syzbot

 sign-in | mailing list | source | docs
🐞 Open [1006] Subsystems 🐞 Fixed [5248] 🐞 Invalid [12552] Missing Backports [84] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

KCSAN: data-race in tick_nohz_idle_stop_tick / tick_sched_do_timer (3)

Status: auto-closed as invalid on 2020/07/20 08:09
Subsystems: kernel
[Documentation on labels]
Reported-by: syzbot+8751258c7b05b27b08c9@syzkaller.appspotmail.com
First crash: 1605d, last: 1416d
Similar bugs (2)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KCSAN: data-race in tick_nohz_idle_stop_tick / tick_sched_do_timer kernel 8 1662d 1668d 0/26 closed as invalid on 2019/10/18 14:11
upstream KCSAN: data-race in tick_nohz_idle_stop_tick / tick_sched_do_timer (2) kernel 5 1636d 1657d 0/26 closed as invalid on 2019/11/19 14:04

Sample crash report:
==================================================================
BUG: KCSAN: data-race in tick_nohz_idle_stop_tick / tick_sched_do_timer

write to 0xffffffff8764e210 of 4 bytes by interrupt on cpu 0:
 tick_sched_do_timer+0xb4/0xd0 kernel/time/tick-sched.c:141
 tick_sched_timer+0x3f/0xd0 kernel/time/tick-sched.c:1313
 __run_hrtimer kernel/time/hrtimer.c:1520 [inline]
 __hrtimer_run_queues+0x271/0x600 kernel/time/hrtimer.c:1584
 hrtimer_interrupt+0x226/0x490 kernel/time/hrtimer.c:1646
 local_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1113 [inline]
 smp_apic_timer_interrupt+0xd8/0x270 arch/x86/kernel/apic/apic.c:1138
 apic_timer_interrupt+0xf/0x20 arch/x86/entry/entry_64.S:829
 check_access kernel/kcsan/core.c:583 [inline]
 __tsan_unaligned_write2+0x9e/0x110 kernel/kcsan/core.c:768
 nf_ct_get_tuple_ports net/netfilter/nf_conntrack_core.c:236 [inline]
 nf_ct_get_tuple+0x2ef/0x4a0 net/netfilter/nf_conntrack_core.c:312
 resolve_normal_ct net/netfilter/nf_conntrack_core.c:1674 [inline]
 nf_conntrack_in+0x238/0xa60 net/netfilter/nf_conntrack_core.c:1846
 ipv4_conntrack_local+0xb1/0x120 net/netfilter/nf_conntrack_proto.c:200
 nf_hook_entry_hookfn include/linux/netfilter.h:135 [inline]
 nf_hook_slow+0x7c/0x160 net/netfilter/core.c:512
 nf_hook include/linux/netfilter.h:262 [inline]
 __ip_local_out+0x1f3/0x2b0 net/ipv4/ip_output.c:114
 ip_local_out+0x2d/0x90 net/ipv4/ip_output.c:123
 __ip_queue_xmit+0x3a6/0xa40 net/ipv4/ip_output.c:530
 ip_queue_xmit+0x3e/0x50 include/net/ip.h:237
 __tcp_transmit_skb+0xe0c/0x1d80 net/ipv4/tcp_output.c:1238
 __tcp_send_ack+0x22c/0x2f0 net/ipv4/tcp_output.c:3779
 tcp_send_ack+0x2d/0x40 net/ipv4/tcp_output.c:3785
 __tcp_ack_snd_check+0xcc/0x550 net/ipv4/tcp_input.c:5263
 tcp_rcv_established+0xc95/0xee0 net/ipv4/tcp_input.c:5694
 tcp_v4_do_rcv+0x396/0x4f0 net/ipv4/tcp_ipv4.c:1621
 tcp_v4_rcv+0x1c55/0x1e10 net/ipv4/tcp_ipv4.c:2003
 ip_protocol_deliver_rcu+0x4b/0x410 net/ipv4/ip_input.c:204
 ip_local_deliver_finish+0xf3/0x120 net/ipv4/ip_input.c:231
 NF_HOOK include/linux/netfilter.h:307 [inline]
 NF_HOOK include/linux/netfilter.h:301 [inline]
 ip_local_deliver+0x135/0x220 net/ipv4/ip_input.c:252
 dst_input include/net/dst.h:441 [inline]
 ip_sublist_rcv_finish+0xf0/0x140 net/ipv4/ip_input.c:550
 ip_list_rcv_finish net/ipv4/ip_input.c:600 [inline]
 ip_sublist_rcv+0x3f8/0x530 net/ipv4/ip_input.c:608
 ip_list_rcv+0x2f3/0x321 net/ipv4/ip_input.c:643
 __netif_receive_skb_list_ptype net/core/dev.c:5230 [inline]
 __netif_receive_skb_list_ptype net/core/dev.c:5219 [inline]
 __netif_receive_skb_list_core+0x368/0x5c0 net/core/dev.c:5278
 __netif_receive_skb_list net/core/dev.c:5330 [inline]
 netif_receive_skb_list_internal+0x5c7/0x810 net/core/dev.c:5425
 gro_normal_list.part.0+0x37/0xa0 net/core/dev.c:5536
 gro_normal_list net/core/dev.c:5549 [inline]
 gro_normal_one+0x14c/0x160 net/core/dev.c:5548
 napi_skb_finish net/core/dev.c:5876 [inline]
 napi_gro_receive+0x27d/0x2f0 net/core/dev.c:5908
 receive_buf+0x24c/0x3420 drivers/net/virtio_net.c:1073
 virtnet_receive drivers/net/virtio_net.c:1335 [inline]
 virtnet_poll+0x343/0x790 drivers/net/virtio_net.c:1440
 napi_poll net/core/dev.c:6571 [inline]
 net_rx_action+0x3ad/0xac0 net/core/dev.c:6639
 __do_softirq+0x118/0x34a kernel/softirq.c:292
 run_ksoftirqd+0x41/0x60 kernel/softirq.c:604
 smpboot_thread_fn+0x374/0x4a0 kernel/smpboot.c:165
 kthread+0x203/0x230 kernel/kthread.c:268
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:352

