syzbot

 sign-in | mailing list | source | docs
🐞 Open [982] Subsystems 🐞 Fixed [5236] 🐞 Invalid [12500] Missing Backports [83] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

KCSAN: data-race in __rb_insert_augmented / vm_area_dup

Status: closed as invalid on 2019/10/18 14:11
Subsystems: kernel
[Documentation on labels]
First crash: 1659d, last: 1659d
Similar bugs (1)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KCSAN: data-race in __rb_insert_augmented / vm_area_dup (2) mm 28 1442d 1633d 0/26 auto-closed as invalid on 2020/06/18 13:13

Sample crash report:
==================================================================
BUG: KCSAN: data-race in __rb_insert_augmented / vm_area_dup

read to 0xffff8881225d1708 of 200 bytes by task 7723 on cpu 0:
 vm_area_dup+0x70/0xf0 kernel/fork.c:350
 __split_vma+0x88/0x350 mm/mmap.c:2663
 split_vma+0x73/0xa0 mm/mmap.c:2721
 mprotect_fixup+0x51f/0x600 mm/mprotect.c:419
 do_mprotect_pkey+0x3eb/0x660 mm/mprotect.c:557
 __do_sys_mprotect mm/mprotect.c:582 [inline]
 __se_sys_mprotect mm/mprotect.c:579 [inline]
 __x64_sys_mprotect+0x51/0x70 mm/mprotect.c:579
 do_syscall_64+0xcf/0x2f0 arch/x86/entry/common.c:296
 entry_SYSCALL_64_after_hwframe+0x44/0xa9

write to 0xffff8881225d1760 of 8 bytes by task 7722 on cpu 1:
 rb_set_parent_color include/linux/rbtree_augmented.h:119 [inline]
 __rb_insert lib/rbtree.c:188 [inline]
 __rb_insert_augmented+0x1f0/0x370 lib/rbtree.c:459
 rb_insert_augmented include/linux/rbtree_augmented.h:50 [inline]
 rb_insert_augmented_cached include/linux/rbtree_augmented.h:60 [inline]
 vma_interval_tree_insert+0x196/0x230 mm/interval_tree.c:23
 __vma_link_file+0xd9/0x110 mm/mmap.c:625
 vma_link+0xae/0x130 mm/mmap.c:651
 mmap_region+0x8bb/0xd50 mm/mmap.c:1811
 do_mmap+0x6b0/0xb20 mm/mmap.c:1561
 do_mmap_pgoff include/linux/mm.h:2374 [inline]
 vm_mmap_pgoff+0x12d/0x190 mm/util.c:391
 vm_mmap+0x9d/0xd0 mm/util.c:410
 elf_map+0xd4/0x200 fs/binfmt_elf.c:377
 load_elf_interp fs/binfmt_elf.c:590 [inline]
 load_elf_binary+0x1643/0x30f0 fs/binfmt_elf.c:1086
 search_binary_handler fs/exec.c:1658 [inline]
 search_binary_handler+0x127/0x420 fs/exec.c:1635
 exec_binprm fs/exec.c:1701 [inline]
 __do_execve_file.isra.0+0xb76/0x1220 fs/exec.c:1821
 do_execveat_common fs/exec.c:1868 [inline]
 do_execve fs/exec.c:1885 [inline]
 __do_sys_execve fs/exec.c:1961 [inline]
 __se_sys_execve fs/exec.c:1956 [inline]
 __x64_sys_execve+0x62/0x80 fs/exec.c:1956

Reported by Kernel Concurrency Sanitizer on:
CPU: 1 PID: 7722 Comm: blkid Not tainted 5.3.0+ #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
==================================================================

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2019/10/09 19:30 https://github.com/google/ktsan.git kcsan d724f94f63de c4b9981b .config console log report ci2-upstream-kcsan-gce
* Struck through repros no longer work on HEAD.