KCSAN: data-race in snd_rawmidi_poll / snd_rawmidi

KCSAN: data-race in snd_rawmidi_poll / snd_rawmidi_proceed
Status: moderation: reported on 2020/08/11 16:57
Reported-by: syzbot+3d367d1df1d2b67f5c19@syzkaller.appspotmail.com
Fix commit: 88a06d6f ALSA: rawmidi: Access runtime->avail always in spinlock
Patched on: [ci-qemu-upstream ci-qemu-upstream-386 ci-upstream-bpf-kasan-gce ci-upstream-bpf-next-kasan-gce ci-upstream-gce-leak ci-upstream-kasan-gce ci-upstream-kasan-gce-386 ci-upstream-kasan-gce-root ci-upstream-kasan-gce-selinux-root ci-upstream-kasan-gce-smack-root ci-upstream-linux-next-kasan-gce-root ci-upstream-net-kasan-gce ci-upstream-net-this-kasan-gce ci2-upstream-kcsan-gce ci2-upstream-usb], missing on: [ci-upstream-kmsan-gce ci-upstream-kmsan-gce-386]
First crash: 198d, last: 38d

Sample crash report:

==================================================================
BUG: KCSAN: data-race in snd_rawmidi_poll / snd_rawmidi_proceed

read-write to 0xffff88801096cc38 of 8 bytes by task 3085 on cpu 1:
 __snd_rawmidi_transmit_ack sound/core/rawmidi.c:1255 [inline]
 snd_rawmidi_proceed+0xd8/0x1e0 sound/core/rawmidi.c:1336
 snd_vmidi_output_work+0x8e/0x200 sound/core/seq/seq_virmidi.c:139
 process_one_work+0x3e1/0x950 kernel/workqueue.c:2275
 worker_thread+0x635/0xb90 kernel/workqueue.c:2421
 kthread+0x1fd/0x220 kernel/kthread.c:292
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:296

read to 0xffff88801096cc38 of 8 bytes by task 18636 on cpu 0:
 snd_rawmidi_ready sound/core/rawmidi.c:102 [inline]
 snd_rawmidi_poll+0x1ce/0x210 sound/core/rawmidi.c:1506
 vfs_poll include/linux/poll.h:90 [inline]
 do_select+0x8b1/0xfc0 fs/select.c:534
 core_sys_select+0x408/0x690 fs/select.c:677
 do_pselect fs/select.c:759 [inline]
 __do_sys_pselect6+0x1bf/0x220 fs/select.c:800
 __se_sys_pselect6 fs/select.c:791 [inline]
 __x64_sys_pselect6+0x74/0x80 fs/select.c:791
 do_syscall_64+0x39/0x80 arch/x86/entry/common.c:46
 entry_SYSCALL_64_after_hwframe+0x44/0xa9

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 PID: 18636 Comm: syz-executor.3 Not tainted 5.10.0-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
==================================================================

Crashes (378):
Manager	Time	Kernel	Commit	Syzkaller	Config	Log	Report	VM info	Maintainers
ci2-upstream-kcsan-gce	2020/12/15 22:10	upstream	d635a69d	f213e07e	.config	log	report	info	alsa-devel@alsa-project.org, linux-kernel@vger.kernel.org, perex@perex.cz, pierre-louis.bossart@linux.intel.com, tiwai@suse.com
ci2-upstream-kcsan-gce	2020/12/15 19:47	upstream	148842c9	f213e07e	.config	log	report	info	alsa-devel@alsa-project.org, linux-kernel@vger.kernel.org, perex@perex.cz, pierre-louis.bossart@linux.intel.com, tiwai@suse.com
ci2-upstream-kcsan-gce	2020/12/15 10:22	upstream	148842c9	97183ed7	.config	log	report	info	alsa-devel@alsa-project.org, linux-kernel@vger.kernel.org, perex@perex.cz, pierre-louis.bossart@linux.intel.com, tiwai@suse.com
