[mm?] KCSAN: data-race in lock_vma_under_rcu / vma_prepare
8 views
Skip to first unread message
syzbot
May 2, 2023, 4:24:52 AM5/2/23
to syzkaller-upst...@googlegroups.com
Hello,
syzbot found the following issue on:
HEAD commit: 58390c8ce1bd Merge tag 'iommu-updates-v6.4' of git://git.k..
git tree: upstream
console output: https://syzkaller.appspot.com/x/log.txt?x=167cfd68280000
kernel config: https://syzkaller.appspot.com/x/.config?x=5fdf936bf9b9508c
dashboard link: https://syzkaller.appspot.com/bug?extid=34e2a43a399a22924163
compiler: Debian clang version 15.0.7, GNU ld (GNU Binutils for Debian) 2.35.2
CC: [ak...@linux-foundation.org linux-...@vger.kernel.org linu...@kvack.org]
Unfortunately, I don't have any reproducer for this issue yet.
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/71d76dd0ed4b/disk-58390c8c.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/28eaf59093a1/vmlinux-58390c8c.xz
kernel image: https://storage.googleapis.com/syzbot-assets/93ced0061184/bzImage-58390c8c.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+34e2a4...@syzkaller.appspotmail.com
==================================================================
BUG: KCSAN: data-race in lock_vma_under_rcu / vma_prepare
write to 0xffff88813707f0d0 of 4 bytes by task 15416 on cpu 1:
vma_start_write include/linux/mm.h:689 [inline]
vma_prepare+0x11f/0x520 mm/mmap.c:511
vma_merge+0x539/0xc30 mm/mmap.c:1031
mprotect_fixup+0x2e0/0x650 mm/mprotect.c:674
do_mprotect_pkey+0x63d/0x920 mm/mprotect.c:860
__do_sys_mprotect mm/mprotect.c:881 [inline]
__se_sys_mprotect mm/mprotect.c:878 [inline]
__x64_sys_mprotect+0x48/0x50 mm/mprotect.c:878
do_syscall_x64 arch/x86/entry/common.c:50 [inline]
do_syscall_64+0x41/0xc0 arch/x86/entry/common.c:80
entry_SYSCALL_64_after_hwframe+0x63/0xcd
read to 0xffff88813707f0d0 of 4 bytes by task 15419 on cpu 0:
vma_start_read include/linux/mm.h:643 [inline]
lock_vma_under_rcu+0xcd/0x2b0 mm/memory.c:5291
do_user_addr_fault arch/x86/mm/fault.c:1341 [inline]
handle_page_fault arch/x86/mm/fault.c:1534 [inline]
exc_page_fault+0x16e/0x790 arch/x86/mm/fault.c:1590
asm_exc_page_fault+0x26/0x30 arch/x86/include/asm/idtentry.h:570
value changed: 0x00000007 -> 0x00000009
Reported by Kernel Concurrency Sanitizer on:
CPU: 0 PID: 15419 Comm: syz-executor.0 Not tainted 6.3.0-syzkaller-12049-g58390c8ce1bd #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/14/2023
==================================================================
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
If the bug is already fixed, let syzbot know by replying with:
#syz fix: exact-commit-title
If you want to change bug's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)
If the bug is a duplicate of another bug, reply with:
#syz dup: exact-subject-of-another-report
If you want to undo deduplication, reply with:
#syz undup
syzbot found the following issue on:
HEAD commit: 58390c8ce1bd Merge tag 'iommu-updates-v6.4' of git://git.k..
git tree: upstream
console output: https://syzkaller.appspot.com/x/log.txt?x=167cfd68280000
kernel config: https://syzkaller.appspot.com/x/.config?x=5fdf936bf9b9508c
dashboard link: https://syzkaller.appspot.com/bug?extid=34e2a43a399a22924163
compiler: Debian clang version 15.0.7, GNU ld (GNU Binutils for Debian) 2.35.2
CC: [ak...@linux-foundation.org linux-...@vger.kernel.org linu...@kvack.org]
Unfortunately, I don't have any reproducer for this issue yet.
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/71d76dd0ed4b/disk-58390c8c.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/28eaf59093a1/vmlinux-58390c8c.xz
kernel image: https://storage.googleapis.com/syzbot-assets/93ced0061184/bzImage-58390c8c.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+34e2a4...@syzkaller.appspotmail.com
==================================================================
BUG: KCSAN: data-race in lock_vma_under_rcu / vma_prepare
write to 0xffff88813707f0d0 of 4 bytes by task 15416 on cpu 1:
vma_start_write include/linux/mm.h:689 [inline]
vma_prepare+0x11f/0x520 mm/mmap.c:511
vma_merge+0x539/0xc30 mm/mmap.c:1031
mprotect_fixup+0x2e0/0x650 mm/mprotect.c:674
do_mprotect_pkey+0x63d/0x920 mm/mprotect.c:860
__do_sys_mprotect mm/mprotect.c:881 [inline]
__se_sys_mprotect mm/mprotect.c:878 [inline]
__x64_sys_mprotect+0x48/0x50 mm/mprotect.c:878
do_syscall_x64 arch/x86/entry/common.c:50 [inline]
do_syscall_64+0x41/0xc0 arch/x86/entry/common.c:80
entry_SYSCALL_64_after_hwframe+0x63/0xcd
read to 0xffff88813707f0d0 of 4 bytes by task 15419 on cpu 0:
vma_start_read include/linux/mm.h:643 [inline]
lock_vma_under_rcu+0xcd/0x2b0 mm/memory.c:5291
do_user_addr_fault arch/x86/mm/fault.c:1341 [inline]
handle_page_fault arch/x86/mm/fault.c:1534 [inline]
exc_page_fault+0x16e/0x790 arch/x86/mm/fault.c:1590
asm_exc_page_fault+0x26/0x30 arch/x86/include/asm/idtentry.h:570
value changed: 0x00000007 -> 0x00000009
Reported by Kernel Concurrency Sanitizer on:
CPU: 0 PID: 15419 Comm: syz-executor.0 Not tainted 6.3.0-syzkaller-12049-g58390c8ce1bd #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/14/2023
==================================================================
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
If the bug is already fixed, let syzbot know by replying with:
#syz fix: exact-commit-title
If you want to change bug's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)
If the bug is a duplicate of another bug, reply with:
#syz dup: exact-subject-of-another-report
If you want to undo deduplication, reply with:
#syz undup
syzbot
Aug 25, 2023, 5:55:39 AM8/25/23
to syzkaller-upst...@googlegroups.com
Auto-closing this bug as obsolete.
Crashes did not happen for a while, no reproducer and no activity.
Crashes did not happen for a while, no reproducer and no activity.
Reply all
Reply to author
Forward
0 new messages