syzbot

 sign-in | mailing list | source | docs
🐞 Open [1621]
Subsystems
🐞 Fixed [6275]
🐞 Invalid [15945]
Missing Backports [189]
Crashes
Kernel Health Bugs/Month Bug Lifetimes Fuzzing
Total Repo Heatmap Subsystems Heatmap
💬 Send us feedback

KCSAN: data-race in hrtimer_interrupt / print_tickdevice (15)

Status: moderation: reported on 2025/02/09 02:11
Subsystems: kernel
[Documentation on labels]
Reported-by: syzbot+82c16afe4c8d9e71876e@syzkaller.appspotmail.com
First crash: 119d, last: 2d19h
Similar bugs (14)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KCSAN: data-race in hrtimer_interrupt / print_tickdevice (6) kernel 5 1051d 1075d 0/28 auto-closed as invalid on 2022/08/27 09:49
upstream KCSAN: data-race in hrtimer_interrupt / print_tickdevice (13) kernel 2 298d 304d 0/28 auto-obsoleted due to no activity on 2024/09/19 01:50
upstream KCSAN: data-race in hrtimer_interrupt / print_tickdevice (8) kernel 3 922d 946d 0/28 auto-obsoleted due to no activity on 2023/01/03 04:47
upstream KCSAN: data-race in hrtimer_interrupt / print_tickdevice (4) kernel 14 1187d 1352d 0/28 auto-closed as invalid on 2022/04/13 14:16
upstream KCSAN: data-race in hrtimer_interrupt / print_tickdevice (2) kernel 3 1488d 1492d 0/28 auto-closed as invalid on 2021/06/16 18:46
upstream KCSAN: data-race in hrtimer_interrupt / print_tickdevice (10) kernel 1 648d 648d 0/28 auto-obsoleted due to no activity on 2023/10/04 07:33
upstream KCSAN: data-race in hrtimer_interrupt / print_tickdevice (5) kernel 2 1124d 1124d 0/28 auto-closed as invalid on 2022/06/15 02:31
upstream KCSAN: data-race in hrtimer_interrupt / print_tickdevice (14) kernel 8 178d 248d 0/28 auto-obsoleted due to no activity on 2025/02/06 20:55
upstream KCSAN: data-race in hrtimer_interrupt / print_tickdevice (7) kernel 1 995d 995d 0/28 auto-obsoleted due to no activity on 2022/10/22 07:07
upstream KCSAN: data-race in hrtimer_interrupt / print_tickdevice (11) kernel 2 533d 546d 0/28 auto-obsoleted due to no activity on 2024/01/28 02:00
upstream KCSAN: data-race in hrtimer_interrupt / print_tickdevice (3) kernel 2 1402d 1437d 0/28 auto-closed as invalid on 2021/09/10 15:52
upstream KCSAN: data-race in hrtimer_interrupt / print_tickdevice kernel 1 1604d 1604d 0/28 auto-closed as invalid on 2021/02/20 21:54
upstream KCSAN: data-race in hrtimer_interrupt / print_tickdevice (12) kernel 1 403d 403d 0/28 auto-obsoleted due to no activity on 2024/06/05 19:29
upstream KCSAN: data-race in hrtimer_interrupt / print_tickdevice (9) kernel 20 714d 864d 0/28 auto-obsoleted due to no activity on 2023/07/30 02:27

Sample crash report:
==================================================================
BUG: KCSAN: data-race in hrtimer_interrupt / print_tickdevice

