syzbot

 sign-in | mailing list | source | docs
🐞 Open [993] Subsystems 🐞 Fixed [5244] 🐞 Invalid [12515] Missing Backports [83] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

KCSAN: data-race in __thaw_task / futex_wait_queue_me (2)

Status: auto-closed as invalid on 2020/02/28 17:09
Subsystems: kernel
[Documentation on labels]
First crash: 1610d, last: 1589d
Similar bugs (1)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KCSAN: data-race in __thaw_task / futex_wait_queue_me cgroups 1 1646d 1646d 0/26 closed as invalid on 2019/11/19 13:44

Sample crash report:
Memory cgroup out of memory: Killed process 18098 (syz-executor.1) total-vm:72584kB, anon-rss:2212kB, file-rss:35792kB, shmem-rss:0kB, UID:0 pgtables:139264kB oom_score_adj:1000
==================================================================
BUG: KCSAN: data-race in __thaw_task / futex_wait_queue_me

write to 0xffff8880b7e45064 of 4 bytes by task 18084 on cpu 1:
 freezer_count include/linux/freezer.h:121 [inline]
 freezable_schedule include/linux/freezer.h:173 [inline]
 futex_wait_queue_me+0x1a2/0x290 kernel/futex.c:2704
 futex_wait+0x19b/0x3f0 kernel/futex.c:2810
 do_futex+0xe9/0x18d0 kernel/futex.c:3881
 __do_sys_futex kernel/futex.c:3942 [inline]
 __se_sys_futex kernel/futex.c:3910 [inline]
 __x64_sys_futex+0x2cd/0x3f0 kernel/futex.c:3910
 do_syscall_64+0xcc/0x3a0 arch/x86/entry/common.c:294
 entry_SYSCALL_64_after_hwframe+0x44/0xa9

read to 0xffff8880b7e45064 of 4 bytes by task 7905 on cpu 0:
 frozen include/linux/freezer.h:27 [inline]
 __thaw_task+0x33/0x80 kernel/freezer.c:151
 mark_oom_victim+0xc1/0x220 mm/oom_kill.c:717
 __oom_kill_process+0x296/0x620 mm/oom_kill.c:886
 oom_kill_process+0xcb/0x270 mm/oom_kill.c:983
 out_of_memory mm/oom_kill.c:1111 [inline]
 out_of_memory+0x231/0xa60 mm/oom_kill.c:1043
 mem_cgroup_out_of_memory+0x128/0x150 mm/memcontrol.c:1575
 mem_cgroup_oom mm/memcontrol.c:1808 [inline]
 try_charge+0xb6c/0xbf0 mm/memcontrol.c:2504
 mem_cgroup_try_charge+0xd2/0x260 mm/memcontrol.c:6404
 mem_cgroup_try_charge_delay+0x3a/0x80 mm/memcontrol.c:6419
 wp_page_copy+0x322/0x1040 mm/memory.c:2428
 do_wp_page+0x192/0xeb0 mm/memory.c:2724
 handle_pte_fault mm/memory.c:3961 [inline]
 __handle_mm_fault+0x1d16/0x2e00 mm/memory.c:4075
 handle_mm_fault+0x21b/0x530 mm/memory.c:4112
 do_user_addr_fault arch/x86/mm/fault.c:1441 [inline]
 __do_page_fault+0x456/0x8d0 arch/x86/mm/fault.c:1506
 do_page_fault+0x38/0x194 arch/x86/mm/fault.c:1530
 page_fault+0x34/0x40 arch/x86/entry/entry_64.S:1203

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 PID: 7905 Comm: syz-executor.1 Not tainted 5.5.0-rc1-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
==================================================================

Crashes (3):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2019/12/20 17:08 https://github.com/google/ktsan.git kcsan 245a43005292 34011c05 .config console log report ci2-upstream-kcsan-gce
2019/12/20 03:56 https://github.com/google/ktsan.git kcsan 245a43005292 36650b4b .config console log report ci2-upstream-kcsan-gce
2019/11/29 19:12 https://github.com/google/ktsan.git kcsan ef798c30ba4e 4f7e1d0f .config console log report ci2-upstream-kcsan-gce
* Struck through repros no longer work on HEAD.