[moderation] [ext4?] KCSAN: data-race in memchr / number (3)
0 views
Skip to first unread message
syzbot
Jun 1, 2024, 12:52:32 AMJun 1
to syzkaller-upst...@googlegroups.com
Hello,
syzbot found the following issue on:
HEAD commit: d8ec19857b09 Merge tag 'net-6.10-rc2' of git://git.kernel...
git tree: upstream
console output: https://syzkaller.appspot.com/x/log.txt?x=16c4964a980000
kernel config: https://syzkaller.appspot.com/x/.config?x=b639694183430f97
dashboard link: https://syzkaller.appspot.com/bug?extid=c6474413e6cf4c5f6fa4
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
CC: [adilger...@dilger.ca linux...@vger.kernel.org linux-...@vger.kernel.org ty...@mit.edu]
Unfortunately, I don't have any reproducer for this issue yet.
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/4c525cb10506/disk-d8ec1985.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/5d3c75ffceb2/vmlinux-d8ec1985.xz
kernel image: https://storage.googleapis.com/syzbot-assets/5a992c1884ee/bzImage-d8ec1985.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+c64744...@syzkaller.appspotmail.com
==================================================================
BUG: KCSAN: data-race in memchr / number
write to 0xffffffff883cfc92 of 1 bytes by task 6180 on cpu 1:
number+0x85f/0xa90 lib/vsprintf.c:564
vsnprintf+0xa44/0xe30 lib/vsprintf.c:2890
va_format lib/vsprintf.c:1683 [inline]
pointer+0x8a1/0xd20 lib/vsprintf.c:2455
vsnprintf+0x861/0xe30 lib/vsprintf.c:2828
vscnprintf+0x42/0x90 lib/vsprintf.c:2930
printk_sprint+0x30/0x2d0 kernel/printk/printk.c:2162
vprintk_store+0x4a4/0x810 kernel/printk/printk.c:2244
vprintk_emit+0x10c/0x5e0 kernel/printk/printk.c:2326
vprintk_default+0x26/0x30 kernel/printk/printk.c:2360
vprintk+0x75/0x80 kernel/printk/printk_safe.c:45
_printk+0x7a/0xa0 kernel/printk/printk.c:2370
__ext4_grp_locked_error+0x5b0/0x7b0 fs/ext4/super.c:1063
ext4_mb_generate_buddy+0x247/0x2d0 fs/ext4/mballoc.c:1217
ext4_mb_init_cache+0x848/0xbc0 fs/ext4/mballoc.c:1406
ext4_mb_init_group+0x210/0x3b0 fs/ext4/mballoc.c:1543
ext4_mb_good_group_nolock fs/ext4/mballoc.c:2704 [inline]
ext4_mb_regular_allocator+0xb13/0x2370 fs/ext4/mballoc.c:2903
ext4_mb_new_blocks+0x801/0x2020 fs/ext4/mballoc.c:6219
ext4_ext_map_blocks+0x10a1/0x33b0 fs/ext4/extents.c:4318
ext4_map_blocks+0x72a/0xf50 fs/ext4/inode.c:623
mpage_map_one_extent fs/ext4/inode.c:2163 [inline]
mpage_map_and_submit_extent fs/ext4/inode.c:2216 [inline]
ext4_do_writepages+0xd85/0x2110 fs/ext4/inode.c:2679
ext4_writepages+0x159/0x2e0 fs/ext4/inode.c:2768
do_writepages+0x1d8/0x480 mm/page-writeback.c:2634
filemap_fdatawrite_wbc+0xdb/0x100 mm/filemap.c:397
__filemap_fdatawrite_range mm/filemap.c:430 [inline]
file_write_and_wait_range+0xc8/0x170 mm/filemap.c:788
generic_buffers_fsync_noflush+0x4c/0x130 fs/buffer.c:602
ext4_fsync_nojournal fs/ext4/fsync.c:88 [inline]
ext4_sync_file+0x20b/0x6c0 fs/ext4/fsync.c:151
vfs_fsync_range+0x122/0x140 fs/sync.c:188
generic_write_sync include/linux/fs.h:2794 [inline]
ext4_buffered_write_iter+0x338/0x380 fs/ext4/file.c:305
ext4_file_write_iter+0x29f/0xe30
do_iter_readv_writev+0x339/0x3e0
vfs_writev+0x2e4/0x890 fs/read_write.c:971
do_pwritev fs/read_write.c:1072 [inline]
__do_sys_pwritev2 fs/read_write.c:1131 [inline]
__se_sys_pwritev2+0x10c/0x1d0 fs/read_write.c:1122
__x64_sys_pwritev2+0x78/0x90 fs/read_write.c:1122
x64_sys_call+0x274f/0x2d70 arch/x86/include/generated/asm/syscalls_64.h:329
