syzbot


KCSAN: data-race in page_counter_charge / page_counter_try_charge

Status: closed as invalid on 2019/11/19 14:44
Subsystems: mm
[Documentation on labels]
First crash: 1604d, last: 1601d
Similar bugs (1)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KCSAN: data-race in page_counter_charge / page_counter_try_charge (2) mm 11 1461d 1571d 0/26 auto-closed as invalid on 2020/06/06 21:22

Sample crash report:
==================================================================
BUG: KCSAN: data-race in page_counter_charge / page_counter_try_charge

write to 0xffff88812b33b150 of 8 bytes by task 25355 on cpu 0:
 page_counter_try_charge+0x7e/0x170 mm/page_counter.c:139
 try_charge+0x182/0xbc0 mm/memcontrol.c:2522
 mem_cgroup_try_charge+0xd2/0x260 mm/memcontrol.c:6504
 mem_cgroup_try_charge_delay+0x3a/0x80 mm/memcontrol.c:6519
 do_huge_pmd_wp_page+0x434/0x1a10 mm/huge_memory.c:1388
 wp_huge_pmd mm/memory.c:3750 [inline]
 __handle_mm_fault+0x1591/0x2c70 mm/memory.c:3963
 handle_mm_fault+0x21b/0x530 mm/memory.c:4010
 do_user_addr_fault arch/x86/mm/fault.c:1441 [inline]
 __do_page_fault+0x3fb/0x9e0 arch/x86/mm/fault.c:1506
 do_page_fault+0x54/0x233 arch/x86/mm/fault.c:1530
 page_fault+0x34/0x40 arch/x86/entry/entry_64.S:1202
 copy_user_enhanced_fast_string+0xe/0x30 arch/x86/lib/copy_user_64.S:204
 copy_page_to_iter_iovec lib/iov_iter.c:211 [inline]
 copy_page_to_iter+0x254/0x8b0 lib/iov_iter.c:900
 pipe_to_user+0x71/0xc0 fs/splice.c:1248
 splice_from_pipe_feed fs/splice.c:500 [inline]
 __splice_from_pipe+0x248/0x480 fs/splice.c:624
 vmsplice_to_user fs/splice.c:1272 [inline]
 do_vmsplice.part.0+0x1c5/0x210 fs/splice.c:1350
 do_vmsplice fs/splice.c:1344 [inline]
 __do_sys_vmsplice+0x15f/0x1c0 fs/splice.c:1371
 __se_sys_vmsplice fs/splice.c:1353 [inline]
 __x64_sys_vmsplice+0x5e/0x80 fs/splice.c:1353
 do_syscall_64+0xcc/0x370 arch/x86/entry/common.c:290
 entry_SYSCALL_64_after_hwframe+0x44/0xa9

read to 0xffff88812b33b150 of 8 bytes by task 25119 on cpu 1:
 page_counter_charge+0x5f/0xc0 mm/page_counter.c:85
 mem_cgroup_migrate+0x95/0x1d0 mm/memcontrol.c:6798
 migrate_page_states+0x52f/0x930 mm/migrate.c:651
 migrate_page_copy+0x288/0x9a0 mm/migrate.c:662
 migrate_page+0xf2/0x150 mm/migrate.c:690
 move_to_new_page+0xcb/0x3d0 mm/migrate.c:950
 __unmap_and_move mm/migrate.c:1116 [inline]
 unmap_and_move mm/migrate.c:1197 [inline]
 migrate_pages+0x1318/0x19a0 mm/migrate.c:1427
 do_mbind mm/mempolicy.c:1300 [inline]
 kernel_mbind+0x9a6/0xaa0 mm/mempolicy.c:1419
 __do_sys_mbind mm/mempolicy.c:1426 [inline]
 __se_sys_mbind mm/mempolicy.c:1422 [inline]
 __x64_sys_mbind+0x89/0xb0 mm/mempolicy.c:1422
 do_syscall_64+0xcc/0x370 arch/x86/entry/common.c:290
 entry_SYSCALL_64_after_hwframe+0x44/0xa9

Reported by Kernel Concurrency Sanitizer on:
CPU: 1 PID: 25119 Comm: syz-executor.3 Not tainted 5.4.0-rc6+ #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
==================================================================

Crashes (2):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2019/11/10 10:14 https://github.com/google/ktsan.git kcsan 94c006602e13 dc438b91 .config console log report ci2-upstream-kcsan-gce
2019/11/07 03:49 https://github.com/google/ktsan.git kcsan 94c006602e13 d797d201 .config console log report ci2-upstream-kcsan-gce
* Struck through repros no longer work on HEAD.