syzbot


KCSAN: data-race in xas_create / xas_find (3)

Status: auto-closed as invalid on 2022/02/20 21:56
Reported-by: syzbot+@syzkaller.appspotmail.com
First crash: 429d, last: 313d
similar bugs (4):
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KCSAN: data-race in xas_create / xas_find (4) 3 205d 243d 0/24 auto-closed as invalid on 2022/06/09 16:26
upstream KCSAN: data-race in xas_create / xas_find (2) 5 465d 537d 0/24 auto-closed as invalid on 2021/09/22 15:56
upstream KCSAN: data-race in xas_create / xas_find (5) 1 163d 163d 0/24 auto-closed as invalid on 2022/07/21 09:43
upstream KCSAN: data-race in xas_create / xas_find 2 576d 589d 0/24 auto-closed as invalid on 2021/06/03 16:29

Sample crash report:
loop5: detected capacity change from 0 to 1024
==================================================================
BUG: KCSAN: data-race in xas_create / xas_find

write to 0xffff8881370ba901 of 1 bytes by task 27235 on cpu 0:
 xas_expand lib/xarray.c:611 [inline]
 xas_create+0x679/0xb10 lib/xarray.c:652
 xas_store+0x70/0xca0 lib/xarray.c:784
 __filemap_add_folio+0x1e8/0x4d0 mm/filemap.c:904
 filemap_add_folio+0x6b/0x150 mm/filemap.c:961
 page_cache_ra_unbounded+0x274/0x400 mm/readahead.c:221
 do_page_cache_ra mm/readahead.c:268 [inline]
 force_page_cache_ra+0x1e6/0x220 mm/readahead.c:300
 page_cache_sync_ra+0xcc/0xe0 mm/readahead.c:574
 page_cache_sync_readahead include/linux/pagemap.h:1056 [inline]
 filemap_get_pages mm/filemap.c:2511 [inline]
 filemap_read+0x3ed/0x1430 mm/filemap.c:2598
 blkdev_read_iter+0xcb/0x350 block/fops.c:610
 call_read_iter include/linux/fs.h:2080 [inline]
 new_sync_read fs/read_write.c:400 [inline]
 vfs_read+0x66c/0x750 fs/read_write.c:481
 ksys_read+0xd9/0x190 fs/read_write.c:619
 __do_sys_read fs/read_write.c:629 [inline]
 __se_sys_read fs/read_write.c:627 [inline]
 __x64_sys_read+0x3e/0x50 fs/read_write.c:627
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x44/0xd0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x44/0xae

read to 0xffff8881370ba901 of 1 bytes by task 12340 on cpu 1:
 xas_find+0x2d9/0x3c0 lib/xarray.c:1257
 find_get_entry mm/filemap.c:1950 [inline]
 find_lock_entries+0xab/0x470 mm/filemap.c:2042
 truncate_inode_pages_range+0x118/0x8b0 mm/truncate.c:375
 truncate_inode_pages+0x20/0x30 mm/truncate.c:466
 kill_bdev block/bdev.c:78 [inline]
 set_blocksize+0x24e/0x270 block/bdev.c:158
 sb_set_blocksize block/bdev.c:167 [inline]
 sb_min_blocksize+0x92/0x110 block/bdev.c:183
 __ext4_fill_super+0x10e/0x59b0 fs/ext4/super.c:4390
 ext4_fill_super+0xfd/0x2f0 fs/ext4/super.c:5558
 get_tree_bdev+0x2c2/0x3d0 fs/super.c:1295
 vfs_get_tree+0x4a/0x1a0 fs/super.c:1500
 do_new_mount fs/namespace.c:2994 [inline]
 path_mount+0x11cf/0x1c40 fs/namespace.c:3324
 do_mount fs/namespace.c:3337 [inline]
 __do_sys_mount fs/namespace.c:3545 [inline]
 __se_sys_mount+0x24b/0x2f0 fs/namespace.c:3522
 __x64_sys_mount+0x63/0x70 fs/namespace.c:3522
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x44/0xd0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x44/0xae

value changed: 0x01 -> 0x00

Reported by Kernel Concurrency Sanitizer on:
CPU: 1 PID: 12340 Comm: syz-executor.5 Tainted: G        W         5.16.0-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
==================================================================

Crashes (11):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Title
ci2-upstream-kcsan-gce 2022/01/16 21:53 upstream 79e06c4c4950 723cfaf0 .config log report info KCSAN: data-race in xas_create / xas_find
ci2-upstream-kcsan-gce 2022/01/02 07:45 upstream 278218f6778b e1768e9c .config log report info KCSAN: data-race in xas_create / xas_find
ci2-upstream-kcsan-gce 2021/12/22 10:34 upstream 2f47a9a4dfa3 6caa12e4 .config log report info KCSAN: data-race in xas_create / xas_find
ci2-upstream-kcsan-gce 2021/12/19 02:36 upstream 9eaa88c7036e 44068e19 .config log report info KCSAN: data-race in xas_create / xas_find
ci2-upstream-kcsan-gce 2021/12/11 09:19 upstream 9e65da135b39 49ca1f59 .config log report info KCSAN: data-race in xas_create / xas_find
ci2-upstream-kcsan-gce 2021/11/28 21:25 upstream 3498e7f2bb41 63eeac02 .config log report info KCSAN: data-race in xas_create / xas_find
ci2-upstream-kcsan-gce 2021/11/25 18:18 upstream 5f53fa508db0 63eeac02 .config log report info KCSAN: data-race in xas_create / xas_find
ci2-upstream-kcsan-gce 2021/11/23 23:32 upstream 5d9f4cf36721 545ab074 .config log report info KCSAN: data-race in xas_create / xas_find
ci2-upstream-kcsan-gce 2021/11/01 16:08 upstream 8bb7eca972ad 098b5d53 .config log report info KCSAN: data-race in xas_create / xas_find
ci2-upstream-kcsan-gce 2021/10/22 02:24 upstream 2f111a6fd5b5 55f90bc6 .config log report info KCSAN: data-race in xas_create / xas_find
ci2-upstream-kcsan-gce 2021/09/22 19:59 upstream cf1d2c3e7e2f 8cac236e .config log report info KCSAN: data-race in xas_create / xas_find
* Struck through repros no longer work on HEAD.