syzbot

 sign-in | mailing list | source | docs
🐞 Open [1027] Subsystems 🐞 Fixed [5251] 🐞 Invalid [12571] Missing Backports [86] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

KCSAN: data-race in __bpf_lru_list_shrink / __htab_lru_percpu_map_update_elem (7)

Status: auto-obsoleted due to no activity on 2023/07/26 07:54
Subsystems: bpf
[Documentation on labels]
First crash: 370d, last: 318d
Similar bugs (6)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KCSAN: data-race in __bpf_lru_list_shrink / __htab_lru_percpu_map_update_elem (6) bpf 25 603d 666d 0/26 auto-obsoleted due to no activity on 2022/10/14 12:43
upstream KCSAN: data-race in __bpf_lru_list_shrink / __htab_lru_percpu_map_update_elem (5) bpf 39 704d 789d 0/26 auto-closed as invalid on 2022/07/05 10:02
upstream KCSAN: data-race in __bpf_lru_list_shrink / __htab_lru_percpu_map_update_elem (3) bpf 1 1232d 1232d 0/26 auto-closed as invalid on 2021/01/23 10:19
upstream KCSAN: data-race in __bpf_lru_list_shrink / __htab_lru_percpu_map_update_elem (4) bpf 3 865d 875d 0/26 auto-closed as invalid on 2022/01/25 13:08
upstream KCSAN: data-race in __bpf_lru_list_shrink / __htab_lru_percpu_map_update_elem bpf 3 1436d 1502d 0/26 closed as invalid on 2020/06/18 14:24
upstream KCSAN: data-race in __bpf_lru_list_shrink / __htab_lru_percpu_map_update_elem (2) bpf 11 1305d 1414d 0/26 auto-closed as invalid on 2020/11/11 15:25

Sample crash report:
==================================================================
BUG: KCSAN: data-race in __bpf_lru_list_shrink / __htab_lru_percpu_map_update_elem

write to 0xffff888141aa3deb of 1 bytes by task 5309 on cpu 1:
 bpf_lru_node_set_ref kernel/bpf/bpf_lru_list.h:71 [inline]
 __htab_lru_percpu_map_update_elem+0x3c0/0x560 kernel/bpf/hashtab.c:1351
 bpf_percpu_hash_update+0x5e/0x90 kernel/bpf/hashtab.c:2372
 bpf_map_update_value+0x2ae/0x370 kernel/bpf/syscall.c:204
 generic_map_update_batch+0x3ae/0x4f0 kernel/bpf/syscall.c:1702
 bpf_map_do_batch+0x2d9/0x3d0 kernel/bpf/syscall.c:4563
 __sys_bpf+0x317/0x800
 __do_sys_bpf kernel/bpf/syscall.c:5171 [inline]
 __se_sys_bpf kernel/bpf/syscall.c:5169 [inline]
 __x64_sys_bpf+0x43/0x50 kernel/bpf/syscall.c:5169
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x41/0xc0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x63/0xcd

read to 0xffff888141aa3deb of 1 bytes by task 5308 on cpu 0:
 bpf_lru_node_is_ref kernel/bpf/bpf_lru_list.c:44 [inline]
 __bpf_lru_list_shrink_inactive kernel/bpf/bpf_lru_list.c:218 [inline]
 __bpf_lru_list_shrink+0xcc/0x6c0 kernel/bpf/bpf_lru_list.c:266
 bpf_lru_list_pop_free_to_local kernel/bpf/bpf_lru_list.c:340 [inline]
 bpf_common_lru_pop_free kernel/bpf/bpf_lru_list.c:447 [inline]
 bpf_lru_pop_free+0x84b/0xe20 kernel/bpf/bpf_lru_list.c:499
 prealloc_lru_pop kernel/bpf/hashtab.c:301 [inline]
 __htab_lru_percpu_map_update_elem+0xf5/0x560 kernel/bpf/hashtab.c:1335
 bpf_percpu_hash_update+0x5e/0x90 kernel/bpf/hashtab.c:2372
 bpf_map_update_value+0x2ae/0x370 kernel/bpf/syscall.c:204
 generic_map_update_batch+0x3ae/0x4f0 kernel/bpf/syscall.c:1702
 bpf_map_do_batch+0x2d9/0x3d0 kernel/bpf/syscall.c:4563
 __sys_bpf+0x317/0x800
 __do_sys_bpf kernel/bpf/syscall.c:5171 [inline]
 __se_sys_bpf kernel/bpf/syscall.c:5169 [inline]
 __x64_sys_bpf+0x43/0x50 kernel/bpf/syscall.c:5169
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x41/0xc0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x63/0xcd

