From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id B2C15CA0EFD for ; Fri, 30 Aug 2024 18:04:18 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 4A72D8D0005; Fri, 30 Aug 2024 14:04:18 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 458408D0002; Fri, 30 Aug 2024 14:04:18 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 2F9888D0005; Fri, 30 Aug 2024 14:04:18 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0011.hostedemail.com [216.40.44.11]) by kanga.kvack.org (Postfix) with ESMTP id 09A768D0002 for ; Fri, 30 Aug 2024 14:04:18 -0400 (EDT) Received: from smtpin02.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay09.hostedemail.com (Postfix) with ESMTP id 6FFB88035D for ; Fri, 30 Aug 2024 18:04:17 +0000 (UTC) X-FDA: 82509686154.02.DB57CFF Received: from mail-ej1-f51.google.com (mail-ej1-f51.google.com [209.85.218.51]) by imf28.hostedemail.com (Postfix) with ESMTP id 710FEC0017 for ; Fri, 30 Aug 2024 18:04:15 +0000 (UTC) Authentication-Results: imf28.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=AHUIBPNB; spf=pass (imf28.hostedemail.com: domain of yosryahmed@google.com designates 209.85.218.51 as permitted sender) smtp.mailfrom=yosryahmed@google.com; dmarc=pass (policy=reject) header.from=google.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1725041034; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=VMJEJ0mgWPS/u1UL/uZmUQxpZyJybEAjbxvXKENMJBs=; b=5/0d7+z2l07Zprje4GFg1IjTij3WUNN0M6gnRqE+fcr8NBUCnS5JIa67CXcDNf8KnHqxQX dsOFWOPQs+q6q9B1jqQv/+cjVAWDqlzL37XsFQseEGD5eKw/ZVBZNgS00OMA1ey8s+dB0d Cw+4e4kMhpAOnfxEupNTSi9eIQISTu8= ARC-Authentication-Results: i=1; imf28.hostedemail.com; dkim=pass header.d=google.com header.s=20230601 header.b=AHUIBPNB; spf=pass (imf28.hostedemail.com: domain of yosryahmed@google.com designates 209.85.218.51 as permitted sender) smtp.mailfrom=yosryahmed@google.com; dmarc=pass (policy=reject) header.from=google.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1725041034; a=rsa-sha256; cv=none; b=AeKOap0fSTUwr2g6wqT7YswB8W0PlG+t570Up9cG6DeSC8oKDzs3Cz6aNbCkVCSZcfZd4Q sfkfw0Ml/xNhInk38ogvjVuYG6sIfuuo2ymuVvnTbvZjH30dXGxWiYTwg3Wlk02QXfROLO 8HalaYraXoOqJF18nF0SzHSAgp2xlno= Received: by mail-ej1-f51.google.com with SMTP id a640c23a62f3a-a8692bbec79so251421666b.3 for ; Fri, 30 Aug 2024 11:04:15 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1725041054; x=1725645854; darn=kvack.