From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id C2265D18130 for ; Mon, 14 Oct 2024 16:43:03 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 246D16B0085; Mon, 14 Oct 2024 12:43:03 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 1F6FF6B0088; Mon, 14 Oct 2024 12:43:03 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 0BE9B6B008A; Mon, 14 Oct 2024 12:43:03 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0015.hostedemail.com [216.40.44.15]) by kanga.kvack.org (Postfix) with ESMTP id E2BC66B0085 for ; Mon, 14 Oct 2024 12:43:02 -0400 (EDT) Received: from smtpin11.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay10.hostedemail.com (Postfix) with ESMTP id 2D845C0F62 for ; Mon, 14 Oct 2024 16:42:54 +0000 (UTC) X-FDA: 82672777278.11.8CDF953 Received: from mail-pg1-f172.google.com (mail-pg1-f172.google.com [209.85.215.172]) by imf27.hostedemail.com (Postfix) with ESMTP id 846D840002 for ; Mon, 14 Oct 2024 16:42:54 +0000 (UTC) Authentication-Results: imf27.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=Y8Gl9g+b; dmarc=pass (policy=reject) header.from=google.com; spf=pass (imf27.hostedemail.com: domain of elver@google.com designates 209.85.215.172 as permitted sender) smtp.mailfrom=elver@google.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1728924134; a=rsa-sha256; cv=none; b=UD8Z6UrfZEbUqy9BEme4RQ3WrNnGNjdIx74RAn+Q+uAx4jk/CsMsDJt5gK41eXmtyez8kw CtrTUW4MOxmTMFFGkatqSA9xGAyAHJFs7X4oPJ5l9cPUPv/uDNRvAl8ALAVmxL1kFWGD4f Xb36oZyi0z17XrrWx5SitRnY4RUW500= ARC-Authentication-Results: i=1; imf27.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=Y8Gl9g+b; dmarc=pass (policy=reject) header.from=google.com; spf=pass (imf27.hostedemail.com: domain of elver@google.com designates 209.85.215.172 as permitted sender) smtp.mailfrom=elver@google.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1728924134; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=/vRohclFyb1yVLVIIYVU3Grng2JMSExeWOOVlHqN8Zo=; b=TkI1hXTCt+/YNe6VBYUL7pJSWR6DlGDEXGRkW7BH/MKUy0i/9XY58YlDU0ky8YreuIDFzg /o2a2Oh37Xg5v3D8hcnUnRUntxtriOiSJnBeoxcsfbKi0wfzuKnVci2sTfkSLn0Ppd/8hC 6+TiwntiRG1qsJqbPZIiQpzQCGkzqt8= Received: by mail-pg1-f172.google.com with SMTP id 41be03b00d2f7-7ae3d7222d4so3693294a12.3 for ; Mon, 14 Oct 2024 09:43:00 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1728924179; x=1729528979; darn=kvack.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=/vRohclFyb1yVLVIIYVU3Grng2JMSExeWOOVlHqN8Zo=; b=Y8Gl9g+bLsO1Tak4nM3QmOPQkgDipjCKhjdxfnpkquimoXGR+7TsotRemlkECjm+K2 gQtpLJuECX9jgHNK4o9xJ/mefkI8j0uXKkh8zI2/l4/MlGW4j3oM2pwot4sQL8Q1VJkk EPS3AWQLuQN+4na+nQ0BT5s51BsC1tKnN1TvT9jtlUrH+GrpjXz3BlvD5ZI3mazBYiYu zwE7sjPBnYMaBPnGM23klwtqHim+CYMYU4RavgbatBjw8chqshfoD4sFSxt6+ZP9XfH+ I0X/zuOZAn91qS2AMDzaaiO0djrwunAbJ+KSn0CaPnXMbl+0OC4AWfNVJjnaj+qSLc6b O1UQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1728924179; x=1729528979; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=/vRohclFyb1yVLVIIYVU3Grng2JMSExeWOOVlHqN8Zo=; b=mjI1cZGt7OqmQQMsqeBzsHfAcY1JBXD4PooGJL86vBelfjj0QBrn5zovdixVPX9cFS HqBSgWXd8Zr34cnIRbF7/YcCQhPBj+bqHbXOP0FfuUDg2yorsWycSv7gUaE3UaefLqLY