syzbot


KCSAN: data-race in rtc_dev_poll / rtc_pie_update_irq

Status: auto-closed as invalid on 2021/10/16 01:04
Reported-by: syzbot+@syzkaller.appspotmail.com
First crash: 452d, last: 452d
similar bugs (1):
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KCSAN: data-race in rtc_dev_poll / rtc_pie_update_irq (2) 1 329d 329d 0/24 auto-closed as invalid on 2022/02/16 06:16

Sample crash report:
==================================================================
BUG: KCSAN: data-race in rtc_dev_poll / rtc_pie_update_irq

write to 0xffff88810293cb80 of 8 bytes by interrupt on cpu 0:
 rtc_handle_legacy_irq drivers/rtc/interface.c:612 [inline]
 rtc_pie_update_irq+0x9b/0xf0 drivers/rtc/interface.c:660
 __run_hrtimer+0x160/0x480 kernel/time/hrtimer.c:1685
 __hrtimer_run_queues kernel/time/hrtimer.c:1749 [inline]
 hrtimer_interrupt+0x380/0xaf0 kernel/time/hrtimer.c:1811
 local_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1086 [inline]
 __sysvec_apic_timer_interrupt+0x6f/0x1c0 arch/x86/kernel/apic/apic.c:1103
 sysvec_apic_timer_interrupt+0x64/0x80 arch/x86/kernel/apic/apic.c:1097
 asm_sysvec_apic_timer_interrupt+0x12/0x20
 arch_atomic64_read arch/x86/include/asm/atomic64_64.h:22 [inline]
 arch_atomic_long_read include/linux/atomic/atomic-long.h:29 [inline]
 atomic_long_read include/linux/atomic/atomic-instrumented.h:1184 [inline]
 find_watchpoint kernel/kcsan/core.c:127 [inline]
 check_access kernel/kcsan/core.c:618 [inline]
 __tsan_read1+0x46/0x180 kernel/kcsan/core.c:852
 snd_seq_enqueue_event+0x2d/0x2b0 sound/core/seq/seq_queue.c:297
 snd_seq_client_enqueue_event+0x219/0x2b0 sound/core/seq/seq_clientmgr.c:976
 snd_seq_write+0x435/0x540 sound/core/seq/seq_clientmgr.c:1096
 vfs_write+0x27c/0x8d0 fs/read_write.c:592
 ksys_write+0xd9/0x190 fs/read_write.c:647
 __do_sys_write fs/read_write.c:659 [inline]
 __se_sys_write fs/read_write.c:656 [inline]
 __x64_sys_write+0x3e/0x50 fs/read_write.c:656
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x44/0xa0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x44/0xae

read to 0xffff88810293cb80 of 8 bytes by task 23523 on cpu 1:
 rtc_dev_poll+0x75/0xa0 drivers/rtc/dev.c:198
 vfs_poll include/linux/poll.h:90 [inline]
 do_select+0x783/0xe60 fs/select.c:534
 core_sys_select+0x43b/0x6c0 fs/select.c:677
 do_pselect fs/select.c:759 [inline]
 __do_sys_pselect6+0x1ea/0x250 fs/select.c:800
 __se_sys_pselect6 fs/select.c:791 [inline]
 __x64_sys_pselect6+0x74/0x80 fs/select.c:791
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x44/0xa0 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x44/0xae

value changed: 0x00000000000a9dc0 -> 0x00000000000a9ec0

Reported by Kernel Concurrency Sanitizer on:
CPU: 1 PID: 23523 Comm: syz-executor.1 Tainted: G        W         5.14.0-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
==================================================================

Crashes (1):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Title
ci2-upstream-kcsan-gce 2021/09/11 01:03 upstream e99f23c5bf59 3ce60af8 .config log report info KCSAN: data-race in rtc_dev_poll / rtc_pie_update_irq
* Struck through repros no longer work on HEAD.