syzbot

 sign-in | mailing list | source | docs
🐞 Open [1595]
Subsystems
🐞 Fixed [6149]
🐞 Invalid [15385]
Missing Backports [172]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

KCSAN: data-race in hrtimer_interrupt / print_tickdevice (15)

Status: moderation: reported on 2025/02/09 02:11
Subsystems: kernel
[Documentation on labels]
Reported-by: syzbot+82c16afe4c8d9e71876e@syzkaller.appspotmail.com
First crash: 52d, last: 1d00h
Similar bugs (14)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KCSAN: data-race in hrtimer_interrupt / print_tickdevice (6) kernel 5 984d 1008d 0/28 auto-closed as invalid on 2022/08/27 09:49
upstream KCSAN: data-race in hrtimer_interrupt / print_tickdevice (13) kernel 2 230d 237d 0/28 auto-obsoleted due to no activity on 2024/09/19 01:50
upstream KCSAN: data-race in hrtimer_interrupt / print_tickdevice (8) kernel 3 855d 879d 0/28 auto-obsoleted due to no activity on 2023/01/03 04:47
upstream KCSAN: data-race in hrtimer_interrupt / print_tickdevice (4) kernel 14 1120d 1285d 0/28 auto-closed as invalid on 2022/04/13 14:16
upstream KCSAN: data-race in hrtimer_interrupt / print_tickdevice (2) kernel 3 1421d 1425d 0/28 auto-closed as invalid on 2021/06/16 18:46
upstream KCSAN: data-race in hrtimer_interrupt / print_tickdevice (10) kernel 1 581d 581d 0/28 auto-obsoleted due to no activity on 2023/10/04 07:33
upstream KCSAN: data-race in hrtimer_interrupt / print_tickdevice (5) kernel 2 1057d 1057d 0/28 auto-closed as invalid on 2022/06/15 02:31
upstream KCSAN: data-race in hrtimer_interrupt / print_tickdevice (14) kernel 8 111d 180d 0/28 auto-obsoleted due to no activity on 2025/02/06 20:55
upstream KCSAN: data-race in hrtimer_interrupt / print_tickdevice (7) kernel 1 928d 928d 0/28 auto-obsoleted due to no activity on 2022/10/22 07:07
upstream KCSAN: data-race in hrtimer_interrupt / print_tickdevice (11) kernel 2 465d 478d 0/28 auto-obsoleted due to no activity on 2024/01/28 02:00
upstream KCSAN: data-race in hrtimer_interrupt / print_tickdevice (3) kernel 2 1335d 1370d 0/28 auto-closed as invalid on 2021/09/10 15:52
upstream KCSAN: data-race in hrtimer_interrupt / print_tickdevice kernel 1 1537d 1537d 0/28 auto-closed as invalid on 2021/02/20 21:54
upstream KCSAN: data-race in hrtimer_interrupt / print_tickdevice (12) kernel 1 336d 336d 0/28 auto-obsoleted due to no activity on 2024/06/05 19:29
upstream KCSAN: data-race in hrtimer_interrupt / print_tickdevice (9) kernel 20 647d 796d 0/28 auto-obsoleted due to no activity on 2023/07/30 02:27

Sample crash report:
BUG: KCSAN: data-race in hrtimer_interrupt / print_tickdevice

write to 0xffff888237c17318 of 8 bytes by interrupt on cpu 0:
 hrtimer_interrupt+0x80/0x4a0 kernel/time/hrtimer.c:1896
 local_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1038 [inline]
 __sysvec_apic_timer_interrupt+0x5c/0x1d0 arch/x86/kernel/apic/apic.c:1055
 instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1049 [inline]
 sysvec_apic_timer_interrupt+0x6e/0x80 arch/x86/kernel/apic/apic.c:1049
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702
 kcsan_setup_watchpoint+0x404/0x410 kernel/kcsan/core.c:705
 EXT4_SB fs/ext4/ext4.h:1769 [inline]
 ext4_page_mkwrite+0x23e/0xba0 fs/ext4/inode.c:6222
 do_page_mkwrite mm/memory.c:3253 [inline]
 do_shared_fault mm/memory.c:5487 [inline]
 do_fault mm/memory.c:5549 [inline]
 do_pte_missing mm/memory.c:4056 [inline]
 handle_pte_fault mm/memory.c:5890 [inline]
 __handle_mm_fault mm/memory.c:6033 [inline]
 handle_mm_fault+0x130c/0x2b30 mm/memory.c:6202
 do_user_addr_fault arch/x86/mm/fault.c:1337 [inline]
 handle_page_fault arch/x86/mm/fault.c:1480 [inline]
 exc_page_fault+0x3b9/0x650 arch/x86/mm/fault.c:1538
 asm_exc_page_fault+0x26/0x30 arch/x86/include/asm/idtentry.h:623

read to 0xffff888237c17318 of 8 bytes by task 6002 on cpu 1:
 print_tickdevice+0x144/0x340 kernel/time/timer_list.c:208
 timer_list_show+0x79/0x180 kernel/time/timer_list.c:300
 traverse+0x155/0x3c0 fs/seq_file.c:111
 seq_read_iter+0x89f/0x970 fs/seq_file.c:195
 proc_reg_read_iter+0x118/0x190 fs/proc/inode.c:299
 new_sync_read fs/read_write.c:489 [inline]
 vfs_read+0x5e6/0x710 fs/read_write.c:570
 ksys_pread64 fs/read_write.c:761 [inline]
 __do_sys_pread64 fs/read_write.c:769 [inline]
 __se_sys_pread64 fs/read_write.c:766 [inline]
 __x64_sys_pread64+0xfb/0x150 fs/read_write.c:766
 x64_sys_call+0x26ad/0x2e10 arch/x86/include/generated/asm/syscalls_64.h:18
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xc9/0x1c0 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

value changed: 0x0000000ccb368f9c -> 0x0000000ccb4014f4

Reported by Kernel Concurrency Sanitizer on:
CPU: 1 UID: 0 PID: 6002 Comm: syz.2.1193 Not tainted 6.14.0-syzkaller-11270-g08733088b566 #0 PREEMPT(voluntary) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
==================================================================

Crashes (4):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2025/04/01 22:58 upstream 08733088b566 b8645499 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in hrtimer_interrupt / print_tickdevice
2025/02/24 18:57 upstream d082ecbc71e9 d34966d1 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in hrtimer_interrupt / print_tickdevice
2025/02/16 10:53 upstream ad1b832bf1cf 40a34ec9 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in hrtimer_interrupt / print_tickdevice
2025/02/09 02:10 upstream 9946eaf552b1 ef44b750 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in hrtimer_interrupt / print_tickdevice
* Struck through repros no longer work on HEAD.