syzbot


KCSAN: data-race in shmem_add_to_page_cache / shmem_getpage_gfp (2)
Status: moderation: reported on 2021/11/18 12:56
Reported-by: syzbot+ca1a39cda7547e0dce74@syzkaller.appspotmail.com
First crash: 353d, last: 7h37m
similar bugs (1):
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KCSAN: data-race in shmem_add_to_page_cache / shmem_getpage_gfp 209 354d 598d 0/22 closed as invalid on 2021/06/07 13:58

Sample crash report:
==================================================================
BUG: KCSAN: data-race in shmem_add_to_page_cache / shmem_getpage_gfp

read-write to 0xffff888138c11bd0 of 8 bytes by task 6457 on cpu 1:
 shmem_add_to_page_cache+0x802/0x8f0 mm/shmem.c:745
 shmem_getpage_gfp+0x79f/0x1740 mm/shmem.c:1900
 shmem_fault+0xd2/0x350 mm/shmem.c:2077
 __do_fault mm/memory.c:4154 [inline]
 do_read_fault mm/memory.c:4500 [inline]
 do_fault+0x500/0xb20 mm/memory.c:4629
 handle_pte_fault mm/memory.c:4892 [inline]
 __handle_mm_fault mm/memory.c:5031 [inline]
 handle_mm_fault+0x889/0xa90 mm/memory.c:5129
 do_user_addr_fault+0x4cd/0x940 arch/x86/mm/fault.c:1397
 handle_page_fault arch/x86/mm/fault.c:1484 [inline]
 exc_page_fault+0x60/0x160 arch/x86/mm/fault.c:1540
 asm_exc_page_fault+0x27/0x30
 copy_user_enhanced_fast_string+0xa/0x40
 copy_user_generic arch/x86/include/asm/uaccess_64.h:37 [inline]
 raw_copy_from_user arch/x86/include/asm/uaccess_64.h:52 [inline]
 copyin lib/iov_iter.c:166 [inline]
 _copy_from_iter+0x19d/0x820 lib/iov_iter.c:767
 copy_from_iter include/linux/uio.h:171 [inline]
 copy_from_iter_full include/linux/uio.h:177 [inline]
 skb_do_copy_data_nocache include/net/sock.h:2218 [inline]
 skb_copy_to_page_nocache include/net/sock.h:2244 [inline]
 tcp_sendmsg_locked+0x1155/0x1fd0 net/ipv4/tcp.c:1342
 tcp_sendmsg+0x2c/0x40 net/ipv4/tcp.c:1448
 inet_sendmsg+0x5f/0x80 net/ipv4/af_inet.c:819
 sock_sendmsg_nosec net/socket.c:714 [inline]
 sock_sendmsg net/socket.c:734 [inline]
 __sys_sendto+0x21e/0x2c0 net/socket.c:2119
 __do_sys_sendto net/socket.c:2131 [inline]
 __se_sys_sendto net/socket.c:2127 [inline]
 __x64_sys_sendto+0x74/0x90 net/socket.c:2127
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x2b/0x70 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x46/0xb0

read to 0xffff888138c11bd0 of 8 bytes by task 6467 on cpu 0:
 shmem_recalc_inode mm/shmem.c:362 [inline]
 shmem_getpage_gfp+0xd7b/0x1740 mm/shmem.c:1910
 shmem_fault+0xd2/0x350 mm/shmem.c:2077
 __do_fault mm/memory.c:4154 [inline]
 do_read_fault mm/memory.c:4500 [inline]
 do_fault+0x500/0xb20 mm/memory.c:4629
 handle_pte_fault mm/memory.c:4892 [inline]
 __handle_mm_fault mm/memory.c:5031 [inline]
 handle_mm_fault+0x889/0xa90 mm/memory.c:5129
 faultin_page mm/gup.c:953 [inline]
 __get_user_pages+0x34a/0xbf0 mm/gup.c:1174
 populate_vma_page_range mm/gup.c:1518 [inline]
 __mm_populate+0x26e/0x3a0 mm/gup.c:1631
 mm_populate include/linux/mm.h:2701 [inline]
 vm_mmap_pgoff+0x160/0x1f0 mm/util.c:557
 ksys_mmap_pgoff+0xc2/0x320 mm/mmap.c:1633
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x2b/0x70 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x46/0xb0

value changed: 0x00000000000001fb -> 0x00000000000001fc

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 PID: 6467 Comm: syz-executor.3 Not tainted 5.18.0-syzkaller-10037-g7e284070abe5-dirty #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
==================================================================

