syzbot


INFO: task hung in io_uring_cancel_generic
Status: upstream: reported C repro on 2021/07/11 12:24
Reported-by: syzbot+ba6fcd859210f4e9e109@syzkaller.appspotmail.com
Fix commit: 1b48773f9fd0 io_uring: fix io_drain_req()
Patched on: [ci-qemu-upstream ci-qemu-upstream-386 ci-qemu2-arm64 ci-qemu2-arm64-compat ci-qemu2-arm64-mte ci-qemu2-riscv64 ci-upstream-bpf-kasan-gce ci-upstream-bpf-next-kasan-gce ci-upstream-gce-leak ci-upstream-kasan-gce ci-upstream-kasan-gce-386 ci-upstream-kasan-gce-root ci-upstream-kasan-gce-selinux-root ci-upstream-kasan-gce-smack-root ci-upstream-linux-next-kasan-gce-root ci-upstream-net-kasan-gce ci-upstream-net-this-kasan-gce ci2-upstream-kcsan-gce ci2-upstream-usb], missing on: [ci-qemu2-arm32 ci-upstream-kmsan-gce ci-upstream-kmsan-gce-386]
First crash: 72d, last: 8d20h

Cause bisection: introduced by (bisect log) [no-op commit]:
commit b9fc8b4a591811546fec2dbef7e9f809362100c9
Author: Grant Seltzer <grantseltzer@gmail.com>
Date: Mon Feb 22 19:58:46 2021 +0000

  bpf: Add kernel/modules BTF presence checks to bpftool feature command

Crash: KASAN: invalid-free in io_req_caches_free (log)
Repro: C syz .config
Patch testing requests:
Created Duration User Patch Repo Result
2021/07/11 21:44 19m asml.silence@gmail.com https://github.com/isilence/linux.git drain_fix_syztest OK
2021/07/11 14:45 13m axboe@kernel.dk git://git.kernel.dk/linux-block io_uring-5.14-test report log
2021/07/11 13:54 17m axboe@kernel.dk git://git.kernel.dk/linux-block io_uring-5.14 error

Sample crash report:

Crashes (15):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Title
ci-upstream-kasan-gce-root 2021/07/07 14:17 upstream 3dbdb38e2869 4846d5c1 .config log report syz C INFO: task hung in io_uring_cancel_generic
ci-upstream-kasan-gce-selinux-root 2021/07/07 12:12 upstream 3dbdb38e2869 4846d5c1 .config log report syz C INFO: task hung in io_uring_cancel_generic
ci-upstream-kasan-gce-selinux-root 2021/09/08 12:06 upstream ac08b1c68d1b e2776ee4 .config log report info INFO: task hung in io_uring_cancel_generic
ci-upstream-kasan-gce-root 2021/07/13 05:34 upstream 7fef2edf7cc7 f415556d .config log report info INFO: task hung in io_uring_cancel_generic
ci-upstream-kasan-gce-selinux-root 2021/07/12 11:05 upstream e73f0f0ee754 a4869c92 .config log report info INFO: task hung in io_uring_cancel_generic
ci-upstream-kasan-gce-root 2021/07/12 11:00 upstream e73f0f0ee754 a4869c92 .config log report info INFO: task hung in io_uring_cancel_generic
ci-upstream-kasan-gce 2021/07/12 11:00 upstream e73f0f0ee754 a4869c92 .config log report info INFO: task hung in io_uring_cancel_generic
ci-upstream-kasan-gce-smack-root 2021/07/12 10:58 upstream e73f0f0ee754 a4869c92 .config log report info INFO: task hung in io_uring_cancel_generic
ci-upstream-kasan-gce-smack-root 2021/07/07 13:02 upstream 3dbdb38e2869 4846d5c1 .config log report info INFO: task hung in io_uring_cancel_generic
ci-upstream-kasan-gce-root 2021/07/07 11:31 upstream 3dbdb38e2869 4846d5c1 .config log report info INFO: task hung in io_uring_cancel_generic
ci-upstream-kasan-gce 2021/07/07 10:35 upstream 3dbdb38e2869 4846d5c1 .config log report info INFO: task hung in io_uring_cancel_generic
ci-upstream-kasan-gce-selinux-root 2021/07/07 09:33 upstream 3dbdb38e2869 4846d5c1 .config log report info INFO: task hung in io_uring_cancel_generic
ci-upstream-kasan-gce 2021/07/07 01:57 upstream 3dbdb38e2869 cca78469 .config log report info INFO: task hung in io_uring_cancel_generic
ci-upstream-kasan-gce-386 2021/07/09 10:03 upstream 3dbdb38e2869 281e815f .config log report info INFO: task hung in io_uring_cancel_generic
ci-upstream-linux-next-kasan-gce-root 2021/07/12 10:53 linux-next db503865b9ba a4869c92 .config log report info INFO: task hung in io_uring_cancel_generic