syzbot

 sign-in | mailing list | source | docs
🐞 Open [994] Subsystems 🐞 Fixed [5242] 🐞 Invalid [12515] Missing Backports [83] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes 💬 Send us feedback

KCSAN: data-race in __blk_mq_sched_dispatch_requests / __blk_mq_sched_dispatch_requests

Status: auto-closed as invalid on 2020/10/05 06:08
Subsystems: block
[Documentation on labels]
First crash: 1365d, last: 1334d
Similar bugs (7)
Kernel Title Repro Cause bisect Fix bisect Count Last Reported Patched Status
upstream KCSAN: data-race in __blk_mq_sched_dispatch_requests / __blk_mq_sched_dispatch_requests (8) block 1 708d 708d 0/26 auto-closed as invalid on 2022/06/22 21:22
upstream KCSAN: data-race in __blk_mq_sched_dispatch_requests / __blk_mq_sched_dispatch_requests (6) block 1 1001d 1001d 0/26 auto-closed as invalid on 2021/09/03 00:46
upstream KCSAN: data-race in __blk_mq_sched_dispatch_requests / __blk_mq_sched_dispatch_requests (5) block 1 1037d 1037d 0/26 auto-closed as invalid on 2021/07/29 00:14
upstream KCSAN: data-race in __blk_mq_sched_dispatch_requests / __blk_mq_sched_dispatch_requests (7) block 4 856d 906d 0/26 auto-closed as invalid on 2022/01/25 22:50
upstream KCSAN: data-race in __blk_mq_sched_dispatch_requests / __blk_mq_sched_dispatch_requests (3) block 7 1164d 1236d 0/26 auto-closed as invalid on 2021/03/24 08:42
upstream KCSAN: data-race in __blk_mq_sched_dispatch_requests / __blk_mq_sched_dispatch_requests (4) block 2 1078d 1124d 0/26 auto-closed as invalid on 2021/06/18 13:35
upstream KCSAN: data-race in __blk_mq_sched_dispatch_requests / __blk_mq_sched_dispatch_requests (2) block 3 1285d 1293d 0/26 auto-closed as invalid on 2020/11/22 21:54

Sample crash report:
==================================================================
BUG: KCSAN: data-race in __blk_mq_sched_dispatch_requests / __blk_mq_sched_dispatch_requests

write to 0xffff88812961f410 of 8 bytes by task 3256 on cpu 1:
 INIT_LIST_HEAD include/linux/list.h:36 [inline]
 list_splice_init include/linux/list.h:483 [inline]
 __blk_mq_sched_dispatch_requests+0x16a/0x2a0 block/blk-mq-sched.c:304
 blk_mq_sched_dispatch_requests+0x9f/0x110 block/blk-mq-sched.c:356
 __blk_mq_run_hw_queue+0xee/0x1c0 block/blk-mq.c:1534
 __blk_mq_delay_run_hw_queue+0x199/0x340 block/blk-mq.c:1611
 blk_mq_run_hw_queue+0x231/0x260 block/blk-mq.c:1664
 blk_mq_run_hw_queues block/blk-mq.c:1682 [inline]
 blk_mq_requeue_work+0x423/0x490 block/blk-mq.c:816
 process_one_work+0x3e1/0x9a0 kernel/workqueue.c:2269
 worker_thread+0x665/0xbe0 kernel/workqueue.c:2415
 kthread+0x20d/0x230 kernel/kthread.c:292
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:294

read to 0xffff88812961f410 of 8 bytes by task 19925 on cpu 0:
 list_empty_careful include/linux/list.h:319 [inline]
 __blk_mq_sched_dispatch_requests+0xb1/0x2a0 block/blk-mq-sched.c:301
 blk_mq_sched_dispatch_requests+0x9f/0x110 block/blk-mq-sched.c:356
 __blk_mq_run_hw_queue+0xee/0x1c0 block/blk-mq.c:1534
 __blk_mq_delay_run_hw_queue+0x199/0x340 block/blk-mq.c:1611
 blk_mq_run_hw_queue+0x231/0x260 block/blk-mq.c:1664
 blk_mq_sched_insert_requests+0x14d/0x200 block/blk-mq-sched.c:610
 blk_mq_flush_plug_list+0x2f5/0x420 block/blk-mq.c:1934
 blk_flush_plug_list+0x235/0x260 block/blk-core.c:1867
 blk_finish_plug+0x44/0x60 block/blk-core.c:1884
 iomap_dio_rw+0x5ed/0x980 fs/iomap/direct-io.c:528
 ext4_dio_write_iter fs/ext4/file.c:548 [inline]
 ext4_file_write_iter+0xdd5/0x1060 fs/ext4/file.c:658
 call_write_iter include/linux/fs.h:1882 [inline]
 do_iter_readv_writev+0x32e/0x3d0 fs/read_write.c:713
 do_iter_write+0x112/0x4b0 fs/read_write.c:1018
 vfs_iter_write+0x4c/0x70 fs/read_write.c:1059
 iter_file_splice_write+0x41a/0x770 fs/splice.c:750
 do_splice_from fs/splice.c:846 [inline]
 direct_splice_actor+0x95/0x160 fs/splice.c:1016
 splice_direct_to_actor+0x365/0x660 fs/splice.c:971
 do_splice_direct+0xf2/0x170 fs/splice.c:1059
 do_sendfile+0x56a/0xba0 fs/read_write.c:1540
 __do_sys_sendfile64 fs/read_write.c:1601 [inline]
 __se_sys_sendfile64 fs/read_write.c:1587 [inline]
 __x64_sys_sendfile64+0xf2/0x130 fs/read_write.c:1587
 do_syscall_64+0x39/0x80 arch/x86/entry/common.c:46
 entry_SYSCALL_64_after_hwframe+0x44/0xa9

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 PID: 19925 Comm: syz-executor.0 Not tainted 5.9.0-rc2-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
==================================================================

Crashes (3):
Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Assets (help?) Manager Title
2020/08/31 06:02 upstream dcc5c6f013d8 d5a3ae1f .config console log report ci2-upstream-kcsan-gce
2020/08/26 20:09 upstream 2ac69819ba9e 318430cb .config console log report ci2-upstream-kcsan-gce
2020/07/30 23:40 upstream e2c46b5762c6 8df85ed9 .config console log report ci2-upstream-kcsan-gce
* Struck through repros no longer work on HEAD.