KCSAN: data-race in __mod_timer / expire

KCSAN: data-race in __mod_timer / expire_timers
Status: moderation: reported on 2020/07/05 18:41
Reported-by: syzbot+aa7c2385d46c5eba0b89@syzkaller.appspotmail.com
First crash: 261d, last: 2d10h

Sample crash report:

==================================================================
BUG: KCSAN: data-race in __mod_timer / expire_timers

write to 0xffff88813bc1b908 of 8 bytes by interrupt on cpu 0:
 expire_timers+0x11e/0x260 kernel/time/timer.c:1477
 __run_timers+0x358/0x3f0 kernel/time/timer.c:1745
 run_timer_softirq+0x19/0x30 kernel/time/timer.c:1758
 __do_softirq+0x13c/0x2c3 kernel/softirq.c:345
 invoke_softirq kernel/softirq.c:221 [inline]
 __irq_exit_rcu+0xb4/0xc0 kernel/softirq.c:422
 sysvec_apic_timer_interrupt+0x6e/0x80 arch/x86/kernel/apic/apic.c:1100
 asm_sysvec_apic_timer_interrupt+0x12/0x20 arch/x86/include/asm/idtentry.h:632
 smap_restore arch/x86/include/asm/smap.h:71 [inline]
 kcsan_setup_watchpoint+0x436/0x470 kernel/kcsan/core.c:590
 zap_pte_range+0x22a/0x13f0 mm/memory.c:1261
 zap_pmd_range mm/memory.c:1380 [inline]
 zap_pud_range mm/memory.c:1409 [inline]
 zap_p4d_range mm/memory.c:1430 [inline]
 unmap_page_range+0x540/0x650 mm/memory.c:1451
 unmap_single_vma+0x157/0x210 mm/memory.c:1496
 unmap_vmas+0xc0/0x170 mm/memory.c:1528
 exit_mmap+0x1be/0x400 mm/mmap.c:3218
 __mmput+0xa2/0x220 kernel/fork.c:1082
 mmput+0x3d/0x50 kernel/fork.c:1103
 exit_mm+0x344/0x430 kernel/exit.c:501
 do_exit+0x3ff/0x1670 kernel/exit.c:812
 do_group_exit+0xa4/0x180 kernel/exit.c:922
 __do_sys_exit_group+0xb/0x10 kernel/exit.c:933
 __se_sys_exit_group+0x5/0x10 kernel/exit.c:931
 __x64_sys_exit_group+0x16/0x20 kernel/exit.c:931
 do_syscall_64+0x39/0x80 arch/x86/entry/common.c:46
 entry_SYSCALL_64_after_hwframe+0x44/0xae

read to 0xffff88813bc1b908 of 8 bytes by task 3135 on cpu 1:
 __mod_timer+0x44e/0xc10 kernel/time/timer.c:1035
 add_timer+0x38/0x50 kernel/time/timer.c:1142
 __queue_delayed_work+0xec/0x150 kernel/workqueue.c:1655
 queue_delayed_work_on+0x6f/0xd0 kernel/workqueue.c:1680
 queue_delayed_work include/linux/workqueue.h:522 [inline]
 wb_wakeup_delayed+0x95/0xb0 mm/backing-dev.c:270
 wb_workfn+0x2ad/0x430 fs/fs-writeback.c:2108
 process_one_work+0x3e1/0x950 kernel/workqueue.c:2275
 worker_thread+0x616/0xa70 kernel/workqueue.c:2421
 kthread+0x20b/0x230 kernel/kthread.c:292
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:294

Reported by Kernel Concurrency Sanitizer on:
CPU: 1 PID: 3135 Comm: kworker/u4:4 Not tainted 5.12.0-rc1-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Workqueue: writeback wb_workfn (flush-8:0)
==================================================================

