KCSAN: data-race in yama_task_free / yama_task

KCSAN: data-race in yama_task_free / yama_task_free
Status: moderation: reported on 2020/11/20 15:14
Reported-by: syzbot+a20793763dea40411f1b@syzkaller.appspotmail.com
First crash: 303d, last: 18d

Sample crash report:

==================================================================
BUG: KCSAN: data-race in yama_task_free / yama_task_free

write to 0xffff8881017b4790 of 1 bytes by interrupt on cpu 0:
 yama_ptracer_del security/yama/yama_lsm.c:191 [inline]
 yama_task_free+0xc3/0x160 security/yama/yama_lsm.c:207
 security_task_free+0x3f/0xa0 security/security.c:1610
 __put_task_struct+0xc2/0x3a0 kernel/fork.c:736
 put_task_struct include/linux/sched/task.h:113 [inline]
 delayed_put_task_struct+0x4e/0x130 kernel/exit.c:173
 rcu_do_batch kernel/rcu/tree.c:2559 [inline]
 rcu_core+0x6e3/0xc70 kernel/rcu/tree.c:2794
 rcu_core_si+0x9/0x10 kernel/rcu/tree.c:2807
 __do_softirq+0x13c/0x2c3 kernel/softirq.c:345
 invoke_softirq kernel/softirq.c:221 [inline]
 __irq_exit_rcu+0xb4/0xc0 kernel/softirq.c:422
 sysvec_apic_timer_interrupt+0x37/0x80 arch/x86/kernel/apic/apic.c:1100
 asm_sysvec_apic_timer_interrupt+0x12/0x20 arch/x86/include/asm/idtentry.h:632

read to 0xffff8881017b4790 of 1 bytes by interrupt on cpu 1:
 yama_ptracer_del security/yama/yama_lsm.c:187 [inline]
 yama_task_free+0x5c/0x160 security/yama/yama_lsm.c:207
 security_task_free+0x3f/0xa0 security/security.c:1610
 __put_task_struct+0xc2/0x3a0 kernel/fork.c:736
 put_task_struct include/linux/sched/task.h:113 [inline]
 delayed_put_task_struct+0x4e/0x130 kernel/exit.c:173
 rcu_do_batch kernel/rcu/tree.c:2559 [inline]
 rcu_core+0x6e3/0xc70 kernel/rcu/tree.c:2794
 rcu_core_si+0x9/0x10 kernel/rcu/tree.c:2807
 __do_softirq+0x13c/0x2c3 kernel/softirq.c:345
 invoke_softirq kernel/softirq.c:221 [inline]
 __irq_exit_rcu+0xb4/0xc0 kernel/softirq.c:422
 sysvec_apic_timer_interrupt+0x6e/0x80 arch/x86/kernel/apic/apic.c:1100
 asm_sysvec_apic_timer_interrupt+0x12/0x20 arch/x86/include/asm/idtentry.h:632
 smap_restore arch/x86/include/asm/smap.h:70 [inline]
 kcsan_setup_watchpoint+0x436/0x470 kernel/kcsan/core.c:590
 rcu_preempt_read_enter kernel/rcu/tree_plugin.h:356 [inline]
 __rcu_read_lock+0x21/0x40 kernel/rcu/tree_plugin.h:376
 rcu_read_lock include/linux/rcupdate.h:654 [inline]
 lock_page_memcg+0x2d/0xf0 mm/memcontrol.c:2142
 page_remove_rmap+0x1e/0x640 mm/rmap.c:1348
 zap_pte_range+0x5b9/0x13f0 mm/memory.c:1270
 zap_pmd_range mm/memory.c:1374 [inline]
 zap_pud_range mm/memory.c:1403 [inline]
 zap_p4d_range mm/memory.c:1424 [inline]
 unmap_page_range+0x540/0x650 mm/memory.c:1445
 unmap_single_vma+0x157/0x210 mm/memory.c:1490
 unmap_vmas+0xc0/0x170 mm/memory.c:1522
 exit_mmap+0x1be/0x400 mm/mmap.c:3218
 __mmput+0xa2/0x220 kernel/fork.c:1090
 mmput+0x3d/0x50 kernel/fork.c:1111
 exit_mm+0x344/0x430 kernel/exit.c:501
 do_exit+0x3fc/0x15e0 kernel/exit.c:812
 do_group_exit+0xce/0x180 kernel/exit.c:922
 get_signal+0xf93/0x1510 kernel/signal.c:2781
 arch_do_signal_or_restart+0x2a/0x270 arch/x86/kernel/signal.c:789
 handle_signal_work kernel/entry/common.c:147 [inline]
 exit_to_user_mode_loop kernel/entry/common.c:171 [inline]
 exit_to_user_mode_prepare+0x11a/0x1b0 kernel/entry/common.c:208
 __syscall_exit_to_user_mode_work kernel/entry/common.c:290 [inline]
 syscall_exit_to_user_mode+0x20/0x40 kernel/entry/common.c:301
 do_syscall_64+0x45/0x80 arch/x86/entry/common.c:56
 entry_SYSCALL_64_after_hwframe+0x44/0xae

