| Title | Replies (including bot) | Last reply |
|---|---|---|
| [syzbot] [bpf?] KCSAN: data-race in __htab_map_lookup_elem / bpf_lru_pop_free | 0 (1) | 2025/06/10 08:01 |
syzbot |
sign-in | mailing list | source | docs |
| Title | Replies (including bot) | Last reply |
|---|---|---|
| [syzbot] [bpf?] KCSAN: data-race in __htab_map_lookup_elem / bpf_lru_pop_free | 0 (1) | 2025/06/10 08:01 |
================================================================== BUG: KCSAN: data-race in __htab_map_lookup_elem / bpf_lru_pop_free write to 0xffff8881042a62e8 of 4 bytes by task 22653 on cpu 0: __local_list_add_pending kernel/bpf/bpf_lru_list.c:358 [inline] bpf_common_lru_pop_free kernel/bpf/bpf_lru_list.c:457 [inline] bpf_lru_pop_free+0xbd4/0xcb0 kernel/bpf/bpf_lru_list.c:504 prealloc_lru_pop kernel/bpf/hashtab.c:303 [inline] __htab_lru_percpu_map_update_elem+0xea/0x600 kernel/bpf/hashtab.c:1349 bpf_percpu_hash_update+0x61/0xa0 kernel/bpf/hashtab.c:2408 bpf_map_update_value+0x297/0x3a0 kernel/bpf/syscall.c:266 generic_map_update_batch+0x3f5/0x540 kernel/bpf/syscall.c:1982 bpf_map_do_batch+0x255/0x380 kernel/bpf/syscall.c:5344 __sys_bpf+0x2e0/0x790 kernel/bpf/syscall.c:-1 __do_sys_bpf kernel/bpf/syscall.c:5943 [inline] __se_sys_bpf kernel/bpf/syscall.c:5941 [inline] __x64_sys_bpf+0x41/0x50 kernel/bpf/syscall.c:5941 x64_sys_call+0x2478/0x2fb0 arch/x86/include/generated/asm/syscalls_64.h:322 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline] do_syscall_64+0xd2/0x200 arch/x86/entry/syscall_64.c:94 entry_SYSCALL_64_after_hwframe+0x77/0x7f read to 0xffff8881042a62e8 of 4 bytes by task 22637 on cpu 1: lookup_nulls_elem_raw kernel/bpf/hashtab.c:643 [inline] __htab_map_lookup_elem+0xab/0x150 kernel/bpf/hashtab.c:673 htab_lru_percpu_map_lookup_elem+0x20/0xb0 kernel/bpf/hashtab.c:2342 bpf_prog_1592a6279ab44e8a+0x48/0x50 bpf_dispatcher_nop_func include/linux/bpf.h:1322 [inline] __bpf_prog_run include/linux/filter.h:718 [inline] bpf_prog_run include/linux/filter.h:725 [inline] __bpf_trace_run kernel/trace/bpf_trace.c:2258 [inline] bpf_trace_run2+0x107/0x1c0 kernel/trace/bpf_trace.c:2299 __traceiter_kfree+0x2e/0x50 include/trace/events/kmem.h:94 __do_trace_kfree include/trace/events/kmem.h:94 [inline] trace_kfree include/trace/events/kmem.h:94 [inline] kfree+0x27b/0x320 mm/slub.c:4829 ___sys_recvmsg+0x135/0x370 net/socket.c:2829 do_recvmmsg+0x1ef/0x540 net/socket.c:2923 __sys_recvmmsg net/socket.c:2997 [inline] __do_sys_recvmmsg net/socket.c:3020 [inline] __se_sys_recvmmsg net/socket.c:3013 [inline] __x64_sys_recvmmsg+0xe5/0x170 net/socket.c:3013 x64_sys_call+0x1c6a/0x2fb0 arch/x86/include/generated/asm/syscalls_64.h:300 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline] do_syscall_64+0xd2/0x200 arch/x86/entry/syscall_64.c:94 entry_SYSCALL_64_after_hwframe+0x77/0x7f value changed: 0x3dd8f34f -> 0x7cc9e3a7 Reported by Kernel Concurrency Sanitizer on: CPU: 1 UID: 0 PID: 22637 Comm: syz.3.6512 Tainted: G W 6.16.0-rc1-syzkaller #0 PREEMPT(voluntary) Tainted: [W]=WARN Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 ==================================================================
| Time | Kernel | Commit | Syzkaller | Config | Log | Report | Syz repro | C repro | VM info | Assets (help?) | Manager | Title |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2025/06/10 05:38 | upstream | 19272b37aa4f | 4826c28e | .config | console log | report | info | [disk image] [vmlinux] [kernel image] | ci2-upstream-kcsan-gce | KCSAN: data-race in __htab_map_lookup_elem / bpf_lru_pop_free |