syzbot

 sign-in | mailing list | source | docs
🐞 Open [1661]
Subsystems
🐞 Fixed [6096]
🐞 Invalid [15166]
Missing Backports [162]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

KCSAN: data-race in __rb_rotate_set_parents / vm_area_dup

Status: auto-closed as invalid on 2020/04/30 01:08
Subsystems: mm
[Documentation on labels]
Reported-by: syzbot+c034966b0b02f94f7f34@syzkaller.appspotmail.com
First crash: 1970d, last: 1850d
Discussions (2)
Title Replies (including bot) Last reply
[PATCH -next] fork: annotate a data race in vm_area_dup() 9 (9) 2020/02/18 16:46
KCSAN: data-race in __rb_rotate_set_parents / vm_area_dup 4 (5) 2019/10/25 17:35
Similar bugs (1)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KCSAN: data-race in __rb_rotate_set_parents / vm_area_dup (2) mm 2 1731d 1766d 0/28 closed as invalid on 2020/06/18 14:24

Sample crash report:
==================================================================
BUG: KCSAN: data-race in __rb_rotate_set_parents / vm_area_dup

write to 0xffff88812072b9b8 of 8 bytes by task 12767 on cpu 0:
 rb_set_parent_color include/linux/rbtree_augmented.h:165 [inline]
 __rb_rotate_set_parents+0x5c/0xf0 lib/rbtree.c:80
 __rb_insert lib/rbtree.c:215 [inline]
 __rb_insert_augmented+0x109/0x370 lib/rbtree.c:459
 rb_insert_augmented include/linux/rbtree_augmented.h:50 [inline]
 rb_insert_augmented_cached include/linux/rbtree_augmented.h:60 [inline]
 vma_interval_tree_insert+0x196/0x230 mm/interval_tree.c:23
 __vma_adjust+0x632/0x11d0 mm/mmap.c:851
 vma_adjust include/linux/mm.h:2256 [inline]
 __split_vma+0x208/0x350 mm/mmap.c:2675
 split_vma+0x73/0xa0 mm/mmap.c:2704
 mprotect_fixup+0x43f/0x510 mm/mprotect.c:413
 do_mprotect_pkey+0x3eb/0x660 mm/mprotect.c:553
 __do_sys_mprotect mm/mprotect.c:578 [inline]
 __se_sys_mprotect mm/mprotect.c:575 [inline]
 __x64_sys_mprotect+0x51/0x70 mm/mprotect.c:575
 do_syscall_64+0xcc/0x3a0 arch/x86/entry/common.c:294
 entry_SYSCALL_64_after_hwframe+0x44/0xa9

read to 0xffff88812072b960 of 200 bytes by task 12766 on cpu 1:
 vm_area_dup+0x70/0xf0 kernel/fork.c:362
 __split_vma+0x88/0x350 mm/mmap.c:2646
 split_vma+0x73/0xa0 mm/mmap.c:2704
 mprotect_fixup+0x43f/0x510 mm/mprotect.c:413
 do_mprotect_pkey+0x3eb/0x660 mm/mprotect.c:553
 __do_sys_mprotect mm/mprotect.c:578 [inline]
 __se_sys_mprotect mm/mprotect.c:575 [inline]
 __x64_sys_mprotect+0x51/0x70 mm/mprotect.c:575
 do_syscall_64+0xcc/0x3a0 arch/x86/entry/common.c:294
 entry_SYSCALL_64_after_hwframe+0x44/0xa9

Reported by Kernel Concurrency Sanitizer on:
CPU: 1 PID: 12766 Comm: blkid Not tainted 5.6.0-rc1-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
==================================================================

Crashes (17):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2020/02/20 01:07 https://github.com/google/ktsan.git kcsan b12d66a6c34f b690a6e3 .config console log report ci2-upstream-kcsan-gce
2020/02/19 02:02 https://github.com/google/ktsan.git kcsan b12d66a6c34f 135c18aa .config console log report ci2-upstream-kcsan-gce
2020/02/17 00:32 https://github.com/google/ktsan.git kcsan b12d66a6c34f 1f448cd6 .config console log report ci2-upstream-kcsan-gce
2020/02/11 07:31 https://github.com/google/ktsan.git kcsan f60f0f543333 084454ae .config console log report ci2-upstream-kcsan-gce
2020/02/09 23:30 https://github.com/google/ktsan.git kcsan f60f0f543333 35f5e45e .config console log report ci2-upstream-kcsan-gce
2020/02/05 13:44 https://github.com/google/ktsan.git kcsan 245a43005292 662cf49a .config console log report ci2-upstream-kcsan-gce
2020/01/11 03:09 https://github.com/google/ktsan.git kcsan 245a43005292 4c04afaa .config console log report ci2-upstream-kcsan-gce
2020/01/05 12:19 https://github.com/google/ktsan.git kcsan 245a43005292 d646e21f .config console log report ci2-upstream-kcsan-gce
2019/12/23 12:48 https://github.com/google/ktsan.git kcsan 245a43005292 be5c2c81 .config console log report ci2-upstream-kcsan-gce
2019/12/10 04:38 https://github.com/google/ktsan.git kcsan ef798c30ba4e 4b83c8fb .config console log report ci2-upstream-kcsan-gce
2019/12/07 19:48 https://github.com/google/ktsan.git kcsan ef798c30ba4e 1508f453 .config console log report ci2-upstream-kcsan-gce
2019/12/06 01:44 https://github.com/google/ktsan.git kcsan ef798c30ba4e 98b4ef2d .config console log report ci2-upstream-kcsan-gce
2019/12/05 11:55 https://github.com/google/ktsan.git kcsan ef798c30ba4e 9fd5a512 .config console log report ci2-upstream-kcsan-gce
2019/11/20 23:57 https://github.com/google/ktsan.git kcsan 5863cc791e4c 8098ea0f .config console log report ci2-upstream-kcsan-gce
2019/11/15 06:39 https://github.com/google/ktsan.git kcsan 5863cc791e4c 79248ee8 .config console log report ci2-upstream-kcsan-gce
2019/10/30 21:22 https://github.com/google/ktsan.git kcsan 05f2236801fe a41ca8fa .config console log report ci2-upstream-kcsan-gce
2019/10/22 06:30 https://github.com/google/ktsan.git kcsan 05f2236801fe c59a7cd8 .config console log report ci2-upstream-kcsan-gce
* Struck through repros no longer work on HEAD.