syzbot

 sign-in | mailing list | source | docs
🐞 Open [994] Subsystems 🐞 Fixed [5244] 🐞 Invalid [12516] Missing Backports [83] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

KCSAN: data-race in do_select / pollwake (2)

Status: moderation: reported on 2023/12/09 00:09
Subsystems: fs
[Documentation on labels]
Reported-by: syzbot+98a4e3481a6349deaf03@syzkaller.appspotmail.com
First crash: 329d, last: 6h53m
Similar bugs (1)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KCSAN: data-race in do_select / pollwake fs 2554 368d 1390d 0/26 auto-obsoleted due to no activity on 2023/05/29 14:18

Sample crash report:
==================================================================
BUG: KCSAN: data-race in do_select / pollwake

write to 0xffffc9000154fa00 of 4 bytes by interrupt on cpu 1:
 __pollwake fs/select.c:198 [inline]
 pollwake+0xbe/0x110 fs/select.c:218
 __wake_up_common kernel/sched/wait.c:89 [inline]
 __wake_up_common_lock kernel/sched/wait.c:106 [inline]
 __wake_up+0x65/0xb0 kernel/sched/wait.c:127
 bpf_ringbuf_notify+0x22/0x30 kernel/bpf/ringbuf.c:152
 irq_work_single kernel/irq_work.c:221 [inline]
 irq_work_run_list kernel/irq_work.c:252 [inline]
 irq_work_run+0xdf/0x2c0 kernel/irq_work.c:261
 __sysvec_irq_work+0x23/0x1a0 arch/x86/kernel/irq_work.c:22
 instr_sysvec_irq_work arch/x86/kernel/irq_work.c:17 [inline]
 sysvec_irq_work+0x66/0x80 arch/x86/kernel/irq_work.c:17
 asm_sysvec_irq_work+0x1a/0x20 arch/x86/include/asm/idtentry.h:738
 native_apic_mem_write arch/x86/include/asm/apic.h:95 [inline]
 __default_send_IPI_shortcut arch/x86/kernel/apic/ipi.c:166 [inline]
 default_send_IPI_self+0x38/0x80 arch/x86/kernel/apic/ipi.c:247
 __apic_send_IPI_self arch/x86/include/asm/apic.h:459 [inline]
 arch_irq_work_raise+0x48/0x50 arch/x86/kernel/irq_work.c:31
 irq_work_raise kernel/irq_work.c:84 [inline]
 __irq_work_queue_local+0x82/0x1d0 kernel/irq_work.c:112
 irq_work_queue+0x85/0x120 kernel/irq_work.c:124
 ____bpf_ringbuf_discard kernel/bpf/ringbuf.c:513 [inline]
 bpf_ringbuf_discard+0xcd/0xf0 kernel/bpf/ringbuf.c:511
 ___bpf_prog_run+0x9ab/0x46c0 kernel/bpf/core.c:1997
 __bpf_prog_run32+0x74/0xa0 kernel/bpf/core.c:2236
 bpf_dispatcher_nop_func include/linux/bpf.h:1234 [inline]
 __bpf_prog_run include/linux/filter.h:657 [inline]
 bpf_prog_run include/linux/filter.h:664 [inline]
 __bpf_trace_run kernel/trace/bpf_trace.c:2381 [inline]
 bpf_trace_run2+0x97/0x150 kernel/trace/bpf_trace.c:2420
 __traceiter_kfree+0x2b/0x50 include/trace/events/kmem.h:94
 trace_kfree include/trace/events/kmem.h:94 [inline]
 kfree+0x1e7/0x270 mm/slub.c:4377
 selinux_release_secctx+0x15/0x20 security/selinux/hooks.c:6630
 security_release_secctx+0x41/0x70 security/security.c:4194
 audit_log_task_context+0xfc/0x1b0 kernel/audit.c:2198
 audit_log_task+0xfb/0x180 kernel/auditsc.c:2960
 audit_seccomp+0x68/0x130 kernel/auditsc.c:3010
 seccomp_log kernel/seccomp.c:1003 [inline]
 __seccomp_filter+0x6f8/0x1190 kernel/seccomp.c:1292
 __secure_computing+0x9f/0x1c0 kernel/seccomp.c:1354
 syscall_trace_enter+0xd1/0x1f0 kernel/entry/common.c:52
 syscall_enter_from_user_mode_work include/linux/entry-common.h:168 [inline]
 syscall_enter_from_user_mode include/linux/entry-common.h:198 [inline]
 do_syscall_64+0xaa/0x1d0 arch/x86/entry/common.c:79
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

read to 0xffffc9000154fa00 of 4 bytes by task 4017 on cpu 0:
 poll_schedule_timeout fs/select.c:243 [inline]
 do_select+0xeb0/0xfa0 fs/select.c:607
 core_sys_select+0x362/0x530 fs/select.c:681
 do_pselect fs/select.c:763 [inline]
 __do_sys_pselect6 fs/select.c:804 [inline]
 __se_sys_pselect6+0x213/0x280 fs/select.c:795
 __x64_sys_pselect6+0x78/0x90 fs/select.c:795
 x64_sys_call+0xe7b/0x2d30 arch/x86/include/generated/asm/syscalls_64.h:271
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xcd/0x1d0 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

value changed: 0x00000000 -> 0x00000001

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 PID: 4017 Comm: syz-executor.3 Tainted: G        W          6.9.0-rc5-syzkaller-00296-g5eb4573ea63d #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
==================================================================

