syzbot

 sign-in | mailing list | source | docs
🐞 Open [979] Subsystems 🐞 Fixed [5235] 🐞 Invalid [12495] Missing Backports [83] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

KCSAN: data-race in futex_wait_queue_me / prepare_signal

Status: closed as invalid on 2019/11/19 13:54
Subsystems: kernel
[Documentation on labels]
First crash: 1641d, last: 1630d
Similar bugs (1)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KCSAN: data-race in futex_wait_queue_me / prepare_signal (2) kernel 739 1056d 1402d 0/26 auto-closed as invalid on 2021/07/07 21:46

Sample crash report:
==================================================================
BUG: KCSAN: data-race in futex_wait_queue_me / prepare_signal

read to 0xffff88809aada024 of 4 bytes by interrupt on cpu 0:
 sig_task_ignored kernel/signal.c:94 [inline]
 sig_ignored kernel/signal.c:119 [inline]
 prepare_signal+0x1f5/0x7a0 kernel/signal.c:956
 send_sigqueue+0xc1/0x4b0 kernel/signal.c:1859
 posix_timer_event kernel/time/posix-timers.c:328 [inline]
 posix_timer_fn+0x10d/0x230 kernel/time/posix-timers.c:354
 __run_hrtimer kernel/time/hrtimer.c:1514 [inline]
 __hrtimer_run_queues+0x274/0x5f0 kernel/time/hrtimer.c:1576
 hrtimer_interrupt+0x22a/0x480 kernel/time/hrtimer.c:1638
 local_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1110 [inline]
 smp_apic_timer_interrupt+0xdc/0x280 arch/x86/kernel/apic/apic.c:1135
 apic_timer_interrupt+0xf/0x20 arch/x86/entry/entry_64.S:830
 arch_local_irq_restore arch/x86/include/asm/paravirt.h:756 [inline]
 __raw_spin_unlock_irqrestore include/linux/spinlock_api_smp.h:160 [inline]
 _raw_spin_unlock_irqrestore+0x51/0x80 kernel/locking/spinlock.c:191
 spin_unlock_irqrestore include/linux/spinlock.h:393 [inline]
 unlock_timer kernel/time/posix-timers.c:164 [inline]
 do_timer_settime.part.0+0x11d/0x160 kernel/time/posix-timers.c:910
 do_timer_settime kernel/time/posix-timers.c:916 [inline]
 __do_sys_timer_settime kernel/time/posix-timers.c:930 [inline]
 __se_sys_timer_settime kernel/time/posix-timers.c:916 [inline]
 __x64_sys_timer_settime+0x1ab/0x250 kernel/time/posix-timers.c:916
 do_syscall_64+0xcc/0x370 arch/x86/entry/common.c:290
 entry_SYSCALL_64_after_hwframe+0x44/0xa9

write to 0xffff88809aada024 of 4 bytes by task 16370 on cpu 1:
 freezer_do_not_count include/linux/freezer.h:109 [inline]
 freezable_schedule include/linux/freezer.h:171 [inline]
 futex_wait_queue_me+0x17d/0x290 kernel/futex.c:2627
 futex_wait+0x19b/0x3f0 kernel/futex.c:2733
 do_futex+0xe9/0x18d0 kernel/futex.c:3644
 __do_sys_futex kernel/futex.c:3705 [inline]
 __se_sys_futex kernel/futex.c:3673 [inline]
 __x64_sys_futex+0x2cd/0x3f0 kernel/futex.c:3673
 do_syscall_64+0xcc/0x370 arch/x86/entry/common.c:290
 entry_SYSCALL_64_after_hwframe+0x44/0xa9

Reported by Kernel Concurrency Sanitizer on:
CPU: 1 PID: 16370 Comm: syz-executor.1 Not tainted 5.4.0-rc6+ #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
==================================================================

Crashes (3):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2019/11/06 12:01 https://github.com/google/ktsan.git kcsan 94c006602e13 bc2c6e45 .config console log report ci2-upstream-kcsan-gce
2019/10/30 21:01 https://github.com/google/ktsan.git kcsan 05f2236801fe a41ca8fa .config console log report ci2-upstream-kcsan-gce
2019/10/26 07:06 https://github.com/google/ktsan.git kcsan 05f2236801fe 413926c5 .config console log report ci2-upstream-kcsan-gce
* Struck through repros no longer work on HEAD.