syzbot

 sign-in | mailing list | source | docs
🐞 Open [1282]
Subsystems
🐞 Fixed [5732]
🐞 Invalid [13985]
Missing Backports [94]
Kernel Health Bugs/Month Bug Lifetimes Fuzzing Crashes
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

KCSAN: data-race in shmem_fallocate / shmem_fault (9)

Status: moderation: reported on 2024/10/17 04:10
Subsystems: mm
[Documentation on labels]
Reported-by: syzbot+76cc716982cf0254f302@syzkaller.appspotmail.com
First crash: 23h16m, last: 23h16m
Similar bugs (8)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KCSAN: data-race in shmem_fallocate / shmem_fault (6) mm 1 440d 440d 0/28 auto-obsoleted due to no activity on 2023/09/08 14:27
upstream KCSAN: data-race in shmem_fallocate / shmem_fault (2) mm 2 1277d 1281d 0/28 auto-closed as invalid on 2021/05/24 18:53
upstream KCSAN: data-race in shmem_fallocate / shmem_fault (3) mm 2 1077d 1094d 0/28 auto-closed as invalid on 2021/12/11 00:12
upstream KCSAN: data-race in shmem_fallocate / shmem_fault (4) mm 1 685d 685d 0/28 auto-obsoleted due to no activity on 2023/01/13 18:30
upstream KCSAN: data-race in shmem_fallocate / shmem_fault (8) mm 7 39d 78d 0/28 auto-obsoleted due to no activity on 2024/10/13 06:13
upstream KCSAN: data-race in shmem_fallocate / shmem_fault mm 1 1475d 1475d 0/28 auto-closed as invalid on 2020/11/07 06:23
upstream KCSAN: data-race in shmem_fallocate / shmem_fault (5) mm 1 568d 568d 0/28 auto-obsoleted due to no activity on 2023/05/03 07:41
upstream KCSAN: data-race in shmem_fallocate / shmem_fault (7) mm 7 296d 313d 0/28 auto-obsoleted due to no activity on 2024/01/31 00:24

Sample crash report:
==================================================================
BUG: KCSAN: data-race in shmem_fallocate / shmem_fault

write to 0xffff88810403a5b8 of 8 bytes by task 26020 on cpu 0:
 shmem_fallocate+0x22e/0x860 mm/shmem.c:3413
 vfs_fallocate+0x368/0x3b0 fs/open.c:333
 madvise_remove mm/madvise.c:1012 [inline]
 madvise_vma_behavior mm/madvise.c:1039 [inline]
 madvise_walk_vmas mm/madvise.c:1274 [inline]
 do_madvise+0x11c7/0x2660 mm/madvise.c:1461
 __do_sys_madvise mm/madvise.c:1477 [inline]
 __se_sys_madvise mm/madvise.c:1475 [inline]
 __x64_sys_madvise+0x61/0x70 mm/madvise.c:1475
 x64_sys_call+0x2320/0x2d60 arch/x86/include/generated/asm/syscalls_64.h:29
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xc9/0x1c0 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

read to 0xffff88810403a5b8 of 8 bytes by task 26021 on cpu 1:
 shmem_fault+0x97/0x250 mm/shmem.c:2529
 __do_fault+0xb6/0x200 mm/memory.c:4876
 do_read_fault mm/memory.c:5282 [inline]
 do_fault mm/memory.c:5416 [inline]
 do_pte_missing mm/memory.c:3965 [inline]
 handle_pte_fault mm/memory.c:5751 [inline]
 __handle_mm_fault mm/memory.c:5894 [inline]
 handle_mm_fault+0xe7f/0x2a80 mm/memory.c:6062
 faultin_page mm/gup.c:1187 [inline]
 __get_user_pages+0xf2c/0x2670 mm/gup.c:1485
 populate_vma_page_range mm/gup.c:1923 [inline]
 __mm_populate+0x25b/0x3b0 mm/gup.c:2026
 mm_populate include/linux/mm.h:3371 [inline]
 vm_mmap_pgoff+0x1d6/0x290 mm/util.c:593
 ksys_mmap_pgoff+0xd0/0x330 mm/mmap.c:542
 x64_sys_call+0x1884/0x2d60 arch/x86/include/generated/asm/syscalls_64.h:10
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xc9/0x1c0 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

value changed: 0x0000000000000000 -> 0xffffc90002e5bcb8

Reported by Kernel Concurrency Sanitizer on:
CPU: 1 UID: 0 PID: 26021 Comm: syz.2.7800 Not tainted 6.12.0-rc3-syzkaller-00087-gc964ced77262 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
==================================================================

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2024/10/17 04:10 upstream c964ced77262 666f77ed .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in shmem_fallocate / shmem_fault
* Struck through repros no longer work on HEAD.