read to 0xffffffff8764e210 of 4 bytes by task 0 on cpu 1:
 tick_nohz_stop_tick kernel/time/tick-sched.c:780 [inline]
 __tick_nohz_idle_stop_tick kernel/time/tick-sched.c:973 [inline]
 tick_nohz_idle_stop_tick+0x191/0x680 kernel/time/tick-sched.c:994
 cpuidle_idle_call kernel/sched/idle.c:151 [inline]
 do_idle+0x1ad/0x290 kernel/sched/idle.c:269
 cpu_startup_entry+0x14/0x20 kernel/sched/idle.c:361
 start_secondary+0x169/0x1b0 arch/x86/kernel/smpboot.c:268
 secondary_startup_64+0xa4/0xb0 arch/x86/kernel/head_64.S:242

Reported by Kernel Concurrency Sanitizer on:
CPU: 1 PID: 0 Comm: swapper/1 Not tainted 5.7.0-rc1-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
==================================================================

Crashes (53):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2020/06/15 08:09 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 8e3ab941 .config console log report ci2-upstream-kcsan-gce
2020/06/13 05:46 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 f4724dd3 .config console log report ci2-upstream-kcsan-gce
2020/06/11 16:52 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 1beaee21 .config console log report ci2-upstream-kcsan-gce
2020/06/11 01:35 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 3ab7a05a .config console log report ci2-upstream-kcsan-gce
2020/06/06 02:17 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 c3e9afb3 .config console log report ci2-upstream-kcsan-gce
2020/06/04 13:49 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 6720fdef .config console log report ci2-upstream-kcsan-gce
2020/06/03 13:39 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 a5ce5de0 .config console log report ci2-upstream-kcsan-gce
2020/06/03 01:32 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 f3ba1b5b .config console log report ci2-upstream-kcsan-gce
2020/05/31 10:41 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 a0331e89 .config console log report ci2-upstream-kcsan-gce
2020/05/29 00:41 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 d19ed305 .config console log report ci2-upstream-kcsan-gce
2020/05/26 18:15 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 9072c126 .config console log report ci2-upstream-kcsan-gce
2020/05/24 13:30 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 ce7ca010 .config console log report ci2-upstream-kcsan-gce
2020/05/23 22:59 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 96c92ad3 .config console log report ci2-upstream-kcsan-gce
2020/05/15 12:42 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 d7f9fffa .config console log report ci2-upstream-kcsan-gce
2020/05/14 11:26 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 2d572622 .config console log report ci2-upstream-kcsan-gce
2020/05/13 22:34 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 a885920d .config console log report ci2-upstream-kcsan-gce
2020/05/11 07:16 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 f8f57555 .config console log report ci2-upstream-kcsan-gce
2020/05/09 15:01 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 88cb3e92 .config console log report ci2-upstream-kcsan-gce
2020/05/07 22:32 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 6c70a1c2 .config console log report ci2-upstream-kcsan-gce
2020/04/29 22:05 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 2dd552a5 .config console log report ci2-upstream-kcsan-gce
2020/04/29 10:04 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 ba2806db .config console log report ci2-upstream-kcsan-gce
2020/04/24 03:46 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 03d97a1b .config console log report ci2-upstream-kcsan-gce
2020/04/18 15:04 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 365fba24 .config console log report ci2-upstream-kcsan-gce
2020/04/15 17:45 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 3f3c5574 .config console log report ci2-upstream-kcsan-gce
