KCSAN: data-race in ktime_get_with_offset / timekeeping_update_from

ID	Workflow	Result	Correct	Bug	Created	Started	Finished	Revision	Error
eba7887a-f055-4ca5-9c41-6b3177f6aa18	assessment-security	DenialOfService: ❌ Exploitable: ❌ FilesystemTrigger: ✅ NetworkTrigger: ✅ PeripheralTrigger: ✅ RemoteTrigger: ✅ Unprivileged: ✅ UserNamespace: ✅ VMGuestTrigger: ✅ VMHostTrigger: ✅	❓	KCSAN: data-race in ktime_get_with_offset / timekeeping_update_from_shadow	2026/05/15 19:26	2026/05/15 19:26	2026/05/15 19:28	efdaf0f9b8bfc56ea6d17bea15a64f4591cc712d
9325fa29-9ab9-48fd-ad41-5b9b20a0e913	assessment-kcsan	Benign: ✅	❓	KCSAN: data-race in ktime_get_with_offset / timekeeping_update_from_shadow	2026/05/10 03:27	2026/05/10 03:27	2026/05/10 03:58	29233ece713919081e9069c2a18be92526041f39

================================================================== BUG: KCSAN: data-race in ktime_get_with_offset / timekeeping_update_from_shadow write to 0xffffffff893d04c8 of 304 bytes by interrupt on cpu 1: timekeeping_update_from_shadow+0x40d/0x440 kernel/time/timekeeping.c:835 __timekeeping_advance+0xa68/0xc10 kernel/time/timekeeping.c:2614 timekeeping_advance kernel/time/timekeeping.c:2622 [inline] update_wall_time+0x21/0x50 kernel/time/timekeeping.c:2632 tick_do_update_jiffies64+0x169/0x1c0 kernel/time/tick-sched.c:149 tick_sched_do_timer kernel/time/tick-sched.c:253 [inline] tick_nohz_handler+0x88/0x380 kernel/time/tick-sched.c:310 __run_hrtimer kernel/time/hrtimer.c:2032 [inline] __hrtimer_run_queues+0x1f8/0x510 kernel/time/hrtimer.c:2096 hrtimer_interrupt+0x257/0x810 kernel/time/hrtimer.c:2215 local_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1051 [inline] __sysvec_apic_timer_interrupt+0x5f/0x1c0 arch/x86/kernel/apic/apic.c:1068 instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1062 [inline] sysvec_apic_timer_interrupt+0x6f/0x80 arch/x86/kernel/apic/apic.c:1062 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:674 get_ctx kernel/kcsan/core.c:-1 [inline] check_access kernel/kcsan/core.c:750 [inline] __tsan_read4+0xd7/0x190 kernel/kcsan/core.c:1024 __ip6addrlbl_match net/ipv6/addrlabel.c:114 [inline] __ipv6_addr_label net/ipv6/addrlabel.c:128 [inline] ipv6_addr_label+0xa0/0x260 net/ipv6/addrlabel.c:143 ipv6_get_saddr_eval+0x368/0x800 net/ipv6/addrconf.c:1680 __ipv6_dev_get_saddr+0x13a/0x270 net/ipv6/addrconf.c:1769 ipv6_dev_get_saddr+0x1dd/0x470 net/ipv6/addrconf.c:1905 icmp6_send+0xefb/0x1080 net/ipv6/icmp.c:760 icmpv6_param_prob_reason+0x32/0x50 net/ipv6/icmp.c:848 ip6_tlvopt_unknown net/ipv6/exthdrs.c:94 [inline] ip6_parse_tlv+0xf1f/0x1030 net/ipv6/exthdrs.c:-1 ipv6_parse_hopopts+0x1d9/0x320 net/ipv6/exthdrs.c:1081 ip6_rcv_core+0x8eb/0xac0 net/ipv6/ip6_input.c:321 ipv6_list_rcv+0x11f/0x2a0 net/ipv6/ip6_input.c:378 __netif_receive_skb_list_ptype net/core/dev.c:6249 [inline] __netif_receive_skb_list_core+0x3c8/0x520 net/core/dev.c:6296 __netif_receive_skb_list net/core/dev.c:6348 [inline] netif_receive_skb_list_internal+0x471/0x5e0 net/core/dev.c:6439 netif_receive_skb_list+0x33/0x1c0 net/core/dev.c:6491 xdp_recv_frames net/bpf/test_run.c:268 [inline] xdp_test_run_batch net/bpf/test_run.c:349 [inline] bpf_test_run_xdp_live+0x1011/0x1330 net/bpf/test_run.c:378 bpf_prog_test_run_xdp+0x559/0x9e0 net/bpf/test_run.c:1463 bpf_prog_test_run+0x208/0x340 kernel/bpf/syscall.c:4859 __sys_bpf+0x8da/0xc30 kernel/bpf/syscall.c:6436 __do_sys_bpf kernel/bpf/syscall.c:6537 [inline] __se_sys_bpf kernel/bpf/syscall.c:6534 [inline] __x64_sys_bpf+0x69/0x80 kernel/bpf/syscall.c:6534 x64_sys_call+0x10cb/0x3020 arch/x86/include/generated/asm/syscalls_64.h:322 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline] do_syscall_64+0x136/0x3c0 arch/x86/entry/syscall_64.c:94 entry_SYSCALL_64_after_hwframe+0x77/0x7f read to 0xffffffff893d04e8 of 8 bytes by task 28833 on cpu 0: timekeeping_cycles_to_ns kernel/time/timekeeping.c:450 [inline] timekeeping_get_ns kernel/time/timekeeping.c:455 [inline] ktime_get_with_offset+0x150/0x260 kernel/time/timekeeping.c:1017 ktime_get_boottime include/linux/timekeeping.h:106 [inline] random_pm_notification+0x89/0x1e0 drivers/char/random.c:830 notifier_call_chain kernel/notifier.c:85 [inline] notifier_call_chain_robust kernel/notifier.c:120 [inline] blocking_notifier_call_chain_robust+0xa1/0x350 kernel/notifier.c:345 pm_notifier_call_chain_robust+0x2c/0x60 kernel/power/main.c:172 snapshot_open+0x123/0x280 kernel/power/user.c:87 misc_open+0x1df/0x220 drivers/char/misc.c:163 chrdev_open+0x2eb/0x3a0 fs/char_dev.c:411 do_dentry_open+0x49f/0xa60 fs/open.c:947 vfs_open+0x37/0x1e0 fs/open.c:1052 do_open fs/namei.c:4700 [inline] path_openat+0x1b39/0x2000 fs/namei.c:4859 do_file_open+0x16c/0x290 fs/namei.c:4888 do_sys_openat2+0xa0/0x130 fs/open.c:1368 do_sys_open fs/open.c:1374 [inline] __do_sys_openat fs/open.c:1390 [inline] __se_sys_openat fs/open.c:1385 [inline] __x64_sys_openat+0xf2/0x120 fs/open.c:1385 x64_sys_call+0x1e39/0x3020 arch/x86/include/generated/asm/syscalls_64.h:258 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline] do_syscall_64+0x136/0x3c0 arch/x86/entry/syscall_64.c:94 entry_SYSCALL_64_after_hwframe+0x77/0x7f value changed: 0x0016f3fad30565a2 -> 0x00178c915334c968 Reported by Kernel Concurrency Sanitizer on: CPU: 0 UID: 0 PID: 28833 Comm: syz.0.7381 Not tainted syzkaller #0 PREEMPT(lazy) Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026 ================================================================== random: crng reseeded on system resumption

