KCSAN: data-race in task_dump_owner / task_dump_owner

All of lore.kernel.org
 help / color / mirror / Atom feed

From: syzbot <syzbot+e392f8008a294fdf8891@syzkaller.appspotmail.com>
To: adobriyan@gmail.com, akpm@linux-foundation.org,
	casey@schaufler-ca.com, christian@brauner.io, elver@google.com,
	keescook@chromium.org, kent.overstreet@gmail.com,
	khlebnikov@yandex-team.ru, linux-fsdevel@vger.kernel.org,
	linux-kernel@vger.kernel.org, mhocko@suse.com,
	shakeelb@google.com, syzkaller-bugs@googlegroups.com,
	tglx@linutronix.de
Subject: KCSAN: data-race in task_dump_owner / task_dump_owner
Date: Thu, 17 Oct 2019 05:36:08 -0700	[thread overview]
Message-ID: <000000000000328b2905951a7667@google.com> (raw)

Hello,

syzbot found the following crash on:

HEAD commit:    d724f94f x86, kcsan: Enable KCSAN for x86
git tree:       https://github.com/google/ktsan.git kcsan
console output: https://syzkaller.appspot.com/x/log.txt?x=17884db3600000
kernel config:  https://syzkaller.appspot.com/x/.config?x=c0906aa620713d80
dashboard link: https://syzkaller.appspot.com/bug?extid=e392f8008a294fdf8891
compiler:       gcc (GCC) 9.0.0 20181231 (experimental)

Unfortunately, I don't have any reproducer for this crash yet.

IMPORTANT: if you fix the bug, please add the following tag to the commit:
Reported-by: syzbot+e392f8008a294fdf8891@syzkaller.appspotmail.com

==================================================================
BUG: KCSAN: data-race in task_dump_owner / task_dump_owner

write to 0xffff8881255bb7fc of 4 bytes by task 7804 on cpu 0:
  task_dump_owner+0xd8/0x260 fs/proc/base.c:1742
  pid_update_inode+0x3c/0x70 fs/proc/base.c:1818
  pid_revalidate+0x91/0xd0 fs/proc/base.c:1841
  d_revalidate fs/namei.c:765 [inline]
  d_revalidate fs/namei.c:762 [inline]
  lookup_fast+0x7cb/0x7e0 fs/namei.c:1613
  walk_component+0x6d/0xe80 fs/namei.c:1804
  link_path_walk.part.0+0x5d3/0xa90 fs/namei.c:2139
  link_path_walk fs/namei.c:2070 [inline]
  path_openat+0x14f/0x3530 fs/namei.c:3532
  do_filp_open+0x11e/0x1b0 fs/namei.c:3563
  do_sys_open+0x3b3/0x4f0 fs/open.c:1089
  __do_sys_open fs/open.c:1107 [inline]
  __se_sys_open fs/open.c:1102 [inline]
  __x64_sys_open+0x55/0x70 fs/open.c:1102
  do_syscall_64+0xcf/0x2f0 arch/x86/entry/common.c:296
  entry_SYSCALL_64_after_hwframe+0x44/0xa9

write to 0xffff8881255bb7fc of 4 bytes by task 7813 on cpu 1:
  task_dump_owner+0xd8/0x260 fs/proc/base.c:1742
  pid_update_inode+0x3c/0x70 fs/proc/base.c:1818
  pid_revalidate+0x91/0xd0 fs/proc/base.c:1841
  d_revalidate fs/namei.c:765 [inline]
  d_revalidate fs/namei.c:762 [inline]
  lookup_fast+0x7cb/0x7e0 fs/namei.c:1613
  walk_component+0x6d/0xe80 fs/namei.c:1804
  lookup_last fs/namei.c:2271 [inline]
  path_lookupat.isra.0+0x13a/0x5a0 fs/namei.c:2316
  filename_lookup+0x145/0x2d0 fs/namei.c:2346
  user_path_at_empty+0x4c/0x70 fs/namei.c:2606
  user_path_at include/linux/namei.h:60 [inline]
  vfs_statx+0xd9/0x190 fs/stat.c:187
  vfs_stat include/linux/fs.h:3188 [inline]
  __do_sys_newstat+0x51/0xb0 fs/stat.c:341
  __se_sys_newstat fs/stat.c:337 [inline]
  __x64_sys_newstat+0x3a/0x50 fs/stat.c:337
  do_syscall_64+0xcf/0x2f0 arch/x86/entry/common.c:296
  entry_SYSCALL_64_after_hwframe+0x44/0xa9

Reported by Kernel Concurrency Sanitizer on:
CPU: 1 PID: 7813 Comm: ps Not tainted 5.3.0+ #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS  
Google 01/01/2011
==================================================================


---
This bug is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzkaller@googlegroups.com.

syzbot will keep track of this bug report. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.

next             reply	other threads:[~2019-10-17 12:36 UTC|newest]

Thread overview: 6+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-10-17 12:36 syzbot [this message]
2019-10-17 12:56 ` KCSAN: data-race in task_dump_owner / task_dump_owner Marco Elver
2019-10-17 18:17   ` Alexey Dobriyan
2019-10-17 18:32     ` Marco Elver
2019-10-23 17:06       ` Dmitry Vyukov
2019-10-24  8:35         ` Dmitry Vyukov

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=000000000000328b2905951a7667@google.com \
    --to=syzbot+e392f8008a294fdf8891@syzkaller.appspotmail.com \
    --cc=adobriyan@gmail.com \
    --cc=akpm@linux-foundation.org \
    --cc=casey@schaufler-ca.com \
    --cc=christian@brauner.io \
    --cc=elver@google.com \
    --cc=keescook@chromium.org \
    --cc=kent.overstreet@gmail.com \
    --cc=khlebnikov@yandex-team.ru \
    --cc=linux-fsdevel@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=mhocko@suse.com \
    --cc=shakeelb@google.com \
    --cc=syzkaller-bugs@googlegroups.com \
    --cc=tglx@linutronix.de \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.