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=VMJEJ0mgWPS/u1UL/uZmUQxpZyJybEAjbxvXKENMJBs=; b=AHUIBPNBJnpmFD3e8DCta3qSehhhGKHdhvp+7AMGxU48cbETAC0mhEta8wVk3vE7ZW DtXyqOV6XZEyE20EjQ4jAbMNiD2b3Z6KjWqmbwA4APpTkTViWdFu6OW2B+e20AV52Alk Qh7FKod02DuL4HtTsfTJNgyN09MQNqSrXVpccM9/b6+J95N9KziWg2n4/cFmiMXLgJmB HRad3tJ99rQJ4IL2cS+Menu28V6qluNL2n1NFhZNfWRPZWJBA0q+v8v5Y/EO3huILV+3 R/5IqtoCSia9TmZOzpCXFEgDxjhPo5wq0Am5dqhuwkAFXKiVcIggMgnTmtyo+VqlRe2g RMMQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1725041054; x=1725645854; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=VMJEJ0mgWPS/u1UL/uZmUQxpZyJybEAjbxvXKENMJBs=; b=eUrK4FBrEBL1+kJ4kY+dmUJevI6Bb6nZheJgO2kndUW+EM109KLs6w7QiLebUJoMHR GfXmAiW4PMcpAcCInkClSRw1tHm5Dfv+o/iQZ/f84LVP5EfQoyw4akUUGX7LDjsMl3WF e+XcogrlfQ2dp9z+XtjskP3iGgQsYCFzmIbHlptJ0BRX6CQKUgsE3vxVRPXK5eiA/0mc 97nm90K11yOZs//nwGAShu499T99SqVT//zLHROO2QIPTD5FyXzYXVyqCTIQvGWaqHeE GTUStenWDoRRzUTiuNj0u1yuyE+FqnBoA38RCB3czy3YP0oq6zlMl4cG3miFz4NGgs3i +tNA== X-Forwarded-Encrypted: i=1; AJvYcCXj8IQalQFjn0eoZd/X6Pttma/23zj3gwVNm4mt2upHaw1HeFpMHVfAoyaDC1aYpqlzQpLJvX285A==@kvack.org X-Gm-Message-State: AOJu0Yx6zboC96AxhaxqueLjq0xn8a0cgi4Jf5qLkoMX9VTEdnPdWlQi 2jUwyMkR2iaSzTIGiRtF5rvaUknSayd432vgfQt8xun2LtA7c6T5w3DnJ5VfbSsSgw+lg91rFiJ CjUXrIWhLcW1FNX2Eah3B9tveaRrjll9sj/lg X-Google-Smtp-Source: AGHT+IFkyiuWYnkDIp71WVsWgP2T1HZJoDhkqxwhm486aWIEW5rmTrY+udAgGqOeeDcK/tb9koL6OWG1lM6HODvxYHI= X-Received: by 2002:a17:907:980c:b0:a86:8f57:7de0 with SMTP id a640c23a62f3a-a89a37aa9famr218363766b.49.1725041053012; Fri, 30 Aug 2024 11:04:13 -0700 (PDT) MIME-Version: 1.0 References: <000000000000817cf10620e20d33@google.com> In-Reply-To: <000000000000817cf10620e20d33@google.com> From: Yosry Ahmed Date: Fri, 30 Aug 2024 11:03:35 -0700 Message-ID: Subject: Re: [syzbot] [cgroups?] [mm?] KCSAN: data-race in mem_cgroup_iter / mem_cgroup_iter To: syzbot , Kinsey Ho Cc: akpm@linux-foundation.org, cgroups@vger.kernel.org, hannes@cmpxchg.org, linux-kernel@vger.kernel.org, linux-mm@kvack.org, mhocko@kernel.org, muchun.song@linux.dev, roman.gushchin@linux.dev, shakeel.butt@linux.dev, syzkaller-bugs@googlegroups.com Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Rspam-User: X-Stat-Signature: uywprb4stg97mupd3kh4n9adqj8yxtqc X-Rspamd-Queue-Id: 710FEC0017 X-Rspamd-Server: rspam11 X-HE-Tag: 1725041055-869091 X-HE-Meta: U2FsdGVkX19wHNQB/CJLRk0/cE4yL1eqc7V2XWyH3FJYmvwGPL2NaLZDZWo5k13Vb786zPRAA2E743O2qO/F3PBIIgTZH0F0A5guFBG3s7onesCThXy+tE2RnKoKGeMaJKnmL3IOs91jsCiRqFjdS20YmUWEnYj7zY/qwQfnimnclRHFGfVc6SImYmq1IKptASsDJjowMtGC2BEoV61ESHJ2DsbNl8t9/agWIoNTdEeswPVxOU/esoaadnjT+yU/oyZF9MN+p9qo8AYfEMV/fdHxLeQFVoS4bQMa6nlOJCKqAWiYrvlZZfCe/SQoEf7w41Rwx0SSQm/vGg57o+ii6PfLIWtRXPDGE0XoN/YvU77t+j3gvhRC7hLsNCz3mkrOFD9rXLuR7Ja3VHOoK5XG+UMNHMkHnJMgZlrLGojwtCpA9wF0ZnHhHQDC+NXwYDZ9OIDsH/oHVbzYwN4/hu3BOja5xiV/bMliGY8nzlMiKJcED6/Ocb1DyBit6EP6AOmY+8lRz+D31YfTtaOm22dtXgEFRCRcSb6DxXataTXWaD3csAhRW41jfw8nNPgkG5ZGM3iuKKRZWHmBQUsSV25wsE3ZX7UnOduuyKD3O41NUxvxAS7zkPWDpWpDKgI7+LbzsdXF2ohKrPK29PyC0cReEJ/ywa9QXdbt6wVmy7Yx9zSv2om3Cfor+oLxl385ZvE98M1j/sv5I573mLHbfIAXkXKCm04A/oOVmht3bfI6H6MC6GQLQ/UQOg05GPlYAYhAm2lAfRDWMDGGpbR8aKmYMBF+VNu1I1rXkGHOPf58Ae1TrIPw/d360RSOCAtRlCZueCh+c9cqwWFxlygDs6Vvp/0rVEXgNJsPaVLPHM2rxzG3rRT3H14/lmZIcYWhdA37mGb7zQESvQvr+vi++HiaFY5WDHdjdTm6jt//2CEUGGUCXvmvI2cb20fnR5GLryEcAEFyKXkxk4WzepJRKaT brbHIZ3+ kEJ/nV8OQD7NVJM7HBGypr5qiOLGHOMpzsMWdNlh8UywfeTZ64+xHQIuU6xwX31/3zqgHGyISVpPrA8YRtCeDOugSgbvVGzb8ox6uoLvkqhKPDmuJHniThx/y2mWq/uKzvDkDPACws9I5nkGUfm0oGhD4yGGRM4Cnrq/VYzDnBmsxhDC+pPg1YVglFXe+YSY3560ee9R1S6LG/FZCfKOhbplObk3tacJ365ZDVr5hOd1m6n5L0ZkyfIKlnmUqDbEcFzXFIp9XVNpeU+vo1nA0/F+3636wx7YRHqhLk/2khWu+rpkXNc03aDdeoOg4HfuEZH/KNgzckH01lUMPfy3WHEhBkk9ZWP3SRmO3Ra8QR/mApw0eKA6uZuR8sx5SFxgQl0yD3zhguaaVd/pZOdw/kFKH3jgdr0QPVfxDJUro1DFdZglGRLqnEOHyiBzZzLNrXcBLs6wkp6mEo+gOmsOmuk7G19Wh7+0UlK3G6Q1+UCqorWB/CkacGuVYBFg0wNshalwSQj7km0fmKbeg90EMwyW++wV09D9JQGDCWqZfhNxM+nDN03HVOo1k3E5iXTtR+HDEc/Ra/341Ss+vhPmFgFWs4EwhZIGE2p56a6soKArT4wmjpkFAK85c0hNS1RpeasGQv4RNwLxtx7TZYBpDFtAyJ37S/BXW9b8IlDP1BaIR38qwlvln9LxrzcMJs5ejPTWzCD2xyI1wZxHlg7Vgz1qjO+SuO6RvCY7lLD7Y80rb90WHVtVR/D+sScPnMN2LiRR4aCeK1FeZw9zPC7Y0th0usAs6lu5ViZN8r+vTDnxxBI/sef0sQKrfs/R/qbkVLbizY41BSXyzqEK3RcHdkIsBzPh6+WlhZLLX934RegrQorW39PIK3g9oHUxwTYmbmfJfZUU0GEoeaNXHOhvDX7z+zTpfw1g5/dgoeteYOQJEu3ZQPFZAOU0G72n7JJoCG72pkQmdNFpaii8UIH2VJS+ZagY0 oLMSYVUH eTgo1B/hNX/t0l6xqXd2Hf4o4MQIRYpFsKIF3TAhzgDlLbWaTO0gPFnUrYqJRgxz X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Fri, Aug 30, 2024 at 1:05=E2=80=AFAM syzbot wrote: > > Hello, > > syzbot found the following issue on: > > HEAD commit: 20371ba12063 Merge tag 'drm-fixes-2024-08-30' of https://= g.. > git tree: upstream > console output: https://syzkaller.appspot.com/x/log.txt?x=3D107a846398000= 0 > kernel config: https://syzkaller.appspot.com/x/.config?x=3D6fafac02e339c= c84 > dashboard link: https://syzkaller.appspot.com/bug?extid=3De099d407346c452= 75ce9 > compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Deb= ian) 2.40 > > Unfortunately, I don't have any reproducer for this issue yet. > > Downloadable assets: > disk