0x20 fs/namespace.c:1380
 task_work_run+0x13a/0x1a0 kernel/task_work.c:228
 resume_user_mode_work include/linux/resume_user_mode.h:50 [inline]
 exit_to_user_mode_loop kernel/entry/common.c:114 [inline]
 exit_to_user_mode_prepare include/linux/entry-common.h:328 [inline]
 __syscall_exit_to_user_mode_work kernel/entry/common.c:207 [inline]
 syscall_exit_to_user_mode+0xbe/0x130 kernel/entry/common.c:218
 do_syscall_64+0xd6/0x1c0 arch/x86/entry/common.c:89
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

read to 0xffff888237d2bad0 of 8 bytes by task 5284 on cpu 0:
 has_bh_in_lru+0x35/0x1f0 fs/buffer.c:1527
 smp_call_function_many_cond+0x2d5/0xc20 kernel/smp.c:837
 on_each_cpu_cond_mask+0x3c/0x90 kernel/smp.c:1051
 on_each_cpu_cond include/linux/smp.h:105 [inline]
 invalidate_bh_lrus+0x2a/0x30 fs/buffer.c:1536
 kill_bdev block/bdev.c:90 [inline]
 blkdev_flush_mapping+0x9b/0x1a0 block/bdev.c:671
 blkdev_put_whole block/bdev.c:678 [inline]
 bdev_release+0x2f9/0x420 block/bdev.c:1103
 blkdev_release+0x15/0x20 block/fops.c:639
 __fput+0x17a/0x6d0 fs/file_table.c:431
 __fput_sync+0x43/0x60 fs/file_table.c:516
 __do_sys_close fs/open.c:1565 [inline]
 __se_sys_close+0xf9/0x1a0 fs/open.c:1550
 __x64_sys_close+0x1f/0x30 fs/open.c:1550
 x64_sys_call+0x25cb/0x2d60 arch/x86/include/generated/asm/syscalls_64.h:4
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xc9/0x1c0 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

value changed: 0xffff888100470618 -> 0x0000000000000000

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 UID: 0 PID: 5284 Comm: syz.1.321 Not tainted 6.11.0-syzkaller-07341-gbaeb9a7d8b60 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
==================================================================
EXT4-fs (loop1): warning: mounting unchecked fs, running e2fsck is recommended
[EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006]
System zones: 0-2, 18-18, 34-35
EXT4-fs (loop1): mounted filesystem 00000000-0700-0000-0000-000000000000 r/w without journal. Quota mode: none.
EXT4-fs (loop1): unmounting filesystem 00000000-0700-0000-0000-000000000000.

Crashes (8):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2024/09/20 11:01 upstream baeb9a7d8b60 6f888b75 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in has_bh_in_lru / invalidate_bh_lru
2024/09/05 13:03 upstream c763c4339688 464ac2ed .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in has_bh_in_lru / invalidate_bh_lru
2024/08/09 14:42 upstream ee9a43b7cfe2 a83d9288 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in has_bh_in_lru / invalidate_bh_lru
2024/07/27 16:41 upstream 3a7e02c040b1 46eb10b7 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in has_bh_in_lru / invalidate_bh_lru
2024/07/26 07:46 upstream 1722389b0d86 3f86dfed .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in has_bh_in_lru / invalidate_bh_lru
2024/07/19 19:27 upstream 4305ca0087dd 890ce4f3 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in has_bh_in_lru / invalidate_bh_lru
2024/07/12 08:18 upstream 8a18fda0febb eaeb5c15 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in has_bh_in_lru / invalidate_bh_lru
2024/06/25 18:22 upstream 55027e689933 04bd2a30 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in has_bh_in_lru / invalidate_bh_lru
* Struck through repros no longer work on HEAD.