syzbot

 sign-in | mailing list | source | docs
🐞 Open [984] Subsystems 🐞 Fixed [5216] 🐞 Invalid [12474] Missing Backports [82] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

KCSAN: data-race in purge_fragmented_blocks_allcpus / vm_unmap_ram

Status: auto-closed as invalid on 2020/04/11 11:39
Subsystems: staging
[Documentation on labels]
First crash: 1539d, last: 1539d

Sample crash report:
==================================================================
BUG: KCSAN: data-race in purge_fragmented_blocks_allcpus / vm_unmap_ram

write to 0xffff88810abfe518 of 8 bytes by task 11024 on cpu 1:
 vb_free mm/vmalloc.c:1686 [inline]
 vm_unmap_ram+0x1b3/0x2b0 mm/vmalloc.c:1776
 ion_heap_clear_pages+0x60/0x80 drivers/staging/android/ion/ion_heap.c:107
 ion_heap_sglist_zero+0x15f/0x1a0 drivers/staging/android/ion/ion_heap.c:123
 ion_heap_buffer_zero+0x93/0xc0 drivers/staging/android/ion/ion_heap.c:145
 ion_system_heap_free+0x126/0x130 drivers/staging/android/ion/ion_system_heap.c:163
 ion_buffer_destroy+0xcb/0x1a0 drivers/staging/android/ion/ion.c:93
 _ion_heap_freelist_drain+0x286/0x2d0 drivers/staging/android/ion/ion_heap.c:201
 ion_heap_freelist_drain+0x29/0x40 drivers/staging/android/ion/ion_heap.c:211
 ion_buffer_create drivers/staging/android/ion/ion.c:56 [inline]
 ion_alloc drivers/staging/android/ion/ion.c:383 [inline]
 ion_ioctl+0x8c8/0xab0 drivers/staging/android/ion/ion.c:509
 vfs_ioctl fs/ioctl.c:47 [inline]
 file_ioctl fs/ioctl.c:545 [inline]
 do_vfs_ioctl+0x84f/0xcf0 fs/ioctl.c:732
 ksys_ioctl+0xbd/0xe0 fs/ioctl.c:749
 __do_sys_ioctl fs/ioctl.c:756 [inline]
 __se_sys_ioctl fs/ioctl.c:754 [inline]
 __x64_sys_ioctl+0x4c/0x60 fs/ioctl.c:754
 do_syscall_64+0xcc/0x3a0 arch/x86/entry/common.c:294
 entry_SYSCALL_64_after_hwframe+0x44/0xa9

read to 0xffff88810abfe518 of 8 bytes by task 11056 on cpu 0:
 purge_fragmented_blocks mm/vmalloc.c:1565 [inline]
 purge_fragmented_blocks_allcpus+0x2fb/0x530 mm/vmalloc.c:1595
 _vm_unmap_aliases.part.0+0x1d2/0x250 mm/vmalloc.c:1729
 _vm_unmap_aliases mm/vmalloc.c:1699 [inline]
 vm_unmap_aliases+0x48/0x60 mm/vmalloc.c:1753
 change_page_attr_set_clr+0x126/0x500 arch/x86/mm/pageattr.c:1709
 change_page_attr_clear arch/x86/mm/pageattr.c:1766 [inline]
 set_memory_x+0x57/0x70 arch/x86/mm/pageattr.c:1886
 bpf_jit_binary_lock_ro include/linux/filter.h:791 [inline]
 bpf_int_jit_compile+0x7be/0x93a arch/x86/net/bpf_jit_comp.c:1659
 bpf_prog_select_runtime+0x2f3/0x460 kernel/bpf/core.c:1801
 bpf_prog_load+0xa53/0xfa0 kernel/bpf/syscall.c:1809
 __do_sys_bpf+0xa6f/0x3150 kernel/bpf/syscall.c:3030
 __se_sys_bpf kernel/bpf/syscall.c:2989 [inline]
 __x64_sys_bpf+0x4c/0x60 kernel/bpf/syscall.c:2989
 do_syscall_64+0xcc/0x3a0 arch/x86/entry/common.c:294
 entry_SYSCALL_64_after_hwframe+0x44/0xa9

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 PID: 11056 Comm: syz-executor.3 Not tainted 5.5.0-rc1-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
==================================================================

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2020/02/01 11:39 https://github.com/google/ktsan.git kcsan 245a43005292 326d4c78 .config console log report ci2-upstream-kcsan-gce
* Struck through repros no longer work on HEAD.