KCSAN: data-race in __xa_set_mark / xas_find

KCSAN: data-race in __xa_set_mark / xas_find_marked
Status: moderation: reported on 2020/09/25 08:57
Reported-by: syzbot+f512479ce46e8f0a9370@syzkaller.appspotmail.com
First crash: 402d, last: 8h48m

Sample crash report:

==================================================================
BUG: KCSAN: data-race in __xa_set_mark / xas_find_marked

write to 0xffff888129472228 of 8 bytes by task 24211 on cpu 1:
 instrument_write include/linux/instrumented.h:42 [inline]
 __instrument_read_write_bitop include/asm-generic/bitops/instrumented-non-atomic.h:79 [inline]
 __test_and_set_bit include/asm-generic/bitops/instrumented-non-atomic.h:95 [inline]
 node_set_mark lib/xarray.c:93 [inline]
 xas_set_mark lib/xarray.c:882 [inline]
 __xa_set_mark+0x1d9/0x290 lib/xarray.c:1899
 __set_page_dirty+0x155/0x1a0 mm/page-writeback.c:2484
 mark_buffer_dirty+0x126/0x200 fs/buffer.c:1108
 __block_commit_write fs/buffer.c:2079 [inline]
 block_write_end+0x13d/0x260 fs/buffer.c:2158
 generic_write_end+0x5e/0x180 fs/buffer.c:2172
 ext4_da_write_end+0x59b/0x730 fs/ext4/inode.c:3110
 generic_perform_write+0x22a/0x3c0 mm/filemap.c:3667
 ext4_buffered_write_iter+0x2f2/0x3f0 fs/ext4/file.c:269
 ext4_file_write_iter+0x2e7/0x11d0 fs/ext4/file.c:519
 call_write_iter include/linux/fs.h:2114 [inline]
 new_sync_write fs/read_write.c:518 [inline]
 vfs_write+0x69d/0x770 fs/read_write.c:605
 ksys_write+0xce/0x180 fs/read_write.c:658
 __do_sys_write fs/read_write.c:670 [inline]
 __se_sys_write fs/read_write.c:667 [inline]
 __x64_sys_write+0x3e/0x50 fs/read_write.c:667
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x3d/0x90 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x44/0xae

read to 0xffff888129472228 of 8 bytes by task 24188 on cpu 0:
 xas_find_chunk include/linux/xarray.h:1662 [inline]
 xas_find_marked+0x195/0x5f0 lib/xarray.c:1349
 find_get_entry mm/filemap.c:1925 [inline]
 find_get_pages_range_tag+0xf2/0x390 mm/filemap.c:2216
 pagevec_lookup_range_tag+0x37/0x50 mm/swap.c:1123
 mpage_prepare_extent_to_map+0x195/0x640 fs/ext4/inode.c:2577
 ext4_writepages+0x9d8/0x1d10 fs/ext4/inode.c:2798
 do_writepages+0x7b/0x150 mm/page-writeback.c:2355
 __filemap_fdatawrite_range mm/filemap.c:413 [inline]
 __filemap_fdatawrite mm/filemap.c:421 [inline]
 filemap_flush+0x132/0x160 mm/filemap.c:448
 ext4_alloc_da_blocks+0x47/0xd0 fs/ext4/inode.c:3164
 ext4_release_file+0x5b/0x1d0 fs/ext4/file.c:141
 __fput+0x25b/0x4e0 fs/file_table.c:280
 ____fput+0x11/0x20 fs/file_table.c:313
 task_work_run+0xae/0x130 kernel/task_work.c:164
 tracehook_notify_resume include/linux/tracehook.h:189 [inline]
 exit_to_user_mode_loop kernel/entry/common.c:175 [inline]
 exit_to_user_mode_prepare+0x156/0x190 kernel/entry/common.c:209
 __syscall_exit_to_user_mode_work kernel/entry/common.c:291 [inline]
 syscall_exit_to_user_mode+0x20/0x40 kernel/entry/common.c:302
 do_syscall_64+0x49/0x90 arch/x86/entry/common.c:86
 entry_SYSCALL_64_after_hwframe+0x44/0xae

value changed: 0x00000000007fffff -> 0x0000000001ffffff

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 PID: 24188 Comm: syz-executor.3 Not tainted 5.14.0-rc3-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
==================================================================
==================================================================
BUG: KCSAN: data-race in xas_clear_mark / xas_find_marked