Crashes (329):
Manager	Time	Kernel	Commit	Syzkaller	Config	Log	Report	VM info	Title
ci2-upstream-kcsan-gce	2021/03/04 17:52	upstream	f69d02e3	f89ed068	.config	log	report	info	KCSAN: data-race in __mod_timer / expire_timers
ci2-upstream-kcsan-gce	2021/02/22 14:18	upstream	31caf8b2	c26fb06b	.config	log	report	info	KCSAN: data-race in __mod_timer / expire_timers
ci2-upstream-kcsan-gce	2021/02/20 10:27	upstream	f40ddce8	3e5ed8b4	.config	log	report	info	KCSAN: data-race in __mod_timer / expire_timers
ci2-upstream-kcsan-gce	2021/02/19 15:12	upstream	f40ddce8	f689d40a	.config	log	report	info	KCSAN: data-race in __mod_timer / expire_timers
ci2-upstream-kcsan-gce	2021/02/15 01:56	upstream	f40ddce8	98682e5e	.config	log	report	info	KCSAN: data-race in __mod_timer / expire_timers
ci2-upstream-kcsan-gce	2021/02/14 12:24	upstream	358fecee	98682e5e	.config	log	report	info	KCSAN: data-race in __mod_timer / expire_timers
ci2-upstream-kcsan-gce	2021/02/10 22:15	upstream	291009f6	a52ee10a	.config	log	report	info	KCSAN: data-race in __mod_timer / expire_timers
ci2-upstream-kcsan-gce	2021/02/08 11:37	upstream	92bf2261	2ce644fc	.config	log	report	info	KCSAN: data-race in __mod_timer / expire_timers
ci2-upstream-kcsan-gce	2021/02/06 23:43	upstream	964d069f	0655e081	.config	log	report	info	KCSAN: data-race in __mod_timer / expire_timers
ci2-upstream-kcsan-gce	2021/02/06 02:45	upstream	1e0d27fc	23a562df	.config	log	report	info	KCSAN: data-race in __mod_timer / expire_timers
ci2-upstream-kcsan-gce	2021/02/05 13:45	upstream	dd86e7fa	23a562df	.config	log	report	info	KCSAN: data-race in __mod_timer / expire_timers
ci2-upstream-kcsan-gce	2021/02/05 02:02	upstream	5c279c4c	23a562df	.config	log	report	info	KCSAN: data-race in __mod_timer / expire_timers
ci2-upstream-kcsan-gce	2021/01/31 12:48	upstream	6642d600	fc9fd31e	.config	log	report	info	KCSAN: data-race in __mod_timer / expire_timers
ci2-upstream-kcsan-gce	2021/01/28 19:59	upstream	e5ff2cb9	7df34f59	.config	log	report	info	KCSAN: data-race in __mod_timer / expire_timers
ci2-upstream-kcsan-gce	2021/01/27 20:01	upstream	76c057c8	a57db36f	.config	log	report	info	KCSAN: data-race in __mod_timer / expire_timers
ci2-upstream-kcsan-gce	2021/01/27 18:06	upstream	2ab38c17	a57db36f	.config	log	report	info	KCSAN: data-race in __mod_timer / expire_timers
ci2-upstream-kcsan-gce	2021/01/24 19:21	upstream	e6806137	52e37319	.config	log	report	info	KCSAN: data-race in __mod_timer / expire_timers
ci2-upstream-kcsan-gce	2021/01/22 21:13	upstream	83d09ad4	52e37319	.config	log	report	info	KCSAN: data-race in __mod_timer / expire_timers
ci2-upstream-kcsan-gce	2021/01/21 14:24	upstream	9791581c	d4f4eca5	.config	log	report	info	KCSAN: data-race in __mod_timer / expire_timers
ci2-upstream-kcsan-gce	2021/01/20 22:30	upstream	75439bc4	d4f4eca5	.config	log	report	info	KCSAN: data-race in __mod_timer / expire_timers
ci2-upstream-kcsan-gce	2021/01/20 05:47	upstream	45dfb8a5	63631df1	.config	log	report	info	KCSAN: data-race in __mod_timer / expire_timers