write to 0xffff888237c17758 of 8 bytes by interrupt on cpu 0:
 hrtimer_interrupt+0x7d/0x460 kernel/time/hrtimer.c:1866
 local_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1039 [inline]
 __sysvec_apic_timer_interrupt+0x5c/0x1d0 arch/x86/kernel/apic/apic.c:1056
 instr_sysvec_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1050 [inline]
 sysvec_apic_timer_interrupt+0x6f/0x80 arch/x86/kernel/apic/apic.c:1050
 asm_sysvec_apic_timer_interrupt+0x1a/0x20 arch/x86/include/asm/idtentry.h:702
 kcsan_setup_watchpoint+0x415/0x430 kernel/kcsan/core.c:705
 fat_get_entry+0x3c/0x5d0 fs/fat/dir.c:121
 fat_get_short_entry fs/fat/dir.c:885 [inline]
 fat_subdirs+0xf6/0x190 fs/fat/dir.c:951
 fat_read_root+0x316/0x360 fs/fat/inode.c:1345
 fat_fill_super+0x15bf/0x1ce0 fs/fat/inode.c:1814
 vfat_fill_super+0x24/0x30 fs/fat/namei_vfat.c:1197
 get_tree_bdev_flags+0x291/0x300 fs/super.c:1679
 get_tree_bdev+0x1f/0x30 fs/super.c:1702
 vfat_get_tree+0x1c/0x30 fs/fat/namei_vfat.c:1202
 vfs_get_tree+0x54/0x1d0 fs/super.c:1802
 do_new_mount+0x207/0x680 fs/namespace.c:3856
 path_mount+0x4a4/0xb20 fs/namespace.c:4180
 do_mount fs/namespace.c:4193 [inline]
 __do_sys_mount fs/namespace.c:4404 [inline]
 __se_sys_mount+0x28f/0x2e0 fs/namespace.c:4381
 __x64_sys_mount+0x67/0x80 fs/namespace.c:4381
 x64_sys_call+0xd36/0x2fb0 arch/x86/include/generated/asm/syscalls_64.h:166
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xd2/0x200 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

read to 0xffff888237c17758 of 8 bytes by task 19746 on cpu 1:
 print_tickdevice+0x142/0x340 kernel/time/timer_list.c:208
 timer_list_show+0x6c/0x170 kernel/time/timer_list.c:300
 seq_read_iter+0x62a/0x940 fs/seq_file.c:272
 proc_reg_read_iter+0x110/0x180 fs/proc/inode.c:299
 copy_splice_read+0x3c1/0x5f0 fs/splice.c:363
 do_splice_read fs/splice.c:979 [inline]
 splice_direct_to_actor+0x26c/0x680 fs/splice.c:1083
 do_splice_direct_actor fs/splice.c:1201 [inline]
 do_splice_direct+0xda/0x150 fs/splice.c:1227
 do_sendfile+0x380/0x650 fs/read_write.c:1370
 __do_sys_sendfile64 fs/read_write.c:1431 [inline]
 __se_sys_sendfile64 fs/read_write.c:1417 [inline]
 __x64_sys_sendfile64+0x105/0x150 fs/read_write.c:1417
 x64_sys_call+0xb39/0x2fb0 arch/x86/include/generated/asm/syscalls_64.h:41
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0xd2/0x200 arch/x86/entry/syscall_64.c:94
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

value changed: 0x000000535d1582ab -> 0x000000535d1d89ab

Reported by Kernel Concurrency Sanitizer on:
CPU: 1 UID: 0 PID: 19746 Comm: syz.4.5658 Not tainted 6.15.0-syzkaller-12426-ge271ed52b344 #0 PREEMPT(voluntary) 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
==================================================================

Crashes (7):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2025/06/06 06:54 upstream e271ed52b344 6b6b5f21 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in hrtimer_interrupt / print_tickdevice
2025/05/29 11:40 upstream 90b83efa6701 3d2f584d .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in hrtimer_interrupt / print_tickdevice
2025/04/22 03:23 upstream a33b5a08cbbd 2a20f901 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in hrtimer_interrupt / print_tickdevice
2025/04/01 22:58 upstream 08733088b566 b8645499 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in hrtimer_interrupt / print_tickdevice
2025/02/24 18:57 upstream d082ecbc71e9 d34966d1 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in hrtimer_interrupt / print_tickdevice
2025/02/16 10:53 upstream ad1b832bf1cf 40a34ec9 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in hrtimer_interrupt / print_tickdevice
2025/02/09 02:10 upstream 9946eaf552b1 ef44b750 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in hrtimer_interrupt / print_tickdevice
* Struck through repros no longer work on HEAD.