syzbot


KCSAN: data-race in copy_process / release_task

Status: fixed on 2020/08/01 00:49
Subsystems: kernel
[Documentation on labels]
Reported-by: syzbot+8a49fcfe5a4b42e081a6@syzkaller.appspotmail.com
Fix commit: c17d1a3a8ee4 fork: annotate data race in copy_process()
First crash: 1693d, last: 1441d

Sample crash report:
==================================================================
BUG: KCSAN: data-race in copy_process / release_task

write to 0xffffffff8927b410 of 4 bytes by task 24890 on cpu 1:
 __unhash_process kernel/exit.c:73 [inline]
 __exit_signal kernel/exit.c:147 [inline]
 release_task+0x6c8/0xb90 kernel/exit.c:198
 exit_notify kernel/exit.c:680 [inline]
 do_exit+0x1140/0x16e0 kernel/exit.c:826
 call_usermodehelper_exec_async+0x2da/0x2e0 kernel/umh.c:125
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:293

read to 0xffffffff8927b410 of 4 bytes by task 7 on cpu 0:
 copy_process+0xac4/0x3300 kernel/fork.c:1980
 _do_fork+0xf1/0x660 kernel/fork.c:2443
 kernel_thread+0x85/0xb0 kernel/fork.c:2531
 call_usermodehelper_exec_work+0x4f/0x1b0 kernel/umh.c:195
 process_one_work+0x3e1/0x9a0 kernel/workqueue.c:2269
 worker_thread+0x665/0xbe0 kernel/workqueue.c:2415
 kthread+0x20d/0x230 kernel/kthread.c:291
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:293

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 PID: 7 Comm: kworker/u4:0 Not tainted 5.8.0-rc3-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Workqueue: events_unbound call_usermodehelper_exec_work
==================================================================

