syzbot


KCSAN: data-race in mem_cgroup_track_foreign_dirty_slowpath / mem_cgroup_track_foreign_dirty_slowpath (3)

Status: auto-closed as invalid on 2022/08/13 15:03
Reported-by: syzbot+@syzkaller.appspotmail.com
First crash: 146d, last: 146d
similar bugs (2):
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KCSAN: data-race in mem_cgroup_track_foreign_dirty_slowpath / mem_cgroup_track_foreign_dirty_slowpath (2) 1 224d 224d 0/24 auto-closed as invalid on 2022/05/27 17:05
upstream KCSAN: data-race in mem_cgroup_track_foreign_dirty_slowpath / mem_cgroup_track_foreign_dirty_slowpath 1 1056d 1056d 0/24 auto-closed as invalid on 2020/03/22 09:49

Sample crash report:
==================================================================
BUG: KCSAN: data-race in mem_cgroup_track_foreign_dirty_slowpath / mem_cgroup_track_foreign_dirty_slowpath

write to 0xffff88813888ddb0 of 8 bytes by task 14849 on cpu 0:
 mem_cgroup_track_foreign_dirty_slowpath+0x3ac/0x430
 mem_cgroup_track_foreign_dirty include/linux/memcontrol.h:1631 [inline]
 folio_account_dirtied+0x438/0x450 mm/page-writeback.c:2550
 __folio_mark_dirty+0x8e/0x130 mm/page-writeback.c:2590
 __set_page_dirty include/linux/pagemap.h:1060 [inline]
 mark_buffer_dirty+0x159/0x390 fs/buffer.c:1105
 __block_commit_write fs/buffer.c:2080 [inline]
 block_write_end+0x13d/0x240 fs/buffer.c:2159
 generic_write_end+0x5d/0x230 fs/buffer.c:2173
 ext4_da_write_end+0x26c/0x620 fs/ext4/inode.c:3078
 generic_perform_write+0x264/0x3f0 mm/filemap.c:3790
 ext4_buffered_write_iter+0x222/0x330 fs/ext4/file.c:270
 ext4_file_write_iter+0x2e3/0x1210
 call_write_iter include/linux/fs.h:2058 [inline]
 new_sync_write fs/read_write.c:504 [inline]
 vfs_write+0x71c/0x890 fs/read_write.c:591
 ksys_write+0xe8/0x1a0 fs/read_write.c:644
 __do_sys_write fs/read_write.c:656 [inline]
 __se_sys_write fs/read_write.c:653 [inline]
 __x64_sys_write+0x3e/0x50 fs/read_write.c:653
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x2b/0x70 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x46/0xb0

read to 0xffff88813888ddb0 of 8 bytes by task 14862 on cpu 1:
 mem_cgroup_track_foreign_dirty_slowpath+0x2f5/0x430 mm/memcontrol.c:4575
 mem_cgroup_track_foreign_dirty include/linux/memcontrol.h:1631 [inline]
 folio_account_dirtied+0x438/0x450 mm/page-writeback.c:2550
 __folio_mark_dirty+0x8e/0x130 mm/page-writeback.c:2590
 __set_page_dirty include/linux/pagemap.h:1060 [inline]
 mark_buffer_dirty+0x159/0x390 fs/buffer.c:1105
 __block_write_begin_int+0x6e8/0xc90 fs/buffer.c:2018
 __block_write_begin fs/buffer.c:2056 [inline]
 block_page_mkwrite+0x192/0x4b0 fs/buffer.c:2522
 ext4_page_mkwrite+0x7c6/0xfa0 fs/ext4/inode.c:6091
 do_page_mkwrite mm/memory.c:2963 [inline]
 do_shared_fault mm/memory.c:4576 [inline]
 do_fault+0x749/0xb20 mm/memory.c:4644
 handle_pte_fault mm/memory.c:4903 [inline]
 __handle_mm_fault mm/memory.c:5042 [inline]
 handle_mm_fault+0x889/0xa90 mm/memory.c:5140
 do_user_addr_fault+0x4cd/0x940 arch/x86/mm/fault.c:1397
 handle_page_fault arch/x86/mm/fault.c:1484 [inline]
 exc_page_fault+0x60/0x160 arch/x86/mm/fault.c:1540
 asm_exc_page_fault+0x27/0x30
 copy_user_enhanced_fast_string+0xa/0x40
 copy_user_generic arch/x86/include/asm/uaccess_64.h:37 [inline]
 raw_copy_to_user arch/x86/include/asm/uaccess_64.h:58 [inline]
 copyout lib/iov_iter.c:155 [inline]
 copy_page_to_iter_iovec lib/iov_iter.c:226 [inline]
 __copy_page_to_iter lib/iov_iter.c:852 [inline]
 copy_page_to_iter+0x423/0x7b0 lib/iov_iter.c:880
 copy_folio_to_iter include/linux/uio.h:153 [inline]
 filemap_read+0x117b/0x1410 mm/filemap.c:2739
 generic_file_read_iter+0x72/0x320 mm/filemap.c:2834
 ext4_file_read_iter+0x1e9/0x2a0
 call_read_iter include/linux/fs.h:2052 [inline]
 new_sync_read fs/read_write.c:401 [inline]
 vfs_read+0x5a5/0x6a0 fs/read_write.c:482
 ksys_read+0xe8/0x1a0 fs/read_write.c:620
 __do_sys_read fs/read_write.c:630 [inline]
 __se_sys_read fs/read_write.c:628 [inline]
 __x64_sys_read+0x3e/0x50 fs/read_write.c:628
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x2b/0x70 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x46/0xb0

value changed: 0x0000000100003b12 -> 0x0000000100003b77

Reported by Kernel Concurrency Sanitizer on:
CPU: 1 PID: 14862 Comm: syz-executor.2 Not tainted 5.19.0-rc5-syzkaller-00228-ge5524c2a1fc4-dirty #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/29/2022
==================================================================

Crashes (1):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Title
ci2-upstream-kcsan-gce 2022/07/09 14:54 upstream e5524c2a1fc4 b5765a15 .config log report info KCSAN: data-race in mem_cgroup_track_foreign_dirty_slowpath / mem_cgroup_track_foreign_dirty_slowpath
* Struck through repros no longer work on HEAD.