Crashes (116):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Title
ci2-upstream-kcsan-gce 2022/05/27 13:55 upstream 7e284070abe5 116e7a7b .config log report info KCSAN: data-race in shmem_add_to_page_cache / shmem_getpage_gfp
ci2-upstream-kcsan-gce 2022/05/20 14:10 upstream b015dcd62b86 cb1ac2e7 .config log report info KCSAN: data-race in shmem_add_to_page_cache / shmem_getpage_gfp
ci2-upstream-kcsan-gce 2022/05/19 20:06 upstream f993aed406ea cb1ac2e7 .config log report info KCSAN: data-race in shmem_add_to_page_cache / shmem_getpage_gfp
ci2-upstream-kcsan-gce 2022/05/18 17:40 upstream ef1302160bfb 50c53f39 .config log report info KCSAN: data-race in shmem_add_to_page_cache / shmem_getpage_gfp
ci2-upstream-kcsan-gce 2022/05/16 03:37 upstream 42226c989789 744a39e2 .config log report info KCSAN: data-race in shmem_add_to_page_cache / shmem_getpage_gfp
ci2-upstream-kcsan-gce 2022/05/15 06:29 upstream 2fe1020d73ca 744a39e2 .config log report info KCSAN: data-race in shmem_add_to_page_cache / shmem_getpage_gfp
ci2-upstream-kcsan-gce 2022/05/09 04:01 upstream c5eb0a61238d e60b1103 .config log report info KCSAN: data-race in shmem_add_to_page_cache / shmem_getpage_gfp
ci2-upstream-kcsan-gce 2022/05/08 18:55 upstream 379c72654524 e60b1103 .config log report info KCSAN: data-race in shmem_add_to_page_cache / shmem_getpage_gfp
ci2-upstream-kcsan-gce 2022/05/08 10:26 upstream 30c8e80f7932 e60b1103 .config log report info KCSAN: data-race in shmem_add_to_page_cache / shmem_getpage_gfp
ci2-upstream-kcsan-gce 2022/05/07 23:58 upstream 30c8e80f7932 e60b1103 .config log report info KCSAN: data-race in shmem_add_to_page_cache / shmem_getpage_gfp
ci2-upstream-kcsan-gce 2022/05/07 11:04 upstream 4b97bac0756a e60b1103 .config log report info KCSAN: data-race in shmem_add_to_page_cache / shmem_getpage_gfp
ci2-upstream-kcsan-gce 2022/05/05 21:57 upstream 0f5d752b1395 efeff0a5 .config log report info KCSAN: data-race in shmem_add_to_page_cache / shmem_getpage_gfp
ci2-upstream-kcsan-gce 2022/05/04 22:37 upstream a7391ad35724 dc9e5259 .config log report info KCSAN: data-race in shmem_add_to_page_cache / shmem_getpage_gfp
ci2-upstream-kcsan-gce 2022/04/25 19:41 upstream af2d861d4cd2 152baedd .config log report info KCSAN: data-race in shmem_add_to_page_cache / shmem_getpage_gfp
ci2-upstream-kcsan-gce 2022/04/22 18:35 upstream d569e86915b7 131df97d .config log report info KCSAN: data-race in shmem_add_to_page_cache / shmem_getpage_gfp
ci2-upstream-kcsan-gce 2022/04/21 22:45 upstream 59f0c2447e25 2738b391 .config log report info KCSAN: data-race in shmem_add_to_page_cache / shmem_getpage_gfp
ci2-upstream-kcsan-gce 2022/04/21 14:41 upstream b253435746d9 2738b391 .config log report info KCSAN: data-race in shmem_add_to_page_cache / shmem_getpage_gfp
ci2-upstream-kcsan-gce 2022/04/20 16:59 upstream 559089e0a93d d4befee1 .config log report info KCSAN: data-race in shmem_add_to_page_cache / shmem_getpage_gfp
ci2-upstream-kcsan-gce 2022/04/20 04:42 upstream 559089e0a93d 7d7bc738 .config log report info KCSAN: data-race in shmem_add_to_page_cache / shmem_getpage_gfp
ci2-upstream-kcsan-gce 2022/04/19 14:27 upstream b2d229d4ddb1 33fc6ed6 .config log report info KCSAN: data-race in shmem_add_to_page_cache / shmem_getpage_gfp
ci2-upstream-kcsan-gce 2022/04/19 10:30 upstream b2d229d4ddb1 c334415e .config log report info KCSAN: data-race in shmem_add_to_page_cache / shmem_getpage_gfp
ci2-upstream-kcsan-gce 2022/04/18 19:09 upstream b2d229d4ddb1 8bcc32a6 .config log report info KCSAN: data-race in shmem_add_to_page_cache / shmem_getpage_gfp
ci2-upstream-kcsan-gce 2022/04/15 15:32 upstream 028192fea1de 8bcc32a6 .config log report info KCSAN: data-race in shmem_add_to_page_cache / shmem_getpage_gfp
ci2-upstream-kcsan-gce 2022/04/15 04:13 upstream b9b4c79e5830 b17b2923 .config log report info KCSAN: data-race in shmem_add_to_page_cache / shmem_getpage_gfp
ci2-upstream-kcsan-gce 2022/04/13 11:27 upstream a19944809fe9 b17b2923 .config log report info KCSAN: data-race in shmem_add_to_page_cache / shmem_getpage_gfp