do_syscall_x64 arch/x86/entry/common.c:52 [inline]
do_syscall_64+0xc9/0x1c0 arch/x86/entry/common.c:83
entry_SYSCALL_64_after_hwframe+0x77/0x7f
read to 0xffffffff883cfc92 of 1 bytes by task 6189 on cpu 0:
memchr+0x2a/0x50 lib/string.c:791
count_lines kernel/printk/printk_ringbuffer.c:1797 [inline]
copy_data kernel/printk/printk_ringbuffer.c:1843 [inline]
prb_read kernel/printk/printk_ringbuffer.c:1936 [inline]
_prb_read_valid+0xa26/0xba0 kernel/printk/printk_ringbuffer.c:2113
prb_read_valid_info+0x67/0x90 kernel/printk/printk_ringbuffer.c:2216
find_first_fitting_seq+0x1bc/0x310 kernel/printk/printk.c:1535
syslog_print_all+0x11d/0x5a0 kernel/printk/printk.c:1667
do_syslog+0x41c/0x7d0 kernel/printk/printk.c:1745
__do_sys_syslog kernel/printk/printk.c:1823 [inline]
__se_sys_syslog kernel/printk/printk.c:1821 [inline]
__x64_sys_syslog+0x43/0x50 kernel/printk/printk.c:1821
x64_sys_call+0x26cd/0x2d70 arch/x86/include/generated/asm/syscalls_64.h:104
do_syscall_x64 arch/x86/entry/common.c:52 [inline]
do_syscall_64+0xc9/0x1c0 arch/x86/entry/common.c:83
entry_SYSCALL_64_after_hwframe+0x77/0x7f
value changed: 0x41 -> 0x39
Reported by Kernel Concurrency Sanitizer on:
CPU: 0 PID: 6189 Comm: syz-executor.4 Not tainted 6.10.0-rc1-syzkaller-00104-gd8ec19857b09 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
==================================================================
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
If the report is already addressed, let syzbot know by replying with:
#syz fix: exact-commit-title
If you want to overwrite report's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)
If the report is a duplicate of another one, reply with:
#syz dup: exact-subject-of-another-report
If you want to undo deduplication, reply with:
#syz undup
syzbot found the following issue on:
HEAD commit: d8ec19857b09 Merge tag 'net-6.10-rc2' of git://git.kernel...
git tree: upstream
console output: https://syzkaller.appspot.com/x/log.txt?x=16c4964a980000
kernel config: https://syzkaller.appspot.com/x/.config?x=b639694183430f97
dashboard link: https://syzkaller.appspot.com/bug?extid=c6474413e6cf4c5f6fa4
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
CC: [adilger...@dilger.ca linux...@vger.kernel.org linux-...@vger.kernel.org ty...@mit.edu]
Unfortunately, I don't have any reproducer for this issue yet.
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/4c525cb10506/disk-d8ec1985.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/5d3c75ffceb2/vmlinux-d8ec1985.xz
kernel image: https://storage.googleapis.com/syzbot-assets/5a992c1884ee/bzImage-d8ec1985.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+c64744...@syzkaller.appspotmail.com
==================================================================
BUG: KCSAN: data-race in memchr / number
write to 0xffffffff883cfc92 of 1 bytes by task 6180 on cpu 1:
number+0x85f/0xa90 lib/vsprintf.c:564
vsnprintf+0xa44/0xe30 lib/vsprintf.c:2890
va_format lib/vsprintf.c:1683 [inline]
pointer+0x8a1/0xd20 lib/vsprintf.c:2455
vsnprintf+0x861/0xe30 lib/vsprintf.c:2828
vscnprintf+0x42/0x90 lib/vsprintf.c:2930
printk_sprint+0x30/0x2d0 kernel/printk/printk.c:2162
vprintk_store+0x4a4/0x810 kernel/printk/printk.c:2244
vprintk_emit+0x10c/0x5e0 kernel/printk/printk.c:2326
vprintk_default+0x26/0x30 kernel/printk/printk.c:2360
vprintk+0x75/0x80 kernel/printk/printk_safe.c:45
_printk+0x7a/0xa0 kernel/printk/printk.c:2370
