syzbot

 sign-in | mailing list | source | docs
🐞 Open [1567]
Subsystems
🐞 Fixed [5936]
🐞 Invalid [14429]
Missing Backports [102]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

KCSAN: data-race in queue_access_lock / snd_seq_check_queue

Status: fixed on 2020/04/15 17:19
Subsystems: sound
[Documentation on labels]
Reported-by: syzbot+65c6c92d04304d0a8efc@syzkaller.appspotmail.com
Fix commit: bb51e669fa49 ALSA: seq: Avoid concurrent access to queue flags
First crash: 1883d, last: 1750d
Discussions (6)
Title Replies (including bot) Last reply
[PATCH 4.4 000/113] 4.4.215-stable review 120 (120) 2020/03/16 10:53
[PATCH 4.14 000/237] 4.14.172-stable review 252 (252) 2020/03/01 09:52
[PATCH 4.19 00/97] 4.19.107-stable review 108 (108) 2020/02/28 18:05
[PATCH 5.5 000/150] 5.5.7-stable review 166 (166) 2020/02/28 15:12
[PATCH 4.9 000/165] 4.9.215-stable review 174 (174) 2020/02/28 14:31
[PATCH 5.4 000/135] 5.4.23-stable review 140 (140) 2020/02/28 03:42
Similar bugs (1)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KCSAN: data-race in queue_access_lock / snd_seq_check_queue (2) sound 9 1648d 1700d 0/28 closed as invalid on 2020/06/18 14:24

Sample crash report:
==================================================================
BUG: KCSAN: data-race in queue_access_lock / snd_seq_check_queue

write to 0xffff8880a2d23664 of 1 bytes by interrupt on cpu 0:
 queue_access_lock+0x80/0xb0 sound/core/seq/seq_queue.c:356
 snd_seq_control_queue+0x75/0x320 sound/core/seq/seq_queue.c:719
 event_input_timer+0x29/0x40 sound/core/seq/seq_system.c:103
 snd_seq_deliver_single_event.constprop.0+0x403/0x500 sound/core/seq/seq_clientmgr.c:638
 snd_seq_deliver_event+0x2eb/0x4b0 sound/core/seq/seq_clientmgr.c:839
 snd_seq_dispatch_event+0x9d/0x300 sound/core/seq/seq_clientmgr.c:913
 snd_seq_check_queue+0xf3/0x210 sound/core/seq/seq_queue.c:262
 snd_seq_timer_interrupt+0x222/0x260 sound/core/seq/seq_timer.c:158
 snd_timer_process_callbacks+0x1eb/0x230 sound/core/timer.c:796
 snd_timer_interrupt sound/core/timer.c:919 [inline]
 snd_timer_interrupt+0x488/0x950 sound/core/timer.c:840
 snd_hrtimer_callback+0x188/0x250 sound/core/hrtimer.c:50
 __run_hrtimer kernel/time/hrtimer.c:1517 [inline]
 __hrtimer_run_queues+0x271/0x600 kernel/time/hrtimer.c:1579
 hrtimer_interrupt+0x226/0x490 kernel/time/hrtimer.c:1641
 local_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1119 [inline]
 smp_apic_timer_interrupt+0xd8/0x270 arch/x86/kernel/apic/apic.c:1144
 apic_timer_interrupt+0xf/0x20 arch/x86/entry/entry_64.S:829
 native_safe_halt+0xe/0x10 arch/x86/include/asm/irqflags.h:60
 arch_safe_halt arch/x86/include/asm/paravirt.h:144 [inline]
 default_idle+0x21/0x170 arch/x86/kernel/process.c:695
 cpuidle_idle_call kernel/sched/idle.c:154 [inline]
 do_idle+0x1b7/0x290 kernel/sched/idle.c:269
 cpu_startup_entry+0x14/0x20 kernel/sched/idle.c:361
 rest_init+0xe4/0xeb init/main.c:632
 arch_call_rest_init+0x13/0x2b
 start_kernel+0xcc2/0xceb init/main.c:971
 secondary_startup_64+0xa4/0xb0 arch/x86/kernel/head_64.S:242

read to 0xffff8880a2d23664 of 1 bytes by task 9130 on cpu 1:
 snd_seq_check_queue+0x59/0x210 sound/core/seq/seq_queue.c:247
 snd_seq_enqueue_event+0x15a/0x2a0 sound/core/seq/seq_queue.c:330
 snd_seq_client_enqueue_event.constprop.0+0x187/0x2a0 sound/core/seq/seq_clientmgr.c:974
 snd_seq_write+0x227/0x4e0 sound/core/seq/seq_clientmgr.c:1093
 __vfs_write+0x58/0xb0 fs/read_write.c:494
 vfs_write fs/read_write.c:558 [inline]
 vfs_write+0x189/0x380 fs/read_write.c:542
 ksys_write+0x16a/0x1a0 fs/read_write.c:611
 __do_sys_write fs/read_write.c:623 [inline]
 __se_sys_write fs/read_write.c:620 [inline]
 __x64_sys_write+0x49/0x60 fs/read_write.c:620
 do_syscall_64+0xc7/0x390 arch/x86/entry/common.c:294
 entry_SYSCALL_64_after_hwframe+0x44/0xa9

