syzbot


KCSAN: data-race in __bpf_lru_node_move_in / bpf_lru_push_free

Status: auto-closed as invalid on 2020/07/23 04:58
Subsystems: bpf
[Documentation on labels]
Reported-by: syzbot+9a5887f4b4a98ad80881@syzkaller.appspotmail.com
First crash: 1482d, last: 1379d

Sample crash report:
==================================================================
BUG: KCSAN: data-race in __bpf_lru_node_move_in / bpf_lru_push_free

write to 0xffff8880a0cbbcca of 1 bytes by task 28314 on cpu 0:
 __bpf_lru_node_move_in+0x9f/0x1f0 kernel/bpf/bpf_lru_list.c:91
 __local_list_flush kernel/bpf/bpf_lru_list.c:298 [inline]
 bpf_lru_list_pop_free_to_local kernel/bpf/bpf_lru_list.c:327 [inline]
 bpf_common_lru_pop_free kernel/bpf/bpf_lru_list.c:447 [inline]
 bpf_lru_pop_free+0x3af/0xa30 kernel/bpf/bpf_lru_list.c:499
 prealloc_lru_pop+0x30/0x70 kernel/bpf/hashtab.c:237
 htab_lru_map_update_elem+0x352/0x680 kernel/bpf/hashtab.c:1043
 bpf_map_update_value.isra.0+0x3bc/0x420 kernel/bpf/syscall.c:203
 generic_map_update_batch+0x273/0x3c0 kernel/bpf/syscall.c:1326
 bpf_map_do_batch+0x194/0x3a0 kernel/bpf/syscall.c:3556
 __do_sys_bpf+0x1cca/0x3100 kernel/bpf/syscall.c:3767
 __se_sys_bpf kernel/bpf/syscall.c:3661 [inline]
 __x64_sys_bpf+0x47/0x60 kernel/bpf/syscall.c:3661
 do_syscall_64+0xc7/0x3b0 arch/x86/entry/common.c:295
 entry_SYSCALL_64_after_hwframe+0x44/0xa9

read to 0xffff8880a0cbbcca of 1 bytes by task 28311 on cpu 1:
 bpf_common_lru_push_free kernel/bpf/bpf_lru_list.c:507 [inline]
 bpf_lru_push_free+0xf6/0x330 kernel/bpf/bpf_lru_list.c:555
 htab_lru_map_update_elem+0x544/0x680 kernel/bpf/hashtab.c:1072
 bpf_map_update_value.isra.0+0x3bc/0x420 kernel/bpf/syscall.c:203
 generic_map_update_batch+0x273/0x3c0 kernel/bpf/syscall.c:1326
 bpf_map_do_batch+0x194/0x3a0 kernel/bpf/syscall.c:3556
 __do_sys_bpf+0x1cca/0x3100 kernel/bpf/syscall.c:3767
 __se_sys_bpf kernel/bpf/syscall.c:3661 [inline]
 __x64_sys_bpf+0x47/0x60 kernel/bpf/syscall.c:3661
 do_syscall_64+0xc7/0x3b0 arch/x86/entry/common.c:295
 entry_SYSCALL_64_after_hwframe+0x44/0xa9

Reported by Kernel Concurrency Sanitizer on:
CPU: 1 PID: 28311 Comm: syz-executor.1 Not tainted 5.7.0-rc1-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
==================================================================

