syzbot


KCSAN: data-race in copy_page_to_iter / set_overhead

Status: auto-closed as invalid on 2022/07/26 11:02
Reported-by: syzbot+@syzkaller.appspotmail.com
First crash: 184d, last: 167d

Sample crash report:
BUG: KCSAN: data-race in copy_page_to_iter / set_overhead

write to 0xffff88813ff6e648 of 4 bytes by task 24462 on cpu 1:
 set_overhead+0x24/0x30 fs/ext4/ioctl.c:1599
 ext4_update_primary_sb+0xea/0x2f0 fs/ext4/ioctl.c:64
 ext4_update_superblocks_fn+0x123/0x370 fs/ext4/ioctl.c:212
 ext4_update_overhead+0xca/0xe0 fs/ext4/ioctl.c:1610
 ext4_fill_super+0x1241/0x4f00 fs/ext4/super.c:5526
 get_tree_bdev+0x2b4/0x3b0 fs/super.c:1292
 ext4_get_tree+0x18/0x20 fs/ext4/super.c:5537
 vfs_get_tree+0x49/0x190 fs/super.c:1497
 do_new_mount+0x200/0x650 fs/namespace.c:3040
 path_mount+0x4b1/0xb60 fs/namespace.c:3370
 do_mount fs/namespace.c:3383 [inline]
 __do_sys_mount fs/namespace.c:3591 [inline]
 __se_sys_mount+0x281/0x2d0 fs/namespace.c:3568
 __x64_sys_mount+0x63/0x70 fs/namespace.c:3568
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x2b/0x70 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x46/0xb0

read to 0xffff88813ff6e000 of 4096 bytes by task 23311 on cpu 0:
 instrument_copy_to_user include/linux/instrumented.h:119 [inline]
 copyout lib/iov_iter.c:154 [inline]
 copy_page_to_iter_iovec lib/iov_iter.c:226 [inline]
 __copy_page_to_iter lib/iov_iter.c:852 [inline]
 copy_page_to_iter+0x415/0x7b0 lib/iov_iter.c:880
 copy_folio_to_iter include/linux/uio.h:153 [inline]
 filemap_read+0x10b2/0x1400 mm/filemap.c:2730
 blkdev_read_iter+0x2c6/0x370 block/fops.c:594
 call_read_iter include/linux/fs.h:2052 [inline]
 new_sync_read fs/read_write.c:401 [inline]
 vfs_read+0x5a5/0x6a0 fs/read_write.c:482
 ksys_read+0xe8/0x1a0 fs/read_write.c:620
 __do_sys_read fs/read_write.c:630 [inline]
 __se_sys_read fs/read_write.c:628 [inline]
 __x64_sys_read+0x3e/0x50 fs/read_write.c:628
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x2b/0x70 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x46/0xb0

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 PID: 23311 Comm: udevd Tainted: G        W         5.19.0-rc3-syzkaller-00027-g78ca55889a54-dirty #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
==================================================================

Crashes (2):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Title
ci2-upstream-kcsan-gce 2022/06/21 10:53 upstream 78ca55889a54 0fc5c330 .config log report info KCSAN: data-race in copy_page_to_iter / set_overhead
ci2-upstream-kcsan-gce 2022/06/04 11:06 upstream 744983d87842 c8857892 .config log report info KCSAN: data-race in copy_page_to_iter / set_overhead
* Struck through repros no longer work on HEAD.