syzbot

 sign-in | mailing list | source | docs
🐞 Open [994] Subsystems 🐞 Fixed [5244] 🐞 Invalid [12516] Missing Backports [83] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

KCSAN: data-race in __se_sys_io_uring_register / io_sqe_buffers_unregister

Status: auto-obsoleted due to no activity on 2024/04/17 08:29
Subsystems: io-uring
[Documentation on labels]
Reported-by: syzbot+18b8783ec00f525f7581@syzkaller.appspotmail.com
First crash: 45d, last: 45d

Sample crash report:
==================================================================
BUG: KCSAN: data-race in __se_sys_io_uring_register / io_sqe_buffers_unregister

read-write to 0xffff8881209d68bc of 4 bytes by task 27699 on cpu 1:
 io_sqe_buffers_unregister+0x5b/0xb0 io_uring/rsrc.c:798
 __io_uring_register io_uring/register.c:424 [inline]
 __do_sys_io_uring_register io_uring/register.c:613 [inline]
 __se_sys_io_uring_register+0xac2/0x11a0 io_uring/register.c:574
 __x64_sys_io_uring_register+0x55/0x70 io_uring/register.c:574
 do_syscall_64+0xd3/0x1d0
 entry_SYSCALL_64_after_hwframe+0x6d/0x75

read to 0xffff8881209d68bc of 4 bytes by task 27698 on cpu 0:
 __do_sys_io_uring_register io_uring/register.c:615 [inline]
 __se_sys_io_uring_register+0xaee/0x11a0 io_uring/register.c:574
 __x64_sys_io_uring_register+0x55/0x70 io_uring/register.c:574
 do_syscall_64+0xd3/0x1d0
 entry_SYSCALL_64_after_hwframe+0x6d/0x75

value changed: 0x00000001 -> 0x00000000

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 PID: 27698 Comm: syz-executor.2 Not tainted 6.8.0-syzkaller-02737-g1f440397665f #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/29/2024
==================================================================

Crashes (1):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2024/03/13 08:28 upstream 1f440397665f db5b7ff0 .config console log report info [disk image] [vmlinux] [kernel image] ci2-upstream-kcsan-gce KCSAN: data-race in __se_sys_io_uring_register / io_sqe_buffers_unregister
* Struck through repros no longer work on HEAD.