Crashes (50):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2020/06/18 04:57 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 d45a4d69 .config console log report ci2-upstream-kcsan-gce
2020/06/16 05:14 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 baca2611 .config console log report ci2-upstream-kcsan-gce
2020/06/14 05:36 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 a61674a5 .config console log report ci2-upstream-kcsan-gce
2020/06/10 11:40 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 860c4de9 .config console log report ci2-upstream-kcsan-gce
2020/06/05 10:20 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 2420d1bc .config console log report ci2-upstream-kcsan-gce
2020/06/02 20:05 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 52fd7b7d .config console log report ci2-upstream-kcsan-gce
2020/05/31 21:09 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 a0331e89 .config console log report ci2-upstream-kcsan-gce
2020/05/30 01:35 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 bed08304 .config console log report ci2-upstream-kcsan-gce
2020/05/29 07:24 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 d19ed305 .config console log report ci2-upstream-kcsan-gce
2020/05/27 06:54 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 9072c126 .config console log report ci2-upstream-kcsan-gce
2020/05/27 06:54 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 9072c126 .config console log report ci2-upstream-kcsan-gce
2020/05/27 06:54 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 9072c126 .config console log report ci2-upstream-kcsan-gce
2020/05/26 12:31 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 8ca3b7d2 .config console log report ci2-upstream-kcsan-gce
2020/05/24 23:53 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 ce7ca010 .config console log report ci2-upstream-kcsan-gce
2020/05/24 23:53 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 ce7ca010 .config console log report ci2-upstream-kcsan-gce
2020/05/23 04:18 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 4afdfa20 .config console log report ci2-upstream-kcsan-gce
2020/05/21 12:05 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 4afdfa20 .config console log report ci2-upstream-kcsan-gce
2020/05/19 07:06 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 684d3606 .config console log report ci2-upstream-kcsan-gce
2020/05/18 20:35 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 24d91142 .config console log report ci2-upstream-kcsan-gce
2020/05/18 20:14 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 24d91142 .config console log report ci2-upstream-kcsan-gce
2020/05/18 01:28 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 37bccd4e .config console log report ci2-upstream-kcsan-gce
2020/05/13 19:48 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 9a6d42fb .config console log report ci2-upstream-kcsan-gce
2020/05/13 07:32 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 a44eb8f7 .config console log report ci2-upstream-kcsan-gce
2020/05/11 16:31 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 f8f57555 .config console log report ci2-upstream-kcsan-gce
2020/05/09 07:37 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 e97b06d3 .config console log report ci2-upstream-kcsan-gce
2020/05/06 05:04 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 35b8eb30 .config console log report ci2-upstream-kcsan-gce
2020/05/03 22:00 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 58ae5e18 .config console log report ci2-upstream-kcsan-gce
2020/05/03 06:38 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 5457883a .config console log report ci2-upstream-kcsan-gce
2020/05/02 04:31 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 bc734e7a .config console log report ci2-upstream-kcsan-gce
2020/04/26 12:51 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 0ce7569e .config console log report ci2-upstream-kcsan-gce
2020/04/26 00:35 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 b8bb8e5f .config console log report ci2-upstream-kcsan-gce
2020/04/22 05:06 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 2e44d63e .config console log report ci2-upstream-kcsan-gce
2020/04/22 04:57 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 2e44d63e .config console log report ci2-upstream-kcsan-gce
2020/04/20 12:59 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 347a5dc3 .config console log report ci2-upstream-kcsan-gce
2020/04/19 03:18 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 365fba24 .config console log report ci2-upstream-kcsan-gce
2020/04/19 03:18 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 365fba24 .config console log report ci2-upstream-kcsan-gce
2020/04/14 19:41 https://github.com/google/ktsan.git kcsan 40959e34d670 3f3c5574 .config console log report ci2-upstream-kcsan-gce
2020/04/08 02:17 https://github.com/google/ktsan.git kcsan 40959e34d670 db9bcd4b .config console log report ci2-upstream-kcsan-gce
2020/04/03 18:45 https://github.com/google/ktsan.git kcsan 40959e34d670 5ed396e6 .config console log report ci2-upstream-kcsan-gce
2020/04/03 18:40 https://github.com/google/ktsan.git kcsan 40959e34d670 5ed396e6 .config console log report ci2-upstream-kcsan-gce
2020/04/02 00:45 https://github.com/google/ktsan.git kcsan 40959e34d670 a34e2c33 .config console log report ci2-upstream-kcsan-gce
2020/03/29 06:00 https://github.com/google/ktsan.git kcsan 40959e34d670 05736b29 .config console log report ci2-upstream-kcsan-gce
2020/03/27 22:09 https://github.com/google/ktsan.git kcsan 40959e34d670 831e9a81 .config console log report ci2-upstream-kcsan-gce
2020/03/26 19:29 https://github.com/google/ktsan.git kcsan 40959e34d670 6d25c5a0 .config console log report ci2-upstream-kcsan-gce
2020/03/26 19:27 https://github.com/google/ktsan.git kcsan 40959e34d670 6d25c5a0 .config console log report ci2-upstream-kcsan-gce
2020/03/26 19:27 https://github.com/google/ktsan.git kcsan 40959e34d670 6d25c5a0 .config console log report ci2-upstream-kcsan-gce
2020/03/26 03:51 https://github.com/google/ktsan.git kcsan 40959e34d670 e8e6c7d2 .config console log report ci2-upstream-kcsan-gce
2020/03/08 07:46 https://github.com/google/ktsan.git kcsan 941e0d917bbf 2e9971bb .config console log report ci2-upstream-kcsan-gce
2020/03/07 06:30 https://github.com/google/ktsan.git kcsan 941e0d917bbf fd2a5f28 .config console log report ci2-upstream-kcsan-gce
* Struck through repros no longer work on HEAD.