syzbot


KCSAN: data-race in copy_process / free_pid (10)

Status: moderation: reported on 2023/12/10 00:02
Subsystems: kernel
[Documentation on labels]
Reported-by: syzbot+e947504c223a9c9457fa@syzkaller.appspotmail.com
First crash: 140d, last: 7d16h
Similar bugs (9)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KCSAN: data-race in copy_process / free_pid (8) kernel 1 445d 445d 0/26 auto-obsoleted due to no activity on 2023/01/17 03:08
upstream KCSAN: data-race in copy_process / free_pid kernel 1 1537d 1537d 0/26 auto-closed as invalid on 2020/02/20 19:37
upstream KCSAN: data-race in copy_process / free_pid (9) kernel 12 193d 279d 0/26 auto-obsoleted due to no activity on 2023/09/21 05:02
upstream KCSAN: data-race in copy_process / free_pid (6) kernel 2 635d 639d 0/26 auto-closed as invalid on 2022/07/06 07:38
upstream KCSAN: data-race in copy_process / free_pid (4) kernel 1 940d 940d 0/26 auto-closed as invalid on 2021/09/04 11:26
upstream KCSAN: data-race in copy_process / free_pid (5) kernel 32 776d 895d 0/26 auto-closed as invalid on 2022/02/15 18:33
upstream KCSAN: data-race in copy_process / free_pid (2) kasan 1 1451d 1451d 0/26 auto-closed as invalid on 2020/05/15 22:36
upstream KCSAN: data-race in copy_process / free_pid (7) kernel 4 535d 587d 0/26 auto-obsoleted due to no activity on 2022/10/14 18:22
upstream KCSAN: data-race in copy_process / free_pid (3) kernel 1 1130d 1130d 0/26 auto-closed as invalid on 2021/02/26 04:07

Sample crash report:
==================================================================
BUG: KCSAN: data-race in copy_process / free_pid

read-write to 0xffffffff85c59638 of 4 bytes by task 8686 on cpu 1:
 free_pid+0x80/0x170 kernel/pid.c:139
 copy_process+0x1aed/0x20a0 kernel/fork.c:2742
 kernel_clone+0x169/0x560 kernel/fork.c:2902
 __do_sys_clone3 kernel/fork.c:3203 [inline]
 __se_sys_clone3+0x1b5/0x1f0 kernel/fork.c:3187
 __x64_sys_clone3+0x31/0x40 kernel/fork.c:3187
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xcd/0x1d0 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x63/0x6b

read to 0xffffffff85c59638 of 4 bytes by task 3862 on cpu 0:
 copy_process+0x1700/0x20a0 kernel/fork.c:2648
 kernel_clone+0x169/0x560 kernel/fork.c:2902
 user_mode_thread+0x7d/0xb0 kernel/fork.c:2980
 call_usermodehelper_exec_work+0x41/0x150 kernel/umh.c:172
 process_one_work kernel/workqueue.c:2633 [inline]
 process_scheduled_works+0x5b8/0xa40 kernel/workqueue.c:2706
 worker_thread+0x525/0x730 kernel/workqueue.c:2787
 kthread+0x1d7/0x210 kernel/kthread.c:388
 ret_from_fork+0x48/0x60 arch/x86/kernel/process.c:147
 ret_from_fork_asm+0x11/0x20 arch/x86/entry/entry_64.S:242

value changed: 0x800001c0 -> 0x800001bf

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 PID: 3862 Comm: kworker/u4:63 Not tainted 6.8.0-rc5-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
Workqueue: events_unbound call_usermodehelper_exec_work
==================================================================
Quota error (device loop1): do_check_range: Getting dqdh_entries 15 out of range 0-14

Crashes (17):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2024/02/19 06:08 upstream b401b621758e 578f7538 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in copy_process / free_pid
2024/02/16 07:24 upstream 4f5e5092fdbf 578f7538 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in copy_process / free_pid
2024/01/28 06:17 upstream cd2286fc5775 cc4a4020 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in copy_process / free_pid
2024/01/18 00:53 upstream 1b1934dbbdcf 915053c7 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in copy_process / free_pid
2023/12/24 09:23 upstream 3f82f1c3a036 fb427a07 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in copy_process / free_pid
2023/12/21 10:54 upstream a4aebe936554 4f9530a3 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in copy_process / free_pid
2023/12/20 14:02 upstream 55cb5f43689d 3ad490ea .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in copy_process / free_pid
2023/12/19 00:52 upstream 2cf4f94d8e86 924661f4 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in copy_process / free_pid
2023/12/15 12:46 upstream 3f7168591ebf 3222d10c .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in copy_process / free_pid
2023/12/09 03:56 upstream f2e8a57ee903 28b24332 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in copy_process / free_pid
2023/12/03 05:17 upstream 1b8af6552cb7 f819d6f7 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in copy_process / free_pid
2023/11/30 04:07 upstream 3b47bc037bd4 f819d6f7 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in copy_process / free_pid
2023/11/23 06:37 upstream 9b6de136b5f0 fc59b78e .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in copy_process / free_pid
2023/11/13 06:32 upstream b57b17e88bf5 6d6dbf8a .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in copy_process / free_pid
2023/10/28 14:36 upstream 56567a20b22b 3c418d72 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in copy_process / free_pid
2023/10/24 05:35 upstream e017769f4ce2 af8d2e46 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in copy_process / free_pid
2023/10/09 05:35 upstream 94f6f0550c62 5e837c76 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in copy_process / free_pid
* Struck through repros no longer work on HEAD.