Crashes (6):
Time	Kernel	Commit	Syzkaller	Config	Log	Report	VM info	Assets (help?)	Manager	Title
2026/06/28 01:22	upstream	780d569e6c4b	fb92f11c	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci2-upstream-kcsan-gce	KCSAN: data-race in ktime_get_with_offset / timekeeping_update_from_shadow
2026/06/16 14:57	upstream	b1cbabe84ca1	a3998659	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci2-upstream-kcsan-gce	KCSAN: data-race in ktime_get_with_offset / timekeeping_update_from_shadow
2026/06/05 21:27	upstream	ddd664bbff63	48b6c3fa	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci2-upstream-kcsan-gce	KCSAN: data-race in ktime_get_with_offset / timekeeping_update_from_shadow
2026/05/16 23:11	upstream	6916d5703ddf	de5aae85	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci2-upstream-kcsan-gce	KCSAN: data-race in ktime_get_with_offset / timekeeping_update_from_shadow
2026/05/10 11:49	upstream	1bfaee9d3351	29233ece	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci2-upstream-kcsan-gce	KCSAN: data-race in ktime_get_with_offset / timekeeping_update_from_shadow
2026/05/10 01:49	upstream	e92b2872d0b1	29233ece	.config	console log	report	info	[disk image] [vmlinux] [kernel image]	ci2-upstream-kcsan-gce	KCSAN: data-race in ktime_get_with_offset / timekeeping_update_from_shadow

Crashes (6):

Assets (help?)