syzbot

 sign-in | mailing list | source | docs
🐞 Open [1469]
Subsystems
🐞 Fixed [6784]
🐞 Invalid [17497]
Missing Backports [220]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

KCSAN: data-race in exec_mmap / mm_update_next_owner (4)

Status: auto-obsoleted due to no activity on 2024/03/24 16:03
Subsystems: fs mm
[Documentation on labels]
Reported-by: syzbot+83ff038b4daecdd53fda@syzkaller.appspotmail.com
First crash: 659d, last: 659d
Similar bugs (4)
Kernel Title Rank 🛈 Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KCSAN: data-race in exec_mmap / mm_update_next_owner (2) mm fs 6 13 790d 922d 0/29 auto-obsoleted due to no activity on 2023/11/14 07:06
upstream KCSAN: data-race in exec_mmap / mm_update_next_owner (5) fs mm 6 1 517d 517d 0/29 auto-obsoleted due to no activity on 2024/08/12 23:05
upstream KCSAN: data-race in exec_mmap / mm_update_next_owner (3) fs mm 6 1 754d 728d 0/29 auto-obsoleted due to no activity on 2023/12/25 00:09
upstream KCSAN: data-race in exec_mmap / mm_update_next_owner fs mm 6 36 972d 1276d 0/29 auto-obsoleted due to no activity on 2023/05/15 19:34

Sample crash report:
==================================================================
BUG: KCSAN: data-race in exec_mmap / mm_update_next_owner

write to 0xffff888101ee1520 of 8 bytes by task 7096 on cpu 0:
 exec_mmap+0x14a/0x430 fs/exec.c:1029
 begin_new_exec+0xab7/0xfa0 fs/exec.c:1310
 load_elf_binary+0x63d/0x1800 fs/binfmt_elf.c:996
 search_binary_handler fs/exec.c:1783 [inline]
 exec_binprm fs/exec.c:1825 [inline]
 bprm_execve+0x4e2/0xc50 fs/exec.c:1877
 kernel_execve+0x60e/0x670 fs/exec.c:2044
 call_usermodehelper_exec_async+0x199/0x240 kernel/umh.c:110
 ret_from_fork+0x48/0x60 arch/x86/kernel/process.c:147
 ret_from_fork_asm+0x11/0x20 arch/x86/entry/entry_64.S:242

read to 0xffff888101ee1520 of 8 bytes by task 7094 on cpu 1:
 mm_update_next_owner+0x1a5/0x410 kernel/exit.c:494
 exit_mm+0xdb/0x180 kernel/exit.c:568
 do_exit+0x585/0x16d0 kernel/exit.c:858
 do_group_exit+0x101/0x150 kernel/exit.c:1020
 get_signal+0xf4e/0x10a0 kernel/signal.c:2893
 arch_do_signal_or_restart+0x95/0x4b0 arch/x86/kernel/signal.c:310
 exit_to_user_mode_loop kernel/entry/common.c:105 [inline]
 exit_to_user_mode_prepare include/linux/entry-common.h:328 [inline]
 __syscall_exit_to_user_mode_work kernel/entry/common.c:201 [inline]
 syscall_exit_to_user_mode+0x58/0x130 kernel/entry/common.c:212
 do_syscall_64+0xda/0x1d0 arch/x86/entry/common.c:89
 entry_SYSCALL_64_after_hwframe+0x63/0x6b

value changed: 0x0000000000000000 -> 0xffff888145298000

Reported by Kernel Concurrency Sanitizer on:
CPU: 1 PID: 7094 Comm: syz-executor.3 Not tainted 6.8.0-rc4-syzkaller-00410-gc02197fc9076 #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
==================================================================

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2024/02/18 16:02 upstream c02197fc9076 578f7538 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in exec_mmap / mm_update_next_owner
* Struck through repros no longer work on HEAD.