syzbot

 sign-in | mailing list | source | docs
🐞 Open [1027] Subsystems 🐞 Fixed [5251] 🐞 Invalid [12571] Missing Backports [86] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

KCSAN: data-race in do_task_stat / handle_mm_fault (5)

Status: auto-closed as invalid on 2021/10/19 23:13
Subsystems: fs
[Documentation on labels]
First crash: 991d, last: 963d
Similar bugs (4)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KCSAN: data-race in do_task_stat / handle_mm_fault (2) fs 4 1232d 1244d 0/26 auto-closed as invalid on 2021/01/24 01:57
upstream KCSAN: data-race in do_task_stat / handle_mm_fault (4) fs 1 1085d 1085d 0/26 auto-closed as invalid on 2021/06/20 04:11
upstream KCSAN: data-race in do_task_stat / handle_mm_fault (3) fs 1 1187d 1187d 0/26 auto-closed as invalid on 2021/03/10 04:55
upstream KCSAN: data-race in do_task_stat / handle_mm_fault fs 3 1327d 1341d 0/26 auto-closed as invalid on 2020/10/20 18:42

Sample crash report:
==================================================================
BUG: KCSAN: data-race in do_task_stat / handle_mm_fault

write to 0xffff88813f222678 of 8 bytes by task 20018 on cpu 0:
 mm_account_fault mm/memory.c:4741 [inline]
 handle_mm_fault+0x10d9/0x1580 mm/memory.c:4805
 do_user_addr_fault+0x609/0xbe0 arch/x86/mm/fault.c:1390
 handle_page_fault arch/x86/mm/fault.c:1475 [inline]
 exc_page_fault+0x91/0x220 arch/x86/mm/fault.c:1531
 asm_exc_page_fault+0x1e/0x30

read to 0xffff88813f222678 of 8 bytes by task 1 on cpu 1:
 do_task_stat+0x68c/0x1260 fs/proc/array.c:525
 proc_tgid_stat+0x2f/0x40 fs/proc/array.c:655
 proc_single_show+0x84/0x100 fs/proc/base.c:775
 seq_read_iter+0x2e1/0x930 fs/seq_file.c:230
 seq_read+0x248/0x290 fs/seq_file.c:162
 vfs_read+0x1e6/0x750 fs/read_write.c:483
 ksys_read+0xd9/0x190 fs/read_write.c:623
 __do_sys_read fs/read_write.c:633 [inline]
 __se_sys_read fs/read_write.c:631 [inline]
 __x64_sys_read+0x3e/0x50 fs/read_write.c:631
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x44/0xa0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x44/0xae

value changed: 0x000000000000001d -> 0x0000000000000021

Reported by Kernel Concurrency Sanitizer on:
CPU: 1 PID: 1 Comm: systemd Not tainted 5.15.0-rc1-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
==================================================================

Crashes (3):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2021/09/14 23:13 upstream 1619b69edce1 07e953c1 .config console log report info ci2-upstream-kcsan-gce KCSAN: data-race in do_task_stat / handle_mm_fault
2021/09/04 20:36 upstream a9c9a6f741cd d236a457 .config console log report info ci2-upstream-kcsan-gce KCSAN: data-race in do_task_stat / handle_mm_fault
2021/08/17 07:05 upstream a2824f19e606 33c26cb7 .config console log report info ci2-upstream-kcsan-gce KCSAN: data-race in do_task_stat / handle_mm_fault
* Struck through repros no longer work on HEAD.