KCSAN: data-race in xas_find_marked / xas_set_mark
10 views
Skip to first unread message
syzbot
Dec 4, 2019, 11:45:09 PM12/4/19
to syzkaller-upst...@googlegroups.com
Hello,
syzbot found the following crash on:
HEAD commit: 05f22368 x86, kcsan: Enable KCSAN for x86
git tree: https://github.com/google/ktsan.git kcsan
console output: https://syzkaller.appspot.com/x/log.txt?x=1140f6df600000
kernel config: https://syzkaller.appspot.com/x/.config?x=87d111955f40591f
dashboard link: https://syzkaller.appspot.com/bug?extid=238e9bb046564c2c4d4a
compiler: gcc (GCC) 9.0.0 20181231 (experimental)
CC: [ak...@linux-foundation.org amir...@gmail.com
darric...@oracle.com han...@cmpxchg.org ja...@suse.cz
jo...@toxicpanda.com linux-...@vger.kernel.org linu...@kvack.org
songliu...@fb.com wi...@infradead.org el...@google.com]
Unfortunately, I don't have any reproducer for this crash yet.
IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+238e9b...@syzkaller.appspotmail.com
==================================================================
BUG: KCSAN: data-race in xas_find_marked / xas_set_mark
read to 0xffff8881259866a8 of 8 bytes by task 21 on cpu 1:
xas_find_chunk include/linux/xarray.h:1590 [inline]
xas_find_marked+0x17a/0x7b0 lib/xarray.c:1187
find_get_pages_range_tag+0x111/0x670 mm/filemap.c:1924
pagevec_lookup_range_tag+0x45/0x70 mm/swap.c:1054
mpage_prepare_extent_to_map+0x1e2/0x760 fs/ext4/inode.c:2645
ext4_writepages+0xb2b/0x2300 fs/ext4/inode.c:2866
do_writepages+0x6b/0x170 mm/page-writeback.c:2344
__writeback_single_inode+0xaf/0x8e0 fs/fs-writeback.c:1449
writeback_sb_inodes+0x4ba/0xa50 fs/fs-writeback.c:1713
__writeback_inodes_wb+0xe8/0x1b0 fs/fs-writeback.c:1782
wb_writeback+0x557/0x6a0 fs/fs-writeback.c:1891
wb_check_background_flush fs/fs-writeback.c:1959 [inline]
wb_do_writeback fs/fs-writeback.c:2047 [inline]
wb_workfn+0x696/0x970 fs/fs-writeback.c:2075
process_one_work+0x3d4/0x890 kernel/workqueue.c:2269
worker_thread+0xa0/0x800 kernel/workqueue.c:2415
kthread+0x1d4/0x200 drivers/block/aoe/aoecmd.c:1253
write to 0xffff8881259866a8 of 8 bytes by task 7854 on cpu 0:
__test_and_set_bit include/asm-generic/bitops-instrumented.h:168 [inline]
node_set_mark lib/xarray.c:92 [inline]
xas_set_mark+0x122/0x1a0 lib/xarray.c:878
__xa_set_mark+0xd3/0x100 lib/xarray.c:1695
__set_page_dirty+0x152/0x270 fs/buffer.c:584
mark_buffer_dirty+0x27f/0x2c0 fs/buffer.c:1112
__block_commit_write.isra.0+0x11f/0x170 fs/buffer.c:2041
block_write_end+0x6d/0x140 fs/buffer.c:2119
generic_write_end+0x8a/0x1f0 fs/buffer.c:2133
ext4_da_write_end+0x158/0x620 fs/ext4/inode.c:3189
generic_perform_write+0x1d3/0x320 mm/filemap.c:3315
__generic_file_write_iter+0x251/0x380 mm/filemap.c:3433
ext4_file_write_iter+0x1bd/0xa00 fs/ext4/file.c:268
call_write_iter include/linux/fs.h:1895 [inline]
new_sync_write+0x388/0x4a0 fs/read_write.c:483
__vfs_write+0xb1/0xc0 fs/read_write.c:496
vfs_write fs/read_write.c:558 [inline]
vfs_write+0x18a/0x390 fs/read_write.c:542
Reported by Kernel Concurrency Sanitizer on:
CPU: 0 PID: 7854 Comm: syz-executor.3 Not tainted 5.4.0-rc3+ #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS
Google 01/01/2011
==================================================================
---
This bug is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this bug report. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot found the following crash on:
HEAD commit: 05f22368 x86, kcsan: Enable KCSAN for x86
git tree: https://github.com/google/ktsan.git kcsan
console output: https://syzkaller.appspot.com/x/log.txt?x=1140f6df600000
kernel config: https://syzkaller.appspot.com/x/.config?x=87d111955f40591f
dashboard link: https://syzkaller.appspot.com/bug?extid=238e9bb046564c2c4d4a
compiler: gcc (GCC) 9.0.0 20181231 (experimental)
CC: [ak...@linux-foundation.org amir...@gmail.com
darric...@oracle.com han...@cmpxchg.org ja...@suse.cz
jo...@toxicpanda.com linux-...@vger.kernel.org linu...@kvack.org
songliu...@fb.com wi...@infradead.org el...@google.com]
Unfortunately, I don't have any reproducer for this crash yet.
IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+238e9b...@syzkaller.appspotmail.com
==================================================================
BUG: KCSAN: data-race in xas_find_marked / xas_set_mark
read to 0xffff8881259866a8 of 8 bytes by task 21 on cpu 1:
xas_find_chunk include/linux/xarray.h:1590 [inline]
xas_find_marked+0x17a/0x7b0 lib/xarray.c:1187
find_get_pages_range_tag+0x111/0x670 mm/filemap.c:1924
pagevec_lookup_range_tag+0x45/0x70 mm/swap.c:1054
mpage_prepare_extent_to_map+0x1e2/0x760 fs/ext4/inode.c:2645
ext4_writepages+0xb2b/0x2300 fs/ext4/inode.c:2866
do_writepages+0x6b/0x170 mm/page-writeback.c:2344
__writeback_single_inode+0xaf/0x8e0 fs/fs-writeback.c:1449
writeback_sb_inodes+0x4ba/0xa50 fs/fs-writeback.c:1713
__writeback_inodes_wb+0xe8/0x1b0 fs/fs-writeback.c:1782
wb_writeback+0x557/0x6a0 fs/fs-writeback.c:1891
wb_check_background_flush fs/fs-writeback.c:1959 [inline]
wb_do_writeback fs/fs-writeback.c:2047 [inline]
wb_workfn+0x696/0x970 fs/fs-writeback.c:2075
process_one_work+0x3d4/0x890 kernel/workqueue.c:2269
worker_thread+0xa0/0x800 kernel/workqueue.c:2415
kthread+0x1d4/0x200 drivers/block/aoe/aoecmd.c:1253
write to 0xffff8881259866a8 of 8 bytes by task 7854 on cpu 0:
__test_and_set_bit include/asm-generic/bitops-instrumented.h:168 [inline]
node_set_mark lib/xarray.c:92 [inline]
xas_set_mark+0x122/0x1a0 lib/xarray.c:878
__xa_set_mark+0xd3/0x100 lib/xarray.c:1695
__set_page_dirty+0x152/0x270 fs/buffer.c:584
mark_buffer_dirty+0x27f/0x2c0 fs/buffer.c:1112
__block_commit_write.isra.0+0x11f/0x170 fs/buffer.c:2041
block_write_end+0x6d/0x140 fs/buffer.c:2119
generic_write_end+0x8a/0x1f0 fs/buffer.c:2133
ext4_da_write_end+0x158/0x620 fs/ext4/inode.c:3189
generic_perform_write+0x1d3/0x320 mm/filemap.c:3315
__generic_file_write_iter+0x251/0x380 mm/filemap.c:3433
ext4_file_write_iter+0x1bd/0xa00 fs/ext4/file.c:268
call_write_iter include/linux/fs.h:1895 [inline]
new_sync_write+0x388/0x4a0 fs/read_write.c:483
__vfs_write+0xb1/0xc0 fs/read_write.c:496
vfs_write fs/read_write.c:558 [inline]
vfs_write+0x18a/0x390 fs/read_write.c:542
Reported by Kernel Concurrency Sanitizer on:
CPU: 0 PID: 7854 Comm: syz-executor.3 Not tainted 5.4.0-rc3+ #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS
Google 01/01/2011
==================================================================
---
This bug is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this bug report. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
Reply all
Reply to author
Forward
0 new messages