KCSAN: data-race in shmem_add_to_page_cache / shmem_recalc_inode
5 views
Skip to first unread message
syzbot
Jan 29, 2020, 7:07:12 PM1/29/20
to syzkaller-upst...@googlegroups.com
Hello,
syzbot found the following crash on:
HEAD commit: 245a4300 Merge branch 'rcu/kcsan' into tip/locking/kcsan
git tree: https://github.com/google/ktsan.git kcsan
console output: https://syzkaller.appspot.com/x/log.txt?x=15a48e95e00000
kernel config: https://syzkaller.appspot.com/x/.config?x=a4b9db179318d21f
dashboard link: https://syzkaller.appspot.com/bug?extid=f9fe50259a8817f3a9b8
compiler: gcc (GCC) 9.0.0 20181231 (experimental)
CC: [ak...@linux-foundation.org hu...@google.com linux-...@vger.kernel.org linu...@kvack.org el...@google.com]
Unfortunately, I don't have any reproducer for this crash yet.
IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+f9fe50...@syzkaller.appspotmail.com
==================================================================
BUG: KCSAN: data-race in shmem_add_to_page_cache / shmem_recalc_inode
write to 0xffff888098c19b48 of 8 bytes by task 9896 on cpu 0:
shmem_add_to_page_cache+0x497/0x6b0 mm/shmem.c:643
shmem_getpage_gfp+0x3fd/0x1390 mm/shmem.c:1876
shmem_fault+0x114/0x470 mm/shmem.c:2067
__do_fault+0xae/0x1f0 mm/memory.c:3188
do_read_fault mm/memory.c:3585 [inline]
do_fault mm/memory.c:3714 [inline]
handle_pte_fault mm/memory.c:3945 [inline]
__handle_mm_fault+0x270d/0x2e00 mm/memory.c:4075
handle_mm_fault+0x21b/0x530 mm/memory.c:4112
faultin_page mm/gup.c:640 [inline]
__get_user_pages+0x485/0x1130 mm/gup.c:851
populate_vma_page_range+0xe6/0x100 mm/gup.c:1235
__mm_populate+0x168/0x2a0 mm/gup.c:1283
mm_populate include/linux/mm.h:2347 [inline]
vm_mmap_pgoff+0x181/0x190 mm/util.c:511
ksys_mmap_pgoff+0x99/0x420 mm/mmap.c:1607
__do_sys_mmap arch/x86/kernel/sys_x86_64.c:100 [inline]
__se_sys_mmap arch/x86/kernel/sys_x86_64.c:91 [inline]
__x64_sys_mmap+0x2e/0x40 arch/x86/kernel/sys_x86_64.c:91
do_syscall_64+0xcc/0x3a0 arch/x86/entry/common.c:294
entry_SYSCALL_64_after_hwframe+0x44/0xa9
read to 0xffff888098c19b48 of 8 bytes by task 9893 on cpu 1:
shmem_recalc_inode+0x54/0x190 mm/shmem.c:306
shmem_getpage_gfp+0x552/0x1390 mm/shmem.c:1890
shmem_fault+0x114/0x470 mm/shmem.c:2067
__do_fault+0xae/0x1f0 mm/memory.c:3188
do_shared_fault mm/memory.c:3640 [inline]
do_fault mm/memory.c:3718 [inline]
handle_pte_fault mm/memory.c:3945 [inline]
__handle_mm_fault+0x1ddb/0x2e00 mm/memory.c:4075
handle_mm_fault+0x21b/0x530 mm/memory.c:4112
faultin_page mm/gup.c:640 [inline]
__get_user_pages+0x485/0x1130 mm/gup.c:851
__get_user_pages_locked mm/gup.c:1029 [inline]
get_user_pages_remote+0x206/0x3e0 mm/gup.c:1175
process_vm_rw_single_vec mm/process_vm_access.c:109 [inline]
process_vm_rw_core.isra.0+0x3a4/0x910 mm/process_vm_access.c:216
process_vm_rw+0x1c4/0x1e0 mm/process_vm_access.c:284
__do_sys_process_vm_writev mm/process_vm_access.c:306 [inline]
__se_sys_process_vm_writev mm/process_vm_access.c:301 [inline]
__x64_sys_process_vm_writev+0x8b/0xb0 mm/process_vm_access.c:301
do_syscall_64+0xcc/0x3a0 arch/x86/entry/common.c:294
entry_SYSCALL_64_after_hwframe+0x44/0xa9
Reported by Kernel Concurrency Sanitizer on:
CPU: 1 PID: 9893 Comm: syz-executor.5 Not tainted 5.5.0-rc1-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
==================================================================
---
This bug is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this bug report. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot found the following crash on:
HEAD commit: 245a4300 Merge branch 'rcu/kcsan' into tip/locking/kcsan
git tree: https://github.com/google/ktsan.git kcsan
console output: https://syzkaller.appspot.com/x/log.txt?x=15a48e95e00000
kernel config: https://syzkaller.appspot.com/x/.config?x=a4b9db179318d21f
dashboard link: https://syzkaller.appspot.com/bug?extid=f9fe50259a8817f3a9b8
compiler: gcc (GCC) 9.0.0 20181231 (experimental)
CC: [ak...@linux-foundation.org hu...@google.com linux-...@vger.kernel.org linu...@kvack.org el...@google.com]
Unfortunately, I don't have any reproducer for this crash yet.
IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+f9fe50...@syzkaller.appspotmail.com
==================================================================
BUG: KCSAN: data-race in shmem_add_to_page_cache / shmem_recalc_inode
write to 0xffff888098c19b48 of 8 bytes by task 9896 on cpu 0:
shmem_add_to_page_cache+0x497/0x6b0 mm/shmem.c:643
shmem_getpage_gfp+0x3fd/0x1390 mm/shmem.c:1876
shmem_fault+0x114/0x470 mm/shmem.c:2067
__do_fault+0xae/0x1f0 mm/memory.c:3188
do_read_fault mm/memory.c:3585 [inline]
do_fault mm/memory.c:3714 [inline]
handle_pte_fault mm/memory.c:3945 [inline]
__handle_mm_fault+0x270d/0x2e00 mm/memory.c:4075
handle_mm_fault+0x21b/0x530 mm/memory.c:4112
faultin_page mm/gup.c:640 [inline]
__get_user_pages+0x485/0x1130 mm/gup.c:851
populate_vma_page_range+0xe6/0x100 mm/gup.c:1235
__mm_populate+0x168/0x2a0 mm/gup.c:1283
mm_populate include/linux/mm.h:2347 [inline]
vm_mmap_pgoff+0x181/0x190 mm/util.c:511
ksys_mmap_pgoff+0x99/0x420 mm/mmap.c:1607
__do_sys_mmap arch/x86/kernel/sys_x86_64.c:100 [inline]
__se_sys_mmap arch/x86/kernel/sys_x86_64.c:91 [inline]
__x64_sys_mmap+0x2e/0x40 arch/x86/kernel/sys_x86_64.c:91
do_syscall_64+0xcc/0x3a0 arch/x86/entry/common.c:294
entry_SYSCALL_64_after_hwframe+0x44/0xa9
read to 0xffff888098c19b48 of 8 bytes by task 9893 on cpu 1:
shmem_recalc_inode+0x54/0x190 mm/shmem.c:306
shmem_getpage_gfp+0x552/0x1390 mm/shmem.c:1890
shmem_fault+0x114/0x470 mm/shmem.c:2067
__do_fault+0xae/0x1f0 mm/memory.c:3188
do_shared_fault mm/memory.c:3640 [inline]
do_fault mm/memory.c:3718 [inline]
handle_pte_fault mm/memory.c:3945 [inline]
__handle_mm_fault+0x1ddb/0x2e00 mm/memory.c:4075
handle_mm_fault+0x21b/0x530 mm/memory.c:4112
faultin_page mm/gup.c:640 [inline]
__get_user_pages+0x485/0x1130 mm/gup.c:851
__get_user_pages_locked mm/gup.c:1029 [inline]
get_user_pages_remote+0x206/0x3e0 mm/gup.c:1175
process_vm_rw_single_vec mm/process_vm_access.c:109 [inline]
process_vm_rw_core.isra.0+0x3a4/0x910 mm/process_vm_access.c:216
process_vm_rw+0x1c4/0x1e0 mm/process_vm_access.c:284
__do_sys_process_vm_writev mm/process_vm_access.c:306 [inline]
__se_sys_process_vm_writev mm/process_vm_access.c:301 [inline]
__x64_sys_process_vm_writev+0x8b/0xb0 mm/process_vm_access.c:301
do_syscall_64+0xcc/0x3a0 arch/x86/entry/common.c:294
entry_SYSCALL_64_after_hwframe+0x44/0xa9
Reported by Kernel Concurrency Sanitizer on:
CPU: 1 PID: 9893 Comm: syz-executor.5 Not tainted 5.5.0-rc1-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
==================================================================
---
This bug is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this bug report. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot
Jul 16, 2020, 12:35:11 PM7/16/20
to syzkaller-upst...@googlegroups.com
Auto-closing this bug as obsolete.
Crashes did not happen for a while, no reproducer and no activity.
Crashes did not happen for a while, no reproducer and no activity.
Reply all
Reply to author
Forward
0 new messages