syzbot

 sign-in | mailing list | source | docs
🐞 Open [1645]
Subsystems
🐞 Fixed [6010]
🐞 Invalid [14806]
Missing Backports [135]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

KCSAN: data-race in ktime_get_ts64 / timekeeping_advance

Status: closed as invalid on 2019/11/19 14:44
Subsystems: kernel
[Documentation on labels]
First crash: 1918d, last: 1906d
Similar bugs (1)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KCSAN: data-race in ktime_get_ts64 / timekeeping_advance (2) kernel 10 1691d 1848d 0/28 closed as invalid on 2020/06/18 14:24

Sample crash report:
==================================================================
BUG: KCSAN: data-race in ktime_get_ts64 / timekeeping_advance

write to 0xffffffff86041b08 of 280 bytes by interrupt on cpu 1:
 timekeeping_advance+0x88e/0xd80 include/linux/string.h:378
 update_wall_time+0x19/0x20 kernel/time/timekeeping.c:2137
 tick_do_update_jiffies64+0x1a4/0x250 kernel/time/tick-sched.c:94
 tick_sched_do_timer+0xd4/0xe0 kernel/time/tick-sched.c:138
 tick_sched_timer+0x43/0xe0 kernel/time/tick-sched.c:1292
 __run_hrtimer kernel/time/hrtimer.c:1514 [inline]
 __hrtimer_run_queues+0x274/0x5f0 kernel/time/hrtimer.c:1576
 hrtimer_interrupt+0x22a/0x480 kernel/time/hrtimer.c:1638
 local_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1110 [inline]
 smp_apic_timer_interrupt+0xdc/0x280 arch/x86/kernel/apic/apic.c:1135
 apic_timer_interrupt+0xf/0x20 arch/x86/entry/entry_64.S:830
 should_watch kernel/kcsan/core.c:165 [inline]
 check_access kernel/kcsan/core.c:408 [inline]
 __tsan_read8+0xf5/0x1f0 kernel/kcsan/core.c:530
 PageTail include/linux/page-flags.h:183 [inline]
 PageCompound include/linux/page-flags.h:188 [inline]
 PageHuge+0x106/0x140 mm/hugetlb.c:1369
 page_remove_file_rmap mm/rmap.c:1221 [inline]
 page_remove_rmap+0x1f7/0x770 mm/rmap.c:1305
 zap_pte_range mm/memory.c:1062 [inline]
 zap_pmd_range mm/memory.c:1166 [inline]
 zap_pud_range mm/memory.c:1195 [inline]
 zap_p4d_range mm/memory.c:1216 [inline]
 unmap_page_range+0xbab/0x18d0 mm/memory.c:1237
 unmap_single_vma+0x144/0x200 mm/memory.c:1282
 unmap_vmas+0xda/0x1a0 mm/memory.c:1314
 exit_mmap+0x13e/0x300 mm/mmap.c:3161
 __mmput kernel/fork.c:1079 [inline]
 mmput+0xea/0x280 kernel/fork.c:1100
 exit_mm kernel/exit.c:485 [inline]
 do_exit+0x4c9/0x18f0 kernel/exit.c:804
 do_group_exit+0xb4/0x1c0 kernel/exit.c:921
 get_signal+0x2a2/0x1320 kernel/signal.c:2734
 do_signal+0x3b/0xbf0 arch/x86/kernel/signal.c:815
 exit_to_usermode_loop+0x250/0x2c0 arch/x86/entry/common.c:159
 prepare_exit_to_usermode arch/x86/entry/common.c:194 [inline]
 syscall_return_slowpath arch/x86/entry/common.c:274 [inline]
 do_syscall_64+0x353/0x370 arch/x86/entry/common.c:300
 entry_SYSCALL_64_after_hwframe+0x44/0xa9

read to 0xffffffff86041b28 of 8 bytes by task 12196 on cpu 0:
 timekeeping_delta_to_ns kernel/time/timekeeping.c:363 [inline]
 timekeeping_get_ns kernel/time/timekeeping.c:375 [inline]
 ktime_get_ts64+0x12c/0x2c0 kernel/time/timekeeping.c:892
 posix_ktime_get_ts+0x1f/0x30 kernel/time/posix-timers.c:192
 __do_sys_clock_gettime kernel/time/posix-timers.c:1070 [inline]
 __se_sys_clock_gettime kernel/time/posix-timers.c:1060 [inline]
 __x64_sys_clock_gettime+0xb3/0x170 kernel/time/posix-timers.c:1060
 do_syscall_64+0xcc/0x370 arch/x86/entry/common.c:290
 entry_SYSCALL_64_after_hwframe+0x44/0xa9

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 PID: 12196 Comm: syz-executor.1 Not tainted 5.4.0-rc6+ #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
==================================================================

Crashes (3):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2019/11/10 10:20 https://github.com/google/ktsan.git kcsan 94c006602e13 dc438b91 .config console log report ci2-upstream-kcsan-gce
2019/11/04 13:44 https://github.com/google/ktsan.git kcsan 05f2236801fe 18e12644 .config console log report ci2-upstream-kcsan-gce
2019/10/29 08:27 https://github.com/google/ktsan.git kcsan 05f2236801fe 5ea87a66 .config console log report ci2-upstream-kcsan-gce
* Struck through repros no longer work on HEAD.