syzbot


KCSAN: data-race in bprm_execve / copy_fs (3)

Status: moderation: reported on 2024/07/03 15:50
Subsystems: fs mm
[Documentation on labels]
Reported-by: syzbot+d67f2f707d5947d70985@syzkaller.appspotmail.com
First crash: 16d, last: 9d11h
Similar bugs (2)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KCSAN: data-race in bprm_execve / copy_fs (2) fs mm 1 93d 93d 0/27 auto-obsoleted due to no activity on 2024/05/21 23:09
upstream KCSAN: data-race in bprm_execve / copy_fs fs mm 3 611d 672d 0/27 auto-obsoleted due to no activity on 2023/01/03 10:25

Sample crash report:
==================================================================
BUG: KCSAN: data-race in bprm_execve / copy_fs

write to 0xffff88811152c190 of 4 bytes by task 13874 on cpu 0:
 bprm_execve+0x971/0xc60 fs/exec.c:1916
 do_execveat_common+0x768/0x7d0 fs/exec.c:1998
 do_execve fs/exec.c:2072 [inline]
 __do_sys_execve fs/exec.c:2148 [inline]
 __se_sys_execve fs/exec.c:2143 [inline]
 __x64_sys_execve+0x5a/0x70 fs/exec.c:2143
 x64_sys_call+0x1378/0x2d70 arch/x86/include/generated/asm/syscalls_64.h:60
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xc9/0x1c0 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

read to 0xffff88811152c190 of 4 bytes by task 13875 on cpu 1:
 copy_fs+0x95/0xf0 kernel/fork.c:1755
 copy_process+0xe6c/0x1f90 kernel/fork.c:2381
 create_io_thread+0x9e/0xd0 kernel/fork.c:2745
 create_worker_cont+0x5b/0x350 io_uring/io-wq.c:776
 task_work_run+0x13a/0x1a0 kernel/task_work.c:180
 get_signal+0xeee/0x1080 kernel/signal.c:2681
 arch_do_signal_or_restart+0x95/0x4b0 arch/x86/kernel/signal.c:310
 exit_to_user_mode_loop kernel/entry/common.c:111 [inline]
 exit_to_user_mode_prepare include/linux/entry-common.h:328 [inline]
 __syscall_exit_to_user_mode_work kernel/entry/common.c:207 [inline]
 syscall_exit_to_user_mode+0x59/0x130 kernel/entry/common.c:218
 do_syscall_64+0xd6/0x1c0 arch/x86/entry/common.c:89
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

value changed: 0x00000001 -> 0x00000000

Reported by Kernel Concurrency Sanitizer on:
CPU: 1 PID: 13875 Comm: syz.3.3414 Not tainted 6.10.0-rc7-syzkaller-00012-g34afb82a3c67 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
==================================================================

Crashes (2):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2024/07/10 09:56 upstream 34afb82a3c67 bc144f9a .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in bprm_execve / copy_fs
2024/07/03 15:49 upstream e9d22f7a6655 1ecfa2d8 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in bprm_execve / copy_fs
* Struck through repros no longer work on HEAD.