syzbot

 sign-in | mailing list | source | docs
🐞 Open [993] Subsystems 🐞 Fixed [5244] 🐞 Invalid [12515] Missing Backports [83] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

KCSAN: data-race in drain_all_stock / refill_stock (3)

Status: auto-obsoleted due to no activity on 2022/12/31 21:43
Subsystems: mm cgroups
[Documentation on labels]
First crash: 525d, last: 525d
Similar bugs (3)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KCSAN: data-race in drain_all_stock / refill_stock mm cgroups 2 1557d 1582d 0/26 auto-closed as invalid on 2020/03/31 10:30
upstream KCSAN: data-race in drain_all_stock / refill_stock (2) cgroups mm 15 596d 725d 0/26 auto-obsoleted due to no activity on 2022/10/14 01:10
upstream KCSAN: data-race in drain_all_stock / refill_stock (4) cgroups mm 1 453d 453d 0/26 auto-obsoleted due to no activity on 2023/04/09 19:39

Sample crash report:
==================================================================
BUG: KCSAN: data-race in drain_all_stock / refill_stock

read-write to 0xffff888237d283b0 of 4 bytes by interrupt on cpu 1:
 __refill_stock mm/memcontrol.c:2303 [inline]
 refill_stock+0xcf/0x130 mm/memcontrol.c:2314
 obj_cgroup_uncharge_pages+0x75/0x130 mm/memcontrol.c:3074
 refill_obj_stock+0x16d/0x1e0 mm/memcontrol.c:3345
 obj_cgroup_uncharge+0xa/0x10 mm/memcontrol.c:3394
 memcg_slab_free_hook+0x6e/0xe0 mm/slab.h:569
 __cache_free mm/slab.c:3372 [inline]
 __do_kmem_cache_free mm/slab.c:3585 [inline]
 kmem_cache_free+0xab/0x1b0 mm/slab.c:3610
 __d_free+0x2b/0x30 fs/dcache.c:298
 rcu_do_batch kernel/rcu/tree.c:2250 [inline]
 rcu_core+0x5ad/0xc10 kernel/rcu/tree.c:2510
 rcu_core_si+0x9/0x10 kernel/rcu/tree.c:2527
 __do_softirq+0xf2/0x2c7 kernel/softirq.c:571
 run_ksoftirqd+0x1f/0x30 kernel/softirq.c:934
 smpboot_thread_fn+0x308/0x4a0 kernel/smpboot.c:164
 kthread+0x1a9/0x1e0 kernel/kthread.c:376
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:306

read to 0xffff888237d283b0 of 4 bytes by task 7524 on cpu 0:
 drain_all_stock+0xcd/0x2b0 mm/memcontrol.c:2344
 try_charge_memcg+0x5d2/0x9c0 mm/memcontrol.c:2689
 obj_cgroup_charge_pages mm/memcontrol.c:3095 [inline]
 __memcg_kmem_charge_page+0x2e4/0x480 mm/memcontrol.c:3121
 __alloc_pages+0x1c1/0x340 mm/page_alloc.c:5572
 alloc_pages+0x3f1/0x4f0
 __get_free_pages+0x8/0x30 mm/page_alloc.c:5605
 io_mem_alloc io_uring/io_uring.c:2475 [inline]
 io_allocate_scq_urings+0xd9/0x25f io_uring/io_uring.c:3320
 io_uring_create+0x426/0x6ea io_uring/io_uring.c:3501
 io_uring_setup io_uring/io_uring.c:3599 [inline]
 __do_sys_io_uring_setup io_uring/io_uring.c:3605 [inline]
 __se_sys_io_uring_setup io_uring/io_uring.c:3602 [inline]
 __x64_sys_io_uring_setup+0x118/0x130 io_uring/io_uring.c:3602
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x2b/0x70 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x63/0xcd

value changed: 0x00000026 -> 0x00000029

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 PID: 7524 Comm: syz-executor.4 Not tainted 6.1.0-rc5-syzkaller-00144-g84368d882b96-dirty #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022
==================================================================

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2022/11/18 17:32 upstream 84368d882b96 5bb70014 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in drain_all_stock / refill_stock
* Struck through repros no longer work on HEAD.