syzbot

 sign-in | mailing list | source | docs
🐞 Open [985] Subsystems 🐞 Fixed [5216] 🐞 Invalid [12474] Missing Backports [82] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

KCSAN: data-race in drain_all_stock / drain_obj_stock (3)

Status: auto-closed as invalid on 2022/09/10 21:57
Subsystems: cgroups mm
[Documentation on labels]
First crash: 622d, last: 622d
Similar bugs (3)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KCSAN: data-race in drain_all_stock / drain_obj_stock cgroups mm 1 810d 810d 0/26 auto-closed as invalid on 2022/03/06 02:49
upstream KCSAN: data-race in drain_all_stock / drain_obj_stock (2) cgroups mm 1 757d 757d 0/26 auto-closed as invalid on 2022/04/28 00:32
upstream KCSAN: data-race in drain_all_stock / drain_obj_stock (4) cgroups mm 3 348d 364d 23/26 fixed on 2023/09/28 17:51

Sample crash report:
==================================================================
BUG: KCSAN: data-race in drain_all_stock / drain_obj_stock

write to 0xffff888237c283f8 of 8 bytes by task 303 on cpu 0:
 drain_obj_stock+0x476/0x550 mm/memcontrol.c:3237
 refill_obj_stock+0x9c/0x1e0 mm/memcontrol.c:3271
 obj_cgroup_charge+0x20b/0x2b0 mm/memcontrol.c:3332
 memcg_slab_pre_alloc_hook mm/slab.h:496 [inline]
 slab_pre_alloc_hook mm/slab.h:705 [inline]
 slab_alloc mm/slab.c:3278 [inline]
 __kmem_cache_alloc_lru mm/slab.c:3471 [inline]
 kmem_cache_alloc+0x92/0x2f0 mm/slab.c:3491
 vm_area_dup+0x44/0x120 kernel/fork.c:467
 __split_vma+0x82/0x320 mm/mmap.c:2685
 split_vma+0x57/0x70 mm/mmap.c:2743
 mprotect_fixup+0x49e/0x5b0 mm/mprotect.c:607
 do_mprotect_pkey+0x49a/0x6a0 mm/mprotect.c:780
 __do_sys_mprotect mm/mprotect.c:807 [inline]
 __se_sys_mprotect mm/mprotect.c:804 [inline]
 __x64_sys_mprotect+0x44/0x50 mm/mprotect.c:804
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x2b/0x70 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x63/0xcd

read to 0xffff888237c283f8 of 8 bytes by task 302 on cpu 1:
 obj_stock_flush_required mm/memcontrol.c:3250 [inline]
 drain_all_stock+0x189/0x2e0 mm/memcontrol.c:2293
 try_charge_memcg+0x63a/0xa40 mm/memcontrol.c:2635
 try_charge mm/memcontrol.c:2769 [inline]
 mem_cgroup_charge_skmem+0x4d/0x130 mm/memcontrol.c:7119
 sock_reserve_memory+0xb0/0x3a0 net/core/sock.c:1016
 sock_setsockopt+0xeeb/0x1a40 net/core/sock.c:1482
 __sys_setsockopt+0x242/0x2b0 net/socket.c:2248
 __do_sys_setsockopt net/socket.c:2263 [inline]
 __se_sys_setsockopt net/socket.c:2260 [inline]
 __x64_sys_setsockopt+0x62/0x70 net/socket.c:2260
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x2b/0x70 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x63/0xcd

value changed: 0xffff888137d98e40 -> 0xffff888137ea31c0

Reported by Kernel Concurrency Sanitizer on:
CPU: 1 PID: 302 Comm: syz-executor.4 Not tainted 5.19.0-syzkaller-10895-g6614a3c3164a-dirty #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022
==================================================================

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2022/08/06 21:49 upstream 6614a3c3164a 88e3a122 .config console log report info ci2-upstream-kcsan-gce KCSAN: data-race in drain_all_stock / drain_obj_stock
* Struck through repros no longer work on HEAD.