syzbot


KCSAN: data-race in exit_signals / prepare_signal

Status: auto-closed as invalid on 2020/10/01 01:52
Subsystems: kernel
[Documentation on labels]
Reported-by: syzbot+492a4acccd8fc75ddfd0@syzkaller.appspotmail.com
First crash: 1628d, last: 1309d
Discussions (2)
Title Replies (including bot) Last reply
[PATCH cgroup/for-5.5] cgroup: remove cgroup_enable_task_cg_lists() optimization 10 (10) 2019/10/28 17:46
KCSAN: data-race in exit_signals / prepare_signal 7 (8) 2019/10/24 17:54
Similar bugs (3)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KCSAN: data-race in exit_signals / prepare_signal (3) kernel 1 1145d 1145d 0/26 auto-closed as invalid on 2021/03/13 19:57
upstream KCSAN: data-race in exit_signals / prepare_signal (2) kernel 10 1190d 1207d 0/26 auto-closed as invalid on 2021/01/28 12:34
upstream KCSAN: data-race in exit_signals / prepare_signal (4) kernel 1 1068d 1066d 0/26 auto-closed as invalid on 2021/05/30 19:12

Sample crash report:
==================================================================
BUG: KCSAN: data-race in exit_signals / prepare_signal

write to 0xffff88808368d024 of 4 bytes by task 19804 on cpu 0:
 exit_signals+0x124/0x580 kernel/signal.c:2845
 do_exit+0x19a/0x16c0 kernel/exit.c:762
 do_group_exit+0x17a/0x180 kernel/exit.c:903
 __do_sys_exit_group+0xb/0x10 kernel/exit.c:914
 __se_sys_exit_group+0x5/0x10 kernel/exit.c:912
 __x64_sys_exit_group+0x16/0x20 kernel/exit.c:912
 do_syscall_64+0x39/0x80 arch/x86/entry/common.c:46
 entry_SYSCALL_64_after_hwframe+0x44/0xa9

read to 0xffff88808368d024 of 4 bytes by interrupt on cpu 1:
 sig_task_ignored kernel/signal.c:94 [inline]
 sig_ignored kernel/signal.c:119 [inline]
 prepare_signal+0x88d/0xdb0 kernel/signal.c:961
 send_sigqueue+0xea/0x450 kernel/signal.c:1860
 posix_timer_event kernel/time/posix-timers.c:354 [inline]
 posix_timer_fn+0xe8/0x210 kernel/time/posix-timers.c:380
 __run_hrtimer+0x154/0x4b0 kernel/time/hrtimer.c:1524
 __hrtimer_run_queues kernel/time/hrtimer.c:1588 [inline]
 hrtimer_interrupt+0x37c/0xa40 kernel/time/hrtimer.c:1650
 local_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1080 [inline]
 __sysvec_apic_timer_interrupt+0xa3/0x280 arch/x86/kernel/apic/apic.c:1097
 asm_call_on_stack+0xf/0x20 arch/x86/entry/entry_64.S:706
 __run_on_irqstack arch/x86/include/asm/irq_stack.h:22 [inline]
 run_on_irqstack_cond arch/x86/include/asm/irq_stack.h:48 [inline]
 sysvec_apic_timer_interrupt+0x80/0xd0 arch/x86/kernel/apic/apic.c:1091
 asm_sysvec_apic_timer_interrupt+0x12/0x20 arch/x86/include/asm/idtentry.h:581
 is_atomic kernel/kcsan/core.c:240 [inline]
 should_watch kernel/kcsan/core.c:257 [inline]
 check_access kernel/kcsan/core.c:603 [inline]
 __tsan_read8+0x12f/0x180 kernel/kcsan/core.c:801
 ktime_get_ts64+0xa8/0x310 kernel/time/timekeeping.c:894
 posix_get_monotonic_timespec+0x2b/0xe0 kernel/time/posix-timers.c:199
 __do_sys_clock_gettime kernel/time/posix-timers.c:1092 [inline]
 __se_sys_clock_gettime kernel/time/posix-timers.c:1082 [inline]
 __x64_sys_clock_gettime+0xed/0x150 kernel/time/posix-timers.c:1082
 do_syscall_64+0x39/0x80 arch/x86/entry/common.c:46
 entry_SYSCALL_64_after_hwframe+0x44/0xa9

Reported by Kernel Concurrency Sanitizer on:
CPU: 1 PID: 19811 Comm: syz-executor.0 Not tainted 5.9.0-rc2-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
==================================================================

Crashes (18):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2020/08/27 01:51 upstream 15bc20c6af4c 318430cb .config console log report ci2-upstream-kcsan-gce
2020/08/07 01:14 upstream d6efb3ac3e6c cb436c69 .config console log report ci2-upstream-kcsan-gce
2020/07/22 15:49 upstream 4fa640dc5230 128cd85f .config console log report ci2-upstream-kcsan-gce
2020/07/18 18:40 upstream 6a70f89cc58f 9c812472 .config console log report ci2-upstream-kcsan-gce
2020/06/15 18:26 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 8e3ab941 .config console log report ci2-upstream-kcsan-gce
2020/05/21 06:42 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 4afdfa20 .config console log report ci2-upstream-kcsan-gce
2020/03/30 07:30 https://github.com/google/ktsan.git kcsan 40959e34d670 05736b29 .config console log report ci2-upstream-kcsan-gce
2020/02/26 23:20 https://github.com/google/ktsan.git kcsan 766d004d1b85 251aabb7 .config console log report ci2-upstream-kcsan-gce
2020/01/26 12:27 https://github.com/google/ktsan.git kcsan 245a43005292 f4e7270e .config console log report ci2-upstream-kcsan-gce
2020/01/07 11:53 https://github.com/google/ktsan.git kcsan 245a43005292 1bcd407e .config console log report ci2-upstream-kcsan-gce
2020/01/04 22:09 https://github.com/google/ktsan.git kcsan 245a43005292 68256974 .config console log report ci2-upstream-kcsan-gce
2019/12/09 21:58 https://github.com/google/ktsan.git kcsan ef798c30ba4e b31eda3d .config console log report ci2-upstream-kcsan-gce
2019/11/29 00:20 https://github.com/google/ktsan.git kcsan ef798c30ba4e 76357d6f .config console log report ci2-upstream-kcsan-gce
2019/11/28 13:35 https://github.com/google/ktsan.git kcsan ef798c30ba4e 97264cb1 .config console log report ci2-upstream-kcsan-gce
2019/11/27 13:57 https://github.com/google/ktsan.git kcsan ef798c30ba4e 1048481f .config console log report ci2-upstream-kcsan-gce
2019/11/19 04:55 https://github.com/google/ktsan.git kcsan 5863cc791e4c d5696d51 .config console log report ci2-upstream-kcsan-gce
2019/11/06 11:06 https://github.com/google/ktsan.git kcsan 94c006602e13 bc2c6e45 .config console log report ci2-upstream-kcsan-gce
2019/10/13 08:42 https://github.com/google/ktsan.git kcsan d724f94f63de 2f661ec4 .config console log report ci2-upstream-kcsan-gce
* Struck through repros no longer work on HEAD.