syzbot

 sign-in | mailing list | source | docs
🐞 Open [1651]
Subsystems
🐞 Fixed [6000]
🐞 Invalid [14793]
Missing Backports [135]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

KCSAN: data-race in data_push_tail / vsnprintf (8)

Status: auto-obsoleted due to no activity on 2024/09/19 07:21
Subsystems: ext4 bridge
[Documentation on labels]
First crash: 204d, last: 165d
Similar bugs (7)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KCSAN: data-race in data_push_tail / vsnprintf (6) ext4 23 337d 417d 0/28 auto-obsoleted due to no activity on 2024/03/31 12:46
upstream KCSAN: data-race in data_push_tail / vsnprintf (4) ext4 4 670d 757d 0/28 auto-obsoleted due to no activity on 2023/05/03 19:58
upstream KCSAN: data-race in data_push_tail / vsnprintf (3) kernel 8 881d 980d 0/28 auto-closed as invalid on 2022/10/04 16:48
upstream KCSAN: data-race in data_push_tail / vsnprintf (7) block batman 2 263d 290d 0/28 auto-obsoleted due to no activity on 2024/06/13 03:32
upstream KCSAN: data-race in data_push_tail / vsnprintf (2) ext4 1 1037d 1037d 0/28 auto-closed as invalid on 2022/05/01 03:50
upstream KCSAN: data-race in data_push_tail / vsnprintf (5) block net 2 580d 608d 0/28 closed as invalid on 2023/06/28 10:46
upstream KCSAN: data-race in data_push_tail / vsnprintf usb 36 1102d 1415d 0/28 auto-closed as invalid on 2022/02/26 00:52

Sample crash report:
EXT4-fs error (device loop4): ext4_xattr_delete_inode:3010: inode #20: comm syz.4.627: mark inode dirty (error -117)
==================================================================
BUG: KCSAN: data-race in data_push_tail / vsnprintf

write to 0xffffffff88b51208 of 1 bytes by task 2960 on cpu 1:
 vsnprintf+0xdd8/0xe30
 vscnprintf+0x42/0x90 lib/vsprintf.c:2930
 printk_sprint+0x30/0x2d0 kernel/printk/printk.c:2165
 vprintk_store+0x570/0x810 kernel/printk/printk.c:2279
 vprintk_emit+0x10c/0x5e0 kernel/printk/printk.c:2329
 devkmsg_emit+0x82/0xb0 kernel/printk/printk.c:722
 devkmsg_write+0x248/0x2a0 kernel/printk/printk.c:785
 do_iter_readv_writev+0x3b0/0x470
 vfs_writev+0x2e0/0x880 fs/read_write.c:971
 do_writev+0xf8/0x220 fs/read_write.c:1018
 __do_sys_writev fs/read_write.c:1091 [inline]
 __se_sys_writev fs/read_write.c:1088 [inline]
 __x64_sys_writev+0x45/0x50 fs/read_write.c:1088
 x64_sys_call+0x1f18/0x2d60 arch/x86/include/generated/asm/syscalls_64.h:21
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xc9/0x1c0 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

read to 0xffffffff88b51208 of 8 bytes by task 5937 on cpu 0:
 data_make_reusable kernel/printk/printk_ringbuffer.c:594 [inline]
 data_push_tail+0x102/0x430 kernel/printk/printk_ringbuffer.c:679
 data_alloc+0xbe/0x2c0 kernel/printk/printk_ringbuffer.c:1054
 prb_reserve+0x85e/0xb60 kernel/printk/printk_ringbuffer.c:1669
 vprintk_store+0x53f/0x810 kernel/printk/printk.c:2269
 vprintk_emit+0x10c/0x5e0 kernel/printk/printk.c:2329
 vprintk_default+0x26/0x30 kernel/printk/printk.c:2363
 vprintk+0x75/0x80 kernel/printk/printk_safe.c:45
 _printk+0x7a/0xa0 kernel/printk/printk.c:2373
 __ext4_error_inode+0x2da/0x400 fs/ext4/super.c:853
 ext4_xattr_delete_inode+0x756/0x790 fs/ext4/xattr.c:3009
 ext4_evict_inode+0xa82/0xdd0 fs/ext4/inode.c:268
 evict+0x2d7/0x570 fs/inode.c:704
 iput_final fs/inode.c:1838 [inline]
 iput+0x432/0x5c0 fs/inode.c:1864
 ext4_ext_migrate+0x8e3/0x9a0 fs/ext4/migrate.c:587
 __ext4_ioctl fs/ext4/ioctl.c:1408 [inline]
 ext4_ioctl+0x104b/0x2de0 fs/ext4/ioctl.c:1626
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:907 [inline]
 __se_sys_ioctl+0xd3/0x150 fs/ioctl.c:893
 __x64_sys_ioctl+0x43/0x50 fs/ioctl.c:893
 x64_sys_call+0x15cc/0x2d60 arch/x86/include/generated/asm/syscalls_64.h:17
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xc9/0x1c0 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

value changed: 0x00000000ffffe31f -> 0x00000000ffffe300

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 UID: 0 PID: 5937 Comm: syz.4.627 Not tainted 6.11.0-rc3-syzkaller-00060-gd07b43284ab3 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
==================================================================
EXT4-fs warning (device loop4): ext4_evict_inode:271: xattr delete (err -117)

Crashes (4):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2024/08/15 07:18 upstream d07b43284ab3 e4bacdaf .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in data_push_tail / vsnprintf
2024/08/12 04:25 upstream 7006fe2f7f78 6f4edef4 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in data_push_tail / vsnprintf
2024/07/20 16:25 upstream 3c3ff7be9729 b88348e9 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in data_push_tail / vsnprintf
2024/07/07 23:03 upstream c6653f49e4fd 2a40360c .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in data_push_tail / vsnprintf
* Struck through repros no longer work on HEAD.