nQpwwZ86msIEBE18DaqbYH3SC2C/+CAdtyx69t0v+N84rbteMSKSLA/yXnDWADmdsdwx l5b76KNr9sqiMVBGOyoSY43rVgVSKnrJrcShjJ4z3/TXet8Qr/nLgX+Kueq3NDb39Zjj BAiHqC1/qpoc8nCGaND6Zws83VeRkQHzc1sARqJwfS3Qaxk/DSWhSIIFMt3Boxhvlvfy XOjg== X-Forwarded-Encrypted: i=1; AJvYcCX0R0nk91Lr59sfs3LJYzB4TVKxzJ+5p0164HhwNmd0xtzIuu78hrJ97WLZK6VLWoFVKPq6YjcuCw==@kvack.org X-Gm-Message-State: AOJu0YxAQMSQwXPAs18HgqsRgka+2/NLoy/CGxYK05UJ7Ir0kvFVTDKN iboq8bqxU6l3fpBh+kIZwPxe88vDHGheSWJQzB37Lwno3NzyMZBuP9r7I9yZ5lG863eHmitOpCI znE1Z1wC5NxcINo7osDADYw/5hdMMy2AWYs17 X-Google-Smtp-Source: AGHT+IEDVP2DotlNS2VvFJeOmAwWOSyXXgTf9UNwef/K0IjxmgAvZwtAL/FzLEwdlqdRyFWgivR/JbF5bg2V10bn2e4= X-Received: by 2002:a05:6a21:393:b0:1d2:f00e:47bb with SMTP id adf61e73a8af0-1d8bcf3e69fmr17588474637.21.1728924179200; Mon, 14 Oct 2024 09:42:59 -0700 (PDT) MIME-Version: 1.0 References: <670cb562.050a0220.4cbc0.0042.GAE@google.com> In-Reply-To: From: Marco Elver Date: Mon, 14 Oct 2024 18:42:21 +0200 Message-ID: Subject: Re: [syzbot] [fs?] [mm?] KCSAN: data-race in xas_create / xas_find (8) To: Sabyrzhan Tasbolatov Cc: syzbot , akpm@linux-foundation.org, linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org, linux-mm@kvack.org, syzkaller-bugs@googlegroups.com, willy@infradead.org Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Rspam-User: X-Rspamd-Queue-Id: 846D840002 X-Rspamd-Server: rspam01 X-Stat-Signature: i144xkeek34yyftcbxugiw514h13wxc6 X-HE-Tag: 1728924174-502515 X-HE-Meta: U2FsdGVkX1+NJ6boAX2rWi0wxEBovDrdUwZEentJryPCBJked/klSoPakB94NhL8fpzvKA5VVy8JbWm/3RoR4MqEy695n0YEb1E67NaP/0eAUEVdljBhiNluk4RedoTKlwrjnaY0a6Vp9jaoLkL1ukkDwd8bY5Qqke/0YJWVrfQLFc2TsEifDPOfnpPDR43RCw7DJprrFggcWe06L0CxYqv1JguSX/l2P0ugzwUwC5qwXoWJ0vgHZt3LviCNxEL5d6LtnTIttLVeVKD5RrnHSs5qeagj8J/V2pRlj8eZJPGyPc/ZrjWfEh749qzgktUKpUpF2mY9ZPq7urErJXTp2Or0yQcg7j9xY2MRhNX7ZwriZ7fxXdYf+n1OE+v6zfYXXSYa4C/omL0vNCDk0SS5i0Rg4IexMVRwimmzIgQKv065zbpdro5kcBMq+Ze8e7OrhrL1xxXNDKYTf2FZfI3OcxSPwECH9JNRjUkjiTIg8vUG5ZTta9yCL+k8+WriCpmUQbF8sTt8S0UGREIYH8P5lUfM3U8rl9rcG4mKUB1EdYQfMKmAfSWe+gSqX7/shUmmibLLOsQ7MtixlX/BlbJ2aVXMjcjwaLj3ejaQ1TayPN/igrLr/2IEdhPk/1ANeYc6FDPisiU9AF0us8mh9uUDp6G0OmF+/wizFF9CHfiK2k3KHomnuyv7YvzOFeV/g2ZsRXPLyvtHF1Jv2bBYc1esJ8NB6Piucfdmg7L25YoDd+ohL/mziwJMgV/IfR3sxjYKTySD/FBHtQn6Wwghs42p0JsWwWgCHy+SVdXtXrryryy/hghA/XoCFjaAMqfTK16HK5uSKQlfptVdDGNRZZ7R88TM/sxsDKNnn4IRv+g4HaHmYpdj/E9mpNe4CLSFvDzFNLlqRL4U6CVeEpwrXROtY4DzSpaWOu7e4wW9TwYqP8Tvvzr2EwxdPUPn571Y84FUsCGrDY+l/L04hQ9+aY9 1cGJBrZE irNDkC2XneUFhGHhPVFOc3V+WSNqV2Uwa5PnlxLIr1CrmznLYxDha861elnQb27JWTquKAegEbM/QmwYgji3yBLUwpE4sOHSYsWrO3qMnG+/LFfsJZhirqO56ej1skpg7gE7M/X3iNZrBSFjiypQOXUYVeBtyJiybleH8E34V08dpqU9q6jGrnfEvbx+nmzABX4kBEXoW+5NCyhPq7auOYxJK0IZK+qeCK87+VzJ6KFaVjaGLlhTb7U7iDYafNrxVgv/jJEnQEhII7IElEjG3MV9IDWJlnpCUWUABMFBGQdaLOCuRwyr3EiU22XguwIIVFncOmZTW2HCdtv4qgV7vjm1j0LePwHaW10TwAAZIHOGopXcTo3Kl82KSr06ugNQ1Uv9k6GD/Utzxeyl+u1Rva6dOYeCzU1SvCi2RwpD2SJKw9z3aeGqYgBU/r2JqeVsjSHXMiPoipySmLJ/WGDUi9Qx2ShU3EhJM9iuK4Iy42+gAz51Ve61CCij3ke3iRM2VBy70TeOUa4pDnLQRPAHYyEThU4EptaroZDSugtDV02q5CnJ7CNQqCf2LkYt3/2SRxJyc0lzGEcAIC7QcbBkwjFCzGjvkpbftPvFL8AQ78rsPcSJC4/jCvGG+NJn0KQ9mhcmWujwbix2ZWi8237C/OaObpESi1B3RazIEpveq1SM6Tq74q4RFGdUD4IeFTlGVyONlJbvwme1iuPtMEcSyKyepaooaQpcY1+u2Y9UzukFZrlpTUEj4/N+VzRbpjId4Ny08lWpkJ8WbTsbZxHq3/ptw6rrjg5V6M/XOLVjfknj00RZTHtUA59KiGTwWz6LC11Ink0yEeEOQHldJLMmdIcHB8NpxRNAzw2ODE3GMfA7k3iBKOm/LdHWMXjdAhO64OEEtNQwNregX6HPZ2QA4PO5kXBAMNUxUGTJBvnjn3h1VfWxY2ShGZ7VlQK0aVkfl8C8a8tsUy47GQko/PNihc3Edi7qL