syzbot |
sign-in | mailing list | source | docs |
| 🐞 Open [980] ≡ Subsystems 🐞 Fixed [5236] 🐞 Invalid [12496] ⬇ Missing Backports [83] 📈 Kernel Health 📈 Bug Lifetimes 📈 Fuzzing 📈 Crashes | 💬 Send us feedback |
| Kernel | Title | Repro | Cause bisect | Fix bisect | Count | Last | Reported | Patched | Status |
|---|---|---|---|---|---|---|---|---|---|
| upstream | KCSAN: data-race in sg_ioctl / sg_rq_end_io (4) scsi | 2 | 16d | 44d | 0/26 | moderation: reported on 2024/03/11 03:15 | |||
| upstream | KCSAN: data-race in sg_ioctl / sg_rq_end_io (3) scsi | 1 | 609d | 609d | 0/26 | auto-closed as invalid on 2022/09/27 16:29 | |||
| upstream | KCSAN: data-race in sg_ioctl / sg_rq_end_io (2) scsi | 2 | 844d | 856d | 0/26 | auto-closed as invalid on 2022/02/04 08:07 |
================================================================== BUG: KCSAN: data-race in sg_ioctl / sg_rq_end_io write to 0xffff888107ee4111 of 1 bytes by interrupt on cpu 1: sg_rq_end_io+0x19a/0x750 drivers/scsi/sg.c:1357 __blk_mq_end_request+0x224/0x230 block/blk-mq.c:556 scsi_end_request+0x28c/0x440 drivers/scsi/scsi_lib.c:576 scsi_io_completion+0xd0/0x10c0 drivers/scsi/scsi_lib.c:938 scsi_finish_command+0x1ba/0x1d0 drivers/scsi/scsi.c:207 scsi_complete+0x1aa/0x1e0 drivers/scsi/scsi_lib.c:1432 blk_complete_reqs block/blk-mq.c:577 [inline] blk_done_softirq+0x69/0x90 block/blk-mq.c:582 __do_softirq+0x12c/0x26e kernel/softirq.c:558 invoke_softirq kernel/softirq.c:432 [inline] __irq_exit_rcu kernel/softirq.c:636 [inline] irq_exit_rcu+0x4e/0xa0 kernel/softirq.c:648 common_interrupt+0x78/0x90 arch/x86/kernel/irq.c:240 asm_common_interrupt+0x1e/0x40 check_access kernel/kcsan/core.c:631 [inline] __tsan_read4+0x108/0x180 kernel/kcsan/core.c:854 crc32_body lib/crc32.c:106 [inline] crc32_le_generic lib/crc32.c:179 [inline] __crc32c_le_base+0x99/0x350 lib/crc32.c:202 chksum_update+0x2e/0x50 crypto/crc32c_generic.c:88 crypto_shash_update+0x13c/0x1a0 crypto/shash.c:131 ext4_chksum fs/ext4/ext4.h:2452 [inline] ext4_block_bitmap_csum_set+0x12b/0x250 fs/ext4/bitmap.c:94 ext4_free_blocks+0x1534/0x1c20 fs/ext4/mballoc.c:6066 ext4_remove_blocks+0x61a/0x800 fs/ext4/extents.c:2506 ext4_ext_rm_leaf+0x684/0xd40 fs/ext4/extents.c:2672 ext4_ext_remove_space+0x8f6/0x12b0 fs/ext4/extents.c:2920 ext4_ext_truncate+0xfe/0x170 fs/ext4/extents.c:4382 ext4_truncate+0x76e/0xa80 fs/ext4/inode.c:4268 ext4_evict_inode+0xa54/0xdb0 fs/ext4/inode.c:287 evict+0x1c8/0x3c0 fs/inode.c:586 iput_final fs/inode.c:1662 [inline] iput+0x430/0x580 fs/inode.c:1688 dentry_unlink_inode+0x273/0x290 fs/dcache.c:376 d_delete+0x78/0xe0 fs/dcache.c:2505 vfs_rmdir+0x2e6/0x300 fs/namei.c:3984 do_rmdir+0x18d/0x330 fs/namei.c:4032 __do_sys_rmdir fs/namei.c:4051 [inline] __se_sys_rmdir fs/namei.c:4049 [inline] __x64_sys_rmdir+0x2c/0x30 fs/namei.c:4049 do_syscall_x64 arch/x86/entry/common.c:50 [inline] do_syscall_64+0x44/0xa0 arch/x86/entry/common.c:80 entry_SYSCALL_64_after_hwframe+0x44/0xae read to 0xffff888107ee4111 of 1 bytes by task 9289 on cpu 0: sg_fill_request_table drivers/scsi/sg.c:872 [inline] sg_ioctl_common drivers/scsi/sg.c:1091 [inline] sg_ioctl+0x7ca/0x18e0 drivers/scsi/sg.c:1164 vfs_ioctl fs/ioctl.c:51 [inline] __do_sys_ioctl fs/ioctl.c:874 [inline] __se_sys_ioctl+0xcb/0x140 fs/ioctl.c:860 __x64_sys_ioctl+0x3f/0x50 fs/ioctl.c:860 do_syscall_x64 arch/x86/entry/common.c:50 [inline] do_syscall_64+0x44/0xa0 arch/x86/entry/common.c:80 entry_SYSCALL_64_after_hwframe+0x44/0xae value changed: 0x00 -> 0x01 Reported by Kernel Concurrency Sanitizer on: CPU: 0 PID: 9289 Comm: syz-executor.0 Not tainted 5.15.0-rc1-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 ==================================================================
| Time | Kernel | Commit | Syzkaller | Config | Log | Report | Syz repro | C repro | VM info | Assets (help?) | Manager | Title |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2021/09/18 07:44 | upstream | 4357f03d6611 | 70b76c1d | .config | console log | report | info | ci2-upstream-kcsan-gce | KCSAN: data-race in sg_ioctl / sg_rq_end_io |