syzbot


KCSAN: data-race in hrtimer_interrupt / print_cpu

Status: closed as invalid on 2020/06/18 14:24
Subsystems: kernel
[Documentation on labels]
First crash: 1562d, last: 1416d
Similar bugs (4)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KCSAN: data-race in hrtimer_interrupt / print_cpu (2) kernel 7 1287d 1402d 0/26 auto-closed as invalid on 2020/11/19 01:50
upstream KCSAN: data-race in hrtimer_interrupt / print_cpu (4) kernel 44 893d 1110d 0/26 auto-closed as invalid on 2021/12/18 07:26
upstream KCSAN: data-race in hrtimer_interrupt / print_cpu (3) kernel 13 1158d 1228d 0/26 auto-closed as invalid on 2021/03/28 05:11
upstream KCSAN: data-race in hrtimer_interrupt / print_cpu (5) kernel 183 3d14h 138d 0/26 moderation: reported on 2023/12/08 00:04

Sample crash report:
==================================================================
BUG: KCSAN: data-race in hrtimer_interrupt / print_cpu

write to 0xffff88812c01fd94 of 4 bytes by interrupt on cpu 0:
 hrtimer_interrupt+0x9a/0x490 kernel/time/hrtimer.c:1624
 local_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1113 [inline]
 smp_apic_timer_interrupt+0xd8/0x270 arch/x86/kernel/apic/apic.c:1138
 apic_timer_interrupt+0xf/0x20 arch/x86/entry/entry_64.S:829
 arch_atomic_set arch/x86/include/asm/atomic.h:43 [inline]
 atomic_set include/asm-generic/atomic-instrumented.h:46 [inline]
 osq_lock_init include/linux/osq_lock.h:30 [inline]
 __mutex_init+0x8c/0xd0 kernel/locking/mutex.c:46
 __alloc_file+0x12d/0x200 fs/file_table.c:115
 alloc_empty_file+0xb0/0x1d0 fs/file_table.c:151
 path_openat+0x74/0x23d0 fs/namei.c:3332
 do_filp_open+0x11e/0x1b0 fs/namei.c:3373
 do_sys_openat2+0x52e/0x680 fs/open.c:1148
 do_sys_open+0xa2/0x110 fs/open.c:1164
 ksys_open include/linux/syscalls.h:1386 [inline]
 __do_sys_open fs/open.c:1170 [inline]
 __se_sys_open fs/open.c:1168 [inline]
 __x64_sys_open+0x50/0x60 fs/open.c:1168
 do_syscall_64+0xc7/0x3b0 arch/x86/entry/common.c:295
 entry_SYSCALL_64_after_hwframe+0x44/0xa9

read to 0xffff88812c01fd94 of 4 bytes by task 980 on cpu 1:
 print_cpu+0x275/0x670 kernel/time/timer_list.c:150
 timer_list_show+0xb5/0x140 kernel/time/timer_list.c:311
 seq_read+0x2ef/0x940 fs/seq_file.c:206
 pde_read fs/proc/inode.c:292 [inline]
 proc_reg_read+0x17f/0x1b0 fs/proc/inode.c:304
 do_loop_readv_writev fs/read_write.c:715 [inline]
 do_loop_readv_writev fs/read_write.c:702 [inline]
 do_iter_read+0x33f/0x3a0 fs/read_write.c:936
 vfs_readv+0x9c/0xf0 fs/read_write.c:1054
 kernel_readv fs/splice.c:365 [inline]
 default_file_splice_read+0x361/0x630 fs/splice.c:422
 do_splice_to+0xc7/0x100 fs/splice.c:892
 splice_direct_to_actor+0x1b9/0x540 fs/splice.c:971
 do_splice_direct+0x152/0x1d0 fs/splice.c:1080
 do_sendfile+0x380/0x800 fs/read_write.c:1521
 __do_sys_sendfile64 fs/read_write.c:1582 [inline]
 __se_sys_sendfile64 fs/read_write.c:1568 [inline]
 __x64_sys_sendfile64+0x121/0x140 fs/read_write.c:1568
 do_syscall_64+0xc7/0x3b0 arch/x86/entry/common.c:295
 entry_SYSCALL_64_after_hwframe+0x44/0xa9

Reported by Kernel Concurrency Sanitizer on:
CPU: 1 PID: 980 Comm: syz-executor.1 Not tainted 5.7.0-rc1-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
==================================================================

Crashes (18):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2020/06/08 14:56 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 7604bb03 .config console log report ci2-upstream-kcsan-gce
2020/06/03 02:10 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 f3ba1b5b .config console log report ci2-upstream-kcsan-gce
2020/06/02 21:43 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 52fd7b7d .config console log report ci2-upstream-kcsan-gce
2020/06/01 15:53 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 a0331e89 .config console log report ci2-upstream-kcsan-gce
2020/05/26 17:28 https://github.com/google/ktsan.git kcsan 7c3cd68e5d38 9072c126 .config console log report ci2-upstream-kcsan-gce
2020/03/26 23:34 https://github.com/google/ktsan.git kcsan 40959e34d670 6d25c5a0 .config console log report ci2-upstream-kcsan-gce
2020/03/09 02:39 https://github.com/google/ktsan.git kcsan 941e0d917bbf 2e9971bb .config console log report ci2-upstream-kcsan-gce
2020/03/06 03:27 https://github.com/google/ktsan.git kcsan 766d004d1b85 b655d91b .config console log report ci2-upstream-kcsan-gce
2020/02/29 11:13 https://github.com/google/ktsan.git kcsan 766d004d1b85 c88c7b75 .config console log report ci2-upstream-kcsan-gce
2020/02/20 04:02 https://github.com/google/ktsan.git kcsan b12d66a6c34f b690a6e3 .config console log report ci2-upstream-kcsan-gce
2020/02/09 04:02 https://github.com/google/ktsan.git kcsan f60f0f543333 06150bf1 .config console log report ci2-upstream-kcsan-gce
2020/02/08 04:40 https://github.com/google/ktsan.git kcsan 6cccb8ba35bd 06150bf1 .config console log report ci2-upstream-kcsan-gce
2020/02/06 17:52 https://github.com/google/ktsan.git kcsan 245a43005292 5be3a391 .config console log report ci2-upstream-kcsan-gce
2020/02/02 15:08 https://github.com/google/ktsan.git kcsan 245a43005292 93e5e335 .config console log report ci2-upstream-kcsan-gce
2020/01/28 10:55 https://github.com/google/ktsan.git kcsan 245a43005292 56cd6c9b .config console log report ci2-upstream-kcsan-gce
2020/01/21 17:15 https://github.com/google/ktsan.git kcsan 245a43005292 8eda0b95 .config console log report ci2-upstream-kcsan-gce
2020/01/20 09:20 https://github.com/google/ktsan.git kcsan 245a43005292 0342f8c7 .config console log report ci2-upstream-kcsan-gce
2020/01/14 13:09 https://github.com/google/ktsan.git kcsan 245a43005292 32881205 .config console log report ci2-upstream-kcsan-gce
* Struck through repros no longer work on HEAD.