Hello,
syzbot found the following issue on:
HEAD commit: 4fa640dc Merge tag 'vfio-v5.8-rc7' of git://
github.com/awi..
git tree: upstream
console output:
https://syzkaller.appspot.com/x/log.txt?x=146f08ff100000
kernel config:
https://syzkaller.appspot.com/x/.config?x=f1297bd8e780a21f
dashboard link:
https://syzkaller.appspot.com/bug?extid=63cbe31877bb80ef58f5
compiler: clang version 11.0.0 (
https://github.com/llvm/llvm-project.git ca2dcbd030eadbf0aa9b660efe864ff08af6e18b)
CC: [
alsa-...@alsa-project.org linux-...@vger.kernel.org pe...@perex.cz ti...@suse.com]
Unfortunately, I don't have any reproducer for this issue yet.
IMPORTANT: if you fix the issue, please add the following tag to the commit:
Reported-by:
syzbot+63cbe3...@syzkaller.appspotmail.com
==================================================================
BUG: KCSAN: data-race in snd_seq_check_queue / snd_seq_control_queue
write to 0xffff88806ba78a24 of 1 bytes by interrupt on cpu 1:
snd_seq_check_queue+0x251/0x290 sound/core/seq/seq_queue.c:283
snd_seq_timer_interrupt+0x228/0x240 sound/core/seq/seq_timer.c:158
snd_timer_process_callbacks sound/core/timer.c:796 [inline]
snd_timer_interrupt+0xa7c/0xb50 sound/core/timer.c:919
snd_hrtimer_callback+0x13a/0x220 sound/core/hrtimer.c:50
__run_hrtimer+0x154/0x4b0 kernel/time/hrtimer.c:1520
__hrtimer_run_queues kernel/time/hrtimer.c:1584 [inline]
hrtimer_interrupt+0x37c/0xa40 kernel/time/hrtimer.c:1646
local_apic_timer_interrupt arch/x86/kernel/apic/apic.c:1080 [inline]
__sysvec_apic_timer_interrupt+0xa3/0x280 arch/x86/kernel/apic/apic.c:1097
asm_call_on_stack+0xf/0x20 arch/x86/entry/entry_64.S:711
__run_on_irqstack arch/x86/include/asm/irq_stack.h:22 [inline]
run_on_irqstack_cond arch/x86/include/asm/irq_stack.h:48 [inline]
sysvec_apic_timer_interrupt+0x80/0xd0 arch/x86/kernel/apic/apic.c:1091
asm_sysvec_apic_timer_interrupt+0x12/0x20 arch/x86/include/asm/idtentry.h:585
arch_local_irq_restore arch/x86/include/asm/paravirt.h:770 [inline]
kcsan_setup_watchpoint+0x47c/0x4d0 kernel/kcsan/core.c:542
tomoyo_domain_quota_is_ok+0xa9/0x2d0 security/tomoyo/util.c:1039
tomoyo_supervisor+0x1f4/0xb30 security/tomoyo/common.c:2089
tomoyo_audit_path_log security/tomoyo/file.c:168 [inline]
tomoyo_path_permission security/tomoyo/file.c:587 [inline]
tomoyo_check_open_permission+0x2d0/0x370 security/tomoyo/file.c:780
tomoyo_file_open+0xd0/0xe0 security/tomoyo/tomoyo.c:313
security_file_open+0x3f/0x90 security/security.c:1574
do_dentry_open+0x27c/0x8e0 fs/open.c:815
vfs_open+0x43/0x50 fs/open.c:942
do_open fs/namei.c:3243 [inline]
path_openat+0x185f/0x20e0 fs/namei.c:3360
do_filp_open+0xbd/0x1d0 fs/namei.c:3387
do_sys_openat2+0x33c/0x4a0 fs/open.c:1179
do_sys_open fs/open.c:1195 [inline]
ksys_open include/linux/syscalls.h:1388 [inline]
__do_sys_open fs/open.c:1201 [inline]
__se_sys_open fs/open.c:1199 [inline]
__x64_sys_open+0xe2/0x110 fs/open.c:1199
do_syscall_64+0x51/0xb0 arch/x86/entry/common.c:384
entry_SYSCALL_64_after_hwframe+0x44/0xa9
read to 0xffff88806ba78a24 of 1 bytes by task 9284 on cpu 0:
queue_access_unlock sound/core/seq/seq_queue.c:370 [inline]
snd_seq_control_queue+0x4f2/0x550 sound/core/seq/seq_queue.c:734
event_input_timer+0x1e/0x30 sound/core/seq/seq_system.c:103
snd_seq_deliver_single_event+0x31b/0x4f0 sound/core/seq/seq_clientmgr.c:638
snd_seq_deliver_event+0x192/0x4a0 sound/core/seq/seq_clientmgr.c:839
snd_seq_dispatch_event+0x14c/0x270 sound/core/seq/seq_clientmgr.c:913
snd_seq_check_queue+0xfe/0x290 sound/core/seq/seq_queue.c:264
snd_seq_enqueue_event+0x275/0x2b0 sound/core/seq/seq_queue.c:333
snd_seq_client_enqueue_event+0x206/0x2a0 sound/core/seq/seq_clientmgr.c:974
snd_seq_write+0x435/0x550 sound/core/seq/seq_clientmgr.c:1093
vfs_write+0x1d6/0x690 fs/read_write.c:576
ksys_write+0xce/0x180 fs/read_write.c:631
__do_sys_write fs/read_write.c:643 [inline]
__se_sys_write fs/read_write.c:640 [inline]
__x64_sys_write+0x3e/0x50 fs/read_write.c:640
do_syscall_64+0x51/0xb0 arch/x86/entry/common.c:384
entry_SYSCALL_64_after_hwframe+0x44/0xa9
Reported by Kernel Concurrency Sanitizer on:
CPU: 0 PID: 9284 Comm: syz-executor.5 Not tainted 5.8.0-rc6-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
==================================================================
---
This report is generated by a bot. It may contain errors.
See
https://goo.gl/tpsmEJ for more information about syzbot.
syzbot engineers can be reached at
syzk...@googlegroups.com.
syzbot will keep track of this issue. See:
https://goo.gl/tpsmEJ#status for how to communicate with syzbot.