value changed: 0x00 -> 0x01

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 PID: 5308 Comm: syz-executor.2 Not tainted 6.4.0-rc7-syzkaller-00019-g99ec1ed7c2ed #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023
==================================================================
==================================================================
BUG: KCSAN: data-race in __htab_lru_percpu_map_update_elem / bpf_lru_pop_free

read to 0xffff888141aa3deb of 1 bytes by task 5309 on cpu 1:
 bpf_lru_node_set_ref kernel/bpf/bpf_lru_list.h:70 [inline]
 __htab_lru_percpu_map_update_elem+0x2fe/0x560 kernel/bpf/hashtab.c:1351
 bpf_percpu_hash_update+0x5e/0x90 kernel/bpf/hashtab.c:2372
 bpf_map_update_value+0x2ae/0x370 kernel/bpf/syscall.c:204
 generic_map_update_batch+0x3ae/0x4f0 kernel/bpf/syscall.c:1702
 bpf_map_do_batch+0x2d9/0x3d0 kernel/bpf/syscall.c:4563
 __sys_bpf+0x317/0x800
 __do_sys_bpf kernel/bpf/syscall.c:5171 [inline]
 __se_sys_bpf kernel/bpf/syscall.c:5169 [inline]
 __x64_sys_bpf+0x43/0x50 kernel/bpf/syscall.c:5169
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x41/0xc0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x63/0xcd

write to 0xffff888141aa3deb of 1 bytes by task 5308 on cpu 0:
 __bpf_lru_node_move_in kernel/bpf/bpf_lru_list.c:92 [inline]
 __local_list_flush kernel/bpf/bpf_lru_list.c:300 [inline]
 bpf_lru_list_pop_free_to_local kernel/bpf/bpf_lru_list.c:327 [inline]
 bpf_common_lru_pop_free kernel/bpf/bpf_lru_list.c:447 [inline]
 bpf_lru_pop_free+0x37d/0xe20 kernel/bpf/bpf_lru_list.c:499
 prealloc_lru_pop kernel/bpf/hashtab.c:301 [inline]
 __htab_lru_percpu_map_update_elem+0xf5/0x560 kernel/bpf/hashtab.c:1335
 bpf_percpu_hash_update+0x5e/0x90 kernel/bpf/hashtab.c:2372
 bpf_map_update_value+0x2ae/0x370 kernel/bpf/syscall.c:204
 generic_map_update_batch+0x3ae/0x4f0 kernel/bpf/syscall.c:1702
 bpf_map_do_batch+0x2d9/0x3d0 kernel/bpf/syscall.c:4563
 __sys_bpf+0x317/0x800
 __do_sys_bpf kernel/bpf/syscall.c:5171 [inline]
 __se_sys_bpf kernel/bpf/syscall.c:5169 [inline]
 __x64_sys_bpf+0x43/0x50 kernel/bpf/syscall.c:5169
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x41/0xc0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x63/0xcd

value changed: 0x00 -> 0x01

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 PID: 5308 Comm: syz-executor.2 Not tainted 6.4.0-rc7-syzkaller-00019-g99ec1ed7c2ed #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023
==================================================================
==================================================================
BUG: KCSAN: data-race in __bpf_lru_list_shrink / __htab_lru_percpu_map_update_elem

write to 0xffff888141aa3deb of 1 bytes by task 5309 on cpu 1:
 bpf_lru_node_set_ref kernel/bpf/bpf_lru_list.h:71 [inline]
 __htab_lru_percpu_map_update_elem+0x3c0/0x560 kernel/bpf/hashtab.c:1351
 bpf_percpu_hash_update+0x5e/0x90 kernel/bpf/hashtab.c:2372
 bpf_map_update_value+0x2ae/0x370 kernel/bpf/syscall.c:204
 generic_map_update_batch+0x3ae/0x4f0 kernel/bpf/syscall.c:1702
 bpf_map_do_batch+0x2d9/0x3d0 kernel/bpf/syscall.c:4563
 __sys_bpf+0x317/0x800
 __do_sys_bpf kernel/bpf/syscall.c:5171 [inline]
 __se_sys_bpf kernel/bpf/syscall.c:5169 [inline]
 __x64_sys_bpf+0x43/0x50 kernel/bpf/syscall.c:5169
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x41/0xc0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x63/0xcd

