syzbot

 sign-in | mailing list | source | docs
🐞 Open [1563]
Subsystems
🐞 Fixed [6338]
🐞 Invalid [16156]
Missing Backports [192]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

KCSAN: data-race in do_sys_poll / pollwake

Status: moderation: reported on 2020/07/18 20:22
Subsystems: fs
[Documentation on labels]
Reported-by: syzbot+a5d15da12b55f807031f@syzkaller.appspotmail.com
First crash: 1837d, last: 11h13m

Sample crash report:
==================================================================
BUG: KCSAN: data-race in do_sys_poll / pollwake

read to 0xffffc90002d03bc0 of 4 bytes by task 9112 on cpu 1:
 poll_schedule_timeout fs/select.c:240 [inline]
 do_poll fs/select.c:958 [inline]
 do_sys_poll+0x99c/0xbd0 fs/select.c:1009
 __do_sys_ppoll fs/select.c:1115 [inline]
 __se_sys_ppoll+0x1b9/0x200 fs/select.c:1095
 __x64_sys_ppoll+0x67/0x80 fs/select.c:1095
 x64_sys_call+0x2de5/0x2fb0 arch/x86/include/generated/asm/syscalls_64.h:272
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xd2/0x200 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

write to 0xffffc90002d03bc0 of 4 bytes by interrupt on cpu 0:
 __pollwake fs/select.c:195 [inline]
 pollwake+0xb6/0x100 fs/select.c:215
 __wake_up_common kernel/sched/wait.c:89 [inline]
 __wake_up_common_lock kernel/sched/wait.c:106 [inline]
 __wake_up+0x66/0xb0 kernel/sched/wait.c:127
 bpf_ringbuf_notify+0x22/0x30 kernel/bpf/ringbuf.c:155
 irq_work_single kernel/irq_work.c:221 [inline]
 irq_work_run_list kernel/irq_work.c:252 [inline]
 irq_work_run+0xe2/0x2d0 kernel/irq_work.c:261
 __sysvec_irq_work+0x22/0x170 arch/x86/kernel/irq_work.c:22
 instr_sysvec_irq_work arch/x86/kernel/irq_work.c:17 [inline]
 sysvec_irq_work+0x2f/0x80 arch/x86/kernel/irq_work.c:17
 asm_sysvec_irq_work+0x1a/0x20 arch/x86/include/asm/idtentry.h:738
 __wrmsrq arch/x86/include/asm/msr.h:80 [inline]
 native_write_msr arch/x86/include/asm/msr.h:137 [inline]
 wrmsrq arch/x86/include/asm/msr.h:199 [inline]
 native_apic_msr_write+0x3d/0x60 arch/x86/include/asm/apic.h:212
 apic_write arch/x86/include/asm/apic.h:405 [inline]
 x2apic_send_IPI_self+0x10/0x20 arch/x86/kernel/apic/x2apic_phys.c:107
 __apic_send_IPI_self arch/x86/include/asm/apic.h:455 [inline]
 arch_irq_work_raise+0x46/0x50 arch/x86/kernel/irq_work.c:31
