syzbot

 sign-in | mailing list | source | docs
🐞 Open [994] Subsystems 🐞 Fixed [5242] 🐞 Invalid [12515] Missing Backports [83] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

KCSAN: data-race in ext4_es_lookup_extent / ext4_es_lookup_extent (3)

Status: auto-closed as invalid on 2020/04/09 02:07
Subsystems: ext4
[Documentation on labels]
First crash: 1636d, last: 1548d
Similar bugs (8)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KCSAN: data-race in ext4_es_lookup_extent / ext4_es_lookup_extent (4) ext4 1 1456d 1456d 0/26 auto-closed as invalid on 2020/06/18 13:13
upstream KCSAN: data-race in ext4_es_lookup_extent / ext4_es_lookup_extent (5) ext4 3 1309d 1366d 0/26 auto-closed as invalid on 2020/10/30 13:53
upstream KCSAN: data-race in ext4_es_lookup_extent / ext4_es_lookup_extent (6) ext4 1 1259d 1236d 0/26 auto-closed as invalid on 2020/12/21 12:01
upstream KCSAN: data-race in ext4_es_lookup_extent / ext4_es_lookup_extent (8) ext4 6 1063d 1112d 0/26 auto-closed as invalid on 2021/07/03 03:54
upstream KCSAN: data-race in ext4_es_lookup_extent / ext4_es_lookup_extent (9) ext4 4 896d 906d 0/26 auto-closed as invalid on 2021/12/17 02:26
upstream KCSAN: data-race in ext4_es_lookup_extent / ext4_es_lookup_extent (2) ext4 1 1655d 1655d 0/26 closed as invalid on 2019/10/18 14:11
upstream KCSAN: data-race in ext4_es_lookup_extent / ext4_es_lookup_extent ext4 60 1655d 1666d 0/26 closed as invalid on 2019/10/15 15:50
upstream KCSAN: data-race in ext4_es_lookup_extent / ext4_es_lookup_extent (7) ext4 2 1197d 1219d 0/26 auto-closed as invalid on 2021/02/19 02:54

Sample crash report:
==================================================================
BUG: KCSAN: data-race in ext4_es_lookup_extent / ext4_es_lookup_extent

read to 0xffff888127673480 of 8 bytes by task 14979 on cpu 0:
 ext4_es_lookup_extent+0x3c8/0x580 fs/ext4/extents_status.c:948
 ext4_map_blocks+0xbd/0xff0 fs/ext4/inode.c:513
 ext4_mpage_readpages+0xe1f/0x1580 fs/ext4/readpage.c:296
 ext4_readpages+0x92/0xc0 fs/ext4/inode.c:3244
 read_pages+0xa2/0x2d0 mm/readahead.c:126
 __do_page_cache_readahead+0x353/0x390 mm/readahead.c:212
 ra_submit mm/internal.h:62 [inline]
 ondemand_readahead+0x35d/0x710 mm/readahead.c:492
 page_cache_sync_readahead+0x1ad/0x1e0 mm/readahead.c:527
 generic_file_buffered_read mm/filemap.c:2051 [inline]
 generic_file_read_iter+0xeb6/0x1440 mm/filemap.c:2324
 ext4_file_read_iter fs/ext4/file.c:130 [inline]
 ext4_file_read_iter+0x10c/0x380 fs/ext4/file.c:113
 call_read_iter include/linux/fs.h:1896 [inline]
 generic_file_splice_read+0x35c/0x500 fs/splice.c:313
 do_splice_to+0xf2/0x130 fs/splice.c:892
 splice_direct_to_actor+0x1b6/0x540 fs/splice.c:971
 do_splice_direct+0x161/0x1e0 fs/splice.c:1080
 do_sendfile+0x384/0x7f0 fs/read_write.c:1464
 __do_sys_sendfile64 fs/read_write.c:1525 [inline]
 __se_sys_sendfile64 fs/read_write.c:1511 [inline]
 __x64_sys_sendfile64+0x12a/0x140 fs/read_write.c:1511
 do_syscall_64+0xcc/0x3a0 arch/x86/entry/common.c:294
 entry_SYSCALL_64_after_hwframe+0x44/0xa9

write to 0xffff888127673480 of 8 bytes by task 14931 on cpu 1:
 ext4_es_set_referenced fs/ext4/extents_status.h:194 [inline]
 ext4_es_lookup_extent+0x406/0x580 fs/ext4/extents_status.c:950
 ext4_map_blocks+0xbd/0xff0 fs/ext4/inode.c:513
 ext4_overwrite_io fs/ext4/file.c:197 [inline]
 ext4_dio_write_iter fs/ext4/file.c:415 [inline]
 ext4_file_write_iter+0x36a/0xd40 fs/ext4/file.c:545
 call_write_iter include/linux/fs.h:1902 [inline]
 do_iter_readv_writev+0x487/0x5b0 fs/read_write.c:693
 do_iter_write fs/read_write.c:970 [inline]
 do_iter_write+0x13b/0x3c0 fs/read_write.c:951
 vfs_iter_write+0x5c/0x80 fs/read_write.c:983
 iter_file_splice_write+0x530/0x840 fs/splice.c:760
 do_splice_from fs/splice.c:863 [inline]
 direct_splice_actor+0xa0/0xc0 fs/splice.c:1037
 splice_direct_to_actor+0x22b/0x540 fs/splice.c:992
 do_splice_direct+0x161/0x1e0 fs/splice.c:1080
 do_sendfile+0x384/0x7f0 fs/read_write.c:1464
 __do_sys_sendfile64 fs/read_write.c:1525 [inline]
 __se_sys_sendfile64 fs/read_write.c:1511 [inline]
 __x64_sys_sendfile64+0x12a/0x140 fs/read_write.c:1511
 do_syscall_64+0xcc/0x3a0 arch/x86/entry/common.c:294
 entry_SYSCALL_64_after_hwframe+0x44/0xa9

Reported by Kernel Concurrency Sanitizer on:
CPU: 1 PID: 14931 Comm: syz-executor.3 Not tainted 5.5.0-rc1-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
==================================================================

Crashes (5):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2020/01/30 02:03 https://github.com/google/ktsan.git kcsan 245a43005292 5ed23f9a .config console log report ci2-upstream-kcsan-gce
2020/01/29 12:45 https://github.com/google/ktsan.git kcsan 245a43005292 c8e81ce4 .config console log report ci2-upstream-kcsan-gce
2019/12/30 13:40 https://github.com/google/ktsan.git kcsan 245a43005292 af6b8ef8 .config console log report ci2-upstream-kcsan-gce
2019/11/12 15:31 https://github.com/google/ktsan.git kcsan 7f2955e0d056 048f2d49 .config console log report ci2-upstream-kcsan-gce
2019/11/03 23:48 https://github.com/google/ktsan.git kcsan 05f2236801fe b35fad31 .config console log report ci2-upstream-kcsan-gce
* Struck through repros no longer work on HEAD.