__ext4_grp_locked_error+0x5b0/0x7b0 fs/ext4/super.c:1063
ext4_mb_generate_buddy+0x247/0x2d0 fs/ext4/mballoc.c:1217
ext4_mb_init_cache+0x848/0xbc0 fs/ext4/mballoc.c:1406
ext4_mb_init_group+0x210/0x3b0 fs/ext4/mballoc.c:1543
ext4_mb_good_group_nolock fs/ext4/mballoc.c:2704 [inline]
ext4_mb_regular_allocator+0xb13/0x2370 fs/ext4/mballoc.c:2903
ext4_mb_new_blocks+0x801/0x2020 fs/ext4/mballoc.c:6219
ext4_ext_map_blocks+0x10a1/0x33b0 fs/ext4/extents.c:4318
ext4_map_blocks+0x72a/0xf50 fs/ext4/inode.c:623
mpage_map_one_extent fs/ext4/inode.c:2163 [inline]
mpage_map_and_submit_extent fs/ext4/inode.c:2216 [inline]
ext4_do_writepages+0xd85/0x2110 fs/ext4/inode.c:2679
ext4_writepages+0x159/0x2e0 fs/ext4/inode.c:2768
do_writepages+0x1d8/0x480 mm/page-writeback.c:2634
filemap_fdatawrite_wbc+0xdb/0x100 mm/filemap.c:397
__filemap_fdatawrite_range mm/filemap.c:430 [inline]
file_write_and_wait_range+0xc8/0x170 mm/filemap.c:788
generic_buffers_fsync_noflush+0x4c/0x130 fs/buffer.c:602
ext4_fsync_nojournal fs/ext4/fsync.c:88 [inline]
ext4_sync_file+0x20b/0x6c0 fs/ext4/fsync.c:151
vfs_fsync_range+0x122/0x140 fs/sync.c:188
generic_write_sync include/linux/fs.h:2794 [inline]
ext4_buffered_write_iter+0x338/0x380 fs/ext4/file.c:305
ext4_file_write_iter+0x29f/0xe30
do_iter_readv_writev+0x339/0x3e0
vfs_writev+0x2e4/0x890 fs/read_write.c:971
do_pwritev fs/read_write.c:1072 [inline]
__do_sys_pwritev2 fs/read_write.c:1131 [inline]
__se_sys_pwritev2+0x10c/0x1d0 fs/read_write.c:1122
__x64_sys_pwritev2+0x78/0x90 fs/read_write.c:1122
x64_sys_call+0x274f/0x2d70 arch/x86/include/generated/asm/syscalls_64.h:329
do_syscall_x64 arch/x86/entry/common.c:52 [inline]
do_syscall_64+0xc9/0x1c0 arch/x86/entry/common.c:83
entry_SYSCALL_64_after_hwframe+0x77/0x7f
read to 0xffffffff883cfc92 of 1 bytes by task 6189 on cpu 0:
memchr+0x2a/0x50 lib/string.c:791
count_lines kernel/printk/printk_ringbuffer.c:1797 [inline]
copy_data kernel/printk/printk_ringbuffer.c:1843 [inline]
prb_read kernel/printk/printk_ringbuffer.c:1936 [inline]
_prb_read_valid+0xa26/0xba0 kernel/printk/printk_ringbuffer.c:2113
prb_read_valid_info+0x67/0x90 kernel/printk/printk_ringbuffer.c:2216
find_first_fitting_seq+0x1bc/0x310 kernel/printk/printk.c:1535
syslog_print_all+0x11d/0x5a0 kernel/printk/printk.c:1667
do_syslog+0x41c/0x7d0 kernel/printk/printk.c:1745
__do_sys_syslog kernel/printk/printk.c:1823 [inline]
__se_sys_syslog kernel/printk/printk.c:1821 [inline]
__x64_sys_syslog+0x43/0x50 kernel/printk/printk.c:1821
x64_sys_call+0x26cd/0x2d70 arch/x86/include/generated/asm/syscalls_64.h:104
do_syscall_x64 arch/x86/entry/common.c:52 [inline]
do_syscall_64+0xc9/0x1c0 arch/x86/entry/common.c:83
entry_SYSCALL_64_after_hwframe+0x77/0x7f
value changed: 0x41 -> 0x39
Reported by Kernel Concurrency Sanitizer on:
CPU: 0 PID: 6189 Comm: syz-executor.4 Not tainted 6.10.0-rc1-syzkaller-00104-gd8ec19857b09 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
==================================================================
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
If the report is already addressed, let syzbot know by replying with:
#syz fix: exact-commit-title
If you want to overwrite report's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)
If the report is a duplicate of another one, reply with:
#syz dup: exact-subject-of-another-report
If you want to undo deduplication, reply with:
#syz undup
Reply all
Reply to author
Forward
0 new messages