image: https://storage.googleapis.com/syzbot-assets/4a8763df1c20/dis= k-20371ba1.raw.xz > vmlinux: https://storage.googleapis.com/syzbot-assets/f9678a905383/vmlinu= x-20371ba1.xz > kernel image: https://storage.googleapis.com/syzbot-assets/ef6e49adc393/b= zImage-20371ba1.xz > > IMPORTANT: if you fix the issue, please add the following tag to the comm= it: > Reported-by: syzbot+e099d407346c45275ce9@syzkaller.appspotmail.com > > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D > BUG: KCSAN: data-race in mem_cgroup_iter / mem_cgroup_iter +Kinsey Ho This looks relevant to the recent mem_cgroup_iter() changes. > > read-write to 0xffff888114b82668 of 4 bytes by task 5527 on cpu 1: > mem_cgroup_iter+0x28e/0x380 mm/memcontrol.c:1080 > shrink_node_memcgs mm/vmscan.c:5924 [inline] > shrink_node+0x74a/0x1d40 mm/vmscan.c:5948 > shrink_zones mm/vmscan.c:6192 [inline] > do_try_to_free_pages+0x3c6/0xc50 mm/vmscan.c:6254 > try_to_free_mem_cgroup_pages+0x1f3/0x4f0 mm/vmscan.c:6586 > try_charge_memcg+0x2bc/0x810 mm/memcontrol.c:2210 > try_charge mm/memcontrol-v1.h:20 [inline] > charge_memcg mm/memcontrol.c:4439 [inline] > mem_cgroup_swapin_charge_folio+0x107/0x1a0 mm/memcontrol.c:4524 > __read_swap_cache_async+0x2b7/0x520 mm/swap_state.c:516 > swap_cluster_readahead+0x276/0x3f0 mm/swap_state.c:680 > swapin_readahead+0xe4/0x760 mm/swap_state.c:882 > do_swap_page+0x3da/0x1ef0 mm/memory.c:4119 > handle_pte_fault mm/memory.c:5524 [inline] > __handle_mm_fault mm/memory.c:5664 [inline] > handle_mm_fault+0x8cb/0x2a30 mm/memory.c:5832 > do_user_addr_fault arch/x86/mm/fault.c:1338 [inline] > handle_page_fault arch/x86/mm/fault.c:1481 [inline] > exc_page_fault+0x3b9/0x650 arch/x86/mm/fault.c:1539 > asm_exc_page_fault+0x26/0x30 arch/x86/include/asm/idtentry.h:623 > > read to 0xffff888114b82668 of 4 bytes by task 5528 on cpu 0: > mem_cgroup_iter+0xba/0x380 mm/memcontrol.c:1018 > shrink_node_memcgs mm/vmscan.c:5869 [inline] > shrink_node+0x458/0x1d40 mm/vmscan.c:5948 > shrink_zones mm/vmscan.c:6192 [inline] > do_try_to_free_pages+0x3c6/0xc50 mm/vmscan.c:6254 > try_to_free_mem_cgroup_pages+0x1f3/0x4f0 mm/vmscan.c:6586 > try_charge_memcg+0x2bc/0x810 mm/memcontrol.c:2210 > try_charge mm/memcontrol-v1.h:20 [inline] > charge_memcg mm/memcontrol.c:4439 [inline] > mem_cgroup_swapin_charge_folio+0x107/0x1a0 mm/memcontrol.c:4524 > __read_swap_cache_async+0x2b7/0x520 mm/swap_state.c:516 > swap_cluster_readahead+0x276/0x3f0 mm/swap_state.c:680 > swapin_readahead+0xe4/0x760 