syzbot


KCSAN: data-race in ext4_es_lookup_extent / ext4_es_lookup_extent (4)

Status: auto-closed as invalid on 2020/06/18 13:13
Reported-by: syzbot+@syzkaller.appspotmail.com
First crash: 882d, last: 882d
similar bugs (8):
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KCSAN: data-race in ext4_es_lookup_extent / ext4_es_lookup_extent (5) 3 735d 791d 0/24 auto-closed as invalid on 2020/10/30 13:53
upstream KCSAN: data-race in ext4_es_lookup_extent / ext4_es_lookup_extent (6) 1 685d 662d 0/24 auto-closed as invalid on 2020/12/21 12:01
upstream KCSAN: data-race in ext4_es_lookup_extent / ext4_es_lookup_extent (3) 5 974d 1061d 0/24 auto-closed as invalid on 2020/04/09 02:07
upstream KCSAN: data-race in ext4_es_lookup_extent / ext4_es_lookup_extent (8) 6 489d 538d 0/24 auto-closed as invalid on 2021/07/03 03:54
upstream KCSAN: data-race in ext4_es_lookup_extent / ext4_es_lookup_extent (9) 4 322d 332d 0/24 auto-closed as invalid on 2021/12/17 02:26
upstream KCSAN: data-race in ext4_es_lookup_extent / ext4_es_lookup_extent (2) 1 1080d 1080d 0/24 closed as invalid on 2019/10/18 14:11
upstream KCSAN: data-race in ext4_es_lookup_extent / ext4_es_lookup_extent 60 1081d 1092d 0/24 closed as invalid on 2019/10/15 15:50
upstream KCSAN: data-race in ext4_es_lookup_extent / ext4_es_lookup_extent (7) 2 623d 644d 0/24 auto-closed as invalid on 2021/02/19 02:54

Sample crash report:
==================================================================
BUG: KCSAN: data-race in ext4_es_lookup_extent / ext4_es_lookup_extent

write to 0xffff88807d65f9d0 of 8 bytes by task 19909 on cpu 1:
 ext4_es_set_referenced fs/ext4/extents_status.h:194 [inline]
 ext4_es_lookup_extent+0x3f1/0x570 fs/ext4/extents_status.c:950
 ext4_map_blocks+0xba/0xcf0 fs/ext4/inode.c:511
 ext4_mpage_readpages+0xcb4/0x1450 fs/ext4/readpage.c:308
 ext4_readpages+0x8e/0xb0 fs/ext4/inode.c:3243
 read_pages+0xa2/0x2d0 mm/readahead.c:126
 __do_page_cache_readahead+0x358/0x380 mm/readahead.c:212
 ra_submit mm/internal.h:62 [inline]
 do_sync_mmap_readahead mm/filemap.c:2407 [inline]
 filemap_fault+0xf7b/0x11d0 mm/filemap.c:2493
 ext4_filemap_fault+0x5b/0x74 fs/ext4/inode.c:6033
 __do_fault+0xa8/0x1e0 mm/memory.c:3450
 do_shared_fault mm/memory.c:3901 [inline]
 do_fault mm/memory.c:3979 [inline]
 handle_pte_fault mm/memory.c:4215 [inline]
 __handle_mm_fault+0x24d9/0x2ec0 mm/memory.c:4345
 handle_mm_fault+0x21c/0x540 mm/memory.c:4382
 do_user_addr_fault arch/x86/mm/fault.c:1464 [inline]
 do_page_fault+0x48a/0xa96 arch/x86/mm/fault.c:1535
 page_fault+0x34/0x40 arch/x86/entry/entry_64.S:1203

read to 0xffff88807d65f9d0 of 8 bytes by task 19916 on cpu 0:
 ext4_es_lookup_extent+0x3b3/0x570 fs/ext4/extents_status.c:948
 ext4_map_blocks+0xba/0xcf0 fs/ext4/inode.c:511
 ext4_mpage_readpages+0xcb4/0x1450 fs/ext4/readpage.c:308
 ext4_readpages+0x8e/0xb0 fs/ext4/inode.c:3243
 read_pages+0xa2/0x2d0 mm/readahead.c:126
 __do_page_cache_readahead+0x358/0x380 mm/readahead.c:212
 ra_submit mm/internal.h:62 [inline]
 do_sync_mmap_readahead mm/filemap.c:2407 [inline]
 filemap_fault+0xf7b/0x11d0 mm/filemap.c:2493
 ext4_filemap_fault+0x5b/0x74 fs/ext4/inode.c:6033
 __do_fault+0xa8/0x1e0 mm/memory.c:3450
 do_read_fault mm/memory.c:3846 [inline]
 do_fault mm/memory.c:3975 [inline]
 handle_pte_fault mm/memory.c:4215 [inline]
 __handle_mm_fault+0x2679/0x2ec0 mm/memory.c:4345
 handle_mm_fault+0x21c/0x540 mm/memory.c:4382
 do_user_addr_fault arch/x86/mm/fault.c:1464 [inline]
 do_page_fault+0x48a/0xa96 arch/x86/mm/fault.c:1535
 page_fault+0x34/0x40 arch/x86/entry/entry_64.S:1203
 do_strncpy_from_user lib/strncpy_from_user.c:40 [inline]
 strncpy_from_user+0x171/0x2b0 lib/strncpy_from_user.c:120
 getname_flags fs/namei.c:149 [inline]
 getname_flags+0xc0/0x380 fs/namei.c:128
 getname+0x20/0x30 fs/namei.c:209
 do_sys_openat2+0x3bb/0x680 fs/open.c:1142
 do_sys_open+0xa2/0x110 fs/open.c:1164
 ksys_open include/linux/syscalls.h:1386 [inline]
 __do_sys_creat fs/open.c:1232 [inline]
 __se_sys_creat fs/open.c:1230 [inline]
 __x64_sys_creat+0x42/0x60 fs/open.c:1230
 do_syscall_64+0xc7/0x3b0 arch/x86/entry/common.c:295
 entry_SYSCALL_64_after_hwframe+0x44/0xa9

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 PID: 19916 Comm: syz-executor.5 Not tainted 5.7.0-rc1-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
==================================================================

Crashes (1):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Title
ci2-upstream-kcsan-gce 2020/05/01 06:39 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 3698959a .config log report
* Struck through repros no longer work on HEAD.