[moderation] [fs?] KCSAN: data-race in pipe_double_lock / pipe_release (4)
4 views
Skip to first unread message
syzbot
Jan 17, 2024, 4:32:23 PMJan 17
to syzkaller-upst...@googlegroups.com
Hello,
syzbot found the following issue on:
HEAD commit: 1b1934dbbdcf Merge tag 'docs-6.8-2' of git://git.lwn.net/l..
git tree: upstream
console output: https://syzkaller.appspot.com/x/log.txt?x=1793e4dde80000
kernel config: https://syzkaller.appspot.com/x/.config?x=adb08aaa4585df88
dashboard link: https://syzkaller.appspot.com/bug?extid=fe81dd243bcdb2963c9b
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
CC: [bra...@kernel.org ja...@suse.cz linux-...@vger.kernel.org linux-...@vger.kernel.org vi...@zeniv.linux.org.uk]
Unfortunately, I don't have any reproducer for this issue yet.
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/072bf5077b75/disk-1b1934db.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/fb2e3cccd26b/vmlinux-1b1934db.xz
kernel image: https://storage.googleapis.com/syzbot-assets/6fff284452ac/bzImage-1b1934db.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+fe81dd...@syzkaller.appspotmail.com
==================================================================
BUG: KCSAN: data-race in pipe_double_lock / pipe_release
read-write to 0xffff8881295b74ec of 4 bytes by task 804 on cpu 0:
put_pipe_info fs/pipe.c:722 [inline]
pipe_release+0x164/0x1c0 fs/pipe.c:752
__fput+0x299/0x630 fs/file_table.c:376
__fput_sync+0x44/0x50 fs/file_table.c:461
__do_sys_close fs/open.c:1554 [inline]
__se_sys_close+0xfa/0x1a0 fs/open.c:1539
__x64_sys_close+0x1f/0x30 fs/open.c:1539
do_syscall_x64 arch/x86/entry/common.c:52 [inline]
do_syscall_64+0x59/0x120 arch/x86/entry/common.c:83
entry_SYSCALL_64_after_hwframe+0x63/0x6b
read to 0xffff8881295b74ec of 4 bytes by task 834 on cpu 1:
pipe_lock_nested fs/pipe.c:81 [inline]
pipe_double_lock+0x4f/0xe0 fs/pipe.c:120
splice_pipe_to_pipe fs/splice.c:1765 [inline]
do_splice+0x32d/0x10d0 fs/splice.c:1331
__do_splice fs/splice.c:1436 [inline]
__do_sys_splice fs/splice.c:1652 [inline]
__se_sys_splice+0x24c/0x380 fs/splice.c:1634
__x64_sys_splice+0x78/0x90 fs/splice.c:1634
do_syscall_x64 arch/x86/entry/common.c:52 [inline]
do_syscall_64+0x59/0x120 arch/x86/entry/common.c:83
entry_SYSCALL_64_after_hwframe+0x63/0x6b
value changed: 0x00000002 -> 0x00000001
Reported by Kernel Concurrency Sanitizer on:
CPU: 1 PID: 834 Comm: syz-executor.0 Not tainted 6.7.0-syzkaller-10085-g1b1934dbbdcf #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023
==================================================================
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
If the report is already addressed, let syzbot know by replying with:
#syz fix: exact-commit-title
If you want to overwrite report's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)
If the report is a duplicate of another one, reply with:
#syz dup: exact-subject-of-another-report
If you want to undo deduplication, reply with:
#syz undup
syzbot found the following issue on:
HEAD commit: 1b1934dbbdcf Merge tag 'docs-6.8-2' of git://git.lwn.net/l..
git tree: upstream
console output: https://syzkaller.appspot.com/x/log.txt?x=1793e4dde80000
kernel config: https://syzkaller.appspot.com/x/.config?x=adb08aaa4585df88
dashboard link: https://syzkaller.appspot.com/bug?extid=fe81dd243bcdb2963c9b
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
CC: [bra...@kernel.org ja...@suse.cz linux-...@vger.kernel.org linux-...@vger.kernel.org vi...@zeniv.linux.org.uk]
Unfortunately, I don't have any reproducer for this issue yet.
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/072bf5077b75/disk-1b1934db.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/fb2e3cccd26b/vmlinux-1b1934db.xz
kernel image: https://storage.googleapis.com/syzbot-assets/6fff284452ac/bzImage-1b1934db.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+fe81dd...@syzkaller.appspotmail.com
==================================================================
BUG: KCSAN: data-race in pipe_double_lock / pipe_release
read-write to 0xffff8881295b74ec of 4 bytes by task 804 on cpu 0:
put_pipe_info fs/pipe.c:722 [inline]
pipe_release+0x164/0x1c0 fs/pipe.c:752
__fput+0x299/0x630 fs/file_table.c:376
__fput_sync+0x44/0x50 fs/file_table.c:461
__do_sys_close fs/open.c:1554 [inline]
__se_sys_close+0xfa/0x1a0 fs/open.c:1539
__x64_sys_close+0x1f/0x30 fs/open.c:1539
do_syscall_x64 arch/x86/entry/common.c:52 [inline]
do_syscall_64+0x59/0x120 arch/x86/entry/common.c:83
entry_SYSCALL_64_after_hwframe+0x63/0x6b
read to 0xffff8881295b74ec of 4 bytes by task 834 on cpu 1:
pipe_lock_nested fs/pipe.c:81 [inline]
pipe_double_lock+0x4f/0xe0 fs/pipe.c:120
splice_pipe_to_pipe fs/splice.c:1765 [inline]
do_splice+0x32d/0x10d0 fs/splice.c:1331
__do_splice fs/splice.c:1436 [inline]
__do_sys_splice fs/splice.c:1652 [inline]
__se_sys_splice+0x24c/0x380 fs/splice.c:1634
__x64_sys_splice+0x78/0x90 fs/splice.c:1634
do_syscall_x64 arch/x86/entry/common.c:52 [inline]
do_syscall_64+0x59/0x120 arch/x86/entry/common.c:83
entry_SYSCALL_64_after_hwframe+0x63/0x6b
value changed: 0x00000002 -> 0x00000001
Reported by Kernel Concurrency Sanitizer on:
CPU: 1 PID: 834 Comm: syz-executor.0 Not tainted 6.7.0-syzkaller-10085-g1b1934dbbdcf #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023
==================================================================
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
If the report is already addressed, let syzbot know by replying with:
#syz fix: exact-commit-title
If you want to overwrite report's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)
If the report is a duplicate of another one, reply with:
#syz dup: exact-subject-of-another-report
If you want to undo deduplication, reply with:
#syz undup
syzbot
Feb 21, 2024, 4:32:12 PMFeb 21
to syzkaller-upst...@googlegroups.com
Auto-closing this bug as obsolete.
Crashes did not happen for a while, no reproducer and no activity.
Crashes did not happen for a while, no reproducer and no activity.
Reply all
Reply to author
Forward
0 new messages