syzbot

 sign-in | mailing list | source | docs
🐞 Open [1026] Subsystems 🐞 Fixed [5274] 🐞 Invalid [12596] Missing Backports [85] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

BUG: KCSAN: data-race in ep_poll and ep_poll_callback

Status: closed as invalid on 2019/10/04 18:08
Subsystems: fs
[Documentation on labels]
First crash: 1677d, last: 1677d

Sample crash report:
==================================================================
BUG: KCSAN: data-race in list_empty_careful include/linux/list.h:286 [inline] and ep_poll_callback+0x5e7/0x6a0
BUG: KCSAN: data-race in ep_events_available fs/eventpoll.c:380 [inline] and ep_poll_callback+0x5e7/0x6a0
BUG: KCSAN: data-race in ep_poll+0x5a2/0x900 fs/eventpoll.c:1907 and ep_poll_callback+0x5e7/0x6a0

write to 0xffff888126efd290 of 8 bytes by interrupt on cpu 0:
 list_add_tail_lockless fs/eventpoll.c:1163 [inline]
 ep_poll_callback+0x5e7/0x6a0 fs/eventpoll.c:1253
 __wake_up_common+0x7b/0x180 kernel/sched/wait.c:93
 __wake_up_common_lock+0x77/0xb0 kernel/sched/wait.c:123
 __wake_up_sync_key+0x19/0x20 kernel/sched/wait.c:196
 sock_def_readable+0xa9/0x140 net/core/sock.c:2786
 tcp_data_ready+0x7d/0xd0 net/ipv4/tcp_input.c:4706
 tcp_rcv_established+0xd0c/0xf50 net/ipv4/tcp_input.c:5632
 tcp_v4_do_rcv+0x381/0x4e0 net/ipv4/tcp_ipv4.c:1542
 tcp_v4_rcv+0x1a03/0x1bf0 net/ipv4/tcp_ipv4.c:1923
 ip_protocol_deliver_rcu+0x51/0x470 net/ipv4/ip_input.c:204
 ip_local_deliver_finish+0x110/0x140 net/ipv4/ip_input.c:231
 NF_HOOK include/linux/netfilter.h:305 [inline]
 NF_HOOK include/linux/netfilter.h:299 [inline]
 ip_local_deliver+0x133/0x210 net/ipv4/ip_input.c:252
 dst_input include/net/dst.h:442 [inline]
 ip_rcv_finish+0x121/0x160 net/ipv4/ip_input.c:413
 NF_HOOK include/linux/netfilter.h:305 [inline]
 NF_HOOK include/linux/netfilter.h:299 [inline]
 ip_rcv+0x18f/0x1a0 net/ipv4/ip_input.c:523

read to 0xffff888126efd290 of 8 bytes by task 7291 on cpu 1:
 list_empty_careful include/linux/list.h:286 [inline]
 ep_events_available fs/eventpoll.c:380 [inline]
 ep_poll+0x5a2/0x900 fs/eventpoll.c:1907
 do_epoll_wait+0x162/0x180 fs/eventpoll.c:2294
 __do_sys_epoll_pwait fs/eventpoll.c:2325 [inline]
 __se_sys_epoll_pwait fs/eventpoll.c:2311 [inline]
 __x64_sys_epoll_pwait+0xcd/0x170 fs/eventpoll.c:2311
 do_syscall_64+0xcf/0x2f0 arch/x86/entry/common.c:296
 entry_SYSCALL_64_after_hwframe+0x44/0xa9

Reported by Kernel Concurrency Sanitizer on:
CPU: 1 PID: 7291 Comm: syz-fuzzer Not tainted 5.3.0+ #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
==================================================================

Crashes (2):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2019/10/04 12:40 https://github.com/google/ktsan.git kcsan 6769d3ca0f23 b2f369e5 .config console log report ci2-upstream-kcsan-gce
2019/10/04 12:37 https://github.com/google/ktsan.git kcsan 6769d3ca0f23 b2f369e5 .config console log report ci2-upstream-kcsan-gce
* Struck through repros no longer work on HEAD.