Rrncl+9z X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Mon, 14 Oct 2024 at 08:40, Sabyrzhan Tasbolatov wr= ote: > > On Mon, Oct 14, 2024 at 11:08=E2=80=AFAM syzbot > wrote: > > > > Hello, > > > > syzbot found the following issue on: > > > > HEAD commit: 2f91ff27b0ee Merge tag 'sound-6.12-rc2' of git://git.ke= rne.. > > git tree: upstream > > console output: https://syzkaller.appspot.com/x/log.txt?x=3D155c879f980= 000 > > kernel config: https://syzkaller.appspot.com/x/.config?x=3D95098faba89= c70c9 > > dashboard link: https://syzkaller.appspot.com/bug?extid=3Db79be83906cd9= bab16ff > > compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for D= ebian) 2.40 > > > > Unfortunately, I don't have any reproducer for this issue yet. > > > > Downloadable assets: > > disk image: https://storage.googleapis.com/syzbot-assets/14933c4ac457/d= isk-2f91ff27.raw.xz > > vmlinux: https://storage.googleapis.com/syzbot-assets/6725831fc1a1/vmli= nux-2f91ff27.xz > > kernel image: https://storage.googleapis.com/syzbot-assets/98d64e038e72= /bzImage-2f91ff27.xz > > > > IMPORTANT: if you fix the issue, please add the following tag to the co= mmit: > > Reported-by: syzbot+b79be83906cd9bab16ff@syzkaller.appspotmail.com > > > > loop4: detected capacity change from 0 to 4096 > > EXT4-fs: Ignoring removed nobh option > > EXT4-fs: Ignoring removed i_version option > > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D > > BUG: KCSAN: data-race in xas_create / xas_find > > > > write to 0xffff888106819919 of 1 bytes by task 3435 on cpu 0: > > xas_expand lib/xarray.c:613 [inline] > > xas_create+0x666/0xbd0 lib/xarray.c:654 > > xas_store+0x6f/0xc90 lib/xarray.c:788 > > AFAIU, xas_store() itself, doesn't have a locking mechanism, > but is locked in xa_* functions. Example: > > void *xa_store_range(...) > { > XA_STATE(xas, xa, 0); > ... > do { > xas_lock(&xas); > if (entry) { > ... > xas_create(&xas, true); > } > ... > unlock: > xas_unlock(&xas); > } > > Same thing is for the another racing xas_find() function: > > void *xa_find(...) > { > XA_STATE(xas, xa, *indexp); > void *entry; > rcu_read_lock(); > do { > if (...) > entry =3D xas_find_marked(&xas, max, filter); > else > entry =3D xas_find(&xas, max); > ... > rcu_read_unlock(); > } > > In this KCSAN report, xas_create() and xas_find() are racing for `offset`= field. If you search the mailing list archives, there are several such reports: https://lore.kernel.org/all/20230914080811.465zw662sus4uznq@quack3= / And have all been deemed benign. The code might benefit from markings, per: https://github.com/torvalds/linux/blob/master/tools/memory-model/Documentat= ion/access-marking.txt But that's entirely up to the maintainer's preference: https://lwn.net/Articles/816854/