 irq_work_raise kernel/irq_work.c:84 [inline]
 __irq_work_queue_local+0x10f/0x2c0 kernel/irq_work.c:112
 irq_work_queue+0x70/0x100 kernel/irq_work.c:124
 bpf_ringbuf_commit kernel/bpf/ringbuf.c:-1 [inline]
 ____bpf_ringbuf_discard kernel/bpf/ringbuf.c:525 [inline]
 bpf_ringbuf_discard+0xd3/0xf0 kernel/bpf/ringbuf.c:523
 bpf_prog_fe0ed97373b08409+0x4b/0x4f
 bpf_dispatcher_nop_func include/linux/bpf.h:1322 [inline]
 __bpf_prog_run include/linux/filter.h:718 [inline]
 bpf_prog_run include/linux/filter.h:725 [inline]
 __bpf_trace_run kernel/trace/bpf_trace.c:2258 [inline]
 bpf_trace_run3+0x10f/0x1d0 kernel/trace/bpf_trace.c:2300
 __traceiter_kmem_cache_free+0x38/0x60 include/trace/events/kmem.h:114
 __do_trace_kmem_cache_free include/trace/events/kmem.h:114 [inline]
 trace_kmem_cache_free include/trace/events/kmem.h:114 [inline]
 kmem_cache_free+0x257/0x300 mm/slub.c:4744
 kernfs_free_rcu+0x97/0xb0 fs/kernfs/dir.c:555
 rcu_do_batch kernel/rcu/tree.c:2576 [inline]
 rcu_core+0x5a5/0xc00 kernel/rcu/tree.c:2832
 rcu_core_si+0xd/0x20 kernel/rcu/tree.c:2849
 handle_softirqs+0xb7/0x290 kernel/softirq.c:579
 __do_softirq kernel/softirq.c:613 [inline]
 invoke_softirq kernel/softirq.c:453 [inline]
 __irq_exit_rcu+0x3a/0xc0 kernel/softirq.c:680
 instr_sysvec_call_function_single arch/x86/kernel/smp.c:266 [inline]
 sysvec_call_function_single+0x6b/0x80 arch/x86/kernel/smp.c:266
 asm_sysvec_call_function_single+0x1a/0x20 arch/x86/include/asm/idtentry.h:709
 should_fail_ex+0x5/0x280 lib/fault-inject.c:125
 should_fail+0xb/0x20 lib/fault-inject.c:184
 should_fail_usercopy+0x1a/0x20 lib/fault-inject-usercopy.c:37
 _inline_copy_from_user include/linux/uaccess.h:163 [inline]
 _copy_from_user+0x1c/0xb0 lib/usercopy.c:18
 copy_from_user include/linux/uaccess.h:212 [inline]
 get_timespec64+0x4c/0x100 kernel/time/time.c:877
 __do_sys_clock_nanosleep kernel/time/posix-timers.c:1388 [inline]
 __se_sys_clock_nanosleep+0x10b/0x250 kernel/time/posix-timers.c:1376
 __x64_sys_clock_nanosleep+0x55/0x70 kernel/time/posix-timers.c:1376
 x64_sys_call+0x1df0/0x2fb0 arch/x86/include/generated/asm/syscalls_64.h:231
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xd2/0x200 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

