syzbot

 sign-in | mailing list | source | docs
🐞 Open [1664]
Subsystems
🐞 Fixed [5974]
🐞 Invalid [14663]
Missing Backports [127]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

KCSAN: data-race in try_to_migrate_one / vms_clear_ptes

Status: moderation: reported on 2025/01/04 08:11
Subsystems: mm
[Documentation on labels]
Reported-by: syzbot+084f9aaa4ceb59281277@syzkaller.appspotmail.com
First crash: 11d, last: 7d02h

Sample crash report:
==================================================================
BUG: KCSAN: data-race in try_to_migrate_one / vms_clear_ptes

write to 0xffff888115ae6af8 of 8 bytes by task 11557 on cpu 0:
 update_hiwater_rss include/linux/mm.h:2668 [inline]
 vms_clear_ptes+0x1a7/0x300 mm/vma.c:1135
 vms_complete_munmap_vmas+0x16c/0x470 mm/vma.c:1185
 do_vmi_align_munmap+0x344/0x390 mm/vma.c:1444
 do_vmi_munmap+0x1eb/0x230 mm/vma.c:1492
 do_munmap+0x8b/0xc0 mm/mmap.c:1325
 mremap_to mm/mremap.c:948 [inline]
 __do_sys_mremap mm/mremap.c:1104 [inline]
 __se_sys_mremap+0x916/0xf10 mm/mremap.c:1015
 __x64_sys_mremap+0x67/0x80 mm/mremap.c:1015
 x64_sys_call+0x27e8/0x2dc0 arch/x86/include/generated/asm/syscalls_64.h:26
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xc9/0x1c0 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

read to 0xffff888115ae6af8 of 8 bytes by task 11556 on cpu 1:
 update_hiwater_rss include/linux/mm.h:2667 [inline]
 try_to_migrate_one+0x775/0x12e0 mm/rmap.c:2183
 rmap_walk_anon+0x28f/0x440 mm/rmap.c:2646
 try_to_migrate+0x11f/0x150
 migrate_folio_unmap mm/migrate.c:1328 [inline]
 migrate_pages_batch+0x76a/0x1910 mm/migrate.c:1799
 migrate_pages_sync mm/migrate.c:1965 [inline]
 migrate_pages+0xff1/0x1820 mm/migrate.c:2074
 do_mbind mm/mempolicy.c:1394 [inline]
 kernel_mbind mm/mempolicy.c:1537 [inline]
 __do_sys_mbind mm/mempolicy.c:1611 [inline]
 __se_sys_mbind+0xf79/0x1160 mm/mempolicy.c:1607
 __x64_sys_mbind+0x78/0x90 mm/mempolicy.c:1607
 x64_sys_call+0x2662/0x2dc0 arch/x86/include/generated/asm/syscalls_64.h:238
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xc9/0x1c0 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

value changed: 0x0000000000001eb6 -> 0x0000000000001ed6

Reported by Kernel Concurrency Sanitizer on:
CPU: 1 UID: 0 PID: 11556 Comm: syz.0.2385 Not tainted 6.13.0-rc6-syzkaller-00038-g09a0fa92e5b4 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
==================================================================

Crashes (2):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2025/01/08 05:57 upstream 09a0fa92e5b4 f3558dbf .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in try_to_migrate_one / vms_clear_ptes
2025/01/04 08:10 upstream 63676eefb7a0 f3558dbf .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in try_to_migrate_one / vms_clear_ptes
* Struck through repros no longer work on HEAD.