Reported by Kernel Concurrency Sanitizer on:
CPU: 1 PID: 13237 Comm: syz-executor.3 Not tainted 5.12.0-rc5-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
==================================================================

Crashes (87):
Manager	Time	Kernel	Commit	Syzkaller	Config	Log	Report	VM info	Title
ci2-upstream-kcsan-gce	2021/04/02 14:28	upstream	1678e493	6a81331a	.config	log	report	info	KCSAN: data-race in yama_task_free / yama_task_free
ci2-upstream-kcsan-gce	2021/04/01 18:15	upstream	ffd9fb54	6a81331a	.config	log	report	info	KCSAN: data-race in yama_task_free / yama_task_free
ci2-upstream-kcsan-gce	2021/03/29 14:53	upstream	a5e13c6d	a8529b82	.config	log	report	info	KCSAN: data-race in yama_task_free / yama_task_free
ci2-upstream-kcsan-gce	2021/03/28 08:40	upstream	0f4498ce	a8529b82	.config	log	report	info	KCSAN: data-race in yama_task_free / yama_task_free
ci2-upstream-kcsan-gce	2021/03/20 11:21	upstream	1c273e10	e45f5621	.config	log	report	info	KCSAN: data-race in yama_task_free / yama_task_free
ci2-upstream-kcsan-gce	2021/03/20 06:38	upstream	8b12a62a	3d01c4de	.config	log	report	info	KCSAN: data-race in yama_task_free / yama_task_free
ci2-upstream-kcsan-gce	2021/03/18 09:28	upstream	6417f031	7216542e	.config	log	report	info	KCSAN: data-race in yama_task_free / yama_task_free
ci2-upstream-kcsan-gce	2021/03/17 15:19	upstream	1df27313	fdb2bb2c	.config	log	report	info	KCSAN: data-race in yama_task_free / yama_task_free
ci2-upstream-kcsan-gce	2021/03/09 12:34	upstream	144c79ef	09fbf400	.config	log	report	info	KCSAN: data-race in yama_task_free / yama_task_free
ci2-upstream-kcsan-gce	2021/02/12 08:13	upstream	dcc0b490	a5f86b15	.config	log	report	info	KCSAN: data-race in yama_task_free / yama_task_free
ci2-upstream-kcsan-gce	2021/02/04 13:07	upstream	61556703	42b90a7c	.config	log	report	info	KCSAN: data-race in yama_task_free / yama_task_free
ci2-upstream-kcsan-gce	2021/02/02 04:04	upstream	88bb507a	e6b95f32	.config	log	report	info	KCSAN: data-race in yama_task_free / yama_task_free
ci2-upstream-kcsan-gce	2021/02/01 00:13	upstream	6642d600	fc9fd31e	.config	log	report	info	KCSAN: data-race in yama_task_free / yama_task_free
ci2-upstream-kcsan-gce	2021/01/27 14:39	upstream	2ab38c17	a0ebf917	.config	log	report	info	KCSAN: data-race in yama_task_free / yama_task_free
ci2-upstream-kcsan-gce	2021/01/19 06:54	upstream	1e2a199f	63631df1	.config	log	report	info	KCSAN: data-race in yama_task_free / yama_task_free
ci2-upstream-kcsan-gce	2021/01/17 11:55	upstream	0da0a8a0	813be542	.config	log	report	info
ci2-upstream-kcsan-gce	2021/01/14 08:44	upstream	65f0d241	269d24e8	.config	log	report	info
ci2-upstream-kcsan-gce	2021/01/13 13:36	upstream	e609571b	a945f0a3	.config	log	report	info
ci2-upstream-kcsan-gce	2021/01/08 23:11	upstream	6279d812	c104d4a3	.config	log	report	info
ci2-upstream-kcsan-gce	2021/01/02 09:24	upstream	eda809ae	79264ae3	.config	log	report	info
ci2-upstream-kcsan-gce	2020/12/29 06:07	upstream	dea8dcf2	8259d56c	.config	log	report	info
ci2-upstream-kcsan-gce	2020/12/26 23:54	upstream	40f78232	821e0b09	.config	log	report	info
ci2-upstream-kcsan-gce	2020/12/19 10:19	upstream	3644e2d2	04201c06	.config	log	report	info
ci2-upstream-kcsan-gce	2020/12/18 00:40	upstream	d64c6f96	04201c06	.config	log	report	info
ci2-upstream-kcsan-gce	2020/12/16 12:50	upstream	d01e7f10	649595c6	.config	log	report	info
ci2-upstream-kcsan-gce	2020/12/12 20:47	upstream	7b1b868e	bca53db9	.config	log	report	info
ci2-upstream-kcsan-gce	2020/12/12 09:43	upstream	7f376f19	bca53db9	.config	log	report	info
