syzbot

 sign-in | mailing list | source | docs
🐞 Open [1488]
Subsystems
🐞 Fixed [6798]
🐞 Invalid [17552]
Missing Backports [222]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

KCSAN: data-race in data_push_tail / number (5)

Status: moderation: reported on 2025/07/22 09:11
Subsystems: rdma audit
[Documentation on labels]
Reported-by: syzbot+7b1cbf8ab9b0340d009e@syzkaller.appspotmail.com
First crash: 148d, last: 12d
Similar bugs (4)
Kernel Title Rank 🛈 Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KCSAN: data-race in data_push_tail / number (2) audit 6 46 1079d 1414d 0/29 auto-obsoleted due to no activity on 2023/02/11 10:05
upstream KCSAN: data-race in data_push_tail / number (4) block 6 103 206d 739d 0/29 auto-obsoleted due to no activity on 2025/07/20 09:23
upstream KCSAN: data-race in data_push_tail / number (3) ext4 6 15 955d 1040d 0/29 auto-obsoleted due to no activity on 2023/06/10 22:29
upstream KCSAN: data-race in data_push_tail / number ext4 6 87 1451d 1592d 0/29 auto-closed as invalid on 2022/01/31 12:18

Sample crash report:
EXT4-fs error (device loop5): ext4_mb_generate_buddy:1306: group 0, 
==================================================================
BUG: KCSAN: data-race in data_push_tail / number

write to 0xffffffff88ec3330 of 1 bytes by task 15601 on cpu 1:
 number+0x8fd/0xab0 lib/vsprintf.c:572
 vsnprintf+0x64e/0x860 lib/vsprintf.c:2911
 vscnprintf+0x41/0x90 lib/vsprintf.c:3012
 printk_sprint+0x30/0x2d0 kernel/printk/printk.c:2192
 vprintk_store+0x599/0x860 kernel/printk/printk.c:2312
 vprintk_emit+0x15a/0x610 kernel/printk/printk.c:2402
 vprintk_default+0x26/0x30 kernel/printk/printk.c:2441
 vprintk+0x1d/0x30 kernel/printk/printk_safe.c:82
 _printk+0x79/0xa0 kernel/printk/printk.c:2451
 blk_add_partition block/partitions/core.c:549 [inline]
 blk_add_partitions block/partitions/core.c:633 [inline]
 bdev_disk_changed+0x874/0xcb0 block/partitions/core.c:693
 loop_reread_partitions drivers/block/loop.c:449 [inline]
 loop_set_status+0x5d2/0x6a0 drivers/block/loop.c:1278
 loop_set_status64 drivers/block/loop.c:1374 [inline]
 lo_ioctl+0x671/0x12b0 drivers/block/loop.c:1560
 blkdev_ioctl+0x37d/0x460 block/ioctl.c:707
 vfs_ioctl fs/ioctl.c:51 [inline]
 __do_sys_ioctl fs/ioctl.c:597 [inline]
 __se_sys_ioctl+0xce/0x140 fs/ioctl.c:583
 __x64_sys_ioctl+0x43/0x50 fs/ioctl.c:583
 x64_sys_call+0x14b0/0x3000 arch/x86/include/generated/asm/syscalls_64.h:17
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xd8/0x2a0 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

read to 0xffffffff88ec3330 of 8 bytes by task 15581 on cpu 0:
 data_make_reusable kernel/printk/printk_ringbuffer.c:608 [inline]
 data_push_tail+0x100/0x470 kernel/printk/printk_ringbuffer.c:693
 data_realloc kernel/printk/printk_ringbuffer.c:1193 [inline]
 prb_reserve_in_last+0x8b6/0xb20 kernel/printk/printk_ringbuffer.c:1495
 vprintk_store+0x494/0x860 kernel/printk/printk.c:2276
 vprintk_emit+0x15a/0x610 kernel/printk/printk.c:2402
 vprintk_default+0x26/0x30 kernel/printk/printk.c:2441
 vprintk+0x1d/0x30 kernel/printk/printk_safe.c:82
 _printk+0x79/0xa0 kernel/printk/printk.c:2451
 __ext4_grp_locked_error+0x5d0/0x7b0 fs/ext4/super.c:1063
 ext4_mb_generate_buddy+0x240/0x2c0 fs/ext4/mballoc.c:1303
 ext4_mb_init_cache+0x887/0xc00 fs/ext4/mballoc.c:1488
 ext4_mb_init_group+0x3d3/0x580 fs/ext4/mballoc.c:1627
 ext4_mb_prefetch_fini+0xf3/0x160 fs/ext4/mballoc.c:2934
 ext4_run_li_request fs/ext4/super.c:3701 [inline]
 ext4_lazyinit_thread+0x3b1/0xd00 fs/ext4/super.c:3827
 kthread+0x489/0x510 kernel/kthread.c:463
 ret_from_fork+0x149/0x290 arch/x86/kernel/process.c:158
 ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:246

value changed: 0x00000000fffff901 -> 0x2073646e65747865

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 UID: 0 PID: 15581 Comm: ext4lazyinit Not tainted syzkaller #0 PREEMPT(voluntary) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
==================================================================
block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters

Crashes (5):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2025/12/05 09:28 upstream 2061f18ad76e d6526ea3 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in data_push_tail / number
2025/11/04 00:55 upstream 8bb886cb8f3a 686bf657 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in data_push_tail / number
2025/09/18 16:15 upstream 8b789f2b7602 e2beed91 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in data_push_tail / number
2025/08/07 18:37 upstream 6e64f4580381 04cffc22 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in data_push_tail / number
2025/07/22 09:10 upstream 89be9a83ccf1 1555463b .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in data_push_tail / number
* Struck through repros no longer work on HEAD.