ci2-upstream-kcsan-gce 2022/04/10 16:59 upstream 1862a69c9174 e22c3da3 .config log report info KCSAN: data-race in shmem_add_to_page_cache / shmem_getpage_gfp
ci2-upstream-kcsan-gce 2022/04/10 00:09 upstream e1f700ebd6be e22c3da3 .config log report info KCSAN: data-race in shmem_add_to_page_cache / shmem_getpage_gfp
ci2-upstream-kcsan-gce 2022/04/09 11:08 upstream f1b45d8ccb98 e22c3da3 .config log report info KCSAN: data-race in shmem_add_to_page_cache / shmem_getpage_gfp
ci2-upstream-kcsan-gce 2022/04/08 00:15 upstream 42e7a03d3bad c6ff3e05 .config log report info KCSAN: data-race in shmem_add_to_page_cache / shmem_getpage_gfp
ci2-upstream-kcsan-gce 2022/04/04 04:50 upstream 09bb8856d4a7 79a2a8fc .config log report info KCSAN: data-race in shmem_add_to_page_cache / shmem_getpage_gfp
ci2-upstream-kcsan-gce 2022/04/03 02:00 upstream be2d3ecedd99 79a2a8fc .config log report info KCSAN: data-race in shmem_add_to_page_cache / shmem_getpage_gfp
ci2-upstream-kcsan-gce 2022/04/01 18:25 upstream d0d642a5d365 79a2a8fc .config log report info KCSAN: data-race in shmem_add_to_page_cache / shmem_getpage_gfp
ci2-upstream-kcsan-gce 2022/03/29 11:22 upstream 1930a6e739c4 6bdac766 .config log report info KCSAN: data-race in shmem_add_to_page_cache / shmem_getpage_gfp
ci2-upstream-kcsan-gce 2022/03/12 03:42 upstream 79b00034e9dc 9e8eaa75 .config log report info KCSAN: data-race in shmem_add_to_page_cache / shmem_getpage_gfp
ci2-upstream-kcsan-gce 2022/03/10 17:16 upstream 3bf7edc84a9e 9e8eaa75 .config log report info KCSAN: data-race in shmem_add_to_page_cache / shmem_getpage_gfp
ci2-upstream-kcsan-gce 2022/03/09 19:29 upstream 330f4c53d3c2 9e8eaa75 .config log report info KCSAN: data-race in shmem_add_to_page_cache / shmem_getpage_gfp
ci2-upstream-kcsan-gce 2022/03/08 13:19 upstream ea4424be1688 7bdd8b2c .config log report info KCSAN: data-race in shmem_add_to_page_cache / shmem_getpage_gfp
ci2-upstream-kcsan-gce 2022/03/06 18:40 upstream dcde98da9970 7bdd8b2c .config log report info KCSAN: data-race in shmem_add_to_page_cache / shmem_getpage_gfp
ci2-upstream-kcsan-gce 2022/03/05 06:11 upstream 07ebd38a0da2 45a13a73 .config log report info KCSAN: data-race in shmem_add_to_page_cache / shmem_getpage_gfp
ci2-upstream-kcsan-gce 2022/03/03 17:56 upstream 5859a2b19911 45a13a73 .config log report info KCSAN: data-race in shmem_add_to_page_cache / shmem_getpage_gfp
ci2-upstream-kcsan-gce 2022/03/01 09:29 upstream 719fce7539cd 45a13a73 .config log report info KCSAN: data-race in shmem_add_to_page_cache / shmem_getpage_gfp
ci2-upstream-kcsan-gce 2022/02/25 14:20 upstream 53ab78cd6d5a 7c337266 .config log report info KCSAN: data-race in shmem_add_to_page_cache / shmem_getpage_gfp
ci2-upstream-kcsan-gce 2022/02/24 17:50 upstream 23d04328444a b28851a4 .config log report info KCSAN: data-race in shmem_add_to_page_cache / shmem_getpage_gfp
ci2-upstream-kcsan-gce 2022/02/21 06:43 upstream 7f25f0412c9e 3cd800e4 .config log report info KCSAN: data-race in shmem_add_to_page_cache / shmem_getpage_gfp
ci2-upstream-kcsan-gce 2022/02/17 15:24 upstream f71077a4d84b 2bea8a27 .config log report info KCSAN: data-race in shmem_add_to_page_cache / shmem_getpage_gfp
ci2-upstream-kcsan-gce 2022/02/09 03:22 upstream e6251ab4551f 0b33604d .config log report info KCSAN: data-race in shmem_add_to_page_cache / shmem_getpage_gfp
ci2-upstream-kcsan-gce 2022/02/08 00:12 upstream 2ade8eef993c a7dab638 .config log report info KCSAN: data-race in shmem_add_to_page_cache / shmem_getpage_gfp
ci2-upstream-kcsan-gce 2021/11/17 12:12 upstream 8ab774587903 cafff8b6 .config log report info KCSAN: data-race in shmem_add_to_page_cache / shmem_getpage_gfp
ci2-upstream-kcsan-gce 2021/11/15 18:49 upstream 8ab774587903 75b04091 .config log report info KCSAN: data-race in shmem_add_to_page_cache / shmem_getpage_gfp
ci2-upstream-kcsan-gce 2021/06/08 15:28 upstream 614124bea77e 5c2fe346 .config log report info KCSAN: data-race in shmem_add_to_page_cache / shmem_getpage_gfp