syzbot

 sign-in | mailing list | source | docs
🐞 Open [1644]
Subsystems
🐞 Fixed [6103]
🐞 Invalid [15279]
Missing Backports [170]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

KCSAN: data-race in mem_cgroup_update_tree / mem_cgroup_update_tree

Status: auto-obsoleted due to no activity on 2024/02/20 07:02
Subsystems: cgroups mm
[Documentation on labels]
Reported-by: syzbot+2020c4484c2d61b83c32@syzkaller.appspotmail.com
First crash: 434d, last: 434d

Sample crash report:
==================================================================
BUG: KCSAN: data-race in mem_cgroup_update_tree / mem_cgroup_update_tree

write to 0xffff88813dab4d90 of 1 bytes by task 14046 on cpu 1:
 __mem_cgroup_remove_exceeded mm/memcontrol.c:459 [inline]
 mem_cgroup_update_tree+0x1e3/0x290 mm/memcontrol.c:516
 memcg_check_events mm/memcontrol.c:1036 [inline]
 uncharge_batch+0x2ec/0x390 mm/memcontrol.c:7394
 __mem_cgroup_uncharge+0x70/0x90 mm/memcontrol.c:7470
 mem_cgroup_uncharge include/linux/memcontrol.h:712 [inline]
 destroy_large_folio+0x25/0x60 mm/page_alloc.c:602
 __folio_put_large+0x75/0x80 mm/swap.c:119
 __folio_put+0x60/0x70 mm/swap.c:127
 folio_put include/linux/mm.h:1494 [inline]
 io_mem_free io_uring/io_uring.c:2669 [inline]
 io_rings_free+0x28f/0x4e0 io_uring/io_uring.c:2765
 io_ring_ctx_free+0x41a/0x590 io_uring/io_uring.c:2885
 io_ring_exit_work+0x4c8/0x4f0 io_uring/io_uring.c:3098
 process_one_work kernel/workqueue.c:2633 [inline]
 process_scheduled_works+0x5b8/0xa30 kernel/workqueue.c:2706
 worker_thread+0x525/0x730 kernel/workqueue.c:2787
 kthread+0x1d7/0x210 kernel/kthread.c:388
 ret_from_fork+0x48/0x60 arch/x86/kernel/process.c:147
 ret_from_fork_asm+0x11/0x20 arch/x86/entry/entry_64.S:242

read to 0xffff88813dab4d90 of 1 bytes by task 14019 on cpu 0:
 mem_cgroup_update_tree+0x152/0x290 mm/memcontrol.c:510
 memcg_check_events mm/memcontrol.c:1036 [inline]
 uncharge_batch+0x2ec/0x390 mm/memcontrol.c:7394
 __mem_cgroup_uncharge+0x70/0x90 mm/memcontrol.c:7470
 mem_cgroup_uncharge include/linux/memcontrol.h:712 [inline]
 destroy_large_folio+0x25/0x60 mm/page_alloc.c:602
 __folio_put_large+0x75/0x80 mm/swap.c:119
 __folio_put+0x60/0x70 mm/swap.c:127
 folio_put include/linux/mm.h:1494 [inline]
 io_mem_free io_uring/io_uring.c:2669 [inline]
 io_rings_free+0x28f/0x4e0 io_uring/io_uring.c:2765
 io_ring_ctx_free+0x41a/0x590 io_uring/io_uring.c:2885
 io_ring_exit_work+0x4c8/0x4f0 io_uring/io_uring.c:3098
 process_one_work kernel/workqueue.c:2633 [inline]
 process_scheduled_works+0x5b8/0xa30 kernel/workqueue.c:2706
 worker_thread+0x525/0x730 kernel/workqueue.c:2787
 kthread+0x1d7/0x210 kernel/kthread.c:388
 ret_from_fork+0x48/0x60 arch/x86/kernel/process.c:147
 ret_from_fork_asm+0x11/0x20 arch/x86/entry/entry_64.S:242

value changed: 0x01 -> 0x00

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 PID: 14019 Comm: kworker/u4:2 Not tainted 6.7.0-syzkaller-09928-g052d534373b7 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023
Workqueue: events_unbound io_ring_exit_work
==================================================================

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2024/01/16 07:01 upstream 052d534373b7 2a7bcc7f .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in mem_cgroup_update_tree / mem_cgroup_update_tree
* Struck through repros no longer work on HEAD.