syzbot

 sign-in | mailing list | source | docs
🐞 Open [976] Subsystems 🐞 Fixed [5216] 🐞 Invalid [12471] Missing Backports [82] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

KCSAN: data-race in __thaw_task / get_signal

Status: auto-closed as invalid on 2021/03/13 11:47
Subsystems: kernel
[Documentation on labels]
First crash: 1167d, last: 1167d

Sample crash report:
0 pages HighMem/MovableOnly
82655 pages reserved
0 pages cma reserved
oom-kill:constraint=CONSTRAINT_MEMORY_POLICY,nodemask=0,cpuset=/,mems_allowed=0-1,global_oom,task_memcg=/,task=syz-executor.5,pid=17982,uid=0
==================================================================
BUG: KCSAN: data-race in __thaw_task / get_signal

write to 0xffff8881333ab02c of 4 bytes by task 17980 on cpu 1:
 get_signal+0xd12/0x14e0 kernel/signal.c:2753
 arch_do_signal_or_restart+0x2a/0x270 arch/x86/kernel/signal.c:811
 handle_signal_work kernel/entry/common.c:147 [inline]
 exit_to_user_mode_loop kernel/entry/common.c:171 [inline]
 exit_to_user_mode_prepare+0x11a/0x1b0 kernel/entry/common.c:201
 __syscall_exit_to_user_mode_work kernel/entry/common.c:291 [inline]
 syscall_exit_to_user_mode+0x20/0x40 kernel/entry/common.c:302
 do_syscall_64+0x45/0x80 arch/x86/entry/common.c:56
 entry_SYSCALL_64_after_hwframe+0x44/0xa9

read to 0xffff8881333ab02c of 4 bytes by task 17982 on cpu 0:
 frozen include/linux/freezer.h:27 [inline]
 __thaw_task+0x26/0x70 kernel/freezer.c:151
 mark_oom_victim+0xcc/0x1b0 mm/oom_kill.c:721
 __oom_kill_process+0x2f2/0x9c0 mm/oom_kill.c:892
 oom_kill_process+0x217/0x3f0 mm/oom_kill.c:989
 out_of_memory+0x6d4/0x890 mm/oom_kill.c:1099
 __alloc_pages_may_oom mm/page_alloc.c:4110 [inline]
 __alloc_pages_slowpath+0x742/0x9c0 mm/page_alloc.c:4848
 __alloc_pages_nodemask+0x269/0x350 mm/page_alloc.c:5014
 alloc_pages_vma+0x3e6/0x890 mm/mempolicy.c:2230
 alloc_zeroed_user_highpage_movable include/linux/highmem.h:197 [inline]
 do_anonymous_page+0x20d/0xd20 mm/memory.c:3535
 handle_pte_fault mm/memory.c:4385 [inline]
 __handle_mm_fault mm/memory.c:4522 [inline]
 handle_mm_fault+0x1020/0x1810 mm/memory.c:4620
 do_user_addr_fault+0x43e/0x830 arch/x86/mm/fault.c:1393
 handle_page_fault arch/x86/mm/fault.c:1450 [inline]
 exc_page_fault+0x94/0x2a0 arch/x86/mm/fault.c:1506
 asm_exc_page_fault+0x1e/0x30 arch/x86/include/asm/idtentry.h:580

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 PID: 17982 Comm: syz-executor.5 Not tainted 5.11.0-rc6-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
==================================================================

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2021/02/06 11:39 upstream 1e0d27fce010 23a562df .config console log report info ci2-upstream-kcsan-gce KCSAN: data-race in __thaw_task / get_signal
* Struck through repros no longer work on HEAD.