KCSAN: data-race in copy_mm / percpu_counter_destroy

Title	Replies (including bot)	Last reply
[syzbot] [io-uring] KCSAN: data-race in copy_mm / percpu_counter_destroy_many	2 (3)	2025/05/12 17:08

Title

Replies (including bot)

Last reply

[syzbot] [io-uring] KCSAN: data-race in copy_mm / percpu_counter_destroy_many

2 (3)

2025/05/12 17:08

==================================================================
BUG: KCSAN: data-race in copy_mm / percpu_counter_destroy_many

write to 0xffff888116c9bdb0 of 8 bytes by task 12841 on cpu 0:
 __list_del include/linux/list.h:203 [inline]
 __list_del_entry include/linux/list.h:226 [inline]
 list_del include/linux/list.h:237 [inline]
 percpu_counter_destroy_many+0xc7/0x2b0 lib/percpu_counter.c:244
 __mmdrop+0x22d/0x3c0 kernel/fork.c:691
 mmdrop include/linux/sched/mm.h:55 [inline]
 __mmput+0x1be/0x1c0 kernel/fork.c:1145
 mmput+0x40/0x50 kernel/fork.c:1156
 exit_mm+0xe4/0x180 kernel/exit.c:582
 do_exit+0x417/0x15c0 kernel/exit.c:954
 do_group_exit+0xff/0x140 kernel/exit.c:1107
 get_signal+0xe58/0xf70 kernel/signal.c:3034
 arch_do_signal_or_restart+0x96/0x440 arch/x86/kernel/signal.c:337
 exit_to_user_mode_loop+0x77/0x110 kernel/entry/common.c:40
 exit_to_user_mode_prepare include/linux/irq-entry-common.h:225 [inline]
 syscall_exit_to_user_mode_work include/linux/entry-common.h:175 [inline]
 syscall_exit_to_user_mode include/linux/entry-common.h:210 [inline]
 do_syscall_64+0x1d6/0x200 arch/x86/entry/syscall_64.c:100
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

read to 0xffff888116c9b980 of 1408 bytes by task 12839 on cpu 1:
 dup_mm kernel/fork.c:1483 [inline]
 copy_mm+0xe2/0x370 kernel/fork.c:1541
 copy_process+0xd08/0x2000 kernel/fork.c:2181
 kernel_clone+0x16c/0x5c0 kernel/fork.c:2609
 __do_sys_clone kernel/fork.c:2750 [inline]
 __se_sys_clone kernel/fork.c:2734 [inline]
 __x64_sys_clone+0xe6/0x120 kernel/fork.c:2734
 x64_sys_call+0x119c/0x3000 arch/x86/include/generated/asm/syscalls_64.h:57
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xd2/0x200 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

Reported by Kernel Concurrency Sanitizer on:
CPU: 1 UID: 0 PID: 12839 Comm: dhcpcd-run-hook Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
Tainted: [W]=WARN
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
==================================================================

Crashes (15):
Time	Kernel	Commit	Syzkaller	Config	Log	Report	VM info	Assets (help?)	Manager	Title
2025/10/18 20:18	upstream	f406055cb18c	1c8c8cd8	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci2-upstream-kcsan-gce	KCSAN: data-race in copy_mm / percpu_counter_destroy_many
2025/10/07 17:45	upstream	971199ad2a0f	8ef35d49	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci2-upstream-kcsan-gce	KCSAN: data-race in copy_mm / percpu_counter_destroy_many
2025/10/06 04:23	upstream	7a405dbb0f03	49379ee0	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci2-upstream-kcsan-gce	KCSAN: data-race in copy_mm / percpu_counter_destroy_many
2025/10/03 12:33	upstream	e406d57be7bd	49379ee0	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci2-upstream-kcsan-gce	KCSAN: data-race in copy_mm / percpu_counter_destroy_many
2025/09/16 06:00	upstream	46a51f4f5eda	e2beed91	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci2-upstream-kcsan-gce	KCSAN: data-race in copy_mm / percpu_counter_destroy_many
2025/08/13 09:25	upstream	8742b2d8935f	22ec1469	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci2-upstream-kcsan-gce	KCSAN: data-race in copy_mm / percpu_counter_destroy_many
2025/07/31 23:56	upstream	260f6f4fda93	0c075d67	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci2-upstream-kcsan-gce	KCSAN: data-race in copy_mm / percpu_counter_destroy_many
2025/07/26 01:33	upstream	2942242dde89	fb8f743d	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci2-upstream-kcsan-gce	KCSAN: data-race in copy_mm / percpu_counter_destroy_many
2025/07/09 17:36	upstream	733923397fd9	f4e5e155	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci2-upstream-kcsan-gce	KCSAN: data-race in copy_mm / percpu_counter_destroy_many
2025/06/24 05:59	upstream	78f4e737a53e	e2f27c35	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci2-upstream-kcsan-gce	KCSAN: data-race in copy_mm / percpu_counter_destroy_many
2025/06/20 16:34	upstream	75f5f23f8787	804b3919	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci2-upstream-kcsan-gce	KCSAN: data-race in copy_mm / percpu_counter_destroy_many
2025/06/18 01:08	upstream	4663747812d1	e77fae15	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci2-upstream-kcsan-gce	KCSAN: data-race in copy_mm / percpu_counter_destroy_many
2025/06/07 01:58	upstream	c0c9379f235d	9fa58bba	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci2-upstream-kcsan-gce	KCSAN: data-race in copy_mm / percpu_counter_destroy_many
2025/06/06 06:43	upstream	e271ed52b344	6b6b5f21	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci2-upstream-kcsan-gce	KCSAN: data-race in copy_mm / percpu_counter_destroy_many
2025/05/11 09:17	upstream	3ce9925823c7	77908e5f	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci2-upstream-kcsan-gce	KCSAN: data-race in copy_mm / percpu_counter_destroy_many

Crashes (15):

Assets (help?)