syzbot


KCSAN: data-race in do_try_to_free_pages / shrink_node (4)

Status: auto-obsoleted due to no activity on 2024/02/23 13:13
Subsystems: mm
[Documentation on labels]
Reported-by: syzbot+7564528c35043eec9e3c@syzkaller.appspotmail.com
First crash: 389d, last: 319d
Similar bugs (5)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KCSAN: data-race in do_try_to_free_pages / shrink_node (5) mm 1 257d 257d 0/28 auto-obsoleted due to no activity on 2024/04/25 15:29
upstream KCSAN: data-race in do_try_to_free_pages / shrink_node (6) mm 1 156d 156d 0/28 auto-obsoleted due to no activity on 2024/08/04 17:46
upstream KCSAN: data-race in do_try_to_free_pages / shrink_node (2) mm 3 518d 534d 0/28 auto-obsoleted due to no activity on 2023/08/07 23:22
upstream KCSAN: data-race in do_try_to_free_pages / shrink_node (3) mm 2 473d 481d 0/28 auto-obsoleted due to no activity on 2023/09/22 16:58
upstream KCSAN: data-race in do_try_to_free_pages / shrink_node mm 35 1765d 1817d 0/28 auto-closed as invalid on 2020/04/13 04:50

Sample crash report:
==================================================================
BUG: KCSAN: data-race in do_try_to_free_pages / shrink_node

write to 0xffff88813c8ce870 of 8 bytes by task 26454 on cpu 1:
 snapshot_refaults mm/vmscan.c:6164 [inline]
 do_try_to_free_pages+0x95f/0xce0 mm/vmscan.c:6226
 try_to_free_mem_cgroup_pages+0x1e2/0x480 mm/vmscan.c:6518
 try_charge_memcg+0x280/0xd20 mm/memcontrol.c:2762
 obj_cgroup_charge_pages+0xbd/0x1c0 mm/memcontrol.c:3275
 __memcg_kmem_charge_page+0x9c/0x170 mm/memcontrol.c:3301
 __alloc_pages+0x1bb/0x340 mm/page_alloc.c:4584
 alloc_pages_mpol+0xb1/0x1d0 mm/mempolicy.c:2133
 alloc_pages+0xe0/0x100 mm/mempolicy.c:2204
 __get_free_pages+0xc/0x30 mm/page_alloc.c:4614
 io_mem_alloc io_uring/io_uring.c:2781 [inline]
 io_allocate_scq_urings+0x119/0x360 io_uring/io_uring.c:3734
 io_uring_create+0x537/0x940 io_uring/io_uring.c:3917
 io_uring_setup io_uring/io_uring.c:4029 [inline]
 __do_sys_io_uring_setup io_uring/io_uring.c:4056 [inline]
 __se_sys_io_uring_setup+0x1ce/0x1e0 io_uring/io_uring.c:4050
 __x64_sys_io_uring_setup+0x31/0x40 io_uring/io_uring.c:4050
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0x59/0x120 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x63/0x6b

read to 0xffff88813c8ce870 of 8 bytes by task 26455 on cpu 0:
 prepare_scan_control mm/vmscan.c:2250 [inline]
 shrink_node+0x3c3/0x15d0 mm/vmscan.c:5900
 shrink_zones mm/vmscan.c:6141 [inline]
 do_try_to_free_pages+0x43d/0xce0 mm/vmscan.c:6203
 try_to_free_mem_cgroup_pages+0x1e2/0x480 mm/vmscan.c:6518
 try_charge_memcg+0x280/0xd20 mm/memcontrol.c:2762
 obj_cgroup_charge_pages+0xbd/0x1c0 mm/memcontrol.c:3275
 __memcg_kmem_charge_page+0x9c/0x170 mm/memcontrol.c:3301
 __alloc_pages+0x1bb/0x340 mm/page_alloc.c:4584
 alloc_pages_mpol+0xb1/0x1d0 mm/mempolicy.c:2133
 alloc_pages+0xe0/0x100 mm/mempolicy.c:2204
 __get_free_pages+0xc/0x30 mm/page_alloc.c:4614
 io_mem_alloc io_uring/io_uring.c:2781 [inline]
 io_allocate_scq_urings+0x119/0x360 io_uring/io_uring.c:3734
 io_uring_create+0x537/0x940 io_uring/io_uring.c:3917
 io_uring_setup io_uring/io_uring.c:4029 [inline]
 __do_sys_io_uring_setup io_uring/io_uring.c:4056 [inline]
 __se_sys_io_uring_setup+0x1ce/0x1e0 io_uring/io_uring.c:4050
 __x64_sys_io_uring_setup+0x31/0x40 io_uring/io_uring.c:4050
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0x59/0x120 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x63/0x6b

value changed: 0x00000000000001a0 -> 0x00000000000001a3

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 PID: 26455 Comm: syz-executor.0 Not tainted 6.7.0-syzkaller-11889-g86c4d58a99ab #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023
==================================================================

Crashes (7):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2024/01/19 13:12 upstream 86c4d58a99ab 21772ce4 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in do_try_to_free_pages / shrink_node
2024/01/17 18:16 upstream 052d534373b7 c9a1c95b .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in do_try_to_free_pages / shrink_node
2024/01/14 10:01 upstream 052d534373b7 551587c1 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in do_try_to_free_pages / shrink_node
2023/12/23 14:31 upstream 5254c0cbc92d fb427a07 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in do_try_to_free_pages / shrink_node
2023/12/22 18:36 upstream 24e0d2e527a3 fb427a07 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in do_try_to_free_pages / shrink_node
2023/11/18 03:41 upstream 6bc40e44f1dd cb976f63 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in do_try_to_free_pages / shrink_node
2023/11/09 19:29 upstream 6bc986ab839c 56230772 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in do_try_to_free_pages / shrink_node
* Struck through repros no longer work on HEAD.