ci2-upstream-kcsan-gce	2020/12/14 20:34	upstream	fab0fca1	97183ed7	.config	log	report	info	alsa-devel@alsa-project.org, linux-kernel@vger.kernel.org, perex@perex.cz, pierre-louis.bossart@linux.intel.com, tiwai@suse.com
ci2-upstream-kcsan-gce	2020/12/14 19:21	upstream	2c85ebc5	97183ed7	.config	log	report	info	alsa-devel@alsa-project.org, linux-kernel@vger.kernel.org, perex@perex.cz, pierre-louis.bossart@linux.intel.com, tiwai@suse.com
ci2-upstream-kcsan-gce	2020/12/14 07:56	upstream	2c85ebc5	b22a7ec3	.config	log	report	info	alsa-devel@alsa-project.org, linux-kernel@vger.kernel.org, perex@perex.cz, pierre-louis.bossart@linux.intel.com, tiwai@suse.com
ci2-upstream-kcsan-gce	2020/12/13 21:35	upstream	ec6f5e0e	8f160dd5	.config	log	report	info	alsa-devel@alsa-project.org, linux-kernel@vger.kernel.org, perex@perex.cz, pierre-louis.bossart@linux.intel.com, tiwai@suse.com
ci2-upstream-kcsan-gce	2020/12/13 18:47	upstream	6bff9bb8	8f160dd5	.config	log	report	info	alsa-devel@alsa-project.org, linux-kernel@vger.kernel.org, perex@perex.cz, pierre-louis.bossart@linux.intel.com, tiwai@suse.com
ci2-upstream-kcsan-gce	2020/12/13 11:49	upstream	6bff9bb8	bca53db9	.config	log	report	info	alsa-devel@alsa-project.org, linux-kernel@vger.kernel.org, perex@perex.cz, pierre-louis.bossart@linux.intel.com, tiwai@suse.com
ci2-upstream-kcsan-gce	2020/12/12 19:47	upstream	7b1b868e	bca53db9	.config	log	report	info	alsa-devel@alsa-project.org, linux-kernel@vger.kernel.org, perex@perex.cz, pierre-louis.bossart@linux.intel.com, tiwai@suse.com
ci2-upstream-kcsan-gce	2020/12/12 02:29	upstream	7f376f19	bca53db9	.config	log	report	info	alsa-devel@alsa-project.org, linux-kernel@vger.kernel.org, perex@perex.cz, pierre-louis.bossart@linux.intel.com, tiwai@suse.com
ci2-upstream-kcsan-gce	2020/12/11 14:33	upstream	33dc9614	ba24ffcd	.config	log	report	info	alsa-devel@alsa-project.org, arnd@arndb.de, baolin.wang@linaro.org, linux-kernel@vger.kernel.org, perex@perex.cz, pierre-louis.bossart@linux.intel.com, tiwai@suse.com
ci2-upstream-kcsan-gce	2020/12/11 01:35	upstream	9fca90cf	f900b48c	.config	log	report	info	alsa-devel@alsa-project.org, arnd@arndb.de, baolin.wang@linaro.org, linux-kernel@vger.kernel.org, perex@perex.cz, pierre-louis.bossart@linux.intel.com, tiwai@suse.com
ci2-upstream-kcsan-gce	2020/12/10 10:46	upstream	a2f5ea9e	c090b4da	.config	log	report	info	alsa-devel@alsa-project.org, arnd@arndb.de, baolin.wang@linaro.org, linux-kernel@vger.kernel.org, perex@perex.cz, pierre-louis.bossart@linux.intel.com, tiwai@suse.com
ci2-upstream-kcsan-gce	2020/12/09 23:17	upstream	ca4bbdaf	c090b4da	.config	log	report	info	alsa-devel@alsa-project.org, arnd@arndb.de, baolin.wang@linaro.org, linux-kernel@vger.kernel.org, perex@perex.cz, pierre-louis.bossart@linux.intel.com, tiwai@suse.com