Crashes (264):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2024/04/27 02:05 upstream 5eb4573ea63d 059e9963 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in do_select / pollwake
2024/04/27 01:56 upstream 5eb4573ea63d 059e9963 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in do_select / pollwake
2024/04/26 12:10 upstream c942a0cd3603 059e9963 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in do_select / pollwake
2024/04/26 09:11 upstream c942a0cd3603 8bdc0f22 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in do_select / pollwake
2024/04/25 17:49 upstream e33c4963bf53 8bdc0f22 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in do_select / pollwake
2024/04/24 18:01 upstream e88c4cfcb7b8 8bdc0f22 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in do_select / pollwake
2024/04/24 16:17 upstream 9d1ddab261f3 8bdc0f22 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in do_select / pollwake
2024/04/23 22:51 upstream 9d1ddab261f3 21339d7b .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in do_select / pollwake
2024/04/23 09:09 upstream 71b1543c83d6 21339d7b .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in do_select / pollwake
2024/04/22 23:37 upstream a2c63a3f3d68 36c961ad .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in do_select / pollwake
2024/04/22 09:19 upstream ed30a4a51bb1 36c961ad .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in do_select / pollwake
2024/04/21 19:09 upstream 48cf398f15fc af24b050 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in do_select / pollwake
2024/04/20 20:54 upstream 977b1ef51866 af24b050 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in do_select / pollwake
2024/04/20 08:33 upstream 13a2e429f644 af24b050 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in do_select / pollwake
2024/04/19 18:22 upstream 3cdb45594619 af24b050 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in do_select / pollwake
2024/04/18 21:35 upstream 2668e3ae2ef3 af24b050 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in do_select / pollwake
2024/04/18 08:11 upstream 8cd26fd90c1a af24b050 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in do_select / pollwake
2024/04/18 03:19 upstream 4b6b51322118 acc528cb .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in do_select / pollwake
2024/04/17 15:36 upstream 96fca68c4fbf acc528cb .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in do_select / pollwake
2024/04/16 17:50 upstream 96fca68c4fbf 18f6e127 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in do_select / pollwake
2024/04/15 14:18 upstream 0bbac3facb5d b9af7e61 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in do_select / pollwake
2024/04/14 09:19 upstream 7efd0a74039f c8349e48 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in do_select / pollwake
2024/04/13 17:33 upstream 8f2c057754b2 c8349e48 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in do_select / pollwake
2024/04/12 14:53 upstream 586b5dfb51b9 c8349e48 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in do_select / pollwake
2024/04/11 00:08 upstream 2c71fdf02a95 4320ec32 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in do_select / pollwake
2024/04/10 03:53 upstream 20cb38a7af88 171ec371 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in do_select / pollwake
2024/04/09 16:08 upstream 20cb38a7af88 f3234354 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in do_select / pollwake
2024/04/09 01:57 upstream 20cb38a7af88 f3234354 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in do_select / pollwake
2024/04/08 12:46 upstream fec50db7033e 53df08b6 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in do_select / pollwake
2024/04/08 12:46 upstream fec50db7033e 53df08b6 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in do_select / pollwake
2024/04/08 06:40 upstream fec50db7033e ca620dd8 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in do_select / pollwake
2024/04/07 17:46 upstream 9fe30842a90b ca620dd8 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in do_select / pollwake
2024/04/06 18:39 upstream f2f80ac80987 ca620dd8 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in do_select / pollwake
2024/04/06 11:53 upstream 104db052b62d ca620dd8 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in do_select / pollwake
2024/04/04 13:16 upstream c85af715cac0 0ee3535e .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in do_select / pollwake
2024/04/04 09:39 upstream c85af715cac0 0ee3535e .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in do_select / pollwake
2024/04/04 05:20 upstream c85af715cac0 51c4dcff .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in do_select / pollwake
2024/04/03 15:20 upstream 3e92c1e6cd87 51c4dcff .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in do_select / pollwake
2024/04/03 02:30 upstream b1e6ec0a0fd0 7925100d .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in do_select / pollwake
2024/04/02 13:01 upstream 026e680b0a08 eb2966c4 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in do_select / pollwake
2024/04/01 23:24 upstream 026e680b0a08 6baf5069 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in do_select / pollwake
2024/04/01 08:11 upstream 39cd87c4eb2b 6baf5069 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in do_select / pollwake
2023/11/16 21:16 upstream 7475e51b8796 cb976f63 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in do_select / pollwake
* Struck through repros no longer work on HEAD.