2020/04/14 11:31 https://github.com/google/ktsan.git kcsan 40959e34d670 3f3c5574 .config console log report ci2-upstream-kcsan-gce
2020/04/13 01:01 https://github.com/google/ktsan.git kcsan 40959e34d670 17a986e5 .config console log report ci2-upstream-kcsan-gce
2020/04/12 12:58 https://github.com/google/ktsan.git kcsan 40959e34d670 36b0b050 .config console log report ci2-upstream-kcsan-gce
2020/04/09 01:45 https://github.com/google/ktsan.git kcsan 40959e34d670 a8c6a3f8 .config console log report ci2-upstream-kcsan-gce
2020/04/06 21:37 https://github.com/google/ktsan.git kcsan 40959e34d670 99a96044 .config console log report ci2-upstream-kcsan-gce
2020/04/04 00:39 https://github.com/google/ktsan.git kcsan 40959e34d670 ef26b610 .config console log report ci2-upstream-kcsan-gce
2020/04/03 09:44 https://github.com/google/ktsan.git kcsan 40959e34d670 5ed396e6 .config console log report ci2-upstream-kcsan-gce
2020/03/25 14:18 https://github.com/google/ktsan.git kcsan 40959e34d670 e8e6c7d2 .config console log report ci2-upstream-kcsan-gce
2020/03/25 12:41 https://github.com/google/ktsan.git kcsan 40959e34d670 41f049cc .config console log report ci2-upstream-kcsan-gce
2020/03/24 16:33 https://github.com/google/ktsan.git kcsan 40959e34d670 68660b21 .config console log report ci2-upstream-kcsan-gce
2020/03/21 06:17 https://github.com/google/ktsan.git kcsan 40959e34d670 aa6c6a55 .config console log report ci2-upstream-kcsan-gce
2020/03/13 22:07 https://github.com/google/ktsan.git kcsan 941e0d917bbf 749688d2 .config console log report ci2-upstream-kcsan-gce
2020/03/13 08:57 https://github.com/google/ktsan.git kcsan 941e0d917bbf fd69032d .config console log report ci2-upstream-kcsan-gce
2020/03/09 14:58 https://github.com/google/ktsan.git kcsan 941e0d917bbf 35f53e45 .config console log report ci2-upstream-kcsan-gce
2020/03/05 10:29 https://github.com/google/ktsan.git kcsan 766d004d1b85 b655d91b .config console log report ci2-upstream-kcsan-gce
2020/03/03 08:43 https://github.com/google/ktsan.git kcsan 766d004d1b85 350a7a26 .config console log report ci2-upstream-kcsan-gce
2020/02/26 02:16 https://github.com/google/ktsan.git kcsan 766d004d1b85 4f588111 .config console log report ci2-upstream-kcsan-gce
2020/02/22 12:07 https://github.com/google/ktsan.git kcsan 766d004d1b85 2c36e7a7 .config console log report ci2-upstream-kcsan-gce
2020/02/11 17:32 https://github.com/google/ktsan.git kcsan f60f0f543333 4d1ab643 .config console log report ci2-upstream-kcsan-gce
2020/02/11 07:09 https://github.com/google/ktsan.git kcsan f60f0f543333 084454ae .config console log report ci2-upstream-kcsan-gce
2020/02/10 19:37 https://github.com/google/ktsan.git kcsan f60f0f543333 d9e55b05 .config console log report ci2-upstream-kcsan-gce
2020/02/09 21:36 https://github.com/google/ktsan.git kcsan f60f0f543333 35f5e45e .config console log report ci2-upstream-kcsan-gce
2020/01/31 19:03 https://github.com/google/ktsan.git kcsan 245a43005292 0eb59c27 .config console log report ci2-upstream-kcsan-gce
2020/01/18 20:59 https://github.com/google/ktsan.git kcsan 245a43005292 bc8bc756 .config console log report ci2-upstream-kcsan-gce
2020/01/15 15:28 https://github.com/google/ktsan.git kcsan 245a43005292 069a5a44 .config console log report ci2-upstream-kcsan-gce
2019/12/31 04:57 https://github.com/google/ktsan.git kcsan 245a43005292 7f117e28 .config console log report ci2-upstream-kcsan-gce
2019/12/12 05:27 https://github.com/google/ktsan.git kcsan ef798c30ba4e d973f528 .config console log report ci2-upstream-kcsan-gce
2019/12/10 21:13 https://github.com/google/ktsan.git kcsan ef798c30ba4e 101194eb .config console log report ci2-upstream-kcsan-gce
2019/12/09 13:42 https://github.com/google/ktsan.git kcsan ef798c30ba4e b31eda3d .config console log report ci2-upstream-kcsan-gce
* Struck through repros no longer work on HEAD.