KCSAN: data-race in copy_process / copy_process (2)
16 views
Skip to first unread message
syzbot
Jan 6, 2020, 3:44:10 PM1/6/20
to syzkaller-upst...@googlegroups.com
Hello,
syzbot found the following crash on:
HEAD commit: 245a4300 Merge branch 'rcu/kcsan' into tip/locking/kcsan
git tree: https://github.com/google/ktsan.git kcsan
console output: https://syzkaller.appspot.com/x/log.txt?x=11df8799e00000
kernel config: https://syzkaller.appspot.com/x/.config?x=a38292766f8efdaa
dashboard link: https://syzkaller.appspot.com/bug?extid=52fced2d288f8ecd2b20
compiler: gcc (GCC) 9.0.0 20181231 (experimental)
CC: [ak...@linux-foundation.org chri...@brauner.io
kees...@chromium.org linux-...@vger.kernel.org lu...@amacapital.net
mi...@kernel.org pet...@infradead.org tg...@linutronix.de w...@chromium.org
el...@google.com]
Unfortunately, I don't have any reproducer for this crash yet.
IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+52fced...@syzkaller.appspotmail.com
==================================================================
BUG: KCSAN: data-race in copy_process / copy_process
write to 0xffffffff86205cf8 of 4 bytes by task 14779 on cpu 1:
copy_process+0x2eba/0x3c40 kernel/fork.c:2273
_do_fork+0xfe/0x7a0 kernel/fork.c:2421
__do_sys_clone kernel/fork.c:2576 [inline]
__se_sys_clone kernel/fork.c:2557 [inline]
__x64_sys_clone+0x130/0x170 kernel/fork.c:2557
do_syscall_64+0xcc/0x3a0 arch/x86/entry/common.c:294
entry_SYSCALL_64_after_hwframe+0x44/0xa9
read to 0xffffffff86205cf8 of 4 bytes by task 6944 on cpu 0:
copy_process+0x94d/0x3c40 kernel/fork.c:1954
_do_fork+0xfe/0x7a0 kernel/fork.c:2421
__do_sys_clone kernel/fork.c:2576 [inline]
__se_sys_clone kernel/fork.c:2557 [inline]
__x64_sys_clone+0x130/0x170 kernel/fork.c:2557
do_syscall_64+0xcc/0x3a0 arch/x86/entry/common.c:294
entry_SYSCALL_64_after_hwframe+0x44/0xa9
Reported by Kernel Concurrency Sanitizer on:
CPU: 0 PID: 6944 Comm: syz-executor.0 Not tainted 5.5.0-rc1-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS
Google 01/01/2011
==================================================================
Kernel panic - not syncing: panic_on_warn set ...
CPU: 0 PID: 6944 Comm: syz-executor.0 Not tainted 5.5.0-rc1-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS
Google 01/01/2011
Call Trace:
__dump_stack lib/dump_stack.c:77 [inline]
dump_stack+0x11d/0x181 lib/dump_stack.c:118
panic+0x210/0x640 kernel/panic.c:221
kcsan_report.cold+0xc/0xd kernel/kcsan/report.c:313
kcsan_setup_watchpoint+0x3fe/0x460 kernel/kcsan/core.c:416
check_access kernel/kcsan/core.c:459 [inline]
__tsan_read4+0xc6/0x100 kernel/kcsan/core.c:588
copy_process+0x94d/0x3c40 kernel/fork.c:1954
_do_fork+0xfe/0x7a0 kernel/fork.c:2421
__do_sys_clone kernel/fork.c:2576 [inline]
__se_sys_clone kernel/fork.c:2557 [inline]
__x64_sys_clone+0x130/0x170 kernel/fork.c:2557
do_syscall_64+0xcc/0x3a0 arch/x86/entry/common.c:294
entry_SYSCALL_64_after_hwframe+0x44/0xa9
RIP: 0033:0x45d919
Code: ff 48 85 f6 0f 84 d7 8c fb ff 48 83 ee 10 48 89 4e 08 48 89 3e 48 89
d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 0f 8c
ae 8c fb ff 74 01 c3 31 ed 48 f7 c7 00 00 01 00 75
RSP: 002b:00007ffc49de1e68 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
RAX: ffffffffffffffda RBX: 00007f2b7bb51700 RCX: 000000000045d919
RDX: 00007f2b7bb519d0 RSI: 00007f2b7bb50db0 RDI: 00000000003d0f00
RBP: 00007ffc49de2080 R08: 00007f2b7bb51700 R09: 00007f2b7bb51700
R10: 00007f2b7bb519d0 R11: 0000000000000202 R12: 0000000000000000
R13: 00007ffc49de1f1f R14: 0000000000020000 R15: 000000000213bb70
Kernel Offset: disabled
Rebooting in 86400 seconds..