mm/swap_state.c:882 > do_swap_page+0x3da/0x1ef0 mm/memory.c:4119 > handle_pte_fault mm/memory.c:5524 [inline] > __handle_mm_fault mm/memory.c:5664 [inline] > handle_mm_fault+0x8cb/0x2a30 mm/memory.c:5832 > do_user_addr_fault arch/x86/mm/fault.c:1389 [inline] > handle_page_fault arch/x86/mm/fault.c:1481 [inline] > exc_page_fault+0x296/0x650 arch/x86/mm/fault.c:1539 > asm_exc_page_fault+0x26/0x30 arch/x86/include/asm/idtentry.h:623 > __get_user_8+0x11/0x20 arch/x86/lib/getuser.S:94 > fetch_robust_entry kernel/futex/core.c:783 [inline] > exit_robust_list+0x31/0x280 kernel/futex/core.c:811 > futex_cleanup kernel/futex/core.c:1043 [inline] > futex_exit_release+0xe3/0x130 kernel/futex/core.c:1144 > exit_mm_release+0x1a/0x30 kernel/fork.c:1637 > exit_mm+0x38/0x190 kernel/exit.c:544 > do_exit+0x55e/0x1720 kernel/exit.c:869 > do_group_exit+0x102/0x150 kernel/exit.c:1031 > get_signal+0xf2f/0x1080 kernel/signal.c:2917 > arch_do_signal_or_restart+0x95/0x4b0 arch/x86/kernel/signal.c:310 > exit_to_user_mode_loop kernel/entry/common.c:111 [inline] > exit_to_user_mode_prepare include/linux/entry-common.h:328 [inline] > __syscall_exit_to_user_mode_work kernel/entry/common.c:207 [inline] > syscall_exit_to_user_mode+0x59/0x130 kernel/entry/common.c:218 > do_syscall_64+0xd6/0x1c0 arch/x86/entry/common.c:89 > entry_SYSCALL_64_after_hwframe+0x77/0x7f > > value changed: 0x00000522 -> 0x00000528 > > Reported by Kernel Concurrency Sanitizer on: > CPU: 0 UID: 0 PID: 5528 Comm: syz.3.488 Not tainted 6.11.0-rc5-syzkaller-= 00176-g20371ba12063 #0 > Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS G= oogle 08/06/2024 > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D > syz.3.488 (5528) used greatest stack depth: 9096 bytes left > > > --- > This report is generated by a bot. It may contain errors. > See https://goo.gl/tpsmEJ for more information about syzbot. > syzbot engineers can be reached at syzkaller@googlegroups.com. > > syzbot will keep track of this issue. See: > https://goo.gl/tpsmEJ#status for how to communicate with syzbot. > > If the report is already addressed, let syzbot know by replying with: > #syz fix: exact-commit-title > > If you want to overwrite report's subsystems, reply with: > #syz set subsystems: new-subsystem > (See the list of subsystem names on the web dashboard) > > If the report is a duplicate of another one, reply with: > #syz dup: exact-subject-of-another-report > > If you want to undo deduplication, reply with: > #syz undup >