write to 0xffff88812947bb28 of 8 bytes by task 24211 on cpu 0:
 instrument_write include/linux/instrumented.h:42 [inline]
 __instrument_read_write_bitop include/asm-generic/bitops/instrumented-non-atomic.h:79 [inline]
 __test_and_clear_bit include/asm-generic/bitops/instrumented-non-atomic.h:109 [inline]
 node_clear_mark lib/xarray.c:100 [inline]
 xas_clear_mark+0xa1/0x180 lib/xarray.c:911
 __test_set_page_writeback+0x3e9/0x500 mm/page-writeback.c:2809
 ext4_bio_write_page+0xee/0xa40 fs/ext4/page-io.c:450
 mpage_submit_page fs/ext4/inode.c:2100 [inline]
 mpage_map_and_submit_buffers fs/ext4/inode.c:2348 [inline]
 mpage_map_and_submit_extent fs/ext4/inode.c:2487 [inline]
 ext4_writepages+0x1050/0x1d10 fs/ext4/inode.c:2800
 do_writepages+0x7b/0x150 mm/page-writeback.c:2355
 __filemap_fdatawrite_range mm/filemap.c:413 [inline]
 __filemap_fdatawrite mm/filemap.c:421 [inline]
 filemap_flush+0x132/0x160 mm/filemap.c:448
 ext4_alloc_da_blocks+0x47/0xd0 fs/ext4/inode.c:3164
 ext4_release_file+0x5b/0x1d0 fs/ext4/file.c:141
 __fput+0x25b/0x4e0 fs/file_table.c:280
 ____fput+0x11/0x20 fs/file_table.c:313
 task_work_run+0xae/0x130 kernel/task_work.c:164
 tracehook_notify_resume include/linux/tracehook.h:189 [inline]
 exit_to_user_mode_loop kernel/entry/common.c:175 [inline]
 exit_to_user_mode_prepare+0x156/0x190 kernel/entry/common.c:209
 __syscall_exit_to_user_mode_work kernel/entry/common.c:291 [inline]
 syscall_exit_to_user_mode+0x20/0x40 kernel/entry/common.c:302
 do_syscall_64+0x49/0x90 arch/x86/entry/common.c:86
 entry_SYSCALL_64_after_hwframe+0x44/0xae

read to 0xffff88812947bb28 of 8 bytes by task 24188 on cpu 1:
 xas_find_chunk include/linux/xarray.h:1662 [inline]
 xas_find_marked+0x195/0x5f0 lib/xarray.c:1349
 find_get_entry mm/filemap.c:1925 [inline]
 find_get_pages_range_tag+0xf2/0x390 mm/filemap.c:2216
 pagevec_lookup_range_tag+0x37/0x50 mm/swap.c:1123
 mpage_prepare_extent_to_map+0x195/0x640 fs/ext4/inode.c:2577
 ext4_writepages+0x9d8/0x1d10 fs/ext4/inode.c:2798
 do_writepages+0x7b/0x150 mm/page-writeback.c:2355
 __filemap_fdatawrite_range mm/filemap.c:413 [inline]
 __filemap_fdatawrite mm/filemap.c:421 [inline]
 filemap_flush+0x132/0x160 mm/filemap.c:448
 ext4_alloc_da_blocks+0x47/0xd0 fs/ext4/inode.c:3164
 ext4_release_file+0x5b/0x1d0 fs/ext4/file.c:141
 __fput+0x25b/0x4e0 fs/file_table.c:280
 ____fput+0x11/0x20 fs/file_table.c:313
 task_work_run+0xae/0x130 kernel/task_work.c:164
 tracehook_notify_resume include/linux/tracehook.h:189 [inline]
 exit_to_user_mode_loop kernel/entry/common.c:175 [inline]
 exit_to_user_mode_prepare+0x156/0x190 kernel/entry/common.c:209
 __syscall_exit_to_user_mode_work kernel/entry/common.c:291 [inline]
 syscall_exit_to_user_mode+0x20/0x40 kernel/entry/common.c:302
 do_syscall_64+0x49/0x90 arch/x86/entry/common.c:86
 entry_SYSCALL_64_after_hwframe+0x44/0xae

value changed: 0xffffffffffffffc0 -> 0xffffffffffffff00

Reported by Kernel Concurrency Sanitizer on:
CPU: 1 PID: 24188 Comm: syz-executor.3 Not tainted 5.14.0-rc3-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
==================================================================