ci2-upstream-kcsan-gce	2020/12/10 14:53	upstream	a2f5ea9e	2a55c22b	.config	log	report	info
ci2-upstream-kcsan-gce	2020/12/05 16:16	upstream	b3298500	0ef84591	.config	log	report	info
ci2-upstream-kcsan-gce	2020/12/03 05:19	upstream	3bb61aa6	8c9190ef	.config	log	report	info
ci2-upstream-kcsan-gce	2020/12/02 10:09	upstream	509a1542	c42a35e9	.config	log	report	info
ci2-upstream-kcsan-gce	2020/11/28 01:12	upstream	85a2c56c	486f93ef	.config	log	report	info
ci2-upstream-kcsan-gce	2020/11/27 04:25	upstream	4df91062	5018c946	.config	log	report	info
ci2-upstream-kcsan-gce	2020/11/26 10:28	upstream	fa02fcd9	2f1cec62	.config	log	report	info
ci2-upstream-kcsan-gce	2020/11/25 19:40	upstream	fa02fcd9	3f581b43	.config	log	report	info
ci2-upstream-kcsan-gce	2020/11/23 19:58	upstream	418baf2c	878fb17a	.config	log	report	info
ci2-upstream-kcsan-gce	2020/11/20 22:35	upstream	4d02da97	68068804	.config	log	report	info
ci2-upstream-kcsan-gce	2020/11/20 03:14	upstream	131ad0b6	0767f13f	.config	log	report	info
ci2-upstream-kcsan-gce	2020/11/15 10:37	upstream	e28c0d7c	1bf9a662	.config	log	report	info
ci2-upstream-kcsan-gce	2020/11/14 07:19	upstream	9e6a39ea	1bf9a662	.config	log	report	info
ci2-upstream-kcsan-gce	2020/11/12 23:46	upstream	af5043c8	16fca0c8	.config	log	report	info
ci2-upstream-kcsan-gce	2020/11/12 07:15	upstream	3d5e28bf	cca87986	.config	log	report	info
ci2-upstream-kcsan-gce	2020/11/11 04:00	upstream	eccc8767	cca87986	.config	log	report	info
ci2-upstream-kcsan-gce	2020/11/08 03:21	upstream	4429f14a	cba33199	.config	log	report	info
ci2-upstream-kcsan-gce	2020/10/24 07:22	upstream	0adc313c	2bb6666c	.config	log	report	info
ci2-upstream-kcsan-gce	2020/10/20 07:24	upstream	bbe85027	ff4a3345	.config	log	report	info
ci2-upstream-kcsan-gce	2020/10/08 21:27	upstream	3d006ee4	92390980	.config	log	report	info
ci2-upstream-kcsan-gce	2020/10/04 22:36	upstream	22fbc037	5ef9c291	.config	log	report	info
ci2-upstream-kcsan-gce	2020/09/28 10:46	upstream	a1b8638b	6bfdbe89	.config	log	report	info
ci2-upstream-kcsan-gce	2020/09/26 15:33	upstream	7c7ec322	2d5ea0cb	.config	log	report	info
ci2-upstream-kcsan-gce	2020/08/07 05:08	upstream	d6efb3ac	cb436c69	.config	log	report
ci2-upstream-kcsan-gce	2020/08/05 05:40	upstream	c0842fbc	02034dac	.config	log	report
ci2-upstream-kcsan-gce	2020/07/28 03:21	upstream	92ed3019	cb93dc6a	.config	log	report
ci2-upstream-kcsan-gce	2020/07/24 05:11	upstream	f37e99ac	70c104a1	.config	log	report
ci2-upstream-kcsan-gce	2020/07/22 21:38	upstream	8c26c87b	128cd85f	.config	log	report
ci2-upstream-kcsan-gce	2020/07/19 19:50	upstream	f932d58a	9c812472	.config	log	report
ci2-upstream-kcsan-gce	2020/07/18 23:18	upstream	6cf7ccba	9c812472	.config	log	report
ci2-upstream-kcsan-gce	2020/07/18 14:20	upstream	6a70f89c	9c812472	.config	log	report
ci2-upstream-kcsan-gce	2020/07/05 13:31	upstream	35e884f8	22f87567	.config	log	report
ci2-upstream-kcsan-gce	2020/07/04 20:22	upstream	35e884f8	4f739670	.config	log	report
ci2-upstream-kcsan-gce	2020/06/30 12:52	upstream	7c30b859	917afeaa	.config	log	report
ci2-upstream-kcsan-gce	2020/06/29 00:19	upstream	91a9a90d	a2cdad9d	.config	log	report
ci2-upstream-kcsan-gce	2020/06/27 10:30	upstream	1590a2e1	032b4239	.config	log	report
ci2-upstream-kcsan-gce	2020/06/27 05:35	upstream	1590a2e1	ffec44b5	.config	log	report
ci2-upstream-kcsan-gce	2020/06/25 16:59	upstream	8be3a53e	c7b4497a	.config	log	report
ci2-upstream-kcsan-gce	2020/06/25 03:50	upstream	26e122e9	9d60b18e	.config	log	report
ci2-upstream-kcsan-gce	2020/06/22 00:32	upstream	64677779	4f2acff9	.config	log	report