[moderation] [input?] KCSAN: data-race in evdev_pass_values / evdev_poll (8)
0 views
Skip to first unread message
syzbot
Mar 30, 2024, 4:18:19 AMMar 30
to syzkaller-upst...@googlegroups.com
Hello,
syzbot found the following issue on:
HEAD commit: 4535e1a4174c x86/bugs: Fix the SRSO mitigation on Zen3/4
git tree: upstream
console output: https://syzkaller.appspot.com/x/log.txt?x=114ac3c6180000
kernel config: https://syzkaller.appspot.com/x/.config?x=aa27611f143168c9
dashboard link: https://syzkaller.appspot.com/bug?extid=97eed190b9be13f2fb78
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
CC: [dmitry....@gmail.com linux...@vger.kernel.org linux-...@vger.kernel.org]
Unfortunately, I don't have any reproducer for this issue yet.
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/a2a278a8c64b/disk-4535e1a4.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/281650213121/vmlinux-4535e1a4.xz
kernel image: https://storage.googleapis.com/syzbot-assets/2498c83ebc58/bzImage-4535e1a4.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+97eed1...@syzkaller.appspotmail.com
==================================================================
BUG: KCSAN: data-race in evdev_pass_values / evdev_poll
write to 0xffff888103dba808 of 4 bytes by task 8916 on cpu 0:
__pass_event drivers/input/evdev.c:239 [inline]
evdev_pass_values+0x3ac/0x510 drivers/input/evdev.c:278
evdev_events+0x90/0xd0 drivers/input/evdev.c:306
input_to_handler drivers/input/input.c:129 [inline]
input_pass_values+0x309/0x790 drivers/input/input.c:161
input_event_dispose+0x251/0x320 drivers/input/input.c:378
input_handle_event+0xac4/0xb00 drivers/input/input.c:406
input_inject_event+0xd1/0x100 drivers/input/input.c:465
evdev_write+0x334/0x420 drivers/input/evdev.c:530
vfs_write+0x28b/0x8e0 fs/read_write.c:588
ksys_write+0xeb/0x1b0 fs/read_write.c:643
__do_sys_write fs/read_write.c:655 [inline]
__se_sys_write fs/read_write.c:652 [inline]
__x64_sys_write+0x42/0x50 fs/read_write.c:652
do_syscall_64+0xd3/0x1d0
entry_SYSCALL_64_after_hwframe+0x72/0x7a
read to 0xffff888103dba808 of 4 bytes by task 2765 on cpu 1:
evdev_poll+0xe4/0x120 drivers/input/evdev.c:623
vfs_poll include/linux/poll.h:84 [inline]
do_select+0x959/0xfa0 fs/select.c:538
core_sys_select+0x362/0x530 fs/select.c:681
do_pselect fs/select.c:763 [inline]
__do_sys_pselect6 fs/select.c:804 [inline]
__se_sys_pselect6+0x213/0x280 fs/select.c:795
__x64_sys_pselect6+0x78/0x90 fs/select.c:795
do_syscall_64+0xd3/0x1d0
entry_SYSCALL_64_after_hwframe+0x72/0x7a
value changed: 0x00000007 -> 0x00000009
Reported by Kernel Concurrency Sanitizer on:
CPU: 1 PID: 2765 Comm: acpid Tainted: G W 6.9.0-rc1-syzkaller-00206-g4535e1a4174c #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
==================================================================
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
If the report is already addressed, let syzbot know by replying with:
#syz fix: exact-commit-title
If you want to overwrite report's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)
If the report is a duplicate of another one, reply with:
#syz dup: exact-subject-of-another-report
If you want to undo deduplication, reply with:
#syz undup
syzbot found the following issue on:
HEAD commit: 4535e1a4174c x86/bugs: Fix the SRSO mitigation on Zen3/4
git tree: upstream
console output: https://syzkaller.appspot.com/x/log.txt?x=114ac3c6180000
kernel config: https://syzkaller.appspot.com/x/.config?x=aa27611f143168c9
dashboard link: https://syzkaller.appspot.com/bug?extid=97eed190b9be13f2fb78
compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
CC: [dmitry....@gmail.com linux...@vger.kernel.org linux-...@vger.kernel.org]
Unfortunately, I don't have any reproducer for this issue yet.
Downloadable assets:
disk image: https://storage.googleapis.com/syzbot-assets/a2a278a8c64b/disk-4535e1a4.raw.xz
vmlinux: https://storage.googleapis.com/syzbot-assets/281650213121/vmlinux-4535e1a4.xz
kernel image: https://storage.googleapis.com/syzbot-assets/2498c83ebc58/bzImage-4535e1a4.xz
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by: syzbot+97eed1...@syzkaller.appspotmail.com
==================================================================
BUG: KCSAN: data-race in evdev_pass_values / evdev_poll
write to 0xffff888103dba808 of 4 bytes by task 8916 on cpu 0:
__pass_event drivers/input/evdev.c:239 [inline]
evdev_pass_values+0x3ac/0x510 drivers/input/evdev.c:278
evdev_events+0x90/0xd0 drivers/input/evdev.c:306
input_to_handler drivers/input/input.c:129 [inline]
input_pass_values+0x309/0x790 drivers/input/input.c:161
input_event_dispose+0x251/0x320 drivers/input/input.c:378
input_handle_event+0xac4/0xb00 drivers/input/input.c:406
input_inject_event+0xd1/0x100 drivers/input/input.c:465
evdev_write+0x334/0x420 drivers/input/evdev.c:530
vfs_write+0x28b/0x8e0 fs/read_write.c:588
ksys_write+0xeb/0x1b0 fs/read_write.c:643
__do_sys_write fs/read_write.c:655 [inline]
__se_sys_write fs/read_write.c:652 [inline]
__x64_sys_write+0x42/0x50 fs/read_write.c:652
do_syscall_64+0xd3/0x1d0
entry_SYSCALL_64_after_hwframe+0x72/0x7a
read to 0xffff888103dba808 of 4 bytes by task 2765 on cpu 1:
evdev_poll+0xe4/0x120 drivers/input/evdev.c:623
vfs_poll include/linux/poll.h:84 [inline]
do_select+0x959/0xfa0 fs/select.c:538
core_sys_select+0x362/0x530 fs/select.c:681
do_pselect fs/select.c:763 [inline]
__do_sys_pselect6 fs/select.c:804 [inline]
__se_sys_pselect6+0x213/0x280 fs/select.c:795
__x64_sys_pselect6+0x78/0x90 fs/select.c:795
do_syscall_64+0xd3/0x1d0
entry_SYSCALL_64_after_hwframe+0x72/0x7a
value changed: 0x00000007 -> 0x00000009
Reported by Kernel Concurrency Sanitizer on:
CPU: 1 PID: 2765 Comm: acpid Tainted: G W 6.9.0-rc1-syzkaller-00206-g4535e1a4174c #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
==================================================================
---
This report is generated by a bot. It may contain errors.
See https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.
If the report is already addressed, let syzbot know by replying with:
#syz fix: exact-commit-title
If you want to overwrite report's subsystems, reply with:
#syz set subsystems: new-subsystem
(See the list of subsystem names on the web dashboard)
If the report is a duplicate of another one, reply with:
#syz dup: exact-subject-of-another-report
If you want to undo deduplication, reply with:
#syz undup
Reply all
Reply to author
Forward
0 new messages