Crashes (212):
Manager	Time	Kernel	Commit	Syzkaller	Config	Log	Report	VM info	Title
ci2-upstream-kcsan-gce	2021/07/29 04:21	upstream	4010a528219e	b44001ce	.config	log	report	info	KCSAN: data-race in __xa_set_mark / xas_find_marked
ci2-upstream-kcsan-gce	2021/07/28 21:17	upstream	4010a528219e	9a4781d4	.config	log	report	info	KCSAN: data-race in __xa_set_mark / xas_find_marked
ci2-upstream-kcsan-gce	2021/07/26 06:57	upstream	ff1176468d36	fd511809	.config	log	report	info	KCSAN: data-race in __xa_set_mark / xas_find_marked
ci2-upstream-kcsan-gce	2021/07/25 02:06	upstream	7ffca2bb9d8b	4d1b57d4	.config	log	report	info	KCSAN: data-race in __xa_set_mark / xas_find_marked
ci2-upstream-kcsan-gce	2021/07/24 10:23	upstream	f0fddcec6b62	4d1b57d4	.config	log	report	info	KCSAN: data-race in __xa_set_mark / xas_find_marked
ci2-upstream-kcsan-gce	2021/07/22 11:51	upstream	3d5895cd3517	241790bb	.config	log	report	info	KCSAN: data-race in __xa_set_mark / xas_find_marked
ci2-upstream-kcsan-gce	2021/07/20 08:03	upstream	2734d6c1b1a0	bc48c9ab	.config	log	report	info	KCSAN: data-race in __xa_set_mark / xas_find_marked
ci2-upstream-kcsan-gce	2021/07/19 08:47	upstream	2734d6c1b1a0	f115ae98	.config	log	report	info	KCSAN: data-race in __xa_set_mark / xas_find_marked
ci2-upstream-kcsan-gce	2021/07/18 20:50	upstream	f0eb870a8422	f115ae98	.config	log	report	info	KCSAN: data-race in __xa_set_mark / xas_find_marked
ci2-upstream-kcsan-gce	2021/07/16 11:17	upstream	d936eb238744	f115ae98	.config	log	report	info	KCSAN: data-race in __xa_set_mark / xas_find_marked
ci2-upstream-kcsan-gce	2021/07/15 19:48	upstream	dd9c7df94c1b	f115ae98	.config	log	report	info	KCSAN: data-race in __xa_set_mark / xas_find_marked
ci2-upstream-kcsan-gce	2021/07/15 16:49	upstream	8096acd7442e	f115ae98	.config	log	report	info	KCSAN: data-race in __xa_set_mark / xas_find_marked
ci2-upstream-kcsan-gce	2021/07/15 02:33	upstream	8096acd7442e	b9a2f64e	.config	log	report	info	KCSAN: data-race in __xa_set_mark / xas_find_marked
ci2-upstream-kcsan-gce	2021/07/12 19:28	upstream	e73f0f0ee754	f415556d	.config	log	report	info	KCSAN: data-race in __xa_set_mark / xas_find_marked
ci2-upstream-kcsan-gce	2021/07/10 00:19	upstream	3dbdb38e2869	8f5a7b8c	.config	log	report	info	KCSAN: data-race in __xa_set_mark / xas_find_marked
ci2-upstream-kcsan-gce	2021/07/09 09:25	upstream	3dbdb38e2869	281e815f	.config	log	report	info	KCSAN: data-race in __xa_set_mark / xas_find_marked
ci2-upstream-kcsan-gce	2021/07/08 09:20	upstream	3dbdb38e2869	1aade754	.config	log	report	info	KCSAN: data-race in __xa_set_mark / xas_find_marked
ci2-upstream-kcsan-gce	2021/07/07 21:44	upstream	3dbdb38e2869	95793bce	.config	log	report	info	KCSAN: data-race in __xa_set_mark / xas_find_marked
ci2-upstream-kcsan-gce	2021/07/06 18:46	upstream	3dbdb38e2869	cca78469	.config	log	report	info	KCSAN: data-race in __xa_set_mark / xas_find_marked
ci2-upstream-kcsan-gce	2021/07/02 08:05	upstream	e058a84bfddc	658ebc66	.config	log	report	info	KCSAN: data-race in __xa_set_mark / xas_find_marked
ci2-upstream-kcsan-gce	2021/07/01 10:17	upstream	dbe69e433722	658ebc66	.config	log	report	info	KCSAN: data-race in __xa_set_mark / xas_find_marked
ci2-upstream-kcsan-gce	2021/06/30 08:46	upstream	007b350a5875	84fd4c77	.config	log	report	info	KCSAN: data-race in __xa_set_mark / xas_find_marked