ci2-upstream-kcsan-gce	2020/12/09 10:00	upstream	a68a0262	99917735	.config	log	report	info	alsa-devel@alsa-project.org, arnd@arndb.de, baolin.wang@linaro.org, linux-kernel@vger.kernel.org, perex@perex.cz, pierre-louis.bossart@linux.intel.com, tiwai@suse.com
ci2-upstream-kcsan-gce	2020/12/08 23:09	upstream	7d8761ba	40cc414d	.config	log	report	info	alsa-devel@alsa-project.org, arnd@arndb.de, baolin.wang@linaro.org, linux-kernel@vger.kernel.org, perex@perex.cz, pierre-louis.bossart@linux.intel.com, tiwai@suse.com
ci2-upstream-kcsan-gce	2020/12/08 21:00	upstream	cd796ed3	40cc414d	.config	log	report	info	alsa-devel@alsa-project.org, arnd@arndb.de, baolin.wang@linaro.org, linux-kernel@vger.kernel.org, perex@perex.cz, pierre-louis.bossart@linux.intel.com, tiwai@suse.com
ci2-upstream-kcsan-gce	2020/12/08 09:32	upstream	cd796ed3	9af51e31	.config	log	report	info	alsa-devel@alsa-project.org, arnd@arndb.de, baolin.wang@linaro.org, linux-kernel@vger.kernel.org, perex@perex.cz, pierre-louis.bossart@linux.intel.com, tiwai@suse.com
ci2-upstream-kcsan-gce	2020/12/07 23:05	upstream	cd796ed3	51a9082e	.config	log	report	info	alsa-devel@alsa-project.org, arnd@arndb.de, baolin.wang@linaro.org, linux-kernel@vger.kernel.org, perex@perex.cz, pierre-louis.bossart@linux.intel.com, tiwai@suse.com
ci2-upstream-kcsan-gce	2020/12/07 09:40	upstream	0477e928	f80ce148	.config	log	report	info	alsa-devel@alsa-project.org, arnd@arndb.de, baolin.wang@linaro.org, linux-kernel@vger.kernel.org, perex@perex.cz, pierre-louis.bossart@linux.intel.com, tiwai@suse.com
ci2-upstream-kcsan-gce	2020/12/06 20:09	upstream	8100a580	c521566d	.config	log	report	info	alsa-devel@alsa-project.org, arnd@arndb.de, baolin.wang@linaro.org, linux-kernel@vger.kernel.org, perex@perex.cz, pierre-louis.bossart@linux.intel.com, tiwai@suse.com
ci2-upstream-kcsan-gce	2020/12/06 09:40	upstream	7059c2c0	f12ba0c5	.config	log	report	info	alsa-devel@alsa-project.org, arnd@arndb.de, baolin.wang@linaro.org, linux-kernel@vger.kernel.org, perex@perex.cz, pierre-louis.bossart@linux.intel.com, tiwai@suse.com
ci2-upstream-kcsan-gce	2020/12/05 23:57	upstream	32f741b0	50503117	.config	log	report	info	alsa-devel@alsa-project.org, arnd@arndb.de, baolin.wang@linaro.org, linux-kernel@vger.kernel.org, perex@perex.cz, pierre-louis.bossart@linux.intel.com, tiwai@suse.com
ci2-upstream-kcsan-gce	2020/12/05 09:34	upstream	b3298500	0ef84591	.config	log	report	info	alsa-devel@alsa-project.org, arnd@arndb.de, baolin.wang@linaro.org, linux-kernel@vger.kernel.org, perex@perex.cz, pierre-louis.bossart@linux.intel.com, tiwai@suse.com
ci2-upstream-kcsan-gce	2020/12/04 18:51	upstream	e87297fa	20366b87	.config	log	report	info	alsa-devel@alsa-project.org, arnd@arndb.de, baolin.wang@linaro.org, linux-kernel@vger.kernel.org, perex@perex.cz, pierre-louis.bossart@linux.intel.com, tiwai@suse.com