read to 0xffff888141aa3deb of 1 bytes by task 5308 on cpu 0:
 bpf_lru_node_is_ref kernel/bpf/bpf_lru_list.c:44 [inline]
 __bpf_lru_list_shrink_inactive kernel/bpf/bpf_lru_list.c:218 [inline]
 __bpf_lru_list_shrink+0xcc/0x6c0 kernel/bpf/bpf_lru_list.c:266
 bpf_lru_list_pop_free_to_local kernel/bpf/bpf_lru_list.c:340 [inline]
 bpf_common_lru_pop_free kernel/bpf/bpf_lru_list.c:447 [inline]
 bpf_lru_pop_free+0x84b/0xe20 kernel/bpf/bpf_lru_list.c:499
 prealloc_lru_pop kernel/bpf/hashtab.c:301 [inline]
 __htab_lru_percpu_map_update_elem+0xf5/0x560 kernel/bpf/hashtab.c:1335
 bpf_percpu_hash_update+0x5e/0x90 kernel/bpf/hashtab.c:2372
 bpf_map_update_value+0x2ae/0x370 kernel/bpf/syscall.c:204
 generic_map_update_batch+0x3ae/0x4f0 kernel/bpf/syscall.c:1702
 bpf_map_do_batch+0x2d9/0x3d0 kernel/bpf/syscall.c:4563
 __sys_bpf+0x317/0x800
 __do_sys_bpf kernel/bpf/syscall.c:5171 [inline]
 __se_sys_bpf kernel/bpf/syscall.c:5169 [inline]
 __x64_sys_bpf+0x43/0x50 kernel/bpf/syscall.c:5169
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x41/0xc0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x63/0xcd

value changed: 0x00 -> 0x01

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 PID: 5308 Comm: syz-executor.2 Not tainted 6.4.0-rc7-syzkaller-00019-g99ec1ed7c2ed #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023
==================================================================
==================================================================
BUG: KCSAN: data-race in __bpf_lru_list_shrink / __htab_lru_percpu_map_update_elem

write to 0xffff888141aa3da3 of 1 bytes by task 5309 on cpu 1:
 __bpf_lru_node_move kernel/bpf/bpf_lru_list.c:113 [inline]
 __bpf_lru_list_shrink_inactive kernel/bpf/bpf_lru_list.c:219 [inline]
 __bpf_lru_list_shrink+0x20c/0x6c0 kernel/bpf/bpf_lru_list.c:266
 bpf_lru_list_pop_free_to_local kernel/bpf/bpf_lru_list.c:340 [inline]
 bpf_common_lru_pop_free kernel/bpf/bpf_lru_list.c:447 [inline]
 bpf_lru_pop_free+0x84b/0xe20 kernel/bpf/bpf_lru_list.c:499
 prealloc_lru_pop kernel/bpf/hashtab.c:301 [inline]
 __htab_lru_percpu_map_update_elem+0xf5/0x560 kernel/bpf/hashtab.c:1335
 bpf_percpu_hash_update+0x5e/0x90 kernel/bpf/hashtab.c:2372
 bpf_map_update_value+0x2ae/0x370 kernel/bpf/syscall.c:204
 generic_map_update_batch+0x3ae/0x4f0 kernel/bpf/syscall.c:1702
 bpf_map_do_batch+0x2d9/0x3d0 kernel/bpf/syscall.c:4563
 __sys_bpf+0x317/0x800
 __do_sys_bpf kernel/bpf/syscall.c:5171 [inline]
 __se_sys_bpf kernel/bpf/syscall.c:5169 [inline]
 __x64_sys_bpf+0x43/0x50 kernel/bpf/syscall.c:5169
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x41/0xc0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x63/0xcd

