syzbot


KCSAN: data-race in __es_shrink / __es_shrink (4)

Status: auto-closed as invalid on 2021/03/12 08:35
Subsystems: ext4
[Documentation on labels]
Reported-by: syzbot+07800a93ba2f50617862@syzkaller.appspotmail.com
First crash: 1268d, last: 1137d
Similar bugs (6)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KCSAN: data-race in __es_shrink / __es_shrink (3) ext4 1 1307d 1307d 0/26 auto-closed as invalid on 2020/09/24 09:46
upstream KCSAN: data-race in __es_shrink / __es_shrink (6) ext4 1 821d 821d 0/26 auto-closed as invalid on 2022/01/22 23:41
upstream KCSAN: data-race in __es_shrink / __es_shrink (7) ext4 1 285d 285d 0/26 auto-obsoleted due to no activity on 2023/07/12 12:07
upstream KCSAN: data-race in __es_shrink / __es_shrink (5) ext4 3 1073d 1092d 0/26 auto-closed as invalid on 2021/05/15 19:41
upstream KCSAN: data-race in __es_shrink / __es_shrink ext4 1 1602d 1601d 0/26 closed as invalid on 2019/11/19 13:24
upstream KCSAN: data-race in __es_shrink / __es_shrink (2) ext4 3 1449d 1522d 0/26 auto-closed as invalid on 2020/06/09 01:45

Sample crash report:
==================================================================
BUG: KCSAN: data-race in __es_shrink / __es_shrink

write to 0xffff8881038dac78 of 8 bytes by task 12490 on cpu 1:
 __es_shrink+0x3a0/0x560 fs/ext4/extents_status.c:1536
 ext4_es_scan+0x87/0x210 fs/ext4/extents_status.c:1580
 do_shrink_slab+0x28b/0x550 mm/vmscan.c:511
 shrink_slab+0xea/0x1c0 mm/vmscan.c:672
 shrink_node_memcgs+0x27a/0x410 mm/vmscan.c:2665
 shrink_node+0x9fa/0x1220 mm/vmscan.c:2780
 shrink_zones+0x2af/0x490 mm/vmscan.c:2983
 do_try_to_free_pages+0x193/0x6f0 mm/vmscan.c:3038
 try_to_free_pages+0x391/0x870 mm/vmscan.c:3277
 __perform_reclaim mm/page_alloc.c:4379 [inline]
 __alloc_pages_direct_reclaim mm/page_alloc.c:4400 [inline]
 __alloc_pages_slowpath+0x52f/0x9c0 mm/page_alloc.c:4804
 __alloc_pages_nodemask+0x269/0x350 mm/page_alloc.c:5014
 alloc_pages_current+0x21d/0x310 mm/mempolicy.c:2267
 alloc_pages include/linux/gfp.h:547 [inline]
 __vmalloc_area_node mm/vmalloc.c:2510 [inline]
 __vmalloc_node_range+0x2b0/0x510 mm/vmalloc.c:2576
 __bpf_map_area_alloc+0xfd/0x120 kernel/bpf/syscall.c:306
 bpf_map_area_alloc+0x18/0x20 kernel/bpf/syscall.c:313
 prealloc_init kernel/bpf/hashtab.c:284 [inline]
 htab_map_alloc+0x657/0xc70 kernel/bpf/hashtab.c:508
 find_and_alloc_map kernel/bpf/syscall.c:122 [inline]
 map_create kernel/bpf/syscall.c:828 [inline]
 __do_sys_bpf+0x420c/0x9950 kernel/bpf/syscall.c:4364
 __se_sys_bpf kernel/bpf/syscall.c:4340 [inline]
 __x64_sys_bpf+0x3d/0x50 kernel/bpf/syscall.c:4340
 do_syscall_64+0x39/0x80 arch/x86/entry/common.c:46
 entry_SYSCALL_64_after_hwframe+0x44/0xa9