ci2-upstream-kcsan-gce	2020/12/03 13:29	upstream	34816d20	59ad4022	.config	log	report	info	alsa-devel@alsa-project.org, arnd@arndb.de, baolin.wang@linaro.org, linux-kernel@vger.kernel.org, perex@perex.cz, pierre-louis.bossart@linux.intel.com, tiwai@suse.com
ci2-upstream-kcsan-gce	2020/12/03 00:33	upstream	3bb61aa6	8c9190ef	.config	log	report	info	alsa-devel@alsa-project.org, arnd@arndb.de, baolin.wang@linaro.org, linux-kernel@vger.kernel.org, perex@perex.cz, pierre-louis.bossart@linux.intel.com, tiwai@suse.com
ci2-upstream-kcsan-gce	2020/12/02 22:32	upstream	3bb61aa6	eff43e99	.config	log	report	info	alsa-devel@alsa-project.org, arnd@arndb.de, baolin.wang@linaro.org, linux-kernel@vger.kernel.org, perex@perex.cz, pierre-louis.bossart@linux.intel.com, tiwai@suse.com
ci2-upstream-kcsan-gce	2020/12/02 12:40	upstream	509a1542	eff43e99	.config	log	report	info	alsa-devel@alsa-project.org, arnd@arndb.de, baolin.wang@linaro.org, linux-kernel@vger.kernel.org, perex@perex.cz, pierre-louis.bossart@linux.intel.com, tiwai@suse.com
ci2-upstream-kcsan-gce	2020/12/01 23:59	upstream	b6505459	c42a35e9	.config	log	report	info	alsa-devel@alsa-project.org, arnd@arndb.de, baolin.wang@linaro.org, linux-kernel@vger.kernel.org, perex@perex.cz, pierre-louis.bossart@linux.intel.com, tiwai@suse.com
ci2-upstream-kcsan-gce	2020/12/01 11:46	upstream	b6505459	07bfe8a5	.config	log	report	info	alsa-devel@alsa-project.org, arnd@arndb.de, baolin.wang@linaro.org, linux-kernel@vger.kernel.org, perex@perex.cz, pierre-louis.bossart@linux.intel.com, tiwai@suse.com
ci2-upstream-kcsan-gce	2020/12/01 00:07	upstream	b6505459	b3a34598	.config	log	report	info	alsa-devel@alsa-project.org, arnd@arndb.de, baolin.wang@linaro.org, linux-kernel@vger.kernel.org, perex@perex.cz, pierre-louis.bossart@linux.intel.com, tiwai@suse.com
ci2-upstream-kcsan-gce	2020/11/30 11:28	upstream	b6505459	76831598	.config	log	report	info	alsa-devel@alsa-project.org, arnd@arndb.de, baolin.wang@linaro.org, linux-kernel@vger.kernel.org, perex@perex.cz, pierre-louis.bossart@linux.intel.com, tiwai@suse.com
ci2-upstream-kcsan-gce	2020/11/30 03:04	upstream	b6505459	a0092f9d	.config	log	report	info	alsa-devel@alsa-project.org, arnd@arndb.de, baolin.wang@linaro.org, linux-kernel@vger.kernel.org, perex@perex.cz, pierre-louis.bossart@linux.intel.com, tiwai@suse.com
ci2-upstream-kcsan-gce	2020/11/30 03:02	upstream	b6505459	a0092f9d	.config	log	report	info	alsa-devel@alsa-project.org, arnd@arndb.de, baolin.wang@linaro.org, linux-kernel@vger.kernel.org, perex@perex.cz, pierre-louis.bossart@linux.intel.com, tiwai@suse.com
ci2-upstream-kcsan-gce	2020/11/29 13:43	upstream	aae5ab85	a0092f9d	.config	log	report	info	alsa-devel@alsa-project.org, arnd@arndb.de, baolin.wang@linaro.org, linux-kernel@vger.kernel.org, perex@perex.cz, pierre-louis.bossart@linux.intel.com, tiwai@suse.com