Reported by Kernel Concurrency Sanitizer on:
CPU: 1 PID: 9130 Comm: syz-executor.1 Not tainted 5.6.0-rc1-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
==================================================================

Crashes (58):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2020/03/06 21:05 https://github.com/google/ktsan.git kcsan 941e0d917bbf 7fb694ef .config console log report ci2-upstream-kcsan-gce
2020/03/06 16:31 https://github.com/google/ktsan.git kcsan 766d004d1b85 7fb694ef .config console log report ci2-upstream-kcsan-gce
2020/02/09 16:21 https://github.com/google/ktsan.git kcsan f60f0f543333 6ece2ea5 .config console log report ci2-upstream-kcsan-gce
2020/02/06 15:10 https://github.com/google/ktsan.git kcsan 245a43005292 5be3a391 .config console log report ci2-upstream-kcsan-gce
2020/02/02 17:16 https://github.com/google/ktsan.git kcsan 245a43005292 93e5e335 .config console log report ci2-upstream-kcsan-gce
2020/02/02 06:11 https://github.com/google/ktsan.git kcsan 245a43005292 2274ad39 .config console log report ci2-upstream-kcsan-gce
2020/02/01 12:11 https://github.com/google/ktsan.git kcsan 245a43005292 326d4c78 .config console log report ci2-upstream-kcsan-gce
2020/01/28 00:43 https://github.com/google/ktsan.git kcsan 245a43005292 56cd6c9b .config console log report ci2-upstream-kcsan-gce
2020/01/24 07:54 https://github.com/google/ktsan.git kcsan 245a43005292 2e95ab33 .config console log report ci2-upstream-kcsan-gce
2020/01/23 15:13 https://github.com/google/ktsan.git kcsan 245a43005292 11ebf937 .config console log report ci2-upstream-kcsan-gce
2020/01/22 18:31 https://github.com/google/ktsan.git kcsan 245a43005292 3334d684 .config console log report ci2-upstream-kcsan-gce
2020/01/16 16:44 https://github.com/google/ktsan.git kcsan 245a43005292 3de7aabb .config console log report ci2-upstream-kcsan-gce
2020/01/15 22:50 https://github.com/google/ktsan.git kcsan 245a43005292 f9b69507 .config console log report ci2-upstream-kcsan-gce
2020/01/15 01:29 https://github.com/google/ktsan.git kcsan 245a43005292 fa12bd3c .config console log report ci2-upstream-kcsan-gce
2020/01/11 04:20 https://github.com/google/ktsan.git kcsan 245a43005292 4c04afaa .config console log report ci2-upstream-kcsan-gce
2020/01/10 15:11 https://github.com/google/ktsan.git kcsan 245a43005292 532ec44e .config console log report ci2-upstream-kcsan-gce
2020/01/08 14:07 https://github.com/google/ktsan.git kcsan 245a43005292 ddc3e859 .config console log report ci2-upstream-kcsan-gce
2020/01/08 13:34 https://github.com/google/ktsan.git kcsan 245a43005292 ddc3e859 .config console log report ci2-upstream-kcsan-gce
2020/01/06 20:21 https://github.com/google/ktsan.git kcsan 245a43005292 53430d97 .config console log report ci2-upstream-kcsan-gce
2020/01/05 14:25 https://github.com/google/ktsan.git kcsan 245a43005292 d646e21f .config console log report ci2-upstream-kcsan-gce
2020/01/02 23:14 https://github.com/google/ktsan.git kcsan 245a43005292 25a0186e .config console log report ci2-upstream-kcsan-gce
2019/12/30 18:15 https://github.com/google/ktsan.git kcsan 245a43005292 6b36d338 .config console log report ci2-upstream-kcsan-gce
2019/12/23 10:27 https://github.com/google/ktsan.git kcsan 245a43005292 be5c2c81 .config console log report ci2-upstream-kcsan-gce
2019/12/21 11:23 https://github.com/google/ktsan.git kcsan 245a43005292 bc586918 .config console log report ci2-upstream-kcsan-gce
2019/12/21 11:22 https://github.com/google/ktsan.git kcsan 245a43005292 bc586918 .config console log report ci2-upstream-kcsan-gce
2019/12/20 18:18 https://github.com/google/ktsan.git kcsan 245a43005292 34011c05 .config console log report ci2-upstream-kcsan-gce
2019/12/19 11:50 https://github.com/google/ktsan.git kcsan 245a43005292 79b211f7 .config console log report ci2-upstream-kcsan-gce
2019/12/16 14:22 https://github.com/google/ktsan.git kcsan 245a43005292 0ae38e44 .config console log report ci2-upstream-kcsan-gce
