FAULT_INJECTION: forcing a failure. name failslab, interval 1, probability 0, space 0, times 0 ================================================================== BUG: KCSAN: data-race in data_push_tail / number write to 0xffffffff86dbd928 of 1 bytes by task 21343 on cpu 0: number+0x955/0xb60 lib/vsprintf.c:561 vsnprintf+0xb6d/0xed0 lib/vsprintf.c:2872 vscnprintf+0x29/0x80 lib/vsprintf.c:2909 printk_sprint kernel/printk/printk.c:2099 [inline] vprintk_store+0x638/0xbb0 kernel/printk/printk.c:2209 vprintk_emit+0xcc/0x430 kernel/printk/printk.c:2256 vprintk_default+0x22/0x30 kernel/printk/printk.c:2283 vprintk+0x7f/0x90 kernel/printk/printk_safe.c:50 _printk+0x76/0x97 kernel/printk/printk.c:2293 __show_regs+0xd6/0x330 arch/x86/kernel/process_64.c:89 show_regs_if_on_stack arch/x86/kernel/dumpstack.c:167 [inline] show_trace_log_lvl+0x5b8/0x670 arch/x86/kernel/dumpstack.c:292 __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0xd6/0x122 lib/dump_stack.c:106 dump_stack+0x11/0x1b lib/dump_stack.c:113 fail_dump lib/fault-inject.c:52 [inline] should_fail+0x23c/0x250 lib/fault-inject.c:146 should_fail_usercopy+0x16/0x20 lib/fault-inject-usercopy.c:37 _copy_from_user+0x1a/0xc0 lib/usercopy.c:14 copy_from_user include/linux/uaccess.h:152 [inline] ____sys_sendmsg+0x1b8/0x510 net/socket.c:2391 ___sys_sendmsg net/socket.c:2467 [inline] __sys_sendmsg+0x195/0x230 net/socket.c:2496 __do_sys_sendmsg net/socket.c:2505 [inline] __se_sys_sendmsg net/socket.c:2503 [inline] __x64_sys_sendmsg+0x42/0x50 net/socket.c:2503 do_syscall_x64 arch/x86/entry/common.c:50 [inline] do_syscall_64+0x2b/0x70 arch/x86/entry/common.c:80 entry_SYSCALL_64_after_hwframe+0x44/0xae read to 0xffffffff86dbd928 of 8 bytes by task 21365 on cpu 1: data_make_reusable kernel/printk/printk_ringbuffer.c:590 [inline] data_push_tail+0x138/0x470 kernel/printk/printk_ringbuffer.c:675 data_alloc+0xbc/0x2b0 kernel/printk/printk_ringbuffer.c:1046 prb_reserve+0x931/0xc10 kernel/printk/printk_ringbuffer.c:1555 vprintk_store+0x560/0xbb0 kernel/printk/printk.c:2199 vprintk_emit+0xcc/0x430 kernel/printk/printk.c:2256 vprintk_default+0x22/0x30 kernel/printk/printk.c:2283 vprintk+0x7f/0x90 kernel/printk/printk_safe.c:50 _printk+0x76/0x97 kernel/printk/printk.c:2293 fail_dump lib/fault-inject.c:45 [inline] should_fail+0x223/0x250 lib/fault-inject.c:146 __should_failslab+0x81/0x90 mm/failslab.c:33 should_failslab+0x5/0x20 mm/slab_common.c:1304 slab_pre_alloc_hook mm/slab.h:724 [inline] slab_alloc mm/slab.c:3299 [inline] __kmem_cache_alloc_lru mm/slab.c:3492 [inline] kmem_cache_alloc+0x4f/0x320 mm/slab.c:3512 anon_vma_alloc mm/rmap.c:90 [inline] __anon_vma_prepare+0x92/0x2c0 mm/rmap.c:198 anon_vma_prepare include/linux/rmap.h:150 [inline] do_anonymous_page+0x7d9/0xad0 mm/memory.c:3769 handle_pte_fault mm/memory.c:4566 [inline] __handle_mm_fault mm/memory.c:4704 [inline] handle_mm_fault+0x69f/0xca0 mm/memory.c:4802 do_user_addr_fault+0x617/0xb90 arch/x86/mm/fault.c:1397 handle_page_fault arch/x86/mm/fault.c:1484 [inline] exc_page_fault+0x91/0x290 arch/x86/mm/fault.c:1540 asm_exc_page_fault+0x1e/0x30 copy_user_enhanced_fast_string+0xe/0x40 copy_user_generic arch/x86/include/asm/uaccess_64.h:37 [inline] raw_copy_to_user arch/x86/include/asm/uaccess_64.h:58 [inline] _copy_to_user+0x72/0x90 lib/usercopy.c:33 copy_to_user include/linux/uaccess.h:160 [inline] __do_sys_getrusage kernel/sys.c:1833 [inline] __se_sys_getrusage kernel/sys.c:1824 [inline] __x64_sys_getrusage+0xac/0x100 kernel/sys.c:1824 do_syscall_x64 arch/x86/entry/common.c:50 [inline] do_syscall_64+0x2b/0x70 arch/x86/entry/common.c:80 entry_SYSCALL_64_after_hwframe+0x44/0xae value changed: 0x00000001000018d6 -> 