ci2-upstream-kcsan-gce	2020/11/29 00:04	upstream	67f34fa8	a0092f9d	.config	log	report	info	alsa-devel@alsa-project.org, arnd@arndb.de, baolin.wang@linaro.org, linux-kernel@vger.kernel.org, perex@perex.cz, pierre-louis.bossart@linux.intel.com, tiwai@suse.com
ci2-upstream-kcsan-gce	2020/11/28 22:04	upstream	67f34fa8	3c7136c0	.config	log	report	info	alsa-devel@alsa-project.org, arnd@arndb.de, baolin.wang@linaro.org, linux-kernel@vger.kernel.org, perex@perex.cz, pierre-louis.bossart@linux.intel.com, tiwai@suse.com
ci2-upstream-kcsan-gce	2020/11/28 13:09	upstream	c84e1efa	3c7136c0	.config	log	report	info	alsa-devel@alsa-project.org, arnd@arndb.de, baolin.wang@linaro.org, linux-kernel@vger.kernel.org, perex@perex.cz, pierre-louis.bossart@linux.intel.com, tiwai@suse.com
ci2-upstream-kcsan-gce	2020/11/28 01:42	upstream	c84e1efa	486f93ef	.config	log	report	info	alsa-devel@alsa-project.org, arnd@arndb.de, baolin.wang@linaro.org, linux-kernel@vger.kernel.org, perex@perex.cz, pierre-louis.bossart@linux.intel.com, tiwai@suse.com
ci2-upstream-kcsan-gce	2020/11/27 13:20	upstream	85a2c56c	486f93ef	.config	log	report	info	alsa-devel@alsa-project.org, arnd@arndb.de, baolin.wang@linaro.org, linux-kernel@vger.kernel.org, perex@perex.cz, pierre-louis.bossart@linux.intel.com, tiwai@suse.com
ci2-upstream-kcsan-gce	2020/11/26 23:43	upstream	4df91062	5018c946	.config	log	report	info	alsa-devel@alsa-project.org, arnd@arndb.de, baolin.wang@linaro.org, linux-kernel@vger.kernel.org, perex@perex.cz, pierre-louis.bossart@linux.intel.com, tiwai@suse.com
ci2-upstream-kcsan-gce	2020/11/26 19:10	upstream	4df91062	2f1cec62	.config	log	report	info	alsa-devel@alsa-project.org, arnd@arndb.de, baolin.wang@linaro.org, linux-kernel@vger.kernel.org, perex@perex.cz, pierre-louis.bossart@linux.intel.com, tiwai@suse.com
ci2-upstream-kcsan-gce	2020/11/26 11:23	upstream	fa02fcd9	2f1cec62	.config	log	report	info	alsa-devel@alsa-project.org, arnd@arndb.de, baolin.wang@linaro.org, linux-kernel@vger.kernel.org, perex@perex.cz, pierre-louis.bossart@linux.intel.com, tiwai@suse.com
ci2-upstream-kcsan-gce	2020/11/26 04:57	upstream	fa02fcd9	2f1cec62	.config	log	report	info	alsa-devel@alsa-project.org, arnd@arndb.de, baolin.wang@linaro.org, linux-kernel@vger.kernel.org, perex@perex.cz, pierre-louis.bossart@linux.intel.com, tiwai@suse.com
ci2-upstream-kcsan-gce	2020/08/11 11:14	upstream	00e4db51	5d3ebca9	.config	log	report		alsa-devel@alsa-project.org, arnd@arndb.de, baolin.wang@linaro.org, linux-kernel@vger.kernel.org, perex@perex.cz, tiwai@suse.com
ci2-upstream-kcsan-gce	2020/08/11 07:44	upstream	4bcf69e5	d3694ffb	.config	log	report		alsa-devel@alsa-project.org, arnd@arndb.de, baolin.wang@linaro.org, linux-kernel@vger.kernel.org, perex@perex.cz, tiwai@suse.com
ci2-upstream-kcsan-gce	2020/07/08 10:12	upstream	dcde237b	5962a2dc	.config	log	report		alsa-devel@alsa-project.org, arnd@arndb.de, baolin.wang@linaro.org, linux-kernel@vger.kernel.org, perex@perex.cz, tiwai@suse.com