[moderation] [fs?] KCSAN: data-race in __fsnotify_parent / __fsnotify_recalc_mask (4)
0 views
Skip to first unread message
syzbot
Mar 20, 2024, 6:08:29 AMMar 20
to syzkaller-upst...@googlegroups.com
Hello,
syzbot found the following issue on:
HEAD commit: a4145ce1e7bc Merge tag 'bcachefs-2024-03-19' of https://ev..
git tree: upstream
console output: https://syzkaller.appspot.com/x/log.txt?x=13ffdaa5180000
kernel config: https://syzkaller.appspot.com/x/.config?x=8e033e6bf1fa349a
dashboard link: https://syzkaller.appspot.com/bug?extid=783d283962125a29c140
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
CC: [amir...@gmail.com ja...@suse.cz linux-...@vger.kernel.org linux-...@vger.kernel.org]
Unfortunately, I don't have any reproducer for this issue yet.
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/3b550dae6a5e/disk-a4145ce1.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/0ca9e25fb92b/vmlinux-a4145ce1.xz
kernel image: https://storage.googleapis.com/syzbot-assets/2b0d6e5da868/bzImage-a4145ce1.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+783d28...@syzkaller.appspotmail.com
==================================================================
BUG: KCSAN: data-race in __fsnotify_parent / __fsnotify_recalc_mask
write to 0xffff8881012b5d44 of 4 bytes by task 3690 on cpu 1:
__fsnotify_recalc_mask+0x204/0x300 fs/notify/mark.c:174
fsnotify_recalc_mask fs/notify/mark.c:191 [inline]
fsnotify_add_mark_locked+0x740/0x8c0 fs/notify/mark.c:695
fsnotify_add_inode_mark_locked include/linux/fsnotify_backend.h:783 [inline]
inotify_new_watch fs/notify/inotify/inotify_user.c:620 [inline]
inotify_update_watch fs/notify/inotify/inotify_user.c:647 [inline]
__do_sys_inotify_add_watch fs/notify/inotify/inotify_user.c:786 [inline]
__se_sys_inotify_add_watch+0x669/0x820 fs/notify/inotify/inotify_user.c:729
__x64_sys_inotify_add_watch+0x43/0x50 fs/notify/inotify/inotify_user.c:729
do_syscall_64+0xd3/0x1d0
entry_SYSCALL_64_after_hwframe+0x6d/0x75
read to 0xffff8881012b5d44 of 4 bytes by task 8645 on cpu 0:
fsnotify_object_watched fs/notify/fsnotify.c:173 [inline]
__fsnotify_parent+0xd4/0x370 fs/notify/fsnotify.c:203
fsnotify_parent include/linux/fsnotify.h:83 [inline]
fsnotify_file include/linux/fsnotify.h:106 [inline]
fsnotify_open include/linux/fsnotify.h:376 [inline]
do_dentry_open+0xa61/0xbe0 fs/open.c:1011
vfs_open+0x4a/0x60 fs/open.c:1089
do_open fs/namei.c:3642 [inline]
path_openat+0x18ba/0x1d80 fs/namei.c:3799
do_filp_open+0xf7/0x200 fs/namei.c:3826
do_sys_openat2+0xab/0x120 fs/open.c:1406
do_sys_open fs/open.c:1421 [inline]
__do_sys_openat fs/open.c:1437 [inline]
__se_sys_openat fs/open.c:1432 [inline]
__x64_sys_openat+0xf3/0x120 fs/open.c:1432
do_syscall_64+0xd3/0x1d0
entry_SYSCALL_64_after_hwframe+0x6d/0x75
value changed: 0x00000000 -> 0x00002008
Reported by Kernel Concurrency Sanitizer on:
CPU: 0 PID: 8645 Comm: syz-executor.3 Not tainted 6.8.0-syzkaller-11743-ga4145ce1e7bc #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/29/2024
==================================================================
loop3: detected capacity change from 0 to 512
EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (43602!=33349)
EXT4-fs (loop3): group descriptors corrupted!