read to 0xffff888141aa3da3 of 1 bytes by task 5308 on cpu 0:
 bpf_lru_node_set_ref kernel/bpf/bpf_lru_list.h:70 [inline]
 __htab_lru_percpu_map_update_elem+0x2fe/0x560 kernel/bpf/hashtab.c:1351
 bpf_percpu_hash_update+0x5e/0x90 kernel/bpf/hashtab.c:2372
 bpf_map_update_value+0x2ae/0x370 kernel/bpf/syscall.c:204
 generic_map_update_batch+0x3ae/0x4f0 kernel/bpf/syscall.c:1702
 bpf_map_do_batch+0x2d9/0x3d0 kernel/bpf/syscall.c:4563
 __sys_bpf+0x317/0x800
 __do_sys_bpf kernel/bpf/syscall.c:5171 [inline]
 __se_sys_bpf kernel/bpf/syscall.c:5169 [inline]
 __x64_sys_bpf+0x43/0x50 kernel/bpf/syscall.c:5169
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x41/0xc0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x63/0xcd

value changed: 0x01 -> 0x00

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 PID: 5308 Comm: syz-executor.2 Not tainted 6.4.0-rc7-syzkaller-00019-g99ec1ed7c2ed #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023
==================================================================
==================================================================
BUG: KCSAN: data-race in __htab_lru_percpu_map_update_elem / bpf_lru_pop_free

write to 0xffff888141aa3da3 of 1 bytes by task 5309 on cpu 1:
 __bpf_lru_node_move_in kernel/bpf/bpf_lru_list.c:92 [inline]
 __local_list_flush kernel/bpf/bpf_lru_list.c:298 [inline]
 bpf_lru_list_pop_free_to_local kernel/bpf/bpf_lru_list.c:327 [inline]
 bpf_common_lru_pop_free kernel/bpf/bpf_lru_list.c:447 [inline]
 bpf_lru_pop_free+0x2f3/0xe20 kernel/bpf/bpf_lru_list.c:499
 prealloc_lru_pop kernel/bpf/hashtab.c:301 [inline]
 __htab_lru_percpu_map_update_elem+0xf5/0x560 kernel/bpf/hashtab.c:1335
 bpf_percpu_hash_update+0x5e/0x90 kernel/bpf/hashtab.c:2372
 bpf_map_update_value+0x2ae/0x370 kernel/bpf/syscall.c:204
 generic_map_update_batch+0x3ae/0x4f0 kernel/bpf/syscall.c:1702
 bpf_map_do_batch+0x2d9/0x3d0 kernel/bpf/syscall.c:4563
 __sys_bpf+0x317/0x800
 __do_sys_bpf kernel/bpf/syscall.c:5171 [inline]
 __se_sys_bpf kernel/bpf/syscall.c:5169 [inline]
 __x64_sys_bpf+0x43/0x50 kernel/bpf/syscall.c:5169
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x41/0xc0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x63/0xcd

read to 0xffff888141aa3da3 of 1 bytes by task 5308 on cpu 0:
 bpf_lru_node_set_ref kernel/bpf/bpf_lru_list.h:70 [inline]
 __htab_lru_percpu_map_update_elem+0x2fe/0x560 kernel/bpf/hashtab.c:1351
 bpf_percpu_hash_update+0x5e/0x90 kernel/bpf/hashtab.c:2372
 bpf_map_update_value+0x2ae/0x370 kernel/bpf/syscall.c:204
 generic_map_update_batch+0x3ae/0x4f0 kernel/bpf/syscall.c:1702
 bpf_map_do_batch+0x2d9/0x3d0 kernel/bpf/syscall.c:4563
 __sys_bpf+0x317/0x800
 __do_sys_bpf kernel/bpf/syscall.c:5171 [inline]
 __se_sys_bpf kernel/bpf/syscall.c:5169 [inline]
 __x64_sys_bpf+0x43/0x50 kernel/bpf/syscall.c:5169
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x41/0xc0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x63/0xcd

value changed: 0x01 -> 0x00

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 PID: 5308 Comm: syz-executor.2 Not tainted 6.4.0-rc7-syzkaller-00019-g99ec1ed7c2ed #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023
==================================================================
==================================================================
BUG: KCSAN: data-race in __htab_lru_percpu_map_update_elem / bpf_lru_pop_free