---
This bug is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this bug report. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
syzbot found the following crash on:
HEAD commit: 245a4300 Merge branch 'rcu/kcsan' into tip/locking/kcsan
git tree: https://github.com/google/ktsan.git kcsan
console output: https://syzkaller.appspot.com/x/log.txt?x=11df8799e00000
kernel config: https://syzkaller.appspot.com/x/.config?x=a38292766f8efdaa
dashboard link: https://syzkaller.appspot.com/bug?extid=52fced2d288f8ecd2b20
compiler: gcc (GCC) 9.0.0 20181231 (experimental)
CC: [ak...@linux-foundation.org chri...@brauner.io
kees...@chromium.org linux-...@vger.kernel.org lu...@amacapital.net
mi...@kernel.org pet...@infradead.org tg...@linutronix.de w...@chromium.org
el...@google.com]
Unfortunately, I don't have any reproducer for this crash yet.
IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+52fced...@syzkaller.appspotmail.com
==================================================================
BUG: KCSAN: data-race in copy_process / copy_process
write to 0xffffffff86205cf8 of 4 bytes by task 14779 on cpu 1:
copy_process+0x2eba/0x3c40 kernel/fork.c:2273
_do_fork+0xfe/0x7a0 kernel/fork.c:2421
__do_sys_clone kernel/fork.c:2576 [inline]
__se_sys_clone kernel/fork.c:2557 [inline]
__x64_sys_clone+0x130/0x170 kernel/fork.c:2557
do_syscall_64+0xcc/0x3a0 arch/x86/entry/common.c:294
entry_SYSCALL_64_after_hwframe+0x44/0xa9
read to 0xffffffff86205cf8 of 4 bytes by task 6944 on cpu 0:
copy_process+0x94d/0x3c40 kernel/fork.c:1954
_do_fork+0xfe/0x7a0 kernel/fork.c:2421
__do_sys_clone kernel/fork.c:2576 [inline]
__se_sys_clone kernel/fork.c:2557 [inline]
__x64_sys_clone+0x130/0x170 kernel/fork.c:2557
do_syscall_64+0xcc/0x3a0 arch/x86/entry/common.c:294
entry_SYSCALL_64_after_hwframe+0x44/0xa9
Reported by Kernel Concurrency Sanitizer on:
CPU: 0 PID: 6944 Comm: syz-executor.0 Not tainted 5.5.0-rc1-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS
Google 01/01/2011
==================================================================
Kernel panic - not syncing: panic_on_warn set ...
CPU: 0 PID: 6944 Comm: syz-executor.0 Not tainted 5.5.0-rc1-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS
Google 01/01/2011
Call Trace:
__dump_stack lib/dump_stack.c:77 [inline]
dump_stack+0x11d/0x181 lib/dump_stack.c:118
panic+0x210/0x640 kernel/panic.c:221
kcsan_report.cold+0xc/0xd kernel/kcsan/report.c:313
kcsan_setup_watchpoint+0x3fe/0x460 kernel/kcsan/core.c:416
check_access kernel/kcsan/core.c:459 [inline]
__tsan_read4+0xc6/0x100 kernel/kcsan/core.c:588
copy_process+0x94d/0x3c40 kernel/fork.c:1954
_do_fork+0xfe/0x7a0 kernel/fork.c:2421
__do_sys_clone kernel/fork.c:2576 [inline]
__se_sys_clone kernel/fork.c:2557 [inline]
__x64_sys_clone+0x130/0x170 kernel/fork.c:2557
do_syscall_64+0xcc/0x3a0 arch/x86/entry/common.c:294
entry_SYSCALL_64_after_hwframe+0x44/0xa9
RIP: 0033:0x45d919
Code: ff 48 85 f6 0f 84 d7 8c fb ff 48 83 ee 10 48 89 4e 08 48 89 3e 48 89
d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 0f 8c
ae 8c fb ff 74 01 c3 31 ed 48 f7 c7 00 00 01 00 75
RSP: 002b:00007ffc49de1e68 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
RAX: ffffffffffffffda RBX: 00007f2b7bb51700 RCX: 000000000045d919
RDX: 00007f2b7bb519d0 RSI: 00007f2b7bb50db0 RDI: 00000000003d0f00
RBP: 00007ffc49de2080 R08: 00007f2b7bb51700 R09: 00007f2b7bb51700
R10: 00007f2b7bb519d0 R11: 0000000000000202 R12: 0000000000000000
R13: 00007ffc49de1f1f R14: 0000000000020000 R15: 000000000213bb70
Kernel Offset: disabled
Rebooting in 86400 seconds..
---
This bug is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this bug report. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
Reply all
Reply to author
Forward
0 new messages