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
If the report is already addressed, let syzbot know by replying with:
#syz fix: exact-commit-title
If you want to overwrite report's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)
If the report is a duplicate of another one, reply with:
#syz dup: exact-subject-of-another-report
If you want to undo deduplication, reply with:
#syz undup
syzbot found the following issue on:
HEAD commit: a4145ce1e7bc Merge tag 'bcachefs-2024-03-19' of https://ev..
git tree: upstream
console output: https://syzkaller.appspot.com/x/log.txt?x=13ffdaa5180000
kernel config: https://syzkaller.appspot.com/x/.config?x=8e033e6bf1fa349a
dashboard link: https://syzkaller.appspot.com/bug?extid=783d283962125a29c140
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
CC: [amir...@gmail.com ja...@suse.cz linux-...@vger.kernel.org linux-...@vger.kernel.org]
Unfortunately, I don't have any reproducer for this issue yet.
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/3b550dae6a5e/disk-a4145ce1.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/0ca9e25fb92b/vmlinux-a4145ce1.xz
kernel image: https://storage.googleapis.com/syzbot-assets/2b0d6e5da868/bzImage-a4145ce1.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+783d28...@syzkaller.appspotmail.com
==================================================================
BUG: KCSAN: data-race in __fsnotify_parent / __fsnotify_recalc_mask
write to 0xffff8881012b5d44 of 4 bytes by task 3690 on cpu 1:
__fsnotify_recalc_mask+0x204/0x300 fs/notify/mark.c:174
fsnotify_recalc_mask fs/notify/mark.c:191 [inline]
fsnotify_add_mark_locked+0x740/0x8c0 fs/notify/mark.c:695
fsnotify_add_inode_mark_locked include/linux/fsnotify_backend.h:783 [inline]
inotify_new_watch fs/notify/inotify/inotify_user.c:620 [inline]
inotify_update_watch fs/notify/inotify/inotify_user.c:647 [inline]
__do_sys_inotify_add_watch fs/notify/inotify/inotify_user.c:786 [inline]
__se_sys_inotify_add_watch+0x669/0x820 fs/notify/inotify/inotify_user.c:729
__x64_sys_inotify_add_watch+0x43/0x50 fs/notify/inotify/inotify_user.c:729
do_syscall_64+0xd3/0x1d0
entry_SYSCALL_64_after_hwframe+0x6d/0x75
read to 0xffff8881012b5d44 of 4 bytes by task 8645 on cpu 0:
fsnotify_object_watched fs/notify/fsnotify.c:173 [inline]
__fsnotify_parent+0xd4/0x370 fs/notify/fsnotify.c:203
fsnotify_parent include/linux/fsnotify.h:83 [inline]
fsnotify_file include/linux/fsnotify.h:106 [inline]
fsnotify_open include/linux/fsnotify.h:376 [inline]
do_dentry_open+0xa61/0xbe0 fs/open.c:1011
vfs_open+0x4a/0x60 fs/open.c:1089
do_open fs/namei.c:3642 [inline]
path_openat+0x18ba/0x1d80 fs/namei.c:3799
do_filp_open+0xf7/0x200 fs/namei.c:3826
do_sys_openat2+0xab/0x120 fs/open.c:1406
do_sys_open fs/open.c:1421 [inline]
__do_sys_openat fs/open.c:1437 [inline]
__se_sys_openat fs/open.c:1432 [inline]
__x64_sys_openat+0xf3/0x120 fs/open.c:1432
do_syscall_64+0xd3/0x1d0
entry_SYSCALL_64_after_hwframe+0x6d/0x75
value changed: 0x00000000 -> 0x00002008
Reported by Kernel Concurrency Sanitizer on:
CPU: 0 PID: 8645 Comm: syz-executor.3 Not tainted 6.8.0-syzkaller-11743-ga4145ce1e7bc #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/29/2024
==================================================================
loop3: detected capacity change from 0 to 512
EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (43602!=33349)
EXT4-fs (loop3): group descriptors corrupted!
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
If the report is already addressed, let syzbot know by replying with:
#syz fix: exact-commit-title
If you want to overwrite report's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)
If the report is a duplicate of another one, reply with:
#syz dup: exact-subject-of-another-report
If you want to undo deduplication, reply with:
#syz undup
Reply all
Reply to author
Forward
0 new messages