write to 0xffff888141aa3deb of 1 bytes by task 5309 on cpu 1:
 bpf_lru_node_set_ref kernel/bpf/bpf_lru_list.h:71 [inline]
 __htab_lru_percpu_map_update_elem+0x3c0/0x560 kernel/bpf/hashtab.c:1351
 bpf_percpu_hash_update+0x5e/0x90 kernel/bpf/hashtab.c:2372
 bpf_map_update_value+0x2ae/0x370 kernel/bpf/syscall.c:204
 generic_map_update_batch+0x3ae/0x4f0 kernel/bpf/syscall.c:1702
 bpf_map_do_batch+0x2d9/0x3d0 kernel/bpf/syscall.c:4563
 __sys_bpf+0x317/0x800
 __do_sys_bpf kernel/bpf/syscall.c:5171 [inline]
 __se_sys_bpf kernel/bpf/syscall.c:5169 [inline]
 __x64_sys_bpf+0x43/0x50 kernel/bpf/syscall.c:5169
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x41/0xc0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x63/0xcd

read to 0xffff888141aa3deb of 1 bytes by task 5308 on cpu 0:
 bpf_lru_node_is_ref kernel/bpf/bpf_lru_list.c:44 [inline]
 __local_list_flush kernel/bpf/bpf_lru_list.c:297 [inline]
 bpf_lru_list_pop_free_to_local kernel/bpf/bpf_lru_list.c:327 [inline]
 bpf_common_lru_pop_free kernel/bpf/bpf_lru_list.c:447 [inline]
 bpf_lru_pop_free+0x289/0xe20 kernel/bpf/bpf_lru_list.c:499
 prealloc_lru_pop kernel/bpf/hashtab.c:301 [inline]
 __htab_lru_percpu_map_update_elem+0xf5/0x560 kernel/bpf/hashtab.c:1335
 bpf_percpu_hash_update+0x5e/0x90 kernel/bpf/hashtab.c:2372
 bpf_map_update_value+0x2ae/0x370 kernel/bpf/syscall.c:204
 generic_map_update_batch+0x3ae/0x4f0 kernel/bpf/syscall.c:1702
 bpf_map_do_batch+0x2d9/0x3d0 kernel/bpf/syscall.c:4563
 __sys_bpf+0x317/0x800
 __do_sys_bpf kernel/bpf/syscall.c:5171 [inline]
 __se_sys_bpf kernel/bpf/syscall.c:5169 [inline]
 __x64_sys_bpf+0x43/0x50 kernel/bpf/syscall.c:5169
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x41/0xc0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x63/0xcd

value changed: 0x00 -> 0x01

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 PID: 5308 Comm: syz-executor.2 Not tainted 6.4.0-rc7-syzkaller-00019-g99ec1ed7c2ed #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023
==================================================================
==================================================================
BUG: KCSAN: data-race in __bpf_lru_list_shrink / __htab_lru_percpu_map_update_elem

write to 0xffff888141aa3da3 of 1 bytes by task 5309 on cpu 1:
 __bpf_lru_node_move kernel/bpf/bpf_lru_list.c:113 [inline]
 __bpf_lru_list_shrink_inactive kernel/bpf/bpf_lru_list.c:219 [inline]
 __bpf_lru_list_shrink+0x20c/0x6c0 kernel/bpf/bpf_lru_list.c:266
 bpf_lru_list_pop_free_to_local kernel/bpf/bpf_lru_list.c:340 [inline]
 bpf_common_lru_pop_free kernel/bpf/bpf_lru_list.c:447 [inline]
 bpf_lru_pop_free+0x84b/0xe20 kernel/bpf/bpf_lru_list.c:499
 prealloc_lru_pop kernel/bpf/hashtab.c:301 [inline]
 __htab_lru_percpu_map_update_elem+0xf5/0x560 kernel/bpf/hashtab.c:1335
 bpf_percpu_hash_update+0x5e/0x90 kernel/bpf/hashtab.c:2372
 bpf_map_update_value+0x2ae/0x370 kernel/bpf/syscall.c:204
 generic_map_update_batch+0x3ae/0x4f0 kernel/bpf/syscall.c:1702
 bpf_map_do_batch+0x2d9/0x3d0 kernel/bpf/syscall.c:4563
 __sys_bpf+0x317/0x800
 __do_sys_bpf kernel/bpf/syscall.c:5171 [inline]
 __se_sys_bpf kernel/bpf/syscall.c:5169 [inline]
 __x64_sys_bpf+0x43/0x50 kernel/bpf/syscall.c:5169
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x41/0xc0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x63/0xcd

