syzbot

 sign-in | mailing list | source | docs
🐞 Open [993] Subsystems 🐞 Fixed [5244] 🐞 Invalid [12515] Missing Backports [83] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

kernel BUG in io_queue_async_work

Status: auto-obsoleted due to no activity on 2022/09/27 02:18
Subsystems: fs io-uring
[Documentation on labels]
Reported-by: syzbot+d50e4f20cfad4510ec22@syzkaller.appspotmail.com
First crash: 1023d, last: 1015d
Cause bisection: failed (error log, bisect log)
  
Fix bisection: fixed by (bisect log) [merge commit]:
commit 0d18c12b288a177906e31fecfab58ca2243ffc02
Author: Linus Torvalds <torvalds@linux-foundation.org>
Date: Fri Jul 16 19:31:44 2021 +0000

  Merge tag 'block-5.14-2021-07-16' of git://git.kernel.dk/linux-block

  
Discussions (1)
Title Replies (including bot) Last reply
[syzbot] kernel BUG in io_queue_async_work 2 (5) 2021/07/13 11:02
Last patch testing requests (2)
Created Duration User Patch Repo Result
2022/09/27 01:30 19m retest repro upstream OK log
2021/07/13 08:37 20m asml.silence@gmail.com https://github.com/isilence/linux.git drain_fix_syztest OK

Sample crash report:
------------[ cut here ]------------
kernel BUG at fs/io_uring.c:1293!
invalid opcode: 0000 [#1] PREEMPT SMP KASAN
CPU: 1 PID: 8139 Comm: kworker/1:3 Tainted: G        W         5.14.0-rc1-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Workqueue: events io_fallback_req_func
RIP: 0010:io_queue_async_work+0x539/0x5f0 fs/io_uring.c:1293
Code: 89 be 89 00 00 00 48 c7 c7 40 53 9a 89 c6 05 de 38 78 0b 01 e8 72 6b 08 07 e9 6e ff ff ff e8 ee 68 95 ff 0f 0b e8 e7 68 95 ff <0f> 0b e8 e0 68 95 ff 0f 0b e9 1a fd ff ff e8 34 0f db ff e9 47 fb
RSP: 0018:ffffc9000c627ba8 EFLAGS: 00010293
RAX: 0000000000000000 RBX: ffff88802d256000 RCX: 0000000000000000
RDX: ffff888030f4e180 RSI: ffffffff81df55c9 RDI: ffff88802ef66a50
RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000019
R10: ffffffff81df517c R11: 000000000000000f R12: ffff8880441eb6c0
R13: 0000000000000019 R14: ffff88802d2560b0 R15: ffff8880441eb718
FS:  0000000000000000(0000) GS:ffff8880b9d00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 000000000049a01d CR3: 00000000396af000 CR4: 00000000001506e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 __io_queue_sqe+0x913/0xf10 fs/io_uring.c:6448
 io_req_task_submit+0x100/0x120 fs/io_uring.c:2020
 io_fallback_req_func+0x81/0xb0 fs/io_uring.c:2441
 process_one_work+0x98d/0x1630 kernel/workqueue.c:2276
 worker_thread+0x658/0x11f0 kernel/workqueue.c:2422
 kthread+0x3e5/0x4d0 kernel/kthread.c:319
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:295
Modules linked in:
---[ end trace aa15edd5dcdbd7e3 ]---
RIP: 0010:io_queue_async_work+0x539/0x5f0 fs/io_uring.c:1293
Code: 89 be 89 00 00 00 48 c7 c7 40 53 9a 89 c6 05 de 38 78 0b 01 e8 72 6b 08 07 e9 6e ff ff ff e8 ee 68 95 ff 0f 0b e8 e7 68 95 ff <0f> 0b e8 e0 68 95 ff 0f 0b e9 1a fd ff ff e8 34 0f db ff e9 47 fb
RSP: 0018:ffffc9000c627ba8 EFLAGS: 00010293
RAX: 0000000000000000 RBX: ffff88802d256000 RCX: 0000000000000000
RDX: ffff888030f4e180 RSI: ffffffff81df55c9 RDI: ffff88802ef66a50
RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000019
R10: ffffffff81df517c R11: 000000000000000f R12: ffff8880441eb6c0
R13: 0000000000000019 R14: ffff88802d2560b0 R15: ffff8880441eb718
FS:  0000000000000000(0000) GS:ffff8880b9d00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000020000444 CR3: 0000000042660000 CR4: 00000000001506e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400

Crashes (14):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2021/07/13 01:18 upstream 7fef2edf7cc7 f415556d .config console log report syz C ci-upstream-kasan-gce-selinux-root kernel BUG in io_queue_async_work
2021/07/17 03:46 upstream d936eb238744 f115ae98 .config console log report info ci-upstream-kasan-gce kernel BUG in io_queue_async_work
2021/07/16 18:25 upstream d936eb238744 f115ae98 .config console log report info ci-upstream-kasan-gce kernel BUG in io_queue_async_work
2021/07/14 14:58 upstream 40226a3d96ef 484502bd .config console log report info ci-upstream-kasan-gce-root kernel BUG in io_queue_async_work
2021/07/14 01:12 upstream 40226a3d96ef fa0594c3 .config console log report info ci-upstream-kasan-gce-selinux-root kernel BUG in io_queue_async_work
2021/07/14 00:50 upstream 40226a3d96ef fa0594c3 .config console log report info ci-upstream-kasan-gce kernel BUG in io_queue_async_work
2021/07/14 00:12 upstream 40226a3d96ef fa0594c3 .config console log report info ci-upstream-kasan-gce-smack-root kernel BUG in io_queue_async_work
2021/07/13 00:59 upstream 7fef2edf7cc7 f415556d .config console log report info ci-upstream-kasan-gce-root kernel BUG in io_queue_async_work
2021/07/12 21:52 upstream 7fef2edf7cc7 f415556d .config console log report info ci-upstream-kasan-gce-selinux-root kernel BUG in io_queue_async_work
2021/07/12 20:49 upstream 7fef2edf7cc7 f415556d .config console log report info ci-upstream-kasan-gce-selinux-root kernel BUG in io_queue_async_work
2021/07/12 19:08 upstream e73f0f0ee754 f415556d .config console log report info ci-upstream-kasan-gce-selinux-root kernel BUG in io_queue_async_work
2021/07/17 00:04 linux-next c1a6d08348fc f115ae98 .config console log report info ci-upstream-linux-next-kasan-gce-root kernel BUG in io_queue_async_work
2021/07/08 09:51 linux-next e2f74b13dbe6 95793bce .config console log report info ci-upstream-linux-next-kasan-gce-root kernel BUG in io_queue_async_work
2021/07/08 07:33 linux-next e2f74b13dbe6 95793bce .config console log report info ci-upstream-linux-next-kasan-gce-root kernel BUG in io_queue_async_work
* Struck through repros no longer work on HEAD.