ci2-upstream-kcsan-gce	2021/01/18 22:24	upstream	1e2a199f	63631df1	.config	log	report	info	KCSAN: data-race in __mod_timer / expire_timers
ci2-upstream-kcsan-gce	2021/01/18 04:26	upstream	19c329f6	fd103621	.config	log	report	info	KCSAN: data-race in __mod_timer / expire_timers
ci2-upstream-kcsan-gce	2021/01/14 23:57	upstream	14662050	468dbb55	.config	log	report	info
ci2-upstream-kcsan-gce	2021/01/13 23:30	upstream	65f0d241	269d24e8	.config	log	report	info
ci2-upstream-kcsan-gce	2021/01/13 21:15	upstream	65f0d241	a945f0a3	.config	log	report	info
ci2-upstream-kcsan-gce	2021/01/12 19:46	upstream	e609571b	0cdd6185	.config	log	report	info
ci2-upstream-kcsan-gce	2021/01/09 11:22	upstream	996e435f	a6c52263	.config	log	report	info
ci2-upstream-kcsan-gce	2021/01/06 23:48	upstream	71c061d2	c104d4a3	.config	log	report	info
ci2-upstream-kcsan-gce	2021/01/05 21:23	upstream	6207214a	a0234d98	.config	log	report	info
ci2-upstream-kcsan-gce	2021/01/04 21:39	upstream	36bbbd0e	2a28ff1f	.config	log	report	info
ci2-upstream-kcsan-gce	2021/01/02 21:43	upstream	3516bd72	79264ae3	.config	log	report	info
ci2-upstream-kcsan-gce	2020/12/31 14:17	upstream	f6e1ea19	79264ae3	.config	log	report	info
ci2-upstream-kcsan-gce	2020/12/31 02:37	upstream	f6e1ea19	5cc121d6	.config	log	report	info
ci2-upstream-kcsan-gce	2020/12/29 06:40	upstream	dea8dcf2	8259d56c	.config	log	report	info
ci2-upstream-kcsan-gce	2020/12/29 05:19	upstream	dea8dcf2	8259d56c	.config	log	report	info
ci2-upstream-kcsan-gce	2020/12/28 21:13	upstream	c76e02c5	8259d56c	.config	log	report	info
ci2-upstream-kcsan-gce	2020/12/28 17:48	upstream	5c8fe583	8259d56c	.config	log	report	info
ci2-upstream-kcsan-gce	2020/12/27 14:17	upstream	f838f8d2	2242f77f	.config	log	report	info
ci2-upstream-kcsan-gce	2020/12/25 09:55	upstream	71c5f031	b982b3ea	.config	log	report	info
ci2-upstream-kcsan-gce	2020/12/24 23:04	upstream	3913d00a	c2c1d1dd	.config	log	report	info
ci2-upstream-kcsan-gce	2020/12/23 11:47	upstream	614cb589	c2c1d1dd	.config	log	report	info
ci2-upstream-kcsan-gce	2020/12/19 22:43	upstream	467f8165	04201c06	.config	log	report	info
ci2-upstream-kcsan-gce	2020/12/19 02:33	upstream	3644e2d2	04201c06	.config	log	report	info
ci2-upstream-kcsan-gce	2020/12/18 12:17	upstream	a409ed15	04201c06	.config	log	report	info
ci2-upstream-kcsan-gce	2020/12/17 22:38	upstream	d64c6f96	04201c06	.config	log	report	info
ci2-upstream-kcsan-gce	2020/12/16 20:12	upstream	5e60366d	04201c06	.config	log	report	info
ci2-upstream-kcsan-gce	2020/12/15 23:04	upstream	d635a69d	f213e07e	.config	log	report	info
ci2-upstream-kcsan-gce	2020/12/15 18:47	upstream	148842c9	f213e07e	.config	log	report	info
ci2-upstream-kcsan-gce	2020/12/15 10:30	upstream	148842c9	97183ed7	.config	log	report	info
ci2-upstream-kcsan-gce	2020/12/14 19:53	upstream	2c85ebc5	97183ed7	.config	log	report	info
ci2-upstream-kcsan-gce	2020/07/05 00:56	upstream	35e884f8	24d7f505	.config	log	report
ci2-upstream-kcsan-gce	2020/06/18 14:06	upstream	1b504402	3ea11d3f	.config	log	report