read to 0xffff8881038dac78 of 8 bytes by task 12462 on cpu 0:
 __es_shrink+0x374/0x560 fs/ext4/extents_status.c:1536
 ext4_es_scan+0x87/0x210 fs/ext4/extents_status.c:1580
 do_shrink_slab+0x28b/0x550 mm/vmscan.c:511
 shrink_slab+0xea/0x1c0 mm/vmscan.c:672
 shrink_node_memcgs+0x27a/0x410 mm/vmscan.c:2665
 shrink_node+0x9fa/0x1220 mm/vmscan.c:2780
 shrink_zones+0x2af/0x490 mm/vmscan.c:2983
 do_try_to_free_pages+0x193/0x6f0 mm/vmscan.c:3038
 try_to_free_pages+0x391/0x870 mm/vmscan.c:3277
 __perform_reclaim mm/page_alloc.c:4379 [inline]
 __alloc_pages_direct_reclaim mm/page_alloc.c:4400 [inline]
 __alloc_pages_slowpath+0x52f/0x9c0 mm/page_alloc.c:4804
 __alloc_pages_nodemask+0x269/0x350 mm/page_alloc.c:5014
 alloc_pages_current+0x21d/0x310 mm/mempolicy.c:2267
 alloc_pages include/linux/gfp.h:547 [inline]
 __vmalloc_area_node mm/vmalloc.c:2510 [inline]
 __vmalloc_node_range+0x2b0/0x510 mm/vmalloc.c:2576
 __bpf_map_area_alloc+0xfd/0x120 kernel/bpf/syscall.c:306
 bpf_map_area_alloc+0x18/0x20 kernel/bpf/syscall.c:313
 prealloc_init kernel/bpf/hashtab.c:284 [inline]
 htab_map_alloc+0x657/0xc70 kernel/bpf/hashtab.c:508
 find_and_alloc_map kernel/bpf/syscall.c:122 [inline]
 map_create kernel/bpf/syscall.c:828 [inline]
 __do_sys_bpf+0x420c/0x9950 kernel/bpf/syscall.c:4364
 __se_sys_bpf kernel/bpf/syscall.c:4340 [inline]
 __x64_sys_bpf+0x3d/0x50 kernel/bpf/syscall.c:4340
 do_syscall_64+0x39/0x80 arch/x86/entry/common.c:46
 entry_SYSCALL_64_after_hwframe+0x44/0xa9

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 PID: 12462 Comm: syz-executor.5 Not tainted 5.11.0-rc6-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
==================================================================

Crashes (15):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2021/02/05 08:34 upstream 5c279c4cf206 23a562df .config console log report info ci2-upstream-kcsan-gce KCSAN: data-race in __es_shrink / __es_shrink
2021/01/21 23:54 upstream 9791581c049c d4f4eca5 .config console log report info ci2-upstream-kcsan-gce KCSAN: data-race in __es_shrink / __es_shrink
2021/01/08 09:12 upstream f5e6c330254a c104d4a3 .config console log report info ci2-upstream-kcsan-gce
2021/01/03 11:34 upstream 3516bd729358 79264ae3 .config console log report info ci2-upstream-kcsan-gce
2020/12/26 06:05 upstream 5814bc2d4cc2 821e0b09 .config console log report info ci2-upstream-kcsan-gce
2020/11/22 09:44 upstream a349e4c65960 0d27f508 .config console log report info ci2-upstream-kcsan-gce
2020/11/15 21:11 upstream 0062442ecfef 1bf9a662 .config console log report info ci2-upstream-kcsan-gce
2020/11/15 13:30 upstream e28c0d7c92c8 1bf9a662 .config console log report info ci2-upstream-kcsan-gce
2020/11/14 16:52 upstream f01c30de86f1 1bf9a662 .config console log report info ci2-upstream-kcsan-gce
2020/10/29 05:02 upstream ed8780e3f2ec f24824d3 .config console log report info ci2-upstream-kcsan-gce
2020/10/28 01:34 upstream ed8780e3f2ec 96e03c1c .config console log report info ci2-upstream-kcsan-gce
2020/10/26 05:06 upstream 986b9eacb259 a1839e81 .config console log report info ci2-upstream-kcsan-gce
2020/10/23 02:47 upstream 96485e446260 4e740c00 .config console log report info ci2-upstream-kcsan-gce
2020/10/04 21:21 upstream 22fbc037cd32 5ef9c291 .config console log report info ci2-upstream-kcsan-gce
2020/09/27 06:39 upstream eeddbe6841cd 5dd8aee8 .config console log report info ci2-upstream-kcsan-gce
* Struck through repros no longer work on HEAD.