read to 0xffff888141aa3da3 of 1 bytes by task 5308 on cpu 0:
 bpf_lru_node_set_ref kernel/bpf/bpf_lru_list.h:70 [inline]
 __htab_lru_percpu_map_update_elem+0x2fe/0x560 kernel/bpf/hashtab.c:1351
 bpf_percpu_hash_update+0x5e/0x90 kernel/bpf/hashtab.c:2372
 bpf_map_update_value+0x2ae/0x370 kernel/bpf/syscall.c:204
 generic_map_update_batch+0x3ae/0x4f0 kernel/bpf/syscall.c:1702
 bpf_map_do_batch+0x2d9/0x3d0 kernel/bpf/syscall.c:4563
 __sys_bpf+0x317/0x800
 __do_sys_bpf kernel/bpf/syscall.c:5171 [inline]
 __se_sys_bpf kernel/bpf/syscall.c:5169 [inline]
 __x64_sys_bpf+0x43/0x50 kernel/bpf/syscall.c:5169
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x41/0xc0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x63/0xcd

value changed: 0x01 -> 0x00

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 PID: 5308 Comm: syz-executor.2 Not tainted 6.4.0-rc7-syzkaller-00019-g99ec1ed7c2ed #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023
==================================================================
==================================================================
BUG: KCSAN: data-race in __htab_lru_percpu_map_update_elem / bpf_lru_pop_free

write to 0xffff888141aa3da3 of 1 bytes by task 5309 on cpu 1:
 __bpf_lru_node_move_in kernel/bpf/bpf_lru_list.c:92 [inline]
 __local_list_flush kernel/bpf/bpf_lru_list.c:298 [inline]
 bpf_lru_list_pop_free_to_local kernel/bpf/bpf_lru_list.c:327 [inline]
 bpf_common_lru_pop_free kernel/bpf/bpf_lru_list.c:447 [inline]
 bpf_lru_pop_free+0x2f3/0xe20 kernel/bpf/bpf_lru_list.c:499
 prealloc_lru_pop kernel/bpf/hashtab.c:301 [inline]
 __htab_lru_percpu_map_update_elem+0xf5/0x560 kernel/bpf/hashtab.c:1335
 bpf_percpu_hash_update+0x5e/0x90 kernel/bpf/hashtab.c:2372
 bpf_map_update_value+0x2ae/0x370 kernel/bpf/syscall.c:204
 generic_map_update_batch+0x3ae/0x4f0 kernel/bpf/syscall.c:1702
 bpf_map_do_batch+0x2d9/0x3d0 kernel/bpf/syscall.c:4563
 __sys_bpf+0x317/0x800
 __do_sys_bpf kernel/bpf/syscall.c:5171 [inline]
 __se_sys_bpf kernel/bpf/syscall.c:5169 [inline]
 __x64_sys_bpf+0x43/0x50 kernel/bpf/syscall.c:5169
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x41/0xc0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x63/0xcd

read to 0xffff888141aa3da3 of 1 bytes by task 5308 on cpu 0:
 bpf_lru_node_set_ref kernel/bpf/bpf_lru_list.h:70 [inline]
 __htab_lru_percpu_map_update_elem+0x2fe/0x560 kernel/bpf/hashtab.c:1351
 bpf_percpu_hash_update+0x5e/0x90 kernel/bpf/hashtab.c:2372
 bpf_map_update_value+0x2ae/0x370 kernel/bpf/syscall.c:204
 generic_map_update_batch+0x3ae/0x4f0 kernel/bpf/syscall.c:1702
 bpf_map_do_batch+0x2d9/0x3d0 kernel/bpf/syscall.c:4563
 __sys_bpf+0x317/0x800
 __do_sys_bpf kernel/bpf/syscall.c:5171 [inline]
 __se_sys_bpf kernel/bpf/syscall.c:5169 [inline]
 __x64_sys_bpf+0x43/0x50 kernel/bpf/syscall.c:5169
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x41/0xc0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x63/0xcd

