syzbot

 sign-in | mailing list | source | docs
🐞 Open [870] Subsystems 🐞 Fixed [4873] 🐞 Invalid [11625] Missing Backports [68] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

KCSAN: data-race in fsnotify / fsnotify_detach_mark (5)

Status: auto-closed as invalid on 2020/12/28 12:08
Subsystems: fs
[Documentation on labels]
Reported-by: syzbot+25e6de767b2f25a71e64@syzkaller.appspotmail.com
First crash: 1115d, last: 1101d
Similar bugs (8)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KCSAN: data-race in fsnotify / fsnotify_detach_mark (4) fs 1 1156d 1156d 0/25 auto-closed as invalid on 2020/11/02 17:43
upstream KCSAN: data-race in fsnotify / fsnotify_detach_mark (8) fs 1 704d 704d 0/25 auto-closed as invalid on 2022/01/29 00:14
upstream KCSAN: data-race in fsnotify / fsnotify_detach_mark fs 6 1314d 1460d 0/25 auto-closed as invalid on 2020/06/18 13:43
upstream KCSAN: data-race in fsnotify / fsnotify_detach_mark (7) fs 1 784d 784d 0/25 auto-closed as invalid on 2021/11/09 20:25
upstream KCSAN: data-race in fsnotify / fsnotify_detach_mark (6) fs 1 1059d 1059d 0/25 auto-closed as invalid on 2021/02/08 06:39
upstream KCSAN: data-race in fsnotify / fsnotify_detach_mark (2) fs 1 1251d 1251d 0/25 auto-closed as invalid on 2020/07/31 05:33
upstream KCSAN: data-race in fsnotify / fsnotify_detach_mark (9) fs 31 310d 550d 0/25 auto-obsoleted due to no activity on 2023/04/10 23:59
upstream KCSAN: data-race in fsnotify / fsnotify_detach_mark (3) fs 1 1200d 1200d 0/25 auto-closed as invalid on 2020/09/19 20:21

Sample crash report:
==================================================================
BUG: KCSAN: data-race in fsnotify / fsnotify_detach_mark

write to 0xffff88810a82c9d4 of 4 bytes by task 1612 on cpu 0:
 fsnotify_detach_mark+0x80/0x120 fs/notify/mark.c:390
 fsnotify_clear_marks_by_group+0x29b/0x3e0 fs/notify/mark.c:761
 fsnotify_destroy_group+0x51/0x170 fs/notify/group.c:61
 fanotify_release+0x2c5/0x2e0 fs/notify/fanotify/fanotify_user.c:623
 __fput+0x243/0x4d0 fs/file_table.c:281
 ____fput+0x11/0x20 fs/file_table.c:314
 task_work_run+0x8e/0x110 kernel/task_work.c:151
 tracehook_notify_resume include/linux/tracehook.h:188 [inline]
 exit_to_user_mode_loop kernel/entry/common.c:164 [inline]
 exit_to_user_mode_prepare+0x13c/0x170 kernel/entry/common.c:191
 syscall_exit_to_user_mode+0x16/0x30 kernel/entry/common.c:266
 do_syscall_64+0x45/0x80 arch/x86/entry/common.c:56
 entry_SYSCALL_64_after_hwframe+0x44/0xa9

read to 0xffff88810a82c9d4 of 4 bytes by task 8445 on cpu 1:
 send_to_group fs/notify/fsnotify.c:299 [inline]
 fsnotify+0x803/0xe70 fs/notify/fsnotify.c:506
 fsnotify_parent include/linux/fsnotify.h:71 [inline]
 fsnotify_file include/linux/fsnotify.h:90 [inline]
 fsnotify_modify include/linux/fsnotify.h:255 [inline]
 vfs_write+0x451/0x7c0 fs/read_write.c:609
 ksys_write+0xce/0x180 fs/read_write.c:658
 __do_sys_write fs/read_write.c:670 [inline]
 __se_sys_write fs/read_write.c:667 [inline]
 __x64_sys_write+0x3e/0x50 fs/read_write.c:667
 do_syscall_64+0x39/0x80 arch/x86/entry/common.c:46
 entry_SYSCALL_64_after_hwframe+0x44/0xa9

Reported by Kernel Concurrency Sanitizer on:
CPU: 1 PID: 8445 Comm: syz-fuzzer Not tainted 5.10.0-rc5-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
==================================================================

Crashes (2):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2020/11/23 12:07 upstream 418baf2c28f3 0d27f508 .config console log report info ci2-upstream-kcsan-gce
2020/11/08 21:51 upstream 9dbc1c03eeb5 cba33199 .config console log report info ci2-upstream-kcsan-gce
* Struck through repros no longer work on HEAD.