ci2-upstream-kcsan-gce	2021/06/29 14:05	upstream	c54b245d0118	9d2ab5df	.config	log	report	info	KCSAN: data-race in __xa_set_mark / xas_find_marked
ci2-upstream-kcsan-gce	2021/06/29 00:41	upstream	122fa8c58831	9d2ab5df	.config	log	report	info	KCSAN: data-race in __xa_set_mark / xas_find_marked
ci2-upstream-kcsan-gce	2021/06/28 10:49	upstream	62fb9874f5da	9d2ab5df	.config	log	report	info	KCSAN: data-race in __xa_set_mark / xas_find_marked
ci2-upstream-kcsan-gce	2021/06/26 20:13	upstream	625acffd7ae2	9d2ab5df	.config	log	report	info	KCSAN: data-race in __xa_set_mark / xas_find_marked
ci2-upstream-kcsan-gce	2021/06/26 06:21	upstream	b7050b242430	9d2ab5df	.config	log	report	info	KCSAN: data-race in __xa_set_mark / xas_find_marked
ci2-upstream-kcsan-gce	2021/06/25 23:13	upstream	44db63d1ad8d	ae6bf8dd	.config	log	report	info	KCSAN: data-race in __xa_set_mark / xas_find_marked
ci2-upstream-kcsan-gce	2021/06/25 11:26	upstream	44db63d1ad8d	0edbbe31	.config	log	report	info	KCSAN: data-race in __xa_set_mark / xas_find_marked
ci2-upstream-kcsan-gce	2021/06/24 22:39	upstream	4a09d388f2ab	0edbbe31	.config	log	report	info	KCSAN: data-race in __xa_set_mark / xas_find_marked
ci2-upstream-kcsan-gce	2021/06/22 19:39	upstream	0c18f29aae7c	aba2b2fb	.config	log	report	info	KCSAN: data-race in __xa_set_mark / xas_find_marked
ci2-upstream-kcsan-gce	2021/06/22 06:31	upstream	a96bfed64c89	aba2b2fb	.config	log	report	info	KCSAN: data-race in __xa_set_mark / xas_find_marked
ci2-upstream-kcsan-gce	2021/06/21 17:25	upstream	13311e74253f	aba2b2fb	.config	log	report	info	KCSAN: data-race in __xa_set_mark / xas_find_marked
ci2-upstream-kcsan-gce	2021/06/20 01:51	upstream	913ec3c22ef4	aba2b2fb	.config	log	report	info	KCSAN: data-race in __xa_set_mark / xas_find_marked
ci2-upstream-kcsan-gce	2021/06/19 15:39	upstream	9ed13a17e38e	aba2b2fb	.config	log	report	info	KCSAN: data-race in __xa_set_mark / xas_find_marked
ci2-upstream-kcsan-gce	2021/06/16 22:47	upstream	6b00bc639f1f	aba2b2fb	.config	log	report	info	KCSAN: data-race in __xa_set_mark / xas_find_marked
ci2-upstream-kcsan-gce	2021/06/16 17:52	upstream	6b00bc639f1f	c06f97ad	.config	log	report	info	KCSAN: data-race in __xa_set_mark / xas_find_marked
ci2-upstream-kcsan-gce	2021/06/15 21:42	upstream	94f0b2d4a1d0	990d3cbe	.config	log	report	info	KCSAN: data-race in __xa_set_mark / xas_find_marked
ci2-upstream-kcsan-gce	2021/06/13 02:10	upstream	8ecfa36cd4db	1ba81399	.config	log	report	info	KCSAN: data-race in __xa_set_mark / xas_find_marked
ci2-upstream-kcsan-gce	2021/06/12 12:33	upstream	ad347abe4a98	1ba81399	.config	log	report	info	KCSAN: data-race in __xa_set_mark / xas_find_marked
ci2-upstream-kcsan-gce	2021/06/10 20:40	upstream	f09eacca59d2	1ba81399	.config	log	report	info	KCSAN: data-race in __xa_set_mark / xas_find_marked
ci2-upstream-kcsan-gce	2021/06/09 12:59	upstream	368094df48e6	84fe5d96	.config	log	report	info	KCSAN: data-race in __xa_set_mark / xas_find_marked
ci2-upstream-kcsan-gce	2021/06/07 21:35	upstream	614124bea77e	b718257f	.config	log	report	info	KCSAN: data-race in __xa_set_mark / xas_find_marked
ci2-upstream-kcsan-gce	2021/01/17 11:08	upstream	0da0a8a0a0e1	813be542	.config	log	report	info
ci2-upstream-kcsan-gce	2020/09/24 17:40	upstream	171d4ff79f96	54289b08	.config	log	report	info
ci2-upstream-kcsan-gce	2020/06/21 17:45	upstream	64677779e896	4f2acff9	.config	log	report