value changed: 0x01 -> 0x00

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 PID: 5308 Comm: syz-executor.2 Not tainted 6.4.0-rc7-syzkaller-00019-g99ec1ed7c2ed #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023
==================================================================
==================================================================
BUG: KCSAN: data-race in __htab_lru_percpu_map_update_elem / bpf_lru_pop_free

write to 0xffff888141aa3deb of 1 bytes by task 5309 on cpu 1:
 bpf_lru_node_set_ref kernel/bpf/bpf_lru_list.h:71 [inline]
 __htab_lru_percpu_map_update_elem+0x3c0/0x560 kernel/bpf/hashtab.c:1351
 bpf_percpu_hash_update+0x5e/0x90 kernel/bpf/hashtab.c:2372
 bpf_map_update_value+0x2ae/0x370 kernel/bpf/syscall.c:204
 generic_map_update_batch+0x3ae/0x4f0 kernel/bpf/syscall.c:1702
 bpf_map_do_batch+0x2d9/0x3d0 kernel/bpf/syscall.c:4563
 __sys_bpf+0x317/0x800
 __do_sys_bpf kernel/bpf/syscall.c:5171 [inline]
 __se_sys_bpf kernel/bpf/syscall.c:5169 [inline]
 __x64_sys_bpf+0x43/0x50 kernel/bpf/syscall.c:5169
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x41/0xc0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x63/0xcd

read to 0xffff888141aa3deb of 1 bytes by task 5308 on cpu 0:
 bpf_lru_node_is_ref kernel/bpf/bpf_lru_list.c:44 [inline]
 __local_list_flush kernel/bpf/bpf_lru_list.c:297 [inline]
 bpf_lru_list_pop_free_to_local kernel/bpf/bpf_lru_list.c:327 [inline]
 bpf_common_lru_pop_free kernel/bpf/bpf_lru_list.c:447 [inline]
 bpf_lru_pop_free+0x289/0xe20 kernel/bpf/bpf_lru_list.c:499
 prealloc_lru_pop kernel/bpf/hashtab.c:301 [inline]
 __htab_lru_percpu_map_update_elem+0xf5/0x560 kernel/bpf/hashtab.c:1335
 bpf_percpu_hash_update+0x5e/0x90 kernel/bpf/hashtab.c:2372
 bpf_map_update_value+0x2ae/0x370 kernel/bpf/syscall.c:204
 generic_map_update_batch+0x3ae/0x4f0 kernel/bpf/syscall.c:1702
 bpf_map_do_batch+0x2d9/0x3d0 kernel/bpf/syscall.c:4563
 __sys_bpf+0x317/0x800
 __do_sys_bpf kernel/bpf/syscall.c:5171 [inline]
 __se_sys_bpf kernel/bpf/syscall.c:5169 [inline]
 __x64_sys_bpf+0x43/0x50 kernel/bpf/syscall.c:5169
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x41/0xc0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x63/0xcd

value changed: 0x00 -> 0x01

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 PID: 5308 Comm: syz-executor.2 Not tainted 6.4.0-rc7-syzkaller-00019-g99ec1ed7c2ed #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023
==================================================================

Crashes (5):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2023/06/21 07:49 upstream 99ec1ed7c2ed 79782afc .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in __bpf_lru_list_shrink / __htab_lru_percpu_map_update_elem
2023/05/24 13:43 upstream 9d646009f65d 4bce1a3e .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in __bpf_lru_list_shrink / __htab_lru_percpu_map_update_elem
2023/05/24 05:15 upstream 27e462c8fad4 4bce1a3e .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in __bpf_lru_list_shrink / __htab_lru_percpu_map_update_elem
2023/05/23 15:23 upstream ae8373a5add4 4bce1a3e .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in __bpf_lru_list_shrink / __htab_lru_percpu_map_update_elem
2023/04/30 17:02 upstream 825a0714d2b3 62df2017 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in __bpf_lru_list_shrink / __htab_lru_percpu_map_update_elem
* Struck through repros no longer work on HEAD.