value changed: 0x00000001 -> 0x00000000

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 UID: 0 PID: 9107 Comm: syz.0.1308 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(voluntary) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
==================================================================

Crashes (5262):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2025/06/30 02:21 upstream d0b3b7b22dfa fc9d8ee5 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in do_sys_poll / pollwake
2025/06/29 12:05 upstream dfba48a70cb6 fc9d8ee5 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in do_sys_poll / pollwake
2025/06/28 23:46 upstream ded779017ad7 fc9d8ee5 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in do_sys_poll / pollwake
2025/06/27 23:00 upstream 67a993863163 fc9d8ee5 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in do_sys_poll / pollwake
2025/06/27 16:52 upstream 67a993863163 803ce19b .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in do_sys_poll / pollwake
2025/06/27 03:16 upstream f02769e7f272 803ce19b .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in do_sys_poll / pollwake
2025/06/26 09:20 upstream ee88bddf7f2f 26d77996 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in do_sys_poll / pollwake
2025/06/25 01:19 upstream 7595b66ae9de 26d77996 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in do_sys_poll / pollwake
2025/06/23 23:53 upstream 78f4e737a53e e2f27c35 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in do_sys_poll / pollwake
2025/06/23 22:38 upstream 86731a2a651e e2f27c35 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in do_sys_poll / pollwake
2025/06/23 10:23 upstream 86731a2a651e d6cdfb8a .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in do_sys_poll / pollwake
2025/06/22 21:29 upstream b67ec639010f d6cdfb8a .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in do_sys_poll / pollwake
2025/06/22 06:08 upstream 739a6c93cc75 d6cdfb8a .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in do_sys_poll / pollwake
2025/06/21 16:08 upstream 3f75bfff44be d6cdfb8a .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in do_sys_poll / pollwake
2025/06/21 02:22 upstream 11313e2f7812 d6cdfb8a .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in do_sys_poll / pollwake
2025/06/20 07:52 upstream 75f5f23f8787 ed3e87f7 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in do_sys_poll / pollwake
2025/06/18 14:21 upstream 52da431bf03b ed3e87f7 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in do_sys_poll / pollwake
2025/06/18 12:34 upstream 52da431bf03b ca631f70 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in do_sys_poll / pollwake
2025/06/18 09:24 upstream 52da431bf03b e77fae15 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in do_sys_poll / pollwake
2025/06/17 20:16 upstream 4663747812d1 e77fae15 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in do_sys_poll / pollwake
2025/06/17 02:30 upstream 9afe652958c3 cfebc887 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in do_sys_poll / pollwake
2025/06/15 06:12 upstream 8c6bc74c7f89 5f4b362d .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in do_sys_poll / pollwake
2025/06/14 16:30 upstream 4774cfe3543a 5f4b362d .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in do_sys_poll / pollwake
2025/06/14 14:09 upstream 4774cfe3543a 0e8da31f .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in do_sys_poll / pollwake
2025/06/13 23:31 upstream 02adc1490e6d 0e8da31f .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in do_sys_poll / pollwake
2025/06/13 19:03 upstream 02adc1490e6d 98683f8f .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in do_sys_poll / pollwake
2025/06/12 23:11 upstream 27605c8c0f69 98683f8f .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in do_sys_poll / pollwake
2025/06/12 11:05 upstream 2c4a1f3fe03e 98683f8f .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in do_sys_poll / pollwake
2025/06/11 21:32 upstream 488ef3560196 98683f8f .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in do_sys_poll / pollwake
2025/06/11 16:57 upstream aef17cb3d3c4 98683f8f .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in do_sys_poll / pollwake
2025/06/10 23:20 upstream aef17cb3d3c4 5d7e17ca .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in do_sys_poll / pollwake
2025/06/10 08:21 upstream f09079bd04a9 4826c28e .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in do_sys_poll / pollwake
2025/06/09 09:31 upstream 19272b37aa4f 4826c28e .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in do_sys_poll / pollwake
2025/06/08 20:18 upstream 939f15e640f1 4826c28e .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in do_sys_poll / pollwake
2025/06/08 06:02 upstream 8630c59e9936 4826c28e .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in do_sys_poll / pollwake
2025/06/07 02:34 upstream c0c9379f235d 4826c28e .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in do_sys_poll / pollwake
2025/06/06 09:52 upstream e271ed52b344 9fa58bba .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in do_sys_poll / pollwake
2025/06/05 13:17 upstream ec7714e49479 6b6b5f21 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in do_sys_poll / pollwake
2025/06/05 13:16 upstream ec7714e49479 6b6b5f21 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in do_sys_poll / pollwake
2025/06/05 00:10 upstream 1af80d00e1e0 6b6b5f21 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in do_sys_poll / pollwake
2025/06/04 12:53 upstream 5abc7438f1e9 e565f08d .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in do_sys_poll / pollwake
2025/06/04 03:20 upstream 5abc7438f1e9 a30356b7 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in do_sys_poll / pollwake
2021/01/17 10:56 upstream 0da0a8a0a0e1 813be542 .config console log report info ci2-upstream-kcsan-gce
2020/07/18 19:22 upstream 6cf7ccba29dc 9c812472 .config console log report ci2-upstream-kcsan-gce
2020/07/14 20:16 upstream e9919e11e219 6f458026 .config console log report ci2-upstream-kcsan-gce
2020/06/19 12:55 upstream 5e857ce6eae7 bc258b50 .config console log report ci2-upstream-kcsan-gce
* Struck through repros no longer work on HEAD.