0x3152206639323437 Reported by Kernel Concurrency Sanitizer on: CPU: 1 PID: 21365 Comm: syz-executor.1 Not tainted 5.17.0-syzkaller-04443-ged4643521e6a-dirty #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 ================================================================== CPU: 1 PID: 21365 Comm: syz-executor.1 Not tainted 5.17.0-syzkaller-04443-ged4643521e6a-dirty #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 Call Trace: __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0xd6/0x122 lib/dump_stack.c:106 dump_stack+0x11/0x1b lib/dump_stack.c:113 fail_dump lib/fault-inject.c:52 [inline] should_fail+0x23c/0x250 lib/fault-inject.c:146 __should_failslab+0x81/0x90 mm/failslab.c:33 should_failslab+0x5/0x20 mm/slab_common.c:1304 slab_pre_alloc_hook mm/slab.h:724 [inline] slab_alloc mm/slab.c:3299 [inline] __kmem_cache_alloc_lru mm/slab.c:3492 [inline] kmem_cache_alloc+0x4f/0x320 mm/slab.c:3512 anon_vma_alloc mm/rmap.c:90 [inline] __anon_vma_prepare+0x92/0x2c0 mm/rmap.c:198 anon_vma_prepare include/linux/rmap.h:150 [inline] do_anonymous_page+0x7d9/0xad0 mm/memory.c:3769 handle_pte_fault mm/memory.c:4566 [inline] __handle_mm_fault mm/memory.c:4704 [inline] handle_mm_fault+0x69f/0xca0 mm/memory.c:4802 do_user_addr_fault+0x617/0xb90 arch/x86/mm/fault.c:1397 handle_page_fault arch/x86/mm/fault.c:1484 [inline] exc_page_fault+0x91/0x290 arch/x86/mm/fault.c:1540 asm_exc_page_fault+0x1e/0x30 RIP: 0010:copy_user_enhanced_fast_string+0xe/0x40 Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 01 ca c3 8d 0c ca 89 ca eb 20 0f 01 cb 83 fa 40 0f 82 60 ff ff ff 89 d1 a4 31 c0 0f 01 ca c3 89 ca eb 06 66 0f 1f 44 00 00 83 f8 12 74 RSP: 0018:ffffc90009f67e60 EFLAGS: 00050206 RAX: ffff888118230ab8 RBX: 00007fffffffef70 RCX: 0000000000000090 RDX: 0000000000000090 RSI: ffffc90009f67e90 RDI: 0000000020000080 RBP: 0000000000000000 R08: 0001ffffffffffff R09: 0000000000000000 R10: 0001c90009f67e90 R11: 0001c90009f67f1f R12: 0000000000000090 R13: 0000000000000000 R14: 0000000020000080 R15: ffffc90009f67e90 copy_user_generic arch/x86/include/asm/uaccess_64.h:37 [inline] raw_copy_to_user arch/x86/include/asm/uaccess_64.h:58 [inline] _copy_to_user+0x72/0x90 lib/usercopy.c:33 copy_to_user include/linux/uaccess.h:160 [inline] __do_sys_getrusage kernel/sys.c:1833 [inline] __se_sys_getrusage kernel/sys.c:1824 [inline] __x64_sys_getrusage+0xac/0x100 kernel/sys.c:1824 do_syscall_x64 arch/x86/entry/common.c:50 [inline] do_syscall_64+0x2b/0x70 arch/x86/entry/common.c:80 entry_SYSCALL_64_after_hwframe+0x44/0xae RIP: 0033:0x7f4182790049 Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48 RSP: 002b:00007f41818e5168 EFLAGS: 00000246 ORIG_RAX: 0000000000000062 RAX: ffffffffffffffda RBX: 00007f41828a3030 RCX: 00007f4182790049 RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000000 RBP: 00007f41818e51d0 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 R13: 00007ffe0a859b5f R14: 00007f41818e5300 R15: 0000000000022000 ---------------- Code disassembly (best guess): 0: 89 d1 mov %edx,%ecx 2: c1 e9 03 shr $0x3,%ecx 5: 83 e2 07 and $0x7,%edx 8: f3 48 a5 rep movsq %ds:(%rsi),%es:(%rdi) b: 89 d1 mov %edx,%ecx d: f3 a4 rep movsb %ds:(%rsi),%es:(%rdi) f: 31 c0 xor %eax,%eax 11: 0f 01 ca clac 14: c3 retq 15: 8d 0c ca lea (%rdx,%rcx,8),%ecx 18: 89 ca mov %ecx,%edx 1a: eb 20 jmp 0x3c 1c: 0f 01 cb stac 1f: 83 fa 40 cmp $0x40,%edx 22: 0f 82 60 ff ff ff jb 0xffffff88 28: 89 d1 mov %edx,%ecx * 2a: f3 a4 rep movsb %ds:(%rsi),%es:(%rdi) <-- trapping instruction 2c: 31 c0 xor %eax,%eax 2e: 0f 01 ca clac 31: c3 retq 32: 89 ca mov %ecx,%edx 34: eb 06 jmp 0x3c 36: 66 0f 1f 44 00 00 nopw 0x0(%rax,%rax,1) 3c: 83 f8 12 cmp $0x12,%eax 3f: 74 .byte 0x74