2019/12/15 03:22 https://github.com/google/ktsan.git kcsan 245a43005292 eef6e580 .config console log report ci2-upstream-kcsan-gce
2019/12/13 19:12 https://github.com/google/ktsan.git kcsan 245a43005292 a5c1ab05 .config console log report ci2-upstream-kcsan-gce
2019/12/12 19:52 https://github.com/google/ktsan.git kcsan ef798c30ba4e 08003f64 .config console log report ci2-upstream-kcsan-gce
2019/12/11 14:36 https://github.com/google/ktsan.git kcsan ef798c30ba4e 0d368675 .config console log report ci2-upstream-kcsan-gce
2019/12/10 02:48 https://github.com/google/ktsan.git kcsan ef798c30ba4e b31eda3d .config console log report ci2-upstream-kcsan-gce
2019/12/06 13:57 https://github.com/google/ktsan.git kcsan ef798c30ba4e 12c3b6cd .config console log report ci2-upstream-kcsan-gce
2019/12/06 07:49 https://github.com/google/ktsan.git kcsan ef798c30ba4e 98b4ef2d .config console log report ci2-upstream-kcsan-gce
2019/12/05 13:42 https://github.com/google/ktsan.git kcsan ef798c30ba4e 9fd5a512 .config console log report ci2-upstream-kcsan-gce
2019/12/04 23:43 https://github.com/google/ktsan.git kcsan ef798c30ba4e b2088328 .config console log report ci2-upstream-kcsan-gce
2019/12/02 23:05 https://github.com/google/ktsan.git kcsan ef798c30ba4e ab342da3 .config console log report ci2-upstream-kcsan-gce
2019/11/30 22:26 https://github.com/google/ktsan.git kcsan ef798c30ba4e a76bf83f .config console log report ci2-upstream-kcsan-gce
2019/11/30 02:34 https://github.com/google/ktsan.git kcsan ef798c30ba4e 3a75be00 .config console log report ci2-upstream-kcsan-gce
2019/11/29 02:42 https://github.com/google/ktsan.git kcsan ef798c30ba4e 76357d6f .config console log report ci2-upstream-kcsan-gce
2019/11/17 13:27 https://github.com/google/ktsan.git kcsan 5863cc791e4c d5696d51 .config console log report ci2-upstream-kcsan-gce
2019/11/11 19:23 https://github.com/google/ktsan.git kcsan 94c006602e13 377d77fa .config console log report ci2-upstream-kcsan-gce
2019/11/10 01:23 https://github.com/google/ktsan.git kcsan 94c006602e13 dc438b91 .config console log report ci2-upstream-kcsan-gce
2019/11/08 10:32 https://github.com/google/ktsan.git kcsan 94c006602e13 1e35461e .config console log report ci2-upstream-kcsan-gce
2019/11/07 03:53 https://github.com/google/ktsan.git kcsan 94c006602e13 d797d201 .config console log report ci2-upstream-kcsan-gce
2019/11/06 16:04 https://github.com/google/ktsan.git kcsan 94c006602e13 da505f84 .config console log report ci2-upstream-kcsan-gce
2019/11/06 10:33 https://github.com/google/ktsan.git kcsan 94c006602e13 bc2c6e45 .config console log report ci2-upstream-kcsan-gce
2019/11/05 13:12 https://github.com/google/ktsan.git kcsan 94c006602e13 0f3ec414 .config console log report ci2-upstream-kcsan-gce
2019/11/05 11:02 https://github.com/google/ktsan.git kcsan 94c006602e13 76630fc9 .config console log report ci2-upstream-kcsan-gce
2019/11/04 16:03 https://github.com/google/ktsan.git kcsan 94c006602e13 18e12644 .config console log report ci2-upstream-kcsan-gce
2019/11/02 21:34 https://github.com/google/ktsan.git kcsan 05f2236801fe d603afc9 .config console log report ci2-upstream-kcsan-gce
2019/10/30 22:27 https://github.com/google/ktsan.git kcsan 05f2236801fe a41ca8fa .config console log report ci2-upstream-kcsan-gce
2019/10/29 04:16 https://github.com/google/ktsan.git kcsan 05f2236801fe 5ea87a66 .config console log report ci2-upstream-kcsan-gce
2019/10/28 17:19 https://github.com/google/ktsan.git kcsan 05f2236801fe 439d7b14 .config console log report ci2-upstream-kcsan-gce
2019/10/26 15:24 https://github.com/google/ktsan.git kcsan 05f2236801fe 25bb509e .config console log report ci2-upstream-kcsan-gce
2019/10/25 12:26 https://github.com/google/ktsan.git kcsan 05f2236801fe 04ca72cd .config console log report ci2-upstream-kcsan-gce
* Struck through repros no longer work on HEAD.