Crashes (154):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2020/07/02 23:30 upstream 7cc2a8ea1048 f30c14bf .config console log report ci2-upstream-kcsan-gce
2020/07/02 10:23 upstream cd77006e01b3 f30c14bf .config console log report ci2-upstream-kcsan-gce
2020/07/02 07:49 upstream cd77006e01b3 bed10395 .config console log report ci2-upstream-kcsan-gce
2020/07/02 04:46 upstream cd77006e01b3 bed10395 .config console log report ci2-upstream-kcsan-gce
2020/07/02 02:18 upstream edb543cfe5db bed10395 .config console log report ci2-upstream-kcsan-gce
2020/07/01 23:37 upstream edb543cfe5db bed10395 .config console log report ci2-upstream-kcsan-gce
2020/07/01 18:07 upstream 7c30b859a947 39acb39d .config console log report ci2-upstream-kcsan-gce
2020/07/01 15:22 upstream 7c30b859a947 39acb39d .config console log report ci2-upstream-kcsan-gce
2020/07/01 12:06 upstream 7c30b859a947 090d8f7b .config console log report ci2-upstream-kcsan-gce
2020/07/01 10:46 upstream 7c30b859a947 090d8f7b .config console log report ci2-upstream-kcsan-gce
2020/07/01 08:32 upstream 7c30b859a947 c0383ebe .config console log report ci2-upstream-kcsan-gce
2020/07/01 04:38 upstream 7c30b859a947 c0383ebe .config console log report ci2-upstream-kcsan-gce
2020/07/01 01:52 upstream 7c30b859a947 c0383ebe .config console log report ci2-upstream-kcsan-gce
2020/06/30 15:52 upstream 7c30b859a947 917afeaa .config console log report ci2-upstream-kcsan-gce
2020/06/30 14:48 upstream 7c30b859a947 917afeaa .config console log report ci2-upstream-kcsan-gce
2020/06/30 12:03 upstream 7c30b859a947 917afeaa .config console log report ci2-upstream-kcsan-gce
2020/06/30 10:57 upstream 7c30b859a947 917afeaa .config console log report ci2-upstream-kcsan-gce
2020/06/30 08:54 upstream 7c30b859a947 917afeaa .config console log report ci2-upstream-kcsan-gce
2020/06/30 07:08 upstream 7c30b859a947 917afeaa .config console log report ci2-upstream-kcsan-gce
2020/06/30 05:28 upstream 7c30b859a947 917afeaa .config console log report ci2-upstream-kcsan-gce
2020/06/30 01:32 upstream 7c30b859a947 917afeaa .config console log report ci2-upstream-kcsan-gce
2020/06/30 00:00 upstream 7c30b859a947 917afeaa .config console log report ci2-upstream-kcsan-gce
2020/06/29 22:23 upstream 7c30b859a947 917afeaa .config console log report ci2-upstream-kcsan-gce
2020/06/29 15:24 upstream 9ebcfadb0610 ce9ef6f2 .config console log report ci2-upstream-kcsan-gce
2020/06/29 12:58 upstream 9ebcfadb0610 df01f6fc .config console log report ci2-upstream-kcsan-gce
2020/06/29 11:53 upstream 9ebcfadb0610 df01f6fc .config console log report ci2-upstream-kcsan-gce
2020/06/28 18:38 upstream 719fdd32921f a2cdad9d .config console log report ci2-upstream-kcsan-gce
2020/06/28 09:13 upstream 719fdd32921f a2cdad9d .config console log report ci2-upstream-kcsan-gce
2020/06/27 21:34 upstream 6116dea80dfd a2cdad9d .config console log report ci2-upstream-kcsan-gce
2020/06/27 21:31 upstream 6116dea80dfd a2cdad9d .config console log report ci2-upstream-kcsan-gce
2020/06/27 19:19 upstream 6116dea80dfd a2cdad9d .config console log report ci2-upstream-kcsan-gce
2020/06/27 17:55 upstream 6116dea80dfd a2cdad9d .config console log report ci2-upstream-kcsan-gce
2020/06/27 12:53 upstream 1590a2e1c681 032b4239 .config console log report ci2-upstream-kcsan-gce
2020/06/27 10:49 upstream 1590a2e1c681 032b4239 .config console log report ci2-upstream-kcsan-gce
2020/06/27 04:07 upstream 1590a2e1c681 ffec44b5 .config console log report ci2-upstream-kcsan-gce
2020/06/26 11:27 upstream 4a21185cda0f b202c7a8 .config console log report ci2-upstream-kcsan-gce
2020/06/25 12:51 upstream 8be3a53e18e0 c7b4497a .config console log report ci2-upstream-kcsan-gce
2020/06/25 11:05 upstream 8be3a53e18e0 c7b4497a .config console log report ci2-upstream-kcsan-gce
2020/06/25 09:45 upstream 8be3a53e18e0 9d60b18e .config console log report ci2-upstream-kcsan-gce
2020/06/24 19:40 upstream 26e122e97a3d 9d60b18e .config console log report ci2-upstream-kcsan-gce
2020/06/24 02:42 upstream 3e08a95294a4 bbad15ae .config console log report ci2-upstream-kcsan-gce
2020/06/20 11:07 upstream 672f9255a727 c655ec77 .config console log report ci2-upstream-kcsan-gce
2020/06/19 13:35 upstream 5e857ce6eae7 123cf502 .config console log report ci2-upstream-kcsan-gce
2020/06/19 01:56 upstream 5e857ce6eae7 bc258b50 .config console log report ci2-upstream-kcsan-gce
2020/02/24 10:11 https://github.com/google/ktsan.git kcsan 766d004d1b85 1253d6f0 .config console log report ci2-upstream-kcsan-gce
2019/10/24 10:23 https://github.com/google/ktsan.git kcsan 05f2236801fe d01bb02a .config console log report ci2-upstream-kcsan-gce
* Struck through repros no longer work on HEAD.