syzbot

 sign-in | mailing list | source | docs
🐞 Open [1006] Subsystems 🐞 Fixed [5246] 🐞 Invalid [12543] Missing Backports [83] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

KCSAN: data-race in __es_shrink / __es_shrink (7)

Status: auto-obsoleted due to no activity on 2023/07/12 12:07
Subsystems: ext4
[Documentation on labels]
First crash: 328d, last: 328d
Similar bugs (6)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KCSAN: data-race in __es_shrink / __es_shrink (3) ext4 1 1349d 1349d 0/26 auto-closed as invalid on 2020/09/24 09:46
upstream KCSAN: data-race in __es_shrink / __es_shrink (6) ext4 1 863d 863d 0/26 auto-closed as invalid on 2022/01/22 23:41
upstream KCSAN: data-race in __es_shrink / __es_shrink (5) ext4 3 1115d 1134d 0/26 auto-closed as invalid on 2021/05/15 19:41
upstream KCSAN: data-race in __es_shrink / __es_shrink ext4 1 1644d 1644d 0/26 closed as invalid on 2019/11/19 13:24
upstream KCSAN: data-race in __es_shrink / __es_shrink (4) ext4 15 1180d 1240d 0/26 auto-closed as invalid on 2021/03/12 08:35
upstream KCSAN: data-race in __es_shrink / __es_shrink (2) ext4 3 1491d 1564d 0/26 auto-closed as invalid on 2020/06/09 01:45

Sample crash report:
==================================================================
BUG: KCSAN: data-race in __es_shrink / __es_shrink

read to 0xffff888103968578 of 8 bytes by task 19040 on cpu 0:
 __es_shrink+0x336/0x560 fs/ext4/extents_status.c:1530
 ext4_es_scan+0x84/0x270 fs/ext4/extents_status.c:1571
 do_shrink_slab+0x2a0/0x640 mm/vmscan.c:912
 shrink_slab+0x11b/0x650 mm/vmscan.c:1075
 shrink_node_memcgs mm/vmscan.c:6469 [inline]
 shrink_node+0xadf/0x1500 mm/vmscan.c:6502
 shrink_zones mm/vmscan.c:6737 [inline]
 do_try_to_free_pages+0x40d/0xc80 mm/vmscan.c:6799
 try_to_free_pages+0x3f5/0x930 mm/vmscan.c:7034
 __perform_reclaim mm/page_alloc.c:3969 [inline]
 __alloc_pages_direct_reclaim mm/page_alloc.c:3991 [inline]
 __alloc_pages_slowpath+0x4e6/0xdc0 mm/page_alloc.c:4396
 __alloc_pages+0x25d/0x340 mm/page_alloc.c:4781
 alloc_pages+0x3e1/0x4e0
 folio_alloc+0x1e/0x30 mm/mempolicy.c:2289
 filemap_alloc_folio+0x68/0x220 mm/filemap.c:976
 __filemap_get_folio+0x297/0x500 mm/filemap.c:1965
 filemap_fault+0x457/0xb70 mm/filemap.c:3289
 __do_fault mm/memory.c:4176 [inline]
 do_read_fault mm/memory.c:4530 [inline]
 do_fault mm/memory.c:4659 [inline]
 do_pte_missing mm/memory.c:3647 [inline]
 handle_pte_fault mm/memory.c:4947 [inline]
 __handle_mm_fault mm/memory.c:5089 [inline]
 handle_mm_fault+0x12f4/0x2c60 mm/memory.c:5243
 do_user_addr_fault arch/x86/mm/fault.c:1440 [inline]
 handle_page_fault arch/x86/mm/fault.c:1534 [inline]
 exc_page_fault+0x67e/0x780 arch/x86/mm/fault.c:1590
 asm_exc_page_fault+0x26/0x30 arch/x86/include/asm/idtentry.h:570

write to 0xffff888103968578 of 8 bytes by task 3037 on cpu 1:
 __es_shrink+0x362/0x560
 ext4_es_scan+0x84/0x270 fs/ext4/extents_status.c:1571
 do_shrink_slab+0x2a0/0x640 mm/vmscan.c:912
 shrink_slab+0x11b/0x650 mm/vmscan.c:1075
 shrink_node_memcgs mm/vmscan.c:6469 [inline]
 shrink_node+0xadf/0x1500 mm/vmscan.c:6502
 shrink_zones mm/vmscan.c:6737 [inline]
 do_try_to_free_pages+0x40d/0xc80 mm/vmscan.c:6799
 try_to_free_pages+0x3f5/0x930 mm/vmscan.c:7034
 __perform_reclaim mm/page_alloc.c:3969 [inline]
 __alloc_pages_direct_reclaim mm/page_alloc.c:3991 [inline]
 __alloc_pages_slowpath+0x4e6/0xdc0 mm/page_alloc.c:4396
 __alloc_pages+0x25d/0x340 mm/page_alloc.c:4781
 alloc_pages+0x3e1/0x4e0
 folio_alloc+0x1e/0x30 mm/mempolicy.c:2289
 filemap_alloc_folio+0x68/0x220 mm/filemap.c:976
 __filemap_get_folio+0x297/0x500 mm/filemap.c:1965
 filemap_fault+0x457/0xb70 mm/filemap.c:3289
 __do_fault mm/memory.c:4176 [inline]
 do_read_fault mm/memory.c:4530 [inline]
 do_fault mm/memory.c:4659 [inline]
 do_pte_missing mm/memory.c:3647 [inline]
 handle_pte_fault mm/memory.c:4947 [inline]
 __handle_mm_fault mm/memory.c:5089 [inline]
 handle_mm_fault+0x12f4/0x2c60 mm/memory.c:5243
 do_user_addr_fault arch/x86/mm/fault.c:1440 [inline]
 handle_page_fault arch/x86/mm/fault.c:1534 [inline]
 exc_page_fault+0x67e/0x780 arch/x86/mm/fault.c:1590
 asm_exc_page_fault+0x26/0x30 arch/x86/include/asm/idtentry.h:570

value changed: 0x0000000000000110 -> 0x000000000000010c

Reported by Kernel Concurrency Sanitizer on:
CPU: 1 PID: 3037 Comm: syz-fuzzer Not tainted 6.4.0-rc5-syzkaller-00016-ga4d7d7011219 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023
==================================================================

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2023/06/07 11:59 upstream a4d7d7011219 a4ae4f42 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in __es_shrink / __es_shrink
* Struck through repros no longer work on HEAD.