syzbot


KCSAN: data-race in do_signal_stop / handle_userfault

Status: closed as invalid on 2020/06/18 14:24
Subsystems: fs
[Documentation on labels]
First crash: 1442d, last: 1385d

Sample crash report:
==================================================================
BUG: KCSAN: data-race in do_signal_stop / handle_userfault

write to 0xffff8880ad886090 of 8 bytes by task 2038 on cpu 1:
 handle_userfault+0x879/0xfa0 fs/userfaultfd.c:548
 do_anonymous_page mm/memory.c:3352 [inline]
 handle_pte_fault mm/memory.c:4213 [inline]
 __handle_mm_fault+0x1f32/0x2da0 mm/memory.c:4345
 handle_mm_fault+0x21c/0x540 mm/memory.c:4382
 do_user_addr_fault arch/x86/mm/fault.c:1464 [inline]
 do_page_fault+0x48a/0xa96 arch/x86/mm/fault.c:1535
 page_fault+0x34/0x40 arch/x86/entry/entry_64.S:1203
 copy_user_generic_unrolled+0x86/0xc0 arch/x86/lib/copy_user_64.S:89
 copy_user_generic arch/x86/include/asm/uaccess_64.h:37 [inline]
 raw_copy_from_user arch/x86/include/asm/uaccess_64.h:68 [inline]
 _copy_from_user+0x92/0xf0 lib/usercopy.c:15
 copy_from_user include/linux/uaccess.h:144 [inline]
 sctp_getsockopt_assoc_stats+0x8e/0x4b0 net/sctp/socket.c:7322
 sctp_getsockopt net/sctp/socket.c:8180 [inline]
 sctp_getsockopt+0x29f9/0x5252 net/sctp/socket.c:8023
 sock_common_getsockopt+0x5d/0x80 net/core/sock.c:3131
 __sys_getsockopt+0xed/0x210 net/socket.c:2177
 __do_sys_getsockopt net/socket.c:2192 [inline]
 __se_sys_getsockopt net/socket.c:2189 [inline]
 __x64_sys_getsockopt+0x6b/0x80 net/socket.c:2189
 do_syscall_64+0xc7/0x3b0 arch/x86/entry/common.c:295
 entry_SYSCALL_64_after_hwframe+0x44/0xa9

read to 0xffff8880ad886090 of 8 bytes by task 2036 on cpu 0:
 do_signal_stop+0x3cc/0x4e0 kernel/signal.c:2353
 get_signal+0x601/0x1290 kernel/signal.c:2699
 do_signal+0x2b/0x840 arch/x86/kernel/signal.c:784
 exit_to_usermode_loop+0x24a/0x2c0 arch/x86/entry/common.c:161
 prepare_exit_to_usermode arch/x86/entry/common.c:196 [inline]
 syscall_return_slowpath arch/x86/entry/common.c:279 [inline]
 do_syscall_64+0x38b/0x3b0 arch/x86/entry/common.c:305
 entry_SYSCALL_64_after_hwframe+0x44/0xa9

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 PID: 2036 Comm: syz-executor.4 Not tainted 5.7.0-rc1-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
==================================================================

Crashes (12):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2020/06/12 06:50 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 819b58b0 .config console log report ci2-upstream-kcsan-gce
2020/06/08 23:31 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 0d60b78a .config console log report ci2-upstream-kcsan-gce
2020/05/30 02:52 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 954bd312 .config console log report ci2-upstream-kcsan-gce
2020/05/25 04:59 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 11284182 .config console log report ci2-upstream-kcsan-gce
2020/05/20 10:36 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 1255f02a .config console log report ci2-upstream-kcsan-gce
2020/05/16 02:41 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 37bccd4e .config console log report ci2-upstream-kcsan-gce
2020/05/05 15:40 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 4b76dd25 .config console log report ci2-upstream-kcsan-gce
2020/05/02 00:14 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 bc734e7a .config console log report ci2-upstream-kcsan-gce
2020/04/25 09:52 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 a113ba38 .config console log report ci2-upstream-kcsan-gce
2020/04/21 00:23 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 98a9f9e6 .config console log report ci2-upstream-kcsan-gce
2020/04/16 16:04 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 c743fcb3 .config console log report ci2-upstream-kcsan-gce
2020/04/16 15:56 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 c743fcb3 .config console log report ci2-upstream-kcsan-gce
* Struck through repros no longer work on HEAD.